feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

fix initsuites with PSK on downgrade, example server with PSK

Browse Source
This commit is contained in:
Todd A Ouska
2011-04-25 16:11:23 -07:00
parent 1ad10ffdc8
commit adaffeca6c
2 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
examples/server/server.c
+8 -4
View File
@@ -63,17 +63,19 @@ THREAD_RETURN CYASSL_API server_test(void* args)
ctx = SSL_CTX_new(method);
#ifndef NO_PSK
/* do PSK */
SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
SSL_CTX_set_cipher_list(ctx, "PSK-AES256-CBC-SHA");
#else
/* not using PSK, verify peer with certs */
SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
#endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
#ifndef NO_FILESYSTEM
/* for client auth */
if (SSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS)
@@ -117,7 +119,9 @@ THREAD_RETURN CYASSL_API server_test(void* args)
#endif
SSL_set_fd(ssl, clientfd);
SetDH(ssl);
#ifdef NO_PSK
SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
#endif
#ifdef NON_BLOCKING
tcp_set_nonblocking(&clientfd);