Security callback debug print out.
Add a debugging security callback option to s_client/s_server. This will
print out each security parameter as it is accepted or rejected.
diff --git a/apps/s_client.c b/apps/s_client.c
index af88ffd..f8c059a 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -702,6 +702,7 @@
int crl_format = FORMAT_PEM;
int crl_download = 0;
STACK_OF(X509_CRL) *crls = NULL;
+ int sdebug = 0;
meth=SSLv23_client_method();
@@ -874,6 +875,10 @@
else if (strcmp(*argv,"-trace") == 0)
c_msg=2;
#endif
+ else if (strcmp(*argv,"-security_debug") == 0)
+ { sdebug=1; }
+ else if (strcmp(*argv,"-security_debug_verbose") == 0)
+ { sdebug=2; }
else if (strcmp(*argv,"-showcerts") == 0)
c_showcerts=1;
else if (strcmp(*argv,"-nbio_test") == 0)
@@ -1302,6 +1307,9 @@
goto end;
}
+ if (sdebug)
+ ssl_ctx_security_debug(ctx, bio_err, sdebug);
+
if (vpm)
SSL_CTX_set1_param(ctx, vpm);
