OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS,
OPT_CERT_CHAIN, OPT_CAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH,
- OPT_KEY, OPT_RECONNECT, OPT_BUILD_CHAIN, OPT_CAFILE, OPT_KRB5SVC,
+ OPT_KEY, OPT_RECONNECT, OPT_BUILD_CHAIN, OPT_CAFILE,
OPT_CHAINCAFILE, OPT_VERIFYCAFILE, OPT_NEXTPROTONEG, OPT_ALPN,
OPT_SERVERINFO, OPT_STARTTLS, OPT_SERVERNAME, OPT_JPAKE,
OPT_USE_SRTP, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN, OPT_SMTPHOST,
{"jpake", OPT_JPAKE, 's', "JPAKE secret to use"},
# endif
#endif
-#ifndef OPENSSL_NO_KRB5
- {"krb5svc", OPT_KRB5SVC, 's', "Kerberos service name"},
-#endif
#ifndef OPENSSL_NO_SRP
{"srpuser", OPT_SRPUSER, 's', "SRP authentification for 'user'"},
{"srppass", OPT_SRPPASS, 's', "Password for 'user'"},
long socket_mtu = 0, randamt = 0;
unsigned short port = PORT;
OPTION_CHOICE o;
-#ifndef OPENSSL_NO_KRB5
- KSSL_CTX *kctx;
- const char *krb5svc = NULL;
-#endif
#ifndef OPENSSL_NO_ENGINE
ENGINE *ssl_client_engine = NULL;
#endif
case OPT_NOCMDS:
cmdletters = 0;
break;
- case OPT_KRB5SVC:
-#ifndef OPENSSL_NO_KRB5
- krb5svc = opt_arg();
-#endif
- break;
case OPT_ENGINE:
e = setup_engine(opt_arg(), 1);
break;
}
}
#endif
-#ifndef OPENSSL_NO_KRB5
- if (con && (kctx = kssl_ctx_new()) != NULL) {
- SSL_set0_kssl_ctx(con, kctx);
- kssl_ctx_setstring(kctx, KSSL_SERVER, host);
- if (krb5svc)
- kssl_ctx_setstring(kctx, KSSL_SERVICE, krb5svc);
- }
-#endif /* OPENSSL_NO_KRB5 */
re_start:
#ifdef NO_SYS_UN_H
static int s_server_session_id_context = 1; /* anything will do */
static const char *s_cert_file = TEST_CERT, *s_key_file =
NULL, *s_chain_file = NULL;
-static const char *krb5svc = NULL;
-static const char *krb5tab = NULL;
+
#ifndef OPENSSL_NO_TLSEXT
static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
#endif
OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN,
OPT_S_ENUM,
OPT_V_ENUM,
- OPT_X_ENUM,
- OPT_KRB5SVC, OPT_KRBTAB
+ OPT_X_ENUM
} OPTION_CHOICE;
OPTIONS s_server_options[] = {
{"jpake", OPT_JPAKE, 's', "JPAKE secret to use"},
# endif
#endif
- {"krb5svc", OPT_KRB5SVC, 's', "Kerberos service name"},
- {"keytab", OPT_KRBTAB, '<', "Kerberos keytab file"},
#ifndef OPENSSL_NO_SRP
{"srpvfile", OPT_SRPVFILE, '<', "The verifier file for SRP"},
{"srpuserseed", OPT_SRPUSERSEED, 's',
case OPT_JPAKE:
goto opthelp;
#endif
- case OPT_KRB5SVC:
- krb5svc = opt_arg();
- break;
- case OPT_KRBTAB:
- krb5tab = opt_arg();
- break;
case OPT_SRTP_PROFILES:
srtp_profiles = opt_arg();
break;
unsigned long l;
SSL *con = NULL;
BIO *sbio;
-#ifndef OPENSSL_NO_KRB5
- KSSL_CTX *kctx;
-#endif
struct timeval timeout;
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
struct timeval tv;
SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
}
#endif
-#ifndef OPENSSL_NO_KRB5
- if ((kctx = kssl_ctx_new()) != NULL) {
- SSL_set0_kssl_ctx(con, kctx);
- kssl_ctx_setstring(kctx, KSSL_SERVICE,
- krb5svc ? krb5svc : KRB5SVC);
- if (krb5tab)
- kssl_ctx_setstring(kctx, KSSL_KEYTAB, krb5tab);
- }
-#endif /* OPENSSL_NO_KRB5 */
if (context
&& !SSL_set_session_id_context(con,
context, strlen((char *)context))) {
X509 *peer;
long verify_error;
char buf[BUFSIZ];
-#ifndef OPENSSL_NO_KRB5
- char *client_princ;
-#endif
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
const unsigned char *next_proto_neg;
unsigned next_proto_neg_len;
if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
TLS1_FLAGS_TLS_PADDING_BUG)
BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
-#ifndef OPENSSL_NO_KRB5
- client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
- if (client_princ != NULL) {
- BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
- client_princ);
- }
-#endif /* OPENSSL_NO_KRB5 */
BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
if (keymatexportlabel != NULL) {
SSL *con;
const SSL_CIPHER *c;
BIO *io, *ssl_bio, *sbio;
-#ifndef OPENSSL_NO_KRB5
- KSSL_CTX *kctx;
-#endif
#ifdef RENEG
int total_bytes = 0;
#endif
SSL_set_tlsext_debug_arg(con, bio_s_out);
}
#endif
-#ifndef OPENSSL_NO_KRB5
- if ((kctx = kssl_ctx_new()) != NULL) {
- kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
- kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
- }
-#endif /* OPENSSL_NO_KRB5 */
if (context && !SSL_set_session_id_context(con, context,
strlen((char *)context)))
goto err;
int ret = 1;
SSL *con;
BIO *io, *ssl_bio, *sbio;
-#ifndef OPENSSL_NO_KRB5
- KSSL_CTX *kctx;
-#endif
buf = app_malloc(bufsize, "server rev buffer");
io = BIO_new(BIO_f_buffer());
SSL_set_tlsext_debug_arg(con, bio_s_out);
}
#endif
-#ifndef OPENSSL_NO_KRB5
- if ((kctx = kssl_ctx_new()) != NULL) {
- kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
- kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
- }
-#endif /* OPENSSL_NO_KRB5 */
if (context && !SSL_set_session_id_context(con, context,
strlen((char *)context))) {
ERR_print_errors(bio_err);