ssltest.c revision 325335
1/* ssl/ssltest.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116/* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */ 144#define _BSD_SOURCE 1 145#define _DEFAULT_SOURCE 1 146 147#include <assert.h> 148#include <errno.h> 149#include <limits.h> 150#include <stdio.h> 151#include <stdlib.h> 152#include <string.h> 153#include <time.h> 154 155#define USE_SOCKETS 156#include "e_os.h" 157 158#ifdef OPENSSL_SYS_VMS 159/* 160 * Or isascii won't be declared properly on VMS (at least with DECompHP C). 161 */ 162# define _XOPEN_SOURCE 500 163#endif 164 165#include <ctype.h> 166 167#include <openssl/bio.h> 168#include <openssl/crypto.h> 169#include <openssl/evp.h> 170#include <openssl/x509.h> 171#include <openssl/x509v3.h> 172#include <openssl/ssl.h> 173#ifndef OPENSSL_NO_ENGINE 174# include <openssl/engine.h> 175#endif 176#include <openssl/err.h> 177#include <openssl/rand.h> 178#ifndef OPENSSL_NO_RSA 179# include <openssl/rsa.h> 180#endif 181#ifndef OPENSSL_NO_DSA 182# include <openssl/dsa.h> 183#endif 184#ifndef OPENSSL_NO_DH 185# include <openssl/dh.h> 186#endif 187#ifndef OPENSSL_NO_SRP 188# include <openssl/srp.h> 189#endif 190#include <openssl/bn.h> 191 192/* 193 * Or gethostname won't be declared properly 194 * on Compaq platforms (at least with DEC C). 195 * Do not try to put it earlier, or IPv6 includes 196 * get screwed... 197 */ 198#define _XOPEN_SOURCE_EXTENDED 1 199 200#ifdef OPENSSL_SYS_WINDOWS 201# include <winsock.h> 202#else 203# include OPENSSL_UNISTD 204#endif 205 206#ifdef OPENSSL_SYS_VMS 207# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" 208# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" 209#elif defined(OPENSSL_SYS_WINCE) 210# define TEST_SERVER_CERT "\\OpenSSL\\server.pem" 211# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem" 212#elif defined(OPENSSL_SYS_NETWARE) 213# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem" 214# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem" 215#else 216# define TEST_SERVER_CERT "../apps/server.pem" 217# define TEST_CLIENT_CERT "../apps/client.pem" 218#endif 219 220static SSL_CTX *s_ctx = NULL; 221static SSL_CTX *s_ctx2 = NULL; 222 223/* 224 * There is really no standard for this, so let's assign some tentative 225 * numbers. In any case, these numbers are only for this test 226 */ 227#define COMP_RLE 255 228#define COMP_ZLIB 1 229 230static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); 231#ifndef OPENSSL_NO_RSA 232static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 233static void free_tmp_rsa(void); 234#endif 235static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg); 236#define APP_CALLBACK_STRING "Test Callback Argument" 237struct app_verify_arg { 238 char *string; 239 int app_verify; 240 int allow_proxy_certs; 241 char *proxy_auth; 242 char *proxy_cond; 243}; 244 245#ifndef OPENSSL_NO_DH 246static DH *get_dh512(void); 247static DH *get_dh1024(void); 248static DH *get_dh1024dsa(void); 249#endif 250 251static char *psk_key = NULL; /* by default PSK is not used */ 252#ifndef OPENSSL_NO_PSK 253static unsigned int psk_client_callback(SSL *ssl, const char *hint, 254 char *identity, 255 unsigned int max_identity_len, 256 unsigned char *psk, 257 unsigned int max_psk_len); 258static unsigned int psk_server_callback(SSL *ssl, const char *identity, 259 unsigned char *psk, 260 unsigned int max_psk_len); 261#endif 262 263#ifndef OPENSSL_NO_SRP 264/* SRP client */ 265/* This is a context that we pass to all callbacks */ 266typedef struct srp_client_arg_st { 267 char *srppassin; 268 char *srplogin; 269} SRP_CLIENT_ARG; 270 271# define PWD_STRLEN 1024 272 273static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 274{ 275 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg; 276 return BUF_strdup((char *)srp_client_arg->srppassin); 277} 278 279/* SRP server */ 280/* This is a context that we pass to SRP server callbacks */ 281typedef struct srp_server_arg_st { 282 char *expected_user; 283 char *pass; 284} SRP_SERVER_ARG; 285 286static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 287{ 288 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg; 289 290 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) { 291 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s)); 292 return SSL3_AL_FATAL; 293 } 294 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) { 295 *ad = SSL_AD_INTERNAL_ERROR; 296 return SSL3_AL_FATAL; 297 } 298 return SSL_ERROR_NONE; 299} 300#endif 301 302static BIO *bio_err = NULL; 303static BIO *bio_stdout = NULL; 304 305static const char *alpn_client; 306static char *alpn_server; 307static char *alpn_server2; 308static const char *alpn_expected; 309static unsigned char *alpn_selected; 310static const char *sn_client; 311static const char *sn_server1; 312static const char *sn_server2; 313static int sn_expect = 0; 314static int s_ticket1 = 0; 315static int s_ticket2 = 0; 316static int c_ticket = 0; 317static int ticket_expect = -1; 318 319static int servername_cb(SSL *s, int *ad, void *arg) 320{ 321 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 322 if (sn_server2 == NULL) { 323 BIO_printf(bio_stdout, "Servername 2 is NULL\n"); 324 return SSL_TLSEXT_ERR_NOACK; 325 } 326 327 if (servername != NULL) { 328 if (s_ctx2 != NULL && sn_server2 != NULL && 329 !strcasecmp(servername, sn_server2)) { 330 BIO_printf(bio_stdout, "Switching server context.\n"); 331 SSL_set_SSL_CTX(s, s_ctx2); 332 /* Copy over all the SSL_CTX options */ 333 SSL_clear_options(s, 0xFFFFFFFFL); 334 SSL_set_options(s, SSL_CTX_get_options(s_ctx2)); 335 } 336 } 337 return SSL_TLSEXT_ERR_OK; 338} 339static int verify_servername(SSL *client, SSL *server) 340{ 341 /* just need to see if sn_context is what we expect */ 342 SSL_CTX* ctx = SSL_get_SSL_CTX(server); 343 if (sn_expect == 0) 344 return 0; 345 if (sn_expect == 1 && ctx == s_ctx) 346 return 0; 347 if (sn_expect == 2 && ctx == s_ctx2) 348 return 0; 349 BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect); 350 if (ctx == s_ctx2) 351 BIO_printf(bio_stdout, "Servername: context is 2\n"); 352 else if (ctx == s_ctx) 353 BIO_printf(bio_stdout, "Servername: context is 1\n"); 354 else 355 BIO_printf(bio_stdout, "Servername: context is unknown\n"); 356 return -1; 357} 358 359static int verify_ticket(SSL* ssl) 360{ 361 if (ticket_expect == -1) 362 return 0; 363 if (ticket_expect == 0 && 364 (ssl->session->tlsext_tick == NULL || 365 ssl->session->tlsext_ticklen == 0)) 366 return 1; 367 if (ticket_expect == 1 && 368 (ssl->session->tlsext_tick != NULL && 369 ssl->session->tlsext_ticklen != 0)) 370 return 1; 371 return -1; 372} 373 374/*- 375 * next_protos_parse parses a comma separated list of strings into a string 376 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 377 * outlen: (output) set to the length of the resulting buffer on success. 378 * err: (maybe NULL) on failure, an error message line is written to this BIO. 379 * in: a NUL terminated string like "abc,def,ghi" 380 * 381 * returns: a malloced buffer or NULL on failure. 382 */ 383static unsigned char *next_protos_parse(unsigned short *outlen, 384 const char *in) 385{ 386 size_t len; 387 unsigned char *out; 388 size_t i, start = 0; 389 390 len = strlen(in); 391 if (len >= 65535) 392 return NULL; 393 394 out = OPENSSL_malloc(strlen(in) + 1); 395 if (!out) 396 return NULL; 397 398 for (i = 0; i <= len; ++i) { 399 if (i == len || in[i] == ',') { 400 if (i - start > 255) { 401 OPENSSL_free(out); 402 return NULL; 403 } 404 out[start] = i - start; 405 start = i + 1; 406 } else 407 out[i + 1] = in[i]; 408 } 409 410 *outlen = len + 1; 411 return out; 412} 413 414static int cb_server_alpn(SSL *s, const unsigned char **out, 415 unsigned char *outlen, const unsigned char *in, 416 unsigned int inlen, void *arg) 417{ 418 unsigned char *protos; 419 unsigned short protos_len; 420 char* alpn_str = arg; 421 422 protos = next_protos_parse(&protos_len, alpn_str); 423 if (protos == NULL) { 424 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", 425 alpn_str); 426 abort(); 427 } 428 429 if (SSL_select_next_proto 430 ((unsigned char **)out, outlen, protos, protos_len, in, 431 inlen) != OPENSSL_NPN_NEGOTIATED) { 432 OPENSSL_free(protos); 433 return SSL_TLSEXT_ERR_NOACK; 434 } 435 436 /* 437 * Make a copy of the selected protocol which will be freed in 438 * verify_alpn. 439 */ 440 alpn_selected = OPENSSL_malloc(*outlen); 441 memcpy(alpn_selected, *out, *outlen); 442 *out = alpn_selected; 443 444 OPENSSL_free(protos); 445 return SSL_TLSEXT_ERR_OK; 446} 447 448static int verify_alpn(SSL *client, SSL *server) 449{ 450 const unsigned char *client_proto, *server_proto; 451 unsigned int client_proto_len = 0, server_proto_len = 0; 452 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 453 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 454 455 if (alpn_selected != NULL) { 456 OPENSSL_free(alpn_selected); 457 alpn_selected = NULL; 458 } 459 460 if (client_proto_len != server_proto_len || 461 memcmp(client_proto, server_proto, client_proto_len) != 0) { 462 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 463 goto err; 464 } 465 466 if (client_proto_len > 0 && alpn_expected == NULL) { 467 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 468 goto err; 469 } 470 471 if (alpn_expected != NULL && 472 (client_proto_len != strlen(alpn_expected) || 473 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 474 BIO_printf(bio_stdout, 475 "ALPN selected protocols not equal to expected protocol: %s\n", 476 alpn_expected); 477 goto err; 478 } 479 480 return 0; 481 482 err: 483 BIO_printf(bio_stdout, "ALPN results: client: '"); 484 BIO_write(bio_stdout, client_proto, client_proto_len); 485 BIO_printf(bio_stdout, "', server: '"); 486 BIO_write(bio_stdout, server_proto, server_proto_len); 487 BIO_printf(bio_stdout, "'\n"); 488 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: ", 489 alpn_client); 490 if (SSL_get_SSL_CTX(server) == s_ctx2) { 491 BIO_printf(bio_stdout, "'%s'\n", 492 alpn_server2); 493 } else if (SSL_get_SSL_CTX(server) == s_ctx){ 494 BIO_printf(bio_stdout, "'%s'\n", 495 alpn_server); 496 } else { 497 BIO_printf(bio_stdout, "unknown\n"); 498 } 499 return -1; 500} 501 502#ifndef OPENSSL_NO_TLSEXT 503 504static int cb_ticket0(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc) 505{ 506 return 0; 507} 508 509static int cb_ticket1(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc) 510{ 511 static unsigned char key[] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }; 512 static char name[] = "ticket11ticket11"; 513 if (SSL_get_options(s) & SSL_OP_NO_TICKET) 514 return 0; 515 if (enc) { 516 RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH); 517 EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); 518 HMAC_Init_ex(hctx, key, sizeof(key), EVP_sha1(), NULL); 519 memcpy(key_name, name, 16); 520 return 1; 521 } else { 522 if (memcmp(key_name, name, 16) == 0) { 523 EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); 524 HMAC_Init_ex(hctx, key, sizeof(key), EVP_sha1(), NULL); 525 return 1; 526 } 527 } 528 return 0; 529} 530 531static int cb_ticket2(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc) 532{ 533 fprintf(stderr, "ticket callback for SNI context should never be called\n"); 534 EXIT(1); 535} 536#endif 537 538#define SCT_EXT_TYPE 18 539 540/* 541 * WARNING : below extension types are *NOT* IETF assigned, and could 542 * conflict if these types are reassigned and handled specially by OpenSSL 543 * in the future 544 */ 545#define TACK_EXT_TYPE 62208 546#define CUSTOM_EXT_TYPE_0 1000 547#define CUSTOM_EXT_TYPE_1 1001 548#define CUSTOM_EXT_TYPE_2 1002 549#define CUSTOM_EXT_TYPE_3 1003 550 551const char custom_ext_cli_string[] = "abc"; 552const char custom_ext_srv_string[] = "defg"; 553 554/* These set from cmdline */ 555char *serverinfo_file = NULL; 556int serverinfo_sct = 0; 557int serverinfo_tack = 0; 558 559/* These set based on extension callbacks */ 560int serverinfo_sct_seen = 0; 561int serverinfo_tack_seen = 0; 562int serverinfo_other_seen = 0; 563 564/* This set from cmdline */ 565int custom_ext = 0; 566 567/* This set based on extension callbacks */ 568int custom_ext_error = 0; 569 570static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type, 571 const unsigned char *in, size_t inlen, 572 int *al, void *arg) 573{ 574 if (ext_type == SCT_EXT_TYPE) 575 serverinfo_sct_seen++; 576 else if (ext_type == TACK_EXT_TYPE) 577 serverinfo_tack_seen++; 578 else 579 serverinfo_other_seen++; 580 return 1; 581} 582 583static int verify_serverinfo() 584{ 585 if (serverinfo_sct != serverinfo_sct_seen) 586 return -1; 587 if (serverinfo_tack != serverinfo_tack_seen) 588 return -1; 589 if (serverinfo_other_seen) 590 return -1; 591 return 0; 592} 593 594/*- 595 * Four test cases for custom extensions: 596 * 0 - no ClientHello extension or ServerHello response 597 * 1 - ClientHello with "abc", no response 598 * 2 - ClientHello with "abc", empty response 599 * 3 - ClientHello with "abc", "defg" response 600 */ 601 602static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type, 603 const unsigned char **out, 604 size_t *outlen, int *al, void *arg) 605{ 606 if (ext_type != CUSTOM_EXT_TYPE_0) 607 custom_ext_error = 1; 608 return 0; /* Don't send an extension */ 609} 610 611static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type, 612 const unsigned char *in, 613 size_t inlen, int *al, void *arg) 614{ 615 return 1; 616} 617 618static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type, 619 const unsigned char **out, 620 size_t *outlen, int *al, void *arg) 621{ 622 if (ext_type != CUSTOM_EXT_TYPE_1) 623 custom_ext_error = 1; 624 *out = (const unsigned char *)custom_ext_cli_string; 625 *outlen = strlen(custom_ext_cli_string); 626 return 1; /* Send "abc" */ 627} 628 629static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type, 630 const unsigned char *in, 631 size_t inlen, int *al, void *arg) 632{ 633 return 1; 634} 635 636static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type, 637 const unsigned char **out, 638 size_t *outlen, int *al, void *arg) 639{ 640 if (ext_type != CUSTOM_EXT_TYPE_2) 641 custom_ext_error = 1; 642 *out = (const unsigned char *)custom_ext_cli_string; 643 *outlen = strlen(custom_ext_cli_string); 644 return 1; /* Send "abc" */ 645} 646 647static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type, 648 const unsigned char *in, 649 size_t inlen, int *al, void *arg) 650{ 651 if (ext_type != CUSTOM_EXT_TYPE_2) 652 custom_ext_error = 1; 653 if (inlen != 0) 654 custom_ext_error = 1; /* Should be empty response */ 655 return 1; 656} 657 658static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type, 659 const unsigned char **out, 660 size_t *outlen, int *al, void *arg) 661{ 662 if (ext_type != CUSTOM_EXT_TYPE_3) 663 custom_ext_error = 1; 664 *out = (const unsigned char *)custom_ext_cli_string; 665 *outlen = strlen(custom_ext_cli_string); 666 return 1; /* Send "abc" */ 667} 668 669static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type, 670 const unsigned char *in, 671 size_t inlen, int *al, void *arg) 672{ 673 if (ext_type != CUSTOM_EXT_TYPE_3) 674 custom_ext_error = 1; 675 if (inlen != strlen(custom_ext_srv_string)) 676 custom_ext_error = 1; 677 if (memcmp(custom_ext_srv_string, in, inlen) != 0) 678 custom_ext_error = 1; /* Check for "defg" */ 679 return 1; 680} 681 682/* 683 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback 684 * for this extension 685 */ 686static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type, 687 const unsigned char *in, 688 size_t inlen, int *al, void *arg) 689{ 690 custom_ext_error = 1; 691 return 1; 692} 693 694/* 'add' callbacks are only called if the 'parse' callback is called */ 695static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type, 696 const unsigned char **out, 697 size_t *outlen, int *al, void *arg) 698{ 699 /* Error: should not have been called */ 700 custom_ext_error = 1; 701 return 0; /* Don't send an extension */ 702} 703 704static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type, 705 const unsigned char *in, 706 size_t inlen, int *al, void *arg) 707{ 708 if (ext_type != CUSTOM_EXT_TYPE_1) 709 custom_ext_error = 1; 710 /* Check for "abc" */ 711 if (inlen != strlen(custom_ext_cli_string)) 712 custom_ext_error = 1; 713 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 714 custom_ext_error = 1; 715 return 1; 716} 717 718static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type, 719 const unsigned char **out, 720 size_t *outlen, int *al, void *arg) 721{ 722 return 0; /* Don't send an extension */ 723} 724 725static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type, 726 const unsigned char *in, 727 size_t inlen, int *al, void *arg) 728{ 729 if (ext_type != CUSTOM_EXT_TYPE_2) 730 custom_ext_error = 1; 731 /* Check for "abc" */ 732 if (inlen != strlen(custom_ext_cli_string)) 733 custom_ext_error = 1; 734 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 735 custom_ext_error = 1; 736 return 1; 737} 738 739static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type, 740 const unsigned char **out, 741 size_t *outlen, int *al, void *arg) 742{ 743 *out = NULL; 744 *outlen = 0; 745 return 1; /* Send empty extension */ 746} 747 748static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type, 749 const unsigned char *in, 750 size_t inlen, int *al, void *arg) 751{ 752 if (ext_type != CUSTOM_EXT_TYPE_3) 753 custom_ext_error = 1; 754 /* Check for "abc" */ 755 if (inlen != strlen(custom_ext_cli_string)) 756 custom_ext_error = 1; 757 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 758 custom_ext_error = 1; 759 return 1; 760} 761 762static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type, 763 const unsigned char **out, 764 size_t *outlen, int *al, void *arg) 765{ 766 *out = (const unsigned char *)custom_ext_srv_string; 767 *outlen = strlen(custom_ext_srv_string); 768 return 1; /* Send "defg" */ 769} 770 771static char *cipher = NULL; 772static int verbose = 0; 773static int debug = 0; 774#if 0 775/* Not used yet. */ 776# ifdef FIONBIO 777static int s_nbio = 0; 778# endif 779#endif 780 781static const char rnd_seed[] = 782 "string to make the random number generator think it has entropy"; 783 784int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 785 clock_t *c_time); 786int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 787static int do_test_cipherlist(void); 788static void sv_usage(void) 789{ 790 fprintf(stderr, "usage: ssltest [args ...]\n"); 791 fprintf(stderr, "\n"); 792#ifdef OPENSSL_FIPS 793 fprintf(stderr, "-F - run test in FIPS mode\n"); 794#endif 795 fprintf(stderr, " -server_auth - check server certificate\n"); 796 fprintf(stderr, " -client_auth - do client authentication\n"); 797 fprintf(stderr, " -proxy - allow proxy certificates\n"); 798 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 799 fprintf(stderr, 800 " -proxy_cond <val> - expression to test proxy policy rights\n"); 801 fprintf(stderr, " -v - more output\n"); 802 fprintf(stderr, " -d - debug output\n"); 803 fprintf(stderr, " -reuse - use session-id reuse\n"); 804 fprintf(stderr, " -num <val> - number of connections to perform\n"); 805 fprintf(stderr, 806 " -bytes <val> - number of bytes to swap between client/server\n"); 807#ifndef OPENSSL_NO_DH 808 fprintf(stderr, 809 " -dhe512 - use 512 bit key for DHE (to test failure)\n"); 810 fprintf(stderr, 811 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n"); 812 fprintf(stderr, 813 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 814 fprintf(stderr, " -no_dhe - disable DHE\n"); 815#endif 816#ifndef OPENSSL_NO_ECDH 817 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 818#endif 819#ifndef OPENSSL_NO_PSK 820 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n"); 821#endif 822#ifndef OPENSSL_NO_SRP 823 fprintf(stderr, " -srpuser user - SRP username to use\n"); 824 fprintf(stderr, " -srppass arg - password for 'user'\n"); 825#endif 826#ifndef OPENSSL_NO_SSL2 827 fprintf(stderr, " -ssl2 - use SSLv2\n"); 828#endif 829#ifndef OPENSSL_NO_SSL3_METHOD 830 fprintf(stderr, " -ssl3 - use SSLv3\n"); 831#endif 832#ifndef OPENSSL_NO_TLS1 833 fprintf(stderr, " -tls1 - use TLSv1\n"); 834#endif 835#ifndef OPENSSL_NO_DTLS 836 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 837 fprintf(stderr, " -dtls12 - use DTLSv1.2\n"); 838#endif 839 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 840 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 841 fprintf(stderr, " -cert arg - Server certificate file\n"); 842 fprintf(stderr, 843 " -key arg - Server key file (default: same as -cert)\n"); 844 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 845 fprintf(stderr, 846 " -c_key arg - Client key file (default: same as -c_cert)\n"); 847 fprintf(stderr, " -cipher arg - The cipher list\n"); 848 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 849 fprintf(stderr, " -f - Test even cases that can't work\n"); 850 fprintf(stderr, 851 " -time - measure processor time used by client and server\n"); 852 fprintf(stderr, " -zlib - use zlib compression\n"); 853 fprintf(stderr, " -rle - use rle compression\n"); 854#ifndef OPENSSL_NO_ECDH 855 fprintf(stderr, 856 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" 857 " Use \"openssl ecparam -list_curves\" for all names\n" 858 " (default is sect163r2).\n"); 859#endif 860 fprintf(stderr, 861 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n" 862 " When this option is requested, the cipherlist\n" 863 " tests are run instead of handshake tests.\n"); 864 fprintf(stderr, " -serverinfo_file file - have server use this file\n"); 865 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n"); 866 fprintf(stderr, 867 " -serverinfo_tack - have client offer and expect TACK\n"); 868 fprintf(stderr, 869 " -custom_ext - try various custom extension callbacks\n"); 870 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 871 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 872 fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n"); 873 fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n"); 874 fprintf(stderr, 875 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 876 fprintf(stderr, " -sn_client <string> - have client request this servername\n"); 877 fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n"); 878 fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n"); 879 fprintf(stderr, " -sn_expect1 - expected server 1\n"); 880 fprintf(stderr, " -sn_expect2 - expected server 2\n"); 881#ifndef OPENSSL_NO_TLSEXT 882 fprintf(stderr, " -s_ticket1 <yes|no|broken> - enable/disable session tickets on context 1\n"); 883 fprintf(stderr, " -s_ticket2 <yes|no> - enable/disable session tickets on context 2\n"); 884 fprintf(stderr, " -c_ticket <yes|no> - enable/disable session tickets on the client\n"); 885 fprintf(stderr, " -ticket_expect <yes|no> - indicate that the client should (or should not) have a ticket\n"); 886#endif 887} 888 889static void print_details(SSL *c_ssl, const char *prefix) 890{ 891 const SSL_CIPHER *ciph; 892 X509 *cert; 893 894 ciph = SSL_get_current_cipher(c_ssl); 895 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 896 prefix, 897 SSL_get_version(c_ssl), 898 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph)); 899 cert = SSL_get_peer_certificate(c_ssl); 900 if (cert != NULL) { 901 EVP_PKEY *pkey = X509_get_pubkey(cert); 902 if (pkey != NULL) { 903 if (0) ; 904#ifndef OPENSSL_NO_RSA 905 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL 906 && pkey->pkey.rsa->n != NULL) { 907 BIO_printf(bio_stdout, ", %d bit RSA", 908 BN_num_bits(pkey->pkey.rsa->n)); 909 } 910#endif 911#ifndef OPENSSL_NO_DSA 912 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL 913 && pkey->pkey.dsa->p != NULL) { 914 BIO_printf(bio_stdout, ", %d bit DSA", 915 BN_num_bits(pkey->pkey.dsa->p)); 916 } 917#endif 918 EVP_PKEY_free(pkey); 919 } 920 X509_free(cert); 921 } 922 /* 923 * The SSL API does not allow us to look at temporary RSA/DH keys, 924 * otherwise we should print their lengths too 925 */ 926 BIO_printf(bio_stdout, "\n"); 927} 928 929static void lock_dbg_cb(int mode, int type, const char *file, int line) 930{ 931 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ 932 const char *errstr = NULL; 933 int rw; 934 935 rw = mode & (CRYPTO_READ | CRYPTO_WRITE); 936 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) { 937 errstr = "invalid mode"; 938 goto err; 939 } 940 941 if (type < 0 || type >= CRYPTO_NUM_LOCKS) { 942 errstr = "type out of bounds"; 943 goto err; 944 } 945 946 if (mode & CRYPTO_LOCK) { 947 if (modes[type]) { 948 errstr = "already locked"; 949 /* 950 * must not happen in a single-threaded program (would deadlock) 951 */ 952 goto err; 953 } 954 955 modes[type] = rw; 956 } else if (mode & CRYPTO_UNLOCK) { 957 if (!modes[type]) { 958 errstr = "not locked"; 959 goto err; 960 } 961 962 if (modes[type] != rw) { 963 errstr = (rw == CRYPTO_READ) ? 964 "CRYPTO_r_unlock on write lock" : 965 "CRYPTO_w_unlock on read lock"; 966 } 967 968 modes[type] = 0; 969 } else { 970 errstr = "invalid mode"; 971 goto err; 972 } 973 974 err: 975 if (errstr) { 976 /* we cannot use bio_err here */ 977 fprintf(stderr, 978 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n", 979 errstr, mode, type, file, line); 980 } 981} 982 983#ifdef TLSEXT_TYPE_opaque_prf_input 984struct cb_info_st { 985 void *input; 986 size_t len; 987 int ret; 988}; 989struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */ 990struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */ 991struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */ 992struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */ 993 994int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_) 995{ 996 struct cb_info_st *arg = arg_; 997 998 if (arg == NULL) 999 return 1; 1000 1001 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len)) 1002 return 0; 1003 return arg->ret; 1004} 1005#endif 1006 1007int main(int argc, char *argv[]) 1008{ 1009 char *CApath = NULL, *CAfile = NULL; 1010 int badop = 0; 1011 int bio_pair = 0; 1012 int force = 0; 1013 int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1; 1014 int client_auth = 0; 1015 int server_auth = 0, i; 1016 struct app_verify_arg app_verify_arg = 1017 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 1018 char *server_cert = TEST_SERVER_CERT; 1019 char *server_key = NULL; 1020 char *client_cert = TEST_CLIENT_CERT; 1021 char *client_key = NULL; 1022#ifndef OPENSSL_NO_ECDH 1023 char *named_curve = NULL; 1024#endif 1025 SSL_CTX *c_ctx = NULL; 1026 const SSL_METHOD *meth = NULL; 1027 SSL *c_ssl, *s_ssl; 1028 int number = 1, reuse = 0; 1029 long bytes = 256L; 1030#ifndef OPENSSL_NO_DH 1031 DH *dh; 1032 int dhe512 = 0, dhe1024dsa = 0; 1033#endif 1034#ifndef OPENSSL_NO_ECDH 1035 EC_KEY *ecdh = NULL; 1036#endif 1037#ifndef OPENSSL_NO_SRP 1038 /* client */ 1039 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL }; 1040 /* server */ 1041 SRP_SERVER_ARG srp_server_arg = { NULL, NULL }; 1042#endif 1043 int no_dhe = 0; 1044 int no_ecdhe = 0; 1045 int no_psk = 0; 1046 int print_time = 0; 1047 clock_t s_time = 0, c_time = 0; 1048#ifndef OPENSSL_NO_COMP 1049 int comp = 0; 1050 COMP_METHOD *cm = NULL; 1051 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; 1052#endif 1053 int test_cipherlist = 0; 1054#ifdef OPENSSL_FIPS 1055 int fips_mode = 0; 1056#endif 1057 int no_protocol = 0; 1058 1059 verbose = 0; 1060 debug = 0; 1061 cipher = 0; 1062 1063 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); 1064 1065 CRYPTO_set_locking_callback(lock_dbg_cb); 1066 1067 /* enable memory leak checking unless explicitly disabled */ 1068 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) 1069 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) { 1070 CRYPTO_malloc_debug_init(); 1071 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); 1072 } else { 1073 /* OPENSSL_DEBUG_MEMORY=off */ 1074 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); 1075 } 1076 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 1077 1078 RAND_seed(rnd_seed, sizeof rnd_seed); 1079 1080 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); 1081 1082 argc--; 1083 argv++; 1084 1085 while (argc >= 1) { 1086 if (!strcmp(*argv, "-F")) { 1087#ifdef OPENSSL_FIPS 1088 fips_mode = 1; 1089#else 1090 fprintf(stderr, 1091 "not compiled with FIPS support, so exiting without running.\n"); 1092 EXIT(0); 1093#endif 1094 } else if (strcmp(*argv, "-server_auth") == 0) 1095 server_auth = 1; 1096 else if (strcmp(*argv, "-client_auth") == 0) 1097 client_auth = 1; 1098 else if (strcmp(*argv, "-proxy_auth") == 0) { 1099 if (--argc < 1) 1100 goto bad; 1101 app_verify_arg.proxy_auth = *(++argv); 1102 } else if (strcmp(*argv, "-proxy_cond") == 0) { 1103 if (--argc < 1) 1104 goto bad; 1105 app_verify_arg.proxy_cond = *(++argv); 1106 } else if (strcmp(*argv, "-v") == 0) 1107 verbose = 1; 1108 else if (strcmp(*argv, "-d") == 0) 1109 debug = 1; 1110 else if (strcmp(*argv, "-reuse") == 0) 1111 reuse = 1; 1112 else if (strcmp(*argv, "-dhe512") == 0) { 1113#ifndef OPENSSL_NO_DH 1114 dhe512 = 1; 1115#else 1116 fprintf(stderr, 1117 "ignoring -dhe512, since I'm compiled without DH\n"); 1118#endif 1119 } else if (strcmp(*argv, "-dhe1024dsa") == 0) { 1120#ifndef OPENSSL_NO_DH 1121 dhe1024dsa = 1; 1122#else 1123 fprintf(stderr, 1124 "ignoring -dhe1024dsa, since I'm compiled without DH\n"); 1125#endif 1126 } else if (strcmp(*argv, "-no_dhe") == 0) 1127 no_dhe = 1; 1128 else if (strcmp(*argv, "-no_ecdhe") == 0) 1129 no_ecdhe = 1; 1130 else if (strcmp(*argv, "-psk") == 0) { 1131 if (--argc < 1) 1132 goto bad; 1133 psk_key = *(++argv); 1134#ifndef OPENSSL_NO_PSK 1135 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) { 1136 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv); 1137 goto bad; 1138 } 1139#else 1140 no_psk = 1; 1141#endif 1142 } 1143#ifndef OPENSSL_NO_SRP 1144 else if (strcmp(*argv, "-srpuser") == 0) { 1145 if (--argc < 1) 1146 goto bad; 1147 srp_server_arg.expected_user = srp_client_arg.srplogin = 1148 *(++argv); 1149 tls1 = 1; 1150 } else if (strcmp(*argv, "-srppass") == 0) { 1151 if (--argc < 1) 1152 goto bad; 1153 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv); 1154 tls1 = 1; 1155 } 1156#endif 1157 else if (strcmp(*argv, "-ssl2") == 0) { 1158#ifdef OPENSSL_NO_SSL2 1159 no_protocol = 1; 1160#endif 1161 ssl2 = 1; 1162 } else if (strcmp(*argv, "-tls1") == 0) { 1163#ifdef OPENSSL_NO_TLS1 1164 no_protocol = 1; 1165#endif 1166 tls1 = 1; 1167 } else if (strcmp(*argv, "-ssl3") == 0) { 1168#ifdef OPENSSL_NO_SSL3_METHOD 1169 no_protocol = 1; 1170#endif 1171 ssl3 = 1; 1172 } else if (strcmp(*argv, "-dtls1") == 0) { 1173#ifdef OPENSSL_NO_DTLS 1174 no_protocol = 1; 1175#endif 1176 dtls1 = 1; 1177 } else if (strcmp(*argv, "-dtls12") == 0) { 1178#ifdef OPENSSL_NO_DTLS 1179 no_protocol = 1; 1180#endif 1181 dtls12 = 1; 1182 } else if (strncmp(*argv, "-num", 4) == 0) { 1183 if (--argc < 1) 1184 goto bad; 1185 number = atoi(*(++argv)); 1186 if (number == 0) 1187 number = 1; 1188 } else if (strcmp(*argv, "-bytes") == 0) { 1189 if (--argc < 1) 1190 goto bad; 1191 bytes = atol(*(++argv)); 1192 if (bytes == 0L) 1193 bytes = 1L; 1194 i = strlen(argv[0]); 1195 if (argv[0][i - 1] == 'k') 1196 bytes *= 1024L; 1197 if (argv[0][i - 1] == 'm') 1198 bytes *= 1024L * 1024L; 1199 } else if (strcmp(*argv, "-cert") == 0) { 1200 if (--argc < 1) 1201 goto bad; 1202 server_cert = *(++argv); 1203 } else if (strcmp(*argv, "-s_cert") == 0) { 1204 if (--argc < 1) 1205 goto bad; 1206 server_cert = *(++argv); 1207 } else if (strcmp(*argv, "-key") == 0) { 1208 if (--argc < 1) 1209 goto bad; 1210 server_key = *(++argv); 1211 } else if (strcmp(*argv, "-s_key") == 0) { 1212 if (--argc < 1) 1213 goto bad; 1214 server_key = *(++argv); 1215 } else if (strcmp(*argv, "-c_cert") == 0) { 1216 if (--argc < 1) 1217 goto bad; 1218 client_cert = *(++argv); 1219 } else if (strcmp(*argv, "-c_key") == 0) { 1220 if (--argc < 1) 1221 goto bad; 1222 client_key = *(++argv); 1223 } else if (strcmp(*argv, "-cipher") == 0) { 1224 if (--argc < 1) 1225 goto bad; 1226 cipher = *(++argv); 1227 } else if (strcmp(*argv, "-CApath") == 0) { 1228 if (--argc < 1) 1229 goto bad; 1230 CApath = *(++argv); 1231 } else if (strcmp(*argv, "-CAfile") == 0) { 1232 if (--argc < 1) 1233 goto bad; 1234 CAfile = *(++argv); 1235 } else if (strcmp(*argv, "-bio_pair") == 0) { 1236 bio_pair = 1; 1237 } else if (strcmp(*argv, "-f") == 0) { 1238 force = 1; 1239 } else if (strcmp(*argv, "-time") == 0) { 1240 print_time = 1; 1241 } 1242 else if (strcmp(*argv, "-zlib") == 0) { 1243#ifndef OPENSSL_NO_COMP 1244 comp = COMP_ZLIB; 1245#else 1246 fprintf(stderr, 1247 "ignoring -zlib, since I'm compiled without COMP\n"); 1248#endif 1249 } else if (strcmp(*argv, "-rle") == 0) { 1250#ifndef OPENSSL_NO_COMP 1251 comp = COMP_RLE; 1252#else 1253 fprintf(stderr, 1254 "ignoring -rle, since I'm compiled without COMP\n"); 1255#endif 1256 } 1257 else if (strcmp(*argv, "-named_curve") == 0) { 1258 if (--argc < 1) 1259 goto bad; 1260#ifndef OPENSSL_NO_ECDH 1261 named_curve = *(++argv); 1262#else 1263 fprintf(stderr, 1264 "ignoring -named_curve, since I'm compiled without ECDH\n"); 1265 ++argv; 1266#endif 1267 } else if (strcmp(*argv, "-app_verify") == 0) { 1268 app_verify_arg.app_verify = 1; 1269 } else if (strcmp(*argv, "-proxy") == 0) { 1270 app_verify_arg.allow_proxy_certs = 1; 1271 } else if (strcmp(*argv, "-test_cipherlist") == 0) { 1272 test_cipherlist = 1; 1273 } else if (strcmp(*argv, "-serverinfo_sct") == 0) { 1274 serverinfo_sct = 1; 1275 } else if (strcmp(*argv, "-serverinfo_tack") == 0) { 1276 serverinfo_tack = 1; 1277 } else if (strcmp(*argv, "-serverinfo_file") == 0) { 1278 if (--argc < 1) 1279 goto bad; 1280 serverinfo_file = *(++argv); 1281 } else if (strcmp(*argv, "-custom_ext") == 0) { 1282 custom_ext = 1; 1283 } else if (strcmp(*argv, "-alpn_client") == 0) { 1284 if (--argc < 1) 1285 goto bad; 1286 alpn_client = *(++argv); 1287 } else if (strcmp(*argv, "-alpn_server") == 0 || 1288 strcmp(*argv, "-alpn_server1") == 0) { 1289 if (--argc < 1) 1290 goto bad; 1291 alpn_server = *(++argv); 1292 } else if (strcmp(*argv, "-alpn_server2") == 0) { 1293 if (--argc < 1) 1294 goto bad; 1295 alpn_server2 = *(++argv); 1296 } else if (strcmp(*argv, "-alpn_expected") == 0) { 1297 if (--argc < 1) 1298 goto bad; 1299 alpn_expected = *(++argv); 1300 } else if (strcmp(*argv, "-sn_client") == 0) { 1301 if (--argc < 1) 1302 goto bad; 1303 sn_client = *(++argv); 1304 } else if (strcmp(*argv, "-sn_server1") == 0) { 1305 if (--argc < 1) 1306 goto bad; 1307 sn_server1 = *(++argv); 1308 } else if (strcmp(*argv, "-sn_server2") == 0) { 1309 if (--argc < 1) 1310 goto bad; 1311 sn_server2 = *(++argv); 1312 } else if (strcmp(*argv, "-sn_expect1") == 0) { 1313 sn_expect = 1; 1314 } else if (strcmp(*argv, "-sn_expect2") == 0) { 1315 sn_expect = 2; 1316#ifndef OPENSSL_NO_TLSEXT 1317 } else if (strcmp(*argv, "-s_ticket1") == 0) { 1318 if (--argc < 1) 1319 goto bad; 1320 argv++; 1321 if (strcmp(*argv, "yes") == 0) 1322 s_ticket1 = 1; 1323 if (strcmp(*argv, "broken") == 0) 1324 s_ticket1 = 2; 1325 } else if (strcmp(*argv, "-s_ticket2") == 0) { 1326 if (--argc < 1) 1327 goto bad; 1328 argv++; 1329 if (strcmp(*argv, "yes") == 0) 1330 s_ticket2 = 1; 1331 } else if (strcmp(*argv, "-c_ticket") == 0) { 1332 if (--argc < 1) 1333 goto bad; 1334 argv++; 1335 if (strcmp(*argv, "yes") == 0) 1336 c_ticket = 1; 1337 } else if (strcmp(*argv, "-ticket_expect") == 0) { 1338 if (--argc < 1) 1339 goto bad; 1340 argv++; 1341 if (strcmp(*argv, "yes") == 0) 1342 ticket_expect = 1; 1343 else if (strcmp(*argv, "no") == 0) 1344 ticket_expect = 0; 1345#endif 1346 } else { 1347 fprintf(stderr, "unknown option %s\n", *argv); 1348 badop = 1; 1349 break; 1350 } 1351 argc--; 1352 argv++; 1353 } 1354 if (badop) { 1355 bad: 1356 sv_usage(); 1357 goto end; 1358 } 1359 1360 /* 1361 * test_cipherlist prevails over protocol switch: we test the cipherlist 1362 * for all enabled protocols. 1363 */ 1364 if (test_cipherlist == 1) { 1365 /* 1366 * ensure that the cipher list are correctly sorted and exit 1367 */ 1368 fprintf(stdout, "Testing cipherlist order only. Ignoring all " 1369 "other options.\n"); 1370 if (do_test_cipherlist() == 0) 1371 EXIT(1); 1372 ret = 0; 1373 goto end; 1374 } 1375 1376 if (ssl2 + ssl3 + tls1 + dtls1 + dtls12 > 1) { 1377 fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -dtls1 or -dtls12 should " 1378 "be requested.\n"); 1379 EXIT(1); 1380 } 1381 1382 /* 1383 * Testing was requested for a compiled-out protocol (e.g. SSLv2). 1384 * Ideally, we would error out, but the generic test wrapper can't know 1385 * when to expect failure. So we do nothing and return success. 1386 */ 1387 if (no_protocol) { 1388 fprintf(stderr, "Testing was requested for a disabled protocol. " 1389 "Skipping tests.\n"); 1390 ret = 0; 1391 goto end; 1392 } 1393 1394 if (!ssl2 && !ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) { 1395 fprintf(stderr, "This case cannot work. Use -f to perform " 1396 "the test anyway (and\n-d to see what happens), " 1397 "or add one of ssl2, -ssl3, -tls1, -dtls1, -dtls12, -reuse\n" 1398 "to avoid protocol mismatch.\n"); 1399 EXIT(1); 1400 } 1401#ifdef OPENSSL_FIPS 1402 if (fips_mode) { 1403 if (!FIPS_mode_set(1)) { 1404 ERR_load_crypto_strings(); 1405 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE)); 1406 EXIT(1); 1407 } else 1408 fprintf(stderr, "*** IN FIPS MODE ***\n"); 1409 } 1410#endif 1411 1412 if (print_time) { 1413 if (!bio_pair) { 1414 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 1415 bio_pair = 1; 1416 } 1417 if (number < 50 && !force) 1418 fprintf(stderr, 1419 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 1420 } 1421 1422/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 1423 1424 SSL_library_init(); 1425 SSL_load_error_strings(); 1426 1427#ifndef OPENSSL_NO_COMP 1428 if (comp == COMP_ZLIB) 1429 cm = COMP_zlib(); 1430 if (comp == COMP_RLE) 1431 cm = COMP_rle(); 1432 if (cm != NULL) { 1433 if (cm->type != NID_undef) { 1434 if (SSL_COMP_add_compression_method(comp, cm) != 0) { 1435 fprintf(stderr, "Failed to add compression method\n"); 1436 ERR_print_errors_fp(stderr); 1437 } 1438 } else { 1439 fprintf(stderr, 1440 "Warning: %s compression not supported\n", 1441 (comp == COMP_RLE ? "rle" : 1442 (comp == COMP_ZLIB ? "zlib" : "unknown"))); 1443 ERR_print_errors_fp(stderr); 1444 } 1445 } 1446 ssl_comp_methods = SSL_COMP_get_compression_methods(); 1447 fprintf(stderr, "Available compression methods:\n"); 1448 { 1449 int j, n = sk_SSL_COMP_num(ssl_comp_methods); 1450 if (n == 0) 1451 fprintf(stderr, " NONE\n"); 1452 else 1453 for (j = 0; j < n; j++) { 1454 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); 1455 fprintf(stderr, " %d: %s\n", c->id, c->name); 1456 } 1457 } 1458#endif 1459 1460 /* 1461 * At this point, ssl2/ssl3/tls1 is only set if the protocol is 1462 * available. (Otherwise we exit early.) However the compiler doesn't 1463 * know this, so we ifdef. 1464 */ 1465#ifndef OPENSSL_NO_SSL2 1466 if (ssl2) 1467 meth = SSLv2_method(); 1468 else 1469#endif 1470#ifndef OPENSSL_NO_SSL3 1471 if (ssl3) 1472 meth = SSLv3_method(); 1473 else 1474#endif 1475#ifndef OPENSSL_NO_DTLS 1476 if (dtls1) 1477 meth = DTLSv1_method(); 1478 else if (dtls12) 1479 meth = DTLSv1_2_method(); 1480 else 1481#endif 1482#ifndef OPENSSL_NO_TLS1 1483 if (tls1) 1484 meth = TLSv1_method(); 1485 else 1486#endif 1487 meth = SSLv23_method(); 1488 1489 c_ctx = SSL_CTX_new(meth); 1490 s_ctx = SSL_CTX_new(meth); 1491 s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */ 1492 if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) { 1493 ERR_print_errors(bio_err); 1494 goto end; 1495 } 1496 1497 if (cipher != NULL) { 1498 SSL_CTX_set_cipher_list(c_ctx, cipher); 1499 SSL_CTX_set_cipher_list(s_ctx, cipher); 1500 SSL_CTX_set_cipher_list(s_ctx2, cipher); 1501 } 1502 1503#ifndef OPENSSL_NO_DH 1504 if (!no_dhe) { 1505 if (dhe1024dsa) { 1506 /* 1507 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks 1508 */ 1509 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 1510 SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_DH_USE); 1511 dh = get_dh1024dsa(); 1512 } else if (dhe512) 1513 dh = get_dh512(); 1514 else 1515 dh = get_dh1024(); 1516 SSL_CTX_set_tmp_dh(s_ctx, dh); 1517 SSL_CTX_set_tmp_dh(s_ctx2, dh); 1518 DH_free(dh); 1519 } 1520#else 1521 (void)no_dhe; 1522#endif 1523 1524#ifndef OPENSSL_NO_ECDH 1525 if (!no_ecdhe) { 1526 int nid; 1527 1528 if (named_curve != NULL) { 1529 nid = OBJ_sn2nid(named_curve); 1530 if (nid == 0) { 1531 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 1532 goto end; 1533 } 1534 } else { 1535 nid = NID_X9_62_prime256v1; 1536 } 1537 1538 ecdh = EC_KEY_new_by_curve_name(nid); 1539 if (ecdh == NULL) { 1540 BIO_printf(bio_err, "unable to create curve\n"); 1541 goto end; 1542 } 1543 1544 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 1545 SSL_CTX_set_tmp_ecdh(s_ctx2, ecdh); 1546 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 1547 SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_ECDH_USE); 1548 EC_KEY_free(ecdh); 1549 } 1550#else 1551 (void)no_ecdhe; 1552#endif 1553 1554#ifndef OPENSSL_NO_RSA 1555 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); 1556 SSL_CTX_set_tmp_rsa_callback(s_ctx2, tmp_rsa_cb); 1557#endif 1558 1559#ifdef TLSEXT_TYPE_opaque_prf_input 1560 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb); 1561 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb); 1562 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx2, opaque_prf_input_cb); 1563 /* or &co2 or NULL */ 1564 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); 1565 /* or &so2 or NULL */ 1566 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); 1567 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx2, &so1); 1568#endif 1569 1570 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) { 1571 ERR_print_errors(bio_err); 1572 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 1573 (server_key ? server_key : 1574 server_cert), 1575 SSL_FILETYPE_PEM)) { 1576 ERR_print_errors(bio_err); 1577 goto end; 1578 } 1579 1580 if (!SSL_CTX_use_certificate_file(s_ctx2, server_cert, SSL_FILETYPE_PEM)) { 1581 ERR_print_errors(bio_err); 1582 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx2, 1583 (server_key ? server_key : 1584 server_cert), 1585 SSL_FILETYPE_PEM)) { 1586 ERR_print_errors(bio_err); 1587 goto end; 1588 } 1589 1590 if (client_auth) { 1591 SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM); 1592 SSL_CTX_use_PrivateKey_file(c_ctx, 1593 (client_key ? client_key : client_cert), 1594 SSL_FILETYPE_PEM); 1595 } 1596 1597 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 1598 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 1599 (!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) || 1600 (!SSL_CTX_set_default_verify_paths(s_ctx2)) || 1601 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 1602 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 1603 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 1604 ERR_print_errors(bio_err); 1605 /* goto end; */ 1606 } 1607 1608 if (client_auth) { 1609 BIO_printf(bio_err, "client authentication\n"); 1610 SSL_CTX_set_verify(s_ctx, 1611 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 1612 verify_callback); 1613 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 1614 &app_verify_arg); 1615 SSL_CTX_set_verify(s_ctx2, 1616 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 1617 verify_callback); 1618 SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback, 1619 &app_verify_arg); 1620 } 1621 if (server_auth) { 1622 BIO_printf(bio_err, "server authentication\n"); 1623 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback); 1624 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 1625 &app_verify_arg); 1626 } 1627 1628 { 1629 int session_id_context = 0; 1630 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, 1631 sizeof session_id_context); 1632 SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context, 1633 sizeof session_id_context); 1634 } 1635 1636 /* Use PSK only if PSK key is given */ 1637 if (psk_key != NULL) { 1638 /* 1639 * no_psk is used to avoid putting psk command to openssl tool 1640 */ 1641 if (no_psk) { 1642 /* 1643 * if PSK is not compiled in and psk key is given, do nothing and 1644 * exit successfully 1645 */ 1646 ret = 0; 1647 goto end; 1648 } 1649#ifndef OPENSSL_NO_PSK 1650 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback); 1651 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback); 1652 SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback); 1653 if (debug) 1654 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n"); 1655 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) { 1656 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n"); 1657 ERR_print_errors(bio_err); 1658 goto end; 1659 } 1660 if (!SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) { 1661 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx2\n"); 1662 ERR_print_errors(bio_err); 1663 goto end; 1664 } 1665#endif 1666 } 1667#ifndef OPENSSL_NO_SRP 1668 if (srp_client_arg.srplogin) { 1669 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) { 1670 BIO_printf(bio_err, "Unable to set SRP username\n"); 1671 goto end; 1672 } 1673 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg); 1674 SSL_CTX_set_srp_client_pwd_callback(c_ctx, 1675 ssl_give_srp_client_pwd_cb); 1676 /* 1677 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength); 1678 */ 1679 } 1680 1681 if (srp_server_arg.expected_user != NULL) { 1682 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback); 1683 SSL_CTX_set_verify(s_ctx2, SSL_VERIFY_NONE, verify_callback); 1684 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg); 1685 SSL_CTX_set_srp_cb_arg(s_ctx2, &srp_server_arg); 1686 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb); 1687 SSL_CTX_set_srp_username_callback(s_ctx2, ssl_srp_server_param_cb); 1688 } 1689#endif 1690 1691 if (serverinfo_sct) 1692 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE, 1693 NULL, NULL, NULL, 1694 serverinfo_cli_parse_cb, NULL); 1695 if (serverinfo_tack) 1696 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE, 1697 NULL, NULL, NULL, 1698 serverinfo_cli_parse_cb, NULL); 1699 1700 if (serverinfo_file) { 1701 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) { 1702 BIO_printf(bio_err, "missing serverinfo file\n"); 1703 goto end; 1704 } 1705 if (!SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) { 1706 BIO_printf(bio_err, "missing serverinfo file\n"); 1707 goto end; 1708 } 1709 } 1710 1711 if (custom_ext) { 1712 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0, 1713 custom_ext_0_cli_add_cb, 1714 NULL, NULL, 1715 custom_ext_0_cli_parse_cb, NULL); 1716 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1, 1717 custom_ext_1_cli_add_cb, 1718 NULL, NULL, 1719 custom_ext_1_cli_parse_cb, NULL); 1720 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2, 1721 custom_ext_2_cli_add_cb, 1722 NULL, NULL, 1723 custom_ext_2_cli_parse_cb, NULL); 1724 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3, 1725 custom_ext_3_cli_add_cb, 1726 NULL, NULL, 1727 custom_ext_3_cli_parse_cb, NULL); 1728 1729 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0, 1730 custom_ext_0_srv_add_cb, 1731 NULL, NULL, 1732 custom_ext_0_srv_parse_cb, NULL); 1733 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1, 1734 custom_ext_1_srv_add_cb, 1735 NULL, NULL, 1736 custom_ext_1_srv_parse_cb, NULL); 1737 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2, 1738 custom_ext_2_srv_add_cb, 1739 NULL, NULL, 1740 custom_ext_2_srv_parse_cb, NULL); 1741 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3, 1742 custom_ext_3_srv_add_cb, 1743 NULL, NULL, 1744 custom_ext_3_srv_parse_cb, NULL); 1745 1746 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0, 1747 custom_ext_0_srv_add_cb, 1748 NULL, NULL, 1749 custom_ext_0_srv_parse_cb, NULL); 1750 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1, 1751 custom_ext_1_srv_add_cb, 1752 NULL, NULL, 1753 custom_ext_1_srv_parse_cb, NULL); 1754 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2, 1755 custom_ext_2_srv_add_cb, 1756 NULL, NULL, 1757 custom_ext_2_srv_parse_cb, NULL); 1758 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3, 1759 custom_ext_3_srv_add_cb, 1760 NULL, NULL, 1761 custom_ext_3_srv_parse_cb, NULL); 1762 } 1763 1764 if (alpn_server) 1765 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server); 1766 if (alpn_server2) 1767 SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2); 1768 1769 if (alpn_client) { 1770 unsigned short alpn_len; 1771 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 1772 1773 if (alpn == NULL) { 1774 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 1775 goto end; 1776 } 1777 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); 1778 OPENSSL_free(alpn); 1779 } 1780 1781 if (sn_server1 || sn_server2) 1782 SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb); 1783 1784#ifndef OPENSSL_NO_TLSEXT 1785 if (s_ticket1 == 0) 1786 SSL_CTX_set_options(s_ctx, SSL_OP_NO_TICKET); 1787 /* always set the callback */ 1788 if (s_ticket1 == 2) 1789 SSL_CTX_set_tlsext_ticket_key_cb(s_ctx, cb_ticket0); 1790 else 1791 SSL_CTX_set_tlsext_ticket_key_cb(s_ctx, cb_ticket1); 1792 1793 if (!s_ticket2) 1794 SSL_CTX_set_options(s_ctx2, SSL_OP_NO_TICKET); 1795 /* always set the callback - this should never be called */ 1796 SSL_CTX_set_tlsext_ticket_key_cb(s_ctx2, cb_ticket2); 1797 1798 if (!c_ticket) 1799 SSL_CTX_set_options(c_ctx, SSL_OP_NO_TICKET); 1800#endif 1801 1802 c_ssl = SSL_new(c_ctx); 1803 s_ssl = SSL_new(s_ctx); 1804 1805 if (sn_client) 1806 SSL_set_tlsext_host_name(c_ssl, sn_client); 1807 1808#ifndef OPENSSL_NO_KRB5 1809 if (c_ssl && c_ssl->kssl_ctx) { 1810 char localhost[MAXHOSTNAMELEN + 2]; 1811 1812 if (gethostname(localhost, sizeof localhost - 1) == 0) { 1813 localhost[sizeof localhost - 1] = '\0'; 1814 if (strlen(localhost) == sizeof localhost - 1) { 1815 BIO_printf(bio_err, "localhost name too long\n"); 1816 goto end; 1817 } 1818 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost); 1819 } 1820 } 1821#endif /* OPENSSL_NO_KRB5 */ 1822 1823 for (i = 0; i < number; i++) { 1824 if (!reuse) 1825 SSL_set_session(c_ssl, NULL); 1826 if (bio_pair) 1827 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time); 1828 else 1829 ret = doit(s_ssl, c_ssl, bytes); 1830 } 1831 1832 if (!verbose) { 1833 print_details(c_ssl, ""); 1834 } 1835 if ((number > 1) || (bytes > 1L)) 1836 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number, 1837 bytes); 1838 if (print_time) { 1839#ifdef CLOCKS_PER_SEC 1840 /* 1841 * "To determine the time in seconds, the value returned by the clock 1842 * function should be divided by the value of the macro 1843 * CLOCKS_PER_SEC." -- ISO/IEC 9899 1844 */ 1845 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n" 1846 "Approximate total client time: %6.2f s\n", 1847 (double)s_time / CLOCKS_PER_SEC, 1848 (double)c_time / CLOCKS_PER_SEC); 1849#else 1850 /* 1851 * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on 1852 * NeXTstep/OpenStep 1853 */ 1854 BIO_printf(bio_stdout, 1855 "Approximate total server time: %6.2f units\n" 1856 "Approximate total client time: %6.2f units\n", 1857 (double)s_time, (double)c_time); 1858#endif 1859 } 1860 1861 if (verify_alpn(c_ssl, s_ssl) < 0) 1862 ret = 1; 1863 if (verify_servername(c_ssl, s_ssl) < 0) 1864 ret = 1; 1865 if (verify_ticket(c_ssl) < 0) 1866 ret = 1; 1867 1868 SSL_free(s_ssl); 1869 SSL_free(c_ssl); 1870 1871 end: 1872 if (s_ctx != NULL) 1873 SSL_CTX_free(s_ctx); 1874 if (s_ctx2 != NULL) 1875 SSL_CTX_free(s_ctx2); 1876 if (c_ctx != NULL) 1877 SSL_CTX_free(c_ctx); 1878 1879 if (bio_stdout != NULL) 1880 BIO_free(bio_stdout); 1881 1882#ifndef OPENSSL_NO_RSA 1883 free_tmp_rsa(); 1884#endif 1885#ifndef OPENSSL_NO_ENGINE 1886 ENGINE_cleanup(); 1887#endif 1888 CRYPTO_cleanup_all_ex_data(); 1889 ERR_free_strings(); 1890 ERR_remove_thread_state(NULL); 1891 EVP_cleanup(); 1892 CRYPTO_mem_leaks(bio_err); 1893 if (bio_err != NULL) 1894 BIO_free(bio_err); 1895 EXIT(ret); 1896 return ret; 1897} 1898 1899int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, 1900 clock_t *s_time, clock_t *c_time) 1901{ 1902 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 1903 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 1904 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL; 1905 int ret = 1; 1906 1907 size_t bufsiz = 256; /* small buffer for testing */ 1908 1909 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 1910 goto err; 1911 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 1912 goto err; 1913 1914 s_ssl_bio = BIO_new(BIO_f_ssl()); 1915 if (!s_ssl_bio) 1916 goto err; 1917 1918 c_ssl_bio = BIO_new(BIO_f_ssl()); 1919 if (!c_ssl_bio) 1920 goto err; 1921 1922 SSL_set_connect_state(c_ssl); 1923 SSL_set_bio(c_ssl, client, client); 1924 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 1925 1926 SSL_set_accept_state(s_ssl); 1927 SSL_set_bio(s_ssl, server, server); 1928 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 1929 1930 do { 1931 /*- 1932 * c_ssl_bio: SSL filter BIO 1933 * 1934 * client: pseudo-I/O for SSL library 1935 * 1936 * client_io: client's SSL communication; usually to be 1937 * relayed over some I/O facility, but in this 1938 * test program, we're the server, too: 1939 * 1940 * server_io: server's SSL communication 1941 * 1942 * server: pseudo-I/O for SSL library 1943 * 1944 * s_ssl_bio: SSL filter BIO 1945 * 1946 * The client and the server each employ a "BIO pair": 1947 * client + client_io, server + server_io. 1948 * BIO pairs are symmetric. A BIO pair behaves similar 1949 * to a non-blocking socketpair (but both endpoints must 1950 * be handled by the same thread). 1951 * [Here we could connect client and server to the ends 1952 * of a single BIO pair, but then this code would be less 1953 * suitable as an example for BIO pairs in general.] 1954 * 1955 * Useful functions for querying the state of BIO pair endpoints: 1956 * 1957 * BIO_ctrl_pending(bio) number of bytes we can read now 1958 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 1959 * other side's read attempt 1960 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 1961 * 1962 * ..._read_request is never more than ..._write_guarantee; 1963 * it depends on the application which one you should use. 1964 */ 1965 1966 /* 1967 * We have non-blocking behaviour throughout this test program, but 1968 * can be sure that there is *some* progress in each iteration; so we 1969 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE -- 1970 * we just try everything in each iteration 1971 */ 1972 1973 { 1974 /* CLIENT */ 1975 1976 MS_STATIC char cbuf[1024 * 8]; 1977 int i, r; 1978 clock_t c_clock = clock(); 1979 1980 memset(cbuf, 0, sizeof(cbuf)); 1981 1982 if (debug) 1983 if (SSL_in_init(c_ssl)) 1984 printf("client waiting in SSL_connect - %s\n", 1985 SSL_state_string_long(c_ssl)); 1986 1987 if (cw_num > 0) { 1988 /* Write to server. */ 1989 1990 if (cw_num > (long)sizeof cbuf) 1991 i = sizeof cbuf; 1992 else 1993 i = (int)cw_num; 1994 r = BIO_write(c_ssl_bio, cbuf, i); 1995 if (r < 0) { 1996 if (!BIO_should_retry(c_ssl_bio)) { 1997 fprintf(stderr, "ERROR in CLIENT\n"); 1998 goto err; 1999 } 2000 /* 2001 * BIO_should_retry(...) can just be ignored here. The 2002 * library expects us to call BIO_write with the same 2003 * arguments again, and that's what we will do in the 2004 * next iteration. 2005 */ 2006 } else if (r == 0) { 2007 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2008 goto err; 2009 } else { 2010 if (debug) 2011 printf("client wrote %d\n", r); 2012 cw_num -= r; 2013 } 2014 } 2015 2016 if (cr_num > 0) { 2017 /* Read from server. */ 2018 2019 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 2020 if (r < 0) { 2021 if (!BIO_should_retry(c_ssl_bio)) { 2022 fprintf(stderr, "ERROR in CLIENT\n"); 2023 goto err; 2024 } 2025 /* 2026 * Again, "BIO_should_retry" can be ignored. 2027 */ 2028 } else if (r == 0) { 2029 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2030 goto err; 2031 } else { 2032 if (debug) 2033 printf("client read %d\n", r); 2034 cr_num -= r; 2035 } 2036 } 2037 2038 /* 2039 * c_time and s_time increments will typically be very small 2040 * (depending on machine speed and clock tick intervals), but 2041 * sampling over a large number of connections should result in 2042 * fairly accurate figures. We cannot guarantee a lot, however 2043 * -- if each connection lasts for exactly one clock tick, it 2044 * will be counted only for the client or only for the server or 2045 * even not at all. 2046 */ 2047 *c_time += (clock() - c_clock); 2048 } 2049 2050 { 2051 /* SERVER */ 2052 2053 MS_STATIC char sbuf[1024 * 8]; 2054 int i, r; 2055 clock_t s_clock = clock(); 2056 2057 memset(sbuf, 0, sizeof(sbuf)); 2058 2059 if (debug) 2060 if (SSL_in_init(s_ssl)) 2061 printf("server waiting in SSL_accept - %s\n", 2062 SSL_state_string_long(s_ssl)); 2063 2064 if (sw_num > 0) { 2065 /* Write to client. */ 2066 2067 if (sw_num > (long)sizeof sbuf) 2068 i = sizeof sbuf; 2069 else 2070 i = (int)sw_num; 2071 r = BIO_write(s_ssl_bio, sbuf, i); 2072 if (r < 0) { 2073 if (!BIO_should_retry(s_ssl_bio)) { 2074 fprintf(stderr, "ERROR in SERVER\n"); 2075 goto err; 2076 } 2077 /* Ignore "BIO_should_retry". */ 2078 } else if (r == 0) { 2079 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 2080 goto err; 2081 } else { 2082 if (debug) 2083 printf("server wrote %d\n", r); 2084 sw_num -= r; 2085 } 2086 } 2087 2088 if (sr_num > 0) { 2089 /* Read from client. */ 2090 2091 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 2092 if (r < 0) { 2093 if (!BIO_should_retry(s_ssl_bio)) { 2094 fprintf(stderr, "ERROR in SERVER\n"); 2095 goto err; 2096 } 2097 /* blah, blah */ 2098 } else if (r == 0) { 2099 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 2100 goto err; 2101 } else { 2102 if (debug) 2103 printf("server read %d\n", r); 2104 sr_num -= r; 2105 } 2106 } 2107 2108 *s_time += (clock() - s_clock); 2109 } 2110 2111 { 2112 /* "I/O" BETWEEN CLIENT AND SERVER. */ 2113 2114 size_t r1, r2; 2115 BIO *io1 = server_io, *io2 = client_io; 2116 /* 2117 * we use the non-copying interface for io1 and the standard 2118 * BIO_write/BIO_read interface for io2 2119 */ 2120 2121 static int prev_progress = 1; 2122 int progress = 0; 2123 2124 /* io1 to io2 */ 2125 do { 2126 size_t num; 2127 int r; 2128 2129 r1 = BIO_ctrl_pending(io1); 2130 r2 = BIO_ctrl_get_write_guarantee(io2); 2131 2132 num = r1; 2133 if (r2 < num) 2134 num = r2; 2135 if (num) { 2136 char *dataptr; 2137 2138 if (INT_MAX < num) /* yeah, right */ 2139 num = INT_MAX; 2140 2141 r = BIO_nread(io1, &dataptr, (int)num); 2142 assert(r > 0); 2143 assert(r <= (int)num); 2144 /* 2145 * possibly r < num (non-contiguous data) 2146 */ 2147 num = r; 2148 r = BIO_write(io2, dataptr, (int)num); 2149 if (r != (int)num) { /* can't happen */ 2150 fprintf(stderr, "ERROR: BIO_write could not write " 2151 "BIO_ctrl_get_write_guarantee() bytes"); 2152 goto err; 2153 } 2154 progress = 1; 2155 2156 if (debug) 2157 printf((io1 == client_io) ? 2158 "C->S relaying: %d bytes\n" : 2159 "S->C relaying: %d bytes\n", (int)num); 2160 } 2161 } 2162 while (r1 && r2); 2163 2164 /* io2 to io1 */ 2165 { 2166 size_t num; 2167 int r; 2168 2169 r1 = BIO_ctrl_pending(io2); 2170 r2 = BIO_ctrl_get_read_request(io1); 2171 /* 2172 * here we could use ..._get_write_guarantee instead of 2173 * ..._get_read_request, but by using the latter we test 2174 * restartability of the SSL implementation more thoroughly 2175 */ 2176 num = r1; 2177 if (r2 < num) 2178 num = r2; 2179 if (num) { 2180 char *dataptr; 2181 2182 if (INT_MAX < num) 2183 num = INT_MAX; 2184 2185 if (num > 1) 2186 --num; /* test restartability even more thoroughly */ 2187 2188 r = BIO_nwrite0(io1, &dataptr); 2189 assert(r > 0); 2190 if (r < (int)num) 2191 num = r; 2192 r = BIO_read(io2, dataptr, (int)num); 2193 if (r != (int)num) { /* can't happen */ 2194 fprintf(stderr, "ERROR: BIO_read could not read " 2195 "BIO_ctrl_pending() bytes"); 2196 goto err; 2197 } 2198 progress = 1; 2199 r = BIO_nwrite(io1, &dataptr, (int)num); 2200 if (r != (int)num) { /* can't happen */ 2201 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 2202 "BIO_nwrite0() bytes"); 2203 goto err; 2204 } 2205 2206 if (debug) 2207 printf((io2 == client_io) ? 2208 "C->S relaying: %d bytes\n" : 2209 "S->C relaying: %d bytes\n", (int)num); 2210 } 2211 } /* no loop, BIO_ctrl_get_read_request now 2212 * returns 0 anyway */ 2213 2214 if (!progress && !prev_progress) 2215 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 2216 fprintf(stderr, "ERROR: got stuck\n"); 2217 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) { 2218 fprintf(stderr, "This can happen for SSL2 because " 2219 "CLIENT-FINISHED and SERVER-VERIFY are written \n" 2220 "concurrently ..."); 2221 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 2222 && strncmp("2SSV", SSL_state_string(s_ssl), 2223 4) == 0) { 2224 fprintf(stderr, " ok.\n"); 2225 goto end; 2226 } 2227 } 2228 fprintf(stderr, " ERROR.\n"); 2229 goto err; 2230 } 2231 prev_progress = progress; 2232 } 2233 } 2234 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 2235 2236 if (verbose) 2237 print_details(c_ssl, "DONE via BIO pair: "); 2238 2239 if (verify_serverinfo() < 0) { 2240 ret = 1; 2241 goto err; 2242 } 2243 2244 if (custom_ext_error) { 2245 ret = 1; 2246 goto err; 2247 } 2248 2249 end: 2250 ret = 0; 2251 2252 err: 2253 ERR_print_errors(bio_err); 2254 2255 if (server) 2256 BIO_free(server); 2257 if (server_io) 2258 BIO_free(server_io); 2259 if (client) 2260 BIO_free(client); 2261 if (client_io) 2262 BIO_free(client_io); 2263 if (s_ssl_bio) 2264 BIO_free(s_ssl_bio); 2265 if (c_ssl_bio) 2266 BIO_free(c_ssl_bio); 2267 2268 return ret; 2269} 2270 2271#define W_READ 1 2272#define W_WRITE 2 2273#define C_DONE 1 2274#define S_DONE 2 2275 2276int doit(SSL *s_ssl, SSL *c_ssl, long count) 2277{ 2278 char *cbuf = NULL, *sbuf = NULL; 2279 long bufsiz; 2280 long cw_num = count, cr_num = count; 2281 long sw_num = count, sr_num = count; 2282 int ret = 1; 2283 BIO *c_to_s = NULL; 2284 BIO *s_to_c = NULL; 2285 BIO *c_bio = NULL; 2286 BIO *s_bio = NULL; 2287 int c_r, c_w, s_r, s_w; 2288 int i, j; 2289 int done = 0; 2290 int c_write, s_write; 2291 int do_server = 0, do_client = 0; 2292 int max_frag = 5 * 1024; 2293 2294 bufsiz = count > 40 * 1024 ? 40 * 1024 : count; 2295 2296 if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL) 2297 goto err; 2298 if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL) 2299 goto err; 2300 2301 memset(cbuf, 0, bufsiz); 2302 memset(sbuf, 0, bufsiz); 2303 2304 c_to_s = BIO_new(BIO_s_mem()); 2305 s_to_c = BIO_new(BIO_s_mem()); 2306 if ((s_to_c == NULL) || (c_to_s == NULL)) { 2307 ERR_print_errors(bio_err); 2308 goto err; 2309 } 2310 2311 c_bio = BIO_new(BIO_f_ssl()); 2312 s_bio = BIO_new(BIO_f_ssl()); 2313 if ((c_bio == NULL) || (s_bio == NULL)) { 2314 ERR_print_errors(bio_err); 2315 goto err; 2316 } 2317 2318 SSL_set_connect_state(c_ssl); 2319 SSL_set_bio(c_ssl, s_to_c, c_to_s); 2320 SSL_set_max_send_fragment(c_ssl, max_frag); 2321 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 2322 2323 SSL_set_accept_state(s_ssl); 2324 SSL_set_bio(s_ssl, c_to_s, s_to_c); 2325 SSL_set_max_send_fragment(s_ssl, max_frag); 2326 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 2327 2328 c_r = 0; 2329 s_r = 1; 2330 c_w = 1; 2331 s_w = 0; 2332 c_write = 1, s_write = 0; 2333 2334 /* We can always do writes */ 2335 for (;;) { 2336 do_server = 0; 2337 do_client = 0; 2338 2339 i = (int)BIO_pending(s_bio); 2340 if ((i && s_r) || s_w) 2341 do_server = 1; 2342 2343 i = (int)BIO_pending(c_bio); 2344 if ((i && c_r) || c_w) 2345 do_client = 1; 2346 2347 if (do_server && debug) { 2348 if (SSL_in_init(s_ssl)) 2349 printf("server waiting in SSL_accept - %s\n", 2350 SSL_state_string_long(s_ssl)); 2351/*- 2352 else if (s_write) 2353 printf("server:SSL_write()\n"); 2354 else 2355 printf("server:SSL_read()\n"); */ 2356 } 2357 2358 if (do_client && debug) { 2359 if (SSL_in_init(c_ssl)) 2360 printf("client waiting in SSL_connect - %s\n", 2361 SSL_state_string_long(c_ssl)); 2362/*- 2363 else if (c_write) 2364 printf("client:SSL_write()\n"); 2365 else 2366 printf("client:SSL_read()\n"); */ 2367 } 2368 2369 if (!do_client && !do_server) { 2370 fprintf(stdout, "ERROR IN STARTUP\n"); 2371 ERR_print_errors(bio_err); 2372 goto err; 2373 } 2374 if (do_client && !(done & C_DONE)) { 2375 if (c_write) { 2376 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num; 2377 i = BIO_write(c_bio, cbuf, j); 2378 if (i < 0) { 2379 c_r = 0; 2380 c_w = 0; 2381 if (BIO_should_retry(c_bio)) { 2382 if (BIO_should_read(c_bio)) 2383 c_r = 1; 2384 if (BIO_should_write(c_bio)) 2385 c_w = 1; 2386 } else { 2387 fprintf(stderr, "ERROR in CLIENT\n"); 2388 ERR_print_errors(bio_err); 2389 goto err; 2390 } 2391 } else if (i == 0) { 2392 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2393 goto err; 2394 } else { 2395 if (debug) 2396 printf("client wrote %d\n", i); 2397 /* ok */ 2398 s_r = 1; 2399 c_write = 0; 2400 cw_num -= i; 2401 if (max_frag > 1029) 2402 SSL_set_max_send_fragment(c_ssl, max_frag -= 5); 2403 } 2404 } else { 2405 i = BIO_read(c_bio, cbuf, bufsiz); 2406 if (i < 0) { 2407 c_r = 0; 2408 c_w = 0; 2409 if (BIO_should_retry(c_bio)) { 2410 if (BIO_should_read(c_bio)) 2411 c_r = 1; 2412 if (BIO_should_write(c_bio)) 2413 c_w = 1; 2414 } else { 2415 fprintf(stderr, "ERROR in CLIENT\n"); 2416 ERR_print_errors(bio_err); 2417 goto err; 2418 } 2419 } else if (i == 0) { 2420 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2421 goto err; 2422 } else { 2423 if (debug) 2424 printf("client read %d\n", i); 2425 cr_num -= i; 2426 if (sw_num > 0) { 2427 s_write = 1; 2428 s_w = 1; 2429 } 2430 if (cr_num <= 0) { 2431 s_write = 1; 2432 s_w = 1; 2433 done = S_DONE | C_DONE; 2434 } 2435 } 2436 } 2437 } 2438 2439 if (do_server && !(done & S_DONE)) { 2440 if (!s_write) { 2441 i = BIO_read(s_bio, sbuf, bufsiz); 2442 if (i < 0) { 2443 s_r = 0; 2444 s_w = 0; 2445 if (BIO_should_retry(s_bio)) { 2446 if (BIO_should_read(s_bio)) 2447 s_r = 1; 2448 if (BIO_should_write(s_bio)) 2449 s_w = 1; 2450 } else { 2451 fprintf(stderr, "ERROR in SERVER\n"); 2452 ERR_print_errors(bio_err); 2453 goto err; 2454 } 2455 } else if (i == 0) { 2456 ERR_print_errors(bio_err); 2457 fprintf(stderr, 2458 "SSL SERVER STARTUP FAILED in SSL_read\n"); 2459 goto err; 2460 } else { 2461 if (debug) 2462 printf("server read %d\n", i); 2463 sr_num -= i; 2464 if (cw_num > 0) { 2465 c_write = 1; 2466 c_w = 1; 2467 } 2468 if (sr_num <= 0) { 2469 s_write = 1; 2470 s_w = 1; 2471 c_write = 0; 2472 } 2473 } 2474 } else { 2475 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num; 2476 i = BIO_write(s_bio, sbuf, j); 2477 if (i < 0) { 2478 s_r = 0; 2479 s_w = 0; 2480 if (BIO_should_retry(s_bio)) { 2481 if (BIO_should_read(s_bio)) 2482 s_r = 1; 2483 if (BIO_should_write(s_bio)) 2484 s_w = 1; 2485 } else { 2486 fprintf(stderr, "ERROR in SERVER\n"); 2487 ERR_print_errors(bio_err); 2488 goto err; 2489 } 2490 } else if (i == 0) { 2491 ERR_print_errors(bio_err); 2492 fprintf(stderr, 2493 "SSL SERVER STARTUP FAILED in SSL_write\n"); 2494 goto err; 2495 } else { 2496 if (debug) 2497 printf("server wrote %d\n", i); 2498 sw_num -= i; 2499 s_write = 0; 2500 c_r = 1; 2501 if (sw_num <= 0) 2502 done |= S_DONE; 2503 if (max_frag > 1029) 2504 SSL_set_max_send_fragment(s_ssl, max_frag -= 5); 2505 } 2506 } 2507 } 2508 2509 if ((done & S_DONE) && (done & C_DONE)) 2510 break; 2511 } 2512 2513 if (verbose) 2514 print_details(c_ssl, "DONE: "); 2515 if (verify_serverinfo() < 0) { 2516 ret = 1; 2517 goto err; 2518 } 2519 if (custom_ext_error) { 2520 ret = 1; 2521 goto err; 2522 } 2523 ret = 0; 2524 err: 2525 /* 2526 * We have to set the BIO's to NULL otherwise they will be 2527 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again 2528 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and 2529 * c_ssl are sharing the same BIO structure and SSL_set_bio() and 2530 * SSL_free() automatically BIO_free non NULL entries. You should not 2531 * normally do this or be required to do this 2532 */ 2533 if (s_ssl != NULL) { 2534 s_ssl->rbio = NULL; 2535 s_ssl->wbio = NULL; 2536 } 2537 if (c_ssl != NULL) { 2538 c_ssl->rbio = NULL; 2539 c_ssl->wbio = NULL; 2540 } 2541 2542 if (c_to_s != NULL) 2543 BIO_free(c_to_s); 2544 if (s_to_c != NULL) 2545 BIO_free(s_to_c); 2546 if (c_bio != NULL) 2547 BIO_free_all(c_bio); 2548 if (s_bio != NULL) 2549 BIO_free_all(s_bio); 2550 2551 if (cbuf) 2552 OPENSSL_free(cbuf); 2553 if (sbuf) 2554 OPENSSL_free(sbuf); 2555 2556 return (ret); 2557} 2558 2559static int get_proxy_auth_ex_data_idx(void) 2560{ 2561 static volatile int idx = -1; 2562 if (idx < 0) { 2563 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 2564 if (idx < 0) { 2565 idx = X509_STORE_CTX_get_ex_new_index(0, 2566 "SSLtest for verify callback", 2567 NULL, NULL, NULL); 2568 } 2569 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 2570 } 2571 return idx; 2572} 2573 2574static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) 2575{ 2576 char *s, buf[256]; 2577 2578 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 2579 sizeof buf); 2580 if (s != NULL) { 2581 if (ok) 2582 fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf); 2583 else { 2584 fprintf(stderr, "depth=%d error=%d %s\n", 2585 ctx->error_depth, ctx->error, buf); 2586 } 2587 } 2588 2589 if (ok == 0) { 2590 fprintf(stderr, "Error string: %s\n", 2591 X509_verify_cert_error_string(ctx->error)); 2592 switch (ctx->error) { 2593 case X509_V_ERR_CERT_NOT_YET_VALID: 2594 case X509_V_ERR_CERT_HAS_EXPIRED: 2595 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 2596 fprintf(stderr, " ... ignored.\n"); 2597 ok = 1; 2598 } 2599 } 2600 2601 if (ok == 1) { 2602 X509 *xs = ctx->current_cert; 2603#if 0 2604 X509 *xi = ctx->current_issuer; 2605#endif 2606 2607 if (xs->ex_flags & EXFLAG_PROXY) { 2608 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx, 2609 get_proxy_auth_ex_data_idx 2610 ()); 2611 2612 if (letters) { 2613 int found_any = 0; 2614 int i; 2615 PROXY_CERT_INFO_EXTENSION *pci = 2616 X509_get_ext_d2i(xs, NID_proxyCertInfo, 2617 NULL, NULL); 2618 2619 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 2620 case NID_Independent: 2621 /* 2622 * Completely meaningless in this program, as there's no 2623 * way to grant explicit rights to a specific PrC. 2624 * Basically, using id-ppl-Independent is the perfect way 2625 * to grant no rights at all. 2626 */ 2627 fprintf(stderr, " Independent proxy certificate"); 2628 for (i = 0; i < 26; i++) 2629 letters[i] = 0; 2630 break; 2631 case NID_id_ppl_inheritAll: 2632 /* 2633 * This is basically a NOP, we simply let the current 2634 * rights stand as they are. 2635 */ 2636 fprintf(stderr, " Proxy certificate inherits all"); 2637 break; 2638 default: 2639 s = (char *) 2640 pci->proxyPolicy->policy->data; 2641 i = pci->proxyPolicy->policy->length; 2642 2643 /* 2644 * The algorithm works as follows: it is assumed that 2645 * previous iterations or the initial granted rights has 2646 * already set some elements of `letters'. What we need 2647 * to do is to clear those that weren't granted by the 2648 * current PrC as well. The easiest way to do this is to 2649 * add 1 to all the elements whose letters are given with 2650 * the current policy. That way, all elements that are 2651 * set by the current policy and were already set by 2652 * earlier policies and through the original grant of 2653 * rights will get the value 2 or higher. The last thing 2654 * to do is to sweep through `letters' and keep the 2655 * elements having the value 2 as set, and clear all the 2656 * others. 2657 */ 2658 2659 fprintf(stderr, " Certificate proxy rights = %*.*s", i, 2660 i, s); 2661 while (i-- > 0) { 2662 int c = *s++; 2663 if (isascii(c) && isalpha(c)) { 2664 if (islower(c)) 2665 c = toupper(c); 2666 letters[c - 'A']++; 2667 } 2668 } 2669 for (i = 0; i < 26; i++) 2670 if (letters[i] < 2) 2671 letters[i] = 0; 2672 else 2673 letters[i] = 1; 2674 } 2675 2676 found_any = 0; 2677 fprintf(stderr, ", resulting proxy rights = "); 2678 for (i = 0; i < 26; i++) 2679 if (letters[i]) { 2680 fprintf(stderr, "%c", i + 'A'); 2681 found_any = 1; 2682 } 2683 if (!found_any) 2684 fprintf(stderr, "none"); 2685 fprintf(stderr, "\n"); 2686 2687 PROXY_CERT_INFO_EXTENSION_free(pci); 2688 } 2689 } 2690 } 2691 2692 return (ok); 2693} 2694 2695static void process_proxy_debug(int indent, const char *format, ...) 2696{ 2697 /* That's 80 > */ 2698 static const char indentation[] = 2699 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 2700 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; 2701 char my_format[256]; 2702 va_list args; 2703 2704 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s", 2705 indent, indent, indentation, format); 2706 2707 va_start(args, format); 2708 vfprintf(stderr, my_format, args); 2709 va_end(args); 2710} 2711 2712/*- 2713 * Priority levels: 2714 * 0 [!]var, () 2715 * 1 & ^ 2716 * 2 | 2717 */ 2718static int process_proxy_cond_adders(unsigned int letters[26], 2719 const char *cond, const char **cond_end, 2720 int *pos, int indent); 2721static int process_proxy_cond_val(unsigned int letters[26], const char *cond, 2722 const char **cond_end, int *pos, int indent) 2723{ 2724 int c; 2725 int ok = 1; 2726 int negate = 0; 2727 2728 while (isspace((int)*cond)) { 2729 cond++; 2730 (*pos)++; 2731 } 2732 c = *cond; 2733 2734 if (debug) 2735 process_proxy_debug(indent, 2736 "Start process_proxy_cond_val at position %d: %s\n", 2737 *pos, cond); 2738 2739 while (c == '!') { 2740 negate = !negate; 2741 cond++; 2742 (*pos)++; 2743 while (isspace((int)*cond)) { 2744 cond++; 2745 (*pos)++; 2746 } 2747 c = *cond; 2748 } 2749 2750 if (c == '(') { 2751 cond++; 2752 (*pos)++; 2753 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 2754 indent + 1); 2755 cond = *cond_end; 2756 if (ok < 0) 2757 goto end; 2758 while (isspace((int)*cond)) { 2759 cond++; 2760 (*pos)++; 2761 } 2762 c = *cond; 2763 if (c != ')') { 2764 fprintf(stderr, 2765 "Weird condition character in position %d: " 2766 "%c\n", *pos, c); 2767 ok = -1; 2768 goto end; 2769 } 2770 cond++; 2771 (*pos)++; 2772 } else if (isascii(c) && isalpha(c)) { 2773 if (islower(c)) 2774 c = toupper(c); 2775 ok = letters[c - 'A']; 2776 cond++; 2777 (*pos)++; 2778 } else { 2779 fprintf(stderr, 2780 "Weird condition character in position %d: " "%c\n", *pos, c); 2781 ok = -1; 2782 goto end; 2783 } 2784 end: 2785 *cond_end = cond; 2786 if (ok >= 0 && negate) 2787 ok = !ok; 2788 2789 if (debug) 2790 process_proxy_debug(indent, 2791 "End process_proxy_cond_val at position %d: %s, returning %d\n", 2792 *pos, cond, ok); 2793 2794 return ok; 2795} 2796 2797static int process_proxy_cond_multipliers(unsigned int letters[26], 2798 const char *cond, 2799 const char **cond_end, int *pos, 2800 int indent) 2801{ 2802 int ok; 2803 char c; 2804 2805 if (debug) 2806 process_proxy_debug(indent, 2807 "Start process_proxy_cond_multipliers at position %d: %s\n", 2808 *pos, cond); 2809 2810 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 2811 cond = *cond_end; 2812 if (ok < 0) 2813 goto end; 2814 2815 while (ok >= 0) { 2816 while (isspace((int)*cond)) { 2817 cond++; 2818 (*pos)++; 2819 } 2820 c = *cond; 2821 2822 switch (c) { 2823 case '&': 2824 case '^': 2825 { 2826 int save_ok = ok; 2827 2828 cond++; 2829 (*pos)++; 2830 ok = process_proxy_cond_val(letters, 2831 cond, cond_end, pos, indent + 1); 2832 cond = *cond_end; 2833 if (ok < 0) 2834 break; 2835 2836 switch (c) { 2837 case '&': 2838 ok &= save_ok; 2839 break; 2840 case '^': 2841 ok ^= save_ok; 2842 break; 2843 default: 2844 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 2845 " STOPPING\n"); 2846 EXIT(1); 2847 } 2848 } 2849 break; 2850 default: 2851 goto end; 2852 } 2853 } 2854 end: 2855 if (debug) 2856 process_proxy_debug(indent, 2857 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n", 2858 *pos, cond, ok); 2859 2860 *cond_end = cond; 2861 return ok; 2862} 2863 2864static int process_proxy_cond_adders(unsigned int letters[26], 2865 const char *cond, const char **cond_end, 2866 int *pos, int indent) 2867{ 2868 int ok; 2869 char c; 2870 2871 if (debug) 2872 process_proxy_debug(indent, 2873 "Start process_proxy_cond_adders at position %d: %s\n", 2874 *pos, cond); 2875 2876 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 2877 indent + 1); 2878 cond = *cond_end; 2879 if (ok < 0) 2880 goto end; 2881 2882 while (ok >= 0) { 2883 while (isspace((int)*cond)) { 2884 cond++; 2885 (*pos)++; 2886 } 2887 c = *cond; 2888 2889 switch (c) { 2890 case '|': 2891 { 2892 int save_ok = ok; 2893 2894 cond++; 2895 (*pos)++; 2896 ok = process_proxy_cond_multipliers(letters, 2897 cond, cond_end, pos, 2898 indent + 1); 2899 cond = *cond_end; 2900 if (ok < 0) 2901 break; 2902 2903 switch (c) { 2904 case '|': 2905 ok |= save_ok; 2906 break; 2907 default: 2908 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 2909 " STOPPING\n"); 2910 EXIT(1); 2911 } 2912 } 2913 break; 2914 default: 2915 goto end; 2916 } 2917 } 2918 end: 2919 if (debug) 2920 process_proxy_debug(indent, 2921 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 2922 *pos, cond, ok); 2923 2924 *cond_end = cond; 2925 return ok; 2926} 2927 2928static int process_proxy_cond(unsigned int letters[26], 2929 const char *cond, const char **cond_end) 2930{ 2931 int pos = 1; 2932 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 2933} 2934 2935static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg) 2936{ 2937 int ok = 1; 2938 struct app_verify_arg *cb_arg = arg; 2939 unsigned int letters[26]; /* only used with proxy_auth */ 2940 2941 if (cb_arg->app_verify) { 2942 char *s = NULL, buf[256]; 2943 2944 fprintf(stderr, "In app_verify_callback, allowing cert. "); 2945 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 2946 fprintf(stderr, 2947 "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 2948 (void *)ctx, (void *)ctx->cert); 2949 if (ctx->cert) 2950 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 2951 if (s != NULL) { 2952 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 2953 } 2954 return (1); 2955 } 2956 if (cb_arg->proxy_auth) { 2957 int found_any = 0, i; 2958 char *sp; 2959 2960 for (i = 0; i < 26; i++) 2961 letters[i] = 0; 2962 for (sp = cb_arg->proxy_auth; *sp; sp++) { 2963 int c = *sp; 2964 if (isascii(c) && isalpha(c)) { 2965 if (islower(c)) 2966 c = toupper(c); 2967 letters[c - 'A'] = 1; 2968 } 2969 } 2970 2971 fprintf(stderr, " Initial proxy rights = "); 2972 for (i = 0; i < 26; i++) 2973 if (letters[i]) { 2974 fprintf(stderr, "%c", i + 'A'); 2975 found_any = 1; 2976 } 2977 if (!found_any) 2978 fprintf(stderr, "none"); 2979 fprintf(stderr, "\n"); 2980 2981 X509_STORE_CTX_set_ex_data(ctx, 2982 get_proxy_auth_ex_data_idx(), letters); 2983 } 2984 if (cb_arg->allow_proxy_certs) { 2985 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 2986 } 2987#ifndef OPENSSL_NO_X509_VERIFY 2988 ok = X509_verify_cert(ctx); 2989#endif 2990 2991 if (cb_arg->proxy_auth) { 2992 if (ok > 0) { 2993 const char *cond_end = NULL; 2994 2995 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end); 2996 2997 if (ok < 0) 2998 EXIT(3); 2999 if (*cond_end) { 3000 fprintf(stderr, 3001 "Stopped processing condition before it's end.\n"); 3002 ok = 0; 3003 } 3004 if (!ok) 3005 fprintf(stderr, 3006 "Proxy rights check with condition '%s' proved invalid\n", 3007 cb_arg->proxy_cond); 3008 else 3009 fprintf(stderr, 3010 "Proxy rights check with condition '%s' proved valid\n", 3011 cb_arg->proxy_cond); 3012 } 3013 } 3014 return (ok); 3015} 3016 3017#ifndef OPENSSL_NO_RSA 3018static RSA *rsa_tmp = NULL; 3019 3020static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 3021{ 3022 BIGNUM *bn = NULL; 3023 if (rsa_tmp == NULL) { 3024 bn = BN_new(); 3025 rsa_tmp = RSA_new(); 3026 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { 3027 BIO_printf(bio_err, "Memory error..."); 3028 goto end; 3029 } 3030 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); 3031 (void)BIO_flush(bio_err); 3032 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 3033 BIO_printf(bio_err, "Error generating key."); 3034 RSA_free(rsa_tmp); 3035 rsa_tmp = NULL; 3036 } 3037 end: 3038 BIO_printf(bio_err, "\n"); 3039 (void)BIO_flush(bio_err); 3040 } 3041 if (bn) 3042 BN_free(bn); 3043 return (rsa_tmp); 3044} 3045 3046static void free_tmp_rsa(void) 3047{ 3048 if (rsa_tmp != NULL) { 3049 RSA_free(rsa_tmp); 3050 rsa_tmp = NULL; 3051 } 3052} 3053#endif 3054 3055#ifndef OPENSSL_NO_DH 3056/*- 3057 * These DH parameters have been generated as follows: 3058 * $ openssl dhparam -C -noout 512 3059 * $ openssl dhparam -C -noout 1024 3060 * $ openssl dhparam -C -noout -dsaparam 1024 3061 * (The third function has been renamed to avoid name conflicts.) 3062 */ 3063static DH *get_dh512() 3064{ 3065 static unsigned char dh512_p[] = { 3066 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 3067 0xC6, 3068 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 3069 0xB0, 3070 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 3071 0x5F, 3072 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 3073 0xB8, 3074 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 3075 0x33, 3076 0x02, 0xC5, 0xAE, 0x23, 3077 }; 3078 static unsigned char dh512_g[] = { 3079 0x02, 3080 }; 3081 DH *dh; 3082 3083 if ((dh = DH_new()) == NULL) 3084 return (NULL); 3085 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 3086 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 3087 if ((dh->p == NULL) || (dh->g == NULL)) { 3088 DH_free(dh); 3089 return (NULL); 3090 } 3091 return (dh); 3092} 3093 3094static DH *get_dh1024() 3095{ 3096 static unsigned char dh1024_p[] = { 3097 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 3098 0x3A, 3099 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 3100 0xA2, 3101 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 3102 0xB0, 3103 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 3104 0xC2, 3105 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 3106 0x8C, 3107 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 3108 0xB8, 3109 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 3110 0x52, 3111 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 3112 0xC1, 3113 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 3114 0xB1, 3115 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 3116 0xAB, 3117 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 3118 }; 3119 static unsigned char dh1024_g[] = { 3120 0x02, 3121 }; 3122 DH *dh; 3123 3124 if ((dh = DH_new()) == NULL) 3125 return (NULL); 3126 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 3127 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 3128 if ((dh->p == NULL) || (dh->g == NULL)) { 3129 DH_free(dh); 3130 return (NULL); 3131 } 3132 return (dh); 3133} 3134 3135static DH *get_dh1024dsa() 3136{ 3137 static unsigned char dh1024_p[] = { 3138 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 3139 0x00, 3140 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 3141 0x19, 3142 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 3143 0xD2, 3144 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 3145 0x55, 3146 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 3147 0xFC, 3148 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 3149 0x97, 3150 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 3151 0x8D, 3152 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 3153 0xBB, 3154 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 3155 0xF6, 3156 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 3157 0x9E, 3158 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 3159 }; 3160 static unsigned char dh1024_g[] = { 3161 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 3162 0x05, 3163 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 3164 0xF3, 3165 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 3166 0xE9, 3167 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 3168 0x3C, 3169 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 3170 0x65, 3171 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 3172 0x60, 3173 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 3174 0xF6, 3175 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 3176 0xA7, 3177 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 3178 0xA1, 3179 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 3180 0x60, 3181 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 3182 }; 3183 DH *dh; 3184 3185 if ((dh = DH_new()) == NULL) 3186 return (NULL); 3187 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 3188 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 3189 if ((dh->p == NULL) || (dh->g == NULL)) { 3190 DH_free(dh); 3191 return (NULL); 3192 } 3193 dh->length = 160; 3194 return (dh); 3195} 3196#endif 3197 3198#ifndef OPENSSL_NO_PSK 3199/* convert the PSK key (psk_key) in ascii to binary (psk) */ 3200static int psk_key2bn(const char *pskkey, unsigned char *psk, 3201 unsigned int max_psk_len) 3202{ 3203 int ret; 3204 BIGNUM *bn = NULL; 3205 3206 ret = BN_hex2bn(&bn, pskkey); 3207 if (!ret) { 3208 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", 3209 pskkey); 3210 if (bn) 3211 BN_free(bn); 3212 return 0; 3213 } 3214 if (BN_num_bytes(bn) > (int)max_psk_len) { 3215 BIO_printf(bio_err, 3216 "psk buffer of callback is too small (%d) for key (%d)\n", 3217 max_psk_len, BN_num_bytes(bn)); 3218 BN_free(bn); 3219 return 0; 3220 } 3221 ret = BN_bn2bin(bn, psk); 3222 BN_free(bn); 3223 return ret; 3224} 3225 3226static unsigned int psk_client_callback(SSL *ssl, const char *hint, 3227 char *identity, 3228 unsigned int max_identity_len, 3229 unsigned char *psk, 3230 unsigned int max_psk_len) 3231{ 3232 int ret; 3233 unsigned int psk_len = 0; 3234 3235 ret = BIO_snprintf(identity, max_identity_len, "Client_identity"); 3236 if (ret < 0) 3237 goto out_err; 3238 if (debug) 3239 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, 3240 ret); 3241 ret = psk_key2bn(psk_key, psk, max_psk_len); 3242 if (ret < 0) 3243 goto out_err; 3244 psk_len = ret; 3245 out_err: 3246 return psk_len; 3247} 3248 3249static unsigned int psk_server_callback(SSL *ssl, const char *identity, 3250 unsigned char *psk, 3251 unsigned int max_psk_len) 3252{ 3253 unsigned int psk_len = 0; 3254 3255 if (strcmp(identity, "Client_identity") != 0) { 3256 BIO_printf(bio_err, "server: PSK error: client identity not found\n"); 3257 return 0; 3258 } 3259 psk_len = psk_key2bn(psk_key, psk, max_psk_len); 3260 return psk_len; 3261} 3262#endif 3263 3264static int do_test_cipherlist(void) 3265{ 3266#if !defined(OPENSSL_NO_SSL2) || !defined(OPENSSL_NO_SSL3) || \ 3267 !defined(OPENSSL_NO_TLS1) 3268 int i = 0; 3269 const SSL_METHOD *meth; 3270 const SSL_CIPHER *ci, *tci = NULL; 3271#endif 3272 3273#ifndef OPENSSL_NO_SSL2 3274 fprintf(stderr, "testing SSLv2 cipher list order: "); 3275 meth = SSLv2_method(); 3276 while ((ci = meth->get_cipher(i++)) != NULL) { 3277 if (tci != NULL) 3278 if (ci->id >= tci->id) { 3279 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 3280 return 0; 3281 } 3282 tci = ci; 3283 } 3284 fprintf(stderr, "ok\n"); 3285#endif 3286#ifndef OPENSSL_NO_SSL3 3287 fprintf(stderr, "testing SSLv3 cipher list order: "); 3288 meth = SSLv3_method(); 3289 tci = NULL; 3290 while ((ci = meth->get_cipher(i++)) != NULL) { 3291 if (tci != NULL) 3292 if (ci->id >= tci->id) { 3293 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 3294 return 0; 3295 } 3296 tci = ci; 3297 } 3298 fprintf(stderr, "ok\n"); 3299#endif 3300#ifndef OPENSSL_NO_TLS1 3301 fprintf(stderr, "testing TLSv1 cipher list order: "); 3302 meth = TLSv1_method(); 3303 tci = NULL; 3304 while ((ci = meth->get_cipher(i++)) != NULL) { 3305 if (tci != NULL) 3306 if (ci->id >= tci->id) { 3307 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 3308 return 0; 3309 } 3310 tci = ci; 3311 } 3312 fprintf(stderr, "ok\n"); 3313#endif 3314 3315 return 1; 3316} 3317