- Added force_ciphersuite option to ssl_client2 application

This commit is contained in:
Paul Bakker 2011-02-20 16:05:58 +00:00
parent 2544a04918
commit 5193688682

View File

@ -43,6 +43,7 @@
#define DFL_DEBUG_LEVEL 0
#define DFL_CRT_FILE ""
#define DFL_KEY_FILE ""
#define DFL_FORCE_CIPHER 0
#define GET_REQUEST "GET %s HTTP/1.0\r\n\r\n"
@ -57,6 +58,7 @@ struct options
char *request_page; /* page on server to request */
char *crt_file; /* the file with the client certificate */
char *key_file; /* the file with the client key */
int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
} opt;
void my_debug( void *ctx, int level, const char *str )
@ -77,7 +79,8 @@ void my_debug( void *ctx, int level, const char *str )
" request_page=%%s default: \".\"\n" \
" crt_file=%%s default: \"\" (pre-loaded)\n" \
" key_file=%%s default: \"\" (pre-loaded)\n" \
"\n"
" force_ciphersuite=<name> default: all enabled\n"\
" acceptable ciphersuite names:\n"
int main( int argc, char *argv[] )
{
@ -91,6 +94,7 @@ int main( int argc, char *argv[] )
rsa_context rsa;
int i, j, n;
char *p, *q;
const int *list;
/*
* Make sure memory references are valid.
@ -106,6 +110,14 @@ int main( int argc, char *argv[] )
{
usage:
printf( USAGE );
list = ssl_list_ciphersuites();
while( *list )
{
printf(" %s\n", ssl_get_ciphersuite_name( *list ) );
list++;
}
printf("\n");
goto exit;
}
@ -115,6 +127,7 @@ int main( int argc, char *argv[] )
opt.request_page = DFL_REQUEST_PAGE;
opt.crt_file = DFL_CRT_FILE;
opt.key_file = DFL_KEY_FILE;
opt.force_ciphersuite[0]= DFL_FORCE_CIPHER;
for( i = 1; i < argc; i++ )
{
@ -151,6 +164,17 @@ int main( int argc, char *argv[] )
opt.crt_file = q;
else if( strcmp( p, "key_file" ) == 0 )
opt.key_file = q;
else if( strcmp( p, "force_ciphersuite" ) == 0 )
{
opt.force_ciphersuite[0] = -1;
opt.force_ciphersuite[0] = ssl_get_ciphersuite_id( q );
if( opt.force_ciphersuite[0] <= 0 )
goto usage;
opt.force_ciphersuite[1] = 0;
}
else
goto usage;
}
@ -253,7 +277,11 @@ int main( int argc, char *argv[] )
ssl_set_bio( &ssl, net_recv, &server_fd,
net_send, &server_fd );
ssl_set_ciphersuites( &ssl, ssl_default_ciphersuites );
if( opt.force_ciphersuite[0] == DFL_FORCE_CIPHER )
ssl_set_ciphersuites( &ssl, ssl_default_ciphersuites );
else
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
ssl_set_session( &ssl, 1, 600, &ssn );
ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );