1 /* $OpenBSD: s_client.c,v 1.54 2021/03/17 18:11:01 jsing Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2005 Nokia. All rights reserved. 113 * 114 * The portions of the attached software ("Contribution") is developed by 115 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 116 * license. 117 * 118 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 119 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 120 * support (see RFC 4279) to OpenSSL. 121 * 122 * No patent licenses or other rights except those expressly stated in 123 * the OpenSSL open source license shall be deemed granted or received 124 * expressly, by implication, estoppel, or otherwise. 125 * 126 * No assurances are provided by Nokia that the Contribution does not 127 * infringe the patent or other intellectual property rights of any third 128 * party or that the license provides you with all the necessary rights 129 * to make use of the Contribution. 130 * 131 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 132 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 133 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 134 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 135 * OTHERWISE. 136 */ 137 138 #include <sys/types.h> 139 #include <sys/socket.h> 140 141 #include <netinet/in.h> 142 143 #include <assert.h> 144 #include <ctype.h> 145 #include <limits.h> 146 #include <netdb.h> 147 #include <stdio.h> 148 #include <stdlib.h> 149 #include <string.h> 150 #include <unistd.h> 151 #include <poll.h> 152 153 #include "apps.h" 154 155 #include <openssl/bn.h> 156 #include <openssl/err.h> 157 #include <openssl/ocsp.h> 158 #include <openssl/pem.h> 159 #include <openssl/ssl.h> 160 #include <openssl/x509.h> 161 162 #include "s_apps.h" 163 #include "timeouts.h" 164 165 /*#define SSL_HOST_NAME "www.netscape.com" */ 166 /*#define SSL_HOST_NAME "193.118.187.102" */ 167 #define SSL_HOST_NAME "localhost" 168 169 /*#define TEST_CERT "client.pem" *//* no default cert. */ 170 171 #define BUFSIZZ 1024*8 172 173 static void sc_usage(void); 174 static void print_stuff(BIO *berr, SSL *con, int full); 175 static int ocsp_resp_cb(SSL *s, void *arg); 176 static int ssl_servername_cb(SSL *s, int *ad, void *arg); 177 178 enum { 179 PROTO_OFF = 0, 180 PROTO_SMTP, 181 PROTO_LMTP, 182 PROTO_POP3, 183 PROTO_IMAP, 184 PROTO_FTP, 185 PROTO_XMPP, 186 }; 187 188 /* This is a context that we pass to callbacks */ 189 typedef struct tlsextctx_st { 190 BIO *biodebug; 191 int ack; 192 } tlsextctx; 193 194 static struct { 195 int af; 196 char *alpn_in; 197 int bugs; 198 char *CAfile; 199 char *CApath; 200 char *cert_file; 201 int cert_format; 202 char *cipher; 203 unsigned int clr; 204 char *connect; 205 int crlf; 206 int debug; 207 int enable_timeouts; 208 const char *errstr; 209 char *groups_in; 210 char *host; 211 int ign_eof; 212 char *key_file; 213 int key_format; 214 char *keymatexportlabel; 215 int keymatexportlen; 216 uint16_t max_version; 217 uint16_t min_version; 218 const SSL_METHOD *meth; 219 int msg; 220 int nbio; 221 int nbio_test; 222 char *npn_in; 223 unsigned int off; 224 char *passarg; 225 int pause; 226 int peekaboo; 227 char *port; 228 int prexit; 229 char *proxy; 230 int quiet; 231 int reconnect; 232 char *servername; 233 char *sess_in; 234 char *sess_out; 235 int showcerts; 236 int socket_type; 237 long socket_mtu; 238 #ifndef OPENSSL_NO_SRTP 239 char *srtp_profiles; 240 #endif 241 int starttls_proto; 242 int state; 243 int status_req; 244 int tlsextdebug; 245 int verify; 246 X509_VERIFY_PARAM *vpm; 247 char *xmpphost; 248 } s_client_config; 249 250 static int 251 s_client_opt_keymatexportlen(char *arg) 252 { 253 s_client_config.keymatexportlen = strtonum(arg, 1, INT_MAX, 254 &s_client_config.errstr); 255 if (s_client_config.errstr != NULL) { 256 BIO_printf(bio_err, "invalid argument %s: %s\n", 257 arg, s_client_config.errstr); 258 return (1); 259 } 260 return (0); 261 } 262 263 #ifndef OPENSSL_NO_DTLS 264 static int 265 s_client_opt_mtu(char *arg) 266 { 267 s_client_config.socket_mtu = strtonum(arg, 0, LONG_MAX, 268 &s_client_config.errstr); 269 if (s_client_config.errstr != NULL) { 270 BIO_printf(bio_err, "invalid argument %s: %s\n", 271 arg, s_client_config.errstr); 272 return (1); 273 } 274 return (0); 275 } 276 #endif 277 278 static int 279 s_client_opt_port(char *arg) 280 { 281 if (*arg == '\0') 282 return (1); 283 284 s_client_config.port = arg; 285 return (0); 286 } 287 288 #ifndef OPENSSL_NO_DTLS 289 static int 290 s_client_opt_protocol_version_dtls(void) 291 { 292 s_client_config.meth = DTLS_client_method(); 293 s_client_config.socket_type = SOCK_DGRAM; 294 return (0); 295 } 296 #endif 297 298 #ifndef OPENSSL_NO_DTLS1 299 static int 300 s_client_opt_protocol_version_dtls1(void) 301 { 302 s_client_config.meth = DTLS_client_method(); 303 s_client_config.min_version = DTLS1_VERSION; 304 s_client_config.max_version = DTLS1_VERSION; 305 s_client_config.socket_type = SOCK_DGRAM; 306 return (0); 307 } 308 #endif 309 310 #ifndef OPENSSL_NO_DTLS1_2 311 static int 312 s_client_opt_protocol_version_dtls1_2(void) 313 { 314 s_client_config.meth = DTLS_client_method(); 315 s_client_config.min_version = DTLS1_2_VERSION; 316 s_client_config.max_version = DTLS1_2_VERSION; 317 s_client_config.socket_type = SOCK_DGRAM; 318 return (0); 319 } 320 #endif 321 322 static int 323 s_client_opt_protocol_version_tls1(void) 324 { 325 s_client_config.min_version = TLS1_VERSION; 326 s_client_config.max_version = TLS1_VERSION; 327 return (0); 328 } 329 330 static int 331 s_client_opt_protocol_version_tls1_1(void) 332 { 333 s_client_config.min_version = TLS1_1_VERSION; 334 s_client_config.max_version = TLS1_1_VERSION; 335 return (0); 336 } 337 338 static int 339 s_client_opt_protocol_version_tls1_2(void) 340 { 341 s_client_config.min_version = TLS1_2_VERSION; 342 s_client_config.max_version = TLS1_2_VERSION; 343 return (0); 344 } 345 346 static int 347 s_client_opt_protocol_version_tls1_3(void) 348 { 349 s_client_config.min_version = TLS1_3_VERSION; 350 s_client_config.max_version = TLS1_3_VERSION; 351 return (0); 352 } 353 354 static int 355 s_client_opt_quiet(void) 356 { 357 s_client_config.quiet = 1; 358 s_client_config.ign_eof = 1; 359 return (0); 360 } 361 362 static int 363 s_client_opt_starttls(char *arg) 364 { 365 if (strcmp(arg, "smtp") == 0) 366 s_client_config.starttls_proto = PROTO_SMTP; 367 else if (strcmp(arg, "lmtp") == 0) 368 s_client_config.starttls_proto = PROTO_LMTP; 369 else if (strcmp(arg, "pop3") == 0) 370 s_client_config.starttls_proto = PROTO_POP3; 371 else if (strcmp(arg, "imap") == 0) 372 s_client_config.starttls_proto = PROTO_IMAP; 373 else if (strcmp(arg, "ftp") == 0) 374 s_client_config.starttls_proto = PROTO_FTP; 375 else if (strcmp(arg, "xmpp") == 0) 376 s_client_config.starttls_proto = PROTO_XMPP; 377 else 378 return (1); 379 return (0); 380 } 381 382 static int 383 s_client_opt_verify(char *arg) 384 { 385 s_client_config.verify = SSL_VERIFY_PEER; 386 387 verify_depth = strtonum(arg, 0, INT_MAX, &s_client_config.errstr); 388 if (s_client_config.errstr != NULL) { 389 BIO_printf(bio_err, "invalid argument %s: %s\n", 390 arg, s_client_config.errstr); 391 return (1); 392 } 393 BIO_printf(bio_err, "verify depth is %d\n", verify_depth); 394 return (0); 395 } 396 397 static int 398 s_client_opt_verify_param(int argc, char **argv, int *argsused) 399 { 400 char **pargs = argv; 401 int pargc = argc; 402 int badarg = 0; 403 404 if (!args_verify(&pargs, &pargc, &badarg, bio_err, 405 &s_client_config.vpm)) { 406 BIO_printf(bio_err, "unknown option %s\n", *argv); 407 return (1); 408 } 409 if (badarg) 410 return (1); 411 412 *argsused = argc - pargc; 413 return (0); 414 } 415 416 static const struct option s_client_options[] = { 417 { 418 .name = "4", 419 .desc = "Use IPv4 only", 420 .type = OPTION_VALUE, 421 .opt.value = &s_client_config.af, 422 .value = AF_INET, 423 }, 424 { 425 .name = "6", 426 .desc = "Use IPv6 only", 427 .type = OPTION_VALUE, 428 .opt.value = &s_client_config.af, 429 .value = AF_INET6, 430 }, 431 { 432 .name = "alpn", 433 .argname = "protocols", 434 .desc = "Set the advertised protocols for ALPN" 435 " (comma-separated list)", 436 .type = OPTION_ARG, 437 .opt.arg = &s_client_config.alpn_in, 438 }, 439 { 440 .name = "bugs", 441 .desc = "Enable various workarounds for buggy implementations", 442 .type = OPTION_FLAG, 443 .opt.flag = &s_client_config.bugs, 444 }, 445 { 446 .name = "CAfile", 447 .argname = "file", 448 .desc = "PEM format file of CA certificates", 449 .type = OPTION_ARG, 450 .opt.arg = &s_client_config.CAfile, 451 }, 452 { 453 .name = "CApath", 454 .argname = "directory", 455 .desc = "PEM format directory of CA certificates", 456 .type = OPTION_ARG, 457 .opt.arg = &s_client_config.CApath, 458 }, 459 { 460 .name = "cert", 461 .argname = "file", 462 .desc = "Certificate file to use, PEM format assumed", 463 .type = OPTION_ARG, 464 .opt.arg = &s_client_config.cert_file, 465 }, 466 { 467 .name = "certform", 468 .argname = "fmt", 469 .desc = "Certificate format (PEM or DER) PEM default", 470 .type = OPTION_ARG_FORMAT, 471 .opt.value = &s_client_config.cert_format, 472 }, 473 { 474 .name = "cipher", 475 .argname = "cipherlist", 476 .desc = "Preferred cipher to use (see 'openssl ciphers')", 477 .type = OPTION_ARG, 478 .opt.arg = &s_client_config.cipher, 479 }, 480 { 481 .name = "connect", 482 .argname = "host:port", 483 .desc = "Who to connect to (default is localhost:4433)", 484 .type = OPTION_ARG, 485 .opt.arg = &s_client_config.connect, 486 }, 487 { 488 .name = "crlf", 489 .desc = "Convert LF from terminal into CRLF", 490 .type = OPTION_FLAG, 491 .opt.flag = &s_client_config.crlf, 492 }, 493 { 494 .name = "debug", 495 .desc = "Print extensive debugging information", 496 .type = OPTION_FLAG, 497 .opt.flag = &s_client_config.debug, 498 }, 499 #ifndef OPENSSL_NO_DTLS 500 { 501 .name = "dtls", 502 .desc = "Use any version of DTLS", 503 .type = OPTION_FUNC, 504 .opt.func = s_client_opt_protocol_version_dtls, 505 }, 506 #endif 507 #ifndef OPENSSL_NO_DTLS1 508 { 509 .name = "dtls1", 510 .desc = "Just use DTLSv1", 511 .type = OPTION_FUNC, 512 .opt.func = s_client_opt_protocol_version_dtls1, 513 }, 514 #endif 515 #ifndef OPENSSL_NO_DTLS1_2 516 { 517 .name = "dtls1_2", 518 .desc = "Just use DTLSv1.2", 519 .type = OPTION_FUNC, 520 .opt.func = s_client_opt_protocol_version_dtls1_2, 521 }, 522 #endif 523 { 524 .name = "groups", 525 .argname = "list", 526 .desc = "Specify EC groups (colon-separated list)", 527 .type = OPTION_ARG, 528 .opt.arg = &s_client_config.groups_in, 529 }, 530 { 531 .name = "host", 532 .argname = "host", 533 .desc = "Use -connect instead", 534 .type = OPTION_ARG, 535 .opt.arg = &s_client_config.host, 536 }, 537 { 538 .name = "ign_eof", 539 .desc = "Ignore input EOF (default when -quiet)", 540 .type = OPTION_VALUE, 541 .opt.value = &s_client_config.ign_eof, 542 .value = 1, 543 }, 544 { 545 .name = "key", 546 .argname = "file", 547 .desc = "Private key file to use, if not, -cert file is used", 548 .type = OPTION_ARG, 549 .opt.arg = &s_client_config.key_file, 550 }, 551 { 552 .name = "keyform", 553 .argname = "fmt", 554 .desc = "Key format (PEM or DER) PEM default", 555 .type = OPTION_ARG_FORMAT, 556 .opt.value = &s_client_config.key_format, 557 }, 558 { 559 .name = "keymatexport", 560 .argname = "label", 561 .desc = "Export keying material using label", 562 .type = OPTION_ARG, 563 .opt.arg = &s_client_config.keymatexportlabel, 564 }, 565 { 566 .name = "keymatexportlen", 567 .argname = "len", 568 .desc = "Export len bytes of keying material (default 20)", 569 .type = OPTION_ARG_FUNC, 570 .opt.argfunc = s_client_opt_keymatexportlen, 571 }, 572 { 573 .name = "legacy_renegotiation", 574 .type = OPTION_DISCARD, 575 }, 576 { 577 .name = "legacy_server_connect", 578 .desc = "Allow initial connection to servers that don't support RI", 579 .type = OPTION_VALUE_OR, 580 .opt.value = &s_client_config.off, 581 .value = SSL_OP_LEGACY_SERVER_CONNECT, 582 }, 583 { 584 .name = "msg", 585 .desc = "Show all protocol messages with hex dump", 586 .type = OPTION_FLAG, 587 .opt.flag = &s_client_config.msg, 588 }, 589 #ifndef OPENSSL_NO_DTLS 590 { 591 .name = "mtu", 592 .argname = "mtu", 593 .desc = "Set the link layer MTU on DTLS connections", 594 .type = OPTION_ARG_FUNC, 595 .opt.argfunc = s_client_opt_mtu, 596 }, 597 #endif 598 { 599 .name = "nbio", 600 .desc = "Turn on non-blocking I/O", 601 .type = OPTION_FLAG, 602 .opt.flag = &s_client_config.nbio, 603 }, 604 { 605 .name = "nbio_test", 606 .desc = "Test non-blocking I/O", 607 .type = OPTION_FLAG, 608 .opt.flag = &s_client_config.nbio_test, 609 }, 610 { 611 .name = "nextprotoneg", 612 .argname = "protocols", 613 .type = OPTION_ARG, 614 .opt.arg = &s_client_config.npn_in, /* Ignored. */ 615 }, 616 { 617 .name = "no_comp", 618 .type = OPTION_VALUE_OR, 619 .opt.value = &s_client_config.off, 620 .value = SSL_OP_NO_COMPRESSION, 621 }, 622 { 623 .name = "no_ign_eof", 624 .desc = "Don't ignore input EOF", 625 .type = OPTION_VALUE, 626 .opt.value = &s_client_config.ign_eof, 627 .value = 0, 628 }, 629 { 630 .name = "no_legacy_server_connect", 631 .desc = "Disallow initial connection to servers that don't support RI", 632 .type = OPTION_VALUE_OR, 633 .opt.value = &s_client_config.clr, 634 .value = SSL_OP_LEGACY_SERVER_CONNECT, 635 }, 636 { 637 .name = "no_ssl2", 638 .type = OPTION_VALUE_OR, 639 .opt.value = &s_client_config.off, 640 .value = SSL_OP_NO_SSLv2, 641 }, 642 { 643 .name = "no_ssl3", 644 .type = OPTION_VALUE_OR, 645 .opt.value = &s_client_config.off, 646 .value = SSL_OP_NO_SSLv3, 647 }, 648 { 649 .name = "no_ticket", 650 .desc = "Disable use of RFC4507 session ticket support", 651 .type = OPTION_VALUE_OR, 652 .opt.value = &s_client_config.off, 653 .value = SSL_OP_NO_TICKET, 654 }, 655 { 656 .name = "no_tls1", 657 .desc = "Disable the use of TLSv1", 658 .type = OPTION_VALUE_OR, 659 .opt.value = &s_client_config.off, 660 .value = SSL_OP_NO_TLSv1, 661 }, 662 { 663 .name = "no_tls1_1", 664 .desc = "Disable the use of TLSv1.1", 665 .type = OPTION_VALUE_OR, 666 .opt.value = &s_client_config.off, 667 .value = SSL_OP_NO_TLSv1_1, 668 }, 669 { 670 .name = "no_tls1_2", 671 .desc = "Disable the use of TLSv1.2", 672 .type = OPTION_VALUE_OR, 673 .opt.value = &s_client_config.off, 674 .value = SSL_OP_NO_TLSv1_2, 675 }, 676 { 677 .name = "no_tls1_3", 678 .desc = "Disable the use of TLSv1.3", 679 .type = OPTION_VALUE_OR, 680 .opt.value = &s_client_config.off, 681 .value = SSL_OP_NO_TLSv1_3, 682 }, 683 { 684 .name = "pass", 685 .argname = "arg", 686 .desc = "Private key file pass phrase source", 687 .type = OPTION_ARG, 688 .opt.arg = &s_client_config.passarg, 689 }, 690 { 691 .name = "pause", 692 .desc = "Pause 1 second between each read and write call", 693 .type = OPTION_FLAG, 694 .opt.flag = &s_client_config.pause, 695 }, 696 { 697 .name = "peekaboo", 698 .type = OPTION_FLAG, 699 .opt.flag = &s_client_config.peekaboo, 700 }, 701 { 702 .name = "port", 703 .argname = "port", 704 .desc = "Use -connect instead", 705 .type = OPTION_ARG_FUNC, 706 .opt.argfunc = s_client_opt_port, 707 }, 708 { 709 .name = "prexit", 710 .desc = "Print session information when the program exits", 711 .type = OPTION_FLAG, 712 .opt.flag = &s_client_config.prexit, 713 }, 714 { 715 .name = "proxy", 716 .argname = "host:port", 717 .desc = "Connect to http proxy", 718 .type = OPTION_ARG, 719 .opt.arg = &s_client_config.proxy, 720 }, 721 { 722 .name = "quiet", 723 .desc = "Inhibit printing of session and certificate info", 724 .type = OPTION_FUNC, 725 .opt.func = s_client_opt_quiet, 726 }, 727 { 728 .name = "reconnect", 729 .desc = "Drop and re-make the connection with the same Session-ID", 730 .type = OPTION_VALUE, 731 .opt.value = &s_client_config.reconnect, 732 .value = 5, 733 }, 734 { 735 .name = "servername", 736 .argname = "name", 737 .desc = "Set TLS extension servername in ClientHello (SNI)", 738 .type = OPTION_ARG, 739 .opt.arg = &s_client_config.servername, 740 }, 741 { 742 .name = "serverpref", 743 .desc = "Use server's cipher preferences", 744 .type = OPTION_VALUE_OR, 745 .opt.value = &s_client_config.off, 746 .value = SSL_OP_CIPHER_SERVER_PREFERENCE, 747 }, 748 { 749 .name = "sess_in", 750 .argname = "file", 751 .desc = "File to read TLS session from", 752 .type = OPTION_ARG, 753 .opt.arg = &s_client_config.sess_in, 754 }, 755 { 756 .name = "sess_out", 757 .argname = "file", 758 .desc = "File to write TLS session to", 759 .type = OPTION_ARG, 760 .opt.arg = &s_client_config.sess_out, 761 }, 762 { 763 .name = "showcerts", 764 .desc = "Show all server certificates in the chain", 765 .type = OPTION_FLAG, 766 .opt.flag = &s_client_config.showcerts, 767 }, 768 { 769 .name = "starttls", 770 .argname = "protocol", 771 .desc = "Use the STARTTLS command before starting TLS,\n" 772 "smtp, lmtp, pop3, imap, ftp and xmpp are supported.", 773 .type = OPTION_ARG_FUNC, 774 .opt.argfunc = s_client_opt_starttls, 775 }, 776 { 777 .name = "state", 778 .desc = "Print the TLS session states", 779 .type = OPTION_FLAG, 780 .opt.flag = &s_client_config.state, 781 }, 782 { 783 .name = "status", 784 .desc = "Send a certificate status request to the server (OCSP)", 785 .type = OPTION_FLAG, 786 .opt.flag = &s_client_config.status_req, 787 }, 788 #ifndef OPENSSL_NO_DTLS 789 { 790 .name = "timeout", 791 .desc = "Enable send/receive timeout on DTLS connections", 792 .type = OPTION_FLAG, 793 .opt.flag = &s_client_config.enable_timeouts, 794 }, 795 #endif 796 { 797 .name = "tls1", 798 .desc = "Just use TLSv1", 799 .type = OPTION_FUNC, 800 .opt.func = s_client_opt_protocol_version_tls1, 801 }, 802 { 803 .name = "tls1_1", 804 .desc = "Just use TLSv1.1", 805 .type = OPTION_FUNC, 806 .opt.func = s_client_opt_protocol_version_tls1_1, 807 }, 808 { 809 .name = "tls1_2", 810 .desc = "Just use TLSv1.2", 811 .type = OPTION_FUNC, 812 .opt.func = s_client_opt_protocol_version_tls1_2, 813 }, 814 { 815 .name = "tls1_3", 816 .desc = "Just use TLSv1.3", 817 .type = OPTION_FUNC, 818 .opt.func = s_client_opt_protocol_version_tls1_3, 819 }, 820 { 821 .name = "tlsextdebug", 822 .desc = "Hex dump of all TLS extensions received", 823 .type = OPTION_FLAG, 824 .opt.flag = &s_client_config.tlsextdebug, 825 }, 826 #ifndef OPENSSL_NO_SRTP 827 { 828 .name = "use_srtp", 829 .argname = "profiles", 830 .desc = "Offer SRTP key management with a colon-separated profiles", 831 .type = OPTION_ARG, 832 .opt.arg = &s_client_config.srtp_profiles, 833 }, 834 #endif 835 { 836 .name = "verify", 837 .argname = "depth", 838 .desc = "Turn on peer certificate verification, with a max of depth", 839 .type = OPTION_ARG_FUNC, 840 .opt.argfunc = s_client_opt_verify, 841 }, 842 { 843 .name = "verify_return_error", 844 .desc = "Return verification error", 845 .type = OPTION_FLAG, 846 .opt.flag = &verify_return_error, 847 }, 848 { 849 .name = "xmpphost", 850 .argname = "host", 851 .desc = "Connect to this virtual host on the xmpp server", 852 .type = OPTION_ARG, 853 .opt.arg = &s_client_config.xmpphost, 854 }, 855 { 856 .name = NULL, 857 .desc = "", 858 .type = OPTION_ARGV_FUNC, 859 .opt.argvfunc = s_client_opt_verify_param, 860 }, 861 { NULL }, 862 }; 863 864 static void 865 sc_usage(void) 866 { 867 fprintf(stderr, "usage: s_client " 868 "[-4 | -6] [-alpn protocols] [-bugs] [-CAfile file]\n" 869 " [-CApath directory] [-cert file] [-certform der | pem] [-check_ss_sig]\n" 870 " [-cipher cipherlist] [-connect host[:port]] [-crl_check]\n" 871 " [-crl_check_all] [-crlf] [-debug] [-dtls] [-dtls1] [-dtls1_2] [-extended_crl]\n" 872 " [-groups list] [-host host] [-ign_eof] [-ignore_critical]\n" 873 " [-issuer_checks] [-key keyfile] [-keyform der | pem]\n" 874 " [-keymatexport label] [-keymatexportlen len] [-legacy_server_connect]\n" 875 " [-msg] [-mtu mtu] [-nbio] [-nbio_test] [-no_comp] [-no_ign_eof]\n" 876 " [-no_legacy_server_connect] [-no_ticket] [-no_tls1] [-no_tls1_1]\n" 877 " [-no_tls1_2] [-no_tls1_3] [-pass arg] [-pause] [-policy_check]\n" 878 " [-port port] [-prexit] [-proxy host:port] [-quiet] [-reconnect]\n" 879 " [-servername name] [-serverpref] [-sess_in file] [-sess_out file]\n" 880 " [-showcerts] [-starttls protocol] [-state] [-status] [-timeout]\n" 881 " [-tls1] [-tls1_1] [-tls1_2] [-tls1_3] [-tlsextdebug]\n" 882 " [-use_srtp profiles] [-verify depth] [-verify_return_error]\n" 883 " [-x509_strict] [-xmpphost host]\n"); 884 fprintf(stderr, "\n"); 885 options_usage(s_client_options); 886 fprintf(stderr, "\n"); 887 } 888 889 int 890 s_client_main(int argc, char **argv) 891 { 892 SSL *con = NULL; 893 int s, k, p = 0, pending = 0; 894 char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL, *pbuf = NULL; 895 int cbuf_len, cbuf_off; 896 int sbuf_len, sbuf_off; 897 int pbuf_len, pbuf_off; 898 int full_log = 1; 899 char *pass = NULL; 900 X509 *cert = NULL; 901 EVP_PKEY *key = NULL; 902 int badop = 0; 903 int write_tty, read_tty, write_ssl, read_ssl, tty_on, ssl_pending; 904 SSL_CTX *ctx = NULL; 905 int ret = 1, in_init = 1, i; 906 BIO *bio_c_out = NULL; 907 BIO *sbio; 908 int mbuf_len = 0; 909 struct timeval timeout; 910 tlsextctx tlsextcbp = {NULL, 0}; 911 struct sockaddr_storage peer; 912 int peerlen = sizeof(peer); 913 914 if (single_execution) { 915 if (pledge("stdio cpath wpath rpath inet dns tty", NULL) == -1) { 916 perror("pledge"); 917 exit(1); 918 } 919 } 920 921 memset(&s_client_config, 0, sizeof(s_client_config)); 922 s_client_config.af = AF_UNSPEC; 923 s_client_config.cert_format = FORMAT_PEM; 924 s_client_config.host = SSL_HOST_NAME; 925 s_client_config.key_format = FORMAT_PEM; 926 s_client_config.keymatexportlen = 20; 927 s_client_config.meth = TLS_client_method(); 928 s_client_config.port = PORT_STR; 929 s_client_config.socket_type = SOCK_STREAM; 930 s_client_config.starttls_proto = PROTO_OFF; 931 s_client_config.verify = SSL_VERIFY_NONE; 932 933 if (((cbuf = malloc(BUFSIZZ)) == NULL) || 934 ((sbuf = malloc(BUFSIZZ)) == NULL) || 935 ((pbuf = malloc(BUFSIZZ)) == NULL) || 936 ((mbuf = malloc(BUFSIZZ + 1)) == NULL)) { /* NUL byte */ 937 BIO_printf(bio_err, "out of memory\n"); 938 goto end; 939 } 940 verify_depth = 0; 941 942 if (options_parse(argc, argv, s_client_options, NULL, NULL) != 0) { 943 badop = 1; 944 goto bad; 945 } 946 if (s_client_config.proxy != NULL) { 947 if (!extract_host_port(s_client_config.proxy, 948 &s_client_config.host, NULL, &s_client_config.port)) 949 goto bad; 950 if (s_client_config.connect == NULL) 951 s_client_config.connect = SSL_HOST_NAME; 952 } else if (s_client_config.connect != NULL) { 953 if (!extract_host_port(s_client_config.connect, 954 &s_client_config.host, NULL, &s_client_config.port)) 955 goto bad; 956 } 957 if (badop) { 958 bad: 959 if (s_client_config.errstr == NULL) 960 sc_usage(); 961 goto end; 962 } 963 964 if (!app_passwd(bio_err, s_client_config.passarg, NULL, &pass, NULL)) { 965 BIO_printf(bio_err, "Error getting password\n"); 966 goto end; 967 } 968 if (s_client_config.key_file == NULL) 969 s_client_config.key_file = s_client_config.cert_file; 970 971 972 if (s_client_config.key_file) { 973 974 key = load_key(bio_err, s_client_config.key_file, 975 s_client_config.key_format, 0, pass, 976 "client certificate private key file"); 977 if (!key) { 978 ERR_print_errors(bio_err); 979 goto end; 980 } 981 } 982 if (s_client_config.cert_file) { 983 cert = load_cert(bio_err, s_client_config.cert_file, 984 s_client_config.cert_format, 985 NULL, "client certificate file"); 986 987 if (!cert) { 988 ERR_print_errors(bio_err); 989 goto end; 990 } 991 } 992 if (s_client_config.quiet && !s_client_config.debug && 993 !s_client_config.msg) { 994 if ((bio_c_out = BIO_new(BIO_s_null())) == NULL) 995 goto end; 996 } else { 997 if ((bio_c_out = BIO_new_fp(stdout, BIO_NOCLOSE)) == NULL) 998 goto end; 999 } 1000 1001 ctx = SSL_CTX_new(s_client_config.meth); 1002 if (ctx == NULL) { 1003 ERR_print_errors(bio_err); 1004 goto end; 1005 } 1006 1007 SSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY); 1008 1009 if (s_client_config.vpm) 1010 SSL_CTX_set1_param(ctx, s_client_config.vpm); 1011 1012 if (!SSL_CTX_set_min_proto_version(ctx, s_client_config.min_version)) 1013 goto end; 1014 if (!SSL_CTX_set_max_proto_version(ctx, s_client_config.max_version)) 1015 goto end; 1016 1017 #ifndef OPENSSL_NO_SRTP 1018 if (s_client_config.srtp_profiles != NULL) 1019 SSL_CTX_set_tlsext_use_srtp(ctx, s_client_config.srtp_profiles); 1020 #endif 1021 if (s_client_config.bugs) 1022 SSL_CTX_set_options(ctx, SSL_OP_ALL | s_client_config.off); 1023 else 1024 SSL_CTX_set_options(ctx, s_client_config.off); 1025 1026 if (s_client_config.clr) 1027 SSL_CTX_clear_options(ctx, s_client_config.clr); 1028 1029 if (s_client_config.alpn_in) { 1030 unsigned short alpn_len; 1031 unsigned char *alpn; 1032 1033 alpn = next_protos_parse(&alpn_len, s_client_config.alpn_in); 1034 if (alpn == NULL) { 1035 BIO_printf(bio_err, "Error parsing -alpn argument\n"); 1036 goto end; 1037 } 1038 SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); 1039 free(alpn); 1040 } 1041 if (s_client_config.groups_in != NULL) { 1042 if (SSL_CTX_set1_groups_list(ctx, s_client_config.groups_in) != 1) { 1043 BIO_printf(bio_err, "Failed to set groups '%s'\n", 1044 s_client_config.groups_in); 1045 goto end; 1046 } 1047 } 1048 1049 if (s_client_config.state) 1050 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback); 1051 if (s_client_config.cipher != NULL) 1052 if (!SSL_CTX_set_cipher_list(ctx, s_client_config.cipher)) { 1053 BIO_printf(bio_err, "error setting cipher list\n"); 1054 ERR_print_errors(bio_err); 1055 goto end; 1056 } 1057 1058 SSL_CTX_set_verify(ctx, s_client_config.verify, verify_callback); 1059 if (!set_cert_key_stuff(ctx, cert, key)) 1060 goto end; 1061 1062 if ((s_client_config.CAfile || s_client_config.CApath) 1063 && !SSL_CTX_load_verify_locations(ctx, s_client_config.CAfile, 1064 s_client_config.CApath)) 1065 ERR_print_errors(bio_err); 1066 1067 if (!SSL_CTX_set_default_verify_paths(ctx)) 1068 ERR_print_errors(bio_err); 1069 1070 if (s_client_config.servername != NULL) { 1071 tlsextcbp.biodebug = bio_err; 1072 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1073 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1074 } 1075 1076 con = SSL_new(ctx); 1077 if (s_client_config.sess_in) { 1078 SSL_SESSION *sess; 1079 BIO *stmp = BIO_new_file(s_client_config.sess_in, "r"); 1080 if (!stmp) { 1081 BIO_printf(bio_err, "Can't open session file %s\n", 1082 s_client_config.sess_in); 1083 ERR_print_errors(bio_err); 1084 goto end; 1085 } 1086 sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL); 1087 BIO_free(stmp); 1088 if (!sess) { 1089 BIO_printf(bio_err, "Can't open session file %s\n", 1090 s_client_config.sess_in); 1091 ERR_print_errors(bio_err); 1092 goto end; 1093 } 1094 SSL_set_session(con, sess); 1095 SSL_SESSION_free(sess); 1096 } 1097 if (s_client_config.servername != NULL) { 1098 if (!SSL_set_tlsext_host_name(con, s_client_config.servername)) { 1099 BIO_printf(bio_err, 1100 "Unable to set TLS servername extension.\n"); 1101 ERR_print_errors(bio_err); 1102 goto end; 1103 } 1104 } 1105 /* SSL_set_cipher_list(con,"RC4-MD5"); */ 1106 1107 re_start: 1108 1109 if (init_client(&s, s_client_config.host, s_client_config.port, 1110 s_client_config.socket_type, s_client_config.af) == 0) { 1111 BIO_printf(bio_err, "connect:errno=%d\n", errno); 1112 goto end; 1113 } 1114 BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s); 1115 1116 if (s_client_config.nbio) { 1117 if (!s_client_config.quiet) 1118 BIO_printf(bio_c_out, "turning on non blocking io\n"); 1119 if (!BIO_socket_nbio(s, 1)) { 1120 ERR_print_errors(bio_err); 1121 goto end; 1122 } 1123 } 1124 if (s_client_config.pause & 0x01) 1125 SSL_set_debug(con, 1); 1126 1127 if (SSL_is_dtls(con)) { 1128 sbio = BIO_new_dgram(s, BIO_NOCLOSE); 1129 if (getsockname(s, (struct sockaddr *)&peer, 1130 (void *)&peerlen) == -1) { 1131 BIO_printf(bio_err, "getsockname:errno=%d\n", 1132 errno); 1133 shutdown(s, SHUT_RD); 1134 close(s); 1135 goto end; 1136 } 1137 (void) BIO_ctrl_set_connected(sbio, 1, &peer); 1138 1139 if (s_client_config.enable_timeouts) { 1140 timeout.tv_sec = 0; 1141 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1142 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, 1143 &timeout); 1144 1145 timeout.tv_sec = 0; 1146 timeout.tv_usec = DGRAM_SND_TIMEOUT; 1147 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, 1148 &timeout); 1149 } 1150 if (s_client_config.socket_mtu > 28) { 1151 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 1152 SSL_set_mtu(con, s_client_config.socket_mtu - 28); 1153 } else 1154 /* want to do MTU discovery */ 1155 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 1156 } else 1157 sbio = BIO_new_socket(s, BIO_NOCLOSE); 1158 1159 if (s_client_config.nbio_test) { 1160 BIO *test; 1161 1162 test = BIO_new(BIO_f_nbio_test()); 1163 sbio = BIO_push(test, sbio); 1164 } 1165 if (s_client_config.debug) { 1166 SSL_set_debug(con, 1); 1167 BIO_set_callback(sbio, bio_dump_callback); 1168 BIO_set_callback_arg(sbio, (char *) bio_c_out); 1169 } 1170 if (s_client_config.msg) { 1171 SSL_set_msg_callback(con, msg_cb); 1172 SSL_set_msg_callback_arg(con, bio_c_out); 1173 } 1174 if (s_client_config.tlsextdebug) { 1175 SSL_set_tlsext_debug_callback(con, tlsext_cb); 1176 SSL_set_tlsext_debug_arg(con, bio_c_out); 1177 } 1178 if (s_client_config.status_req) { 1179 SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); 1180 SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); 1181 SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); 1182 } 1183 1184 SSL_set_bio(con, sbio, sbio); 1185 SSL_set_connect_state(con); 1186 1187 /* ok, lets connect */ 1188 read_tty = 1; 1189 write_tty = 0; 1190 tty_on = 0; 1191 read_ssl = 1; 1192 write_ssl = 1; 1193 1194 cbuf_len = 0; 1195 cbuf_off = 0; 1196 sbuf_len = 0; 1197 sbuf_off = 0; 1198 pbuf_len = 0; 1199 pbuf_off = 0; 1200 1201 /* This is an ugly hack that does a lot of assumptions */ 1202 /* 1203 * We do have to handle multi-line responses which may come in a 1204 * single packet or not. We therefore have to use BIO_gets() which 1205 * does need a buffering BIO. So during the initial chitchat we do 1206 * push a buffering BIO into the chain that is removed again later on 1207 * to not disturb the rest of the s_client operation. 1208 */ 1209 if (s_client_config.starttls_proto == PROTO_SMTP || 1210 s_client_config.starttls_proto == PROTO_LMTP) { 1211 int foundit = 0; 1212 BIO *fbio = BIO_new(BIO_f_buffer()); 1213 BIO_push(fbio, sbio); 1214 /* wait for multi-line response to end from SMTP */ 1215 do { 1216 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1217 } 1218 while (mbuf_len > 3 && mbuf[3] == '-'); 1219 /* STARTTLS command requires EHLO... */ 1220 BIO_printf(fbio, "%cHLO openssl.client.net\r\n", 1221 s_client_config.starttls_proto == PROTO_SMTP ? 'E' : 'L'); 1222 (void) BIO_flush(fbio); 1223 /* wait for multi-line response to end EHLO SMTP response */ 1224 do { 1225 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1226 if (strstr(mbuf, "STARTTLS")) 1227 foundit = 1; 1228 } 1229 while (mbuf_len > 3 && mbuf[3] == '-'); 1230 (void) BIO_flush(fbio); 1231 BIO_pop(fbio); 1232 BIO_free(fbio); 1233 if (!foundit) 1234 BIO_printf(bio_err, 1235 "didn't find starttls in server response," 1236 " try anyway...\n"); 1237 BIO_printf(sbio, "STARTTLS\r\n"); 1238 BIO_read(sbio, sbuf, BUFSIZZ); 1239 } else if (s_client_config.starttls_proto == PROTO_POP3) { 1240 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); 1241 if (mbuf_len == -1) { 1242 BIO_printf(bio_err, "BIO_read failed\n"); 1243 goto end; 1244 } 1245 BIO_printf(sbio, "STLS\r\n"); 1246 BIO_read(sbio, sbuf, BUFSIZZ); 1247 } else if (s_client_config.starttls_proto == PROTO_IMAP) { 1248 int foundit = 0; 1249 BIO *fbio = BIO_new(BIO_f_buffer()); 1250 BIO_push(fbio, sbio); 1251 BIO_gets(fbio, mbuf, BUFSIZZ); 1252 /* STARTTLS command requires CAPABILITY... */ 1253 BIO_printf(fbio, ". CAPABILITY\r\n"); 1254 (void) BIO_flush(fbio); 1255 /* wait for multi-line CAPABILITY response */ 1256 do { 1257 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1258 if (strstr(mbuf, "STARTTLS")) 1259 foundit = 1; 1260 } 1261 while (mbuf_len > 3 && mbuf[0] != '.'); 1262 (void) BIO_flush(fbio); 1263 BIO_pop(fbio); 1264 BIO_free(fbio); 1265 if (!foundit) 1266 BIO_printf(bio_err, 1267 "didn't find STARTTLS in server response," 1268 " try anyway...\n"); 1269 BIO_printf(sbio, ". STARTTLS\r\n"); 1270 BIO_read(sbio, sbuf, BUFSIZZ); 1271 } else if (s_client_config.starttls_proto == PROTO_FTP) { 1272 BIO *fbio = BIO_new(BIO_f_buffer()); 1273 BIO_push(fbio, sbio); 1274 /* wait for multi-line response to end from FTP */ 1275 do { 1276 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1277 } 1278 while (mbuf_len > 3 && mbuf[3] == '-'); 1279 (void) BIO_flush(fbio); 1280 BIO_pop(fbio); 1281 BIO_free(fbio); 1282 BIO_printf(sbio, "AUTH TLS\r\n"); 1283 BIO_read(sbio, sbuf, BUFSIZZ); 1284 } else if (s_client_config.starttls_proto == PROTO_XMPP) { 1285 int seen = 0; 1286 BIO_printf(sbio, "<stream:stream " 1287 "xmlns:stream='http://etherx.jabber.org/streams' " 1288 "xmlns='jabber:client' to='%s' version='1.0'>", 1289 s_client_config.xmpphost ? 1290 s_client_config.xmpphost : s_client_config.host); 1291 seen = BIO_read(sbio, mbuf, BUFSIZZ); 1292 1293 if (seen <= 0) 1294 goto shut; 1295 1296 mbuf[seen] = 0; 1297 while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'") && 1298 !strstr(mbuf, "<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"")) { 1299 seen = BIO_read(sbio, mbuf, BUFSIZZ); 1300 1301 if (seen <= 0) 1302 goto shut; 1303 1304 mbuf[seen] = 0; 1305 } 1306 BIO_printf(sbio, 1307 "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); 1308 seen = BIO_read(sbio, sbuf, BUFSIZZ); 1309 sbuf[seen] = 0; 1310 if (!strstr(sbuf, "<proceed")) 1311 goto shut; 1312 mbuf[0] = 0; 1313 } else if (s_client_config.proxy != NULL) { 1314 BIO_printf(sbio, "CONNECT %s HTTP/1.0\r\n\r\n", 1315 s_client_config.connect); 1316 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); 1317 if (mbuf_len == -1) { 1318 BIO_printf(bio_err, "BIO_read failed\n"); 1319 goto end; 1320 } 1321 } 1322 for (;;) { 1323 struct pollfd pfd[3]; /* stdin, stdout, socket */ 1324 int ptimeout = -1; 1325 1326 if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, &timeout)) 1327 ptimeout = timeout.tv_sec * 1000 + 1328 timeout.tv_usec / 1000; 1329 1330 if (SSL_in_init(con) && !SSL_total_renegotiations(con)) { 1331 in_init = 1; 1332 tty_on = 0; 1333 } else { 1334 tty_on = 1; 1335 if (in_init) { 1336 in_init = 0; 1337 if (s_client_config.sess_out) { 1338 BIO *stmp = BIO_new_file( 1339 s_client_config.sess_out, "w"); 1340 if (stmp) { 1341 PEM_write_bio_SSL_SESSION(stmp, 1342 SSL_get_session(con)); 1343 BIO_free(stmp); 1344 } else 1345 BIO_printf(bio_err, 1346 "Error writing session file %s\n", 1347 s_client_config.sess_out); 1348 } 1349 print_stuff(bio_c_out, con, full_log); 1350 if (full_log > 0) 1351 full_log--; 1352 1353 if (s_client_config.starttls_proto) { 1354 BIO_write(bio_err, mbuf, mbuf_len); 1355 /* We don't need to know any more */ 1356 s_client_config.starttls_proto = PROTO_OFF; 1357 } 1358 if (s_client_config.reconnect) { 1359 s_client_config.reconnect--; 1360 BIO_printf(bio_c_out, 1361 "drop connection and then reconnect\n"); 1362 SSL_shutdown(con); 1363 SSL_set_connect_state(con); 1364 shutdown(SSL_get_fd(con), SHUT_RD); 1365 close(SSL_get_fd(con)); 1366 goto re_start; 1367 } 1368 } 1369 } 1370 1371 ssl_pending = read_ssl && SSL_pending(con); 1372 1373 pfd[0].fd = -1; 1374 pfd[1].fd = -1; 1375 if (!ssl_pending) { 1376 if (tty_on) { 1377 if (read_tty) { 1378 pfd[0].fd = fileno(stdin); 1379 pfd[0].events = POLLIN; 1380 } 1381 if (write_tty) { 1382 pfd[1].fd = fileno(stdout); 1383 pfd[1].events = POLLOUT; 1384 } 1385 } 1386 1387 pfd[2].fd = SSL_get_fd(con); 1388 pfd[2].events = 0; 1389 if (read_ssl) 1390 pfd[2].events |= POLLIN; 1391 if (write_ssl) 1392 pfd[2].events |= POLLOUT; 1393 1394 /* printf("mode tty(%d %d%d) ssl(%d%d)\n", 1395 tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ 1396 1397 i = poll(pfd, 3, ptimeout); 1398 if (i == -1) { 1399 BIO_printf(bio_err, "bad select %d\n", 1400 errno); 1401 goto shut; 1402 /* goto end; */ 1403 } 1404 } 1405 if (SSL_is_dtls(con) && 1406 DTLSv1_handle_timeout(con) > 0) 1407 BIO_printf(bio_err, "TIMEOUT occured\n"); 1408 if (!ssl_pending && 1409 (pfd[2].revents & (POLLOUT|POLLERR|POLLNVAL))) { 1410 if (pfd[2].revents & (POLLERR|POLLNVAL)) { 1411 BIO_printf(bio_err, "poll error"); 1412 goto shut; 1413 } 1414 k = SSL_write(con, &(cbuf[cbuf_off]), 1415 (unsigned int) cbuf_len); 1416 switch (SSL_get_error(con, k)) { 1417 case SSL_ERROR_NONE: 1418 cbuf_off += k; 1419 cbuf_len -= k; 1420 if (k <= 0) 1421 goto end; 1422 /* we have done a write(con,NULL,0); */ 1423 if (cbuf_len <= 0) { 1424 read_tty = 1; 1425 write_ssl = 0; 1426 } else { /* if (cbuf_len > 0) */ 1427 read_tty = 0; 1428 write_ssl = 1; 1429 } 1430 break; 1431 case SSL_ERROR_WANT_WRITE: 1432 BIO_printf(bio_c_out, "write W BLOCK\n"); 1433 write_ssl = 1; 1434 read_tty = 0; 1435 break; 1436 case SSL_ERROR_WANT_READ: 1437 BIO_printf(bio_c_out, "write R BLOCK\n"); 1438 write_tty = 0; 1439 read_ssl = 1; 1440 write_ssl = 0; 1441 break; 1442 case SSL_ERROR_WANT_X509_LOOKUP: 1443 BIO_printf(bio_c_out, "write X BLOCK\n"); 1444 break; 1445 case SSL_ERROR_ZERO_RETURN: 1446 if (cbuf_len != 0) { 1447 BIO_printf(bio_c_out, "shutdown\n"); 1448 ret = 0; 1449 goto shut; 1450 } else { 1451 read_tty = 1; 1452 write_ssl = 0; 1453 break; 1454 } 1455 1456 case SSL_ERROR_SYSCALL: 1457 if ((k != 0) || (cbuf_len != 0)) { 1458 BIO_printf(bio_err, "write:errno=%d\n", 1459 errno); 1460 goto shut; 1461 } else { 1462 read_tty = 1; 1463 write_ssl = 0; 1464 } 1465 break; 1466 case SSL_ERROR_SSL: 1467 ERR_print_errors(bio_err); 1468 goto shut; 1469 } 1470 } else if (!ssl_pending && 1471 (pfd[1].revents & (POLLOUT|POLLERR|POLLNVAL))) { 1472 if (pfd[1].revents & (POLLERR|POLLNVAL)) { 1473 BIO_printf(bio_err, "poll error"); 1474 goto shut; 1475 } 1476 i = write(fileno(stdout), &(sbuf[sbuf_off]), sbuf_len); 1477 1478 if (i <= 0) { 1479 BIO_printf(bio_c_out, "DONE\n"); 1480 ret = 0; 1481 goto shut; 1482 /* goto end; */ 1483 } 1484 sbuf_len -= i; 1485 sbuf_off += i; 1486 if (sbuf_len <= 0) { 1487 read_ssl = 1; 1488 write_tty = 0; 1489 } 1490 } else if (ssl_pending || (pfd[2].revents & (POLLIN|POLLHUP))) { 1491 #ifdef RENEG 1492 { 1493 static int iiii; 1494 if (++iiii == 52) { 1495 SSL_renegotiate(con); 1496 iiii = 0; 1497 } 1498 } 1499 #endif 1500 if (s_client_config.peekaboo) { 1501 k = p = SSL_peek(con, pbuf, 1024 /* BUFSIZZ */ ); 1502 pending = SSL_pending(con); 1503 if (SSL_get_error(con, p) == SSL_ERROR_NONE) { 1504 if (p <= 0) 1505 goto end; 1506 pbuf_off = 0; 1507 pbuf_len = p; 1508 1509 k = SSL_read(con, sbuf, p); 1510 } 1511 } else { 1512 k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ ); 1513 } 1514 1515 switch (SSL_get_error(con, k)) { 1516 case SSL_ERROR_NONE: 1517 if (k <= 0) 1518 goto end; 1519 sbuf_off = 0; 1520 sbuf_len = k; 1521 if (s_client_config.peekaboo) { 1522 if (p != pending) { 1523 ret = -1; 1524 BIO_printf(bio_err, 1525 "peeked %d but pending %d!\n", 1526 p, pending); 1527 goto shut; 1528 } 1529 if (k < p) { 1530 ret = -1; 1531 BIO_printf(bio_err, 1532 "read less than peek!\n"); 1533 goto shut; 1534 } 1535 if (p > 0 && 1536 (memcmp(sbuf, pbuf, p) != 0)) { 1537 ret = -1; 1538 BIO_printf(bio_err, 1539 "peek of %d different from read of %d!\n", 1540 p, k); 1541 goto shut; 1542 } 1543 } 1544 read_ssl = 0; 1545 write_tty = 1; 1546 break; 1547 case SSL_ERROR_WANT_WRITE: 1548 BIO_printf(bio_c_out, "read W BLOCK\n"); 1549 write_ssl = 1; 1550 read_tty = 0; 1551 break; 1552 case SSL_ERROR_WANT_READ: 1553 BIO_printf(bio_c_out, "read R BLOCK\n"); 1554 write_tty = 0; 1555 read_ssl = 1; 1556 if ((read_tty == 0) && (write_ssl == 0)) 1557 write_ssl = 1; 1558 break; 1559 case SSL_ERROR_WANT_X509_LOOKUP: 1560 BIO_printf(bio_c_out, "read X BLOCK\n"); 1561 break; 1562 case SSL_ERROR_SYSCALL: 1563 ret = errno; 1564 BIO_printf(bio_err, "read:errno=%d\n", ret); 1565 goto shut; 1566 case SSL_ERROR_ZERO_RETURN: 1567 BIO_printf(bio_c_out, "closed\n"); 1568 ret = 0; 1569 goto shut; 1570 case SSL_ERROR_SSL: 1571 ERR_print_errors(bio_err); 1572 goto shut; 1573 /* break; */ 1574 } 1575 } else if (pfd[0].revents) { 1576 if (pfd[0].revents & (POLLERR|POLLNVAL)) { 1577 BIO_printf(bio_err, "poll error"); 1578 goto shut; 1579 } 1580 if (s_client_config.crlf) { 1581 int j, lf_num; 1582 1583 i = read(fileno(stdin), cbuf, BUFSIZZ / 2); 1584 lf_num = 0; 1585 /* both loops are skipped when i <= 0 */ 1586 for (j = 0; j < i; j++) 1587 if (cbuf[j] == '\n') 1588 lf_num++; 1589 for (j = i - 1; j >= 0; j--) { 1590 cbuf[j + lf_num] = cbuf[j]; 1591 if (cbuf[j] == '\n') { 1592 lf_num--; 1593 i++; 1594 cbuf[j + lf_num] = '\r'; 1595 } 1596 } 1597 assert(lf_num == 0); 1598 } else 1599 i = read(fileno(stdin), cbuf, BUFSIZZ); 1600 1601 if ((!s_client_config.ign_eof) && 1602 ((i <= 0) || (cbuf[0] == 'Q'))) { 1603 BIO_printf(bio_err, "DONE\n"); 1604 ret = 0; 1605 goto shut; 1606 } 1607 if ((!s_client_config.ign_eof) && (cbuf[0] == 'R')) { 1608 BIO_printf(bio_err, "RENEGOTIATING\n"); 1609 SSL_renegotiate(con); 1610 cbuf_len = 0; 1611 } else { 1612 cbuf_len = i; 1613 cbuf_off = 0; 1614 } 1615 1616 write_ssl = 1; 1617 read_tty = 0; 1618 } 1619 } 1620 1621 ret = 0; 1622 shut: 1623 if (in_init) 1624 print_stuff(bio_c_out, con, full_log); 1625 SSL_shutdown(con); 1626 shutdown(SSL_get_fd(con), SHUT_RD); 1627 close(SSL_get_fd(con)); 1628 end: 1629 if (con != NULL) { 1630 if (s_client_config.prexit != 0) 1631 print_stuff(bio_c_out, con, 1); 1632 SSL_free(con); 1633 } 1634 SSL_CTX_free(ctx); 1635 X509_free(cert); 1636 EVP_PKEY_free(key); 1637 free(pass); 1638 X509_VERIFY_PARAM_free(s_client_config.vpm); 1639 freezero(cbuf, BUFSIZZ); 1640 freezero(sbuf, BUFSIZZ); 1641 freezero(pbuf, BUFSIZZ); 1642 freezero(mbuf, BUFSIZZ); 1643 BIO_free(bio_c_out); 1644 1645 return (ret); 1646 } 1647 1648 static void 1649 print_stuff(BIO *bio, SSL *s, int full) 1650 { 1651 X509 *peer = NULL; 1652 char *p; 1653 static const char *space = " "; 1654 char buf[BUFSIZ]; 1655 STACK_OF(X509) *sk; 1656 STACK_OF(X509_NAME) *sk2; 1657 const SSL_CIPHER *c; 1658 X509_NAME *xn; 1659 int j, i; 1660 unsigned char *exportedkeymat; 1661 1662 if (full) { 1663 int got_a_chain = 0; 1664 1665 sk = SSL_get_peer_cert_chain(s); 1666 if (sk != NULL) { 1667 got_a_chain = 1; /* we don't have it for SSL2 1668 * (yet) */ 1669 1670 BIO_printf(bio, "---\nCertificate chain\n"); 1671 for (i = 0; i < sk_X509_num(sk); i++) { 1672 X509_NAME_oneline(X509_get_subject_name( 1673 sk_X509_value(sk, i)), buf, sizeof buf); 1674 BIO_printf(bio, "%2d s:%s\n", i, buf); 1675 X509_NAME_oneline(X509_get_issuer_name( 1676 sk_X509_value(sk, i)), buf, sizeof buf); 1677 BIO_printf(bio, " i:%s\n", buf); 1678 if (s_client_config.showcerts) 1679 PEM_write_bio_X509(bio, 1680 sk_X509_value(sk, i)); 1681 } 1682 } 1683 BIO_printf(bio, "---\n"); 1684 peer = SSL_get_peer_certificate(s); 1685 if (peer != NULL) { 1686 BIO_printf(bio, "Server certificate\n"); 1687 if (!(s_client_config.showcerts && got_a_chain)) { 1688 /* Redundant if we showed the whole chain */ 1689 PEM_write_bio_X509(bio, peer); 1690 } 1691 X509_NAME_oneline(X509_get_subject_name(peer), 1692 buf, sizeof buf); 1693 BIO_printf(bio, "subject=%s\n", buf); 1694 X509_NAME_oneline(X509_get_issuer_name(peer), 1695 buf, sizeof buf); 1696 BIO_printf(bio, "issuer=%s\n", buf); 1697 } else 1698 BIO_printf(bio, "no peer certificate available\n"); 1699 1700 sk2 = SSL_get_client_CA_list(s); 1701 if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) { 1702 BIO_printf(bio, 1703 "---\nAcceptable client certificate CA names\n"); 1704 for (i = 0; i < sk_X509_NAME_num(sk2); i++) { 1705 xn = sk_X509_NAME_value(sk2, i); 1706 X509_NAME_oneline(xn, buf, sizeof(buf)); 1707 BIO_write(bio, buf, strlen(buf)); 1708 BIO_write(bio, "\n", 1); 1709 } 1710 } else { 1711 BIO_printf(bio, 1712 "---\nNo client certificate CA names sent\n"); 1713 } 1714 p = SSL_get_shared_ciphers(s, buf, sizeof buf); 1715 if (p != NULL) { 1716 /* 1717 * This works only for SSL 2. In later protocol 1718 * versions, the client does not know what other 1719 * ciphers (in addition to the one to be used in the 1720 * current connection) the server supports. 1721 */ 1722 1723 BIO_printf(bio, 1724 "---\nCiphers common between both SSL endpoints:\n"); 1725 j = i = 0; 1726 while (*p) { 1727 if (*p == ':') { 1728 BIO_write(bio, space, 15 - j % 25); 1729 i++; 1730 j = 0; 1731 BIO_write(bio, 1732 ((i % 3) ? " " : "\n"), 1); 1733 } else { 1734 BIO_write(bio, p, 1); 1735 j++; 1736 } 1737 p++; 1738 } 1739 BIO_write(bio, "\n", 1); 1740 } 1741 1742 ssl_print_tmp_key(bio, s); 1743 1744 BIO_printf(bio, 1745 "---\nSSL handshake has read %ld bytes and written %ld bytes\n", 1746 BIO_number_read(SSL_get_rbio(s)), 1747 BIO_number_written(SSL_get_wbio(s))); 1748 } 1749 BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, ")); 1750 c = SSL_get_current_cipher(s); 1751 BIO_printf(bio, "%s, Cipher is %s\n", 1752 SSL_CIPHER_get_version(c), 1753 SSL_CIPHER_get_name(c)); 1754 if (peer != NULL) { 1755 EVP_PKEY *pktmp; 1756 pktmp = X509_get_pubkey(peer); 1757 BIO_printf(bio, "Server public key is %d bit\n", 1758 EVP_PKEY_bits(pktmp)); 1759 EVP_PKEY_free(pktmp); 1760 } 1761 BIO_printf(bio, "Secure Renegotiation IS%s supported\n", 1762 SSL_get_secure_renegotiation_support(s) ? "" : " NOT"); 1763 1764 /* Compression is not supported and will always be none. */ 1765 BIO_printf(bio, "Compression: NONE\n"); 1766 BIO_printf(bio, "Expansion: NONE\n"); 1767 1768 #ifdef SSL_DEBUG 1769 { 1770 /* Print out local port of connection: useful for debugging */ 1771 int sock; 1772 struct sockaddr_in ladd; 1773 socklen_t ladd_size = sizeof(ladd); 1774 sock = SSL_get_fd(s); 1775 getsockname(sock, (struct sockaddr *) & ladd, &ladd_size); 1776 BIO_printf(bio, "LOCAL PORT is %u\n", 1777 ntohs(ladd.sin_port)); 1778 } 1779 #endif 1780 1781 { 1782 const unsigned char *proto; 1783 unsigned int proto_len; 1784 SSL_get0_alpn_selected(s, &proto, &proto_len); 1785 if (proto_len > 0) { 1786 BIO_printf(bio, "ALPN protocol: "); 1787 BIO_write(bio, proto, proto_len); 1788 BIO_write(bio, "\n", 1); 1789 } else 1790 BIO_printf(bio, "No ALPN negotiated\n"); 1791 } 1792 1793 #ifndef OPENSSL_NO_SRTP 1794 { 1795 SRTP_PROTECTION_PROFILE *srtp_profile; 1796 1797 srtp_profile = SSL_get_selected_srtp_profile(s); 1798 if (srtp_profile) 1799 BIO_printf(bio, 1800 "SRTP Extension negotiated, profile=%s\n", 1801 srtp_profile->name); 1802 } 1803 #endif 1804 1805 SSL_SESSION_print(bio, SSL_get_session(s)); 1806 if (s_client_config.keymatexportlabel != NULL) { 1807 BIO_printf(bio, "Keying material exporter:\n"); 1808 BIO_printf(bio, " Label: '%s'\n", 1809 s_client_config.keymatexportlabel); 1810 BIO_printf(bio, " Length: %i bytes\n", 1811 s_client_config.keymatexportlen); 1812 exportedkeymat = malloc(s_client_config.keymatexportlen); 1813 if (exportedkeymat != NULL) { 1814 if (!SSL_export_keying_material(s, exportedkeymat, 1815 s_client_config.keymatexportlen, 1816 s_client_config.keymatexportlabel, 1817 strlen(s_client_config.keymatexportlabel), 1818 NULL, 0, 0)) { 1819 BIO_printf(bio, " Error\n"); 1820 } else { 1821 BIO_printf(bio, " Keying material: "); 1822 for (i = 0; i < s_client_config.keymatexportlen; i++) 1823 BIO_printf(bio, "%02X", 1824 exportedkeymat[i]); 1825 BIO_printf(bio, "\n"); 1826 } 1827 free(exportedkeymat); 1828 } 1829 } 1830 BIO_printf(bio, "---\n"); 1831 X509_free(peer); 1832 /* flush, or debugging output gets mixed with http response */ 1833 (void) BIO_flush(bio); 1834 } 1835 1836 static int 1837 ocsp_resp_cb(SSL *s, void *arg) 1838 { 1839 const unsigned char *p; 1840 int len; 1841 OCSP_RESPONSE *rsp; 1842 len = SSL_get_tlsext_status_ocsp_resp(s, &p); 1843 BIO_puts(arg, "OCSP response: "); 1844 if (!p) { 1845 BIO_puts(arg, "no response sent\n"); 1846 return 1; 1847 } 1848 rsp = d2i_OCSP_RESPONSE(NULL, &p, len); 1849 if (!rsp) { 1850 BIO_puts(arg, "response parse error\n"); 1851 BIO_dump_indent(arg, (char *) p, len, 4); 1852 return 0; 1853 } 1854 BIO_puts(arg, "\n======================================\n"); 1855 OCSP_RESPONSE_print(arg, rsp, 0); 1856 BIO_puts(arg, "======================================\n"); 1857 OCSP_RESPONSE_free(rsp); 1858 return 1; 1859 } 1860 1861 static int 1862 ssl_servername_cb(SSL *s, int *ad, void *arg) 1863 { 1864 tlsextctx *p = (tlsextctx *) arg; 1865 const char *hn = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 1866 if (SSL_get_servername_type(s) != -1) 1867 p->ack = !SSL_session_reused(s) && hn != NULL; 1868 else 1869 BIO_printf(bio_err, "Can't use SSL_get_servername\n"); 1870 1871 return SSL_TLSEXT_ERR_OK; 1872 } 1873 1874