add -psk option to ciphers command

Reviewed-by: Matt Caswell <matt@openssl.org>

diff --git a/apps/ciphers.c b/apps/ciphers.c
index 5aad1ccb634c1b3669ea6e81fca816795d56f91c..12dca50a12584c172fcb2be8e2199000164fe648 100644 (file)
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -69,6 +69,7 @@ typedef enum OPTION_choice {
     OPT_TLS1,
     OPT_TLS1_1,
     OPT_TLS1_2,
+    OPT_PSK,
     OPT_V, OPT_UPPER_V, OPT_S
 } OPTION_CHOICE;
 
@@ -85,10 +86,21 @@ OPTIONS ciphers_options[] = {
 #endif
 #ifndef OPENSSL_NO_SSL3
     {"ssl3", OPT_SSL3, '-', "SSL3 mode"},
+#endif
+#ifndef OPENSSL_NO_PSK
+    {"psk", OPT_PSK, '-', "include ciphersuites requiring PSK"},
 #endif
     {NULL}
 };
 
+static unsigned int dummy_psk(SSL *ssl, const char *hint, char *identity,
+                              unsigned int max_identity_len,
+                              unsigned char *psk,
+                              unsigned int max_psk_len)
+{
+    return 0;
+}
+
 int ciphers_main(int argc, char **argv)
 {
     SSL_CTX *ctx = NULL;
@@ -98,6 +110,9 @@ int ciphers_main(int argc, char **argv)
     int ret = 1, i, verbose = 0, Verbose = 0, use_supported = 0;
 #ifndef OPENSSL_NO_SSL_TRACE
     int stdname = 0;
+#endif
+#ifndef OPENSSL_NO_PSK
+    int psk = 0;
 #endif
     const char *p;
     char *ciphers = NULL, *prog;
@@ -144,6 +159,11 @@ int ciphers_main(int argc, char **argv)
         case OPT_TLS1_2:
             meth = TLSv1_2_client_method();
             break;
+        case OPT_PSK:
+#ifndef OPENSSL_NO_PSK
+            psk = 1;
+#endif
+            break;
         }
     }
     argv = opt_rest();
@@ -157,6 +177,10 @@ int ciphers_main(int argc, char **argv)
     ctx = SSL_CTX_new(meth);
     if (ctx == NULL)
         goto err;
+#ifndef OPENSSL_NO_PSK
+    if (psk)
+        SSL_CTX_set_psk_client_callback(ctx, dummy_psk);
+#endif
     if (ciphers != NULL) {
         if (!SSL_CTX_set_cipher_list(ctx, ciphers)) {
             BIO_printf(bio_err, "Error in cipher list\n");