Add the ability for s_client to send a KeyUpdate message

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
2017-02-09 13:33:09 +00:00 · 2017-02-09 13:33:09 +00:00 · b07b2a1b44
parent 53d1d07d30
commit b07b2a1b44
1 changed files with 11 additions and 1 deletions
--- a/apps/s_client.c
+++ b/apps/s_client.c
@ -2291,7 +2291,8 @@ int s_client_main(int argc, char **argv)
        else
            timeoutp = NULL;

-        if (SSL_in_init(con) && !SSL_total_renegotiations(con)) {
+        if (SSL_in_init(con) && !SSL_total_renegotiations(con)
+                && SSL_get_key_update_type(con) == SSL_KEY_UPDATE_NONE) {
            in_init = 1;
            tty_on = 0;
        } else {
@ -2606,6 +2607,15 @@ int s_client_main(int argc, char **argv)
                SSL_renegotiate(con);
                cbuf_len = 0;
            }
+
+            if ((!c_ign_eof) && ((cbuf[0] == 'K' || cbuf[0] == 'k' )
+                                 && cmdletters)) {
+                BIO_printf(bio_err, "KEYUPDATE\n");
+                SSL_key_update(con,
+                               cbuf[0] == 'K' ? SSL_KEY_UPDATE_REQUESTED
+                                              : SSL_KEY_UPDATE_NOT_REQUESTED);
+                cbuf_len = 0;
+            }
 #ifndef OPENSSL_NO_HEARTBEATS
            else if ((!c_ign_eof) && (cbuf[0] == 'B' && cmdletters)) {
                BIO_printf(bio_err, "HEARTBEATING\n");