1 /*
2 * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4 * Copyright 2005 Nokia. All rights reserved.
5 *
6 * Licensed under the OpenSSL license (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 */
11
12 #include "e_os.h"
13
14 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
15 #ifndef _BSD_SOURCE
16 # define _BSD_SOURCE 1
17 #endif
18 #ifndef _DEFAULT_SOURCE
19 # define _DEFAULT_SOURCE 1
20 #endif
21
22 #include <assert.h>
23 #include <errno.h>
24 #include <limits.h>
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include <time.h>
29
30 #include "internal/nelem.h"
31
32 #ifdef OPENSSL_SYS_VMS
33 /*
34 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
35 */
36 # define _XOPEN_SOURCE 500
37 #endif
38
39 #include <ctype.h>
40
41 #include <openssl/bio.h>
42 #include <openssl/crypto.h>
43 #include <openssl/evp.h>
44 #include <openssl/x509.h>
45 #include <openssl/x509v3.h>
46 #include <openssl/ssl.h>
47 #include <openssl/err.h>
48 #include <openssl/rand.h>
49 #ifndef OPENSSL_NO_RSA
50 # include <openssl/rsa.h>
51 #endif
52 #ifndef OPENSSL_NO_DSA
53 # include <openssl/dsa.h>
54 #endif
55 #ifndef OPENSSL_NO_DH
56 # include <openssl/dh.h>
57 #endif
58 #include <openssl/bn.h>
59 #ifndef OPENSSL_NO_CT
60 # include <openssl/ct.h>
61 #endif
62
63 /*
64 * Or gethostname won't be declared properly
65 * on Compaq platforms (at least with DEC C).
66 * Do not try to put it earlier, or IPv6 includes
67 * get screwed...
68 */
69 #define _XOPEN_SOURCE_EXTENDED 1
70
71 #ifdef OPENSSL_SYS_WINDOWS
72 # include <winsock.h>
73 #else
74 # include OPENSSL_UNISTD
75 #endif
76
77 static SSL_CTX *s_ctx = NULL;
78 static SSL_CTX *s_ctx2 = NULL;
79
80 /*
81 * There is really no standard for this, so let's assign something
82 * only for this test
83 */
84 #define COMP_ZLIB 1
85
86 static int verify_callback(int ok, X509_STORE_CTX *ctx);
87 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
88 #define APP_CALLBACK_STRING "Test Callback Argument"
89 struct app_verify_arg {
90 char *string;
91 int app_verify;
92 };
93
94 #ifndef OPENSSL_NO_DH
95 static DH *get_dh512(void);
96 static DH *get_dh1024(void);
97 static DH *get_dh1024dsa(void);
98 #endif
99
100 static char *psk_key = NULL; /* by default PSK is not used */
101 #ifndef OPENSSL_NO_PSK
102 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
103 char *identity,
104 unsigned int max_identity_len,
105 unsigned char *psk,
106 unsigned int max_psk_len);
107 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
108 unsigned char *psk,
109 unsigned int max_psk_len);
110 #endif
111
112 static BIO *bio_err = NULL;
113 static BIO *bio_stdout = NULL;
114
115 #ifndef OPENSSL_NO_NEXTPROTONEG
116 /* Note that this code assumes that this is only a one element list: */
117 static const char NEXT_PROTO_STRING[] = "\x09testproto";
118 static int npn_client = 0;
119 static int npn_server = 0;
120 static int npn_server_reject = 0;
121
cb_client_npn(SSL * s,unsigned char ** out,unsigned char * outlen,const unsigned char * in,unsigned int inlen,void * arg)122 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
123 const unsigned char *in, unsigned int inlen,
124 void *arg)
125 {
126 /*
127 * This callback only returns the protocol string, rather than a length
128 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
129 * and remove the first byte to chop off the length prefix.
130 */
131 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
132 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
133 return SSL_TLSEXT_ERR_OK;
134 }
135
cb_server_npn(SSL * s,const unsigned char ** data,unsigned int * len,void * arg)136 static int cb_server_npn(SSL *s, const unsigned char **data,
137 unsigned int *len, void *arg)
138 {
139 *data = (const unsigned char *)NEXT_PROTO_STRING;
140 *len = sizeof(NEXT_PROTO_STRING) - 1;
141 return SSL_TLSEXT_ERR_OK;
142 }
143
cb_server_rejects_npn(SSL * s,const unsigned char ** data,unsigned int * len,void * arg)144 static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
145 unsigned int *len, void *arg)
146 {
147 return SSL_TLSEXT_ERR_NOACK;
148 }
149
verify_npn(SSL * client,SSL * server)150 static int verify_npn(SSL *client, SSL *server)
151 {
152 const unsigned char *client_s;
153 unsigned client_len;
154 const unsigned char *server_s;
155 unsigned server_len;
156
157 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
158 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
159
160 if (client_len) {
161 BIO_printf(bio_stdout, "Client NPN: ");
162 BIO_write(bio_stdout, client_s, client_len);
163 BIO_printf(bio_stdout, "\n");
164 }
165
166 if (server_len) {
167 BIO_printf(bio_stdout, "Server NPN: ");
168 BIO_write(bio_stdout, server_s, server_len);
169 BIO_printf(bio_stdout, "\n");
170 }
171
172 /*
173 * If an NPN string was returned, it must be the protocol that we
174 * expected to negotiate.
175 */
176 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
177 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
178 return -1;
179 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
180 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
181 return -1;
182
183 if (!npn_client && client_len)
184 return -1;
185 if (!npn_server && server_len)
186 return -1;
187 if (npn_server_reject && server_len)
188 return -1;
189 if (npn_client && npn_server && (!client_len || !server_len))
190 return -1;
191
192 return 0;
193 }
194 #endif
195
196 static const char *alpn_client;
197 static char *alpn_server;
198 static char *alpn_server2;
199 static const char *alpn_expected;
200 static unsigned char *alpn_selected;
201 static const char *server_min_proto;
202 static const char *server_max_proto;
203 static const char *client_min_proto;
204 static const char *client_max_proto;
205 static const char *should_negotiate;
206 static const char *sn_client;
207 static const char *sn_server1;
208 static const char *sn_server2;
209 static int sn_expect = 0;
210 static const char *server_sess_out;
211 static const char *server_sess_in;
212 static const char *client_sess_out;
213 static const char *client_sess_in;
214 static SSL_SESSION *server_sess;
215 static SSL_SESSION *client_sess;
216
servername_cb(SSL * s,int * ad,void * arg)217 static int servername_cb(SSL *s, int *ad, void *arg)
218 {
219 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
220 if (sn_server2 == NULL) {
221 BIO_printf(bio_stdout, "Servername 2 is NULL\n");
222 return SSL_TLSEXT_ERR_NOACK;
223 }
224
225 if (servername) {
226 if (s_ctx2 != NULL && sn_server2 != NULL &&
227 !strcasecmp(servername, sn_server2)) {
228 BIO_printf(bio_stdout, "Switching server context.\n");
229 SSL_set_SSL_CTX(s, s_ctx2);
230 }
231 }
232 return SSL_TLSEXT_ERR_OK;
233 }
verify_servername(SSL * client,SSL * server)234 static int verify_servername(SSL *client, SSL *server)
235 {
236 /* just need to see if sn_context is what we expect */
237 SSL_CTX* ctx = SSL_get_SSL_CTX(server);
238 if (sn_expect == 0)
239 return 0;
240 if (sn_expect == 1 && ctx == s_ctx)
241 return 0;
242 if (sn_expect == 2 && ctx == s_ctx2)
243 return 0;
244 BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect);
245 if (ctx == s_ctx2)
246 BIO_printf(bio_stdout, "Servername: context is 2\n");
247 else if (ctx == s_ctx)
248 BIO_printf(bio_stdout, "Servername: context is 1\n");
249 else
250 BIO_printf(bio_stdout, "Servername: context is unknown\n");
251 return -1;
252 }
253
254
255 /*-
256 * next_protos_parse parses a comma separated list of strings into a string
257 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
258 * outlen: (output) set to the length of the resulting buffer on success.
259 * in: a NUL terminated string like "abc,def,ghi"
260 *
261 * returns: a malloced buffer or NULL on failure.
262 */
next_protos_parse(size_t * outlen,const char * in)263 static unsigned char *next_protos_parse(size_t *outlen,
264 const char *in)
265 {
266 size_t len;
267 unsigned char *out;
268 size_t i, start = 0;
269
270 len = strlen(in);
271 if (len >= 65535)
272 return NULL;
273
274 out = OPENSSL_malloc(strlen(in) + 1);
275 if (!out)
276 return NULL;
277
278 for (i = 0; i <= len; ++i) {
279 if (i == len || in[i] == ',') {
280 if (i - start > 255) {
281 OPENSSL_free(out);
282 return NULL;
283 }
284 out[start] = (unsigned char)(i - start);
285 start = i + 1;
286 } else
287 out[i + 1] = in[i];
288 }
289
290 *outlen = len + 1;
291 return out;
292 }
293
cb_server_alpn(SSL * s,const unsigned char ** out,unsigned char * outlen,const unsigned char * in,unsigned int inlen,void * arg)294 static int cb_server_alpn(SSL *s, const unsigned char **out,
295 unsigned char *outlen, const unsigned char *in,
296 unsigned int inlen, void *arg)
297 {
298 unsigned char *protos;
299 size_t protos_len;
300 char* alpn_str = arg;
301
302 protos = next_protos_parse(&protos_len, alpn_str);
303 if (protos == NULL) {
304 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
305 alpn_str);
306 abort();
307 }
308
309 if (SSL_select_next_proto
310 ((unsigned char **)out, outlen, protos, protos_len, in,
311 inlen) != OPENSSL_NPN_NEGOTIATED) {
312 OPENSSL_free(protos);
313 return SSL_TLSEXT_ERR_NOACK;
314 }
315
316 /*
317 * Make a copy of the selected protocol which will be freed in
318 * verify_alpn.
319 */
320 alpn_selected = OPENSSL_malloc(*outlen);
321 memcpy(alpn_selected, *out, *outlen);
322 *out = alpn_selected;
323
324 OPENSSL_free(protos);
325 return SSL_TLSEXT_ERR_OK;
326 }
327
verify_alpn(SSL * client,SSL * server)328 static int verify_alpn(SSL *client, SSL *server)
329 {
330 const unsigned char *client_proto, *server_proto;
331 unsigned int client_proto_len = 0, server_proto_len = 0;
332 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
333 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
334
335 OPENSSL_free(alpn_selected);
336 alpn_selected = NULL;
337
338 if (client_proto_len != server_proto_len) {
339 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
340 goto err;
341 }
342
343 if (client_proto != NULL &&
344 memcmp(client_proto, server_proto, client_proto_len) != 0) {
345 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
346 goto err;
347 }
348
349 if (client_proto_len > 0 && alpn_expected == NULL) {
350 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
351 goto err;
352 }
353
354 if (alpn_expected != NULL &&
355 (client_proto_len != strlen(alpn_expected) ||
356 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
357 BIO_printf(bio_stdout,
358 "ALPN selected protocols not equal to expected protocol: %s\n",
359 alpn_expected);
360 goto err;
361 }
362
363 return 0;
364
365 err:
366 BIO_printf(bio_stdout, "ALPN results: client: '");
367 BIO_write(bio_stdout, client_proto, client_proto_len);
368 BIO_printf(bio_stdout, "', server: '");
369 BIO_write(bio_stdout, server_proto, server_proto_len);
370 BIO_printf(bio_stdout, "'\n");
371 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '",
372 alpn_client);
373 if (SSL_get_SSL_CTX(server) == s_ctx2) {
374 BIO_printf(bio_stdout, "%s'\n",
375 alpn_server2);
376 } else {
377 BIO_printf(bio_stdout, "%s'\n",
378 alpn_server);
379 }
380 return -1;
381 }
382
383 /*
384 * WARNING : below extension types are *NOT* IETF assigned, and could
385 * conflict if these types are reassigned and handled specially by OpenSSL
386 * in the future
387 */
388 #define TACK_EXT_TYPE 62208
389 #define CUSTOM_EXT_TYPE_0 1000
390 #define CUSTOM_EXT_TYPE_1 1001
391 #define CUSTOM_EXT_TYPE_2 1002
392 #define CUSTOM_EXT_TYPE_3 1003
393
394 static const char custom_ext_cli_string[] = "abc";
395 static const char custom_ext_srv_string[] = "defg";
396
397 /* These set from cmdline */
398 static char *serverinfo_file = NULL;
399 static int serverinfo_sct = 0;
400 static int serverinfo_tack = 0;
401
402 /* These set based on extension callbacks */
403 static int serverinfo_sct_seen = 0;
404 static int serverinfo_tack_seen = 0;
405 static int serverinfo_other_seen = 0;
406
407 /* This set from cmdline */
408 static int custom_ext = 0;
409
410 /* This set based on extension callbacks */
411 static int custom_ext_error = 0;
412
serverinfo_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)413 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
414 const unsigned char *in, size_t inlen,
415 int *al, void *arg)
416 {
417 if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp)
418 serverinfo_sct_seen++;
419 else if (ext_type == TACK_EXT_TYPE)
420 serverinfo_tack_seen++;
421 else
422 serverinfo_other_seen++;
423 return 1;
424 }
425
verify_serverinfo(void)426 static int verify_serverinfo(void)
427 {
428 if (serverinfo_sct != serverinfo_sct_seen)
429 return -1;
430 if (serverinfo_tack != serverinfo_tack_seen)
431 return -1;
432 if (serverinfo_other_seen)
433 return -1;
434 return 0;
435 }
436
437 /*-
438 * Four test cases for custom extensions:
439 * 0 - no ClientHello extension or ServerHello response
440 * 1 - ClientHello with "abc", no response
441 * 2 - ClientHello with "abc", empty response
442 * 3 - ClientHello with "abc", "defg" response
443 */
444
custom_ext_0_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)445 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
446 const unsigned char **out,
447 size_t *outlen, int *al, void *arg)
448 {
449 if (ext_type != CUSTOM_EXT_TYPE_0)
450 custom_ext_error = 1;
451 return 0; /* Don't send an extension */
452 }
453
custom_ext_0_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)454 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
455 const unsigned char *in,
456 size_t inlen, int *al, void *arg)
457 {
458 return 1;
459 }
460
custom_ext_1_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)461 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
462 const unsigned char **out,
463 size_t *outlen, int *al, void *arg)
464 {
465 if (ext_type != CUSTOM_EXT_TYPE_1)
466 custom_ext_error = 1;
467 *out = (const unsigned char *)custom_ext_cli_string;
468 *outlen = strlen(custom_ext_cli_string);
469 return 1; /* Send "abc" */
470 }
471
custom_ext_1_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)472 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
473 const unsigned char *in,
474 size_t inlen, int *al, void *arg)
475 {
476 return 1;
477 }
478
custom_ext_2_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)479 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
480 const unsigned char **out,
481 size_t *outlen, int *al, void *arg)
482 {
483 if (ext_type != CUSTOM_EXT_TYPE_2)
484 custom_ext_error = 1;
485 *out = (const unsigned char *)custom_ext_cli_string;
486 *outlen = strlen(custom_ext_cli_string);
487 return 1; /* Send "abc" */
488 }
489
custom_ext_2_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)490 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
491 const unsigned char *in,
492 size_t inlen, int *al, void *arg)
493 {
494 if (ext_type != CUSTOM_EXT_TYPE_2)
495 custom_ext_error = 1;
496 if (inlen != 0)
497 custom_ext_error = 1; /* Should be empty response */
498 return 1;
499 }
500
custom_ext_3_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)501 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
502 const unsigned char **out,
503 size_t *outlen, int *al, void *arg)
504 {
505 if (ext_type != CUSTOM_EXT_TYPE_3)
506 custom_ext_error = 1;
507 *out = (const unsigned char *)custom_ext_cli_string;
508 *outlen = strlen(custom_ext_cli_string);
509 return 1; /* Send "abc" */
510 }
511
custom_ext_3_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)512 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
513 const unsigned char *in,
514 size_t inlen, int *al, void *arg)
515 {
516 if (ext_type != CUSTOM_EXT_TYPE_3)
517 custom_ext_error = 1;
518 if (inlen != strlen(custom_ext_srv_string))
519 custom_ext_error = 1;
520 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
521 custom_ext_error = 1; /* Check for "defg" */
522 return 1;
523 }
524
525 /*
526 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
527 * for this extension
528 */
custom_ext_0_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)529 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
530 const unsigned char *in,
531 size_t inlen, int *al, void *arg)
532 {
533 custom_ext_error = 1;
534 return 1;
535 }
536
537 /* 'add' callbacks are only called if the 'parse' callback is called */
custom_ext_0_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)538 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
539 const unsigned char **out,
540 size_t *outlen, int *al, void *arg)
541 {
542 /* Error: should not have been called */
543 custom_ext_error = 1;
544 return 0; /* Don't send an extension */
545 }
546
custom_ext_1_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)547 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
548 const unsigned char *in,
549 size_t inlen, int *al, void *arg)
550 {
551 if (ext_type != CUSTOM_EXT_TYPE_1)
552 custom_ext_error = 1;
553 /* Check for "abc" */
554 if (inlen != strlen(custom_ext_cli_string))
555 custom_ext_error = 1;
556 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
557 custom_ext_error = 1;
558 return 1;
559 }
560
custom_ext_1_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)561 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
562 const unsigned char **out,
563 size_t *outlen, int *al, void *arg)
564 {
565 return 0; /* Don't send an extension */
566 }
567
custom_ext_2_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)568 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
569 const unsigned char *in,
570 size_t inlen, int *al, void *arg)
571 {
572 if (ext_type != CUSTOM_EXT_TYPE_2)
573 custom_ext_error = 1;
574 /* Check for "abc" */
575 if (inlen != strlen(custom_ext_cli_string))
576 custom_ext_error = 1;
577 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
578 custom_ext_error = 1;
579 return 1;
580 }
581
custom_ext_2_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)582 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
583 const unsigned char **out,
584 size_t *outlen, int *al, void *arg)
585 {
586 *out = NULL;
587 *outlen = 0;
588 return 1; /* Send empty extension */
589 }
590
custom_ext_3_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)591 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
592 const unsigned char *in,
593 size_t inlen, int *al, void *arg)
594 {
595 if (ext_type != CUSTOM_EXT_TYPE_3)
596 custom_ext_error = 1;
597 /* Check for "abc" */
598 if (inlen != strlen(custom_ext_cli_string))
599 custom_ext_error = 1;
600 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
601 custom_ext_error = 1;
602 return 1;
603 }
604
custom_ext_3_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)605 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
606 const unsigned char **out,
607 size_t *outlen, int *al, void *arg)
608 {
609 *out = (const unsigned char *)custom_ext_srv_string;
610 *outlen = strlen(custom_ext_srv_string);
611 return 1; /* Send "defg" */
612 }
613
614 static char *cipher = NULL;
615 static char *ciphersuites = NULL;
616 static int verbose = 0;
617 static int debug = 0;
618
619 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family,
620 long bytes, clock_t *s_time, clock_t *c_time);
621 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
622 clock_t *c_time);
623 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
624
sv_usage(void)625 static void sv_usage(void)
626 {
627 fprintf(stderr, "usage: ssltest [args ...]\n");
628 fprintf(stderr, "\n");
629 fprintf(stderr, " -server_auth - check server certificate\n");
630 fprintf(stderr, " -client_auth - do client authentication\n");
631 fprintf(stderr, " -v - more output\n");
632 fprintf(stderr, " -d - debug output\n");
633 fprintf(stderr, " -reuse - use session-id reuse\n");
634 fprintf(stderr, " -num <val> - number of connections to perform\n");
635 fprintf(stderr,
636 " -bytes <val> - number of bytes to swap between client/server\n");
637 #ifndef OPENSSL_NO_DH
638 fprintf(stderr,
639 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
640 fprintf(stderr,
641 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
642 fprintf(stderr,
643 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
644 fprintf(stderr, " -no_dhe - disable DHE\n");
645 #endif
646 #ifndef OPENSSL_NO_EC
647 fprintf(stderr, " -no_ecdhe - disable ECDHE\nTODO(openssl-team): no_ecdhe was broken by auto ecdh. Make this work again.\n");
648 #endif
649 #ifndef OPENSSL_NO_PSK
650 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
651 #endif
652 #ifndef OPENSSL_NO_SSL3
653 fprintf(stderr, " -ssl3 - use SSLv3\n");
654 #endif
655 #ifndef OPENSSL_NO_TLS1
656 fprintf(stderr, " -tls1 - use TLSv1\n");
657 #endif
658 #ifndef OPENSSL_NO_DTLS
659 fprintf(stderr, " -dtls - use DTLS\n");
660 #ifndef OPENSSL_NO_DTLS1
661 fprintf(stderr, " -dtls1 - use DTLSv1\n");
662 #endif
663 #ifndef OPENSSL_NO_DTLS1_2
664 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
665 #endif
666 #endif
667 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
668 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
669 fprintf(stderr, " -cert arg - Server certificate file\n");
670 fprintf(stderr,
671 " -key arg - Server key file (default: same as -cert)\n");
672 fprintf(stderr, " -c_cert arg - Client certificate file\n");
673 fprintf(stderr,
674 " -c_key arg - Client key file (default: same as -c_cert)\n");
675 fprintf(stderr, " -cipher arg - The TLSv1.2 and below cipher list\n");
676 fprintf(stderr, " -ciphersuites arg - The TLSv1.3 ciphersuites\n");
677 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
678 fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n");
679 fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n");
680 fprintf(stderr, " -f - Test even cases that can't work\n");
681 fprintf(stderr,
682 " -time - measure processor time used by client and server\n");
683 fprintf(stderr, " -zlib - use zlib compression\n");
684 #ifndef OPENSSL_NO_NEXTPROTONEG
685 fprintf(stderr, " -npn_client - have client side offer NPN\n");
686 fprintf(stderr, " -npn_server - have server side offer NPN\n");
687 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
688 #endif
689 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
690 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
691 fprintf(stderr,
692 " -serverinfo_tack - have client offer and expect TACK\n");
693 fprintf(stderr,
694 " -custom_ext - try various custom extension callbacks\n");
695 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
696 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
697 fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n");
698 fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n");
699 fprintf(stderr,
700 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
701 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n");
702 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n");
703 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n");
704 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n");
705 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n");
706 #ifndef OPENSSL_NO_CT
707 fprintf(stderr, " -noct - no certificate transparency\n");
708 fprintf(stderr, " -requestct - request certificate transparency\n");
709 fprintf(stderr, " -requirect - require certificate transparency\n");
710 #endif
711 fprintf(stderr, " -sn_client <string> - have client request this servername\n");
712 fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n");
713 fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n");
714 fprintf(stderr, " -sn_expect1 - expected server 1\n");
715 fprintf(stderr, " -sn_expect2 - expected server 2\n");
716 fprintf(stderr, " -server_sess_out <file> - Save the server session to a file\n");
717 fprintf(stderr, " -server_sess_in <file> - Read the server session from a file\n");
718 fprintf(stderr, " -client_sess_out <file> - Save the client session to a file\n");
719 fprintf(stderr, " -client_sess_in <file> - Read the client session from a file\n");
720 fprintf(stderr, " -should_reuse <number> - The expected state of reusing the session\n");
721 fprintf(stderr, " -no_ticket - do not issue TLS session ticket\n");
722 }
723
print_key_details(BIO * out,EVP_PKEY * key)724 static void print_key_details(BIO *out, EVP_PKEY *key)
725 {
726 int keyid = EVP_PKEY_id(key);
727 #ifndef OPENSSL_NO_EC
728 if (keyid == EVP_PKEY_EC) {
729 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
730 int nid;
731 const char *cname;
732 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
733 EC_KEY_free(ec);
734 cname = EC_curve_nid2nist(nid);
735 if (!cname)
736 cname = OBJ_nid2sn(nid);
737 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
738 } else
739 #endif
740 {
741 const char *algname;
742 switch (keyid) {
743 case EVP_PKEY_RSA:
744 algname = "RSA";
745 break;
746 case EVP_PKEY_DSA:
747 algname = "DSA";
748 break;
749 case EVP_PKEY_DH:
750 algname = "DH";
751 break;
752 default:
753 algname = OBJ_nid2sn(keyid);
754 break;
755 }
756 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
757 }
758 }
759
print_details(SSL * c_ssl,const char * prefix)760 static void print_details(SSL *c_ssl, const char *prefix)
761 {
762 const SSL_CIPHER *ciph;
763 int mdnid;
764 X509 *cert;
765 EVP_PKEY *pkey;
766
767 ciph = SSL_get_current_cipher(c_ssl);
768 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
769 prefix,
770 SSL_get_version(c_ssl),
771 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
772 cert = SSL_get_peer_certificate(c_ssl);
773 if (cert != NULL) {
774 EVP_PKEY* pubkey = X509_get0_pubkey(cert);
775
776 if (pubkey != NULL) {
777 BIO_puts(bio_stdout, ", ");
778 print_key_details(bio_stdout, pubkey);
779 }
780 X509_free(cert);
781 }
782 if (SSL_get_peer_tmp_key(c_ssl, &pkey)) {
783 BIO_puts(bio_stdout, ", temp key: ");
784 print_key_details(bio_stdout, pkey);
785 EVP_PKEY_free(pkey);
786 }
787 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
788 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
789 BIO_printf(bio_stdout, "\n");
790 }
791
792 /*
793 * protocol_from_string - converts a protocol version string to a number
794 *
795 * Returns -1 on failure or the version on success
796 */
protocol_from_string(const char * value)797 static int protocol_from_string(const char *value)
798 {
799 struct protocol_versions {
800 const char *name;
801 int version;
802 };
803 static const struct protocol_versions versions[] = {
804 {"ssl3", SSL3_VERSION},
805 {"tls1", TLS1_VERSION},
806 {"tls1.1", TLS1_1_VERSION},
807 {"tls1.2", TLS1_2_VERSION},
808 {"tls1.3", TLS1_3_VERSION},
809 {"dtls1", DTLS1_VERSION},
810 {"dtls1.2", DTLS1_2_VERSION}};
811 size_t i;
812 size_t n = OSSL_NELEM(versions);
813
814 for (i = 0; i < n; i++)
815 if (strcmp(versions[i].name, value) == 0)
816 return versions[i].version;
817 return -1;
818 }
819
read_session(const char * filename)820 static SSL_SESSION *read_session(const char *filename)
821 {
822 SSL_SESSION *sess;
823 BIO *f = BIO_new_file(filename, "r");
824
825 if (f == NULL) {
826 BIO_printf(bio_err, "Can't open session file %s\n", filename);
827 ERR_print_errors(bio_err);
828 return NULL;
829 }
830 sess = PEM_read_bio_SSL_SESSION(f, NULL, 0, NULL);
831 if (sess == NULL) {
832 BIO_printf(bio_err, "Can't parse session file %s\n", filename);
833 ERR_print_errors(bio_err);
834 }
835 BIO_free(f);
836 return sess;
837 }
838
write_session(const char * filename,SSL_SESSION * sess)839 static int write_session(const char *filename, SSL_SESSION *sess)
840 {
841 BIO *f = BIO_new_file(filename, "w");
842
843 if (sess == NULL) {
844 BIO_printf(bio_err, "No session information\n");
845 return 0;
846 }
847 if (f == NULL) {
848 BIO_printf(bio_err, "Can't open session file %s\n", filename);
849 ERR_print_errors(bio_err);
850 return 0;
851 }
852 PEM_write_bio_SSL_SESSION(f, sess);
853 BIO_free(f);
854 return 1;
855 }
856
857 /*
858 * set_protocol_version - Sets protocol version minimum or maximum
859 *
860 * Returns 0 on failure and 1 on success
861 */
set_protocol_version(const char * version,SSL * ssl,int setting)862 static int set_protocol_version(const char *version, SSL *ssl, int setting)
863 {
864 if (version != NULL) {
865 int ver = protocol_from_string(version);
866 if (ver < 0) {
867 BIO_printf(bio_err, "Error parsing: %s\n", version);
868 return 0;
869 }
870 return SSL_ctrl(ssl, setting, ver, NULL);
871 }
872 return 1;
873 }
874
main(int argc,char * argv[])875 int main(int argc, char *argv[])
876 {
877 const char *CApath = NULL, *CAfile = NULL;
878 int badop = 0;
879 enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
880 int force = 0;
881 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0;
882 int ret = EXIT_FAILURE;
883 int client_auth = 0;
884 int server_auth = 0, i;
885 struct app_verify_arg app_verify_arg =
886 { APP_CALLBACK_STRING, 0 };
887 char *p;
888 SSL_CTX *c_ctx = NULL;
889 const SSL_METHOD *meth = NULL;
890 SSL *c_ssl, *s_ssl;
891 int number = 1, reuse = 0;
892 int should_reuse = -1;
893 int no_ticket = 0;
894 long bytes = 256L;
895 #ifndef OPENSSL_NO_DH
896 DH *dh;
897 int dhe512 = 0, dhe1024dsa = 0;
898 #endif
899 int no_dhe = 0;
900 int no_psk = 0;
901 int print_time = 0;
902 clock_t s_time = 0, c_time = 0;
903 #ifndef OPENSSL_NO_COMP
904 int n, comp = 0;
905 COMP_METHOD *cm = NULL;
906 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
907 #endif
908 int no_protocol;
909 int min_version = 0, max_version = 0;
910 #ifndef OPENSSL_NO_CT
911 /*
912 * Disable CT validation by default, because it will interfere with
913 * anything using custom extension handlers to deal with SCT extensions.
914 */
915 int ct_validation = 0;
916 #endif
917 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL, *s_cctx2 = NULL;
918 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
919 char *arg = NULL, *argn = NULL;
920
921 verbose = 0;
922 debug = 0;
923
924 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
925
926 p = getenv("OPENSSL_DEBUG_MEMORY");
927 if (p != NULL && strcmp(p, "on") == 0)
928 CRYPTO_set_mem_debug(1);
929 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
930
931 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
932
933 s_cctx = SSL_CONF_CTX_new();
934 s_cctx2 = SSL_CONF_CTX_new();
935 c_cctx = SSL_CONF_CTX_new();
936
937 if (!s_cctx || !c_cctx || !s_cctx2) {
938 ERR_print_errors(bio_err);
939 goto end;
940 }
941
942 SSL_CONF_CTX_set_flags(s_cctx,
943 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
944 SSL_CONF_FLAG_CERTIFICATE |
945 SSL_CONF_FLAG_REQUIRE_PRIVATE);
946 SSL_CONF_CTX_set_flags(s_cctx2,
947 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
948 SSL_CONF_FLAG_CERTIFICATE |
949 SSL_CONF_FLAG_REQUIRE_PRIVATE);
950 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
951 ERR_print_errors(bio_err);
952 goto end;
953 }
954 if (!SSL_CONF_CTX_set1_prefix(s_cctx2, "-s_")) {
955 ERR_print_errors(bio_err);
956 goto end;
957 }
958
959 SSL_CONF_CTX_set_flags(c_cctx,
960 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
961 SSL_CONF_FLAG_CERTIFICATE |
962 SSL_CONF_FLAG_REQUIRE_PRIVATE);
963 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
964 ERR_print_errors(bio_err);
965 goto end;
966 }
967
968 argc--;
969 argv++;
970
971 while (argc >= 1) {
972 if (strcmp(*argv, "-F") == 0) {
973 fprintf(stderr,
974 "not compiled with FIPS support, so exiting without running.\n");
975 EXIT(0);
976 } else if (strcmp(*argv, "-server_auth") == 0)
977 server_auth = 1;
978 else if (strcmp(*argv, "-client_auth") == 0)
979 client_auth = 1;
980 else if (strcmp(*argv, "-v") == 0)
981 verbose = 1;
982 else if (strcmp(*argv, "-d") == 0)
983 debug = 1;
984 else if (strcmp(*argv, "-reuse") == 0)
985 reuse = 1;
986 else if (strcmp(*argv, "-dhe512") == 0) {
987 #ifndef OPENSSL_NO_DH
988 dhe512 = 1;
989 #else
990 fprintf(stderr,
991 "ignoring -dhe512, since I'm compiled without DH\n");
992 #endif
993 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
994 #ifndef OPENSSL_NO_DH
995 dhe1024dsa = 1;
996 #else
997 fprintf(stderr,
998 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
999 #endif
1000 } else if (strcmp(*argv, "-no_dhe") == 0)
1001 no_dhe = 1;
1002 else if (strcmp(*argv, "-no_ecdhe") == 0)
1003 /* obsolete */;
1004 else if (strcmp(*argv, "-psk") == 0) {
1005 if (--argc < 1)
1006 goto bad;
1007 psk_key = *(++argv);
1008 #ifndef OPENSSL_NO_PSK
1009 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1010 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1011 goto bad;
1012 }
1013 #else
1014 no_psk = 1;
1015 #endif
1016 }
1017 else if (strcmp(*argv, "-tls1_2") == 0) {
1018 tls1_2 = 1;
1019 } else if (strcmp(*argv, "-tls1") == 0) {
1020 tls1 = 1;
1021 } else if (strcmp(*argv, "-ssl3") == 0) {
1022 ssl3 = 1;
1023 } else if (strcmp(*argv, "-dtls1") == 0) {
1024 dtls1 = 1;
1025 } else if (strcmp(*argv, "-dtls12") == 0) {
1026 dtls12 = 1;
1027 } else if (strcmp(*argv, "-dtls") == 0) {
1028 dtls = 1;
1029 } else if (strncmp(*argv, "-num", 4) == 0) {
1030 if (--argc < 1)
1031 goto bad;
1032 number = atoi(*(++argv));
1033 if (number == 0)
1034 number = 1;
1035 } else if (strcmp(*argv, "-bytes") == 0) {
1036 if (--argc < 1)
1037 goto bad;
1038 bytes = atol(*(++argv));
1039 if (bytes == 0L)
1040 bytes = 1L;
1041 i = strlen(argv[0]);
1042 if (argv[0][i - 1] == 'k')
1043 bytes *= 1024L;
1044 if (argv[0][i - 1] == 'm')
1045 bytes *= 1024L * 1024L;
1046 } else if (strcmp(*argv, "-cipher") == 0) {
1047 if (--argc < 1)
1048 goto bad;
1049 cipher = *(++argv);
1050 } else if (strcmp(*argv, "-ciphersuites") == 0) {
1051 if (--argc < 1)
1052 goto bad;
1053 ciphersuites = *(++argv);
1054 } else if (strcmp(*argv, "-CApath") == 0) {
1055 if (--argc < 1)
1056 goto bad;
1057 CApath = *(++argv);
1058 } else if (strcmp(*argv, "-CAfile") == 0) {
1059 if (--argc < 1)
1060 goto bad;
1061 CAfile = *(++argv);
1062 } else if (strcmp(*argv, "-bio_pair") == 0) {
1063 bio_type = BIO_PAIR;
1064 }
1065 #ifndef OPENSSL_NO_SOCK
1066 else if (strcmp(*argv, "-ipv4") == 0) {
1067 bio_type = BIO_IPV4;
1068 } else if (strcmp(*argv, "-ipv6") == 0) {
1069 bio_type = BIO_IPV6;
1070 }
1071 #endif
1072 else if (strcmp(*argv, "-f") == 0) {
1073 force = 1;
1074 } else if (strcmp(*argv, "-time") == 0) {
1075 print_time = 1;
1076 }
1077 #ifndef OPENSSL_NO_CT
1078 else if (strcmp(*argv, "-noct") == 0) {
1079 ct_validation = 0;
1080 }
1081 else if (strcmp(*argv, "-ct") == 0) {
1082 ct_validation = 1;
1083 }
1084 #endif
1085 #ifndef OPENSSL_NO_COMP
1086 else if (strcmp(*argv, "-zlib") == 0) {
1087 comp = COMP_ZLIB;
1088 }
1089 #endif
1090 else if (strcmp(*argv, "-app_verify") == 0) {
1091 app_verify_arg.app_verify = 1;
1092 }
1093 #ifndef OPENSSL_NO_NEXTPROTONEG
1094 else if (strcmp(*argv, "-npn_client") == 0) {
1095 npn_client = 1;
1096 } else if (strcmp(*argv, "-npn_server") == 0) {
1097 npn_server = 1;
1098 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1099 npn_server_reject = 1;
1100 }
1101 #endif
1102 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1103 serverinfo_sct = 1;
1104 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1105 serverinfo_tack = 1;
1106 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1107 if (--argc < 1)
1108 goto bad;
1109 serverinfo_file = *(++argv);
1110 } else if (strcmp(*argv, "-custom_ext") == 0) {
1111 custom_ext = 1;
1112 } else if (strcmp(*argv, "-alpn_client") == 0) {
1113 if (--argc < 1)
1114 goto bad;
1115 alpn_client = *(++argv);
1116 } else if (strcmp(*argv, "-alpn_server") == 0 ||
1117 strcmp(*argv, "-alpn_server1") == 0) {
1118 if (--argc < 1)
1119 goto bad;
1120 alpn_server = *(++argv);
1121 } else if (strcmp(*argv, "-alpn_server2") == 0) {
1122 if (--argc < 1)
1123 goto bad;
1124 alpn_server2 = *(++argv);
1125 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1126 if (--argc < 1)
1127 goto bad;
1128 alpn_expected = *(++argv);
1129 } else if (strcmp(*argv, "-server_min_proto") == 0) {
1130 if (--argc < 1)
1131 goto bad;
1132 server_min_proto = *(++argv);
1133 } else if (strcmp(*argv, "-server_max_proto") == 0) {
1134 if (--argc < 1)
1135 goto bad;
1136 server_max_proto = *(++argv);
1137 } else if (strcmp(*argv, "-client_min_proto") == 0) {
1138 if (--argc < 1)
1139 goto bad;
1140 client_min_proto = *(++argv);
1141 } else if (strcmp(*argv, "-client_max_proto") == 0) {
1142 if (--argc < 1)
1143 goto bad;
1144 client_max_proto = *(++argv);
1145 } else if (strcmp(*argv, "-should_negotiate") == 0) {
1146 if (--argc < 1)
1147 goto bad;
1148 should_negotiate = *(++argv);
1149 } else if (strcmp(*argv, "-sn_client") == 0) {
1150 if (--argc < 1)
1151 goto bad;
1152 sn_client = *(++argv);
1153 } else if (strcmp(*argv, "-sn_server1") == 0) {
1154 if (--argc < 1)
1155 goto bad;
1156 sn_server1 = *(++argv);
1157 } else if (strcmp(*argv, "-sn_server2") == 0) {
1158 if (--argc < 1)
1159 goto bad;
1160 sn_server2 = *(++argv);
1161 } else if (strcmp(*argv, "-sn_expect1") == 0) {
1162 sn_expect = 1;
1163 } else if (strcmp(*argv, "-sn_expect2") == 0) {
1164 sn_expect = 2;
1165 } else if (strcmp(*argv, "-server_sess_out") == 0) {
1166 if (--argc < 1)
1167 goto bad;
1168 server_sess_out = *(++argv);
1169 } else if (strcmp(*argv, "-server_sess_in") == 0) {
1170 if (--argc < 1)
1171 goto bad;
1172 server_sess_in = *(++argv);
1173 } else if (strcmp(*argv, "-client_sess_out") == 0) {
1174 if (--argc < 1)
1175 goto bad;
1176 client_sess_out = *(++argv);
1177 } else if (strcmp(*argv, "-client_sess_in") == 0) {
1178 if (--argc < 1)
1179 goto bad;
1180 client_sess_in = *(++argv);
1181 } else if (strcmp(*argv, "-should_reuse") == 0) {
1182 if (--argc < 1)
1183 goto bad;
1184 should_reuse = !!atoi(*(++argv));
1185 } else if (strcmp(*argv, "-no_ticket") == 0) {
1186 no_ticket = 1;
1187 } else {
1188 int rv;
1189 arg = argv[0];
1190 argn = argv[1];
1191 /* Try to process command using SSL_CONF */
1192 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1193 /* If not processed try server */
1194 if (rv == 0)
1195 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1196 /* Recognised: store it for later use */
1197 if (rv > 0) {
1198 if (rv == 1)
1199 argn = NULL;
1200 if (!conf_args) {
1201 conf_args = sk_OPENSSL_STRING_new_null();
1202 if (!conf_args)
1203 goto end;
1204 }
1205 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1206 goto end;
1207 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1208 goto end;
1209 continue;
1210 }
1211 if (rv == -3)
1212 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1213 else if (rv < 0)
1214 BIO_printf(bio_err, "Error with command %s\n", arg);
1215 else if (rv == 0)
1216 BIO_printf(bio_err, "unknown option %s\n", arg);
1217 badop = 1;
1218 break;
1219 }
1220 argc--;
1221 argv++;
1222 }
1223 if (badop) {
1224 bad:
1225 sv_usage();
1226 goto end;
1227 }
1228
1229 if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
1230 fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
1231 "be requested.\n");
1232 EXIT(1);
1233 }
1234
1235 #ifdef OPENSSL_NO_SSL3
1236 if (ssl3)
1237 no_protocol = 1;
1238 else
1239 #endif
1240 #ifdef OPENSSL_NO_TLS1
1241 if (tls1)
1242 no_protocol = 1;
1243 else
1244 #endif
1245 #ifdef OPENSSL_NO_TLS1_2
1246 if (tls1_2)
1247 no_protocol = 1;
1248 else
1249 #endif
1250 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
1251 if (dtls1)
1252 no_protocol = 1;
1253 else
1254 #endif
1255 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1_2)
1256 if (dtls12)
1257 no_protocol = 1;
1258 else
1259 #endif
1260 no_protocol = 0;
1261
1262 /*
1263 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1264 * Ideally, we would error out, but the generic test wrapper can't know
1265 * when to expect failure. So we do nothing and return success.
1266 */
1267 if (no_protocol) {
1268 fprintf(stderr, "Testing was requested for a disabled protocol. "
1269 "Skipping tests.\n");
1270 ret = EXIT_SUCCESS;
1271 goto end;
1272 }
1273
1274 if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
1275 && !reuse && !force) {
1276 fprintf(stderr, "This case cannot work. Use -f to perform "
1277 "the test anyway (and\n-d to see what happens), "
1278 "or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
1279 "to avoid protocol mismatch.\n");
1280 EXIT(1);
1281 }
1282
1283 if (print_time) {
1284 if (bio_type != BIO_PAIR) {
1285 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1286 bio_type = BIO_PAIR;
1287 }
1288 if (number < 50 && !force)
1289 fprintf(stderr,
1290 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1291 }
1292
1293 #ifndef OPENSSL_NO_COMP
1294 if (comp == COMP_ZLIB)
1295 cm = COMP_zlib();
1296 if (cm != NULL) {
1297 if (COMP_get_type(cm) != NID_undef) {
1298 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1299 fprintf(stderr, "Failed to add compression method\n");
1300 ERR_print_errors_fp(stderr);
1301 }
1302 } else {
1303 fprintf(stderr,
1304 "Warning: %s compression not supported\n",
1305 comp == COMP_ZLIB ? "zlib" : "unknown");
1306 ERR_print_errors_fp(stderr);
1307 }
1308 }
1309 ssl_comp_methods = SSL_COMP_get_compression_methods();
1310 n = sk_SSL_COMP_num(ssl_comp_methods);
1311 if (n) {
1312 int j;
1313 printf("Available compression methods:");
1314 for (j = 0; j < n; j++) {
1315 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1316 printf(" %s:%d", SSL_COMP_get0_name(c), SSL_COMP_get_id(c));
1317 }
1318 printf("\n");
1319 }
1320 #endif
1321
1322 #ifndef OPENSSL_NO_TLS
1323 meth = TLS_method();
1324 if (ssl3) {
1325 min_version = SSL3_VERSION;
1326 max_version = SSL3_VERSION;
1327 } else if (tls1) {
1328 min_version = TLS1_VERSION;
1329 max_version = TLS1_VERSION;
1330 } else if (tls1_2) {
1331 min_version = TLS1_2_VERSION;
1332 max_version = TLS1_2_VERSION;
1333 } else {
1334 min_version = SSL3_VERSION;
1335 max_version = TLS_MAX_VERSION;
1336 }
1337 #endif
1338 #ifndef OPENSSL_NO_DTLS
1339 if (dtls || dtls1 || dtls12) {
1340 meth = DTLS_method();
1341 if (dtls1) {
1342 min_version = DTLS1_VERSION;
1343 max_version = DTLS1_VERSION;
1344 } else if (dtls12) {
1345 min_version = DTLS1_2_VERSION;
1346 max_version = DTLS1_2_VERSION;
1347 } else {
1348 min_version = DTLS_MIN_VERSION;
1349 max_version = DTLS_MAX_VERSION;
1350 }
1351 }
1352 #endif
1353
1354 c_ctx = SSL_CTX_new(meth);
1355 s_ctx = SSL_CTX_new(meth);
1356 s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */
1357 if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) {
1358 ERR_print_errors(bio_err);
1359 goto end;
1360 }
1361 /*
1362 * Since we will use low security ciphersuites and keys for testing set
1363 * security level to zero by default. Tests can override this by adding
1364 * "@SECLEVEL=n" to the cipher string.
1365 */
1366 SSL_CTX_set_security_level(c_ctx, 0);
1367 SSL_CTX_set_security_level(s_ctx, 0);
1368 SSL_CTX_set_security_level(s_ctx2, 0);
1369
1370 if (no_ticket) {
1371 SSL_CTX_set_options(c_ctx, SSL_OP_NO_TICKET);
1372 SSL_CTX_set_options(s_ctx, SSL_OP_NO_TICKET);
1373 }
1374
1375 if (SSL_CTX_set_min_proto_version(c_ctx, min_version) == 0)
1376 goto end;
1377 if (SSL_CTX_set_max_proto_version(c_ctx, max_version) == 0)
1378 goto end;
1379 if (SSL_CTX_set_min_proto_version(s_ctx, min_version) == 0)
1380 goto end;
1381 if (SSL_CTX_set_max_proto_version(s_ctx, max_version) == 0)
1382 goto end;
1383
1384 if (cipher != NULL) {
1385 if (strcmp(cipher, "") == 0) {
1386 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)) {
1387 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
1388 ERR_clear_error();
1389 } else {
1390 ERR_print_errors(bio_err);
1391 goto end;
1392 }
1393 } else {
1394 /* Should have failed when clearing all TLSv1.2 ciphers. */
1395 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
1396 goto end;
1397 }
1398
1399 if (!SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1400 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
1401 ERR_clear_error();
1402 } else {
1403 ERR_print_errors(bio_err);
1404 goto end;
1405 }
1406 } else {
1407 /* Should have failed when clearing all TLSv1.2 ciphers. */
1408 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
1409 goto end;
1410 }
1411
1412 if (!SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
1413 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
1414 ERR_clear_error();
1415 } else {
1416 ERR_print_errors(bio_err);
1417 goto end;
1418 }
1419 } else {
1420 /* Should have failed when clearing all TLSv1.2 ciphers. */
1421 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
1422 goto end;
1423 }
1424 } else {
1425 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
1426 || !SSL_CTX_set_cipher_list(s_ctx, cipher)
1427 || !SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
1428 ERR_print_errors(bio_err);
1429 goto end;
1430 }
1431 }
1432 }
1433 if (ciphersuites != NULL) {
1434 if (!SSL_CTX_set_ciphersuites(c_ctx, ciphersuites)
1435 || !SSL_CTX_set_ciphersuites(s_ctx, ciphersuites)
1436 || !SSL_CTX_set_ciphersuites(s_ctx2, ciphersuites)) {
1437 ERR_print_errors(bio_err);
1438 goto end;
1439 }
1440 }
1441
1442 #ifndef OPENSSL_NO_CT
1443 if (ct_validation &&
1444 !SSL_CTX_enable_ct(c_ctx, SSL_CT_VALIDATION_STRICT)) {
1445 ERR_print_errors(bio_err);
1446 goto end;
1447 }
1448 #endif
1449
1450 /* Process SSL_CONF arguments */
1451 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1452 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1453 SSL_CONF_CTX_set_ssl_ctx(s_cctx2, s_ctx2);
1454
1455 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1456 int rv;
1457 arg = sk_OPENSSL_STRING_value(conf_args, i);
1458 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1459 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1460 /* If not recognised use server context */
1461 if (rv == -2) {
1462 rv = SSL_CONF_cmd(s_cctx2, arg, argn);
1463 if (rv > 0)
1464 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1465 }
1466 if (rv <= 0) {
1467 BIO_printf(bio_err, "Error processing %s %s\n",
1468 arg, argn ? argn : "");
1469 ERR_print_errors(bio_err);
1470 goto end;
1471 }
1472 }
1473
1474 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx) || !SSL_CONF_CTX_finish(s_cctx2)) {
1475 BIO_puts(bio_err, "Error finishing context\n");
1476 ERR_print_errors(bio_err);
1477 goto end;
1478 }
1479 #ifndef OPENSSL_NO_DH
1480 if (!no_dhe) {
1481 if (dhe1024dsa) {
1482 dh = get_dh1024dsa();
1483 } else if (dhe512)
1484 dh = get_dh512();
1485 else
1486 dh = get_dh1024();
1487 SSL_CTX_set_tmp_dh(s_ctx, dh);
1488 SSL_CTX_set_tmp_dh(s_ctx2, dh);
1489 DH_free(dh);
1490 }
1491 #else
1492 (void)no_dhe;
1493 #endif
1494
1495 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1496 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1497 (!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) ||
1498 (!SSL_CTX_set_default_verify_paths(s_ctx2)) ||
1499 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1500 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1501 ERR_print_errors(bio_err);
1502 }
1503
1504 #ifndef OPENSSL_NO_CT
1505 if (!SSL_CTX_set_default_ctlog_list_file(s_ctx) ||
1506 !SSL_CTX_set_default_ctlog_list_file(s_ctx2) ||
1507 !SSL_CTX_set_default_ctlog_list_file(c_ctx)) {
1508 ERR_print_errors(bio_err);
1509 }
1510 #endif
1511
1512 if (client_auth) {
1513 printf("client authentication\n");
1514 SSL_CTX_set_verify(s_ctx,
1515 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1516 verify_callback);
1517 SSL_CTX_set_verify(s_ctx2,
1518 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1519 verify_callback);
1520 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1521 &app_verify_arg);
1522 SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback,
1523 &app_verify_arg);
1524 }
1525 if (server_auth) {
1526 printf("server authentication\n");
1527 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1528 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1529 &app_verify_arg);
1530 }
1531
1532 {
1533 int session_id_context = 0;
1534 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1535 sizeof(session_id_context)) ||
1536 !SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context,
1537 sizeof(session_id_context))) {
1538 ERR_print_errors(bio_err);
1539 goto end;
1540 }
1541 }
1542
1543 /* Use PSK only if PSK key is given */
1544 if (psk_key != NULL) {
1545 /*
1546 * no_psk is used to avoid putting psk command to openssl tool
1547 */
1548 if (no_psk) {
1549 /*
1550 * if PSK is not compiled in and psk key is given, do nothing and
1551 * exit successfully
1552 */
1553 ret = EXIT_SUCCESS;
1554 goto end;
1555 }
1556 #ifndef OPENSSL_NO_PSK
1557 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1558 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1559 SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback);
1560 if (debug)
1561 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1562 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint") ||
1563 !SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) {
1564 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1565 ERR_print_errors(bio_err);
1566 goto end;
1567 }
1568 #endif
1569 }
1570
1571 #ifndef OPENSSL_NO_NEXTPROTONEG
1572 if (npn_client) {
1573 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1574 }
1575 if (npn_server) {
1576 if (npn_server_reject) {
1577 BIO_printf(bio_err,
1578 "Can't have both -npn_server and -npn_server_reject\n");
1579 goto end;
1580 }
1581 SSL_CTX_set_npn_advertised_cb(s_ctx, cb_server_npn, NULL);
1582 SSL_CTX_set_npn_advertised_cb(s_ctx2, cb_server_npn, NULL);
1583 }
1584 if (npn_server_reject) {
1585 SSL_CTX_set_npn_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1586 SSL_CTX_set_npn_advertised_cb(s_ctx2, cb_server_rejects_npn, NULL);
1587 }
1588 #endif
1589
1590 if (serverinfo_sct) {
1591 if (!SSL_CTX_add_client_custom_ext(c_ctx,
1592 TLSEXT_TYPE_signed_certificate_timestamp,
1593 NULL, NULL, NULL,
1594 serverinfo_cli_parse_cb, NULL)) {
1595 BIO_printf(bio_err, "Error adding SCT extension\n");
1596 goto end;
1597 }
1598 }
1599 if (serverinfo_tack) {
1600 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1601 NULL, NULL, NULL,
1602 serverinfo_cli_parse_cb, NULL)) {
1603 BIO_printf(bio_err, "Error adding TACK extension\n");
1604 goto end;
1605 }
1606 }
1607 if (serverinfo_file)
1608 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file) ||
1609 !SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) {
1610 BIO_printf(bio_err, "missing serverinfo file\n");
1611 goto end;
1612 }
1613
1614 if (custom_ext) {
1615 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1616 custom_ext_0_cli_add_cb,
1617 NULL, NULL,
1618 custom_ext_0_cli_parse_cb, NULL)
1619 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1620 custom_ext_1_cli_add_cb,
1621 NULL, NULL,
1622 custom_ext_1_cli_parse_cb, NULL)
1623 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1624 custom_ext_2_cli_add_cb,
1625 NULL, NULL,
1626 custom_ext_2_cli_parse_cb, NULL)
1627 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1628 custom_ext_3_cli_add_cb,
1629 NULL, NULL,
1630 custom_ext_3_cli_parse_cb, NULL)
1631 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1632 custom_ext_0_srv_add_cb,
1633 NULL, NULL,
1634 custom_ext_0_srv_parse_cb, NULL)
1635 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0,
1636 custom_ext_0_srv_add_cb,
1637 NULL, NULL,
1638 custom_ext_0_srv_parse_cb, NULL)
1639 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1640 custom_ext_1_srv_add_cb,
1641 NULL, NULL,
1642 custom_ext_1_srv_parse_cb, NULL)
1643 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1,
1644 custom_ext_1_srv_add_cb,
1645 NULL, NULL,
1646 custom_ext_1_srv_parse_cb, NULL)
1647 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1648 custom_ext_2_srv_add_cb,
1649 NULL, NULL,
1650 custom_ext_2_srv_parse_cb, NULL)
1651 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2,
1652 custom_ext_2_srv_add_cb,
1653 NULL, NULL,
1654 custom_ext_2_srv_parse_cb, NULL)
1655 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1656 custom_ext_3_srv_add_cb,
1657 NULL, NULL,
1658 custom_ext_3_srv_parse_cb, NULL)
1659 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3,
1660 custom_ext_3_srv_add_cb,
1661 NULL, NULL,
1662 custom_ext_3_srv_parse_cb, NULL)) {
1663 BIO_printf(bio_err, "Error setting custom extensions\n");
1664 goto end;
1665 }
1666 }
1667
1668 if (alpn_server)
1669 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server);
1670 if (alpn_server2)
1671 SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2);
1672
1673 if (alpn_client) {
1674 size_t alpn_len;
1675 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1676
1677 if (alpn == NULL) {
1678 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1679 goto end;
1680 }
1681 /* Returns 0 on success!! */
1682 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
1683 BIO_printf(bio_err, "Error setting ALPN\n");
1684 OPENSSL_free(alpn);
1685 goto end;
1686 }
1687 OPENSSL_free(alpn);
1688 }
1689
1690 if (server_sess_in != NULL) {
1691 server_sess = read_session(server_sess_in);
1692 if (server_sess == NULL)
1693 goto end;
1694 }
1695 if (client_sess_in != NULL) {
1696 client_sess = read_session(client_sess_in);
1697 if (client_sess == NULL)
1698 goto end;
1699 }
1700
1701 if (server_sess_out != NULL || server_sess_in != NULL) {
1702 char *keys;
1703 long size;
1704
1705 /* Use a fixed key so that we can decrypt the ticket. */
1706 size = SSL_CTX_set_tlsext_ticket_keys(s_ctx, NULL, 0);
1707 keys = OPENSSL_zalloc(size);
1708 SSL_CTX_set_tlsext_ticket_keys(s_ctx, keys, size);
1709 OPENSSL_free(keys);
1710 }
1711
1712 if (sn_server1 != NULL || sn_server2 != NULL)
1713 SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
1714
1715 c_ssl = SSL_new(c_ctx);
1716 s_ssl = SSL_new(s_ctx);
1717
1718 if (sn_client)
1719 SSL_set_tlsext_host_name(c_ssl, sn_client);
1720
1721 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1722 goto end;
1723 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1724 goto end;
1725 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1726 goto end;
1727 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1728 goto end;
1729
1730 if (server_sess) {
1731 if (SSL_CTX_add_session(s_ctx, server_sess) == 0) {
1732 BIO_printf(bio_err, "Can't add server session\n");
1733 ERR_print_errors(bio_err);
1734 goto end;
1735 }
1736 }
1737
1738 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
1739 for (i = 0; i < number; i++) {
1740 if (!reuse) {
1741 if (!SSL_set_session(c_ssl, NULL)) {
1742 BIO_printf(bio_err, "Failed to set session\n");
1743 goto end;
1744 }
1745 }
1746 if (client_sess_in != NULL) {
1747 if (SSL_set_session(c_ssl, client_sess) == 0) {
1748 BIO_printf(bio_err, "Can't set client session\n");
1749 ERR_print_errors(bio_err);
1750 goto end;
1751 }
1752 }
1753 switch (bio_type) {
1754 case BIO_MEM:
1755 ret = doit(s_ssl, c_ssl, bytes);
1756 break;
1757 case BIO_PAIR:
1758 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1759 break;
1760 #ifndef OPENSSL_NO_SOCK
1761 case BIO_IPV4:
1762 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV4,
1763 bytes, &s_time, &c_time);
1764 break;
1765 case BIO_IPV6:
1766 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV6,
1767 bytes, &s_time, &c_time);
1768 break;
1769 #else
1770 case BIO_IPV4:
1771 case BIO_IPV6:
1772 ret = EXIT_FAILURE;
1773 goto err;
1774 #endif
1775 }
1776 if (ret != EXIT_SUCCESS) break;
1777 }
1778
1779 if (should_negotiate && ret == EXIT_SUCCESS &&
1780 strcmp(should_negotiate, "fail-server") != 0 &&
1781 strcmp(should_negotiate, "fail-client") != 0) {
1782 int version = protocol_from_string(should_negotiate);
1783 if (version < 0) {
1784 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate);
1785 ret = EXIT_FAILURE;
1786 goto err;
1787 }
1788 if (SSL_version(c_ssl) != version) {
1789 BIO_printf(bio_err, "Unexpected version negotiated. "
1790 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl));
1791 ret = EXIT_FAILURE;
1792 goto err;
1793 }
1794 }
1795
1796 if (should_reuse != -1) {
1797 if (SSL_session_reused(s_ssl) != should_reuse ||
1798 SSL_session_reused(c_ssl) != should_reuse) {
1799 BIO_printf(bio_err, "Unexpected session reuse state. "
1800 "Expected: %d, server: %d, client: %d\n", should_reuse,
1801 SSL_session_reused(s_ssl), SSL_session_reused(c_ssl));
1802 ret = EXIT_FAILURE;
1803 goto err;
1804 }
1805 }
1806
1807 if (server_sess_out != NULL) {
1808 if (write_session(server_sess_out, SSL_get_session(s_ssl)) == 0) {
1809 ret = EXIT_FAILURE;
1810 goto err;
1811 }
1812 }
1813 if (client_sess_out != NULL) {
1814 if (write_session(client_sess_out, SSL_get_session(c_ssl)) == 0) {
1815 ret = EXIT_FAILURE;
1816 goto err;
1817 }
1818 }
1819
1820 if (!verbose) {
1821 print_details(c_ssl, "");
1822 }
1823 if (print_time) {
1824 #ifdef CLOCKS_PER_SEC
1825 /*
1826 * "To determine the time in seconds, the value returned by the clock
1827 * function should be divided by the value of the macro
1828 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1829 */
1830 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1831 "Approximate total client time: %6.2f s\n",
1832 (double)s_time / CLOCKS_PER_SEC,
1833 (double)c_time / CLOCKS_PER_SEC);
1834 #else
1835 BIO_printf(bio_stdout,
1836 "Approximate total server time: %6.2f units\n"
1837 "Approximate total client time: %6.2f units\n",
1838 (double)s_time, (double)c_time);
1839 #endif
1840 }
1841
1842 err:
1843 SSL_free(s_ssl);
1844 SSL_free(c_ssl);
1845
1846 end:
1847 SSL_CTX_free(s_ctx);
1848 SSL_CTX_free(s_ctx2);
1849 SSL_CTX_free(c_ctx);
1850 SSL_CONF_CTX_free(s_cctx);
1851 SSL_CONF_CTX_free(s_cctx2);
1852 SSL_CONF_CTX_free(c_cctx);
1853 sk_OPENSSL_STRING_free(conf_args);
1854
1855 BIO_free(bio_stdout);
1856
1857 SSL_SESSION_free(server_sess);
1858 SSL_SESSION_free(client_sess);
1859
1860 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
1861 if (CRYPTO_mem_leaks(bio_err) <= 0)
1862 ret = EXIT_FAILURE;
1863 #endif
1864 BIO_free(bio_err);
1865 EXIT(ret);
1866 }
1867
1868 #ifndef OPENSSL_NO_SOCK
doit_localhost(SSL * s_ssl,SSL * c_ssl,int family,long count,clock_t * s_time,clock_t * c_time)1869 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
1870 clock_t *s_time, clock_t *c_time)
1871 {
1872 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1873 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1874 BIO *acpt = NULL, *server = NULL, *client = NULL;
1875 char addr_str[40];
1876 int ret = EXIT_FAILURE;
1877 int err_in_client = 0;
1878 int err_in_server = 0;
1879
1880 acpt = BIO_new_accept(family == BIO_FAMILY_IPV4 ? "127.0.0.1:0"
1881 : "[::1]:0");
1882 if (acpt == NULL)
1883 goto err;
1884 BIO_set_accept_ip_family(acpt, family);
1885 BIO_set_bind_mode(acpt, BIO_SOCK_NONBLOCK | BIO_SOCK_REUSEADDR);
1886 if (BIO_do_accept(acpt) <= 0)
1887 goto err;
1888
1889 BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt));
1890
1891 client = BIO_new_connect(addr_str);
1892 BIO_set_conn_ip_family(client, family);
1893 if (!client)
1894 goto err;
1895
1896 if (BIO_set_nbio(client, 1) <= 0)
1897 goto err;
1898 if (BIO_set_nbio(acpt, 1) <= 0)
1899 goto err;
1900
1901 {
1902 int st_connect = 0, st_accept = 0;
1903
1904 while(!st_connect || !st_accept) {
1905 if (!st_connect) {
1906 if (BIO_do_connect(client) <= 0) {
1907 if (!BIO_should_retry(client))
1908 goto err;
1909 } else {
1910 st_connect = 1;
1911 }
1912 }
1913 if (!st_accept) {
1914 if (BIO_do_accept(acpt) <= 0) {
1915 if (!BIO_should_retry(acpt))
1916 goto err;
1917 } else {
1918 st_accept = 1;
1919 }
1920 }
1921 }
1922 }
1923 /* We're not interested in accepting further connects */
1924 server = BIO_pop(acpt);
1925 BIO_free_all(acpt);
1926 acpt = NULL;
1927
1928 s_ssl_bio = BIO_new(BIO_f_ssl());
1929 if (!s_ssl_bio)
1930 goto err;
1931
1932 c_ssl_bio = BIO_new(BIO_f_ssl());
1933 if (!c_ssl_bio)
1934 goto err;
1935
1936 SSL_set_connect_state(c_ssl);
1937 SSL_set_bio(c_ssl, client, client);
1938 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1939
1940 SSL_set_accept_state(s_ssl);
1941 SSL_set_bio(s_ssl, server, server);
1942 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1943
1944 do {
1945 /*-
1946 * c_ssl_bio: SSL filter BIO
1947 *
1948 * client: I/O for SSL library
1949 *
1950 *
1951 * server: I/O for SSL library
1952 *
1953 * s_ssl_bio: SSL filter BIO
1954 */
1955
1956 /*
1957 * We have non-blocking behaviour throughout this test program, but
1958 * can be sure that there is *some* progress in each iteration; so we
1959 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1960 * we just try everything in each iteration
1961 */
1962
1963 {
1964 /* CLIENT */
1965
1966 char cbuf[1024 * 8];
1967 int i, r;
1968 clock_t c_clock = clock();
1969
1970 memset(cbuf, 0, sizeof(cbuf));
1971
1972 if (debug)
1973 if (SSL_in_init(c_ssl))
1974 printf("client waiting in SSL_connect - %s\n",
1975 SSL_state_string_long(c_ssl));
1976
1977 if (cw_num > 0) {
1978 /* Write to server. */
1979
1980 if (cw_num > (long)sizeof(cbuf))
1981 i = sizeof(cbuf);
1982 else
1983 i = (int)cw_num;
1984 r = BIO_write(c_ssl_bio, cbuf, i);
1985 if (r < 0) {
1986 if (!BIO_should_retry(c_ssl_bio)) {
1987 fprintf(stderr, "ERROR in CLIENT\n");
1988 err_in_client = 1;
1989 goto err;
1990 }
1991 /*
1992 * BIO_should_retry(...) can just be ignored here. The
1993 * library expects us to call BIO_write with the same
1994 * arguments again, and that's what we will do in the
1995 * next iteration.
1996 */
1997 } else if (r == 0) {
1998 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1999 goto err;
2000 } else {
2001 if (debug)
2002 printf("client wrote %d\n", r);
2003 cw_num -= r;
2004 }
2005 }
2006
2007 if (cr_num > 0) {
2008 /* Read from server. */
2009
2010 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2011 if (r < 0) {
2012 if (!BIO_should_retry(c_ssl_bio)) {
2013 fprintf(stderr, "ERROR in CLIENT\n");
2014 err_in_client = 1;
2015 goto err;
2016 }
2017 /*
2018 * Again, "BIO_should_retry" can be ignored.
2019 */
2020 } else if (r == 0) {
2021 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2022 goto err;
2023 } else {
2024 if (debug)
2025 printf("client read %d\n", r);
2026 cr_num -= r;
2027 }
2028 }
2029
2030 /*
2031 * c_time and s_time increments will typically be very small
2032 * (depending on machine speed and clock tick intervals), but
2033 * sampling over a large number of connections should result in
2034 * fairly accurate figures. We cannot guarantee a lot, however
2035 * -- if each connection lasts for exactly one clock tick, it
2036 * will be counted only for the client or only for the server or
2037 * even not at all.
2038 */
2039 *c_time += (clock() - c_clock);
2040 }
2041
2042 {
2043 /* SERVER */
2044
2045 char sbuf[1024 * 8];
2046 int i, r;
2047 clock_t s_clock = clock();
2048
2049 memset(sbuf, 0, sizeof(sbuf));
2050
2051 if (debug)
2052 if (SSL_in_init(s_ssl))
2053 printf("server waiting in SSL_accept - %s\n",
2054 SSL_state_string_long(s_ssl));
2055
2056 if (sw_num > 0) {
2057 /* Write to client. */
2058
2059 if (sw_num > (long)sizeof(sbuf))
2060 i = sizeof(sbuf);
2061 else
2062 i = (int)sw_num;
2063 r = BIO_write(s_ssl_bio, sbuf, i);
2064 if (r < 0) {
2065 if (!BIO_should_retry(s_ssl_bio)) {
2066 fprintf(stderr, "ERROR in SERVER\n");
2067 err_in_server = 1;
2068 goto err;
2069 }
2070 /* Ignore "BIO_should_retry". */
2071 } else if (r == 0) {
2072 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2073 goto err;
2074 } else {
2075 if (debug)
2076 printf("server wrote %d\n", r);
2077 sw_num -= r;
2078 }
2079 }
2080
2081 if (sr_num > 0) {
2082 /* Read from client. */
2083
2084 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2085 if (r < 0) {
2086 if (!BIO_should_retry(s_ssl_bio)) {
2087 fprintf(stderr, "ERROR in SERVER\n");
2088 err_in_server = 1;
2089 goto err;
2090 }
2091 /* blah, blah */
2092 } else if (r == 0) {
2093 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2094 goto err;
2095 } else {
2096 if (debug)
2097 printf("server read %d\n", r);
2098 sr_num -= r;
2099 }
2100 }
2101
2102 *s_time += (clock() - s_clock);
2103 }
2104 }
2105 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2106
2107 if (verbose)
2108 print_details(c_ssl, "DONE via TCP connect: ");
2109 # ifndef OPENSSL_NO_NEXTPROTONEG
2110 if (verify_npn(c_ssl, s_ssl) < 0)
2111 goto end;
2112 # endif
2113 if (verify_serverinfo() < 0) {
2114 fprintf(stderr, "Server info verify error\n");
2115 goto err;
2116 }
2117 if (verify_alpn(c_ssl, s_ssl) < 0
2118 || verify_servername(c_ssl, s_ssl) < 0)
2119 goto err;
2120
2121 if (custom_ext_error) {
2122 fprintf(stderr, "Custom extension error\n");
2123 goto err;
2124 }
2125
2126 # ifndef OPENSSL_NO_NEXTPROTONEG
2127 end:
2128 # endif
2129 ret = EXIT_SUCCESS;
2130
2131 err:
2132 ERR_print_errors(bio_err);
2133
2134 BIO_free_all(acpt);
2135 BIO_free(server);
2136 BIO_free(client);
2137 BIO_free(s_ssl_bio);
2138 BIO_free(c_ssl_bio);
2139
2140 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2141 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2142 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2143 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2144
2145 return ret;
2146 }
2147 #endif
2148
doit_biopair(SSL * s_ssl,SSL * c_ssl,long count,clock_t * s_time,clock_t * c_time)2149 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
2150 clock_t *s_time, clock_t *c_time)
2151 {
2152 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
2153 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
2154 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
2155 int ret = EXIT_FAILURE;
2156 int err_in_client = 0;
2157 int err_in_server = 0;
2158
2159 size_t bufsiz = 256; /* small buffer for testing */
2160
2161 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
2162 goto err;
2163 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
2164 goto err;
2165
2166 s_ssl_bio = BIO_new(BIO_f_ssl());
2167 if (!s_ssl_bio)
2168 goto err;
2169
2170 c_ssl_bio = BIO_new(BIO_f_ssl());
2171 if (!c_ssl_bio)
2172 goto err;
2173
2174 SSL_set_connect_state(c_ssl);
2175 SSL_set_bio(c_ssl, client, client);
2176 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2177
2178 SSL_set_accept_state(s_ssl);
2179 SSL_set_bio(s_ssl, server, server);
2180 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2181
2182 do {
2183 /*-
2184 * c_ssl_bio: SSL filter BIO
2185 *
2186 * client: pseudo-I/O for SSL library
2187 *
2188 * client_io: client's SSL communication; usually to be
2189 * relayed over some I/O facility, but in this
2190 * test program, we're the server, too:
2191 *
2192 * server_io: server's SSL communication
2193 *
2194 * server: pseudo-I/O for SSL library
2195 *
2196 * s_ssl_bio: SSL filter BIO
2197 *
2198 * The client and the server each employ a "BIO pair":
2199 * client + client_io, server + server_io.
2200 * BIO pairs are symmetric. A BIO pair behaves similar
2201 * to a non-blocking socketpair (but both endpoints must
2202 * be handled by the same thread).
2203 * [Here we could connect client and server to the ends
2204 * of a single BIO pair, but then this code would be less
2205 * suitable as an example for BIO pairs in general.]
2206 *
2207 * Useful functions for querying the state of BIO pair endpoints:
2208 *
2209 * BIO_ctrl_pending(bio) number of bytes we can read now
2210 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfill
2211 * other side's read attempt
2212 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
2213 *
2214 * ..._read_request is never more than ..._write_guarantee;
2215 * it depends on the application which one you should use.
2216 */
2217
2218 /*
2219 * We have non-blocking behaviour throughout this test program, but
2220 * can be sure that there is *some* progress in each iteration; so we
2221 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2222 * we just try everything in each iteration
2223 */
2224
2225 {
2226 /* CLIENT */
2227
2228 char cbuf[1024 * 8];
2229 int i, r;
2230 clock_t c_clock = clock();
2231
2232 memset(cbuf, 0, sizeof(cbuf));
2233
2234 if (debug)
2235 if (SSL_in_init(c_ssl))
2236 printf("client waiting in SSL_connect - %s\n",
2237 SSL_state_string_long(c_ssl));
2238
2239 if (cw_num > 0) {
2240 /* Write to server. */
2241
2242 if (cw_num > (long)sizeof(cbuf))
2243 i = sizeof(cbuf);
2244 else
2245 i = (int)cw_num;
2246 r = BIO_write(c_ssl_bio, cbuf, i);
2247 if (r < 0) {
2248 if (!BIO_should_retry(c_ssl_bio)) {
2249 fprintf(stderr, "ERROR in CLIENT\n");
2250 err_in_client = 1;
2251 goto err;
2252 }
2253 /*
2254 * BIO_should_retry(...) can just be ignored here. The
2255 * library expects us to call BIO_write with the same
2256 * arguments again, and that's what we will do in the
2257 * next iteration.
2258 */
2259 } else if (r == 0) {
2260 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2261 goto err;
2262 } else {
2263 if (debug)
2264 printf("client wrote %d\n", r);
2265 cw_num -= r;
2266 }
2267 }
2268
2269 if (cr_num > 0) {
2270 /* Read from server. */
2271
2272 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2273 if (r < 0) {
2274 if (!BIO_should_retry(c_ssl_bio)) {
2275 fprintf(stderr, "ERROR in CLIENT\n");
2276 err_in_client = 1;
2277 goto err;
2278 }
2279 /*
2280 * Again, "BIO_should_retry" can be ignored.
2281 */
2282 } else if (r == 0) {
2283 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2284 goto err;
2285 } else {
2286 if (debug)
2287 printf("client read %d\n", r);
2288 cr_num -= r;
2289 }
2290 }
2291
2292 /*
2293 * c_time and s_time increments will typically be very small
2294 * (depending on machine speed and clock tick intervals), but
2295 * sampling over a large number of connections should result in
2296 * fairly accurate figures. We cannot guarantee a lot, however
2297 * -- if each connection lasts for exactly one clock tick, it
2298 * will be counted only for the client or only for the server or
2299 * even not at all.
2300 */
2301 *c_time += (clock() - c_clock);
2302 }
2303
2304 {
2305 /* SERVER */
2306
2307 char sbuf[1024 * 8];
2308 int i, r;
2309 clock_t s_clock = clock();
2310
2311 memset(sbuf, 0, sizeof(sbuf));
2312
2313 if (debug)
2314 if (SSL_in_init(s_ssl))
2315 printf("server waiting in SSL_accept - %s\n",
2316 SSL_state_string_long(s_ssl));
2317
2318 if (sw_num > 0) {
2319 /* Write to client. */
2320
2321 if (sw_num > (long)sizeof(sbuf))
2322 i = sizeof(sbuf);
2323 else
2324 i = (int)sw_num;
2325 r = BIO_write(s_ssl_bio, sbuf, i);
2326 if (r < 0) {
2327 if (!BIO_should_retry(s_ssl_bio)) {
2328 fprintf(stderr, "ERROR in SERVER\n");
2329 err_in_server = 1;
2330 goto err;
2331 }
2332 /* Ignore "BIO_should_retry". */
2333 } else if (r == 0) {
2334 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2335 goto err;
2336 } else {
2337 if (debug)
2338 printf("server wrote %d\n", r);
2339 sw_num -= r;
2340 }
2341 }
2342
2343 if (sr_num > 0) {
2344 /* Read from client. */
2345
2346 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2347 if (r < 0) {
2348 if (!BIO_should_retry(s_ssl_bio)) {
2349 fprintf(stderr, "ERROR in SERVER\n");
2350 err_in_server = 1;
2351 goto err;
2352 }
2353 /* blah, blah */
2354 } else if (r == 0) {
2355 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2356 goto err;
2357 } else {
2358 if (debug)
2359 printf("server read %d\n", r);
2360 sr_num -= r;
2361 }
2362 }
2363
2364 *s_time += (clock() - s_clock);
2365 }
2366
2367 {
2368 /* "I/O" BETWEEN CLIENT AND SERVER. */
2369
2370 size_t r1, r2;
2371 BIO *io1 = server_io, *io2 = client_io;
2372 /*
2373 * we use the non-copying interface for io1 and the standard
2374 * BIO_write/BIO_read interface for io2
2375 */
2376
2377 static int prev_progress = 1;
2378 int progress = 0;
2379
2380 /* io1 to io2 */
2381 do {
2382 size_t num;
2383 int r;
2384
2385 r1 = BIO_ctrl_pending(io1);
2386 r2 = BIO_ctrl_get_write_guarantee(io2);
2387
2388 num = r1;
2389 if (r2 < num)
2390 num = r2;
2391 if (num) {
2392 char *dataptr;
2393
2394 if (INT_MAX < num) /* yeah, right */
2395 num = INT_MAX;
2396
2397 r = BIO_nread(io1, &dataptr, (int)num);
2398 assert(r > 0);
2399 assert(r <= (int)num);
2400 /*
2401 * possibly r < num (non-contiguous data)
2402 */
2403 num = r;
2404 r = BIO_write(io2, dataptr, (int)num);
2405 if (r != (int)num) { /* can't happen */
2406 fprintf(stderr, "ERROR: BIO_write could not write "
2407 "BIO_ctrl_get_write_guarantee() bytes");
2408 goto err;
2409 }
2410 progress = 1;
2411
2412 if (debug)
2413 printf((io1 == client_io) ?
2414 "C->S relaying: %d bytes\n" :
2415 "S->C relaying: %d bytes\n", (int)num);
2416 }
2417 }
2418 while (r1 && r2);
2419
2420 /* io2 to io1 */
2421 {
2422 size_t num;
2423 int r;
2424
2425 r1 = BIO_ctrl_pending(io2);
2426 r2 = BIO_ctrl_get_read_request(io1);
2427 /*
2428 * here we could use ..._get_write_guarantee instead of
2429 * ..._get_read_request, but by using the latter we test
2430 * restartability of the SSL implementation more thoroughly
2431 */
2432 num = r1;
2433 if (r2 < num)
2434 num = r2;
2435 if (num) {
2436 char *dataptr;
2437
2438 if (INT_MAX < num)
2439 num = INT_MAX;
2440
2441 if (num > 1)
2442 --num; /* test restartability even more thoroughly */
2443
2444 r = BIO_nwrite0(io1, &dataptr);
2445 assert(r > 0);
2446 if (r < (int)num)
2447 num = r;
2448 r = BIO_read(io2, dataptr, (int)num);
2449 if (r != (int)num) { /* can't happen */
2450 fprintf(stderr, "ERROR: BIO_read could not read "
2451 "BIO_ctrl_pending() bytes");
2452 goto err;
2453 }
2454 progress = 1;
2455 r = BIO_nwrite(io1, &dataptr, (int)num);
2456 if (r != (int)num) { /* can't happen */
2457 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2458 "BIO_nwrite0() bytes");
2459 goto err;
2460 }
2461
2462 if (debug)
2463 printf((io2 == client_io) ?
2464 "C->S relaying: %d bytes\n" :
2465 "S->C relaying: %d bytes\n", (int)num);
2466 }
2467 } /* no loop, BIO_ctrl_get_read_request now
2468 * returns 0 anyway */
2469
2470 if (!progress && !prev_progress)
2471 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2472 fprintf(stderr, "ERROR: got stuck\n");
2473 fprintf(stderr, " ERROR.\n");
2474 goto err;
2475 }
2476 prev_progress = progress;
2477 }
2478 }
2479 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2480
2481 if (verbose)
2482 print_details(c_ssl, "DONE via BIO pair: ");
2483 #ifndef OPENSSL_NO_NEXTPROTONEG
2484 if (verify_npn(c_ssl, s_ssl) < 0)
2485 goto end;
2486 #endif
2487 if (verify_serverinfo() < 0) {
2488 fprintf(stderr, "Server info verify error\n");
2489 goto err;
2490 }
2491 if (verify_alpn(c_ssl, s_ssl) < 0
2492 || verify_servername(c_ssl, s_ssl) < 0)
2493 goto err;
2494
2495 if (custom_ext_error) {
2496 fprintf(stderr, "Custom extension error\n");
2497 goto err;
2498 }
2499
2500 #ifndef OPENSSL_NO_NEXTPROTONEG
2501 end:
2502 #endif
2503 ret = EXIT_SUCCESS;
2504
2505 err:
2506 ERR_print_errors(bio_err);
2507
2508 BIO_free(server);
2509 BIO_free(server_io);
2510 BIO_free(client);
2511 BIO_free(client_io);
2512 BIO_free(s_ssl_bio);
2513 BIO_free(c_ssl_bio);
2514
2515 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2516 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2517 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2518 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2519
2520 return ret;
2521 }
2522
2523 #define W_READ 1
2524 #define W_WRITE 2
2525 #define C_DONE 1
2526 #define S_DONE 2
2527
doit(SSL * s_ssl,SSL * c_ssl,long count)2528 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2529 {
2530 char *cbuf = NULL, *sbuf = NULL;
2531 long bufsiz;
2532 long cw_num = count, cr_num = count;
2533 long sw_num = count, sr_num = count;
2534 int ret = EXIT_FAILURE;
2535 BIO *c_to_s = NULL;
2536 BIO *s_to_c = NULL;
2537 BIO *c_bio = NULL;
2538 BIO *s_bio = NULL;
2539 int c_r, c_w, s_r, s_w;
2540 int i, j;
2541 int done = 0;
2542 int c_write, s_write;
2543 int do_server = 0, do_client = 0;
2544 int max_frag = 5 * 1024;
2545 int err_in_client = 0;
2546 int err_in_server = 0;
2547
2548 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2549
2550 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2551 goto err;
2552 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2553 goto err;
2554
2555 c_to_s = BIO_new(BIO_s_mem());
2556 s_to_c = BIO_new(BIO_s_mem());
2557 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2558 ERR_print_errors(bio_err);
2559 goto err;
2560 }
2561
2562 c_bio = BIO_new(BIO_f_ssl());
2563 s_bio = BIO_new(BIO_f_ssl());
2564 if ((c_bio == NULL) || (s_bio == NULL)) {
2565 ERR_print_errors(bio_err);
2566 goto err;
2567 }
2568
2569 SSL_set_connect_state(c_ssl);
2570 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2571 SSL_set_max_send_fragment(c_ssl, max_frag);
2572 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2573
2574 /*
2575 * We've just given our ref to these BIOs to c_ssl. We need another one to
2576 * give to s_ssl
2577 */
2578 if (!BIO_up_ref(c_to_s)) {
2579 /* c_to_s and s_to_c will get freed when we free c_ssl */
2580 c_to_s = NULL;
2581 s_to_c = NULL;
2582 goto err;
2583 }
2584 if (!BIO_up_ref(s_to_c)) {
2585 /* s_to_c will get freed when we free c_ssl */
2586 s_to_c = NULL;
2587 goto err;
2588 }
2589
2590 SSL_set_accept_state(s_ssl);
2591 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2592
2593 /* We've used up all our refs to these now */
2594 c_to_s = NULL;
2595 s_to_c = NULL;
2596
2597 SSL_set_max_send_fragment(s_ssl, max_frag);
2598 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2599
2600 c_r = 0;
2601 s_r = 1;
2602 c_w = 1;
2603 s_w = 0;
2604 c_write = 1, s_write = 0;
2605
2606 /* We can always do writes */
2607 for (;;) {
2608 do_server = 0;
2609 do_client = 0;
2610
2611 i = (int)BIO_pending(s_bio);
2612 if ((i && s_r) || s_w)
2613 do_server = 1;
2614
2615 i = (int)BIO_pending(c_bio);
2616 if ((i && c_r) || c_w)
2617 do_client = 1;
2618
2619 if (do_server && debug) {
2620 if (SSL_in_init(s_ssl))
2621 printf("server waiting in SSL_accept - %s\n",
2622 SSL_state_string_long(s_ssl));
2623 }
2624
2625 if (do_client && debug) {
2626 if (SSL_in_init(c_ssl))
2627 printf("client waiting in SSL_connect - %s\n",
2628 SSL_state_string_long(c_ssl));
2629 }
2630
2631 if (!do_client && !do_server) {
2632 fprintf(stdout, "ERROR IN STARTUP\n");
2633 ERR_print_errors(bio_err);
2634 goto err;
2635 }
2636 if (do_client && !(done & C_DONE)) {
2637 if (c_write) {
2638 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2639 i = BIO_write(c_bio, cbuf, j);
2640 if (i < 0) {
2641 c_r = 0;
2642 c_w = 0;
2643 if (BIO_should_retry(c_bio)) {
2644 if (BIO_should_read(c_bio))
2645 c_r = 1;
2646 if (BIO_should_write(c_bio))
2647 c_w = 1;
2648 } else {
2649 fprintf(stderr, "ERROR in CLIENT\n");
2650 err_in_client = 1;
2651 ERR_print_errors(bio_err);
2652 goto err;
2653 }
2654 } else if (i == 0) {
2655 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2656 goto err;
2657 } else {
2658 if (debug)
2659 printf("client wrote %d\n", i);
2660 /* ok */
2661 s_r = 1;
2662 c_write = 0;
2663 cw_num -= i;
2664 if (max_frag > 1029)
2665 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2666 }
2667 } else {
2668 i = BIO_read(c_bio, cbuf, bufsiz);
2669 if (i < 0) {
2670 c_r = 0;
2671 c_w = 0;
2672 if (BIO_should_retry(c_bio)) {
2673 if (BIO_should_read(c_bio))
2674 c_r = 1;
2675 if (BIO_should_write(c_bio))
2676 c_w = 1;
2677 } else {
2678 fprintf(stderr, "ERROR in CLIENT\n");
2679 err_in_client = 1;
2680 ERR_print_errors(bio_err);
2681 goto err;
2682 }
2683 } else if (i == 0) {
2684 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2685 goto err;
2686 } else {
2687 if (debug)
2688 printf("client read %d\n", i);
2689 cr_num -= i;
2690 if (sw_num > 0) {
2691 s_write = 1;
2692 s_w = 1;
2693 }
2694 if (cr_num <= 0) {
2695 s_write = 1;
2696 s_w = 1;
2697 done = S_DONE | C_DONE;
2698 }
2699 }
2700 }
2701 }
2702
2703 if (do_server && !(done & S_DONE)) {
2704 if (!s_write) {
2705 i = BIO_read(s_bio, sbuf, bufsiz);
2706 if (i < 0) {
2707 s_r = 0;
2708 s_w = 0;
2709 if (BIO_should_retry(s_bio)) {
2710 if (BIO_should_read(s_bio))
2711 s_r = 1;
2712 if (BIO_should_write(s_bio))
2713 s_w = 1;
2714 } else {
2715 fprintf(stderr, "ERROR in SERVER\n");
2716 err_in_server = 1;
2717 ERR_print_errors(bio_err);
2718 goto err;
2719 }
2720 } else if (i == 0) {
2721 ERR_print_errors(bio_err);
2722 fprintf(stderr,
2723 "SSL SERVER STARTUP FAILED in SSL_read\n");
2724 goto err;
2725 } else {
2726 if (debug)
2727 printf("server read %d\n", i);
2728 sr_num -= i;
2729 if (cw_num > 0) {
2730 c_write = 1;
2731 c_w = 1;
2732 }
2733 if (sr_num <= 0) {
2734 s_write = 1;
2735 s_w = 1;
2736 c_write = 0;
2737 }
2738 }
2739 } else {
2740 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2741 i = BIO_write(s_bio, sbuf, j);
2742 if (i < 0) {
2743 s_r = 0;
2744 s_w = 0;
2745 if (BIO_should_retry(s_bio)) {
2746 if (BIO_should_read(s_bio))
2747 s_r = 1;
2748 if (BIO_should_write(s_bio))
2749 s_w = 1;
2750 } else {
2751 fprintf(stderr, "ERROR in SERVER\n");
2752 err_in_server = 1;
2753 ERR_print_errors(bio_err);
2754 goto err;
2755 }
2756 } else if (i == 0) {
2757 ERR_print_errors(bio_err);
2758 fprintf(stderr,
2759 "SSL SERVER STARTUP FAILED in SSL_write\n");
2760 goto err;
2761 } else {
2762 if (debug)
2763 printf("server wrote %d\n", i);
2764 sw_num -= i;
2765 s_write = 0;
2766 c_r = 1;
2767 if (sw_num <= 0)
2768 done |= S_DONE;
2769 if (max_frag > 1029)
2770 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2771 }
2772 }
2773 }
2774
2775 if ((done & S_DONE) && (done & C_DONE))
2776 break;
2777 }
2778
2779 if (verbose)
2780 print_details(c_ssl, "DONE: ");
2781 #ifndef OPENSSL_NO_NEXTPROTONEG
2782 if (verify_npn(c_ssl, s_ssl) < 0)
2783 goto err;
2784 #endif
2785 if (verify_serverinfo() < 0) {
2786 fprintf(stderr, "Server info verify error\n");
2787 goto err;
2788 }
2789 if (custom_ext_error) {
2790 fprintf(stderr, "Custom extension error\n");
2791 goto err;
2792 }
2793 ret = EXIT_SUCCESS;
2794 err:
2795 BIO_free(c_to_s);
2796 BIO_free(s_to_c);
2797 BIO_free_all(c_bio);
2798 BIO_free_all(s_bio);
2799 OPENSSL_free(cbuf);
2800 OPENSSL_free(sbuf);
2801
2802 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2803 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2804 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2805 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2806
2807 return ret;
2808 }
2809
verify_callback(int ok,X509_STORE_CTX * ctx)2810 static int verify_callback(int ok, X509_STORE_CTX *ctx)
2811 {
2812 char *s, buf[256];
2813
2814 s = X509_NAME_oneline(X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)),
2815 buf, sizeof(buf));
2816 if (s != NULL) {
2817 if (ok)
2818 printf("depth=%d %s\n", X509_STORE_CTX_get_error_depth(ctx), buf);
2819 else {
2820 fprintf(stderr, "depth=%d error=%d %s\n",
2821 X509_STORE_CTX_get_error_depth(ctx),
2822 X509_STORE_CTX_get_error(ctx), buf);
2823 }
2824 }
2825
2826 if (ok == 0) {
2827 int i = X509_STORE_CTX_get_error(ctx);
2828
2829 switch (i) {
2830 default:
2831 fprintf(stderr, "Error string: %s\n",
2832 X509_verify_cert_error_string(i));
2833 break;
2834 case X509_V_ERR_CERT_NOT_YET_VALID:
2835 case X509_V_ERR_CERT_HAS_EXPIRED:
2836 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2837 ok = 1;
2838 break;
2839 }
2840 }
2841
2842 return ok;
2843 }
2844
app_verify_callback(X509_STORE_CTX * ctx,void * arg)2845 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2846 {
2847 int ok = 1;
2848 struct app_verify_arg *cb_arg = arg;
2849
2850 if (cb_arg->app_verify) {
2851 char *s = NULL, buf[256];
2852 X509 *c = X509_STORE_CTX_get0_cert(ctx);
2853
2854 printf("In app_verify_callback, allowing cert. ");
2855 printf("Arg is: %s\n", cb_arg->string);
2856 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2857 (void *)ctx, (void *)c);
2858 if (c)
2859 s = X509_NAME_oneline(X509_get_subject_name(c), buf, 256);
2860 if (s != NULL) {
2861 printf("cert depth=%d %s\n",
2862 X509_STORE_CTX_get_error_depth(ctx), buf);
2863 }
2864 return 1;
2865 }
2866
2867 ok = X509_verify_cert(ctx);
2868
2869 return ok;
2870 }
2871
2872 #ifndef OPENSSL_NO_DH
2873 /*-
2874 * These DH parameters have been generated as follows:
2875 * $ openssl dhparam -C -noout 512
2876 * $ openssl dhparam -C -noout 1024
2877 * $ openssl dhparam -C -noout -dsaparam 1024
2878 * (The third function has been renamed to avoid name conflicts.)
2879 */
get_dh512(void)2880 static DH *get_dh512(void)
2881 {
2882 static unsigned char dh512_p[] = {
2883 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2884 0xC6,
2885 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2886 0xB0,
2887 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2888 0x5F,
2889 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2890 0xB8,
2891 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2892 0x33,
2893 0x02, 0xC5, 0xAE, 0x23,
2894 };
2895 static unsigned char dh512_g[] = {
2896 0x02,
2897 };
2898 DH *dh;
2899 BIGNUM *p, *g;
2900
2901 if ((dh = DH_new()) == NULL)
2902 return NULL;
2903 p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2904 g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2905 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
2906 DH_free(dh);
2907 BN_free(p);
2908 BN_free(g);
2909 return NULL;
2910 }
2911 return dh;
2912 }
2913
get_dh1024(void)2914 static DH *get_dh1024(void)
2915 {
2916 static unsigned char dh1024_p[] = {
2917 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
2918 0x3A,
2919 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
2920 0xA2,
2921 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
2922 0xB0,
2923 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
2924 0xC2,
2925 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
2926 0x8C,
2927 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
2928 0xB8,
2929 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
2930 0x52,
2931 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
2932 0xC1,
2933 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
2934 0xB1,
2935 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
2936 0xAB,
2937 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
2938 };
2939 static unsigned char dh1024_g[] = {
2940 0x02,
2941 };
2942 DH *dh;
2943 BIGNUM *p, *g;
2944
2945 if ((dh = DH_new()) == NULL)
2946 return NULL;
2947 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2948 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2949 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
2950 DH_free(dh);
2951 BN_free(p);
2952 BN_free(g);
2953 return NULL;
2954 }
2955 return dh;
2956 }
2957
get_dh1024dsa(void)2958 static DH *get_dh1024dsa(void)
2959 {
2960 static unsigned char dh1024_p[] = {
2961 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
2962 0x00,
2963 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
2964 0x19,
2965 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
2966 0xD2,
2967 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
2968 0x55,
2969 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
2970 0xFC,
2971 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
2972 0x97,
2973 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
2974 0x8D,
2975 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
2976 0xBB,
2977 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
2978 0xF6,
2979 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
2980 0x9E,
2981 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
2982 };
2983 static unsigned char dh1024_g[] = {
2984 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
2985 0x05,
2986 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
2987 0xF3,
2988 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
2989 0xE9,
2990 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
2991 0x3C,
2992 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
2993 0x65,
2994 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
2995 0x60,
2996 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
2997 0xF6,
2998 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
2999 0xA7,
3000 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3001 0xA1,
3002 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3003 0x60,
3004 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3005 };
3006 DH *dh;
3007 BIGNUM *p, *g;
3008
3009 if ((dh = DH_new()) == NULL)
3010 return NULL;
3011 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3012 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3013 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
3014 DH_free(dh);
3015 BN_free(p);
3016 BN_free(g);
3017 return NULL;
3018 }
3019 DH_set_length(dh, 160);
3020 return dh;
3021 }
3022 #endif
3023
3024 #ifndef OPENSSL_NO_PSK
3025 /* convert the PSK key (psk_key) in ascii to binary (psk) */
psk_key2bn(const char * pskkey,unsigned char * psk,unsigned int max_psk_len)3026 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3027 unsigned int max_psk_len)
3028 {
3029 int ret;
3030 BIGNUM *bn = NULL;
3031
3032 ret = BN_hex2bn(&bn, pskkey);
3033 if (!ret) {
3034 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3035 pskkey);
3036 BN_free(bn);
3037 return 0;
3038 }
3039 if (BN_num_bytes(bn) > (int)max_psk_len) {
3040 BIO_printf(bio_err,
3041 "psk buffer of callback is too small (%d) for key (%d)\n",
3042 max_psk_len, BN_num_bytes(bn));
3043 BN_free(bn);
3044 return 0;
3045 }
3046 ret = BN_bn2bin(bn, psk);
3047 BN_free(bn);
3048 return ret;
3049 }
3050
psk_client_callback(SSL * ssl,const char * hint,char * identity,unsigned int max_identity_len,unsigned char * psk,unsigned int max_psk_len)3051 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3052 char *identity,
3053 unsigned int max_identity_len,
3054 unsigned char *psk,
3055 unsigned int max_psk_len)
3056 {
3057 int ret;
3058 unsigned int psk_len = 0;
3059
3060 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3061 if (ret < 0)
3062 goto out_err;
3063 if (debug)
3064 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3065 ret);
3066 ret = psk_key2bn(psk_key, psk, max_psk_len);
3067 if (ret < 0)
3068 goto out_err;
3069 psk_len = ret;
3070 out_err:
3071 return psk_len;
3072 }
3073
psk_server_callback(SSL * ssl,const char * identity,unsigned char * psk,unsigned int max_psk_len)3074 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3075 unsigned char *psk,
3076 unsigned int max_psk_len)
3077 {
3078 unsigned int psk_len = 0;
3079
3080 if (strcmp(identity, "Client_identity") != 0) {
3081 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3082 return 0;
3083 }
3084 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3085 return psk_len;
3086 }
3087 #endif
3088