]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/ssltest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
free null cleanup finale
[thirdparty/openssl.git] / test / ssltest.c
CommitLineData
d02b48c6 1/* ssl/ssltest.c */
58964a49 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6
RE		 3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
0f113f3e 8 *
d02b48c6
RE		 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e 15 *
d02b48c6
RE		 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
0f113f3e 22 *
d02b48c6
RE		 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
0f113f3e 37 * 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6
RE		 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e 40 *
d02b48c6
RE		 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
0f113f3e 52 *
d02b48c6
RE		 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
3ac82faa
BM		 58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
0f113f3e 66 * notice, this list of conditions and the following disclaimer.
3ac82faa
BM		 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
ea262260
BM		 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
0f113f3e 113 * ECC cipher suite support in OpenSSL originally developed by
ea262260
BM		 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
ddac1974
NL		 116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
d02b48c6 142
dbd87ffc
MC		 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */
144#define _BSD_SOURCE 1
37289744 145
6f7af152
BM		 146#include <assert.h>
147#include <errno.h>
148#include <limits.h>
d02b48c6
RE		 149#include <stdio.h>
150#include <stdlib.h>
151#include <string.h>
563f1503 152#include <time.h>
17e3dd1c 153
e7a28569 154#define USE_SOCKETS
41d2a336 155#include "e_os.h"
17e3dd1c 156
bc120a54 157#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 158/*
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
160 */
161# define _XOPEN_SOURCE 500
bc120a54
DSH		 162#endif
163
a963395a
RL		 164#include <ctype.h>
165
ec577822
BM		 166#include <openssl/bio.h>
167#include <openssl/crypto.h>
563f1503 168#include <openssl/evp.h>
ec577822 169#include <openssl/x509.h>
a7201e9a 170#include <openssl/x509v3.h>
ec577822 171#include <openssl/ssl.h>
0b13e9f0 172#ifndef OPENSSL_NO_ENGINE
0f113f3e 173# include <openssl/engine.h>
0b13e9f0 174#endif
ec577822 175#include <openssl/err.h>
b9d82f47 176#include <openssl/rand.h>
3eeaab4b 177#ifndef OPENSSL_NO_RSA
0f113f3e 178# include <openssl/rsa.h>
3eeaab4b
NL		 179#endif
180#ifndef OPENSSL_NO_DSA
0f113f3e 181# include <openssl/dsa.h>
3eeaab4b
NL		 182#endif
183#ifndef OPENSSL_NO_DH
0f113f3e 184# include <openssl/dh.h>
3eeaab4b 185#endif
edc032b5 186#ifndef OPENSSL_NO_SRP
0f113f3e 187# include <openssl/srp.h>
edc032b5 188#endif
d095b68d 189#include <openssl/bn.h>
09867a47 190
b6ba4014
MC		 191#include "../ssl/ssl_locl.h"
192
dbd87ffc
MC		 193/*
194 * Or gethostname won't be declared properly
195 * on Compaq platforms (at least with DEC C).
196 * Do not try to put it earlier, or IPv6 includes
197 * get screwed...
0f113f3e
MC		 198 */
199#define _XOPEN_SOURCE_EXTENDED 1
09867a47 200
bc36ee62 201#ifdef OPENSSL_SYS_WINDOWS
0f113f3e 202# include <winsock.h>
37289744 203#else
0f113f3e 204# include OPENSSL_UNISTD
d02b48c6
RE		 205#endif
206
bc36ee62 207#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 208# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
209# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
0bf23d9b 210#elif defined(OPENSSL_SYS_WINCE)
0f113f3e
MC		 211# define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
212# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
4d8743f4 213#elif defined(OPENSSL_SYS_NETWARE)
0f113f3e
MC		 214# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
215# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
7d7d2cbc 216#else
0f113f3e
MC		 217# define TEST_SERVER_CERT "../apps/server.pem"
218# define TEST_CLIENT_CERT "../apps/client.pem"
7d7d2cbc 219#endif
d02b48c6 220
0f113f3e
MC		 221/*
222 * There is really no standard for this, so let's assign some tentative
223 * numbers. In any case, these numbers are only for this test
224 */
225#define COMP_RLE 255
226#define COMP_ZLIB 1
23f80f46 227
6d23cf97 228static int verify_callback(int ok, X509_STORE_CTX *ctx);
bc36ee62 229#ifndef OPENSSL_NO_RSA
0f113f3e 230static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
46b3bd54 231static void free_tmp_rsa(void);
79df9d62 232#endif
6d23cf97 233static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
a7201e9a 234#define APP_CALLBACK_STRING "Test Callback Argument"
0f113f3e
MC		 235struct app_verify_arg {
236 char *string;
237 int app_verify;
238 int allow_proxy_certs;
239 char *proxy_auth;
240 char *proxy_cond;
241};
023ec151 242
bc36ee62 243#ifndef OPENSSL_NO_DH
d02b48c6 244static DH *get_dh512(void);
e4589582
BM		 245static DH *get_dh1024(void);
246static DH *get_dh1024dsa(void);
53002dc6
BM		 247#endif
248
0f113f3e 249static char *psk_key = NULL; /* by default PSK is not used */
ddac1974 250#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 251static unsigned int psk_client_callback(SSL *ssl, const char *hint,
252 char *identity,
253 unsigned int max_identity_len,
254 unsigned char *psk,
255 unsigned int max_psk_len);
256static unsigned int psk_server_callback(SSL *ssl, const char *identity,
257 unsigned char *psk,
258 unsigned int max_psk_len);
ddac1974
NL		 259#endif
260
edc032b5
BL		 261#ifndef OPENSSL_NO_SRP
262/* SRP client */
263/* This is a context that we pass to all callbacks */
0f113f3e
MC		 264typedef struct srp_client_arg_st {
265 char *srppassin;
266 char *srplogin;
267} SRP_CLIENT_ARG;
edc032b5 268
0f113f3e 269# define PWD_STRLEN 1024
edc032b5 270
0f113f3e
MC		 271static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
272{
273 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
274 return BUF_strdup((char *)srp_client_arg->srppassin);
275}
edc032b5 276
edc032b5
BL		 277/* SRP server */
278/* This is a context that we pass to SRP server callbacks */
0f113f3e
MC		 279typedef struct srp_server_arg_st {
280 char *expected_user;
281 char *pass;
282} SRP_SERVER_ARG;
edc032b5 283
6d23cf97 284static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
0f113f3e
MC		 285{
286 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
287
288 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
289 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
290 return SSL3_AL_FATAL;
291 }
292 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
293 *ad = SSL_AD_INTERNAL_ERROR;
294 return SSL3_AL_FATAL;
295 }
296 return SSL_ERROR_NONE;
297}
298#endif
299
300static BIO *bio_err = NULL;
301static BIO *bio_stdout = NULL;
d02b48c6 302
2911575c 303#ifndef OPENSSL_NO_NEXTPROTONEG
d9a268b9
BL		 304/* Note that this code assumes that this is only a one element list: */
305static const char NEXT_PROTO_STRING[] = "\x09testproto";
306int npn_client = 0;
307int npn_server = 0;
308int npn_server_reject = 0;
309
0f113f3e
MC		 310static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
311 const unsigned char *in, unsigned int inlen,
312 void *arg)
313{
314 /*
315 * This callback only returns the protocol string, rather than a length
316 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
317 * and remove the first byte to chop off the length prefix.
318 */
319 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
320 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
321 return SSL_TLSEXT_ERR_OK;
322}
323
324static int cb_server_npn(SSL *s, const unsigned char **data,
325 unsigned int *len, void *arg)
326{
327 *data = (const unsigned char *)NEXT_PROTO_STRING;
328 *len = sizeof(NEXT_PROTO_STRING) - 1;
329 return SSL_TLSEXT_ERR_OK;
330}
331
332static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
333 unsigned int *len, void *arg)
334{
335 return SSL_TLSEXT_ERR_NOACK;
336}
d9a268b9
BL		 337
338static int verify_npn(SSL *client, SSL *server)
0f113f3e
MC		 339{
340 const unsigned char *client_s;
341 unsigned client_len;
342 const unsigned char *server_s;
343 unsigned server_len;
344
345 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
346 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
347
348 if (client_len) {
349 BIO_printf(bio_stdout, "Client NPN: ");
350 BIO_write(bio_stdout, client_s, client_len);
351 BIO_printf(bio_stdout, "\n");
352 }
353
354 if (server_len) {
355 BIO_printf(bio_stdout, "Server NPN: ");
356 BIO_write(bio_stdout, server_s, server_len);
357 BIO_printf(bio_stdout, "\n");
358 }
359
360 /*
361 * If an NPN string was returned, it must be the protocol that we
362 * expected to negotiate.
363 */
364 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
365 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
366 return -1;
367 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
368 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
369 return -1;
370
371 if (!npn_client && client_len)
372 return -1;
373 if (!npn_server && server_len)
374 return -1;
375 if (npn_server_reject && server_len)
376 return -1;
377 if (npn_client && npn_server && (!client_len || !server_len))
378 return -1;
379
380 return 0;
381}
d9a268b9
BL		 382#endif
383
a8989362
AL		 384static const char *alpn_client;
385static const char *alpn_server;
386static const char *alpn_expected;
387static unsigned char *alpn_selected;
388
3a83462d
MC		 389/*-
390 * next_protos_parse parses a comma separated list of strings into a string
a8989362
AL		 391 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
392 * outlen: (output) set to the length of the resulting buffer on success.
393 * err: (maybe NULL) on failure, an error message line is written to this BIO.
4eadd11c 394 * in: a NUL terminated string like "abc,def,ghi"
a8989362
AL		 395 *
396 * returns: a malloced buffer or NULL on failure.
397 */
0f113f3e
MC		 398static unsigned char *next_protos_parse(unsigned short *outlen,
399 const char *in)
400{
401 size_t len;
402 unsigned char *out;
403 size_t i, start = 0;
404
405 len = strlen(in);
406 if (len >= 65535)
407 return NULL;
408
409 out = OPENSSL_malloc(strlen(in) + 1);
410 if (!out)
411 return NULL;
412
413 for (i = 0; i <= len; ++i) {
414 if (i == len || in[i] == ',') {
415 if (i - start > 255) {
416 OPENSSL_free(out);
417 return NULL;
418 }
419 out[start] = i - start;
420 start = i + 1;
421 } else
422 out[i + 1] = in[i];
423 }
424
425 *outlen = len + 1;
426 return out;
427}
428
429static int cb_server_alpn(SSL *s, const unsigned char **out,
430 unsigned char *outlen, const unsigned char *in,
431 unsigned int inlen, void *arg)
432{
433 unsigned char *protos;
434 unsigned short protos_len;
435
436 protos = next_protos_parse(&protos_len, alpn_server);
437 if (protos == NULL) {
438 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
439 alpn_server);
440 abort();
441 }
442
443 if (SSL_select_next_proto
444 ((unsigned char **)out, outlen, protos, protos_len, in,
445 inlen) != OPENSSL_NPN_NEGOTIATED) {
446 OPENSSL_free(protos);
447 return SSL_TLSEXT_ERR_NOACK;
448 }
449
450 /*
451 * Make a copy of the selected protocol which will be freed in
452 * verify_alpn.
453 */
454 alpn_selected = OPENSSL_malloc(*outlen);
455 memcpy(alpn_selected, *out, *outlen);
456 *out = alpn_selected;
457
458 OPENSSL_free(protos);
459 return SSL_TLSEXT_ERR_OK;
460}
a8989362
AL		 461
462static int verify_alpn(SSL *client, SSL *server)
0f113f3e
MC		 463{
464 const unsigned char *client_proto, *server_proto;
465 unsigned int client_proto_len = 0, server_proto_len = 0;
466 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
467 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
468
b548a1f1
RS		 469 OPENSSL_free(alpn_selected);
470 alpn_selected = NULL;
0f113f3e
MC		 471
472 if (client_proto_len != server_proto_len ||
473 memcmp(client_proto, server_proto, client_proto_len) != 0) {
474 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
475 goto err;
476 }
477
478 if (client_proto_len > 0 && alpn_expected == NULL) {
479 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
480 goto err;
481 }
482
483 if (alpn_expected != NULL &&
484 (client_proto_len != strlen(alpn_expected) ||
485 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
486 BIO_printf(bio_stdout,
487 "ALPN selected protocols not equal to expected protocol: %s\n",
488 alpn_expected);
489 goto err;
490 }
491
492 return 0;
493
494 err:
495 BIO_printf(bio_stdout, "ALPN results: client: '");
496 BIO_write(bio_stdout, client_proto, client_proto_len);
497 BIO_printf(bio_stdout, "', server: '");
498 BIO_write(bio_stdout, server_proto, server_proto_len);
499 BIO_printf(bio_stdout, "'\n");
500 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
501 alpn_client, alpn_server);
502 return -1;
503}
a8989362 504
a398f821 505#define SCT_EXT_TYPE 18
9cd50f73 506
0f113f3e
MC		 507/*
508 * WARNING : below extension types are *NOT* IETF assigned, and could
509 * conflict if these types are reassigned and handled specially by OpenSSL
510 * in the future
511 */
a398f821 512#define TACK_EXT_TYPE 62208
9cd50f73
T		 513#define CUSTOM_EXT_TYPE_0 1000
514#define CUSTOM_EXT_TYPE_1 1001
515#define CUSTOM_EXT_TYPE_2 1002
516#define CUSTOM_EXT_TYPE_3 1003
517
518const char custom_ext_cli_string[] = "abc";
519const char custom_ext_srv_string[] = "defg";
a398f821
T		 520
521/* These set from cmdline */
0f113f3e 522char *serverinfo_file = NULL;
a398f821
T		 523int serverinfo_sct = 0;
524int serverinfo_tack = 0;
9cd50f73
T		 525
526/* These set based on extension callbacks */
a398f821
T		 527int serverinfo_sct_seen = 0;
528int serverinfo_tack_seen = 0;
529int serverinfo_other_seen = 0;
530
9cd50f73
T		 531/* This set from cmdline */
532int custom_ext = 0;
533
534/* This set based on extension callbacks */
535int custom_ext_error = 0;
536
0cfefe4b 537static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 538 const unsigned char *in, size_t inlen,
539 int *al, void *arg)
540{
541 if (ext_type == SCT_EXT_TYPE)
542 serverinfo_sct_seen++;
543 else if (ext_type == TACK_EXT_TYPE)
544 serverinfo_tack_seen++;
545 else
546 serverinfo_other_seen++;
547 return 1;
548}
a398f821
T		 549
550static int verify_serverinfo()
0f113f3e
MC		 551{
552 if (serverinfo_sct != serverinfo_sct_seen)
553 return -1;
554 if (serverinfo_tack != serverinfo_tack_seen)
555 return -1;
556 if (serverinfo_other_seen)
557 return -1;
558 return 0;
559}
a398f821 560
1d97c843
TH		 561/*-
562 * Four test cases for custom extensions:
9cd50f73
T		 563 * 0 - no ClientHello extension or ServerHello response
564 * 1 - ClientHello with "abc", no response
565 * 2 - ClientHello with "abc", empty response
566 * 3 - ClientHello with "abc", "defg" response
567 */
568
de2a9e38 569static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 570 const unsigned char **out,
571 size_t *outlen, int *al, void *arg)
572{
573 if (ext_type != CUSTOM_EXT_TYPE_0)
574 custom_ext_error = 1;
575 return 0; /* Don't send an extension */
576}
9cd50f73 577
de2a9e38 578static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 579 const unsigned char *in,
580 size_t inlen, int *al, void *arg)
581{
582 return 1;
583}
9cd50f73 584
de2a9e38 585static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 586 const unsigned char **out,
587 size_t *outlen, int *al, void *arg)
588{
589 if (ext_type != CUSTOM_EXT_TYPE_1)
590 custom_ext_error = 1;
591 *out = (const unsigned char *)custom_ext_cli_string;
592 *outlen = strlen(custom_ext_cli_string);
593 return 1; /* Send "abc" */
594}
9cd50f73 595
de2a9e38 596static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 597 const unsigned char *in,
598 size_t inlen, int *al, void *arg)
599{
600 return 1;
601}
9cd50f73 602
de2a9e38 603static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 604 const unsigned char **out,
605 size_t *outlen, int *al, void *arg)
606{
607 if (ext_type != CUSTOM_EXT_TYPE_2)
608 custom_ext_error = 1;
609 *out = (const unsigned char *)custom_ext_cli_string;
610 *outlen = strlen(custom_ext_cli_string);
611 return 1; /* Send "abc" */
612}
9cd50f73 613
de2a9e38 614static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 615 const unsigned char *in,
616 size_t inlen, int *al, void *arg)
617{
618 if (ext_type != CUSTOM_EXT_TYPE_2)
619 custom_ext_error = 1;
620 if (inlen != 0)
621 custom_ext_error = 1; /* Should be empty response */
622 return 1;
623}
9cd50f73 624
de2a9e38 625static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 626 const unsigned char **out,
627 size_t *outlen, int *al, void *arg)
628{
629 if (ext_type != CUSTOM_EXT_TYPE_3)
630 custom_ext_error = 1;
631 *out = (const unsigned char *)custom_ext_cli_string;
632 *outlen = strlen(custom_ext_cli_string);
633 return 1; /* Send "abc" */
634}
9cd50f73 635
de2a9e38 636static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 637 const unsigned char *in,
638 size_t inlen, int *al, void *arg)
639{
640 if (ext_type != CUSTOM_EXT_TYPE_3)
641 custom_ext_error = 1;
642 if (inlen != strlen(custom_ext_srv_string))
643 custom_ext_error = 1;
644 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
645 custom_ext_error = 1; /* Check for "defg" */
646 return 1;
647}
648
649/*
650 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
651 * for this extension
652 */
de2a9e38 653static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 654 const unsigned char *in,
655 size_t inlen, int *al, void *arg)
656{
657 custom_ext_error = 1;
658 return 1;
659}
9cd50f73 660
f47e2039 661/* 'add' callbacks are only called if the 'parse' callback is called */
de2a9e38 662static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 663 const unsigned char **out,
664 size_t *outlen, int *al, void *arg)
665{
666 /* Error: should not have been called */
667 custom_ext_error = 1;
668 return 0; /* Don't send an extension */
669}
9cd50f73 670
de2a9e38 671static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 672 const unsigned char *in,
673 size_t inlen, int *al, void *arg)
674{
675 if (ext_type != CUSTOM_EXT_TYPE_1)
676 custom_ext_error = 1;
677 /* Check for "abc" */
678 if (inlen != strlen(custom_ext_cli_string))
679 custom_ext_error = 1;
680 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
681 custom_ext_error = 1;
682 return 1;
683}
9cd50f73 684
de2a9e38 685static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 686 const unsigned char **out,
687 size_t *outlen, int *al, void *arg)
688{
689 return 0; /* Don't send an extension */
690}
9cd50f73 691
de2a9e38 692static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 693 const unsigned char *in,
694 size_t inlen, int *al, void *arg)
695{
696 if (ext_type != CUSTOM_EXT_TYPE_2)
697 custom_ext_error = 1;
698 /* Check for "abc" */
699 if (inlen != strlen(custom_ext_cli_string))
700 custom_ext_error = 1;
701 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
702 custom_ext_error = 1;
703 return 1;
704}
9cd50f73 705
de2a9e38 706static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 707 const unsigned char **out,
708 size_t *outlen, int *al, void *arg)
709{
710 *out = NULL;
711 *outlen = 0;
712 return 1; /* Send empty extension */
713}
9cd50f73 714
de2a9e38 715static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 716 const unsigned char *in,
717 size_t inlen, int *al, void *arg)
718{
719 if (ext_type != CUSTOM_EXT_TYPE_3)
720 custom_ext_error = 1;
721 /* Check for "abc" */
722 if (inlen != strlen(custom_ext_cli_string))
723 custom_ext_error = 1;
724 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
725 custom_ext_error = 1;
726 return 1;
727}
9cd50f73 728
de2a9e38 729static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 730 const unsigned char **out,
731 size_t *outlen, int *al, void *arg)
732{
733 *out = (const unsigned char *)custom_ext_srv_string;
734 *outlen = strlen(custom_ext_srv_string);
735 return 1; /* Send "defg" */
736}
737
738static char *cipher = NULL;
739static int verbose = 0;
740static int debug = 0;
0f113f3e
MC		 741static const char rnd_seed[] =
742 "string to make the random number generator think it has entropy";
d02b48c6 743
0f113f3e
MC		 744int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
745 clock_t *c_time);
746int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
6e119bb0 747static int do_test_cipherlist(void);
9ccc00ef 748
6b691a5c 749static void sv_usage(void)
0f113f3e
MC		 750{
751 fprintf(stderr, "usage: ssltest [args ...]\n");
752 fprintf(stderr, "\n");
086e32a6 753#ifdef OPENSSL_FIPS
0f113f3e
MC		 754 fprintf(stderr, "-F - run test in FIPS mode\n");
755#endif
756 fprintf(stderr, " -server_auth - check server certificate\n");
757 fprintf(stderr, " -client_auth - do client authentication\n");
758 fprintf(stderr, " -proxy - allow proxy certificates\n");
759 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
760 fprintf(stderr,
761 " -proxy_cond <val> - expression to test proxy policy rights\n");
762 fprintf(stderr, " -v - more output\n");
763 fprintf(stderr, " -d - debug output\n");
764 fprintf(stderr, " -reuse - use session-id reuse\n");
765 fprintf(stderr, " -num <val> - number of connections to perform\n");
766 fprintf(stderr,
767 " -bytes <val> - number of bytes to swap between client/server\n");
bc36ee62 768#ifndef OPENSSL_NO_DH
0f113f3e
MC		 769 fprintf(stderr,
770 " -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
771 fprintf(stderr,
772 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
773 fprintf(stderr, " -no_dhe - disable DHE\n");
77fa04a9 774#endif
10bf4fc2 775#ifndef OPENSSL_NO_EC
0f113f3e 776 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
ea262260 777#endif
ddac1974 778#ifndef OPENSSL_NO_PSK
0f113f3e 779 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
ddac1974 780#endif
edc032b5 781#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 782 fprintf(stderr, " -srpuser user - SRP username to use\n");
783 fprintf(stderr, " -srppass arg - password for 'user'\n");
edc032b5 784#endif
3881d810 785#ifndef OPENSSL_NO_SSL3_METHOD
0f113f3e 786 fprintf(stderr, " -ssl3 - use SSLv3\n");
58964a49 787#endif
0f113f3e 788 fprintf(stderr, " -tls1 - use TLSv1\n");
98b8cdd3
DW		 789#ifndef OPENSSL_NO_DTLS
790 fprintf(stderr, " -dtls1 - use DTLSv1\n");
791 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
792#endif
0f113f3e
MC		 793 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
794 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
795 fprintf(stderr, " -cert arg - Server certificate file\n");
796 fprintf(stderr,
797 " -key arg - Server key file (default: same as -cert)\n");
798 fprintf(stderr, " -c_cert arg - Client certificate file\n");
799 fprintf(stderr,
800 " -c_key arg - Client key file (default: same as -c_cert)\n");
801 fprintf(stderr, " -cipher arg - The cipher list\n");
802 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
803 fprintf(stderr, " -f - Test even cases that can't work\n");
804 fprintf(stderr,
805 " -time - measure processor time used by client and server\n");
806 fprintf(stderr, " -zlib - use zlib compression\n");
807 fprintf(stderr, " -rle - use rle compression\n");
10bf4fc2 808#ifndef OPENSSL_NO_EC
0f113f3e
MC		 809 fprintf(stderr,
810 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
811 " Use \"openssl ecparam -list_curves\" for all names\n"
812 " (default is sect163r2).\n");
813#endif
814 fprintf(stderr,
815 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
816 " When this option is requested, the cipherlist\n"
817 " tests are run instead of handshake tests.\n");
2911575c 818#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 819 fprintf(stderr, " -npn_client - have client side offer NPN\n");
820 fprintf(stderr, " -npn_server - have server side offer NPN\n");
821 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
822#endif
823 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
824 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
825 fprintf(stderr,
826 " -serverinfo_tack - have client offer and expect TACK\n");
827 fprintf(stderr,
828 " -custom_ext - try various custom extension callbacks\n");
829 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
830 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
831 fprintf(stderr,
832 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
833}
563f1503 834
f756f1fc 835static void print_key_details(BIO *out, EVP_PKEY *key)
0f113f3e
MC		 836{
837 int keyid = EVP_PKEY_id(key);
f756f1fc 838#ifndef OPENSSL_NO_EC
0f113f3e
MC		 839 if (keyid == EVP_PKEY_EC) {
840 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
841 int nid;
842 const char *cname;
843 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
844 EC_KEY_free(ec);
845 cname = EC_curve_nid2nist(nid);
846 if (!cname)
847 cname = OBJ_nid2sn(nid);
848 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
849 } else
850#endif
851 {
852 const char *algname;
853 switch (keyid) {
854 case EVP_PKEY_RSA:
855 algname = "RSA";
856 break;
857 case EVP_PKEY_DSA:
858 algname = "DSA";
859 break;
860 case EVP_PKEY_DH:
861 algname = "DH";
862 break;
863 default:
864 algname = OBJ_nid2sn(keyid);
865 break;
866 }
867 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
868 }
869}
f756f1fc 870
563f1503 871static void print_details(SSL *c_ssl, const char *prefix)
0f113f3e
MC		 872{
873 const SSL_CIPHER *ciph;
874 int mdnid;
875 X509 *cert;
876 EVP_PKEY *pkey;
877
878 ciph = SSL_get_current_cipher(c_ssl);
879 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
880 prefix,
881 SSL_get_version(c_ssl),
882 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
883 cert = SSL_get_peer_certificate(c_ssl);
884 if (cert != NULL) {
885 pkey = X509_get_pubkey(cert);
886 if (pkey != NULL) {
887 BIO_puts(bio_stdout, ", ");
888 print_key_details(bio_stdout, pkey);
889 EVP_PKEY_free(pkey);
890 }
891 X509_free(cert);
892 }
893 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
894 BIO_puts(bio_stdout, ", temp key: ");
895 print_key_details(bio_stdout, pkey);
896 EVP_PKEY_free(pkey);
897 }
898 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
899 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
900 BIO_printf(bio_stdout, "\n");
901}
d02b48c6 902
3ac82faa 903static void lock_dbg_cb(int mode, int type, const char *file, int line)
0f113f3e
MC		 904{
905 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
906 const char *errstr = NULL;
907 int rw;
908
909 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
910 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
911 errstr = "invalid mode";
912 goto err;
913 }
914
915 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
916 errstr = "type out of bounds";
917 goto err;
918 }
919
920 if (mode & CRYPTO_LOCK) {
921 if (modes[type]) {
922 errstr = "already locked";
923 /*
924 * must not happen in a single-threaded program (would deadlock)
925 */
926 goto err;
927 }
928
929 modes[type] = rw;
930 } else if (mode & CRYPTO_UNLOCK) {
931 if (!modes[type]) {
932 errstr = "not locked";
933 goto err;
934 }
935
936 if (modes[type] != rw) {
937 errstr = (rw == CRYPTO_READ) ?
938 "CRYPTO_r_unlock on write lock" :
939 "CRYPTO_w_unlock on read lock";
940 }
941
942 modes[type] = 0;
943 } else {
944 errstr = "invalid mode";
945 goto err;
946 }
3ac82faa
BM		 947
948 err:
0f113f3e
MC		 949 if (errstr) {
950 /* we cannot use bio_err here */
951 fprintf(stderr,
952 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
953 errstr, mode, type, file, line);
954 }
955}
3ac82faa 956
6b691a5c 957int main(int argc, char *argv[])
0f113f3e
MC		 958{
959 char *CApath = NULL, *CAfile = NULL;
960 int badop = 0;
961 int bio_pair = 0;
962 int force = 0;
98b8cdd3 963 int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl3 = 0, ret = 1;
0f113f3e
MC		 964 int client_auth = 0;
965 int server_auth = 0, i;
966 struct app_verify_arg app_verify_arg =
967 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
968 char *server_cert = TEST_SERVER_CERT;
969 char *server_key = NULL;
970 char *client_cert = TEST_CLIENT_CERT;
971 char *client_key = NULL;
10bf4fc2 972#ifndef OPENSSL_NO_EC
0f113f3e
MC		 973 char *named_curve = NULL;
974#endif
975 SSL_CTX *s_ctx = NULL;
976 SSL_CTX *c_ctx = NULL;
977 const SSL_METHOD *meth = NULL;
978 SSL *c_ssl, *s_ssl;
979 int number = 1, reuse = 0;
980 long bytes = 256L;
bc36ee62 981#ifndef OPENSSL_NO_DH
0f113f3e
MC		 982 DH *dh;
983 int dhe1024 = 0, dhe1024dsa = 0;
ea262260 984#endif
10bf4fc2 985#ifndef OPENSSL_NO_EC
0f113f3e 986 EC_KEY *ecdh = NULL;
edc032b5
BL		 987#endif
988#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 989 /* client */
990 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
991 /* server */
992 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
993#endif
994 int no_dhe = 0;
995 int no_ecdhe = 0;
996 int no_psk = 0;
997 int print_time = 0;
998 clock_t s_time = 0, c_time = 0;
09b6c2ef 999#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1000 int comp = 0;
1001 COMP_METHOD *cm = NULL;
1002 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
00a37b5a 1003#endif
0f113f3e 1004 int test_cipherlist = 0;
086e32a6 1005#ifdef OPENSSL_FIPS
0f113f3e
MC		 1006 int fips_mode = 0;
1007#endif
1008 int no_protocol = 0;
3dca57f8 1009 int n;
0f113f3e
MC		 1010
1011 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1012 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1013 const char *arg = NULL, *argn = NULL;
1014
1015 verbose = 0;
1016 debug = 0;
1017 cipher = 0;
1018
1019 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1020
1021 CRYPTO_set_locking_callback(lock_dbg_cb);
1022
1023 /* enable memory leak checking unless explicitly disabled */
1024 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
1025 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
1026 CRYPTO_malloc_debug_init();
1027 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1028 } else {
1029 /* OPENSSL_DEBUG_MEMORY=off */
1030 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1031 }
1032 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1033
1034 RAND_seed(rnd_seed, sizeof rnd_seed);
1035
1036 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1037
1038 s_cctx = SSL_CONF_CTX_new();
1039 c_cctx = SSL_CONF_CTX_new();
1040
1041 if (!s_cctx || !c_cctx) {
1042 ERR_print_errors(bio_err);
1043 goto end;
1044 }
1045
1046 SSL_CONF_CTX_set_flags(s_cctx,
1047 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER);
1048 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1049 ERR_print_errors(bio_err);
1050 goto end;
1051 }
1052
1053 SSL_CONF_CTX_set_flags(c_cctx,
1054 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT);
1055 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1056 ERR_print_errors(bio_err);
1057 goto end;
1058 }
1059
1060 argc--;
1061 argv++;
1062
1063 while (argc >= 1) {
1064 if (!strcmp(*argv, "-F")) {
086e32a6 1065#ifdef OPENSSL_FIPS
0f113f3e 1066 fips_mode = 1;
086e32a6 1067#else
0f113f3e
MC		 1068 fprintf(stderr,
1069 "not compiled with FIPS support, so exiting without running.\n");
1070 EXIT(0);
1071#endif
1072 } else if (strcmp(*argv, "-server_auth") == 0)
1073 server_auth = 1;
1074 else if (strcmp(*argv, "-client_auth") == 0)
1075 client_auth = 1;
1076 else if (strcmp(*argv, "-proxy_auth") == 0) {
1077 if (--argc < 1)
1078 goto bad;
1079 app_verify_arg.proxy_auth = *(++argv);
1080 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1081 if (--argc < 1)
1082 goto bad;
1083 app_verify_arg.proxy_cond = *(++argv);
1084 } else if (strcmp(*argv, "-v") == 0)
1085 verbose = 1;
1086 else if (strcmp(*argv, "-d") == 0)
1087 debug = 1;
1088 else if (strcmp(*argv, "-reuse") == 0)
1089 reuse = 1;
1090 else if (strcmp(*argv, "-dhe1024") == 0) {
90f5a2b6 1091#ifndef OPENSSL_NO_DH
0f113f3e 1092 dhe1024 = 1;
90f5a2b6 1093#else
0f113f3e
MC		 1094 fprintf(stderr,
1095 "ignoring -dhe1024, since I'm compiled without DH\n");
90f5a2b6 1096#endif
0f113f3e 1097 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
90f5a2b6 1098#ifndef OPENSSL_NO_DH
0f113f3e 1099 dhe1024dsa = 1;
90f5a2b6 1100#else
0f113f3e
MC		 1101 fprintf(stderr,
1102 "ignoring -dhe1024, since I'm compiled without DH\n");
1103#endif
1104 } else if (strcmp(*argv, "-no_dhe") == 0)
1105 no_dhe = 1;
1106 else if (strcmp(*argv, "-no_ecdhe") == 0)
1107 no_ecdhe = 1;
1108 else if (strcmp(*argv, "-psk") == 0) {
1109 if (--argc < 1)
1110 goto bad;
1111 psk_key = *(++argv);
ddac1974 1112#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1113 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1114 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1115 goto bad;
1116 }
ddac1974 1117#else
0f113f3e 1118 no_psk = 1;
ddac1974 1119#endif
0f113f3e 1120 }
edc032b5 1121#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1122 else if (strcmp(*argv, "-srpuser") == 0) {
1123 if (--argc < 1)
1124 goto bad;
1125 srp_server_arg.expected_user = srp_client_arg.srplogin =
1126 *(++argv);
1127 tls1 = 1;
1128 } else if (strcmp(*argv, "-srppass") == 0) {
1129 if (--argc < 1)
1130 goto bad;
1131 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1132 tls1 = 1;
1133 }
1134#endif
1135 else if (strcmp(*argv, "-tls1") == 0) {
0f113f3e
MC		 1136 tls1 = 1;
1137 } else if (strcmp(*argv, "-ssl3") == 0) {
3881d810 1138#ifdef OPENSSL_NO_SSL3_METHOD
0f113f3e
MC		 1139 no_protocol = 1;
1140#endif
1141 ssl3 = 1;
98b8cdd3
DW		 1142 } else if (strcmp(*argv, "-dtls1") == 0) {
1143#ifdef OPENSSL_NO_DTLS
1144 no_protocol = 1;
1145#endif
1146 dtls1 = 1;
1147 } else if (strcmp(*argv, "-dtls12") == 0) {
1148#ifdef OPENSSL_NO_DTLS
1149 no_protocol = 1;
1150#endif
1151 dtls12 = 1;
0f113f3e
MC		 1152 } else if (strncmp(*argv, "-num", 4) == 0) {
1153 if (--argc < 1)
1154 goto bad;
1155 number = atoi(*(++argv));
1156 if (number == 0)
1157 number = 1;
1158 } else if (strcmp(*argv, "-bytes") == 0) {
1159 if (--argc < 1)
1160 goto bad;
1161 bytes = atol(*(++argv));
1162 if (bytes == 0L)
1163 bytes = 1L;
1164 i = strlen(argv[0]);
1165 if (argv[0][i - 1] == 'k')
1166 bytes *= 1024L;
1167 if (argv[0][i - 1] == 'm')
1168 bytes *= 1024L * 1024L;
1169 } else if (strcmp(*argv, "-cert") == 0) {
1170 if (--argc < 1)
1171 goto bad;
1172 server_cert = *(++argv);
1173 } else if (strcmp(*argv, "-s_cert") == 0) {
1174 if (--argc < 1)
1175 goto bad;
1176 server_cert = *(++argv);
1177 } else if (strcmp(*argv, "-key") == 0) {
1178 if (--argc < 1)
1179 goto bad;
1180 server_key = *(++argv);
1181 } else if (strcmp(*argv, "-s_key") == 0) {
1182 if (--argc < 1)
1183 goto bad;
1184 server_key = *(++argv);
1185 } else if (strcmp(*argv, "-c_cert") == 0) {
1186 if (--argc < 1)
1187 goto bad;
1188 client_cert = *(++argv);
1189 } else if (strcmp(*argv, "-c_key") == 0) {
1190 if (--argc < 1)
1191 goto bad;
1192 client_key = *(++argv);
1193 } else if (strcmp(*argv, "-cipher") == 0) {
1194 if (--argc < 1)
1195 goto bad;
1196 cipher = *(++argv);
1197 } else if (strcmp(*argv, "-CApath") == 0) {
1198 if (--argc < 1)
1199 goto bad;
1200 CApath = *(++argv);
1201 } else if (strcmp(*argv, "-CAfile") == 0) {
1202 if (--argc < 1)
1203 goto bad;
1204 CAfile = *(++argv);
1205 } else if (strcmp(*argv, "-bio_pair") == 0) {
1206 bio_pair = 1;
1207 } else if (strcmp(*argv, "-f") == 0) {
1208 force = 1;
1209 } else if (strcmp(*argv, "-time") == 0) {
1210 print_time = 1;
1211 }
a4c4a7d5 1212#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1213 else if (strcmp(*argv, "-zlib") == 0) {
1214 comp = COMP_ZLIB;
1215 } else if (strcmp(*argv, "-rle") == 0) {
1216 comp = COMP_RLE;
1217 }
1218#endif
1219 else if (strcmp(*argv, "-named_curve") == 0) {
1220 if (--argc < 1)
1221 goto bad;
10bf4fc2 1222#ifndef OPENSSL_NO_EC
0f113f3e 1223 named_curve = *(++argv);
90f5a2b6 1224#else
0f113f3e
MC		 1225 fprintf(stderr,
1226 "ignoring -named_curve, since I'm compiled without ECDH\n");
1227 ++argv;
1228#endif
1229 } else if (strcmp(*argv, "-app_verify") == 0) {
1230 app_verify_arg.app_verify = 1;
1231 } else if (strcmp(*argv, "-proxy") == 0) {
1232 app_verify_arg.allow_proxy_certs = 1;
1233 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1234 test_cipherlist = 1;
1235 }
2911575c 1236#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1237 else if (strcmp(*argv, "-npn_client") == 0) {
1238 npn_client = 1;
1239 } else if (strcmp(*argv, "-npn_server") == 0) {
1240 npn_server = 1;
1241 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1242 npn_server_reject = 1;
1243 }
1244#endif
1245 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1246 serverinfo_sct = 1;
1247 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1248 serverinfo_tack = 1;
1249 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1250 if (--argc < 1)
1251 goto bad;
1252 serverinfo_file = *(++argv);
1253 } else if (strcmp(*argv, "-custom_ext") == 0) {
1254 custom_ext = 1;
1255 } else if (strcmp(*argv, "-alpn_client") == 0) {
1256 if (--argc < 1)
1257 goto bad;
1258 alpn_client = *(++argv);
1259 } else if (strcmp(*argv, "-alpn_server") == 0) {
1260 if (--argc < 1)
1261 goto bad;
1262 alpn_server = *(++argv);
1263 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1264 if (--argc < 1)
1265 goto bad;
1266 alpn_expected = *(++argv);
1267 } else {
1268 int rv;
1269 arg = argv[0];
1270 argn = argv[1];
1271 /* Try to process command using SSL_CONF */
1272 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1273 /* If not processed try server */
1274 if (rv == 0)
1275 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1276 /* Recognised: store it for later use */
1277 if (rv > 0) {
1278 if (rv == 1)
1279 argn = NULL;
1280 if (!conf_args) {
1281 conf_args = sk_OPENSSL_STRING_new_null();
1282 if (!conf_args)
1283 goto end;
1284 }
1285 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1286 goto end;
1287 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1288 goto end;
1289 continue;
1290 }
1291 if (rv == -3)
1292 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1293 else if (rv < 0)
1294 BIO_printf(bio_err, "Error with command %s\n", arg);
1295 else if (rv == 0)
1296 BIO_printf(bio_err, "unknown option %s\n", arg);
1297 badop = 1;
1298 break;
1299 }
1300 argc--;
1301 argv++;
1302 }
1303 if (badop) {
1304 bad:
1305 sv_usage();
1306 goto end;
1307 }
1308
1309 /*
1310 * test_cipherlist prevails over protocol switch: we test the cipherlist
1311 * for all enabled protocols.
1312 */
1313 if (test_cipherlist == 1) {
1314 /*
1315 * ensure that the cipher list are correctly sorted and exit
1316 */
1317 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1318 "other options.\n");
1319 if (do_test_cipherlist() == 0)
1320 EXIT(1);
1321 ret = 0;
1322 goto end;
1323 }
1324
98b8cdd3
DW		 1325 if (ssl3 + tls1 + dtls1 + dtls12 > 1) {
1326 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls1 or -dtls12 should "
0f113f3e
MC		 1327 "be requested.\n");
1328 EXIT(1);
1329 }
1330
1331 /*
1332 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1333 * Ideally, we would error out, but the generic test wrapper can't know
1334 * when to expect failure. So we do nothing and return success.
1335 */
1336 if (no_protocol) {
1337 fprintf(stderr, "Testing was requested for a disabled protocol. "
1338 "Skipping tests.\n");
1339 ret = 0;
1340 goto end;
1341 }
1342
98b8cdd3 1343 if (!ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
0f113f3e
MC		 1344 fprintf(stderr, "This case cannot work. Use -f to perform "
1345 "the test anyway (and\n-d to see what happens), "
98b8cdd3 1346 "or add one of -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
0f113f3e
MC		 1347 "to avoid protocol mismatch.\n");
1348 EXIT(1);
1349 }
086e32a6 1350#ifdef OPENSSL_FIPS
0f113f3e
MC		 1351 if (fips_mode) {
1352 if (!FIPS_mode_set(1)) {
1353 ERR_load_crypto_strings();
1354 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
1355 EXIT(1);
1356 } else
1357 fprintf(stderr, "*** IN FIPS MODE ***\n");
1358 }
1359#endif
1360
1361 if (print_time) {
1362 if (!bio_pair) {
1363 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1364 bio_pair = 1;
1365 }
1366 if (number < 50 && !force)
1367 fprintf(stderr,
1368 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1369 }
1370
1371/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1372
1373 SSL_library_init();
1374 SSL_load_error_strings();
d02b48c6 1375
09b6c2ef 1376#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1377 if (comp == COMP_ZLIB)
1378 cm = COMP_zlib();
1379 if (comp == COMP_RLE)
1380 cm = COMP_rle();
1381 if (cm != NULL) {
1382 if (cm->type != NID_undef) {
1383 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1384 fprintf(stderr, "Failed to add compression method\n");
1385 ERR_print_errors_fp(stderr);
1386 }
1387 } else {
1388 fprintf(stderr,
1389 "Warning: %s compression not supported\n",
1390 (comp == COMP_RLE ? "rle" :
1391 (comp == COMP_ZLIB ? "zlib" : "unknown")));
1392 ERR_print_errors_fp(stderr);
1393 }
1394 }
1395 ssl_comp_methods = SSL_COMP_get_compression_methods();
3dca57f8
RS		 1396 n = sk_SSL_COMP_num(ssl_comp_methods);
1397 if (n) {
1398 int j;
1399 printf("Available compression methods:");
1400 for (j = 0; j < n; j++) {
1401 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1402 printf(" %s:%d", c->name, c->id);
22ebaae0 1403 }
3dca57f8 1404 printf("\n");
0f113f3e
MC		 1405 }
1406#endif
1407
1408 /*
1409 * At this point, ssl3/tls1 is only set if the protocol is available.
1410 * (Otherwise we exit early.) However the compiler doesn't know this, so
1411 * we ifdef.
1412 */
fd28a41e 1413#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 1414 if (ssl3)
1415 meth = SSLv3_method();
1416 else
98b8cdd3
DW		 1417#endif
1418#ifndef OPENSSL_NO_DTLS
1419 if (dtls1)
1420 meth = DTLSv1_method();
1421 else if (dtls12)
1422 meth = DTLSv1_2_method();
1423 else
fd28a41e 1424#endif
0f113f3e
MC		 1425 if (tls1)
1426 meth = TLSv1_method();
1427 else
0f113f3e
MC		 1428 meth = SSLv23_method();
1429
1430 c_ctx = SSL_CTX_new(meth);
1431 s_ctx = SSL_CTX_new(meth);
1432 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1433 ERR_print_errors(bio_err);
1434 goto end;
1435 }
1436 /*
1437 * Since we will use low security ciphersuites and keys for testing set
1438 * security level to zero.
1439 */
1440 SSL_CTX_set_security_level(c_ctx, 0);
1441 SSL_CTX_set_security_level(s_ctx, 0);
1442
1443 if (cipher != NULL) {
61986d32 1444 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
69f68237
MC		 1445 || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1446 ERR_print_errors(bio_err);
1447 goto end;
1448 }
0f113f3e
MC		 1449 }
1450
1451 /* Process SSL_CONF arguments */
1452 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1453 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1454
1455 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1456 int rv;
1457 arg = sk_OPENSSL_STRING_value(conf_args, i);
1458 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1459 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1460 /* If not recognised use server context */
1461 if (rv == -2)
1462 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1463 if (rv <= 0) {
1464 BIO_printf(bio_err, "Error processing %s %s\n",
1465 arg, argn ? argn : "");
1466 ERR_print_errors(bio_err);
1467 goto end;
1468 }
1469 }
1470
1471 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
1472 BIO_puts(bio_err, "Error finishing context\n");
1473 ERR_print_errors(bio_err);
1474 goto end;
1475 }
bc36ee62 1476#ifndef OPENSSL_NO_DH
0f113f3e
MC		 1477 if (!no_dhe) {
1478 if (dhe1024dsa) {
1479 /*
1480 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1481 */
1482 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1483 dh = get_dh1024dsa();
1484 } else if (dhe1024)
1485 dh = get_dh1024();
1486 else
1487 dh = get_dh512();
1488 SSL_CTX_set_tmp_dh(s_ctx, dh);
1489 DH_free(dh);
1490 }
e4589582 1491#else
0f113f3e 1492 (void)no_dhe;
58964a49
RE		 1493#endif
1494
10bf4fc2 1495#ifndef OPENSSL_NO_EC
0f113f3e
MC		 1496 if (!no_ecdhe) {
1497 int nid;
1498
1499 if (named_curve != NULL) {
1500 nid = OBJ_sn2nid(named_curve);
1501 if (nid == 0) {
1502 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1503 goto end;
1504 }
1505 } else
1506# ifdef OPENSSL_NO_EC2M
1507 nid = NID_X9_62_prime256v1;
1508# else
1509 nid = NID_sect163r2;
1510# endif
1511
1512 ecdh = EC_KEY_new_by_curve_name(nid);
1513 if (ecdh == NULL) {
1514 BIO_printf(bio_err, "unable to create curve\n");
1515 goto end;
1516 }
1517
1518 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1519 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1520 EC_KEY_free(ecdh);
1521 }
b3310161 1522#else
0f113f3e 1523 (void)no_ecdhe;
ea262260
BM		 1524#endif
1525
bc36ee62 1526#ifndef OPENSSL_NO_RSA
0f113f3e 1527 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
d02b48c6
RE		 1528#endif
1529
0f113f3e
MC		 1530 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
1531 ERR_print_errors(bio_err);
1532 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1533 (server_key ? server_key :
1534 server_cert),
1535 SSL_FILETYPE_PEM)) {
1536 ERR_print_errors(bio_err);
1537 goto end;
1538 }
1539
1540 if (client_auth) {
61986d32 1541 if (!SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM)
69f68237 1542 || !SSL_CTX_use_PrivateKey_file(c_ctx,
0f113f3e 1543 (client_key ? client_key : client_cert),
69f68237
MC		 1544 SSL_FILETYPE_PEM)) {
1545 ERR_print_errors(bio_err);
1546 goto end;
1547 }
0f113f3e
MC		 1548 }
1549
1550 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1551 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1552 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1553 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1554 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1555 ERR_print_errors(bio_err);
1556 /* goto end; */
1557 }
1558
1559 if (client_auth) {
3dca57f8 1560 printf("client authentication\n");
0f113f3e
MC		 1561 SSL_CTX_set_verify(s_ctx,
1562 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1563 verify_callback);
1564 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1565 &app_verify_arg);
1566 }
1567 if (server_auth) {
3dca57f8 1568 printf("server authentication\n");
0f113f3e
MC		 1569 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1570 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1571 &app_verify_arg);
1572 }
1573
1574 {
1575 int session_id_context = 0;
61986d32 1576 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
69f68237
MC		 1577 sizeof session_id_context)) {
1578 ERR_print_errors(bio_err);
1579 goto end;
1580 }
0f113f3e
MC		 1581 }
1582
1583 /* Use PSK only if PSK key is given */
1584 if (psk_key != NULL) {
1585 /*
1586 * no_psk is used to avoid putting psk command to openssl tool
1587 */
1588 if (no_psk) {
1589 /*
1590 * if PSK is not compiled in and psk key is given, do nothing and
1591 * exit successfully
1592 */
1593 ret = 0;
1594 goto end;
1595 }
ddac1974 1596#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1597 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1598 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1599 if (debug)
1600 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1601 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1602 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1603 ERR_print_errors(bio_err);
1604 goto end;
1605 }
1606#endif
1607 }
edc032b5 1608#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1609 if (srp_client_arg.srplogin) {
1610 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1611 BIO_printf(bio_err, "Unable to set SRP username\n");
1612 goto end;
1613 }
1614 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1615 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1616 ssl_give_srp_client_pwd_cb);
1617 /*
1618 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1619 */
1620 }
1621
1622 if (srp_server_arg.expected_user != NULL) {
1623 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1624 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1625 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1626 }
edc032b5 1627#endif
ddac1974 1628
2911575c 1629#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1630 if (npn_client) {
1631 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1632 }
1633 if (npn_server) {
1634 if (npn_server_reject) {
1635 BIO_printf(bio_err,
1636 "Can't have both -npn_server and -npn_server_reject\n");
1637 goto end;
1638 }
1639 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1640 }
1641 if (npn_server_reject) {
1642 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1643 NULL);
1644 }
1645#endif
1646
69f68237 1647 if (serverinfo_sct) {
61986d32 1648 if (!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
0f113f3e 1649 NULL, NULL, NULL,
69f68237
MC		 1650 serverinfo_cli_parse_cb, NULL)) {
1651 BIO_printf(bio_err, "Error adding SCT extension\n");
1652 goto end;
1653 }
1654 }
1655 if (serverinfo_tack) {
61986d32 1656 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
0f113f3e 1657 NULL, NULL, NULL,
69f68237
MC		 1658 serverinfo_cli_parse_cb, NULL)) {
1659 BIO_printf(bio_err, "Error adding TACK extension\n");
1660 goto end;
1661 }
1662 }
0f113f3e
MC		 1663 if (serverinfo_file)
1664 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1665 BIO_printf(bio_err, "missing serverinfo file\n");
1666 goto end;
1667 }
1668
1669 if (custom_ext) {
61986d32 1670 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1671 custom_ext_0_cli_add_cb,
1672 NULL, NULL,
69f68237 1673 custom_ext_0_cli_parse_cb, NULL)
61986d32 1674 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1675 custom_ext_1_cli_add_cb,
1676 NULL, NULL,
69f68237 1677 custom_ext_1_cli_parse_cb, NULL)
61986d32 1678 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1679 custom_ext_2_cli_add_cb,
1680 NULL, NULL,
69f68237 1681 custom_ext_2_cli_parse_cb, NULL)
61986d32 1682 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1683 custom_ext_3_cli_add_cb,
1684 NULL, NULL,
69f68237 1685 custom_ext_3_cli_parse_cb, NULL)
61986d32 1686 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1687 custom_ext_0_srv_add_cb,
1688 NULL, NULL,
69f68237 1689 custom_ext_0_srv_parse_cb, NULL)
61986d32 1690 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1691 custom_ext_1_srv_add_cb,
1692 NULL, NULL,
69f68237 1693 custom_ext_1_srv_parse_cb, NULL)
61986d32 1694 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1695 custom_ext_2_srv_add_cb,
1696 NULL, NULL,
69f68237 1697 custom_ext_2_srv_parse_cb, NULL)
61986d32 1698 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1699 custom_ext_3_srv_add_cb,
1700 NULL, NULL,
69f68237
MC		 1701 custom_ext_3_srv_parse_cb, NULL)) {
1702 BIO_printf(bio_err, "Error setting custom extensions\n");
1703 goto end;
1704 }
0f113f3e
MC		 1705 }
1706
1707 if (alpn_server)
1708 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1709
1710 if (alpn_client) {
1711 unsigned short alpn_len;
1712 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1713
1714 if (alpn == NULL) {
1715 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1716 goto end;
1717 }
69f68237 1718 /* Returns 0 on success!! */
61986d32 1719 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
69f68237
MC		 1720 BIO_printf(bio_err, "Error setting ALPN\n");
1721 OPENSSL_free(alpn);
1722 goto end;
1723 }
0f113f3e
MC		 1724 OPENSSL_free(alpn);
1725 }
1726
1727 c_ssl = SSL_new(c_ctx);
1728 s_ssl = SSL_new(s_ctx);
58964a49 1729
bc36ee62 1730#ifndef OPENSSL_NO_KRB5
0f113f3e
MC		 1731 if (c_ssl && c_ssl->kssl_ctx) {
1732 char localhost[MAXHOSTNAMELEN + 2];
1733
1734 if (gethostname(localhost, sizeof localhost - 1) == 0) {
1735 localhost[sizeof localhost - 1] = '\0';
1736 if (strlen(localhost) == sizeof localhost - 1) {
1737 BIO_printf(bio_err, "localhost name too long\n");
1738 goto end;
1739 }
1740 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost);
1741 }
1742 }
1743#endif /* OPENSSL_NO_KRB5 */
1744
3dca57f8 1745 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
0f113f3e 1746 for (i = 0; i < number; i++) {
69f68237 1747 if (!reuse) {
61986d32 1748 if (!SSL_set_session(c_ssl, NULL)) {
69f68237
MC		 1749 BIO_printf(bio_err, "Failed to set session\n");
1750 goto end;
1751 }
1752 }
0f113f3e
MC		 1753 if (bio_pair)
1754 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1755 else
1756 ret = doit(s_ssl, c_ssl, bytes);
6b937f8b 1757 if (ret) break;
0f113f3e
MC		 1758 }
1759
1760 if (!verbose) {
1761 print_details(c_ssl, "");
1762 }
0f113f3e 1763 if (print_time) {
617d71bc 1764#ifdef CLOCKS_PER_SEC
0f113f3e
MC		 1765 /*
1766 * "To determine the time in seconds, the value returned by the clock
1767 * function should be divided by the value of the macro
1768 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1769 */
1770 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1771 "Approximate total client time: %6.2f s\n",
1772 (double)s_time / CLOCKS_PER_SEC,
1773 (double)c_time / CLOCKS_PER_SEC);
617d71bc 1774#else
0f113f3e
MC		 1775 BIO_printf(bio_stdout,
1776 "Approximate total server time: %6.2f units\n"
1777 "Approximate total client time: %6.2f units\n",
1778 (double)s_time, (double)c_time);
617d71bc 1779#endif
0f113f3e 1780 }
58964a49 1781
0f113f3e
MC		 1782 SSL_free(s_ssl);
1783 SSL_free(c_ssl);
58964a49 1784
0f113f3e 1785 end:
62adbcee
RS		 1786 SSL_CTX_free(s_ctx);
1787 SSL_CTX_free(c_ctx);
62adbcee
RS		 1788 SSL_CONF_CTX_free(s_cctx);
1789 SSL_CONF_CTX_free(c_cctx);
0f113f3e 1790 sk_OPENSSL_STRING_free(conf_args);
de94222d 1791
ca3a82c3 1792 BIO_free(bio_stdout);
d02b48c6 1793
bc36ee62 1794#ifndef OPENSSL_NO_RSA
0f113f3e 1795 free_tmp_rsa();
46b3bd54 1796#endif
0b13e9f0 1797#ifndef OPENSSL_NO_ENGINE
0f113f3e
MC		 1798 ENGINE_cleanup();
1799#endif
1800 CRYPTO_cleanup_all_ex_data();
1801 ERR_free_strings();
1802 ERR_remove_thread_state(NULL);
1803 EVP_cleanup();
1804 CRYPTO_mem_leaks(bio_err);
ca3a82c3 1805 BIO_free(bio_err);
0f113f3e 1806 EXIT(ret);
0f113f3e 1807}
d02b48c6 1808
563f1503 1809int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
0f113f3e
MC		 1810 clock_t *s_time, clock_t *c_time)
1811{
1812 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1813 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1814 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1815 int ret = 1;
1816
1817 size_t bufsiz = 256; /* small buffer for testing */
1818
1819 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1820 goto err;
1821 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1822 goto err;
1823
1824 s_ssl_bio = BIO_new(BIO_f_ssl());
1825 if (!s_ssl_bio)
1826 goto err;
1827
1828 c_ssl_bio = BIO_new(BIO_f_ssl());
1829 if (!c_ssl_bio)
1830 goto err;
1831
1832 SSL_set_connect_state(c_ssl);
1833 SSL_set_bio(c_ssl, client, client);
1834 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1835
1836 SSL_set_accept_state(s_ssl);
1837 SSL_set_bio(s_ssl, server, server);
1838 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1839
1840 do {
35a1cc90
MC		 1841 /*-
1842 * c_ssl_bio: SSL filter BIO
1843 *
1844 * client: pseudo-I/O for SSL library
1845 *
1846 * client_io: client's SSL communication; usually to be
1847 * relayed over some I/O facility, but in this
1848 * test program, we're the server, too:
1849 *
1850 * server_io: server's SSL communication
1851 *
1852 * server: pseudo-I/O for SSL library
1853 *
1854 * s_ssl_bio: SSL filter BIO
1855 *
1856 * The client and the server each employ a "BIO pair":
1857 * client + client_io, server + server_io.
1858 * BIO pairs are symmetric. A BIO pair behaves similar
1859 * to a non-blocking socketpair (but both endpoints must
1860 * be handled by the same thread).
1861 * [Here we could connect client and server to the ends
1862 * of a single BIO pair, but then this code would be less
1863 * suitable as an example for BIO pairs in general.]
1864 *
1865 * Useful functions for querying the state of BIO pair endpoints:
1866 *
1867 * BIO_ctrl_pending(bio) number of bytes we can read now
1868 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1869 * other side's read attempt
1870 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1871 *
1872 * ..._read_request is never more than ..._write_guarantee;
1873 * it depends on the application which one you should use.
1874 */
0f113f3e
MC		 1875
1876 /*
1877 * We have non-blocking behaviour throughout this test program, but
1878 * can be sure that there is *some* progress in each iteration; so we
1879 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1880 * we just try everything in each iteration
1881 */
1882
1883 {
1884 /* CLIENT */
1885
68b00c23 1886 char cbuf[1024 * 8];
0f113f3e
MC		 1887 int i, r;
1888 clock_t c_clock = clock();
1889
1890 memset(cbuf, 0, sizeof(cbuf));
1891
1892 if (debug)
1893 if (SSL_in_init(c_ssl))
1894 printf("client waiting in SSL_connect - %s\n",
1895 SSL_state_string_long(c_ssl));
1896
1897 if (cw_num > 0) {
1898 /* Write to server. */
1899
1900 if (cw_num > (long)sizeof cbuf)
1901 i = sizeof cbuf;
1902 else
1903 i = (int)cw_num;
1904 r = BIO_write(c_ssl_bio, cbuf, i);
1905 if (r < 0) {
1906 if (!BIO_should_retry(c_ssl_bio)) {
1907 fprintf(stderr, "ERROR in CLIENT\n");
1908 goto err;
1909 }
1910 /*
1911 * BIO_should_retry(...) can just be ignored here. The
1912 * library expects us to call BIO_write with the same
1913 * arguments again, and that's what we will do in the
1914 * next iteration.
1915 */
1916 } else if (r == 0) {
1917 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1918 goto err;
1919 } else {
1920 if (debug)
1921 printf("client wrote %d\n", r);
1922 cw_num -= r;
1923 }
1924 }
1925
1926 if (cr_num > 0) {
1927 /* Read from server. */
1928
1929 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1930 if (r < 0) {
1931 if (!BIO_should_retry(c_ssl_bio)) {
1932 fprintf(stderr, "ERROR in CLIENT\n");
1933 goto err;
1934 }
1935 /*
1936 * Again, "BIO_should_retry" can be ignored.
1937 */
1938 } else if (r == 0) {
1939 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1940 goto err;
1941 } else {
1942 if (debug)
1943 printf("client read %d\n", r);
1944 cr_num -= r;
1945 }
1946 }
1947
1948 /*
1949 * c_time and s_time increments will typically be very small
1950 * (depending on machine speed and clock tick intervals), but
1951 * sampling over a large number of connections should result in
1952 * fairly accurate figures. We cannot guarantee a lot, however
1953 * -- if each connection lasts for exactly one clock tick, it
1954 * will be counted only for the client or only for the server or
1955 * even not at all.
1956 */
1957 *c_time += (clock() - c_clock);
1958 }
1959
1960 {
1961 /* SERVER */
1962
68b00c23 1963 char sbuf[1024 * 8];
0f113f3e
MC		 1964 int i, r;
1965 clock_t s_clock = clock();
1966
1967 memset(sbuf, 0, sizeof(sbuf));
1968
1969 if (debug)
1970 if (SSL_in_init(s_ssl))
1971 printf("server waiting in SSL_accept - %s\n",
1972 SSL_state_string_long(s_ssl));
1973
1974 if (sw_num > 0) {
1975 /* Write to client. */
1976
1977 if (sw_num > (long)sizeof sbuf)
1978 i = sizeof sbuf;
1979 else
1980 i = (int)sw_num;
1981 r = BIO_write(s_ssl_bio, sbuf, i);
1982 if (r < 0) {
1983 if (!BIO_should_retry(s_ssl_bio)) {
1984 fprintf(stderr, "ERROR in SERVER\n");
1985 goto err;
1986 }
1987 /* Ignore "BIO_should_retry". */
1988 } else if (r == 0) {
1989 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1990 goto err;
1991 } else {
1992 if (debug)
1993 printf("server wrote %d\n", r);
1994 sw_num -= r;
1995 }
1996 }
1997
1998 if (sr_num > 0) {
1999 /* Read from client. */
2000
2001 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2002 if (r < 0) {
2003 if (!BIO_should_retry(s_ssl_bio)) {
2004 fprintf(stderr, "ERROR in SERVER\n");
2005 goto err;
2006 }
2007 /* blah, blah */
2008 } else if (r == 0) {
2009 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2010 goto err;
2011 } else {
2012 if (debug)
2013 printf("server read %d\n", r);
2014 sr_num -= r;
2015 }
2016 }
2017
2018 *s_time += (clock() - s_clock);
2019 }
2020
2021 {
2022 /* "I/O" BETWEEN CLIENT AND SERVER. */
2023
2024 size_t r1, r2;
2025 BIO *io1 = server_io, *io2 = client_io;
2026 /*
2027 * we use the non-copying interface for io1 and the standard
2028 * BIO_write/BIO_read interface for io2
2029 */
2030
2031 static int prev_progress = 1;
2032 int progress = 0;
2033
2034 /* io1 to io2 */
2035 do {
2036 size_t num;
2037 int r;
2038
2039 r1 = BIO_ctrl_pending(io1);
2040 r2 = BIO_ctrl_get_write_guarantee(io2);
2041
2042 num = r1;
2043 if (r2 < num)
2044 num = r2;
2045 if (num) {
2046 char *dataptr;
2047
2048 if (INT_MAX < num) /* yeah, right */
2049 num = INT_MAX;
2050
2051 r = BIO_nread(io1, &dataptr, (int)num);
2052 assert(r > 0);
2053 assert(r <= (int)num);
2054 /*
2055 * possibly r < num (non-contiguous data)
2056 */
2057 num = r;
2058 r = BIO_write(io2, dataptr, (int)num);
2059 if (r != (int)num) { /* can't happen */
2060 fprintf(stderr, "ERROR: BIO_write could not write "
2061 "BIO_ctrl_get_write_guarantee() bytes");
2062 goto err;
2063 }
2064 progress = 1;
2065
2066 if (debug)
2067 printf((io1 == client_io) ?
2068 "C->S relaying: %d bytes\n" :
2069 "S->C relaying: %d bytes\n", (int)num);
2070 }
2071 }
2072 while (r1 && r2);
2073
2074 /* io2 to io1 */
2075 {
2076 size_t num;
2077 int r;
2078
2079 r1 = BIO_ctrl_pending(io2);
2080 r2 = BIO_ctrl_get_read_request(io1);
2081 /*
2082 * here we could use ..._get_write_guarantee instead of
2083 * ..._get_read_request, but by using the latter we test
2084 * restartability of the SSL implementation more thoroughly
2085 */
2086 num = r1;
2087 if (r2 < num)
2088 num = r2;
2089 if (num) {
2090 char *dataptr;
2091
2092 if (INT_MAX < num)
2093 num = INT_MAX;
2094
2095 if (num > 1)
2096 --num; /* test restartability even more thoroughly */
2097
2098 r = BIO_nwrite0(io1, &dataptr);
2099 assert(r > 0);
2100 if (r < (int)num)
2101 num = r;
2102 r = BIO_read(io2, dataptr, (int)num);
2103 if (r != (int)num) { /* can't happen */
2104 fprintf(stderr, "ERROR: BIO_read could not read "
2105 "BIO_ctrl_pending() bytes");
2106 goto err;
2107 }
2108 progress = 1;
2109 r = BIO_nwrite(io1, &dataptr, (int)num);
2110 if (r != (int)num) { /* can't happen */
2111 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2112 "BIO_nwrite0() bytes");
2113 goto err;
2114 }
2115
2116 if (debug)
2117 printf((io2 == client_io) ?
2118 "C->S relaying: %d bytes\n" :
2119 "S->C relaying: %d bytes\n", (int)num);
2120 }
2121 } /* no loop, BIO_ctrl_get_read_request now
2122 * returns 0 anyway */
2123
2124 if (!progress && !prev_progress)
2125 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2126 fprintf(stderr, "ERROR: got stuck\n");
2127 fprintf(stderr, " ERROR.\n");
2128 goto err;
2129 }
2130 prev_progress = progress;
2131 }
2132 }
2133 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2134
2135 if (verbose)
2136 print_details(c_ssl, "DONE via BIO pair: ");
2911575c 2137#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2138 if (verify_npn(c_ssl, s_ssl) < 0) {
2139 ret = 1;
2140 goto end;
2141 }
2142#endif
2143 if (verify_serverinfo() < 0) {
2144 fprintf(stderr, "Server info verify error\n");
2145 ret = 1;
2146 goto err;
2147 }
2148 if (verify_alpn(c_ssl, s_ssl) < 0) {
2149 ret = 1;
2150 goto err;
2151 }
2152
2153 if (custom_ext_error) {
2154 fprintf(stderr, "Custom extension error\n");
2155 ret = 1;
2156 goto err;
2157 }
2158
2159 end:
2160 ret = 0;
95d29597
BM		 2161
2162 err:
0f113f3e
MC		 2163 ERR_print_errors(bio_err);
2164
ca3a82c3
RS		 2165 BIO_free(server);
2166 BIO_free(server_io);
2167 BIO_free(client);
2168 BIO_free(client_io);
2169 BIO_free(s_ssl_bio);
2170 BIO_free(c_ssl_bio);
0f113f3e
MC		 2171
2172 return ret;
2173}
2174
2175#define W_READ 1
2176#define W_WRITE 2
2177#define C_DONE 1
2178#define S_DONE 2
d02b48c6 2179
6b691a5c 2180int doit(SSL *s_ssl, SSL *c_ssl, long count)
0f113f3e
MC		 2181{
2182 char *cbuf = NULL, *sbuf = NULL;
2183 long bufsiz;
2184 long cw_num = count, cr_num = count;
2185 long sw_num = count, sr_num = count;
2186 int ret = 1;
2187 BIO *c_to_s = NULL;
2188 BIO *s_to_c = NULL;
2189 BIO *c_bio = NULL;
2190 BIO *s_bio = NULL;
2191 int c_r, c_w, s_r, s_w;
2192 int i, j;
2193 int done = 0;
2194 int c_write, s_write;
2195 int do_server = 0, do_client = 0;
2196 int max_frag = 5 * 1024;
2197
2198 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2199
2200 if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
2201 goto err;
2202 if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
2203 goto err;
2204
2205 memset(cbuf, 0, bufsiz);
2206 memset(sbuf, 0, bufsiz);
2207
2208 c_to_s = BIO_new(BIO_s_mem());
2209 s_to_c = BIO_new(BIO_s_mem());
2210 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2211 ERR_print_errors(bio_err);
2212 goto err;
2213 }
2214
2215 c_bio = BIO_new(BIO_f_ssl());
2216 s_bio = BIO_new(BIO_f_ssl());
2217 if ((c_bio == NULL) || (s_bio == NULL)) {
2218 ERR_print_errors(bio_err);
2219 goto err;
2220 }
2221
2222 SSL_set_connect_state(c_ssl);
2223 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2224 SSL_set_max_send_fragment(c_ssl, max_frag);
2225 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2226
2227 SSL_set_accept_state(s_ssl);
2228 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2229 SSL_set_max_send_fragment(s_ssl, max_frag);
2230 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2231
2232 c_r = 0;
2233 s_r = 1;
2234 c_w = 1;
2235 s_w = 0;
2236 c_write = 1, s_write = 0;
2237
2238 /* We can always do writes */
2239 for (;;) {
2240 do_server = 0;
2241 do_client = 0;
2242
2243 i = (int)BIO_pending(s_bio);
2244 if ((i && s_r) || s_w)
2245 do_server = 1;
2246
2247 i = (int)BIO_pending(c_bio);
2248 if ((i && c_r) || c_w)
2249 do_client = 1;
2250
2251 if (do_server && debug) {
2252 if (SSL_in_init(s_ssl))
2253 printf("server waiting in SSL_accept - %s\n",
2254 SSL_state_string_long(s_ssl));
3a83462d 2255/*-
35a1cc90
MC		 2256 else if (s_write)
2257 printf("server:SSL_write()\n");
2258 else
2259 printf("server:SSL_read()\n"); */
0f113f3e
MC		 2260 }
2261
2262 if (do_client && debug) {
2263 if (SSL_in_init(c_ssl))
2264 printf("client waiting in SSL_connect - %s\n",
2265 SSL_state_string_long(c_ssl));
3a83462d 2266/*-
35a1cc90
MC		 2267 else if (c_write)
2268 printf("client:SSL_write()\n");
2269 else
2270 printf("client:SSL_read()\n"); */
0f113f3e
MC		 2271 }
2272
2273 if (!do_client && !do_server) {
2274 fprintf(stdout, "ERROR IN STARTUP\n");
2275 ERR_print_errors(bio_err);
ae632974 2276 goto err;
0f113f3e
MC		 2277 }
2278 if (do_client && !(done & C_DONE)) {
2279 if (c_write) {
2280 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2281 i = BIO_write(c_bio, cbuf, j);
2282 if (i < 0) {
2283 c_r = 0;
2284 c_w = 0;
2285 if (BIO_should_retry(c_bio)) {
2286 if (BIO_should_read(c_bio))
2287 c_r = 1;
2288 if (BIO_should_write(c_bio))
2289 c_w = 1;
2290 } else {
2291 fprintf(stderr, "ERROR in CLIENT\n");
2292 ERR_print_errors(bio_err);
2293 goto err;
2294 }
2295 } else if (i == 0) {
2296 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2297 goto err;
2298 } else {
2299 if (debug)
2300 printf("client wrote %d\n", i);
2301 /* ok */
2302 s_r = 1;
2303 c_write = 0;
2304 cw_num -= i;
2305 if (max_frag > 1029)
2306 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2307 }
2308 } else {
2309 i = BIO_read(c_bio, cbuf, bufsiz);
2310 if (i < 0) {
2311 c_r = 0;
2312 c_w = 0;
2313 if (BIO_should_retry(c_bio)) {
2314 if (BIO_should_read(c_bio))
2315 c_r = 1;
2316 if (BIO_should_write(c_bio))
2317 c_w = 1;
2318 } else {
2319 fprintf(stderr, "ERROR in CLIENT\n");
2320 ERR_print_errors(bio_err);
2321 goto err;
2322 }
2323 } else if (i == 0) {
2324 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2325 goto err;
2326 } else {
2327 if (debug)
2328 printf("client read %d\n", i);
2329 cr_num -= i;
2330 if (sw_num > 0) {
2331 s_write = 1;
2332 s_w = 1;
2333 }
2334 if (cr_num <= 0) {
2335 s_write = 1;
2336 s_w = 1;
2337 done = S_DONE | C_DONE;
2338 }
2339 }
2340 }
2341 }
2342
2343 if (do_server && !(done & S_DONE)) {
2344 if (!s_write) {
2345 i = BIO_read(s_bio, sbuf, bufsiz);
2346 if (i < 0) {
2347 s_r = 0;
2348 s_w = 0;
2349 if (BIO_should_retry(s_bio)) {
2350 if (BIO_should_read(s_bio))
2351 s_r = 1;
2352 if (BIO_should_write(s_bio))
2353 s_w = 1;
2354 } else {
2355 fprintf(stderr, "ERROR in SERVER\n");
2356 ERR_print_errors(bio_err);
2357 goto err;
2358 }
2359 } else if (i == 0) {
2360 ERR_print_errors(bio_err);
2361 fprintf(stderr,
2362 "SSL SERVER STARTUP FAILED in SSL_read\n");
2363 goto err;
2364 } else {
2365 if (debug)
2366 printf("server read %d\n", i);
2367 sr_num -= i;
2368 if (cw_num > 0) {
2369 c_write = 1;
2370 c_w = 1;
2371 }
2372 if (sr_num <= 0) {
2373 s_write = 1;
2374 s_w = 1;
2375 c_write = 0;
2376 }
2377 }
2378 } else {
2379 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2380 i = BIO_write(s_bio, sbuf, j);
2381 if (i < 0) {
2382 s_r = 0;
2383 s_w = 0;
2384 if (BIO_should_retry(s_bio)) {
2385 if (BIO_should_read(s_bio))
2386 s_r = 1;
2387 if (BIO_should_write(s_bio))
2388 s_w = 1;
2389 } else {
2390 fprintf(stderr, "ERROR in SERVER\n");
2391 ERR_print_errors(bio_err);
2392 goto err;
2393 }
2394 } else if (i == 0) {
2395 ERR_print_errors(bio_err);
2396 fprintf(stderr,
2397 "SSL SERVER STARTUP FAILED in SSL_write\n");
2398 goto err;
2399 } else {
2400 if (debug)
2401 printf("server wrote %d\n", i);
2402 sw_num -= i;
2403 s_write = 0;
2404 c_r = 1;
2405 if (sw_num <= 0)
2406 done |= S_DONE;
2407 if (max_frag > 1029)
2408 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2409 }
2410 }
2411 }
2412
2413 if ((done & S_DONE) && (done & C_DONE))
2414 break;
2415 }
2416
2417 if (verbose)
2418 print_details(c_ssl, "DONE: ");
2911575c 2419#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2420 if (verify_npn(c_ssl, s_ssl) < 0) {
2421 ret = 1;
2422 goto err;
2423 }
2424#endif
2425 if (verify_serverinfo() < 0) {
2426 fprintf(stderr, "Server info verify error\n");
2427 ret = 1;
2428 goto err;
2429 }
2430 if (custom_ext_error) {
2431 fprintf(stderr, "Custom extension error\n");
2432 ret = 1;
2433 goto err;
2434 }
2435 ret = 0;
2436 err:
2437 /*
2438 * We have to set the BIO's to NULL otherwise they will be
2439 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2440 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2441 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2442 * SSL_free() automatically BIO_free non NULL entries. You should not
2443 * normally do this or be required to do this
2444 */
2445 if (s_ssl != NULL) {
2446 s_ssl->rbio = NULL;
2447 s_ssl->wbio = NULL;
2448 }
2449 if (c_ssl != NULL) {
2450 c_ssl->rbio = NULL;
2451 c_ssl->wbio = NULL;
2452 }
2453
ca3a82c3
RS		 2454 BIO_free(c_to_s);
2455 BIO_free(s_to_c);
2456 BIO_free_all(c_bio);
2457 BIO_free_all(s_bio);
b548a1f1
RS		 2458 OPENSSL_free(cbuf);
2459 OPENSSL_free(sbuf);
0f113f3e
MC		 2460
2461 return (ret);
2462}
d02b48c6 2463
a7201e9a 2464static int get_proxy_auth_ex_data_idx(void)
0f113f3e
MC		 2465{
2466 static volatile int idx = -1;
2467 if (idx < 0) {
2468 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2469 if (idx < 0) {
2470 idx = X509_STORE_CTX_get_ex_new_index(0,
2471 "SSLtest for verify callback",
2472 NULL, NULL, NULL);
2473 }
2474 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2475 }
2476 return idx;
2477}
a7201e9a 2478
6d23cf97 2479static int verify_callback(int ok, X509_STORE_CTX *ctx)
0f113f3e
MC		 2480{
2481 char *s, buf[256];
2482
2483 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2484 sizeof buf);
2485 if (s != NULL) {
2486 if (ok)
3dca57f8 2487 printf("depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2488 else {
2489 fprintf(stderr, "depth=%d error=%d %s\n",
2490 ctx->error_depth, ctx->error, buf);
2491 }
2492 }
2493
2494 if (ok == 0) {
0f113f3e 2495 switch (ctx->error) {
3dca57f8
RS		 2496 default:
2497 fprintf(stderr, "Error string: %s\n",
2498 X509_verify_cert_error_string(ctx->error));
2499 break;
0f113f3e
MC		 2500 case X509_V_ERR_CERT_NOT_YET_VALID:
2501 case X509_V_ERR_CERT_HAS_EXPIRED:
2502 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
0f113f3e
MC		 2503 ok = 1;
2504 }
2505 }
2506
2507 if (ok == 1) {
2508 X509 *xs = ctx->current_cert;
0f113f3e
MC		 2509 if (xs->ex_flags & EXFLAG_PROXY) {
2510 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2511 get_proxy_auth_ex_data_idx
2512 ());
2513
2514 if (letters) {
2515 int found_any = 0;
2516 int i;
2517 PROXY_CERT_INFO_EXTENSION *pci =
2518 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2519 NULL, NULL);
2520
2521 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2522 case NID_Independent:
2523 /*
2524 * Completely meaningless in this program, as there's no
2525 * way to grant explicit rights to a specific PrC.
2526 * Basically, using id-ppl-Independent is the perfect way
2527 * to grant no rights at all.
2528 */
2529 fprintf(stderr, " Independent proxy certificate");
2530 for (i = 0; i < 26; i++)
2531 letters[i] = 0;
2532 break;
2533 case NID_id_ppl_inheritAll:
2534 /*
2535 * This is basically a NOP, we simply let the current
2536 * rights stand as they are.
2537 */
2538 fprintf(stderr, " Proxy certificate inherits all");
2539 break;
2540 default:
2541 s = (char *)
2542 pci->proxyPolicy->policy->data;
2543 i = pci->proxyPolicy->policy->length;
2544
2545 /*
2546 * The algorithm works as follows: it is assumed that
2547 * previous iterations or the initial granted rights has
2548 * already set some elements of `letters'. What we need
2549 * to do is to clear those that weren't granted by the
2550 * current PrC as well. The easiest way to do this is to
2551 * add 1 to all the elements whose letters are given with
2552 * the current policy. That way, all elements that are
2553 * set by the current policy and were already set by
2554 * earlier policies and through the original grant of
2555 * rights will get the value 2 or higher. The last thing
2556 * to do is to sweep through `letters' and keep the
2557 * elements having the value 2 as set, and clear all the
2558 * others.
2559 */
2560
3dca57f8 2561 printf(" Certificate proxy rights = %*.*s", i,
0f113f3e
MC		 2562 i, s);
2563 while (i-- > 0) {
2564 int c = *s++;
2565 if (isascii(c) && isalpha(c)) {
2566 if (islower(c))
2567 c = toupper(c);
2568 letters[c - 'A']++;
2569 }
2570 }
2571 for (i = 0; i < 26; i++)
2572 if (letters[i] < 2)
2573 letters[i] = 0;
2574 else
2575 letters[i] = 1;
2576 }
2577
2578 found_any = 0;
3dca57f8 2579 printf(", resulting proxy rights = ");
0f113f3e
MC		 2580 for (i = 0; i < 26; i++)
2581 if (letters[i]) {
3dca57f8 2582 printf("%c", i + 'A');
0f113f3e
MC		 2583 found_any = 1;
2584 }
2585 if (!found_any)
3dca57f8
RS		 2586 printf("none");
2587 printf("\n");
0f113f3e
MC		 2588
2589 PROXY_CERT_INFO_EXTENSION_free(pci);
2590 }
2591 }
2592 }
2593
2594 return (ok);
2595}
d02b48c6 2596
a7201e9a 2597static void process_proxy_debug(int indent, const char *format, ...)
0f113f3e
MC		 2598{
2599 /* That's 80 > */
2600 static const char indentation[] =
2601 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2602 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2603 char my_format[256];
2604 va_list args;
2605
2606 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2607 indent, indent, indentation, format);
2608
2609 va_start(args, format);
2610 vfprintf(stderr, my_format, args);
2611 va_end(args);
2612}
2613
1d97c843
TH		 2614/*-
2615 * Priority levels:
0f113f3e
MC		 2616 * 0 [!]var, ()
2617 * 1 & ^
2618 * 2 |
1d97c843 2619 */
a7201e9a 2620static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2621 const char *cond, const char **cond_end,
2622 int *pos, int indent);
2623static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2624 const char **cond_end, int *pos, int indent)
2625{
2626 int c;
2627 int ok = 1;
2628 int negate = 0;
2629
2630 while (isspace((int)*cond)) {
2631 cond++;
2632 (*pos)++;
2633 }
2634 c = *cond;
2635
2636 if (debug)
2637 process_proxy_debug(indent,
2638 "Start process_proxy_cond_val at position %d: %s\n",
2639 *pos, cond);
2640
2641 while (c == '!') {
2642 negate = !negate;
2643 cond++;
2644 (*pos)++;
2645 while (isspace((int)*cond)) {
2646 cond++;
2647 (*pos)++;
2648 }
2649 c = *cond;
2650 }
2651
2652 if (c == '(') {
2653 cond++;
2654 (*pos)++;
2655 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2656 indent + 1);
2657 cond = *cond_end;
2658 if (ok < 0)
2659 goto end;
2660 while (isspace((int)*cond)) {
2661 cond++;
2662 (*pos)++;
2663 }
2664 c = *cond;
2665 if (c != ')') {
2666 fprintf(stderr,
2667 "Weird condition character in position %d: "
2668 "%c\n", *pos, c);
2669 ok = -1;
2670 goto end;
2671 }
2672 cond++;
2673 (*pos)++;
2674 } else if (isascii(c) && isalpha(c)) {
2675 if (islower(c))
2676 c = toupper(c);
2677 ok = letters[c - 'A'];
2678 cond++;
2679 (*pos)++;
2680 } else {
2681 fprintf(stderr,
2682 "Weird condition character in position %d: " "%c\n", *pos, c);
2683 ok = -1;
2684 goto end;
2685 }
a7201e9a 2686 end:
0f113f3e
MC		 2687 *cond_end = cond;
2688 if (ok >= 0 && negate)
2689 ok = !ok;
a7201e9a 2690
0f113f3e
MC		 2691 if (debug)
2692 process_proxy_debug(indent,
2693 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2694 *pos, cond, ok);
2695
2696 return ok;
2697}
a7201e9a 2698
a7201e9a 2699static int process_proxy_cond_multipliers(unsigned int letters[26],
0f113f3e
MC		 2700 const char *cond,
2701 const char **cond_end, int *pos,
2702 int indent)
2703{
2704 int ok;
2705 char c;
2706
2707 if (debug)
2708 process_proxy_debug(indent,
2709 "Start process_proxy_cond_multipliers at position %d: %s\n",
2710 *pos, cond);
2711
2712 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2713 cond = *cond_end;
2714 if (ok < 0)
2715 goto end;
2716
2717 while (ok >= 0) {
2718 while (isspace((int)*cond)) {
2719 cond++;
2720 (*pos)++;
2721 }
2722 c = *cond;
2723
2724 switch (c) {
2725 case '&':
2726 case '^':
2727 {
2728 int save_ok = ok;
2729
2730 cond++;
2731 (*pos)++;
2732 ok = process_proxy_cond_val(letters,
2733 cond, cond_end, pos, indent + 1);
2734 cond = *cond_end;
2735 if (ok < 0)
2736 break;
2737
2738 switch (c) {
2739 case '&':
2740 ok &= save_ok;
2741 break;
2742 case '^':
2743 ok ^= save_ok;
2744 break;
2745 default:
2746 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2747 " STOPPING\n");
2748 EXIT(1);
2749 }
2750 }
2751 break;
2752 default:
2753 goto end;
2754 }
2755 }
a7201e9a 2756 end:
0f113f3e
MC		 2757 if (debug)
2758 process_proxy_debug(indent,
2759 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2760 *pos, cond, ok);
2761
2762 *cond_end = cond;
2763 return ok;
2764}
2765
a7201e9a 2766static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2767 const char *cond, const char **cond_end,
2768 int *pos, int indent)
2769{
2770 int ok;
2771 char c;
2772
2773 if (debug)
2774 process_proxy_debug(indent,
2775 "Start process_proxy_cond_adders at position %d: %s\n",
2776 *pos, cond);
2777
2778 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2779 indent + 1);
2780 cond = *cond_end;
2781 if (ok < 0)
2782 goto end;
2783
2784 while (ok >= 0) {
2785 while (isspace((int)*cond)) {
2786 cond++;
2787 (*pos)++;
2788 }
2789 c = *cond;
2790
2791 switch (c) {
2792 case '|':
2793 {
2794 int save_ok = ok;
2795
2796 cond++;
2797 (*pos)++;
2798 ok = process_proxy_cond_multipliers(letters,
2799 cond, cond_end, pos,
2800 indent + 1);
2801 cond = *cond_end;
2802 if (ok < 0)
2803 break;
2804
2805 switch (c) {
2806 case '|':
2807 ok |= save_ok;
2808 break;
2809 default:
2810 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2811 " STOPPING\n");
2812 EXIT(1);
2813 }
2814 }
2815 break;
2816 default:
2817 goto end;
2818 }
2819 }
a7201e9a 2820 end:
0f113f3e
MC		 2821 if (debug)
2822 process_proxy_debug(indent,
2823 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2824 *pos, cond, ok);
a7201e9a 2825
0f113f3e
MC		 2826 *cond_end = cond;
2827 return ok;
2828}
a7201e9a
RL		 2829
2830static int process_proxy_cond(unsigned int letters[26],
0f113f3e
MC		 2831 const char *cond, const char **cond_end)
2832{
2833 int pos = 1;
2834 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2835}
a7201e9a 2836
6d23cf97 2837static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
0f113f3e
MC		 2838{
2839 int ok = 1;
2840 struct app_verify_arg *cb_arg = arg;
2841 unsigned int letters[26]; /* only used with proxy_auth */
2842
2843 if (cb_arg->app_verify) {
2844 char *s = NULL, buf[256];
2845
3dca57f8
RS		 2846 printf("In app_verify_callback, allowing cert. ");
2847 printf("Arg is: %s\n", cb_arg->string);
2848 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
0f113f3e
MC		 2849 (void *)ctx, (void *)ctx->cert);
2850 if (ctx->cert)
2851 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
2852 if (s != NULL) {
3dca57f8 2853 printf("cert depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2854 }
2855 return (1);
2856 }
2857 if (cb_arg->proxy_auth) {
2858 int found_any = 0, i;
2859 char *sp;
2860
2861 for (i = 0; i < 26; i++)
2862 letters[i] = 0;
2863 for (sp = cb_arg->proxy_auth; *sp; sp++) {
2864 int c = *sp;
2865 if (isascii(c) && isalpha(c)) {
2866 if (islower(c))
2867 c = toupper(c);
2868 letters[c - 'A'] = 1;
2869 }
2870 }
2871
3dca57f8 2872 printf(" Initial proxy rights = ");
0f113f3e
MC		 2873 for (i = 0; i < 26; i++)
2874 if (letters[i]) {
3dca57f8 2875 printf("%c", i + 'A');
0f113f3e
MC		 2876 found_any = 1;
2877 }
2878 if (!found_any)
3dca57f8
RS		 2879 printf("none");
2880 printf("\n");
0f113f3e
MC		 2881
2882 X509_STORE_CTX_set_ex_data(ctx,
2883 get_proxy_auth_ex_data_idx(), letters);
2884 }
2885 if (cb_arg->allow_proxy_certs) {
2886 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2887 }
0f113f3e 2888 ok = X509_verify_cert(ctx);
0f113f3e
MC		 2889
2890 if (cb_arg->proxy_auth) {
2891 if (ok > 0) {
2892 const char *cond_end = NULL;
2893
2894 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
2895
2896 if (ok < 0)
2897 EXIT(3);
2898 if (*cond_end) {
2899 fprintf(stderr,
2900 "Stopped processing condition before it's end.\n");
2901 ok = 0;
2902 }
2903 if (!ok)
2904 fprintf(stderr,
3dca57f8 2905 "Proxy rights check with condition '%s' invalid\n",
0f113f3e
MC		 2906 cb_arg->proxy_cond);
2907 else
3dca57f8 2908 printf("Proxy rights check with condition '%s' ok\n",
0f113f3e
MC		 2909 cb_arg->proxy_cond);
2910 }
2911 }
2912 return (ok);
2913}
023ec151 2914
bc36ee62 2915#ifndef OPENSSL_NO_RSA
0f113f3e 2916static RSA *rsa_tmp = NULL;
46b3bd54 2917
6d23cf97 2918static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
0f113f3e
MC		 2919{
2920 BIGNUM *bn = NULL;
2921 if (rsa_tmp == NULL) {
2922 bn = BN_new();
2923 rsa_tmp = RSA_new();
2924 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
2925 BIO_printf(bio_err, "Memory error...");
2926 goto end;
2927 }
3dca57f8 2928 printf("Generating temp (%d bit) RSA key...", keylength);
0f113f3e
MC		 2929 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2930 BIO_printf(bio_err, "Error generating key.");
2931 RSA_free(rsa_tmp);
2932 rsa_tmp = NULL;
2933 }
2934 end:
3dca57f8 2935 printf("\n");
0f113f3e 2936 }
23a1d5e9 2937 BN_free(bn);
0f113f3e
MC		 2938 return (rsa_tmp);
2939}
46b3bd54
BM		 2940
2941static void free_tmp_rsa(void)
0f113f3e 2942{
d6407083
RS		 2943 RSA_free(rsa_tmp);
2944 rsa_tmp = NULL;
0f113f3e 2945}
79df9d62 2946#endif
53002dc6 2947
bc36ee62 2948#ifndef OPENSSL_NO_DH
1d97c843
TH		 2949/*-
2950 * These DH parameters have been generated as follows:
e4589582
BM		 2951 * $ openssl dhparam -C -noout 512
2952 * $ openssl dhparam -C -noout 1024
2953 * $ openssl dhparam -C -noout -dsaparam 1024
2954 * (The third function has been renamed to avoid name conflicts.)
2955 */
f3f316f1 2956static DH *get_dh512()
0f113f3e
MC		 2957{
2958 static unsigned char dh512_p[] = {
2959 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2960 0xC6,
2961 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2962 0xB0,
2963 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2964 0x5F,
2965 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2966 0xB8,
2967 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2968 0x33,
2969 0x02, 0xC5, 0xAE, 0x23,
2970 };
2971 static unsigned char dh512_g[] = {
2972 0x02,
2973 };
2974 DH *dh;
2975
2976 if ((dh = DH_new()) == NULL)
2977 return (NULL);
2978 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2979 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2980 if ((dh->p == NULL) || (dh->g == NULL)) {
2981 DH_free(dh);
2982 return (NULL);
2983 }
2984 return (dh);
2985}
e4589582 2986
f3f316f1 2987static DH *get_dh1024()
0f113f3e
MC		 2988{
2989 static unsigned char dh1024_p[] = {
2990 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
2991 0x3A,
2992 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
2993 0xA2,
2994 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
2995 0xB0,
2996 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
2997 0xC2,
2998 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
2999 0x8C,
3000 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3001 0xB8,
3002 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3003 0x52,
3004 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3005 0xC1,
3006 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3007 0xB1,
3008 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3009 0xAB,
3010 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3011 };
3012 static unsigned char dh1024_g[] = {
3013 0x02,
3014 };
3015 DH *dh;
3016
3017 if ((dh = DH_new()) == NULL)
3018 return (NULL);
3019 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3020 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3021 if ((dh->p == NULL) || (dh->g == NULL)) {
3022 DH_free(dh);
3023 return (NULL);
3024 }
3025 return (dh);
3026}
53002dc6 3027
f3f316f1 3028static DH *get_dh1024dsa()
0f113f3e
MC		 3029{
3030 static unsigned char dh1024_p[] = {
3031 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3032 0x00,
3033 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3034 0x19,
3035 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3036 0xD2,
3037 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3038 0x55,
3039 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3040 0xFC,
3041 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3042 0x97,
3043 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3044 0x8D,
3045 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3046 0xBB,
3047 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3048 0xF6,
3049 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3050 0x9E,
3051 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3052 };
3053 static unsigned char dh1024_g[] = {
3054 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3055 0x05,
3056 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3057 0xF3,
3058 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3059 0xE9,
3060 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3061 0x3C,
3062 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3063 0x65,
3064 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3065 0x60,
3066 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3067 0xF6,
3068 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3069 0xA7,
3070 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3071 0xA1,
3072 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3073 0x60,
3074 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3075 };
3076 DH *dh;
3077
3078 if ((dh = DH_new()) == NULL)
3079 return (NULL);
3080 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3081 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3082 if ((dh->p == NULL) || (dh->g == NULL)) {
3083 DH_free(dh);
3084 return (NULL);
3085 }
3086 dh->length = 160;
3087 return (dh);
3088}
f71165b5 3089#endif
6e119bb0 3090
ddac1974
NL		 3091#ifndef OPENSSL_NO_PSK
3092/* convert the PSK key (psk_key) in ascii to binary (psk) */
3093static int psk_key2bn(const char *pskkey, unsigned char *psk,
0f113f3e
MC		 3094 unsigned int max_psk_len)
3095{
3096 int ret;
3097 BIGNUM *bn = NULL;
3098
3099 ret = BN_hex2bn(&bn, pskkey);
3100 if (!ret) {
3101 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3102 pskkey);
23a1d5e9 3103 BN_free(bn);
0f113f3e
MC		 3104 return 0;
3105 }
3106 if (BN_num_bytes(bn) > (int)max_psk_len) {
3107 BIO_printf(bio_err,
3108 "psk buffer of callback is too small (%d) for key (%d)\n",
3109 max_psk_len, BN_num_bytes(bn));
3110 BN_free(bn);
3111 return 0;
3112 }
3113 ret = BN_bn2bin(bn, psk);
3114 BN_free(bn);
3115 return ret;
3116}
3117
3118static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3119 char *identity,
3120 unsigned int max_identity_len,
3121 unsigned char *psk,
3122 unsigned int max_psk_len)
3123{
3124 int ret;
3125 unsigned int psk_len = 0;
3126
3127 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3128 if (ret < 0)
3129 goto out_err;
3130 if (debug)
3131 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3132 ret);
3133 ret = psk_key2bn(psk_key, psk, max_psk_len);
3134 if (ret < 0)
3135 goto out_err;
3136 psk_len = ret;
3137 out_err:
3138 return psk_len;
3139}
ddac1974
NL		 3140
3141static unsigned int psk_server_callback(SSL *ssl, const char *identity,
0f113f3e
MC		 3142 unsigned char *psk,
3143 unsigned int max_psk_len)
3144{
3145 unsigned int psk_len = 0;
ddac1974 3146
0f113f3e
MC		 3147 if (strcmp(identity, "Client_identity") != 0) {
3148 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3149 return 0;
3150 }
3151 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3152 return psk_len;
3153}
ddac1974
NL		 3154#endif
3155
6e119bb0 3156static int do_test_cipherlist(void)
0f113f3e
MC		 3157{
3158 int i = 0;
3159 const SSL_METHOD *meth;
3160 const SSL_CIPHER *ci, *tci = NULL;
6e119bb0 3161
00fe865d 3162#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 3163 meth = SSLv3_method();
3164 tci = NULL;
3165 while ((ci = meth->get_cipher(i++)) != NULL) {
3166 if (tci != NULL)
3167 if (ci->id >= tci->id) {
3dca57f8 3168 fprintf(stderr, "testing SSLv3 cipher list order: ");
0f113f3e
MC		 3169 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3170 return 0;
3171 }
3172 tci = ci;
3173 }
00fe865d 3174#endif
0f113f3e
MC		 3175 meth = TLSv1_method();
3176 tci = NULL;
3177 while ((ci = meth->get_cipher(i++)) != NULL) {
3178 if (tci != NULL)
3179 if (ci->id >= tci->id) {
3dca57f8 3180 fprintf(stderr, "testing TLSv1 cipher list order: ");
0f113f3e
MC		 3181 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3182 return 0;
3183 }
3184 tci = ci;
3185 }
0f113f3e
MC		 3186
3187 return 1;
3188}
A mirror of the official openssl repository