1/* apps/s_server.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116/* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143/* Until the key-gen callbacks are modified to use newer prototypes, we allow 144 * deprecated functions for openssl-internal code */ 145#ifdef OPENSSL_NO_DEPRECATED 146#undef OPENSSL_NO_DEPRECATED 147#endif 148 149#include <assert.h> 150#include <ctype.h> 151#include <stdio.h> 152#include <stdlib.h> 153#include <string.h> 154 155#include <openssl/e_os2.h> 156#ifdef OPENSSL_NO_STDIO 157#define APPS_WIN16 158#endif 159 160#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */ 161#include <sys/types.h> 162#endif 163 164/* With IPv6, it looks like Digital has mixed up the proper order of 165 recursive header file inclusion, resulting in the compiler complaining 166 that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which 167 is needed to have fileno() declared correctly... So let's define u_int */ 168#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 169#define __U_INT 170typedef unsigned int u_int; 171#endif 172 173#include <openssl/lhash.h> 174#include <openssl/bn.h> 175#define USE_SOCKETS 176#include "apps.h" 177#include <openssl/err.h> 178#include <openssl/pem.h> 179#include <openssl/x509.h> 180#include <openssl/ssl.h> 181#include <openssl/rand.h> 182#include <openssl/ocsp.h> 183#ifndef OPENSSL_NO_DH 184#include <openssl/dh.h> 185#endif 186#ifndef OPENSSL_NO_RSA 187#include <openssl/rsa.h> 188#endif 189#ifndef OPENSSL_NO_SRP 190#include <openssl/srp.h> 191#endif 192#include "s_apps.h" 193#include "timeouts.h" 194 195#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 196/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 197#undef FIONBIO 198#endif 199 200#if defined(OPENSSL_SYS_BEOS_R5) 201#include <fcntl.h> 202#endif 203 204#ifndef OPENSSL_NO_RSA 205static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 206#endif 207static int sv_body(char *hostname, int s, unsigned char *context); 208static int www_body(char *hostname, int s, unsigned char *context); 209static void close_accept_socket(void ); 210static void sv_usage(void); 211static int init_ssl_connection(SSL *s); 212static void print_stats(BIO *bp,SSL_CTX *ctx); 213static int generate_session_id(const SSL *ssl, unsigned char *id, 214 unsigned int *id_len); 215#ifndef OPENSSL_NO_DH 216static DH *load_dh_param(const char *dhfile); 217static DH *get_dh512(void); 218#endif 219 220#ifdef MONOLITH 221static void s_server_init(void); 222#endif 223 224#ifndef OPENSSL_NO_DH 225static unsigned char dh512_p[]={ 226 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, 227 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, 228 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, 229 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, 230 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, 231 0x47,0x74,0xE8,0x33, 232 }; 233static unsigned char dh512_g[]={ 234 0x02, 235 }; 236 237static DH *get_dh512(void) 238 { 239 DH *dh=NULL; 240 241 if ((dh=DH_new()) == NULL) return(NULL); 242 dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); 243 dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); 244 if ((dh->p == NULL) || (dh->g == NULL)) 245 return(NULL); 246 return(dh); 247 } 248#endif 249 250 251/* static int load_CA(SSL_CTX *ctx, char *file);*/ 252 253#undef BUFSIZZ 254#define BUFSIZZ 16*1024 255static int bufsize=BUFSIZZ; 256static int accept_socket= -1; 257 258#define TEST_CERT "server.pem" 259#ifndef OPENSSL_NO_TLSEXT 260#define TEST_CERT2 "server2.pem" 261#endif 262#undef PROG 263#define PROG s_server_main 264 265extern int verify_depth, verify_return_error; 266 267static char *cipher=NULL; 268static int s_server_verify=SSL_VERIFY_NONE; 269static int s_server_session_id_context = 1; /* anything will do */ 270static const char *s_cert_file=TEST_CERT,*s_key_file=NULL; 271#ifndef OPENSSL_NO_TLSEXT 272static const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL; 273#endif 274static char *s_dcert_file=NULL,*s_dkey_file=NULL; 275#ifdef FIONBIO 276static int s_nbio=0; 277#endif 278static int s_nbio_test=0; 279int s_crlf=0; 280static SSL_CTX *ctx=NULL; 281#ifndef OPENSSL_NO_TLSEXT 282static SSL_CTX *ctx2=NULL; 283#endif 284static int www=0; 285 286static BIO *bio_s_out=NULL; 287static int s_debug=0; 288#ifndef OPENSSL_NO_TLSEXT 289static int s_tlsextdebug=0; 290static int s_tlsextstatus=0; 291static int cert_status_cb(SSL *s, void *arg); 292#endif 293static int s_msg=0; 294static int s_quiet=0; 295 296static char *keymatexportlabel=NULL; 297static int keymatexportlen=20; 298 299static int hack=0; 300#ifndef OPENSSL_NO_ENGINE 301static char *engine_id=NULL; 302#endif 303static const char *session_id_prefix=NULL; 304 305static int enable_timeouts = 0; 306static long socket_mtu; 307#ifndef OPENSSL_NO_DTLS1 308static int cert_chain = 0; 309#endif 310 311 312#ifndef OPENSSL_NO_PSK 313static char *psk_identity="Client_identity"; 314char *psk_key=NULL; /* by default PSK is not used */ 315 316static unsigned int psk_server_cb(SSL *ssl, const char *identity, 317 unsigned char *psk, unsigned int max_psk_len) 318 { 319 unsigned int psk_len = 0; 320 int ret; 321 BIGNUM *bn = NULL; 322 323 if (s_debug) 324 BIO_printf(bio_s_out,"psk_server_cb\n"); 325 if (!identity) 326 { 327 BIO_printf(bio_err,"Error: client did not send PSK identity\n"); 328 goto out_err; 329 } 330 if (s_debug) 331 BIO_printf(bio_s_out,"identity_len=%d identity=%s\n", 332 identity ? (int)strlen(identity) : 0, identity); 333 334 /* here we could lookup the given identity e.g. from a database */ 335 if (strcmp(identity, psk_identity) != 0) 336 { 337 BIO_printf(bio_s_out, "PSK error: client identity not found" 338 " (got '%s' expected '%s')\n", identity, 339 psk_identity); 340 goto out_err; 341 } 342 if (s_debug) 343 BIO_printf(bio_s_out, "PSK client identity found\n"); 344 345 /* convert the PSK key to binary */ 346 ret = BN_hex2bn(&bn, psk_key); 347 if (!ret) 348 { 349 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key); 350 if (bn) 351 BN_free(bn); 352 return 0; 353 } 354 if (BN_num_bytes(bn) > (int)max_psk_len) 355 { 356 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n", 357 max_psk_len, BN_num_bytes(bn)); 358 BN_free(bn); 359 return 0; 360 } 361 362 ret = BN_bn2bin(bn, psk); 363 BN_free(bn); 364 365 if (ret < 0) 366 goto out_err; 367 psk_len = (unsigned int)ret; 368 369 if (s_debug) 370 BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len); 371 return psk_len; 372 out_err: 373 if (s_debug) 374 BIO_printf(bio_err, "Error in PSK server callback\n"); 375 return 0; 376 } 377#endif 378 379#ifndef OPENSSL_NO_SRP 380/* This is a context that we pass to callbacks */ 381typedef struct srpsrvparm_st 382 { 383 char *login; 384 SRP_VBASE *vb; 385 SRP_user_pwd *user; 386 } srpsrvparm; 387 388/* This callback pretends to require some asynchronous logic in order to obtain 389 a verifier. When the callback is called for a new connection we return 390 with a negative value. This will provoke the accept etc to return with 391 an LOOKUP_X509. The main logic of the reinvokes the suspended call 392 (which would normally occur after a worker has finished) and we 393 set the user parameters. 394*/ 395static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 396 { 397 srpsrvparm *p = (srpsrvparm *)arg; 398 if (p->login == NULL && p->user == NULL ) 399 { 400 p->login = SSL_get_srp_username(s); 401 BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login); 402 return (-1) ; 403 } 404 405 if (p->user == NULL) 406 { 407 BIO_printf(bio_err, "User %s doesn't exist\n", p->login); 408 return SSL3_AL_FATAL; 409 } 410 if (SSL_set_srp_server_param(s, p->user->N, p->user->g, p->user->s, p->user->v, 411 p->user->info) < 0) 412 { 413 *ad = SSL_AD_INTERNAL_ERROR; 414 return SSL3_AL_FATAL; 415 } 416 BIO_printf(bio_err, "SRP parameters set: username = \"%s\" info=\"%s\" \n", p->login,p->user->info); 417 /* need to check whether there are memory leaks */ 418 p->user = NULL; 419 p->login = NULL; 420 return SSL_ERROR_NONE; 421 } 422 423#endif 424 425#ifdef MONOLITH 426static void s_server_init(void) 427 { 428 accept_socket=-1; 429 cipher=NULL; 430 s_server_verify=SSL_VERIFY_NONE; 431 s_dcert_file=NULL; 432 s_dkey_file=NULL; 433 s_cert_file=TEST_CERT; 434 s_key_file=NULL; 435#ifndef OPENSSL_NO_TLSEXT 436 s_cert_file2=TEST_CERT2; 437 s_key_file2=NULL; 438 ctx2=NULL; 439#endif 440#ifdef FIONBIO 441 s_nbio=0; 442#endif 443 s_nbio_test=0; 444 ctx=NULL; 445 www=0; 446 447 bio_s_out=NULL; 448 s_debug=0; 449 s_msg=0; 450 s_quiet=0; 451 hack=0; 452#ifndef OPENSSL_NO_ENGINE 453 engine_id=NULL; 454#endif 455 } 456#endif 457 458static void sv_usage(void) 459 { 460 BIO_printf(bio_err,"usage: s_server [args ...]\n"); 461 BIO_printf(bio_err,"\n"); 462 BIO_printf(bio_err," -accept arg - port to accept on (default is %d)\n",PORT); 463 BIO_printf(bio_err," -context arg - set session ID context\n"); 464 BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); 465 BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); 466 BIO_printf(bio_err," -verify_return_error - return verification errors\n"); 467 BIO_printf(bio_err," -cert arg - certificate file to use\n"); 468 BIO_printf(bio_err," (default is %s)\n",TEST_CERT); 469 BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \ 470 " The CRL(s) are appended to the certificate file\n"); 471 BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \ 472 " or any other CRL in the CA chain. CRL(s) are appened to the\n" \ 473 " the certificate file.\n"); 474 BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 475 BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n"); 476 BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT); 477 BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); 478 BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 479 BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n"); 480 BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n"); 481 BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n"); 482 BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); 483 BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n"); 484 BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n"); 485 BIO_printf(bio_err," or a default set of parameters is used\n"); 486#ifndef OPENSSL_NO_ECDH 487 BIO_printf(bio_err," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 488 " Use \"openssl ecparam -list_curves\" for all names\n" \ 489 " (default is nistp256).\n"); 490#endif 491#ifdef FIONBIO 492 BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 493#endif 494 BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n"); 495 BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 496 BIO_printf(bio_err," -debug - Print more output\n"); 497 BIO_printf(bio_err," -msg - Show protocol messages\n"); 498 BIO_printf(bio_err," -state - Print the SSL states\n"); 499 BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 500 BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 501 BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); 502 BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); 503 BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); 504 BIO_printf(bio_err," -quiet - No server output\n"); 505 BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); 506#ifndef OPENSSL_NO_PSK 507 BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n"); 508 BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); 509# ifndef OPENSSL_NO_JPAKE 510 BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); 511# endif 512#endif 513#ifndef OPENSSL_NO_SRP 514 BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n"); 515 BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n"); 516#endif 517 BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); 518 BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); 519 BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n"); 520 BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n"); 521 BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); 522 BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); 523 BIO_printf(bio_err," -timeout - Enable timeouts\n"); 524 BIO_printf(bio_err," -mtu - Set link layer MTU\n"); 525 BIO_printf(bio_err," -chain - Read a certificate chain\n"); 526 BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); 527 BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); 528 BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); 529 BIO_printf(bio_err," -no_tls1_1 - Just disable TLSv1.1\n"); 530 BIO_printf(bio_err," -no_tls1_2 - Just disable TLSv1.2\n"); 531#ifndef OPENSSL_NO_DH 532 BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); 533#endif 534#ifndef OPENSSL_NO_ECDH 535 BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n"); 536#endif 537 BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); 538 BIO_printf(bio_err," -hack - workaround for early Netscape code\n"); 539 BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); 540 BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 541 BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 542 BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); 543#ifndef OPENSSL_NO_ENGINE 544 BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 545#endif 546 BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); 547 BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 548#ifndef OPENSSL_NO_TLSEXT 549 BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n"); 550 BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); 551 BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n"); 552 BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); 553 BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); 554 BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); 555 BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); 556 BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); 557 BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 558# ifndef OPENSSL_NO_NEXTPROTONEG 559 BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); 560# endif 561# ifndef OPENSSL_NO_SRTP 562 BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 563#endif 564#endif 565 BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); 566 BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 567 BIO_printf(bio_err," -status - respond to certificate status requests\n"); 568 BIO_printf(bio_err," -status_verbose - enable status request verbose printout\n"); 569 BIO_printf(bio_err," -status_timeout n - status request responder timeout\n"); 570 BIO_printf(bio_err," -status_url URL - status request fallback URL\n"); 571 } 572 573static int local_argc=0; 574static char **local_argv; 575 576#ifdef CHARSET_EBCDIC 577static int ebcdic_new(BIO *bi); 578static int ebcdic_free(BIO *a); 579static int ebcdic_read(BIO *b, char *out, int outl); 580static int ebcdic_write(BIO *b, const char *in, int inl); 581static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr); 582static int ebcdic_gets(BIO *bp, char *buf, int size); 583static int ebcdic_puts(BIO *bp, const char *str); 584 585#define BIO_TYPE_EBCDIC_FILTER (18|0x0200) 586static BIO_METHOD methods_ebcdic= 587 { 588 BIO_TYPE_EBCDIC_FILTER, 589 "EBCDIC/ASCII filter", 590 ebcdic_write, 591 ebcdic_read, 592 ebcdic_puts, 593 ebcdic_gets, 594 ebcdic_ctrl, 595 ebcdic_new, 596 ebcdic_free, 597 }; 598 599typedef struct 600{ 601 size_t alloced; 602 char buff[1]; 603} EBCDIC_OUTBUFF; 604 605BIO_METHOD *BIO_f_ebcdic_filter() 606{ 607 return(&methods_ebcdic); 608} 609 610static int ebcdic_new(BIO *bi) 611{ 612 EBCDIC_OUTBUFF *wbuf; 613 614 wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); 615 wbuf->alloced = 1024; 616 wbuf->buff[0] = '\0'; 617 618 bi->ptr=(char *)wbuf; 619 bi->init=1; 620 bi->flags=0; 621 return(1); 622} 623 624static int ebcdic_free(BIO *a) 625{ 626 if (a == NULL) return(0); 627 if (a->ptr != NULL) 628 OPENSSL_free(a->ptr); 629 a->ptr=NULL; 630 a->init=0; 631 a->flags=0; 632 return(1); 633} 634 635static int ebcdic_read(BIO *b, char *out, int outl) 636{ 637 int ret=0; 638 639 if (out == NULL || outl == 0) return(0); 640 if (b->next_bio == NULL) return(0); 641 642 ret=BIO_read(b->next_bio,out,outl); 643 if (ret > 0) 644 ascii2ebcdic(out,out,ret); 645 return(ret); 646} 647 648static int ebcdic_write(BIO *b, const char *in, int inl) 649{ 650 EBCDIC_OUTBUFF *wbuf; 651 int ret=0; 652 int num; 653 unsigned char n; 654 655 if ((in == NULL) || (inl <= 0)) return(0); 656 if (b->next_bio == NULL) return(0); 657 658 wbuf=(EBCDIC_OUTBUFF *)b->ptr; 659 660 if (inl > (num = wbuf->alloced)) 661 { 662 num = num + num; /* double the size */ 663 if (num < inl) 664 num = inl; 665 OPENSSL_free(wbuf); 666 wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); 667 668 wbuf->alloced = num; 669 wbuf->buff[0] = '\0'; 670 671 b->ptr=(char *)wbuf; 672 } 673 674 ebcdic2ascii(wbuf->buff, in, inl); 675 676 ret=BIO_write(b->next_bio, wbuf->buff, inl); 677 678 return(ret); 679} 680 681static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr) 682{ 683 long ret; 684 685 if (b->next_bio == NULL) return(0); 686 switch (cmd) 687 { 688 case BIO_CTRL_DUP: 689 ret=0L; 690 break; 691 default: 692 ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 693 break; 694 } 695 return(ret); 696} 697 698static int ebcdic_gets(BIO *bp, char *buf, int size) 699{ 700 int i, ret=0; 701 if (bp->next_bio == NULL) return(0); 702/* return(BIO_gets(bp->next_bio,buf,size));*/ 703 for (i=0; i<size-1; ++i) 704 { 705 ret = ebcdic_read(bp,&buf[i],1); 706 if (ret <= 0) 707 break; 708 else if (buf[i] == '\n') 709 { 710 ++i; 711 break; 712 } 713 } 714 if (i < size) 715 buf[i] = '\0'; 716 return (ret < 0 && i == 0) ? ret : i; 717} 718 719static int ebcdic_puts(BIO *bp, const char *str) 720{ 721 if (bp->next_bio == NULL) return(0); 722 return ebcdic_write(bp, str, strlen(str)); 723} 724#endif 725 726#ifndef OPENSSL_NO_TLSEXT 727 728/* This is a context that we pass to callbacks */ 729typedef struct tlsextctx_st { 730 char * servername; 731 BIO * biodebug; 732 int extension_error; 733} tlsextctx; 734 735 736static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 737 { 738 tlsextctx * p = (tlsextctx *) arg; 739 const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 740 if (servername && p->biodebug) 741 BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername); 742 743 if (!p->servername) 744 return SSL_TLSEXT_ERR_NOACK; 745 746 if (servername) 747 { 748 if (strcasecmp(servername,p->servername)) 749 return p->extension_error; 750 if (ctx2) 751 { 752 BIO_printf(p->biodebug,"Switching server context.\n"); 753 SSL_set_SSL_CTX(s,ctx2); 754 } 755 } 756 return SSL_TLSEXT_ERR_OK; 757} 758 759/* Structure passed to cert status callback */ 760 761typedef struct tlsextstatusctx_st { 762 /* Default responder to use */ 763 char *host, *path, *port; 764 int use_ssl; 765 int timeout; 766 BIO *err; 767 int verbose; 768} tlsextstatusctx; 769 770static tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0}; 771 772/* Certificate Status callback. This is called when a client includes a 773 * certificate status request extension. 774 * 775 * This is a simplified version. It examines certificates each time and 776 * makes one OCSP responder query for each request. 777 * 778 * A full version would store details such as the OCSP certificate IDs and 779 * minimise the number of OCSP responses by caching them until they were 780 * considered "expired". 781 */ 782 783static int cert_status_cb(SSL *s, void *arg) 784 { 785 tlsextstatusctx *srctx = arg; 786 BIO *err = srctx->err; 787 char *host, *port, *path; 788 int use_ssl; 789 unsigned char *rspder = NULL; 790 int rspderlen; 791 STACK_OF(OPENSSL_STRING) *aia = NULL; 792 X509 *x = NULL; 793 X509_STORE_CTX inctx; 794 X509_OBJECT obj; 795 OCSP_REQUEST *req = NULL; 796 OCSP_RESPONSE *resp = NULL; 797 OCSP_CERTID *id = NULL; 798 STACK_OF(X509_EXTENSION) *exts; 799 int ret = SSL_TLSEXT_ERR_NOACK; 800 int i; 801#if 0 802STACK_OF(OCSP_RESPID) *ids; 803SSL_get_tlsext_status_ids(s, &ids); 804BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); 805#endif 806 if (srctx->verbose) 807 BIO_puts(err, "cert_status: callback called\n"); 808 /* Build up OCSP query from server certificate */ 809 x = SSL_get_certificate(s); 810 aia = X509_get1_ocsp(x); 811 if (aia) 812 { 813 if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), 814 &host, &port, &path, &use_ssl)) 815 { 816 BIO_puts(err, "cert_status: can't parse AIA URL\n"); 817 goto err; 818 } 819 if (srctx->verbose) 820 BIO_printf(err, "cert_status: AIA URL: %s\n", 821 sk_OPENSSL_STRING_value(aia, 0)); 822 } 823 else 824 { 825 if (!srctx->host) 826 { 827 BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n"); 828 goto done; 829 } 830 host = srctx->host; 831 path = srctx->path; 832 port = srctx->port; 833 use_ssl = srctx->use_ssl; 834 } 835 836 if (!X509_STORE_CTX_init(&inctx, 837 SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), 838 NULL, NULL)) 839 goto err; 840 if (X509_STORE_get_by_subject(&inctx,X509_LU_X509, 841 X509_get_issuer_name(x),&obj) <= 0) 842 { 843 BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); 844 X509_STORE_CTX_cleanup(&inctx); 845 goto done; 846 } 847 req = OCSP_REQUEST_new(); 848 if (!req) 849 goto err; 850 id = OCSP_cert_to_id(NULL, x, obj.data.x509); 851 X509_free(obj.data.x509); 852 X509_STORE_CTX_cleanup(&inctx); 853 if (!id) 854 goto err; 855 if (!OCSP_request_add0_id(req, id)) 856 goto err; 857 id = NULL; 858 /* Add any extensions to the request */ 859 SSL_get_tlsext_status_exts(s, &exts); 860 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) 861 { 862 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); 863 if (!OCSP_REQUEST_add_ext(req, ext, -1)) 864 goto err; 865 } 866 resp = process_responder(err, req, host, path, port, use_ssl, NULL, 867 srctx->timeout); 868 if (!resp) 869 { 870 BIO_puts(err, "cert_status: error querying responder\n"); 871 goto done; 872 } 873 rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); 874 if (rspderlen <= 0) 875 goto err; 876 SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); 877 if (srctx->verbose) 878 { 879 BIO_puts(err, "cert_status: ocsp response sent:\n"); 880 OCSP_RESPONSE_print(err, resp, 2); 881 } 882 ret = SSL_TLSEXT_ERR_OK; 883 done: 884 if (ret != SSL_TLSEXT_ERR_OK) 885 ERR_print_errors(err); 886 if (aia) 887 { 888 OPENSSL_free(host); 889 OPENSSL_free(path); 890 OPENSSL_free(port); 891 X509_email_free(aia); 892 } 893 if (id) 894 OCSP_CERTID_free(id); 895 if (req) 896 OCSP_REQUEST_free(req); 897 if (resp) 898 OCSP_RESPONSE_free(resp); 899 return ret; 900 err: 901 ret = SSL_TLSEXT_ERR_ALERT_FATAL; 902 goto done; 903 } 904 905# ifndef OPENSSL_NO_NEXTPROTONEG 906/* This is the context that we pass to next_proto_cb */ 907typedef struct tlsextnextprotoctx_st { 908 unsigned char *data; 909 unsigned int len; 910} tlsextnextprotoctx; 911 912static int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 913 { 914 tlsextnextprotoctx *next_proto = arg; 915 916 *data = next_proto->data; 917 *len = next_proto->len; 918 919 return SSL_TLSEXT_ERR_OK; 920 } 921# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 922 923 924#endif 925 926int MAIN(int, char **); 927 928#ifndef OPENSSL_NO_JPAKE 929static char *jpake_secret = NULL; 930#endif 931#ifndef OPENSSL_NO_SRP 932 static srpsrvparm srp_callback_parm; 933#endif 934#ifndef OPENSSL_NO_SRTP 935static char *srtp_profiles = NULL; 936#endif 937 938int MAIN(int argc, char *argv[]) 939 { 940 X509_VERIFY_PARAM *vpm = NULL; 941 int badarg = 0; 942 short port=PORT; 943 char *CApath=NULL,*CAfile=NULL; 944 unsigned char *context = NULL; 945 char *dhfile = NULL; 946#ifndef OPENSSL_NO_ECDH 947 char *named_curve = NULL; 948#endif 949 int badop=0,bugs=0; 950 int ret=1; 951 int off=0; 952 int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0; 953 int state=0; 954 const SSL_METHOD *meth=NULL; 955 int socket_type=SOCK_STREAM; 956 ENGINE *e=NULL; 957 char *inrand=NULL; 958 int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; 959 char *passarg = NULL, *pass = NULL; 960 char *dpassarg = NULL, *dpass = NULL; 961 int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; 962 X509 *s_cert = NULL, *s_dcert = NULL; 963 EVP_PKEY *s_key = NULL, *s_dkey = NULL; 964 int no_cache = 0; 965#ifndef OPENSSL_NO_TLSEXT 966 EVP_PKEY *s_key2 = NULL; 967 X509 *s_cert2 = NULL; 968 tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; 969# ifndef OPENSSL_NO_NEXTPROTONEG 970 const char *next_proto_neg_in = NULL; 971 tlsextnextprotoctx next_proto; 972# endif 973#endif 974#ifndef OPENSSL_NO_PSK 975 /* by default do not send a PSK identity hint */ 976 static char *psk_identity_hint=NULL; 977#endif 978#ifndef OPENSSL_NO_SRP 979 char *srpuserseed = NULL; 980 char *srp_verifier_file = NULL; 981#endif 982 meth=SSLv23_server_method(); 983 984 local_argc=argc; 985 local_argv=argv; 986 987 apps_startup(); 988#ifdef MONOLITH 989 s_server_init(); 990#endif 991 992 if (bio_err == NULL) 993 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 994 995 if (!load_config(bio_err, NULL)) 996 goto end; 997 998 verify_depth=0; 999#ifdef FIONBIO 1000 s_nbio=0; 1001#endif 1002 s_nbio_test=0; 1003 1004 argc--; 1005 argv++; 1006 1007 while (argc >= 1) 1008 { 1009 if ((strcmp(*argv,"-port") == 0) || 1010 (strcmp(*argv,"-accept") == 0)) 1011 { 1012 if (--argc < 1) goto bad; 1013 if (!extract_port(*(++argv),&port)) 1014 goto bad; 1015 } 1016 else if (strcmp(*argv,"-verify") == 0) 1017 { 1018 s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE; 1019 if (--argc < 1) goto bad; 1020 verify_depth=atoi(*(++argv)); 1021 BIO_printf(bio_err,"verify depth is %d\n",verify_depth); 1022 } 1023 else if (strcmp(*argv,"-Verify") == 0) 1024 { 1025 s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT| 1026 SSL_VERIFY_CLIENT_ONCE; 1027 if (--argc < 1) goto bad; 1028 verify_depth=atoi(*(++argv)); 1029 BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth); 1030 } 1031 else if (strcmp(*argv,"-context") == 0) 1032 { 1033 if (--argc < 1) goto bad; 1034 context= (unsigned char *)*(++argv); 1035 } 1036 else if (strcmp(*argv,"-cert") == 0) 1037 { 1038 if (--argc < 1) goto bad; 1039 s_cert_file= *(++argv); 1040 } 1041 else if (strcmp(*argv,"-certform") == 0) 1042 { 1043 if (--argc < 1) goto bad; 1044 s_cert_format = str2fmt(*(++argv)); 1045 } 1046 else if (strcmp(*argv,"-key") == 0) 1047 { 1048 if (--argc < 1) goto bad; 1049 s_key_file= *(++argv); 1050 } 1051 else if (strcmp(*argv,"-keyform") == 0) 1052 { 1053 if (--argc < 1) goto bad; 1054 s_key_format = str2fmt(*(++argv)); 1055 } 1056 else if (strcmp(*argv,"-pass") == 0) 1057 { 1058 if (--argc < 1) goto bad; 1059 passarg = *(++argv); 1060 } 1061 else if (strcmp(*argv,"-dhparam") == 0) 1062 { 1063 if (--argc < 1) goto bad; 1064 dhfile = *(++argv); 1065 } 1066#ifndef OPENSSL_NO_ECDH 1067 else if (strcmp(*argv,"-named_curve") == 0) 1068 { 1069 if (--argc < 1) goto bad; 1070 named_curve = *(++argv); 1071 } 1072#endif 1073 else if (strcmp(*argv,"-dcertform") == 0) 1074 { 1075 if (--argc < 1) goto bad; 1076 s_dcert_format = str2fmt(*(++argv)); 1077 } 1078 else if (strcmp(*argv,"-dcert") == 0) 1079 { 1080 if (--argc < 1) goto bad; 1081 s_dcert_file= *(++argv); 1082 } 1083 else if (strcmp(*argv,"-dkeyform") == 0) 1084 { 1085 if (--argc < 1) goto bad; 1086 s_dkey_format = str2fmt(*(++argv)); 1087 } 1088 else if (strcmp(*argv,"-dpass") == 0) 1089 { 1090 if (--argc < 1) goto bad; 1091 dpassarg = *(++argv); 1092 } 1093 else if (strcmp(*argv,"-dkey") == 0) 1094 { 1095 if (--argc < 1) goto bad; 1096 s_dkey_file= *(++argv); 1097 } 1098 else if (strcmp(*argv,"-nocert") == 0) 1099 { 1100 nocert=1; 1101 } 1102 else if (strcmp(*argv,"-CApath") == 0) 1103 { 1104 if (--argc < 1) goto bad; 1105 CApath= *(++argv); 1106 } 1107 else if (strcmp(*argv,"-no_cache") == 0) 1108 no_cache = 1; 1109 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) 1110 { 1111 if (badarg) 1112 goto bad; 1113 continue; 1114 } 1115 else if (strcmp(*argv,"-verify_return_error") == 0) 1116 verify_return_error = 1; 1117 else if (strcmp(*argv,"-serverpref") == 0) 1118 { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } 1119 else if (strcmp(*argv,"-legacy_renegotiation") == 0) 1120 off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 1121 else if (strcmp(*argv,"-cipher") == 0) 1122 { 1123 if (--argc < 1) goto bad; 1124 cipher= *(++argv); 1125 } 1126 else if (strcmp(*argv,"-CAfile") == 0) 1127 { 1128 if (--argc < 1) goto bad; 1129 CAfile= *(++argv); 1130 } 1131#ifdef FIONBIO 1132 else if (strcmp(*argv,"-nbio") == 0) 1133 { s_nbio=1; } 1134#endif 1135 else if (strcmp(*argv,"-nbio_test") == 0) 1136 { 1137#ifdef FIONBIO 1138 s_nbio=1; 1139#endif 1140 s_nbio_test=1; 1141 } 1142 else if (strcmp(*argv,"-debug") == 0) 1143 { s_debug=1; } 1144#ifndef OPENSSL_NO_TLSEXT 1145 else if (strcmp(*argv,"-tlsextdebug") == 0) 1146 s_tlsextdebug=1; 1147 else if (strcmp(*argv,"-status") == 0) 1148 s_tlsextstatus=1; 1149 else if (strcmp(*argv,"-status_verbose") == 0) 1150 { 1151 s_tlsextstatus=1; 1152 tlscstatp.verbose = 1; 1153 } 1154 else if (!strcmp(*argv, "-status_timeout")) 1155 { 1156 s_tlsextstatus=1; 1157 if (--argc < 1) goto bad; 1158 tlscstatp.timeout = atoi(*(++argv)); 1159 } 1160 else if (!strcmp(*argv, "-status_url")) 1161 { 1162 s_tlsextstatus=1; 1163 if (--argc < 1) goto bad; 1164 if (!OCSP_parse_url(*(++argv), 1165 &tlscstatp.host, 1166 &tlscstatp.port, 1167 &tlscstatp.path, 1168 &tlscstatp.use_ssl)) 1169 { 1170 BIO_printf(bio_err, "Error parsing URL\n"); 1171 goto bad; 1172 } 1173 } 1174#endif 1175 else if (strcmp(*argv,"-msg") == 0) 1176 { s_msg=1; } 1177 else if (strcmp(*argv,"-hack") == 0) 1178 { hack=1; } 1179 else if (strcmp(*argv,"-state") == 0) 1180 { state=1; } 1181 else if (strcmp(*argv,"-crlf") == 0) 1182 { s_crlf=1; } 1183 else if (strcmp(*argv,"-quiet") == 0) 1184 { s_quiet=1; } 1185 else if (strcmp(*argv,"-bugs") == 0) 1186 { bugs=1; } 1187 else if (strcmp(*argv,"-no_tmp_rsa") == 0) 1188 { no_tmp_rsa=1; } 1189 else if (strcmp(*argv,"-no_dhe") == 0) 1190 { no_dhe=1; } 1191 else if (strcmp(*argv,"-no_ecdhe") == 0) 1192 { no_ecdhe=1; } 1193#ifndef OPENSSL_NO_PSK 1194 else if (strcmp(*argv,"-psk_hint") == 0) 1195 { 1196 if (--argc < 1) goto bad; 1197 psk_identity_hint= *(++argv); 1198 } 1199 else if (strcmp(*argv,"-psk") == 0) 1200 { 1201 size_t i; 1202 1203 if (--argc < 1) goto bad; 1204 psk_key=*(++argv); 1205 for (i=0; i<strlen(psk_key); i++) 1206 { 1207 if (isxdigit((unsigned char)psk_key[i])) 1208 continue; 1209 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); 1210 goto bad; 1211 } 1212 } 1213#endif 1214#ifndef OPENSSL_NO_SRP 1215 else if (strcmp(*argv, "-srpvfile") == 0) 1216 { 1217 if (--argc < 1) goto bad; 1218 srp_verifier_file = *(++argv); 1219 meth=TLSv1_server_method(); 1220 } 1221 else if (strcmp(*argv, "-srpuserseed") == 0) 1222 { 1223 if (--argc < 1) goto bad; 1224 srpuserseed = *(++argv); 1225 meth=TLSv1_server_method(); 1226 } 1227#endif 1228 else if (strcmp(*argv,"-www") == 0) 1229 { www=1; } 1230 else if (strcmp(*argv,"-WWW") == 0) 1231 { www=2; } 1232 else if (strcmp(*argv,"-HTTP") == 0) 1233 { www=3; } 1234 else if (strcmp(*argv,"-no_ssl2") == 0) 1235 { off|=SSL_OP_NO_SSLv2; } 1236 else if (strcmp(*argv,"-no_ssl3") == 0) 1237 { off|=SSL_OP_NO_SSLv3; } 1238 else if (strcmp(*argv,"-no_tls1") == 0) 1239 { off|=SSL_OP_NO_TLSv1; } 1240 else if (strcmp(*argv,"-no_tls1_1") == 0) 1241 { off|=SSL_OP_NO_TLSv1_1; } 1242 else if (strcmp(*argv,"-no_tls1_2") == 0) 1243 { off|=SSL_OP_NO_TLSv1_2; } 1244 else if (strcmp(*argv,"-no_comp") == 0) 1245 { off|=SSL_OP_NO_COMPRESSION; } 1246#ifndef OPENSSL_NO_TLSEXT 1247 else if (strcmp(*argv,"-no_ticket") == 0) 1248 { off|=SSL_OP_NO_TICKET; } 1249#endif 1250#ifndef OPENSSL_NO_SSL2 1251 else if (strcmp(*argv,"-ssl2") == 0) 1252 { meth=SSLv2_server_method(); } 1253#endif 1254#ifndef OPENSSL_NO_SSL3 1255 else if (strcmp(*argv,"-ssl3") == 0) 1256 { meth=SSLv3_server_method(); } 1257#endif 1258#ifndef OPENSSL_NO_TLS1 1259 else if (strcmp(*argv,"-tls1") == 0) 1260 { meth=TLSv1_server_method(); } 1261 else if (strcmp(*argv,"-tls1_1") == 0) 1262 { meth=TLSv1_1_server_method(); } 1263 else if (strcmp(*argv,"-tls1_2") == 0) 1264 { meth=TLSv1_2_server_method(); } 1265#endif 1266#ifndef OPENSSL_NO_DTLS1 1267 else if (strcmp(*argv,"-dtls1") == 0) 1268 { 1269 meth=DTLSv1_server_method(); 1270 socket_type = SOCK_DGRAM; 1271 } 1272 else if (strcmp(*argv,"-timeout") == 0) 1273 enable_timeouts = 1; 1274 else if (strcmp(*argv,"-mtu") == 0) 1275 { 1276 if (--argc < 1) goto bad; 1277 socket_mtu = atol(*(++argv)); 1278 } 1279 else if (strcmp(*argv, "-chain") == 0) 1280 cert_chain = 1; 1281#endif 1282 else if (strcmp(*argv, "-id_prefix") == 0) 1283 { 1284 if (--argc < 1) goto bad; 1285 session_id_prefix = *(++argv); 1286 } 1287#ifndef OPENSSL_NO_ENGINE 1288 else if (strcmp(*argv,"-engine") == 0) 1289 { 1290 if (--argc < 1) goto bad; 1291 engine_id= *(++argv); 1292 } 1293#endif 1294 else if (strcmp(*argv,"-rand") == 0) 1295 { 1296 if (--argc < 1) goto bad; 1297 inrand= *(++argv); 1298 } 1299#ifndef OPENSSL_NO_TLSEXT 1300 else if (strcmp(*argv,"-servername") == 0) 1301 { 1302 if (--argc < 1) goto bad; 1303 tlsextcbp.servername= *(++argv); 1304 } 1305 else if (strcmp(*argv,"-servername_fatal") == 0) 1306 { tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; } 1307 else if (strcmp(*argv,"-cert2") == 0) 1308 { 1309 if (--argc < 1) goto bad; 1310 s_cert_file2= *(++argv); 1311 } 1312 else if (strcmp(*argv,"-key2") == 0) 1313 { 1314 if (--argc < 1) goto bad; 1315 s_key_file2= *(++argv); 1316 } 1317# ifndef OPENSSL_NO_NEXTPROTONEG 1318 else if (strcmp(*argv,"-nextprotoneg") == 0) 1319 { 1320 if (--argc < 1) goto bad; 1321 next_proto_neg_in = *(++argv); 1322 } 1323# endif 1324#endif 1325#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1326 else if (strcmp(*argv,"-jpake") == 0) 1327 { 1328 if (--argc < 1) goto bad; 1329 jpake_secret = *(++argv); 1330 } 1331#endif 1332#ifndef OPENSSL_NO_SRTP 1333 else if (strcmp(*argv,"-use_srtp") == 0) 1334 { 1335 if (--argc < 1) goto bad; 1336 srtp_profiles = *(++argv); 1337 } 1338#endif 1339 else if (strcmp(*argv,"-keymatexport") == 0) 1340 { 1341 if (--argc < 1) goto bad; 1342 keymatexportlabel= *(++argv); 1343 } 1344 else if (strcmp(*argv,"-keymatexportlen") == 0) 1345 { 1346 if (--argc < 1) goto bad; 1347 keymatexportlen=atoi(*(++argv)); 1348 if (keymatexportlen == 0) goto bad; 1349 } 1350 else 1351 { 1352 BIO_printf(bio_err,"unknown option %s\n",*argv); 1353 badop=1; 1354 break; 1355 } 1356 argc--; 1357 argv++; 1358 } 1359 if (badop) 1360 { 1361bad: 1362 sv_usage(); 1363 goto end; 1364 } 1365#ifndef OPENSSL_NO_DTLS1 1366 if (www && socket_type == SOCK_DGRAM) 1367 { 1368 BIO_printf(bio_err, 1369 "Can't use -HTTP, -www or -WWW with DTLS\n"); 1370 goto end; 1371 } 1372#endif 1373 1374#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1375 if (jpake_secret) 1376 { 1377 if (psk_key) 1378 { 1379 BIO_printf(bio_err, 1380 "Can't use JPAKE and PSK together\n"); 1381 goto end; 1382 } 1383 psk_identity = "JPAKE"; 1384 if (cipher) 1385 { 1386 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1387 goto end; 1388 } 1389 cipher = "PSK"; 1390 } 1391 1392#endif 1393 1394 SSL_load_error_strings(); 1395 OpenSSL_add_ssl_algorithms(); 1396 1397#ifndef OPENSSL_NO_ENGINE 1398 e = setup_engine(bio_err, engine_id, 1); 1399#endif 1400 1401 if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) 1402 { 1403 BIO_printf(bio_err, "Error getting password\n"); 1404 goto end; 1405 } 1406 1407 1408 if (s_key_file == NULL) 1409 s_key_file = s_cert_file; 1410#ifndef OPENSSL_NO_TLSEXT 1411 if (s_key_file2 == NULL) 1412 s_key_file2 = s_cert_file2; 1413#endif 1414 1415 if (nocert == 0) 1416 { 1417 s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, 1418 "server certificate private key file"); 1419 if (!s_key) 1420 { 1421 ERR_print_errors(bio_err); 1422 goto end; 1423 } 1424 1425 s_cert = load_cert(bio_err,s_cert_file,s_cert_format, 1426 NULL, e, "server certificate file"); 1427 1428 if (!s_cert) 1429 { 1430 ERR_print_errors(bio_err); 1431 goto end; 1432 } 1433 1434#ifndef OPENSSL_NO_TLSEXT 1435 if (tlsextcbp.servername) 1436 { 1437 s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, 1438 "second server certificate private key file"); 1439 if (!s_key2) 1440 { 1441 ERR_print_errors(bio_err); 1442 goto end; 1443 } 1444 1445 s_cert2 = load_cert(bio_err,s_cert_file2,s_cert_format, 1446 NULL, e, "second server certificate file"); 1447 1448 if (!s_cert2) 1449 { 1450 ERR_print_errors(bio_err); 1451 goto end; 1452 } 1453 } 1454#endif 1455 } 1456 1457#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 1458 if (next_proto_neg_in) 1459 { 1460 unsigned short len; 1461 next_proto.data = next_protos_parse(&len, next_proto_neg_in); 1462 if (next_proto.data == NULL) 1463 goto end; 1464 next_proto.len = len; 1465 } 1466 else 1467 { 1468 next_proto.data = NULL; 1469 } 1470# endif 1471 1472 1473 if (s_dcert_file) 1474 { 1475 1476 if (s_dkey_file == NULL) 1477 s_dkey_file = s_dcert_file; 1478 1479 s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, 1480 0, dpass, e, 1481 "second certificate private key file"); 1482 if (!s_dkey) 1483 { 1484 ERR_print_errors(bio_err); 1485 goto end; 1486 } 1487 1488 s_dcert = load_cert(bio_err,s_dcert_file,s_dcert_format, 1489 NULL, e, "second server certificate file"); 1490 1491 if (!s_dcert) 1492 { 1493 ERR_print_errors(bio_err); 1494 goto end; 1495 } 1496 1497 } 1498 1499 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1500 && !RAND_status()) 1501 { 1502 BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 1503 } 1504 if (inrand != NULL) 1505 BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 1506 app_RAND_load_files(inrand)); 1507 1508 if (bio_s_out == NULL) 1509 { 1510 if (s_quiet && !s_debug && !s_msg) 1511 { 1512 bio_s_out=BIO_new(BIO_s_null()); 1513 } 1514 else 1515 { 1516 if (bio_s_out == NULL) 1517 bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE); 1518 } 1519 } 1520 1521#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) 1522 if (nocert) 1523#endif 1524 { 1525 s_cert_file=NULL; 1526 s_key_file=NULL; 1527 s_dcert_file=NULL; 1528 s_dkey_file=NULL; 1529#ifndef OPENSSL_NO_TLSEXT 1530 s_cert_file2=NULL; 1531 s_key_file2=NULL; 1532#endif 1533 } 1534 1535 ctx=SSL_CTX_new(meth); 1536 if (ctx == NULL) 1537 { 1538 ERR_print_errors(bio_err); 1539 goto end; 1540 } 1541 if (session_id_prefix) 1542 { 1543 if(strlen(session_id_prefix) >= 32) 1544 BIO_printf(bio_err, 1545"warning: id_prefix is too long, only one new session will be possible\n"); 1546 else if(strlen(session_id_prefix) >= 16) 1547 BIO_printf(bio_err, 1548"warning: id_prefix is too long if you use SSLv2\n"); 1549 if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) 1550 { 1551 BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1552 ERR_print_errors(bio_err); 1553 goto end; 1554 } 1555 BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1556 } 1557 SSL_CTX_set_quiet_shutdown(ctx,1); 1558 if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); 1559 if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1560 SSL_CTX_set_options(ctx,off); 1561 /* DTLS: partial reads end up discarding unread UDP bytes :-( 1562 * Setting read ahead solves this problem. 1563 */ 1564 if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); 1565 1566 if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); 1567 if (no_cache) 1568 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); 1569 else 1570 SSL_CTX_sess_set_cache_size(ctx,128); 1571 1572#ifndef OPENSSL_NO_SRTP 1573 if (srtp_profiles != NULL) 1574 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1575#endif 1576 1577#if 0 1578 if (cipher == NULL) cipher=getenv("SSL_CIPHER"); 1579#endif 1580 1581#if 0 1582 if (s_cert_file == NULL) 1583 { 1584 BIO_printf(bio_err,"You must specify a certificate file for the server to use\n"); 1585 goto end; 1586 } 1587#endif 1588 1589 if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || 1590 (!SSL_CTX_set_default_verify_paths(ctx))) 1591 { 1592 /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ 1593 ERR_print_errors(bio_err); 1594 /* goto end; */ 1595 } 1596 if (vpm) 1597 SSL_CTX_set1_param(ctx, vpm); 1598 1599#ifndef OPENSSL_NO_TLSEXT 1600 if (s_cert2) 1601 { 1602 ctx2=SSL_CTX_new(meth); 1603 if (ctx2 == NULL) 1604 { 1605 ERR_print_errors(bio_err); 1606 goto end; 1607 } 1608 } 1609 1610 if (ctx2) 1611 { 1612 BIO_printf(bio_s_out,"Setting secondary ctx parameters\n"); 1613 1614 if (session_id_prefix) 1615 { 1616 if(strlen(session_id_prefix) >= 32) 1617 BIO_printf(bio_err, 1618 "warning: id_prefix is too long, only one new session will be possible\n"); 1619 else if(strlen(session_id_prefix) >= 16) 1620 BIO_printf(bio_err, 1621 "warning: id_prefix is too long if you use SSLv2\n"); 1622 if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) 1623 { 1624 BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1625 ERR_print_errors(bio_err); 1626 goto end; 1627 } 1628 BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1629 } 1630 SSL_CTX_set_quiet_shutdown(ctx2,1); 1631 if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL); 1632 if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1633 SSL_CTX_set_options(ctx2,off); 1634 /* DTLS: partial reads end up discarding unread UDP bytes :-( 1635 * Setting read ahead solves this problem. 1636 */ 1637 if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1); 1638 1639 if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback); 1640 1641 if (no_cache) 1642 SSL_CTX_set_session_cache_mode(ctx2,SSL_SESS_CACHE_OFF); 1643 else 1644 SSL_CTX_sess_set_cache_size(ctx2,128); 1645 1646 if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) || 1647 (!SSL_CTX_set_default_verify_paths(ctx2))) 1648 { 1649 ERR_print_errors(bio_err); 1650 } 1651 if (vpm) 1652 SSL_CTX_set1_param(ctx2, vpm); 1653 } 1654 1655# ifndef OPENSSL_NO_NEXTPROTONEG 1656 if (next_proto.data) 1657 SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); 1658# endif 1659#endif 1660 1661#ifndef OPENSSL_NO_DH 1662 if (!no_dhe) 1663 { 1664 DH *dh=NULL; 1665 1666 if (dhfile) 1667 dh = load_dh_param(dhfile); 1668 else if (s_cert_file) 1669 dh = load_dh_param(s_cert_file); 1670 1671 if (dh != NULL) 1672 { 1673 BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1674 } 1675 else 1676 { 1677 BIO_printf(bio_s_out,"Using default temp DH parameters\n"); 1678 dh=get_dh512(); 1679 } 1680 (void)BIO_flush(bio_s_out); 1681 1682 SSL_CTX_set_tmp_dh(ctx,dh); 1683#ifndef OPENSSL_NO_TLSEXT 1684 if (ctx2) 1685 { 1686 if (!dhfile) 1687 { 1688 DH *dh2=load_dh_param(s_cert_file2); 1689 if (dh2 != NULL) 1690 { 1691 BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1692 (void)BIO_flush(bio_s_out); 1693 1694 DH_free(dh); 1695 dh = dh2; 1696 } 1697 } 1698 SSL_CTX_set_tmp_dh(ctx2,dh); 1699 } 1700#endif 1701 DH_free(dh); 1702 } 1703#endif 1704 1705#ifndef OPENSSL_NO_ECDH 1706 if (!no_ecdhe) 1707 { 1708 EC_KEY *ecdh=NULL; 1709 1710 if (named_curve) 1711 { 1712 int nid = OBJ_sn2nid(named_curve); 1713 1714 if (nid == 0) 1715 { 1716 BIO_printf(bio_err, "unknown curve name (%s)\n", 1717 named_curve); 1718 goto end; 1719 } 1720 ecdh = EC_KEY_new_by_curve_name(nid); 1721 if (ecdh == NULL) 1722 { 1723 BIO_printf(bio_err, "unable to create curve (%s)\n", 1724 named_curve); 1725 goto end; 1726 } 1727 } 1728 1729 if (ecdh != NULL) 1730 { 1731 BIO_printf(bio_s_out,"Setting temp ECDH parameters\n"); 1732 } 1733 else 1734 { 1735 BIO_printf(bio_s_out,"Using default temp ECDH parameters\n"); 1736 ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); 1737 if (ecdh == NULL) 1738 { 1739 BIO_printf(bio_err, "unable to create curve (nistp256)\n"); 1740 goto end; 1741 } 1742 } 1743 (void)BIO_flush(bio_s_out); 1744 1745 SSL_CTX_set_tmp_ecdh(ctx,ecdh); 1746#ifndef OPENSSL_NO_TLSEXT 1747 if (ctx2) 1748 SSL_CTX_set_tmp_ecdh(ctx2,ecdh); 1749#endif 1750 EC_KEY_free(ecdh); 1751 } 1752#endif 1753 1754 if (!set_cert_key_stuff(ctx,s_cert,s_key)) 1755 goto end; 1756#ifndef OPENSSL_NO_TLSEXT 1757 if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2)) 1758 goto end; 1759#endif 1760 if (s_dcert != NULL) 1761 { 1762 if (!set_cert_key_stuff(ctx,s_dcert,s_dkey)) 1763 goto end; 1764 } 1765 1766#ifndef OPENSSL_NO_RSA 1767#if 1 1768 if (!no_tmp_rsa) 1769 { 1770 SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); 1771#ifndef OPENSSL_NO_TLSEXT 1772 if (ctx2) 1773 SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb); 1774#endif 1775 } 1776#else 1777 if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) 1778 { 1779 RSA *rsa; 1780 1781 BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key..."); 1782 BIO_flush(bio_s_out); 1783 1784 rsa=RSA_generate_key(512,RSA_F4,NULL); 1785 1786 if (!SSL_CTX_set_tmp_rsa(ctx,rsa)) 1787 { 1788 ERR_print_errors(bio_err); 1789 goto end; 1790 } 1791#ifndef OPENSSL_NO_TLSEXT 1792 if (ctx2) 1793 { 1794 if (!SSL_CTX_set_tmp_rsa(ctx2,rsa)) 1795 { 1796 ERR_print_errors(bio_err); 1797 goto end; 1798 } 1799 } 1800#endif 1801 RSA_free(rsa); 1802 BIO_printf(bio_s_out,"\n"); 1803 } 1804#endif 1805#endif 1806 1807#ifndef OPENSSL_NO_PSK 1808#ifdef OPENSSL_NO_JPAKE 1809 if (psk_key != NULL) 1810#else 1811 if (psk_key != NULL || jpake_secret) 1812#endif 1813 { 1814 if (s_debug) 1815 BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n"); 1816 SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); 1817 } 1818 1819 if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) 1820 { 1821 BIO_printf(bio_err,"error setting PSK identity hint to context\n"); 1822 ERR_print_errors(bio_err); 1823 goto end; 1824 } 1825#endif 1826 1827 if (cipher != NULL) 1828 { 1829 if(!SSL_CTX_set_cipher_list(ctx,cipher)) 1830 { 1831 BIO_printf(bio_err,"error setting cipher list\n"); 1832 ERR_print_errors(bio_err); 1833 goto end; 1834 } 1835#ifndef OPENSSL_NO_TLSEXT 1836 if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher)) 1837 { 1838 BIO_printf(bio_err,"error setting cipher list\n"); 1839 ERR_print_errors(bio_err); 1840 goto end; 1841 } 1842#endif 1843 } 1844 SSL_CTX_set_verify(ctx,s_server_verify,verify_callback); 1845 SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context, 1846 sizeof s_server_session_id_context); 1847 1848 /* Set DTLS cookie generation and verification callbacks */ 1849 SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); 1850 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); 1851 1852#ifndef OPENSSL_NO_TLSEXT 1853 if (ctx2) 1854 { 1855 SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback); 1856 SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context, 1857 sizeof s_server_session_id_context); 1858 1859 tlsextcbp.biodebug = bio_s_out; 1860 SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); 1861 SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); 1862 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1863 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1864 } 1865#endif 1866 1867#ifndef OPENSSL_NO_SRP 1868 if (srp_verifier_file != NULL) 1869 { 1870 srp_callback_parm.vb = SRP_VBASE_new(srpuserseed); 1871 srp_callback_parm.user = NULL; 1872 srp_callback_parm.login = NULL; 1873 if ((ret = SRP_VBASE_init(srp_callback_parm.vb, srp_verifier_file)) != SRP_NO_ERROR) 1874 { 1875 BIO_printf(bio_err, 1876 "Cannot initialize SRP verifier file \"%s\":ret=%d\n", 1877 srp_verifier_file, ret); 1878 goto end; 1879 } 1880 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE,verify_callback); 1881 SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm); 1882 SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb); 1883 } 1884 else 1885#endif 1886 if (CAfile != NULL) 1887 { 1888 SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); 1889#ifndef OPENSSL_NO_TLSEXT 1890 if (ctx2) 1891 SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile)); 1892#endif 1893 } 1894 1895 BIO_printf(bio_s_out,"ACCEPT\n"); 1896 (void)BIO_flush(bio_s_out); 1897 if (www) 1898 do_server(port,socket_type,&accept_socket,www_body, context); 1899 else 1900 do_server(port,socket_type,&accept_socket,sv_body, context); 1901 print_stats(bio_s_out,ctx); 1902 ret=0; 1903end: 1904 if (ctx != NULL) SSL_CTX_free(ctx); 1905 if (s_cert) 1906 X509_free(s_cert); 1907 if (s_dcert) 1908 X509_free(s_dcert); 1909 if (s_key) 1910 EVP_PKEY_free(s_key); 1911 if (s_dkey) 1912 EVP_PKEY_free(s_dkey); 1913 if (pass) 1914 OPENSSL_free(pass); 1915 if (dpass) 1916 OPENSSL_free(dpass); 1917 if (vpm) 1918 X509_VERIFY_PARAM_free(vpm); 1919#ifndef OPENSSL_NO_TLSEXT 1920 if (tlscstatp.host) 1921 OPENSSL_free(tlscstatp.host); 1922 if (tlscstatp.port) 1923 OPENSSL_free(tlscstatp.port); 1924 if (tlscstatp.path) 1925 OPENSSL_free(tlscstatp.path); 1926 if (ctx2 != NULL) SSL_CTX_free(ctx2); 1927 if (s_cert2) 1928 X509_free(s_cert2); 1929 if (s_key2) 1930 EVP_PKEY_free(s_key2); 1931#endif 1932 if (bio_s_out != NULL) 1933 { 1934 BIO_free(bio_s_out); 1935 bio_s_out=NULL; 1936 } 1937 apps_shutdown(); 1938 OPENSSL_EXIT(ret); 1939 } 1940 1941static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) 1942 { 1943 BIO_printf(bio,"%4ld items in the session cache\n", 1944 SSL_CTX_sess_number(ssl_ctx)); 1945 BIO_printf(bio,"%4ld client connects (SSL_connect())\n", 1946 SSL_CTX_sess_connect(ssl_ctx)); 1947 BIO_printf(bio,"%4ld client renegotiates (SSL_connect())\n", 1948 SSL_CTX_sess_connect_renegotiate(ssl_ctx)); 1949 BIO_printf(bio,"%4ld client connects that finished\n", 1950 SSL_CTX_sess_connect_good(ssl_ctx)); 1951 BIO_printf(bio,"%4ld server accepts (SSL_accept())\n", 1952 SSL_CTX_sess_accept(ssl_ctx)); 1953 BIO_printf(bio,"%4ld server renegotiates (SSL_accept())\n", 1954 SSL_CTX_sess_accept_renegotiate(ssl_ctx)); 1955 BIO_printf(bio,"%4ld server accepts that finished\n", 1956 SSL_CTX_sess_accept_good(ssl_ctx)); 1957 BIO_printf(bio,"%4ld session cache hits\n",SSL_CTX_sess_hits(ssl_ctx)); 1958 BIO_printf(bio,"%4ld session cache misses\n",SSL_CTX_sess_misses(ssl_ctx)); 1959 BIO_printf(bio,"%4ld session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx)); 1960 BIO_printf(bio,"%4ld callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx)); 1961 BIO_printf(bio,"%4ld cache full overflows (%ld allowed)\n", 1962 SSL_CTX_sess_cache_full(ssl_ctx), 1963 SSL_CTX_sess_get_cache_size(ssl_ctx)); 1964 } 1965 1966static int sv_body(char *hostname, int s, unsigned char *context) 1967 { 1968 char *buf=NULL; 1969 fd_set readfds; 1970 int ret=1,width; 1971 int k,i, fdin; 1972 unsigned long l; 1973 SSL *con=NULL; 1974 BIO *sbio; 1975#ifndef OPENSSL_NO_KRB5 1976 KSSL_CTX *kctx; 1977#endif 1978 struct timeval timeout; 1979#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1980 struct timeval tv; 1981#else 1982 struct timeval *timeoutp; 1983#endif 1984 1985 if ((buf=OPENSSL_malloc(bufsize)) == NULL) 1986 { 1987 BIO_printf(bio_err,"out of memory\n"); 1988 goto err; 1989 } 1990#ifdef FIONBIO 1991 if (s_nbio) 1992 { 1993 unsigned long sl=1; 1994 1995 if (!s_quiet) 1996 BIO_printf(bio_err,"turning on non blocking io\n"); 1997 if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 1998 ERR_print_errors(bio_err); 1999 } 2000#endif 2001 2002 if (con == NULL) { 2003 con=SSL_new(ctx); 2004#ifndef OPENSSL_NO_TLSEXT 2005 if (s_tlsextdebug) 2006 { 2007 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2008 SSL_set_tlsext_debug_arg(con, bio_s_out); 2009 } 2010 if (s_tlsextstatus) 2011 { 2012 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); 2013 tlscstatp.err = bio_err; 2014 SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); 2015 } 2016#endif 2017#ifndef OPENSSL_NO_KRB5 2018 if ((kctx = kssl_ctx_new()) != NULL) 2019 { 2020 SSL_set0_kssl_ctx(con, kctx); 2021 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2022 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2023 } 2024#endif /* OPENSSL_NO_KRB5 */ 2025 if(context) 2026 SSL_set_session_id_context(con, context, 2027 strlen((char *)context)); 2028 } 2029 SSL_clear(con); 2030#if 0 2031#ifdef TLSEXT_TYPE_opaque_prf_input 2032 SSL_set_tlsext_opaque_prf_input(con, "Test server", 11); 2033#endif 2034#endif 2035 2036 if (SSL_version(con) == DTLS1_VERSION) 2037 { 2038 2039 sbio=BIO_new_dgram(s,BIO_NOCLOSE); 2040 2041 if (enable_timeouts) 2042 { 2043 timeout.tv_sec = 0; 2044 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 2045 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 2046 2047 timeout.tv_sec = 0; 2048 timeout.tv_usec = DGRAM_SND_TIMEOUT; 2049 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 2050 } 2051 2052 if (socket_mtu > 28) 2053 { 2054 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 2055 SSL_set_mtu(con, socket_mtu - 28); 2056 } 2057 else 2058 /* want to do MTU discovery */ 2059 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 2060 2061 /* turn on cookie exchange */ 2062 SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); 2063 } 2064 else 2065 sbio=BIO_new_socket(s,BIO_NOCLOSE); 2066 2067 if (s_nbio_test) 2068 { 2069 BIO *test; 2070 2071 test=BIO_new(BIO_f_nbio_test()); 2072 sbio=BIO_push(test,sbio); 2073 } 2074#ifndef OPENSSL_NO_JPAKE 2075 if(jpake_secret) 2076 jpake_server_auth(bio_s_out, sbio, jpake_secret); 2077#endif 2078 2079 SSL_set_bio(con,sbio,sbio); 2080 SSL_set_accept_state(con); 2081 /* SSL_set_fd(con,s); */ 2082 2083 if (s_debug) 2084 { 2085 SSL_set_debug(con, 1); 2086 BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2087 BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2088 } 2089 if (s_msg) 2090 { 2091 SSL_set_msg_callback(con, msg_cb); 2092 SSL_set_msg_callback_arg(con, bio_s_out); 2093 } 2094#ifndef OPENSSL_NO_TLSEXT 2095 if (s_tlsextdebug) 2096 { 2097 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2098 SSL_set_tlsext_debug_arg(con, bio_s_out); 2099 } 2100#endif 2101 2102 width=s+1; 2103 for (;;) 2104 { 2105 int read_from_terminal; 2106 int read_from_sslcon; 2107 2108 read_from_terminal = 0; 2109 read_from_sslcon = SSL_pending(con); 2110 2111 if (!read_from_sslcon) 2112 { 2113 fdin = fileno(stdin); 2114 if (fdin < 0) 2115 { 2116 BIO_printf(bio_err,"Bad fileno for stdin\n"); 2117 goto err; 2118 } 2119 FD_ZERO(&readfds); 2120#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5) 2121 openssl_fdset(fdin,&readfds); 2122#endif 2123 openssl_fdset(s,&readfds); 2124 /* Note: under VMS with SOCKETSHR the second parameter is 2125 * currently of type (int *) whereas under other systems 2126 * it is (void *) if you don't have a cast it will choke 2127 * the compiler: if you do have a cast then you can either 2128 * go for (int *) or (void *). 2129 */ 2130#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) 2131 /* Under DOS (non-djgpp) and Windows we can't select on stdin: only 2132 * on sockets. As a workaround we timeout the select every 2133 * second and check for any keypress. In a proper Windows 2134 * application we wouldn't do this because it is inefficient. 2135 */ 2136 tv.tv_sec = 1; 2137 tv.tv_usec = 0; 2138 i=select(width,(void *)&readfds,NULL,NULL,&tv); 2139 if((i < 0) || (!i && !_kbhit() ) )continue; 2140 if(_kbhit()) 2141 read_from_terminal = 1; 2142#elif defined(OPENSSL_SYS_BEOS_R5) 2143 /* Under BeOS-R5 the situation is similar to DOS */ 2144 tv.tv_sec = 1; 2145 tv.tv_usec = 0; 2146 (void)fcntl(fdin, F_SETFL, O_NONBLOCK); 2147 i=select(width,(void *)&readfds,NULL,NULL,&tv); 2148 if ((i < 0) || (!i && read(fdin, buf, 0) < 0)) 2149 continue; 2150 if (read(fdin, buf, 0) >= 0) 2151 read_from_terminal = 1; 2152 (void)fcntl(fdin, F_SETFL, 0); 2153#else 2154 if ((SSL_version(con) == DTLS1_VERSION) && 2155 DTLSv1_get_timeout(con, &timeout)) 2156 timeoutp = &timeout; 2157 else 2158 timeoutp = NULL; 2159 2160 i=select(width,(void *)&readfds,NULL,NULL,timeoutp); 2161 2162 if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) 2163 { 2164 BIO_printf(bio_err,"TIMEOUT occured\n"); 2165 } 2166 2167 if (i <= 0) continue; 2168 if (FD_ISSET(fdin,&readfds)) 2169 read_from_terminal = 1; 2170#endif 2171 if (FD_ISSET(s,&readfds)) 2172 read_from_sslcon = 1; 2173 } 2174 if (read_from_terminal) 2175 { 2176 if (s_crlf) 2177 { 2178 int j, lf_num; 2179 2180 i=raw_read_stdin(buf, bufsize/2); 2181 lf_num = 0; 2182 /* both loops are skipped when i <= 0 */ 2183 for (j = 0; j < i; j++) 2184 if (buf[j] == '\n') 2185 lf_num++; 2186 for (j = i-1; j >= 0; j--) 2187 { 2188 buf[j+lf_num] = buf[j]; 2189 if (buf[j] == '\n') 2190 { 2191 lf_num--; 2192 i++; 2193 buf[j+lf_num] = '\r'; 2194 } 2195 } 2196 assert(lf_num == 0); 2197 } 2198 else 2199 i=raw_read_stdin(buf,bufsize); 2200 if (!s_quiet) 2201 { 2202 if ((i <= 0) || (buf[0] == 'Q')) 2203 { 2204 BIO_printf(bio_s_out,"DONE\n"); 2205 SHUTDOWN(s); 2206 close_accept_socket(); 2207 ret= -11; 2208 goto err; 2209 } 2210 if ((i <= 0) || (buf[0] == 'q')) 2211 { 2212 BIO_printf(bio_s_out,"DONE\n"); 2213 if (SSL_version(con) != DTLS1_VERSION) 2214 SHUTDOWN(s); 2215 /* close_accept_socket(); 2216 ret= -11;*/ 2217 goto err; 2218 } 2219 2220#ifndef OPENSSL_NO_HEARTBEATS 2221 if ((buf[0] == 'B') && 2222 ((buf[1] == '\n') || (buf[1] == '\r'))) 2223 { 2224 BIO_printf(bio_err,"HEARTBEATING\n"); 2225 SSL_heartbeat(con); 2226 i=0; 2227 continue; 2228 } 2229#endif 2230 if ((buf[0] == 'r') && 2231 ((buf[1] == '\n') || (buf[1] == '\r'))) 2232 { 2233 SSL_renegotiate(con); 2234 i=SSL_do_handshake(con); 2235 printf("SSL_do_handshake -> %d\n",i); 2236 i=0; /*13; */ 2237 continue; 2238 /* strcpy(buf,"server side RE-NEGOTIATE\n"); */ 2239 } 2240 if ((buf[0] == 'R') && 2241 ((buf[1] == '\n') || (buf[1] == '\r'))) 2242 { 2243 SSL_set_verify(con, 2244 SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL); 2245 SSL_renegotiate(con); 2246 i=SSL_do_handshake(con); 2247 printf("SSL_do_handshake -> %d\n",i); 2248 i=0; /* 13; */ 2249 continue; 2250 /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */ 2251 } 2252 if (buf[0] == 'P') 2253 { 2254 static const char *str="Lets print some clear text\n"; 2255 BIO_write(SSL_get_wbio(con),str,strlen(str)); 2256 } 2257 if (buf[0] == 'S') 2258 { 2259 print_stats(bio_s_out,SSL_get_SSL_CTX(con)); 2260 } 2261 } 2262#ifdef CHARSET_EBCDIC 2263 ebcdic2ascii(buf,buf,i); 2264#endif 2265 l=k=0; 2266 for (;;) 2267 { 2268 /* should do a select for the write */ 2269#ifdef RENEG 2270{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } } 2271#endif 2272 k=SSL_write(con,&(buf[l]),(unsigned int)i); 2273#ifndef OPENSSL_NO_SRP 2274 while (SSL_get_error(con,k) == SSL_ERROR_WANT_X509_LOOKUP) 2275 { 2276 BIO_printf(bio_s_out,"LOOKUP renego during write\n"); 2277 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2278 if (srp_callback_parm.user) 2279 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2280 else 2281 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2282 k=SSL_write(con,&(buf[l]),(unsigned int)i); 2283 } 2284#endif 2285 switch (SSL_get_error(con,k)) 2286 { 2287 case SSL_ERROR_NONE: 2288 break; 2289 case SSL_ERROR_WANT_WRITE: 2290 case SSL_ERROR_WANT_READ: 2291 case SSL_ERROR_WANT_X509_LOOKUP: 2292 BIO_printf(bio_s_out,"Write BLOCK\n"); 2293 break; 2294 case SSL_ERROR_SYSCALL: 2295 case SSL_ERROR_SSL: 2296 BIO_printf(bio_s_out,"ERROR\n"); 2297 ERR_print_errors(bio_err); 2298 ret=1; 2299 goto err; 2300 /* break; */ 2301 case SSL_ERROR_ZERO_RETURN: 2302 BIO_printf(bio_s_out,"DONE\n"); 2303 ret=1; 2304 goto err; 2305 } 2306 l+=k; 2307 i-=k; 2308 if (i <= 0) break; 2309 } 2310 } 2311 if (read_from_sslcon) 2312 { 2313 if (!SSL_is_init_finished(con)) 2314 { 2315 i=init_ssl_connection(con); 2316 2317 if (i < 0) 2318 { 2319 ret=0; 2320 goto err; 2321 } 2322 else if (i == 0) 2323 { 2324 ret=1; 2325 goto err; 2326 } 2327 } 2328 else 2329 { 2330again: 2331 i=SSL_read(con,(char *)buf,bufsize); 2332#ifndef OPENSSL_NO_SRP 2333 while (SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2334 { 2335 BIO_printf(bio_s_out,"LOOKUP renego during read\n"); 2336 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2337 if (srp_callback_parm.user) 2338 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2339 else 2340 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2341 i=SSL_read(con,(char *)buf,bufsize); 2342 } 2343#endif 2344 switch (SSL_get_error(con,i)) 2345 { 2346 case SSL_ERROR_NONE: 2347#ifdef CHARSET_EBCDIC 2348 ascii2ebcdic(buf,buf,i); 2349#endif 2350 raw_write_stdout(buf, 2351 (unsigned int)i); 2352 if (SSL_pending(con)) goto again; 2353 break; 2354 case SSL_ERROR_WANT_WRITE: 2355 case SSL_ERROR_WANT_READ: 2356 BIO_printf(bio_s_out,"Read BLOCK\n"); 2357 break; 2358 case SSL_ERROR_SYSCALL: 2359 case SSL_ERROR_SSL: 2360 BIO_printf(bio_s_out,"ERROR\n"); 2361 ERR_print_errors(bio_err); 2362 ret=1; 2363 goto err; 2364 case SSL_ERROR_ZERO_RETURN: 2365 BIO_printf(bio_s_out,"DONE\n"); 2366 ret=1; 2367 goto err; 2368 } 2369 } 2370 } 2371 } 2372err: 2373 if (con != NULL) 2374 { 2375 BIO_printf(bio_s_out,"shutting down SSL\n"); 2376#if 1 2377 SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2378#else 2379 SSL_shutdown(con); 2380#endif 2381 SSL_free(con); 2382 } 2383 BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); 2384 if (buf != NULL) 2385 { 2386 OPENSSL_cleanse(buf,bufsize); 2387 OPENSSL_free(buf); 2388 } 2389 if (ret >= 0) 2390 BIO_printf(bio_s_out,"ACCEPT\n"); 2391 return(ret); 2392 } 2393 2394static void close_accept_socket(void) 2395 { 2396 BIO_printf(bio_err,"shutdown accept socket\n"); 2397 if (accept_socket >= 0) 2398 { 2399 SHUTDOWN2(accept_socket); 2400 } 2401 } 2402 2403static int init_ssl_connection(SSL *con) 2404 { 2405 int i; 2406 const char *str; 2407 X509 *peer; 2408 long verify_error; 2409 MS_STATIC char buf[BUFSIZ]; 2410#ifndef OPENSSL_NO_KRB5 2411 char *client_princ; 2412#endif 2413#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2414 const unsigned char *next_proto_neg; 2415 unsigned next_proto_neg_len; 2416#endif 2417 unsigned char *exportedkeymat; 2418 2419 2420 i=SSL_accept(con); 2421#ifndef OPENSSL_NO_SRP 2422 while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2423 { 2424 BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login); 2425 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2426 if (srp_callback_parm.user) 2427 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2428 else 2429 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2430 i=SSL_accept(con); 2431 } 2432#endif 2433 if (i <= 0) 2434 { 2435 if (BIO_sock_should_retry(i)) 2436 { 2437 BIO_printf(bio_s_out,"DELAY\n"); 2438 return(1); 2439 } 2440 2441 BIO_printf(bio_err,"ERROR\n"); 2442 verify_error=SSL_get_verify_result(con); 2443 if (verify_error != X509_V_OK) 2444 { 2445 BIO_printf(bio_err,"verify error:%s\n", 2446 X509_verify_cert_error_string(verify_error)); 2447 } 2448 else 2449 ERR_print_errors(bio_err); 2450 return(0); 2451 } 2452 2453 PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con)); 2454 2455 peer=SSL_get_peer_certificate(con); 2456 if (peer != NULL) 2457 { 2458 BIO_printf(bio_s_out,"Client certificate\n"); 2459 PEM_write_bio_X509(bio_s_out,peer); 2460 X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf); 2461 BIO_printf(bio_s_out,"subject=%s\n",buf); 2462 X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf); 2463 BIO_printf(bio_s_out,"issuer=%s\n",buf); 2464 X509_free(peer); 2465 } 2466 2467 if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL) 2468 BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); 2469 str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); 2470 BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); 2471 2472#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2473 SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); 2474 if (next_proto_neg) 2475 { 2476 BIO_printf(bio_s_out,"NEXTPROTO is "); 2477 BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); 2478 BIO_printf(bio_s_out, "\n"); 2479 } 2480#endif 2481#ifndef OPENSSL_NO_SRTP 2482 { 2483 SRTP_PROTECTION_PROFILE *srtp_profile 2484 = SSL_get_selected_srtp_profile(con); 2485 2486 if(srtp_profile) 2487 BIO_printf(bio_s_out,"SRTP Extension negotiated, profile=%s\n", 2488 srtp_profile->name); 2489 } 2490#endif 2491 if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n"); 2492 if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & 2493 TLS1_FLAGS_TLS_PADDING_BUG) 2494 BIO_printf(bio_s_out, 2495 "Peer has incorrect TLSv1 block padding\n"); 2496#ifndef OPENSSL_NO_KRB5 2497 client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con)); 2498 if (client_princ != NULL) 2499 { 2500 BIO_printf(bio_s_out,"Kerberos peer principal is %s\n", 2501 client_princ); 2502 } 2503#endif /* OPENSSL_NO_KRB5 */ 2504 BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", 2505 SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); 2506 if (keymatexportlabel != NULL) 2507 { 2508 BIO_printf(bio_s_out, "Keying material exporter:\n"); 2509 BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel); 2510 BIO_printf(bio_s_out, " Length: %i bytes\n", 2511 keymatexportlen); 2512 exportedkeymat = OPENSSL_malloc(keymatexportlen); 2513 if (exportedkeymat != NULL) 2514 { 2515 if (!SSL_export_keying_material(con, exportedkeymat, 2516 keymatexportlen, 2517 keymatexportlabel, 2518 strlen(keymatexportlabel), 2519 NULL, 0, 0)) 2520 { 2521 BIO_printf(bio_s_out, " Error\n"); 2522 } 2523 else 2524 { 2525 BIO_printf(bio_s_out, " Keying material: "); 2526 for (i=0; i<keymatexportlen; i++) 2527 BIO_printf(bio_s_out, "%02X", 2528 exportedkeymat[i]); 2529 BIO_printf(bio_s_out, "\n"); 2530 } 2531 OPENSSL_free(exportedkeymat); 2532 } 2533 } 2534 2535 return(1); 2536 } 2537 2538#ifndef OPENSSL_NO_DH 2539static DH *load_dh_param(const char *dhfile) 2540 { 2541 DH *ret=NULL; 2542 BIO *bio; 2543 2544 if ((bio=BIO_new_file(dhfile,"r")) == NULL) 2545 goto err; 2546 ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL); 2547err: 2548 if (bio != NULL) BIO_free(bio); 2549 return(ret); 2550 } 2551#endif 2552#ifndef OPENSSL_NO_KRB5 2553 char *client_princ; 2554#endif 2555 2556#if 0 2557static int load_CA(SSL_CTX *ctx, char *file) 2558 { 2559 FILE *in; 2560 X509 *x=NULL; 2561 2562 if ((in=fopen(file,"r")) == NULL) 2563 return(0); 2564 2565 for (;;) 2566 { 2567 if (PEM_read_X509(in,&x,NULL) == NULL) 2568 break; 2569 SSL_CTX_add_client_CA(ctx,x); 2570 } 2571 if (x != NULL) X509_free(x); 2572 fclose(in); 2573 return(1); 2574 } 2575#endif 2576 2577static int www_body(char *hostname, int s, unsigned char *context) 2578 { 2579 char *buf=NULL; 2580 int ret=1; 2581 int i,j,k,dot; 2582 SSL *con; 2583 const SSL_CIPHER *c; 2584 BIO *io,*ssl_bio,*sbio; 2585#ifndef OPENSSL_NO_KRB5 2586 KSSL_CTX *kctx; 2587#endif 2588 2589 buf=OPENSSL_malloc(bufsize); 2590 if (buf == NULL) return(0); 2591 io=BIO_new(BIO_f_buffer()); 2592 ssl_bio=BIO_new(BIO_f_ssl()); 2593 if ((io == NULL) || (ssl_bio == NULL)) goto err; 2594 2595#ifdef FIONBIO 2596 if (s_nbio) 2597 { 2598 unsigned long sl=1; 2599 2600 if (!s_quiet) 2601 BIO_printf(bio_err,"turning on non blocking io\n"); 2602 if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 2603 ERR_print_errors(bio_err); 2604 } 2605#endif 2606 2607 /* lets make the output buffer a reasonable size */ 2608 if (!BIO_set_write_buffer_size(io,bufsize)) goto err; 2609 2610 if ((con=SSL_new(ctx)) == NULL) goto err; 2611#ifndef OPENSSL_NO_TLSEXT 2612 if (s_tlsextdebug) 2613 { 2614 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2615 SSL_set_tlsext_debug_arg(con, bio_s_out); 2616 } 2617#endif 2618#ifndef OPENSSL_NO_KRB5 2619 if ((kctx = kssl_ctx_new()) != NULL) 2620 { 2621 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2622 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2623 } 2624#endif /* OPENSSL_NO_KRB5 */ 2625 if(context) SSL_set_session_id_context(con, context, 2626 strlen((char *)context)); 2627 2628 sbio=BIO_new_socket(s,BIO_NOCLOSE); 2629 if (s_nbio_test) 2630 { 2631 BIO *test; 2632 2633 test=BIO_new(BIO_f_nbio_test()); 2634 sbio=BIO_push(test,sbio); 2635 } 2636 SSL_set_bio(con,sbio,sbio); 2637 SSL_set_accept_state(con); 2638 2639 /* SSL_set_fd(con,s); */ 2640 BIO_set_ssl(ssl_bio,con,BIO_CLOSE); 2641 BIO_push(io,ssl_bio); 2642#ifdef CHARSET_EBCDIC 2643 io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io); 2644#endif 2645 2646 if (s_debug) 2647 { 2648 SSL_set_debug(con, 1); 2649 BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2650 BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2651 } 2652 if (s_msg) 2653 { 2654 SSL_set_msg_callback(con, msg_cb); 2655 SSL_set_msg_callback_arg(con, bio_s_out); 2656 } 2657 2658 for (;;) 2659 { 2660 if (hack) 2661 { 2662 i=SSL_accept(con); 2663#ifndef OPENSSL_NO_SRP 2664 while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2665 { 2666 BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login); 2667 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2668 if (srp_callback_parm.user) 2669 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2670 else 2671 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2672 i=SSL_accept(con); 2673 } 2674#endif 2675 switch (SSL_get_error(con,i)) 2676 { 2677 case SSL_ERROR_NONE: 2678 break; 2679 case SSL_ERROR_WANT_WRITE: 2680 case SSL_ERROR_WANT_READ: 2681 case SSL_ERROR_WANT_X509_LOOKUP: 2682 continue; 2683 case SSL_ERROR_SYSCALL: 2684 case SSL_ERROR_SSL: 2685 case SSL_ERROR_ZERO_RETURN: 2686 ret=1; 2687 goto err; 2688 /* break; */ 2689 } 2690 2691 SSL_renegotiate(con); 2692 SSL_write(con,NULL,0); 2693 } 2694 2695 i=BIO_gets(io,buf,bufsize-1); 2696 if (i < 0) /* error */ 2697 { 2698 if (!BIO_should_retry(io)) 2699 { 2700 if (!s_quiet) 2701 ERR_print_errors(bio_err); 2702 goto err; 2703 } 2704 else 2705 { 2706 BIO_printf(bio_s_out,"read R BLOCK\n"); 2707#if defined(OPENSSL_SYS_NETWARE) 2708 delay(1000); 2709#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) 2710 sleep(1); 2711#endif 2712 continue; 2713 } 2714 } 2715 else if (i == 0) /* end of input */ 2716 { 2717 ret=1; 2718 goto end; 2719 } 2720 2721 /* else we have data */ 2722 if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) || 2723 ((www == 2) && (strncmp("GET /stats ",buf,10) == 0))) 2724 { 2725 char *p; 2726 X509 *peer; 2727 STACK_OF(SSL_CIPHER) *sk; 2728 static const char *space=" "; 2729 2730 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2731 BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n"); 2732 BIO_puts(io,"<pre>\n"); 2733/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ 2734 BIO_puts(io,"\n"); 2735 for (i=0; i<local_argc; i++) 2736 { 2737 BIO_puts(io,local_argv[i]); 2738 BIO_write(io," ",1); 2739 } 2740 BIO_puts(io,"\n"); 2741 2742 BIO_printf(io, 2743 "Secure Renegotiation IS%s supported\n", 2744 SSL_get_secure_renegotiation_support(con) ? 2745 "" : " NOT"); 2746 2747 /* The following is evil and should not really 2748 * be done */ 2749 BIO_printf(io,"Ciphers supported in s_server binary\n"); 2750 sk=SSL_get_ciphers(con); 2751 j=sk_SSL_CIPHER_num(sk); 2752 for (i=0; i<j; i++) 2753 { 2754 c=sk_SSL_CIPHER_value(sk,i); 2755 BIO_printf(io,"%-11s:%-25s", 2756 SSL_CIPHER_get_version(c), 2757 SSL_CIPHER_get_name(c)); 2758 if ((((i+1)%2) == 0) && (i+1 != j)) 2759 BIO_puts(io,"\n"); 2760 } 2761 BIO_puts(io,"\n"); 2762 p=SSL_get_shared_ciphers(con,buf,bufsize); 2763 if (p != NULL) 2764 { 2765 BIO_printf(io,"---\nCiphers common between both SSL end points:\n"); 2766 j=i=0; 2767 while (*p) 2768 { 2769 if (*p == ':') 2770 { 2771 BIO_write(io,space,26-j); 2772 i++; 2773 j=0; 2774 BIO_write(io,((i%3)?" ":"\n"),1); 2775 } 2776 else 2777 { 2778 BIO_write(io,p,1); 2779 j++; 2780 } 2781 p++; 2782 } 2783 BIO_puts(io,"\n"); 2784 } 2785 BIO_printf(io,(SSL_cache_hit(con) 2786 ?"---\nReused, " 2787 :"---\nNew, ")); 2788 c=SSL_get_current_cipher(con); 2789 BIO_printf(io,"%s, Cipher is %s\n", 2790 SSL_CIPHER_get_version(c), 2791 SSL_CIPHER_get_name(c)); 2792 SSL_SESSION_print(io,SSL_get_session(con)); 2793 BIO_printf(io,"---\n"); 2794 print_stats(io,SSL_get_SSL_CTX(con)); 2795 BIO_printf(io,"---\n"); 2796 peer=SSL_get_peer_certificate(con); 2797 if (peer != NULL) 2798 { 2799 BIO_printf(io,"Client certificate\n"); 2800 X509_print(io,peer); 2801 PEM_write_bio_X509(io,peer); 2802 } 2803 else 2804 BIO_puts(io,"no client certificate available\n"); 2805 BIO_puts(io,"</BODY></HTML>\r\n\r\n"); 2806 break; 2807 } 2808 else if ((www == 2 || www == 3) 2809 && (strncmp("GET /",buf,5) == 0)) 2810 { 2811 BIO *file; 2812 char *p,*e; 2813 static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; 2814 2815 /* skip the '/' */ 2816 p= &(buf[5]); 2817 2818 dot = 1; 2819 for (e=p; *e != '\0'; e++) 2820 { 2821 if (e[0] == ' ') 2822 break; 2823 2824 switch (dot) 2825 { 2826 case 1: 2827 dot = (e[0] == '.') ? 2 : 0; 2828 break; 2829 case 2: 2830 dot = (e[0] == '.') ? 3 : 0; 2831 break; 2832 case 3: 2833 dot = (e[0] == '/') ? -1 : 0; 2834 break; 2835 } 2836 if (dot == 0) 2837 dot = (e[0] == '/') ? 1 : 0; 2838 } 2839 dot = (dot == 3) || (dot == -1); /* filename contains ".." component */ 2840 2841 if (*e == '\0') 2842 { 2843 BIO_puts(io,text); 2844 BIO_printf(io,"'%s' is an invalid file name\r\n",p); 2845 break; 2846 } 2847 *e='\0'; 2848 2849 if (dot) 2850 { 2851 BIO_puts(io,text); 2852 BIO_printf(io,"'%s' contains '..' reference\r\n",p); 2853 break; 2854 } 2855 2856 if (*p == '/') 2857 { 2858 BIO_puts(io,text); 2859 BIO_printf(io,"'%s' is an invalid path\r\n",p); 2860 break; 2861 } 2862 2863#if 0 2864 /* append if a directory lookup */ 2865 if (e[-1] == '/') 2866 strcat(p,"index.html"); 2867#endif 2868 2869 /* if a directory, do the index thang */ 2870 if (app_isdir(p)>0) 2871 { 2872#if 0 /* must check buffer size */ 2873 strcat(p,"/index.html"); 2874#else 2875 BIO_puts(io,text); 2876 BIO_printf(io,"'%s' is a directory\r\n",p); 2877 break; 2878#endif 2879 } 2880 2881 if ((file=BIO_new_file(p,"r")) == NULL) 2882 { 2883 BIO_puts(io,text); 2884 BIO_printf(io,"Error opening '%s'\r\n",p); 2885 ERR_print_errors(io); 2886 break; 2887 } 2888 2889 if (!s_quiet) 2890 BIO_printf(bio_err,"FILE:%s\n",p); 2891 2892 if (www == 2) 2893 { 2894 i=strlen(p); 2895 if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) || 2896 ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) || 2897 ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0))) 2898 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2899 else 2900 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); 2901 } 2902 /* send the file */ 2903 for (;;) 2904 { 2905 i=BIO_read(file,buf,bufsize); 2906 if (i <= 0) break; 2907 2908#ifdef RENEG 2909 total_bytes+=i; 2910 fprintf(stderr,"%d\n",i); 2911 if (total_bytes > 3*1024) 2912 { 2913 total_bytes=0; 2914 fprintf(stderr,"RENEGOTIATE\n"); 2915 SSL_renegotiate(con); 2916 } 2917#endif 2918 2919 for (j=0; j<i; ) 2920 { 2921#ifdef RENEG 2922{ static count=0; if (++count == 13) { SSL_renegotiate(con); } } 2923#endif 2924 k=BIO_write(io,&(buf[j]),i-j); 2925 if (k <= 0) 2926 { 2927 if (!BIO_should_retry(io)) 2928 goto write_error; 2929 else 2930 { 2931 BIO_printf(bio_s_out,"rwrite W BLOCK\n"); 2932 } 2933 } 2934 else 2935 { 2936 j+=k; 2937 } 2938 } 2939 } 2940write_error: 2941 BIO_free(file); 2942 break; 2943 } 2944 } 2945 2946 for (;;) 2947 { 2948 i=(int)BIO_flush(io); 2949 if (i <= 0) 2950 { 2951 if (!BIO_should_retry(io)) 2952 break; 2953 } 2954 else 2955 break; 2956 } 2957end: 2958#if 1 2959 /* make sure we re-use sessions */ 2960 SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2961#else 2962 /* This kills performance */ 2963/* SSL_shutdown(con); A shutdown gets sent in the 2964 * BIO_free_all(io) procession */ 2965#endif 2966 2967err: 2968 2969 if (ret >= 0) 2970 BIO_printf(bio_s_out,"ACCEPT\n"); 2971 2972 if (buf != NULL) OPENSSL_free(buf); 2973 if (io != NULL) BIO_free_all(io); 2974/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ 2975 return(ret); 2976 } 2977 2978#ifndef OPENSSL_NO_RSA 2979static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2980 { 2981 BIGNUM *bn = NULL; 2982 static RSA *rsa_tmp=NULL; 2983 2984 if (!rsa_tmp && ((bn = BN_new()) == NULL)) 2985 BIO_printf(bio_err,"Allocation error in generating RSA key\n"); 2986 if (!rsa_tmp && bn) 2987 { 2988 if (!s_quiet) 2989 { 2990 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); 2991 (void)BIO_flush(bio_err); 2992 } 2993 if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || 2994 !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) 2995 { 2996 if(rsa_tmp) RSA_free(rsa_tmp); 2997 rsa_tmp = NULL; 2998 } 2999 if (!s_quiet) 3000 { 3001 BIO_printf(bio_err,"\n"); 3002 (void)BIO_flush(bio_err); 3003 } 3004 BN_free(bn); 3005 } 3006 return(rsa_tmp); 3007 } 3008#endif 3009 3010#define MAX_SESSION_ID_ATTEMPTS 10 3011static int generate_session_id(const SSL *ssl, unsigned char *id, 3012 unsigned int *id_len) 3013 { 3014 unsigned int count = 0; 3015 do { 3016 RAND_pseudo_bytes(id, *id_len); 3017 /* Prefix the session_id with the required prefix. NB: If our 3018 * prefix is too long, clip it - but there will be worse effects 3019 * anyway, eg. the server could only possibly create 1 session 3020 * ID (ie. the prefix!) so all future session negotiations will 3021 * fail due to conflicts. */ 3022 memcpy(id, session_id_prefix, 3023 (strlen(session_id_prefix) < *id_len) ? 3024 strlen(session_id_prefix) : *id_len); 3025 } 3026 while(SSL_has_matching_session_id(ssl, id, *id_len) && 3027 (++count < MAX_SESSION_ID_ATTEMPTS)); 3028 if(count >= MAX_SESSION_ID_ATTEMPTS) 3029 return 0; 3030 return 1; 3031 } 3032