ssltest.c revision 1.34
1/* $OpenBSD: ssltest.c,v 1.34 2022/07/07 11:40:17 tb Exp $ */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116/* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143#define _BSD_SOURCE 1 /* Or gethostname won't be declared properly 144 on Linux and GNU platforms. */ 145#include <sys/types.h> 146#include <sys/socket.h> 147 148#include <netinet/in.h> 149 150#include <assert.h> 151#include <errno.h> 152#include <limits.h> 153#include <netdb.h> 154#include <stdio.h> 155#include <stdlib.h> 156#include <string.h> 157#include <time.h> 158#include <unistd.h> 159 160#include <ctype.h> 161 162#include <openssl/opensslconf.h> 163#include <openssl/bio.h> 164#include <openssl/crypto.h> 165#include <openssl/evp.h> 166#include <openssl/x509.h> 167#include <openssl/x509v3.h> 168#include <openssl/ssl.h> 169#ifndef OPENSSL_NO_ENGINE 170#include <openssl/engine.h> 171#endif 172#include <openssl/err.h> 173#include <openssl/rand.h> 174#include <openssl/rsa.h> 175#include <openssl/dsa.h> 176#include <openssl/dh.h> 177#include <openssl/bn.h> 178 179#include "ssl_locl.h" 180 181#define TEST_SERVER_CERT "../apps/server.pem" 182#define TEST_CLIENT_CERT "../apps/client.pem" 183 184static int verify_callback(int ok, X509_STORE_CTX *ctx); 185static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 186#define APP_CALLBACK_STRING "Test Callback Argument" 187struct app_verify_arg { 188 char *string; 189 int app_verify; 190 int allow_proxy_certs; 191 char *proxy_auth; 192 char *proxy_cond; 193}; 194 195static DH *get_dh1024(void); 196static DH *get_dh1024dsa(void); 197 198static BIO *bio_err = NULL; 199static BIO *bio_stdout = NULL; 200 201static const char *alpn_client; 202static const char *alpn_server; 203static const char *alpn_expected; 204static unsigned char *alpn_selected; 205 206/* 207 * next_protos_parse parses a comma separated list of strings into a string 208 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 209 * outlen: (output) set to the length of the resulting buffer on success. 210 * err: (maybe NULL) on failure, an error message line is written to this BIO. 211 * in: a NUL terminated string like "abc,def,ghi" 212 * 213 * returns: a malloced buffer or NULL on failure. 214 */ 215static unsigned char * 216next_protos_parse(unsigned short *outlen, const char *in) 217{ 218 size_t i, len, start = 0; 219 unsigned char *out; 220 221 len = strlen(in); 222 if (len >= 65535) 223 return (NULL); 224 225 if ((out = malloc(strlen(in) + 1)) == NULL) 226 return (NULL); 227 228 for (i = 0; i <= len; ++i) { 229 if (i == len || in[i] == ',') { 230 if (i - start > 255) { 231 free(out); 232 return (NULL); 233 } 234 out[start] = i - start; 235 start = i + 1; 236 } else 237 out[i+1] = in[i]; 238 } 239 *outlen = len + 1; 240 return (out); 241} 242 243static int 244cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, 245 const unsigned char *in, unsigned int inlen, void *arg) 246{ 247 unsigned char *protos; 248 unsigned short protos_len; 249 250 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) { 251 fprintf(stderr, 252 "failed to parser ALPN server protocol string: %s\n", 253 alpn_server); 254 abort(); 255 } 256 257 if (SSL_select_next_proto((unsigned char **)out, outlen, protos, 258 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) { 259 free(protos); 260 return (SSL_TLSEXT_ERR_NOACK); 261 } 262 263 /* 264 * Make a copy of the selected protocol which will be freed in 265 * verify_alpn. 266 */ 267 if ((alpn_selected = malloc(*outlen)) == NULL) { 268 fprintf(stderr, "malloc failed\n"); 269 abort(); 270 } 271 memcpy(alpn_selected, *out, *outlen); 272 *out = alpn_selected; 273 free(protos); 274 275 return (SSL_TLSEXT_ERR_OK); 276} 277 278static int 279verify_alpn(SSL *client, SSL *server) 280{ 281 const unsigned char *client_proto, *server_proto; 282 unsigned int client_proto_len = 0, server_proto_len = 0; 283 284 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 285 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 286 287 free(alpn_selected); 288 alpn_selected = NULL; 289 290 if (client_proto_len != server_proto_len || 291 memcmp(client_proto, server_proto, client_proto_len) != 0) { 292 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 293 goto err; 294 } 295 296 if (client_proto_len > 0 && alpn_expected == NULL) { 297 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 298 goto err; 299 } 300 301 if (alpn_expected != NULL && 302 (client_proto_len != strlen(alpn_expected) || 303 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 304 BIO_printf(bio_stdout, "ALPN selected protocols not equal to " 305 "expected protocol: %s\n", alpn_expected); 306 goto err; 307 } 308 309 return (0); 310 311err: 312 BIO_printf(bio_stdout, "ALPN results: client: '"); 313 BIO_write(bio_stdout, client_proto, client_proto_len); 314 BIO_printf(bio_stdout, "', server: '"); 315 BIO_write(bio_stdout, server_proto, server_proto_len); 316 BIO_printf(bio_stdout, "'\n"); 317 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", 318 alpn_client, alpn_server); 319 320 return (-1); 321} 322 323static char *cipher = NULL; 324static int verbose = 0; 325static int debug = 0; 326 327int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 328 clock_t *c_time); 329int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 330 331static void 332sv_usage(void) 333{ 334 fprintf(stderr, "usage: ssltest [args ...]\n"); 335 fprintf(stderr, "\n"); 336 fprintf(stderr, " -server_auth - check server certificate\n"); 337 fprintf(stderr, " -client_auth - do client authentication\n"); 338 fprintf(stderr, " -proxy - allow proxy certificates\n"); 339 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 340 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n"); 341 fprintf(stderr, " -v - more output\n"); 342 fprintf(stderr, " -d - debug output\n"); 343 fprintf(stderr, " -reuse - use session-id reuse\n"); 344 fprintf(stderr, " -num <val> - number of connections to perform\n"); 345 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n"); 346 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 347 fprintf(stderr, " -no_dhe - disable DHE\n"); 348 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 349 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 350 fprintf(stderr, " -tls1 - use TLSv1\n"); 351 fprintf(stderr, " -tls1_2 - use TLSv1.2\n"); 352 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 353 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 354 fprintf(stderr, " -cert arg - Server certificate file\n"); 355 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); 356 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 357 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); 358 fprintf(stderr, " -cipher arg - The cipher list\n"); 359 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 360 fprintf(stderr, " -f - Test even cases that can't work\n"); 361 fprintf(stderr, " -time - measure processor time used by client and server\n"); 362 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 363 " Use \"openssl ecparam -list_curves\" for all names\n" \ 364 " (default is sect163r2).\n"); 365 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 366 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 367 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 368} 369 370static void 371print_details(SSL *c_ssl, const char *prefix) 372{ 373 const SSL_CIPHER *ciph; 374 X509 *cert = NULL; 375 EVP_PKEY *pkey; 376 377 ciph = SSL_get_current_cipher(c_ssl); 378 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 379 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), 380 SSL_CIPHER_get_name(ciph)); 381 382 if ((cert = SSL_get_peer_certificate(c_ssl)) == NULL) 383 goto out; 384 if ((pkey = X509_get0_pubkey(cert)) == NULL) 385 goto out; 386 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { 387 RSA *rsa; 388 389 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) 390 goto out; 391 392 BIO_printf(bio_stdout, ", %d bit RSA", RSA_bits(rsa)); 393 } else if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) { 394 DSA *dsa; 395 const BIGNUM *p; 396 397 if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL) 398 goto out; 399 400 DSA_get0_pqg(dsa, &p, NULL, NULL); 401 402 BIO_printf(bio_stdout, ", %d bit DSA", BN_num_bits(p)); 403 } 404 405 out: 406 /* 407 * The SSL API does not allow us to look at temporary RSA/DH keys, 408 * otherwise we should print their lengths too 409 */ 410 BIO_printf(bio_stdout, "\n"); 411 412 X509_free(cert); 413} 414 415int 416main(int argc, char *argv[]) 417{ 418 char *CApath = NULL, *CAfile = NULL; 419 int badop = 0; 420 int bio_pair = 0; 421 int force = 0; 422 int tls1 = 0, tls1_2 = 0, dtls1 = 0, ret = 1; 423 int client_auth = 0; 424 int server_auth = 0, i; 425 struct app_verify_arg app_verify_arg = 426 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 427 char *server_cert = TEST_SERVER_CERT; 428 char *server_key = NULL; 429 char *client_cert = TEST_CLIENT_CERT; 430 char *client_key = NULL; 431 char *named_curve = NULL; 432 SSL_CTX *s_ctx = NULL; 433 SSL_CTX *c_ctx = NULL; 434 const SSL_METHOD *meth = NULL; 435 SSL *c_ssl, *s_ssl; 436 int number = 1, reuse = 0; 437 long bytes = 256L; 438 DH *dh; 439 int dhe1024dsa = 0; 440 EC_KEY *ecdh = NULL; 441 int no_dhe = 0; 442 int no_ecdhe = 0; 443 int print_time = 0; 444 clock_t s_time = 0, c_time = 0; 445 446 verbose = 0; 447 debug = 0; 448 cipher = 0; 449 450 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); 451 452 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); 453 454 argc--; 455 argv++; 456 457 while (argc >= 1) { 458 if (!strcmp(*argv, "-F")) { 459 fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n"); 460 exit(0); 461 } else if (strcmp(*argv, "-server_auth") == 0) 462 server_auth = 1; 463 else if (strcmp(*argv, "-client_auth") == 0) 464 client_auth = 1; 465 else if (strcmp(*argv, "-proxy_auth") == 0) { 466 if (--argc < 1) 467 goto bad; 468 app_verify_arg.proxy_auth= *(++argv); 469 } else if (strcmp(*argv, "-proxy_cond") == 0) { 470 if (--argc < 1) 471 goto bad; 472 app_verify_arg.proxy_cond= *(++argv); 473 } else if (strcmp(*argv, "-v") == 0) 474 verbose = 1; 475 else if (strcmp(*argv, "-d") == 0) 476 debug = 1; 477 else if (strcmp(*argv, "-reuse") == 0) 478 reuse = 1; 479 else if (strcmp(*argv, "-dhe1024dsa") == 0) { 480 dhe1024dsa = 1; 481 } else if (strcmp(*argv, "-no_dhe") == 0) 482 no_dhe = 1; 483 else if (strcmp(*argv, "-no_ecdhe") == 0) 484 no_ecdhe = 1; 485 else if (strcmp(*argv, "-dtls1") == 0) 486 dtls1 = 1; 487 else if (strcmp(*argv, "-tls1") == 0) 488 tls1 = 1; 489 else if (strcmp(*argv, "-tls1_2") == 0) 490 tls1_2 = 1; 491 else if (strncmp(*argv, "-num", 4) == 0) { 492 if (--argc < 1) 493 goto bad; 494 number = atoi(*(++argv)); 495 if (number == 0) 496 number = 1; 497 } else if (strcmp(*argv, "-bytes") == 0) { 498 if (--argc < 1) 499 goto bad; 500 bytes = atol(*(++argv)); 501 if (bytes == 0L) 502 bytes = 1L; 503 i = strlen(argv[0]); 504 if (argv[0][i - 1] == 'k') 505 bytes*=1024L; 506 if (argv[0][i - 1] == 'm') 507 bytes*=1024L*1024L; 508 } else if (strcmp(*argv, "-cert") == 0) { 509 if (--argc < 1) 510 goto bad; 511 server_cert= *(++argv); 512 } else if (strcmp(*argv, "-s_cert") == 0) { 513 if (--argc < 1) 514 goto bad; 515 server_cert= *(++argv); 516 } else if (strcmp(*argv, "-key") == 0) { 517 if (--argc < 1) 518 goto bad; 519 server_key= *(++argv); 520 } else if (strcmp(*argv, "-s_key") == 0) { 521 if (--argc < 1) 522 goto bad; 523 server_key= *(++argv); 524 } else if (strcmp(*argv, "-c_cert") == 0) { 525 if (--argc < 1) 526 goto bad; 527 client_cert= *(++argv); 528 } else if (strcmp(*argv, "-c_key") == 0) { 529 if (--argc < 1) 530 goto bad; 531 client_key= *(++argv); 532 } else if (strcmp(*argv, "-cipher") == 0) { 533 if (--argc < 1) 534 goto bad; 535 cipher= *(++argv); 536 } else if (strcmp(*argv, "-CApath") == 0) { 537 if (--argc < 1) 538 goto bad; 539 CApath= *(++argv); 540 } else if (strcmp(*argv, "-CAfile") == 0) { 541 if (--argc < 1) 542 goto bad; 543 CAfile= *(++argv); 544 } else if (strcmp(*argv, "-bio_pair") == 0) { 545 bio_pair = 1; 546 } else if (strcmp(*argv, "-f") == 0) { 547 force = 1; 548 } else if (strcmp(*argv, "-time") == 0) { 549 print_time = 1; 550 } else if (strcmp(*argv, "-named_curve") == 0) { 551 if (--argc < 1) 552 goto bad; 553 named_curve = *(++argv); 554 } else if (strcmp(*argv, "-app_verify") == 0) { 555 app_verify_arg.app_verify = 1; 556 } else if (strcmp(*argv, "-proxy") == 0) { 557 app_verify_arg.allow_proxy_certs = 1; 558 } else if (strcmp(*argv, "-alpn_client") == 0) { 559 if (--argc < 1) 560 goto bad; 561 alpn_client = *(++argv); 562 } else if (strcmp(*argv, "-alpn_server") == 0) { 563 if (--argc < 1) 564 goto bad; 565 alpn_server = *(++argv); 566 } else if (strcmp(*argv, "-alpn_expected") == 0) { 567 if (--argc < 1) 568 goto bad; 569 alpn_expected = *(++argv); 570 } else { 571 fprintf(stderr, "unknown option %s\n", *argv); 572 badop = 1; 573 break; 574 } 575 argc--; 576 argv++; 577 } 578 if (badop) { 579bad: 580 sv_usage(); 581 goto end; 582 } 583 584 if (!dtls1 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) { 585 fprintf(stderr, 586 "This case cannot work. Use -f to perform " 587 "the test anyway (and\n-d to see what happens), " 588 "or add one of -dtls1, -tls1, -tls1_2, -reuse\n" 589 "to avoid protocol mismatch.\n"); 590 exit(1); 591 } 592 593 if (print_time) { 594 if (!bio_pair) { 595 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 596 bio_pair = 1; 597 } 598 if (number < 50 && !force) 599 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 600 } 601 602/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 603 604 SSL_library_init(); 605 SSL_load_error_strings(); 606 607 if (dtls1) 608 meth = DTLSv1_method(); 609 else if (tls1) 610 meth = TLSv1_method(); 611 else if (tls1_2) 612 meth = TLSv1_2_method(); 613 else 614 meth = TLS_method(); 615 616 c_ctx = SSL_CTX_new(meth); 617 s_ctx = SSL_CTX_new(meth); 618 if ((c_ctx == NULL) || (s_ctx == NULL)) { 619 ERR_print_errors(bio_err); 620 goto end; 621 } 622 623 if (cipher != NULL) { 624 SSL_CTX_set_cipher_list(c_ctx, cipher); 625 SSL_CTX_set_cipher_list(s_ctx, cipher); 626 } 627 628 if (!no_dhe) { 629 if (dhe1024dsa) { 630 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ 631 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 632 dh = get_dh1024dsa(); 633 } else 634 dh = get_dh1024(); 635 SSL_CTX_set_tmp_dh(s_ctx, dh); 636 DH_free(dh); 637 } 638 639 if (!no_ecdhe) { 640 int nid; 641 642 if (named_curve != NULL) { 643 nid = OBJ_sn2nid(named_curve); 644 if (nid == 0) { 645 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 646 goto end; 647 } 648 } else 649 nid = NID_X9_62_prime256v1; 650 651 ecdh = EC_KEY_new_by_curve_name(nid); 652 if (ecdh == NULL) { 653 BIO_printf(bio_err, "unable to create curve\n"); 654 goto end; 655 } 656 657 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 658 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 659 EC_KEY_free(ecdh); 660 } 661 662 if (!SSL_CTX_use_certificate_chain_file(s_ctx, server_cert)) { 663 ERR_print_errors(bio_err); 664 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 665 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { 666 ERR_print_errors(bio_err); 667 goto end; 668 } 669 670 if (client_auth) { 671 SSL_CTX_use_certificate_chain_file(c_ctx, client_cert); 672 SSL_CTX_use_PrivateKey_file(c_ctx, 673 (client_key ? client_key : client_cert), 674 SSL_FILETYPE_PEM); 675 } 676 677 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 678 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 679 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 680 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 681 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 682 ERR_print_errors(bio_err); 683 /* goto end; */ 684 } 685 686 if (client_auth) { 687 BIO_printf(bio_err, "client authentication\n"); 688 SSL_CTX_set_verify(s_ctx, 689 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 690 verify_callback); 691 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 692 &app_verify_arg); 693 } 694 if (server_auth) { 695 BIO_printf(bio_err, "server authentication\n"); 696 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, 697 verify_callback); 698 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 699 &app_verify_arg); 700 } 701 702 { 703 int session_id_context = 0; 704 SSL_CTX_set_session_id_context(s_ctx, 705 (void *)&session_id_context, sizeof(session_id_context)); 706 } 707 708 if (alpn_server != NULL) 709 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL); 710 711 if (alpn_client != NULL) { 712 unsigned short alpn_len; 713 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 714 715 if (alpn == NULL) { 716 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 717 goto end; 718 } 719 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); 720 free(alpn); 721 } 722 723 c_ssl = SSL_new(c_ctx); 724 s_ssl = SSL_new(s_ctx); 725 726 for (i = 0; i < number; i++) { 727 if (!reuse) 728 SSL_set_session(c_ssl, NULL); 729 if (bio_pair) 730 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, 731 &c_time); 732 else 733 ret = doit(s_ssl, c_ssl, bytes); 734 } 735 736 if (!verbose) { 737 print_details(c_ssl, ""); 738 } 739 if ((number > 1) || (bytes > 1L)) 740 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", 741 number, bytes); 742 if (print_time) { 743#ifdef CLOCKS_PER_SEC 744 /* "To determine the time in seconds, the value returned 745 * by the clock function should be divided by the value 746 * of the macro CLOCKS_PER_SEC." 747 * -- ISO/IEC 9899 */ 748 BIO_printf(bio_stdout, 749 "Approximate total server time: %6.2f s\n" 750 "Approximate total client time: %6.2f s\n", 751 (double)s_time/CLOCKS_PER_SEC, 752 (double)c_time/CLOCKS_PER_SEC); 753#else 754 /* "`CLOCKS_PER_SEC' undeclared (first use this function)" 755 * -- cc on NeXTstep/OpenStep */ 756 BIO_printf(bio_stdout, 757 "Approximate total server time: %6.2f units\n" 758 "Approximate total client time: %6.2f units\n", 759 (double)s_time, 760 (double)c_time); 761#endif 762 } 763 764 SSL_free(s_ssl); 765 SSL_free(c_ssl); 766 767end: 768 SSL_CTX_free(s_ctx); 769 SSL_CTX_free(c_ctx); 770 BIO_free(bio_stdout); 771 772#ifndef OPENSSL_NO_ENGINE 773 ENGINE_cleanup(); 774#endif 775 CRYPTO_cleanup_all_ex_data(); 776 ERR_free_strings(); 777 ERR_remove_thread_state(NULL); 778 EVP_cleanup(); 779 CRYPTO_mem_leaks(bio_err); 780 BIO_free(bio_err); 781 782 exit(ret); 783 return ret; 784} 785 786int 787doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, 788 clock_t *c_time) 789{ 790 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 791 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 792 BIO *server = NULL, *server_io = NULL; 793 BIO *client = NULL, *client_io = NULL; 794 int ret = 1; 795 796 size_t bufsiz = 256; /* small buffer for testing */ 797 798 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 799 goto err; 800 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 801 goto err; 802 803 s_ssl_bio = BIO_new(BIO_f_ssl()); 804 if (!s_ssl_bio) 805 goto err; 806 807 c_ssl_bio = BIO_new(BIO_f_ssl()); 808 if (!c_ssl_bio) 809 goto err; 810 811 SSL_set_connect_state(c_ssl); 812 SSL_set_bio(c_ssl, client, client); 813 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 814 815 SSL_set_accept_state(s_ssl); 816 SSL_set_bio(s_ssl, server, server); 817 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 818 819 do { 820 /* c_ssl_bio: SSL filter BIO 821 * 822 * client: pseudo-I/O for SSL library 823 * 824 * client_io: client's SSL communication; usually to be 825 * relayed over some I/O facility, but in this 826 * test program, we're the server, too: 827 * 828 * server_io: server's SSL communication 829 * 830 * server: pseudo-I/O for SSL library 831 * 832 * s_ssl_bio: SSL filter BIO 833 * 834 * The client and the server each employ a "BIO pair": 835 * client + client_io, server + server_io. 836 * BIO pairs are symmetric. A BIO pair behaves similar 837 * to a non-blocking socketpair (but both endpoints must 838 * be handled by the same thread). 839 * [Here we could connect client and server to the ends 840 * of a single BIO pair, but then this code would be less 841 * suitable as an example for BIO pairs in general.] 842 * 843 * Useful functions for querying the state of BIO pair endpoints: 844 * 845 * BIO_ctrl_pending(bio) number of bytes we can read now 846 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 847 * other side's read attempt 848 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 849 * 850 * ..._read_request is never more than ..._write_guarantee; 851 * it depends on the application which one you should use. 852 */ 853 854 /* We have non-blocking behaviour throughout this test program, but 855 * can be sure that there is *some* progress in each iteration; so 856 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE 857 * -- we just try everything in each iteration 858 */ 859 860 { 861 /* CLIENT */ 862 863 char cbuf[1024*8]; 864 int i, r; 865 clock_t c_clock = clock(); 866 867 memset(cbuf, 0, sizeof(cbuf)); 868 869 if (debug) 870 if (SSL_in_init(c_ssl)) 871 printf("client waiting in SSL_connect - %s\n", 872 SSL_state_string_long(c_ssl)); 873 874 if (cw_num > 0) { 875 /* Write to server. */ 876 877 if (cw_num > (long)sizeof cbuf) 878 i = sizeof cbuf; 879 else 880 i = (int)cw_num; 881 r = BIO_write(c_ssl_bio, cbuf, i); 882 if (r < 0) { 883 if (!BIO_should_retry(c_ssl_bio)) { 884 fprintf(stderr, "ERROR in CLIENT\n"); 885 goto err; 886 } 887 /* BIO_should_retry(...) can just be ignored here. 888 * The library expects us to call BIO_write with 889 * the same arguments again, and that's what we will 890 * do in the next iteration. */ 891 } else if (r == 0) { 892 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 893 goto err; 894 } else { 895 if (debug) 896 printf("client wrote %d\n", r); 897 cw_num -= r; 898 899 } 900 } 901 902 if (cr_num > 0) { 903 /* Read from server. */ 904 905 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 906 if (r < 0) { 907 if (!BIO_should_retry(c_ssl_bio)) { 908 fprintf(stderr, "ERROR in CLIENT\n"); 909 goto err; 910 } 911 /* Again, "BIO_should_retry" can be ignored. */ 912 } else if (r == 0) { 913 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 914 goto err; 915 } else { 916 if (debug) 917 printf("client read %d\n", r); 918 cr_num -= r; 919 } 920 } 921 922 /* c_time and s_time increments will typically be very small 923 * (depending on machine speed and clock tick intervals), 924 * but sampling over a large number of connections should 925 * result in fairly accurate figures. We cannot guarantee 926 * a lot, however -- if each connection lasts for exactly 927 * one clock tick, it will be counted only for the client 928 * or only for the server or even not at all. 929 */ 930 *c_time += (clock() - c_clock); 931 } 932 933 { 934 /* SERVER */ 935 936 char sbuf[1024*8]; 937 int i, r; 938 clock_t s_clock = clock(); 939 940 memset(sbuf, 0, sizeof(sbuf)); 941 942 if (debug) 943 if (SSL_in_init(s_ssl)) 944 printf("server waiting in SSL_accept - %s\n", 945 SSL_state_string_long(s_ssl)); 946 947 if (sw_num > 0) { 948 /* Write to client. */ 949 950 if (sw_num > (long)sizeof sbuf) 951 i = sizeof sbuf; 952 else 953 i = (int)sw_num; 954 r = BIO_write(s_ssl_bio, sbuf, i); 955 if (r < 0) { 956 if (!BIO_should_retry(s_ssl_bio)) { 957 fprintf(stderr, "ERROR in SERVER\n"); 958 goto err; 959 } 960 /* Ignore "BIO_should_retry". */ 961 } else if (r == 0) { 962 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 963 goto err; 964 } else { 965 if (debug) 966 printf("server wrote %d\n", r); 967 sw_num -= r; 968 969 } 970 } 971 972 if (sr_num > 0) { 973 /* Read from client. */ 974 975 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 976 if (r < 0) { 977 if (!BIO_should_retry(s_ssl_bio)) { 978 fprintf(stderr, "ERROR in SERVER\n"); 979 goto err; 980 } 981 /* blah, blah */ 982 } else if (r == 0) { 983 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 984 goto err; 985 } else { 986 if (debug) 987 printf("server read %d\n", r); 988 sr_num -= r; 989 } 990 } 991 992 *s_time += (clock() - s_clock); 993 } 994 995 { 996 /* "I/O" BETWEEN CLIENT AND SERVER. */ 997 998 size_t r1, r2; 999 BIO *io1 = server_io, *io2 = client_io; 1000 /* we use the non-copying interface for io1 1001 * and the standard BIO_write/BIO_read interface for io2 1002 */ 1003 1004 static int prev_progress = 1; 1005 int progress = 0; 1006 1007 /* io1 to io2 */ 1008 do { 1009 size_t num; 1010 int r; 1011 1012 r1 = BIO_ctrl_pending(io1); 1013 r2 = BIO_ctrl_get_write_guarantee(io2); 1014 1015 num = r1; 1016 if (r2 < num) 1017 num = r2; 1018 if (num) { 1019 char *dataptr; 1020 1021 if (INT_MAX < num) /* yeah, right */ 1022 num = INT_MAX; 1023 1024 r = BIO_nread(io1, &dataptr, (int)num); 1025 assert(r > 0); 1026 assert(r <= (int)num); 1027 /* possibly r < num (non-contiguous data) */ 1028 num = r; 1029 r = BIO_write(io2, dataptr, (int)num); 1030 if (r != (int)num) /* can't happen */ 1031 { 1032 fprintf(stderr, "ERROR: BIO_write could not write " 1033 "BIO_ctrl_get_write_guarantee() bytes"); 1034 goto err; 1035 } 1036 progress = 1; 1037 1038 if (debug) 1039 printf((io1 == client_io) ? 1040 "C->S relaying: %d bytes\n" : 1041 "S->C relaying: %d bytes\n", 1042 (int)num); 1043 } 1044 } while (r1 && r2); 1045 1046 /* io2 to io1 */ 1047 { 1048 size_t num; 1049 int r; 1050 1051 r1 = BIO_ctrl_pending(io2); 1052 r2 = BIO_ctrl_get_read_request(io1); 1053 /* here we could use ..._get_write_guarantee instead of 1054 * ..._get_read_request, but by using the latter 1055 * we test restartability of the SSL implementation 1056 * more thoroughly */ 1057 num = r1; 1058 if (r2 < num) 1059 num = r2; 1060 if (num) { 1061 char *dataptr; 1062 1063 if (INT_MAX < num) 1064 num = INT_MAX; 1065 1066 if (num > 1) 1067 --num; /* test restartability even more thoroughly */ 1068 1069 r = BIO_nwrite0(io1, &dataptr); 1070 assert(r > 0); 1071 if (r < (int)num) 1072 num = r; 1073 r = BIO_read(io2, dataptr, (int)num); 1074 if (r != (int)num) /* can't happen */ 1075 { 1076 fprintf(stderr, "ERROR: BIO_read could not read " 1077 "BIO_ctrl_pending() bytes"); 1078 goto err; 1079 } 1080 progress = 1; 1081 r = BIO_nwrite(io1, &dataptr, (int)num); 1082 if (r != (int)num) /* can't happen */ 1083 { 1084 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1085 "BIO_nwrite0() bytes"); 1086 goto err; 1087 } 1088 1089 if (debug) 1090 printf((io2 == client_io) ? 1091 "C->S relaying: %d bytes\n" : 1092 "S->C relaying: %d bytes\n", 1093 (int)num); 1094 } 1095 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ 1096 1097 if (!progress && !prev_progress) { 1098 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1099 fprintf(stderr, "ERROR: got stuck\n"); 1100 goto err; 1101 } 1102 } 1103 prev_progress = progress; 1104 } 1105 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1106 1107 if (verbose) 1108 print_details(c_ssl, "DONE via BIO pair: "); 1109 1110 if (verify_alpn(c_ssl, s_ssl) < 0) { 1111 ret = 1; 1112 goto err; 1113 } 1114 1115 ret = 0; 1116 1117err: 1118 ERR_print_errors(bio_err); 1119 1120 BIO_free(server); 1121 BIO_free(server_io); 1122 BIO_free(client); 1123 BIO_free(client_io); 1124 BIO_free(s_ssl_bio); 1125 BIO_free(c_ssl_bio); 1126 1127 return ret; 1128} 1129 1130 1131#define W_READ 1 1132#define W_WRITE 2 1133#define C_DONE 1 1134#define S_DONE 2 1135 1136int 1137doit(SSL *s_ssl, SSL *c_ssl, long count) 1138{ 1139 char cbuf[1024*8], sbuf[1024*8]; 1140 long cw_num = count, cr_num = count; 1141 long sw_num = count, sr_num = count; 1142 int ret = 1; 1143 BIO *c_to_s = NULL; 1144 BIO *s_to_c = NULL; 1145 BIO *c_bio = NULL; 1146 BIO *s_bio = NULL; 1147 int c_r, c_w, s_r, s_w; 1148 int i, j; 1149 int done = 0; 1150 int c_write, s_write; 1151 int do_server = 0, do_client = 0; 1152 1153 memset(cbuf, 0, sizeof(cbuf)); 1154 memset(sbuf, 0, sizeof(sbuf)); 1155 1156 c_to_s = BIO_new(BIO_s_mem()); 1157 s_to_c = BIO_new(BIO_s_mem()); 1158 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1159 ERR_print_errors(bio_err); 1160 goto err; 1161 } 1162 1163 c_bio = BIO_new(BIO_f_ssl()); 1164 s_bio = BIO_new(BIO_f_ssl()); 1165 if ((c_bio == NULL) || (s_bio == NULL)) { 1166 ERR_print_errors(bio_err); 1167 goto err; 1168 } 1169 1170 SSL_set_connect_state(c_ssl); 1171 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1172 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1173 1174 SSL_set_accept_state(s_ssl); 1175 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1176 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1177 1178 c_r = 0; 1179 s_r = 1; 1180 c_w = 1; 1181 s_w = 0; 1182 c_write = 1, s_write = 0; 1183 1184 /* We can always do writes */ 1185 for (;;) { 1186 do_server = 0; 1187 do_client = 0; 1188 1189 i = (int)BIO_pending(s_bio); 1190 if ((i && s_r) || s_w) 1191 do_server = 1; 1192 1193 i = (int)BIO_pending(c_bio); 1194 if ((i && c_r) || c_w) 1195 do_client = 1; 1196 1197 if (do_server && debug) { 1198 if (SSL_in_init(s_ssl)) 1199 printf("server waiting in SSL_accept - %s\n", 1200 SSL_state_string_long(s_ssl)); 1201 } 1202 1203 if (do_client && debug) { 1204 if (SSL_in_init(c_ssl)) 1205 printf("client waiting in SSL_connect - %s\n", 1206 SSL_state_string_long(c_ssl)); 1207 } 1208 1209 if (!do_client && !do_server) { 1210 fprintf(stdout, "ERROR in STARTUP\n"); 1211 ERR_print_errors(bio_err); 1212 goto err; 1213 } 1214 1215 if (do_client && !(done & C_DONE)) { 1216 if (c_write) { 1217 j = (cw_num > (long)sizeof(cbuf)) ? 1218 (int)sizeof(cbuf) : (int)cw_num; 1219 i = BIO_write(c_bio, cbuf, j); 1220 if (i < 0) { 1221 c_r = 0; 1222 c_w = 0; 1223 if (BIO_should_retry(c_bio)) { 1224 if (BIO_should_read(c_bio)) 1225 c_r = 1; 1226 if (BIO_should_write(c_bio)) 1227 c_w = 1; 1228 } else { 1229 fprintf(stderr, "ERROR in CLIENT\n"); 1230 ERR_print_errors(bio_err); 1231 goto err; 1232 } 1233 } else if (i == 0) { 1234 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1235 goto err; 1236 } else { 1237 if (debug) 1238 printf("client wrote %d\n", i); 1239 /* ok */ 1240 s_r = 1; 1241 c_write = 0; 1242 cw_num -= i; 1243 } 1244 } else { 1245 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1246 if (i < 0) { 1247 c_r = 0; 1248 c_w = 0; 1249 if (BIO_should_retry(c_bio)) { 1250 if (BIO_should_read(c_bio)) 1251 c_r = 1; 1252 if (BIO_should_write(c_bio)) 1253 c_w = 1; 1254 } else { 1255 fprintf(stderr, "ERROR in CLIENT\n"); 1256 ERR_print_errors(bio_err); 1257 goto err; 1258 } 1259 } else if (i == 0) { 1260 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1261 goto err; 1262 } else { 1263 if (debug) 1264 printf("client read %d\n", i); 1265 cr_num -= i; 1266 if (sw_num > 0) { 1267 s_write = 1; 1268 s_w = 1; 1269 } 1270 if (cr_num <= 0) { 1271 s_write = 1; 1272 s_w = 1; 1273 done = S_DONE|C_DONE; 1274 } 1275 } 1276 } 1277 } 1278 1279 if (do_server && !(done & S_DONE)) { 1280 if (!s_write) { 1281 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1282 if (i < 0) { 1283 s_r = 0; 1284 s_w = 0; 1285 if (BIO_should_retry(s_bio)) { 1286 if (BIO_should_read(s_bio)) 1287 s_r = 1; 1288 if (BIO_should_write(s_bio)) 1289 s_w = 1; 1290 } else { 1291 fprintf(stderr, "ERROR in SERVER\n"); 1292 ERR_print_errors(bio_err); 1293 goto err; 1294 } 1295 } else if (i == 0) { 1296 ERR_print_errors(bio_err); 1297 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); 1298 goto err; 1299 } else { 1300 if (debug) 1301 printf("server read %d\n", i); 1302 sr_num -= i; 1303 if (cw_num > 0) { 1304 c_write = 1; 1305 c_w = 1; 1306 } 1307 if (sr_num <= 0) { 1308 s_write = 1; 1309 s_w = 1; 1310 c_write = 0; 1311 } 1312 } 1313 } else { 1314 j = (sw_num > (long)sizeof(sbuf)) ? 1315 (int)sizeof(sbuf) : (int)sw_num; 1316 i = BIO_write(s_bio, sbuf, j); 1317 if (i < 0) { 1318 s_r = 0; 1319 s_w = 0; 1320 if (BIO_should_retry(s_bio)) { 1321 if (BIO_should_read(s_bio)) 1322 s_r = 1; 1323 if (BIO_should_write(s_bio)) 1324 s_w = 1; 1325 } else { 1326 fprintf(stderr, "ERROR in SERVER\n"); 1327 ERR_print_errors(bio_err); 1328 goto err; 1329 } 1330 } else if (i == 0) { 1331 ERR_print_errors(bio_err); 1332 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); 1333 goto err; 1334 } else { 1335 if (debug) 1336 printf("server wrote %d\n", i); 1337 sw_num -= i; 1338 s_write = 0; 1339 c_r = 1; 1340 if (sw_num <= 0) 1341 done |= S_DONE; 1342 } 1343 } 1344 } 1345 1346 if ((done & S_DONE) && (done & C_DONE)) 1347 break; 1348 } 1349 1350 if (verbose) 1351 print_details(c_ssl, "DONE: "); 1352 1353 if (verify_alpn(c_ssl, s_ssl) < 0) { 1354 ret = 1; 1355 goto err; 1356 } 1357 1358 ret = 0; 1359err: 1360 /* We have to set the BIO's to NULL otherwise they will be 1361 * free()ed twice. Once when th s_ssl is SSL_free()ed and 1362 * again when c_ssl is SSL_free()ed. 1363 * This is a hack required because s_ssl and c_ssl are sharing the same 1364 * BIO structure and SSL_set_bio() and SSL_free() automatically 1365 * BIO_free non NULL entries. 1366 * You should not normally do this or be required to do this */ 1367 if (s_ssl != NULL) { 1368 s_ssl->rbio = NULL; 1369 s_ssl->wbio = NULL; 1370 } 1371 if (c_ssl != NULL) { 1372 c_ssl->rbio = NULL; 1373 c_ssl->wbio = NULL; 1374 } 1375 1376 BIO_free(c_to_s); 1377 BIO_free(s_to_c); 1378 BIO_free_all(c_bio); 1379 BIO_free_all(s_bio); 1380 1381 return (ret); 1382} 1383 1384static int 1385get_proxy_auth_ex_data_idx(void) 1386{ 1387 static volatile int idx = -1; 1388 if (idx < 0) { 1389 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1390 if (idx < 0) { 1391 idx = X509_STORE_CTX_get_ex_new_index(0, 1392 "SSLtest for verify callback", NULL, NULL, NULL); 1393 } 1394 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1395 } 1396 return idx; 1397} 1398 1399static int 1400verify_callback(int ok, X509_STORE_CTX *ctx) 1401{ 1402 X509 *xs; 1403 char *s, buf[256]; 1404 int error, error_depth; 1405 1406 xs = X509_STORE_CTX_get_current_cert(ctx); 1407 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, sizeof buf); 1408 error = X509_STORE_CTX_get_error(ctx); 1409 error_depth = X509_STORE_CTX_get_error_depth(ctx); 1410 if (s != NULL) { 1411 if (ok) 1412 fprintf(stderr, "depth=%d %s\n", error_depth, buf); 1413 else { 1414 fprintf(stderr, "depth=%d error=%d %s\n", error_depth, 1415 error, buf); 1416 } 1417 } 1418 1419 if (ok == 0) { 1420 fprintf(stderr, "Error string: %s\n", 1421 X509_verify_cert_error_string(error)); 1422 switch (error) { 1423 case X509_V_ERR_CERT_NOT_YET_VALID: 1424 case X509_V_ERR_CERT_HAS_EXPIRED: 1425 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1426 fprintf(stderr, " ... ignored.\n"); 1427 ok = 1; 1428 } 1429 } 1430 1431 if (ok == 1) { 1432 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) { 1433 unsigned int *letters = 1434 X509_STORE_CTX_get_ex_data(ctx, 1435 get_proxy_auth_ex_data_idx()); 1436 1437 if (letters) { 1438 int found_any = 0; 1439 int i; 1440 PROXY_CERT_INFO_EXTENSION *pci = 1441 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1442 NULL, NULL); 1443 1444 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1445 case NID_Independent: 1446 /* Completely meaningless in this 1447 program, as there's no way to 1448 grant explicit rights to a 1449 specific PrC. Basically, using 1450 id-ppl-Independent is the perfect 1451 way to grant no rights at all. */ 1452 fprintf(stderr, " Independent proxy certificate"); 1453 for (i = 0; i < 26; i++) 1454 letters[i] = 0; 1455 break; 1456 case NID_id_ppl_inheritAll: 1457 /* This is basically a NOP, we 1458 simply let the current rights 1459 stand as they are. */ 1460 fprintf(stderr, " Proxy certificate inherits all"); 1461 break; 1462 default: 1463 s = (char *) 1464 pci->proxyPolicy->policy->data; 1465 i = pci->proxyPolicy->policy->length; 1466 1467 /* The algorithm works as follows: 1468 it is assumed that previous 1469 iterations or the initial granted 1470 rights has already set some elements 1471 of `letters'. What we need to do is 1472 to clear those that weren't granted 1473 by the current PrC as well. The 1474 easiest way to do this is to add 1 1475 to all the elements whose letters 1476 are given with the current policy. 1477 That way, all elements that are set 1478 by the current policy and were 1479 already set by earlier policies and 1480 through the original grant of rights 1481 will get the value 2 or higher. 1482 The last thing to do is to sweep 1483 through `letters' and keep the 1484 elements having the value 2 as set, 1485 and clear all the others. */ 1486 1487 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); 1488 while (i-- > 0) { 1489 int c = *s++; 1490 if (isascii(c) && isalpha(c)) { 1491 if (islower(c)) 1492 c = toupper(c); 1493 letters[c - 'A']++; 1494 } 1495 } 1496 for (i = 0; i < 26; i++) 1497 if (letters[i] < 2) 1498 letters[i] = 0; 1499 else 1500 letters[i] = 1; 1501 } 1502 1503 found_any = 0; 1504 fprintf(stderr, ", resulting proxy rights = "); 1505 for (i = 0; i < 26; i++) 1506 if (letters[i]) { 1507 fprintf(stderr, "%c", i + 'A'); 1508 found_any = 1; 1509 } 1510 if (!found_any) 1511 fprintf(stderr, "none"); 1512 fprintf(stderr, "\n"); 1513 1514 PROXY_CERT_INFO_EXTENSION_free(pci); 1515 } 1516 } 1517 } 1518 1519 return (ok); 1520} 1521 1522static void 1523process_proxy_debug(int indent, const char *format, ...) 1524{ 1525 static const char indentation[] = 1526 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1527 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ 1528 char my_format[256]; 1529 va_list args; 1530 1531 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", 1532 indent, indent, indentation, format); 1533 1534 va_start(args, format); 1535 vfprintf(stderr, my_format, args); 1536 va_end(args); 1537} 1538/* Priority levels: 1539 0 [!]var, () 1540 1 & ^ 1541 2 | 1542*/ 1543static int process_proxy_cond_adders(unsigned int letters[26], 1544 const char *cond, const char **cond_end, int *pos, int indent); 1545 1546static int 1547process_proxy_cond_val(unsigned int letters[26], const char *cond, 1548 const char **cond_end, int *pos, int indent) 1549{ 1550 int c; 1551 int ok = 1; 1552 int negate = 0; 1553 1554 while (isspace((int)*cond)) { 1555 cond++; 1556 (*pos)++; 1557 } 1558 c = *cond; 1559 1560 if (debug) 1561 process_proxy_debug(indent, 1562 "Start process_proxy_cond_val at position %d: %s\n", 1563 *pos, cond); 1564 1565 while (c == '!') { 1566 negate = !negate; 1567 cond++; 1568 (*pos)++; 1569 while (isspace((int)*cond)) { 1570 cond++; 1571 (*pos)++; 1572 } 1573 c = *cond; 1574 } 1575 1576 if (c == '(') { 1577 cond++; 1578 (*pos)++; 1579 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1580 indent + 1); 1581 cond = *cond_end; 1582 if (ok < 0) 1583 goto end; 1584 while (isspace((int)*cond)) { 1585 cond++; 1586 (*pos)++; 1587 } 1588 c = *cond; 1589 if (c != ')') { 1590 fprintf(stderr, 1591 "Weird condition character in position %d: " 1592 "%c\n", *pos, c); 1593 ok = -1; 1594 goto end; 1595 } 1596 cond++; 1597 (*pos)++; 1598 } else if (isascii(c) && isalpha(c)) { 1599 if (islower(c)) 1600 c = toupper(c); 1601 ok = letters[c - 'A']; 1602 cond++; 1603 (*pos)++; 1604 } else { 1605 fprintf(stderr, 1606 "Weird condition character in position %d: " 1607 "%c\n", *pos, c); 1608 ok = -1; 1609 goto end; 1610 } 1611end: 1612 *cond_end = cond; 1613 if (ok >= 0 && negate) 1614 ok = !ok; 1615 1616 if (debug) 1617 process_proxy_debug(indent, 1618 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1619 *pos, cond, ok); 1620 1621 return ok; 1622} 1623 1624static int 1625process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, 1626 const char **cond_end, int *pos, int indent) 1627{ 1628 int ok; 1629 char c; 1630 1631 if (debug) 1632 process_proxy_debug(indent, 1633 "Start process_proxy_cond_multipliers at position %d: %s\n", 1634 *pos, cond); 1635 1636 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 1637 cond = *cond_end; 1638 if (ok < 0) 1639 goto end; 1640 1641 while (ok >= 0) { 1642 while (isspace((int)*cond)) { 1643 cond++; 1644 (*pos)++; 1645 } 1646 c = *cond; 1647 1648 switch (c) { 1649 case '&': 1650 case '^': 1651 { 1652 int save_ok = ok; 1653 1654 cond++; 1655 (*pos)++; 1656 ok = process_proxy_cond_val(letters, 1657 cond, cond_end, pos, indent + 1); 1658 cond = *cond_end; 1659 if (ok < 0) 1660 break; 1661 1662 switch (c) { 1663 case '&': 1664 ok &= save_ok; 1665 break; 1666 case '^': 1667 ok ^= save_ok; 1668 break; 1669 default: 1670 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1671 " STOPPING\n"); 1672 exit(1); 1673 } 1674 } 1675 break; 1676 default: 1677 goto end; 1678 } 1679 } 1680end: 1681 if (debug) 1682 process_proxy_debug(indent, 1683 "End process_proxy_cond_multipliers at position %d: %s, " 1684 "returning %d\n", 1685 *pos, cond, ok); 1686 1687 *cond_end = cond; 1688 return ok; 1689} 1690 1691static int 1692process_proxy_cond_adders(unsigned int letters[26], const char *cond, 1693 const char **cond_end, int *pos, int indent) 1694{ 1695 int ok; 1696 char c; 1697 1698 if (debug) 1699 process_proxy_debug(indent, 1700 "Start process_proxy_cond_adders at position %d: %s\n", 1701 *pos, cond); 1702 1703 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 1704 indent + 1); 1705 cond = *cond_end; 1706 if (ok < 0) 1707 goto end; 1708 1709 while (ok >= 0) { 1710 while (isspace((int)*cond)) { 1711 cond++; 1712 (*pos)++; 1713 } 1714 c = *cond; 1715 1716 switch (c) { 1717 case '|': 1718 { 1719 int save_ok = ok; 1720 1721 cond++; 1722 (*pos)++; 1723 ok = process_proxy_cond_multipliers(letters, 1724 cond, cond_end, pos, indent + 1); 1725 cond = *cond_end; 1726 if (ok < 0) 1727 break; 1728 1729 switch (c) { 1730 case '|': 1731 ok |= save_ok; 1732 break; 1733 default: 1734 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1735 " STOPPING\n"); 1736 exit(1); 1737 } 1738 } 1739 break; 1740 default: 1741 goto end; 1742 } 1743 } 1744end: 1745 if (debug) 1746 process_proxy_debug(indent, 1747 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 1748 *pos, cond, ok); 1749 1750 *cond_end = cond; 1751 return ok; 1752} 1753 1754static int 1755process_proxy_cond(unsigned int letters[26], const char *cond, 1756 const char **cond_end) 1757{ 1758 int pos = 1; 1759 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 1760} 1761 1762static int 1763app_verify_callback(X509_STORE_CTX *ctx, void *arg) 1764{ 1765 int ok = 1; 1766 struct app_verify_arg *cb_arg = arg; 1767 unsigned int letters[26]; /* only used with proxy_auth */ 1768 1769 if (cb_arg->app_verify) { 1770 X509 *xs; 1771 char *s = NULL, buf[256]; 1772 1773 xs = X509_STORE_CTX_get0_cert(ctx); 1774 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1775 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1776 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 1777 (void *)ctx, (void *)xs); 1778 if (xs) 1779 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, 256); 1780 if (s != NULL) { 1781 fprintf(stderr, "cert depth=%d %s\n", 1782 X509_STORE_CTX_get_error_depth(ctx), buf); 1783 } 1784 return (1); 1785 } 1786 if (cb_arg->proxy_auth) { 1787 int found_any = 0, i; 1788 char *sp; 1789 1790 for (i = 0; i < 26; i++) 1791 letters[i] = 0; 1792 for (sp = cb_arg->proxy_auth; *sp; sp++) { 1793 int c = *sp; 1794 if (isascii(c) && isalpha(c)) { 1795 if (islower(c)) 1796 c = toupper(c); 1797 letters[c - 'A'] = 1; 1798 } 1799 } 1800 1801 fprintf(stderr, " Initial proxy rights = "); 1802 for (i = 0; i < 26; i++) 1803 if (letters[i]) { 1804 fprintf(stderr, "%c", i + 'A'); 1805 found_any = 1; 1806 } 1807 if (!found_any) 1808 fprintf(stderr, "none"); 1809 fprintf(stderr, "\n"); 1810 1811 X509_STORE_CTX_set_ex_data(ctx, 1812 get_proxy_auth_ex_data_idx(), letters); 1813 } 1814 if (cb_arg->allow_proxy_certs) { 1815 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 1816 } 1817 1818 ok = X509_verify_cert(ctx); 1819 1820 if (cb_arg->proxy_auth) { 1821 if (ok > 0) { 1822 const char *cond_end = NULL; 1823 1824 ok = process_proxy_cond(letters, 1825 cb_arg->proxy_cond, &cond_end); 1826 1827 if (ok < 0) 1828 exit(3); 1829 if (*cond_end) { 1830 fprintf(stderr, "Stopped processing condition before it's end.\n"); 1831 ok = 0; 1832 } 1833 if (!ok) 1834 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", 1835 cb_arg->proxy_cond); 1836 else 1837 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", 1838 cb_arg->proxy_cond); 1839 } 1840 } 1841 return (ok); 1842} 1843 1844/* These DH parameters have been generated as follows: 1845 * $ openssl dhparam -C -noout 1024 1846 * $ openssl dhparam -C -noout -dsaparam 1024 1847 * (The second function has been renamed to avoid name conflicts.) 1848 */ 1849static DH * 1850get_dh1024() 1851{ 1852 static unsigned char dh1024_p[] = { 1853 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, 1854 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, 1855 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, 1856 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, 1857 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, 1858 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, 1859 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, 1860 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, 1861 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, 1862 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, 1863 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 1864 }; 1865 static unsigned char dh1024_g[] = { 1866 0x02, 1867 }; 1868 DH *dh; 1869 BIGNUM *dh_p = NULL, *dh_g = NULL; 1870 1871 if ((dh = DH_new()) == NULL) 1872 return NULL; 1873 1874 dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 1875 dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 1876 if (dh_p == NULL || dh_g == NULL) 1877 goto err; 1878 1879 if (!DH_set0_pqg(dh, dh_p, NULL, dh_g)) 1880 goto err; 1881 1882 return dh; 1883 1884 err: 1885 BN_free(dh_p); 1886 BN_free(dh_g); 1887 DH_free(dh); 1888 return NULL; 1889} 1890 1891static DH * 1892get_dh1024dsa() 1893{ 1894 static unsigned char dh1024_p[] = { 1895 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, 1896 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, 1897 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, 1898 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, 1899 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, 1900 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, 1901 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, 1902 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, 1903 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, 1904 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, 1905 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 1906 }; 1907 static unsigned char dh1024_g[] = { 1908 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, 1909 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, 1910 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, 1911 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, 1912 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, 1913 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, 1914 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, 1915 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, 1916 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, 1917 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, 1918 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 1919 }; 1920 DH *dh; 1921 BIGNUM *dh_p = NULL, *dh_g = NULL; 1922 1923 if ((dh = DH_new()) == NULL) 1924 return NULL; 1925 1926 dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 1927 dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 1928 if (dh_p == NULL || dh_g == NULL) 1929 goto err; 1930 1931 if (!DH_set0_pqg(dh, dh_p, NULL, dh_g)) 1932 goto err; 1933 1934 DH_set_length(dh, 160); 1935 1936 return dh; 1937 1938 err: 1939 BN_free(dh_p); 1940 BN_free(dh_g); 1941 DH_free(dh); 1942 return NULL; 1943} 1944