mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-24 19:18:08 +00:00
Made auth_mode as an command line option
This commit is contained in:
parent
7c90da9e75
commit
91ebfb5272
2 changed files with 34 additions and 2 deletions
|
@ -54,6 +54,7 @@
|
||||||
#define DFL_ALLOW_LEGACY SSL_LEGACY_NO_RENEGOTIATION
|
#define DFL_ALLOW_LEGACY SSL_LEGACY_NO_RENEGOTIATION
|
||||||
#define DFL_MIN_VERSION -1
|
#define DFL_MIN_VERSION -1
|
||||||
#define DFL_MAX_VERSION -1
|
#define DFL_MAX_VERSION -1
|
||||||
|
#define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL
|
||||||
|
|
||||||
#define GET_REQUEST "GET %s HTTP/1.0\r\n\r\n"
|
#define GET_REQUEST "GET %s HTTP/1.0\r\n\r\n"
|
||||||
|
|
||||||
|
@ -75,6 +76,7 @@ struct options
|
||||||
int allow_legacy; /* allow legacy renegotiation */
|
int allow_legacy; /* allow legacy renegotiation */
|
||||||
int min_version; /* minimum protocol version accepted */
|
int min_version; /* minimum protocol version accepted */
|
||||||
int max_version; /* maximum protocol version accepted */
|
int max_version; /* maximum protocol version accepted */
|
||||||
|
int auth_mode; /* verify mode for connection */
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
void my_debug( void *ctx, int level, const char *str )
|
void my_debug( void *ctx, int level, const char *str )
|
||||||
|
@ -154,6 +156,8 @@ int my_verify( void *data, x509_cert *crt, int depth, int *flags )
|
||||||
" max_version=%%s default: \"\" (tls1_2)\n" \
|
" max_version=%%s default: \"\" (tls1_2)\n" \
|
||||||
" force_version=%%s default: \"\" (none)\n" \
|
" force_version=%%s default: \"\" (none)\n" \
|
||||||
" options: ssl3, tls1, tls1_1, tls1_2\n" \
|
" options: ssl3, tls1, tls1_1, tls1_2\n" \
|
||||||
|
" auth_mode=%%s default: \"optional\"\n" \
|
||||||
|
" options: none, optional, required\n" \
|
||||||
"\n" \
|
"\n" \
|
||||||
" force_ciphersuite=<name> default: all enabled\n"\
|
" force_ciphersuite=<name> default: all enabled\n"\
|
||||||
" acceptable ciphersuite names:\n"
|
" acceptable ciphersuite names:\n"
|
||||||
|
@ -230,6 +234,7 @@ int main( int argc, char *argv[] )
|
||||||
opt.allow_legacy = DFL_ALLOW_LEGACY;
|
opt.allow_legacy = DFL_ALLOW_LEGACY;
|
||||||
opt.min_version = DFL_MIN_VERSION;
|
opt.min_version = DFL_MIN_VERSION;
|
||||||
opt.max_version = DFL_MAX_VERSION;
|
opt.max_version = DFL_MAX_VERSION;
|
||||||
|
opt.auth_mode = DFL_AUTH_MODE;
|
||||||
|
|
||||||
for( i = 1; i < argc; i++ )
|
for( i = 1; i < argc; i++ )
|
||||||
{
|
{
|
||||||
|
@ -337,6 +342,17 @@ int main( int argc, char *argv[] )
|
||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "auth_mode" ) == 0 )
|
||||||
|
{
|
||||||
|
if( strcmp( q, "none" ) == 0 )
|
||||||
|
opt.auth_mode = SSL_VERIFY_NONE;
|
||||||
|
else if( strcmp( q, "optional" ) == 0 )
|
||||||
|
opt.auth_mode = SSL_VERIFY_OPTIONAL;
|
||||||
|
else if( strcmp( q, "required" ) == 0 )
|
||||||
|
opt.auth_mode = SSL_VERIFY_REQUIRED;
|
||||||
|
else
|
||||||
|
goto usage;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
@ -471,7 +487,7 @@ int main( int argc, char *argv[] )
|
||||||
ssl_set_verify( &ssl, my_verify, NULL );
|
ssl_set_verify( &ssl, my_verify, NULL );
|
||||||
|
|
||||||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||||
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
ssl_set_authmode( &ssl, opt.auth_mode );
|
||||||
|
|
||||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||||
|
|
|
@ -60,6 +60,7 @@
|
||||||
#define DFL_RENEGOTIATION SSL_RENEGOTIATION_ENABLED
|
#define DFL_RENEGOTIATION SSL_RENEGOTIATION_ENABLED
|
||||||
#define DFL_ALLOW_LEGACY SSL_LEGACY_NO_RENEGOTIATION
|
#define DFL_ALLOW_LEGACY SSL_LEGACY_NO_RENEGOTIATION
|
||||||
#define DFL_MIN_VERSION -1
|
#define DFL_MIN_VERSION -1
|
||||||
|
#define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL
|
||||||
|
|
||||||
#define HTTP_RESPONSE \
|
#define HTTP_RESPONSE \
|
||||||
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
|
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
|
||||||
|
@ -81,6 +82,7 @@ struct options
|
||||||
int renegotiation; /* enable / disable renegotiation */
|
int renegotiation; /* enable / disable renegotiation */
|
||||||
int allow_legacy; /* allow legacy renegotiation */
|
int allow_legacy; /* allow legacy renegotiation */
|
||||||
int min_version; /* minimum protocol version accepted */
|
int min_version; /* minimum protocol version accepted */
|
||||||
|
int auth_mode; /* verify mode for connection */
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
void my_debug( void *ctx, int level, const char *str )
|
void my_debug( void *ctx, int level, const char *str )
|
||||||
|
@ -207,6 +209,8 @@ int my_ciphersuites[] =
|
||||||
" allow_legacy=%%d default: 0 (disabled)\n" \
|
" allow_legacy=%%d default: 0 (disabled)\n" \
|
||||||
" min_version=%%s default: \"ssl3\"\n" \
|
" min_version=%%s default: \"ssl3\"\n" \
|
||||||
" options: ssl3, tls1, tls1_1, tls1_2\n" \
|
" options: ssl3, tls1, tls1_1, tls1_2\n" \
|
||||||
|
" auth_mode=%%s default: \"optional\"\n" \
|
||||||
|
" options: none, optional, required\n" \
|
||||||
" force_ciphersuite=<name> default: all enabled\n"\
|
" force_ciphersuite=<name> default: all enabled\n"\
|
||||||
" acceptable ciphersuite names:\n"
|
" acceptable ciphersuite names:\n"
|
||||||
|
|
||||||
|
@ -287,6 +291,7 @@ int main( int argc, char *argv[] )
|
||||||
opt.renegotiation = DFL_RENEGOTIATION;
|
opt.renegotiation = DFL_RENEGOTIATION;
|
||||||
opt.allow_legacy = DFL_ALLOW_LEGACY;
|
opt.allow_legacy = DFL_ALLOW_LEGACY;
|
||||||
opt.min_version = DFL_MIN_VERSION;
|
opt.min_version = DFL_MIN_VERSION;
|
||||||
|
opt.auth_mode = DFL_AUTH_MODE;
|
||||||
|
|
||||||
for( i = 1; i < argc; i++ )
|
for( i = 1; i < argc; i++ )
|
||||||
{
|
{
|
||||||
|
@ -352,6 +357,17 @@ int main( int argc, char *argv[] )
|
||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "auth_mode" ) == 0 )
|
||||||
|
{
|
||||||
|
if( strcmp( q, "none" ) == 0 )
|
||||||
|
opt.auth_mode = SSL_VERIFY_NONE;
|
||||||
|
else if( strcmp( q, "optional" ) == 0 )
|
||||||
|
opt.auth_mode = SSL_VERIFY_OPTIONAL;
|
||||||
|
else if( strcmp( q, "required" ) == 0 )
|
||||||
|
opt.auth_mode = SSL_VERIFY_REQUIRED;
|
||||||
|
else
|
||||||
|
goto usage;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
@ -477,7 +493,7 @@ int main( int argc, char *argv[] )
|
||||||
}
|
}
|
||||||
|
|
||||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
ssl_set_authmode( &ssl, opt.auth_mode );
|
||||||
|
|
||||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||||
|
|
Loading…
Reference in a new issue