1/* 2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved 4 * Copyright 2005 Nokia. All rights reserved. 5 * 6 * Licensed under the OpenSSL license (the "License"). You may not use 7 * this file except in compliance with the License. You can obtain a copy 8 * in the file LICENSE in the source distribution or at 9 * https://www.openssl.org/source/license.html 10 */ 11 12#include "e_os.h" 13 14/* Or gethostname won't be declared properly on Linux and GNU platforms. */ 15#ifndef _BSD_SOURCE 16# define _BSD_SOURCE 1 17#endif 18#ifndef _DEFAULT_SOURCE 19# define _DEFAULT_SOURCE 1 20#endif 21 22#include <assert.h> 23#include <errno.h> 24#include <limits.h> 25#include <stdio.h> 26#include <stdlib.h> 27#include <string.h> 28#include <time.h> 29 30#include "internal/nelem.h" 31 32#ifdef OPENSSL_SYS_VMS 33/* 34 * Or isascii won't be declared properly on VMS (at least with DECompHP C). 35 */ 36# define _XOPEN_SOURCE 500 37#endif 38 39#include <ctype.h> 40 41#include <openssl/bio.h> 42#include <openssl/crypto.h> 43#include <openssl/evp.h> 44#include <openssl/x509.h> 45#include <openssl/x509v3.h> 46#include <openssl/ssl.h> 47#include <openssl/err.h> 48#include <openssl/rand.h> 49#ifndef OPENSSL_NO_RSA 50# include <openssl/rsa.h> 51#endif 52#ifndef OPENSSL_NO_DSA 53# include <openssl/dsa.h> 54#endif 55#ifndef OPENSSL_NO_DH 56# include <openssl/dh.h> 57#endif 58#include <openssl/bn.h> 59#ifndef OPENSSL_NO_CT 60# include <openssl/ct.h> 61#endif 62 63/* 64 * Or gethostname won't be declared properly 65 * on Compaq platforms (at least with DEC C). 66 * Do not try to put it earlier, or IPv6 includes 67 * get screwed... 68 */ 69#define _XOPEN_SOURCE_EXTENDED 1 70 71#ifdef OPENSSL_SYS_WINDOWS 72# include <winsock.h> 73#else 74# include OPENSSL_UNISTD 75#endif 76 77static SSL_CTX *s_ctx = NULL; 78static SSL_CTX *s_ctx2 = NULL; 79 80/* 81 * There is really no standard for this, so let's assign something 82 * only for this test 83 */ 84#define COMP_ZLIB 1 85 86static int verify_callback(int ok, X509_STORE_CTX *ctx); 87static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 88#define APP_CALLBACK_STRING "Test Callback Argument" 89struct app_verify_arg { 90 char *string; 91 int app_verify; 92}; 93 94#ifndef OPENSSL_NO_DH 95static DH *get_dh512(void); 96static DH *get_dh1024(void); 97static DH *get_dh1024dsa(void); 98static DH *get_dh2048(void); 99static DH *get_dh4096(void); 100#endif 101 102static char *psk_key = NULL; /* by default PSK is not used */ 103#ifndef OPENSSL_NO_PSK 104static unsigned int psk_client_callback(SSL *ssl, const char *hint, 105 char *identity, 106 unsigned int max_identity_len, 107 unsigned char *psk, 108 unsigned int max_psk_len); 109static unsigned int psk_server_callback(SSL *ssl, const char *identity, 110 unsigned char *psk, 111 unsigned int max_psk_len); 112#endif 113 114static BIO *bio_err = NULL; 115static BIO *bio_stdout = NULL; 116 117#ifndef OPENSSL_NO_NEXTPROTONEG 118/* Note that this code assumes that this is only a one element list: */ 119static const char NEXT_PROTO_STRING[] = "\x09testproto"; 120static int npn_client = 0; 121static int npn_server = 0; 122static int npn_server_reject = 0; 123 124static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, 125 const unsigned char *in, unsigned int inlen, 126 void *arg) 127{ 128 /* 129 * This callback only returns the protocol string, rather than a length 130 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list 131 * and remove the first byte to chop off the length prefix. 132 */ 133 *out = (unsigned char *)NEXT_PROTO_STRING + 1; 134 *outlen = sizeof(NEXT_PROTO_STRING) - 2; 135 return SSL_TLSEXT_ERR_OK; 136} 137 138static int cb_server_npn(SSL *s, const unsigned char **data, 139 unsigned int *len, void *arg) 140{ 141 *data = (const unsigned char *)NEXT_PROTO_STRING; 142 *len = sizeof(NEXT_PROTO_STRING) - 1; 143 return SSL_TLSEXT_ERR_OK; 144} 145 146static int cb_server_rejects_npn(SSL *s, const unsigned char **data, 147 unsigned int *len, void *arg) 148{ 149 return SSL_TLSEXT_ERR_NOACK; 150} 151 152static int verify_npn(SSL *client, SSL *server) 153{ 154 const unsigned char *client_s; 155 unsigned client_len; 156 const unsigned char *server_s; 157 unsigned server_len; 158 159 SSL_get0_next_proto_negotiated(client, &client_s, &client_len); 160 SSL_get0_next_proto_negotiated(server, &server_s, &server_len); 161 162 if (client_len) { 163 BIO_printf(bio_stdout, "Client NPN: "); 164 BIO_write(bio_stdout, client_s, client_len); 165 BIO_printf(bio_stdout, "\n"); 166 } 167 168 if (server_len) { 169 BIO_printf(bio_stdout, "Server NPN: "); 170 BIO_write(bio_stdout, server_s, server_len); 171 BIO_printf(bio_stdout, "\n"); 172 } 173 174 /* 175 * If an NPN string was returned, it must be the protocol that we 176 * expected to negotiate. 177 */ 178 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 || 179 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len))) 180 return -1; 181 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 || 182 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len))) 183 return -1; 184 185 if (!npn_client && client_len) 186 return -1; 187 if (!npn_server && server_len) 188 return -1; 189 if (npn_server_reject && server_len) 190 return -1; 191 if (npn_client && npn_server && (!client_len || !server_len)) 192 return -1; 193 194 return 0; 195} 196#endif 197 198static const char *alpn_client; 199static char *alpn_server; 200static char *alpn_server2; 201static const char *alpn_expected; 202static unsigned char *alpn_selected; 203static const char *server_min_proto; 204static const char *server_max_proto; 205static const char *client_min_proto; 206static const char *client_max_proto; 207static const char *should_negotiate; 208static const char *sn_client; 209static const char *sn_server1; 210static const char *sn_server2; 211static int sn_expect = 0; 212static const char *server_sess_out; 213static const char *server_sess_in; 214static const char *client_sess_out; 215static const char *client_sess_in; 216static SSL_SESSION *server_sess; 217static SSL_SESSION *client_sess; 218 219static int servername_cb(SSL *s, int *ad, void *arg) 220{ 221 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 222 if (sn_server2 == NULL) { 223 BIO_printf(bio_stdout, "Servername 2 is NULL\n"); 224 return SSL_TLSEXT_ERR_NOACK; 225 } 226 227 if (servername) { 228 if (s_ctx2 != NULL && sn_server2 != NULL && 229 !strcasecmp(servername, sn_server2)) { 230 BIO_printf(bio_stdout, "Switching server context.\n"); 231 SSL_set_SSL_CTX(s, s_ctx2); 232 } 233 } 234 return SSL_TLSEXT_ERR_OK; 235} 236static int verify_servername(SSL *client, SSL *server) 237{ 238 /* just need to see if sn_context is what we expect */ 239 SSL_CTX* ctx = SSL_get_SSL_CTX(server); 240 if (sn_expect == 0) 241 return 0; 242 if (sn_expect == 1 && ctx == s_ctx) 243 return 0; 244 if (sn_expect == 2 && ctx == s_ctx2) 245 return 0; 246 BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect); 247 if (ctx == s_ctx2) 248 BIO_printf(bio_stdout, "Servername: context is 2\n"); 249 else if (ctx == s_ctx) 250 BIO_printf(bio_stdout, "Servername: context is 1\n"); 251 else 252 BIO_printf(bio_stdout, "Servername: context is unknown\n"); 253 return -1; 254} 255 256 257/*- 258 * next_protos_parse parses a comma separated list of strings into a string 259 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 260 * outlen: (output) set to the length of the resulting buffer on success. 261 * in: a NUL terminated string like "abc,def,ghi" 262 * 263 * returns: a malloced buffer or NULL on failure. 264 */ 265static unsigned char *next_protos_parse(size_t *outlen, 266 const char *in) 267{ 268 size_t len; 269 unsigned char *out; 270 size_t i, start = 0; 271 272 len = strlen(in); 273 if (len >= 65535) 274 return NULL; 275 276 out = OPENSSL_malloc(strlen(in) + 1); 277 if (!out) 278 return NULL; 279 280 for (i = 0; i <= len; ++i) { 281 if (i == len || in[i] == ',') { 282 if (i - start > 255) { 283 OPENSSL_free(out); 284 return NULL; 285 } 286 out[start] = (unsigned char)(i - start); 287 start = i + 1; 288 } else 289 out[i + 1] = in[i]; 290 } 291 292 *outlen = len + 1; 293 return out; 294} 295 296static int cb_server_alpn(SSL *s, const unsigned char **out, 297 unsigned char *outlen, const unsigned char *in, 298 unsigned int inlen, void *arg) 299{ 300 unsigned char *protos; 301 size_t protos_len; 302 char* alpn_str = arg; 303 304 protos = next_protos_parse(&protos_len, alpn_str); 305 if (protos == NULL) { 306 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", 307 alpn_str); 308 abort(); 309 } 310 311 if (SSL_select_next_proto 312 ((unsigned char **)out, outlen, protos, protos_len, in, 313 inlen) != OPENSSL_NPN_NEGOTIATED) { 314 OPENSSL_free(protos); 315 return SSL_TLSEXT_ERR_NOACK; 316 } 317 318 /* 319 * Make a copy of the selected protocol which will be freed in 320 * verify_alpn. 321 */ 322 alpn_selected = OPENSSL_malloc(*outlen); 323 memcpy(alpn_selected, *out, *outlen); 324 *out = alpn_selected; 325 326 OPENSSL_free(protos); 327 return SSL_TLSEXT_ERR_OK; 328} 329 330static int verify_alpn(SSL *client, SSL *server) 331{ 332 const unsigned char *client_proto, *server_proto; 333 unsigned int client_proto_len = 0, server_proto_len = 0; 334 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 335 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 336 337 OPENSSL_free(alpn_selected); 338 alpn_selected = NULL; 339 340 if (client_proto_len != server_proto_len) { 341 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 342 goto err; 343 } 344 345 if (client_proto != NULL && 346 memcmp(client_proto, server_proto, client_proto_len) != 0) { 347 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 348 goto err; 349 } 350 351 if (client_proto_len > 0 && alpn_expected == NULL) { 352 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 353 goto err; 354 } 355 356 if (alpn_expected != NULL && 357 (client_proto_len != strlen(alpn_expected) || 358 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 359 BIO_printf(bio_stdout, 360 "ALPN selected protocols not equal to expected protocol: %s\n", 361 alpn_expected); 362 goto err; 363 } 364 365 return 0; 366 367 err: 368 BIO_printf(bio_stdout, "ALPN results: client: '"); 369 BIO_write(bio_stdout, client_proto, client_proto_len); 370 BIO_printf(bio_stdout, "', server: '"); 371 BIO_write(bio_stdout, server_proto, server_proto_len); 372 BIO_printf(bio_stdout, "'\n"); 373 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '", 374 alpn_client); 375 if (SSL_get_SSL_CTX(server) == s_ctx2) { 376 BIO_printf(bio_stdout, "%s'\n", 377 alpn_server2); 378 } else { 379 BIO_printf(bio_stdout, "%s'\n", 380 alpn_server); 381 } 382 return -1; 383} 384 385/* 386 * WARNING : below extension types are *NOT* IETF assigned, and could 387 * conflict if these types are reassigned and handled specially by OpenSSL 388 * in the future 389 */ 390#define TACK_EXT_TYPE 62208 391#define CUSTOM_EXT_TYPE_0 1000 392#define CUSTOM_EXT_TYPE_1 1001 393#define CUSTOM_EXT_TYPE_2 1002 394#define CUSTOM_EXT_TYPE_3 1003 395 396static const char custom_ext_cli_string[] = "abc"; 397static const char custom_ext_srv_string[] = "defg"; 398 399/* These set from cmdline */ 400static char *serverinfo_file = NULL; 401static int serverinfo_sct = 0; 402static int serverinfo_tack = 0; 403 404/* These set based on extension callbacks */ 405static int serverinfo_sct_seen = 0; 406static int serverinfo_tack_seen = 0; 407static int serverinfo_other_seen = 0; 408 409/* This set from cmdline */ 410static int custom_ext = 0; 411 412/* This set based on extension callbacks */ 413static int custom_ext_error = 0; 414 415static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type, 416 const unsigned char *in, size_t inlen, 417 int *al, void *arg) 418{ 419 if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp) 420 serverinfo_sct_seen++; 421 else if (ext_type == TACK_EXT_TYPE) 422 serverinfo_tack_seen++; 423 else 424 serverinfo_other_seen++; 425 return 1; 426} 427 428static int verify_serverinfo(void) 429{ 430 if (serverinfo_sct != serverinfo_sct_seen) 431 return -1; 432 if (serverinfo_tack != serverinfo_tack_seen) 433 return -1; 434 if (serverinfo_other_seen) 435 return -1; 436 return 0; 437} 438 439/*- 440 * Four test cases for custom extensions: 441 * 0 - no ClientHello extension or ServerHello response 442 * 1 - ClientHello with "abc", no response 443 * 2 - ClientHello with "abc", empty response 444 * 3 - ClientHello with "abc", "defg" response 445 */ 446 447static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type, 448 const unsigned char **out, 449 size_t *outlen, int *al, void *arg) 450{ 451 if (ext_type != CUSTOM_EXT_TYPE_0) 452 custom_ext_error = 1; 453 return 0; /* Don't send an extension */ 454} 455 456static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type, 457 const unsigned char *in, 458 size_t inlen, int *al, void *arg) 459{ 460 return 1; 461} 462 463static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type, 464 const unsigned char **out, 465 size_t *outlen, int *al, void *arg) 466{ 467 if (ext_type != CUSTOM_EXT_TYPE_1) 468 custom_ext_error = 1; 469 *out = (const unsigned char *)custom_ext_cli_string; 470 *outlen = strlen(custom_ext_cli_string); 471 return 1; /* Send "abc" */ 472} 473 474static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type, 475 const unsigned char *in, 476 size_t inlen, int *al, void *arg) 477{ 478 return 1; 479} 480 481static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type, 482 const unsigned char **out, 483 size_t *outlen, int *al, void *arg) 484{ 485 if (ext_type != CUSTOM_EXT_TYPE_2) 486 custom_ext_error = 1; 487 *out = (const unsigned char *)custom_ext_cli_string; 488 *outlen = strlen(custom_ext_cli_string); 489 return 1; /* Send "abc" */ 490} 491 492static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type, 493 const unsigned char *in, 494 size_t inlen, int *al, void *arg) 495{ 496 if (ext_type != CUSTOM_EXT_TYPE_2) 497 custom_ext_error = 1; 498 if (inlen != 0) 499 custom_ext_error = 1; /* Should be empty response */ 500 return 1; 501} 502 503static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type, 504 const unsigned char **out, 505 size_t *outlen, int *al, void *arg) 506{ 507 if (ext_type != CUSTOM_EXT_TYPE_3) 508 custom_ext_error = 1; 509 *out = (const unsigned char *)custom_ext_cli_string; 510 *outlen = strlen(custom_ext_cli_string); 511 return 1; /* Send "abc" */ 512} 513 514static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type, 515 const unsigned char *in, 516 size_t inlen, int *al, void *arg) 517{ 518 if (ext_type != CUSTOM_EXT_TYPE_3) 519 custom_ext_error = 1; 520 if (inlen != strlen(custom_ext_srv_string)) 521 custom_ext_error = 1; 522 if (memcmp(custom_ext_srv_string, in, inlen) != 0) 523 custom_ext_error = 1; /* Check for "defg" */ 524 return 1; 525} 526 527/* 528 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback 529 * for this extension 530 */ 531static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type, 532 const unsigned char *in, 533 size_t inlen, int *al, void *arg) 534{ 535 custom_ext_error = 1; 536 return 1; 537} 538 539/* 'add' callbacks are only called if the 'parse' callback is called */ 540static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type, 541 const unsigned char **out, 542 size_t *outlen, int *al, void *arg) 543{ 544 /* Error: should not have been called */ 545 custom_ext_error = 1; 546 return 0; /* Don't send an extension */ 547} 548 549static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type, 550 const unsigned char *in, 551 size_t inlen, int *al, void *arg) 552{ 553 if (ext_type != CUSTOM_EXT_TYPE_1) 554 custom_ext_error = 1; 555 /* Check for "abc" */ 556 if (inlen != strlen(custom_ext_cli_string)) 557 custom_ext_error = 1; 558 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 559 custom_ext_error = 1; 560 return 1; 561} 562 563static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type, 564 const unsigned char **out, 565 size_t *outlen, int *al, void *arg) 566{ 567 return 0; /* Don't send an extension */ 568} 569 570static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type, 571 const unsigned char *in, 572 size_t inlen, int *al, void *arg) 573{ 574 if (ext_type != CUSTOM_EXT_TYPE_2) 575 custom_ext_error = 1; 576 /* Check for "abc" */ 577 if (inlen != strlen(custom_ext_cli_string)) 578 custom_ext_error = 1; 579 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 580 custom_ext_error = 1; 581 return 1; 582} 583 584static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type, 585 const unsigned char **out, 586 size_t *outlen, int *al, void *arg) 587{ 588 *out = NULL; 589 *outlen = 0; 590 return 1; /* Send empty extension */ 591} 592 593static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type, 594 const unsigned char *in, 595 size_t inlen, int *al, void *arg) 596{ 597 if (ext_type != CUSTOM_EXT_TYPE_3) 598 custom_ext_error = 1; 599 /* Check for "abc" */ 600 if (inlen != strlen(custom_ext_cli_string)) 601 custom_ext_error = 1; 602 if (memcmp(in, custom_ext_cli_string, inlen) != 0) 603 custom_ext_error = 1; 604 return 1; 605} 606 607static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type, 608 const unsigned char **out, 609 size_t *outlen, int *al, void *arg) 610{ 611 *out = (const unsigned char *)custom_ext_srv_string; 612 *outlen = strlen(custom_ext_srv_string); 613 return 1; /* Send "defg" */ 614} 615 616static char *cipher = NULL; 617static char *ciphersuites = NULL; 618static int verbose = 0; 619static int debug = 0; 620 621int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, 622 long bytes, clock_t *s_time, clock_t *c_time); 623int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 624 clock_t *c_time); 625int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 626 627static void sv_usage(void) 628{ 629 fprintf(stderr, "usage: ssltest [args ...]\n"); 630 fprintf(stderr, "\n"); 631 fprintf(stderr, " -server_auth - check server certificate\n"); 632 fprintf(stderr, " -client_auth - do client authentication\n"); 633 fprintf(stderr, " -v - more output\n"); 634 fprintf(stderr, " -d - debug output\n"); 635 fprintf(stderr, " -reuse - use session-id reuse\n"); 636 fprintf(stderr, " -num <val> - number of connections to perform\n"); 637 fprintf(stderr, 638 " -bytes <val> - number of bytes to swap between client/server\n"); 639#ifndef OPENSSL_NO_DH 640 fprintf(stderr, 641 " -dhe512 - use 512 bit key for DHE (to test failure)\n"); 642 fprintf(stderr, 643 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n"); 644 fprintf(stderr, 645 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 646 fprintf(stderr, 647 " -dhe2048 - use 2048 bit key (rfc3526 prime) for DHE\n"); 648 fprintf(stderr, 649 " -dhe4096 - use 4096 bit key (rfc3526 prime) for DHE\n"); 650 fprintf(stderr, " -no_dhe - disable DHE\n"); 651#endif 652#ifndef OPENSSL_NO_EC 653 fprintf(stderr, " -no_ecdhe - disable ECDHE\nTODO(openssl-team): no_ecdhe was broken by auto ecdh. Make this work again.\n"); 654#endif 655#ifndef OPENSSL_NO_PSK 656 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n"); 657#endif 658#ifndef OPENSSL_NO_SSL3 659 fprintf(stderr, " -ssl3 - use SSLv3\n"); 660#endif 661#ifndef OPENSSL_NO_TLS1 662 fprintf(stderr, " -tls1 - use TLSv1\n"); 663#endif 664#ifndef OPENSSL_NO_TLS1_1 665 fprintf(stderr, " -tls1_1 - use TLSv1.1\n"); 666#endif 667#ifndef OPENSSL_NO_TLS1_2 668 fprintf(stderr, " -tls1_2 - use TLSv1.2\n"); 669#endif 670#ifndef OPENSSL_NO_DTLS 671 fprintf(stderr, " -dtls - use DTLS\n"); 672#ifndef OPENSSL_NO_DTLS1 673 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 674#endif 675#ifndef OPENSSL_NO_DTLS1_2 676 fprintf(stderr, " -dtls12 - use DTLSv1.2\n"); 677#endif 678#endif 679 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 680 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 681 fprintf(stderr, " -cert arg - Server certificate file\n"); 682 fprintf(stderr, 683 " -key arg - Server key file (default: same as -cert)\n"); 684 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 685 fprintf(stderr, 686 " -c_key arg - Client key file (default: same as -c_cert)\n"); 687 fprintf(stderr, " -cipher arg - The TLSv1.2 and below cipher list\n"); 688 fprintf(stderr, " -ciphersuites arg - The TLSv1.3 ciphersuites\n"); 689 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 690 fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n"); 691 fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n"); 692 fprintf(stderr, " -f - Test even cases that can't work\n"); 693 fprintf(stderr, 694 " -time - measure processor time used by client and server\n"); 695 fprintf(stderr, " -zlib - use zlib compression\n"); 696#ifndef OPENSSL_NO_NEXTPROTONEG 697 fprintf(stderr, " -npn_client - have client side offer NPN\n"); 698 fprintf(stderr, " -npn_server - have server side offer NPN\n"); 699 fprintf(stderr, " -npn_server_reject - have server reject NPN\n"); 700#endif 701 fprintf(stderr, " -serverinfo_file file - have server use this file\n"); 702 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n"); 703 fprintf(stderr, 704 " -serverinfo_tack - have client offer and expect TACK\n"); 705 fprintf(stderr, 706 " -custom_ext - try various custom extension callbacks\n"); 707 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 708 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 709 fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n"); 710 fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n"); 711 fprintf(stderr, 712 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 713 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n"); 714 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n"); 715 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n"); 716 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n"); 717 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n"); 718#ifndef OPENSSL_NO_CT 719 fprintf(stderr, " -noct - no certificate transparency\n"); 720 fprintf(stderr, " -requestct - request certificate transparency\n"); 721 fprintf(stderr, " -requirect - require certificate transparency\n"); 722#endif 723 fprintf(stderr, " -sn_client <string> - have client request this servername\n"); 724 fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n"); 725 fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n"); 726 fprintf(stderr, " -sn_expect1 - expected server 1\n"); 727 fprintf(stderr, " -sn_expect2 - expected server 2\n"); 728 fprintf(stderr, " -server_sess_out <file> - Save the server session to a file\n"); 729 fprintf(stderr, " -server_sess_in <file> - Read the server session from a file\n"); 730 fprintf(stderr, " -client_sess_out <file> - Save the client session to a file\n"); 731 fprintf(stderr, " -client_sess_in <file> - Read the client session from a file\n"); 732 fprintf(stderr, " -should_reuse <number> - The expected state of reusing the session\n"); 733 fprintf(stderr, " -no_ticket - do not issue TLS session ticket\n"); 734} 735 736static void print_key_details(BIO *out, EVP_PKEY *key) 737{ 738 int keyid = EVP_PKEY_id(key); 739#ifndef OPENSSL_NO_EC 740 if (keyid == EVP_PKEY_EC) { 741 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key); 742 int nid; 743 const char *cname; 744 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); 745 EC_KEY_free(ec); 746 cname = EC_curve_nid2nist(nid); 747 if (!cname) 748 cname = OBJ_nid2sn(nid); 749 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname); 750 } else 751#endif 752 { 753 const char *algname; 754 switch (keyid) { 755 case EVP_PKEY_RSA: 756 algname = "RSA"; 757 break; 758 case EVP_PKEY_DSA: 759 algname = "DSA"; 760 break; 761 case EVP_PKEY_DH: 762 algname = "DH"; 763 break; 764 default: 765 algname = OBJ_nid2sn(keyid); 766 break; 767 } 768 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname); 769 } 770} 771 772static void print_details(SSL *c_ssl, const char *prefix) 773{ 774 const SSL_CIPHER *ciph; 775 int mdnid; 776 X509 *cert; 777 EVP_PKEY *pkey; 778 779 ciph = SSL_get_current_cipher(c_ssl); 780 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 781 prefix, 782 SSL_get_version(c_ssl), 783 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph)); 784 cert = SSL_get_peer_certificate(c_ssl); 785 if (cert != NULL) { 786 EVP_PKEY* pubkey = X509_get0_pubkey(cert); 787 788 if (pubkey != NULL) { 789 BIO_puts(bio_stdout, ", "); 790 print_key_details(bio_stdout, pubkey); 791 } 792 X509_free(cert); 793 } 794 if (SSL_get_peer_tmp_key(c_ssl, &pkey)) { 795 BIO_puts(bio_stdout, ", temp key: "); 796 print_key_details(bio_stdout, pkey); 797 EVP_PKEY_free(pkey); 798 } 799 if (SSL_get_peer_signature_nid(c_ssl, &mdnid)) 800 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid)); 801 BIO_printf(bio_stdout, "\n"); 802} 803 804/* 805 * protocol_from_string - converts a protocol version string to a number 806 * 807 * Returns -1 on failure or the version on success 808 */ 809static int protocol_from_string(const char *value) 810{ 811 struct protocol_versions { 812 const char *name; 813 int version; 814 }; 815 static const struct protocol_versions versions[] = { 816 {"ssl3", SSL3_VERSION}, 817 {"tls1", TLS1_VERSION}, 818 {"tls1.1", TLS1_1_VERSION}, 819 {"tls1.2", TLS1_2_VERSION}, 820 {"tls1.3", TLS1_3_VERSION}, 821 {"dtls1", DTLS1_VERSION}, 822 {"dtls1.2", DTLS1_2_VERSION}}; 823 size_t i; 824 size_t n = OSSL_NELEM(versions); 825 826 for (i = 0; i < n; i++) 827 if (strcmp(versions[i].name, value) == 0) 828 return versions[i].version; 829 return -1; 830} 831 832static SSL_SESSION *read_session(const char *filename) 833{ 834 SSL_SESSION *sess; 835 BIO *f = BIO_new_file(filename, "r"); 836 837 if (f == NULL) { 838 BIO_printf(bio_err, "Can't open session file %s\n", filename); 839 ERR_print_errors(bio_err); 840 return NULL; 841 } 842 sess = PEM_read_bio_SSL_SESSION(f, NULL, 0, NULL); 843 if (sess == NULL) { 844 BIO_printf(bio_err, "Can't parse session file %s\n", filename); 845 ERR_print_errors(bio_err); 846 } 847 BIO_free(f); 848 return sess; 849} 850 851static int write_session(const char *filename, SSL_SESSION *sess) 852{ 853 BIO *f; 854 855 if (sess == NULL) { 856 BIO_printf(bio_err, "No session information\n"); 857 return 0; 858 } 859 860 f = BIO_new_file(filename, "w"); 861 if (f == NULL) { 862 BIO_printf(bio_err, "Can't open session file %s\n", filename); 863 ERR_print_errors(bio_err); 864 return 0; 865 } 866 PEM_write_bio_SSL_SESSION(f, sess); 867 BIO_free(f); 868 return 1; 869} 870 871/* 872 * set_protocol_version - Sets protocol version minimum or maximum 873 * 874 * Returns 0 on failure and 1 on success 875 */ 876static int set_protocol_version(const char *version, SSL *ssl, int setting) 877{ 878 if (version != NULL) { 879 int ver = protocol_from_string(version); 880 if (ver < 0) { 881 BIO_printf(bio_err, "Error parsing: %s\n", version); 882 return 0; 883 } 884 return SSL_ctrl(ssl, setting, ver, NULL); 885 } 886 return 1; 887} 888 889int main(int argc, char *argv[]) 890{ 891 const char *CApath = NULL, *CAfile = NULL; 892 int badop = 0; 893 enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM; 894 int force = 0; 895 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_1 = 0, tls1_2 = 0, ssl3 = 0; 896 int ret = EXIT_FAILURE; 897 int client_auth = 0; 898 int server_auth = 0, i; 899 struct app_verify_arg app_verify_arg = 900 { APP_CALLBACK_STRING, 0 }; 901 char *p; 902 SSL_CTX *c_ctx = NULL; 903 const SSL_METHOD *meth = NULL; 904 SSL *c_ssl, *s_ssl; 905 int number = 1, reuse = 0; 906 int should_reuse = -1; 907 int no_ticket = 0; 908 long bytes = 256L; 909#ifndef OPENSSL_NO_DH 910 DH *dh; 911 int dhe512 = 0, dhe1024dsa = 0; 912 int dhe2048 = 0, dhe4096 = 0; 913#endif 914 int no_dhe = 0; 915 int no_psk = 0; 916 int print_time = 0; 917 clock_t s_time = 0, c_time = 0; 918#ifndef OPENSSL_NO_COMP 919 int n, comp = 0; 920 COMP_METHOD *cm = NULL; 921 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; 922#endif 923 int no_protocol; 924 int min_version = 0, max_version = 0; 925#ifndef OPENSSL_NO_CT 926 /* 927 * Disable CT validation by default, because it will interfere with 928 * anything using custom extension handlers to deal with SCT extensions. 929 */ 930 int ct_validation = 0; 931#endif 932 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL, *s_cctx2 = NULL; 933 STACK_OF(OPENSSL_STRING) *conf_args = NULL; 934 char *arg = NULL, *argn = NULL; 935 936 verbose = 0; 937 debug = 0; 938 939 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); 940 941 p = getenv("OPENSSL_DEBUG_MEMORY"); 942 if (p != NULL && strcmp(p, "on") == 0) 943 CRYPTO_set_mem_debug(1); 944 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 945 946 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); 947 948 s_cctx = SSL_CONF_CTX_new(); 949 s_cctx2 = SSL_CONF_CTX_new(); 950 c_cctx = SSL_CONF_CTX_new(); 951 952 if (!s_cctx || !c_cctx || !s_cctx2) { 953 ERR_print_errors(bio_err); 954 goto end; 955 } 956 957 SSL_CONF_CTX_set_flags(s_cctx, 958 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER | 959 SSL_CONF_FLAG_CERTIFICATE | 960 SSL_CONF_FLAG_REQUIRE_PRIVATE); 961 SSL_CONF_CTX_set_flags(s_cctx2, 962 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER | 963 SSL_CONF_FLAG_CERTIFICATE | 964 SSL_CONF_FLAG_REQUIRE_PRIVATE); 965 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) { 966 ERR_print_errors(bio_err); 967 goto end; 968 } 969 if (!SSL_CONF_CTX_set1_prefix(s_cctx2, "-s_")) { 970 ERR_print_errors(bio_err); 971 goto end; 972 } 973 974 SSL_CONF_CTX_set_flags(c_cctx, 975 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT | 976 SSL_CONF_FLAG_CERTIFICATE | 977 SSL_CONF_FLAG_REQUIRE_PRIVATE); 978 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) { 979 ERR_print_errors(bio_err); 980 goto end; 981 } 982 983 argc--; 984 argv++; 985 986 while (argc >= 1) { 987 if (strcmp(*argv, "-F") == 0) { 988 fprintf(stderr, 989 "not compiled with FIPS support, so exiting without running.\n"); 990 EXIT(0); 991 } else if (strcmp(*argv, "-server_auth") == 0) 992 server_auth = 1; 993 else if (strcmp(*argv, "-client_auth") == 0) 994 client_auth = 1; 995 else if (strcmp(*argv, "-v") == 0) 996 verbose = 1; 997 else if (strcmp(*argv, "-d") == 0) 998 debug = 1; 999 else if (strcmp(*argv, "-reuse") == 0) 1000 reuse = 1; 1001 else if (strcmp(*argv, "-dhe512") == 0) { 1002#ifndef OPENSSL_NO_DH 1003 dhe512 = 1; 1004#else 1005 fprintf(stderr, 1006 "ignoring -dhe512, since I'm compiled without DH\n"); 1007#endif 1008 } else if (strcmp(*argv, "-dhe4096") == 0) { 1009#ifndef OPENSSL_NO_DH 1010 dhe4096 = 1; 1011#else 1012 fprintf(stderr, 1013 "ignoring -dhe4096, since I'm compiled without DH\n"); 1014#endif 1015 } else if (strcmp(*argv, "-dhe2048") == 0) { 1016#ifndef OPENSSL_NO_DH 1017 dhe2048 = 1; 1018#else 1019 fprintf(stderr, 1020 "ignoring -dhe2048, since I'm compiled without DH\n"); 1021#endif 1022 } else if (strcmp(*argv, "-dhe1024dsa") == 0) { 1023#ifndef OPENSSL_NO_DH 1024 dhe1024dsa = 1; 1025#else 1026 fprintf(stderr, 1027 "ignoring -dhe1024dsa, since I'm compiled without DH\n"); 1028#endif 1029 } else if (strcmp(*argv, "-no_dhe") == 0) 1030 no_dhe = 1; 1031 else if (strcmp(*argv, "-no_ecdhe") == 0) 1032 /* obsolete */; 1033 else if (strcmp(*argv, "-psk") == 0) { 1034 if (--argc < 1) 1035 goto bad; 1036 psk_key = *(++argv); 1037#ifndef OPENSSL_NO_PSK 1038 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) { 1039 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv); 1040 goto bad; 1041 } 1042#else 1043 no_psk = 1; 1044#endif 1045 } 1046 else if (strcmp(*argv, "-tls1_2") == 0) { 1047 tls1_2 = 1; 1048 } else if (strcmp(*argv, "-tls1_1") == 0) { 1049 tls1_1 = 1; 1050 } else if (strcmp(*argv, "-tls1") == 0) { 1051 tls1 = 1; 1052 } else if (strcmp(*argv, "-ssl3") == 0) { 1053 ssl3 = 1; 1054 } else if (strcmp(*argv, "-dtls1") == 0) { 1055 dtls1 = 1; 1056 } else if (strcmp(*argv, "-dtls12") == 0) { 1057 dtls12 = 1; 1058 } else if (strcmp(*argv, "-dtls") == 0) { 1059 dtls = 1; 1060 } else if (strncmp(*argv, "-num", 4) == 0) { 1061 if (--argc < 1) 1062 goto bad; 1063 number = atoi(*(++argv)); 1064 if (number == 0) 1065 number = 1; 1066 } else if (strcmp(*argv, "-bytes") == 0) { 1067 if (--argc < 1) 1068 goto bad; 1069 bytes = atol(*(++argv)); 1070 if (bytes == 0L) 1071 bytes = 1L; 1072 i = strlen(argv[0]); 1073 if (argv[0][i - 1] == 'k') 1074 bytes *= 1024L; 1075 if (argv[0][i - 1] == 'm') 1076 bytes *= 1024L * 1024L; 1077 } else if (strcmp(*argv, "-cipher") == 0) { 1078 if (--argc < 1) 1079 goto bad; 1080 cipher = *(++argv); 1081 } else if (strcmp(*argv, "-ciphersuites") == 0) { 1082 if (--argc < 1) 1083 goto bad; 1084 ciphersuites = *(++argv); 1085 } else if (strcmp(*argv, "-CApath") == 0) { 1086 if (--argc < 1) 1087 goto bad; 1088 CApath = *(++argv); 1089 } else if (strcmp(*argv, "-CAfile") == 0) { 1090 if (--argc < 1) 1091 goto bad; 1092 CAfile = *(++argv); 1093 } else if (strcmp(*argv, "-bio_pair") == 0) { 1094 bio_type = BIO_PAIR; 1095 } 1096#ifndef OPENSSL_NO_SOCK 1097 else if (strcmp(*argv, "-ipv4") == 0) { 1098 bio_type = BIO_IPV4; 1099 } else if (strcmp(*argv, "-ipv6") == 0) { 1100 bio_type = BIO_IPV6; 1101 } 1102#endif 1103 else if (strcmp(*argv, "-f") == 0) { 1104 force = 1; 1105 } else if (strcmp(*argv, "-time") == 0) { 1106 print_time = 1; 1107 } 1108#ifndef OPENSSL_NO_CT 1109 else if (strcmp(*argv, "-noct") == 0) { 1110 ct_validation = 0; 1111 } 1112 else if (strcmp(*argv, "-ct") == 0) { 1113 ct_validation = 1; 1114 } 1115#endif 1116#ifndef OPENSSL_NO_COMP 1117 else if (strcmp(*argv, "-zlib") == 0) { 1118 comp = COMP_ZLIB; 1119 } 1120#endif 1121 else if (strcmp(*argv, "-app_verify") == 0) { 1122 app_verify_arg.app_verify = 1; 1123 } 1124#ifndef OPENSSL_NO_NEXTPROTONEG 1125 else if (strcmp(*argv, "-npn_client") == 0) { 1126 npn_client = 1; 1127 } else if (strcmp(*argv, "-npn_server") == 0) { 1128 npn_server = 1; 1129 } else if (strcmp(*argv, "-npn_server_reject") == 0) { 1130 npn_server_reject = 1; 1131 } 1132#endif 1133 else if (strcmp(*argv, "-serverinfo_sct") == 0) { 1134 serverinfo_sct = 1; 1135 } else if (strcmp(*argv, "-serverinfo_tack") == 0) { 1136 serverinfo_tack = 1; 1137 } else if (strcmp(*argv, "-serverinfo_file") == 0) { 1138 if (--argc < 1) 1139 goto bad; 1140 serverinfo_file = *(++argv); 1141 } else if (strcmp(*argv, "-custom_ext") == 0) { 1142 custom_ext = 1; 1143 } else if (strcmp(*argv, "-alpn_client") == 0) { 1144 if (--argc < 1) 1145 goto bad; 1146 alpn_client = *(++argv); 1147 } else if (strcmp(*argv, "-alpn_server") == 0 || 1148 strcmp(*argv, "-alpn_server1") == 0) { 1149 if (--argc < 1) 1150 goto bad; 1151 alpn_server = *(++argv); 1152 } else if (strcmp(*argv, "-alpn_server2") == 0) { 1153 if (--argc < 1) 1154 goto bad; 1155 alpn_server2 = *(++argv); 1156 } else if (strcmp(*argv, "-alpn_expected") == 0) { 1157 if (--argc < 1) 1158 goto bad; 1159 alpn_expected = *(++argv); 1160 } else if (strcmp(*argv, "-server_min_proto") == 0) { 1161 if (--argc < 1) 1162 goto bad; 1163 server_min_proto = *(++argv); 1164 } else if (strcmp(*argv, "-server_max_proto") == 0) { 1165 if (--argc < 1) 1166 goto bad; 1167 server_max_proto = *(++argv); 1168 } else if (strcmp(*argv, "-client_min_proto") == 0) { 1169 if (--argc < 1) 1170 goto bad; 1171 client_min_proto = *(++argv); 1172 } else if (strcmp(*argv, "-client_max_proto") == 0) { 1173 if (--argc < 1) 1174 goto bad; 1175 client_max_proto = *(++argv); 1176 } else if (strcmp(*argv, "-should_negotiate") == 0) { 1177 if (--argc < 1) 1178 goto bad; 1179 should_negotiate = *(++argv); 1180 } else if (strcmp(*argv, "-sn_client") == 0) { 1181 if (--argc < 1) 1182 goto bad; 1183 sn_client = *(++argv); 1184 } else if (strcmp(*argv, "-sn_server1") == 0) { 1185 if (--argc < 1) 1186 goto bad; 1187 sn_server1 = *(++argv); 1188 } else if (strcmp(*argv, "-sn_server2") == 0) { 1189 if (--argc < 1) 1190 goto bad; 1191 sn_server2 = *(++argv); 1192 } else if (strcmp(*argv, "-sn_expect1") == 0) { 1193 sn_expect = 1; 1194 } else if (strcmp(*argv, "-sn_expect2") == 0) { 1195 sn_expect = 2; 1196 } else if (strcmp(*argv, "-server_sess_out") == 0) { 1197 if (--argc < 1) 1198 goto bad; 1199 server_sess_out = *(++argv); 1200 } else if (strcmp(*argv, "-server_sess_in") == 0) { 1201 if (--argc < 1) 1202 goto bad; 1203 server_sess_in = *(++argv); 1204 } else if (strcmp(*argv, "-client_sess_out") == 0) { 1205 if (--argc < 1) 1206 goto bad; 1207 client_sess_out = *(++argv); 1208 } else if (strcmp(*argv, "-client_sess_in") == 0) { 1209 if (--argc < 1) 1210 goto bad; 1211 client_sess_in = *(++argv); 1212 } else if (strcmp(*argv, "-should_reuse") == 0) { 1213 if (--argc < 1) 1214 goto bad; 1215 should_reuse = !!atoi(*(++argv)); 1216 } else if (strcmp(*argv, "-no_ticket") == 0) { 1217 no_ticket = 1; 1218 } else { 1219 int rv; 1220 arg = argv[0]; 1221 argn = argv[1]; 1222 /* Try to process command using SSL_CONF */ 1223 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv); 1224 /* If not processed try server */ 1225 if (rv == 0) 1226 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv); 1227 /* Recognised: store it for later use */ 1228 if (rv > 0) { 1229 if (rv == 1) 1230 argn = NULL; 1231 if (!conf_args) { 1232 conf_args = sk_OPENSSL_STRING_new_null(); 1233 if (!conf_args) 1234 goto end; 1235 } 1236 if (!sk_OPENSSL_STRING_push(conf_args, arg)) 1237 goto end; 1238 if (!sk_OPENSSL_STRING_push(conf_args, argn)) 1239 goto end; 1240 continue; 1241 } 1242 if (rv == -3) 1243 BIO_printf(bio_err, "Missing argument for %s\n", arg); 1244 else if (rv < 0) 1245 BIO_printf(bio_err, "Error with command %s\n", arg); 1246 else if (rv == 0) 1247 BIO_printf(bio_err, "unknown option %s\n", arg); 1248 badop = 1; 1249 break; 1250 } 1251 argc--; 1252 argv++; 1253 } 1254 if (badop) { 1255 bad: 1256 sv_usage(); 1257 goto end; 1258 } 1259 1260 if (ssl3 + tls1 + tls1_1 + tls1_2 + dtls + dtls1 + dtls12 > 1) { 1261 fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_1, -tls1_2, -dtls, -dtls1 or -dtls12 should " 1262 "be requested.\n"); 1263 EXIT(1); 1264 } 1265 1266#ifdef OPENSSL_NO_SSL3 1267 if (ssl3) 1268 no_protocol = 1; 1269 else 1270#endif 1271#ifdef OPENSSL_NO_TLS1 1272 if (tls1) 1273 no_protocol = 1; 1274 else 1275#endif 1276#ifdef OPENSSL_NO_TLS1_1 1277 if (tls1_1) 1278 no_protocol = 1; 1279 else 1280#endif 1281#ifdef OPENSSL_NO_TLS1_2 1282 if (tls1_2) 1283 no_protocol = 1; 1284 else 1285#endif 1286#if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1) 1287 if (dtls1) 1288 no_protocol = 1; 1289 else 1290#endif 1291#if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1_2) 1292 if (dtls12) 1293 no_protocol = 1; 1294 else 1295#endif 1296 no_protocol = 0; 1297 1298 /* 1299 * Testing was requested for a compiled-out protocol (e.g. SSLv3). 1300 * Ideally, we would error out, but the generic test wrapper can't know 1301 * when to expect failure. So we do nothing and return success. 1302 */ 1303 if (no_protocol) { 1304 fprintf(stderr, "Testing was requested for a disabled protocol. " 1305 "Skipping tests.\n"); 1306 ret = EXIT_SUCCESS; 1307 goto end; 1308 } 1309 1310 if (!ssl3 && !tls1 && !tls1_1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1 1311 && !reuse && !force) { 1312 fprintf(stderr, "This case cannot work. Use -f to perform " 1313 "the test anyway (and\n-d to see what happens), " 1314 "or add one of -ssl3, -tls1, -tls1_1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n" 1315 "to avoid protocol mismatch.\n"); 1316 EXIT(1); 1317 } 1318 1319 if (print_time) { 1320 if (bio_type != BIO_PAIR) { 1321 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 1322 bio_type = BIO_PAIR; 1323 } 1324 if (number < 50 && !force) 1325 fprintf(stderr, 1326 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 1327 } 1328 1329#ifndef OPENSSL_NO_COMP 1330 if (comp == COMP_ZLIB) 1331 cm = COMP_zlib(); 1332 if (cm != NULL) { 1333 if (COMP_get_type(cm) != NID_undef) { 1334 if (SSL_COMP_add_compression_method(comp, cm) != 0) { 1335 fprintf(stderr, "Failed to add compression method\n"); 1336 ERR_print_errors_fp(stderr); 1337 } 1338 } else { 1339 fprintf(stderr, 1340 "Warning: %s compression not supported\n", 1341 comp == COMP_ZLIB ? "zlib" : "unknown"); 1342 ERR_print_errors_fp(stderr); 1343 } 1344 } 1345 ssl_comp_methods = SSL_COMP_get_compression_methods(); 1346 n = sk_SSL_COMP_num(ssl_comp_methods); 1347 if (n) { 1348 int j; 1349 printf("Available compression methods:"); 1350 for (j = 0; j < n; j++) { 1351 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j); 1352 printf(" %s:%d", SSL_COMP_get0_name(c), SSL_COMP_get_id(c)); 1353 } 1354 printf("\n"); 1355 } 1356#endif 1357 1358#ifndef OPENSSL_NO_TLS 1359 meth = TLS_method(); 1360 if (ssl3) { 1361 min_version = SSL3_VERSION; 1362 max_version = SSL3_VERSION; 1363 } else if (tls1) { 1364 min_version = TLS1_VERSION; 1365 max_version = TLS1_VERSION; 1366 } else if (tls1_1) { 1367 min_version = TLS1_1_VERSION; 1368 max_version = TLS1_1_VERSION; 1369 } else if (tls1_2) { 1370 min_version = TLS1_2_VERSION; 1371 max_version = TLS1_2_VERSION; 1372 } else { 1373 min_version = SSL3_VERSION; 1374 max_version = TLS_MAX_VERSION; 1375 } 1376#endif 1377#ifndef OPENSSL_NO_DTLS 1378 if (dtls || dtls1 || dtls12) { 1379 meth = DTLS_method(); 1380 if (dtls1) { 1381 min_version = DTLS1_VERSION; 1382 max_version = DTLS1_VERSION; 1383 } else if (dtls12) { 1384 min_version = DTLS1_2_VERSION; 1385 max_version = DTLS1_2_VERSION; 1386 } else { 1387 min_version = DTLS_MIN_VERSION; 1388 max_version = DTLS_MAX_VERSION; 1389 } 1390 } 1391#endif 1392 1393 c_ctx = SSL_CTX_new(meth); 1394 s_ctx = SSL_CTX_new(meth); 1395 s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */ 1396 if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) { 1397 ERR_print_errors(bio_err); 1398 goto end; 1399 } 1400 /* 1401 * Since we will use low security ciphersuites and keys for testing set 1402 * security level to zero by default. Tests can override this by adding 1403 * "@SECLEVEL=n" to the cipher string. 1404 */ 1405 SSL_CTX_set_security_level(c_ctx, 0); 1406 SSL_CTX_set_security_level(s_ctx, 0); 1407 SSL_CTX_set_security_level(s_ctx2, 0); 1408 1409 if (no_ticket) { 1410 SSL_CTX_set_options(c_ctx, SSL_OP_NO_TICKET); 1411 SSL_CTX_set_options(s_ctx, SSL_OP_NO_TICKET); 1412 } 1413 1414 if (SSL_CTX_set_min_proto_version(c_ctx, min_version) == 0) 1415 goto end; 1416 if (SSL_CTX_set_max_proto_version(c_ctx, max_version) == 0) 1417 goto end; 1418 if (SSL_CTX_set_min_proto_version(s_ctx, min_version) == 0) 1419 goto end; 1420 if (SSL_CTX_set_max_proto_version(s_ctx, max_version) == 0) 1421 goto end; 1422 1423 if (cipher != NULL) { 1424 if (strcmp(cipher, "") == 0) { 1425 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)) { 1426 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) { 1427 ERR_clear_error(); 1428 } else { 1429 ERR_print_errors(bio_err); 1430 goto end; 1431 } 1432 } else { 1433 /* Should have failed when clearing all TLSv1.2 ciphers. */ 1434 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n"); 1435 goto end; 1436 } 1437 1438 if (!SSL_CTX_set_cipher_list(s_ctx, cipher)) { 1439 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) { 1440 ERR_clear_error(); 1441 } else { 1442 ERR_print_errors(bio_err); 1443 goto end; 1444 } 1445 } else { 1446 /* Should have failed when clearing all TLSv1.2 ciphers. */ 1447 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n"); 1448 goto end; 1449 } 1450 1451 if (!SSL_CTX_set_cipher_list(s_ctx2, cipher)) { 1452 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) { 1453 ERR_clear_error(); 1454 } else { 1455 ERR_print_errors(bio_err); 1456 goto end; 1457 } 1458 } else { 1459 /* Should have failed when clearing all TLSv1.2 ciphers. */ 1460 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n"); 1461 goto end; 1462 } 1463 } else { 1464 if (!SSL_CTX_set_cipher_list(c_ctx, cipher) 1465 || !SSL_CTX_set_cipher_list(s_ctx, cipher) 1466 || !SSL_CTX_set_cipher_list(s_ctx2, cipher)) { 1467 ERR_print_errors(bio_err); 1468 goto end; 1469 } 1470 } 1471 } 1472 if (ciphersuites != NULL) { 1473 if (!SSL_CTX_set_ciphersuites(c_ctx, ciphersuites) 1474 || !SSL_CTX_set_ciphersuites(s_ctx, ciphersuites) 1475 || !SSL_CTX_set_ciphersuites(s_ctx2, ciphersuites)) { 1476 ERR_print_errors(bio_err); 1477 goto end; 1478 } 1479 } 1480 1481#ifndef OPENSSL_NO_CT 1482 if (ct_validation && 1483 !SSL_CTX_enable_ct(c_ctx, SSL_CT_VALIDATION_STRICT)) { 1484 ERR_print_errors(bio_err); 1485 goto end; 1486 } 1487#endif 1488 1489 /* Process SSL_CONF arguments */ 1490 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx); 1491 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx); 1492 SSL_CONF_CTX_set_ssl_ctx(s_cctx2, s_ctx2); 1493 1494 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) { 1495 int rv; 1496 arg = sk_OPENSSL_STRING_value(conf_args, i); 1497 argn = sk_OPENSSL_STRING_value(conf_args, i + 1); 1498 rv = SSL_CONF_cmd(c_cctx, arg, argn); 1499 /* If not recognised use server context */ 1500 if (rv == -2) { 1501 rv = SSL_CONF_cmd(s_cctx2, arg, argn); 1502 if (rv > 0) 1503 rv = SSL_CONF_cmd(s_cctx, arg, argn); 1504 } 1505 if (rv <= 0) { 1506 BIO_printf(bio_err, "Error processing %s %s\n", 1507 arg, argn ? argn : ""); 1508 ERR_print_errors(bio_err); 1509 goto end; 1510 } 1511 } 1512 1513 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx) || !SSL_CONF_CTX_finish(s_cctx2)) { 1514 BIO_puts(bio_err, "Error finishing context\n"); 1515 ERR_print_errors(bio_err); 1516 goto end; 1517 } 1518#ifndef OPENSSL_NO_DH 1519 if (!no_dhe) { 1520 if (dhe1024dsa) { 1521 dh = get_dh1024dsa(); 1522 } else if (dhe512) 1523 dh = get_dh512(); 1524 else if (dhe2048) 1525 dh = get_dh2048(); 1526 else if (dhe4096) 1527 dh = get_dh4096(); 1528 else 1529 dh = get_dh1024(); 1530 SSL_CTX_set_tmp_dh(s_ctx, dh); 1531 SSL_CTX_set_tmp_dh(s_ctx2, dh); 1532 DH_free(dh); 1533 } 1534#else 1535 (void)no_dhe; 1536#endif 1537 1538 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 1539 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 1540 (!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) || 1541 (!SSL_CTX_set_default_verify_paths(s_ctx2)) || 1542 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 1543 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 1544 ERR_print_errors(bio_err); 1545 } 1546 1547#ifndef OPENSSL_NO_CT 1548 if (!SSL_CTX_set_default_ctlog_list_file(s_ctx) || 1549 !SSL_CTX_set_default_ctlog_list_file(s_ctx2) || 1550 !SSL_CTX_set_default_ctlog_list_file(c_ctx)) { 1551 ERR_print_errors(bio_err); 1552 } 1553#endif 1554 1555 if (client_auth) { 1556 printf("client authentication\n"); 1557 SSL_CTX_set_verify(s_ctx, 1558 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 1559 verify_callback); 1560 SSL_CTX_set_verify(s_ctx2, 1561 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 1562 verify_callback); 1563 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 1564 &app_verify_arg); 1565 SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback, 1566 &app_verify_arg); 1567 } 1568 if (server_auth) { 1569 printf("server authentication\n"); 1570 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback); 1571 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 1572 &app_verify_arg); 1573 } 1574 1575 { 1576 int session_id_context = 0; 1577 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, 1578 sizeof(session_id_context)) || 1579 !SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context, 1580 sizeof(session_id_context))) { 1581 ERR_print_errors(bio_err); 1582 goto end; 1583 } 1584 } 1585 1586 /* Use PSK only if PSK key is given */ 1587 if (psk_key != NULL) { 1588 /* 1589 * no_psk is used to avoid putting psk command to openssl tool 1590 */ 1591 if (no_psk) { 1592 /* 1593 * if PSK is not compiled in and psk key is given, do nothing and 1594 * exit successfully 1595 */ 1596 ret = EXIT_SUCCESS; 1597 goto end; 1598 } 1599#ifndef OPENSSL_NO_PSK 1600 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback); 1601 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback); 1602 SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback); 1603 if (debug) 1604 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n"); 1605 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint") || 1606 !SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) { 1607 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n"); 1608 ERR_print_errors(bio_err); 1609 goto end; 1610 } 1611#endif 1612 } 1613 1614#ifndef OPENSSL_NO_NEXTPROTONEG 1615 if (npn_client) { 1616 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL); 1617 } 1618 if (npn_server) { 1619 if (npn_server_reject) { 1620 BIO_printf(bio_err, 1621 "Can't have both -npn_server and -npn_server_reject\n"); 1622 goto end; 1623 } 1624 SSL_CTX_set_npn_advertised_cb(s_ctx, cb_server_npn, NULL); 1625 SSL_CTX_set_npn_advertised_cb(s_ctx2, cb_server_npn, NULL); 1626 } 1627 if (npn_server_reject) { 1628 SSL_CTX_set_npn_advertised_cb(s_ctx, cb_server_rejects_npn, NULL); 1629 SSL_CTX_set_npn_advertised_cb(s_ctx2, cb_server_rejects_npn, NULL); 1630 } 1631#endif 1632 1633 if (serverinfo_sct) { 1634 if (!SSL_CTX_add_client_custom_ext(c_ctx, 1635 TLSEXT_TYPE_signed_certificate_timestamp, 1636 NULL, NULL, NULL, 1637 serverinfo_cli_parse_cb, NULL)) { 1638 BIO_printf(bio_err, "Error adding SCT extension\n"); 1639 goto end; 1640 } 1641 } 1642 if (serverinfo_tack) { 1643 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE, 1644 NULL, NULL, NULL, 1645 serverinfo_cli_parse_cb, NULL)) { 1646 BIO_printf(bio_err, "Error adding TACK extension\n"); 1647 goto end; 1648 } 1649 } 1650 if (serverinfo_file) 1651 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file) || 1652 !SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) { 1653 BIO_printf(bio_err, "missing serverinfo file\n"); 1654 goto end; 1655 } 1656 1657 if (custom_ext) { 1658 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0, 1659 custom_ext_0_cli_add_cb, 1660 NULL, NULL, 1661 custom_ext_0_cli_parse_cb, NULL) 1662 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1, 1663 custom_ext_1_cli_add_cb, 1664 NULL, NULL, 1665 custom_ext_1_cli_parse_cb, NULL) 1666 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2, 1667 custom_ext_2_cli_add_cb, 1668 NULL, NULL, 1669 custom_ext_2_cli_parse_cb, NULL) 1670 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3, 1671 custom_ext_3_cli_add_cb, 1672 NULL, NULL, 1673 custom_ext_3_cli_parse_cb, NULL) 1674 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0, 1675 custom_ext_0_srv_add_cb, 1676 NULL, NULL, 1677 custom_ext_0_srv_parse_cb, NULL) 1678 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0, 1679 custom_ext_0_srv_add_cb, 1680 NULL, NULL, 1681 custom_ext_0_srv_parse_cb, NULL) 1682 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1, 1683 custom_ext_1_srv_add_cb, 1684 NULL, NULL, 1685 custom_ext_1_srv_parse_cb, NULL) 1686 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1, 1687 custom_ext_1_srv_add_cb, 1688 NULL, NULL, 1689 custom_ext_1_srv_parse_cb, NULL) 1690 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2, 1691 custom_ext_2_srv_add_cb, 1692 NULL, NULL, 1693 custom_ext_2_srv_parse_cb, NULL) 1694 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2, 1695 custom_ext_2_srv_add_cb, 1696 NULL, NULL, 1697 custom_ext_2_srv_parse_cb, NULL) 1698 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3, 1699 custom_ext_3_srv_add_cb, 1700 NULL, NULL, 1701 custom_ext_3_srv_parse_cb, NULL) 1702 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3, 1703 custom_ext_3_srv_add_cb, 1704 NULL, NULL, 1705 custom_ext_3_srv_parse_cb, NULL)) { 1706 BIO_printf(bio_err, "Error setting custom extensions\n"); 1707 goto end; 1708 } 1709 } 1710 1711 if (alpn_server) 1712 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server); 1713 if (alpn_server2) 1714 SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2); 1715 1716 if (alpn_client) { 1717 size_t alpn_len; 1718 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 1719 1720 if (alpn == NULL) { 1721 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 1722 goto end; 1723 } 1724 /* Returns 0 on success!! */ 1725 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) { 1726 BIO_printf(bio_err, "Error setting ALPN\n"); 1727 OPENSSL_free(alpn); 1728 goto end; 1729 } 1730 OPENSSL_free(alpn); 1731 } 1732 1733 if (server_sess_in != NULL) { 1734 server_sess = read_session(server_sess_in); 1735 if (server_sess == NULL) 1736 goto end; 1737 } 1738 if (client_sess_in != NULL) { 1739 client_sess = read_session(client_sess_in); 1740 if (client_sess == NULL) 1741 goto end; 1742 } 1743 1744 if (server_sess_out != NULL || server_sess_in != NULL) { 1745 char *keys; 1746 long size; 1747 1748 /* Use a fixed key so that we can decrypt the ticket. */ 1749 size = SSL_CTX_set_tlsext_ticket_keys(s_ctx, NULL, 0); 1750 keys = OPENSSL_zalloc(size); 1751 SSL_CTX_set_tlsext_ticket_keys(s_ctx, keys, size); 1752 OPENSSL_free(keys); 1753 } 1754 1755 if (sn_server1 != NULL || sn_server2 != NULL) 1756 SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb); 1757 1758 c_ssl = SSL_new(c_ctx); 1759 s_ssl = SSL_new(s_ctx); 1760 1761 if (sn_client) 1762 SSL_set_tlsext_host_name(c_ssl, sn_client); 1763 1764 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION)) 1765 goto end; 1766 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION)) 1767 goto end; 1768 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION)) 1769 goto end; 1770 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION)) 1771 goto end; 1772 1773 if (server_sess) { 1774 if (SSL_CTX_add_session(s_ctx, server_sess) == 0) { 1775 BIO_printf(bio_err, "Can't add server session\n"); 1776 ERR_print_errors(bio_err); 1777 goto end; 1778 } 1779 } 1780 1781 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes); 1782 for (i = 0; i < number; i++) { 1783 if (!reuse) { 1784 if (!SSL_set_session(c_ssl, NULL)) { 1785 BIO_printf(bio_err, "Failed to set session\n"); 1786 goto end; 1787 } 1788 } 1789 if (client_sess_in != NULL) { 1790 if (SSL_set_session(c_ssl, client_sess) == 0) { 1791 BIO_printf(bio_err, "Can't set client session\n"); 1792 ERR_print_errors(bio_err); 1793 goto end; 1794 } 1795 } 1796 switch (bio_type) { 1797 case BIO_MEM: 1798 ret = doit(s_ssl, c_ssl, bytes); 1799 break; 1800 case BIO_PAIR: 1801 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time); 1802 break; 1803#ifndef OPENSSL_NO_SOCK 1804 case BIO_IPV4: 1805 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV4, 1806 bytes, &s_time, &c_time); 1807 break; 1808 case BIO_IPV6: 1809 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV6, 1810 bytes, &s_time, &c_time); 1811 break; 1812#else 1813 case BIO_IPV4: 1814 case BIO_IPV6: 1815 ret = EXIT_FAILURE; 1816 goto err; 1817#endif 1818 } 1819 if (ret != EXIT_SUCCESS) break; 1820 } 1821 1822 if (should_negotiate && ret == EXIT_SUCCESS && 1823 strcmp(should_negotiate, "fail-server") != 0 && 1824 strcmp(should_negotiate, "fail-client") != 0) { 1825 int version = protocol_from_string(should_negotiate); 1826 if (version < 0) { 1827 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate); 1828 ret = EXIT_FAILURE; 1829 goto err; 1830 } 1831 if (SSL_version(c_ssl) != version) { 1832 BIO_printf(bio_err, "Unexpected version negotiated. " 1833 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl)); 1834 ret = EXIT_FAILURE; 1835 goto err; 1836 } 1837 } 1838 1839 if (should_reuse != -1) { 1840 if (SSL_session_reused(s_ssl) != should_reuse || 1841 SSL_session_reused(c_ssl) != should_reuse) { 1842 BIO_printf(bio_err, "Unexpected session reuse state. " 1843 "Expected: %d, server: %d, client: %d\n", should_reuse, 1844 SSL_session_reused(s_ssl), SSL_session_reused(c_ssl)); 1845 ret = EXIT_FAILURE; 1846 goto err; 1847 } 1848 } 1849 1850 if (server_sess_out != NULL) { 1851 if (write_session(server_sess_out, SSL_get_session(s_ssl)) == 0) { 1852 ret = EXIT_FAILURE; 1853 goto err; 1854 } 1855 } 1856 if (client_sess_out != NULL) { 1857 if (write_session(client_sess_out, SSL_get_session(c_ssl)) == 0) { 1858 ret = EXIT_FAILURE; 1859 goto err; 1860 } 1861 } 1862 1863 if (!verbose) { 1864 print_details(c_ssl, ""); 1865 } 1866 if (print_time) { 1867#ifdef CLOCKS_PER_SEC 1868 /* 1869 * "To determine the time in seconds, the value returned by the clock 1870 * function should be divided by the value of the macro 1871 * CLOCKS_PER_SEC." -- ISO/IEC 9899 1872 */ 1873 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n" 1874 "Approximate total client time: %6.2f s\n", 1875 (double)s_time / CLOCKS_PER_SEC, 1876 (double)c_time / CLOCKS_PER_SEC); 1877#else 1878 BIO_printf(bio_stdout, 1879 "Approximate total server time: %6.2f units\n" 1880 "Approximate total client time: %6.2f units\n", 1881 (double)s_time, (double)c_time); 1882#endif 1883 } 1884 1885 err: 1886 SSL_free(s_ssl); 1887 SSL_free(c_ssl); 1888 1889 end: 1890 SSL_CTX_free(s_ctx); 1891 SSL_CTX_free(s_ctx2); 1892 SSL_CTX_free(c_ctx); 1893 SSL_CONF_CTX_free(s_cctx); 1894 SSL_CONF_CTX_free(s_cctx2); 1895 SSL_CONF_CTX_free(c_cctx); 1896 sk_OPENSSL_STRING_free(conf_args); 1897 1898 BIO_free(bio_stdout); 1899 1900 SSL_SESSION_free(server_sess); 1901 SSL_SESSION_free(client_sess); 1902 1903#ifndef OPENSSL_NO_CRYPTO_MDEBUG 1904 if (CRYPTO_mem_leaks(bio_err) <= 0) 1905 ret = EXIT_FAILURE; 1906#endif 1907 BIO_free(bio_err); 1908 EXIT(ret); 1909} 1910 1911#ifndef OPENSSL_NO_SOCK 1912int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count, 1913 clock_t *s_time, clock_t *c_time) 1914{ 1915 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 1916 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 1917 BIO *acpt = NULL, *server = NULL, *client = NULL; 1918 char addr_str[40]; 1919 int ret = EXIT_FAILURE; 1920 int err_in_client = 0; 1921 int err_in_server = 0; 1922 1923 acpt = BIO_new_accept(family == BIO_FAMILY_IPV4 ? "127.0.0.1:0" 1924 : "[::1]:0"); 1925 if (acpt == NULL) 1926 goto err; 1927 BIO_set_accept_ip_family(acpt, family); 1928 BIO_set_bind_mode(acpt, BIO_SOCK_NONBLOCK | BIO_SOCK_REUSEADDR); 1929 if (BIO_do_accept(acpt) <= 0) 1930 goto err; 1931 1932 BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt)); 1933 1934 client = BIO_new_connect(addr_str); 1935 BIO_set_conn_ip_family(client, family); 1936 if (!client) 1937 goto err; 1938 1939 if (BIO_set_nbio(client, 1) <= 0) 1940 goto err; 1941 if (BIO_set_nbio(acpt, 1) <= 0) 1942 goto err; 1943 1944 { 1945 int st_connect = 0, st_accept = 0; 1946 1947 while(!st_connect || !st_accept) { 1948 if (!st_connect) { 1949 if (BIO_do_connect(client) <= 0) { 1950 if (!BIO_should_retry(client)) 1951 goto err; 1952 } else { 1953 st_connect = 1; 1954 } 1955 } 1956 if (!st_accept) { 1957 if (BIO_do_accept(acpt) <= 0) { 1958 if (!BIO_should_retry(acpt)) 1959 goto err; 1960 } else { 1961 st_accept = 1; 1962 } 1963 } 1964 } 1965 } 1966 /* We're not interested in accepting further connects */ 1967 server = BIO_pop(acpt); 1968 BIO_free_all(acpt); 1969 acpt = NULL; 1970 1971 s_ssl_bio = BIO_new(BIO_f_ssl()); 1972 if (!s_ssl_bio) 1973 goto err; 1974 1975 c_ssl_bio = BIO_new(BIO_f_ssl()); 1976 if (!c_ssl_bio) 1977 goto err; 1978 1979 SSL_set_connect_state(c_ssl); 1980 SSL_set_bio(c_ssl, client, client); 1981 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 1982 1983 SSL_set_accept_state(s_ssl); 1984 SSL_set_bio(s_ssl, server, server); 1985 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 1986 1987 do { 1988 /*- 1989 * c_ssl_bio: SSL filter BIO 1990 * 1991 * client: I/O for SSL library 1992 * 1993 * 1994 * server: I/O for SSL library 1995 * 1996 * s_ssl_bio: SSL filter BIO 1997 */ 1998 1999 /* 2000 * We have non-blocking behaviour throughout this test program, but 2001 * can be sure that there is *some* progress in each iteration; so we 2002 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE -- 2003 * we just try everything in each iteration 2004 */ 2005 2006 { 2007 /* CLIENT */ 2008 2009 char cbuf[1024 * 8]; 2010 int i, r; 2011 clock_t c_clock = clock(); 2012 2013 memset(cbuf, 0, sizeof(cbuf)); 2014 2015 if (debug) 2016 if (SSL_in_init(c_ssl)) 2017 printf("client waiting in SSL_connect - %s\n", 2018 SSL_state_string_long(c_ssl)); 2019 2020 if (cw_num > 0) { 2021 /* Write to server. */ 2022 2023 if (cw_num > (long)sizeof(cbuf)) 2024 i = sizeof(cbuf); 2025 else 2026 i = (int)cw_num; 2027 r = BIO_write(c_ssl_bio, cbuf, i); 2028 if (r < 0) { 2029 if (!BIO_should_retry(c_ssl_bio)) { 2030 fprintf(stderr, "ERROR in CLIENT\n"); 2031 err_in_client = 1; 2032 goto err; 2033 } 2034 /* 2035 * BIO_should_retry(...) can just be ignored here. The 2036 * library expects us to call BIO_write with the same 2037 * arguments again, and that's what we will do in the 2038 * next iteration. 2039 */ 2040 } else if (r == 0) { 2041 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2042 goto err; 2043 } else { 2044 if (debug) 2045 printf("client wrote %d\n", r); 2046 cw_num -= r; 2047 } 2048 } 2049 2050 if (cr_num > 0) { 2051 /* Read from server. */ 2052 2053 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 2054 if (r < 0) { 2055 if (!BIO_should_retry(c_ssl_bio)) { 2056 fprintf(stderr, "ERROR in CLIENT\n"); 2057 err_in_client = 1; 2058 goto err; 2059 } 2060 /* 2061 * Again, "BIO_should_retry" can be ignored. 2062 */ 2063 } else if (r == 0) { 2064 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2065 goto err; 2066 } else { 2067 if (debug) 2068 printf("client read %d\n", r); 2069 cr_num -= r; 2070 } 2071 } 2072 2073 /* 2074 * c_time and s_time increments will typically be very small 2075 * (depending on machine speed and clock tick intervals), but 2076 * sampling over a large number of connections should result in 2077 * fairly accurate figures. We cannot guarantee a lot, however 2078 * -- if each connection lasts for exactly one clock tick, it 2079 * will be counted only for the client or only for the server or 2080 * even not at all. 2081 */ 2082 *c_time += (clock() - c_clock); 2083 } 2084 2085 { 2086 /* SERVER */ 2087 2088 char sbuf[1024 * 8]; 2089 int i, r; 2090 clock_t s_clock = clock(); 2091 2092 memset(sbuf, 0, sizeof(sbuf)); 2093 2094 if (debug) 2095 if (SSL_in_init(s_ssl)) 2096 printf("server waiting in SSL_accept - %s\n", 2097 SSL_state_string_long(s_ssl)); 2098 2099 if (sw_num > 0) { 2100 /* Write to client. */ 2101 2102 if (sw_num > (long)sizeof(sbuf)) 2103 i = sizeof(sbuf); 2104 else 2105 i = (int)sw_num; 2106 r = BIO_write(s_ssl_bio, sbuf, i); 2107 if (r < 0) { 2108 if (!BIO_should_retry(s_ssl_bio)) { 2109 fprintf(stderr, "ERROR in SERVER\n"); 2110 err_in_server = 1; 2111 goto err; 2112 } 2113 /* Ignore "BIO_should_retry". */ 2114 } else if (r == 0) { 2115 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 2116 goto err; 2117 } else { 2118 if (debug) 2119 printf("server wrote %d\n", r); 2120 sw_num -= r; 2121 } 2122 } 2123 2124 if (sr_num > 0) { 2125 /* Read from client. */ 2126 2127 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 2128 if (r < 0) { 2129 if (!BIO_should_retry(s_ssl_bio)) { 2130 fprintf(stderr, "ERROR in SERVER\n"); 2131 err_in_server = 1; 2132 goto err; 2133 } 2134 /* blah, blah */ 2135 } else if (r == 0) { 2136 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 2137 goto err; 2138 } else { 2139 if (debug) 2140 printf("server read %d\n", r); 2141 sr_num -= r; 2142 } 2143 } 2144 2145 *s_time += (clock() - s_clock); 2146 } 2147 } 2148 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 2149 2150 if (verbose) 2151 print_details(c_ssl, "DONE via TCP connect: "); 2152# ifndef OPENSSL_NO_NEXTPROTONEG 2153 if (verify_npn(c_ssl, s_ssl) < 0) 2154 goto end; 2155# endif 2156 if (verify_serverinfo() < 0) { 2157 fprintf(stderr, "Server info verify error\n"); 2158 goto err; 2159 } 2160 if (verify_alpn(c_ssl, s_ssl) < 0 2161 || verify_servername(c_ssl, s_ssl) < 0) 2162 goto err; 2163 2164 if (custom_ext_error) { 2165 fprintf(stderr, "Custom extension error\n"); 2166 goto err; 2167 } 2168 2169# ifndef OPENSSL_NO_NEXTPROTONEG 2170 end: 2171# endif 2172 ret = EXIT_SUCCESS; 2173 2174 err: 2175 ERR_print_errors(bio_err); 2176 2177 BIO_free_all(acpt); 2178 BIO_free(server); 2179 BIO_free(client); 2180 BIO_free(s_ssl_bio); 2181 BIO_free(c_ssl_bio); 2182 2183 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0) 2184 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE; 2185 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0) 2186 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE; 2187 2188 return ret; 2189} 2190#endif 2191 2192int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, 2193 clock_t *s_time, clock_t *c_time) 2194{ 2195 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 2196 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 2197 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL; 2198 int ret = EXIT_FAILURE; 2199 int err_in_client = 0; 2200 int err_in_server = 0; 2201 2202 size_t bufsiz = 256; /* small buffer for testing */ 2203 2204 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 2205 goto err; 2206 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 2207 goto err; 2208 2209 s_ssl_bio = BIO_new(BIO_f_ssl()); 2210 if (!s_ssl_bio) 2211 goto err; 2212 2213 c_ssl_bio = BIO_new(BIO_f_ssl()); 2214 if (!c_ssl_bio) 2215 goto err; 2216 2217 SSL_set_connect_state(c_ssl); 2218 SSL_set_bio(c_ssl, client, client); 2219 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 2220 2221 SSL_set_accept_state(s_ssl); 2222 SSL_set_bio(s_ssl, server, server); 2223 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 2224 2225 do { 2226 /*- 2227 * c_ssl_bio: SSL filter BIO 2228 * 2229 * client: pseudo-I/O for SSL library 2230 * 2231 * client_io: client's SSL communication; usually to be 2232 * relayed over some I/O facility, but in this 2233 * test program, we're the server, too: 2234 * 2235 * server_io: server's SSL communication 2236 * 2237 * server: pseudo-I/O for SSL library 2238 * 2239 * s_ssl_bio: SSL filter BIO 2240 * 2241 * The client and the server each employ a "BIO pair": 2242 * client + client_io, server + server_io. 2243 * BIO pairs are symmetric. A BIO pair behaves similar 2244 * to a non-blocking socketpair (but both endpoints must 2245 * be handled by the same thread). 2246 * [Here we could connect client and server to the ends 2247 * of a single BIO pair, but then this code would be less 2248 * suitable as an example for BIO pairs in general.] 2249 * 2250 * Useful functions for querying the state of BIO pair endpoints: 2251 * 2252 * BIO_ctrl_pending(bio) number of bytes we can read now 2253 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfill 2254 * other side's read attempt 2255 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 2256 * 2257 * ..._read_request is never more than ..._write_guarantee; 2258 * it depends on the application which one you should use. 2259 */ 2260 2261 /* 2262 * We have non-blocking behaviour throughout this test program, but 2263 * can be sure that there is *some* progress in each iteration; so we 2264 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE -- 2265 * we just try everything in each iteration 2266 */ 2267 2268 { 2269 /* CLIENT */ 2270 2271 char cbuf[1024 * 8]; 2272 int i, r; 2273 clock_t c_clock = clock(); 2274 2275 memset(cbuf, 0, sizeof(cbuf)); 2276 2277 if (debug) 2278 if (SSL_in_init(c_ssl)) 2279 printf("client waiting in SSL_connect - %s\n", 2280 SSL_state_string_long(c_ssl)); 2281 2282 if (cw_num > 0) { 2283 /* Write to server. */ 2284 2285 if (cw_num > (long)sizeof(cbuf)) 2286 i = sizeof(cbuf); 2287 else 2288 i = (int)cw_num; 2289 r = BIO_write(c_ssl_bio, cbuf, i); 2290 if (r < 0) { 2291 if (!BIO_should_retry(c_ssl_bio)) { 2292 fprintf(stderr, "ERROR in CLIENT\n"); 2293 err_in_client = 1; 2294 goto err; 2295 } 2296 /* 2297 * BIO_should_retry(...) can just be ignored here. The 2298 * library expects us to call BIO_write with the same 2299 * arguments again, and that's what we will do in the 2300 * next iteration. 2301 */ 2302 } else if (r == 0) { 2303 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2304 goto err; 2305 } else { 2306 if (debug) 2307 printf("client wrote %d\n", r); 2308 cw_num -= r; 2309 } 2310 } 2311 2312 if (cr_num > 0) { 2313 /* Read from server. */ 2314 2315 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 2316 if (r < 0) { 2317 if (!BIO_should_retry(c_ssl_bio)) { 2318 fprintf(stderr, "ERROR in CLIENT\n"); 2319 err_in_client = 1; 2320 goto err; 2321 } 2322 /* 2323 * Again, "BIO_should_retry" can be ignored. 2324 */ 2325 } else if (r == 0) { 2326 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2327 goto err; 2328 } else { 2329 if (debug) 2330 printf("client read %d\n", r); 2331 cr_num -= r; 2332 } 2333 } 2334 2335 /* 2336 * c_time and s_time increments will typically be very small 2337 * (depending on machine speed and clock tick intervals), but 2338 * sampling over a large number of connections should result in 2339 * fairly accurate figures. We cannot guarantee a lot, however 2340 * -- if each connection lasts for exactly one clock tick, it 2341 * will be counted only for the client or only for the server or 2342 * even not at all. 2343 */ 2344 *c_time += (clock() - c_clock); 2345 } 2346 2347 { 2348 /* SERVER */ 2349 2350 char sbuf[1024 * 8]; 2351 int i, r; 2352 clock_t s_clock = clock(); 2353 2354 memset(sbuf, 0, sizeof(sbuf)); 2355 2356 if (debug) 2357 if (SSL_in_init(s_ssl)) 2358 printf("server waiting in SSL_accept - %s\n", 2359 SSL_state_string_long(s_ssl)); 2360 2361 if (sw_num > 0) { 2362 /* Write to client. */ 2363 2364 if (sw_num > (long)sizeof(sbuf)) 2365 i = sizeof(sbuf); 2366 else 2367 i = (int)sw_num; 2368 r = BIO_write(s_ssl_bio, sbuf, i); 2369 if (r < 0) { 2370 if (!BIO_should_retry(s_ssl_bio)) { 2371 fprintf(stderr, "ERROR in SERVER\n"); 2372 err_in_server = 1; 2373 goto err; 2374 } 2375 /* Ignore "BIO_should_retry". */ 2376 } else if (r == 0) { 2377 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 2378 goto err; 2379 } else { 2380 if (debug) 2381 printf("server wrote %d\n", r); 2382 sw_num -= r; 2383 } 2384 } 2385 2386 if (sr_num > 0) { 2387 /* Read from client. */ 2388 2389 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 2390 if (r < 0) { 2391 if (!BIO_should_retry(s_ssl_bio)) { 2392 fprintf(stderr, "ERROR in SERVER\n"); 2393 err_in_server = 1; 2394 goto err; 2395 } 2396 /* blah, blah */ 2397 } else if (r == 0) { 2398 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 2399 goto err; 2400 } else { 2401 if (debug) 2402 printf("server read %d\n", r); 2403 sr_num -= r; 2404 } 2405 } 2406 2407 *s_time += (clock() - s_clock); 2408 } 2409 2410 { 2411 /* "I/O" BETWEEN CLIENT AND SERVER. */ 2412 2413 size_t r1, r2; 2414 BIO *io1 = server_io, *io2 = client_io; 2415 /* 2416 * we use the non-copying interface for io1 and the standard 2417 * BIO_write/BIO_read interface for io2 2418 */ 2419 2420 static int prev_progress = 1; 2421 int progress = 0; 2422 2423 /* io1 to io2 */ 2424 do { 2425 size_t num; 2426 int r; 2427 2428 r1 = BIO_ctrl_pending(io1); 2429 r2 = BIO_ctrl_get_write_guarantee(io2); 2430 2431 num = r1; 2432 if (r2 < num) 2433 num = r2; 2434 if (num) { 2435 char *dataptr; 2436 2437 if (INT_MAX < num) /* yeah, right */ 2438 num = INT_MAX; 2439 2440 r = BIO_nread(io1, &dataptr, (int)num); 2441 assert(r > 0); 2442 assert(r <= (int)num); 2443 /* 2444 * possibly r < num (non-contiguous data) 2445 */ 2446 num = r; 2447 r = BIO_write(io2, dataptr, (int)num); 2448 if (r != (int)num) { /* can't happen */ 2449 fprintf(stderr, "ERROR: BIO_write could not write " 2450 "BIO_ctrl_get_write_guarantee() bytes"); 2451 goto err; 2452 } 2453 progress = 1; 2454 2455 if (debug) 2456 printf((io1 == client_io) ? 2457 "C->S relaying: %d bytes\n" : 2458 "S->C relaying: %d bytes\n", (int)num); 2459 } 2460 } 2461 while (r1 && r2); 2462 2463 /* io2 to io1 */ 2464 { 2465 size_t num; 2466 int r; 2467 2468 r1 = BIO_ctrl_pending(io2); 2469 r2 = BIO_ctrl_get_read_request(io1); 2470 /* 2471 * here we could use ..._get_write_guarantee instead of 2472 * ..._get_read_request, but by using the latter we test 2473 * restartability of the SSL implementation more thoroughly 2474 */ 2475 num = r1; 2476 if (r2 < num) 2477 num = r2; 2478 if (num) { 2479 char *dataptr; 2480 2481 if (INT_MAX < num) 2482 num = INT_MAX; 2483 2484 if (num > 1) 2485 --num; /* test restartability even more thoroughly */ 2486 2487 r = BIO_nwrite0(io1, &dataptr); 2488 assert(r > 0); 2489 if (r < (int)num) 2490 num = r; 2491 r = BIO_read(io2, dataptr, (int)num); 2492 if (r != (int)num) { /* can't happen */ 2493 fprintf(stderr, "ERROR: BIO_read could not read " 2494 "BIO_ctrl_pending() bytes"); 2495 goto err; 2496 } 2497 progress = 1; 2498 r = BIO_nwrite(io1, &dataptr, (int)num); 2499 if (r != (int)num) { /* can't happen */ 2500 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 2501 "BIO_nwrite0() bytes"); 2502 goto err; 2503 } 2504 2505 if (debug) 2506 printf((io2 == client_io) ? 2507 "C->S relaying: %d bytes\n" : 2508 "S->C relaying: %d bytes\n", (int)num); 2509 } 2510 } /* no loop, BIO_ctrl_get_read_request now 2511 * returns 0 anyway */ 2512 2513 if (!progress && !prev_progress) 2514 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 2515 fprintf(stderr, "ERROR: got stuck\n"); 2516 fprintf(stderr, " ERROR.\n"); 2517 goto err; 2518 } 2519 prev_progress = progress; 2520 } 2521 } 2522 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 2523 2524 if (verbose) 2525 print_details(c_ssl, "DONE via BIO pair: "); 2526#ifndef OPENSSL_NO_NEXTPROTONEG 2527 if (verify_npn(c_ssl, s_ssl) < 0) 2528 goto end; 2529#endif 2530 if (verify_serverinfo() < 0) { 2531 fprintf(stderr, "Server info verify error\n"); 2532 goto err; 2533 } 2534 if (verify_alpn(c_ssl, s_ssl) < 0 2535 || verify_servername(c_ssl, s_ssl) < 0) 2536 goto err; 2537 2538 if (custom_ext_error) { 2539 fprintf(stderr, "Custom extension error\n"); 2540 goto err; 2541 } 2542 2543#ifndef OPENSSL_NO_NEXTPROTONEG 2544 end: 2545#endif 2546 ret = EXIT_SUCCESS; 2547 2548 err: 2549 ERR_print_errors(bio_err); 2550 2551 BIO_free(server); 2552 BIO_free(server_io); 2553 BIO_free(client); 2554 BIO_free(client_io); 2555 BIO_free(s_ssl_bio); 2556 BIO_free(c_ssl_bio); 2557 2558 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0) 2559 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE; 2560 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0) 2561 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE; 2562 2563 return ret; 2564} 2565 2566#define W_READ 1 2567#define W_WRITE 2 2568#define C_DONE 1 2569#define S_DONE 2 2570 2571int doit(SSL *s_ssl, SSL *c_ssl, long count) 2572{ 2573 char *cbuf = NULL, *sbuf = NULL; 2574 long bufsiz; 2575 long cw_num = count, cr_num = count; 2576 long sw_num = count, sr_num = count; 2577 int ret = EXIT_FAILURE; 2578 BIO *c_to_s = NULL; 2579 BIO *s_to_c = NULL; 2580 BIO *c_bio = NULL; 2581 BIO *s_bio = NULL; 2582 int c_r, c_w, s_r, s_w; 2583 int i, j; 2584 int done = 0; 2585 int c_write, s_write; 2586 int do_server = 0, do_client = 0; 2587 int max_frag = 5 * 1024; 2588 int err_in_client = 0; 2589 int err_in_server = 0; 2590 2591 bufsiz = count > 40 * 1024 ? 40 * 1024 : count; 2592 2593 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL) 2594 goto err; 2595 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL) 2596 goto err; 2597 2598 c_to_s = BIO_new(BIO_s_mem()); 2599 s_to_c = BIO_new(BIO_s_mem()); 2600 if ((s_to_c == NULL) || (c_to_s == NULL)) { 2601 ERR_print_errors(bio_err); 2602 goto err; 2603 } 2604 2605 c_bio = BIO_new(BIO_f_ssl()); 2606 s_bio = BIO_new(BIO_f_ssl()); 2607 if ((c_bio == NULL) || (s_bio == NULL)) { 2608 ERR_print_errors(bio_err); 2609 goto err; 2610 } 2611 2612 SSL_set_connect_state(c_ssl); 2613 SSL_set_bio(c_ssl, s_to_c, c_to_s); 2614 SSL_set_max_send_fragment(c_ssl, max_frag); 2615 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 2616 2617 /* 2618 * We've just given our ref to these BIOs to c_ssl. We need another one to 2619 * give to s_ssl 2620 */ 2621 if (!BIO_up_ref(c_to_s)) { 2622 /* c_to_s and s_to_c will get freed when we free c_ssl */ 2623 c_to_s = NULL; 2624 s_to_c = NULL; 2625 goto err; 2626 } 2627 if (!BIO_up_ref(s_to_c)) { 2628 /* s_to_c will get freed when we free c_ssl */ 2629 s_to_c = NULL; 2630 goto err; 2631 } 2632 2633 SSL_set_accept_state(s_ssl); 2634 SSL_set_bio(s_ssl, c_to_s, s_to_c); 2635 2636 /* We've used up all our refs to these now */ 2637 c_to_s = NULL; 2638 s_to_c = NULL; 2639 2640 SSL_set_max_send_fragment(s_ssl, max_frag); 2641 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 2642 2643 c_r = 0; 2644 s_r = 1; 2645 c_w = 1; 2646 s_w = 0; 2647 c_write = 1, s_write = 0; 2648 2649 /* We can always do writes */ 2650 for (;;) { 2651 do_server = 0; 2652 do_client = 0; 2653 2654 i = (int)BIO_pending(s_bio); 2655 if ((i && s_r) || s_w) 2656 do_server = 1; 2657 2658 i = (int)BIO_pending(c_bio); 2659 if ((i && c_r) || c_w) 2660 do_client = 1; 2661 2662 if (do_server && debug) { 2663 if (SSL_in_init(s_ssl)) 2664 printf("server waiting in SSL_accept - %s\n", 2665 SSL_state_string_long(s_ssl)); 2666 } 2667 2668 if (do_client && debug) { 2669 if (SSL_in_init(c_ssl)) 2670 printf("client waiting in SSL_connect - %s\n", 2671 SSL_state_string_long(c_ssl)); 2672 } 2673 2674 if (!do_client && !do_server) { 2675 fprintf(stdout, "ERROR IN STARTUP\n"); 2676 ERR_print_errors(bio_err); 2677 goto err; 2678 } 2679 if (do_client && !(done & C_DONE)) { 2680 if (c_write) { 2681 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num; 2682 i = BIO_write(c_bio, cbuf, j); 2683 if (i < 0) { 2684 c_r = 0; 2685 c_w = 0; 2686 if (BIO_should_retry(c_bio)) { 2687 if (BIO_should_read(c_bio)) 2688 c_r = 1; 2689 if (BIO_should_write(c_bio)) 2690 c_w = 1; 2691 } else { 2692 fprintf(stderr, "ERROR in CLIENT\n"); 2693 err_in_client = 1; 2694 ERR_print_errors(bio_err); 2695 goto err; 2696 } 2697 } else if (i == 0) { 2698 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2699 goto err; 2700 } else { 2701 if (debug) 2702 printf("client wrote %d\n", i); 2703 /* ok */ 2704 s_r = 1; 2705 c_write = 0; 2706 cw_num -= i; 2707 if (max_frag > 1029) 2708 SSL_set_max_send_fragment(c_ssl, max_frag -= 5); 2709 } 2710 } else { 2711 i = BIO_read(c_bio, cbuf, bufsiz); 2712 if (i < 0) { 2713 c_r = 0; 2714 c_w = 0; 2715 if (BIO_should_retry(c_bio)) { 2716 if (BIO_should_read(c_bio)) 2717 c_r = 1; 2718 if (BIO_should_write(c_bio)) 2719 c_w = 1; 2720 } else { 2721 fprintf(stderr, "ERROR in CLIENT\n"); 2722 err_in_client = 1; 2723 ERR_print_errors(bio_err); 2724 goto err; 2725 } 2726 } else if (i == 0) { 2727 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 2728 goto err; 2729 } else { 2730 if (debug) 2731 printf("client read %d\n", i); 2732 cr_num -= i; 2733 if (sw_num > 0) { 2734 s_write = 1; 2735 s_w = 1; 2736 } 2737 if (cr_num <= 0) { 2738 s_write = 1; 2739 s_w = 1; 2740 done = S_DONE | C_DONE; 2741 } 2742 } 2743 } 2744 } 2745 2746 if (do_server && !(done & S_DONE)) { 2747 if (!s_write) { 2748 i = BIO_read(s_bio, sbuf, bufsiz); 2749 if (i < 0) { 2750 s_r = 0; 2751 s_w = 0; 2752 if (BIO_should_retry(s_bio)) { 2753 if (BIO_should_read(s_bio)) 2754 s_r = 1; 2755 if (BIO_should_write(s_bio)) 2756 s_w = 1; 2757 } else { 2758 fprintf(stderr, "ERROR in SERVER\n"); 2759 err_in_server = 1; 2760 ERR_print_errors(bio_err); 2761 goto err; 2762 } 2763 } else if (i == 0) { 2764 ERR_print_errors(bio_err); 2765 fprintf(stderr, 2766 "SSL SERVER STARTUP FAILED in SSL_read\n"); 2767 goto err; 2768 } else { 2769 if (debug) 2770 printf("server read %d\n", i); 2771 sr_num -= i; 2772 if (cw_num > 0) { 2773 c_write = 1; 2774 c_w = 1; 2775 } 2776 if (sr_num <= 0) { 2777 s_write = 1; 2778 s_w = 1; 2779 c_write = 0; 2780 } 2781 } 2782 } else { 2783 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num; 2784 i = BIO_write(s_bio, sbuf, j); 2785 if (i < 0) { 2786 s_r = 0; 2787 s_w = 0; 2788 if (BIO_should_retry(s_bio)) { 2789 if (BIO_should_read(s_bio)) 2790 s_r = 1; 2791 if (BIO_should_write(s_bio)) 2792 s_w = 1; 2793 } else { 2794 fprintf(stderr, "ERROR in SERVER\n"); 2795 err_in_server = 1; 2796 ERR_print_errors(bio_err); 2797 goto err; 2798 } 2799 } else if (i == 0) { 2800 ERR_print_errors(bio_err); 2801 fprintf(stderr, 2802 "SSL SERVER STARTUP FAILED in SSL_write\n"); 2803 goto err; 2804 } else { 2805 if (debug) 2806 printf("server wrote %d\n", i); 2807 sw_num -= i; 2808 s_write = 0; 2809 c_r = 1; 2810 if (sw_num <= 0) 2811 done |= S_DONE; 2812 if (max_frag > 1029) 2813 SSL_set_max_send_fragment(s_ssl, max_frag -= 5); 2814 } 2815 } 2816 } 2817 2818 if ((done & S_DONE) && (done & C_DONE)) 2819 break; 2820 } 2821 2822 if (verbose) 2823 print_details(c_ssl, "DONE: "); 2824#ifndef OPENSSL_NO_NEXTPROTONEG 2825 if (verify_npn(c_ssl, s_ssl) < 0) 2826 goto err; 2827#endif 2828 if (verify_serverinfo() < 0) { 2829 fprintf(stderr, "Server info verify error\n"); 2830 goto err; 2831 } 2832 if (custom_ext_error) { 2833 fprintf(stderr, "Custom extension error\n"); 2834 goto err; 2835 } 2836 ret = EXIT_SUCCESS; 2837 err: 2838 BIO_free(c_to_s); 2839 BIO_free(s_to_c); 2840 BIO_free_all(c_bio); 2841 BIO_free_all(s_bio); 2842 OPENSSL_free(cbuf); 2843 OPENSSL_free(sbuf); 2844 2845 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0) 2846 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE; 2847 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0) 2848 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE; 2849 2850 return ret; 2851} 2852 2853static int verify_callback(int ok, X509_STORE_CTX *ctx) 2854{ 2855 char *s, buf[256]; 2856 2857 s = X509_NAME_oneline(X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)), 2858 buf, sizeof(buf)); 2859 if (s != NULL) { 2860 if (ok) 2861 printf("depth=%d %s\n", X509_STORE_CTX_get_error_depth(ctx), buf); 2862 else { 2863 fprintf(stderr, "depth=%d error=%d %s\n", 2864 X509_STORE_CTX_get_error_depth(ctx), 2865 X509_STORE_CTX_get_error(ctx), buf); 2866 } 2867 } 2868 2869 if (ok == 0) { 2870 int i = X509_STORE_CTX_get_error(ctx); 2871 2872 switch (i) { 2873 default: 2874 fprintf(stderr, "Error string: %s\n", 2875 X509_verify_cert_error_string(i)); 2876 break; 2877 case X509_V_ERR_CERT_NOT_YET_VALID: 2878 case X509_V_ERR_CERT_HAS_EXPIRED: 2879 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 2880 ok = 1; 2881 break; 2882 } 2883 } 2884 2885 return ok; 2886} 2887 2888static int app_verify_callback(X509_STORE_CTX *ctx, void *arg) 2889{ 2890 int ok = 1; 2891 struct app_verify_arg *cb_arg = arg; 2892 2893 if (cb_arg->app_verify) { 2894 char *s = NULL, buf[256]; 2895 X509 *c = X509_STORE_CTX_get0_cert(ctx); 2896 2897 printf("In app_verify_callback, allowing cert. "); 2898 printf("Arg is: %s\n", cb_arg->string); 2899 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n", 2900 (void *)ctx, (void *)c); 2901 if (c) 2902 s = X509_NAME_oneline(X509_get_subject_name(c), buf, 256); 2903 if (s != NULL) { 2904 printf("cert depth=%d %s\n", 2905 X509_STORE_CTX_get_error_depth(ctx), buf); 2906 } 2907 return 1; 2908 } 2909 2910 ok = X509_verify_cert(ctx); 2911 2912 return ok; 2913} 2914 2915#ifndef OPENSSL_NO_DH 2916/*- 2917 * These DH parameters have been generated as follows: 2918 * $ openssl dhparam -C -noout 512 2919 * $ openssl dhparam -C -noout 1024 2920 * $ openssl dhparam -C -noout -dsaparam 1024 2921 * (The third function has been renamed to avoid name conflicts.) 2922 */ 2923static DH *get_dh512(void) 2924{ 2925 static unsigned char dh512_p[] = { 2926 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 2927 0xC6, 2928 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 2929 0xB0, 2930 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 2931 0x5F, 2932 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 2933 0xB8, 2934 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 2935 0x33, 2936 0x02, 0xC5, 0xAE, 0x23, 2937 }; 2938 static unsigned char dh512_g[] = { 2939 0x02, 2940 }; 2941 DH *dh; 2942 BIGNUM *p, *g; 2943 2944 if ((dh = DH_new()) == NULL) 2945 return NULL; 2946 p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 2947 g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 2948 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) { 2949 DH_free(dh); 2950 BN_free(p); 2951 BN_free(g); 2952 return NULL; 2953 } 2954 return dh; 2955} 2956 2957static DH *get_dh1024(void) 2958{ 2959 static unsigned char dh1024_p[] = { 2960 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 2961 0x3A, 2962 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 2963 0xA2, 2964 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 2965 0xB0, 2966 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 2967 0xC2, 2968 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 2969 0x8C, 2970 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 2971 0xB8, 2972 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 2973 0x52, 2974 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 2975 0xC1, 2976 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 2977 0xB1, 2978 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 2979 0xAB, 2980 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 2981 }; 2982 static unsigned char dh1024_g[] = { 2983 0x02, 2984 }; 2985 DH *dh; 2986 BIGNUM *p, *g; 2987 2988 if ((dh = DH_new()) == NULL) 2989 return NULL; 2990 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2991 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2992 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) { 2993 DH_free(dh); 2994 BN_free(p); 2995 BN_free(g); 2996 return NULL; 2997 } 2998 return dh; 2999} 3000 3001static DH *get_dh1024dsa(void) 3002{ 3003 static unsigned char dh1024_p[] = { 3004 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 3005 0x00, 3006 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 3007 0x19, 3008 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 3009 0xD2, 3010 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 3011 0x55, 3012 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 3013 0xFC, 3014 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 3015 0x97, 3016 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 3017 0x8D, 3018 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 3019 0xBB, 3020 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 3021 0xF6, 3022 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 3023 0x9E, 3024 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 3025 }; 3026 static unsigned char dh1024_g[] = { 3027 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 3028 0x05, 3029 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 3030 0xF3, 3031 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 3032 0xE9, 3033 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 3034 0x3C, 3035 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 3036 0x65, 3037 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 3038 0x60, 3039 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 3040 0xF6, 3041 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 3042 0xA7, 3043 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 3044 0xA1, 3045 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 3046 0x60, 3047 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 3048 }; 3049 DH *dh; 3050 BIGNUM *p, *g; 3051 3052 if ((dh = DH_new()) == NULL) 3053 return NULL; 3054 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 3055 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 3056 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) { 3057 DH_free(dh); 3058 BN_free(p); 3059 BN_free(g); 3060 return NULL; 3061 } 3062 DH_set_length(dh, 160); 3063 return dh; 3064} 3065 3066static DH *get_dh2048(void) 3067{ 3068 BIGNUM *p = NULL, *g = NULL; 3069 DH *dh = NULL; 3070 3071 if ((dh = DH_new()) == NULL) 3072 return NULL; 3073 3074 g = BN_new(); 3075 if (g == NULL || !BN_set_word(g, 2)) 3076 goto err; 3077 3078 p = BN_get_rfc3526_prime_2048(NULL); 3079 if (p == NULL) 3080 goto err; 3081 3082 if (!DH_set0_pqg(dh, p, NULL, g)) 3083 goto err; 3084 3085 return dh; 3086 3087 err: 3088 DH_free(dh); 3089 BN_free(p); 3090 BN_free(g); 3091 return NULL; 3092} 3093 3094static DH *get_dh4096(void) 3095{ 3096 BIGNUM *p = NULL, *g = NULL; 3097 DH *dh = NULL; 3098 3099 if ((dh = DH_new()) == NULL) 3100 return NULL; 3101 3102 g = BN_new(); 3103 if (g == NULL || !BN_set_word(g, 2)) 3104 goto err; 3105 3106 p = BN_get_rfc3526_prime_4096(NULL); 3107 if (p == NULL) 3108 goto err; 3109 3110 if (!DH_set0_pqg(dh, p, NULL, g)) 3111 goto err; 3112 3113 return dh; 3114 3115 err: 3116 DH_free(dh); 3117 BN_free(p); 3118 BN_free(g); 3119 return NULL; 3120} 3121#endif 3122 3123#ifndef OPENSSL_NO_PSK 3124/* convert the PSK key (psk_key) in ascii to binary (psk) */ 3125static int psk_key2bn(const char *pskkey, unsigned char *psk, 3126 unsigned int max_psk_len) 3127{ 3128 int ret; 3129 BIGNUM *bn = NULL; 3130 3131 ret = BN_hex2bn(&bn, pskkey); 3132 if (!ret) { 3133 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", 3134 pskkey); 3135 BN_free(bn); 3136 return 0; 3137 } 3138 if (BN_num_bytes(bn) > (int)max_psk_len) { 3139 BIO_printf(bio_err, 3140 "psk buffer of callback is too small (%d) for key (%d)\n", 3141 max_psk_len, BN_num_bytes(bn)); 3142 BN_free(bn); 3143 return 0; 3144 } 3145 ret = BN_bn2bin(bn, psk); 3146 BN_free(bn); 3147 return ret; 3148} 3149 3150static unsigned int psk_client_callback(SSL *ssl, const char *hint, 3151 char *identity, 3152 unsigned int max_identity_len, 3153 unsigned char *psk, 3154 unsigned int max_psk_len) 3155{ 3156 int ret; 3157 unsigned int psk_len = 0; 3158 3159 ret = BIO_snprintf(identity, max_identity_len, "Client_identity"); 3160 if (ret < 0) 3161 goto out_err; 3162 if (debug) 3163 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, 3164 ret); 3165 ret = psk_key2bn(psk_key, psk, max_psk_len); 3166 if (ret < 0) 3167 goto out_err; 3168 psk_len = ret; 3169 out_err: 3170 return psk_len; 3171} 3172 3173static unsigned int psk_server_callback(SSL *ssl, const char *identity, 3174 unsigned char *psk, 3175 unsigned int max_psk_len) 3176{ 3177 unsigned int psk_len = 0; 3178 3179 if (strcmp(identity, "Client_identity") != 0) { 3180 BIO_printf(bio_err, "server: PSK error: client identity not found\n"); 3181 return 0; 3182 } 3183 psk_len = psk_key2bn(psk_key, psk, max_psk_len); 3184 return psk_len; 3185} 3186#endif 3187