]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/ssltest_old.c
projects / thirdparty / openssl.git / blob
? search:


0c0aa6046a577373ee3662ac38e349f710298c16
[thirdparty/openssl.git] / test / ssltest_old.c
1 /*
2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4 * Copyright 2005 Nokia. All rights reserved.
5 *
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 */
11
12 #include "e_os.h"
13
14 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
15 #ifndef _BSD_SOURCE
16 # define _BSD_SOURCE 1
17 #endif
18 #ifndef _DEFAULT_SOURCE
19 # define _DEFAULT_SOURCE 1
20 #endif
21
22 #include <assert.h>
23 #include <errno.h>
24 #include <limits.h>
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include <time.h>
29
30 #include "internal/nelem.h"
31
32 #ifdef OPENSSL_SYS_VMS
33 /*
34 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
35 */
36 # define _XOPEN_SOURCE 500
37 #endif
38
39 #include <ctype.h>
40
41 #include <openssl/bio.h>
42 #include <openssl/crypto.h>
43 #include <openssl/evp.h>
44 #include <openssl/x509.h>
45 #include <openssl/x509v3.h>
46 #include <openssl/ssl.h>
47 #include <openssl/err.h>
48 #include <openssl/rand.h>
49 #ifndef OPENSSL_NO_RSA
50 # include <openssl/rsa.h>
51 #endif
52 #ifndef OPENSSL_NO_DSA
53 # include <openssl/dsa.h>
54 #endif
55 #ifndef OPENSSL_NO_DH
56 # include <openssl/dh.h>
57 #endif
58 #include <openssl/bn.h>
59 #ifndef OPENSSL_NO_CT
60 # include <openssl/ct.h>
61 #endif
62
63 /*
64 * Or gethostname won't be declared properly
65 * on Compaq platforms (at least with DEC C).
66 * Do not try to put it earlier, or IPv6 includes
67 * get screwed...
68 */
69 #define _XOPEN_SOURCE_EXTENDED 1
70
71 #ifdef OPENSSL_SYS_WINDOWS
72 # include <winsock.h>
73 #else
74 # include <unistd.h>
75 #endif
76
77 static SSL_CTX *s_ctx = NULL;
78 static SSL_CTX *s_ctx2 = NULL;
79
80 /*
81 * There is really no standard for this, so let's assign something
82 * only for this test
83 */
84 #define COMP_ZLIB 1
85
86 static int verify_callback(int ok, X509_STORE_CTX *ctx);
87 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
88 #define APP_CALLBACK_STRING "Test Callback Argument"
89 struct app_verify_arg {
90 char *string;
91 int app_verify;
92 };
93
94 #ifndef OPENSSL_NO_DH
95 static DH *get_dh512(void);
96 static DH *get_dh1024(void);
97 static DH *get_dh1024dsa(void);
98 #endif
99
100 static char *psk_key = NULL; /* by default PSK is not used */
101 #ifndef OPENSSL_NO_PSK
102 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
103 char *identity,
104 unsigned int max_identity_len,
105 unsigned char *psk,
106 unsigned int max_psk_len);
107 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
108 unsigned char *psk,
109 unsigned int max_psk_len);
110 #endif
111
112 static BIO *bio_err = NULL;
113 static BIO *bio_stdout = NULL;
114
115 #ifndef OPENSSL_NO_NEXTPROTONEG
116 /* Note that this code assumes that this is only a one element list: */
117 static const char NEXT_PROTO_STRING[] = "\x09testproto";
118 static int npn_client = 0;
119 static int npn_server = 0;
120 static int npn_server_reject = 0;
121
122 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
123 const unsigned char *in, unsigned int inlen,
124 void *arg)
125 {
126 /*
127 * This callback only returns the protocol string, rather than a length
128 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
129 * and remove the first byte to chop off the length prefix.
130 */
131 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
132 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
133 return SSL_TLSEXT_ERR_OK;
134 }
135
136 static int cb_server_npn(SSL *s, const unsigned char **data,
137 unsigned int *len, void *arg)
138 {
139 *data = (const unsigned char *)NEXT_PROTO_STRING;
140 *len = sizeof(NEXT_PROTO_STRING) - 1;
141 return SSL_TLSEXT_ERR_OK;
142 }
143
144 static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
145 unsigned int *len, void *arg)
146 {
147 return SSL_TLSEXT_ERR_NOACK;
148 }
149
150 static int verify_npn(SSL *client, SSL *server)
151 {
152 const unsigned char *client_s;
153 unsigned client_len;
154 const unsigned char *server_s;
155 unsigned server_len;
156
157 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
158 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
159
160 if (client_len) {
161 BIO_printf(bio_stdout, "Client NPN: ");
162 BIO_write(bio_stdout, client_s, client_len);
163 BIO_printf(bio_stdout, "\n");
164 }
165
166 if (server_len) {
167 BIO_printf(bio_stdout, "Server NPN: ");
168 BIO_write(bio_stdout, server_s, server_len);
169 BIO_printf(bio_stdout, "\n");
170 }
171
172 /*
173 * If an NPN string was returned, it must be the protocol that we
174 * expected to negotiate.
175 */
176 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
177 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
178 return -1;
179 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
180 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
181 return -1;
182
183 if (!npn_client && client_len)
184 return -1;
185 if (!npn_server && server_len)
186 return -1;
187 if (npn_server_reject && server_len)
188 return -1;
189 if (npn_client && npn_server && (!client_len || !server_len))
190 return -1;
191
192 return 0;
193 }
194 #endif
195
196 static const char *alpn_client;
197 static char *alpn_server;
198 static char *alpn_server2;
199 static const char *alpn_expected;
200 static unsigned char *alpn_selected;
201 static const char *server_min_proto;
202 static const char *server_max_proto;
203 static const char *client_min_proto;
204 static const char *client_max_proto;
205 static const char *should_negotiate;
206 static const char *sn_client;
207 static const char *sn_server1;
208 static const char *sn_server2;
209 static int sn_expect = 0;
210 static const char *server_sess_out;
211 static const char *server_sess_in;
212 static const char *client_sess_out;
213 static const char *client_sess_in;
214 static SSL_SESSION *server_sess;
215 static SSL_SESSION *client_sess;
216
217 static int servername_cb(SSL *s, int *ad, void *arg)
218 {
219 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
220 if (sn_server2 == NULL) {
221 BIO_printf(bio_stdout, "Servername 2 is NULL\n");
222 return SSL_TLSEXT_ERR_NOACK;
223 }
224
225 if (servername) {
226 if (s_ctx2 != NULL && sn_server2 != NULL &&
227 !strcasecmp(servername, sn_server2)) {
228 BIO_printf(bio_stdout, "Switching server context.\n");
229 SSL_set_SSL_CTX(s, s_ctx2);
230 }
231 }
232 return SSL_TLSEXT_ERR_OK;
233 }
234 static int verify_servername(SSL *client, SSL *server)
235 {
236 /* just need to see if sn_context is what we expect */
237 SSL_CTX* ctx = SSL_get_SSL_CTX(server);
238 if (sn_expect == 0)
239 return 0;
240 if (sn_expect == 1 && ctx == s_ctx)
241 return 0;
242 if (sn_expect == 2 && ctx == s_ctx2)
243 return 0;
244 BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect);
245 if (ctx == s_ctx2)
246 BIO_printf(bio_stdout, "Servername: context is 2\n");
247 else if (ctx == s_ctx)
248 BIO_printf(bio_stdout, "Servername: context is 1\n");
249 else
250 BIO_printf(bio_stdout, "Servername: context is unknown\n");
251 return -1;
252 }
253
254
255 /*-
256 * next_protos_parse parses a comma separated list of strings into a string
257 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
258 * outlen: (output) set to the length of the resulting buffer on success.
259 * in: a NUL terminated string like "abc,def,ghi"
260 *
261 * returns: a malloced buffer or NULL on failure.
262 */
263 static unsigned char *next_protos_parse(size_t *outlen,
264 const char *in)
265 {
266 size_t len;
267 unsigned char *out;
268 size_t i, start = 0;
269
270 len = strlen(in);
271 if (len >= 65535)
272 return NULL;
273
274 out = OPENSSL_malloc(strlen(in) + 1);
275 if (!out)
276 return NULL;
277
278 for (i = 0; i <= len; ++i) {
279 if (i == len || in[i] == ',') {
280 if (i - start > 255) {
281 OPENSSL_free(out);
282 return NULL;
283 }
284 out[start] = (unsigned char)(i - start);
285 start = i + 1;
286 } else
287 out[i + 1] = in[i];
288 }
289
290 *outlen = len + 1;
291 return out;
292 }
293
294 static int cb_server_alpn(SSL *s, const unsigned char **out,
295 unsigned char *outlen, const unsigned char *in,
296 unsigned int inlen, void *arg)
297 {
298 unsigned char *protos;
299 size_t protos_len;
300 char* alpn_str = arg;
301
302 protos = next_protos_parse(&protos_len, alpn_str);
303 if (protos == NULL) {
304 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
305 alpn_str);
306 abort();
307 }
308
309 if (SSL_select_next_proto
310 ((unsigned char **)out, outlen, protos, protos_len, in,
311 inlen) != OPENSSL_NPN_NEGOTIATED) {
312 OPENSSL_free(protos);
313 return SSL_TLSEXT_ERR_NOACK;
314 }
315
316 /*
317 * Make a copy of the selected protocol which will be freed in
318 * verify_alpn.
319 */
320 alpn_selected = OPENSSL_malloc(*outlen);
321 memcpy(alpn_selected, *out, *outlen);
322 *out = alpn_selected;
323
324 OPENSSL_free(protos);
325 return SSL_TLSEXT_ERR_OK;
326 }
327
328 static int verify_alpn(SSL *client, SSL *server)
329 {
330 const unsigned char *client_proto, *server_proto;
331 unsigned int client_proto_len = 0, server_proto_len = 0;
332 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
333 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
334
335 OPENSSL_free(alpn_selected);
336 alpn_selected = NULL;
337
338 if (client_proto_len != server_proto_len) {
339 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
340 goto err;
341 }
342
343 if (client_proto != NULL &&
344 memcmp(client_proto, server_proto, client_proto_len) != 0) {
345 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
346 goto err;
347 }
348
349 if (client_proto_len > 0 && alpn_expected == NULL) {
350 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
351 goto err;
352 }
353
354 if (alpn_expected != NULL &&
355 (client_proto_len != strlen(alpn_expected) ||
356 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
357 BIO_printf(bio_stdout,
358 "ALPN selected protocols not equal to expected protocol: %s\n",
359 alpn_expected);
360 goto err;
361 }
362
363 return 0;
364
365 err:
366 BIO_printf(bio_stdout, "ALPN results: client: '");
367 BIO_write(bio_stdout, client_proto, client_proto_len);
368 BIO_printf(bio_stdout, "', server: '");
369 BIO_write(bio_stdout, server_proto, server_proto_len);
370 BIO_printf(bio_stdout, "'\n");
371 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '",
372 alpn_client);
373 if (SSL_get_SSL_CTX(server) == s_ctx2) {
374 BIO_printf(bio_stdout, "%s'\n",
375 alpn_server2);
376 } else {
377 BIO_printf(bio_stdout, "%s'\n",
378 alpn_server);
379 }
380 return -1;
381 }
382
383 /*
384 * WARNING : below extension types are *NOT* IETF assigned, and could
385 * conflict if these types are reassigned and handled specially by OpenSSL
386 * in the future
387 */
388 #define TACK_EXT_TYPE 62208
389 #define CUSTOM_EXT_TYPE_0 1000
390 #define CUSTOM_EXT_TYPE_1 1001
391 #define CUSTOM_EXT_TYPE_2 1002
392 #define CUSTOM_EXT_TYPE_3 1003
393
394 static const char custom_ext_cli_string[] = "abc";
395 static const char custom_ext_srv_string[] = "defg";
396
397 /* These set from cmdline */
398 static char *serverinfo_file = NULL;
399 static int serverinfo_sct = 0;
400 static int serverinfo_tack = 0;
401
402 /* These set based on extension callbacks */
403 static int serverinfo_sct_seen = 0;
404 static int serverinfo_tack_seen = 0;
405 static int serverinfo_other_seen = 0;
406
407 /* This set from cmdline */
408 static int custom_ext = 0;
409
410 /* This set based on extension callbacks */
411 static int custom_ext_error = 0;
412
413 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
414 const unsigned char *in, size_t inlen,
415 int *al, void *arg)
416 {
417 if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp)
418 serverinfo_sct_seen++;
419 else if (ext_type == TACK_EXT_TYPE)
420 serverinfo_tack_seen++;
421 else
422 serverinfo_other_seen++;
423 return 1;
424 }
425
426 static int verify_serverinfo(void)
427 {
428 if (serverinfo_sct != serverinfo_sct_seen)
429 return -1;
430 if (serverinfo_tack != serverinfo_tack_seen)
431 return -1;
432 if (serverinfo_other_seen)
433 return -1;
434 return 0;
435 }
436
437 /*-
438 * Four test cases for custom extensions:
439 * 0 - no ClientHello extension or ServerHello response
440 * 1 - ClientHello with "abc", no response
441 * 2 - ClientHello with "abc", empty response
442 * 3 - ClientHello with "abc", "defg" response
443 */
444
445 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
446 const unsigned char **out,
447 size_t *outlen, int *al, void *arg)
448 {
449 if (ext_type != CUSTOM_EXT_TYPE_0)
450 custom_ext_error = 1;
451 return 0; /* Don't send an extension */
452 }
453
454 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
455 const unsigned char *in,
456 size_t inlen, int *al, void *arg)
457 {
458 return 1;
459 }
460
461 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
462 const unsigned char **out,
463 size_t *outlen, int *al, void *arg)
464 {
465 if (ext_type != CUSTOM_EXT_TYPE_1)
466 custom_ext_error = 1;
467 *out = (const unsigned char *)custom_ext_cli_string;
468 *outlen = strlen(custom_ext_cli_string);
469 return 1; /* Send "abc" */
470 }
471
472 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
473 const unsigned char *in,
474 size_t inlen, int *al, void *arg)
475 {
476 return 1;
477 }
478
479 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
480 const unsigned char **out,
481 size_t *outlen, int *al, void *arg)
482 {
483 if (ext_type != CUSTOM_EXT_TYPE_2)
484 custom_ext_error = 1;
485 *out = (const unsigned char *)custom_ext_cli_string;
486 *outlen = strlen(custom_ext_cli_string);
487 return 1; /* Send "abc" */
488 }
489
490 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
491 const unsigned char *in,
492 size_t inlen, int *al, void *arg)
493 {
494 if (ext_type != CUSTOM_EXT_TYPE_2)
495 custom_ext_error = 1;
496 if (inlen != 0)
497 custom_ext_error = 1; /* Should be empty response */
498 return 1;
499 }
500
501 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
502 const unsigned char **out,
503 size_t *outlen, int *al, void *arg)
504 {
505 if (ext_type != CUSTOM_EXT_TYPE_3)
506 custom_ext_error = 1;
507 *out = (const unsigned char *)custom_ext_cli_string;
508 *outlen = strlen(custom_ext_cli_string);
509 return 1; /* Send "abc" */
510 }
511
512 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
513 const unsigned char *in,
514 size_t inlen, int *al, void *arg)
515 {
516 if (ext_type != CUSTOM_EXT_TYPE_3)
517 custom_ext_error = 1;
518 if (inlen != strlen(custom_ext_srv_string))
519 custom_ext_error = 1;
520 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
521 custom_ext_error = 1; /* Check for "defg" */
522 return 1;
523 }
524
525 /*
526 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
527 * for this extension
528 */
529 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
530 const unsigned char *in,
531 size_t inlen, int *al, void *arg)
532 {
533 custom_ext_error = 1;
534 return 1;
535 }
536
537 /* 'add' callbacks are only called if the 'parse' callback is called */
538 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
539 const unsigned char **out,
540 size_t *outlen, int *al, void *arg)
541 {
542 /* Error: should not have been called */
543 custom_ext_error = 1;
544 return 0; /* Don't send an extension */
545 }
546
547 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
548 const unsigned char *in,
549 size_t inlen, int *al, void *arg)
550 {
551 if (ext_type != CUSTOM_EXT_TYPE_1)
552 custom_ext_error = 1;
553 /* Check for "abc" */
554 if (inlen != strlen(custom_ext_cli_string))
555 custom_ext_error = 1;
556 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
557 custom_ext_error = 1;
558 return 1;
559 }
560
561 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
562 const unsigned char **out,
563 size_t *outlen, int *al, void *arg)
564 {
565 return 0; /* Don't send an extension */
566 }
567
568 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
569 const unsigned char *in,
570 size_t inlen, int *al, void *arg)
571 {
572 if (ext_type != CUSTOM_EXT_TYPE_2)
573 custom_ext_error = 1;
574 /* Check for "abc" */
575 if (inlen != strlen(custom_ext_cli_string))
576 custom_ext_error = 1;
577 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
578 custom_ext_error = 1;
579 return 1;
580 }
581
582 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
583 const unsigned char **out,
584 size_t *outlen, int *al, void *arg)
585 {
586 *out = NULL;
587 *outlen = 0;
588 return 1; /* Send empty extension */
589 }
590
591 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
592 const unsigned char *in,
593 size_t inlen, int *al, void *arg)
594 {
595 if (ext_type != CUSTOM_EXT_TYPE_3)
596 custom_ext_error = 1;
597 /* Check for "abc" */
598 if (inlen != strlen(custom_ext_cli_string))
599 custom_ext_error = 1;
600 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
601 custom_ext_error = 1;
602 return 1;
603 }
604
605 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
606 const unsigned char **out,
607 size_t *outlen, int *al, void *arg)
608 {
609 *out = (const unsigned char *)custom_ext_srv_string;
610 *outlen = strlen(custom_ext_srv_string);
611 return 1; /* Send "defg" */
612 }
613
614 static char *cipher = NULL;
615 static char *ciphersuites = NULL;
616 static int verbose = 0;
617 static int debug = 0;
618
619 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family,
620 long bytes, clock_t *s_time, clock_t *c_time);
621 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
622 clock_t *c_time);
623 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
624
625 static void sv_usage(void)
626 {
627 fprintf(stderr, "usage: ssltest [args ...]\n");
628 fprintf(stderr, "\n");
629 fprintf(stderr, " -server_auth - check server certificate\n");
630 fprintf(stderr, " -client_auth - do client authentication\n");
631 fprintf(stderr, " -v - more output\n");
632 fprintf(stderr, " -d - debug output\n");
633 fprintf(stderr, " -reuse - use session-id reuse\n");
634 fprintf(stderr, " -num <val> - number of connections to perform\n");
635 fprintf(stderr,
636 " -bytes <val> - number of bytes to swap between client/server\n");
637 #ifndef OPENSSL_NO_DH
638 fprintf(stderr,
639 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
640 fprintf(stderr,
641 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
642 fprintf(stderr,
643 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
644 fprintf(stderr, " -no_dhe - disable DHE\n");
645 #endif
646 #ifndef OPENSSL_NO_EC
647 fprintf(stderr, " -no_ecdhe - disable ECDHE\nTODO(openssl-team): no_ecdhe was broken by auto ecdh. Make this work again.\n");
648 #endif
649 #ifndef OPENSSL_NO_PSK
650 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
651 #endif
652 #ifndef OPENSSL_NO_SSL3
653 fprintf(stderr, " -ssl3 - use SSLv3\n");
654 #endif
655 #ifndef OPENSSL_NO_TLS1
656 fprintf(stderr, " -tls1 - use TLSv1\n");
657 #endif
658 #ifndef OPENSSL_NO_DTLS
659 fprintf(stderr, " -dtls - use DTLS\n");
660 #ifndef OPENSSL_NO_DTLS1
661 fprintf(stderr, " -dtls1 - use DTLSv1\n");
662 #endif
663 #ifndef OPENSSL_NO_DTLS1_2
664 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
665 #endif
666 #endif
667 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
668 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
669 fprintf(stderr, " -cert arg - Server certificate file\n");
670 fprintf(stderr,
671 " -key arg - Server key file (default: same as -cert)\n");
672 fprintf(stderr, " -c_cert arg - Client certificate file\n");
673 fprintf(stderr,
674 " -c_key arg - Client key file (default: same as -c_cert)\n");
675 fprintf(stderr, " -cipher arg - The TLSv1.2 and below cipher list\n");
676 fprintf(stderr, " -ciphersuites arg - The TLSv1.3 ciphersuites\n");
677 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
678 fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n");
679 fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n");
680 fprintf(stderr, " -f - Test even cases that can't work\n");
681 fprintf(stderr,
682 " -time - measure processor time used by client and server\n");
683 fprintf(stderr, " -zlib - use zlib compression\n");
684 #ifndef OPENSSL_NO_NEXTPROTONEG
685 fprintf(stderr, " -npn_client - have client side offer NPN\n");
686 fprintf(stderr, " -npn_server - have server side offer NPN\n");
687 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
688 #endif
689 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
690 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
691 fprintf(stderr,
692 " -serverinfo_tack - have client offer and expect TACK\n");
693 fprintf(stderr,
694 " -custom_ext - try various custom extension callbacks\n");
695 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
696 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
697 fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n");
698 fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n");
699 fprintf(stderr,
700 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
701 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n");
702 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n");
703 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n");
704 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n");
705 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n");
706 #ifndef OPENSSL_NO_CT
707 fprintf(stderr, " -noct - no certificate transparency\n");
708 fprintf(stderr, " -requestct - request certificate transparency\n");
709 fprintf(stderr, " -requirect - require certificate transparency\n");
710 #endif
711 fprintf(stderr, " -sn_client <string> - have client request this servername\n");
712 fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n");
713 fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n");
714 fprintf(stderr, " -sn_expect1 - expected server 1\n");
715 fprintf(stderr, " -sn_expect2 - expected server 2\n");
716 fprintf(stderr, " -server_sess_out <file> - Save the server session to a file\n");
717 fprintf(stderr, " -server_sess_in <file> - Read the server session from a file\n");
718 fprintf(stderr, " -client_sess_out <file> - Save the client session to a file\n");
719 fprintf(stderr, " -client_sess_in <file> - Read the client session from a file\n");
720 fprintf(stderr, " -should_reuse <number> - The expected state of reusing the session\n");
721 fprintf(stderr, " -no_ticket - do not issue TLS session ticket\n");
722 }
723
724 static void print_key_details(BIO *out, EVP_PKEY *key)
725 {
726 int keyid = EVP_PKEY_id(key);
727 #ifndef OPENSSL_NO_EC
728 if (keyid == EVP_PKEY_EC) {
729 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
730 int nid;
731 const char *cname;
732 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
733 EC_KEY_free(ec);
734 cname = EC_curve_nid2nist(nid);
735 if (!cname)
736 cname = OBJ_nid2sn(nid);
737 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
738 } else
739 #endif
740 {
741 const char *algname;
742 switch (keyid) {
743 case EVP_PKEY_RSA:
744 algname = "RSA";
745 break;
746 case EVP_PKEY_DSA:
747 algname = "DSA";
748 break;
749 case EVP_PKEY_DH:
750 algname = "DH";
751 break;
752 default:
753 algname = OBJ_nid2sn(keyid);
754 break;
755 }
756 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
757 }
758 }
759
760 static void print_details(SSL *c_ssl, const char *prefix)
761 {
762 const SSL_CIPHER *ciph;
763 int mdnid;
764 X509 *cert;
765 EVP_PKEY *pkey;
766
767 ciph = SSL_get_current_cipher(c_ssl);
768 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
769 prefix,
770 SSL_get_version(c_ssl),
771 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
772 cert = SSL_get_peer_certificate(c_ssl);
773 if (cert != NULL) {
774 EVP_PKEY* pubkey = X509_get0_pubkey(cert);
775
776 if (pubkey != NULL) {
777 BIO_puts(bio_stdout, ", ");
778 print_key_details(bio_stdout, pubkey);
779 }
780 X509_free(cert);
781 }
782 if (SSL_get_peer_tmp_key(c_ssl, &pkey)) {
783 BIO_puts(bio_stdout, ", temp key: ");
784 print_key_details(bio_stdout, pkey);
785 EVP_PKEY_free(pkey);
786 }
787 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
788 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
789 BIO_printf(bio_stdout, "\n");
790 }
791
792 /*
793 * protocol_from_string - converts a protocol version string to a number
794 *
795 * Returns -1 on failure or the version on success
796 */
797 static int protocol_from_string(const char *value)
798 {
799 struct protocol_versions {
800 const char *name;
801 int version;
802 };
803 static const struct protocol_versions versions[] = {
804 {"ssl3", SSL3_VERSION},
805 {"tls1", TLS1_VERSION},
806 {"tls1.1", TLS1_1_VERSION},
807 {"tls1.2", TLS1_2_VERSION},
808 {"tls1.3", TLS1_3_VERSION},
809 {"dtls1", DTLS1_VERSION},
810 {"dtls1.2", DTLS1_2_VERSION}};
811 size_t i;
812 size_t n = OSSL_NELEM(versions);
813
814 for (i = 0; i < n; i++)
815 if (strcmp(versions[i].name, value) == 0)
816 return versions[i].version;
817 return -1;
818 }
819
820 static SSL_SESSION *read_session(const char *filename)
821 {
822 SSL_SESSION *sess;
823 BIO *f = BIO_new_file(filename, "r");
824
825 if (f == NULL) {
826 BIO_printf(bio_err, "Can't open session file %s\n", filename);
827 ERR_print_errors(bio_err);
828 return NULL;
829 }
830 sess = PEM_read_bio_SSL_SESSION(f, NULL, 0, NULL);
831 if (sess == NULL) {
832 BIO_printf(bio_err, "Can't parse session file %s\n", filename);
833 ERR_print_errors(bio_err);
834 }
835 BIO_free(f);
836 return sess;
837 }
838
839 static int write_session(const char *filename, SSL_SESSION *sess)
840 {
841 BIO *f = BIO_new_file(filename, "w");
842
843 if (sess == NULL) {
844 BIO_printf(bio_err, "No session information\n");
845 return 0;
846 }
847 if (f == NULL) {
848 BIO_printf(bio_err, "Can't open session file %s\n", filename);
849 ERR_print_errors(bio_err);
850 return 0;
851 }
852 PEM_write_bio_SSL_SESSION(f, sess);
853 BIO_free(f);
854 return 1;
855 }
856
857 /*
858 * set_protocol_version - Sets protocol version minimum or maximum
859 *
860 * Returns 0 on failure and 1 on success
861 */
862 static int set_protocol_version(const char *version, SSL *ssl, int setting)
863 {
864 if (version != NULL) {
865 int ver = protocol_from_string(version);
866 if (ver < 0) {
867 BIO_printf(bio_err, "Error parsing: %s\n", version);
868 return 0;
869 }
870 return SSL_ctrl(ssl, setting, ver, NULL);
871 }
872 return 1;
873 }
874
875 int main(int argc, char *argv[])
876 {
877 const char *CApath = NULL, *CAfile = NULL;
878 int badop = 0;
879 enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
880 int force = 0;
881 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0;
882 int ret = EXIT_FAILURE;
883 int client_auth = 0;
884 int server_auth = 0, i;
885 struct app_verify_arg app_verify_arg =
886 { APP_CALLBACK_STRING, 0 };
887 SSL_CTX *c_ctx = NULL;
888 const SSL_METHOD *meth = NULL;
889 SSL *c_ssl, *s_ssl;
890 int number = 1, reuse = 0;
891 int should_reuse = -1;
892 int no_ticket = 0;
893 long bytes = 256L;
894 #ifndef OPENSSL_NO_DH
895 DH *dh;
896 int dhe512 = 0, dhe1024dsa = 0;
897 #endif
898 int no_dhe = 0;
899 int no_psk = 0;
900 int print_time = 0;
901 clock_t s_time = 0, c_time = 0;
902 #ifndef OPENSSL_NO_COMP
903 int n, comp = 0;
904 COMP_METHOD *cm = NULL;
905 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
906 #endif
907 int no_protocol;
908 int min_version = 0, max_version = 0;
909 #ifndef OPENSSL_NO_CT
910 /*
911 * Disable CT validation by default, because it will interfere with
912 * anything using custom extension handlers to deal with SCT extensions.
913 */
914 int ct_validation = 0;
915 #endif
916 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL, *s_cctx2 = NULL;
917 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
918 char *arg = NULL, *argn = NULL;
919
920 verbose = 0;
921 debug = 0;
922
923 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
924 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
925
926 s_cctx = SSL_CONF_CTX_new();
927 s_cctx2 = SSL_CONF_CTX_new();
928 c_cctx = SSL_CONF_CTX_new();
929
930 if (!s_cctx || !c_cctx || !s_cctx2) {
931 ERR_print_errors(bio_err);
932 goto end;
933 }
934
935 SSL_CONF_CTX_set_flags(s_cctx,
936 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
937 SSL_CONF_FLAG_CERTIFICATE |
938 SSL_CONF_FLAG_REQUIRE_PRIVATE);
939 SSL_CONF_CTX_set_flags(s_cctx2,
940 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
941 SSL_CONF_FLAG_CERTIFICATE |
942 SSL_CONF_FLAG_REQUIRE_PRIVATE);
943 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
944 ERR_print_errors(bio_err);
945 goto end;
946 }
947 if (!SSL_CONF_CTX_set1_prefix(s_cctx2, "-s_")) {
948 ERR_print_errors(bio_err);
949 goto end;
950 }
951
952 SSL_CONF_CTX_set_flags(c_cctx,
953 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
954 SSL_CONF_FLAG_CERTIFICATE |
955 SSL_CONF_FLAG_REQUIRE_PRIVATE);
956 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
957 ERR_print_errors(bio_err);
958 goto end;
959 }
960
961 argc--;
962 argv++;
963
964 while (argc >= 1) {
965 if (strcmp(*argv, "-F") == 0) {
966 fprintf(stderr,
967 "not compiled with FIPS support, so exiting without running.\n");
968 EXIT(0);
969 } else if (strcmp(*argv, "-server_auth") == 0)
970 server_auth = 1;
971 else if (strcmp(*argv, "-client_auth") == 0)
972 client_auth = 1;
973 else if (strcmp(*argv, "-v") == 0)
974 verbose = 1;
975 else if (strcmp(*argv, "-d") == 0)
976 debug = 1;
977 else if (strcmp(*argv, "-reuse") == 0)
978 reuse = 1;
979 else if (strcmp(*argv, "-dhe512") == 0) {
980 #ifndef OPENSSL_NO_DH
981 dhe512 = 1;
982 #else
983 fprintf(stderr,
984 "ignoring -dhe512, since I'm compiled without DH\n");
985 #endif
986 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
987 #ifndef OPENSSL_NO_DH
988 dhe1024dsa = 1;
989 #else
990 fprintf(stderr,
991 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
992 #endif
993 } else if (strcmp(*argv, "-no_dhe") == 0)
994 no_dhe = 1;
995 else if (strcmp(*argv, "-no_ecdhe") == 0)
996 /* obsolete */;
997 else if (strcmp(*argv, "-psk") == 0) {
998 if (--argc < 1)
999 goto bad;
1000 psk_key = *(++argv);
1001 #ifndef OPENSSL_NO_PSK
1002 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1003 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1004 goto bad;
1005 }
1006 #else
1007 no_psk = 1;
1008 #endif
1009 }
1010 else if (strcmp(*argv, "-tls1_2") == 0) {
1011 tls1_2 = 1;
1012 } else if (strcmp(*argv, "-tls1") == 0) {
1013 tls1 = 1;
1014 } else if (strcmp(*argv, "-ssl3") == 0) {
1015 ssl3 = 1;
1016 } else if (strcmp(*argv, "-dtls1") == 0) {
1017 dtls1 = 1;
1018 } else if (strcmp(*argv, "-dtls12") == 0) {
1019 dtls12 = 1;
1020 } else if (strcmp(*argv, "-dtls") == 0) {
1021 dtls = 1;
1022 } else if (strncmp(*argv, "-num", 4) == 0) {
1023 if (--argc < 1)
1024 goto bad;
1025 number = atoi(*(++argv));
1026 if (number == 0)
1027 number = 1;
1028 } else if (strcmp(*argv, "-bytes") == 0) {
1029 if (--argc < 1)
1030 goto bad;
1031 bytes = atol(*(++argv));
1032 if (bytes == 0L)
1033 bytes = 1L;
1034 i = strlen(argv[0]);
1035 if (argv[0][i - 1] == 'k')
1036 bytes *= 1024L;
1037 if (argv[0][i - 1] == 'm')
1038 bytes *= 1024L * 1024L;
1039 } else if (strcmp(*argv, "-cipher") == 0) {
1040 if (--argc < 1)
1041 goto bad;
1042 cipher = *(++argv);
1043 } else if (strcmp(*argv, "-ciphersuites") == 0) {
1044 if (--argc < 1)
1045 goto bad;
1046 ciphersuites = *(++argv);
1047 } else if (strcmp(*argv, "-CApath") == 0) {
1048 if (--argc < 1)
1049 goto bad;
1050 CApath = *(++argv);
1051 } else if (strcmp(*argv, "-CAfile") == 0) {
1052 if (--argc < 1)
1053 goto bad;
1054 CAfile = *(++argv);
1055 } else if (strcmp(*argv, "-bio_pair") == 0) {
1056 bio_type = BIO_PAIR;
1057 }
1058 #ifndef OPENSSL_NO_SOCK
1059 else if (strcmp(*argv, "-ipv4") == 0) {
1060 bio_type = BIO_IPV4;
1061 } else if (strcmp(*argv, "-ipv6") == 0) {
1062 bio_type = BIO_IPV6;
1063 }
1064 #endif
1065 else if (strcmp(*argv, "-f") == 0) {
1066 force = 1;
1067 } else if (strcmp(*argv, "-time") == 0) {
1068 print_time = 1;
1069 }
1070 #ifndef OPENSSL_NO_CT
1071 else if (strcmp(*argv, "-noct") == 0) {
1072 ct_validation = 0;
1073 }
1074 else if (strcmp(*argv, "-ct") == 0) {
1075 ct_validation = 1;
1076 }
1077 #endif
1078 #ifndef OPENSSL_NO_COMP
1079 else if (strcmp(*argv, "-zlib") == 0) {
1080 comp = COMP_ZLIB;
1081 }
1082 #endif
1083 else if (strcmp(*argv, "-app_verify") == 0) {
1084 app_verify_arg.app_verify = 1;
1085 }
1086 #ifndef OPENSSL_NO_NEXTPROTONEG
1087 else if (strcmp(*argv, "-npn_client") == 0) {
1088 npn_client = 1;
1089 } else if (strcmp(*argv, "-npn_server") == 0) {
1090 npn_server = 1;
1091 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1092 npn_server_reject = 1;
1093 }
1094 #endif
1095 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1096 serverinfo_sct = 1;
1097 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1098 serverinfo_tack = 1;
1099 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1100 if (--argc < 1)
1101 goto bad;
1102 serverinfo_file = *(++argv);
1103 } else if (strcmp(*argv, "-custom_ext") == 0) {
1104 custom_ext = 1;
1105 } else if (strcmp(*argv, "-alpn_client") == 0) {
1106 if (--argc < 1)
1107 goto bad;
1108 alpn_client = *(++argv);
1109 } else if (strcmp(*argv, "-alpn_server") == 0 ||
1110 strcmp(*argv, "-alpn_server1") == 0) {
1111 if (--argc < 1)
1112 goto bad;
1113 alpn_server = *(++argv);
1114 } else if (strcmp(*argv, "-alpn_server2") == 0) {
1115 if (--argc < 1)
1116 goto bad;
1117 alpn_server2 = *(++argv);
1118 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1119 if (--argc < 1)
1120 goto bad;
1121 alpn_expected = *(++argv);
1122 } else if (strcmp(*argv, "-server_min_proto") == 0) {
1123 if (--argc < 1)
1124 goto bad;
1125 server_min_proto = *(++argv);
1126 } else if (strcmp(*argv, "-server_max_proto") == 0) {
1127 if (--argc < 1)
1128 goto bad;
1129 server_max_proto = *(++argv);
1130 } else if (strcmp(*argv, "-client_min_proto") == 0) {
1131 if (--argc < 1)
1132 goto bad;
1133 client_min_proto = *(++argv);
1134 } else if (strcmp(*argv, "-client_max_proto") == 0) {
1135 if (--argc < 1)
1136 goto bad;
1137 client_max_proto = *(++argv);
1138 } else if (strcmp(*argv, "-should_negotiate") == 0) {
1139 if (--argc < 1)
1140 goto bad;
1141 should_negotiate = *(++argv);
1142 } else if (strcmp(*argv, "-sn_client") == 0) {
1143 if (--argc < 1)
1144 goto bad;
1145 sn_client = *(++argv);
1146 } else if (strcmp(*argv, "-sn_server1") == 0) {
1147 if (--argc < 1)
1148 goto bad;
1149 sn_server1 = *(++argv);
1150 } else if (strcmp(*argv, "-sn_server2") == 0) {
1151 if (--argc < 1)
1152 goto bad;
1153 sn_server2 = *(++argv);
1154 } else if (strcmp(*argv, "-sn_expect1") == 0) {
1155 sn_expect = 1;
1156 } else if (strcmp(*argv, "-sn_expect2") == 0) {
1157 sn_expect = 2;
1158 } else if (strcmp(*argv, "-server_sess_out") == 0) {
1159 if (--argc < 1)
1160 goto bad;
1161 server_sess_out = *(++argv);
1162 } else if (strcmp(*argv, "-server_sess_in") == 0) {
1163 if (--argc < 1)
1164 goto bad;
1165 server_sess_in = *(++argv);
1166 } else if (strcmp(*argv, "-client_sess_out") == 0) {
1167 if (--argc < 1)
1168 goto bad;
1169 client_sess_out = *(++argv);
1170 } else if (strcmp(*argv, "-client_sess_in") == 0) {
1171 if (--argc < 1)
1172 goto bad;
1173 client_sess_in = *(++argv);
1174 } else if (strcmp(*argv, "-should_reuse") == 0) {
1175 if (--argc < 1)
1176 goto bad;
1177 should_reuse = !!atoi(*(++argv));
1178 } else if (strcmp(*argv, "-no_ticket") == 0) {
1179 no_ticket = 1;
1180 } else {
1181 int rv;
1182 arg = argv[0];
1183 argn = argv[1];
1184 /* Try to process command using SSL_CONF */
1185 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1186 /* If not processed try server */
1187 if (rv == 0)
1188 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1189 /* Recognised: store it for later use */
1190 if (rv > 0) {
1191 if (rv == 1)
1192 argn = NULL;
1193 if (!conf_args) {
1194 conf_args = sk_OPENSSL_STRING_new_null();
1195 if (!conf_args)
1196 goto end;
1197 }
1198 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1199 goto end;
1200 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1201 goto end;
1202 continue;
1203 }
1204 if (rv == -3)
1205 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1206 else if (rv < 0)
1207 BIO_printf(bio_err, "Error with command %s\n", arg);
1208 else if (rv == 0)
1209 BIO_printf(bio_err, "unknown option %s\n", arg);
1210 badop = 1;
1211 break;
1212 }
1213 argc--;
1214 argv++;
1215 }
1216 if (badop) {
1217 bad:
1218 sv_usage();
1219 goto end;
1220 }
1221
1222 if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
1223 fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
1224 "be requested.\n");
1225 EXIT(1);
1226 }
1227
1228 #ifdef OPENSSL_NO_SSL3
1229 if (ssl3)
1230 no_protocol = 1;
1231 else
1232 #endif
1233 #ifdef OPENSSL_NO_TLS1
1234 if (tls1)
1235 no_protocol = 1;
1236 else
1237 #endif
1238 #ifdef OPENSSL_NO_TLS1_2
1239 if (tls1_2)
1240 no_protocol = 1;
1241 else
1242 #endif
1243 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
1244 if (dtls1)
1245 no_protocol = 1;
1246 else
1247 #endif
1248 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1_2)
1249 if (dtls12)
1250 no_protocol = 1;
1251 else
1252 #endif
1253 no_protocol = 0;
1254
1255 /*
1256 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1257 * Ideally, we would error out, but the generic test wrapper can't know
1258 * when to expect failure. So we do nothing and return success.
1259 */
1260 if (no_protocol) {
1261 fprintf(stderr, "Testing was requested for a disabled protocol. "
1262 "Skipping tests.\n");
1263 ret = EXIT_SUCCESS;
1264 goto end;
1265 }
1266
1267 if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
1268 && !reuse && !force) {
1269 fprintf(stderr, "This case cannot work. Use -f to perform "
1270 "the test anyway (and\n-d to see what happens), "
1271 "or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
1272 "to avoid protocol mismatch.\n");
1273 EXIT(1);
1274 }
1275
1276 if (print_time) {
1277 if (bio_type != BIO_PAIR) {
1278 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1279 bio_type = BIO_PAIR;
1280 }
1281 if (number < 50 && !force)
1282 fprintf(stderr,
1283 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1284 }
1285
1286 #ifndef OPENSSL_NO_COMP
1287 if (comp == COMP_ZLIB)
1288 cm = COMP_zlib();
1289 if (cm != NULL) {
1290 if (COMP_get_type(cm) != NID_undef) {
1291 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1292 fprintf(stderr, "Failed to add compression method\n");
1293 ERR_print_errors_fp(stderr);
1294 }
1295 } else {
1296 fprintf(stderr,
1297 "Warning: %s compression not supported\n",
1298 comp == COMP_ZLIB ? "zlib" : "unknown");
1299 ERR_print_errors_fp(stderr);
1300 }
1301 }
1302 ssl_comp_methods = SSL_COMP_get_compression_methods();
1303 n = sk_SSL_COMP_num(ssl_comp_methods);
1304 if (n) {
1305 int j;
1306 printf("Available compression methods:");
1307 for (j = 0; j < n; j++) {
1308 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1309 printf(" %s:%d", SSL_COMP_get0_name(c), SSL_COMP_get_id(c));
1310 }
1311 printf("\n");
1312 }
1313 #endif
1314
1315 #ifndef OPENSSL_NO_TLS
1316 meth = TLS_method();
1317 if (ssl3) {
1318 min_version = SSL3_VERSION;
1319 max_version = SSL3_VERSION;
1320 } else if (tls1) {
1321 min_version = TLS1_VERSION;
1322 max_version = TLS1_VERSION;
1323 } else if (tls1_2) {
1324 min_version = TLS1_2_VERSION;
1325 max_version = TLS1_2_VERSION;
1326 } else {
1327 min_version = 0;
1328 max_version = 0;
1329 }
1330 #endif
1331 #ifndef OPENSSL_NO_DTLS
1332 if (dtls || dtls1 || dtls12) {
1333 meth = DTLS_method();
1334 if (dtls1) {
1335 min_version = DTLS1_VERSION;
1336 max_version = DTLS1_VERSION;
1337 } else if (dtls12) {
1338 min_version = DTLS1_2_VERSION;
1339 max_version = DTLS1_2_VERSION;
1340 } else {
1341 min_version = 0;
1342 max_version = 0;
1343 }
1344 }
1345 #endif
1346
1347 c_ctx = SSL_CTX_new(meth);
1348 s_ctx = SSL_CTX_new(meth);
1349 s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */
1350 if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) {
1351 ERR_print_errors(bio_err);
1352 goto end;
1353 }
1354 /*
1355 * Since we will use low security ciphersuites and keys for testing set
1356 * security level to zero by default. Tests can override this by adding
1357 * "@SECLEVEL=n" to the cipher string.
1358 */
1359 SSL_CTX_set_security_level(c_ctx, 0);
1360 SSL_CTX_set_security_level(s_ctx, 0);
1361 SSL_CTX_set_security_level(s_ctx2, 0);
1362
1363 if (no_ticket) {
1364 SSL_CTX_set_options(c_ctx, SSL_OP_NO_TICKET);
1365 SSL_CTX_set_options(s_ctx, SSL_OP_NO_TICKET);
1366 }
1367
1368 if (SSL_CTX_set_min_proto_version(c_ctx, min_version) == 0)
1369 goto end;
1370 if (SSL_CTX_set_max_proto_version(c_ctx, max_version) == 0)
1371 goto end;
1372 if (SSL_CTX_set_min_proto_version(s_ctx, min_version) == 0)
1373 goto end;
1374 if (SSL_CTX_set_max_proto_version(s_ctx, max_version) == 0)
1375 goto end;
1376
1377 if (cipher != NULL) {
1378 if (strcmp(cipher, "") == 0) {
1379 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)) {
1380 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
1381 ERR_clear_error();
1382 } else {
1383 ERR_print_errors(bio_err);
1384 goto end;
1385 }
1386 } else {
1387 /* Should have failed when clearing all TLSv1.2 ciphers. */
1388 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
1389 goto end;
1390 }
1391
1392 if (!SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1393 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
1394 ERR_clear_error();
1395 } else {
1396 ERR_print_errors(bio_err);
1397 goto end;
1398 }
1399 } else {
1400 /* Should have failed when clearing all TLSv1.2 ciphers. */
1401 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
1402 goto end;
1403 }
1404
1405 if (!SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
1406 if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_NO_CIPHER_MATCH) {
1407 ERR_clear_error();
1408 } else {
1409 ERR_print_errors(bio_err);
1410 goto end;
1411 }
1412 } else {
1413 /* Should have failed when clearing all TLSv1.2 ciphers. */
1414 fprintf(stderr, "CLEARING ALL TLSv1.2 CIPHERS SHOULD FAIL\n");
1415 goto end;
1416 }
1417 } else {
1418 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
1419 || !SSL_CTX_set_cipher_list(s_ctx, cipher)
1420 || !SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
1421 ERR_print_errors(bio_err);
1422 goto end;
1423 }
1424 }
1425 }
1426 if (ciphersuites != NULL) {
1427 if (!SSL_CTX_set_ciphersuites(c_ctx, ciphersuites)
1428 || !SSL_CTX_set_ciphersuites(s_ctx, ciphersuites)
1429 || !SSL_CTX_set_ciphersuites(s_ctx2, ciphersuites)) {
1430 ERR_print_errors(bio_err);
1431 goto end;
1432 }
1433 }
1434
1435 #ifndef OPENSSL_NO_CT
1436 if (ct_validation &&
1437 !SSL_CTX_enable_ct(c_ctx, SSL_CT_VALIDATION_STRICT)) {
1438 ERR_print_errors(bio_err);
1439 goto end;
1440 }
1441 #endif
1442
1443 /* Process SSL_CONF arguments */
1444 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1445 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1446 SSL_CONF_CTX_set_ssl_ctx(s_cctx2, s_ctx2);
1447
1448 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1449 int rv;
1450 arg = sk_OPENSSL_STRING_value(conf_args, i);
1451 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1452 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1453 /* If not recognised use server context */
1454 if (rv == -2) {
1455 rv = SSL_CONF_cmd(s_cctx2, arg, argn);
1456 if (rv > 0)
1457 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1458 }
1459 if (rv <= 0) {
1460 BIO_printf(bio_err, "Error processing %s %s\n",
1461 arg, argn ? argn : "");
1462 ERR_print_errors(bio_err);
1463 goto end;
1464 }
1465 }
1466
1467 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx) || !SSL_CONF_CTX_finish(s_cctx2)) {
1468 BIO_puts(bio_err, "Error finishing context\n");
1469 ERR_print_errors(bio_err);
1470 goto end;
1471 }
1472 #ifndef OPENSSL_NO_DH
1473 if (!no_dhe) {
1474 if (dhe1024dsa) {
1475 dh = get_dh1024dsa();
1476 } else if (dhe512)
1477 dh = get_dh512();
1478 else
1479 dh = get_dh1024();
1480 SSL_CTX_set_tmp_dh(s_ctx, dh);
1481 SSL_CTX_set_tmp_dh(s_ctx2, dh);
1482 DH_free(dh);
1483 }
1484 #else
1485 (void)no_dhe;
1486 #endif
1487
1488 if (!(SSL_CTX_load_verify_file(s_ctx, CAfile)
1489 || SSL_CTX_load_verify_dir(s_ctx, CApath))
1490 || !SSL_CTX_set_default_verify_paths(s_ctx)
1491 || !(SSL_CTX_load_verify_file(s_ctx2, CAfile)
1492 || SSL_CTX_load_verify_dir(s_ctx2, CApath))
1493 || !SSL_CTX_set_default_verify_paths(s_ctx2)
1494 || !(SSL_CTX_load_verify_file(c_ctx, CAfile)
1495 || SSL_CTX_load_verify_dir(c_ctx, CApath))
1496 || !SSL_CTX_set_default_verify_paths(c_ctx)) {
1497 ERR_print_errors(bio_err);
1498 }
1499
1500 #ifndef OPENSSL_NO_CT
1501 if (!SSL_CTX_set_default_ctlog_list_file(s_ctx) ||
1502 !SSL_CTX_set_default_ctlog_list_file(s_ctx2) ||
1503 !SSL_CTX_set_default_ctlog_list_file(c_ctx)) {
1504 ERR_print_errors(bio_err);
1505 }
1506 #endif
1507
1508 if (client_auth) {
1509 printf("client authentication\n");
1510 SSL_CTX_set_verify(s_ctx,
1511 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1512 verify_callback);
1513 SSL_CTX_set_verify(s_ctx2,
1514 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1515 verify_callback);
1516 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1517 &app_verify_arg);
1518 SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback,
1519 &app_verify_arg);
1520 }
1521 if (server_auth) {
1522 printf("server authentication\n");
1523 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1524 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1525 &app_verify_arg);
1526 }
1527
1528 {
1529 int session_id_context = 0;
1530 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1531 sizeof(session_id_context)) ||
1532 !SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context,
1533 sizeof(session_id_context))) {
1534 ERR_print_errors(bio_err);
1535 goto end;
1536 }
1537 }
1538
1539 /* Use PSK only if PSK key is given */
1540 if (psk_key != NULL) {
1541 /*
1542 * no_psk is used to avoid putting psk command to openssl tool
1543 */
1544 if (no_psk) {
1545 /*
1546 * if PSK is not compiled in and psk key is given, do nothing and
1547 * exit successfully
1548 */
1549 ret = EXIT_SUCCESS;
1550 goto end;
1551 }
1552 #ifndef OPENSSL_NO_PSK
1553 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1554 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1555 SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback);
1556 if (debug)
1557 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1558 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint") ||
1559 !SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) {
1560 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1561 ERR_print_errors(bio_err);
1562 goto end;
1563 }
1564 #endif
1565 }
1566
1567 #ifndef OPENSSL_NO_NEXTPROTONEG
1568 if (npn_client) {
1569 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1570 }
1571 if (npn_server) {
1572 if (npn_server_reject) {
1573 BIO_printf(bio_err,
1574 "Can't have both -npn_server and -npn_server_reject\n");
1575 goto end;
1576 }
1577 SSL_CTX_set_npn_advertised_cb(s_ctx, cb_server_npn, NULL);
1578 SSL_CTX_set_npn_advertised_cb(s_ctx2, cb_server_npn, NULL);
1579 }
1580 if (npn_server_reject) {
1581 SSL_CTX_set_npn_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1582 SSL_CTX_set_npn_advertised_cb(s_ctx2, cb_server_rejects_npn, NULL);
1583 }
1584 #endif
1585
1586 if (serverinfo_sct) {
1587 if (!SSL_CTX_add_client_custom_ext(c_ctx,
1588 TLSEXT_TYPE_signed_certificate_timestamp,
1589 NULL, NULL, NULL,
1590 serverinfo_cli_parse_cb, NULL)) {
1591 BIO_printf(bio_err, "Error adding SCT extension\n");
1592 goto end;
1593 }
1594 }
1595 if (serverinfo_tack) {
1596 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1597 NULL, NULL, NULL,
1598 serverinfo_cli_parse_cb, NULL)) {
1599 BIO_printf(bio_err, "Error adding TACK extension\n");
1600 goto end;
1601 }
1602 }
1603 if (serverinfo_file)
1604 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file) ||
1605 !SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) {
1606 BIO_printf(bio_err, "missing serverinfo file\n");
1607 goto end;
1608 }
1609
1610 if (custom_ext) {
1611 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1612 custom_ext_0_cli_add_cb,
1613 NULL, NULL,
1614 custom_ext_0_cli_parse_cb, NULL)
1615 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1616 custom_ext_1_cli_add_cb,
1617 NULL, NULL,
1618 custom_ext_1_cli_parse_cb, NULL)
1619 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1620 custom_ext_2_cli_add_cb,
1621 NULL, NULL,
1622 custom_ext_2_cli_parse_cb, NULL)
1623 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1624 custom_ext_3_cli_add_cb,
1625 NULL, NULL,
1626 custom_ext_3_cli_parse_cb, NULL)
1627 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1628 custom_ext_0_srv_add_cb,
1629 NULL, NULL,
1630 custom_ext_0_srv_parse_cb, NULL)
1631 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0,
1632 custom_ext_0_srv_add_cb,
1633 NULL, NULL,
1634 custom_ext_0_srv_parse_cb, NULL)
1635 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1636 custom_ext_1_srv_add_cb,
1637 NULL, NULL,
1638 custom_ext_1_srv_parse_cb, NULL)
1639 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1,
1640 custom_ext_1_srv_add_cb,
1641 NULL, NULL,
1642 custom_ext_1_srv_parse_cb, NULL)
1643 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1644 custom_ext_2_srv_add_cb,
1645 NULL, NULL,
1646 custom_ext_2_srv_parse_cb, NULL)
1647 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2,
1648 custom_ext_2_srv_add_cb,
1649 NULL, NULL,
1650 custom_ext_2_srv_parse_cb, NULL)
1651 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1652 custom_ext_3_srv_add_cb,
1653 NULL, NULL,
1654 custom_ext_3_srv_parse_cb, NULL)
1655 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3,
1656 custom_ext_3_srv_add_cb,
1657 NULL, NULL,
1658 custom_ext_3_srv_parse_cb, NULL)) {
1659 BIO_printf(bio_err, "Error setting custom extensions\n");
1660 goto end;
1661 }
1662 }
1663
1664 if (alpn_server)
1665 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server);
1666 if (alpn_server2)
1667 SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2);
1668
1669 if (alpn_client) {
1670 size_t alpn_len;
1671 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1672
1673 if (alpn == NULL) {
1674 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1675 goto end;
1676 }
1677 /* Returns 0 on success!! */
1678 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
1679 BIO_printf(bio_err, "Error setting ALPN\n");
1680 OPENSSL_free(alpn);
1681 goto end;
1682 }
1683 OPENSSL_free(alpn);
1684 }
1685
1686 if (server_sess_in != NULL) {
1687 server_sess = read_session(server_sess_in);
1688 if (server_sess == NULL)
1689 goto end;
1690 }
1691 if (client_sess_in != NULL) {
1692 client_sess = read_session(client_sess_in);
1693 if (client_sess == NULL)
1694 goto end;
1695 }
1696
1697 if (server_sess_out != NULL || server_sess_in != NULL) {
1698 char *keys;
1699 long size;
1700
1701 /* Use a fixed key so that we can decrypt the ticket. */
1702 size = SSL_CTX_set_tlsext_ticket_keys(s_ctx, NULL, 0);
1703 keys = OPENSSL_zalloc(size);
1704 SSL_CTX_set_tlsext_ticket_keys(s_ctx, keys, size);
1705 OPENSSL_free(keys);
1706 }
1707
1708 if (sn_server1 != NULL || sn_server2 != NULL)
1709 SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
1710
1711 c_ssl = SSL_new(c_ctx);
1712 s_ssl = SSL_new(s_ctx);
1713
1714 if (sn_client)
1715 SSL_set_tlsext_host_name(c_ssl, sn_client);
1716
1717 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1718 goto end;
1719 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1720 goto end;
1721 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1722 goto end;
1723 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1724 goto end;
1725
1726 if (server_sess) {
1727 if (SSL_CTX_add_session(s_ctx, server_sess) == 0) {
1728 BIO_printf(bio_err, "Can't add server session\n");
1729 ERR_print_errors(bio_err);
1730 goto end;
1731 }
1732 }
1733
1734 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
1735 for (i = 0; i < number; i++) {
1736 if (!reuse) {
1737 if (!SSL_set_session(c_ssl, NULL)) {
1738 BIO_printf(bio_err, "Failed to set session\n");
1739 goto end;
1740 }
1741 }
1742 if (client_sess_in != NULL) {
1743 if (SSL_set_session(c_ssl, client_sess) == 0) {
1744 BIO_printf(bio_err, "Can't set client session\n");
1745 ERR_print_errors(bio_err);
1746 goto end;
1747 }
1748 }
1749 switch (bio_type) {
1750 case BIO_MEM:
1751 ret = doit(s_ssl, c_ssl, bytes);
1752 break;
1753 case BIO_PAIR:
1754 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1755 break;
1756 #ifndef OPENSSL_NO_SOCK
1757 case BIO_IPV4:
1758 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV4,
1759 bytes, &s_time, &c_time);
1760 break;
1761 case BIO_IPV6:
1762 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV6,
1763 bytes, &s_time, &c_time);
1764 break;
1765 #else
1766 case BIO_IPV4:
1767 case BIO_IPV6:
1768 ret = EXIT_FAILURE;
1769 goto err;
1770 #endif
1771 }
1772 if (ret != EXIT_SUCCESS) break;
1773 }
1774
1775 if (should_negotiate && ret == EXIT_SUCCESS &&
1776 strcmp(should_negotiate, "fail-server") != 0 &&
1777 strcmp(should_negotiate, "fail-client") != 0) {
1778 int version = protocol_from_string(should_negotiate);
1779 if (version < 0) {
1780 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate);
1781 ret = EXIT_FAILURE;
1782 goto err;
1783 }
1784 if (SSL_version(c_ssl) != version) {
1785 BIO_printf(bio_err, "Unexpected version negotiated. "
1786 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl));
1787 ret = EXIT_FAILURE;
1788 goto err;
1789 }
1790 }
1791
1792 if (should_reuse != -1) {
1793 if (SSL_session_reused(s_ssl) != should_reuse ||
1794 SSL_session_reused(c_ssl) != should_reuse) {
1795 BIO_printf(bio_err, "Unexpected session reuse state. "
1796 "Expected: %d, server: %d, client: %d\n", should_reuse,
1797 SSL_session_reused(s_ssl), SSL_session_reused(c_ssl));
1798 ret = EXIT_FAILURE;
1799 goto err;
1800 }
1801 }
1802
1803 if (server_sess_out != NULL) {
1804 if (write_session(server_sess_out, SSL_get_session(s_ssl)) == 0) {
1805 ret = EXIT_FAILURE;
1806 goto err;
1807 }
1808 }
1809 if (client_sess_out != NULL) {
1810 if (write_session(client_sess_out, SSL_get_session(c_ssl)) == 0) {
1811 ret = EXIT_FAILURE;
1812 goto err;
1813 }
1814 }
1815
1816 if (!verbose) {
1817 print_details(c_ssl, "");
1818 }
1819 if (print_time) {
1820 #ifdef CLOCKS_PER_SEC
1821 /*
1822 * "To determine the time in seconds, the value returned by the clock
1823 * function should be divided by the value of the macro
1824 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1825 */
1826 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1827 "Approximate total client time: %6.2f s\n",
1828 (double)s_time / CLOCKS_PER_SEC,
1829 (double)c_time / CLOCKS_PER_SEC);
1830 #else
1831 BIO_printf(bio_stdout,
1832 "Approximate total server time: %6.2f units\n"
1833 "Approximate total client time: %6.2f units\n",
1834 (double)s_time, (double)c_time);
1835 #endif
1836 }
1837
1838 err:
1839 SSL_free(s_ssl);
1840 SSL_free(c_ssl);
1841
1842 end:
1843 SSL_CTX_free(s_ctx);
1844 SSL_CTX_free(s_ctx2);
1845 SSL_CTX_free(c_ctx);
1846 SSL_CONF_CTX_free(s_cctx);
1847 SSL_CONF_CTX_free(s_cctx2);
1848 SSL_CONF_CTX_free(c_cctx);
1849 sk_OPENSSL_STRING_free(conf_args);
1850
1851 BIO_free(bio_stdout);
1852
1853 SSL_SESSION_free(server_sess);
1854 SSL_SESSION_free(client_sess);
1855
1856 BIO_free(bio_err);
1857 EXIT(ret);
1858 }
1859
1860 #ifndef OPENSSL_NO_SOCK
1861 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
1862 clock_t *s_time, clock_t *c_time)
1863 {
1864 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1865 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1866 BIO *acpt = NULL, *server = NULL, *client = NULL;
1867 char addr_str[40];
1868 int ret = EXIT_FAILURE;
1869 int err_in_client = 0;
1870 int err_in_server = 0;
1871
1872 acpt = BIO_new_accept(family == BIO_FAMILY_IPV4 ? "127.0.0.1:0"
1873 : "[::1]:0");
1874 if (acpt == NULL)
1875 goto err;
1876 BIO_set_accept_ip_family(acpt, family);
1877 BIO_set_bind_mode(acpt, BIO_SOCK_NONBLOCK | BIO_SOCK_REUSEADDR);
1878 if (BIO_do_accept(acpt) <= 0)
1879 goto err;
1880
1881 BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt));
1882
1883 client = BIO_new_connect(addr_str);
1884 BIO_set_conn_ip_family(client, family);
1885 if (!client)
1886 goto err;
1887
1888 if (BIO_set_nbio(client, 1) <= 0)
1889 goto err;
1890 if (BIO_set_nbio(acpt, 1) <= 0)
1891 goto err;
1892
1893 {
1894 int st_connect = 0, st_accept = 0;
1895
1896 while(!st_connect || !st_accept) {
1897 if (!st_connect) {
1898 if (BIO_do_connect(client) <= 0) {
1899 if (!BIO_should_retry(client))
1900 goto err;
1901 } else {
1902 st_connect = 1;
1903 }
1904 }
1905 if (!st_accept) {
1906 if (BIO_do_accept(acpt) <= 0) {
1907 if (!BIO_should_retry(acpt))
1908 goto err;
1909 } else {
1910 st_accept = 1;
1911 }
1912 }
1913 }
1914 }
1915 /* We're not interested in accepting further connects */
1916 server = BIO_pop(acpt);
1917 BIO_free_all(acpt);
1918 acpt = NULL;
1919
1920 s_ssl_bio = BIO_new(BIO_f_ssl());
1921 if (!s_ssl_bio)
1922 goto err;
1923
1924 c_ssl_bio = BIO_new(BIO_f_ssl());
1925 if (!c_ssl_bio)
1926 goto err;
1927
1928 SSL_set_connect_state(c_ssl);
1929 SSL_set_bio(c_ssl, client, client);
1930 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1931
1932 SSL_set_accept_state(s_ssl);
1933 SSL_set_bio(s_ssl, server, server);
1934 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1935
1936 do {
1937 /*-
1938 * c_ssl_bio: SSL filter BIO
1939 *
1940 * client: I/O for SSL library
1941 *
1942 *
1943 * server: I/O for SSL library
1944 *
1945 * s_ssl_bio: SSL filter BIO
1946 */
1947
1948 /*
1949 * We have non-blocking behaviour throughout this test program, but
1950 * can be sure that there is *some* progress in each iteration; so we
1951 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1952 * we just try everything in each iteration
1953 */
1954
1955 {
1956 /* CLIENT */
1957
1958 char cbuf[1024 * 8];
1959 int i, r;
1960 clock_t c_clock = clock();
1961
1962 memset(cbuf, 0, sizeof(cbuf));
1963
1964 if (debug)
1965 if (SSL_in_init(c_ssl))
1966 printf("client waiting in SSL_connect - %s\n",
1967 SSL_state_string_long(c_ssl));
1968
1969 if (cw_num > 0) {
1970 /* Write to server. */
1971
1972 if (cw_num > (long)sizeof(cbuf))
1973 i = sizeof(cbuf);
1974 else
1975 i = (int)cw_num;
1976 r = BIO_write(c_ssl_bio, cbuf, i);
1977 if (r < 0) {
1978 if (!BIO_should_retry(c_ssl_bio)) {
1979 fprintf(stderr, "ERROR in CLIENT\n");
1980 err_in_client = 1;
1981 goto err;
1982 }
1983 /*
1984 * BIO_should_retry(...) can just be ignored here. The
1985 * library expects us to call BIO_write with the same
1986 * arguments again, and that's what we will do in the
1987 * next iteration.
1988 */
1989 } else if (r == 0) {
1990 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1991 goto err;
1992 } else {
1993 if (debug)
1994 printf("client wrote %d\n", r);
1995 cw_num -= r;
1996 }
1997 }
1998
1999 if (cr_num > 0) {
2000 /* Read from server. */
2001
2002 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2003 if (r < 0) {
2004 if (!BIO_should_retry(c_ssl_bio)) {
2005 fprintf(stderr, "ERROR in CLIENT\n");
2006 err_in_client = 1;
2007 goto err;
2008 }
2009 /*
2010 * Again, "BIO_should_retry" can be ignored.
2011 */
2012 } else if (r == 0) {
2013 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2014 goto err;
2015 } else {
2016 if (debug)
2017 printf("client read %d\n", r);
2018 cr_num -= r;
2019 }
2020 }
2021
2022 /*
2023 * c_time and s_time increments will typically be very small
2024 * (depending on machine speed and clock tick intervals), but
2025 * sampling over a large number of connections should result in
2026 * fairly accurate figures. We cannot guarantee a lot, however
2027 * -- if each connection lasts for exactly one clock tick, it
2028 * will be counted only for the client or only for the server or
2029 * even not at all.
2030 */
2031 *c_time += (clock() - c_clock);
2032 }
2033
2034 {
2035 /* SERVER */
2036
2037 char sbuf[1024 * 8];
2038 int i, r;
2039 clock_t s_clock = clock();
2040
2041 memset(sbuf, 0, sizeof(sbuf));
2042
2043 if (debug)
2044 if (SSL_in_init(s_ssl))
2045 printf("server waiting in SSL_accept - %s\n",
2046 SSL_state_string_long(s_ssl));
2047
2048 if (sw_num > 0) {
2049 /* Write to client. */
2050
2051 if (sw_num > (long)sizeof(sbuf))
2052 i = sizeof(sbuf);
2053 else
2054 i = (int)sw_num;
2055 r = BIO_write(s_ssl_bio, sbuf, i);
2056 if (r < 0) {
2057 if (!BIO_should_retry(s_ssl_bio)) {
2058 fprintf(stderr, "ERROR in SERVER\n");
2059 err_in_server = 1;
2060 goto err;
2061 }
2062 /* Ignore "BIO_should_retry". */
2063 } else if (r == 0) {
2064 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2065 goto err;
2066 } else {
2067 if (debug)
2068 printf("server wrote %d\n", r);
2069 sw_num -= r;
2070 }
2071 }
2072
2073 if (sr_num > 0) {
2074 /* Read from client. */
2075
2076 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2077 if (r < 0) {
2078 if (!BIO_should_retry(s_ssl_bio)) {
2079 fprintf(stderr, "ERROR in SERVER\n");
2080 err_in_server = 1;
2081 goto err;
2082 }
2083 /* blah, blah */
2084 } else if (r == 0) {
2085 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2086 goto err;
2087 } else {
2088 if (debug)
2089 printf("server read %d\n", r);
2090 sr_num -= r;
2091 }
2092 }
2093
2094 *s_time += (clock() - s_clock);
2095 }
2096 }
2097 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2098
2099 if (verbose)
2100 print_details(c_ssl, "DONE via TCP connect: ");
2101 # ifndef OPENSSL_NO_NEXTPROTONEG
2102 if (verify_npn(c_ssl, s_ssl) < 0)
2103 goto end;
2104 # endif
2105 if (verify_serverinfo() < 0) {
2106 fprintf(stderr, "Server info verify error\n");
2107 goto err;
2108 }
2109 if (verify_alpn(c_ssl, s_ssl) < 0
2110 || verify_servername(c_ssl, s_ssl) < 0)
2111 goto err;
2112
2113 if (custom_ext_error) {
2114 fprintf(stderr, "Custom extension error\n");
2115 goto err;
2116 }
2117
2118 # ifndef OPENSSL_NO_NEXTPROTONEG
2119 end:
2120 # endif
2121 ret = EXIT_SUCCESS;
2122
2123 err:
2124 ERR_print_errors(bio_err);
2125
2126 BIO_free_all(acpt);
2127 BIO_free(server);
2128 BIO_free(client);
2129 BIO_free(s_ssl_bio);
2130 BIO_free(c_ssl_bio);
2131
2132 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2133 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2134 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2135 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2136
2137 return ret;
2138 }
2139 #endif
2140
2141 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
2142 clock_t *s_time, clock_t *c_time)
2143 {
2144 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
2145 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
2146 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
2147 int ret = EXIT_FAILURE;
2148 int err_in_client = 0;
2149 int err_in_server = 0;
2150
2151 size_t bufsiz = 256; /* small buffer for testing */
2152
2153 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
2154 goto err;
2155 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
2156 goto err;
2157
2158 s_ssl_bio = BIO_new(BIO_f_ssl());
2159 if (!s_ssl_bio)
2160 goto err;
2161
2162 c_ssl_bio = BIO_new(BIO_f_ssl());
2163 if (!c_ssl_bio)
2164 goto err;
2165
2166 SSL_set_connect_state(c_ssl);
2167 SSL_set_bio(c_ssl, client, client);
2168 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2169
2170 SSL_set_accept_state(s_ssl);
2171 SSL_set_bio(s_ssl, server, server);
2172 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2173
2174 do {
2175 /*-
2176 * c_ssl_bio: SSL filter BIO
2177 *
2178 * client: pseudo-I/O for SSL library
2179 *
2180 * client_io: client's SSL communication; usually to be
2181 * relayed over some I/O facility, but in this
2182 * test program, we're the server, too:
2183 *
2184 * server_io: server's SSL communication
2185 *
2186 * server: pseudo-I/O for SSL library
2187 *
2188 * s_ssl_bio: SSL filter BIO
2189 *
2190 * The client and the server each employ a "BIO pair":
2191 * client + client_io, server + server_io.
2192 * BIO pairs are symmetric. A BIO pair behaves similar
2193 * to a non-blocking socketpair (but both endpoints must
2194 * be handled by the same thread).
2195 * [Here we could connect client and server to the ends
2196 * of a single BIO pair, but then this code would be less
2197 * suitable as an example for BIO pairs in general.]
2198 *
2199 * Useful functions for querying the state of BIO pair endpoints:
2200 *
2201 * BIO_ctrl_pending(bio) number of bytes we can read now
2202 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfill
2203 * other side's read attempt
2204 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
2205 *
2206 * ..._read_request is never more than ..._write_guarantee;
2207 * it depends on the application which one you should use.
2208 */
2209
2210 /*
2211 * We have non-blocking behaviour throughout this test program, but
2212 * can be sure that there is *some* progress in each iteration; so we
2213 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2214 * we just try everything in each iteration
2215 */
2216
2217 {
2218 /* CLIENT */
2219
2220 char cbuf[1024 * 8];
2221 int i, r;
2222 clock_t c_clock = clock();
2223
2224 memset(cbuf, 0, sizeof(cbuf));
2225
2226 if (debug)
2227 if (SSL_in_init(c_ssl))
2228 printf("client waiting in SSL_connect - %s\n",
2229 SSL_state_string_long(c_ssl));
2230
2231 if (cw_num > 0) {
2232 /* Write to server. */
2233
2234 if (cw_num > (long)sizeof(cbuf))
2235 i = sizeof(cbuf);
2236 else
2237 i = (int)cw_num;
2238 r = BIO_write(c_ssl_bio, cbuf, i);
2239 if (r < 0) {
2240 if (!BIO_should_retry(c_ssl_bio)) {
2241 fprintf(stderr, "ERROR in CLIENT\n");
2242 err_in_client = 1;
2243 goto err;
2244 }
2245 /*
2246 * BIO_should_retry(...) can just be ignored here. The
2247 * library expects us to call BIO_write with the same
2248 * arguments again, and that's what we will do in the
2249 * next iteration.
2250 */
2251 } else if (r == 0) {
2252 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2253 goto err;
2254 } else {
2255 if (debug)
2256 printf("client wrote %d\n", r);
2257 cw_num -= r;
2258 }
2259 }
2260
2261 if (cr_num > 0) {
2262 /* Read from server. */
2263
2264 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2265 if (r < 0) {
2266 if (!BIO_should_retry(c_ssl_bio)) {
2267 fprintf(stderr, "ERROR in CLIENT\n");
2268 err_in_client = 1;
2269 goto err;
2270 }
2271 /*
2272 * Again, "BIO_should_retry" can be ignored.
2273 */
2274 } else if (r == 0) {
2275 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2276 goto err;
2277 } else {
2278 if (debug)
2279 printf("client read %d\n", r);
2280 cr_num -= r;
2281 }
2282 }
2283
2284 /*
2285 * c_time and s_time increments will typically be very small
2286 * (depending on machine speed and clock tick intervals), but
2287 * sampling over a large number of connections should result in
2288 * fairly accurate figures. We cannot guarantee a lot, however
2289 * -- if each connection lasts for exactly one clock tick, it
2290 * will be counted only for the client or only for the server or
2291 * even not at all.
2292 */
2293 *c_time += (clock() - c_clock);
2294 }
2295
2296 {
2297 /* SERVER */
2298
2299 char sbuf[1024 * 8];
2300 int i, r;
2301 clock_t s_clock = clock();
2302
2303 memset(sbuf, 0, sizeof(sbuf));
2304
2305 if (debug)
2306 if (SSL_in_init(s_ssl))
2307 printf("server waiting in SSL_accept - %s\n",
2308 SSL_state_string_long(s_ssl));
2309
2310 if (sw_num > 0) {
2311 /* Write to client. */
2312
2313 if (sw_num > (long)sizeof(sbuf))
2314 i = sizeof(sbuf);
2315 else
2316 i = (int)sw_num;
2317 r = BIO_write(s_ssl_bio, sbuf, i);
2318 if (r < 0) {
2319 if (!BIO_should_retry(s_ssl_bio)) {
2320 fprintf(stderr, "ERROR in SERVER\n");
2321 err_in_server = 1;
2322 goto err;
2323 }
2324 /* Ignore "BIO_should_retry". */
2325 } else if (r == 0) {
2326 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2327 goto err;
2328 } else {
2329 if (debug)
2330 printf("server wrote %d\n", r);
2331 sw_num -= r;
2332 }
2333 }
2334
2335 if (sr_num > 0) {
2336 /* Read from client. */
2337
2338 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2339 if (r < 0) {
2340 if (!BIO_should_retry(s_ssl_bio)) {
2341 fprintf(stderr, "ERROR in SERVER\n");
2342 err_in_server = 1;
2343 goto err;
2344 }
2345 /* blah, blah */
2346 } else if (r == 0) {
2347 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2348 goto err;
2349 } else {
2350 if (debug)
2351 printf("server read %d\n", r);
2352 sr_num -= r;
2353 }
2354 }
2355
2356 *s_time += (clock() - s_clock);
2357 }
2358
2359 {
2360 /* "I/O" BETWEEN CLIENT AND SERVER. */
2361
2362 size_t r1, r2;
2363 BIO *io1 = server_io, *io2 = client_io;
2364 /*
2365 * we use the non-copying interface for io1 and the standard
2366 * BIO_write/BIO_read interface for io2
2367 */
2368
2369 static int prev_progress = 1;
2370 int progress = 0;
2371
2372 /* io1 to io2 */
2373 do {
2374 size_t num;
2375 int r;
2376
2377 r1 = BIO_ctrl_pending(io1);
2378 r2 = BIO_ctrl_get_write_guarantee(io2);
2379
2380 num = r1;
2381 if (r2 < num)
2382 num = r2;
2383 if (num) {
2384 char *dataptr;
2385
2386 if (INT_MAX < num) /* yeah, right */
2387 num = INT_MAX;
2388
2389 r = BIO_nread(io1, &dataptr, (int)num);
2390 assert(r > 0);
2391 assert(r <= (int)num);
2392 /*
2393 * possibly r < num (non-contiguous data)
2394 */
2395 num = r;
2396 r = BIO_write(io2, dataptr, (int)num);
2397 if (r != (int)num) { /* can't happen */
2398 fprintf(stderr, "ERROR: BIO_write could not write "
2399 "BIO_ctrl_get_write_guarantee() bytes");
2400 goto err;
2401 }
2402 progress = 1;
2403
2404 if (debug)
2405 printf((io1 == client_io) ?
2406 "C->S relaying: %d bytes\n" :
2407 "S->C relaying: %d bytes\n", (int)num);
2408 }
2409 }
2410 while (r1 && r2);
2411
2412 /* io2 to io1 */
2413 {
2414 size_t num;
2415 int r;
2416
2417 r1 = BIO_ctrl_pending(io2);
2418 r2 = BIO_ctrl_get_read_request(io1);
2419 /*
2420 * here we could use ..._get_write_guarantee instead of
2421 * ..._get_read_request, but by using the latter we test
2422 * restartability of the SSL implementation more thoroughly
2423 */
2424 num = r1;
2425 if (r2 < num)
2426 num = r2;
2427 if (num) {
2428 char *dataptr;
2429
2430 if (INT_MAX < num)
2431 num = INT_MAX;
2432
2433 if (num > 1)
2434 --num; /* test restartability even more thoroughly */
2435
2436 r = BIO_nwrite0(io1, &dataptr);
2437 assert(r > 0);
2438 if (r < (int)num)
2439 num = r;
2440 r = BIO_read(io2, dataptr, (int)num);
2441 if (r != (int)num) { /* can't happen */
2442 fprintf(stderr, "ERROR: BIO_read could not read "
2443 "BIO_ctrl_pending() bytes");
2444 goto err;
2445 }
2446 progress = 1;
2447 r = BIO_nwrite(io1, &dataptr, (int)num);
2448 if (r != (int)num) { /* can't happen */
2449 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2450 "BIO_nwrite0() bytes");
2451 goto err;
2452 }
2453
2454 if (debug)
2455 printf((io2 == client_io) ?
2456 "C->S relaying: %d bytes\n" :
2457 "S->C relaying: %d bytes\n", (int)num);
2458 }
2459 } /* no loop, BIO_ctrl_get_read_request now
2460 * returns 0 anyway */
2461
2462 if (!progress && !prev_progress)
2463 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2464 fprintf(stderr, "ERROR: got stuck\n");
2465 fprintf(stderr, " ERROR.\n");
2466 goto err;
2467 }
2468 prev_progress = progress;
2469 }
2470 }
2471 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2472
2473 if (verbose)
2474 print_details(c_ssl, "DONE via BIO pair: ");
2475 #ifndef OPENSSL_NO_NEXTPROTONEG
2476 if (verify_npn(c_ssl, s_ssl) < 0)
2477 goto end;
2478 #endif
2479 if (verify_serverinfo() < 0) {
2480 fprintf(stderr, "Server info verify error\n");
2481 goto err;
2482 }
2483 if (verify_alpn(c_ssl, s_ssl) < 0
2484 || verify_servername(c_ssl, s_ssl) < 0)
2485 goto err;
2486
2487 if (custom_ext_error) {
2488 fprintf(stderr, "Custom extension error\n");
2489 goto err;
2490 }
2491
2492 #ifndef OPENSSL_NO_NEXTPROTONEG
2493 end:
2494 #endif
2495 ret = EXIT_SUCCESS;
2496
2497 err:
2498 ERR_print_errors(bio_err);
2499
2500 BIO_free(server);
2501 BIO_free(server_io);
2502 BIO_free(client);
2503 BIO_free(client_io);
2504 BIO_free(s_ssl_bio);
2505 BIO_free(c_ssl_bio);
2506
2507 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2508 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2509 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2510 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2511
2512 return ret;
2513 }
2514
2515 #define W_READ 1
2516 #define W_WRITE 2
2517 #define C_DONE 1
2518 #define S_DONE 2
2519
2520 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2521 {
2522 char *cbuf = NULL, *sbuf = NULL;
2523 long bufsiz;
2524 long cw_num = count, cr_num = count;
2525 long sw_num = count, sr_num = count;
2526 int ret = EXIT_FAILURE;
2527 BIO *c_to_s = NULL;
2528 BIO *s_to_c = NULL;
2529 BIO *c_bio = NULL;
2530 BIO *s_bio = NULL;
2531 int c_r, c_w, s_r, s_w;
2532 int i, j;
2533 int done = 0;
2534 int c_write, s_write;
2535 int do_server = 0, do_client = 0;
2536 int max_frag = 5 * 1024;
2537 int err_in_client = 0;
2538 int err_in_server = 0;
2539
2540 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2541
2542 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2543 goto err;
2544 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2545 goto err;
2546
2547 c_to_s = BIO_new(BIO_s_mem());
2548 s_to_c = BIO_new(BIO_s_mem());
2549 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2550 ERR_print_errors(bio_err);
2551 goto err;
2552 }
2553
2554 c_bio = BIO_new(BIO_f_ssl());
2555 s_bio = BIO_new(BIO_f_ssl());
2556 if ((c_bio == NULL) || (s_bio == NULL)) {
2557 ERR_print_errors(bio_err);
2558 goto err;
2559 }
2560
2561 SSL_set_connect_state(c_ssl);
2562 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2563 SSL_set_max_send_fragment(c_ssl, max_frag);
2564 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2565
2566 /*
2567 * We've just given our ref to these BIOs to c_ssl. We need another one to
2568 * give to s_ssl
2569 */
2570 if (!BIO_up_ref(c_to_s)) {
2571 /* c_to_s and s_to_c will get freed when we free c_ssl */
2572 c_to_s = NULL;
2573 s_to_c = NULL;
2574 goto err;
2575 }
2576 if (!BIO_up_ref(s_to_c)) {
2577 /* s_to_c will get freed when we free c_ssl */
2578 s_to_c = NULL;
2579 goto err;
2580 }
2581
2582 SSL_set_accept_state(s_ssl);
2583 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2584
2585 /* We've used up all our refs to these now */
2586 c_to_s = NULL;
2587 s_to_c = NULL;
2588
2589 SSL_set_max_send_fragment(s_ssl, max_frag);
2590 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2591
2592 c_r = 0;
2593 s_r = 1;
2594 c_w = 1;
2595 s_w = 0;
2596 c_write = 1, s_write = 0;
2597
2598 /* We can always do writes */
2599 for (;;) {
2600 do_server = 0;
2601 do_client = 0;
2602
2603 i = (int)BIO_pending(s_bio);
2604 if ((i && s_r) || s_w)
2605 do_server = 1;
2606
2607 i = (int)BIO_pending(c_bio);
2608 if ((i && c_r) || c_w)
2609 do_client = 1;
2610
2611 if (do_server && debug) {
2612 if (SSL_in_init(s_ssl))
2613 printf("server waiting in SSL_accept - %s\n",
2614 SSL_state_string_long(s_ssl));
2615 }
2616
2617 if (do_client && debug) {
2618 if (SSL_in_init(c_ssl))
2619 printf("client waiting in SSL_connect - %s\n",
2620 SSL_state_string_long(c_ssl));
2621 }
2622
2623 if (!do_client && !do_server) {
2624 fprintf(stdout, "ERROR IN STARTUP\n");
2625 ERR_print_errors(bio_err);
2626 goto err;
2627 }
2628 if (do_client && !(done & C_DONE)) {
2629 if (c_write) {
2630 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2631 i = BIO_write(c_bio, cbuf, j);
2632 if (i < 0) {
2633 c_r = 0;
2634 c_w = 0;
2635 if (BIO_should_retry(c_bio)) {
2636 if (BIO_should_read(c_bio))
2637 c_r = 1;
2638 if (BIO_should_write(c_bio))
2639 c_w = 1;
2640 } else {
2641 fprintf(stderr, "ERROR in CLIENT\n");
2642 err_in_client = 1;
2643 ERR_print_errors(bio_err);
2644 goto err;
2645 }
2646 } else if (i == 0) {
2647 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2648 goto err;
2649 } else {
2650 if (debug)
2651 printf("client wrote %d\n", i);
2652 /* ok */
2653 s_r = 1;
2654 c_write = 0;
2655 cw_num -= i;
2656 if (max_frag > 1029)
2657 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2658 }
2659 } else {
2660 i = BIO_read(c_bio, cbuf, bufsiz);
2661 if (i < 0) {
2662 c_r = 0;
2663 c_w = 0;
2664 if (BIO_should_retry(c_bio)) {
2665 if (BIO_should_read(c_bio))
2666 c_r = 1;
2667 if (BIO_should_write(c_bio))
2668 c_w = 1;
2669 } else {
2670 fprintf(stderr, "ERROR in CLIENT\n");
2671 err_in_client = 1;
2672 ERR_print_errors(bio_err);
2673 goto err;
2674 }
2675 } else if (i == 0) {
2676 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2677 goto err;
2678 } else {
2679 if (debug)
2680 printf("client read %d\n", i);
2681 cr_num -= i;
2682 if (sw_num > 0) {
2683 s_write = 1;
2684 s_w = 1;
2685 }
2686 if (cr_num <= 0) {
2687 s_write = 1;
2688 s_w = 1;
2689 done = S_DONE | C_DONE;
2690 }
2691 }
2692 }
2693 }
2694
2695 if (do_server && !(done & S_DONE)) {
2696 if (!s_write) {
2697 i = BIO_read(s_bio, sbuf, bufsiz);
2698 if (i < 0) {
2699 s_r = 0;
2700 s_w = 0;
2701 if (BIO_should_retry(s_bio)) {
2702 if (BIO_should_read(s_bio))
2703 s_r = 1;
2704 if (BIO_should_write(s_bio))
2705 s_w = 1;
2706 } else {
2707 fprintf(stderr, "ERROR in SERVER\n");
2708 err_in_server = 1;
2709 ERR_print_errors(bio_err);
2710 goto err;
2711 }
2712 } else if (i == 0) {
2713 ERR_print_errors(bio_err);
2714 fprintf(stderr,
2715 "SSL SERVER STARTUP FAILED in SSL_read\n");
2716 goto err;
2717 } else {
2718 if (debug)
2719 printf("server read %d\n", i);
2720 sr_num -= i;
2721 if (cw_num > 0) {
2722 c_write = 1;
2723 c_w = 1;
2724 }
2725 if (sr_num <= 0) {
2726 s_write = 1;
2727 s_w = 1;
2728 c_write = 0;
2729 }
2730 }
2731 } else {
2732 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2733 i = BIO_write(s_bio, sbuf, j);
2734 if (i < 0) {
2735 s_r = 0;
2736 s_w = 0;
2737 if (BIO_should_retry(s_bio)) {
2738 if (BIO_should_read(s_bio))
2739 s_r = 1;
2740 if (BIO_should_write(s_bio))
2741 s_w = 1;
2742 } else {
2743 fprintf(stderr, "ERROR in SERVER\n");
2744 err_in_server = 1;
2745 ERR_print_errors(bio_err);
2746 goto err;
2747 }
2748 } else if (i == 0) {
2749 ERR_print_errors(bio_err);
2750 fprintf(stderr,
2751 "SSL SERVER STARTUP FAILED in SSL_write\n");
2752 goto err;
2753 } else {
2754 if (debug)
2755 printf("server wrote %d\n", i);
2756 sw_num -= i;
2757 s_write = 0;
2758 c_r = 1;
2759 if (sw_num <= 0)
2760 done |= S_DONE;
2761 if (max_frag > 1029)
2762 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2763 }
2764 }
2765 }
2766
2767 if ((done & S_DONE) && (done & C_DONE))
2768 break;
2769 }
2770
2771 if (verbose)
2772 print_details(c_ssl, "DONE: ");
2773 #ifndef OPENSSL_NO_NEXTPROTONEG
2774 if (verify_npn(c_ssl, s_ssl) < 0)
2775 goto err;
2776 #endif
2777 if (verify_serverinfo() < 0) {
2778 fprintf(stderr, "Server info verify error\n");
2779 goto err;
2780 }
2781 if (custom_ext_error) {
2782 fprintf(stderr, "Custom extension error\n");
2783 goto err;
2784 }
2785 ret = EXIT_SUCCESS;
2786 err:
2787 BIO_free(c_to_s);
2788 BIO_free(s_to_c);
2789 BIO_free_all(c_bio);
2790 BIO_free_all(s_bio);
2791 OPENSSL_free(cbuf);
2792 OPENSSL_free(sbuf);
2793
2794 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2795 ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2796 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2797 ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE;
2798
2799 return ret;
2800 }
2801
2802 static int verify_callback(int ok, X509_STORE_CTX *ctx)
2803 {
2804 char *s, buf[256];
2805
2806 s = X509_NAME_oneline(X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)),
2807 buf, sizeof(buf));
2808 if (s != NULL) {
2809 if (ok)
2810 printf("depth=%d %s\n", X509_STORE_CTX_get_error_depth(ctx), buf);
2811 else {
2812 fprintf(stderr, "depth=%d error=%d %s\n",
2813 X509_STORE_CTX_get_error_depth(ctx),
2814 X509_STORE_CTX_get_error(ctx), buf);
2815 }
2816 }
2817
2818 if (ok == 0) {
2819 int i = X509_STORE_CTX_get_error(ctx);
2820
2821 switch (i) {
2822 default:
2823 fprintf(stderr, "Error string: %s\n",
2824 X509_verify_cert_error_string(i));
2825 break;
2826 case X509_V_ERR_CERT_NOT_YET_VALID:
2827 case X509_V_ERR_CERT_HAS_EXPIRED:
2828 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2829 ok = 1;
2830 break;
2831 }
2832 }
2833
2834 return ok;
2835 }
2836
2837 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2838 {
2839 int ok = 1;
2840 struct app_verify_arg *cb_arg = arg;
2841
2842 if (cb_arg->app_verify) {
2843 char *s = NULL, buf[256];
2844 X509 *c = X509_STORE_CTX_get0_cert(ctx);
2845
2846 printf("In app_verify_callback, allowing cert. ");
2847 printf("Arg is: %s\n", cb_arg->string);
2848 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2849 (void *)ctx, (void *)c);
2850 if (c)
2851 s = X509_NAME_oneline(X509_get_subject_name(c), buf, 256);
2852 if (s != NULL) {
2853 printf("cert depth=%d %s\n",
2854 X509_STORE_CTX_get_error_depth(ctx), buf);
2855 }
2856 return 1;
2857 }
2858
2859 ok = X509_verify_cert(ctx);
2860
2861 return ok;
2862 }
2863
2864 #ifndef OPENSSL_NO_DH
2865 /*-
2866 * These DH parameters have been generated as follows:
2867 * $ openssl dhparam -C -noout 512
2868 * $ openssl dhparam -C -noout 1024
2869 * $ openssl dhparam -C -noout -dsaparam 1024
2870 * (The third function has been renamed to avoid name conflicts.)
2871 */
2872 static DH *get_dh512(void)
2873 {
2874 static unsigned char dh512_p[] = {
2875 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2876 0xC6,
2877 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2878 0xB0,
2879 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2880 0x5F,
2881 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2882 0xB8,
2883 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2884 0x33,
2885 0x02, 0xC5, 0xAE, 0x23,
2886 };
2887 static unsigned char dh512_g[] = {
2888 0x02,
2889 };
2890 DH *dh;
2891 BIGNUM *p, *g;
2892
2893 if ((dh = DH_new()) == NULL)
2894 return NULL;
2895 p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2896 g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2897 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
2898 DH_free(dh);
2899 BN_free(p);
2900 BN_free(g);
2901 return NULL;
2902 }
2903 return dh;
2904 }
2905
2906 static DH *get_dh1024(void)
2907 {
2908 static unsigned char dh1024_p[] = {
2909 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
2910 0x3A,
2911 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
2912 0xA2,
2913 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
2914 0xB0,
2915 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
2916 0xC2,
2917 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
2918 0x8C,
2919 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
2920 0xB8,
2921 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
2922 0x52,
2923 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
2924 0xC1,
2925 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
2926 0xB1,
2927 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
2928 0xAB,
2929 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
2930 };
2931 static unsigned char dh1024_g[] = {
2932 0x02,
2933 };
2934 DH *dh;
2935 BIGNUM *p, *g;
2936
2937 if ((dh = DH_new()) == NULL)
2938 return NULL;
2939 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2940 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2941 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
2942 DH_free(dh);
2943 BN_free(p);
2944 BN_free(g);
2945 return NULL;
2946 }
2947 return dh;
2948 }
2949
2950 static DH *get_dh1024dsa(void)
2951 {
2952 static unsigned char dh1024_p[] = {
2953 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
2954 0x00,
2955 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
2956 0x19,
2957 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
2958 0xD2,
2959 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
2960 0x55,
2961 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
2962 0xFC,
2963 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
2964 0x97,
2965 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
2966 0x8D,
2967 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
2968 0xBB,
2969 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
2970 0xF6,
2971 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
2972 0x9E,
2973 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
2974 };
2975 static unsigned char dh1024_g[] = {
2976 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
2977 0x05,
2978 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
2979 0xF3,
2980 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
2981 0xE9,
2982 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
2983 0x3C,
2984 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
2985 0x65,
2986 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
2987 0x60,
2988 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
2989 0xF6,
2990 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
2991 0xA7,
2992 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
2993 0xA1,
2994 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
2995 0x60,
2996 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
2997 };
2998 DH *dh;
2999 BIGNUM *p, *g;
3000
3001 if ((dh = DH_new()) == NULL)
3002 return NULL;
3003 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3004 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3005 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
3006 DH_free(dh);
3007 BN_free(p);
3008 BN_free(g);
3009 return NULL;
3010 }
3011 DH_set_length(dh, 160);
3012 return dh;
3013 }
3014 #endif
3015
3016 #ifndef OPENSSL_NO_PSK
3017 /* convert the PSK key (psk_key) in ascii to binary (psk) */
3018 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3019 unsigned int max_psk_len)
3020 {
3021 int ret;
3022 BIGNUM *bn = NULL;
3023
3024 ret = BN_hex2bn(&bn, pskkey);
3025 if (!ret) {
3026 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3027 pskkey);
3028 BN_free(bn);
3029 return 0;
3030 }
3031 if (BN_num_bytes(bn) > (int)max_psk_len) {
3032 BIO_printf(bio_err,
3033 "psk buffer of callback is too small (%d) for key (%d)\n",
3034 max_psk_len, BN_num_bytes(bn));
3035 BN_free(bn);
3036 return 0;
3037 }
3038 ret = BN_bn2bin(bn, psk);
3039 BN_free(bn);
3040 return ret;
3041 }
3042
3043 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3044 char *identity,
3045 unsigned int max_identity_len,
3046 unsigned char *psk,
3047 unsigned int max_psk_len)
3048 {
3049 int ret;
3050 unsigned int psk_len = 0;
3051
3052 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3053 if (ret < 0)
3054 goto out_err;
3055 if (debug)
3056 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3057 ret);
3058 ret = psk_key2bn(psk_key, psk, max_psk_len);
3059 if (ret < 0)
3060 goto out_err;
3061 psk_len = ret;
3062 out_err:
3063 return psk_len;
3064 }
3065
3066 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3067 unsigned char *psk,
3068 unsigned int max_psk_len)
3069 {
3070 unsigned int psk_len = 0;
3071
3072 if (strcmp(identity, "Client_identity") != 0) {
3073 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3074 return 0;
3075 }
3076 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3077 return psk_len;
3078 }
3079 #endif
A mirror of the official openssl repository