1 /* $OpenBSD: s_client.c,v 1.58 2022/02/03 17:44:04 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2005 Nokia. All rights reserved. 113 * 114 * The portions of the attached software ("Contribution") is developed by 115 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 116 * license. 117 * 118 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 119 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 120 * support (see RFC 4279) to OpenSSL. 121 * 122 * No patent licenses or other rights except those expressly stated in 123 * the OpenSSL open source license shall be deemed granted or received 124 * expressly, by implication, estoppel, or otherwise. 125 * 126 * No assurances are provided by Nokia that the Contribution does not 127 * infringe the patent or other intellectual property rights of any third 128 * party or that the license provides you with all the necessary rights 129 * to make use of the Contribution. 130 * 131 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 132 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 133 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 134 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 135 * OTHERWISE. 136 */ 137 138 #include <sys/types.h> 139 #include <sys/socket.h> 140 141 #include <netinet/in.h> 142 143 #include <assert.h> 144 #include <ctype.h> 145 #include <limits.h> 146 #include <netdb.h> 147 #include <stdio.h> 148 #include <stdlib.h> 149 #include <string.h> 150 #include <unistd.h> 151 #include <poll.h> 152 153 #include "apps.h" 154 155 #include <openssl/bn.h> 156 #include <openssl/err.h> 157 #include <openssl/ocsp.h> 158 #include <openssl/pem.h> 159 #include <openssl/ssl.h> 160 #include <openssl/x509.h> 161 162 #include "s_apps.h" 163 #include "timeouts.h" 164 165 /*#define SSL_HOST_NAME "www.netscape.com" */ 166 /*#define SSL_HOST_NAME "193.118.187.102" */ 167 #define SSL_HOST_NAME "localhost" 168 169 /*#define TEST_CERT "client.pem" *//* no default cert. */ 170 171 #define BUFSIZZ 1024*8 172 173 static void sc_usage(void); 174 static void print_stuff(BIO *berr, SSL *con, int full); 175 static int ocsp_resp_cb(SSL *s, void *arg); 176 static int ssl_servername_cb(SSL *s, int *ad, void *arg); 177 178 enum { 179 PROTO_OFF = 0, 180 PROTO_SMTP, 181 PROTO_LMTP, 182 PROTO_POP3, 183 PROTO_IMAP, 184 PROTO_FTP, 185 PROTO_XMPP, 186 }; 187 188 /* This is a context that we pass to callbacks */ 189 typedef struct tlsextctx_st { 190 BIO *biodebug; 191 int ack; 192 } tlsextctx; 193 194 static struct { 195 int af; 196 char *alpn_in; 197 int bugs; 198 char *CAfile; 199 char *CApath; 200 char *cert_file; 201 int cert_format; 202 char *cipher; 203 unsigned int clr; 204 char *connect; 205 int crlf; 206 int debug; 207 int enable_timeouts; 208 const char *errstr; 209 char *groups_in; 210 char *host; 211 int ign_eof; 212 char *key_file; 213 int key_format; 214 char *keymatexportlabel; 215 int keymatexportlen; 216 uint16_t max_version; 217 uint16_t min_version; 218 const SSL_METHOD *meth; 219 int msg; 220 int nbio; 221 int nbio_test; 222 int no_servername; 223 char *npn_in; 224 unsigned int off; 225 char *passarg; 226 int pause; 227 int peekaboo; 228 char *port; 229 int prexit; 230 char *proxy; 231 int quiet; 232 int reconnect; 233 char *servername; 234 char *sess_in; 235 char *sess_out; 236 int showcerts; 237 int socket_type; 238 long socket_mtu; 239 #ifndef OPENSSL_NO_SRTP 240 char *srtp_profiles; 241 #endif 242 int starttls_proto; 243 int state; 244 int status_req; 245 int tlsextdebug; 246 int verify; 247 X509_VERIFY_PARAM *vpm; 248 char *xmpphost; 249 } s_client_config; 250 251 static int 252 s_client_opt_keymatexportlen(char *arg) 253 { 254 s_client_config.keymatexportlen = strtonum(arg, 1, INT_MAX, 255 &s_client_config.errstr); 256 if (s_client_config.errstr != NULL) { 257 BIO_printf(bio_err, "invalid argument %s: %s\n", 258 arg, s_client_config.errstr); 259 return (1); 260 } 261 return (0); 262 } 263 264 #ifndef OPENSSL_NO_DTLS 265 static int 266 s_client_opt_mtu(char *arg) 267 { 268 s_client_config.socket_mtu = strtonum(arg, 0, LONG_MAX, 269 &s_client_config.errstr); 270 if (s_client_config.errstr != NULL) { 271 BIO_printf(bio_err, "invalid argument %s: %s\n", 272 arg, s_client_config.errstr); 273 return (1); 274 } 275 return (0); 276 } 277 #endif 278 279 static int 280 s_client_opt_port(char *arg) 281 { 282 if (*arg == '\0') 283 return (1); 284 285 s_client_config.port = arg; 286 return (0); 287 } 288 289 #ifndef OPENSSL_NO_DTLS 290 static int 291 s_client_opt_protocol_version_dtls(void) 292 { 293 s_client_config.meth = DTLS_client_method(); 294 s_client_config.socket_type = SOCK_DGRAM; 295 return (0); 296 } 297 #endif 298 299 #ifndef OPENSSL_NO_DTLS1 300 static int 301 s_client_opt_protocol_version_dtls1(void) 302 { 303 s_client_config.meth = DTLS_client_method(); 304 s_client_config.min_version = DTLS1_VERSION; 305 s_client_config.max_version = DTLS1_VERSION; 306 s_client_config.socket_type = SOCK_DGRAM; 307 return (0); 308 } 309 #endif 310 311 #ifndef OPENSSL_NO_DTLS1_2 312 static int 313 s_client_opt_protocol_version_dtls1_2(void) 314 { 315 s_client_config.meth = DTLS_client_method(); 316 s_client_config.min_version = DTLS1_2_VERSION; 317 s_client_config.max_version = DTLS1_2_VERSION; 318 s_client_config.socket_type = SOCK_DGRAM; 319 return (0); 320 } 321 #endif 322 323 static int 324 s_client_opt_protocol_version_tls1(void) 325 { 326 s_client_config.min_version = TLS1_VERSION; 327 s_client_config.max_version = TLS1_VERSION; 328 return (0); 329 } 330 331 static int 332 s_client_opt_protocol_version_tls1_1(void) 333 { 334 s_client_config.min_version = TLS1_1_VERSION; 335 s_client_config.max_version = TLS1_1_VERSION; 336 return (0); 337 } 338 339 static int 340 s_client_opt_protocol_version_tls1_2(void) 341 { 342 s_client_config.min_version = TLS1_2_VERSION; 343 s_client_config.max_version = TLS1_2_VERSION; 344 return (0); 345 } 346 347 static int 348 s_client_opt_protocol_version_tls1_3(void) 349 { 350 s_client_config.min_version = TLS1_3_VERSION; 351 s_client_config.max_version = TLS1_3_VERSION; 352 return (0); 353 } 354 355 static int 356 s_client_opt_quiet(void) 357 { 358 s_client_config.quiet = 1; 359 s_client_config.ign_eof = 1; 360 return (0); 361 } 362 363 static int 364 s_client_opt_starttls(char *arg) 365 { 366 if (strcmp(arg, "smtp") == 0) 367 s_client_config.starttls_proto = PROTO_SMTP; 368 else if (strcmp(arg, "lmtp") == 0) 369 s_client_config.starttls_proto = PROTO_LMTP; 370 else if (strcmp(arg, "pop3") == 0) 371 s_client_config.starttls_proto = PROTO_POP3; 372 else if (strcmp(arg, "imap") == 0) 373 s_client_config.starttls_proto = PROTO_IMAP; 374 else if (strcmp(arg, "ftp") == 0) 375 s_client_config.starttls_proto = PROTO_FTP; 376 else if (strcmp(arg, "xmpp") == 0) 377 s_client_config.starttls_proto = PROTO_XMPP; 378 else 379 return (1); 380 return (0); 381 } 382 383 static int 384 s_client_opt_verify(char *arg) 385 { 386 s_client_config.verify = SSL_VERIFY_PEER; 387 388 verify_depth = strtonum(arg, 0, INT_MAX, &s_client_config.errstr); 389 if (s_client_config.errstr != NULL) { 390 BIO_printf(bio_err, "invalid argument %s: %s\n", 391 arg, s_client_config.errstr); 392 return (1); 393 } 394 BIO_printf(bio_err, "verify depth is %d\n", verify_depth); 395 return (0); 396 } 397 398 static int 399 s_client_opt_verify_param(int argc, char **argv, int *argsused) 400 { 401 char **pargs = argv; 402 int pargc = argc; 403 int badarg = 0; 404 405 if (!args_verify(&pargs, &pargc, &badarg, bio_err, 406 &s_client_config.vpm)) { 407 BIO_printf(bio_err, "unknown option %s\n", *argv); 408 return (1); 409 } 410 if (badarg) 411 return (1); 412 413 *argsused = argc - pargc; 414 return (0); 415 } 416 417 static const struct option s_client_options[] = { 418 { 419 .name = "4", 420 .desc = "Use IPv4 only", 421 .type = OPTION_VALUE, 422 .opt.value = &s_client_config.af, 423 .value = AF_INET, 424 }, 425 { 426 .name = "6", 427 .desc = "Use IPv6 only", 428 .type = OPTION_VALUE, 429 .opt.value = &s_client_config.af, 430 .value = AF_INET6, 431 }, 432 { 433 .name = "alpn", 434 .argname = "protocols", 435 .desc = "Set the advertised protocols for ALPN" 436 " (comma-separated list)", 437 .type = OPTION_ARG, 438 .opt.arg = &s_client_config.alpn_in, 439 }, 440 { 441 .name = "bugs", 442 .desc = "Enable various workarounds for buggy implementations", 443 .type = OPTION_FLAG, 444 .opt.flag = &s_client_config.bugs, 445 }, 446 { 447 .name = "CAfile", 448 .argname = "file", 449 .desc = "PEM format file of CA certificates", 450 .type = OPTION_ARG, 451 .opt.arg = &s_client_config.CAfile, 452 }, 453 { 454 .name = "CApath", 455 .argname = "directory", 456 .desc = "PEM format directory of CA certificates", 457 .type = OPTION_ARG, 458 .opt.arg = &s_client_config.CApath, 459 }, 460 { 461 .name = "cert", 462 .argname = "file", 463 .desc = "Certificate file to use, PEM format assumed", 464 .type = OPTION_ARG, 465 .opt.arg = &s_client_config.cert_file, 466 }, 467 { 468 .name = "certform", 469 .argname = "fmt", 470 .desc = "Certificate format (PEM or DER) PEM default", 471 .type = OPTION_ARG_FORMAT, 472 .opt.value = &s_client_config.cert_format, 473 }, 474 { 475 .name = "cipher", 476 .argname = "cipherlist", 477 .desc = "Preferred cipher to use (see 'openssl ciphers')", 478 .type = OPTION_ARG, 479 .opt.arg = &s_client_config.cipher, 480 }, 481 { 482 .name = "connect", 483 .argname = "host:port", 484 .desc = "Who to connect to (default is localhost:4433)", 485 .type = OPTION_ARG, 486 .opt.arg = &s_client_config.connect, 487 }, 488 { 489 .name = "crlf", 490 .desc = "Convert LF from terminal into CRLF", 491 .type = OPTION_FLAG, 492 .opt.flag = &s_client_config.crlf, 493 }, 494 { 495 .name = "debug", 496 .desc = "Print extensive debugging information", 497 .type = OPTION_FLAG, 498 .opt.flag = &s_client_config.debug, 499 }, 500 #ifndef OPENSSL_NO_DTLS 501 { 502 .name = "dtls", 503 .desc = "Use any version of DTLS", 504 .type = OPTION_FUNC, 505 .opt.func = s_client_opt_protocol_version_dtls, 506 }, 507 #endif 508 #ifndef OPENSSL_NO_DTLS1 509 { 510 .name = "dtls1", 511 .desc = "Just use DTLSv1", 512 .type = OPTION_FUNC, 513 .opt.func = s_client_opt_protocol_version_dtls1, 514 }, 515 #endif 516 #ifndef OPENSSL_NO_DTLS1_2 517 { 518 .name = "dtls1_2", 519 .desc = "Just use DTLSv1.2", 520 .type = OPTION_FUNC, 521 .opt.func = s_client_opt_protocol_version_dtls1_2, 522 }, 523 #endif 524 { 525 .name = "groups", 526 .argname = "list", 527 .desc = "Specify EC groups (colon-separated list)", 528 .type = OPTION_ARG, 529 .opt.arg = &s_client_config.groups_in, 530 }, 531 { 532 .name = "host", 533 .argname = "host", 534 .desc = "Use -connect instead", 535 .type = OPTION_ARG, 536 .opt.arg = &s_client_config.host, 537 }, 538 { 539 .name = "ign_eof", 540 .desc = "Ignore input EOF (default when -quiet)", 541 .type = OPTION_VALUE, 542 .opt.value = &s_client_config.ign_eof, 543 .value = 1, 544 }, 545 { 546 .name = "key", 547 .argname = "file", 548 .desc = "Private key file to use, if not, -cert file is used", 549 .type = OPTION_ARG, 550 .opt.arg = &s_client_config.key_file, 551 }, 552 { 553 .name = "keyform", 554 .argname = "fmt", 555 .desc = "Key format (PEM or DER) PEM default", 556 .type = OPTION_ARG_FORMAT, 557 .opt.value = &s_client_config.key_format, 558 }, 559 { 560 .name = "keymatexport", 561 .argname = "label", 562 .desc = "Export keying material using label", 563 .type = OPTION_ARG, 564 .opt.arg = &s_client_config.keymatexportlabel, 565 }, 566 { 567 .name = "keymatexportlen", 568 .argname = "len", 569 .desc = "Export len bytes of keying material (default 20)", 570 .type = OPTION_ARG_FUNC, 571 .opt.argfunc = s_client_opt_keymatexportlen, 572 }, 573 { 574 .name = "legacy_renegotiation", 575 .type = OPTION_DISCARD, 576 }, 577 { 578 .name = "legacy_server_connect", 579 .desc = "Allow initial connection to servers that don't support RI", 580 .type = OPTION_VALUE_OR, 581 .opt.value = &s_client_config.off, 582 .value = SSL_OP_LEGACY_SERVER_CONNECT, 583 }, 584 { 585 .name = "msg", 586 .desc = "Show all protocol messages with hex dump", 587 .type = OPTION_FLAG, 588 .opt.flag = &s_client_config.msg, 589 }, 590 #ifndef OPENSSL_NO_DTLS 591 { 592 .name = "mtu", 593 .argname = "mtu", 594 .desc = "Set the link layer MTU on DTLS connections", 595 .type = OPTION_ARG_FUNC, 596 .opt.argfunc = s_client_opt_mtu, 597 }, 598 #endif 599 { 600 .name = "nbio", 601 .desc = "Turn on non-blocking I/O", 602 .type = OPTION_FLAG, 603 .opt.flag = &s_client_config.nbio, 604 }, 605 { 606 .name = "nbio_test", 607 .desc = "Test non-blocking I/O", 608 .type = OPTION_FLAG, 609 .opt.flag = &s_client_config.nbio_test, 610 }, 611 { 612 .name = "nextprotoneg", 613 .argname = "protocols", 614 .type = OPTION_ARG, 615 .opt.arg = &s_client_config.npn_in, /* Ignored. */ 616 }, 617 { 618 .name = "no_comp", 619 .type = OPTION_VALUE_OR, 620 .opt.value = &s_client_config.off, 621 .value = SSL_OP_NO_COMPRESSION, 622 }, 623 { 624 .name = "no_ign_eof", 625 .desc = "Don't ignore input EOF", 626 .type = OPTION_VALUE, 627 .opt.value = &s_client_config.ign_eof, 628 .value = 0, 629 }, 630 { 631 .name = "no_legacy_server_connect", 632 .desc = "Disallow initial connection to servers that don't support RI", 633 .type = OPTION_VALUE_OR, 634 .opt.value = &s_client_config.clr, 635 .value = SSL_OP_LEGACY_SERVER_CONNECT, 636 }, 637 { 638 .name = "no_servername", 639 .desc = "Do not send a Server Name Indication (SNI) extension", 640 .type = OPTION_FLAG, 641 .opt.value = &s_client_config.no_servername, 642 }, 643 { 644 .name = "no_ssl2", 645 .type = OPTION_VALUE_OR, 646 .opt.value = &s_client_config.off, 647 .value = SSL_OP_NO_SSLv2, 648 }, 649 { 650 .name = "no_ssl3", 651 .type = OPTION_VALUE_OR, 652 .opt.value = &s_client_config.off, 653 .value = SSL_OP_NO_SSLv3, 654 }, 655 { 656 .name = "no_ticket", 657 .desc = "Disable use of RFC4507 session ticket support", 658 .type = OPTION_VALUE_OR, 659 .opt.value = &s_client_config.off, 660 .value = SSL_OP_NO_TICKET, 661 }, 662 { 663 .name = "no_tls1", 664 .desc = "Disable the use of TLSv1", 665 .type = OPTION_VALUE_OR, 666 .opt.value = &s_client_config.off, 667 .value = SSL_OP_NO_TLSv1, 668 }, 669 { 670 .name = "no_tls1_1", 671 .desc = "Disable the use of TLSv1.1", 672 .type = OPTION_VALUE_OR, 673 .opt.value = &s_client_config.off, 674 .value = SSL_OP_NO_TLSv1_1, 675 }, 676 { 677 .name = "no_tls1_2", 678 .desc = "Disable the use of TLSv1.2", 679 .type = OPTION_VALUE_OR, 680 .opt.value = &s_client_config.off, 681 .value = SSL_OP_NO_TLSv1_2, 682 }, 683 { 684 .name = "no_tls1_3", 685 .desc = "Disable the use of TLSv1.3", 686 .type = OPTION_VALUE_OR, 687 .opt.value = &s_client_config.off, 688 .value = SSL_OP_NO_TLSv1_3, 689 }, 690 { 691 .name = "noservername", 692 .type = OPTION_FLAG, 693 .opt.value = &s_client_config.no_servername, 694 }, 695 { 696 .name = "pass", 697 .argname = "arg", 698 .desc = "Private key file pass phrase source", 699 .type = OPTION_ARG, 700 .opt.arg = &s_client_config.passarg, 701 }, 702 { 703 .name = "pause", 704 .desc = "Pause 1 second between each read and write call", 705 .type = OPTION_FLAG, 706 .opt.flag = &s_client_config.pause, 707 }, 708 { 709 .name = "peekaboo", 710 .type = OPTION_FLAG, 711 .opt.flag = &s_client_config.peekaboo, 712 }, 713 { 714 .name = "port", 715 .argname = "port", 716 .desc = "Use -connect instead", 717 .type = OPTION_ARG_FUNC, 718 .opt.argfunc = s_client_opt_port, 719 }, 720 { 721 .name = "prexit", 722 .desc = "Print session information when the program exits", 723 .type = OPTION_FLAG, 724 .opt.flag = &s_client_config.prexit, 725 }, 726 { 727 .name = "proxy", 728 .argname = "host:port", 729 .desc = "Connect to http proxy", 730 .type = OPTION_ARG, 731 .opt.arg = &s_client_config.proxy, 732 }, 733 { 734 .name = "quiet", 735 .desc = "Inhibit printing of session and certificate info", 736 .type = OPTION_FUNC, 737 .opt.func = s_client_opt_quiet, 738 }, 739 { 740 .name = "reconnect", 741 .desc = "Drop and re-make the connection with the same Session-ID", 742 .type = OPTION_VALUE, 743 .opt.value = &s_client_config.reconnect, 744 .value = 5, 745 }, 746 { 747 .name = "servername", 748 .argname = "name", 749 .desc = "Set TLS extension servername in ClientHello (SNI)", 750 .type = OPTION_ARG, 751 .opt.arg = &s_client_config.servername, 752 }, 753 { 754 .name = "serverpref", 755 .desc = "Use server's cipher preferences", 756 .type = OPTION_VALUE_OR, 757 .opt.value = &s_client_config.off, 758 .value = SSL_OP_CIPHER_SERVER_PREFERENCE, 759 }, 760 { 761 .name = "sess_in", 762 .argname = "file", 763 .desc = "File to read TLS session from", 764 .type = OPTION_ARG, 765 .opt.arg = &s_client_config.sess_in, 766 }, 767 { 768 .name = "sess_out", 769 .argname = "file", 770 .desc = "File to write TLS session to", 771 .type = OPTION_ARG, 772 .opt.arg = &s_client_config.sess_out, 773 }, 774 { 775 .name = "showcerts", 776 .desc = "Show all server certificates in the chain", 777 .type = OPTION_FLAG, 778 .opt.flag = &s_client_config.showcerts, 779 }, 780 { 781 .name = "starttls", 782 .argname = "protocol", 783 .desc = "Use the STARTTLS command before starting TLS,\n" 784 "smtp, lmtp, pop3, imap, ftp and xmpp are supported.", 785 .type = OPTION_ARG_FUNC, 786 .opt.argfunc = s_client_opt_starttls, 787 }, 788 { 789 .name = "state", 790 .desc = "Print the TLS session states", 791 .type = OPTION_FLAG, 792 .opt.flag = &s_client_config.state, 793 }, 794 { 795 .name = "status", 796 .desc = "Send a certificate status request to the server (OCSP)", 797 .type = OPTION_FLAG, 798 .opt.flag = &s_client_config.status_req, 799 }, 800 #ifndef OPENSSL_NO_DTLS 801 { 802 .name = "timeout", 803 .desc = "Enable send/receive timeout on DTLS connections", 804 .type = OPTION_FLAG, 805 .opt.flag = &s_client_config.enable_timeouts, 806 }, 807 #endif 808 { 809 .name = "tls1", 810 .desc = "Just use TLSv1", 811 .type = OPTION_FUNC, 812 .opt.func = s_client_opt_protocol_version_tls1, 813 }, 814 { 815 .name = "tls1_1", 816 .desc = "Just use TLSv1.1", 817 .type = OPTION_FUNC, 818 .opt.func = s_client_opt_protocol_version_tls1_1, 819 }, 820 { 821 .name = "tls1_2", 822 .desc = "Just use TLSv1.2", 823 .type = OPTION_FUNC, 824 .opt.func = s_client_opt_protocol_version_tls1_2, 825 }, 826 { 827 .name = "tls1_3", 828 .desc = "Just use TLSv1.3", 829 .type = OPTION_FUNC, 830 .opt.func = s_client_opt_protocol_version_tls1_3, 831 }, 832 { 833 .name = "tlsextdebug", 834 .desc = "Hex dump of all TLS extensions received", 835 .type = OPTION_FLAG, 836 .opt.flag = &s_client_config.tlsextdebug, 837 }, 838 #ifndef OPENSSL_NO_SRTP 839 { 840 .name = "use_srtp", 841 .argname = "profiles", 842 .desc = "Offer SRTP key management with a colon-separated profiles", 843 .type = OPTION_ARG, 844 .opt.arg = &s_client_config.srtp_profiles, 845 }, 846 #endif 847 { 848 .name = "verify", 849 .argname = "depth", 850 .desc = "Turn on peer certificate verification, with a max of depth", 851 .type = OPTION_ARG_FUNC, 852 .opt.argfunc = s_client_opt_verify, 853 }, 854 { 855 .name = "verify_return_error", 856 .desc = "Return verification error", 857 .type = OPTION_FLAG, 858 .opt.flag = &verify_return_error, 859 }, 860 { 861 .name = "xmpphost", 862 .argname = "host", 863 .desc = "Connect to this virtual host on the xmpp server", 864 .type = OPTION_ARG, 865 .opt.arg = &s_client_config.xmpphost, 866 }, 867 { 868 .name = NULL, 869 .desc = "", 870 .type = OPTION_ARGV_FUNC, 871 .opt.argvfunc = s_client_opt_verify_param, 872 }, 873 { NULL }, 874 }; 875 876 static void 877 sc_usage(void) 878 { 879 fprintf(stderr, "usage: s_client " 880 "[-4 | -6] [-alpn protocols] [-bugs] [-CAfile file]\n" 881 " [-CApath directory] [-cert file] [-certform der | pem] [-check_ss_sig]\n" 882 " [-cipher cipherlist] [-connect host[:port]] [-crl_check]\n" 883 " [-crl_check_all] [-crlf] [-debug] [-dtls] [-dtls1] [-dtls1_2] [-extended_crl]\n" 884 " [-groups list] [-host host] [-ign_eof] [-ignore_critical]\n" 885 " [-issuer_checks] [-key keyfile] [-keyform der | pem]\n" 886 " [-keymatexport label] [-keymatexportlen len] [-legacy_server_connect]\n" 887 " [-msg] [-mtu mtu] [-nbio] [-nbio_test] [-no_comp] [-no_ign_eof]\n" 888 " [-no_legacy_server_connect] [-no_ticket] [-no_tls1] [-no_tls1_1]\n" 889 " [-no_tls1_2] [-no_tls1_3] [-pass arg] [-pause] [-policy_check]\n" 890 " [-port port] [-prexit] [-proxy host:port] [-quiet] [-reconnect]\n" 891 " [-servername name] [-serverpref] [-sess_in file] [-sess_out file]\n" 892 " [-showcerts] [-starttls protocol] [-state] [-status] [-timeout]\n" 893 " [-tls1] [-tls1_1] [-tls1_2] [-tls1_3] [-tlsextdebug]\n" 894 " [-use_srtp profiles] [-verify depth] [-verify_return_error]\n" 895 " [-x509_strict] [-xmpphost host]\n"); 896 fprintf(stderr, "\n"); 897 options_usage(s_client_options); 898 fprintf(stderr, "\n"); 899 } 900 901 int 902 s_client_main(int argc, char **argv) 903 { 904 SSL *con = NULL; 905 int s, k, p = 0, pending = 0; 906 char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL, *pbuf = NULL; 907 int cbuf_len, cbuf_off; 908 int sbuf_len, sbuf_off; 909 int full_log = 1; 910 const char *servername; 911 char *pass = NULL; 912 X509 *cert = NULL; 913 EVP_PKEY *key = NULL; 914 int badop = 0; 915 int write_tty, read_tty, write_ssl, read_ssl, tty_on, ssl_pending; 916 SSL_CTX *ctx = NULL; 917 int ret = 1, in_init = 1, i; 918 BIO *bio_c_out = NULL; 919 BIO *sbio; 920 int mbuf_len = 0; 921 struct timeval timeout; 922 tlsextctx tlsextcbp = {NULL, 0}; 923 struct sockaddr_storage peer; 924 int peerlen = sizeof(peer); 925 926 if (single_execution) { 927 if (pledge("stdio cpath wpath rpath inet dns tty", NULL) == -1) { 928 perror("pledge"); 929 exit(1); 930 } 931 } 932 933 memset(&s_client_config, 0, sizeof(s_client_config)); 934 s_client_config.af = AF_UNSPEC; 935 s_client_config.cert_format = FORMAT_PEM; 936 s_client_config.host = SSL_HOST_NAME; 937 s_client_config.key_format = FORMAT_PEM; 938 s_client_config.keymatexportlen = 20; 939 s_client_config.meth = TLS_client_method(); 940 s_client_config.port = PORT_STR; 941 s_client_config.socket_type = SOCK_STREAM; 942 s_client_config.starttls_proto = PROTO_OFF; 943 s_client_config.verify = SSL_VERIFY_NONE; 944 945 if (((cbuf = malloc(BUFSIZZ)) == NULL) || 946 ((sbuf = malloc(BUFSIZZ)) == NULL) || 947 ((pbuf = malloc(BUFSIZZ)) == NULL) || 948 ((mbuf = malloc(BUFSIZZ + 1)) == NULL)) { /* NUL byte */ 949 BIO_printf(bio_err, "out of memory\n"); 950 goto end; 951 } 952 verify_depth = 0; 953 954 if (options_parse(argc, argv, s_client_options, NULL, NULL) != 0) { 955 badop = 1; 956 goto bad; 957 } 958 if (s_client_config.proxy != NULL) { 959 if (!extract_host_port(s_client_config.proxy, 960 &s_client_config.host, NULL, &s_client_config.port)) 961 goto bad; 962 if (s_client_config.connect == NULL) 963 s_client_config.connect = SSL_HOST_NAME; 964 } else if (s_client_config.connect != NULL) { 965 if (!extract_host_port(s_client_config.connect, 966 &s_client_config.host, NULL, &s_client_config.port)) 967 goto bad; 968 } 969 if (badop) { 970 bad: 971 if (s_client_config.errstr == NULL) 972 sc_usage(); 973 goto end; 974 } 975 976 if (!app_passwd(bio_err, s_client_config.passarg, NULL, &pass, NULL)) { 977 BIO_printf(bio_err, "Error getting password\n"); 978 goto end; 979 } 980 if (s_client_config.key_file == NULL) 981 s_client_config.key_file = s_client_config.cert_file; 982 983 984 if (s_client_config.key_file) { 985 986 key = load_key(bio_err, s_client_config.key_file, 987 s_client_config.key_format, 0, pass, 988 "client certificate private key file"); 989 if (!key) { 990 ERR_print_errors(bio_err); 991 goto end; 992 } 993 } 994 if (s_client_config.cert_file) { 995 cert = load_cert(bio_err, s_client_config.cert_file, 996 s_client_config.cert_format, 997 NULL, "client certificate file"); 998 999 if (!cert) { 1000 ERR_print_errors(bio_err); 1001 goto end; 1002 } 1003 } 1004 if (s_client_config.quiet && !s_client_config.debug && 1005 !s_client_config.msg) { 1006 if ((bio_c_out = BIO_new(BIO_s_null())) == NULL) 1007 goto end; 1008 } else { 1009 if ((bio_c_out = BIO_new_fp(stdout, BIO_NOCLOSE)) == NULL) 1010 goto end; 1011 } 1012 1013 ctx = SSL_CTX_new(s_client_config.meth); 1014 if (ctx == NULL) { 1015 ERR_print_errors(bio_err); 1016 goto end; 1017 } 1018 1019 SSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY); 1020 1021 if (s_client_config.vpm) 1022 SSL_CTX_set1_param(ctx, s_client_config.vpm); 1023 1024 if (!SSL_CTX_set_min_proto_version(ctx, s_client_config.min_version)) 1025 goto end; 1026 if (!SSL_CTX_set_max_proto_version(ctx, s_client_config.max_version)) 1027 goto end; 1028 1029 #ifndef OPENSSL_NO_SRTP 1030 if (s_client_config.srtp_profiles != NULL) 1031 SSL_CTX_set_tlsext_use_srtp(ctx, s_client_config.srtp_profiles); 1032 #endif 1033 if (s_client_config.bugs) 1034 SSL_CTX_set_options(ctx, SSL_OP_ALL | s_client_config.off); 1035 else 1036 SSL_CTX_set_options(ctx, s_client_config.off); 1037 1038 if (s_client_config.clr) 1039 SSL_CTX_clear_options(ctx, s_client_config.clr); 1040 1041 if (s_client_config.alpn_in) { 1042 unsigned short alpn_len; 1043 unsigned char *alpn; 1044 1045 alpn = next_protos_parse(&alpn_len, s_client_config.alpn_in); 1046 if (alpn == NULL) { 1047 BIO_printf(bio_err, "Error parsing -alpn argument\n"); 1048 goto end; 1049 } 1050 SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); 1051 free(alpn); 1052 } 1053 if (s_client_config.groups_in != NULL) { 1054 if (SSL_CTX_set1_groups_list(ctx, s_client_config.groups_in) != 1) { 1055 BIO_printf(bio_err, "Failed to set groups '%s'\n", 1056 s_client_config.groups_in); 1057 goto end; 1058 } 1059 } 1060 1061 if (s_client_config.state) 1062 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback); 1063 if (s_client_config.cipher != NULL) 1064 if (!SSL_CTX_set_cipher_list(ctx, s_client_config.cipher)) { 1065 BIO_printf(bio_err, "error setting cipher list\n"); 1066 ERR_print_errors(bio_err); 1067 goto end; 1068 } 1069 1070 SSL_CTX_set_verify(ctx, s_client_config.verify, verify_callback); 1071 if (!set_cert_key_stuff(ctx, cert, key)) 1072 goto end; 1073 1074 if ((s_client_config.CAfile || s_client_config.CApath) 1075 && !SSL_CTX_load_verify_locations(ctx, s_client_config.CAfile, 1076 s_client_config.CApath)) 1077 ERR_print_errors(bio_err); 1078 1079 if (!SSL_CTX_set_default_verify_paths(ctx)) 1080 ERR_print_errors(bio_err); 1081 1082 con = SSL_new(ctx); 1083 if (s_client_config.sess_in) { 1084 SSL_SESSION *sess; 1085 BIO *stmp = BIO_new_file(s_client_config.sess_in, "r"); 1086 if (!stmp) { 1087 BIO_printf(bio_err, "Can't open session file %s\n", 1088 s_client_config.sess_in); 1089 ERR_print_errors(bio_err); 1090 goto end; 1091 } 1092 sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL); 1093 BIO_free(stmp); 1094 if (!sess) { 1095 BIO_printf(bio_err, "Can't open session file %s\n", 1096 s_client_config.sess_in); 1097 ERR_print_errors(bio_err); 1098 goto end; 1099 } 1100 SSL_set_session(con, sess); 1101 SSL_SESSION_free(sess); 1102 } 1103 1104 /* Attempt to opportunistically use the host name for SNI. */ 1105 servername = s_client_config.servername; 1106 if (servername == NULL) 1107 servername = s_client_config.host; 1108 1109 if (!s_client_config.no_servername && servername != NULL && 1110 !SSL_set_tlsext_host_name(con, servername)) { 1111 long ssl_err = ERR_peek_error(); 1112 1113 if (s_client_config.servername != NULL || 1114 ERR_GET_LIB(ssl_err) != ERR_LIB_SSL || 1115 ERR_GET_REASON(ssl_err) != SSL_R_SSL3_EXT_INVALID_SERVERNAME) { 1116 BIO_printf(bio_err, 1117 "Unable to set TLS servername extension.\n"); 1118 ERR_print_errors(bio_err); 1119 goto end; 1120 } 1121 servername = NULL; 1122 ERR_clear_error(); 1123 } 1124 if (!s_client_config.no_servername && servername != NULL) { 1125 tlsextcbp.biodebug = bio_err; 1126 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1127 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1128 } 1129 1130 re_start: 1131 1132 if (init_client(&s, s_client_config.host, s_client_config.port, 1133 s_client_config.socket_type, s_client_config.af) == 0) { 1134 BIO_printf(bio_err, "connect:errno=%d\n", errno); 1135 goto end; 1136 } 1137 BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s); 1138 1139 if (s_client_config.nbio) { 1140 if (!s_client_config.quiet) 1141 BIO_printf(bio_c_out, "turning on non blocking io\n"); 1142 if (!BIO_socket_nbio(s, 1)) { 1143 ERR_print_errors(bio_err); 1144 goto end; 1145 } 1146 } 1147 if (s_client_config.pause & 0x01) 1148 SSL_set_debug(con, 1); 1149 1150 if (SSL_is_dtls(con)) { 1151 sbio = BIO_new_dgram(s, BIO_NOCLOSE); 1152 if (getsockname(s, (struct sockaddr *)&peer, 1153 (void *)&peerlen) == -1) { 1154 BIO_printf(bio_err, "getsockname:errno=%d\n", 1155 errno); 1156 shutdown(s, SHUT_RD); 1157 close(s); 1158 goto end; 1159 } 1160 (void) BIO_ctrl_set_connected(sbio, 1, &peer); 1161 1162 if (s_client_config.enable_timeouts) { 1163 timeout.tv_sec = 0; 1164 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1165 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, 1166 &timeout); 1167 1168 timeout.tv_sec = 0; 1169 timeout.tv_usec = DGRAM_SND_TIMEOUT; 1170 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, 1171 &timeout); 1172 } 1173 if (s_client_config.socket_mtu > 28) { 1174 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 1175 SSL_set_mtu(con, s_client_config.socket_mtu - 28); 1176 } else 1177 /* want to do MTU discovery */ 1178 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 1179 } else 1180 sbio = BIO_new_socket(s, BIO_NOCLOSE); 1181 1182 if (s_client_config.nbio_test) { 1183 BIO *test; 1184 1185 test = BIO_new(BIO_f_nbio_test()); 1186 sbio = BIO_push(test, sbio); 1187 } 1188 if (s_client_config.debug) { 1189 SSL_set_debug(con, 1); 1190 BIO_set_callback(sbio, bio_dump_callback); 1191 BIO_set_callback_arg(sbio, (char *) bio_c_out); 1192 } 1193 if (s_client_config.msg) { 1194 SSL_set_msg_callback(con, msg_cb); 1195 SSL_set_msg_callback_arg(con, bio_c_out); 1196 } 1197 if (s_client_config.tlsextdebug) { 1198 SSL_set_tlsext_debug_callback(con, tlsext_cb); 1199 SSL_set_tlsext_debug_arg(con, bio_c_out); 1200 } 1201 if (s_client_config.status_req) { 1202 SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); 1203 SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); 1204 SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); 1205 } 1206 1207 SSL_set_bio(con, sbio, sbio); 1208 SSL_set_connect_state(con); 1209 1210 /* ok, lets connect */ 1211 read_tty = 1; 1212 write_tty = 0; 1213 tty_on = 0; 1214 read_ssl = 1; 1215 write_ssl = 1; 1216 1217 cbuf_len = 0; 1218 cbuf_off = 0; 1219 sbuf_len = 0; 1220 sbuf_off = 0; 1221 1222 /* This is an ugly hack that does a lot of assumptions */ 1223 /* 1224 * We do have to handle multi-line responses which may come in a 1225 * single packet or not. We therefore have to use BIO_gets() which 1226 * does need a buffering BIO. So during the initial chitchat we do 1227 * push a buffering BIO into the chain that is removed again later on 1228 * to not disturb the rest of the s_client operation. 1229 */ 1230 if (s_client_config.starttls_proto == PROTO_SMTP || 1231 s_client_config.starttls_proto == PROTO_LMTP) { 1232 int foundit = 0; 1233 BIO *fbio = BIO_new(BIO_f_buffer()); 1234 BIO_push(fbio, sbio); 1235 /* wait for multi-line response to end from SMTP */ 1236 do { 1237 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1238 } 1239 while (mbuf_len > 3 && mbuf[3] == '-'); 1240 /* STARTTLS command requires EHLO... */ 1241 BIO_printf(fbio, "%cHLO openssl.client.net\r\n", 1242 s_client_config.starttls_proto == PROTO_SMTP ? 'E' : 'L'); 1243 (void) BIO_flush(fbio); 1244 /* wait for multi-line response to end EHLO SMTP response */ 1245 do { 1246 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1247 if (strstr(mbuf, "STARTTLS")) 1248 foundit = 1; 1249 } 1250 while (mbuf_len > 3 && mbuf[3] == '-'); 1251 (void) BIO_flush(fbio); 1252 BIO_pop(fbio); 1253 BIO_free(fbio); 1254 if (!foundit) 1255 BIO_printf(bio_err, 1256 "didn't find starttls in server response," 1257 " try anyway...\n"); 1258 BIO_printf(sbio, "STARTTLS\r\n"); 1259 BIO_read(sbio, sbuf, BUFSIZZ); 1260 } else if (s_client_config.starttls_proto == PROTO_POP3) { 1261 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); 1262 if (mbuf_len == -1) { 1263 BIO_printf(bio_err, "BIO_read failed\n"); 1264 goto end; 1265 } 1266 BIO_printf(sbio, "STLS\r\n"); 1267 BIO_read(sbio, sbuf, BUFSIZZ); 1268 } else if (s_client_config.starttls_proto == PROTO_IMAP) { 1269 int foundit = 0; 1270 BIO *fbio = BIO_new(BIO_f_buffer()); 1271 BIO_push(fbio, sbio); 1272 BIO_gets(fbio, mbuf, BUFSIZZ); 1273 /* STARTTLS command requires CAPABILITY... */ 1274 BIO_printf(fbio, ". CAPABILITY\r\n"); 1275 (void) BIO_flush(fbio); 1276 /* wait for multi-line CAPABILITY response */ 1277 do { 1278 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1279 if (strstr(mbuf, "STARTTLS")) 1280 foundit = 1; 1281 } 1282 while (mbuf_len > 3 && mbuf[0] != '.'); 1283 (void) BIO_flush(fbio); 1284 BIO_pop(fbio); 1285 BIO_free(fbio); 1286 if (!foundit) 1287 BIO_printf(bio_err, 1288 "didn't find STARTTLS in server response," 1289 " try anyway...\n"); 1290 BIO_printf(sbio, ". STARTTLS\r\n"); 1291 BIO_read(sbio, sbuf, BUFSIZZ); 1292 } else if (s_client_config.starttls_proto == PROTO_FTP) { 1293 BIO *fbio = BIO_new(BIO_f_buffer()); 1294 BIO_push(fbio, sbio); 1295 /* wait for multi-line response to end from FTP */ 1296 do { 1297 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1298 } 1299 while (mbuf_len > 3 && mbuf[3] == '-'); 1300 (void) BIO_flush(fbio); 1301 BIO_pop(fbio); 1302 BIO_free(fbio); 1303 BIO_printf(sbio, "AUTH TLS\r\n"); 1304 BIO_read(sbio, sbuf, BUFSIZZ); 1305 } else if (s_client_config.starttls_proto == PROTO_XMPP) { 1306 int seen = 0; 1307 BIO_printf(sbio, "<stream:stream " 1308 "xmlns:stream='http://etherx.jabber.org/streams' " 1309 "xmlns='jabber:client' to='%s' version='1.0'>", 1310 s_client_config.xmpphost ? 1311 s_client_config.xmpphost : s_client_config.host); 1312 seen = BIO_read(sbio, mbuf, BUFSIZZ); 1313 1314 if (seen <= 0) 1315 goto shut; 1316 1317 mbuf[seen] = 0; 1318 while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'") && 1319 !strstr(mbuf, "<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"")) { 1320 seen = BIO_read(sbio, mbuf, BUFSIZZ); 1321 1322 if (seen <= 0) 1323 goto shut; 1324 1325 mbuf[seen] = 0; 1326 } 1327 BIO_printf(sbio, 1328 "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); 1329 seen = BIO_read(sbio, sbuf, BUFSIZZ); 1330 sbuf[seen] = 0; 1331 if (!strstr(sbuf, "<proceed")) 1332 goto shut; 1333 mbuf[0] = 0; 1334 } else if (s_client_config.proxy != NULL) { 1335 BIO_printf(sbio, "CONNECT %s HTTP/1.0\r\n\r\n", 1336 s_client_config.connect); 1337 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); 1338 if (mbuf_len == -1) { 1339 BIO_printf(bio_err, "BIO_read failed\n"); 1340 goto end; 1341 } 1342 } 1343 for (;;) { 1344 struct pollfd pfd[3]; /* stdin, stdout, socket */ 1345 int ptimeout = -1; 1346 1347 if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, &timeout)) 1348 ptimeout = timeout.tv_sec * 1000 + 1349 timeout.tv_usec / 1000; 1350 1351 if (SSL_in_init(con) && !SSL_total_renegotiations(con)) { 1352 in_init = 1; 1353 tty_on = 0; 1354 } else { 1355 tty_on = 1; 1356 if (in_init) { 1357 in_init = 0; 1358 if (s_client_config.sess_out) { 1359 BIO *stmp = BIO_new_file( 1360 s_client_config.sess_out, "w"); 1361 if (stmp) { 1362 PEM_write_bio_SSL_SESSION(stmp, 1363 SSL_get_session(con)); 1364 BIO_free(stmp); 1365 } else 1366 BIO_printf(bio_err, 1367 "Error writing session file %s\n", 1368 s_client_config.sess_out); 1369 } 1370 print_stuff(bio_c_out, con, full_log); 1371 if (full_log > 0) 1372 full_log--; 1373 1374 if (s_client_config.starttls_proto) { 1375 BIO_write(bio_err, mbuf, mbuf_len); 1376 /* We don't need to know any more */ 1377 s_client_config.starttls_proto = PROTO_OFF; 1378 } 1379 if (s_client_config.reconnect) { 1380 s_client_config.reconnect--; 1381 BIO_printf(bio_c_out, 1382 "drop connection and then reconnect\n"); 1383 SSL_shutdown(con); 1384 SSL_set_connect_state(con); 1385 shutdown(SSL_get_fd(con), SHUT_RD); 1386 close(SSL_get_fd(con)); 1387 goto re_start; 1388 } 1389 } 1390 } 1391 1392 ssl_pending = read_ssl && SSL_pending(con); 1393 1394 pfd[0].fd = -1; 1395 pfd[1].fd = -1; 1396 if (!ssl_pending) { 1397 if (tty_on) { 1398 if (read_tty) { 1399 pfd[0].fd = fileno(stdin); 1400 pfd[0].events = POLLIN; 1401 } 1402 if (write_tty) { 1403 pfd[1].fd = fileno(stdout); 1404 pfd[1].events = POLLOUT; 1405 } 1406 } 1407 1408 pfd[2].fd = SSL_get_fd(con); 1409 pfd[2].events = 0; 1410 if (read_ssl) 1411 pfd[2].events |= POLLIN; 1412 if (write_ssl) 1413 pfd[2].events |= POLLOUT; 1414 1415 /* printf("mode tty(%d %d%d) ssl(%d%d)\n", 1416 tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ 1417 1418 i = poll(pfd, 3, ptimeout); 1419 if (i == -1) { 1420 BIO_printf(bio_err, "bad select %d\n", 1421 errno); 1422 goto shut; 1423 /* goto end; */ 1424 } 1425 } 1426 if (SSL_is_dtls(con) && 1427 DTLSv1_handle_timeout(con) > 0) 1428 BIO_printf(bio_err, "TIMEOUT occured\n"); 1429 if (!ssl_pending && 1430 (pfd[2].revents & (POLLOUT|POLLERR|POLLNVAL))) { 1431 if (pfd[2].revents & (POLLERR|POLLNVAL)) { 1432 BIO_printf(bio_err, "poll error"); 1433 goto shut; 1434 } 1435 k = SSL_write(con, &(cbuf[cbuf_off]), 1436 (unsigned int) cbuf_len); 1437 switch (SSL_get_error(con, k)) { 1438 case SSL_ERROR_NONE: 1439 cbuf_off += k; 1440 cbuf_len -= k; 1441 if (k <= 0) 1442 goto end; 1443 /* we have done a write(con,NULL,0); */ 1444 if (cbuf_len <= 0) { 1445 read_tty = 1; 1446 write_ssl = 0; 1447 } else { /* if (cbuf_len > 0) */ 1448 read_tty = 0; 1449 write_ssl = 1; 1450 } 1451 break; 1452 case SSL_ERROR_WANT_WRITE: 1453 BIO_printf(bio_c_out, "write W BLOCK\n"); 1454 write_ssl = 1; 1455 read_tty = 0; 1456 break; 1457 case SSL_ERROR_WANT_READ: 1458 BIO_printf(bio_c_out, "write R BLOCK\n"); 1459 write_tty = 0; 1460 read_ssl = 1; 1461 write_ssl = 0; 1462 break; 1463 case SSL_ERROR_WANT_X509_LOOKUP: 1464 BIO_printf(bio_c_out, "write X BLOCK\n"); 1465 break; 1466 case SSL_ERROR_ZERO_RETURN: 1467 if (cbuf_len != 0) { 1468 BIO_printf(bio_c_out, "shutdown\n"); 1469 ret = 0; 1470 goto shut; 1471 } else { 1472 read_tty = 1; 1473 write_ssl = 0; 1474 break; 1475 } 1476 1477 case SSL_ERROR_SYSCALL: 1478 if ((k != 0) || (cbuf_len != 0)) { 1479 BIO_printf(bio_err, "write:errno=%d\n", 1480 errno); 1481 goto shut; 1482 } else { 1483 read_tty = 1; 1484 write_ssl = 0; 1485 } 1486 break; 1487 case SSL_ERROR_SSL: 1488 ERR_print_errors(bio_err); 1489 goto shut; 1490 } 1491 } else if (!ssl_pending && 1492 (pfd[1].revents & (POLLOUT|POLLERR|POLLNVAL))) { 1493 if (pfd[1].revents & (POLLERR|POLLNVAL)) { 1494 BIO_printf(bio_err, "poll error"); 1495 goto shut; 1496 } 1497 i = write(fileno(stdout), &(sbuf[sbuf_off]), sbuf_len); 1498 1499 if (i <= 0) { 1500 BIO_printf(bio_c_out, "DONE\n"); 1501 ret = 0; 1502 goto shut; 1503 /* goto end; */ 1504 } 1505 sbuf_len -= i; 1506 sbuf_off += i; 1507 if (sbuf_len <= 0) { 1508 read_ssl = 1; 1509 write_tty = 0; 1510 } 1511 } else if (ssl_pending || (pfd[2].revents & (POLLIN|POLLHUP))) { 1512 #ifdef RENEG 1513 { 1514 static int iiii; 1515 if (++iiii == 52) { 1516 SSL_renegotiate(con); 1517 iiii = 0; 1518 } 1519 } 1520 #endif 1521 if (s_client_config.peekaboo) { 1522 k = p = SSL_peek(con, pbuf, 1024 /* BUFSIZZ */ ); 1523 pending = SSL_pending(con); 1524 if (SSL_get_error(con, p) == SSL_ERROR_NONE) { 1525 if (p <= 0) 1526 goto end; 1527 1528 k = SSL_read(con, sbuf, p); 1529 } 1530 } else { 1531 k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ ); 1532 } 1533 1534 switch (SSL_get_error(con, k)) { 1535 case SSL_ERROR_NONE: 1536 if (k <= 0) 1537 goto end; 1538 sbuf_off = 0; 1539 sbuf_len = k; 1540 if (s_client_config.peekaboo) { 1541 if (p != pending) { 1542 ret = -1; 1543 BIO_printf(bio_err, 1544 "peeked %d but pending %d!\n", 1545 p, pending); 1546 goto shut; 1547 } 1548 if (k < p) { 1549 ret = -1; 1550 BIO_printf(bio_err, 1551 "read less than peek!\n"); 1552 goto shut; 1553 } 1554 if (p > 0 && 1555 (memcmp(sbuf, pbuf, p) != 0)) { 1556 ret = -1; 1557 BIO_printf(bio_err, 1558 "peek of %d different from read of %d!\n", 1559 p, k); 1560 goto shut; 1561 } 1562 } 1563 read_ssl = 0; 1564 write_tty = 1; 1565 break; 1566 case SSL_ERROR_WANT_WRITE: 1567 BIO_printf(bio_c_out, "read W BLOCK\n"); 1568 write_ssl = 1; 1569 read_tty = 0; 1570 break; 1571 case SSL_ERROR_WANT_READ: 1572 BIO_printf(bio_c_out, "read R BLOCK\n"); 1573 write_tty = 0; 1574 read_ssl = 1; 1575 if ((read_tty == 0) && (write_ssl == 0)) 1576 write_ssl = 1; 1577 break; 1578 case SSL_ERROR_WANT_X509_LOOKUP: 1579 BIO_printf(bio_c_out, "read X BLOCK\n"); 1580 break; 1581 case SSL_ERROR_SYSCALL: 1582 ret = errno; 1583 BIO_printf(bio_err, "read:errno=%d\n", ret); 1584 goto shut; 1585 case SSL_ERROR_ZERO_RETURN: 1586 BIO_printf(bio_c_out, "closed\n"); 1587 ret = 0; 1588 goto shut; 1589 case SSL_ERROR_SSL: 1590 ERR_print_errors(bio_err); 1591 goto shut; 1592 /* break; */ 1593 } 1594 } else if (pfd[0].revents) { 1595 if (pfd[0].revents & (POLLERR|POLLNVAL)) { 1596 BIO_printf(bio_err, "poll error"); 1597 goto shut; 1598 } 1599 if (s_client_config.crlf) { 1600 int j, lf_num; 1601 1602 i = read(fileno(stdin), cbuf, BUFSIZZ / 2); 1603 lf_num = 0; 1604 /* both loops are skipped when i <= 0 */ 1605 for (j = 0; j < i; j++) 1606 if (cbuf[j] == '\n') 1607 lf_num++; 1608 for (j = i - 1; j >= 0; j--) { 1609 cbuf[j + lf_num] = cbuf[j]; 1610 if (cbuf[j] == '\n') { 1611 lf_num--; 1612 i++; 1613 cbuf[j + lf_num] = '\r'; 1614 } 1615 } 1616 assert(lf_num == 0); 1617 } else 1618 i = read(fileno(stdin), cbuf, BUFSIZZ); 1619 1620 if ((!s_client_config.ign_eof) && 1621 ((i <= 0) || (cbuf[0] == 'Q'))) { 1622 BIO_printf(bio_err, "DONE\n"); 1623 ret = 0; 1624 goto shut; 1625 } 1626 if ((!s_client_config.ign_eof) && (cbuf[0] == 'R')) { 1627 BIO_printf(bio_err, "RENEGOTIATING\n"); 1628 SSL_renegotiate(con); 1629 cbuf_len = 0; 1630 } else { 1631 cbuf_len = i; 1632 cbuf_off = 0; 1633 } 1634 1635 write_ssl = 1; 1636 read_tty = 0; 1637 } 1638 } 1639 1640 ret = 0; 1641 shut: 1642 if (in_init) 1643 print_stuff(bio_c_out, con, full_log); 1644 SSL_shutdown(con); 1645 shutdown(SSL_get_fd(con), SHUT_RD); 1646 close(SSL_get_fd(con)); 1647 end: 1648 if (con != NULL) { 1649 if (s_client_config.prexit != 0) 1650 print_stuff(bio_c_out, con, 1); 1651 SSL_free(con); 1652 } 1653 SSL_CTX_free(ctx); 1654 X509_free(cert); 1655 EVP_PKEY_free(key); 1656 free(pass); 1657 X509_VERIFY_PARAM_free(s_client_config.vpm); 1658 freezero(cbuf, BUFSIZZ); 1659 freezero(sbuf, BUFSIZZ); 1660 freezero(pbuf, BUFSIZZ); 1661 freezero(mbuf, BUFSIZZ); 1662 BIO_free(bio_c_out); 1663 1664 return (ret); 1665 } 1666 1667 static void 1668 print_stuff(BIO *bio, SSL *s, int full) 1669 { 1670 X509 *peer = NULL; 1671 char *p; 1672 static const char *space = " "; 1673 char buf[BUFSIZ]; 1674 STACK_OF(X509) *sk; 1675 STACK_OF(X509_NAME) *sk2; 1676 const SSL_CIPHER *c; 1677 X509_NAME *xn; 1678 int j, i; 1679 unsigned char *exportedkeymat; 1680 1681 if (full) { 1682 int got_a_chain = 0; 1683 1684 sk = SSL_get_peer_cert_chain(s); 1685 if (sk != NULL) { 1686 got_a_chain = 1; /* we don't have it for SSL2 1687 * (yet) */ 1688 1689 BIO_printf(bio, "---\nCertificate chain\n"); 1690 for (i = 0; i < sk_X509_num(sk); i++) { 1691 X509_NAME_oneline(X509_get_subject_name( 1692 sk_X509_value(sk, i)), buf, sizeof buf); 1693 BIO_printf(bio, "%2d s:%s\n", i, buf); 1694 X509_NAME_oneline(X509_get_issuer_name( 1695 sk_X509_value(sk, i)), buf, sizeof buf); 1696 BIO_printf(bio, " i:%s\n", buf); 1697 if (s_client_config.showcerts) 1698 PEM_write_bio_X509(bio, 1699 sk_X509_value(sk, i)); 1700 } 1701 } 1702 BIO_printf(bio, "---\n"); 1703 peer = SSL_get_peer_certificate(s); 1704 if (peer != NULL) { 1705 BIO_printf(bio, "Server certificate\n"); 1706 if (!(s_client_config.showcerts && got_a_chain)) { 1707 /* Redundant if we showed the whole chain */ 1708 PEM_write_bio_X509(bio, peer); 1709 } 1710 X509_NAME_oneline(X509_get_subject_name(peer), 1711 buf, sizeof buf); 1712 BIO_printf(bio, "subject=%s\n", buf); 1713 X509_NAME_oneline(X509_get_issuer_name(peer), 1714 buf, sizeof buf); 1715 BIO_printf(bio, "issuer=%s\n", buf); 1716 } else 1717 BIO_printf(bio, "no peer certificate available\n"); 1718 1719 sk2 = SSL_get_client_CA_list(s); 1720 if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) { 1721 BIO_printf(bio, 1722 "---\nAcceptable client certificate CA names\n"); 1723 for (i = 0; i < sk_X509_NAME_num(sk2); i++) { 1724 xn = sk_X509_NAME_value(sk2, i); 1725 X509_NAME_oneline(xn, buf, sizeof(buf)); 1726 BIO_write(bio, buf, strlen(buf)); 1727 BIO_write(bio, "\n", 1); 1728 } 1729 } else { 1730 BIO_printf(bio, 1731 "---\nNo client certificate CA names sent\n"); 1732 } 1733 p = SSL_get_shared_ciphers(s, buf, sizeof buf); 1734 if (p != NULL) { 1735 /* 1736 * This works only for SSL 2. In later protocol 1737 * versions, the client does not know what other 1738 * ciphers (in addition to the one to be used in the 1739 * current connection) the server supports. 1740 */ 1741 1742 BIO_printf(bio, 1743 "---\nCiphers common between both SSL endpoints:\n"); 1744 j = i = 0; 1745 while (*p) { 1746 if (*p == ':') { 1747 BIO_write(bio, space, 15 - j % 25); 1748 i++; 1749 j = 0; 1750 BIO_write(bio, 1751 ((i % 3) ? " " : "\n"), 1); 1752 } else { 1753 BIO_write(bio, p, 1); 1754 j++; 1755 } 1756 p++; 1757 } 1758 BIO_write(bio, "\n", 1); 1759 } 1760 1761 ssl_print_tmp_key(bio, s); 1762 1763 BIO_printf(bio, 1764 "---\nSSL handshake has read %ld bytes and written %ld bytes\n", 1765 BIO_number_read(SSL_get_rbio(s)), 1766 BIO_number_written(SSL_get_wbio(s))); 1767 } 1768 BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, ")); 1769 c = SSL_get_current_cipher(s); 1770 BIO_printf(bio, "%s, Cipher is %s\n", 1771 SSL_CIPHER_get_version(c), 1772 SSL_CIPHER_get_name(c)); 1773 if (peer != NULL) { 1774 EVP_PKEY *pktmp; 1775 1776 pktmp = X509_get0_pubkey(peer); 1777 BIO_printf(bio, "Server public key is %d bit\n", 1778 EVP_PKEY_bits(pktmp)); 1779 } 1780 BIO_printf(bio, "Secure Renegotiation IS%s supported\n", 1781 SSL_get_secure_renegotiation_support(s) ? "" : " NOT"); 1782 1783 /* Compression is not supported and will always be none. */ 1784 BIO_printf(bio, "Compression: NONE\n"); 1785 BIO_printf(bio, "Expansion: NONE\n"); 1786 1787 #ifdef SSL_DEBUG 1788 { 1789 /* Print out local port of connection: useful for debugging */ 1790 int sock; 1791 struct sockaddr_in ladd; 1792 socklen_t ladd_size = sizeof(ladd); 1793 sock = SSL_get_fd(s); 1794 getsockname(sock, (struct sockaddr *) & ladd, &ladd_size); 1795 BIO_printf(bio, "LOCAL PORT is %u\n", 1796 ntohs(ladd.sin_port)); 1797 } 1798 #endif 1799 1800 { 1801 const unsigned char *proto; 1802 unsigned int proto_len; 1803 SSL_get0_alpn_selected(s, &proto, &proto_len); 1804 if (proto_len > 0) { 1805 BIO_printf(bio, "ALPN protocol: "); 1806 BIO_write(bio, proto, proto_len); 1807 BIO_write(bio, "\n", 1); 1808 } else 1809 BIO_printf(bio, "No ALPN negotiated\n"); 1810 } 1811 1812 #ifndef OPENSSL_NO_SRTP 1813 { 1814 SRTP_PROTECTION_PROFILE *srtp_profile; 1815 1816 srtp_profile = SSL_get_selected_srtp_profile(s); 1817 if (srtp_profile) 1818 BIO_printf(bio, 1819 "SRTP Extension negotiated, profile=%s\n", 1820 srtp_profile->name); 1821 } 1822 #endif 1823 1824 SSL_SESSION_print(bio, SSL_get_session(s)); 1825 if (s_client_config.keymatexportlabel != NULL) { 1826 BIO_printf(bio, "Keying material exporter:\n"); 1827 BIO_printf(bio, " Label: '%s'\n", 1828 s_client_config.keymatexportlabel); 1829 BIO_printf(bio, " Length: %i bytes\n", 1830 s_client_config.keymatexportlen); 1831 exportedkeymat = malloc(s_client_config.keymatexportlen); 1832 if (exportedkeymat != NULL) { 1833 if (!SSL_export_keying_material(s, exportedkeymat, 1834 s_client_config.keymatexportlen, 1835 s_client_config.keymatexportlabel, 1836 strlen(s_client_config.keymatexportlabel), 1837 NULL, 0, 0)) { 1838 BIO_printf(bio, " Error\n"); 1839 } else { 1840 BIO_printf(bio, " Keying material: "); 1841 for (i = 0; i < s_client_config.keymatexportlen; i++) 1842 BIO_printf(bio, "%02X", 1843 exportedkeymat[i]); 1844 BIO_printf(bio, "\n"); 1845 } 1846 free(exportedkeymat); 1847 } 1848 } 1849 BIO_printf(bio, "---\n"); 1850 X509_free(peer); 1851 /* flush, or debugging output gets mixed with http response */ 1852 (void) BIO_flush(bio); 1853 } 1854 1855 static int 1856 ocsp_resp_cb(SSL *s, void *arg) 1857 { 1858 const unsigned char *p; 1859 int len; 1860 OCSP_RESPONSE *rsp; 1861 len = SSL_get_tlsext_status_ocsp_resp(s, &p); 1862 BIO_puts(arg, "OCSP response: "); 1863 if (!p) { 1864 BIO_puts(arg, "no response sent\n"); 1865 return 1; 1866 } 1867 rsp = d2i_OCSP_RESPONSE(NULL, &p, len); 1868 if (!rsp) { 1869 BIO_puts(arg, "response parse error\n"); 1870 BIO_dump_indent(arg, (char *) p, len, 4); 1871 return 0; 1872 } 1873 BIO_puts(arg, "\n======================================\n"); 1874 OCSP_RESPONSE_print(arg, rsp, 0); 1875 BIO_puts(arg, "======================================\n"); 1876 OCSP_RESPONSE_free(rsp); 1877 return 1; 1878 } 1879 1880 static int 1881 ssl_servername_cb(SSL *s, int *ad, void *arg) 1882 { 1883 tlsextctx *p = (tlsextctx *) arg; 1884 const char *hn = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 1885 if (SSL_get_servername_type(s) != -1) 1886 p->ack = !SSL_session_reused(s) && hn != NULL; 1887 else 1888 BIO_printf(bio_err, "Can't use SSL_get_servername\n"); 1889 1890 return SSL_TLSEXT_ERR_OK; 1891 } 1892 1893