ssltest.c revision 296341
1/* ssl/ssltest.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116/* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */ 144#define _BSD_SOURCE 1 145 146#include <assert.h> 147#include <errno.h> 148#include <limits.h> 149#include <stdio.h> 150#include <stdlib.h> 151#include <string.h> 152#include <time.h> 153 154#define USE_SOCKETS 155#include "e_os.h" 156 157#ifdef OPENSSL_SYS_VMS 158/* 159 * Or isascii won't be declared properly on VMS (at least with DECompHP C). 160 */ 161# define _XOPEN_SOURCE 500 162#endif 163 164#include <ctype.h> 165 166#include <openssl/bio.h> 167#include <openssl/crypto.h> 168#include <openssl/evp.h> 169#include <openssl/x509.h> 170#include <openssl/x509v3.h> 171#include <openssl/ssl.h> 172#ifndef OPENSSL_NO_ENGINE 173# include <openssl/engine.h> 174#endif 175#include <openssl/err.h> 176#include <openssl/rand.h> 177#ifndef OPENSSL_NO_RSA 178# include <openssl/rsa.h> 179#endif 180#ifndef OPENSSL_NO_DSA 181# include <openssl/dsa.h> 182#endif 183#ifndef OPENSSL_NO_DH 184# include <openssl/dh.h> 185#endif 186#ifndef OPENSSL_NO_SRP 187# include <openssl/srp.h> 188#endif 189#include <openssl/bn.h> 190 191/* 192 * Or gethostname won't be declared properly 193 * on Compaq platforms (at least with DEC C). 194 * Do not try to put it earlier, or IPv6 includes 195 * get screwed... 196 */ 197#define _XOPEN_SOURCE_EXTENDED 1 198 199#ifdef OPENSSL_SYS_WINDOWS 200# include <winsock.h> 201#else 202# include OPENSSL_UNISTD 203#endif 204 205#ifdef OPENSSL_SYS_VMS 206# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" 207# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" 208#elif defined(OPENSSL_SYS_WINCE) 209# define TEST_SERVER_CERT "\\OpenSSL\\server.pem" 210# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem" 211#elif defined(OPENSSL_SYS_NETWARE) 212# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem" 213# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem" 214#else 215# define TEST_SERVER_CERT "../apps/server.pem" 216# define TEST_CLIENT_CERT "../apps/client.pem" 217#endif 218 219/* 220 * There is really no standard for this, so let's assign some tentative 221 * numbers. In any case, these numbers are only for this test 222 */ 223#define COMP_RLE 255 224#define COMP_ZLIB 1 225 226static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); 227#ifndef OPENSSL_NO_RSA 228static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 229static void free_tmp_rsa(void); 230#endif 231static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg); 232#define APP_CALLBACK_STRING "Test Callback Argument" 233struct app_verify_arg { 234 char *string; 235 int app_verify; 236 int allow_proxy_certs; 237 char *proxy_auth; 238 char *proxy_cond; 239}; 240 241#ifndef OPENSSL_NO_DH 242static DH *get_dh512(void); 243static DH *get_dh1024(void); 244static DH *get_dh1024dsa(void); 245#endif 246 247static char *psk_key = NULL; /* by default PSK is not used */ 248#ifndef OPENSSL_NO_PSK 249static unsigned int psk_client_callback(SSL *ssl, const char *hint, 250 char *identity, 251 unsigned int max_identity_len, 252 unsigned char *psk, 253 unsigned int max_psk_len); 254static unsigned int psk_server_callback(SSL *ssl, const char *identity, 255 unsigned char *psk, 256 unsigned int max_psk_len); 257#endif 258 259#ifndef OPENSSL_NO_SRP 260/* SRP client */ 261/* This is a context that we pass to all callbacks */ 262typedef struct srp_client_arg_st { 263 char *srppassin; 264 char *srplogin; 265} SRP_CLIENT_ARG; 266 267# define PWD_STRLEN 1024 268 269static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 270{ 271 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg; 272 return BUF_strdup((char *)srp_client_arg->srppassin); 273} 274 275/* SRP server */ 276/* This is a context that we pass to SRP server callbacks */ 277typedef struct srp_server_arg_st { 278 char *expected_user; 279 char *pass; 280} SRP_SERVER_ARG; 281 282static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 283{ 284 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg; 285 286 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) { 287 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s)); 288 return SSL3_AL_FATAL; 289 } 290 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) { 291 *ad = SSL_AD_INTERNAL_ERROR; 292 return SSL3_AL_FATAL; 293 } 294 return SSL_ERROR_NONE; 295} 296#endif 297 298static BIO *bio_err = NULL; 299static BIO *bio_stdout = NULL; 300 301static char *cipher = NULL; 302static int verbose = 0; 303static int debug = 0; 304#if 0 305/* Not used yet. */ 306# ifdef FIONBIO 307static int s_nbio = 0; 308# endif 309#endif 310 311static const char rnd_seed[] = 312 "string to make the random number generator think it has entropy"; 313 314int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 315 clock_t *c_time); 316int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 317static int do_test_cipherlist(void); 318static void sv_usage(void) 319{ 320 fprintf(stderr, "usage: ssltest [args ...]\n"); 321 fprintf(stderr, "\n"); 322#ifdef OPENSSL_FIPS 323 fprintf(stderr, "-F - run test in FIPS mode\n"); 324#endif 325 fprintf(stderr, " -server_auth - check server certificate\n"); 326 fprintf(stderr, " -client_auth - do client authentication\n"); 327 fprintf(stderr, " -proxy - allow proxy certificates\n"); 328 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 329 fprintf(stderr, 330 " -proxy_cond <val> - experssion to test proxy policy rights\n"); 331 fprintf(stderr, " -v - more output\n"); 332 fprintf(stderr, " -d - debug output\n"); 333 fprintf(stderr, " -reuse - use session-id reuse\n"); 334 fprintf(stderr, " -num <val> - number of connections to perform\n"); 335 fprintf(stderr, 336 " -bytes <val> - number of bytes to swap between client/server\n"); 337#ifndef OPENSSL_NO_DH 338 fprintf(stderr, 339 " -dhe512 - use 512 bit key for DHE (to test failure)\n"); 340 fprintf(stderr, 341 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n"); 342 fprintf(stderr, 343 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 344 fprintf(stderr, " -no_dhe - disable DHE\n"); 345#endif 346#ifndef OPENSSL_NO_ECDH 347 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 348#endif 349#ifndef OPENSSL_NO_PSK 350 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n"); 351#endif 352#ifndef OPENSSL_NO_SRP 353 fprintf(stderr, " -srpuser user - SRP username to use\n"); 354 fprintf(stderr, " -srppass arg - password for 'user'\n"); 355#endif 356#ifndef OPENSSL_NO_SSL2 357 fprintf(stderr, " -ssl2 - use SSLv2\n"); 358#endif 359#ifndef OPENSSL_NO_SSL3_METHOD 360 fprintf(stderr, " -ssl3 - use SSLv3\n"); 361#endif 362#ifndef OPENSSL_NO_TLS1 363 fprintf(stderr, " -tls1 - use TLSv1\n"); 364#endif 365 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 366 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 367 fprintf(stderr, " -cert arg - Server certificate file\n"); 368 fprintf(stderr, 369 " -key arg - Server key file (default: same as -cert)\n"); 370 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 371 fprintf(stderr, 372 " -c_key arg - Client key file (default: same as -c_cert)\n"); 373 fprintf(stderr, " -cipher arg - The cipher list\n"); 374 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 375 fprintf(stderr, " -f - Test even cases that can't work\n"); 376 fprintf(stderr, 377 " -time - measure processor time used by client and server\n"); 378 fprintf(stderr, " -zlib - use zlib compression\n"); 379 fprintf(stderr, " -rle - use rle compression\n"); 380#ifndef OPENSSL_NO_ECDH 381 fprintf(stderr, 382 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" 383 " Use \"openssl ecparam -list_curves\" for all names\n" 384 " (default is sect163r2).\n"); 385#endif 386 fprintf(stderr, 387 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n" 388 " When this option is requested, the cipherlist\n" 389 " tests are run instead of handshake tests.\n"); 390} 391 392static void print_details(SSL *c_ssl, const char *prefix) 393{ 394 const SSL_CIPHER *ciph; 395 X509 *cert; 396 397 ciph = SSL_get_current_cipher(c_ssl); 398 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 399 prefix, 400 SSL_get_version(c_ssl), 401 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph)); 402 cert = SSL_get_peer_certificate(c_ssl); 403 if (cert != NULL) { 404 EVP_PKEY *pkey = X509_get_pubkey(cert); 405 if (pkey != NULL) { 406 if (0) ; 407#ifndef OPENSSL_NO_RSA 408 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL 409 && pkey->pkey.rsa->n != NULL) { 410 BIO_printf(bio_stdout, ", %d bit RSA", 411 BN_num_bits(pkey->pkey.rsa->n)); 412 } 413#endif 414#ifndef OPENSSL_NO_DSA 415 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL 416 && pkey->pkey.dsa->p != NULL) { 417 BIO_printf(bio_stdout, ", %d bit DSA", 418 BN_num_bits(pkey->pkey.dsa->p)); 419 } 420#endif 421 EVP_PKEY_free(pkey); 422 } 423 X509_free(cert); 424 } 425 /* 426 * The SSL API does not allow us to look at temporary RSA/DH keys, 427 * otherwise we should print their lengths too 428 */ 429 BIO_printf(bio_stdout, "\n"); 430} 431 432static void lock_dbg_cb(int mode, int type, const char *file, int line) 433{ 434 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ 435 const char *errstr = NULL; 436 int rw; 437 438 rw = mode & (CRYPTO_READ | CRYPTO_WRITE); 439 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) { 440 errstr = "invalid mode"; 441 goto err; 442 } 443 444 if (type < 0 || type >= CRYPTO_NUM_LOCKS) { 445 errstr = "type out of bounds"; 446 goto err; 447 } 448 449 if (mode & CRYPTO_LOCK) { 450 if (modes[type]) { 451 errstr = "already locked"; 452 /* 453 * must not happen in a single-threaded program (would deadlock) 454 */ 455 goto err; 456 } 457 458 modes[type] = rw; 459 } else if (mode & CRYPTO_UNLOCK) { 460 if (!modes[type]) { 461 errstr = "not locked"; 462 goto err; 463 } 464 465 if (modes[type] != rw) { 466 errstr = (rw == CRYPTO_READ) ? 467 "CRYPTO_r_unlock on write lock" : 468 "CRYPTO_w_unlock on read lock"; 469 } 470 471 modes[type] = 0; 472 } else { 473 errstr = "invalid mode"; 474 goto err; 475 } 476 477 err: 478 if (errstr) { 479 /* we cannot use bio_err here */ 480 fprintf(stderr, 481 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n", 482 errstr, mode, type, file, line); 483 } 484} 485 486#ifdef TLSEXT_TYPE_opaque_prf_input 487struct cb_info_st { 488 void *input; 489 size_t len; 490 int ret; 491}; 492struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */ 493struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */ 494struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */ 495struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */ 496 497int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_) 498{ 499 struct cb_info_st *arg = arg_; 500 501 if (arg == NULL) 502 return 1; 503 504 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len)) 505 return 0; 506 return arg->ret; 507} 508#endif 509 510int main(int argc, char *argv[]) 511{ 512 char *CApath = NULL, *CAfile = NULL; 513 int badop = 0; 514 int bio_pair = 0; 515 int force = 0; 516 int tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1; 517 int client_auth = 0; 518 int server_auth = 0, i; 519 struct app_verify_arg app_verify_arg = 520 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 521 char *server_cert = TEST_SERVER_CERT; 522 char *server_key = NULL; 523 char *client_cert = TEST_CLIENT_CERT; 524 char *client_key = NULL; 525#ifndef OPENSSL_NO_ECDH 526 char *named_curve = NULL; 527#endif 528 SSL_CTX *s_ctx = NULL; 529 SSL_CTX *c_ctx = NULL; 530 const SSL_METHOD *meth = NULL; 531 SSL *c_ssl, *s_ssl; 532 int number = 1, reuse = 0; 533 long bytes = 256L; 534#ifndef OPENSSL_NO_DH 535 DH *dh; 536 int dhe512 = 0, dhe1024dsa = 0; 537#endif 538#ifndef OPENSSL_NO_ECDH 539 EC_KEY *ecdh = NULL; 540#endif 541#ifndef OPENSSL_NO_SRP 542 /* client */ 543 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL }; 544 /* server */ 545 SRP_SERVER_ARG srp_server_arg = { NULL, NULL }; 546#endif 547 int no_dhe = 0; 548 int no_ecdhe = 0; 549 int no_psk = 0; 550 int print_time = 0; 551 clock_t s_time = 0, c_time = 0; 552 int comp = 0; 553#ifndef OPENSSL_NO_COMP 554 COMP_METHOD *cm = NULL; 555 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; 556#endif 557 int test_cipherlist = 0; 558#ifdef OPENSSL_FIPS 559 int fips_mode = 0; 560#endif 561 int no_protocol = 0; 562 563 verbose = 0; 564 debug = 0; 565 cipher = 0; 566 567 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); 568 569 CRYPTO_set_locking_callback(lock_dbg_cb); 570 571 /* enable memory leak checking unless explicitly disabled */ 572 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) 573 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) { 574 CRYPTO_malloc_debug_init(); 575 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); 576 } else { 577 /* OPENSSL_DEBUG_MEMORY=off */ 578 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); 579 } 580 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 581 582 RAND_seed(rnd_seed, sizeof rnd_seed); 583 584 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); 585 586 argc--; 587 argv++; 588 589 while (argc >= 1) { 590 if (!strcmp(*argv, "-F")) { 591#ifdef OPENSSL_FIPS 592 fips_mode = 1; 593#else 594 fprintf(stderr, 595 "not compiled with FIPS support, so exitting without running.\n"); 596 EXIT(0); 597#endif 598 } else if (strcmp(*argv, "-server_auth") == 0) 599 server_auth = 1; 600 else if (strcmp(*argv, "-client_auth") == 0) 601 client_auth = 1; 602 else if (strcmp(*argv, "-proxy_auth") == 0) { 603 if (--argc < 1) 604 goto bad; 605 app_verify_arg.proxy_auth = *(++argv); 606 } else if (strcmp(*argv, "-proxy_cond") == 0) { 607 if (--argc < 1) 608 goto bad; 609 app_verify_arg.proxy_cond = *(++argv); 610 } else if (strcmp(*argv, "-v") == 0) 611 verbose = 1; 612 else if (strcmp(*argv, "-d") == 0) 613 debug = 1; 614 else if (strcmp(*argv, "-reuse") == 0) 615 reuse = 1; 616 else if (strcmp(*argv, "-dhe512") == 0) { 617#ifndef OPENSSL_NO_DH 618 dhe512 = 1; 619#else 620 fprintf(stderr, 621 "ignoring -dhe512, since I'm compiled without DH\n"); 622#endif 623 } else if (strcmp(*argv, "-dhe1024dsa") == 0) { 624#ifndef OPENSSL_NO_DH 625 dhe1024dsa = 1; 626#else 627 fprintf(stderr, 628 "ignoring -dhe1024dsa, since I'm compiled without DH\n"); 629#endif 630 } else if (strcmp(*argv, "-no_dhe") == 0) 631 no_dhe = 1; 632 else if (strcmp(*argv, "-no_ecdhe") == 0) 633 no_ecdhe = 1; 634 else if (strcmp(*argv, "-psk") == 0) { 635 if (--argc < 1) 636 goto bad; 637 psk_key = *(++argv); 638#ifndef OPENSSL_NO_PSK 639 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) { 640 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv); 641 goto bad; 642 } 643#else 644 no_psk = 1; 645#endif 646 } 647#ifndef OPENSSL_NO_SRP 648 else if (strcmp(*argv, "-srpuser") == 0) { 649 if (--argc < 1) 650 goto bad; 651 srp_server_arg.expected_user = srp_client_arg.srplogin = 652 *(++argv); 653 tls1 = 1; 654 } else if (strcmp(*argv, "-srppass") == 0) { 655 if (--argc < 1) 656 goto bad; 657 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv); 658 tls1 = 1; 659 } 660#endif 661 else if (strcmp(*argv, "-ssl2") == 0) { 662#ifdef OPENSSL_NO_SSL2 663 no_protocol = 1; 664#endif 665 ssl2 = 1; 666 } else if (strcmp(*argv, "-tls1") == 0) { 667#ifdef OPENSSL_NO_TLS1 668 no_protocol = 1; 669#endif 670 tls1 = 1; 671 } else if (strcmp(*argv, "-ssl3") == 0) { 672#ifdef OPENSSL_NO_SSL3_METHOD 673 no_protocol = 1; 674#endif 675 ssl3 = 1; 676 } else if (strncmp(*argv, "-num", 4) == 0) { 677 if (--argc < 1) 678 goto bad; 679 number = atoi(*(++argv)); 680 if (number == 0) 681 number = 1; 682 } else if (strcmp(*argv, "-bytes") == 0) { 683 if (--argc < 1) 684 goto bad; 685 bytes = atol(*(++argv)); 686 if (bytes == 0L) 687 bytes = 1L; 688 i = strlen(argv[0]); 689 if (argv[0][i - 1] == 'k') 690 bytes *= 1024L; 691 if (argv[0][i - 1] == 'm') 692 bytes *= 1024L * 1024L; 693 } else if (strcmp(*argv, "-cert") == 0) { 694 if (--argc < 1) 695 goto bad; 696 server_cert = *(++argv); 697 } else if (strcmp(*argv, "-s_cert") == 0) { 698 if (--argc < 1) 699 goto bad; 700 server_cert = *(++argv); 701 } else if (strcmp(*argv, "-key") == 0) { 702 if (--argc < 1) 703 goto bad; 704 server_key = *(++argv); 705 } else if (strcmp(*argv, "-s_key") == 0) { 706 if (--argc < 1) 707 goto bad; 708 server_key = *(++argv); 709 } else if (strcmp(*argv, "-c_cert") == 0) { 710 if (--argc < 1) 711 goto bad; 712 client_cert = *(++argv); 713 } else if (strcmp(*argv, "-c_key") == 0) { 714 if (--argc < 1) 715 goto bad; 716 client_key = *(++argv); 717 } else if (strcmp(*argv, "-cipher") == 0) { 718 if (--argc < 1) 719 goto bad; 720 cipher = *(++argv); 721 } else if (strcmp(*argv, "-CApath") == 0) { 722 if (--argc < 1) 723 goto bad; 724 CApath = *(++argv); 725 } else if (strcmp(*argv, "-CAfile") == 0) { 726 if (--argc < 1) 727 goto bad; 728 CAfile = *(++argv); 729 } else if (strcmp(*argv, "-bio_pair") == 0) { 730 bio_pair = 1; 731 } else if (strcmp(*argv, "-f") == 0) { 732 force = 1; 733 } else if (strcmp(*argv, "-time") == 0) { 734 print_time = 1; 735 } else if (strcmp(*argv, "-zlib") == 0) { 736 comp = COMP_ZLIB; 737 } else if (strcmp(*argv, "-rle") == 0) { 738 comp = COMP_RLE; 739 } else if (strcmp(*argv, "-named_curve") == 0) { 740 if (--argc < 1) 741 goto bad; 742#ifndef OPENSSL_NO_ECDH 743 named_curve = *(++argv); 744#else 745 fprintf(stderr, 746 "ignoring -named_curve, since I'm compiled without ECDH\n"); 747 ++argv; 748#endif 749 } else if (strcmp(*argv, "-app_verify") == 0) { 750 app_verify_arg.app_verify = 1; 751 } else if (strcmp(*argv, "-proxy") == 0) { 752 app_verify_arg.allow_proxy_certs = 1; 753 } else if (strcmp(*argv, "-test_cipherlist") == 0) { 754 test_cipherlist = 1; 755 } else { 756 fprintf(stderr, "unknown option %s\n", *argv); 757 badop = 1; 758 break; 759 } 760 argc--; 761 argv++; 762 } 763 if (badop) { 764 bad: 765 sv_usage(); 766 goto end; 767 } 768 769 /* 770 * test_cipherlist prevails over protocol switch: we test the cipherlist 771 * for all enabled protocols. 772 */ 773 if (test_cipherlist == 1) { 774 /* 775 * ensure that the cipher list are correctly sorted and exit 776 */ 777 fprintf(stdout, "Testing cipherlist order only. Ignoring all " 778 "other options.\n"); 779 if (do_test_cipherlist() == 0) 780 EXIT(1); 781 ret = 0; 782 goto end; 783 } 784 785 if (ssl2 + ssl3 + tls1 > 1) { 786 fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should " 787 "be requested.\n"); 788 EXIT(1); 789 } 790 791 /* 792 * Testing was requested for a compiled-out protocol (e.g. SSLv2). 793 * Ideally, we would error out, but the generic test wrapper can't know 794 * when to expect failure. So we do nothing and return success. 795 */ 796 if (no_protocol) { 797 fprintf(stderr, "Testing was requested for a disabled protocol. " 798 "Skipping tests.\n"); 799 ret = 0; 800 goto end; 801 } 802 803 if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) { 804 fprintf(stderr, "This case cannot work. Use -f to perform " 805 "the test anyway (and\n-d to see what happens), " 806 "or add one of -ssl2, -ssl3, -tls1, -reuse\n" 807 "to avoid protocol mismatch.\n"); 808 EXIT(1); 809 } 810#ifdef OPENSSL_FIPS 811 if (fips_mode) { 812 if (!FIPS_mode_set(1)) { 813 ERR_load_crypto_strings(); 814 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE)); 815 EXIT(1); 816 } else 817 fprintf(stderr, "*** IN FIPS MODE ***\n"); 818 } 819#endif 820 821 if (print_time) { 822 if (!bio_pair) { 823 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 824 bio_pair = 1; 825 } 826 if (number < 50 && !force) 827 fprintf(stderr, 828 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 829 } 830 831/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 832 833 SSL_library_init(); 834 SSL_load_error_strings(); 835 836#ifndef OPENSSL_NO_COMP 837 if (comp == COMP_ZLIB) 838 cm = COMP_zlib(); 839 if (comp == COMP_RLE) 840 cm = COMP_rle(); 841 if (cm != NULL) { 842 if (cm->type != NID_undef) { 843 if (SSL_COMP_add_compression_method(comp, cm) != 0) { 844 fprintf(stderr, "Failed to add compression method\n"); 845 ERR_print_errors_fp(stderr); 846 } 847 } else { 848 fprintf(stderr, 849 "Warning: %s compression not supported\n", 850 (comp == COMP_RLE ? "rle" : 851 (comp == COMP_ZLIB ? "zlib" : "unknown"))); 852 ERR_print_errors_fp(stderr); 853 } 854 } 855 ssl_comp_methods = SSL_COMP_get_compression_methods(); 856 fprintf(stderr, "Available compression methods:\n"); 857 { 858 int j, n = sk_SSL_COMP_num(ssl_comp_methods); 859 if (n == 0) 860 fprintf(stderr, " NONE\n"); 861 else 862 for (j = 0; j < n; j++) { 863 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); 864 fprintf(stderr, " %d: %s\n", c->id, c->name); 865 } 866 } 867#endif 868 869 /* 870 * At this point, ssl2/ssl3/tls1 is only set if the protocol is 871 * available. (Otherwise we exit early.) However the compiler doesn't 872 * know this, so we ifdef. 873 */ 874#ifndef OPENSSL_NO_SSL2 875 if (ssl2) 876 meth = SSLv2_method(); 877 else 878#endif 879#ifndef OPENSSL_NO_SSL3 880 if (ssl3) 881 meth = SSLv3_method(); 882 else 883#endif 884#ifndef OPENSSL_NO_TLS1 885 if (tls1) 886 meth = TLSv1_method(); 887 else 888#endif 889 meth = SSLv23_method(); 890 891 c_ctx = SSL_CTX_new(meth); 892 s_ctx = SSL_CTX_new(meth); 893 if ((c_ctx == NULL) || (s_ctx == NULL)) { 894 ERR_print_errors(bio_err); 895 goto end; 896 } 897 898 if (cipher != NULL) { 899 SSL_CTX_set_cipher_list(c_ctx, cipher); 900 SSL_CTX_set_cipher_list(s_ctx, cipher); 901 } 902#ifndef OPENSSL_NO_DH 903 if (!no_dhe) { 904 if (dhe1024dsa) { 905 /* 906 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks 907 */ 908 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 909 dh = get_dh1024dsa(); 910 } else if (dhe512) 911 dh = get_dh512(); 912 else 913 dh = get_dh1024(); 914 SSL_CTX_set_tmp_dh(s_ctx, dh); 915 DH_free(dh); 916 } 917#else 918 (void)no_dhe; 919#endif 920 921#ifndef OPENSSL_NO_ECDH 922 if (!no_ecdhe) { 923 int nid; 924 925 if (named_curve != NULL) { 926 nid = OBJ_sn2nid(named_curve); 927 if (nid == 0) { 928 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 929 goto end; 930 } 931 } else 932# ifdef OPENSSL_NO_EC2M 933 nid = NID_X9_62_prime256v1; 934# else 935 nid = NID_sect163r2; 936# endif 937 938 ecdh = EC_KEY_new_by_curve_name(nid); 939 if (ecdh == NULL) { 940 BIO_printf(bio_err, "unable to create curve\n"); 941 goto end; 942 } 943 944 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 945 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 946 EC_KEY_free(ecdh); 947 } 948#else 949 (void)no_ecdhe; 950#endif 951 952#ifndef OPENSSL_NO_RSA 953 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); 954#endif 955 956#ifdef TLSEXT_TYPE_opaque_prf_input 957 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb); 958 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb); 959 /* or &co2 or NULL */ 960 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); 961 /* or &so2 or NULL */ 962 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); 963#endif 964 965 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) { 966 ERR_print_errors(bio_err); 967 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 968 (server_key ? server_key : 969 server_cert), 970 SSL_FILETYPE_PEM)) { 971 ERR_print_errors(bio_err); 972 goto end; 973 } 974 975 if (client_auth) { 976 SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM); 977 SSL_CTX_use_PrivateKey_file(c_ctx, 978 (client_key ? client_key : client_cert), 979 SSL_FILETYPE_PEM); 980 } 981 982 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 983 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 984 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 985 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 986 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 987 ERR_print_errors(bio_err); 988 /* goto end; */ 989 } 990 991 if (client_auth) { 992 BIO_printf(bio_err, "client authentication\n"); 993 SSL_CTX_set_verify(s_ctx, 994 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 995 verify_callback); 996 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 997 &app_verify_arg); 998 } 999 if (server_auth) { 1000 BIO_printf(bio_err, "server authentication\n"); 1001 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback); 1002 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 1003 &app_verify_arg); 1004 } 1005 1006 { 1007 int session_id_context = 0; 1008 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, 1009 sizeof session_id_context); 1010 } 1011 1012 /* Use PSK only if PSK key is given */ 1013 if (psk_key != NULL) { 1014 /* 1015 * no_psk is used to avoid putting psk command to openssl tool 1016 */ 1017 if (no_psk) { 1018 /* 1019 * if PSK is not compiled in and psk key is given, do nothing and 1020 * exit successfully 1021 */ 1022 ret = 0; 1023 goto end; 1024 } 1025#ifndef OPENSSL_NO_PSK 1026 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback); 1027 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback); 1028 if (debug) 1029 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n"); 1030 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) { 1031 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n"); 1032 ERR_print_errors(bio_err); 1033 goto end; 1034 } 1035#endif 1036 } 1037#ifndef OPENSSL_NO_SRP 1038 if (srp_client_arg.srplogin) { 1039 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) { 1040 BIO_printf(bio_err, "Unable to set SRP username\n"); 1041 goto end; 1042 } 1043 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg); 1044 SSL_CTX_set_srp_client_pwd_callback(c_ctx, 1045 ssl_give_srp_client_pwd_cb); 1046 /* 1047 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength); 1048 */ 1049 } 1050 1051 if (srp_server_arg.expected_user != NULL) { 1052 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback); 1053 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg); 1054 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb); 1055 } 1056#endif 1057 1058 c_ssl = SSL_new(c_ctx); 1059 s_ssl = SSL_new(s_ctx); 1060 1061#ifndef OPENSSL_NO_KRB5 1062 if (c_ssl && c_ssl->kssl_ctx) { 1063 char localhost[MAXHOSTNAMELEN + 2]; 1064 1065 if (gethostname(localhost, sizeof localhost - 1) == 0) { 1066 localhost[sizeof localhost - 1] = '\0'; 1067 if (strlen(localhost) == sizeof localhost - 1) { 1068 BIO_printf(bio_err, "localhost name too long\n"); 1069 goto end; 1070 } 1071 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost); 1072 } 1073 } 1074#endif /* OPENSSL_NO_KRB5 */ 1075 1076 for (i = 0; i < number; i++) { 1077 if (!reuse) 1078 SSL_set_session(c_ssl, NULL); 1079 if (bio_pair) 1080 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time); 1081 else 1082 ret = doit(s_ssl, c_ssl, bytes); 1083 } 1084 1085 if (!verbose) { 1086 print_details(c_ssl, ""); 1087 } 1088 if ((number > 1) || (bytes > 1L)) 1089 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number, 1090 bytes); 1091 if (print_time) { 1092#ifdef CLOCKS_PER_SEC 1093 /* 1094 * "To determine the time in seconds, the value returned by the clock 1095 * function should be divided by the value of the macro 1096 * CLOCKS_PER_SEC." -- ISO/IEC 9899 1097 */ 1098 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n" 1099 "Approximate total client time: %6.2f s\n", 1100 (double)s_time / CLOCKS_PER_SEC, 1101 (double)c_time / CLOCKS_PER_SEC); 1102#else 1103 /* 1104 * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on 1105 * NeXTstep/OpenStep 1106 */ 1107 BIO_printf(bio_stdout, 1108 "Approximate total server time: %6.2f units\n" 1109 "Approximate total client time: %6.2f units\n", 1110 (double)s_time, (double)c_time); 1111#endif 1112 } 1113 1114 SSL_free(s_ssl); 1115 SSL_free(c_ssl); 1116 1117 end: 1118 if (s_ctx != NULL) 1119 SSL_CTX_free(s_ctx); 1120 if (c_ctx != NULL) 1121 SSL_CTX_free(c_ctx); 1122 1123 if (bio_stdout != NULL) 1124 BIO_free(bio_stdout); 1125 1126#ifndef OPENSSL_NO_RSA 1127 free_tmp_rsa(); 1128#endif 1129#ifndef OPENSSL_NO_ENGINE 1130 ENGINE_cleanup(); 1131#endif 1132 CRYPTO_cleanup_all_ex_data(); 1133 ERR_free_strings(); 1134 ERR_remove_thread_state(NULL); 1135 EVP_cleanup(); 1136 CRYPTO_mem_leaks(bio_err); 1137 if (bio_err != NULL) 1138 BIO_free(bio_err); 1139 EXIT(ret); 1140 return ret; 1141} 1142 1143int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, 1144 clock_t *s_time, clock_t *c_time) 1145{ 1146 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 1147 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 1148 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL; 1149 int ret = 1; 1150 1151 size_t bufsiz = 256; /* small buffer for testing */ 1152 1153 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 1154 goto err; 1155 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 1156 goto err; 1157 1158 s_ssl_bio = BIO_new(BIO_f_ssl()); 1159 if (!s_ssl_bio) 1160 goto err; 1161 1162 c_ssl_bio = BIO_new(BIO_f_ssl()); 1163 if (!c_ssl_bio) 1164 goto err; 1165 1166 SSL_set_connect_state(c_ssl); 1167 SSL_set_bio(c_ssl, client, client); 1168 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 1169 1170 SSL_set_accept_state(s_ssl); 1171 SSL_set_bio(s_ssl, server, server); 1172 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 1173 1174 do { 1175 /*- 1176 * c_ssl_bio: SSL filter BIO 1177 * 1178 * client: pseudo-I/O for SSL library 1179 * 1180 * client_io: client's SSL communication; usually to be 1181 * relayed over some I/O facility, but in this 1182 * test program, we're the server, too: 1183 * 1184 * server_io: server's SSL communication 1185 * 1186 * server: pseudo-I/O for SSL library 1187 * 1188 * s_ssl_bio: SSL filter BIO 1189 * 1190 * The client and the server each employ a "BIO pair": 1191 * client + client_io, server + server_io. 1192 * BIO pairs are symmetric. A BIO pair behaves similar 1193 * to a non-blocking socketpair (but both endpoints must 1194 * be handled by the same thread). 1195 * [Here we could connect client and server to the ends 1196 * of a single BIO pair, but then this code would be less 1197 * suitable as an example for BIO pairs in general.] 1198 * 1199 * Useful functions for querying the state of BIO pair endpoints: 1200 * 1201 * BIO_ctrl_pending(bio) number of bytes we can read now 1202 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 1203 * other side's read attempt 1204 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 1205 * 1206 * ..._read_request is never more than ..._write_guarantee; 1207 * it depends on the application which one you should use. 1208 */ 1209 1210 /* 1211 * We have non-blocking behaviour throughout this test program, but 1212 * can be sure that there is *some* progress in each iteration; so we 1213 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE -- 1214 * we just try everything in each iteration 1215 */ 1216 1217 { 1218 /* CLIENT */ 1219 1220 MS_STATIC char cbuf[1024 * 8]; 1221 int i, r; 1222 clock_t c_clock = clock(); 1223 1224 memset(cbuf, 0, sizeof(cbuf)); 1225 1226 if (debug) 1227 if (SSL_in_init(c_ssl)) 1228 printf("client waiting in SSL_connect - %s\n", 1229 SSL_state_string_long(c_ssl)); 1230 1231 if (cw_num > 0) { 1232 /* Write to server. */ 1233 1234 if (cw_num > (long)sizeof cbuf) 1235 i = sizeof cbuf; 1236 else 1237 i = (int)cw_num; 1238 r = BIO_write(c_ssl_bio, cbuf, i); 1239 if (r < 0) { 1240 if (!BIO_should_retry(c_ssl_bio)) { 1241 fprintf(stderr, "ERROR in CLIENT\n"); 1242 goto err; 1243 } 1244 /* 1245 * BIO_should_retry(...) can just be ignored here. The 1246 * library expects us to call BIO_write with the same 1247 * arguments again, and that's what we will do in the 1248 * next iteration. 1249 */ 1250 } else if (r == 0) { 1251 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1252 goto err; 1253 } else { 1254 if (debug) 1255 printf("client wrote %d\n", r); 1256 cw_num -= r; 1257 } 1258 } 1259 1260 if (cr_num > 0) { 1261 /* Read from server. */ 1262 1263 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 1264 if (r < 0) { 1265 if (!BIO_should_retry(c_ssl_bio)) { 1266 fprintf(stderr, "ERROR in CLIENT\n"); 1267 goto err; 1268 } 1269 /* 1270 * Again, "BIO_should_retry" can be ignored. 1271 */ 1272 } else if (r == 0) { 1273 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1274 goto err; 1275 } else { 1276 if (debug) 1277 printf("client read %d\n", r); 1278 cr_num -= r; 1279 } 1280 } 1281 1282 /* 1283 * c_time and s_time increments will typically be very small 1284 * (depending on machine speed and clock tick intervals), but 1285 * sampling over a large number of connections should result in 1286 * fairly accurate figures. We cannot guarantee a lot, however 1287 * -- if each connection lasts for exactly one clock tick, it 1288 * will be counted only for the client or only for the server or 1289 * even not at all. 1290 */ 1291 *c_time += (clock() - c_clock); 1292 } 1293 1294 { 1295 /* SERVER */ 1296 1297 MS_STATIC char sbuf[1024 * 8]; 1298 int i, r; 1299 clock_t s_clock = clock(); 1300 1301 memset(sbuf, 0, sizeof(sbuf)); 1302 1303 if (debug) 1304 if (SSL_in_init(s_ssl)) 1305 printf("server waiting in SSL_accept - %s\n", 1306 SSL_state_string_long(s_ssl)); 1307 1308 if (sw_num > 0) { 1309 /* Write to client. */ 1310 1311 if (sw_num > (long)sizeof sbuf) 1312 i = sizeof sbuf; 1313 else 1314 i = (int)sw_num; 1315 r = BIO_write(s_ssl_bio, sbuf, i); 1316 if (r < 0) { 1317 if (!BIO_should_retry(s_ssl_bio)) { 1318 fprintf(stderr, "ERROR in SERVER\n"); 1319 goto err; 1320 } 1321 /* Ignore "BIO_should_retry". */ 1322 } else if (r == 0) { 1323 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1324 goto err; 1325 } else { 1326 if (debug) 1327 printf("server wrote %d\n", r); 1328 sw_num -= r; 1329 } 1330 } 1331 1332 if (sr_num > 0) { 1333 /* Read from client. */ 1334 1335 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 1336 if (r < 0) { 1337 if (!BIO_should_retry(s_ssl_bio)) { 1338 fprintf(stderr, "ERROR in SERVER\n"); 1339 goto err; 1340 } 1341 /* blah, blah */ 1342 } else if (r == 0) { 1343 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1344 goto err; 1345 } else { 1346 if (debug) 1347 printf("server read %d\n", r); 1348 sr_num -= r; 1349 } 1350 } 1351 1352 *s_time += (clock() - s_clock); 1353 } 1354 1355 { 1356 /* "I/O" BETWEEN CLIENT AND SERVER. */ 1357 1358 size_t r1, r2; 1359 BIO *io1 = server_io, *io2 = client_io; 1360 /* 1361 * we use the non-copying interface for io1 and the standard 1362 * BIO_write/BIO_read interface for io2 1363 */ 1364 1365 static int prev_progress = 1; 1366 int progress = 0; 1367 1368 /* io1 to io2 */ 1369 do { 1370 size_t num; 1371 int r; 1372 1373 r1 = BIO_ctrl_pending(io1); 1374 r2 = BIO_ctrl_get_write_guarantee(io2); 1375 1376 num = r1; 1377 if (r2 < num) 1378 num = r2; 1379 if (num) { 1380 char *dataptr; 1381 1382 if (INT_MAX < num) /* yeah, right */ 1383 num = INT_MAX; 1384 1385 r = BIO_nread(io1, &dataptr, (int)num); 1386 assert(r > 0); 1387 assert(r <= (int)num); 1388 /* 1389 * possibly r < num (non-contiguous data) 1390 */ 1391 num = r; 1392 r = BIO_write(io2, dataptr, (int)num); 1393 if (r != (int)num) { /* can't happen */ 1394 fprintf(stderr, "ERROR: BIO_write could not write " 1395 "BIO_ctrl_get_write_guarantee() bytes"); 1396 goto err; 1397 } 1398 progress = 1; 1399 1400 if (debug) 1401 printf((io1 == client_io) ? 1402 "C->S relaying: %d bytes\n" : 1403 "S->C relaying: %d bytes\n", (int)num); 1404 } 1405 } 1406 while (r1 && r2); 1407 1408 /* io2 to io1 */ 1409 { 1410 size_t num; 1411 int r; 1412 1413 r1 = BIO_ctrl_pending(io2); 1414 r2 = BIO_ctrl_get_read_request(io1); 1415 /* 1416 * here we could use ..._get_write_guarantee instead of 1417 * ..._get_read_request, but by using the latter we test 1418 * restartability of the SSL implementation more thoroughly 1419 */ 1420 num = r1; 1421 if (r2 < num) 1422 num = r2; 1423 if (num) { 1424 char *dataptr; 1425 1426 if (INT_MAX < num) 1427 num = INT_MAX; 1428 1429 if (num > 1) 1430 --num; /* test restartability even more thoroughly */ 1431 1432 r = BIO_nwrite0(io1, &dataptr); 1433 assert(r > 0); 1434 if (r < (int)num) 1435 num = r; 1436 r = BIO_read(io2, dataptr, (int)num); 1437 if (r != (int)num) { /* can't happen */ 1438 fprintf(stderr, "ERROR: BIO_read could not read " 1439 "BIO_ctrl_pending() bytes"); 1440 goto err; 1441 } 1442 progress = 1; 1443 r = BIO_nwrite(io1, &dataptr, (int)num); 1444 if (r != (int)num) { /* can't happen */ 1445 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1446 "BIO_nwrite0() bytes"); 1447 goto err; 1448 } 1449 1450 if (debug) 1451 printf((io2 == client_io) ? 1452 "C->S relaying: %d bytes\n" : 1453 "S->C relaying: %d bytes\n", (int)num); 1454 } 1455 } /* no loop, BIO_ctrl_get_read_request now 1456 * returns 0 anyway */ 1457 1458 if (!progress && !prev_progress) 1459 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1460 fprintf(stderr, "ERROR: got stuck\n"); 1461 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) { 1462 fprintf(stderr, "This can happen for SSL2 because " 1463 "CLIENT-FINISHED and SERVER-VERIFY are written \n" 1464 "concurrently ..."); 1465 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 1466 && strncmp("2SSV", SSL_state_string(s_ssl), 1467 4) == 0) { 1468 fprintf(stderr, " ok.\n"); 1469 goto end; 1470 } 1471 } 1472 fprintf(stderr, " ERROR.\n"); 1473 goto err; 1474 } 1475 prev_progress = progress; 1476 } 1477 } 1478 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1479 1480 if (verbose) 1481 print_details(c_ssl, "DONE via BIO pair: "); 1482 end: 1483 ret = 0; 1484 1485 err: 1486 ERR_print_errors(bio_err); 1487 1488 if (server) 1489 BIO_free(server); 1490 if (server_io) 1491 BIO_free(server_io); 1492 if (client) 1493 BIO_free(client); 1494 if (client_io) 1495 BIO_free(client_io); 1496 if (s_ssl_bio) 1497 BIO_free(s_ssl_bio); 1498 if (c_ssl_bio) 1499 BIO_free(c_ssl_bio); 1500 1501 return ret; 1502} 1503 1504#define W_READ 1 1505#define W_WRITE 2 1506#define C_DONE 1 1507#define S_DONE 2 1508 1509int doit(SSL *s_ssl, SSL *c_ssl, long count) 1510{ 1511 MS_STATIC char cbuf[1024 * 8], sbuf[1024 * 8]; 1512 long cw_num = count, cr_num = count; 1513 long sw_num = count, sr_num = count; 1514 int ret = 1; 1515 BIO *c_to_s = NULL; 1516 BIO *s_to_c = NULL; 1517 BIO *c_bio = NULL; 1518 BIO *s_bio = NULL; 1519 int c_r, c_w, s_r, s_w; 1520 int i, j; 1521 int done = 0; 1522 int c_write, s_write; 1523 int do_server = 0, do_client = 0; 1524 1525 memset(cbuf, 0, sizeof(cbuf)); 1526 memset(sbuf, 0, sizeof(sbuf)); 1527 1528 c_to_s = BIO_new(BIO_s_mem()); 1529 s_to_c = BIO_new(BIO_s_mem()); 1530 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1531 ERR_print_errors(bio_err); 1532 goto err; 1533 } 1534 1535 c_bio = BIO_new(BIO_f_ssl()); 1536 s_bio = BIO_new(BIO_f_ssl()); 1537 if ((c_bio == NULL) || (s_bio == NULL)) { 1538 ERR_print_errors(bio_err); 1539 goto err; 1540 } 1541 1542 SSL_set_connect_state(c_ssl); 1543 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1544 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1545 1546 SSL_set_accept_state(s_ssl); 1547 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1548 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1549 1550 c_r = 0; 1551 s_r = 1; 1552 c_w = 1; 1553 s_w = 0; 1554 c_write = 1, s_write = 0; 1555 1556 /* We can always do writes */ 1557 for (;;) { 1558 do_server = 0; 1559 do_client = 0; 1560 1561 i = (int)BIO_pending(s_bio); 1562 if ((i && s_r) || s_w) 1563 do_server = 1; 1564 1565 i = (int)BIO_pending(c_bio); 1566 if ((i && c_r) || c_w) 1567 do_client = 1; 1568 1569 if (do_server && debug) { 1570 if (SSL_in_init(s_ssl)) 1571 printf("server waiting in SSL_accept - %s\n", 1572 SSL_state_string_long(s_ssl)); 1573/*- 1574 else if (s_write) 1575 printf("server:SSL_write()\n"); 1576 else 1577 printf("server:SSL_read()\n"); */ 1578 } 1579 1580 if (do_client && debug) { 1581 if (SSL_in_init(c_ssl)) 1582 printf("client waiting in SSL_connect - %s\n", 1583 SSL_state_string_long(c_ssl)); 1584/*- 1585 else if (c_write) 1586 printf("client:SSL_write()\n"); 1587 else 1588 printf("client:SSL_read()\n"); */ 1589 } 1590 1591 if (!do_client && !do_server) { 1592 fprintf(stdout, "ERROR IN STARTUP\n"); 1593 ERR_print_errors(bio_err); 1594 goto err; 1595 } 1596 if (do_client && !(done & C_DONE)) { 1597 if (c_write) { 1598 j = (cw_num > (long)sizeof(cbuf)) ? 1599 (int)sizeof(cbuf) : (int)cw_num; 1600 i = BIO_write(c_bio, cbuf, j); 1601 if (i < 0) { 1602 c_r = 0; 1603 c_w = 0; 1604 if (BIO_should_retry(c_bio)) { 1605 if (BIO_should_read(c_bio)) 1606 c_r = 1; 1607 if (BIO_should_write(c_bio)) 1608 c_w = 1; 1609 } else { 1610 fprintf(stderr, "ERROR in CLIENT\n"); 1611 ERR_print_errors(bio_err); 1612 goto err; 1613 } 1614 } else if (i == 0) { 1615 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1616 goto err; 1617 } else { 1618 if (debug) 1619 printf("client wrote %d\n", i); 1620 /* ok */ 1621 s_r = 1; 1622 c_write = 0; 1623 cw_num -= i; 1624 } 1625 } else { 1626 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1627 if (i < 0) { 1628 c_r = 0; 1629 c_w = 0; 1630 if (BIO_should_retry(c_bio)) { 1631 if (BIO_should_read(c_bio)) 1632 c_r = 1; 1633 if (BIO_should_write(c_bio)) 1634 c_w = 1; 1635 } else { 1636 fprintf(stderr, "ERROR in CLIENT\n"); 1637 ERR_print_errors(bio_err); 1638 goto err; 1639 } 1640 } else if (i == 0) { 1641 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1642 goto err; 1643 } else { 1644 if (debug) 1645 printf("client read %d\n", i); 1646 cr_num -= i; 1647 if (sw_num > 0) { 1648 s_write = 1; 1649 s_w = 1; 1650 } 1651 if (cr_num <= 0) { 1652 s_write = 1; 1653 s_w = 1; 1654 done = S_DONE | C_DONE; 1655 } 1656 } 1657 } 1658 } 1659 1660 if (do_server && !(done & S_DONE)) { 1661 if (!s_write) { 1662 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1663 if (i < 0) { 1664 s_r = 0; 1665 s_w = 0; 1666 if (BIO_should_retry(s_bio)) { 1667 if (BIO_should_read(s_bio)) 1668 s_r = 1; 1669 if (BIO_should_write(s_bio)) 1670 s_w = 1; 1671 } else { 1672 fprintf(stderr, "ERROR in SERVER\n"); 1673 ERR_print_errors(bio_err); 1674 goto err; 1675 } 1676 } else if (i == 0) { 1677 ERR_print_errors(bio_err); 1678 fprintf(stderr, 1679 "SSL SERVER STARTUP FAILED in SSL_read\n"); 1680 goto err; 1681 } else { 1682 if (debug) 1683 printf("server read %d\n", i); 1684 sr_num -= i; 1685 if (cw_num > 0) { 1686 c_write = 1; 1687 c_w = 1; 1688 } 1689 if (sr_num <= 0) { 1690 s_write = 1; 1691 s_w = 1; 1692 c_write = 0; 1693 } 1694 } 1695 } else { 1696 j = (sw_num > (long)sizeof(sbuf)) ? 1697 (int)sizeof(sbuf) : (int)sw_num; 1698 i = BIO_write(s_bio, sbuf, j); 1699 if (i < 0) { 1700 s_r = 0; 1701 s_w = 0; 1702 if (BIO_should_retry(s_bio)) { 1703 if (BIO_should_read(s_bio)) 1704 s_r = 1; 1705 if (BIO_should_write(s_bio)) 1706 s_w = 1; 1707 } else { 1708 fprintf(stderr, "ERROR in SERVER\n"); 1709 ERR_print_errors(bio_err); 1710 goto err; 1711 } 1712 } else if (i == 0) { 1713 ERR_print_errors(bio_err); 1714 fprintf(stderr, 1715 "SSL SERVER STARTUP FAILED in SSL_write\n"); 1716 goto err; 1717 } else { 1718 if (debug) 1719 printf("server wrote %d\n", i); 1720 sw_num -= i; 1721 s_write = 0; 1722 c_r = 1; 1723 if (sw_num <= 0) 1724 done |= S_DONE; 1725 } 1726 } 1727 } 1728 1729 if ((done & S_DONE) && (done & C_DONE)) 1730 break; 1731 } 1732 1733 if (verbose) 1734 print_details(c_ssl, "DONE: "); 1735 ret = 0; 1736 err: 1737 /* 1738 * We have to set the BIO's to NULL otherwise they will be 1739 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again 1740 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and 1741 * c_ssl are sharing the same BIO structure and SSL_set_bio() and 1742 * SSL_free() automatically BIO_free non NULL entries. You should not 1743 * normally do this or be required to do this 1744 */ 1745 if (s_ssl != NULL) { 1746 s_ssl->rbio = NULL; 1747 s_ssl->wbio = NULL; 1748 } 1749 if (c_ssl != NULL) { 1750 c_ssl->rbio = NULL; 1751 c_ssl->wbio = NULL; 1752 } 1753 1754 if (c_to_s != NULL) 1755 BIO_free(c_to_s); 1756 if (s_to_c != NULL) 1757 BIO_free(s_to_c); 1758 if (c_bio != NULL) 1759 BIO_free_all(c_bio); 1760 if (s_bio != NULL) 1761 BIO_free_all(s_bio); 1762 return (ret); 1763} 1764 1765static int get_proxy_auth_ex_data_idx(void) 1766{ 1767 static volatile int idx = -1; 1768 if (idx < 0) { 1769 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1770 if (idx < 0) { 1771 idx = X509_STORE_CTX_get_ex_new_index(0, 1772 "SSLtest for verify callback", 1773 NULL, NULL, NULL); 1774 } 1775 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1776 } 1777 return idx; 1778} 1779 1780static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) 1781{ 1782 char *s, buf[256]; 1783 1784 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 1785 sizeof buf); 1786 if (s != NULL) { 1787 if (ok) 1788 fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf); 1789 else { 1790 fprintf(stderr, "depth=%d error=%d %s\n", 1791 ctx->error_depth, ctx->error, buf); 1792 } 1793 } 1794 1795 if (ok == 0) { 1796 fprintf(stderr, "Error string: %s\n", 1797 X509_verify_cert_error_string(ctx->error)); 1798 switch (ctx->error) { 1799 case X509_V_ERR_CERT_NOT_YET_VALID: 1800 case X509_V_ERR_CERT_HAS_EXPIRED: 1801 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1802 fprintf(stderr, " ... ignored.\n"); 1803 ok = 1; 1804 } 1805 } 1806 1807 if (ok == 1) { 1808 X509 *xs = ctx->current_cert; 1809#if 0 1810 X509 *xi = ctx->current_issuer; 1811#endif 1812 1813 if (xs->ex_flags & EXFLAG_PROXY) { 1814 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx, 1815 get_proxy_auth_ex_data_idx 1816 ()); 1817 1818 if (letters) { 1819 int found_any = 0; 1820 int i; 1821 PROXY_CERT_INFO_EXTENSION *pci = 1822 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1823 NULL, NULL); 1824 1825 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1826 case NID_Independent: 1827 /* 1828 * Completely meaningless in this program, as there's no 1829 * way to grant explicit rights to a specific PrC. 1830 * Basically, using id-ppl-Independent is the perfect way 1831 * to grant no rights at all. 1832 */ 1833 fprintf(stderr, " Independent proxy certificate"); 1834 for (i = 0; i < 26; i++) 1835 letters[i] = 0; 1836 break; 1837 case NID_id_ppl_inheritAll: 1838 /* 1839 * This is basically a NOP, we simply let the current 1840 * rights stand as they are. 1841 */ 1842 fprintf(stderr, " Proxy certificate inherits all"); 1843 break; 1844 default: 1845 s = (char *) 1846 pci->proxyPolicy->policy->data; 1847 i = pci->proxyPolicy->policy->length; 1848 1849 /* 1850 * The algorithm works as follows: it is assumed that 1851 * previous iterations or the initial granted rights has 1852 * already set some elements of `letters'. What we need 1853 * to do is to clear those that weren't granted by the 1854 * current PrC as well. The easiest way to do this is to 1855 * add 1 to all the elements whose letters are given with 1856 * the current policy. That way, all elements that are 1857 * set by the current policy and were already set by 1858 * earlier policies and through the original grant of 1859 * rights will get the value 2 or higher. The last thing 1860 * to do is to sweep through `letters' and keep the 1861 * elements having the value 2 as set, and clear all the 1862 * others. 1863 */ 1864 1865 fprintf(stderr, " Certificate proxy rights = %*.*s", i, 1866 i, s); 1867 while (i-- > 0) { 1868 int c = *s++; 1869 if (isascii(c) && isalpha(c)) { 1870 if (islower(c)) 1871 c = toupper(c); 1872 letters[c - 'A']++; 1873 } 1874 } 1875 for (i = 0; i < 26; i++) 1876 if (letters[i] < 2) 1877 letters[i] = 0; 1878 else 1879 letters[i] = 1; 1880 } 1881 1882 found_any = 0; 1883 fprintf(stderr, ", resulting proxy rights = "); 1884 for (i = 0; i < 26; i++) 1885 if (letters[i]) { 1886 fprintf(stderr, "%c", i + 'A'); 1887 found_any = 1; 1888 } 1889 if (!found_any) 1890 fprintf(stderr, "none"); 1891 fprintf(stderr, "\n"); 1892 1893 PROXY_CERT_INFO_EXTENSION_free(pci); 1894 } 1895 } 1896 } 1897 1898 return (ok); 1899} 1900 1901static void process_proxy_debug(int indent, const char *format, ...) 1902{ 1903 /* That's 80 > */ 1904 static const char indentation[] = 1905 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1906 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; 1907 char my_format[256]; 1908 va_list args; 1909 1910 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s", 1911 indent, indent, indentation, format); 1912 1913 va_start(args, format); 1914 vfprintf(stderr, my_format, args); 1915 va_end(args); 1916} 1917 1918/*- 1919 * Priority levels: 1920 * 0 [!]var, () 1921 * 1 & ^ 1922 * 2 | 1923 */ 1924static int process_proxy_cond_adders(unsigned int letters[26], 1925 const char *cond, const char **cond_end, 1926 int *pos, int indent); 1927static int process_proxy_cond_val(unsigned int letters[26], const char *cond, 1928 const char **cond_end, int *pos, int indent) 1929{ 1930 int c; 1931 int ok = 1; 1932 int negate = 0; 1933 1934 while (isspace((int)*cond)) { 1935 cond++; 1936 (*pos)++; 1937 } 1938 c = *cond; 1939 1940 if (debug) 1941 process_proxy_debug(indent, 1942 "Start process_proxy_cond_val at position %d: %s\n", 1943 *pos, cond); 1944 1945 while (c == '!') { 1946 negate = !negate; 1947 cond++; 1948 (*pos)++; 1949 while (isspace((int)*cond)) { 1950 cond++; 1951 (*pos)++; 1952 } 1953 c = *cond; 1954 } 1955 1956 if (c == '(') { 1957 cond++; 1958 (*pos)++; 1959 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1960 indent + 1); 1961 cond = *cond_end; 1962 if (ok < 0) 1963 goto end; 1964 while (isspace((int)*cond)) { 1965 cond++; 1966 (*pos)++; 1967 } 1968 c = *cond; 1969 if (c != ')') { 1970 fprintf(stderr, 1971 "Weird condition character in position %d: " 1972 "%c\n", *pos, c); 1973 ok = -1; 1974 goto end; 1975 } 1976 cond++; 1977 (*pos)++; 1978 } else if (isascii(c) && isalpha(c)) { 1979 if (islower(c)) 1980 c = toupper(c); 1981 ok = letters[c - 'A']; 1982 cond++; 1983 (*pos)++; 1984 } else { 1985 fprintf(stderr, 1986 "Weird condition character in position %d: " "%c\n", *pos, c); 1987 ok = -1; 1988 goto end; 1989 } 1990 end: 1991 *cond_end = cond; 1992 if (ok >= 0 && negate) 1993 ok = !ok; 1994 1995 if (debug) 1996 process_proxy_debug(indent, 1997 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1998 *pos, cond, ok); 1999 2000 return ok; 2001} 2002 2003static int process_proxy_cond_multipliers(unsigned int letters[26], 2004 const char *cond, 2005 const char **cond_end, int *pos, 2006 int indent) 2007{ 2008 int ok; 2009 char c; 2010 2011 if (debug) 2012 process_proxy_debug(indent, 2013 "Start process_proxy_cond_multipliers at position %d: %s\n", 2014 *pos, cond); 2015 2016 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 2017 cond = *cond_end; 2018 if (ok < 0) 2019 goto end; 2020 2021 while (ok >= 0) { 2022 while (isspace((int)*cond)) { 2023 cond++; 2024 (*pos)++; 2025 } 2026 c = *cond; 2027 2028 switch (c) { 2029 case '&': 2030 case '^': 2031 { 2032 int save_ok = ok; 2033 2034 cond++; 2035 (*pos)++; 2036 ok = process_proxy_cond_val(letters, 2037 cond, cond_end, pos, indent + 1); 2038 cond = *cond_end; 2039 if (ok < 0) 2040 break; 2041 2042 switch (c) { 2043 case '&': 2044 ok &= save_ok; 2045 break; 2046 case '^': 2047 ok ^= save_ok; 2048 break; 2049 default: 2050 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 2051 " STOPPING\n"); 2052 EXIT(1); 2053 } 2054 } 2055 break; 2056 default: 2057 goto end; 2058 } 2059 } 2060 end: 2061 if (debug) 2062 process_proxy_debug(indent, 2063 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n", 2064 *pos, cond, ok); 2065 2066 *cond_end = cond; 2067 return ok; 2068} 2069 2070static int process_proxy_cond_adders(unsigned int letters[26], 2071 const char *cond, const char **cond_end, 2072 int *pos, int indent) 2073{ 2074 int ok; 2075 char c; 2076 2077 if (debug) 2078 process_proxy_debug(indent, 2079 "Start process_proxy_cond_adders at position %d: %s\n", 2080 *pos, cond); 2081 2082 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 2083 indent + 1); 2084 cond = *cond_end; 2085 if (ok < 0) 2086 goto end; 2087 2088 while (ok >= 0) { 2089 while (isspace((int)*cond)) { 2090 cond++; 2091 (*pos)++; 2092 } 2093 c = *cond; 2094 2095 switch (c) { 2096 case '|': 2097 { 2098 int save_ok = ok; 2099 2100 cond++; 2101 (*pos)++; 2102 ok = process_proxy_cond_multipliers(letters, 2103 cond, cond_end, pos, 2104 indent + 1); 2105 cond = *cond_end; 2106 if (ok < 0) 2107 break; 2108 2109 switch (c) { 2110 case '|': 2111 ok |= save_ok; 2112 break; 2113 default: 2114 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 2115 " STOPPING\n"); 2116 EXIT(1); 2117 } 2118 } 2119 break; 2120 default: 2121 goto end; 2122 } 2123 } 2124 end: 2125 if (debug) 2126 process_proxy_debug(indent, 2127 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 2128 *pos, cond, ok); 2129 2130 *cond_end = cond; 2131 return ok; 2132} 2133 2134static int process_proxy_cond(unsigned int letters[26], 2135 const char *cond, const char **cond_end) 2136{ 2137 int pos = 1; 2138 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 2139} 2140 2141static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg) 2142{ 2143 int ok = 1; 2144 struct app_verify_arg *cb_arg = arg; 2145 unsigned int letters[26]; /* only used with proxy_auth */ 2146 2147 if (cb_arg->app_verify) { 2148 char *s = NULL, buf[256]; 2149 2150 fprintf(stderr, "In app_verify_callback, allowing cert. "); 2151 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 2152 fprintf(stderr, 2153 "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 2154 (void *)ctx, (void *)ctx->cert); 2155 if (ctx->cert) 2156 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 2157 if (s != NULL) { 2158 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 2159 } 2160 return (1); 2161 } 2162 if (cb_arg->proxy_auth) { 2163 int found_any = 0, i; 2164 char *sp; 2165 2166 for (i = 0; i < 26; i++) 2167 letters[i] = 0; 2168 for (sp = cb_arg->proxy_auth; *sp; sp++) { 2169 int c = *sp; 2170 if (isascii(c) && isalpha(c)) { 2171 if (islower(c)) 2172 c = toupper(c); 2173 letters[c - 'A'] = 1; 2174 } 2175 } 2176 2177 fprintf(stderr, " Initial proxy rights = "); 2178 for (i = 0; i < 26; i++) 2179 if (letters[i]) { 2180 fprintf(stderr, "%c", i + 'A'); 2181 found_any = 1; 2182 } 2183 if (!found_any) 2184 fprintf(stderr, "none"); 2185 fprintf(stderr, "\n"); 2186 2187 X509_STORE_CTX_set_ex_data(ctx, 2188 get_proxy_auth_ex_data_idx(), letters); 2189 } 2190 if (cb_arg->allow_proxy_certs) { 2191 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 2192 } 2193#ifndef OPENSSL_NO_X509_VERIFY 2194 ok = X509_verify_cert(ctx); 2195#endif 2196 2197 if (cb_arg->proxy_auth) { 2198 if (ok > 0) { 2199 const char *cond_end = NULL; 2200 2201 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end); 2202 2203 if (ok < 0) 2204 EXIT(3); 2205 if (*cond_end) { 2206 fprintf(stderr, 2207 "Stopped processing condition before it's end.\n"); 2208 ok = 0; 2209 } 2210 if (!ok) 2211 fprintf(stderr, 2212 "Proxy rights check with condition '%s' proved invalid\n", 2213 cb_arg->proxy_cond); 2214 else 2215 fprintf(stderr, 2216 "Proxy rights check with condition '%s' proved valid\n", 2217 cb_arg->proxy_cond); 2218 } 2219 } 2220 return (ok); 2221} 2222 2223#ifndef OPENSSL_NO_RSA 2224static RSA *rsa_tmp = NULL; 2225 2226static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2227{ 2228 BIGNUM *bn = NULL; 2229 if (rsa_tmp == NULL) { 2230 bn = BN_new(); 2231 rsa_tmp = RSA_new(); 2232 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { 2233 BIO_printf(bio_err, "Memory error..."); 2234 goto end; 2235 } 2236 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); 2237 (void)BIO_flush(bio_err); 2238 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 2239 BIO_printf(bio_err, "Error generating key."); 2240 RSA_free(rsa_tmp); 2241 rsa_tmp = NULL; 2242 } 2243 end: 2244 BIO_printf(bio_err, "\n"); 2245 (void)BIO_flush(bio_err); 2246 } 2247 if (bn) 2248 BN_free(bn); 2249 return (rsa_tmp); 2250} 2251 2252static void free_tmp_rsa(void) 2253{ 2254 if (rsa_tmp != NULL) { 2255 RSA_free(rsa_tmp); 2256 rsa_tmp = NULL; 2257 } 2258} 2259#endif 2260 2261#ifndef OPENSSL_NO_DH 2262/*- 2263 * These DH parameters have been generated as follows: 2264 * $ openssl dhparam -C -noout 512 2265 * $ openssl dhparam -C -noout 1024 2266 * $ openssl dhparam -C -noout -dsaparam 1024 2267 * (The third function has been renamed to avoid name conflicts.) 2268 */ 2269static DH *get_dh512() 2270{ 2271 static unsigned char dh512_p[] = { 2272 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 2273 0xC6, 2274 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 2275 0xB0, 2276 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 2277 0x5F, 2278 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 2279 0xB8, 2280 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 2281 0x33, 2282 0x02, 0xC5, 0xAE, 0x23, 2283 }; 2284 static unsigned char dh512_g[] = { 2285 0x02, 2286 }; 2287 DH *dh; 2288 2289 if ((dh = DH_new()) == NULL) 2290 return (NULL); 2291 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 2292 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 2293 if ((dh->p == NULL) || (dh->g == NULL)) { 2294 DH_free(dh); 2295 return (NULL); 2296 } 2297 return (dh); 2298} 2299 2300static DH *get_dh1024() 2301{ 2302 static unsigned char dh1024_p[] = { 2303 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 2304 0x3A, 2305 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 2306 0xA2, 2307 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 2308 0xB0, 2309 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 2310 0xC2, 2311 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 2312 0x8C, 2313 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 2314 0xB8, 2315 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 2316 0x52, 2317 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 2318 0xC1, 2319 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 2320 0xB1, 2321 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 2322 0xAB, 2323 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 2324 }; 2325 static unsigned char dh1024_g[] = { 2326 0x02, 2327 }; 2328 DH *dh; 2329 2330 if ((dh = DH_new()) == NULL) 2331 return (NULL); 2332 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2333 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2334 if ((dh->p == NULL) || (dh->g == NULL)) { 2335 DH_free(dh); 2336 return (NULL); 2337 } 2338 return (dh); 2339} 2340 2341static DH *get_dh1024dsa() 2342{ 2343 static unsigned char dh1024_p[] = { 2344 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 2345 0x00, 2346 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 2347 0x19, 2348 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 2349 0xD2, 2350 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 2351 0x55, 2352 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 2353 0xFC, 2354 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 2355 0x97, 2356 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 2357 0x8D, 2358 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 2359 0xBB, 2360 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 2361 0xF6, 2362 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 2363 0x9E, 2364 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 2365 }; 2366 static unsigned char dh1024_g[] = { 2367 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 2368 0x05, 2369 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 2370 0xF3, 2371 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 2372 0xE9, 2373 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 2374 0x3C, 2375 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 2376 0x65, 2377 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 2378 0x60, 2379 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 2380 0xF6, 2381 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 2382 0xA7, 2383 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 2384 0xA1, 2385 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 2386 0x60, 2387 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 2388 }; 2389 DH *dh; 2390 2391 if ((dh = DH_new()) == NULL) 2392 return (NULL); 2393 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2394 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2395 if ((dh->p == NULL) || (dh->g == NULL)) { 2396 DH_free(dh); 2397 return (NULL); 2398 } 2399 dh->length = 160; 2400 return (dh); 2401} 2402#endif 2403 2404#ifndef OPENSSL_NO_PSK 2405/* convert the PSK key (psk_key) in ascii to binary (psk) */ 2406static int psk_key2bn(const char *pskkey, unsigned char *psk, 2407 unsigned int max_psk_len) 2408{ 2409 int ret; 2410 BIGNUM *bn = NULL; 2411 2412 ret = BN_hex2bn(&bn, pskkey); 2413 if (!ret) { 2414 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", 2415 pskkey); 2416 if (bn) 2417 BN_free(bn); 2418 return 0; 2419 } 2420 if (BN_num_bytes(bn) > (int)max_psk_len) { 2421 BIO_printf(bio_err, 2422 "psk buffer of callback is too small (%d) for key (%d)\n", 2423 max_psk_len, BN_num_bytes(bn)); 2424 BN_free(bn); 2425 return 0; 2426 } 2427 ret = BN_bn2bin(bn, psk); 2428 BN_free(bn); 2429 return ret; 2430} 2431 2432static unsigned int psk_client_callback(SSL *ssl, const char *hint, 2433 char *identity, 2434 unsigned int max_identity_len, 2435 unsigned char *psk, 2436 unsigned int max_psk_len) 2437{ 2438 int ret; 2439 unsigned int psk_len = 0; 2440 2441 ret = BIO_snprintf(identity, max_identity_len, "Client_identity"); 2442 if (ret < 0) 2443 goto out_err; 2444 if (debug) 2445 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, 2446 ret); 2447 ret = psk_key2bn(psk_key, psk, max_psk_len); 2448 if (ret < 0) 2449 goto out_err; 2450 psk_len = ret; 2451 out_err: 2452 return psk_len; 2453} 2454 2455static unsigned int psk_server_callback(SSL *ssl, const char *identity, 2456 unsigned char *psk, 2457 unsigned int max_psk_len) 2458{ 2459 unsigned int psk_len = 0; 2460 2461 if (strcmp(identity, "Client_identity") != 0) { 2462 BIO_printf(bio_err, "server: PSK error: client identity not found\n"); 2463 return 0; 2464 } 2465 psk_len = psk_key2bn(psk_key, psk, max_psk_len); 2466 return psk_len; 2467} 2468#endif 2469 2470static int do_test_cipherlist(void) 2471{ 2472 int i = 0; 2473 const SSL_METHOD *meth; 2474 const SSL_CIPHER *ci, *tci = NULL; 2475 2476#ifndef OPENSSL_NO_SSL2 2477 fprintf(stderr, "testing SSLv2 cipher list order: "); 2478 meth = SSLv2_method(); 2479 while ((ci = meth->get_cipher(i++)) != NULL) { 2480 if (tci != NULL) 2481 if (ci->id >= tci->id) { 2482 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 2483 return 0; 2484 } 2485 tci = ci; 2486 } 2487 fprintf(stderr, "ok\n"); 2488#endif 2489#ifndef OPENSSL_NO_SSL3 2490 fprintf(stderr, "testing SSLv3 cipher list order: "); 2491 meth = SSLv3_method(); 2492 tci = NULL; 2493 while ((ci = meth->get_cipher(i++)) != NULL) { 2494 if (tci != NULL) 2495 if (ci->id >= tci->id) { 2496 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 2497 return 0; 2498 } 2499 tci = ci; 2500 } 2501 fprintf(stderr, "ok\n"); 2502#endif 2503#ifndef OPENSSL_NO_TLS1 2504 fprintf(stderr, "testing TLSv1 cipher list order: "); 2505 meth = TLSv1_method(); 2506 tci = NULL; 2507 while ((ci = meth->get_cipher(i++)) != NULL) { 2508 if (tci != NULL) 2509 if (ci->id >= tci->id) { 2510 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 2511 return 0; 2512 } 2513 tci = ci; 2514 } 2515 fprintf(stderr, "ok\n"); 2516#endif 2517 2518 return 1; 2519} 2520