commit 71fa451343f97b3624374ed1359adc23fba5696e
author Ben Laurie <ben@openssl.org> Sun Jun 03 22:00:21 2012 +0000
committer Ben Laurie <ben@openssl.org> Sun Jun 03 22:00:21 2012 +0000
tree 87ebfb43ece32507c68e360f36a67b4a921e79c0
parent a9e1c50bb09a110d4774e6710f9322344684fa2d

Version skew reduction: trivia (I hope).

apps/s_server.c

diff --git a/apps/s_server.c b/apps/s_server.c
index 762757b..58c70af 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -926,7 +926,7 @@
 
 	return SSL_TLSEXT_ERR_OK;
 	}
-# endif  /* ndef OPENSSL_NO_NPN */
+# endif  /* ndef OPENSSL_NO_NEXTPROTONEG */
 #endif
 
 static int not_resumable_sess_cb(SSL *s, int is_forward_secure)
@@ -976,8 +976,6 @@
 #ifndef OPENSSL_NO_TLSEXT
 	EVP_PKEY *s_key2 = NULL;
 	X509 *s_cert2 = NULL;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
         tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING};
 # ifndef OPENSSL_NO_NEXTPROTONEG
 	const char *next_proto_neg_in = NULL;
@@ -1274,12 +1272,12 @@
 			{ off|=SSL_OP_NO_SSLv2; }
 		else if	(strcmp(*argv,"-no_ssl3") == 0)
 			{ off|=SSL_OP_NO_SSLv3; }
-		else if	(strcmp(*argv,"-no_tls1_2") == 0)
-			{ off|=SSL_OP_NO_TLSv1_2; }
-		else if	(strcmp(*argv,"-no_tls1_1") == 0)
-			{ off|=SSL_OP_NO_TLSv1_1; }
 		else if	(strcmp(*argv,"-no_tls1") == 0)
 			{ off|=SSL_OP_NO_TLSv1; }
+		else if	(strcmp(*argv,"-no_tls1_1") == 0)
+			{ off|=SSL_OP_NO_TLSv1_1; }
+		else if	(strcmp(*argv,"-no_tls1_2") == 0)
+			{ off|=SSL_OP_NO_TLSv1_2; }
 		else if	(strcmp(*argv,"-no_comp") == 0)
 			{ off|=SSL_OP_NO_COMPRESSION; }
 #ifndef OPENSSL_NO_TLSEXT
@@ -1295,14 +1293,12 @@
 			{ meth=SSLv3_server_method(); }
 #endif
 #ifndef OPENSSL_NO_TLS1
-		else if	(strcmp(*argv,"-tls1_2") == 0)
-			{ meth=TLSv1_2_server_method(); }
-		else if	(strcmp(*argv,"-tls1_1") == 0)
-			{ meth=TLSv1_1_server_method(); }
 		else if	(strcmp(*argv,"-tls1") == 0)
 			{ meth=TLSv1_server_method(); }
 		else if	(strcmp(*argv,"-tls1_1") == 0)
 			{ meth=TLSv1_1_server_method(); }
+		else if	(strcmp(*argv,"-tls1_2") == 0)
+			{ meth=TLSv1_2_server_method(); }
 #endif
 #ifndef OPENSSL_NO_DTLS1
 		else if	(strcmp(*argv,"-dtls1") == 0)
@@ -1489,6 +1485,7 @@
 				goto end;
 				}
 			}
+
 # ifndef OPENSSL_NO_NEXTPROTONEG
 		if (next_proto_neg_in)
 			{
@@ -1980,8 +1977,8 @@
 		if ((ret = SRP_VBASE_init(srp_callback_parm.vb, srp_verifier_file)) != SRP_NO_ERROR)
 			{
 			BIO_printf(bio_err,
-					   "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
-					   srp_verifier_file,ret);
+				   "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
+				   srp_verifier_file, ret);
 				goto end;
 			}
 		SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE,verify_callback);
@@ -2505,13 +2502,13 @@
 	X509 *peer;
 	long verify_error;
 	MS_STATIC char buf[BUFSIZ];
+#ifndef OPENSSL_NO_KRB5
+	char *client_princ;
+#endif
 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
 	const unsigned char *next_proto_neg;
 	unsigned next_proto_neg_len;
 #endif
-#ifndef OPENSSL_NO_KRB5
-	char *client_princ;
-#endif
 	unsigned char *exportedkeymat;
 
 
@@ -2730,6 +2727,7 @@
 		}
 	SSL_set_bio(con,sbio,sbio);
 	SSL_set_accept_state(con);
+
 	/* SSL_set_fd(con,s); */
 	BIO_set_ssl(ssl_bio,con,BIO_CLOSE);
 	BIO_push(io,ssl_bio);