1/* ssl/ssltest.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116/* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */ 144#define _BSD_SOURCE 1 145#define _DEFAULT_SOURCE 1 146 147#include <assert.h> 148#include <errno.h> 149#include <limits.h> 150#include <stdio.h> 151#include <stdlib.h> 152#include <string.h> 153#include <time.h> 154 155#define USE_SOCKETS 156#include "e_os.h" 157 158#ifdef OPENSSL_SYS_VMS 159/* 160 * Or isascii won't be declared properly on VMS (at least with DECompHP C). 161 */ 162# define _XOPEN_SOURCE 500 163#endif 164 165#include <ctype.h> 166 167#include <openssl/bio.h> 168#include <openssl/crypto.h> 169#include <openssl/evp.h> 170#include <openssl/x509.h> 171#include <openssl/x509v3.h> 172#include <openssl/ssl.h> 173#ifndef OPENSSL_NO_ENGINE 174# include <openssl/engine.h> 175#endif 176#include <openssl/err.h> 177#include <openssl/rand.h> 178#ifndef OPENSSL_NO_RSA 179# include <openssl/rsa.h> 180#endif 181#ifndef OPENSSL_NO_DSA 182# include <openssl/dsa.h> 183#endif 184#ifndef OPENSSL_NO_DH 185# include <openssl/dh.h> 186#endif 187#ifndef OPENSSL_NO_SRP 188# include <openssl/srp.h> 189#endif 190#include <openssl/bn.h> 191 192/* 193 * Or gethostname won't be declared properly 194 * on Compaq platforms (at least with DEC C). 195 * Do not try to put it earlier, or IPv6 includes 196 * get screwed... 197 */ 198#define _XOPEN_SOURCE_EXTENDED 1 199 200#ifdef OPENSSL_SYS_WINDOWS 201# include <winsock.h> 202#else 203# include OPENSSL_UNISTD 204#endif 205 206#ifdef OPENSSL_SYS_VMS 207# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" 208# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" 209#elif defined(OPENSSL_SYS_WINCE) 210# define TEST_SERVER_CERT "\\OpenSSL\\server.pem" 211# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem" 212#elif defined(OPENSSL_SYS_NETWARE) 213# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem" 214# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem" 215#else 216# define TEST_SERVER_CERT "../apps/server.pem" 217# define TEST_CLIENT_CERT "../apps/client.pem" 218#endif 219 220/* 221 * There is really no standard for this, so let's assign some tentative 222 * numbers. In any case, these numbers are only for this test 223 */ 224#define COMP_RLE 255 225#define COMP_ZLIB 1 226 227static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); 228#ifndef OPENSSL_NO_RSA 229static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 230static void free_tmp_rsa(void); 231#endif 232static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg); 233#define APP_CALLBACK_STRING "Test Callback Argument" 234struct app_verify_arg { 235 char *string; 236 int app_verify; 237 int allow_proxy_certs; 238 char *proxy_auth; 239 char *proxy_cond; 240}; 241 242#ifndef OPENSSL_NO_DH 243static DH *get_dh512(void); 244static DH *get_dh1024(void); 245static DH *get_dh1024dsa(void); 246#endif 247 248static char *psk_key = NULL; /* by default PSK is not used */ 249#ifndef OPENSSL_NO_PSK 250static unsigned int psk_client_callback(SSL *ssl, const char *hint, 251 char *identity, 252 unsigned int max_identity_len, 253 unsigned char *psk, 254 unsigned int max_psk_len); 255static unsigned int psk_server_callback(SSL *ssl, const char *identity, 256 unsigned char *psk, 257 unsigned int max_psk_len); 258#endif 259 260#ifndef OPENSSL_NO_SRP 261/* SRP client */ 262/* This is a context that we pass to all callbacks */ 263typedef struct srp_client_arg_st { 264 char *srppassin; 265 char *srplogin; 266} SRP_CLIENT_ARG; 267 268# define PWD_STRLEN 1024 269 270static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 271{ 272 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg; 273 return BUF_strdup((char *)srp_client_arg->srppassin); 274} 275 276/* SRP server */ 277/* This is a context that we pass to SRP server callbacks */ 278typedef struct srp_server_arg_st { 279 char *expected_user; 280 char *pass; 281} SRP_SERVER_ARG; 282 283static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 284{ 285 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg; 286 287 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) { 288 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s)); 289 return SSL3_AL_FATAL; 290 } 291 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) { 292 *ad = SSL_AD_INTERNAL_ERROR; 293 return SSL3_AL_FATAL; 294 } 295 return SSL_ERROR_NONE; 296} 297#endif 298 299static BIO *bio_err = NULL; 300static BIO *bio_stdout = NULL; 301 302static char *cipher = NULL; 303static int verbose = 0; 304static int debug = 0; 305#if 0 306/* Not used yet. */ 307# ifdef FIONBIO 308static int s_nbio = 0; 309# endif 310#endif 311 312static const char rnd_seed[] = 313 "string to make the random number generator think it has entropy"; 314 315int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 316 clock_t *c_time); 317int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 318static int do_test_cipherlist(void); 319static void sv_usage(void) 320{ 321 fprintf(stderr, "usage: ssltest [args ...]\n"); 322 fprintf(stderr, "\n"); 323#ifdef OPENSSL_FIPS 324 fprintf(stderr, "-F - run test in FIPS mode\n"); 325#endif 326 fprintf(stderr, " -server_auth - check server certificate\n"); 327 fprintf(stderr, " -client_auth - do client authentication\n"); 328 fprintf(stderr, " -proxy - allow proxy certificates\n"); 329 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 330 fprintf(stderr, 331 " -proxy_cond <val> - experssion to test proxy policy rights\n"); 332 fprintf(stderr, " -v - more output\n"); 333 fprintf(stderr, " -d - debug output\n"); 334 fprintf(stderr, " -reuse - use session-id reuse\n"); 335 fprintf(stderr, " -num <val> - number of connections to perform\n"); 336 fprintf(stderr, 337 " -bytes <val> - number of bytes to swap between client/server\n"); 338#ifndef OPENSSL_NO_DH 339 fprintf(stderr, 340 " -dhe512 - use 512 bit key for DHE (to test failure)\n"); 341 fprintf(stderr, 342 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n"); 343 fprintf(stderr, 344 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 345 fprintf(stderr, " -no_dhe - disable DHE\n"); 346#endif 347#ifndef OPENSSL_NO_ECDH 348 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 349#endif 350#ifndef OPENSSL_NO_PSK 351 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n"); 352#endif 353#ifndef OPENSSL_NO_SRP 354 fprintf(stderr, " -srpuser user - SRP username to use\n"); 355 fprintf(stderr, " -srppass arg - password for 'user'\n"); 356#endif 357#ifndef OPENSSL_NO_SSL2 358 fprintf(stderr, " -ssl2 - use SSLv2\n"); 359#endif 360#ifndef OPENSSL_NO_SSL3_METHOD 361 fprintf(stderr, " -ssl3 - use SSLv3\n"); 362#endif 363#ifndef OPENSSL_NO_TLS1 364 fprintf(stderr, " -tls1 - use TLSv1\n"); 365#endif 366 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 367 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 368 fprintf(stderr, " -cert arg - Server certificate file\n"); 369 fprintf(stderr, 370 " -key arg - Server key file (default: same as -cert)\n"); 371 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 372 fprintf(stderr, 373 " -c_key arg - Client key file (default: same as -c_cert)\n"); 374 fprintf(stderr, " -cipher arg - The cipher list\n"); 375 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 376 fprintf(stderr, " -f - Test even cases that can't work\n"); 377 fprintf(stderr, 378 " -time - measure processor time used by client and server\n"); 379 fprintf(stderr, " -zlib - use zlib compression\n"); 380 fprintf(stderr, " -rle - use rle compression\n"); 381#ifndef OPENSSL_NO_ECDH 382 fprintf(stderr, 383 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" 384 " Use \"openssl ecparam -list_curves\" for all names\n" 385 " (default is sect163r2).\n"); 386#endif 387 fprintf(stderr, 388 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n" 389 " When this option is requested, the cipherlist\n" 390 " tests are run instead of handshake tests.\n"); 391} 392 393static void print_details(SSL *c_ssl, const char *prefix) 394{ 395 const SSL_CIPHER *ciph; 396 X509 *cert; 397 398 ciph = SSL_get_current_cipher(c_ssl); 399 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 400 prefix, 401 SSL_get_version(c_ssl), 402 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph)); 403 cert = SSL_get_peer_certificate(c_ssl); 404 if (cert != NULL) { 405 EVP_PKEY *pkey = X509_get_pubkey(cert); 406 if (pkey != NULL) { 407 if (0) ; 408#ifndef OPENSSL_NO_RSA 409 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL 410 && pkey->pkey.rsa->n != NULL) { 411 BIO_printf(bio_stdout, ", %d bit RSA", 412 BN_num_bits(pkey->pkey.rsa->n)); 413 } 414#endif 415#ifndef OPENSSL_NO_DSA 416 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL 417 && pkey->pkey.dsa->p != NULL) { 418 BIO_printf(bio_stdout, ", %d bit DSA", 419 BN_num_bits(pkey->pkey.dsa->p)); 420 } 421#endif 422 EVP_PKEY_free(pkey); 423 } 424 X509_free(cert); 425 } 426 /* 427 * The SSL API does not allow us to look at temporary RSA/DH keys, 428 * otherwise we should print their lengths too 429 */ 430 BIO_printf(bio_stdout, "\n"); 431} 432 433static void lock_dbg_cb(int mode, int type, const char *file, int line) 434{ 435 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ 436 const char *errstr = NULL; 437 int rw; 438 439 rw = mode & (CRYPTO_READ | CRYPTO_WRITE); 440 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) { 441 errstr = "invalid mode"; 442 goto err; 443 } 444 445 if (type < 0 || type >= CRYPTO_NUM_LOCKS) { 446 errstr = "type out of bounds"; 447 goto err; 448 } 449 450 if (mode & CRYPTO_LOCK) { 451 if (modes[type]) { 452 errstr = "already locked"; 453 /* 454 * must not happen in a single-threaded program (would deadlock) 455 */ 456 goto err; 457 } 458 459 modes[type] = rw; 460 } else if (mode & CRYPTO_UNLOCK) { 461 if (!modes[type]) { 462 errstr = "not locked"; 463 goto err; 464 } 465 466 if (modes[type] != rw) { 467 errstr = (rw == CRYPTO_READ) ? 468 "CRYPTO_r_unlock on write lock" : 469 "CRYPTO_w_unlock on read lock"; 470 } 471 472 modes[type] = 0; 473 } else { 474 errstr = "invalid mode"; 475 goto err; 476 } 477 478 err: 479 if (errstr) { 480 /* we cannot use bio_err here */ 481 fprintf(stderr, 482 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n", 483 errstr, mode, type, file, line); 484 } 485} 486 487#ifdef TLSEXT_TYPE_opaque_prf_input 488struct cb_info_st { 489 void *input; 490 size_t len; 491 int ret; 492}; 493struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */ 494struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */ 495struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */ 496struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */ 497 498int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_) 499{ 500 struct cb_info_st *arg = arg_; 501 502 if (arg == NULL) 503 return 1; 504 505 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len)) 506 return 0; 507 return arg->ret; 508} 509#endif 510 511int main(int argc, char *argv[]) 512{ 513 char *CApath = NULL, *CAfile = NULL; 514 int badop = 0; 515 int bio_pair = 0; 516 int force = 0; 517 int tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1; 518 int client_auth = 0; 519 int server_auth = 0, i; 520 struct app_verify_arg app_verify_arg = 521 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 522 char *server_cert = TEST_SERVER_CERT; 523 char *server_key = NULL; 524 char *client_cert = TEST_CLIENT_CERT; 525 char *client_key = NULL; 526#ifndef OPENSSL_NO_ECDH 527 char *named_curve = NULL; 528#endif 529 SSL_CTX *s_ctx = NULL; 530 SSL_CTX *c_ctx = NULL; 531 const SSL_METHOD *meth = NULL; 532 SSL *c_ssl, *s_ssl; 533 int number = 1, reuse = 0; 534 long bytes = 256L; 535#ifndef OPENSSL_NO_DH 536 DH *dh; 537 int dhe512 = 0, dhe1024dsa = 0; 538#endif 539#ifndef OPENSSL_NO_ECDH 540 EC_KEY *ecdh = NULL; 541#endif 542#ifndef OPENSSL_NO_SRP 543 /* client */ 544 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL }; 545 /* server */ 546 SRP_SERVER_ARG srp_server_arg = { NULL, NULL }; 547#endif 548 int no_dhe = 0; 549 int no_ecdhe = 0; 550 int no_psk = 0; 551 int print_time = 0; 552 clock_t s_time = 0, c_time = 0; 553 int comp = 0; 554#ifndef OPENSSL_NO_COMP 555 COMP_METHOD *cm = NULL; 556 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; 557#endif 558 int test_cipherlist = 0; 559#ifdef OPENSSL_FIPS 560 int fips_mode = 0; 561#endif 562 int no_protocol = 0; 563 564 verbose = 0; 565 debug = 0; 566 cipher = 0; 567 568 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); 569 570 CRYPTO_set_locking_callback(lock_dbg_cb); 571 572 /* enable memory leak checking unless explicitly disabled */ 573 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) 574 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) { 575 CRYPTO_malloc_debug_init(); 576 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); 577 } else { 578 /* OPENSSL_DEBUG_MEMORY=off */ 579 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); 580 } 581 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 582 583 RAND_seed(rnd_seed, sizeof rnd_seed); 584 585 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); 586 587 argc--; 588 argv++; 589 590 while (argc >= 1) { 591 if (!strcmp(*argv, "-F")) { 592#ifdef OPENSSL_FIPS 593 fips_mode = 1; 594#else 595 fprintf(stderr, 596 "not compiled with FIPS support, so exitting without running.\n"); 597 EXIT(0); 598#endif 599 } else if (strcmp(*argv, "-server_auth") == 0) 600 server_auth = 1; 601 else if (strcmp(*argv, "-client_auth") == 0) 602 client_auth = 1; 603 else if (strcmp(*argv, "-proxy_auth") == 0) { 604 if (--argc < 1) 605 goto bad; 606 app_verify_arg.proxy_auth = *(++argv); 607 } else if (strcmp(*argv, "-proxy_cond") == 0) { 608 if (--argc < 1) 609 goto bad; 610 app_verify_arg.proxy_cond = *(++argv); 611 } else if (strcmp(*argv, "-v") == 0) 612 verbose = 1; 613 else if (strcmp(*argv, "-d") == 0) 614 debug = 1; 615 else if (strcmp(*argv, "-reuse") == 0) 616 reuse = 1; 617 else if (strcmp(*argv, "-dhe512") == 0) { 618#ifndef OPENSSL_NO_DH 619 dhe512 = 1; 620#else 621 fprintf(stderr, 622 "ignoring -dhe512, since I'm compiled without DH\n"); 623#endif 624 } else if (strcmp(*argv, "-dhe1024dsa") == 0) { 625#ifndef OPENSSL_NO_DH 626 dhe1024dsa = 1; 627#else 628 fprintf(stderr, 629 "ignoring -dhe1024dsa, since I'm compiled without DH\n"); 630#endif 631 } else if (strcmp(*argv, "-no_dhe") == 0) 632 no_dhe = 1; 633 else if (strcmp(*argv, "-no_ecdhe") == 0) 634 no_ecdhe = 1; 635 else if (strcmp(*argv, "-psk") == 0) { 636 if (--argc < 1) 637 goto bad; 638 psk_key = *(++argv); 639#ifndef OPENSSL_NO_PSK 640 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) { 641 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv); 642 goto bad; 643 } 644#else 645 no_psk = 1; 646#endif 647 } 648#ifndef OPENSSL_NO_SRP 649 else if (strcmp(*argv, "-srpuser") == 0) { 650 if (--argc < 1) 651 goto bad; 652 srp_server_arg.expected_user = srp_client_arg.srplogin = 653 *(++argv); 654 tls1 = 1; 655 } else if (strcmp(*argv, "-srppass") == 0) { 656 if (--argc < 1) 657 goto bad; 658 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv); 659 tls1 = 1; 660 } 661#endif 662 else if (strcmp(*argv, "-ssl2") == 0) { 663#ifdef OPENSSL_NO_SSL2 664 no_protocol = 1; 665#endif 666 ssl2 = 1; 667 } else if (strcmp(*argv, "-tls1") == 0) { 668#ifdef OPENSSL_NO_TLS1 669 no_protocol = 1; 670#endif 671 tls1 = 1; 672 } else if (strcmp(*argv, "-ssl3") == 0) { 673#ifdef OPENSSL_NO_SSL3_METHOD 674 no_protocol = 1; 675#endif 676 ssl3 = 1; 677 } else if (strncmp(*argv, "-num", 4) == 0) { 678 if (--argc < 1) 679 goto bad; 680 number = atoi(*(++argv)); 681 if (number == 0) 682 number = 1; 683 } else if (strcmp(*argv, "-bytes") == 0) { 684 if (--argc < 1) 685 goto bad; 686 bytes = atol(*(++argv)); 687 if (bytes == 0L) 688 bytes = 1L; 689 i = strlen(argv[0]); 690 if (argv[0][i - 1] == 'k') 691 bytes *= 1024L; 692 if (argv[0][i - 1] == 'm') 693 bytes *= 1024L * 1024L; 694 } else if (strcmp(*argv, "-cert") == 0) { 695 if (--argc < 1) 696 goto bad; 697 server_cert = *(++argv); 698 } else if (strcmp(*argv, "-s_cert") == 0) { 699 if (--argc < 1) 700 goto bad; 701 server_cert = *(++argv); 702 } else if (strcmp(*argv, "-key") == 0) { 703 if (--argc < 1) 704 goto bad; 705 server_key = *(++argv); 706 } else if (strcmp(*argv, "-s_key") == 0) { 707 if (--argc < 1) 708 goto bad; 709 server_key = *(++argv); 710 } else if (strcmp(*argv, "-c_cert") == 0) { 711 if (--argc < 1) 712 goto bad; 713 client_cert = *(++argv); 714 } else if (strcmp(*argv, "-c_key") == 0) { 715 if (--argc < 1) 716 goto bad; 717 client_key = *(++argv); 718 } else if (strcmp(*argv, "-cipher") == 0) { 719 if (--argc < 1) 720 goto bad; 721 cipher = *(++argv); 722 } else if (strcmp(*argv, "-CApath") == 0) { 723 if (--argc < 1) 724 goto bad; 725 CApath = *(++argv); 726 } else if (strcmp(*argv, "-CAfile") == 0) { 727 if (--argc < 1) 728 goto bad; 729 CAfile = *(++argv); 730 } else if (strcmp(*argv, "-bio_pair") == 0) { 731 bio_pair = 1; 732 } else if (strcmp(*argv, "-f") == 0) { 733 force = 1; 734 } else if (strcmp(*argv, "-time") == 0) { 735 print_time = 1; 736 } else if (strcmp(*argv, "-zlib") == 0) { 737 comp = COMP_ZLIB; 738 } else if (strcmp(*argv, "-rle") == 0) { 739 comp = COMP_RLE; 740 } else if (strcmp(*argv, "-named_curve") == 0) { 741 if (--argc < 1) 742 goto bad; 743#ifndef OPENSSL_NO_ECDH 744 named_curve = *(++argv); 745#else 746 fprintf(stderr, 747 "ignoring -named_curve, since I'm compiled without ECDH\n"); 748 ++argv; 749#endif 750 } else if (strcmp(*argv, "-app_verify") == 0) { 751 app_verify_arg.app_verify = 1; 752 } else if (strcmp(*argv, "-proxy") == 0) { 753 app_verify_arg.allow_proxy_certs = 1; 754 } else if (strcmp(*argv, "-test_cipherlist") == 0) { 755 test_cipherlist = 1; 756 } else { 757 fprintf(stderr, "unknown option %s\n", *argv); 758 badop = 1; 759 break; 760 } 761 argc--; 762 argv++; 763 } 764 if (badop) { 765 bad: 766 sv_usage(); 767 goto end; 768 } 769 770 /* 771 * test_cipherlist prevails over protocol switch: we test the cipherlist 772 * for all enabled protocols. 773 */ 774 if (test_cipherlist == 1) { 775 /* 776 * ensure that the cipher list are correctly sorted and exit 777 */ 778 fprintf(stdout, "Testing cipherlist order only. Ignoring all " 779 "other options.\n"); 780 if (do_test_cipherlist() == 0) 781 EXIT(1); 782 ret = 0; 783 goto end; 784 } 785 786 if (ssl2 + ssl3 + tls1 > 1) { 787 fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should " 788 "be requested.\n"); 789 EXIT(1); 790 } 791 792 /* 793 * Testing was requested for a compiled-out protocol (e.g. SSLv2). 794 * Ideally, we would error out, but the generic test wrapper can't know 795 * when to expect failure. So we do nothing and return success. 796 */ 797 if (no_protocol) { 798 fprintf(stderr, "Testing was requested for a disabled protocol. " 799 "Skipping tests.\n"); 800 ret = 0; 801 goto end; 802 } 803 804 if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) { 805 fprintf(stderr, "This case cannot work. Use -f to perform " 806 "the test anyway (and\n-d to see what happens), " 807 "or add one of -ssl2, -ssl3, -tls1, -reuse\n" 808 "to avoid protocol mismatch.\n"); 809 EXIT(1); 810 } 811#ifdef OPENSSL_FIPS 812 if (fips_mode) { 813 if (!FIPS_mode_set(1)) { 814 ERR_load_crypto_strings(); 815 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE)); 816 EXIT(1); 817 } else 818 fprintf(stderr, "*** IN FIPS MODE ***\n"); 819 } 820#endif 821 822 if (print_time) { 823 if (!bio_pair) { 824 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 825 bio_pair = 1; 826 } 827 if (number < 50 && !force) 828 fprintf(stderr, 829 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 830 } 831 832/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 833 834 SSL_library_init(); 835 SSL_load_error_strings(); 836 837#ifndef OPENSSL_NO_COMP 838 if (comp == COMP_ZLIB) 839 cm = COMP_zlib(); 840 if (comp == COMP_RLE) 841 cm = COMP_rle(); 842 if (cm != NULL) { 843 if (cm->type != NID_undef) { 844 if (SSL_COMP_add_compression_method(comp, cm) != 0) { 845 fprintf(stderr, "Failed to add compression method\n"); 846 ERR_print_errors_fp(stderr); 847 } 848 } else { 849 fprintf(stderr, 850 "Warning: %s compression not supported\n", 851 (comp == COMP_RLE ? "rle" : 852 (comp == COMP_ZLIB ? "zlib" : "unknown"))); 853 ERR_print_errors_fp(stderr); 854 } 855 } 856 ssl_comp_methods = SSL_COMP_get_compression_methods(); 857 fprintf(stderr, "Available compression methods:\n"); 858 { 859 int j, n = sk_SSL_COMP_num(ssl_comp_methods); 860 if (n == 0) 861 fprintf(stderr, " NONE\n"); 862 else 863 for (j = 0; j < n; j++) { 864 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); 865 fprintf(stderr, " %d: %s\n", c->id, c->name); 866 } 867 } 868#endif 869 870 /* 871 * At this point, ssl2/ssl3/tls1 is only set if the protocol is 872 * available. (Otherwise we exit early.) However the compiler doesn't 873 * know this, so we ifdef. 874 */ 875#ifndef OPENSSL_NO_SSL2 876 if (ssl2) 877 meth = SSLv2_method(); 878 else 879#endif 880#ifndef OPENSSL_NO_SSL3 881 if (ssl3) 882 meth = SSLv3_method(); 883 else 884#endif 885#ifndef OPENSSL_NO_TLS1 886 if (tls1) 887 meth = TLSv1_method(); 888 else 889#endif 890 meth = SSLv23_method(); 891 892 c_ctx = SSL_CTX_new(meth); 893 s_ctx = SSL_CTX_new(meth); 894 if ((c_ctx == NULL) || (s_ctx == NULL)) { 895 ERR_print_errors(bio_err); 896 goto end; 897 } 898 899 if (cipher != NULL) { 900 SSL_CTX_set_cipher_list(c_ctx, cipher); 901 SSL_CTX_set_cipher_list(s_ctx, cipher); 902 } 903#ifndef OPENSSL_NO_DH 904 if (!no_dhe) { 905 if (dhe1024dsa) { 906 /* 907 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks 908 */ 909 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 910 dh = get_dh1024dsa(); 911 } else if (dhe512) 912 dh = get_dh512(); 913 else 914 dh = get_dh1024(); 915 SSL_CTX_set_tmp_dh(s_ctx, dh); 916 DH_free(dh); 917 } 918#else 919 (void)no_dhe; 920#endif 921 922#ifndef OPENSSL_NO_ECDH 923 if (!no_ecdhe) { 924 int nid; 925 926 if (named_curve != NULL) { 927 nid = OBJ_sn2nid(named_curve); 928 if (nid == 0) { 929 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 930 goto end; 931 } 932 } else 933# ifdef OPENSSL_NO_EC2M 934 nid = NID_X9_62_prime256v1; 935# else 936 nid = NID_sect163r2; 937# endif 938 939 ecdh = EC_KEY_new_by_curve_name(nid); 940 if (ecdh == NULL) { 941 BIO_printf(bio_err, "unable to create curve\n"); 942 goto end; 943 } 944 945 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 946 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 947 EC_KEY_free(ecdh); 948 } 949#else 950 (void)no_ecdhe; 951#endif 952 953#ifndef OPENSSL_NO_RSA 954 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); 955#endif 956 957#ifdef TLSEXT_TYPE_opaque_prf_input 958 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb); 959 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb); 960 /* or &co2 or NULL */ 961 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); 962 /* or &so2 or NULL */ 963 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); 964#endif 965 966 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) { 967 ERR_print_errors(bio_err); 968 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 969 (server_key ? server_key : 970 server_cert), 971 SSL_FILETYPE_PEM)) { 972 ERR_print_errors(bio_err); 973 goto end; 974 } 975 976 if (client_auth) { 977 SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM); 978 SSL_CTX_use_PrivateKey_file(c_ctx, 979 (client_key ? client_key : client_cert), 980 SSL_FILETYPE_PEM); 981 } 982 983 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 984 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 985 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 986 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 987 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 988 ERR_print_errors(bio_err); 989 /* goto end; */ 990 } 991 992 if (client_auth) { 993 BIO_printf(bio_err, "client authentication\n"); 994 SSL_CTX_set_verify(s_ctx, 995 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 996 verify_callback); 997 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 998 &app_verify_arg); 999 } 1000 if (server_auth) { 1001 BIO_printf(bio_err, "server authentication\n"); 1002 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback); 1003 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 1004 &app_verify_arg); 1005 } 1006 1007 { 1008 int session_id_context = 0; 1009 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, 1010 sizeof session_id_context); 1011 } 1012 1013 /* Use PSK only if PSK key is given */ 1014 if (psk_key != NULL) { 1015 /* 1016 * no_psk is used to avoid putting psk command to openssl tool 1017 */ 1018 if (no_psk) { 1019 /* 1020 * if PSK is not compiled in and psk key is given, do nothing and 1021 * exit successfully 1022 */ 1023 ret = 0; 1024 goto end; 1025 } 1026#ifndef OPENSSL_NO_PSK 1027 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback); 1028 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback); 1029 if (debug) 1030 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n"); 1031 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) { 1032 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n"); 1033 ERR_print_errors(bio_err); 1034 goto end; 1035 } 1036#endif 1037 } 1038#ifndef OPENSSL_NO_SRP 1039 if (srp_client_arg.srplogin) { 1040 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) { 1041 BIO_printf(bio_err, "Unable to set SRP username\n"); 1042 goto end; 1043 } 1044 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg); 1045 SSL_CTX_set_srp_client_pwd_callback(c_ctx, 1046 ssl_give_srp_client_pwd_cb); 1047 /* 1048 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength); 1049 */ 1050 } 1051 1052 if (srp_server_arg.expected_user != NULL) { 1053 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback); 1054 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg); 1055 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb); 1056 } 1057#endif 1058 1059 c_ssl = SSL_new(c_ctx); 1060 s_ssl = SSL_new(s_ctx); 1061 1062#ifndef OPENSSL_NO_KRB5 1063 if (c_ssl && c_ssl->kssl_ctx) { 1064 char localhost[MAXHOSTNAMELEN + 2]; 1065 1066 if (gethostname(localhost, sizeof localhost - 1) == 0) { 1067 localhost[sizeof localhost - 1] = '\0'; 1068 if (strlen(localhost) == sizeof localhost - 1) { 1069 BIO_printf(bio_err, "localhost name too long\n"); 1070 goto end; 1071 } 1072 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost); 1073 } 1074 } 1075#endif /* OPENSSL_NO_KRB5 */ 1076 1077 for (i = 0; i < number; i++) { 1078 if (!reuse) 1079 SSL_set_session(c_ssl, NULL); 1080 if (bio_pair) 1081 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time); 1082 else 1083 ret = doit(s_ssl, c_ssl, bytes); 1084 } 1085 1086 if (!verbose) { 1087 print_details(c_ssl, ""); 1088 } 1089 if ((number > 1) || (bytes > 1L)) 1090 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number, 1091 bytes); 1092 if (print_time) { 1093#ifdef CLOCKS_PER_SEC 1094 /* 1095 * "To determine the time in seconds, the value returned by the clock 1096 * function should be divided by the value of the macro 1097 * CLOCKS_PER_SEC." -- ISO/IEC 9899 1098 */ 1099 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n" 1100 "Approximate total client time: %6.2f s\n", 1101 (double)s_time / CLOCKS_PER_SEC, 1102 (double)c_time / CLOCKS_PER_SEC); 1103#else 1104 /* 1105 * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on 1106 * NeXTstep/OpenStep 1107 */ 1108 BIO_printf(bio_stdout, 1109 "Approximate total server time: %6.2f units\n" 1110 "Approximate total client time: %6.2f units\n", 1111 (double)s_time, (double)c_time); 1112#endif 1113 } 1114 1115 SSL_free(s_ssl); 1116 SSL_free(c_ssl); 1117 1118 end: 1119 if (s_ctx != NULL) 1120 SSL_CTX_free(s_ctx); 1121 if (c_ctx != NULL) 1122 SSL_CTX_free(c_ctx); 1123 1124 if (bio_stdout != NULL) 1125 BIO_free(bio_stdout); 1126 1127#ifndef OPENSSL_NO_RSA 1128 free_tmp_rsa(); 1129#endif 1130#ifndef OPENSSL_NO_ENGINE 1131 ENGINE_cleanup(); 1132#endif 1133 CRYPTO_cleanup_all_ex_data(); 1134 ERR_free_strings(); 1135 ERR_remove_thread_state(NULL); 1136 EVP_cleanup(); 1137 CRYPTO_mem_leaks(bio_err); 1138 if (bio_err != NULL) 1139 BIO_free(bio_err); 1140 EXIT(ret); 1141 return ret; 1142} 1143 1144int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, 1145 clock_t *s_time, clock_t *c_time) 1146{ 1147 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 1148 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 1149 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL; 1150 int ret = 1; 1151 1152 size_t bufsiz = 256; /* small buffer for testing */ 1153 1154 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 1155 goto err; 1156 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 1157 goto err; 1158 1159 s_ssl_bio = BIO_new(BIO_f_ssl()); 1160 if (!s_ssl_bio) 1161 goto err; 1162 1163 c_ssl_bio = BIO_new(BIO_f_ssl()); 1164 if (!c_ssl_bio) 1165 goto err; 1166 1167 SSL_set_connect_state(c_ssl); 1168 SSL_set_bio(c_ssl, client, client); 1169 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 1170 1171 SSL_set_accept_state(s_ssl); 1172 SSL_set_bio(s_ssl, server, server); 1173 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 1174 1175 do { 1176 /*- 1177 * c_ssl_bio: SSL filter BIO 1178 * 1179 * client: pseudo-I/O for SSL library 1180 * 1181 * client_io: client's SSL communication; usually to be 1182 * relayed over some I/O facility, but in this 1183 * test program, we're the server, too: 1184 * 1185 * server_io: server's SSL communication 1186 * 1187 * server: pseudo-I/O for SSL library 1188 * 1189 * s_ssl_bio: SSL filter BIO 1190 * 1191 * The client and the server each employ a "BIO pair": 1192 * client + client_io, server + server_io. 1193 * BIO pairs are symmetric. A BIO pair behaves similar 1194 * to a non-blocking socketpair (but both endpoints must 1195 * be handled by the same thread). 1196 * [Here we could connect client and server to the ends 1197 * of a single BIO pair, but then this code would be less 1198 * suitable as an example for BIO pairs in general.] 1199 * 1200 * Useful functions for querying the state of BIO pair endpoints: 1201 * 1202 * BIO_ctrl_pending(bio) number of bytes we can read now 1203 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 1204 * other side's read attempt 1205 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 1206 * 1207 * ..._read_request is never more than ..._write_guarantee; 1208 * it depends on the application which one you should use. 1209 */ 1210 1211 /* 1212 * We have non-blocking behaviour throughout this test program, but 1213 * can be sure that there is *some* progress in each iteration; so we 1214 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE -- 1215 * we just try everything in each iteration 1216 */ 1217 1218 { 1219 /* CLIENT */ 1220 1221 MS_STATIC char cbuf[1024 * 8]; 1222 int i, r; 1223 clock_t c_clock = clock(); 1224 1225 memset(cbuf, 0, sizeof(cbuf)); 1226 1227 if (debug) 1228 if (SSL_in_init(c_ssl)) 1229 printf("client waiting in SSL_connect - %s\n", 1230 SSL_state_string_long(c_ssl)); 1231 1232 if (cw_num > 0) { 1233 /* Write to server. */ 1234 1235 if (cw_num > (long)sizeof cbuf) 1236 i = sizeof cbuf; 1237 else 1238 i = (int)cw_num; 1239 r = BIO_write(c_ssl_bio, cbuf, i); 1240 if (r < 0) { 1241 if (!BIO_should_retry(c_ssl_bio)) { 1242 fprintf(stderr, "ERROR in CLIENT\n"); 1243 goto err; 1244 } 1245 /* 1246 * BIO_should_retry(...) can just be ignored here. The 1247 * library expects us to call BIO_write with the same 1248 * arguments again, and that's what we will do in the 1249 * next iteration. 1250 */ 1251 } else if (r == 0) { 1252 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1253 goto err; 1254 } else { 1255 if (debug) 1256 printf("client wrote %d\n", r); 1257 cw_num -= r; 1258 } 1259 } 1260 1261 if (cr_num > 0) { 1262 /* Read from server. */ 1263 1264 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 1265 if (r < 0) { 1266 if (!BIO_should_retry(c_ssl_bio)) { 1267 fprintf(stderr, "ERROR in CLIENT\n"); 1268 goto err; 1269 } 1270 /* 1271 * Again, "BIO_should_retry" can be ignored. 1272 */ 1273 } else if (r == 0) { 1274 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1275 goto err; 1276 } else { 1277 if (debug) 1278 printf("client read %d\n", r); 1279 cr_num -= r; 1280 } 1281 } 1282 1283 /* 1284 * c_time and s_time increments will typically be very small 1285 * (depending on machine speed and clock tick intervals), but 1286 * sampling over a large number of connections should result in 1287 * fairly accurate figures. We cannot guarantee a lot, however 1288 * -- if each connection lasts for exactly one clock tick, it 1289 * will be counted only for the client or only for the server or 1290 * even not at all. 1291 */ 1292 *c_time += (clock() - c_clock); 1293 } 1294 1295 { 1296 /* SERVER */ 1297 1298 MS_STATIC char sbuf[1024 * 8]; 1299 int i, r; 1300 clock_t s_clock = clock(); 1301 1302 memset(sbuf, 0, sizeof(sbuf)); 1303 1304 if (debug) 1305 if (SSL_in_init(s_ssl)) 1306 printf("server waiting in SSL_accept - %s\n", 1307 SSL_state_string_long(s_ssl)); 1308 1309 if (sw_num > 0) { 1310 /* Write to client. */ 1311 1312 if (sw_num > (long)sizeof sbuf) 1313 i = sizeof sbuf; 1314 else 1315 i = (int)sw_num; 1316 r = BIO_write(s_ssl_bio, sbuf, i); 1317 if (r < 0) { 1318 if (!BIO_should_retry(s_ssl_bio)) { 1319 fprintf(stderr, "ERROR in SERVER\n"); 1320 goto err; 1321 } 1322 /* Ignore "BIO_should_retry". */ 1323 } else if (r == 0) { 1324 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1325 goto err; 1326 } else { 1327 if (debug) 1328 printf("server wrote %d\n", r); 1329 sw_num -= r; 1330 } 1331 } 1332 1333 if (sr_num > 0) { 1334 /* Read from client. */ 1335 1336 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 1337 if (r < 0) { 1338 if (!BIO_should_retry(s_ssl_bio)) { 1339 fprintf(stderr, "ERROR in SERVER\n"); 1340 goto err; 1341 } 1342 /* blah, blah */ 1343 } else if (r == 0) { 1344 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1345 goto err; 1346 } else { 1347 if (debug) 1348 printf("server read %d\n", r); 1349 sr_num -= r; 1350 } 1351 } 1352 1353 *s_time += (clock() - s_clock); 1354 } 1355 1356 { 1357 /* "I/O" BETWEEN CLIENT AND SERVER. */ 1358 1359 size_t r1, r2; 1360 BIO *io1 = server_io, *io2 = client_io; 1361 /* 1362 * we use the non-copying interface for io1 and the standard 1363 * BIO_write/BIO_read interface for io2 1364 */ 1365 1366 static int prev_progress = 1; 1367 int progress = 0; 1368 1369 /* io1 to io2 */ 1370 do { 1371 size_t num; 1372 int r; 1373 1374 r1 = BIO_ctrl_pending(io1); 1375 r2 = BIO_ctrl_get_write_guarantee(io2); 1376 1377 num = r1; 1378 if (r2 < num) 1379 num = r2; 1380 if (num) { 1381 char *dataptr; 1382 1383 if (INT_MAX < num) /* yeah, right */ 1384 num = INT_MAX; 1385 1386 r = BIO_nread(io1, &dataptr, (int)num); 1387 assert(r > 0); 1388 assert(r <= (int)num); 1389 /* 1390 * possibly r < num (non-contiguous data) 1391 */ 1392 num = r; 1393 r = BIO_write(io2, dataptr, (int)num); 1394 if (r != (int)num) { /* can't happen */ 1395 fprintf(stderr, "ERROR: BIO_write could not write " 1396 "BIO_ctrl_get_write_guarantee() bytes"); 1397 goto err; 1398 } 1399 progress = 1; 1400 1401 if (debug) 1402 printf((io1 == client_io) ? 1403 "C->S relaying: %d bytes\n" : 1404 "S->C relaying: %d bytes\n", (int)num); 1405 } 1406 } 1407 while (r1 && r2); 1408 1409 /* io2 to io1 */ 1410 { 1411 size_t num; 1412 int r; 1413 1414 r1 = BIO_ctrl_pending(io2); 1415 r2 = BIO_ctrl_get_read_request(io1); 1416 /* 1417 * here we could use ..._get_write_guarantee instead of 1418 * ..._get_read_request, but by using the latter we test 1419 * restartability of the SSL implementation more thoroughly 1420 */ 1421 num = r1; 1422 if (r2 < num) 1423 num = r2; 1424 if (num) { 1425 char *dataptr; 1426 1427 if (INT_MAX < num) 1428 num = INT_MAX; 1429 1430 if (num > 1) 1431 --num; /* test restartability even more thoroughly */ 1432 1433 r = BIO_nwrite0(io1, &dataptr); 1434 assert(r > 0); 1435 if (r < (int)num) 1436 num = r; 1437 r = BIO_read(io2, dataptr, (int)num); 1438 if (r != (int)num) { /* can't happen */ 1439 fprintf(stderr, "ERROR: BIO_read could not read " 1440 "BIO_ctrl_pending() bytes"); 1441 goto err; 1442 } 1443 progress = 1; 1444 r = BIO_nwrite(io1, &dataptr, (int)num); 1445 if (r != (int)num) { /* can't happen */ 1446 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1447 "BIO_nwrite0() bytes"); 1448 goto err; 1449 } 1450 1451 if (debug) 1452 printf((io2 == client_io) ? 1453 "C->S relaying: %d bytes\n" : 1454 "S->C relaying: %d bytes\n", (int)num); 1455 } 1456 } /* no loop, BIO_ctrl_get_read_request now 1457 * returns 0 anyway */ 1458 1459 if (!progress && !prev_progress) 1460 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1461 fprintf(stderr, "ERROR: got stuck\n"); 1462 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) { 1463 fprintf(stderr, "This can happen for SSL2 because " 1464 "CLIENT-FINISHED and SERVER-VERIFY are written \n" 1465 "concurrently ..."); 1466 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 1467 && strncmp("2SSV", SSL_state_string(s_ssl), 1468 4) == 0) { 1469 fprintf(stderr, " ok.\n"); 1470 goto end; 1471 } 1472 } 1473 fprintf(stderr, " ERROR.\n"); 1474 goto err; 1475 } 1476 prev_progress = progress; 1477 } 1478 } 1479 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1480 1481 if (verbose) 1482 print_details(c_ssl, "DONE via BIO pair: "); 1483 end: 1484 ret = 0; 1485 1486 err: 1487 ERR_print_errors(bio_err); 1488 1489 if (server) 1490 BIO_free(server); 1491 if (server_io) 1492 BIO_free(server_io); 1493 if (client) 1494 BIO_free(client); 1495 if (client_io) 1496 BIO_free(client_io); 1497 if (s_ssl_bio) 1498 BIO_free(s_ssl_bio); 1499 if (c_ssl_bio) 1500 BIO_free(c_ssl_bio); 1501 1502 return ret; 1503} 1504 1505#define W_READ 1 1506#define W_WRITE 2 1507#define C_DONE 1 1508#define S_DONE 2 1509 1510int doit(SSL *s_ssl, SSL *c_ssl, long count) 1511{ 1512 MS_STATIC char cbuf[1024 * 8], sbuf[1024 * 8]; 1513 long cw_num = count, cr_num = count; 1514 long sw_num = count, sr_num = count; 1515 int ret = 1; 1516 BIO *c_to_s = NULL; 1517 BIO *s_to_c = NULL; 1518 BIO *c_bio = NULL; 1519 BIO *s_bio = NULL; 1520 int c_r, c_w, s_r, s_w; 1521 int i, j; 1522 int done = 0; 1523 int c_write, s_write; 1524 int do_server = 0, do_client = 0; 1525 1526 memset(cbuf, 0, sizeof(cbuf)); 1527 memset(sbuf, 0, sizeof(sbuf)); 1528 1529 c_to_s = BIO_new(BIO_s_mem()); 1530 s_to_c = BIO_new(BIO_s_mem()); 1531 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1532 ERR_print_errors(bio_err); 1533 goto err; 1534 } 1535 1536 c_bio = BIO_new(BIO_f_ssl()); 1537 s_bio = BIO_new(BIO_f_ssl()); 1538 if ((c_bio == NULL) || (s_bio == NULL)) { 1539 ERR_print_errors(bio_err); 1540 goto err; 1541 } 1542 1543 SSL_set_connect_state(c_ssl); 1544 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1545 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1546 1547 SSL_set_accept_state(s_ssl); 1548 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1549 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1550 1551 c_r = 0; 1552 s_r = 1; 1553 c_w = 1; 1554 s_w = 0; 1555 c_write = 1, s_write = 0; 1556 1557 /* We can always do writes */ 1558 for (;;) { 1559 do_server = 0; 1560 do_client = 0; 1561 1562 i = (int)BIO_pending(s_bio); 1563 if ((i && s_r) || s_w) 1564 do_server = 1; 1565 1566 i = (int)BIO_pending(c_bio); 1567 if ((i && c_r) || c_w) 1568 do_client = 1; 1569 1570 if (do_server && debug) { 1571 if (SSL_in_init(s_ssl)) 1572 printf("server waiting in SSL_accept - %s\n", 1573 SSL_state_string_long(s_ssl)); 1574/*- 1575 else if (s_write) 1576 printf("server:SSL_write()\n"); 1577 else 1578 printf("server:SSL_read()\n"); */ 1579 } 1580 1581 if (do_client && debug) { 1582 if (SSL_in_init(c_ssl)) 1583 printf("client waiting in SSL_connect - %s\n", 1584 SSL_state_string_long(c_ssl)); 1585/*- 1586 else if (c_write) 1587 printf("client:SSL_write()\n"); 1588 else 1589 printf("client:SSL_read()\n"); */ 1590 } 1591 1592 if (!do_client && !do_server) { 1593 fprintf(stdout, "ERROR IN STARTUP\n"); 1594 ERR_print_errors(bio_err); 1595 goto err; 1596 } 1597 if (do_client && !(done & C_DONE)) { 1598 if (c_write) { 1599 j = (cw_num > (long)sizeof(cbuf)) ? 1600 (int)sizeof(cbuf) : (int)cw_num; 1601 i = BIO_write(c_bio, cbuf, j); 1602 if (i < 0) { 1603 c_r = 0; 1604 c_w = 0; 1605 if (BIO_should_retry(c_bio)) { 1606 if (BIO_should_read(c_bio)) 1607 c_r = 1; 1608 if (BIO_should_write(c_bio)) 1609 c_w = 1; 1610 } else { 1611 fprintf(stderr, "ERROR in CLIENT\n"); 1612 ERR_print_errors(bio_err); 1613 goto err; 1614 } 1615 } else if (i == 0) { 1616 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1617 goto err; 1618 } else { 1619 if (debug) 1620 printf("client wrote %d\n", i); 1621 /* ok */ 1622 s_r = 1; 1623 c_write = 0; 1624 cw_num -= i; 1625 } 1626 } else { 1627 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1628 if (i < 0) { 1629 c_r = 0; 1630 c_w = 0; 1631 if (BIO_should_retry(c_bio)) { 1632 if (BIO_should_read(c_bio)) 1633 c_r = 1; 1634 if (BIO_should_write(c_bio)) 1635 c_w = 1; 1636 } else { 1637 fprintf(stderr, "ERROR in CLIENT\n"); 1638 ERR_print_errors(bio_err); 1639 goto err; 1640 } 1641 } else if (i == 0) { 1642 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1643 goto err; 1644 } else { 1645 if (debug) 1646 printf("client read %d\n", i); 1647 cr_num -= i; 1648 if (sw_num > 0) { 1649 s_write = 1; 1650 s_w = 1; 1651 } 1652 if (cr_num <= 0) { 1653 s_write = 1; 1654 s_w = 1; 1655 done = S_DONE | C_DONE; 1656 } 1657 } 1658 } 1659 } 1660 1661 if (do_server && !(done & S_DONE)) { 1662 if (!s_write) { 1663 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1664 if (i < 0) { 1665 s_r = 0; 1666 s_w = 0; 1667 if (BIO_should_retry(s_bio)) { 1668 if (BIO_should_read(s_bio)) 1669 s_r = 1; 1670 if (BIO_should_write(s_bio)) 1671 s_w = 1; 1672 } else { 1673 fprintf(stderr, "ERROR in SERVER\n"); 1674 ERR_print_errors(bio_err); 1675 goto err; 1676 } 1677 } else if (i == 0) { 1678 ERR_print_errors(bio_err); 1679 fprintf(stderr, 1680 "SSL SERVER STARTUP FAILED in SSL_read\n"); 1681 goto err; 1682 } else { 1683 if (debug) 1684 printf("server read %d\n", i); 1685 sr_num -= i; 1686 if (cw_num > 0) { 1687 c_write = 1; 1688 c_w = 1; 1689 } 1690 if (sr_num <= 0) { 1691 s_write = 1; 1692 s_w = 1; 1693 c_write = 0; 1694 } 1695 } 1696 } else { 1697 j = (sw_num > (long)sizeof(sbuf)) ? 1698 (int)sizeof(sbuf) : (int)sw_num; 1699 i = BIO_write(s_bio, sbuf, j); 1700 if (i < 0) { 1701 s_r = 0; 1702 s_w = 0; 1703 if (BIO_should_retry(s_bio)) { 1704 if (BIO_should_read(s_bio)) 1705 s_r = 1; 1706 if (BIO_should_write(s_bio)) 1707 s_w = 1; 1708 } else { 1709 fprintf(stderr, "ERROR in SERVER\n"); 1710 ERR_print_errors(bio_err); 1711 goto err; 1712 } 1713 } else if (i == 0) { 1714 ERR_print_errors(bio_err); 1715 fprintf(stderr, 1716 "SSL SERVER STARTUP FAILED in SSL_write\n"); 1717 goto err; 1718 } else { 1719 if (debug) 1720 printf("server wrote %d\n", i); 1721 sw_num -= i; 1722 s_write = 0; 1723 c_r = 1; 1724 if (sw_num <= 0) 1725 done |= S_DONE; 1726 } 1727 } 1728 } 1729 1730 if ((done & S_DONE) && (done & C_DONE)) 1731 break; 1732 } 1733 1734 if (verbose) 1735 print_details(c_ssl, "DONE: "); 1736 ret = 0; 1737 err: 1738 /* 1739 * We have to set the BIO's to NULL otherwise they will be 1740 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again 1741 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and 1742 * c_ssl are sharing the same BIO structure and SSL_set_bio() and 1743 * SSL_free() automatically BIO_free non NULL entries. You should not 1744 * normally do this or be required to do this 1745 */ 1746 if (s_ssl != NULL) { 1747 s_ssl->rbio = NULL; 1748 s_ssl->wbio = NULL; 1749 } 1750 if (c_ssl != NULL) { 1751 c_ssl->rbio = NULL; 1752 c_ssl->wbio = NULL; 1753 } 1754 1755 if (c_to_s != NULL) 1756 BIO_free(c_to_s); 1757 if (s_to_c != NULL) 1758 BIO_free(s_to_c); 1759 if (c_bio != NULL) 1760 BIO_free_all(c_bio); 1761 if (s_bio != NULL) 1762 BIO_free_all(s_bio); 1763 return (ret); 1764} 1765 1766static int get_proxy_auth_ex_data_idx(void) 1767{ 1768 static volatile int idx = -1; 1769 if (idx < 0) { 1770 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1771 if (idx < 0) { 1772 idx = X509_STORE_CTX_get_ex_new_index(0, 1773 "SSLtest for verify callback", 1774 NULL, NULL, NULL); 1775 } 1776 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1777 } 1778 return idx; 1779} 1780 1781static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) 1782{ 1783 char *s, buf[256]; 1784 1785 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 1786 sizeof buf); 1787 if (s != NULL) { 1788 if (ok) 1789 fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf); 1790 else { 1791 fprintf(stderr, "depth=%d error=%d %s\n", 1792 ctx->error_depth, ctx->error, buf); 1793 } 1794 } 1795 1796 if (ok == 0) { 1797 fprintf(stderr, "Error string: %s\n", 1798 X509_verify_cert_error_string(ctx->error)); 1799 switch (ctx->error) { 1800 case X509_V_ERR_CERT_NOT_YET_VALID: 1801 case X509_V_ERR_CERT_HAS_EXPIRED: 1802 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1803 fprintf(stderr, " ... ignored.\n"); 1804 ok = 1; 1805 } 1806 } 1807 1808 if (ok == 1) { 1809 X509 *xs = ctx->current_cert; 1810#if 0 1811 X509 *xi = ctx->current_issuer; 1812#endif 1813 1814 if (xs->ex_flags & EXFLAG_PROXY) { 1815 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx, 1816 get_proxy_auth_ex_data_idx 1817 ()); 1818 1819 if (letters) { 1820 int found_any = 0; 1821 int i; 1822 PROXY_CERT_INFO_EXTENSION *pci = 1823 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1824 NULL, NULL); 1825 1826 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1827 case NID_Independent: 1828 /* 1829 * Completely meaningless in this program, as there's no 1830 * way to grant explicit rights to a specific PrC. 1831 * Basically, using id-ppl-Independent is the perfect way 1832 * to grant no rights at all. 1833 */ 1834 fprintf(stderr, " Independent proxy certificate"); 1835 for (i = 0; i < 26; i++) 1836 letters[i] = 0; 1837 break; 1838 case NID_id_ppl_inheritAll: 1839 /* 1840 * This is basically a NOP, we simply let the current 1841 * rights stand as they are. 1842 */ 1843 fprintf(stderr, " Proxy certificate inherits all"); 1844 break; 1845 default: 1846 s = (char *) 1847 pci->proxyPolicy->policy->data; 1848 i = pci->proxyPolicy->policy->length; 1849 1850 /* 1851 * The algorithm works as follows: it is assumed that 1852 * previous iterations or the initial granted rights has 1853 * already set some elements of `letters'. What we need 1854 * to do is to clear those that weren't granted by the 1855 * current PrC as well. The easiest way to do this is to 1856 * add 1 to all the elements whose letters are given with 1857 * the current policy. That way, all elements that are 1858 * set by the current policy and were already set by 1859 * earlier policies and through the original grant of 1860 * rights will get the value 2 or higher. The last thing 1861 * to do is to sweep through `letters' and keep the 1862 * elements having the value 2 as set, and clear all the 1863 * others. 1864 */ 1865 1866 fprintf(stderr, " Certificate proxy rights = %*.*s", i, 1867 i, s); 1868 while (i-- > 0) { 1869 int c = *s++; 1870 if (isascii(c) && isalpha(c)) { 1871 if (islower(c)) 1872 c = toupper(c); 1873 letters[c - 'A']++; 1874 } 1875 } 1876 for (i = 0; i < 26; i++) 1877 if (letters[i] < 2) 1878 letters[i] = 0; 1879 else 1880 letters[i] = 1; 1881 } 1882 1883 found_any = 0; 1884 fprintf(stderr, ", resulting proxy rights = "); 1885 for (i = 0; i < 26; i++) 1886 if (letters[i]) { 1887 fprintf(stderr, "%c", i + 'A'); 1888 found_any = 1; 1889 } 1890 if (!found_any) 1891 fprintf(stderr, "none"); 1892 fprintf(stderr, "\n"); 1893 1894 PROXY_CERT_INFO_EXTENSION_free(pci); 1895 } 1896 } 1897 } 1898 1899 return (ok); 1900} 1901 1902static void process_proxy_debug(int indent, const char *format, ...) 1903{ 1904 /* That's 80 > */ 1905 static const char indentation[] = 1906 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1907 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; 1908 char my_format[256]; 1909 va_list args; 1910 1911 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s", 1912 indent, indent, indentation, format); 1913 1914 va_start(args, format); 1915 vfprintf(stderr, my_format, args); 1916 va_end(args); 1917} 1918 1919/*- 1920 * Priority levels: 1921 * 0 [!]var, () 1922 * 1 & ^ 1923 * 2 | 1924 */ 1925static int process_proxy_cond_adders(unsigned int letters[26], 1926 const char *cond, const char **cond_end, 1927 int *pos, int indent); 1928static int process_proxy_cond_val(unsigned int letters[26], const char *cond, 1929 const char **cond_end, int *pos, int indent) 1930{ 1931 int c; 1932 int ok = 1; 1933 int negate = 0; 1934 1935 while (isspace((int)*cond)) { 1936 cond++; 1937 (*pos)++; 1938 } 1939 c = *cond; 1940 1941 if (debug) 1942 process_proxy_debug(indent, 1943 "Start process_proxy_cond_val at position %d: %s\n", 1944 *pos, cond); 1945 1946 while (c == '!') { 1947 negate = !negate; 1948 cond++; 1949 (*pos)++; 1950 while (isspace((int)*cond)) { 1951 cond++; 1952 (*pos)++; 1953 } 1954 c = *cond; 1955 } 1956 1957 if (c == '(') { 1958 cond++; 1959 (*pos)++; 1960 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1961 indent + 1); 1962 cond = *cond_end; 1963 if (ok < 0) 1964 goto end; 1965 while (isspace((int)*cond)) { 1966 cond++; 1967 (*pos)++; 1968 } 1969 c = *cond; 1970 if (c != ')') { 1971 fprintf(stderr, 1972 "Weird condition character in position %d: " 1973 "%c\n", *pos, c); 1974 ok = -1; 1975 goto end; 1976 } 1977 cond++; 1978 (*pos)++; 1979 } else if (isascii(c) && isalpha(c)) { 1980 if (islower(c)) 1981 c = toupper(c); 1982 ok = letters[c - 'A']; 1983 cond++; 1984 (*pos)++; 1985 } else { 1986 fprintf(stderr, 1987 "Weird condition character in position %d: " "%c\n", *pos, c); 1988 ok = -1; 1989 goto end; 1990 } 1991 end: 1992 *cond_end = cond; 1993 if (ok >= 0 && negate) 1994 ok = !ok; 1995 1996 if (debug) 1997 process_proxy_debug(indent, 1998 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1999 *pos, cond, ok); 2000 2001 return ok; 2002} 2003 2004static int process_proxy_cond_multipliers(unsigned int letters[26], 2005 const char *cond, 2006 const char **cond_end, int *pos, 2007 int indent) 2008{ 2009 int ok; 2010 char c; 2011 2012 if (debug) 2013 process_proxy_debug(indent, 2014 "Start process_proxy_cond_multipliers at position %d: %s\n", 2015 *pos, cond); 2016 2017 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 2018 cond = *cond_end; 2019 if (ok < 0) 2020 goto end; 2021 2022 while (ok >= 0) { 2023 while (isspace((int)*cond)) { 2024 cond++; 2025 (*pos)++; 2026 } 2027 c = *cond; 2028 2029 switch (c) { 2030 case '&': 2031 case '^': 2032 { 2033 int save_ok = ok; 2034 2035 cond++; 2036 (*pos)++; 2037 ok = process_proxy_cond_val(letters, 2038 cond, cond_end, pos, indent + 1); 2039 cond = *cond_end; 2040 if (ok < 0) 2041 break; 2042 2043 switch (c) { 2044 case '&': 2045 ok &= save_ok; 2046 break; 2047 case '^': 2048 ok ^= save_ok; 2049 break; 2050 default: 2051 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 2052 " STOPPING\n"); 2053 EXIT(1); 2054 } 2055 } 2056 break; 2057 default: 2058 goto end; 2059 } 2060 } 2061 end: 2062 if (debug) 2063 process_proxy_debug(indent, 2064 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n", 2065 *pos, cond, ok); 2066 2067 *cond_end = cond; 2068 return ok; 2069} 2070 2071static int process_proxy_cond_adders(unsigned int letters[26], 2072 const char *cond, const char **cond_end, 2073 int *pos, int indent) 2074{ 2075 int ok; 2076 char c; 2077 2078 if (debug) 2079 process_proxy_debug(indent, 2080 "Start process_proxy_cond_adders at position %d: %s\n", 2081 *pos, cond); 2082 2083 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 2084 indent + 1); 2085 cond = *cond_end; 2086 if (ok < 0) 2087 goto end; 2088 2089 while (ok >= 0) { 2090 while (isspace((int)*cond)) { 2091 cond++; 2092 (*pos)++; 2093 } 2094 c = *cond; 2095 2096 switch (c) { 2097 case '|': 2098 { 2099 int save_ok = ok; 2100 2101 cond++; 2102 (*pos)++; 2103 ok = process_proxy_cond_multipliers(letters, 2104 cond, cond_end, pos, 2105 indent + 1); 2106 cond = *cond_end; 2107 if (ok < 0) 2108 break; 2109 2110 switch (c) { 2111 case '|': 2112 ok |= save_ok; 2113 break; 2114 default: 2115 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 2116 " STOPPING\n"); 2117 EXIT(1); 2118 } 2119 } 2120 break; 2121 default: 2122 goto end; 2123 } 2124 } 2125 end: 2126 if (debug) 2127 process_proxy_debug(indent, 2128 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 2129 *pos, cond, ok); 2130 2131 *cond_end = cond; 2132 return ok; 2133} 2134 2135static int process_proxy_cond(unsigned int letters[26], 2136 const char *cond, const char **cond_end) 2137{ 2138 int pos = 1; 2139 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 2140} 2141 2142static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg) 2143{ 2144 int ok = 1; 2145 struct app_verify_arg *cb_arg = arg; 2146 unsigned int letters[26]; /* only used with proxy_auth */ 2147 2148 if (cb_arg->app_verify) { 2149 char *s = NULL, buf[256]; 2150 2151 fprintf(stderr, "In app_verify_callback, allowing cert. "); 2152 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 2153 fprintf(stderr, 2154 "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 2155 (void *)ctx, (void *)ctx->cert); 2156 if (ctx->cert) 2157 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 2158 if (s != NULL) { 2159 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 2160 } 2161 return (1); 2162 } 2163 if (cb_arg->proxy_auth) { 2164 int found_any = 0, i; 2165 char *sp; 2166 2167 for (i = 0; i < 26; i++) 2168 letters[i] = 0; 2169 for (sp = cb_arg->proxy_auth; *sp; sp++) { 2170 int c = *sp; 2171 if (isascii(c) && isalpha(c)) { 2172 if (islower(c)) 2173 c = toupper(c); 2174 letters[c - 'A'] = 1; 2175 } 2176 } 2177 2178 fprintf(stderr, " Initial proxy rights = "); 2179 for (i = 0; i < 26; i++) 2180 if (letters[i]) { 2181 fprintf(stderr, "%c", i + 'A'); 2182 found_any = 1; 2183 } 2184 if (!found_any) 2185 fprintf(stderr, "none"); 2186 fprintf(stderr, "\n"); 2187 2188 X509_STORE_CTX_set_ex_data(ctx, 2189 get_proxy_auth_ex_data_idx(), letters); 2190 } 2191 if (cb_arg->allow_proxy_certs) { 2192 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 2193 } 2194#ifndef OPENSSL_NO_X509_VERIFY 2195 ok = X509_verify_cert(ctx); 2196#endif 2197 2198 if (cb_arg->proxy_auth) { 2199 if (ok > 0) { 2200 const char *cond_end = NULL; 2201 2202 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end); 2203 2204 if (ok < 0) 2205 EXIT(3); 2206 if (*cond_end) { 2207 fprintf(stderr, 2208 "Stopped processing condition before it's end.\n"); 2209 ok = 0; 2210 } 2211 if (!ok) 2212 fprintf(stderr, 2213 "Proxy rights check with condition '%s' proved invalid\n", 2214 cb_arg->proxy_cond); 2215 else 2216 fprintf(stderr, 2217 "Proxy rights check with condition '%s' proved valid\n", 2218 cb_arg->proxy_cond); 2219 } 2220 } 2221 return (ok); 2222} 2223 2224#ifndef OPENSSL_NO_RSA 2225static RSA *rsa_tmp = NULL; 2226 2227static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2228{ 2229 BIGNUM *bn = NULL; 2230 if (rsa_tmp == NULL) { 2231 bn = BN_new(); 2232 rsa_tmp = RSA_new(); 2233 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { 2234 BIO_printf(bio_err, "Memory error..."); 2235 goto end; 2236 } 2237 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); 2238 (void)BIO_flush(bio_err); 2239 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 2240 BIO_printf(bio_err, "Error generating key."); 2241 RSA_free(rsa_tmp); 2242 rsa_tmp = NULL; 2243 } 2244 end: 2245 BIO_printf(bio_err, "\n"); 2246 (void)BIO_flush(bio_err); 2247 } 2248 if (bn) 2249 BN_free(bn); 2250 return (rsa_tmp); 2251} 2252 2253static void free_tmp_rsa(void) 2254{ 2255 if (rsa_tmp != NULL) { 2256 RSA_free(rsa_tmp); 2257 rsa_tmp = NULL; 2258 } 2259} 2260#endif 2261 2262#ifndef OPENSSL_NO_DH 2263/*- 2264 * These DH parameters have been generated as follows: 2265 * $ openssl dhparam -C -noout 512 2266 * $ openssl dhparam -C -noout 1024 2267 * $ openssl dhparam -C -noout -dsaparam 1024 2268 * (The third function has been renamed to avoid name conflicts.) 2269 */ 2270static DH *get_dh512() 2271{ 2272 static unsigned char dh512_p[] = { 2273 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 2274 0xC6, 2275 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 2276 0xB0, 2277 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 2278 0x5F, 2279 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 2280 0xB8, 2281 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 2282 0x33, 2283 0x02, 0xC5, 0xAE, 0x23, 2284 }; 2285 static unsigned char dh512_g[] = { 2286 0x02, 2287 }; 2288 DH *dh; 2289 2290 if ((dh = DH_new()) == NULL) 2291 return (NULL); 2292 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 2293 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 2294 if ((dh->p == NULL) || (dh->g == NULL)) { 2295 DH_free(dh); 2296 return (NULL); 2297 } 2298 return (dh); 2299} 2300 2301static DH *get_dh1024() 2302{ 2303 static unsigned char dh1024_p[] = { 2304 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 2305 0x3A, 2306 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 2307 0xA2, 2308 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 2309 0xB0, 2310 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 2311 0xC2, 2312 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 2313 0x8C, 2314 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 2315 0xB8, 2316 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 2317 0x52, 2318 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 2319 0xC1, 2320 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 2321 0xB1, 2322 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 2323 0xAB, 2324 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 2325 }; 2326 static unsigned char dh1024_g[] = { 2327 0x02, 2328 }; 2329 DH *dh; 2330 2331 if ((dh = DH_new()) == NULL) 2332 return (NULL); 2333 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2334 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2335 if ((dh->p == NULL) || (dh->g == NULL)) { 2336 DH_free(dh); 2337 return (NULL); 2338 } 2339 return (dh); 2340} 2341 2342static DH *get_dh1024dsa() 2343{ 2344 static unsigned char dh1024_p[] = { 2345 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 2346 0x00, 2347 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 2348 0x19, 2349 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 2350 0xD2, 2351 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 2352 0x55, 2353 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 2354 0xFC, 2355 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 2356 0x97, 2357 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 2358 0x8D, 2359 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 2360 0xBB, 2361 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 2362 0xF6, 2363 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 2364 0x9E, 2365 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 2366 }; 2367 static unsigned char dh1024_g[] = { 2368 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 2369 0x05, 2370 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 2371 0xF3, 2372 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 2373 0xE9, 2374 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 2375 0x3C, 2376 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 2377 0x65, 2378 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 2379 0x60, 2380 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 2381 0xF6, 2382 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 2383 0xA7, 2384 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 2385 0xA1, 2386 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 2387 0x60, 2388 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 2389 }; 2390 DH *dh; 2391 2392 if ((dh = DH_new()) == NULL) 2393 return (NULL); 2394 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2395 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2396 if ((dh->p == NULL) || (dh->g == NULL)) { 2397 DH_free(dh); 2398 return (NULL); 2399 } 2400 dh->length = 160; 2401 return (dh); 2402} 2403#endif 2404 2405#ifndef OPENSSL_NO_PSK 2406/* convert the PSK key (psk_key) in ascii to binary (psk) */ 2407static int psk_key2bn(const char *pskkey, unsigned char *psk, 2408 unsigned int max_psk_len) 2409{ 2410 int ret; 2411 BIGNUM *bn = NULL; 2412 2413 ret = BN_hex2bn(&bn, pskkey); 2414 if (!ret) { 2415 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", 2416 pskkey); 2417 if (bn) 2418 BN_free(bn); 2419 return 0; 2420 } 2421 if (BN_num_bytes(bn) > (int)max_psk_len) { 2422 BIO_printf(bio_err, 2423 "psk buffer of callback is too small (%d) for key (%d)\n", 2424 max_psk_len, BN_num_bytes(bn)); 2425 BN_free(bn); 2426 return 0; 2427 } 2428 ret = BN_bn2bin(bn, psk); 2429 BN_free(bn); 2430 return ret; 2431} 2432 2433static unsigned int psk_client_callback(SSL *ssl, const char *hint, 2434 char *identity, 2435 unsigned int max_identity_len, 2436 unsigned char *psk, 2437 unsigned int max_psk_len) 2438{ 2439 int ret; 2440 unsigned int psk_len = 0; 2441 2442 ret = BIO_snprintf(identity, max_identity_len, "Client_identity"); 2443 if (ret < 0) 2444 goto out_err; 2445 if (debug) 2446 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, 2447 ret); 2448 ret = psk_key2bn(psk_key, psk, max_psk_len); 2449 if (ret < 0) 2450 goto out_err; 2451 psk_len = ret; 2452 out_err: 2453 return psk_len; 2454} 2455 2456static unsigned int psk_server_callback(SSL *ssl, const char *identity, 2457 unsigned char *psk, 2458 unsigned int max_psk_len) 2459{ 2460 unsigned int psk_len = 0; 2461 2462 if (strcmp(identity, "Client_identity") != 0) { 2463 BIO_printf(bio_err, "server: PSK error: client identity not found\n"); 2464 return 0; 2465 } 2466 psk_len = psk_key2bn(psk_key, psk, max_psk_len); 2467 return psk_len; 2468} 2469#endif 2470 2471static int do_test_cipherlist(void) 2472{ 2473 int i = 0; 2474 const SSL_METHOD *meth; 2475 const SSL_CIPHER *ci, *tci = NULL; 2476 2477#ifndef OPENSSL_NO_SSL2 2478 fprintf(stderr, "testing SSLv2 cipher list order: "); 2479 meth = SSLv2_method(); 2480 while ((ci = meth->get_cipher(i++)) != NULL) { 2481 if (tci != NULL) 2482 if (ci->id >= tci->id) { 2483 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 2484 return 0; 2485 } 2486 tci = ci; 2487 } 2488 fprintf(stderr, "ok\n"); 2489#endif 2490#ifndef OPENSSL_NO_SSL3 2491 fprintf(stderr, "testing SSLv3 cipher list order: "); 2492 meth = SSLv3_method(); 2493 tci = NULL; 2494 while ((ci = meth->get_cipher(i++)) != NULL) { 2495 if (tci != NULL) 2496 if (ci->id >= tci->id) { 2497 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 2498 return 0; 2499 } 2500 tci = ci; 2501 } 2502 fprintf(stderr, "ok\n"); 2503#endif 2504#ifndef OPENSSL_NO_TLS1 2505 fprintf(stderr, "testing TLSv1 cipher list order: "); 2506 meth = TLSv1_method(); 2507 tci = NULL; 2508 while ((ci = meth->get_cipher(i++)) != NULL) { 2509 if (tci != NULL) 2510 if (ci->id >= tci->id) { 2511 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 2512 return 0; 2513 } 2514 tci = ci; 2515 } 2516 fprintf(stderr, "ok\n"); 2517#endif 2518 2519 return 1; 2520} 2521