ssltest.c revision 325337
1/* ssl/ssltest.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116/* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */ 144#define _BSD_SOURCE 1 145#define _DEFAULT_SOURCE 1 146 147#include <assert.h> 148#include <errno.h> 149#include <limits.h> 150#include <stdio.h> 151#include <stdlib.h> 152#include <string.h> 153#include <time.h> 154 155#define USE_SOCKETS 156#include "e_os.h" 157 158#ifdef OPENSSL_SYS_VMS 159/* 160 * Or isascii won't be declared properly on VMS (at least with DECompHP C). 161 */ 162# define _XOPEN_SOURCE 500 163#endif 164 165#include <ctype.h> 166 167#include <openssl/bio.h> 168#include <openssl/crypto.h> 169#include <openssl/evp.h> 170#include <openssl/x509.h> 171#include <openssl/x509v3.h> 172#include <openssl/ssl.h> 173#ifndef OPENSSL_NO_ENGINE 174# include <openssl/engine.h> 175#endif 176#include <openssl/err.h> 177#include <openssl/rand.h> 178#ifndef OPENSSL_NO_RSA 179# include <openssl/rsa.h> 180#endif 181#ifndef OPENSSL_NO_DSA 182# include <openssl/dsa.h> 183#endif 184#ifndef OPENSSL_NO_DH 185# include <openssl/dh.h> 186#endif 187#ifndef OPENSSL_NO_SRP 188# include <openssl/srp.h> 189#endif 190#include <openssl/bn.h> 191 192/* 193 * Or gethostname won't be declared properly 194 * on Compaq platforms (at least with DEC C). 195 * Do not try to put it earlier, or IPv6 includes 196 * get screwed... 197 */ 198#define _XOPEN_SOURCE_EXTENDED 1 199 200#ifdef OPENSSL_SYS_WINDOWS 201# include <winsock.h> 202#else 203# include OPENSSL_UNISTD 204#endif 205 206#ifdef OPENSSL_SYS_VMS 207# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM" 208# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM" 209#elif defined(OPENSSL_SYS_WINCE) 210# define TEST_SERVER_CERT "\\OpenSSL\\server.pem" 211# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem" 212#elif defined(OPENSSL_SYS_NETWARE) 213# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem" 214# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem" 215#else 216# define TEST_SERVER_CERT "../apps/server.pem" 217# define TEST_CLIENT_CERT "../apps/client.pem" 218#endif 219 220static SSL_CTX *s_ctx = NULL; 221static SSL_CTX *s_ctx2 = NULL; 222 223/* 224 * There is really no standard for this, so let's assign some tentative 225 * numbers. In any case, these numbers are only for this test 226 */ 227#define COMP_RLE 255 228#define COMP_ZLIB 1 229 230static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); 231#ifndef OPENSSL_NO_RSA 232static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 233static void free_tmp_rsa(void); 234#endif 235static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg); 236#define APP_CALLBACK_STRING "Test Callback Argument" 237struct app_verify_arg { 238 char *string; 239 int app_verify; 240 int allow_proxy_certs; 241 char *proxy_auth; 242 char *proxy_cond; 243}; 244 245#ifndef OPENSSL_NO_DH 246static DH *get_dh512(void); 247static DH *get_dh1024(void); 248static DH *get_dh1024dsa(void); 249#endif 250 251static char *psk_key = NULL; /* by default PSK is not used */ 252#ifndef OPENSSL_NO_PSK 253static unsigned int psk_client_callback(SSL *ssl, const char *hint, 254 char *identity, 255 unsigned int max_identity_len, 256 unsigned char *psk, 257 unsigned int max_psk_len); 258static unsigned int psk_server_callback(SSL *ssl, const char *identity, 259 unsigned char *psk, 260 unsigned int max_psk_len); 261#endif 262 263#ifndef OPENSSL_NO_SRP 264/* SRP client */ 265/* This is a context that we pass to all callbacks */ 266typedef struct srp_client_arg_st { 267 char *srppassin; 268 char *srplogin; 269} SRP_CLIENT_ARG; 270 271# define PWD_STRLEN 1024 272 273static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 274{ 275 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg; 276 return BUF_strdup((char *)srp_client_arg->srppassin); 277} 278 279/* SRP server */ 280/* This is a context that we pass to SRP server callbacks */ 281typedef struct srp_server_arg_st { 282 char *expected_user; 283 char *pass; 284} SRP_SERVER_ARG; 285 286static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 287{ 288 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg; 289 290 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) { 291 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s)); 292 return SSL3_AL_FATAL; 293 } 294 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) { 295 *ad = SSL_AD_INTERNAL_ERROR; 296 return SSL3_AL_FATAL; 297 } 298 return SSL_ERROR_NONE; 299} 300#endif 301 302static BIO *bio_err = NULL; 303static BIO *bio_stdout = NULL; 304 305static const char *alpn_client; 306static char *alpn_server; 307static char *alpn_server2; 308static const char *alpn_expected; 309static unsigned char *alpn_selected; 310static const char *sn_client; 311static const char *sn_server1; 312static const char *sn_server2; 313static int sn_expect = 0; 314static int s_ticket1 = 0; 315static int s_ticket2 = 0; 316static int c_ticket = 0; 317static int ticket_expect = -1; 318static int sni_in_cert_cb = 0; 319static const char *client_sigalgs = NULL; 320static const char *server_digest_expect = NULL; 321 322static int servername_cb(SSL *s, int *ad, void *arg) 323{ 324 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 325 if (sn_server2 == NULL) { 326 BIO_printf(bio_stdout, "Servername 2 is NULL\n"); 327 return SSL_TLSEXT_ERR_NOACK; 328 } 329 330 if (servername != NULL) { 331 if (s_ctx2 != NULL && sn_server2 != NULL && 332 !strcasecmp(servername, sn_server2)) { 333 BIO_printf(bio_stdout, "Switching server context.\n"); 334 SSL_set_SSL_CTX(s, s_ctx2); 335 /* Copy over all the SSL_CTX options */ 336 SSL_clear_options(s, 0xFFFFFFFFL); 337 SSL_set_options(s, SSL_CTX_get_options(s_ctx2)); 338 } 339 } 340 return SSL_TLSEXT_ERR_OK; 341} 342static int verify_servername(SSL *client, SSL *server) 343{ 344 /* just need to see if sn_context is what we expect */ 345 SSL_CTX* ctx = SSL_get_SSL_CTX(server); 346 if (sn_expect == 0) 347 return 0; 348 if (sn_expect == 1 && ctx == s_ctx) 349 return 0; 350 if (sn_expect == 2 && ctx == s_ctx2) 351 return 0; 352 BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect); 353 if (ctx == s_ctx2) 354 BIO_printf(bio_stdout, "Servername: context is 2\n"); 355 else if (ctx == s_ctx) 356 BIO_printf(bio_stdout, "Servername: context is 1\n"); 357 else 358 BIO_printf(bio_stdout, "Servername: context is unknown\n"); 359 return -1; 360} 361static int cert_cb(SSL *ssl, void *arg) 362{ 363 int unused; 364 return servername_cb(ssl, &unused, NULL) != SSL_TLSEXT_ERR_ALERT_FATAL; 365} 366 367static int verify_ticket(SSL* ssl) 368{ 369 if (ticket_expect == -1) 370 return 0; 371 if (ticket_expect == 0 && 372 (ssl->session->tlsext_tick == NULL || 373 ssl->session->tlsext_ticklen == 0)) 374 return 1; 375 if (ticket_expect == 1 && 376 (ssl->session->tlsext_tick != NULL && 377 ssl->session->tlsext_ticklen != 0)) 378 return 1; 379 return -1; 380} 381 382static int verify_server_digest(SSL* ssl) 383{ 384 int nid = NID_undef; 385 386 if (server_digest_expect == NULL) 387 return 0; 388 SSL_get_peer_signature_nid(ssl, &nid); 389 if (strcmp(server_digest_expect, OBJ_nid2sn(nid)) == 0) 390 return 1; 391 BIO_printf(bio_stdout, "Expected server digest %s, got %s.\n", 392 server_digest_expect, OBJ_nid2sn(nid)); 393 return -1; 394} 395 396/*- 397 * next_protos_parse parses a comma separated list of strings into a string 398 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 399 * outlen: (output) set to the length of the resulting buffer on success. 400 * err: (maybe NULL) on failure, an error message line is written to this BIO. 401 * in: a NUL terminated string like "abc,def,ghi" 402 * 403 * returns: a malloced buffer or NULL on failure. 404 */ 405static unsigned char *next_protos_parse(unsigned short *outlen, 406 const char *in) 407{ 408 size_t len; 409 unsigned char *out; 410 size_t i, start = 0; 411 412 len = strlen(in); 413 if (len >= 65535) 414 return NULL; 415 416 out = OPENSSL_malloc(strlen(in) + 1); 417 if (!out) 418 return NULL; 419 420 for (i = 0; i <= len; ++i) { 421 if (i == len || in[i] == ',') { 422 if (i - start > 255) { 423 OPENSSL_free(out); 424 return NULL; 425 } 426 out[start] = i - start; 427 start = i + 1; 428 } else 429 out[i + 1] = in[i]; 430 } 431 432 *outlen = len + 1; 433 return out; 434} 435 436static int cb_server_alpn(SSL *s, const unsigned char **out, 437 unsigned char *outlen, const unsigned char *in, 438 unsigned int inlen, void *arg) 439{ 440 unsigned char *protos; 441 unsigned short protos_len; 442 char* alpn_str = arg; 443 444 protos = next_protos_parse(&protos_len, alpn_str); 445 if (protos == NULL) { 446 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", 447 alpn_str); 448 abort(); 449 } 450 451 if (SSL_select_next_proto 452 ((unsigned char **)out, outlen, protos, protos_len, in, 453 inlen) != OPENSSL_NPN_NEGOTIATED) { 454 OPENSSL_free(protos); 455 return SSL_TLSEXT_ERR_NOACK; 456 } 457 458 /* 459 * Make a copy of the selected protocol which will be freed in 460 * verify_alpn. 461 */ 462 alpn_selected = OPENSSL_malloc(*outlen); 463 memcpy(alpn_selected, *out, *outlen); 464 *out = alpn_selected; 465 466 OPENSSL_free(protos); 467 return SSL_TLSEXT_ERR_OK; 468} 469 470static int verify_alpn(SSL *client, SSL *server) 471{ 472 const unsigned char *client_proto, *server_proto; 473 unsigned int client_proto_len = 0, server_proto_len = 0; 474 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 475 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 476 477 if (alpn_selected != NULL) { 478 OPENSSL_free(alpn_selected); 479 alpn_selected = NULL; 480 } 481 482 if (client_proto_len != server_proto_len || 483 memcmp(client_proto, server_proto, client_proto_len) != 0) { 484 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 485 goto err; 486 } 487 488 if (client_proto_len > 0 && alpn_expected == NULL) { 489 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 490 goto err; 491 } 492 493 if (alpn_expected != NULL && 494 (client_proto_len != strlen(alpn_expected) || 495 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 496 BIO_printf(bio_stdout, 497 "ALPN selected protocols not equal to expected protocol: %s\n", 498 alpn_expected); 499 goto err; 500 } 501 502 return 0; 503 504 err: 505 BIO_printf(bio_stdout, "ALPN results: client: '"); 506 BIO_write(bio_stdout, client_proto, client_proto_len); 507 BIO_printf(bio_stdout, "', server: '"); 508 BIO_write(bio_stdout, server_proto, server_proto_len); 509 BIO_printf(bio_stdout, "'\n"); 510 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: ", 511 alpn_client); 512 if (SSL_get_SSL_CTX(server) == s_ctx2) { 513 BIO_printf(bio_stdout, "'%s'\n", 514 alpn_server2); 515 } else if (SSL_get_SSL_CTX(server) == s_ctx){ 516 BIO_printf(bio_stdout, "'%s'\n", 517 alpn_server); 518 } else { 519 BIO_printf(bio_stdout, "unknown\n"); 520 } 521 return -1; 522} 523 524#ifndef OPENSSL_NO_TLSEXT 525 526static int cb_ticket0(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc) 527{ 528 return 0; 529} 530 531static int cb_ticket1(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc) 532{ 533 static unsigned char key[] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }; 534 static char name[] = "ticket11ticket11"; 535 if (SSL_get_options(s) & SSL_OP_NO_TICKET) 536 return 0; 537 if (enc) { 538 RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH); 539 EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); 540 HMAC_Init_ex(hctx, key, sizeof(key), EVP_sha1(), NULL); 541 memcpy(key_name, name, 16); 542 return 1; 543 } else { 544 if (memcmp(key_name, name, 16) == 0) { 545 EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); 546 HMAC_Init_ex(hctx, key, sizeof(key), EVP_sha1(), NULL); 547 return 1; 548 } 549 } 550 return 0; 551} 552 553static int cb_ticket2(SSL* s, unsigned char* key_name, unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc) 554{ 555 fprintf(stderr, "ticket callback for SNI context should never be called\n"); 556 EXIT(1); 557} 558#endif 559 560#define SCT_EXT_TYPE 18 561 562/* 563 * WARNING : below extension types are *NOT* IETF assigned, and could 564 * conflict if these types are reassigned and handled specially by OpenSSL 565 * in the future 566 */ 567#define TACK_EXT_TYPE 62208 568#define CUSTOM_EXT_TYPE_0 1000 569#define CUSTOM_EXT_TYPE_1 1001 570#define CUSTOM_EXT_TYPE_2 1002 571#define CUSTOM_EXT_TYPE_3 1003 572 573const char custom_ext_cli_string[] = "abc"; 574const char custom_ext_srv_string[] = "defg"; 575 576/* These set from cmdline */ 577char *serverinfo_file = NULL; 578int serverinfo_sct = 0; 579int serverinfo_tack = 0; 580 581/* These set based on extension callbacks */ 582int serverinfo_sct_seen = 0; 583int serverinfo_tack_seen = 0; 584int serverinfo_other_seen = 0; 585 586/* This set from cmdline */ 587int custom_ext = 0; 588 589/* This set based on extension callbacks */ 590int custom_ext_error = 0; 591 592static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type, 593 const unsigned char *in, size_t inlen, 594 int *al, void *arg) 595{ 596 if (ext_type == SCT_EXT_TYPE) 597 serverinfo_sct_seen++; 598 else if (ext_type == TACK_EXT_TYPE) 599 serverinfo_tack_seen++; 600 else 601 serverinfo_other_seen++; 602 return 1; 603} 604 605static int verify_serverinfo() 606{ 607 if (serverinfo_sct != serverinfo_sct_seen) 608 return -1; 609 if (serverinfo_tack != serverinfo_tack_seen) 610 return -1; 611 if (serverinfo_other_seen) 612 return -1; 613 return 0; 614} 615 616/*- 617 * Four test cases for custom extensions: 618 * 0 - no ClientHello extension or ServerHello response 619 * 1 - ClientHello with "abc", no response 620 * 2 - ClientHello with "abc", empty response 621 * 3 - ClientHello with "abc", "defg" response 622 */ 623 624static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type, 625 const unsigned char **out, 626 size_t *outlen, int *al, void *arg) 627{ 628 if (ext_type != CUSTOM_EXT_TYPE_0) 629 custom_ext_error = 1; 630 return 0; /* Don't send an extension */ 631} 632 633static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type, 634 const unsigned char *in, 635 size_t inlen, int *al, void *arg) 636{ 637 return 1; 638} 639 640static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type, 641 const unsigned char **out, 642 size_t *outlen, int *al, void *arg) 643{ 644 if (ext_type != CUSTOM_EXT_TYPE_1) 645 custom_ext_error = 1; 646 *out = (const unsigned char *)custom_ext_cli_string; 647 *outlen = strlen(custom_ext_cli_string); 648 return 1; /* Send "abc" */ 649} 650 651static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type, 652 const unsigned char *in, 653 size_t inlen, int *al, void *arg) 654{ 655 return 1; 656} 657 658static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type, 659 const unsigned char **out, 660 size_t *outlen, int *al, void *arg) 661{ 662 if (ext_type != CUSTOM_EXT_TYPE_2) 663 custom_ext_error = 1; 664 *out = (const unsigned char *)custom_ext_cli_string; 665 *outlen = strlen(custom_ext_cli_string); 666 return 1; /* Send "abc" */ 667} 668 669static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type, 670 const unsigned char *in, 671 size_t inlen, int *al, void *arg) 672{ 673 if (ext_type != CUSTOM_EXT_TYPE_2) 674 custom_ext_error = 1; 675 if (inlen != 0) 676 custom_ext_error = 1; /* Should be empty response */ 677 return 1; 678} 679 680static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type, 681 const unsigned char **out, 682 size_t *outlen, int *al, void *arg) 683{ 684 if (ext_type != CUSTOM_EXT_TYPE_3) 685 custom_ext_error = 1; 686 *out = (const unsigned char *)custom_ext_cli_string; 687 *outlen = strlen(custom_ext_cli_string); 688 return 1; /* Send "abc" */ 689} 690 691static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type, 692 const unsigned char *in, 693 size_t inlen, int *al, void *arg) 694{ 695 if (ext_type != CUSTOM_EXT_TYPE_3) 696 custom_ext_error = 1; 697 if (inlen != strlen(custom_ext_srv_string)) 698 custom_ext_error = 1; 699 if (memcmp(custom_ext_srv_string, in, inlen) != 0) 700 custom_ext_error = 1; /* Check for "defg" */ 701 return 1; 702} 703 704/* 705 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback 706 * for this extension 707 */ 708static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type, 709 const unsigned char *in, 710 size_t inlen, int *al, void *arg) 711{ 712 custom_ext_error = 1; 713 return 1; 714} 715 716/* 'add' callbacks are only called if the 'parse' callback is called */ 717static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type, 718 const unsigned char **out, 719 size_t *outlen, int *al, void *arg) 720{ 721 /* Error: should not have been called */ 722 custom_ext_error = 1; 723 return 0; /* Don't send an extension */ 724} 725 726static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type, 727 const unsigned char *in, 728 size_t inlen, int *al, void *arg) 729{ 730 if (ext_type != CUSTOM_EXT_TYPE_1) 731 custom_ext_error = 1; 732 /* Check for "abc" */ 733 if (inlen != strlen(custom_ext_cli_string)) 734 custom_ext_error = 1; 735 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 736 custom_ext_error = 1; 737 return 1; 738} 739 740static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type, 741 const unsigned char **out, 742 size_t *outlen, int *al, void *arg) 743{ 744 return 0; /* Don't send an extension */ 745} 746 747static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type, 748 const unsigned char *in, 749 size_t inlen, int *al, void *arg) 750{ 751 if (ext_type != CUSTOM_EXT_TYPE_2) 752 custom_ext_error = 1; 753 /* Check for "abc" */ 754 if (inlen != strlen(custom_ext_cli_string)) 755 custom_ext_error = 1; 756 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 757 custom_ext_error = 1; 758 return 1; 759} 760 761static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type, 762 const unsigned char **out, 763 size_t *outlen, int *al, void *arg) 764{ 765 *out = NULL; 766 *outlen = 0; 767 return 1; /* Send empty extension */ 768} 769 770static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type, 771 const unsigned char *in, 772 size_t inlen, int *al, void *arg) 773{ 774 if (ext_type != CUSTOM_EXT_TYPE_3) 775 custom_ext_error = 1; 776 /* Check for "abc" */ 777 if (inlen != strlen(custom_ext_cli_string)) 778 custom_ext_error = 1; 779 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 780 custom_ext_error = 1; 781 return 1; 782} 783 784static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type, 785 const unsigned char **out, 786 size_t *outlen, int *al, void *arg) 787{ 788 *out = (const unsigned char *)custom_ext_srv_string; 789 *outlen = strlen(custom_ext_srv_string); 790 return 1; /* Send "defg" */ 791} 792 793static char *cipher = NULL; 794static int verbose = 0; 795static int debug = 0; 796#if 0 797/* Not used yet. */ 798# ifdef FIONBIO 799static int s_nbio = 0; 800# endif 801#endif 802 803static const char rnd_seed[] = 804 "string to make the random number generator think it has entropy"; 805 806int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 807 clock_t *c_time); 808int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 809static int do_test_cipherlist(void); 810static void sv_usage(void) 811{ 812 fprintf(stderr, "usage: ssltest [args ...]\n"); 813 fprintf(stderr, "\n"); 814#ifdef OPENSSL_FIPS 815 fprintf(stderr, "-F - run test in FIPS mode\n"); 816#endif 817 fprintf(stderr, " -server_auth - check server certificate\n"); 818 fprintf(stderr, " -client_auth - do client authentication\n"); 819 fprintf(stderr, " -proxy - allow proxy certificates\n"); 820 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 821 fprintf(stderr, 822 " -proxy_cond <val> - expression to test proxy policy rights\n"); 823 fprintf(stderr, " -v - more output\n"); 824 fprintf(stderr, " -d - debug output\n"); 825 fprintf(stderr, " -reuse - use session-id reuse\n"); 826 fprintf(stderr, " -num <val> - number of connections to perform\n"); 827 fprintf(stderr, 828 " -bytes <val> - number of bytes to swap between client/server\n"); 829#ifndef OPENSSL_NO_DH 830 fprintf(stderr, 831 " -dhe512 - use 512 bit key for DHE (to test failure)\n"); 832 fprintf(stderr, 833 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n"); 834 fprintf(stderr, 835 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 836 fprintf(stderr, " -no_dhe - disable DHE\n"); 837#endif 838#ifndef OPENSSL_NO_ECDH 839 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 840#endif 841#ifndef OPENSSL_NO_PSK 842 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n"); 843#endif 844#ifndef OPENSSL_NO_SRP 845 fprintf(stderr, " -srpuser user - SRP username to use\n"); 846 fprintf(stderr, " -srppass arg - password for 'user'\n"); 847#endif 848#ifndef OPENSSL_NO_SSL2 849 fprintf(stderr, " -ssl2 - use SSLv2\n"); 850#endif 851#ifndef OPENSSL_NO_SSL3_METHOD 852 fprintf(stderr, " -ssl3 - use SSLv3\n"); 853#endif 854#ifndef OPENSSL_NO_TLS1 855 fprintf(stderr, " -tls1 - use TLSv1\n"); 856 fprintf(stderr, " -tls12 - use TLSv1.2\n"); 857#endif 858#ifndef OPENSSL_NO_DTLS 859 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 860 fprintf(stderr, " -dtls12 - use DTLSv1.2\n"); 861#endif 862 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 863 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 864 fprintf(stderr, " -cert arg - Server certificate file\n"); 865 fprintf(stderr, 866 " -key arg - Server key file (default: same as -cert)\n"); 867 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 868 fprintf(stderr, 869 " -c_key arg - Client key file (default: same as -c_cert)\n"); 870 fprintf(stderr, " -cipher arg - The cipher list\n"); 871 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 872 fprintf(stderr, " -f - Test even cases that can't work\n"); 873 fprintf(stderr, 874 " -time - measure processor time used by client and server\n"); 875 fprintf(stderr, " -zlib - use zlib compression\n"); 876 fprintf(stderr, " -rle - use rle compression\n"); 877#ifndef OPENSSL_NO_ECDH 878 fprintf(stderr, 879 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" 880 " Use \"openssl ecparam -list_curves\" for all names\n" 881 " (default is sect163r2).\n"); 882#endif 883 fprintf(stderr, 884 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n" 885 " When this option is requested, the cipherlist\n" 886 " tests are run instead of handshake tests.\n"); 887 fprintf(stderr, " -serverinfo_file file - have server use this file\n"); 888 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n"); 889 fprintf(stderr, 890 " -serverinfo_tack - have client offer and expect TACK\n"); 891 fprintf(stderr, 892 " -custom_ext - try various custom extension callbacks\n"); 893 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 894 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 895 fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n"); 896 fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n"); 897 fprintf(stderr, 898 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 899 fprintf(stderr, " -sn_client <string> - have client request this servername\n"); 900 fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n"); 901 fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n"); 902 fprintf(stderr, " -sn_expect1 - expected server 1\n"); 903 fprintf(stderr, " -sn_expect2 - expected server 2\n"); 904#ifndef OPENSSL_NO_TLSEXT 905 fprintf(stderr, " -s_ticket1 <yes|no|broken> - enable/disable session tickets on context 1\n"); 906 fprintf(stderr, " -s_ticket2 <yes|no> - enable/disable session tickets on context 2\n"); 907 fprintf(stderr, " -c_ticket <yes|no> - enable/disable session tickets on the client\n"); 908 fprintf(stderr, " -ticket_expect <yes|no> - indicate that the client should (or should not) have a ticket\n"); 909#endif 910 fprintf(stderr, " -sni_in_cert_cb - have the server handle SNI in the certificate callback\n"); 911 fprintf(stderr, " -client_sigalgs arg - the signature algorithms to configure on the client\n"); 912 fprintf(stderr, " -server_digest_expect arg - the expected server signing digest\n"); 913} 914 915static void print_details(SSL *c_ssl, const char *prefix) 916{ 917 const SSL_CIPHER *ciph; 918 X509 *cert; 919 920 ciph = SSL_get_current_cipher(c_ssl); 921 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 922 prefix, 923 SSL_get_version(c_ssl), 924 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph)); 925 cert = SSL_get_peer_certificate(c_ssl); 926 if (cert != NULL) { 927 EVP_PKEY *pkey = X509_get_pubkey(cert); 928 if (pkey != NULL) { 929 if (0) ; 930#ifndef OPENSSL_NO_RSA 931 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL 932 && pkey->pkey.rsa->n != NULL) { 933 BIO_printf(bio_stdout, ", %d bit RSA", 934 BN_num_bits(pkey->pkey.rsa->n)); 935 } 936#endif 937#ifndef OPENSSL_NO_DSA 938 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL 939 && pkey->pkey.dsa->p != NULL) { 940 BIO_printf(bio_stdout, ", %d bit DSA", 941 BN_num_bits(pkey->pkey.dsa->p)); 942 } 943#endif 944 EVP_PKEY_free(pkey); 945 } 946 X509_free(cert); 947 } 948 /* 949 * The SSL API does not allow us to look at temporary RSA/DH keys, 950 * otherwise we should print their lengths too 951 */ 952 BIO_printf(bio_stdout, "\n"); 953} 954 955static void lock_dbg_cb(int mode, int type, const char *file, int line) 956{ 957 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ 958 const char *errstr = NULL; 959 int rw; 960 961 rw = mode & (CRYPTO_READ | CRYPTO_WRITE); 962 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) { 963 errstr = "invalid mode"; 964 goto err; 965 } 966 967 if (type < 0 || type >= CRYPTO_NUM_LOCKS) { 968 errstr = "type out of bounds"; 969 goto err; 970 } 971 972 if (mode & CRYPTO_LOCK) { 973 if (modes[type]) { 974 errstr = "already locked"; 975 /* 976 * must not happen in a single-threaded program (would deadlock) 977 */ 978 goto err; 979 } 980 981 modes[type] = rw; 982 } else if (mode & CRYPTO_UNLOCK) { 983 if (!modes[type]) { 984 errstr = "not locked"; 985 goto err; 986 } 987 988 if (modes[type] != rw) { 989 errstr = (rw == CRYPTO_READ) ? 990 "CRYPTO_r_unlock on write lock" : 991 "CRYPTO_w_unlock on read lock"; 992 } 993 994 modes[type] = 0; 995 } else { 996 errstr = "invalid mode"; 997 goto err; 998 } 999 1000 err: 1001 if (errstr) { 1002 /* we cannot use bio_err here */ 1003 fprintf(stderr, 1004 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n", 1005 errstr, mode, type, file, line); 1006 } 1007} 1008 1009#ifdef TLSEXT_TYPE_opaque_prf_input 1010struct cb_info_st { 1011 void *input; 1012 size_t len; 1013 int ret; 1014}; 1015struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */ 1016struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */ 1017struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */ 1018struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */ 1019 1020int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_) 1021{ 1022 struct cb_info_st *arg = arg_; 1023 1024 if (arg == NULL) 1025 return 1; 1026 1027 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len)) 1028 return 0; 1029 return arg->ret; 1030} 1031#endif 1032 1033int main(int argc, char *argv[]) 1034{ 1035 char *CApath = NULL, *CAfile = NULL; 1036 int badop = 0; 1037 int bio_pair = 0; 1038 int force = 0; 1039 int dtls1 = 0, dtls12 = 0, tls1 = 0, tls12 = 0, ssl2 = 0, ssl3 = 0, ret = 1; 1040 int client_auth = 0; 1041 int server_auth = 0, i; 1042 struct app_verify_arg app_verify_arg = 1043 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 1044 char *server_cert = TEST_SERVER_CERT; 1045 char *server_key = NULL; 1046 char *client_cert = TEST_CLIENT_CERT; 1047 char *client_key = NULL; 1048#ifndef OPENSSL_NO_ECDH 1049 char *named_curve = NULL; 1050#endif 1051 SSL_CTX *c_ctx = NULL; 1052 const SSL_METHOD *meth = NULL; 1053 SSL *c_ssl, *s_ssl; 1054 int number = 1, reuse = 0; 1055 long bytes = 256L; 1056#ifndef OPENSSL_NO_DH 1057 DH *dh; 1058 int dhe512 = 0, dhe1024dsa = 0; 1059#endif 1060#ifndef OPENSSL_NO_ECDH 1061 EC_KEY *ecdh = NULL; 1062#endif 1063#ifndef OPENSSL_NO_SRP 1064 /* client */ 1065 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL }; 1066 /* server */ 1067 SRP_SERVER_ARG srp_server_arg = { NULL, NULL }; 1068#endif 1069 int no_dhe = 0; 1070 int no_ecdhe = 0; 1071 int no_psk = 0; 1072 int print_time = 0; 1073 clock_t s_time = 0, c_time = 0; 1074#ifndef OPENSSL_NO_COMP 1075 int comp = 0; 1076 COMP_METHOD *cm = NULL; 1077 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; 1078#endif 1079 int test_cipherlist = 0; 1080#ifdef OPENSSL_FIPS 1081 int fips_mode = 0; 1082#endif 1083 int no_protocol = 0; 1084 1085 verbose = 0; 1086 debug = 0; 1087 cipher = 0; 1088 1089 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); 1090 1091 CRYPTO_set_locking_callback(lock_dbg_cb); 1092 1093 /* enable memory leak checking unless explicitly disabled */ 1094 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) 1095 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) { 1096 CRYPTO_malloc_debug_init(); 1097 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); 1098 } else { 1099 /* OPENSSL_DEBUG_MEMORY=off */ 1100 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); 1101 } 1102 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 1103 1104 RAND_seed(rnd_seed, sizeof rnd_seed); 1105 1106 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); 1107 1108 argc--; 1109 argv++; 1110 1111 while (argc >= 1) { 1112 if (!strcmp(*argv, "-F")) { 1113#ifdef OPENSSL_FIPS 1114 fips_mode = 1; 1115#else 1116 fprintf(stderr, 1117 "not compiled with FIPS support, so exiting without running.\n"); 1118 EXIT(0); 1119#endif 1120 } else if (strcmp(*argv, "-server_auth") == 0) 1121 server_auth = 1; 1122 else if (strcmp(*argv, "-client_auth") == 0) 1123 client_auth = 1; 1124 else if (strcmp(*argv, "-proxy_auth") == 0) { 1125 if (--argc < 1) 1126 goto bad; 1127 app_verify_arg.proxy_auth = *(++argv); 1128 } else if (strcmp(*argv, "-proxy_cond") == 0) { 1129 if (--argc < 1) 1130 goto bad; 1131 app_verify_arg.proxy_cond = *(++argv); 1132 } else if (strcmp(*argv, "-v") == 0) 1133 verbose = 1; 1134 else if (strcmp(*argv, "-d") == 0) 1135 debug = 1; 1136 else if (strcmp(*argv, "-reuse") == 0) 1137 reuse = 1; 1138 else if (strcmp(*argv, "-dhe512") == 0) { 1139#ifndef OPENSSL_NO_DH 1140 dhe512 = 1; 1141#else 1142 fprintf(stderr, 1143 "ignoring -dhe512, since I'm compiled without DH\n"); 1144#endif 1145 } else if (strcmp(*argv, "-dhe1024dsa") == 0) { 1146#ifndef OPENSSL_NO_DH 1147 dhe1024dsa = 1; 1148#else 1149 fprintf(stderr, 1150 "ignoring -dhe1024dsa, since I'm compiled without DH\n"); 1151#endif 1152 } else if (strcmp(*argv, "-no_dhe") == 0) 1153 no_dhe = 1; 1154 else if (strcmp(*argv, "-no_ecdhe") == 0) 1155 no_ecdhe = 1; 1156 else if (strcmp(*argv, "-psk") == 0) { 1157 if (--argc < 1) 1158 goto bad; 1159 psk_key = *(++argv); 1160#ifndef OPENSSL_NO_PSK 1161 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) { 1162 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv); 1163 goto bad; 1164 } 1165#else 1166 no_psk = 1; 1167#endif 1168 } 1169#ifndef OPENSSL_NO_SRP 1170 else if (strcmp(*argv, "-srpuser") == 0) { 1171 if (--argc < 1) 1172 goto bad; 1173 srp_server_arg.expected_user = srp_client_arg.srplogin = 1174 *(++argv); 1175 tls1 = 1; 1176 } else if (strcmp(*argv, "-srppass") == 0) { 1177 if (--argc < 1) 1178 goto bad; 1179 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv); 1180 tls1 = 1; 1181 } 1182#endif 1183 else if (strcmp(*argv, "-ssl2") == 0) { 1184#ifdef OPENSSL_NO_SSL2 1185 no_protocol = 1; 1186#endif 1187 ssl2 = 1; 1188 } else if (strcmp(*argv, "-tls1") == 0) { 1189#ifdef OPENSSL_NO_TLS1 1190 no_protocol = 1; 1191#endif 1192 tls1 = 1; 1193 } else if (strcmp(*argv, "-tls12") == 0) { 1194#ifdef OPENSSL_NO_TLS1 1195 no_protocol = 1; 1196#endif 1197 tls12 = 1; 1198 } else if (strcmp(*argv, "-ssl3") == 0) { 1199#ifdef OPENSSL_NO_SSL3_METHOD 1200 no_protocol = 1; 1201#endif 1202 ssl3 = 1; 1203 } else if (strcmp(*argv, "-dtls1") == 0) { 1204#ifdef OPENSSL_NO_DTLS 1205 no_protocol = 1; 1206#endif 1207 dtls1 = 1; 1208 } else if (strcmp(*argv, "-dtls12") == 0) { 1209#ifdef OPENSSL_NO_DTLS 1210 no_protocol = 1; 1211#endif 1212 dtls12 = 1; 1213 } else if (strncmp(*argv, "-num", 4) == 0) { 1214 if (--argc < 1) 1215 goto bad; 1216 number = atoi(*(++argv)); 1217 if (number == 0) 1218 number = 1; 1219 } else if (strcmp(*argv, "-bytes") == 0) { 1220 if (--argc < 1) 1221 goto bad; 1222 bytes = atol(*(++argv)); 1223 if (bytes == 0L) 1224 bytes = 1L; 1225 i = strlen(argv[0]); 1226 if (argv[0][i - 1] == 'k') 1227 bytes *= 1024L; 1228 if (argv[0][i - 1] == 'm') 1229 bytes *= 1024L * 1024L; 1230 } else if (strcmp(*argv, "-cert") == 0) { 1231 if (--argc < 1) 1232 goto bad; 1233 server_cert = *(++argv); 1234 } else if (strcmp(*argv, "-s_cert") == 0) { 1235 if (--argc < 1) 1236 goto bad; 1237 server_cert = *(++argv); 1238 } else if (strcmp(*argv, "-key") == 0) { 1239 if (--argc < 1) 1240 goto bad; 1241 server_key = *(++argv); 1242 } else if (strcmp(*argv, "-s_key") == 0) { 1243 if (--argc < 1) 1244 goto bad; 1245 server_key = *(++argv); 1246 } else if (strcmp(*argv, "-c_cert") == 0) { 1247 if (--argc < 1) 1248 goto bad; 1249 client_cert = *(++argv); 1250 } else if (strcmp(*argv, "-c_key") == 0) { 1251 if (--argc < 1) 1252 goto bad; 1253 client_key = *(++argv); 1254 } else if (strcmp(*argv, "-cipher") == 0) { 1255 if (--argc < 1) 1256 goto bad; 1257 cipher = *(++argv); 1258 } else if (strcmp(*argv, "-CApath") == 0) { 1259 if (--argc < 1) 1260 goto bad; 1261 CApath = *(++argv); 1262 } else if (strcmp(*argv, "-CAfile") == 0) { 1263 if (--argc < 1) 1264 goto bad; 1265 CAfile = *(++argv); 1266 } else if (strcmp(*argv, "-bio_pair") == 0) { 1267 bio_pair = 1; 1268 } else if (strcmp(*argv, "-f") == 0) { 1269 force = 1; 1270 } else if (strcmp(*argv, "-time") == 0) { 1271 print_time = 1; 1272 } 1273 else if (strcmp(*argv, "-zlib") == 0) { 1274#ifndef OPENSSL_NO_COMP 1275 comp = COMP_ZLIB; 1276#else 1277 fprintf(stderr, 1278 "ignoring -zlib, since I'm compiled without COMP\n"); 1279#endif 1280 } else if (strcmp(*argv, "-rle") == 0) { 1281#ifndef OPENSSL_NO_COMP 1282 comp = COMP_RLE; 1283#else 1284 fprintf(stderr, 1285 "ignoring -rle, since I'm compiled without COMP\n"); 1286#endif 1287 } 1288 else if (strcmp(*argv, "-named_curve") == 0) { 1289 if (--argc < 1) 1290 goto bad; 1291#ifndef OPENSSL_NO_ECDH 1292 named_curve = *(++argv); 1293#else 1294 fprintf(stderr, 1295 "ignoring -named_curve, since I'm compiled without ECDH\n"); 1296 ++argv; 1297#endif 1298 } else if (strcmp(*argv, "-app_verify") == 0) { 1299 app_verify_arg.app_verify = 1; 1300 } else if (strcmp(*argv, "-proxy") == 0) { 1301 app_verify_arg.allow_proxy_certs = 1; 1302 } else if (strcmp(*argv, "-test_cipherlist") == 0) { 1303 test_cipherlist = 1; 1304 } else if (strcmp(*argv, "-serverinfo_sct") == 0) { 1305 serverinfo_sct = 1; 1306 } else if (strcmp(*argv, "-serverinfo_tack") == 0) { 1307 serverinfo_tack = 1; 1308 } else if (strcmp(*argv, "-serverinfo_file") == 0) { 1309 if (--argc < 1) 1310 goto bad; 1311 serverinfo_file = *(++argv); 1312 } else if (strcmp(*argv, "-custom_ext") == 0) { 1313 custom_ext = 1; 1314 } else if (strcmp(*argv, "-alpn_client") == 0) { 1315 if (--argc < 1) 1316 goto bad; 1317 alpn_client = *(++argv); 1318 } else if (strcmp(*argv, "-alpn_server") == 0 || 1319 strcmp(*argv, "-alpn_server1") == 0) { 1320 if (--argc < 1) 1321 goto bad; 1322 alpn_server = *(++argv); 1323 } else if (strcmp(*argv, "-alpn_server2") == 0) { 1324 if (--argc < 1) 1325 goto bad; 1326 alpn_server2 = *(++argv); 1327 } else if (strcmp(*argv, "-alpn_expected") == 0) { 1328 if (--argc < 1) 1329 goto bad; 1330 alpn_expected = *(++argv); 1331 } else if (strcmp(*argv, "-sn_client") == 0) { 1332 if (--argc < 1) 1333 goto bad; 1334 sn_client = *(++argv); 1335 } else if (strcmp(*argv, "-sn_server1") == 0) { 1336 if (--argc < 1) 1337 goto bad; 1338 sn_server1 = *(++argv); 1339 } else if (strcmp(*argv, "-sn_server2") == 0) { 1340 if (--argc < 1) 1341 goto bad; 1342 sn_server2 = *(++argv); 1343 } else if (strcmp(*argv, "-sn_expect1") == 0) { 1344 sn_expect = 1; 1345 } else if (strcmp(*argv, "-sn_expect2") == 0) { 1346 sn_expect = 2; 1347#ifndef OPENSSL_NO_TLSEXT 1348 } else if (strcmp(*argv, "-s_ticket1") == 0) { 1349 if (--argc < 1) 1350 goto bad; 1351 argv++; 1352 if (strcmp(*argv, "yes") == 0) 1353 s_ticket1 = 1; 1354 if (strcmp(*argv, "broken") == 0) 1355 s_ticket1 = 2; 1356 } else if (strcmp(*argv, "-s_ticket2") == 0) { 1357 if (--argc < 1) 1358 goto bad; 1359 argv++; 1360 if (strcmp(*argv, "yes") == 0) 1361 s_ticket2 = 1; 1362 } else if (strcmp(*argv, "-c_ticket") == 0) { 1363 if (--argc < 1) 1364 goto bad; 1365 argv++; 1366 if (strcmp(*argv, "yes") == 0) 1367 c_ticket = 1; 1368 } else if (strcmp(*argv, "-ticket_expect") == 0) { 1369 if (--argc < 1) 1370 goto bad; 1371 argv++; 1372 if (strcmp(*argv, "yes") == 0) 1373 ticket_expect = 1; 1374 else if (strcmp(*argv, "no") == 0) 1375 ticket_expect = 0; 1376#endif 1377 } else if (strcmp(*argv, "-sni_in_cert_cb") == 0) { 1378 sni_in_cert_cb = 1; 1379 } else if (strcmp(*argv, "-client_sigalgs") == 0) { 1380 if (--argc < 1) 1381 goto bad; 1382 client_sigalgs = *(++argv); 1383 } else if (strcmp(*argv, "-server_digest_expect") == 0) { 1384 if (--argc < 1) 1385 goto bad; 1386 server_digest_expect = *(++argv); 1387 } else { 1388 fprintf(stderr, "unknown option %s\n", *argv); 1389 badop = 1; 1390 break; 1391 } 1392 argc--; 1393 argv++; 1394 } 1395 if (badop) { 1396 bad: 1397 sv_usage(); 1398 goto end; 1399 } 1400 1401 /* 1402 * test_cipherlist prevails over protocol switch: we test the cipherlist 1403 * for all enabled protocols. 1404 */ 1405 if (test_cipherlist == 1) { 1406 /* 1407 * ensure that the cipher list are correctly sorted and exit 1408 */ 1409 fprintf(stdout, "Testing cipherlist order only. Ignoring all " 1410 "other options.\n"); 1411 if (do_test_cipherlist() == 0) 1412 EXIT(1); 1413 ret = 0; 1414 goto end; 1415 } 1416 1417 if (ssl2 + ssl3 + tls1 + tls12 + dtls1 + dtls12 > 1) { 1418 fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -tls12, -dtls1 or " 1419 "-dtls12 should be requested.\n"); 1420 EXIT(1); 1421 } 1422 1423 /* 1424 * Testing was requested for a compiled-out protocol (e.g. SSLv2). 1425 * Ideally, we would error out, but the generic test wrapper can't know 1426 * when to expect failure. So we do nothing and return success. 1427 */ 1428 if (no_protocol) { 1429 fprintf(stderr, "Testing was requested for a disabled protocol. " 1430 "Skipping tests.\n"); 1431 ret = 0; 1432 goto end; 1433 } 1434 1435 if (!ssl2 && !ssl3 && !tls1 && !tls12 && !dtls1 && !dtls12 && number > 1 1436 && !reuse && !force) { 1437 fprintf(stderr, "This case cannot work. Use -f to perform " 1438 "the test anyway (and\n-d to see what happens), " 1439 "or add one of ssl2, -ssl3, -tls1, -tls12, -dtls1, -dtls12, -reuse\n" 1440 "to avoid protocol mismatch.\n"); 1441 EXIT(1); 1442 } 1443#ifdef OPENSSL_FIPS 1444 if (fips_mode) { 1445 if (!FIPS_mode_set(1)) { 1446 ERR_load_crypto_strings(); 1447 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE)); 1448 EXIT(1); 1449 } else 1450 fprintf(stderr, "*** IN FIPS MODE ***\n"); 1451 } 1452#endif 1453 1454 if (print_time) { 1455 if (!bio_pair) { 1456 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 1457 bio_pair = 1; 1458 } 1459 if (number < 50 && !force) 1460 fprintf(stderr, 1461 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 1462 } 1463 1464/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 1465 1466 SSL_library_init(); 1467 SSL_load_error_strings(); 1468 1469#ifndef OPENSSL_NO_COMP 1470 if (comp == COMP_ZLIB) 1471 cm = COMP_zlib(); 1472 if (comp == COMP_RLE) 1473 cm = COMP_rle(); 1474 if (cm != NULL) { 1475 if (cm->type != NID_undef) { 1476 if (SSL_COMP_add_compression_method(comp, cm) != 0) { 1477 fprintf(stderr, "Failed to add compression method\n"); 1478 ERR_print_errors_fp(stderr); 1479 } 1480 } else { 1481 fprintf(stderr, 1482 "Warning: %s compression not supported\n", 1483 (comp == COMP_RLE ? "rle" : 1484 (comp == COMP_ZLIB ? "zlib" : "unknown"))); 1485 ERR_print_errors_fp(stderr); 1486 } 1487 } 1488 ssl_comp_methods = SSL_COMP_get_compression_methods(); 1489 fprintf(stderr, "Available compression methods:\n"); 1490 { 1491 int j, n = sk_SSL_COMP_num(ssl_comp_methods); 1492 if (n == 0) 1493 fprintf(stderr, " NONE\n"); 1494 else 1495 for (j = 0; j < n; j++) { 1496 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); 1497 fprintf(stderr, " %d: %s\n", c->id, c->name); 1498 } 1499 } 1500#endif 1501 1502 /* 1503 * At this point, ssl2/ssl3/tls1/tls12 is only set if the protocol is 1504 * available. (Otherwise we exit early.) However the compiler doesn't 1505 * know this, so we ifdef. 1506 */ 1507#ifndef OPENSSL_NO_SSL2 1508 if (ssl2) 1509 meth = SSLv2_method(); 1510 else 1511#endif 1512#ifndef OPENSSL_NO_SSL3 1513 if (ssl3) 1514 meth = SSLv3_method(); 1515 else 1516#endif 1517#ifndef OPENSSL_NO_DTLS 1518 if (dtls1) 1519 meth = DTLSv1_method(); 1520 else if (dtls12) 1521 meth = DTLSv1_2_method(); 1522 else 1523#endif 1524#ifndef OPENSSL_NO_TLS1 1525 if (tls1) 1526 meth = TLSv1_method(); 1527 else if (tls12) 1528 meth = TLSv1_2_method(); 1529 else 1530#endif 1531 meth = SSLv23_method(); 1532 1533 c_ctx = SSL_CTX_new(meth); 1534 s_ctx = SSL_CTX_new(meth); 1535 s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */ 1536 if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) { 1537 ERR_print_errors(bio_err); 1538 goto end; 1539 } 1540 1541 if (cipher != NULL) { 1542 SSL_CTX_set_cipher_list(c_ctx, cipher); 1543 SSL_CTX_set_cipher_list(s_ctx, cipher); 1544 SSL_CTX_set_cipher_list(s_ctx2, cipher); 1545 } 1546 1547#ifndef OPENSSL_NO_DH 1548 if (!no_dhe) { 1549 if (dhe1024dsa) { 1550 /* 1551 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks 1552 */ 1553 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 1554 SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_DH_USE); 1555 dh = get_dh1024dsa(); 1556 } else if (dhe512) 1557 dh = get_dh512(); 1558 else 1559 dh = get_dh1024(); 1560 SSL_CTX_set_tmp_dh(s_ctx, dh); 1561 SSL_CTX_set_tmp_dh(s_ctx2, dh); 1562 DH_free(dh); 1563 } 1564#else 1565 (void)no_dhe; 1566#endif 1567 1568#ifndef OPENSSL_NO_ECDH 1569 if (!no_ecdhe) { 1570 int nid; 1571 1572 if (named_curve != NULL) { 1573 nid = OBJ_sn2nid(named_curve); 1574 if (nid == 0) { 1575 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 1576 goto end; 1577 } 1578 } else { 1579 nid = NID_X9_62_prime256v1; 1580 } 1581 1582 ecdh = EC_KEY_new_by_curve_name(nid); 1583 if (ecdh == NULL) { 1584 BIO_printf(bio_err, "unable to create curve\n"); 1585 goto end; 1586 } 1587 1588 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 1589 SSL_CTX_set_tmp_ecdh(s_ctx2, ecdh); 1590 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 1591 SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_ECDH_USE); 1592 EC_KEY_free(ecdh); 1593 } 1594#else 1595 (void)no_ecdhe; 1596#endif 1597 1598#ifndef OPENSSL_NO_RSA 1599 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); 1600 SSL_CTX_set_tmp_rsa_callback(s_ctx2, tmp_rsa_cb); 1601#endif 1602 1603#ifdef TLSEXT_TYPE_opaque_prf_input 1604 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb); 1605 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb); 1606 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx2, opaque_prf_input_cb); 1607 /* or &co2 or NULL */ 1608 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); 1609 /* or &so2 or NULL */ 1610 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); 1611 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx2, &so1); 1612#endif 1613 1614 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) { 1615 ERR_print_errors(bio_err); 1616 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 1617 (server_key ? server_key : 1618 server_cert), 1619 SSL_FILETYPE_PEM)) { 1620 ERR_print_errors(bio_err); 1621 goto end; 1622 } 1623 1624 if (!SSL_CTX_use_certificate_file(s_ctx2, server_cert, SSL_FILETYPE_PEM)) { 1625 ERR_print_errors(bio_err); 1626 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx2, 1627 (server_key ? server_key : 1628 server_cert), 1629 SSL_FILETYPE_PEM)) { 1630 ERR_print_errors(bio_err); 1631 goto end; 1632 } 1633 1634 if (client_auth) { 1635 SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM); 1636 SSL_CTX_use_PrivateKey_file(c_ctx, 1637 (client_key ? client_key : client_cert), 1638 SSL_FILETYPE_PEM); 1639 } 1640 1641 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 1642 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 1643 (!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) || 1644 (!SSL_CTX_set_default_verify_paths(s_ctx2)) || 1645 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 1646 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 1647 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 1648 ERR_print_errors(bio_err); 1649 /* goto end; */ 1650 } 1651 1652 if (client_auth) { 1653 BIO_printf(bio_err, "client authentication\n"); 1654 SSL_CTX_set_verify(s_ctx, 1655 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 1656 verify_callback); 1657 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 1658 &app_verify_arg); 1659 SSL_CTX_set_verify(s_ctx2, 1660 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 1661 verify_callback); 1662 SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback, 1663 &app_verify_arg); 1664 } 1665 if (server_auth) { 1666 BIO_printf(bio_err, "server authentication\n"); 1667 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback); 1668 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 1669 &app_verify_arg); 1670 } 1671 1672 { 1673 int session_id_context = 0; 1674 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, 1675 sizeof session_id_context); 1676 SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context, 1677 sizeof session_id_context); 1678 } 1679 1680 /* Use PSK only if PSK key is given */ 1681 if (psk_key != NULL) { 1682 /* 1683 * no_psk is used to avoid putting psk command to openssl tool 1684 */ 1685 if (no_psk) { 1686 /* 1687 * if PSK is not compiled in and psk key is given, do nothing and 1688 * exit successfully 1689 */ 1690 ret = 0; 1691 goto end; 1692 } 1693#ifndef OPENSSL_NO_PSK 1694 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback); 1695 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback); 1696 SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback); 1697 if (debug) 1698 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n"); 1699 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) { 1700 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n"); 1701 ERR_print_errors(bio_err); 1702 goto end; 1703 } 1704 if (!SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) { 1705 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx2\n"); 1706 ERR_print_errors(bio_err); 1707 goto end; 1708 } 1709#endif 1710 } 1711#ifndef OPENSSL_NO_SRP 1712 if (srp_client_arg.srplogin) { 1713 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) { 1714 BIO_printf(bio_err, "Unable to set SRP username\n"); 1715 goto end; 1716 } 1717 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg); 1718 SSL_CTX_set_srp_client_pwd_callback(c_ctx, 1719 ssl_give_srp_client_pwd_cb); 1720 /* 1721 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength); 1722 */ 1723 } 1724 1725 if (srp_server_arg.expected_user != NULL) { 1726 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback); 1727 SSL_CTX_set_verify(s_ctx2, SSL_VERIFY_NONE, verify_callback); 1728 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg); 1729 SSL_CTX_set_srp_cb_arg(s_ctx2, &srp_server_arg); 1730 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb); 1731 SSL_CTX_set_srp_username_callback(s_ctx2, ssl_srp_server_param_cb); 1732 } 1733#endif 1734 1735 if (serverinfo_sct) 1736 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE, 1737 NULL, NULL, NULL, 1738 serverinfo_cli_parse_cb, NULL); 1739 if (serverinfo_tack) 1740 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE, 1741 NULL, NULL, NULL, 1742 serverinfo_cli_parse_cb, NULL); 1743 1744 if (serverinfo_file) { 1745 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) { 1746 BIO_printf(bio_err, "missing serverinfo file\n"); 1747 goto end; 1748 } 1749 if (!SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) { 1750 BIO_printf(bio_err, "missing serverinfo file\n"); 1751 goto end; 1752 } 1753 } 1754 1755 if (custom_ext) { 1756 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0, 1757 custom_ext_0_cli_add_cb, 1758 NULL, NULL, 1759 custom_ext_0_cli_parse_cb, NULL); 1760 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1, 1761 custom_ext_1_cli_add_cb, 1762 NULL, NULL, 1763 custom_ext_1_cli_parse_cb, NULL); 1764 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2, 1765 custom_ext_2_cli_add_cb, 1766 NULL, NULL, 1767 custom_ext_2_cli_parse_cb, NULL); 1768 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3, 1769 custom_ext_3_cli_add_cb, 1770 NULL, NULL, 1771 custom_ext_3_cli_parse_cb, NULL); 1772 1773 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0, 1774 custom_ext_0_srv_add_cb, 1775 NULL, NULL, 1776 custom_ext_0_srv_parse_cb, NULL); 1777 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1, 1778 custom_ext_1_srv_add_cb, 1779 NULL, NULL, 1780 custom_ext_1_srv_parse_cb, NULL); 1781 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2, 1782 custom_ext_2_srv_add_cb, 1783 NULL, NULL, 1784 custom_ext_2_srv_parse_cb, NULL); 1785 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3, 1786 custom_ext_3_srv_add_cb, 1787 NULL, NULL, 1788 custom_ext_3_srv_parse_cb, NULL); 1789 1790 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0, 1791 custom_ext_0_srv_add_cb, 1792 NULL, NULL, 1793 custom_ext_0_srv_parse_cb, NULL); 1794 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1, 1795 custom_ext_1_srv_add_cb, 1796 NULL, NULL, 1797 custom_ext_1_srv_parse_cb, NULL); 1798 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2, 1799 custom_ext_2_srv_add_cb, 1800 NULL, NULL, 1801 custom_ext_2_srv_parse_cb, NULL); 1802 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3, 1803 custom_ext_3_srv_add_cb, 1804 NULL, NULL, 1805 custom_ext_3_srv_parse_cb, NULL); 1806 } 1807 1808 if (alpn_server) 1809 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server); 1810 if (alpn_server2) 1811 SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2); 1812 1813 if (alpn_client) { 1814 unsigned short alpn_len; 1815 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 1816 1817 if (alpn == NULL) { 1818 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 1819 goto end; 1820 } 1821 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); 1822 OPENSSL_free(alpn); 1823 } 1824 1825 if (sn_server1 || sn_server2) { 1826 if (sni_in_cert_cb) 1827 SSL_CTX_set_cert_cb(s_ctx, cert_cb, NULL); 1828 else 1829 SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb); 1830 } 1831 1832#ifndef OPENSSL_NO_TLSEXT 1833 if (s_ticket1 == 0) 1834 SSL_CTX_set_options(s_ctx, SSL_OP_NO_TICKET); 1835 /* always set the callback */ 1836 if (s_ticket1 == 2) 1837 SSL_CTX_set_tlsext_ticket_key_cb(s_ctx, cb_ticket0); 1838 else 1839 SSL_CTX_set_tlsext_ticket_key_cb(s_ctx, cb_ticket1); 1840 1841 if (!s_ticket2) 1842 SSL_CTX_set_options(s_ctx2, SSL_OP_NO_TICKET); 1843 /* always set the callback - this should never be called */ 1844 SSL_CTX_set_tlsext_ticket_key_cb(s_ctx2, cb_ticket2); 1845 1846 if (!c_ticket) 1847 SSL_CTX_set_options(c_ctx, SSL_OP_NO_TICKET); 1848#endif 1849 1850 if (client_sigalgs != NULL) 1851 SSL_CTX_set1_sigalgs_list(c_ctx, client_sigalgs); 1852 1853 c_ssl = SSL_new(c_ctx); 1854 s_ssl = SSL_new(s_ctx); 1855 1856 if (sn_client) 1857 SSL_set_tlsext_host_name(c_ssl, sn_client); 1858 1859#ifndef OPENSSL_NO_KRB5 1860 if (c_ssl && c_ssl->kssl_ctx) { 1861 char localhost[MAXHOSTNAMELEN + 2]; 1862 1863 if (gethostname(localhost, sizeof localhost - 1) == 0) { 1864 localhost[sizeof localhost - 1] = '\0'; 1865 if (strlen(localhost) == sizeof localhost - 1) { 1866 BIO_printf(bio_err, "localhost name too long\n"); 1867 goto end; 1868 } 1869 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost); 1870 } 1871 } 1872#endif /* OPENSSL_NO_KRB5 */ 1873 1874 for (i = 0; i < number; i++) { 1875 if (!reuse) 1876 SSL_set_session(c_ssl, NULL); 1877 if (bio_pair) 1878 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time); 1879 else 1880 ret = doit(s_ssl, c_ssl, bytes); 1881 } 1882 1883 if (!verbose) { 1884 print_details(c_ssl, ""); 1885 } 1886 if ((number > 1) || (bytes > 1L)) 1887 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number, 1888 bytes); 1889 if (print_time) { 1890#ifdef CLOCKS_PER_SEC 1891 /* 1892 * "To determine the time in seconds, the value returned by the clock 1893 * function should be divided by the value of the macro 1894 * CLOCKS_PER_SEC." -- ISO/IEC 9899 1895 */ 1896 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n" 1897 "Approximate total client time: %6.2f s\n", 1898 (double)s_time / CLOCKS_PER_SEC, 1899 (double)c_time / CLOCKS_PER_SEC); 1900#else 1901 /* 1902 * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on 1903 * NeXTstep/OpenStep 1904 */ 1905 BIO_printf(bio_stdout, 1906 "Approximate total server time: %6.2f units\n" 1907 "Approximate total client time: %6.2f units\n", 1908 (double)s_time, (double)c_time); 1909#endif 1910 } 1911 1912 if (verify_alpn(c_ssl, s_ssl) < 0) 1913 ret = 1; 1914 if (verify_servername(c_ssl, s_ssl) < 0) 1915 ret = 1; 1916 if (verify_ticket(c_ssl) < 0) 1917 ret = 1; 1918 if (verify_server_digest(c_ssl) < 0) 1919 ret = 1; 1920 1921 SSL_free(s_ssl); 1922 SSL_free(c_ssl); 1923 1924 end: 1925 if (s_ctx != NULL) 1926 SSL_CTX_free(s_ctx); 1927 if (s_ctx2 != NULL) 1928 SSL_CTX_free(s_ctx2); 1929 if (c_ctx != NULL) 1930 SSL_CTX_free(c_ctx); 1931 1932 if (bio_stdout != NULL) 1933 BIO_free(bio_stdout); 1934 1935#ifndef OPENSSL_NO_RSA 1936 free_tmp_rsa(); 1937#endif 1938#ifndef OPENSSL_NO_ENGINE 1939 ENGINE_cleanup(); 1940#endif 1941 CRYPTO_cleanup_all_ex_data(); 1942 ERR_free_strings(); 1943 ERR_remove_thread_state(NULL); 1944 EVP_cleanup(); 1945 CRYPTO_mem_leaks(bio_err); 1946 if (bio_err != NULL) 1947 BIO_free(bio_err); 1948 EXIT(ret); 1949 return ret; 1950} 1951 1952int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, 1953 clock_t *s_time, clock_t *c_time) 1954{ 1955 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 1956 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 1957 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL; 1958 int ret = 1; 1959 1960 size_t bufsiz = 256; /* small buffer for testing */ 1961 1962 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 1963 goto err; 1964 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 1965 goto err; 1966 1967 s_ssl_bio = BIO_new(BIO_f_ssl()); 1968 if (!s_ssl_bio) 1969 goto err; 1970 1971 c_ssl_bio = BIO_new(BIO_f_ssl()); 1972 if (!c_ssl_bio) 1973 goto err; 1974 1975 SSL_set_connect_state(c_ssl); 1976 SSL_set_bio(c_ssl, client, client); 1977 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 1978 1979 SSL_set_accept_state(s_ssl); 1980 SSL_set_bio(s_ssl, server, server); 1981 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 1982 1983 do { 1984 /*- 1985 * c_ssl_bio: SSL filter BIO 1986 * 1987 * client: pseudo-I/O for SSL library 1988 * 1989 * client_io: client's SSL communication; usually to be 1990 * relayed over some I/O facility, but in this 1991 * test program, we're the server, too: 1992 * 1993 * server_io: server's SSL communication 1994 * 1995 * server: pseudo-I/O for SSL library 1996 * 1997 * s_ssl_bio: SSL filter BIO 1998 * 1999 * The client and the server each employ a "BIO pair": 2000 * client + client_io, server + server_io. 2001 * BIO pairs are symmetric. A BIO pair behaves similar 2002 * to a non-blocking socketpair (but both endpoints must 2003 * be handled by the same thread). 2004 * [Here we could connect client and server to the ends 2005 * of a single BIO pair, but then this code would be less 2006 * suitable as an example for BIO pairs in general.] 2007 * 2008 * Useful functions for querying the state of BIO pair endpoints: 2009 * 2010 * BIO_ctrl_pending(bio) number of bytes we can read now 2011 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 2012 * other side's read attempt 2013 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 2014 * 2015 * ..._read_request is never more than ..._write_guarantee; 2016 * it depends on the application which one you should use. 2017 */ 2018 2019 /* 2020 * We have non-blocking behaviour throughout this test program, but 2021 * can be sure that there is *some* progress in each iteration; so we 2022 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE -- 2023 * we just try everything in each iteration 2024 */ 2025 2026 { 2027 /* CLIENT */ 2028 2029 MS_STATIC char cbuf[1024 * 8]; 2030 int i, r; 2031 clock_t c_clock = clock(); 2032 2033 memset(cbuf, 0, sizeof(cbuf)); 2034 2035 if (debug) 2036 if (SSL_in_init(c_ssl)) 2037 printf("client waiting in SSL_connect - %s\n", 2038 SSL_state_string_long(c_ssl)); 2039 2040 if (cw_num > 0) { 2041 /* Write to server. */ 2042 2043 if (cw_num > (long)sizeof cbuf) 2044 i = sizeof cbuf; 2045 else 2046 i = (int)cw_num; 2047 r = BIO_write(c_ssl_bio, cbuf, i); 2048 if (r < 0) { 2049 if (!BIO_should_retry(c_ssl_bio)) { 2050 fprintf(stderr, "ERROR in CLIENT\n"); 2051 goto err; 2052 } 2053 /* 2054 * BIO_should_retry(...) can just be ignored here. The 2055 * library expects us to call BIO_write with the same 2056 * arguments again, and that's what we will do in the 2057 * next iteration. 2058 */ 2059 } else if (r == 0) { 2060 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2061 goto err; 2062 } else { 2063 if (debug) 2064 printf("client wrote %d\n", r); 2065 cw_num -= r; 2066 } 2067 } 2068 2069 if (cr_num > 0) { 2070 /* Read from server. */ 2071 2072 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 2073 if (r < 0) { 2074 if (!BIO_should_retry(c_ssl_bio)) { 2075 fprintf(stderr, "ERROR in CLIENT\n"); 2076 goto err; 2077 } 2078 /* 2079 * Again, "BIO_should_retry" can be ignored. 2080 */ 2081 } else if (r == 0) { 2082 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2083 goto err; 2084 } else { 2085 if (debug) 2086 printf("client read %d\n", r); 2087 cr_num -= r; 2088 } 2089 } 2090 2091 /* 2092 * c_time and s_time increments will typically be very small 2093 * (depending on machine speed and clock tick intervals), but 2094 * sampling over a large number of connections should result in 2095 * fairly accurate figures. We cannot guarantee a lot, however 2096 * -- if each connection lasts for exactly one clock tick, it 2097 * will be counted only for the client or only for the server or 2098 * even not at all. 2099 */ 2100 *c_time += (clock() - c_clock); 2101 } 2102 2103 { 2104 /* SERVER */ 2105 2106 MS_STATIC char sbuf[1024 * 8]; 2107 int i, r; 2108 clock_t s_clock = clock(); 2109 2110 memset(sbuf, 0, sizeof(sbuf)); 2111 2112 if (debug) 2113 if (SSL_in_init(s_ssl)) 2114 printf("server waiting in SSL_accept - %s\n", 2115 SSL_state_string_long(s_ssl)); 2116 2117 if (sw_num > 0) { 2118 /* Write to client. */ 2119 2120 if (sw_num > (long)sizeof sbuf) 2121 i = sizeof sbuf; 2122 else 2123 i = (int)sw_num; 2124 r = BIO_write(s_ssl_bio, sbuf, i); 2125 if (r < 0) { 2126 if (!BIO_should_retry(s_ssl_bio)) { 2127 fprintf(stderr, "ERROR in SERVER\n"); 2128 goto err; 2129 } 2130 /* Ignore "BIO_should_retry". */ 2131 } else if (r == 0) { 2132 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 2133 goto err; 2134 } else { 2135 if (debug) 2136 printf("server wrote %d\n", r); 2137 sw_num -= r; 2138 } 2139 } 2140 2141 if (sr_num > 0) { 2142 /* Read from client. */ 2143 2144 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 2145 if (r < 0) { 2146 if (!BIO_should_retry(s_ssl_bio)) { 2147 fprintf(stderr, "ERROR in SERVER\n"); 2148 goto err; 2149 } 2150 /* blah, blah */ 2151 } else if (r == 0) { 2152 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 2153 goto err; 2154 } else { 2155 if (debug) 2156 printf("server read %d\n", r); 2157 sr_num -= r; 2158 } 2159 } 2160 2161 *s_time += (clock() - s_clock); 2162 } 2163 2164 { 2165 /* "I/O" BETWEEN CLIENT AND SERVER. */ 2166 2167 size_t r1, r2; 2168 BIO *io1 = server_io, *io2 = client_io; 2169 /* 2170 * we use the non-copying interface for io1 and the standard 2171 * BIO_write/BIO_read interface for io2 2172 */ 2173 2174 static int prev_progress = 1; 2175 int progress = 0; 2176 2177 /* io1 to io2 */ 2178 do { 2179 size_t num; 2180 int r; 2181 2182 r1 = BIO_ctrl_pending(io1); 2183 r2 = BIO_ctrl_get_write_guarantee(io2); 2184 2185 num = r1; 2186 if (r2 < num) 2187 num = r2; 2188 if (num) { 2189 char *dataptr; 2190 2191 if (INT_MAX < num) /* yeah, right */ 2192 num = INT_MAX; 2193 2194 r = BIO_nread(io1, &dataptr, (int)num); 2195 assert(r > 0); 2196 assert(r <= (int)num); 2197 /* 2198 * possibly r < num (non-contiguous data) 2199 */ 2200 num = r; 2201 r = BIO_write(io2, dataptr, (int)num); 2202 if (r != (int)num) { /* can't happen */ 2203 fprintf(stderr, "ERROR: BIO_write could not write " 2204 "BIO_ctrl_get_write_guarantee() bytes"); 2205 goto err; 2206 } 2207 progress = 1; 2208 2209 if (debug) 2210 printf((io1 == client_io) ? 2211 "C->S relaying: %d bytes\n" : 2212 "S->C relaying: %d bytes\n", (int)num); 2213 } 2214 } 2215 while (r1 && r2); 2216 2217 /* io2 to io1 */ 2218 { 2219 size_t num; 2220 int r; 2221 2222 r1 = BIO_ctrl_pending(io2); 2223 r2 = BIO_ctrl_get_read_request(io1); 2224 /* 2225 * here we could use ..._get_write_guarantee instead of 2226 * ..._get_read_request, but by using the latter we test 2227 * restartability of the SSL implementation more thoroughly 2228 */ 2229 num = r1; 2230 if (r2 < num) 2231 num = r2; 2232 if (num) { 2233 char *dataptr; 2234 2235 if (INT_MAX < num) 2236 num = INT_MAX; 2237 2238 if (num > 1) 2239 --num; /* test restartability even more thoroughly */ 2240 2241 r = BIO_nwrite0(io1, &dataptr); 2242 assert(r > 0); 2243 if (r < (int)num) 2244 num = r; 2245 r = BIO_read(io2, dataptr, (int)num); 2246 if (r != (int)num) { /* can't happen */ 2247 fprintf(stderr, "ERROR: BIO_read could not read " 2248 "BIO_ctrl_pending() bytes"); 2249 goto err; 2250 } 2251 progress = 1; 2252 r = BIO_nwrite(io1, &dataptr, (int)num); 2253 if (r != (int)num) { /* can't happen */ 2254 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 2255 "BIO_nwrite0() bytes"); 2256 goto err; 2257 } 2258 2259 if (debug) 2260 printf((io2 == client_io) ? 2261 "C->S relaying: %d bytes\n" : 2262 "S->C relaying: %d bytes\n", (int)num); 2263 } 2264 } /* no loop, BIO_ctrl_get_read_request now 2265 * returns 0 anyway */ 2266 2267 if (!progress && !prev_progress) 2268 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 2269 fprintf(stderr, "ERROR: got stuck\n"); 2270 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) { 2271 fprintf(stderr, "This can happen for SSL2 because " 2272 "CLIENT-FINISHED and SERVER-VERIFY are written \n" 2273 "concurrently ..."); 2274 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 2275 && strncmp("2SSV", SSL_state_string(s_ssl), 2276 4) == 0) { 2277 fprintf(stderr, " ok.\n"); 2278 goto end; 2279 } 2280 } 2281 fprintf(stderr, " ERROR.\n"); 2282 goto err; 2283 } 2284 prev_progress = progress; 2285 } 2286 } 2287 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 2288 2289 if (verbose) 2290 print_details(c_ssl, "DONE via BIO pair: "); 2291 2292 if (verify_serverinfo() < 0) { 2293 ret = 1; 2294 goto err; 2295 } 2296 2297 if (custom_ext_error) { 2298 ret = 1; 2299 goto err; 2300 } 2301 2302 end: 2303 ret = 0; 2304 2305 err: 2306 ERR_print_errors(bio_err); 2307 2308 if (server) 2309 BIO_free(server); 2310 if (server_io) 2311 BIO_free(server_io); 2312 if (client) 2313 BIO_free(client); 2314 if (client_io) 2315 BIO_free(client_io); 2316 if (s_ssl_bio) 2317 BIO_free(s_ssl_bio); 2318 if (c_ssl_bio) 2319 BIO_free(c_ssl_bio); 2320 2321 return ret; 2322} 2323 2324#define W_READ 1 2325#define W_WRITE 2 2326#define C_DONE 1 2327#define S_DONE 2 2328 2329int doit(SSL *s_ssl, SSL *c_ssl, long count) 2330{ 2331 char *cbuf = NULL, *sbuf = NULL; 2332 long bufsiz; 2333 long cw_num = count, cr_num = count; 2334 long sw_num = count, sr_num = count; 2335 int ret = 1; 2336 BIO *c_to_s = NULL; 2337 BIO *s_to_c = NULL; 2338 BIO *c_bio = NULL; 2339 BIO *s_bio = NULL; 2340 int c_r, c_w, s_r, s_w; 2341 int i, j; 2342 int done = 0; 2343 int c_write, s_write; 2344 int do_server = 0, do_client = 0; 2345 int max_frag = 5 * 1024; 2346 2347 bufsiz = count > 40 * 1024 ? 40 * 1024 : count; 2348 2349 if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL) 2350 goto err; 2351 if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL) 2352 goto err; 2353 2354 memset(cbuf, 0, bufsiz); 2355 memset(sbuf, 0, bufsiz); 2356 2357 c_to_s = BIO_new(BIO_s_mem()); 2358 s_to_c = BIO_new(BIO_s_mem()); 2359 if ((s_to_c == NULL) || (c_to_s == NULL)) { 2360 ERR_print_errors(bio_err); 2361 goto err; 2362 } 2363 2364 c_bio = BIO_new(BIO_f_ssl()); 2365 s_bio = BIO_new(BIO_f_ssl()); 2366 if ((c_bio == NULL) || (s_bio == NULL)) { 2367 ERR_print_errors(bio_err); 2368 goto err; 2369 } 2370 2371 SSL_set_connect_state(c_ssl); 2372 SSL_set_bio(c_ssl, s_to_c, c_to_s); 2373 SSL_set_max_send_fragment(c_ssl, max_frag); 2374 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 2375 2376 SSL_set_accept_state(s_ssl); 2377 SSL_set_bio(s_ssl, c_to_s, s_to_c); 2378 SSL_set_max_send_fragment(s_ssl, max_frag); 2379 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 2380 2381 c_r = 0; 2382 s_r = 1; 2383 c_w = 1; 2384 s_w = 0; 2385 c_write = 1, s_write = 0; 2386 2387 /* We can always do writes */ 2388 for (;;) { 2389 do_server = 0; 2390 do_client = 0; 2391 2392 i = (int)BIO_pending(s_bio); 2393 if ((i && s_r) || s_w) 2394 do_server = 1; 2395 2396 i = (int)BIO_pending(c_bio); 2397 if ((i && c_r) || c_w) 2398 do_client = 1; 2399 2400 if (do_server && debug) { 2401 if (SSL_in_init(s_ssl)) 2402 printf("server waiting in SSL_accept - %s\n", 2403 SSL_state_string_long(s_ssl)); 2404/*- 2405 else if (s_write) 2406 printf("server:SSL_write()\n"); 2407 else 2408 printf("server:SSL_read()\n"); */ 2409 } 2410 2411 if (do_client && debug) { 2412 if (SSL_in_init(c_ssl)) 2413 printf("client waiting in SSL_connect - %s\n", 2414 SSL_state_string_long(c_ssl)); 2415/*- 2416 else if (c_write) 2417 printf("client:SSL_write()\n"); 2418 else 2419 printf("client:SSL_read()\n"); */ 2420 } 2421 2422 if (!do_client && !do_server) { 2423 fprintf(stdout, "ERROR IN STARTUP\n"); 2424 ERR_print_errors(bio_err); 2425 goto err; 2426 } 2427 if (do_client && !(done & C_DONE)) { 2428 if (c_write) { 2429 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num; 2430 i = BIO_write(c_bio, cbuf, j); 2431 if (i < 0) { 2432 c_r = 0; 2433 c_w = 0; 2434 if (BIO_should_retry(c_bio)) { 2435 if (BIO_should_read(c_bio)) 2436 c_r = 1; 2437 if (BIO_should_write(c_bio)) 2438 c_w = 1; 2439 } else { 2440 fprintf(stderr, "ERROR in CLIENT\n"); 2441 ERR_print_errors(bio_err); 2442 goto err; 2443 } 2444 } else if (i == 0) { 2445 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2446 goto err; 2447 } else { 2448 if (debug) 2449 printf("client wrote %d\n", i); 2450 /* ok */ 2451 s_r = 1; 2452 c_write = 0; 2453 cw_num -= i; 2454 if (max_frag > 1029) 2455 SSL_set_max_send_fragment(c_ssl, max_frag -= 5); 2456 } 2457 } else { 2458 i = BIO_read(c_bio, cbuf, bufsiz); 2459 if (i < 0) { 2460 c_r = 0; 2461 c_w = 0; 2462 if (BIO_should_retry(c_bio)) { 2463 if (BIO_should_read(c_bio)) 2464 c_r = 1; 2465 if (BIO_should_write(c_bio)) 2466 c_w = 1; 2467 } else { 2468 fprintf(stderr, "ERROR in CLIENT\n"); 2469 ERR_print_errors(bio_err); 2470 goto err; 2471 } 2472 } else if (i == 0) { 2473 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2474 goto err; 2475 } else { 2476 if (debug) 2477 printf("client read %d\n", i); 2478 cr_num -= i; 2479 if (sw_num > 0) { 2480 s_write = 1; 2481 s_w = 1; 2482 } 2483 if (cr_num <= 0) { 2484 s_write = 1; 2485 s_w = 1; 2486 done = S_DONE | C_DONE; 2487 } 2488 } 2489 } 2490 } 2491 2492 if (do_server && !(done & S_DONE)) { 2493 if (!s_write) { 2494 i = BIO_read(s_bio, sbuf, bufsiz); 2495 if (i < 0) { 2496 s_r = 0; 2497 s_w = 0; 2498 if (BIO_should_retry(s_bio)) { 2499 if (BIO_should_read(s_bio)) 2500 s_r = 1; 2501 if (BIO_should_write(s_bio)) 2502 s_w = 1; 2503 } else { 2504 fprintf(stderr, "ERROR in SERVER\n"); 2505 ERR_print_errors(bio_err); 2506 goto err; 2507 } 2508 } else if (i == 0) { 2509 ERR_print_errors(bio_err); 2510 fprintf(stderr, 2511 "SSL SERVER STARTUP FAILED in SSL_read\n"); 2512 goto err; 2513 } else { 2514 if (debug) 2515 printf("server read %d\n", i); 2516 sr_num -= i; 2517 if (cw_num > 0) { 2518 c_write = 1; 2519 c_w = 1; 2520 } 2521 if (sr_num <= 0) { 2522 s_write = 1; 2523 s_w = 1; 2524 c_write = 0; 2525 } 2526 } 2527 } else { 2528 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num; 2529 i = BIO_write(s_bio, sbuf, j); 2530 if (i < 0) { 2531 s_r = 0; 2532 s_w = 0; 2533 if (BIO_should_retry(s_bio)) { 2534 if (BIO_should_read(s_bio)) 2535 s_r = 1; 2536 if (BIO_should_write(s_bio)) 2537 s_w = 1; 2538 } else { 2539 fprintf(stderr, "ERROR in SERVER\n"); 2540 ERR_print_errors(bio_err); 2541 goto err; 2542 } 2543 } else if (i == 0) { 2544 ERR_print_errors(bio_err); 2545 fprintf(stderr, 2546 "SSL SERVER STARTUP FAILED in SSL_write\n"); 2547 goto err; 2548 } else { 2549 if (debug) 2550 printf("server wrote %d\n", i); 2551 sw_num -= i; 2552 s_write = 0; 2553 c_r = 1; 2554 if (sw_num <= 0) 2555 done |= S_DONE; 2556 if (max_frag > 1029) 2557 SSL_set_max_send_fragment(s_ssl, max_frag -= 5); 2558 } 2559 } 2560 } 2561 2562 if ((done & S_DONE) && (done & C_DONE)) 2563 break; 2564 } 2565 2566 if (verbose) 2567 print_details(c_ssl, "DONE: "); 2568 if (verify_serverinfo() < 0) { 2569 ret = 1; 2570 goto err; 2571 } 2572 if (custom_ext_error) { 2573 ret = 1; 2574 goto err; 2575 } 2576 ret = 0; 2577 err: 2578 /* 2579 * We have to set the BIO's to NULL otherwise they will be 2580 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again 2581 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and 2582 * c_ssl are sharing the same BIO structure and SSL_set_bio() and 2583 * SSL_free() automatically BIO_free non NULL entries. You should not 2584 * normally do this or be required to do this 2585 */ 2586 if (s_ssl != NULL) { 2587 s_ssl->rbio = NULL; 2588 s_ssl->wbio = NULL; 2589 } 2590 if (c_ssl != NULL) { 2591 c_ssl->rbio = NULL; 2592 c_ssl->wbio = NULL; 2593 } 2594 2595 if (c_to_s != NULL) 2596 BIO_free(c_to_s); 2597 if (s_to_c != NULL) 2598 BIO_free(s_to_c); 2599 if (c_bio != NULL) 2600 BIO_free_all(c_bio); 2601 if (s_bio != NULL) 2602 BIO_free_all(s_bio); 2603 2604 if (cbuf) 2605 OPENSSL_free(cbuf); 2606 if (sbuf) 2607 OPENSSL_free(sbuf); 2608 2609 return (ret); 2610} 2611 2612static int get_proxy_auth_ex_data_idx(void) 2613{ 2614 static volatile int idx = -1; 2615 if (idx < 0) { 2616 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 2617 if (idx < 0) { 2618 idx = X509_STORE_CTX_get_ex_new_index(0, 2619 "SSLtest for verify callback", 2620 NULL, NULL, NULL); 2621 } 2622 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 2623 } 2624 return idx; 2625} 2626 2627static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) 2628{ 2629 char *s, buf[256]; 2630 2631 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 2632 sizeof buf); 2633 if (s != NULL) { 2634 if (ok) 2635 fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf); 2636 else { 2637 fprintf(stderr, "depth=%d error=%d %s\n", 2638 ctx->error_depth, ctx->error, buf); 2639 } 2640 } 2641 2642 if (ok == 0) { 2643 fprintf(stderr, "Error string: %s\n", 2644 X509_verify_cert_error_string(ctx->error)); 2645 switch (ctx->error) { 2646 case X509_V_ERR_CERT_NOT_YET_VALID: 2647 case X509_V_ERR_CERT_HAS_EXPIRED: 2648 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 2649 fprintf(stderr, " ... ignored.\n"); 2650 ok = 1; 2651 } 2652 } 2653 2654 if (ok == 1) { 2655 X509 *xs = ctx->current_cert; 2656#if 0 2657 X509 *xi = ctx->current_issuer; 2658#endif 2659 2660 if (xs->ex_flags & EXFLAG_PROXY) { 2661 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx, 2662 get_proxy_auth_ex_data_idx 2663 ()); 2664 2665 if (letters) { 2666 int found_any = 0; 2667 int i; 2668 PROXY_CERT_INFO_EXTENSION *pci = 2669 X509_get_ext_d2i(xs, NID_proxyCertInfo, 2670 NULL, NULL); 2671 2672 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 2673 case NID_Independent: 2674 /* 2675 * Completely meaningless in this program, as there's no 2676 * way to grant explicit rights to a specific PrC. 2677 * Basically, using id-ppl-Independent is the perfect way 2678 * to grant no rights at all. 2679 */ 2680 fprintf(stderr, " Independent proxy certificate"); 2681 for (i = 0; i < 26; i++) 2682 letters[i] = 0; 2683 break; 2684 case NID_id_ppl_inheritAll: 2685 /* 2686 * This is basically a NOP, we simply let the current 2687 * rights stand as they are. 2688 */ 2689 fprintf(stderr, " Proxy certificate inherits all"); 2690 break; 2691 default: 2692 s = (char *) 2693 pci->proxyPolicy->policy->data; 2694 i = pci->proxyPolicy->policy->length; 2695 2696 /* 2697 * The algorithm works as follows: it is assumed that 2698 * previous iterations or the initial granted rights has 2699 * already set some elements of `letters'. What we need 2700 * to do is to clear those that weren't granted by the 2701 * current PrC as well. The easiest way to do this is to 2702 * add 1 to all the elements whose letters are given with 2703 * the current policy. That way, all elements that are 2704 * set by the current policy and were already set by 2705 * earlier policies and through the original grant of 2706 * rights will get the value 2 or higher. The last thing 2707 * to do is to sweep through `letters' and keep the 2708 * elements having the value 2 as set, and clear all the 2709 * others. 2710 */ 2711 2712 fprintf(stderr, " Certificate proxy rights = %*.*s", i, 2713 i, s); 2714 while (i-- > 0) { 2715 int c = *s++; 2716 if (isascii(c) && isalpha(c)) { 2717 if (islower(c)) 2718 c = toupper(c); 2719 letters[c - 'A']++; 2720 } 2721 } 2722 for (i = 0; i < 26; i++) 2723 if (letters[i] < 2) 2724 letters[i] = 0; 2725 else 2726 letters[i] = 1; 2727 } 2728 2729 found_any = 0; 2730 fprintf(stderr, ", resulting proxy rights = "); 2731 for (i = 0; i < 26; i++) 2732 if (letters[i]) { 2733 fprintf(stderr, "%c", i + 'A'); 2734 found_any = 1; 2735 } 2736 if (!found_any) 2737 fprintf(stderr, "none"); 2738 fprintf(stderr, "\n"); 2739 2740 PROXY_CERT_INFO_EXTENSION_free(pci); 2741 } 2742 } 2743 } 2744 2745 return (ok); 2746} 2747 2748static void process_proxy_debug(int indent, const char *format, ...) 2749{ 2750 /* That's 80 > */ 2751 static const char indentation[] = 2752 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 2753 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; 2754 char my_format[256]; 2755 va_list args; 2756 2757 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s", 2758 indent, indent, indentation, format); 2759 2760 va_start(args, format); 2761 vfprintf(stderr, my_format, args); 2762 va_end(args); 2763} 2764 2765/*- 2766 * Priority levels: 2767 * 0 [!]var, () 2768 * 1 & ^ 2769 * 2 | 2770 */ 2771static int process_proxy_cond_adders(unsigned int letters[26], 2772 const char *cond, const char **cond_end, 2773 int *pos, int indent); 2774static int process_proxy_cond_val(unsigned int letters[26], const char *cond, 2775 const char **cond_end, int *pos, int indent) 2776{ 2777 int c; 2778 int ok = 1; 2779 int negate = 0; 2780 2781 while (isspace((int)*cond)) { 2782 cond++; 2783 (*pos)++; 2784 } 2785 c = *cond; 2786 2787 if (debug) 2788 process_proxy_debug(indent, 2789 "Start process_proxy_cond_val at position %d: %s\n", 2790 *pos, cond); 2791 2792 while (c == '!') { 2793 negate = !negate; 2794 cond++; 2795 (*pos)++; 2796 while (isspace((int)*cond)) { 2797 cond++; 2798 (*pos)++; 2799 } 2800 c = *cond; 2801 } 2802 2803 if (c == '(') { 2804 cond++; 2805 (*pos)++; 2806 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 2807 indent + 1); 2808 cond = *cond_end; 2809 if (ok < 0) 2810 goto end; 2811 while (isspace((int)*cond)) { 2812 cond++; 2813 (*pos)++; 2814 } 2815 c = *cond; 2816 if (c != ')') { 2817 fprintf(stderr, 2818 "Weird condition character in position %d: " 2819 "%c\n", *pos, c); 2820 ok = -1; 2821 goto end; 2822 } 2823 cond++; 2824 (*pos)++; 2825 } else if (isascii(c) && isalpha(c)) { 2826 if (islower(c)) 2827 c = toupper(c); 2828 ok = letters[c - 'A']; 2829 cond++; 2830 (*pos)++; 2831 } else { 2832 fprintf(stderr, 2833 "Weird condition character in position %d: " "%c\n", *pos, c); 2834 ok = -1; 2835 goto end; 2836 } 2837 end: 2838 *cond_end = cond; 2839 if (ok >= 0 && negate) 2840 ok = !ok; 2841 2842 if (debug) 2843 process_proxy_debug(indent, 2844 "End process_proxy_cond_val at position %d: %s, returning %d\n", 2845 *pos, cond, ok); 2846 2847 return ok; 2848} 2849 2850static int process_proxy_cond_multipliers(unsigned int letters[26], 2851 const char *cond, 2852 const char **cond_end, int *pos, 2853 int indent) 2854{ 2855 int ok; 2856 char c; 2857 2858 if (debug) 2859 process_proxy_debug(indent, 2860 "Start process_proxy_cond_multipliers at position %d: %s\n", 2861 *pos, cond); 2862 2863 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 2864 cond = *cond_end; 2865 if (ok < 0) 2866 goto end; 2867 2868 while (ok >= 0) { 2869 while (isspace((int)*cond)) { 2870 cond++; 2871 (*pos)++; 2872 } 2873 c = *cond; 2874 2875 switch (c) { 2876 case '&': 2877 case '^': 2878 { 2879 int save_ok = ok; 2880 2881 cond++; 2882 (*pos)++; 2883 ok = process_proxy_cond_val(letters, 2884 cond, cond_end, pos, indent + 1); 2885 cond = *cond_end; 2886 if (ok < 0) 2887 break; 2888 2889 switch (c) { 2890 case '&': 2891 ok &= save_ok; 2892 break; 2893 case '^': 2894 ok ^= save_ok; 2895 break; 2896 default: 2897 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 2898 " STOPPING\n"); 2899 EXIT(1); 2900 } 2901 } 2902 break; 2903 default: 2904 goto end; 2905 } 2906 } 2907 end: 2908 if (debug) 2909 process_proxy_debug(indent, 2910 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n", 2911 *pos, cond, ok); 2912 2913 *cond_end = cond; 2914 return ok; 2915} 2916 2917static int process_proxy_cond_adders(unsigned int letters[26], 2918 const char *cond, const char **cond_end, 2919 int *pos, int indent) 2920{ 2921 int ok; 2922 char c; 2923 2924 if (debug) 2925 process_proxy_debug(indent, 2926 "Start process_proxy_cond_adders at position %d: %s\n", 2927 *pos, cond); 2928 2929 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 2930 indent + 1); 2931 cond = *cond_end; 2932 if (ok < 0) 2933 goto end; 2934 2935 while (ok >= 0) { 2936 while (isspace((int)*cond)) { 2937 cond++; 2938 (*pos)++; 2939 } 2940 c = *cond; 2941 2942 switch (c) { 2943 case '|': 2944 { 2945 int save_ok = ok; 2946 2947 cond++; 2948 (*pos)++; 2949 ok = process_proxy_cond_multipliers(letters, 2950 cond, cond_end, pos, 2951 indent + 1); 2952 cond = *cond_end; 2953 if (ok < 0) 2954 break; 2955 2956 switch (c) { 2957 case '|': 2958 ok |= save_ok; 2959 break; 2960 default: 2961 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 2962 " STOPPING\n"); 2963 EXIT(1); 2964 } 2965 } 2966 break; 2967 default: 2968 goto end; 2969 } 2970 } 2971 end: 2972 if (debug) 2973 process_proxy_debug(indent, 2974 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 2975 *pos, cond, ok); 2976 2977 *cond_end = cond; 2978 return ok; 2979} 2980 2981static int process_proxy_cond(unsigned int letters[26], 2982 const char *cond, const char **cond_end) 2983{ 2984 int pos = 1; 2985 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 2986} 2987 2988static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg) 2989{ 2990 int ok = 1; 2991 struct app_verify_arg *cb_arg = arg; 2992 unsigned int letters[26]; /* only used with proxy_auth */ 2993 2994 if (cb_arg->app_verify) { 2995 char *s = NULL, buf[256]; 2996 2997 fprintf(stderr, "In app_verify_callback, allowing cert. "); 2998 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 2999 fprintf(stderr, 3000 "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 3001 (void *)ctx, (void *)ctx->cert); 3002 if (ctx->cert) 3003 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 3004 if (s != NULL) { 3005 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 3006 } 3007 return (1); 3008 } 3009 if (cb_arg->proxy_auth) { 3010 int found_any = 0, i; 3011 char *sp; 3012 3013 for (i = 0; i < 26; i++) 3014 letters[i] = 0; 3015 for (sp = cb_arg->proxy_auth; *sp; sp++) { 3016 int c = *sp; 3017 if (isascii(c) && isalpha(c)) { 3018 if (islower(c)) 3019 c = toupper(c); 3020 letters[c - 'A'] = 1; 3021 } 3022 } 3023 3024 fprintf(stderr, " Initial proxy rights = "); 3025 for (i = 0; i < 26; i++) 3026 if (letters[i]) { 3027 fprintf(stderr, "%c", i + 'A'); 3028 found_any = 1; 3029 } 3030 if (!found_any) 3031 fprintf(stderr, "none"); 3032 fprintf(stderr, "\n"); 3033 3034 X509_STORE_CTX_set_ex_data(ctx, 3035 get_proxy_auth_ex_data_idx(), letters); 3036 } 3037 if (cb_arg->allow_proxy_certs) { 3038 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 3039 } 3040#ifndef OPENSSL_NO_X509_VERIFY 3041 ok = X509_verify_cert(ctx); 3042#endif 3043 3044 if (cb_arg->proxy_auth) { 3045 if (ok > 0) { 3046 const char *cond_end = NULL; 3047 3048 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end); 3049 3050 if (ok < 0) 3051 EXIT(3); 3052 if (*cond_end) { 3053 fprintf(stderr, 3054 "Stopped processing condition before it's end.\n"); 3055 ok = 0; 3056 } 3057 if (!ok) 3058 fprintf(stderr, 3059 "Proxy rights check with condition '%s' proved invalid\n", 3060 cb_arg->proxy_cond); 3061 else 3062 fprintf(stderr, 3063 "Proxy rights check with condition '%s' proved valid\n", 3064 cb_arg->proxy_cond); 3065 } 3066 } 3067 return (ok); 3068} 3069 3070#ifndef OPENSSL_NO_RSA 3071static RSA *rsa_tmp = NULL; 3072 3073static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 3074{ 3075 BIGNUM *bn = NULL; 3076 if (rsa_tmp == NULL) { 3077 bn = BN_new(); 3078 rsa_tmp = RSA_new(); 3079 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { 3080 BIO_printf(bio_err, "Memory error..."); 3081 goto end; 3082 } 3083 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); 3084 (void)BIO_flush(bio_err); 3085 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 3086 BIO_printf(bio_err, "Error generating key."); 3087 RSA_free(rsa_tmp); 3088 rsa_tmp = NULL; 3089 } 3090 end: 3091 BIO_printf(bio_err, "\n"); 3092 (void)BIO_flush(bio_err); 3093 } 3094 if (bn) 3095 BN_free(bn); 3096 return (rsa_tmp); 3097} 3098 3099static void free_tmp_rsa(void) 3100{ 3101 if (rsa_tmp != NULL) { 3102 RSA_free(rsa_tmp); 3103 rsa_tmp = NULL; 3104 } 3105} 3106#endif 3107 3108#ifndef OPENSSL_NO_DH 3109/*- 3110 * These DH parameters have been generated as follows: 3111 * $ openssl dhparam -C -noout 512 3112 * $ openssl dhparam -C -noout 1024 3113 * $ openssl dhparam -C -noout -dsaparam 1024 3114 * (The third function has been renamed to avoid name conflicts.) 3115 */ 3116static DH *get_dh512() 3117{ 3118 static unsigned char dh512_p[] = { 3119 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 3120 0xC6, 3121 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 3122 0xB0, 3123 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 3124 0x5F, 3125 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 3126 0xB8, 3127 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 3128 0x33, 3129 0x02, 0xC5, 0xAE, 0x23, 3130 }; 3131 static unsigned char dh512_g[] = { 3132 0x02, 3133 }; 3134 DH *dh; 3135 3136 if ((dh = DH_new()) == NULL) 3137 return (NULL); 3138 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 3139 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 3140 if ((dh->p == NULL) || (dh->g == NULL)) { 3141 DH_free(dh); 3142 return (NULL); 3143 } 3144 return (dh); 3145} 3146 3147static DH *get_dh1024() 3148{ 3149 static unsigned char dh1024_p[] = { 3150 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 3151 0x3A, 3152 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 3153 0xA2, 3154 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 3155 0xB0, 3156 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 3157 0xC2, 3158 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 3159 0x8C, 3160 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 3161 0xB8, 3162 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 3163 0x52, 3164 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 3165 0xC1, 3166 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 3167 0xB1, 3168 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 3169 0xAB, 3170 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 3171 }; 3172 static unsigned char dh1024_g[] = { 3173 0x02, 3174 }; 3175 DH *dh; 3176 3177 if ((dh = DH_new()) == NULL) 3178 return (NULL); 3179 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 3180 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 3181 if ((dh->p == NULL) || (dh->g == NULL)) { 3182 DH_free(dh); 3183 return (NULL); 3184 } 3185 return (dh); 3186} 3187 3188static DH *get_dh1024dsa() 3189{ 3190 static unsigned char dh1024_p[] = { 3191 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 3192 0x00, 3193 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 3194 0x19, 3195 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 3196 0xD2, 3197 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 3198 0x55, 3199 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 3200 0xFC, 3201 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 3202 0x97, 3203 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 3204 0x8D, 3205 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 3206 0xBB, 3207 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 3208 0xF6, 3209 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 3210 0x9E, 3211 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 3212 }; 3213 static unsigned char dh1024_g[] = { 3214 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 3215 0x05, 3216 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 3217 0xF3, 3218 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 3219 0xE9, 3220 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 3221 0x3C, 3222 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 3223 0x65, 3224 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 3225 0x60, 3226 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 3227 0xF6, 3228 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 3229 0xA7, 3230 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 3231 0xA1, 3232 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 3233 0x60, 3234 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 3235 }; 3236 DH *dh; 3237 3238 if ((dh = DH_new()) == NULL) 3239 return (NULL); 3240 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 3241 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 3242 if ((dh->p == NULL) || (dh->g == NULL)) { 3243 DH_free(dh); 3244 return (NULL); 3245 } 3246 dh->length = 160; 3247 return (dh); 3248} 3249#endif 3250 3251#ifndef OPENSSL_NO_PSK 3252/* convert the PSK key (psk_key) in ascii to binary (psk) */ 3253static int psk_key2bn(const char *pskkey, unsigned char *psk, 3254 unsigned int max_psk_len) 3255{ 3256 int ret; 3257 BIGNUM *bn = NULL; 3258 3259 ret = BN_hex2bn(&bn, pskkey); 3260 if (!ret) { 3261 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", 3262 pskkey); 3263 if (bn) 3264 BN_free(bn); 3265 return 0; 3266 } 3267 if (BN_num_bytes(bn) > (int)max_psk_len) { 3268 BIO_printf(bio_err, 3269 "psk buffer of callback is too small (%d) for key (%d)\n", 3270 max_psk_len, BN_num_bytes(bn)); 3271 BN_free(bn); 3272 return 0; 3273 } 3274 ret = BN_bn2bin(bn, psk); 3275 BN_free(bn); 3276 return ret; 3277} 3278 3279static unsigned int psk_client_callback(SSL *ssl, const char *hint, 3280 char *identity, 3281 unsigned int max_identity_len, 3282 unsigned char *psk, 3283 unsigned int max_psk_len) 3284{ 3285 int ret; 3286 unsigned int psk_len = 0; 3287 3288 ret = BIO_snprintf(identity, max_identity_len, "Client_identity"); 3289 if (ret < 0) 3290 goto out_err; 3291 if (debug) 3292 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, 3293 ret); 3294 ret = psk_key2bn(psk_key, psk, max_psk_len); 3295 if (ret < 0) 3296 goto out_err; 3297 psk_len = ret; 3298 out_err: 3299 return psk_len; 3300} 3301 3302static unsigned int psk_server_callback(SSL *ssl, const char *identity, 3303 unsigned char *psk, 3304 unsigned int max_psk_len) 3305{ 3306 unsigned int psk_len = 0; 3307 3308 if (strcmp(identity, "Client_identity") != 0) { 3309 BIO_printf(bio_err, "server: PSK error: client identity not found\n"); 3310 return 0; 3311 } 3312 psk_len = psk_key2bn(psk_key, psk, max_psk_len); 3313 return psk_len; 3314} 3315#endif 3316 3317static int do_test_cipherlist(void) 3318{ 3319#if !defined(OPENSSL_NO_SSL2) || !defined(OPENSSL_NO_SSL3) || \ 3320 !defined(OPENSSL_NO_TLS1) 3321 int i = 0; 3322 const SSL_METHOD *meth; 3323 const SSL_CIPHER *ci, *tci = NULL; 3324#endif 3325 3326#ifndef OPENSSL_NO_SSL2 3327 fprintf(stderr, "testing SSLv2 cipher list order: "); 3328 meth = SSLv2_method(); 3329 while ((ci = meth->get_cipher(i++)) != NULL) { 3330 if (tci != NULL) 3331 if (ci->id >= tci->id) { 3332 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 3333 return 0; 3334 } 3335 tci = ci; 3336 } 3337 fprintf(stderr, "ok\n"); 3338#endif 3339#ifndef OPENSSL_NO_SSL3 3340 fprintf(stderr, "testing SSLv3 cipher list order: "); 3341 meth = SSLv3_method(); 3342 tci = NULL; 3343 while ((ci = meth->get_cipher(i++)) != NULL) { 3344 if (tci != NULL) 3345 if (ci->id >= tci->id) { 3346 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 3347 return 0; 3348 } 3349 tci = ci; 3350 } 3351 fprintf(stderr, "ok\n"); 3352#endif 3353#ifndef OPENSSL_NO_TLS1 3354 fprintf(stderr, "testing TLSv1 cipher list order: "); 3355 meth = TLSv1_method(); 3356 tci = NULL; 3357 while ((ci = meth->get_cipher(i++)) != NULL) { 3358 if (tci != NULL) 3359 if (ci->id >= tci->id) { 3360 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id); 3361 return 0; 3362 } 3363 tci = ci; 3364 } 3365 fprintf(stderr, "ok\n"); 3366#endif 3367 3368 return 1; 3369} 3370