1/* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 112#include <stdio.h> 113#include <stdlib.h> 114#include <string.h> /* for memcpy() and strcmp() */ 115#define USE_SOCKETS 116#define NON_MAIN 117#include "apps.h" 118#undef NON_MAIN 119#undef USE_SOCKETS 120#include <openssl/err.h> 121#include <openssl/rand.h> 122#include <openssl/x509.h> 123#include <openssl/ssl.h> 124#include "s_apps.h" 125 126#define COOKIE_SECRET_LENGTH 16 127 128int verify_depth = 0; 129int verify_quiet = 0; 130int verify_error = X509_V_OK; 131int verify_return_error = 0; 132unsigned char cookie_secret[COOKIE_SECRET_LENGTH]; 133int cookie_initialized = 0; 134 135int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) 136{ 137 X509 *err_cert; 138 int err, depth; 139 140 err_cert = X509_STORE_CTX_get_current_cert(ctx); 141 err = X509_STORE_CTX_get_error(ctx); 142 depth = X509_STORE_CTX_get_error_depth(ctx); 143 144 if (!verify_quiet || !ok) { 145 BIO_printf(bio_err, "depth=%d ", depth); 146 if (err_cert) { 147 X509_NAME_print_ex(bio_err, 148 X509_get_subject_name(err_cert), 149 0, XN_FLAG_ONELINE); 150 BIO_puts(bio_err, "\n"); 151 } else 152 BIO_puts(bio_err, "<no cert>\n"); 153 } 154 if (!ok) { 155 BIO_printf(bio_err, "verify error:num=%d:%s\n", err, 156 X509_verify_cert_error_string(err)); 157 if (verify_depth >= depth) { 158 if (!verify_return_error) 159 ok = 1; 160 verify_error = X509_V_OK; 161 } else { 162 ok = 0; 163 verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG; 164 } 165 } 166 switch (err) { 167 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: 168 BIO_puts(bio_err, "issuer= "); 169 X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert), 170 0, XN_FLAG_ONELINE); 171 BIO_puts(bio_err, "\n"); 172 break; 173 case X509_V_ERR_CERT_NOT_YET_VALID: 174 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: 175 BIO_printf(bio_err, "notBefore="); 176 ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert)); 177 BIO_printf(bio_err, "\n"); 178 break; 179 case X509_V_ERR_CERT_HAS_EXPIRED: 180 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: 181 BIO_printf(bio_err, "notAfter="); 182 ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert)); 183 BIO_printf(bio_err, "\n"); 184 break; 185 case X509_V_ERR_NO_EXPLICIT_POLICY: 186 if (!verify_quiet) 187 policies_print(bio_err, ctx); 188 break; 189 } 190 if (err == X509_V_OK && ok == 2 && !verify_quiet) 191 policies_print(bio_err, ctx); 192 if (ok && !verify_quiet) 193 BIO_printf(bio_err, "verify return:%d\n", ok); 194 return (ok); 195} 196 197int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file) 198{ 199 if (cert_file != NULL) { 200 /*- 201 SSL *ssl; 202 X509 *x509; 203 */ 204 205 if (SSL_CTX_use_certificate_file(ctx, cert_file, 206 SSL_FILETYPE_PEM) <= 0) { 207 BIO_printf(bio_err, "unable to get certificate from '%s'\n", 208 cert_file); 209 ERR_print_errors(bio_err); 210 return (0); 211 } 212 if (key_file == NULL) 213 key_file = cert_file; 214 if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0) { 215 BIO_printf(bio_err, "unable to get private key from '%s'\n", 216 key_file); 217 ERR_print_errors(bio_err); 218 return (0); 219 } 220 221 /*- 222 In theory this is no longer needed 223 ssl=SSL_new(ctx); 224 x509=SSL_get_certificate(ssl); 225 226 if (x509 != NULL) { 227 EVP_PKEY *pktmp; 228 pktmp = X509_get_pubkey(x509); 229 EVP_PKEY_copy_parameters(pktmp, 230 SSL_get_privatekey(ssl)); 231 EVP_PKEY_free(pktmp); 232 } 233 SSL_free(ssl); 234 */ 235 236 /* 237 * If we are using DSA, we can copy the parameters from the private 238 * key 239 */ 240 241 /* 242 * Now we know that a key and cert have been set against the SSL 243 * context 244 */ 245 if (!SSL_CTX_check_private_key(ctx)) { 246 BIO_printf(bio_err, 247 "Private key does not match the certificate public key\n"); 248 return (0); 249 } 250 } 251 return (1); 252} 253 254int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, 255 STACK_OF(X509) *chain, int build_chain) 256{ 257 int chflags = chain ? SSL_BUILD_CHAIN_FLAG_CHECK : 0; 258 if (cert == NULL) 259 return 1; 260 if (SSL_CTX_use_certificate(ctx, cert) <= 0) { 261 BIO_printf(bio_err, "error setting certificate\n"); 262 ERR_print_errors(bio_err); 263 return 0; 264 } 265 266 if (SSL_CTX_use_PrivateKey(ctx, key) <= 0) { 267 BIO_printf(bio_err, "error setting private key\n"); 268 ERR_print_errors(bio_err); 269 return 0; 270 } 271 272 /* 273 * Now we know that a key and cert have been set against the SSL context 274 */ 275 if (!SSL_CTX_check_private_key(ctx)) { 276 BIO_printf(bio_err, 277 "Private key does not match the certificate public key\n"); 278 return 0; 279 } 280 if (chain && !SSL_CTX_set1_chain(ctx, chain)) { 281 BIO_printf(bio_err, "error setting certificate chain\n"); 282 ERR_print_errors(bio_err); 283 return 0; 284 } 285 if (build_chain && !SSL_CTX_build_cert_chain(ctx, chflags)) { 286 BIO_printf(bio_err, "error building certificate chain\n"); 287 ERR_print_errors(bio_err); 288 return 0; 289 } 290 return 1; 291} 292 293static void ssl_print_client_cert_types(BIO *bio, SSL *s) 294{ 295 const unsigned char *p; 296 int i; 297 int cert_type_num = SSL_get0_certificate_types(s, &p); 298 if (!cert_type_num) 299 return; 300 BIO_puts(bio, "Client Certificate Types: "); 301 for (i = 0; i < cert_type_num; i++) { 302 unsigned char cert_type = p[i]; 303 char *cname; 304 switch (cert_type) { 305 case TLS_CT_RSA_SIGN: 306 cname = "RSA sign"; 307 break; 308 309 case TLS_CT_DSS_SIGN: 310 cname = "DSA sign"; 311 break; 312 313 case TLS_CT_RSA_FIXED_DH: 314 cname = "RSA fixed DH"; 315 break; 316 317 case TLS_CT_DSS_FIXED_DH: 318 cname = "DSS fixed DH"; 319 break; 320 321 case TLS_CT_ECDSA_SIGN: 322 cname = "ECDSA sign"; 323 break; 324 325 case TLS_CT_RSA_FIXED_ECDH: 326 cname = "RSA fixed ECDH"; 327 break; 328 329 case TLS_CT_ECDSA_FIXED_ECDH: 330 cname = "ECDSA fixed ECDH"; 331 break; 332 333 case TLS_CT_GOST94_SIGN: 334 cname = "GOST94 Sign"; 335 break; 336 337 case TLS_CT_GOST01_SIGN: 338 cname = "GOST01 Sign"; 339 break; 340 341 default: 342 cname = NULL; 343 } 344 345 if (i) 346 BIO_puts(bio, ", "); 347 348 if (cname) 349 BIO_puts(bio, cname); 350 else 351 BIO_printf(bio, "UNKNOWN (%d),", cert_type); 352 } 353 BIO_puts(bio, "\n"); 354} 355 356static int do_print_sigalgs(BIO *out, SSL *s, int shared) 357{ 358 int i, nsig, client; 359 client = SSL_is_server(s) ? 0 : 1; 360 if (shared) 361 nsig = SSL_get_shared_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL); 362 else 363 nsig = SSL_get_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL); 364 if (nsig == 0) 365 return 1; 366 367 if (shared) 368 BIO_puts(out, "Shared "); 369 370 if (client) 371 BIO_puts(out, "Requested "); 372 BIO_puts(out, "Signature Algorithms: "); 373 for (i = 0; i < nsig; i++) { 374 int hash_nid, sign_nid; 375 unsigned char rhash, rsign; 376 const char *sstr = NULL; 377 if (shared) 378 SSL_get_shared_sigalgs(s, i, &sign_nid, &hash_nid, NULL, 379 &rsign, &rhash); 380 else 381 SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL, &rsign, &rhash); 382 if (i) 383 BIO_puts(out, ":"); 384 if (sign_nid == EVP_PKEY_RSA) 385 sstr = "RSA"; 386 else if (sign_nid == EVP_PKEY_DSA) 387 sstr = "DSA"; 388 else if (sign_nid == EVP_PKEY_EC) 389 sstr = "ECDSA"; 390 if (sstr) 391 BIO_printf(out, "%s+", sstr); 392 else 393 BIO_printf(out, "0x%02X+", (int)rsign); 394 if (hash_nid != NID_undef) 395 BIO_printf(out, "%s", OBJ_nid2sn(hash_nid)); 396 else 397 BIO_printf(out, "0x%02X", (int)rhash); 398 } 399 BIO_puts(out, "\n"); 400 return 1; 401} 402 403int ssl_print_sigalgs(BIO *out, SSL *s) 404{ 405 int mdnid; 406 if (!SSL_is_server(s)) 407 ssl_print_client_cert_types(out, s); 408 do_print_sigalgs(out, s, 0); 409 do_print_sigalgs(out, s, 1); 410 if (SSL_get_peer_signature_nid(s, &mdnid)) 411 BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid)); 412 return 1; 413} 414 415#ifndef OPENSSL_NO_EC 416int ssl_print_point_formats(BIO *out, SSL *s) 417{ 418 int i, nformats; 419 const char *pformats; 420 nformats = SSL_get0_ec_point_formats(s, &pformats); 421 if (nformats <= 0) 422 return 1; 423 BIO_puts(out, "Supported Elliptic Curve Point Formats: "); 424 for (i = 0; i < nformats; i++, pformats++) { 425 if (i) 426 BIO_puts(out, ":"); 427 switch (*pformats) { 428 case TLSEXT_ECPOINTFORMAT_uncompressed: 429 BIO_puts(out, "uncompressed"); 430 break; 431 432 case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime: 433 BIO_puts(out, "ansiX962_compressed_prime"); 434 break; 435 436 case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2: 437 BIO_puts(out, "ansiX962_compressed_char2"); 438 break; 439 440 default: 441 BIO_printf(out, "unknown(%d)", (int)*pformats); 442 break; 443 444 } 445 } 446 if (nformats <= 0) 447 BIO_puts(out, "NONE"); 448 BIO_puts(out, "\n"); 449 return 1; 450} 451 452int ssl_print_curves(BIO *out, SSL *s, int noshared) 453{ 454 int i, ncurves, *curves, nid; 455 const char *cname; 456 ncurves = SSL_get1_curves(s, NULL); 457 if (ncurves <= 0) 458 return 1; 459 curves = OPENSSL_malloc(ncurves * sizeof(int)); 460 if (!curves) { 461 BIO_puts(out, "Malloc error getting supported curves\n"); 462 return 0; 463 } 464 SSL_get1_curves(s, curves); 465 466 467 BIO_puts(out, "Supported Elliptic Curves: "); 468 for (i = 0; i < ncurves; i++) { 469 if (i) 470 BIO_puts(out, ":"); 471 nid = curves[i]; 472 /* If unrecognised print out hex version */ 473 if (nid & TLSEXT_nid_unknown) 474 BIO_printf(out, "0x%04X", nid & 0xFFFF); 475 else { 476 /* Use NIST name for curve if it exists */ 477 cname = EC_curve_nid2nist(nid); 478 if (!cname) 479 cname = OBJ_nid2sn(nid); 480 BIO_printf(out, "%s", cname); 481 } 482 } 483 if (ncurves == 0) 484 BIO_puts(out, "NONE"); 485 OPENSSL_free(curves); 486 if (noshared) { 487 BIO_puts(out, "\n"); 488 return 1; 489 } 490 BIO_puts(out, "\nShared Elliptic curves: "); 491 ncurves = SSL_get_shared_curve(s, -1); 492 for (i = 0; i < ncurves; i++) { 493 if (i) 494 BIO_puts(out, ":"); 495 nid = SSL_get_shared_curve(s, i); 496 cname = EC_curve_nid2nist(nid); 497 if (!cname) 498 cname = OBJ_nid2sn(nid); 499 BIO_printf(out, "%s", cname); 500 } 501 if (ncurves == 0) 502 BIO_puts(out, "NONE"); 503 BIO_puts(out, "\n"); 504 return 1; 505} 506#endif 507int ssl_print_tmp_key(BIO *out, SSL *s) 508{ 509 EVP_PKEY *key; 510 if (!SSL_get_server_tmp_key(s, &key)) 511 return 1; 512 BIO_puts(out, "Server Temp Key: "); 513 switch (EVP_PKEY_id(key)) { 514 case EVP_PKEY_RSA: 515 BIO_printf(out, "RSA, %d bits\n", EVP_PKEY_bits(key)); 516 break; 517 518 case EVP_PKEY_DH: 519 BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key)); 520 break; 521#ifndef OPENSSL_NO_ECDH 522 case EVP_PKEY_EC: 523 { 524 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key); 525 int nid; 526 const char *cname; 527 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); 528 EC_KEY_free(ec); 529 cname = EC_curve_nid2nist(nid); 530 if (!cname) 531 cname = OBJ_nid2sn(nid); 532 BIO_printf(out, "ECDH, %s, %d bits\n", cname, EVP_PKEY_bits(key)); 533 } 534#endif 535 } 536 EVP_PKEY_free(key); 537 return 1; 538} 539 540long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp, 541 int argi, long argl, long ret) 542{ 543 BIO *out; 544 545 out = (BIO *)BIO_get_callback_arg(bio); 546 if (out == NULL) 547 return (ret); 548 549 if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) { 550 BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n", 551 (void *)bio, argp, (unsigned long)argi, ret, ret); 552 BIO_dump(out, argp, (int)ret); 553 return (ret); 554 } else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) { 555 BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n", 556 (void *)bio, argp, (unsigned long)argi, ret, ret); 557 BIO_dump(out, argp, (int)ret); 558 } 559 return (ret); 560} 561 562void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret) 563{ 564 const char *str; 565 int w; 566 567 w = where & ~SSL_ST_MASK; 568 569 if (w & SSL_ST_CONNECT) 570 str = "SSL_connect"; 571 else if (w & SSL_ST_ACCEPT) 572 str = "SSL_accept"; 573 else 574 str = "undefined"; 575 576 if (where & SSL_CB_LOOP) { 577 BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s)); 578 } else if (where & SSL_CB_ALERT) { 579 str = (where & SSL_CB_READ) ? "read" : "write"; 580 BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", 581 str, 582 SSL_alert_type_string_long(ret), 583 SSL_alert_desc_string_long(ret)); 584 } else if (where & SSL_CB_EXIT) { 585 if (ret == 0) 586 BIO_printf(bio_err, "%s:failed in %s\n", 587 str, SSL_state_string_long(s)); 588 else if (ret < 0) { 589 BIO_printf(bio_err, "%s:error in %s\n", 590 str, SSL_state_string_long(s)); 591 } 592 } 593} 594 595void MS_CALLBACK msg_cb(int write_p, int version, int content_type, 596 const void *buf, size_t len, SSL *ssl, void *arg) 597{ 598 BIO *bio = arg; 599 const char *str_write_p, *str_version, *str_content_type = 600 "", *str_details1 = "", *str_details2 = ""; 601 602 str_write_p = write_p ? ">>>" : "<<<"; 603 604 switch (version) { 605 case SSL2_VERSION: 606 str_version = "SSL 2.0"; 607 break; 608 case SSL3_VERSION: 609 str_version = "SSL 3.0 "; 610 break; 611 case TLS1_VERSION: 612 str_version = "TLS 1.0 "; 613 break; 614 case TLS1_1_VERSION: 615 str_version = "TLS 1.1 "; 616 break; 617 case TLS1_2_VERSION: 618 str_version = "TLS 1.2 "; 619 break; 620 case DTLS1_VERSION: 621 str_version = "DTLS 1.0 "; 622 break; 623 case DTLS1_BAD_VER: 624 str_version = "DTLS 1.0 (bad) "; 625 break; 626 default: 627 str_version = "???"; 628 } 629 630 if (version == SSL2_VERSION) { 631 str_details1 = "???"; 632 633 if (len > 0) { 634 switch (((const unsigned char *)buf)[0]) { 635 case 0: 636 str_details1 = ", ERROR:"; 637 str_details2 = " ???"; 638 if (len >= 3) { 639 unsigned err = 640 (((const unsigned char *)buf)[1] << 8) + 641 ((const unsigned char *)buf)[2]; 642 643 switch (err) { 644 case 0x0001: 645 str_details2 = " NO-CIPHER-ERROR"; 646 break; 647 case 0x0002: 648 str_details2 = " NO-CERTIFICATE-ERROR"; 649 break; 650 case 0x0004: 651 str_details2 = " BAD-CERTIFICATE-ERROR"; 652 break; 653 case 0x0006: 654 str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR"; 655 break; 656 } 657 } 658 659 break; 660 case 1: 661 str_details1 = ", CLIENT-HELLO"; 662 break; 663 case 2: 664 str_details1 = ", CLIENT-MASTER-KEY"; 665 break; 666 case 3: 667 str_details1 = ", CLIENT-FINISHED"; 668 break; 669 case 4: 670 str_details1 = ", SERVER-HELLO"; 671 break; 672 case 5: 673 str_details1 = ", SERVER-VERIFY"; 674 break; 675 case 6: 676 str_details1 = ", SERVER-FINISHED"; 677 break; 678 case 7: 679 str_details1 = ", REQUEST-CERTIFICATE"; 680 break; 681 case 8: 682 str_details1 = ", CLIENT-CERTIFICATE"; 683 break; 684 } 685 } 686 } 687 688 if (version == SSL3_VERSION || 689 version == TLS1_VERSION || 690 version == TLS1_1_VERSION || 691 version == TLS1_2_VERSION || 692 version == DTLS1_VERSION || version == DTLS1_BAD_VER) { 693 switch (content_type) { 694 case 20: 695 str_content_type = "ChangeCipherSpec"; 696 break; 697 case 21: 698 str_content_type = "Alert"; 699 break; 700 case 22: 701 str_content_type = "Handshake"; 702 break; 703 } 704 705 if (content_type == 21) { /* Alert */ 706 str_details1 = ", ???"; 707 708 if (len == 2) { 709 switch (((const unsigned char *)buf)[0]) { 710 case 1: 711 str_details1 = ", warning"; 712 break; 713 case 2: 714 str_details1 = ", fatal"; 715 break; 716 } 717 718 str_details2 = " ???"; 719 switch (((const unsigned char *)buf)[1]) { 720 case 0: 721 str_details2 = " close_notify"; 722 break; 723 case 10: 724 str_details2 = " unexpected_message"; 725 break; 726 case 20: 727 str_details2 = " bad_record_mac"; 728 break; 729 case 21: 730 str_details2 = " decryption_failed"; 731 break; 732 case 22: 733 str_details2 = " record_overflow"; 734 break; 735 case 30: 736 str_details2 = " decompression_failure"; 737 break; 738 case 40: 739 str_details2 = " handshake_failure"; 740 break; 741 case 42: 742 str_details2 = " bad_certificate"; 743 break; 744 case 43: 745 str_details2 = " unsupported_certificate"; 746 break; 747 case 44: 748 str_details2 = " certificate_revoked"; 749 break; 750 case 45: 751 str_details2 = " certificate_expired"; 752 break; 753 case 46: 754 str_details2 = " certificate_unknown"; 755 break; 756 case 47: 757 str_details2 = " illegal_parameter"; 758 break; 759 case 48: 760 str_details2 = " unknown_ca"; 761 break; 762 case 49: 763 str_details2 = " access_denied"; 764 break; 765 case 50: 766 str_details2 = " decode_error"; 767 break; 768 case 51: 769 str_details2 = " decrypt_error"; 770 break; 771 case 60: 772 str_details2 = " export_restriction"; 773 break; 774 case 70: 775 str_details2 = " protocol_version"; 776 break; 777 case 71: 778 str_details2 = " insufficient_security"; 779 break; 780 case 80: 781 str_details2 = " internal_error"; 782 break; 783 case 90: 784 str_details2 = " user_canceled"; 785 break; 786 case 100: 787 str_details2 = " no_renegotiation"; 788 break; 789 case 110: 790 str_details2 = " unsupported_extension"; 791 break; 792 case 111: 793 str_details2 = " certificate_unobtainable"; 794 break; 795 case 112: 796 str_details2 = " unrecognized_name"; 797 break; 798 case 113: 799 str_details2 = " bad_certificate_status_response"; 800 break; 801 case 114: 802 str_details2 = " bad_certificate_hash_value"; 803 break; 804 case 115: 805 str_details2 = " unknown_psk_identity"; 806 break; 807 } 808 } 809 } 810 811 if (content_type == 22) { /* Handshake */ 812 str_details1 = "???"; 813 814 if (len > 0) { 815 switch (((const unsigned char *)buf)[0]) { 816 case 0: 817 str_details1 = ", HelloRequest"; 818 break; 819 case 1: 820 str_details1 = ", ClientHello"; 821 break; 822 case 2: 823 str_details1 = ", ServerHello"; 824 break; 825 case 3: 826 str_details1 = ", HelloVerifyRequest"; 827 break; 828 case 11: 829 str_details1 = ", Certificate"; 830 break; 831 case 12: 832 str_details1 = ", ServerKeyExchange"; 833 break; 834 case 13: 835 str_details1 = ", CertificateRequest"; 836 break; 837 case 14: 838 str_details1 = ", ServerHelloDone"; 839 break; 840 case 15: 841 str_details1 = ", CertificateVerify"; 842 break; 843 case 16: 844 str_details1 = ", ClientKeyExchange"; 845 break; 846 case 20: 847 str_details1 = ", Finished"; 848 break; 849 } 850 } 851 } 852#ifndef OPENSSL_NO_HEARTBEATS 853 if (content_type == 24) { /* Heartbeat */ 854 str_details1 = ", Heartbeat"; 855 856 if (len > 0) { 857 switch (((const unsigned char *)buf)[0]) { 858 case 1: 859 str_details1 = ", HeartbeatRequest"; 860 break; 861 case 2: 862 str_details1 = ", HeartbeatResponse"; 863 break; 864 } 865 } 866 } 867#endif 868 } 869 870 BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, 871 str_content_type, (unsigned long)len, str_details1, 872 str_details2); 873 874 if (len > 0) { 875 size_t num, i; 876 877 BIO_printf(bio, " "); 878 num = len; 879#if 0 880 if (num > 16) 881 num = 16; 882#endif 883 for (i = 0; i < num; i++) { 884 if (i % 16 == 0 && i > 0) 885 BIO_printf(bio, "\n "); 886 BIO_printf(bio, " %02x", ((const unsigned char *)buf)[i]); 887 } 888 if (i < len) 889 BIO_printf(bio, " ..."); 890 BIO_printf(bio, "\n"); 891 } 892 (void)BIO_flush(bio); 893} 894 895void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, 896 unsigned char *data, int len, void *arg) 897{ 898 BIO *bio = arg; 899 char *extname; 900 901 switch (type) { 902 case TLSEXT_TYPE_server_name: 903 extname = "server name"; 904 break; 905 906 case TLSEXT_TYPE_max_fragment_length: 907 extname = "max fragment length"; 908 break; 909 910 case TLSEXT_TYPE_client_certificate_url: 911 extname = "client certificate URL"; 912 break; 913 914 case TLSEXT_TYPE_trusted_ca_keys: 915 extname = "trusted CA keys"; 916 break; 917 918 case TLSEXT_TYPE_truncated_hmac: 919 extname = "truncated HMAC"; 920 break; 921 922 case TLSEXT_TYPE_status_request: 923 extname = "status request"; 924 break; 925 926 case TLSEXT_TYPE_user_mapping: 927 extname = "user mapping"; 928 break; 929 930 case TLSEXT_TYPE_client_authz: 931 extname = "client authz"; 932 break; 933 934 case TLSEXT_TYPE_server_authz: 935 extname = "server authz"; 936 break; 937 938 case TLSEXT_TYPE_cert_type: 939 extname = "cert type"; 940 break; 941 942 case TLSEXT_TYPE_elliptic_curves: 943 extname = "elliptic curves"; 944 break; 945 946 case TLSEXT_TYPE_ec_point_formats: 947 extname = "EC point formats"; 948 break; 949 950 case TLSEXT_TYPE_srp: 951 extname = "SRP"; 952 break; 953 954 case TLSEXT_TYPE_signature_algorithms: 955 extname = "signature algorithms"; 956 break; 957 958 case TLSEXT_TYPE_use_srtp: 959 extname = "use SRTP"; 960 break; 961 962 case TLSEXT_TYPE_heartbeat: 963 extname = "heartbeat"; 964 break; 965 966 case TLSEXT_TYPE_session_ticket: 967 extname = "session ticket"; 968 break; 969 970 case TLSEXT_TYPE_renegotiate: 971 extname = "renegotiation info"; 972 break; 973 974#ifdef TLSEXT_TYPE_opaque_prf_input 975 case TLSEXT_TYPE_opaque_prf_input: 976 extname = "opaque PRF input"; 977 break; 978#endif 979#ifdef TLSEXT_TYPE_next_proto_neg 980 case TLSEXT_TYPE_next_proto_neg: 981 extname = "next protocol"; 982 break; 983#endif 984 985 case TLSEXT_TYPE_padding: 986 extname = "TLS padding"; 987 break; 988 989 default: 990 extname = "unknown"; 991 break; 992 993 } 994 995 BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n", 996 client_server ? "server" : "client", extname, type, len); 997 BIO_dump(bio, (char *)data, len); 998 (void)BIO_flush(bio); 999} 1000 1001int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, 1002 unsigned int *cookie_len) 1003{ 1004 unsigned char *buffer, result[EVP_MAX_MD_SIZE]; 1005 unsigned int length, resultlength; 1006 union { 1007 struct sockaddr sa; 1008 struct sockaddr_in s4; 1009#if OPENSSL_USE_IPV6 1010 struct sockaddr_in6 s6; 1011#endif 1012 } peer; 1013 1014 /* Initialize a random secret */ 1015 if (!cookie_initialized) { 1016 if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) { 1017 BIO_printf(bio_err, "error setting random cookie secret\n"); 1018 return 0; 1019 } 1020 cookie_initialized = 1; 1021 } 1022 1023 /* Read peer information */ 1024 (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer); 1025 1026 /* Create buffer with peer's address and port */ 1027 length = 0; 1028 switch (peer.sa.sa_family) { 1029 case AF_INET: 1030 length += sizeof(struct in_addr); 1031 length += sizeof(peer.s4.sin_port); 1032 break; 1033#if OPENSSL_USE_IPV6 1034 case AF_INET6: 1035 length += sizeof(struct in6_addr); 1036 length += sizeof(peer.s6.sin6_port); 1037 break; 1038#endif 1039 default: 1040 OPENSSL_assert(0); 1041 break; 1042 } 1043 buffer = OPENSSL_malloc(length); 1044 1045 if (buffer == NULL) { 1046 BIO_printf(bio_err, "out of memory\n"); 1047 return 0; 1048 } 1049 1050 switch (peer.sa.sa_family) { 1051 case AF_INET: 1052 memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port)); 1053 memcpy(buffer + sizeof(peer.s4.sin_port), 1054 &peer.s4.sin_addr, sizeof(struct in_addr)); 1055 break; 1056#if OPENSSL_USE_IPV6 1057 case AF_INET6: 1058 memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port)); 1059 memcpy(buffer + sizeof(peer.s6.sin6_port), 1060 &peer.s6.sin6_addr, sizeof(struct in6_addr)); 1061 break; 1062#endif 1063 default: 1064 OPENSSL_assert(0); 1065 break; 1066 } 1067 1068 /* Calculate HMAC of buffer using the secret */ 1069 HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, 1070 buffer, length, result, &resultlength); 1071 OPENSSL_free(buffer); 1072 1073 memcpy(cookie, result, resultlength); 1074 *cookie_len = resultlength; 1075 1076 return 1; 1077} 1078 1079int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, 1080 unsigned int cookie_len) 1081{ 1082 unsigned char *buffer, result[EVP_MAX_MD_SIZE]; 1083 unsigned int length, resultlength; 1084 union { 1085 struct sockaddr sa; 1086 struct sockaddr_in s4; 1087#if OPENSSL_USE_IPV6 1088 struct sockaddr_in6 s6; 1089#endif 1090 } peer; 1091 1092 /* If secret isn't initialized yet, the cookie can't be valid */ 1093 if (!cookie_initialized) 1094 return 0; 1095 1096 /* Read peer information */ 1097 (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer); 1098 1099 /* Create buffer with peer's address and port */ 1100 length = 0; 1101 switch (peer.sa.sa_family) { 1102 case AF_INET: 1103 length += sizeof(struct in_addr); 1104 length += sizeof(peer.s4.sin_port); 1105 break; 1106#if OPENSSL_USE_IPV6 1107 case AF_INET6: 1108 length += sizeof(struct in6_addr); 1109 length += sizeof(peer.s6.sin6_port); 1110 break; 1111#endif 1112 default: 1113 OPENSSL_assert(0); 1114 break; 1115 } 1116 buffer = OPENSSL_malloc(length); 1117 1118 if (buffer == NULL) { 1119 BIO_printf(bio_err, "out of memory\n"); 1120 return 0; 1121 } 1122 1123 switch (peer.sa.sa_family) { 1124 case AF_INET: 1125 memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port)); 1126 memcpy(buffer + sizeof(peer.s4.sin_port), 1127 &peer.s4.sin_addr, sizeof(struct in_addr)); 1128 break; 1129#if OPENSSL_USE_IPV6 1130 case AF_INET6: 1131 memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port)); 1132 memcpy(buffer + sizeof(peer.s6.sin6_port), 1133 &peer.s6.sin6_addr, sizeof(struct in6_addr)); 1134 break; 1135#endif 1136 default: 1137 OPENSSL_assert(0); 1138 break; 1139 } 1140 1141 /* Calculate HMAC of buffer using the secret */ 1142 HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH, 1143 buffer, length, result, &resultlength); 1144 OPENSSL_free(buffer); 1145 1146 if (cookie_len == resultlength 1147 && memcmp(result, cookie, resultlength) == 0) 1148 return 1; 1149 1150 return 0; 1151} 1152 1153/* 1154 * Example of extended certificate handling. Where the standard support of 1155 * one certificate per algorithm is not sufficient an application can decide 1156 * which certificate(s) to use at runtime based on whatever criteria it deems 1157 * appropriate. 1158 */ 1159 1160/* Linked list of certificates, keys and chains */ 1161struct ssl_excert_st { 1162 int certform; 1163 const char *certfile; 1164 int keyform; 1165 const char *keyfile; 1166 const char *chainfile; 1167 X509 *cert; 1168 EVP_PKEY *key; 1169 STACK_OF(X509) *chain; 1170 int build_chain; 1171 struct ssl_excert_st *next, *prev; 1172}; 1173 1174struct chain_flags { 1175 int flag; 1176 const char *name; 1177}; 1178 1179struct chain_flags chain_flags_list[] = { 1180 {CERT_PKEY_VALID, "Overall Validity"}, 1181 {CERT_PKEY_SIGN, "Sign with EE key"}, 1182 {CERT_PKEY_EE_SIGNATURE, "EE signature"}, 1183 {CERT_PKEY_CA_SIGNATURE, "CA signature"}, 1184 {CERT_PKEY_EE_PARAM, "EE key parameters"}, 1185 {CERT_PKEY_CA_PARAM, "CA key parameters"}, 1186 {CERT_PKEY_EXPLICIT_SIGN, "Explicity sign with EE key"}, 1187 {CERT_PKEY_ISSUER_NAME, "Issuer Name"}, 1188 {CERT_PKEY_CERT_TYPE, "Certificate Type"}, 1189 {0, NULL} 1190}; 1191 1192static void print_chain_flags(BIO *out, SSL *s, int flags) 1193{ 1194 struct chain_flags *ctmp = chain_flags_list; 1195 while (ctmp->name) { 1196 BIO_printf(out, "\t%s: %s\n", ctmp->name, 1197 flags & ctmp->flag ? "OK" : "NOT OK"); 1198 ctmp++; 1199 } 1200 BIO_printf(out, "\tSuite B: "); 1201 if (SSL_set_cert_flags(s, 0) & SSL_CERT_FLAG_SUITEB_128_LOS) 1202 BIO_puts(out, flags & CERT_PKEY_SUITEB ? "OK\n" : "NOT OK\n"); 1203 else 1204 BIO_printf(out, "not tested\n"); 1205} 1206 1207/* 1208 * Very basic selection callback: just use any certificate chain reported as 1209 * valid. More sophisticated could prioritise according to local policy. 1210 */ 1211static int set_cert_cb(SSL *ssl, void *arg) 1212{ 1213 int i, rv; 1214 SSL_EXCERT *exc = arg; 1215#ifdef CERT_CB_TEST_RETRY 1216 static int retry_cnt; 1217 if (retry_cnt < 5) { 1218 retry_cnt++; 1219 fprintf(stderr, "Certificate callback retry test: count %d\n", 1220 retry_cnt); 1221 return -1; 1222 } 1223#endif 1224 SSL_certs_clear(ssl); 1225 1226 if (!exc) 1227 return 1; 1228 1229 /* 1230 * Go to end of list and traverse backwards since we prepend newer 1231 * entries this retains the original order. 1232 */ 1233 while (exc->next) 1234 exc = exc->next; 1235 1236 i = 0; 1237 1238 while (exc) { 1239 i++; 1240 rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain); 1241 BIO_printf(bio_err, "Checking cert chain %d:\nSubject: ", i); 1242 X509_NAME_print_ex(bio_err, X509_get_subject_name(exc->cert), 0, 1243 XN_FLAG_ONELINE); 1244 BIO_puts(bio_err, "\n"); 1245 1246 print_chain_flags(bio_err, ssl, rv); 1247 if (rv & CERT_PKEY_VALID) { 1248 SSL_use_certificate(ssl, exc->cert); 1249 SSL_use_PrivateKey(ssl, exc->key); 1250 /* 1251 * NB: we wouldn't normally do this as it is not efficient 1252 * building chains on each connection better to cache the chain 1253 * in advance. 1254 */ 1255 if (exc->build_chain) { 1256 if (!SSL_build_cert_chain(ssl, 0)) 1257 return 0; 1258 } else if (exc->chain) 1259 SSL_set1_chain(ssl, exc->chain); 1260 } 1261 exc = exc->prev; 1262 } 1263 return 1; 1264} 1265 1266void ssl_ctx_set_excert(SSL_CTX *ctx, SSL_EXCERT *exc) 1267{ 1268 SSL_CTX_set_cert_cb(ctx, set_cert_cb, exc); 1269} 1270 1271static int ssl_excert_prepend(SSL_EXCERT **pexc) 1272{ 1273 SSL_EXCERT *exc; 1274 exc = OPENSSL_malloc(sizeof(SSL_EXCERT)); 1275 if (!exc) 1276 return 0; 1277 exc->certfile = NULL; 1278 exc->keyfile = NULL; 1279 exc->chainfile = NULL; 1280 exc->cert = NULL; 1281 exc->key = NULL; 1282 exc->chain = NULL; 1283 exc->prev = NULL; 1284 exc->build_chain = 0; 1285 1286 exc->next = *pexc; 1287 *pexc = exc; 1288 1289 if (exc->next) { 1290 exc->certform = exc->next->certform; 1291 exc->keyform = exc->next->keyform; 1292 exc->next->prev = exc; 1293 } else { 1294 exc->certform = FORMAT_PEM; 1295 exc->keyform = FORMAT_PEM; 1296 } 1297 return 1; 1298 1299} 1300 1301void ssl_excert_free(SSL_EXCERT *exc) 1302{ 1303 SSL_EXCERT *curr; 1304 while (exc) { 1305 if (exc->cert) 1306 X509_free(exc->cert); 1307 if (exc->key) 1308 EVP_PKEY_free(exc->key); 1309 if (exc->chain) 1310 sk_X509_pop_free(exc->chain, X509_free); 1311 curr = exc; 1312 exc = exc->next; 1313 OPENSSL_free(curr); 1314 } 1315} 1316 1317int load_excert(SSL_EXCERT **pexc, BIO *err) 1318{ 1319 SSL_EXCERT *exc = *pexc; 1320 if (!exc) 1321 return 1; 1322 /* If nothing in list, free and set to NULL */ 1323 if (!exc->certfile && !exc->next) { 1324 ssl_excert_free(exc); 1325 *pexc = NULL; 1326 return 1; 1327 } 1328 for (; exc; exc = exc->next) { 1329 if (!exc->certfile) { 1330 BIO_printf(err, "Missing filename\n"); 1331 return 0; 1332 } 1333 exc->cert = load_cert(err, exc->certfile, exc->certform, 1334 NULL, NULL, "Server Certificate"); 1335 if (!exc->cert) 1336 return 0; 1337 if (exc->keyfile) { 1338 exc->key = load_key(err, exc->keyfile, exc->keyform, 1339 0, NULL, NULL, "Server Key"); 1340 } else { 1341 exc->key = load_key(err, exc->certfile, exc->certform, 1342 0, NULL, NULL, "Server Key"); 1343 } 1344 if (!exc->key) 1345 return 0; 1346 if (exc->chainfile) { 1347 exc->chain = load_certs(err, 1348 exc->chainfile, FORMAT_PEM, 1349 NULL, NULL, "Server Chain"); 1350 if (!exc->chain) 1351 return 0; 1352 } 1353 } 1354 return 1; 1355} 1356 1357int args_excert(char ***pargs, int *pargc, 1358 int *badarg, BIO *err, SSL_EXCERT **pexc) 1359{ 1360 char *arg = **pargs, *argn = (*pargs)[1]; 1361 SSL_EXCERT *exc = *pexc; 1362 int narg = 2; 1363 if (!exc) { 1364 if (ssl_excert_prepend(&exc)) 1365 *pexc = exc; 1366 else { 1367 BIO_printf(err, "Error initialising xcert\n"); 1368 *badarg = 1; 1369 goto err; 1370 } 1371 } 1372 if (strcmp(arg, "-xcert") == 0) { 1373 if (!argn) { 1374 *badarg = 1; 1375 return 1; 1376 } 1377 if (exc->certfile && !ssl_excert_prepend(&exc)) { 1378 BIO_printf(err, "Error adding xcert\n"); 1379 *badarg = 1; 1380 goto err; 1381 } 1382 exc->certfile = argn; 1383 } else if (strcmp(arg, "-xkey") == 0) { 1384 if (!argn) { 1385 *badarg = 1; 1386 return 1; 1387 } 1388 if (exc->keyfile) { 1389 BIO_printf(err, "Key already specified\n"); 1390 *badarg = 1; 1391 return 1; 1392 } 1393 exc->keyfile = argn; 1394 } else if (strcmp(arg, "-xchain") == 0) { 1395 if (!argn) { 1396 *badarg = 1; 1397 return 1; 1398 } 1399 if (exc->chainfile) { 1400 BIO_printf(err, "Chain already specified\n"); 1401 *badarg = 1; 1402 return 1; 1403 } 1404 exc->chainfile = argn; 1405 } else if (strcmp(arg, "-xchain_build") == 0) { 1406 narg = 1; 1407 exc->build_chain = 1; 1408 } else if (strcmp(arg, "-xcertform") == 0) { 1409 if (!argn) { 1410 *badarg = 1; 1411 goto err; 1412 } 1413 exc->certform = str2fmt(argn); 1414 } else if (strcmp(arg, "-xkeyform") == 0) { 1415 if (!argn) { 1416 *badarg = 1; 1417 goto err; 1418 } 1419 exc->keyform = str2fmt(argn); 1420 } else 1421 return 0; 1422 1423 (*pargs) += narg; 1424 1425 if (pargc) 1426 *pargc -= narg; 1427 1428 *pexc = exc; 1429 1430 return 1; 1431 1432 err: 1433 ERR_print_errors(err); 1434 ssl_excert_free(exc); 1435 *pexc = NULL; 1436 return 1; 1437} 1438 1439static void print_raw_cipherlist(BIO *bio, SSL *s) 1440{ 1441 const unsigned char *rlist; 1442 static const unsigned char scsv_id[] = { 0, 0, 0xFF }; 1443 size_t i, rlistlen, num; 1444 if (!SSL_is_server(s)) 1445 return; 1446 num = SSL_get0_raw_cipherlist(s, NULL); 1447 rlistlen = SSL_get0_raw_cipherlist(s, &rlist); 1448 BIO_puts(bio, "Client cipher list: "); 1449 for (i = 0; i < rlistlen; i += num, rlist += num) { 1450 const SSL_CIPHER *c = SSL_CIPHER_find(s, rlist); 1451 if (i) 1452 BIO_puts(bio, ":"); 1453 if (c) 1454 BIO_puts(bio, SSL_CIPHER_get_name(c)); 1455 else if (!memcmp(rlist, scsv_id - num + 3, num)) 1456 BIO_puts(bio, "SCSV"); 1457 else { 1458 size_t j; 1459 BIO_puts(bio, "0x"); 1460 for (j = 0; j < num; j++) 1461 BIO_printf(bio, "%02X", rlist[j]); 1462 } 1463 } 1464 BIO_puts(bio, "\n"); 1465} 1466 1467void print_ssl_summary(BIO *bio, SSL *s) 1468{ 1469 const SSL_CIPHER *c; 1470 X509 *peer; 1471 /* 1472 * const char *pnam = SSL_is_server(s) ? "client" : "server"; 1473 */ 1474 BIO_printf(bio, "Protocol version: %s\n", SSL_get_version(s)); 1475 print_raw_cipherlist(bio, s); 1476 c = SSL_get_current_cipher(s); 1477 BIO_printf(bio, "Ciphersuite: %s\n", SSL_CIPHER_get_name(c)); 1478 do_print_sigalgs(bio, s, 0); 1479 peer = SSL_get_peer_certificate(s); 1480 if (peer) { 1481 int nid; 1482 BIO_puts(bio, "Peer certificate: "); 1483 X509_NAME_print_ex(bio, X509_get_subject_name(peer), 1484 0, XN_FLAG_ONELINE); 1485 BIO_puts(bio, "\n"); 1486 if (SSL_get_peer_signature_nid(s, &nid)) 1487 BIO_printf(bio, "Hash used: %s\n", OBJ_nid2sn(nid)); 1488 } else 1489 BIO_puts(bio, "No peer certificate\n"); 1490 if (peer) 1491 X509_free(peer); 1492#ifndef OPENSSL_NO_EC 1493 ssl_print_point_formats(bio, s); 1494 if (SSL_is_server(s)) 1495 ssl_print_curves(bio, s, 1); 1496 else 1497 ssl_print_tmp_key(bio, s); 1498#else 1499 if (!SSL_is_server(s)) 1500 ssl_print_tmp_key(bio, s); 1501#endif 1502} 1503 1504int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx, 1505 int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr) 1506{ 1507 char *arg = **pargs, *argn = (*pargs)[1]; 1508 int rv; 1509 1510 /* Attempt to run SSL configuration command */ 1511 rv = SSL_CONF_cmd_argv(cctx, pargc, pargs); 1512 /* If parameter not recognised just return */ 1513 if (rv == 0) 1514 return 0; 1515 /* see if missing argument error */ 1516 if (rv == -3) { 1517 BIO_printf(err, "%s needs an argument\n", arg); 1518 *badarg = 1; 1519 goto end; 1520 } 1521 /* Check for some other error */ 1522 if (rv < 0) { 1523 BIO_printf(err, "Error with command: \"%s %s\"\n", 1524 arg, argn ? argn : ""); 1525 *badarg = 1; 1526 goto end; 1527 } 1528 /* Store command and argument */ 1529 /* If only one argument processed store value as NULL */ 1530 if (rv == 1) 1531 argn = NULL; 1532 if (!*pstr) 1533 *pstr = sk_OPENSSL_STRING_new_null(); 1534 if (!*pstr || !sk_OPENSSL_STRING_push(*pstr, arg) || 1535 !sk_OPENSSL_STRING_push(*pstr, argn)) { 1536 BIO_puts(err, "Memory allocation failure\n"); 1537 goto end; 1538 } 1539 1540 end: 1541 if (*badarg) 1542 ERR_print_errors(err); 1543 1544 return 1; 1545} 1546 1547int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx, 1548 STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake) 1549{ 1550 int i; 1551 SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); 1552 for (i = 0; i < sk_OPENSSL_STRING_num(str); i += 2) { 1553 const char *param = sk_OPENSSL_STRING_value(str, i); 1554 const char *value = sk_OPENSSL_STRING_value(str, i + 1); 1555 /* 1556 * If no_ecdhe or named curve already specified don't need a default. 1557 */ 1558 if (!no_ecdhe && !strcmp(param, "-named_curve")) 1559 no_ecdhe = 1; 1560#ifndef OPENSSL_NO_JPAKE 1561 if (!no_jpake && !strcmp(param, "-cipher")) { 1562 BIO_puts(err, "JPAKE sets cipher to PSK\n"); 1563 return 0; 1564 } 1565#endif 1566 if (SSL_CONF_cmd(cctx, param, value) <= 0) { 1567 BIO_printf(err, "Error with command: \"%s %s\"\n", 1568 param, value ? value : ""); 1569 ERR_print_errors(err); 1570 return 0; 1571 } 1572 } 1573 /* 1574 * This is a special case to keep existing s_server functionality: if we 1575 * don't have any curve specified *and* we haven't disabled ECDHE then 1576 * use P-256. 1577 */ 1578 if (!no_ecdhe) { 1579 if (SSL_CONF_cmd(cctx, "-named_curve", "P-256") <= 0) { 1580 BIO_puts(err, "Error setting EC curve\n"); 1581 ERR_print_errors(err); 1582 return 0; 1583 } 1584 } 1585#ifndef OPENSSL_NO_JPAKE 1586 if (!no_jpake) { 1587 if (SSL_CONF_cmd(cctx, "-cipher", "PSK") <= 0) { 1588 BIO_puts(err, "Error setting cipher to PSK\n"); 1589 ERR_print_errors(err); 1590 return 0; 1591 } 1592 } 1593#endif 1594 if (!SSL_CONF_CTX_finish(cctx)) { 1595 BIO_puts(err, "Error finishing context\n"); 1596 ERR_print_errors(err); 1597 return 0; 1598 } 1599 return 1; 1600} 1601 1602static int add_crls_store(X509_STORE *st, STACK_OF(X509_CRL) *crls) 1603{ 1604 X509_CRL *crl; 1605 int i; 1606 for (i = 0; i < sk_X509_CRL_num(crls); i++) { 1607 crl = sk_X509_CRL_value(crls, i); 1608 X509_STORE_add_crl(st, crl); 1609 } 1610 return 1; 1611} 1612 1613int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls, int crl_download) 1614{ 1615 X509_STORE *st; 1616 st = SSL_CTX_get_cert_store(ctx); 1617 add_crls_store(st, crls); 1618 if (crl_download) 1619 store_setup_crl_download(st); 1620 return 1; 1621} 1622 1623int ssl_load_stores(SSL_CTX *ctx, 1624 const char *vfyCApath, const char *vfyCAfile, 1625 const char *chCApath, const char *chCAfile, 1626 STACK_OF(X509_CRL) *crls, int crl_download) 1627{ 1628 X509_STORE *vfy = NULL, *ch = NULL; 1629 int rv = 0; 1630 if (vfyCApath || vfyCAfile) { 1631 vfy = X509_STORE_new(); 1632 if (!X509_STORE_load_locations(vfy, vfyCAfile, vfyCApath)) 1633 goto err; 1634 add_crls_store(vfy, crls); 1635 SSL_CTX_set1_verify_cert_store(ctx, vfy); 1636 if (crl_download) 1637 store_setup_crl_download(vfy); 1638 } 1639 if (chCApath || chCAfile) { 1640 ch = X509_STORE_new(); 1641 if (!X509_STORE_load_locations(ch, chCAfile, chCApath)) 1642 goto err; 1643 SSL_CTX_set1_chain_cert_store(ctx, ch); 1644 } 1645 rv = 1; 1646 err: 1647 if (vfy) 1648 X509_STORE_free(vfy); 1649 if (ch) 1650 X509_STORE_free(ch); 1651 return rv; 1652} 1653