diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 516ac535df..91522135ec 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -104,6 +104,7 @@ int main( int argc, char *argv[] ) #define DFL_ALLOW_LEGACY SSL_LEGACY_NO_RENEGOTIATION #define DFL_RENEGOTIATE 0 #define DFL_RENEGO_DELAY -2 +#define DFL_EXCHANGES 1 #define DFL_MIN_VERSION -1 #define DFL_MAX_VERSION -1 #define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL @@ -163,6 +164,7 @@ struct options int allow_legacy; /* allow legacy renegotiation */ int renegotiate; /* attempt renegotiation? */ int renego_delay; /* delay before enforcing renegotiation */ + int exchanges; /* number of data exchanges */ int min_version; /* minimum protocol version accepted */ int max_version; /* maximum protocol version accepted */ int auth_mode; /* verify mode for connection */ @@ -316,6 +318,8 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len ) " renegotiation=%%d default: 1 (enabled)\n" \ " allow_legacy=%%d default: 0 (disabled)\n" \ " renegotiate=%%d default: 0 (disabled)\n" \ + " renego_delay=%%d default: -2 (library default)\n" \ + " exchanges=%%d default: 1\n" \ USAGE_TICKETS \ USAGE_CACHE \ USAGE_MAX_FRAG_LEN \ @@ -697,6 +701,7 @@ int main( int argc, char *argv[] ) opt.allow_legacy = DFL_ALLOW_LEGACY; opt.renegotiate = DFL_RENEGOTIATE; opt.renego_delay = DFL_RENEGO_DELAY; + opt.exchanges = DFL_EXCHANGES; opt.min_version = DFL_MIN_VERSION; opt.max_version = DFL_MAX_VERSION; opt.auth_mode = DFL_AUTH_MODE; @@ -790,6 +795,12 @@ int main( int argc, char *argv[] ) { opt.renego_delay = atoi( q ); } + else if( strcmp( p, "exchanges" ) == 0 ) + { + opt.exchanges = atoi( q ); + if( opt.exchanges < 1 ) + goto usage; + } else if( strcmp( p, "min_version" ) == 0 ) { if( strcmp( q, "ssl3" ) == 0 )