1/* $OpenBSD: util.c,v 1.3 2018/11/09 06:30:41 bluhm Exp $ */ 2/* 3 * Copyright (c) 2018 Alexander Bluhm <bluhm@openbsd.org> 4 * 5 * Permission to use, copy, modify, and distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18#include <sys/types.h> 19#include <sys/socket.h> 20 21#include <err.h> 22#include <netdb.h> 23#include <stdio.h> 24 25#include <openssl/err.h> 26#include <openssl/ssl.h> 27#include <openssl/opensslv.h> 28#include <openssl/crypto.h> 29 30#include "util.h" 31 32void 33print_version(void) 34{ 35#ifdef OPENSSL_VERSION_NUMBER 36 printf("OPENSSL_VERSION_NUMBER: %#08lx\n", OPENSSL_VERSION_NUMBER); 37#endif 38#ifdef LIBRESSL_VERSION_NUMBER 39 printf("LIBRESSL_VERSION_NUMBER: %#08lx\n", LIBRESSL_VERSION_NUMBER); 40#endif 41#ifdef LIBRESSL_VERSION_TEXT 42 printf("LIBRESSL_VERSION_TEXT: %s\n", LIBRESSL_VERSION_TEXT); 43#endif 44#if OPENSSL_VERSION_NUMBER >= 0x1010000f 45 printf("OpenSSL_version_num: %#08lx\n", OpenSSL_version_num()); 46 printf("OpenSSL_version OPENSSL_VERSION: %s\n", 47 OpenSSL_version(OPENSSL_VERSION)); 48 printf("OpenSSL_version OPENSSL_CFLAGS: %s\n", 49 OpenSSL_version(OPENSSL_CFLAGS)); 50 printf("OpenSSL_version OPENSSL_BUILT_ON: %s\n", 51 OpenSSL_version(OPENSSL_BUILT_ON)); 52 printf("OpenSSL_version OPENSSL_PLATFORM: %s\n", 53 OpenSSL_version(OPENSSL_PLATFORM)); 54 printf("OpenSSL_version OPENSSL_DIR: %s\n", 55 OpenSSL_version(OPENSSL_DIR)); 56 printf("OpenSSL_version OPENSSL_ENGINES_DIR: %s\n", 57 OpenSSL_version(OPENSSL_ENGINES_DIR)); 58#endif 59 printf("SSLeay: %#08lx\n", SSLeay()); 60 printf("SSLeay_version SSLEAY_VERSION: %s\n", 61 SSLeay_version(SSLEAY_VERSION)); 62 printf("SSLeay_version SSLEAY_CFLAGS: %s\n", 63 SSLeay_version(SSLEAY_CFLAGS)); 64 printf("SSLeay_version SSLEAY_BUILT_ON: %s\n", 65 SSLeay_version(SSLEAY_BUILT_ON)); 66 printf("SSLeay_version SSLEAY_PLATFORM: %s\n", 67 SSLeay_version(SSLEAY_PLATFORM)); 68 printf("SSLeay_version SSLEAY_DIR: %s\n", 69 SSLeay_version(SSLEAY_DIR)); 70} 71 72void 73print_ciphers(STACK_OF(SSL_CIPHER) *cstack) 74{ 75 const SSL_CIPHER *cipher; 76 int i; 77 78 for (i = 0; (cipher = sk_SSL_CIPHER_value(cstack, i)) != NULL; i++) 79 printf("cipher %s\n", SSL_CIPHER_get_name(cipher)); 80 if (fflush(stdout) != 0) 81 err(1, "fflush stdout"); 82} 83 84void 85print_sockname(BIO *bio) 86{ 87 struct sockaddr_storage ss; 88 socklen_t slen; 89 char host[NI_MAXHOST], port[NI_MAXSERV]; 90 int fd; 91 92 if (BIO_get_fd(bio, &fd) <= 0) 93 err_ssl(1, "BIO_get_fd"); 94 slen = sizeof(ss); 95 if (getsockname(fd, (struct sockaddr *)&ss, &slen) == -1) 96 err(1, "getsockname"); 97 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host, 98 sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV)) 99 errx(1, "getnameinfo"); 100 printf("sock: %s %s\n", host, port); 101 if (fflush(stdout) != 0) 102 err(1, "fflush stdout"); 103} 104 105void 106print_peername(BIO *bio) 107{ 108 struct sockaddr_storage ss; 109 socklen_t slen; 110 char host[NI_MAXHOST], port[NI_MAXSERV]; 111 int fd; 112 113 if (BIO_get_fd(bio, &fd) <= 0) 114 err_ssl(1, "BIO_get_fd"); 115 slen = sizeof(ss); 116 if (getpeername(fd, (struct sockaddr *)&ss, &slen) == -1) 117 err(1, "getpeername"); 118 if (getnameinfo((struct sockaddr *)&ss, ss.ss_len, host, 119 sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV)) 120 errx(1, "getnameinfo"); 121 printf("peer: %s %s\n", host, port); 122 if (fflush(stdout) != 0) 123 err(1, "fflush stdout"); 124} 125 126void 127err_ssl(int eval, const char *fmt, ...) 128{ 129 va_list ap; 130 131 ERR_print_errors_fp(stderr); 132 va_start(ap, fmt); 133 verrx(eval, fmt, ap); 134 va_end(ap); 135} 136 137int 138verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) 139{ 140 printf("verify: %s\n", preverify_ok ? "pass" : "fail"); 141 if (fflush(stdout) != 0) 142 err(1, "fflush stdout"); 143 144 return preverify_ok; 145} 146