← Back to branch summary

~ubuntu-branches/ubuntu/lucid/openssl/lucid-proposed

« back to all changes in this revision

Viewing changes to ssl/ssltest.c

  • Committer: Bazaar Package Importer
  • Author(s): Kurt Roeckx
  • Date: 2009-06-13 18:15:46 UTC
  • mto: (11.1.5 squeeze)
  • mto: This revision was merged to the branch mainline in revision 34.
  • Revision ID: james.westby@ubuntu.com-20090613181546-vbfntai3b009dl1u
Tags: upstream-0.9.8k
ImportĀ upstreamĀ versionĀ 0.9.8k

Show diffs side-by-side

added added

removed removed

Lines of Context:
ssl/ssltest.c
229
229
        {
230
230
        fprintf(stderr,"usage: ssltest [args ...]\n");
231
231
        fprintf(stderr,"\n");
 
232
#ifdef OPENSSL_FIPS
 
233
        fprintf(stderr,"-F             - run test in FIPS mode\n");
 
234
#endif
232
235
        fprintf(stderr," -server_auth  - check server certificate\n");
233
236
        fprintf(stderr," -client_auth  - do client authentication\n");
234
237
        fprintf(stderr," -proxy        - allow proxy certificates\n");
410
413
        long bytes=256L;
411
414
#ifndef OPENSSL_NO_DH
412
415
        DH *dh;
413
 
        int dhe1024 = 0, dhe1024dsa = 0;
 
416
        int dhe1024 = 1, dhe1024dsa = 0;
414
417
#endif
415
418
#ifndef OPENSSL_NO_ECDH
416
419
        EC_KEY *ecdh = NULL;
425
428
#endif
426
429
        STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
427
430
        int test_cipherlist = 0;
 
431
#ifdef OPENSSL_FIPS
 
432
        int fips_mode=0;
 
433
#endif
428
434
 
429
435
        verbose = 0;
430
436
        debug = 0;
456
462
 
457
463
        while (argc >= 1)
458
464
                {
459
 
                if      (strcmp(*argv,"-server_auth") == 0)
 
465
                if(!strcmp(*argv,"-F"))
 
466
                        {
 
467
#ifdef OPENSSL_FIPS
 
468
                        fips_mode=1;
 
469
#else
 
470
                        fprintf(stderr,"not compiled with FIPS support, so exitting without running.\n");
 
471
                        EXIT(0);
 
472
#endif
 
473
                        }
 
474
                else if (strcmp(*argv,"-server_auth") == 0)
460
475
                        server_auth=1;
461
476
                else if (strcmp(*argv,"-client_auth") == 0)
462
477
                        client_auth=1;
638
653
                EXIT(1);
639
654
                }
640
655
 
 
656
#ifdef OPENSSL_FIPS
 
657
        if(fips_mode)
 
658
                {
 
659
                if(!FIPS_mode_set(1))
 
660
                        {
 
661
                        ERR_load_crypto_strings();
 
662
                        ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
 
663
                        EXIT(1);
 
664
                        }
 
665
                else
 
666
                        fprintf(stderr,"*** IN FIPS MODE ***\n");
 
667
                }
 
668
#endif
 
669
 
641
670
        if (print_time)
642
671
                {
643
672
                if (!bio_pair)
2059
2088
                }
2060
2089
 
2061
2090
#ifndef OPENSSL_NO_X509_VERIFY
2062
 
# ifdef OPENSSL_FIPS
2063
 
        if(s->version == TLS1_VERSION)
2064
 
                FIPS_allow_md5(1);
2065
 
# endif
2066
2091
        ok = X509_verify_cert(ctx);
2067
 
# ifdef OPENSSL_FIPS
2068
 
        if(s->version == TLS1_VERSION)
2069
 
                FIPS_allow_md5(0);
2070
 
# endif
2071
2092
#endif
2072
2093
 
2073
2094
        if (cb_arg->proxy_auth)
2074
2095
                {
2075
 
                if (ok)
 
2096
                if (ok > 0)
2076
2097
                        {
2077
2098
                        const char *cond_end = NULL;
2078
2099