1 /* ssl/ssltest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
144 #define _BSD_SOURCE 1
145 #define _DEFAULT_SOURCE 1
146
147 #include <assert.h>
148 #include <errno.h>
149 #include <limits.h>
150 #include <stdio.h>
151 #include <stdlib.h>
152 #include <string.h>
153 #include <time.h>
154
155 #define USE_SOCKETS
156 #include "e_os.h"
157
158 #ifdef OPENSSL_SYS_VMS
159 /*
160 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
161 */
162 # define _XOPEN_SOURCE 500
163 #endif
164
165 #include <ctype.h>
166
167 #include <openssl/bio.h>
168 #include <openssl/crypto.h>
169 #include <openssl/evp.h>
170 #include <openssl/x509.h>
171 #include <openssl/x509v3.h>
172 #include <openssl/ssl.h>
173 #ifndef OPENSSL_NO_ENGINE
174 # include <openssl/engine.h>
175 #endif
176 #include <openssl/err.h>
177 #include <openssl/rand.h>
178 #ifndef OPENSSL_NO_RSA
179 # include <openssl/rsa.h>
180 #endif
181 #ifndef OPENSSL_NO_DSA
182 # include <openssl/dsa.h>
183 #endif
184 #ifndef OPENSSL_NO_DH
185 # include <openssl/dh.h>
186 #endif
187 #ifndef OPENSSL_NO_SRP
188 # include <openssl/srp.h>
189 #endif
190 #include <openssl/bn.h>
191
192 /*
193 * Or gethostname won't be declared properly
194 * on Compaq platforms (at least with DEC C).
195 * Do not try to put it earlier, or IPv6 includes
196 * get screwed...
197 */
198 #define _XOPEN_SOURCE_EXTENDED 1
199
200 #ifdef OPENSSL_SYS_WINDOWS
201 # include <winsock.h>
202 #else
203 # include OPENSSL_UNISTD
204 #endif
205
206 #ifdef OPENSSL_SYS_VMS
207 # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
208 # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
209 #elif defined(OPENSSL_SYS_WINCE)
210 # define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
211 # define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
212 #elif defined(OPENSSL_SYS_NETWARE)
213 # define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
214 # define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
215 #else
216 # define TEST_SERVER_CERT "../apps/server.pem"
217 # define TEST_CLIENT_CERT "../apps/client.pem"
218 #endif
219
220 static SSL_CTX *s_ctx = NULL;
221 static SSL_CTX *s_ctx2 = NULL;
222
223 /*
224 * There is really no standard for this, so let's assign some tentative
225 * numbers. In any case, these numbers are only for this test
226 */
227 #define COMP_RLE 255
228 #define COMP_ZLIB 1
229
230 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
231 #ifndef OPENSSL_NO_RSA
232 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
233 static void free_tmp_rsa(void);
234 #endif
235 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
236 #define APP_CALLBACK_STRING "Test Callback Argument"
237 struct app_verify_arg {
238 char *string;
239 int app_verify;
240 int allow_proxy_certs;
241 char *proxy_auth;
242 char *proxy_cond;
243 };
244
245 #ifndef OPENSSL_NO_DH
246 static DH *get_dh512(void);
247 static DH *get_dh1024(void);
248 static DH *get_dh1024dsa(void);
249 #endif
250
251 static char *psk_key = NULL; /* by default PSK is not used */
252 #ifndef OPENSSL_NO_PSK
253 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
254 char *identity,
255 unsigned int max_identity_len,
256 unsigned char *psk,
257 unsigned int max_psk_len);
258 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
259 unsigned char *psk,
260 unsigned int max_psk_len);
261 #endif
262
263 #ifndef OPENSSL_NO_SRP
264 /* SRP client */
265 /* This is a context that we pass to all callbacks */
266 typedef struct srp_client_arg_st {
267 char *srppassin;
268 char *srplogin;
269 } SRP_CLIENT_ARG;
270
271 # define PWD_STRLEN 1024
272
ssl_give_srp_client_pwd_cb(SSL * s,void * arg)273 static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
274 {
275 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
276 return BUF_strdup((char *)srp_client_arg->srppassin);
277 }
278
279 /* SRP server */
280 /* This is a context that we pass to SRP server callbacks */
281 typedef struct srp_server_arg_st {
282 char *expected_user;
283 char *pass;
284 } SRP_SERVER_ARG;
285
ssl_srp_server_param_cb(SSL * s,int * ad,void * arg)286 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
287 {
288 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
289
290 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
291 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
292 return SSL3_AL_FATAL;
293 }
294 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
295 *ad = SSL_AD_INTERNAL_ERROR;
296 return SSL3_AL_FATAL;
297 }
298 return SSL_ERROR_NONE;
299 }
300 #endif
301
302 static BIO *bio_err = NULL;
303 static BIO *bio_stdout = NULL;
304
305 static const char *alpn_client;
306 static char *alpn_server;
307 static char *alpn_server2;
308 static const char *alpn_expected;
309 static unsigned char *alpn_selected;
310 static const char *sn_client;
311 static const char *sn_server1;
312 static const char *sn_server2;
313 static int sn_expect = 0;
314
servername_cb(SSL * s,int * ad,void * arg)315 static int servername_cb(SSL *s, int *ad, void *arg)
316 {
317 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
318 if (sn_server2 == NULL) {
319 BIO_printf(bio_stdout, "Servername 2 is NULL\n");
320 return SSL_TLSEXT_ERR_NOACK;
321 }
322
323 if (servername != NULL) {
324 if (s_ctx2 != NULL && sn_server2 != NULL &&
325 !strcasecmp(servername, sn_server2)) {
326 BIO_printf(bio_stdout, "Switching server context.\n");
327 SSL_set_SSL_CTX(s, s_ctx2);
328 }
329 }
330 return SSL_TLSEXT_ERR_OK;
331 }
verify_servername(SSL * client,SSL * server)332 static int verify_servername(SSL *client, SSL *server)
333 {
334 /* just need to see if sn_context is what we expect */
335 SSL_CTX* ctx = SSL_get_SSL_CTX(server);
336 if (sn_expect == 0)
337 return 0;
338 if (sn_expect == 1 && ctx == s_ctx)
339 return 0;
340 if (sn_expect == 2 && ctx == s_ctx2)
341 return 0;
342 BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect);
343 if (ctx == s_ctx2)
344 BIO_printf(bio_stdout, "Servername: context is 2\n");
345 else if (ctx == s_ctx)
346 BIO_printf(bio_stdout, "Servername: context is 1\n");
347 else
348 BIO_printf(bio_stdout, "Servername: context is unknown\n");
349 return -1;
350 }
351
352 /*-
353 * next_protos_parse parses a comma separated list of strings into a string
354 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
355 * outlen: (output) set to the length of the resulting buffer on success.
356 * err: (maybe NULL) on failure, an error message line is written to this BIO.
357 * in: a NUL terminated string like "abc,def,ghi"
358 *
359 * returns: a malloced buffer or NULL on failure.
360 */
next_protos_parse(unsigned short * outlen,const char * in)361 static unsigned char *next_protos_parse(unsigned short *outlen,
362 const char *in)
363 {
364 size_t len;
365 unsigned char *out;
366 size_t i, start = 0;
367
368 len = strlen(in);
369 if (len >= 65535)
370 return NULL;
371
372 out = OPENSSL_malloc(strlen(in) + 1);
373 if (!out)
374 return NULL;
375
376 for (i = 0; i <= len; ++i) {
377 if (i == len || in[i] == ',') {
378 if (i - start > 255) {
379 OPENSSL_free(out);
380 return NULL;
381 }
382 out[start] = i - start;
383 start = i + 1;
384 } else
385 out[i + 1] = in[i];
386 }
387
388 *outlen = len + 1;
389 return out;
390 }
391
cb_server_alpn(SSL * s,const unsigned char ** out,unsigned char * outlen,const unsigned char * in,unsigned int inlen,void * arg)392 static int cb_server_alpn(SSL *s, const unsigned char **out,
393 unsigned char *outlen, const unsigned char *in,
394 unsigned int inlen, void *arg)
395 {
396 unsigned char *protos;
397 unsigned short protos_len;
398 char* alpn_str = arg;
399
400 protos = next_protos_parse(&protos_len, alpn_str);
401 if (protos == NULL) {
402 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
403 alpn_str);
404 abort();
405 }
406
407 if (SSL_select_next_proto
408 ((unsigned char **)out, outlen, protos, protos_len, in,
409 inlen) != OPENSSL_NPN_NEGOTIATED) {
410 OPENSSL_free(protos);
411 return SSL_TLSEXT_ERR_NOACK;
412 }
413
414 /*
415 * Make a copy of the selected protocol which will be freed in
416 * verify_alpn.
417 */
418 alpn_selected = OPENSSL_malloc(*outlen);
419 memcpy(alpn_selected, *out, *outlen);
420 *out = alpn_selected;
421
422 OPENSSL_free(protos);
423 return SSL_TLSEXT_ERR_OK;
424 }
425
verify_alpn(SSL * client,SSL * server)426 static int verify_alpn(SSL *client, SSL *server)
427 {
428 const unsigned char *client_proto, *server_proto;
429 unsigned int client_proto_len = 0, server_proto_len = 0;
430 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
431 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
432
433 if (alpn_selected != NULL) {
434 OPENSSL_free(alpn_selected);
435 alpn_selected = NULL;
436 }
437
438 if (client_proto_len != server_proto_len ||
439 memcmp(client_proto, server_proto, client_proto_len) != 0) {
440 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
441 goto err;
442 }
443
444 if (client_proto_len > 0 && alpn_expected == NULL) {
445 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
446 goto err;
447 }
448
449 if (alpn_expected != NULL &&
450 (client_proto_len != strlen(alpn_expected) ||
451 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
452 BIO_printf(bio_stdout,
453 "ALPN selected protocols not equal to expected protocol: %s\n",
454 alpn_expected);
455 goto err;
456 }
457
458 return 0;
459
460 err:
461 BIO_printf(bio_stdout, "ALPN results: client: '");
462 BIO_write(bio_stdout, client_proto, client_proto_len);
463 BIO_printf(bio_stdout, "', server: '");
464 BIO_write(bio_stdout, server_proto, server_proto_len);
465 BIO_printf(bio_stdout, "'\n");
466 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: ",
467 alpn_client);
468 if (SSL_get_SSL_CTX(server) == s_ctx2) {
469 BIO_printf(bio_stdout, "'%s'\n",
470 alpn_server2);
471 } else if (SSL_get_SSL_CTX(server) == s_ctx){
472 BIO_printf(bio_stdout, "'%s'\n",
473 alpn_server);
474 } else {
475 BIO_printf(bio_stdout, "unknown\n");
476 }
477 return -1;
478 }
479
480 #define SCT_EXT_TYPE 18
481
482 /*
483 * WARNING : below extension types are *NOT* IETF assigned, and could
484 * conflict if these types are reassigned and handled specially by OpenSSL
485 * in the future
486 */
487 #define TACK_EXT_TYPE 62208
488 #define CUSTOM_EXT_TYPE_0 1000
489 #define CUSTOM_EXT_TYPE_1 1001
490 #define CUSTOM_EXT_TYPE_2 1002
491 #define CUSTOM_EXT_TYPE_3 1003
492
493 const char custom_ext_cli_string[] = "abc";
494 const char custom_ext_srv_string[] = "defg";
495
496 /* These set from cmdline */
497 char *serverinfo_file = NULL;
498 int serverinfo_sct = 0;
499 int serverinfo_tack = 0;
500
501 /* These set based on extension callbacks */
502 int serverinfo_sct_seen = 0;
503 int serverinfo_tack_seen = 0;
504 int serverinfo_other_seen = 0;
505
506 /* This set from cmdline */
507 int custom_ext = 0;
508
509 /* This set based on extension callbacks */
510 int custom_ext_error = 0;
511
serverinfo_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)512 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
513 const unsigned char *in, size_t inlen,
514 int *al, void *arg)
515 {
516 if (ext_type == SCT_EXT_TYPE)
517 serverinfo_sct_seen++;
518 else if (ext_type == TACK_EXT_TYPE)
519 serverinfo_tack_seen++;
520 else
521 serverinfo_other_seen++;
522 return 1;
523 }
524
verify_serverinfo()525 static int verify_serverinfo()
526 {
527 if (serverinfo_sct != serverinfo_sct_seen)
528 return -1;
529 if (serverinfo_tack != serverinfo_tack_seen)
530 return -1;
531 if (serverinfo_other_seen)
532 return -1;
533 return 0;
534 }
535
536 /*-
537 * Four test cases for custom extensions:
538 * 0 - no ClientHello extension or ServerHello response
539 * 1 - ClientHello with "abc", no response
540 * 2 - ClientHello with "abc", empty response
541 * 3 - ClientHello with "abc", "defg" response
542 */
543
custom_ext_0_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)544 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
545 const unsigned char **out,
546 size_t *outlen, int *al, void *arg)
547 {
548 if (ext_type != CUSTOM_EXT_TYPE_0)
549 custom_ext_error = 1;
550 return 0; /* Don't send an extension */
551 }
552
custom_ext_0_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)553 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
554 const unsigned char *in,
555 size_t inlen, int *al, void *arg)
556 {
557 return 1;
558 }
559
custom_ext_1_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)560 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
561 const unsigned char **out,
562 size_t *outlen, int *al, void *arg)
563 {
564 if (ext_type != CUSTOM_EXT_TYPE_1)
565 custom_ext_error = 1;
566 *out = (const unsigned char *)custom_ext_cli_string;
567 *outlen = strlen(custom_ext_cli_string);
568 return 1; /* Send "abc" */
569 }
570
custom_ext_1_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)571 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
572 const unsigned char *in,
573 size_t inlen, int *al, void *arg)
574 {
575 return 1;
576 }
577
custom_ext_2_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)578 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
579 const unsigned char **out,
580 size_t *outlen, int *al, void *arg)
581 {
582 if (ext_type != CUSTOM_EXT_TYPE_2)
583 custom_ext_error = 1;
584 *out = (const unsigned char *)custom_ext_cli_string;
585 *outlen = strlen(custom_ext_cli_string);
586 return 1; /* Send "abc" */
587 }
588
custom_ext_2_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)589 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
590 const unsigned char *in,
591 size_t inlen, int *al, void *arg)
592 {
593 if (ext_type != CUSTOM_EXT_TYPE_2)
594 custom_ext_error = 1;
595 if (inlen != 0)
596 custom_ext_error = 1; /* Should be empty response */
597 return 1;
598 }
599
custom_ext_3_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)600 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
601 const unsigned char **out,
602 size_t *outlen, int *al, void *arg)
603 {
604 if (ext_type != CUSTOM_EXT_TYPE_3)
605 custom_ext_error = 1;
606 *out = (const unsigned char *)custom_ext_cli_string;
607 *outlen = strlen(custom_ext_cli_string);
608 return 1; /* Send "abc" */
609 }
610
custom_ext_3_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)611 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
612 const unsigned char *in,
613 size_t inlen, int *al, void *arg)
614 {
615 if (ext_type != CUSTOM_EXT_TYPE_3)
616 custom_ext_error = 1;
617 if (inlen != strlen(custom_ext_srv_string))
618 custom_ext_error = 1;
619 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
620 custom_ext_error = 1; /* Check for "defg" */
621 return 1;
622 }
623
624 /*
625 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
626 * for this extension
627 */
custom_ext_0_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)628 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
629 const unsigned char *in,
630 size_t inlen, int *al, void *arg)
631 {
632 custom_ext_error = 1;
633 return 1;
634 }
635
636 /* 'add' callbacks are only called if the 'parse' callback is called */
custom_ext_0_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)637 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
638 const unsigned char **out,
639 size_t *outlen, int *al, void *arg)
640 {
641 /* Error: should not have been called */
642 custom_ext_error = 1;
643 return 0; /* Don't send an extension */
644 }
645
custom_ext_1_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)646 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
647 const unsigned char *in,
648 size_t inlen, int *al, void *arg)
649 {
650 if (ext_type != CUSTOM_EXT_TYPE_1)
651 custom_ext_error = 1;
652 /* Check for "abc" */
653 if (inlen != strlen(custom_ext_cli_string))
654 custom_ext_error = 1;
655 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
656 custom_ext_error = 1;
657 return 1;
658 }
659
custom_ext_1_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)660 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
661 const unsigned char **out,
662 size_t *outlen, int *al, void *arg)
663 {
664 return 0; /* Don't send an extension */
665 }
666
custom_ext_2_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)667 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
668 const unsigned char *in,
669 size_t inlen, int *al, void *arg)
670 {
671 if (ext_type != CUSTOM_EXT_TYPE_2)
672 custom_ext_error = 1;
673 /* Check for "abc" */
674 if (inlen != strlen(custom_ext_cli_string))
675 custom_ext_error = 1;
676 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
677 custom_ext_error = 1;
678 return 1;
679 }
680
custom_ext_2_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)681 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
682 const unsigned char **out,
683 size_t *outlen, int *al, void *arg)
684 {
685 *out = NULL;
686 *outlen = 0;
687 return 1; /* Send empty extension */
688 }
689
custom_ext_3_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)690 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
691 const unsigned char *in,
692 size_t inlen, int *al, void *arg)
693 {
694 if (ext_type != CUSTOM_EXT_TYPE_3)
695 custom_ext_error = 1;
696 /* Check for "abc" */
697 if (inlen != strlen(custom_ext_cli_string))
698 custom_ext_error = 1;
699 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
700 custom_ext_error = 1;
701 return 1;
702 }
703
custom_ext_3_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)704 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
705 const unsigned char **out,
706 size_t *outlen, int *al, void *arg)
707 {
708 *out = (const unsigned char *)custom_ext_srv_string;
709 *outlen = strlen(custom_ext_srv_string);
710 return 1; /* Send "defg" */
711 }
712
713 static char *cipher = NULL;
714 static int verbose = 0;
715 static int debug = 0;
716 #if 0
717 /* Not used yet. */
718 # ifdef FIONBIO
719 static int s_nbio = 0;
720 # endif
721 #endif
722
723 static const char rnd_seed[] =
724 "string to make the random number generator think it has entropy";
725
726 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
727 clock_t *c_time);
728 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
729 static int do_test_cipherlist(void);
sv_usage(void)730 static void sv_usage(void)
731 {
732 fprintf(stderr, "usage: ssltest [args ...]\n");
733 fprintf(stderr, "\n");
734 #ifdef OPENSSL_FIPS
735 fprintf(stderr, "-F - run test in FIPS mode\n");
736 #endif
737 fprintf(stderr, " -server_auth - check server certificate\n");
738 fprintf(stderr, " -client_auth - do client authentication\n");
739 fprintf(stderr, " -proxy - allow proxy certificates\n");
740 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
741 fprintf(stderr,
742 " -proxy_cond <val> - expression to test proxy policy rights\n");
743 fprintf(stderr, " -v - more output\n");
744 fprintf(stderr, " -d - debug output\n");
745 fprintf(stderr, " -reuse - use session-id reuse\n");
746 fprintf(stderr, " -num <val> - number of connections to perform\n");
747 fprintf(stderr,
748 " -bytes <val> - number of bytes to swap between client/server\n");
749 #ifndef OPENSSL_NO_DH
750 fprintf(stderr,
751 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
752 fprintf(stderr,
753 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
754 fprintf(stderr,
755 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
756 fprintf(stderr, " -no_dhe - disable DHE\n");
757 #endif
758 #ifndef OPENSSL_NO_ECDH
759 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
760 #endif
761 #ifndef OPENSSL_NO_PSK
762 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
763 #endif
764 #ifndef OPENSSL_NO_SRP
765 fprintf(stderr, " -srpuser user - SRP username to use\n");
766 fprintf(stderr, " -srppass arg - password for 'user'\n");
767 #endif
768 #ifndef OPENSSL_NO_SSL2
769 fprintf(stderr, " -ssl2 - use SSLv2\n");
770 #endif
771 #ifndef OPENSSL_NO_SSL3_METHOD
772 fprintf(stderr, " -ssl3 - use SSLv3\n");
773 #endif
774 #ifndef OPENSSL_NO_TLS1
775 fprintf(stderr, " -tls1 - use TLSv1\n");
776 #endif
777 #ifndef OPENSSL_NO_TLS1_1
778 fprintf(stderr, " -tls1_1 - use TLSv1.1\n");
779 #endif
780 #ifndef OPENSSL_NO_TLS1_2
781 fprintf(stderr, " -tls1_2 - use TLSv1.2\n");
782 #endif
783 #ifndef OPENSSL_NO_DTLS
784 fprintf(stderr, " -dtls1 - use DTLSv1\n");
785 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
786 #endif
787 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
788 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
789 fprintf(stderr, " -cert arg - Server certificate file\n");
790 fprintf(stderr,
791 " -key arg - Server key file (default: same as -cert)\n");
792 fprintf(stderr, " -c_cert arg - Client certificate file\n");
793 fprintf(stderr,
794 " -c_key arg - Client key file (default: same as -c_cert)\n");
795 fprintf(stderr, " -cipher arg - The cipher list\n");
796 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
797 fprintf(stderr, " -f - Test even cases that can't work\n");
798 fprintf(stderr,
799 " -time - measure processor time used by client and server\n");
800 fprintf(stderr, " -zlib - use zlib compression\n");
801 fprintf(stderr, " -rle - use rle compression\n");
802 #ifndef OPENSSL_NO_ECDH
803 fprintf(stderr,
804 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
805 " Use \"openssl ecparam -list_curves\" for all names\n"
806 " (default is sect163r2).\n");
807 #endif
808 fprintf(stderr,
809 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
810 " When this option is requested, the cipherlist\n"
811 " tests are run instead of handshake tests.\n");
812 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
813 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
814 fprintf(stderr,
815 " -serverinfo_tack - have client offer and expect TACK\n");
816 fprintf(stderr,
817 " -custom_ext - try various custom extension callbacks\n");
818 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
819 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
820 fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n");
821 fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n");
822 fprintf(stderr,
823 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
824 fprintf(stderr, " -sn_client <string> - have client request this servername\n");
825 fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n");
826 fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n");
827 fprintf(stderr, " -sn_expect1 - expected server 1\n");
828 fprintf(stderr, " -sn_expect2 - expected server 2\n");
829 }
830
print_details(SSL * c_ssl,const char * prefix)831 static void print_details(SSL *c_ssl, const char *prefix)
832 {
833 const SSL_CIPHER *ciph;
834 X509 *cert;
835
836 ciph = SSL_get_current_cipher(c_ssl);
837 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
838 prefix,
839 SSL_get_version(c_ssl),
840 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
841 cert = SSL_get_peer_certificate(c_ssl);
842 if (cert != NULL) {
843 EVP_PKEY *pkey = X509_get_pubkey(cert);
844 if (pkey != NULL) {
845 if (0) ;
846 #ifndef OPENSSL_NO_RSA
847 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
848 && pkey->pkey.rsa->n != NULL) {
849 BIO_printf(bio_stdout, ", %d bit RSA",
850 BN_num_bits(pkey->pkey.rsa->n));
851 }
852 #endif
853 #ifndef OPENSSL_NO_DSA
854 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
855 && pkey->pkey.dsa->p != NULL) {
856 BIO_printf(bio_stdout, ", %d bit DSA",
857 BN_num_bits(pkey->pkey.dsa->p));
858 }
859 #endif
860 EVP_PKEY_free(pkey);
861 }
862 X509_free(cert);
863 }
864 /*
865 * The SSL API does not allow us to look at temporary RSA/DH keys,
866 * otherwise we should print their lengths too
867 */
868 BIO_printf(bio_stdout, "\n");
869 }
870
lock_dbg_cb(int mode,int type,const char * file,int line)871 static void lock_dbg_cb(int mode, int type, const char *file, int line)
872 {
873 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
874 const char *errstr = NULL;
875 int rw;
876
877 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
878 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
879 errstr = "invalid mode";
880 goto err;
881 }
882
883 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
884 errstr = "type out of bounds";
885 goto err;
886 }
887
888 if (mode & CRYPTO_LOCK) {
889 if (modes[type]) {
890 errstr = "already locked";
891 /*
892 * must not happen in a single-threaded program (would deadlock)
893 */
894 goto err;
895 }
896
897 modes[type] = rw;
898 } else if (mode & CRYPTO_UNLOCK) {
899 if (!modes[type]) {
900 errstr = "not locked";
901 goto err;
902 }
903
904 if (modes[type] != rw) {
905 errstr = (rw == CRYPTO_READ) ?
906 "CRYPTO_r_unlock on write lock" :
907 "CRYPTO_w_unlock on read lock";
908 }
909
910 modes[type] = 0;
911 } else {
912 errstr = "invalid mode";
913 goto err;
914 }
915
916 err:
917 if (errstr) {
918 /* we cannot use bio_err here */
919 fprintf(stderr,
920 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
921 errstr, mode, type, file, line);
922 }
923 }
924
925 #ifdef TLSEXT_TYPE_opaque_prf_input
926 struct cb_info_st {
927 void *input;
928 size_t len;
929 int ret;
930 };
931 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
932 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
933 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
934 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
935
opaque_prf_input_cb(SSL * ssl,void * peerinput,size_t len,void * arg_)936 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
937 {
938 struct cb_info_st *arg = arg_;
939
940 if (arg == NULL)
941 return 1;
942
943 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
944 return 0;
945 return arg->ret;
946 }
947 #endif
948
main(int argc,char * argv[])949 int main(int argc, char *argv[])
950 {
951 char *CApath = NULL, *CAfile = NULL;
952 int badop = 0;
953 int bio_pair = 0;
954 int force = 0;
955 int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1;
956 int tls1_1 = 0, tls1_2=0;
957 int client_auth = 0;
958 int server_auth = 0, i;
959 struct app_verify_arg app_verify_arg =
960 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
961 char *server_cert = TEST_SERVER_CERT;
962 char *server_key = NULL;
963 char *client_cert = TEST_CLIENT_CERT;
964 char *client_key = NULL;
965 #ifndef OPENSSL_NO_ECDH
966 char *named_curve = NULL;
967 #endif
968 SSL_CTX *c_ctx = NULL;
969 const SSL_METHOD *meth = NULL;
970 SSL *c_ssl, *s_ssl;
971 int number = 1, reuse = 0;
972 long bytes = 256L;
973 #ifndef OPENSSL_NO_DH
974 DH *dh;
975 int dhe512 = 0, dhe1024dsa = 0;
976 #endif
977 #ifndef OPENSSL_NO_ECDH
978 EC_KEY *ecdh = NULL;
979 #endif
980 #ifndef OPENSSL_NO_SRP
981 /* client */
982 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
983 /* server */
984 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
985 #endif
986 int no_dhe = 0;
987 int no_ecdhe = 0;
988 int no_psk = 0;
989 int print_time = 0;
990 clock_t s_time = 0, c_time = 0;
991 #ifndef OPENSSL_NO_COMP
992 int comp = 0;
993 COMP_METHOD *cm = NULL;
994 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
995 #endif
996 int test_cipherlist = 0;
997 #ifdef OPENSSL_FIPS
998 int fips_mode = 0;
999 #endif
1000 int no_protocol = 0;
1001
1002 verbose = 0;
1003 debug = 0;
1004 cipher = 0;
1005
1006 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1007
1008 CRYPTO_set_locking_callback(lock_dbg_cb);
1009
1010 /* enable memory leak checking unless explicitly disabled */
1011 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
1012 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
1013 CRYPTO_malloc_debug_init();
1014 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1015 } else {
1016 /* OPENSSL_DEBUG_MEMORY=off */
1017 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1018 }
1019 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1020
1021 RAND_seed(rnd_seed, sizeof rnd_seed);
1022
1023 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1024
1025 argc--;
1026 argv++;
1027
1028 while (argc >= 1) {
1029 if (!strcmp(*argv, "-F")) {
1030 #ifdef OPENSSL_FIPS
1031 fips_mode = 1;
1032 #else
1033 fprintf(stderr,
1034 "not compiled with FIPS support, so exiting without running.\n");
1035 EXIT(0);
1036 #endif
1037 } else if (strcmp(*argv, "-server_auth") == 0)
1038 server_auth = 1;
1039 else if (strcmp(*argv, "-client_auth") == 0)
1040 client_auth = 1;
1041 else if (strcmp(*argv, "-proxy_auth") == 0) {
1042 if (--argc < 1)
1043 goto bad;
1044 app_verify_arg.proxy_auth = *(++argv);
1045 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1046 if (--argc < 1)
1047 goto bad;
1048 app_verify_arg.proxy_cond = *(++argv);
1049 } else if (strcmp(*argv, "-v") == 0)
1050 verbose = 1;
1051 else if (strcmp(*argv, "-d") == 0)
1052 debug = 1;
1053 else if (strcmp(*argv, "-reuse") == 0)
1054 reuse = 1;
1055 else if (strcmp(*argv, "-dhe512") == 0) {
1056 #ifndef OPENSSL_NO_DH
1057 dhe512 = 1;
1058 #else
1059 fprintf(stderr,
1060 "ignoring -dhe512, since I'm compiled without DH\n");
1061 #endif
1062 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
1063 #ifndef OPENSSL_NO_DH
1064 dhe1024dsa = 1;
1065 #else
1066 fprintf(stderr,
1067 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
1068 #endif
1069 } else if (strcmp(*argv, "-no_dhe") == 0)
1070 no_dhe = 1;
1071 else if (strcmp(*argv, "-no_ecdhe") == 0)
1072 no_ecdhe = 1;
1073 else if (strcmp(*argv, "-psk") == 0) {
1074 if (--argc < 1)
1075 goto bad;
1076 psk_key = *(++argv);
1077 #ifndef OPENSSL_NO_PSK
1078 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1079 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1080 goto bad;
1081 }
1082 #else
1083 no_psk = 1;
1084 #endif
1085 }
1086 #ifndef OPENSSL_NO_SRP
1087 else if (strcmp(*argv, "-srpuser") == 0) {
1088 if (--argc < 1)
1089 goto bad;
1090 srp_server_arg.expected_user = srp_client_arg.srplogin =
1091 *(++argv);
1092 tls1 = 1;
1093 } else if (strcmp(*argv, "-srppass") == 0) {
1094 if (--argc < 1)
1095 goto bad;
1096 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1097 tls1 = 1;
1098 }
1099 #endif
1100 else if (strcmp(*argv, "-ssl2") == 0) {
1101 #ifdef OPENSSL_NO_SSL2
1102 no_protocol = 1;
1103 #endif
1104 ssl2 = 1;
1105 } else if (strcmp(*argv, "-tls1") == 0) {
1106 #ifdef OPENSSL_NO_TLS1
1107 no_protocol = 1;
1108 #endif
1109 tls1 = 1;
1110 } else if (strcmp(*argv, "-tls1_1") == 0) {
1111 #ifdef OPENSSL_NO_TLS1_1
1112 no_protocol = 1;
1113 #endif
1114 tls1_1 = 1;
1115 } else if (strcmp(*argv, "-tls1_2") == 0) {
1116 #ifdef OPENSSL_NO_TLS1_2
1117 no_protocol = 1;
1118 #endif
1119 tls1_2 = 1;
1120 } else if (strcmp(*argv, "-ssl3") == 0) {
1121 #ifdef OPENSSL_NO_SSL3_METHOD
1122 no_protocol = 1;
1123 #endif
1124 ssl3 = 1;
1125 } else if (strcmp(*argv, "-dtls1") == 0) {
1126 #ifdef OPENSSL_NO_DTLS
1127 no_protocol = 1;
1128 #endif
1129 dtls1 = 1;
1130 } else if (strcmp(*argv, "-dtls12") == 0) {
1131 #ifdef OPENSSL_NO_DTLS
1132 no_protocol = 1;
1133 #endif
1134 dtls12 = 1;
1135 } else if (strncmp(*argv, "-num", 4) == 0) {
1136 if (--argc < 1)
1137 goto bad;
1138 number = atoi(*(++argv));
1139 if (number == 0)
1140 number = 1;
1141 } else if (strcmp(*argv, "-bytes") == 0) {
1142 if (--argc < 1)
1143 goto bad;
1144 bytes = atol(*(++argv));
1145 if (bytes == 0L)
1146 bytes = 1L;
1147 i = strlen(argv[0]);
1148 if (argv[0][i - 1] == 'k')
1149 bytes *= 1024L;
1150 if (argv[0][i - 1] == 'm')
1151 bytes *= 1024L * 1024L;
1152 } else if (strcmp(*argv, "-cert") == 0) {
1153 if (--argc < 1)
1154 goto bad;
1155 server_cert = *(++argv);
1156 } else if (strcmp(*argv, "-s_cert") == 0) {
1157 if (--argc < 1)
1158 goto bad;
1159 server_cert = *(++argv);
1160 } else if (strcmp(*argv, "-key") == 0) {
1161 if (--argc < 1)
1162 goto bad;
1163 server_key = *(++argv);
1164 } else if (strcmp(*argv, "-s_key") == 0) {
1165 if (--argc < 1)
1166 goto bad;
1167 server_key = *(++argv);
1168 } else if (strcmp(*argv, "-c_cert") == 0) {
1169 if (--argc < 1)
1170 goto bad;
1171 client_cert = *(++argv);
1172 } else if (strcmp(*argv, "-c_key") == 0) {
1173 if (--argc < 1)
1174 goto bad;
1175 client_key = *(++argv);
1176 } else if (strcmp(*argv, "-cipher") == 0) {
1177 if (--argc < 1)
1178 goto bad;
1179 cipher = *(++argv);
1180 } else if (strcmp(*argv, "-CApath") == 0) {
1181 if (--argc < 1)
1182 goto bad;
1183 CApath = *(++argv);
1184 } else if (strcmp(*argv, "-CAfile") == 0) {
1185 if (--argc < 1)
1186 goto bad;
1187 CAfile = *(++argv);
1188 } else if (strcmp(*argv, "-bio_pair") == 0) {
1189 bio_pair = 1;
1190 } else if (strcmp(*argv, "-f") == 0) {
1191 force = 1;
1192 } else if (strcmp(*argv, "-time") == 0) {
1193 print_time = 1;
1194 }
1195 #ifndef OPENSSL_NO_COMP
1196 else if (strcmp(*argv, "-zlib") == 0) {
1197 comp = COMP_ZLIB;
1198 } else if (strcmp(*argv, "-rle") == 0) {
1199 comp = COMP_RLE;
1200 }
1201 #endif
1202 else if (strcmp(*argv, "-named_curve") == 0) {
1203 if (--argc < 1)
1204 goto bad;
1205 #ifndef OPENSSL_NO_ECDH
1206 named_curve = *(++argv);
1207 #else
1208 fprintf(stderr,
1209 "ignoring -named_curve, since I'm compiled without ECDH\n");
1210 ++argv;
1211 #endif
1212 } else if (strcmp(*argv, "-app_verify") == 0) {
1213 app_verify_arg.app_verify = 1;
1214 } else if (strcmp(*argv, "-proxy") == 0) {
1215 app_verify_arg.allow_proxy_certs = 1;
1216 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1217 test_cipherlist = 1;
1218 } else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1219 serverinfo_sct = 1;
1220 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1221 serverinfo_tack = 1;
1222 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1223 if (--argc < 1)
1224 goto bad;
1225 serverinfo_file = *(++argv);
1226 } else if (strcmp(*argv, "-custom_ext") == 0) {
1227 custom_ext = 1;
1228 } else if (strcmp(*argv, "-alpn_client") == 0) {
1229 if (--argc < 1)
1230 goto bad;
1231 alpn_client = *(++argv);
1232 } else if (strcmp(*argv, "-alpn_server") == 0 ||
1233 strcmp(*argv, "-alpn_server1") == 0) {
1234 if (--argc < 1)
1235 goto bad;
1236 alpn_server = *(++argv);
1237 } else if (strcmp(*argv, "-alpn_server2") == 0) {
1238 if (--argc < 1)
1239 goto bad;
1240 alpn_server2 = *(++argv);
1241 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1242 if (--argc < 1)
1243 goto bad;
1244 alpn_expected = *(++argv);
1245 } else if (strcmp(*argv, "-sn_client") == 0) {
1246 if (--argc < 1)
1247 goto bad;
1248 sn_client = *(++argv);
1249 } else if (strcmp(*argv, "-sn_server1") == 0) {
1250 if (--argc < 1)
1251 goto bad;
1252 sn_server1 = *(++argv);
1253 } else if (strcmp(*argv, "-sn_server2") == 0) {
1254 if (--argc < 1)
1255 goto bad;
1256 sn_server2 = *(++argv);
1257 } else if (strcmp(*argv, "-sn_expect1") == 0) {
1258 sn_expect = 1;
1259 } else if (strcmp(*argv, "-sn_expect2") == 0) {
1260 sn_expect = 2;
1261 } else {
1262 fprintf(stderr, "unknown option %s\n", *argv);
1263 badop = 1;
1264 break;
1265 }
1266 argc--;
1267 argv++;
1268 }
1269 if (badop) {
1270 bad:
1271 sv_usage();
1272 goto end;
1273 }
1274
1275 /*
1276 * test_cipherlist prevails over protocol switch: we test the cipherlist
1277 * for all enabled protocols.
1278 */
1279 if (test_cipherlist == 1) {
1280 /*
1281 * ensure that the cipher list are correctly sorted and exit
1282 */
1283 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1284 "other options.\n");
1285 if (do_test_cipherlist() == 0)
1286 EXIT(1);
1287 ret = 0;
1288 goto end;
1289 }
1290
1291 if (ssl2 + ssl3 + tls1 + tls1_1 + tls1_2 + dtls1 + dtls12 > 1) {
1292 fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -tls1_1, -tls1_2, -dtls1 or -dtls12 should "
1293 "be requested.\n");
1294 EXIT(1);
1295 }
1296
1297 /*
1298 * Testing was requested for a compiled-out protocol (e.g. SSLv2).
1299 * Ideally, we would error out, but the generic test wrapper can't know
1300 * when to expect failure. So we do nothing and return success.
1301 */
1302 if (no_protocol) {
1303 fprintf(stderr, "Testing was requested for a disabled protocol. "
1304 "Skipping tests.\n");
1305 ret = 0;
1306 goto end;
1307 }
1308
1309 if (!ssl2 && !ssl3 && !tls1 && !tls1_1 && !tls1_2 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
1310 fprintf(stderr, "This case cannot work. Use -f to perform "
1311 "the test anyway (and\n-d to see what happens), "
1312 "or add one of ssl2, -ssl3, -tls1, -tls1_1, -tls1_2, --dtls1, -dtls12, -reuse\n"
1313 "to avoid protocol mismatch.\n");
1314 EXIT(1);
1315 }
1316 #ifdef OPENSSL_FIPS
1317 if (fips_mode) {
1318 if (!FIPS_mode_set(1)) {
1319 ERR_load_crypto_strings();
1320 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
1321 EXIT(1);
1322 } else
1323 fprintf(stderr, "*** IN FIPS MODE ***\n");
1324 }
1325 #endif
1326
1327 if (print_time) {
1328 if (!bio_pair) {
1329 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1330 bio_pair = 1;
1331 }
1332 if (number < 50 && !force)
1333 fprintf(stderr,
1334 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1335 }
1336
1337 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1338
1339 SSL_library_init();
1340 SSL_load_error_strings();
1341
1342 #ifndef OPENSSL_NO_COMP
1343 if (comp == COMP_ZLIB)
1344 cm = COMP_zlib();
1345 if (comp == COMP_RLE)
1346 cm = COMP_rle();
1347 if (cm != NULL) {
1348 if (cm->type != NID_undef) {
1349 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1350 fprintf(stderr, "Failed to add compression method\n");
1351 ERR_print_errors_fp(stderr);
1352 }
1353 } else {
1354 fprintf(stderr,
1355 "Warning: %s compression not supported\n",
1356 (comp == COMP_RLE ? "rle" :
1357 (comp == COMP_ZLIB ? "zlib" : "unknown")));
1358 ERR_print_errors_fp(stderr);
1359 }
1360 }
1361 ssl_comp_methods = SSL_COMP_get_compression_methods();
1362 fprintf(stderr, "Available compression methods:\n");
1363 {
1364 int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1365 if (n == 0)
1366 fprintf(stderr, " NONE\n");
1367 else
1368 for (j = 0; j < n; j++) {
1369 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1370 fprintf(stderr, " %d: %s\n", c->id, c->name);
1371 }
1372 }
1373 #endif
1374
1375 /*
1376 * At this point, ssl2/ssl3/tls1 is only set if the protocol is
1377 * available. (Otherwise we exit early.) However the compiler doesn't
1378 * know this, so we ifdef.
1379 */
1380 #ifndef OPENSSL_NO_SSL2
1381 if (ssl2)
1382 meth = SSLv2_method();
1383 else
1384 #endif
1385 #ifndef OPENSSL_NO_SSL3
1386 if (ssl3)
1387 meth = SSLv3_method();
1388 else
1389 #endif
1390 #ifndef OPENSSL_NO_DTLS
1391 if (dtls1)
1392 meth = DTLSv1_method();
1393 else if (dtls12)
1394 meth = DTLSv1_2_method();
1395 else
1396 #endif
1397 #ifndef OPENSSL_NO_TLS1
1398 if (tls1)
1399 meth = TLSv1_method();
1400 else
1401 #endif
1402 #ifndef OPENSSL_NO_TLS1_1
1403 if (tls1_1)
1404 meth=TLSv1_1_method();
1405 else
1406 #endif
1407 #ifndef OPENSSL_NO_TLS1_2
1408 if (tls1_2)
1409 meth=TLSv1_2_method();
1410 else
1411 #endif
1412 meth = SSLv23_method();
1413
1414 c_ctx = SSL_CTX_new(meth);
1415 s_ctx = SSL_CTX_new(meth);
1416 s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */
1417 if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) {
1418 ERR_print_errors(bio_err);
1419 goto end;
1420 }
1421
1422 if (cipher != NULL) {
1423 SSL_CTX_set_cipher_list(c_ctx, cipher);
1424 SSL_CTX_set_cipher_list(s_ctx, cipher);
1425 SSL_CTX_set_cipher_list(s_ctx2, cipher);
1426 }
1427
1428 #ifndef OPENSSL_NO_DH
1429 if (!no_dhe) {
1430 if (dhe1024dsa) {
1431 /*
1432 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1433 */
1434 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1435 SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_DH_USE);
1436 dh = get_dh1024dsa();
1437 } else if (dhe512)
1438 dh = get_dh512();
1439 else
1440 dh = get_dh1024();
1441 SSL_CTX_set_tmp_dh(s_ctx, dh);
1442 SSL_CTX_set_tmp_dh(s_ctx2, dh);
1443 DH_free(dh);
1444 }
1445 #else
1446 (void)no_dhe;
1447 #endif
1448
1449 #ifndef OPENSSL_NO_ECDH
1450 if (!no_ecdhe) {
1451 int nid;
1452
1453 if (named_curve != NULL) {
1454 nid = OBJ_sn2nid(named_curve);
1455 if (nid == 0) {
1456 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1457 goto end;
1458 }
1459 } else
1460 # ifdef OPENSSL_NO_EC2M
1461 nid = NID_X9_62_prime256v1;
1462 # else
1463 nid = NID_sect163r2;
1464 # endif
1465
1466 ecdh = EC_KEY_new_by_curve_name(nid);
1467 if (ecdh == NULL) {
1468 BIO_printf(bio_err, "unable to create curve\n");
1469 goto end;
1470 }
1471
1472 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1473 SSL_CTX_set_tmp_ecdh(s_ctx2, ecdh);
1474 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1475 SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_ECDH_USE);
1476 EC_KEY_free(ecdh);
1477 }
1478 #else
1479 (void)no_ecdhe;
1480 #endif
1481
1482 #ifndef OPENSSL_NO_RSA
1483 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
1484 SSL_CTX_set_tmp_rsa_callback(s_ctx2, tmp_rsa_cb);
1485 #endif
1486
1487 #ifdef TLSEXT_TYPE_opaque_prf_input
1488 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1489 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1490 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx2, opaque_prf_input_cb);
1491 /* or &co2 or NULL */
1492 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
1493 /* or &so2 or NULL */
1494 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
1495 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx2, &so1);
1496 #endif
1497
1498 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
1499 ERR_print_errors(bio_err);
1500 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1501 (server_key ? server_key :
1502 server_cert),
1503 SSL_FILETYPE_PEM)) {
1504 ERR_print_errors(bio_err);
1505 goto end;
1506 }
1507
1508 if (!SSL_CTX_use_certificate_file(s_ctx2, server_cert, SSL_FILETYPE_PEM)) {
1509 ERR_print_errors(bio_err);
1510 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx2,
1511 (server_key ? server_key :
1512 server_cert),
1513 SSL_FILETYPE_PEM)) {
1514 ERR_print_errors(bio_err);
1515 goto end;
1516 }
1517
1518 if (client_auth) {
1519 SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM);
1520 SSL_CTX_use_PrivateKey_file(c_ctx,
1521 (client_key ? client_key : client_cert),
1522 SSL_FILETYPE_PEM);
1523 }
1524
1525 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1526 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1527 (!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) ||
1528 (!SSL_CTX_set_default_verify_paths(s_ctx2)) ||
1529 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1530 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1531 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1532 ERR_print_errors(bio_err);
1533 /* goto end; */
1534 }
1535
1536 if (client_auth) {
1537 BIO_printf(bio_err, "client authentication\n");
1538 SSL_CTX_set_verify(s_ctx,
1539 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1540 verify_callback);
1541 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1542 &app_verify_arg);
1543 SSL_CTX_set_verify(s_ctx2,
1544 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1545 verify_callback);
1546 SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback,
1547 &app_verify_arg);
1548 }
1549 if (server_auth) {
1550 BIO_printf(bio_err, "server authentication\n");
1551 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1552 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1553 &app_verify_arg);
1554 }
1555
1556 {
1557 int session_id_context = 0;
1558 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1559 sizeof session_id_context);
1560 SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context,
1561 sizeof session_id_context);
1562 }
1563
1564 /* Use PSK only if PSK key is given */
1565 if (psk_key != NULL) {
1566 /*
1567 * no_psk is used to avoid putting psk command to openssl tool
1568 */
1569 if (no_psk) {
1570 /*
1571 * if PSK is not compiled in and psk key is given, do nothing and
1572 * exit successfully
1573 */
1574 ret = 0;
1575 goto end;
1576 }
1577 #ifndef OPENSSL_NO_PSK
1578 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1579 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1580 SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback);
1581 if (debug)
1582 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1583 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1584 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1585 ERR_print_errors(bio_err);
1586 goto end;
1587 }
1588 if (!SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) {
1589 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx2\n");
1590 ERR_print_errors(bio_err);
1591 goto end;
1592 }
1593 #endif
1594 }
1595 #ifndef OPENSSL_NO_SRP
1596 if (srp_client_arg.srplogin) {
1597 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1598 BIO_printf(bio_err, "Unable to set SRP username\n");
1599 goto end;
1600 }
1601 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1602 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1603 ssl_give_srp_client_pwd_cb);
1604 /*
1605 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1606 */
1607 }
1608
1609 if (srp_server_arg.expected_user != NULL) {
1610 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1611 SSL_CTX_set_verify(s_ctx2, SSL_VERIFY_NONE, verify_callback);
1612 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1613 SSL_CTX_set_srp_cb_arg(s_ctx2, &srp_server_arg);
1614 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1615 SSL_CTX_set_srp_username_callback(s_ctx2, ssl_srp_server_param_cb);
1616 }
1617 #endif
1618
1619 if (serverinfo_sct)
1620 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1621 NULL, NULL, NULL,
1622 serverinfo_cli_parse_cb, NULL);
1623 if (serverinfo_tack)
1624 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1625 NULL, NULL, NULL,
1626 serverinfo_cli_parse_cb, NULL);
1627
1628 if (serverinfo_file) {
1629 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1630 BIO_printf(bio_err, "missing serverinfo file\n");
1631 goto end;
1632 }
1633 if (!SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) {
1634 BIO_printf(bio_err, "missing serverinfo file\n");
1635 goto end;
1636 }
1637 }
1638
1639 if (custom_ext) {
1640 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1641 custom_ext_0_cli_add_cb,
1642 NULL, NULL,
1643 custom_ext_0_cli_parse_cb, NULL);
1644 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1645 custom_ext_1_cli_add_cb,
1646 NULL, NULL,
1647 custom_ext_1_cli_parse_cb, NULL);
1648 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1649 custom_ext_2_cli_add_cb,
1650 NULL, NULL,
1651 custom_ext_2_cli_parse_cb, NULL);
1652 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1653 custom_ext_3_cli_add_cb,
1654 NULL, NULL,
1655 custom_ext_3_cli_parse_cb, NULL);
1656
1657 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1658 custom_ext_0_srv_add_cb,
1659 NULL, NULL,
1660 custom_ext_0_srv_parse_cb, NULL);
1661 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1662 custom_ext_1_srv_add_cb,
1663 NULL, NULL,
1664 custom_ext_1_srv_parse_cb, NULL);
1665 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1666 custom_ext_2_srv_add_cb,
1667 NULL, NULL,
1668 custom_ext_2_srv_parse_cb, NULL);
1669 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1670 custom_ext_3_srv_add_cb,
1671 NULL, NULL,
1672 custom_ext_3_srv_parse_cb, NULL);
1673
1674 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0,
1675 custom_ext_0_srv_add_cb,
1676 NULL, NULL,
1677 custom_ext_0_srv_parse_cb, NULL);
1678 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1,
1679 custom_ext_1_srv_add_cb,
1680 NULL, NULL,
1681 custom_ext_1_srv_parse_cb, NULL);
1682 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2,
1683 custom_ext_2_srv_add_cb,
1684 NULL, NULL,
1685 custom_ext_2_srv_parse_cb, NULL);
1686 SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3,
1687 custom_ext_3_srv_add_cb,
1688 NULL, NULL,
1689 custom_ext_3_srv_parse_cb, NULL);
1690 }
1691
1692 if (alpn_server)
1693 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server);
1694 if (alpn_server2)
1695 SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2);
1696
1697 if (alpn_client) {
1698 unsigned short alpn_len;
1699 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1700
1701 if (alpn == NULL) {
1702 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1703 goto end;
1704 }
1705 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1706 OPENSSL_free(alpn);
1707 }
1708
1709 if (sn_server1 || sn_server2)
1710 SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
1711
1712 c_ssl = SSL_new(c_ctx);
1713 s_ssl = SSL_new(s_ctx);
1714
1715 if (sn_client)
1716 SSL_set_tlsext_host_name(c_ssl, sn_client);
1717
1718 #ifndef OPENSSL_NO_KRB5
1719 if (c_ssl && c_ssl->kssl_ctx) {
1720 char localhost[MAXHOSTNAMELEN + 2];
1721
1722 if (gethostname(localhost, sizeof localhost - 1) == 0) {
1723 localhost[sizeof localhost - 1] = '\0';
1724 if (strlen(localhost) == sizeof localhost - 1) {
1725 BIO_printf(bio_err, "localhost name too long\n");
1726 goto end;
1727 }
1728 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost);
1729 }
1730 }
1731 #endif /* OPENSSL_NO_KRB5 */
1732
1733 for (i = 0; i < number; i++) {
1734 if (!reuse)
1735 SSL_set_session(c_ssl, NULL);
1736 if (bio_pair)
1737 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1738 else
1739 ret = doit(s_ssl, c_ssl, bytes);
1740 }
1741
1742 if (!verbose) {
1743 print_details(c_ssl, "");
1744 }
1745 if ((number > 1) || (bytes > 1L))
1746 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number,
1747 bytes);
1748 if (print_time) {
1749 #ifdef CLOCKS_PER_SEC
1750 /*
1751 * "To determine the time in seconds, the value returned by the clock
1752 * function should be divided by the value of the macro
1753 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1754 */
1755 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1756 "Approximate total client time: %6.2f s\n",
1757 (double)s_time / CLOCKS_PER_SEC,
1758 (double)c_time / CLOCKS_PER_SEC);
1759 #else
1760 /*
1761 * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on
1762 * NeXTstep/OpenStep
1763 */
1764 BIO_printf(bio_stdout,
1765 "Approximate total server time: %6.2f units\n"
1766 "Approximate total client time: %6.2f units\n",
1767 (double)s_time, (double)c_time);
1768 #endif
1769 }
1770
1771 if (verify_alpn(c_ssl, s_ssl) < 0)
1772 ret = 1;
1773 if (verify_servername(c_ssl, s_ssl) < 0)
1774 ret = 1;
1775
1776 SSL_free(s_ssl);
1777 SSL_free(c_ssl);
1778
1779 end:
1780 if (s_ctx != NULL)
1781 SSL_CTX_free(s_ctx);
1782 if (s_ctx2 != NULL)
1783 SSL_CTX_free(s_ctx2);
1784 if (c_ctx != NULL)
1785 SSL_CTX_free(c_ctx);
1786
1787 if (bio_stdout != NULL)
1788 BIO_free(bio_stdout);
1789
1790 #ifndef OPENSSL_NO_RSA
1791 free_tmp_rsa();
1792 #endif
1793 #ifndef OPENSSL_NO_ENGINE
1794 ENGINE_cleanup();
1795 #endif
1796 CRYPTO_cleanup_all_ex_data();
1797 ERR_free_strings();
1798 ERR_remove_thread_state(NULL);
1799 EVP_cleanup();
1800 CRYPTO_mem_leaks(bio_err);
1801 if (bio_err != NULL)
1802 BIO_free(bio_err);
1803 EXIT(ret);
1804 return ret;
1805 }
1806
doit_biopair(SSL * s_ssl,SSL * c_ssl,long count,clock_t * s_time,clock_t * c_time)1807 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1808 clock_t *s_time, clock_t *c_time)
1809 {
1810 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1811 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1812 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1813 int ret = 1;
1814
1815 size_t bufsiz = 256; /* small buffer for testing */
1816
1817 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1818 goto err;
1819 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1820 goto err;
1821
1822 s_ssl_bio = BIO_new(BIO_f_ssl());
1823 if (!s_ssl_bio)
1824 goto err;
1825
1826 c_ssl_bio = BIO_new(BIO_f_ssl());
1827 if (!c_ssl_bio)
1828 goto err;
1829
1830 SSL_set_connect_state(c_ssl);
1831 SSL_set_bio(c_ssl, client, client);
1832 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1833
1834 SSL_set_accept_state(s_ssl);
1835 SSL_set_bio(s_ssl, server, server);
1836 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1837
1838 do {
1839 /*-
1840 * c_ssl_bio: SSL filter BIO
1841 *
1842 * client: pseudo-I/O for SSL library
1843 *
1844 * client_io: client's SSL communication; usually to be
1845 * relayed over some I/O facility, but in this
1846 * test program, we're the server, too:
1847 *
1848 * server_io: server's SSL communication
1849 *
1850 * server: pseudo-I/O for SSL library
1851 *
1852 * s_ssl_bio: SSL filter BIO
1853 *
1854 * The client and the server each employ a "BIO pair":
1855 * client + client_io, server + server_io.
1856 * BIO pairs are symmetric. A BIO pair behaves similar
1857 * to a non-blocking socketpair (but both endpoints must
1858 * be handled by the same thread).
1859 * [Here we could connect client and server to the ends
1860 * of a single BIO pair, but then this code would be less
1861 * suitable as an example for BIO pairs in general.]
1862 *
1863 * Useful functions for querying the state of BIO pair endpoints:
1864 *
1865 * BIO_ctrl_pending(bio) number of bytes we can read now
1866 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1867 * other side's read attempt
1868 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1869 *
1870 * ..._read_request is never more than ..._write_guarantee;
1871 * it depends on the application which one you should use.
1872 */
1873
1874 /*
1875 * We have non-blocking behaviour throughout this test program, but
1876 * can be sure that there is *some* progress in each iteration; so we
1877 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1878 * we just try everything in each iteration
1879 */
1880
1881 {
1882 /* CLIENT */
1883
1884 MS_STATIC char cbuf[1024 * 8];
1885 int i, r;
1886 clock_t c_clock = clock();
1887
1888 memset(cbuf, 0, sizeof(cbuf));
1889
1890 if (debug)
1891 if (SSL_in_init(c_ssl))
1892 printf("client waiting in SSL_connect - %s\n",
1893 SSL_state_string_long(c_ssl));
1894
1895 if (cw_num > 0) {
1896 /* Write to server. */
1897
1898 if (cw_num > (long)sizeof cbuf)
1899 i = sizeof cbuf;
1900 else
1901 i = (int)cw_num;
1902 r = BIO_write(c_ssl_bio, cbuf, i);
1903 if (r < 0) {
1904 if (!BIO_should_retry(c_ssl_bio)) {
1905 fprintf(stderr, "ERROR in CLIENT\n");
1906 goto err;
1907 }
1908 /*
1909 * BIO_should_retry(...) can just be ignored here. The
1910 * library expects us to call BIO_write with the same
1911 * arguments again, and that's what we will do in the
1912 * next iteration.
1913 */
1914 } else if (r == 0) {
1915 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1916 goto err;
1917 } else {
1918 if (debug)
1919 printf("client wrote %d\n", r);
1920 cw_num -= r;
1921 }
1922 }
1923
1924 if (cr_num > 0) {
1925 /* Read from server. */
1926
1927 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1928 if (r < 0) {
1929 if (!BIO_should_retry(c_ssl_bio)) {
1930 fprintf(stderr, "ERROR in CLIENT\n");
1931 goto err;
1932 }
1933 /*
1934 * Again, "BIO_should_retry" can be ignored.
1935 */
1936 } else if (r == 0) {
1937 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1938 goto err;
1939 } else {
1940 if (debug)
1941 printf("client read %d\n", r);
1942 cr_num -= r;
1943 }
1944 }
1945
1946 /*
1947 * c_time and s_time increments will typically be very small
1948 * (depending on machine speed and clock tick intervals), but
1949 * sampling over a large number of connections should result in
1950 * fairly accurate figures. We cannot guarantee a lot, however
1951 * -- if each connection lasts for exactly one clock tick, it
1952 * will be counted only for the client or only for the server or
1953 * even not at all.
1954 */
1955 *c_time += (clock() - c_clock);
1956 }
1957
1958 {
1959 /* SERVER */
1960
1961 MS_STATIC char sbuf[1024 * 8];
1962 int i, r;
1963 clock_t s_clock = clock();
1964
1965 memset(sbuf, 0, sizeof(sbuf));
1966
1967 if (debug)
1968 if (SSL_in_init(s_ssl))
1969 printf("server waiting in SSL_accept - %s\n",
1970 SSL_state_string_long(s_ssl));
1971
1972 if (sw_num > 0) {
1973 /* Write to client. */
1974
1975 if (sw_num > (long)sizeof sbuf)
1976 i = sizeof sbuf;
1977 else
1978 i = (int)sw_num;
1979 r = BIO_write(s_ssl_bio, sbuf, i);
1980 if (r < 0) {
1981 if (!BIO_should_retry(s_ssl_bio)) {
1982 fprintf(stderr, "ERROR in SERVER\n");
1983 goto err;
1984 }
1985 /* Ignore "BIO_should_retry". */
1986 } else if (r == 0) {
1987 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1988 goto err;
1989 } else {
1990 if (debug)
1991 printf("server wrote %d\n", r);
1992 sw_num -= r;
1993 }
1994 }
1995
1996 if (sr_num > 0) {
1997 /* Read from client. */
1998
1999 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2000 if (r < 0) {
2001 if (!BIO_should_retry(s_ssl_bio)) {
2002 fprintf(stderr, "ERROR in SERVER\n");
2003 goto err;
2004 }
2005 /* blah, blah */
2006 } else if (r == 0) {
2007 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2008 goto err;
2009 } else {
2010 if (debug)
2011 printf("server read %d\n", r);
2012 sr_num -= r;
2013 }
2014 }
2015
2016 *s_time += (clock() - s_clock);
2017 }
2018
2019 {
2020 /* "I/O" BETWEEN CLIENT AND SERVER. */
2021
2022 size_t r1, r2;
2023 BIO *io1 = server_io, *io2 = client_io;
2024 /*
2025 * we use the non-copying interface for io1 and the standard
2026 * BIO_write/BIO_read interface for io2
2027 */
2028
2029 static int prev_progress = 1;
2030 int progress = 0;
2031
2032 /* io1 to io2 */
2033 do {
2034 size_t num;
2035 int r;
2036
2037 r1 = BIO_ctrl_pending(io1);
2038 r2 = BIO_ctrl_get_write_guarantee(io2);
2039
2040 num = r1;
2041 if (r2 < num)
2042 num = r2;
2043 if (num) {
2044 char *dataptr;
2045
2046 if (INT_MAX < num) /* yeah, right */
2047 num = INT_MAX;
2048
2049 r = BIO_nread(io1, &dataptr, (int)num);
2050 assert(r > 0);
2051 assert(r <= (int)num);
2052 /*
2053 * possibly r < num (non-contiguous data)
2054 */
2055 num = r;
2056 r = BIO_write(io2, dataptr, (int)num);
2057 if (r != (int)num) { /* can't happen */
2058 fprintf(stderr, "ERROR: BIO_write could not write "
2059 "BIO_ctrl_get_write_guarantee() bytes");
2060 goto err;
2061 }
2062 progress = 1;
2063
2064 if (debug)
2065 printf((io1 == client_io) ?
2066 "C->S relaying: %d bytes\n" :
2067 "S->C relaying: %d bytes\n", (int)num);
2068 }
2069 }
2070 while (r1 && r2);
2071
2072 /* io2 to io1 */
2073 {
2074 size_t num;
2075 int r;
2076
2077 r1 = BIO_ctrl_pending(io2);
2078 r2 = BIO_ctrl_get_read_request(io1);
2079 /*
2080 * here we could use ..._get_write_guarantee instead of
2081 * ..._get_read_request, but by using the latter we test
2082 * restartability of the SSL implementation more thoroughly
2083 */
2084 num = r1;
2085 if (r2 < num)
2086 num = r2;
2087 if (num) {
2088 char *dataptr;
2089
2090 if (INT_MAX < num)
2091 num = INT_MAX;
2092
2093 if (num > 1)
2094 --num; /* test restartability even more thoroughly */
2095
2096 r = BIO_nwrite0(io1, &dataptr);
2097 assert(r > 0);
2098 if (r < (int)num)
2099 num = r;
2100 r = BIO_read(io2, dataptr, (int)num);
2101 if (r != (int)num) { /* can't happen */
2102 fprintf(stderr, "ERROR: BIO_read could not read "
2103 "BIO_ctrl_pending() bytes");
2104 goto err;
2105 }
2106 progress = 1;
2107 r = BIO_nwrite(io1, &dataptr, (int)num);
2108 if (r != (int)num) { /* can't happen */
2109 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2110 "BIO_nwrite0() bytes");
2111 goto err;
2112 }
2113
2114 if (debug)
2115 printf((io2 == client_io) ?
2116 "C->S relaying: %d bytes\n" :
2117 "S->C relaying: %d bytes\n", (int)num);
2118 }
2119 } /* no loop, BIO_ctrl_get_read_request now
2120 * returns 0 anyway */
2121
2122 if (!progress && !prev_progress)
2123 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2124 fprintf(stderr, "ERROR: got stuck\n");
2125 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) {
2126 fprintf(stderr, "This can happen for SSL2 because "
2127 "CLIENT-FINISHED and SERVER-VERIFY are written \n"
2128 "concurrently ...");
2129 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
2130 && strncmp("2SSV", SSL_state_string(s_ssl),
2131 4) == 0) {
2132 fprintf(stderr, " ok.\n");
2133 goto end;
2134 }
2135 }
2136 fprintf(stderr, " ERROR.\n");
2137 goto err;
2138 }
2139 prev_progress = progress;
2140 }
2141 }
2142 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2143
2144 if (verbose)
2145 print_details(c_ssl, "DONE via BIO pair: ");
2146
2147 if (verify_serverinfo() < 0) {
2148 ret = 1;
2149 goto err;
2150 }
2151
2152 if (custom_ext_error) {
2153 ret = 1;
2154 goto err;
2155 }
2156
2157 end:
2158 ret = 0;
2159
2160 err:
2161 ERR_print_errors(bio_err);
2162
2163 if (server)
2164 BIO_free(server);
2165 if (server_io)
2166 BIO_free(server_io);
2167 if (client)
2168 BIO_free(client);
2169 if (client_io)
2170 BIO_free(client_io);
2171 if (s_ssl_bio)
2172 BIO_free(s_ssl_bio);
2173 if (c_ssl_bio)
2174 BIO_free(c_ssl_bio);
2175
2176 return ret;
2177 }
2178
2179 #define W_READ 1
2180 #define W_WRITE 2
2181 #define C_DONE 1
2182 #define S_DONE 2
2183
doit(SSL * s_ssl,SSL * c_ssl,long count)2184 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2185 {
2186 char *cbuf = NULL, *sbuf = NULL;
2187 long bufsiz;
2188 long cw_num = count, cr_num = count;
2189 long sw_num = count, sr_num = count;
2190 int ret = 1;
2191 BIO *c_to_s = NULL;
2192 BIO *s_to_c = NULL;
2193 BIO *c_bio = NULL;
2194 BIO *s_bio = NULL;
2195 int c_r, c_w, s_r, s_w;
2196 int i, j;
2197 int done = 0;
2198 int c_write, s_write;
2199 int do_server = 0, do_client = 0;
2200 int max_frag = 5 * 1024;
2201
2202 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2203
2204 if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
2205 goto err;
2206 if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
2207 goto err;
2208
2209 memset(cbuf, 0, bufsiz);
2210 memset(sbuf, 0, bufsiz);
2211
2212 c_to_s = BIO_new(BIO_s_mem());
2213 s_to_c = BIO_new(BIO_s_mem());
2214 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2215 ERR_print_errors(bio_err);
2216 goto err;
2217 }
2218
2219 c_bio = BIO_new(BIO_f_ssl());
2220 s_bio = BIO_new(BIO_f_ssl());
2221 if ((c_bio == NULL) || (s_bio == NULL)) {
2222 ERR_print_errors(bio_err);
2223 goto err;
2224 }
2225
2226 SSL_set_connect_state(c_ssl);
2227 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2228 SSL_set_max_send_fragment(c_ssl, max_frag);
2229 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2230
2231 SSL_set_accept_state(s_ssl);
2232 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2233 SSL_set_max_send_fragment(s_ssl, max_frag);
2234 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2235
2236 c_r = 0;
2237 s_r = 1;
2238 c_w = 1;
2239 s_w = 0;
2240 c_write = 1, s_write = 0;
2241
2242 /* We can always do writes */
2243 for (;;) {
2244 do_server = 0;
2245 do_client = 0;
2246
2247 i = (int)BIO_pending(s_bio);
2248 if ((i && s_r) || s_w)
2249 do_server = 1;
2250
2251 i = (int)BIO_pending(c_bio);
2252 if ((i && c_r) || c_w)
2253 do_client = 1;
2254
2255 if (do_server && debug) {
2256 if (SSL_in_init(s_ssl))
2257 printf("server waiting in SSL_accept - %s\n",
2258 SSL_state_string_long(s_ssl));
2259 /*-
2260 else if (s_write)
2261 printf("server:SSL_write()\n");
2262 else
2263 printf("server:SSL_read()\n"); */
2264 }
2265
2266 if (do_client && debug) {
2267 if (SSL_in_init(c_ssl))
2268 printf("client waiting in SSL_connect - %s\n",
2269 SSL_state_string_long(c_ssl));
2270 /*-
2271 else if (c_write)
2272 printf("client:SSL_write()\n");
2273 else
2274 printf("client:SSL_read()\n"); */
2275 }
2276
2277 if (!do_client && !do_server) {
2278 fprintf(stdout, "ERROR IN STARTUP\n");
2279 ERR_print_errors(bio_err);
2280 goto err;
2281 }
2282 if (do_client && !(done & C_DONE)) {
2283 if (c_write) {
2284 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2285 i = BIO_write(c_bio, cbuf, j);
2286 if (i < 0) {
2287 c_r = 0;
2288 c_w = 0;
2289 if (BIO_should_retry(c_bio)) {
2290 if (BIO_should_read(c_bio))
2291 c_r = 1;
2292 if (BIO_should_write(c_bio))
2293 c_w = 1;
2294 } else {
2295 fprintf(stderr, "ERROR in CLIENT\n");
2296 ERR_print_errors(bio_err);
2297 goto err;
2298 }
2299 } else if (i == 0) {
2300 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2301 goto err;
2302 } else {
2303 if (debug)
2304 printf("client wrote %d\n", i);
2305 /* ok */
2306 s_r = 1;
2307 c_write = 0;
2308 cw_num -= i;
2309 if (max_frag > 1029)
2310 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2311 }
2312 } else {
2313 i = BIO_read(c_bio, cbuf, bufsiz);
2314 if (i < 0) {
2315 c_r = 0;
2316 c_w = 0;
2317 if (BIO_should_retry(c_bio)) {
2318 if (BIO_should_read(c_bio))
2319 c_r = 1;
2320 if (BIO_should_write(c_bio))
2321 c_w = 1;
2322 } else {
2323 fprintf(stderr, "ERROR in CLIENT\n");
2324 ERR_print_errors(bio_err);
2325 goto err;
2326 }
2327 } else if (i == 0) {
2328 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2329 goto err;
2330 } else {
2331 if (debug)
2332 printf("client read %d\n", i);
2333 cr_num -= i;
2334 if (sw_num > 0) {
2335 s_write = 1;
2336 s_w = 1;
2337 }
2338 if (cr_num <= 0) {
2339 s_write = 1;
2340 s_w = 1;
2341 done = S_DONE | C_DONE;
2342 }
2343 }
2344 }
2345 }
2346
2347 if (do_server && !(done & S_DONE)) {
2348 if (!s_write) {
2349 i = BIO_read(s_bio, sbuf, bufsiz);
2350 if (i < 0) {
2351 s_r = 0;
2352 s_w = 0;
2353 if (BIO_should_retry(s_bio)) {
2354 if (BIO_should_read(s_bio))
2355 s_r = 1;
2356 if (BIO_should_write(s_bio))
2357 s_w = 1;
2358 } else {
2359 fprintf(stderr, "ERROR in SERVER\n");
2360 ERR_print_errors(bio_err);
2361 goto err;
2362 }
2363 } else if (i == 0) {
2364 ERR_print_errors(bio_err);
2365 fprintf(stderr,
2366 "SSL SERVER STARTUP FAILED in SSL_read\n");
2367 goto err;
2368 } else {
2369 if (debug)
2370 printf("server read %d\n", i);
2371 sr_num -= i;
2372 if (cw_num > 0) {
2373 c_write = 1;
2374 c_w = 1;
2375 }
2376 if (sr_num <= 0) {
2377 s_write = 1;
2378 s_w = 1;
2379 c_write = 0;
2380 }
2381 }
2382 } else {
2383 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2384 i = BIO_write(s_bio, sbuf, j);
2385 if (i < 0) {
2386 s_r = 0;
2387 s_w = 0;
2388 if (BIO_should_retry(s_bio)) {
2389 if (BIO_should_read(s_bio))
2390 s_r = 1;
2391 if (BIO_should_write(s_bio))
2392 s_w = 1;
2393 } else {
2394 fprintf(stderr, "ERROR in SERVER\n");
2395 ERR_print_errors(bio_err);
2396 goto err;
2397 }
2398 } else if (i == 0) {
2399 ERR_print_errors(bio_err);
2400 fprintf(stderr,
2401 "SSL SERVER STARTUP FAILED in SSL_write\n");
2402 goto err;
2403 } else {
2404 if (debug)
2405 printf("server wrote %d\n", i);
2406 sw_num -= i;
2407 s_write = 0;
2408 c_r = 1;
2409 if (sw_num <= 0)
2410 done |= S_DONE;
2411 if (max_frag > 1029)
2412 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2413 }
2414 }
2415 }
2416
2417 if ((done & S_DONE) && (done & C_DONE))
2418 break;
2419 }
2420
2421 if (verbose)
2422 print_details(c_ssl, "DONE: ");
2423 if (verify_serverinfo() < 0) {
2424 ret = 1;
2425 goto err;
2426 }
2427 if (custom_ext_error) {
2428 ret = 1;
2429 goto err;
2430 }
2431 ret = 0;
2432 err:
2433 /*
2434 * We have to set the BIO's to NULL otherwise they will be
2435 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2436 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2437 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2438 * SSL_free() automatically BIO_free non NULL entries. You should not
2439 * normally do this or be required to do this
2440 */
2441 if (s_ssl != NULL) {
2442 s_ssl->rbio = NULL;
2443 s_ssl->wbio = NULL;
2444 }
2445 if (c_ssl != NULL) {
2446 c_ssl->rbio = NULL;
2447 c_ssl->wbio = NULL;
2448 }
2449
2450 if (c_to_s != NULL)
2451 BIO_free(c_to_s);
2452 if (s_to_c != NULL)
2453 BIO_free(s_to_c);
2454 if (c_bio != NULL)
2455 BIO_free_all(c_bio);
2456 if (s_bio != NULL)
2457 BIO_free_all(s_bio);
2458
2459 if (cbuf)
2460 OPENSSL_free(cbuf);
2461 if (sbuf)
2462 OPENSSL_free(sbuf);
2463
2464 return (ret);
2465 }
2466
get_proxy_auth_ex_data_idx(void)2467 static int get_proxy_auth_ex_data_idx(void)
2468 {
2469 static volatile int idx = -1;
2470 if (idx < 0) {
2471 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2472 if (idx < 0) {
2473 idx = X509_STORE_CTX_get_ex_new_index(0,
2474 "SSLtest for verify callback",
2475 NULL, NULL, NULL);
2476 }
2477 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2478 }
2479 return idx;
2480 }
2481
verify_callback(int ok,X509_STORE_CTX * ctx)2482 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2483 {
2484 char *s, buf[256];
2485
2486 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2487 sizeof buf);
2488 if (s != NULL) {
2489 if (ok)
2490 fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
2491 else {
2492 fprintf(stderr, "depth=%d error=%d %s\n",
2493 ctx->error_depth, ctx->error, buf);
2494 }
2495 }
2496
2497 if (ok == 0) {
2498 fprintf(stderr, "Error string: %s\n",
2499 X509_verify_cert_error_string(ctx->error));
2500 switch (ctx->error) {
2501 case X509_V_ERR_CERT_NOT_YET_VALID:
2502 case X509_V_ERR_CERT_HAS_EXPIRED:
2503 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2504 fprintf(stderr, " ... ignored.\n");
2505 ok = 1;
2506 }
2507 }
2508
2509 if (ok == 1) {
2510 X509 *xs = ctx->current_cert;
2511 #if 0
2512 X509 *xi = ctx->current_issuer;
2513 #endif
2514
2515 if (xs->ex_flags & EXFLAG_PROXY) {
2516 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2517 get_proxy_auth_ex_data_idx
2518 ());
2519
2520 if (letters) {
2521 int found_any = 0;
2522 int i;
2523 PROXY_CERT_INFO_EXTENSION *pci =
2524 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2525 NULL, NULL);
2526
2527 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2528 case NID_Independent:
2529 /*
2530 * Completely meaningless in this program, as there's no
2531 * way to grant explicit rights to a specific PrC.
2532 * Basically, using id-ppl-Independent is the perfect way
2533 * to grant no rights at all.
2534 */
2535 fprintf(stderr, " Independent proxy certificate");
2536 for (i = 0; i < 26; i++)
2537 letters[i] = 0;
2538 break;
2539 case NID_id_ppl_inheritAll:
2540 /*
2541 * This is basically a NOP, we simply let the current
2542 * rights stand as they are.
2543 */
2544 fprintf(stderr, " Proxy certificate inherits all");
2545 break;
2546 default:
2547 s = (char *)
2548 pci->proxyPolicy->policy->data;
2549 i = pci->proxyPolicy->policy->length;
2550
2551 /*
2552 * The algorithm works as follows: it is assumed that
2553 * previous iterations or the initial granted rights has
2554 * already set some elements of `letters'. What we need
2555 * to do is to clear those that weren't granted by the
2556 * current PrC as well. The easiest way to do this is to
2557 * add 1 to all the elements whose letters are given with
2558 * the current policy. That way, all elements that are
2559 * set by the current policy and were already set by
2560 * earlier policies and through the original grant of
2561 * rights will get the value 2 or higher. The last thing
2562 * to do is to sweep through `letters' and keep the
2563 * elements having the value 2 as set, and clear all the
2564 * others.
2565 */
2566
2567 fprintf(stderr, " Certificate proxy rights = %*.*s", i,
2568 i, s);
2569 while (i-- > 0) {
2570 int c = *s++;
2571 if (isascii(c) && isalpha(c)) {
2572 if (islower(c))
2573 c = toupper(c);
2574 letters[c - 'A']++;
2575 }
2576 }
2577 for (i = 0; i < 26; i++)
2578 if (letters[i] < 2)
2579 letters[i] = 0;
2580 else
2581 letters[i] = 1;
2582 }
2583
2584 found_any = 0;
2585 fprintf(stderr, ", resulting proxy rights = ");
2586 for (i = 0; i < 26; i++)
2587 if (letters[i]) {
2588 fprintf(stderr, "%c", i + 'A');
2589 found_any = 1;
2590 }
2591 if (!found_any)
2592 fprintf(stderr, "none");
2593 fprintf(stderr, "\n");
2594
2595 PROXY_CERT_INFO_EXTENSION_free(pci);
2596 }
2597 }
2598 }
2599
2600 return (ok);
2601 }
2602
process_proxy_debug(int indent,const char * format,...)2603 static void process_proxy_debug(int indent, const char *format, ...)
2604 {
2605 /* That's 80 > */
2606 static const char indentation[] =
2607 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2608 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2609 char my_format[256];
2610 va_list args;
2611
2612 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2613 indent, indent, indentation, format);
2614
2615 va_start(args, format);
2616 vfprintf(stderr, my_format, args);
2617 va_end(args);
2618 }
2619
2620 /*-
2621 * Priority levels:
2622 * 0 [!]var, ()
2623 * 1 & ^
2624 * 2 |
2625 */
2626 static int process_proxy_cond_adders(unsigned int letters[26],
2627 const char *cond, const char **cond_end,
2628 int *pos, int indent);
process_proxy_cond_val(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)2629 static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2630 const char **cond_end, int *pos, int indent)
2631 {
2632 int c;
2633 int ok = 1;
2634 int negate = 0;
2635
2636 while (isspace((int)*cond)) {
2637 cond++;
2638 (*pos)++;
2639 }
2640 c = *cond;
2641
2642 if (debug)
2643 process_proxy_debug(indent,
2644 "Start process_proxy_cond_val at position %d: %s\n",
2645 *pos, cond);
2646
2647 while (c == '!') {
2648 negate = !negate;
2649 cond++;
2650 (*pos)++;
2651 while (isspace((int)*cond)) {
2652 cond++;
2653 (*pos)++;
2654 }
2655 c = *cond;
2656 }
2657
2658 if (c == '(') {
2659 cond++;
2660 (*pos)++;
2661 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2662 indent + 1);
2663 cond = *cond_end;
2664 if (ok < 0)
2665 goto end;
2666 while (isspace((int)*cond)) {
2667 cond++;
2668 (*pos)++;
2669 }
2670 c = *cond;
2671 if (c != ')') {
2672 fprintf(stderr,
2673 "Weird condition character in position %d: "
2674 "%c\n", *pos, c);
2675 ok = -1;
2676 goto end;
2677 }
2678 cond++;
2679 (*pos)++;
2680 } else if (isascii(c) && isalpha(c)) {
2681 if (islower(c))
2682 c = toupper(c);
2683 ok = letters[c - 'A'];
2684 cond++;
2685 (*pos)++;
2686 } else {
2687 fprintf(stderr,
2688 "Weird condition character in position %d: " "%c\n", *pos, c);
2689 ok = -1;
2690 goto end;
2691 }
2692 end:
2693 *cond_end = cond;
2694 if (ok >= 0 && negate)
2695 ok = !ok;
2696
2697 if (debug)
2698 process_proxy_debug(indent,
2699 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2700 *pos, cond, ok);
2701
2702 return ok;
2703 }
2704
process_proxy_cond_multipliers(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)2705 static int process_proxy_cond_multipliers(unsigned int letters[26],
2706 const char *cond,
2707 const char **cond_end, int *pos,
2708 int indent)
2709 {
2710 int ok;
2711 char c;
2712
2713 if (debug)
2714 process_proxy_debug(indent,
2715 "Start process_proxy_cond_multipliers at position %d: %s\n",
2716 *pos, cond);
2717
2718 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2719 cond = *cond_end;
2720 if (ok < 0)
2721 goto end;
2722
2723 while (ok >= 0) {
2724 while (isspace((int)*cond)) {
2725 cond++;
2726 (*pos)++;
2727 }
2728 c = *cond;
2729
2730 switch (c) {
2731 case '&':
2732 case '^':
2733 {
2734 int save_ok = ok;
2735
2736 cond++;
2737 (*pos)++;
2738 ok = process_proxy_cond_val(letters,
2739 cond, cond_end, pos, indent + 1);
2740 cond = *cond_end;
2741 if (ok < 0)
2742 break;
2743
2744 switch (c) {
2745 case '&':
2746 ok &= save_ok;
2747 break;
2748 case '^':
2749 ok ^= save_ok;
2750 break;
2751 default:
2752 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2753 " STOPPING\n");
2754 EXIT(1);
2755 }
2756 }
2757 break;
2758 default:
2759 goto end;
2760 }
2761 }
2762 end:
2763 if (debug)
2764 process_proxy_debug(indent,
2765 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2766 *pos, cond, ok);
2767
2768 *cond_end = cond;
2769 return ok;
2770 }
2771
process_proxy_cond_adders(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)2772 static int process_proxy_cond_adders(unsigned int letters[26],
2773 const char *cond, const char **cond_end,
2774 int *pos, int indent)
2775 {
2776 int ok;
2777 char c;
2778
2779 if (debug)
2780 process_proxy_debug(indent,
2781 "Start process_proxy_cond_adders at position %d: %s\n",
2782 *pos, cond);
2783
2784 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2785 indent + 1);
2786 cond = *cond_end;
2787 if (ok < 0)
2788 goto end;
2789
2790 while (ok >= 0) {
2791 while (isspace((int)*cond)) {
2792 cond++;
2793 (*pos)++;
2794 }
2795 c = *cond;
2796
2797 switch (c) {
2798 case '|':
2799 {
2800 int save_ok = ok;
2801
2802 cond++;
2803 (*pos)++;
2804 ok = process_proxy_cond_multipliers(letters,
2805 cond, cond_end, pos,
2806 indent + 1);
2807 cond = *cond_end;
2808 if (ok < 0)
2809 break;
2810
2811 switch (c) {
2812 case '|':
2813 ok |= save_ok;
2814 break;
2815 default:
2816 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2817 " STOPPING\n");
2818 EXIT(1);
2819 }
2820 }
2821 break;
2822 default:
2823 goto end;
2824 }
2825 }
2826 end:
2827 if (debug)
2828 process_proxy_debug(indent,
2829 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2830 *pos, cond, ok);
2831
2832 *cond_end = cond;
2833 return ok;
2834 }
2835
process_proxy_cond(unsigned int letters[26],const char * cond,const char ** cond_end)2836 static int process_proxy_cond(unsigned int letters[26],
2837 const char *cond, const char **cond_end)
2838 {
2839 int pos = 1;
2840 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2841 }
2842
app_verify_callback(X509_STORE_CTX * ctx,void * arg)2843 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2844 {
2845 int ok = 1;
2846 struct app_verify_arg *cb_arg = arg;
2847 unsigned int letters[26]; /* only used with proxy_auth */
2848
2849 if (cb_arg->app_verify) {
2850 char *s = NULL, buf[256];
2851
2852 fprintf(stderr, "In app_verify_callback, allowing cert. ");
2853 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
2854 fprintf(stderr,
2855 "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2856 (void *)ctx, (void *)ctx->cert);
2857 if (ctx->cert)
2858 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
2859 if (s != NULL) {
2860 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
2861 }
2862 return (1);
2863 }
2864 if (cb_arg->proxy_auth) {
2865 int found_any = 0, i;
2866 char *sp;
2867
2868 for (i = 0; i < 26; i++)
2869 letters[i] = 0;
2870 for (sp = cb_arg->proxy_auth; *sp; sp++) {
2871 int c = *sp;
2872 if (isascii(c) && isalpha(c)) {
2873 if (islower(c))
2874 c = toupper(c);
2875 letters[c - 'A'] = 1;
2876 }
2877 }
2878
2879 fprintf(stderr, " Initial proxy rights = ");
2880 for (i = 0; i < 26; i++)
2881 if (letters[i]) {
2882 fprintf(stderr, "%c", i + 'A');
2883 found_any = 1;
2884 }
2885 if (!found_any)
2886 fprintf(stderr, "none");
2887 fprintf(stderr, "\n");
2888
2889 X509_STORE_CTX_set_ex_data(ctx,
2890 get_proxy_auth_ex_data_idx(), letters);
2891 }
2892 if (cb_arg->allow_proxy_certs) {
2893 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2894 }
2895 #ifndef OPENSSL_NO_X509_VERIFY
2896 ok = X509_verify_cert(ctx);
2897 #endif
2898
2899 if (cb_arg->proxy_auth) {
2900 if (ok > 0) {
2901 const char *cond_end = NULL;
2902
2903 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
2904
2905 if (ok < 0)
2906 EXIT(3);
2907 if (*cond_end) {
2908 fprintf(stderr,
2909 "Stopped processing condition before it's end.\n");
2910 ok = 0;
2911 }
2912 if (!ok)
2913 fprintf(stderr,
2914 "Proxy rights check with condition '%s' proved invalid\n",
2915 cb_arg->proxy_cond);
2916 else
2917 fprintf(stderr,
2918 "Proxy rights check with condition '%s' proved valid\n",
2919 cb_arg->proxy_cond);
2920 }
2921 }
2922 return (ok);
2923 }
2924
2925 #ifndef OPENSSL_NO_RSA
2926 static RSA *rsa_tmp = NULL;
2927
tmp_rsa_cb(SSL * s,int is_export,int keylength)2928 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2929 {
2930 BIGNUM *bn = NULL;
2931 if (rsa_tmp == NULL) {
2932 bn = BN_new();
2933 rsa_tmp = RSA_new();
2934 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
2935 BIO_printf(bio_err, "Memory error...");
2936 goto end;
2937 }
2938 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength);
2939 (void)BIO_flush(bio_err);
2940 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2941 BIO_printf(bio_err, "Error generating key.");
2942 RSA_free(rsa_tmp);
2943 rsa_tmp = NULL;
2944 }
2945 end:
2946 BIO_printf(bio_err, "\n");
2947 (void)BIO_flush(bio_err);
2948 }
2949 if (bn)
2950 BN_free(bn);
2951 return (rsa_tmp);
2952 }
2953
free_tmp_rsa(void)2954 static void free_tmp_rsa(void)
2955 {
2956 if (rsa_tmp != NULL) {
2957 RSA_free(rsa_tmp);
2958 rsa_tmp = NULL;
2959 }
2960 }
2961 #endif
2962
2963 #ifndef OPENSSL_NO_DH
2964 /*-
2965 * These DH parameters have been generated as follows:
2966 * $ openssl dhparam -C -noout 512
2967 * $ openssl dhparam -C -noout 1024
2968 * $ openssl dhparam -C -noout -dsaparam 1024
2969 * (The third function has been renamed to avoid name conflicts.)
2970 */
get_dh512()2971 static DH *get_dh512()
2972 {
2973 static unsigned char dh512_p[] = {
2974 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2975 0xC6,
2976 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2977 0xB0,
2978 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2979 0x5F,
2980 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2981 0xB8,
2982 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2983 0x33,
2984 0x02, 0xC5, 0xAE, 0x23,
2985 };
2986 static unsigned char dh512_g[] = {
2987 0x02,
2988 };
2989 DH *dh;
2990
2991 if ((dh = DH_new()) == NULL)
2992 return (NULL);
2993 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2994 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2995 if ((dh->p == NULL) || (dh->g == NULL)) {
2996 DH_free(dh);
2997 return (NULL);
2998 }
2999 return (dh);
3000 }
3001
get_dh1024()3002 static DH *get_dh1024()
3003 {
3004 static unsigned char dh1024_p[] = {
3005 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
3006 0x3A,
3007 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
3008 0xA2,
3009 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
3010 0xB0,
3011 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
3012 0xC2,
3013 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
3014 0x8C,
3015 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3016 0xB8,
3017 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3018 0x52,
3019 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3020 0xC1,
3021 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3022 0xB1,
3023 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3024 0xAB,
3025 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3026 };
3027 static unsigned char dh1024_g[] = {
3028 0x02,
3029 };
3030 DH *dh;
3031
3032 if ((dh = DH_new()) == NULL)
3033 return (NULL);
3034 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3035 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3036 if ((dh->p == NULL) || (dh->g == NULL)) {
3037 DH_free(dh);
3038 return (NULL);
3039 }
3040 return (dh);
3041 }
3042
get_dh1024dsa()3043 static DH *get_dh1024dsa()
3044 {
3045 static unsigned char dh1024_p[] = {
3046 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3047 0x00,
3048 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3049 0x19,
3050 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3051 0xD2,
3052 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3053 0x55,
3054 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3055 0xFC,
3056 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3057 0x97,
3058 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3059 0x8D,
3060 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3061 0xBB,
3062 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3063 0xF6,
3064 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3065 0x9E,
3066 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3067 };
3068 static unsigned char dh1024_g[] = {
3069 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3070 0x05,
3071 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3072 0xF3,
3073 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3074 0xE9,
3075 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3076 0x3C,
3077 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3078 0x65,
3079 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3080 0x60,
3081 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3082 0xF6,
3083 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3084 0xA7,
3085 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3086 0xA1,
3087 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3088 0x60,
3089 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3090 };
3091 DH *dh;
3092
3093 if ((dh = DH_new()) == NULL)
3094 return (NULL);
3095 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3096 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3097 if ((dh->p == NULL) || (dh->g == NULL)) {
3098 DH_free(dh);
3099 return (NULL);
3100 }
3101 dh->length = 160;
3102 return (dh);
3103 }
3104 #endif
3105
3106 #ifndef OPENSSL_NO_PSK
3107 /* convert the PSK key (psk_key) in ascii to binary (psk) */
psk_key2bn(const char * pskkey,unsigned char * psk,unsigned int max_psk_len)3108 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3109 unsigned int max_psk_len)
3110 {
3111 int ret;
3112 BIGNUM *bn = NULL;
3113
3114 ret = BN_hex2bn(&bn, pskkey);
3115 if (!ret) {
3116 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3117 pskkey);
3118 if (bn)
3119 BN_free(bn);
3120 return 0;
3121 }
3122 if (BN_num_bytes(bn) > (int)max_psk_len) {
3123 BIO_printf(bio_err,
3124 "psk buffer of callback is too small (%d) for key (%d)\n",
3125 max_psk_len, BN_num_bytes(bn));
3126 BN_free(bn);
3127 return 0;
3128 }
3129 ret = BN_bn2bin(bn, psk);
3130 BN_free(bn);
3131 return ret;
3132 }
3133
psk_client_callback(SSL * ssl,const char * hint,char * identity,unsigned int max_identity_len,unsigned char * psk,unsigned int max_psk_len)3134 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3135 char *identity,
3136 unsigned int max_identity_len,
3137 unsigned char *psk,
3138 unsigned int max_psk_len)
3139 {
3140 int ret;
3141 unsigned int psk_len = 0;
3142
3143 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3144 if (ret < 0)
3145 goto out_err;
3146 if (debug)
3147 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3148 ret);
3149 ret = psk_key2bn(psk_key, psk, max_psk_len);
3150 if (ret < 0)
3151 goto out_err;
3152 psk_len = ret;
3153 out_err:
3154 return psk_len;
3155 }
3156
psk_server_callback(SSL * ssl,const char * identity,unsigned char * psk,unsigned int max_psk_len)3157 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3158 unsigned char *psk,
3159 unsigned int max_psk_len)
3160 {
3161 unsigned int psk_len = 0;
3162
3163 if (strcmp(identity, "Client_identity") != 0) {
3164 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3165 return 0;
3166 }
3167 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3168 return psk_len;
3169 }
3170 #endif
3171
do_test_cipherlist(void)3172 static int do_test_cipherlist(void)
3173 {
3174 #if !defined(OPENSSL_NO_SSL2) || !defined(OPENSSL_NO_SSL3) || \
3175 !defined(OPENSSL_NO_TLS1)
3176 int i = 0;
3177 const SSL_METHOD *meth;
3178 const SSL_CIPHER *ci, *tci = NULL;
3179 #endif
3180
3181 #ifndef OPENSSL_NO_SSL2
3182 fprintf(stderr, "testing SSLv2 cipher list order: ");
3183 i = 0;
3184 meth = SSLv2_method();
3185 while ((ci = meth->get_cipher(i++)) != NULL) {
3186 fprintf(stderr, ".");
3187 if (tci != NULL)
3188 if (ci->id >= tci->id) {
3189 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3190 return 0;
3191 }
3192 tci = ci;
3193 }
3194 fprintf(stderr, "ok\n");
3195 #endif
3196 #ifndef OPENSSL_NO_SSL3
3197 fprintf(stderr, "testing SSLv3 cipher list order: ");
3198 meth = SSLv3_method();
3199 tci = NULL;
3200 i = 0;
3201 while ((ci = meth->get_cipher(i++)) != NULL) {
3202 fprintf(stderr, ".");
3203 if (tci != NULL)
3204 if (ci->id >= tci->id) {
3205 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3206 return 0;
3207 }
3208 tci = ci;
3209 }
3210 fprintf(stderr, "ok\n");
3211 #endif
3212 #ifndef OPENSSL_NO_TLS1
3213 fprintf(stderr, "testing TLSv1 cipher list order: ");
3214 meth = TLSv1_method();
3215 tci = NULL;
3216 i = 0;
3217 while ((ci = meth->get_cipher(i++)) != NULL) {
3218 fprintf(stderr, ".");
3219 if (tci != NULL)
3220 if (ci->id >= tci->id) {
3221 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3222 return 0;
3223 }
3224 tci = ci;
3225 }
3226 fprintf(stderr, "ok\n");
3227 #endif
3228 #ifndef OPENSSL_NO_TLS1_1
3229 fprintf(stderr, "testing TLSv1 cipher list order: ");
3230 meth = TLSv1_1_method();
3231 tci = NULL;
3232 i = 0;
3233 while ((ci = meth->get_cipher(i++)) != NULL) {
3234 fprintf(stderr, ".");
3235 if (tci != NULL)
3236 if (ci->id >= tci->id) {
3237 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3238 return 0;
3239 }
3240 tci = ci;
3241 }
3242 fprintf(stderr, " ok\n");
3243 #endif /* OPENSSL_NO_TLS1_1 */
3244 #ifndef OPENSSL_NO_TLS1_2
3245 fprintf(stderr, "testing TLSv1 cipher list order: ");
3246 meth = TLSv1_2_method();
3247 tci = NULL;
3248 i = 0;
3249 while ((ci = meth->get_cipher(i++)) != NULL) {
3250 fprintf(stderr, ".");
3251 if (tci != NULL)
3252 if (ci->id >= tci->id) {
3253 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3254 return 0;
3255 }
3256 tci = ci;
3257 }
3258 fprintf(stderr, " ok\n");
3259 #endif /* OPENSSL_NO_TLS1_2 */
3260
3261 return 1;
3262 }
3263