]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/ssltest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Disable some algorithms by default
[thirdparty/openssl.git] / test / ssltest.c
CommitLineData
d02b48c6 1/* ssl/ssltest.c */
58964a49 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6
RE		 3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
0f113f3e 8 *
d02b48c6
RE		 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e 15 *
d02b48c6
RE		 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
0f113f3e 22 *
d02b48c6
RE		 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
0f113f3e 37 * 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6
RE		 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e 40 *
d02b48c6
RE		 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
0f113f3e 52 *
d02b48c6
RE		 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
3ac82faa
BM		 58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
0f113f3e 66 * notice, this list of conditions and the following disclaimer.
3ac82faa
BM		 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
ea262260
BM		 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
0f113f3e 113 * ECC cipher suite support in OpenSSL originally developed by
ea262260
BM		 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
ddac1974
NL		 116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
d02b48c6 142
dbd87ffc
MC		 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */
144#define _BSD_SOURCE 1
f9fd3524 145#define _DEFAULT_SOURCE 1
37289744 146
6f7af152
BM		 147#include <assert.h>
148#include <errno.h>
149#include <limits.h>
d02b48c6
RE		 150#include <stdio.h>
151#include <stdlib.h>
152#include <string.h>
563f1503 153#include <time.h>
17e3dd1c 154
e7a28569 155#define USE_SOCKETS
41d2a336 156#include "e_os.h"
17e3dd1c 157
bc120a54 158#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 159/*
160 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
161 */
162# define _XOPEN_SOURCE 500
bc120a54
DSH		 163#endif
164
a963395a
RL		 165#include <ctype.h>
166
ec577822
BM		 167#include <openssl/bio.h>
168#include <openssl/crypto.h>
563f1503 169#include <openssl/evp.h>
ec577822 170#include <openssl/x509.h>
a7201e9a 171#include <openssl/x509v3.h>
ec577822 172#include <openssl/ssl.h>
0b13e9f0 173#ifndef OPENSSL_NO_ENGINE
0f113f3e 174# include <openssl/engine.h>
0b13e9f0 175#endif
ec577822 176#include <openssl/err.h>
b9d82f47 177#include <openssl/rand.h>
3eeaab4b 178#ifndef OPENSSL_NO_RSA
0f113f3e 179# include <openssl/rsa.h>
3eeaab4b
NL		 180#endif
181#ifndef OPENSSL_NO_DSA
0f113f3e 182# include <openssl/dsa.h>
3eeaab4b
NL		 183#endif
184#ifndef OPENSSL_NO_DH
0f113f3e 185# include <openssl/dh.h>
3eeaab4b 186#endif
edc032b5 187#ifndef OPENSSL_NO_SRP
0f113f3e 188# include <openssl/srp.h>
edc032b5 189#endif
d095b68d 190#include <openssl/bn.h>
09867a47 191
b6ba4014
MC		 192#include "../ssl/ssl_locl.h"
193
dbd87ffc
MC		 194/*
195 * Or gethostname won't be declared properly
196 * on Compaq platforms (at least with DEC C).
197 * Do not try to put it earlier, or IPv6 includes
198 * get screwed...
0f113f3e
MC		 199 */
200#define _XOPEN_SOURCE_EXTENDED 1
09867a47 201
bc36ee62 202#ifdef OPENSSL_SYS_WINDOWS
0f113f3e 203# include <winsock.h>
37289744 204#else
0f113f3e 205# include OPENSSL_UNISTD
d02b48c6
RE		 206#endif
207
0f113f3e 208/*
45ddce21
RS		 209 * There is really no standard for this, so let's assign something
210 * only for this test
0f113f3e 211 */
0f113f3e 212#define COMP_ZLIB 1
23f80f46 213
6d23cf97 214static int verify_callback(int ok, X509_STORE_CTX *ctx);
6d23cf97 215static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
a7201e9a 216#define APP_CALLBACK_STRING "Test Callback Argument"
0f113f3e
MC		 217struct app_verify_arg {
218 char *string;
219 int app_verify;
220 int allow_proxy_certs;
221 char *proxy_auth;
222 char *proxy_cond;
223};
023ec151 224
bc36ee62 225#ifndef OPENSSL_NO_DH
d02b48c6 226static DH *get_dh512(void);
e4589582
BM		 227static DH *get_dh1024(void);
228static DH *get_dh1024dsa(void);
53002dc6
BM		 229#endif
230
0f113f3e 231static char *psk_key = NULL; /* by default PSK is not used */
ddac1974 232#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 233static unsigned int psk_client_callback(SSL *ssl, const char *hint,
234 char *identity,
235 unsigned int max_identity_len,
236 unsigned char *psk,
237 unsigned int max_psk_len);
238static unsigned int psk_server_callback(SSL *ssl, const char *identity,
239 unsigned char *psk,
240 unsigned int max_psk_len);
ddac1974
NL		 241#endif
242
edc032b5
BL		 243#ifndef OPENSSL_NO_SRP
244/* SRP client */
245/* This is a context that we pass to all callbacks */
0f113f3e
MC		 246typedef struct srp_client_arg_st {
247 char *srppassin;
248 char *srplogin;
249} SRP_CLIENT_ARG;
edc032b5 250
0f113f3e 251# define PWD_STRLEN 1024
edc032b5 252
0f113f3e
MC		 253static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
254{
255 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
7644a9ae 256 return OPENSSL_strdup((char *)srp_client_arg->srppassin);
0f113f3e 257}
edc032b5 258
edc032b5
BL		 259/* SRP server */
260/* This is a context that we pass to SRP server callbacks */
0f113f3e
MC		 261typedef struct srp_server_arg_st {
262 char *expected_user;
263 char *pass;
264} SRP_SERVER_ARG;
edc032b5 265
6d23cf97 266static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
0f113f3e
MC		 267{
268 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
269
270 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
271 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
272 return SSL3_AL_FATAL;
273 }
274 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
275 *ad = SSL_AD_INTERNAL_ERROR;
276 return SSL3_AL_FATAL;
277 }
278 return SSL_ERROR_NONE;
279}
280#endif
281
282static BIO *bio_err = NULL;
283static BIO *bio_stdout = NULL;
d02b48c6 284
2911575c 285#ifndef OPENSSL_NO_NEXTPROTONEG
d9a268b9
BL		 286/* Note that this code assumes that this is only a one element list: */
287static const char NEXT_PROTO_STRING[] = "\x09testproto";
df2ee0e2
BL		 288static int npn_client = 0;
289static int npn_server = 0;
290static int npn_server_reject = 0;
d9a268b9 291
0f113f3e
MC		 292static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
293 const unsigned char *in, unsigned int inlen,
294 void *arg)
295{
296 /*
297 * This callback only returns the protocol string, rather than a length
298 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
299 * and remove the first byte to chop off the length prefix.
300 */
301 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
302 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
303 return SSL_TLSEXT_ERR_OK;
304}
305
306static int cb_server_npn(SSL *s, const unsigned char **data,
307 unsigned int *len, void *arg)
308{
309 *data = (const unsigned char *)NEXT_PROTO_STRING;
310 *len = sizeof(NEXT_PROTO_STRING) - 1;
311 return SSL_TLSEXT_ERR_OK;
312}
313
314static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
315 unsigned int *len, void *arg)
316{
317 return SSL_TLSEXT_ERR_NOACK;
318}
d9a268b9
BL		 319
320static int verify_npn(SSL *client, SSL *server)
0f113f3e
MC		 321{
322 const unsigned char *client_s;
323 unsigned client_len;
324 const unsigned char *server_s;
325 unsigned server_len;
326
327 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
328 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
329
330 if (client_len) {
331 BIO_printf(bio_stdout, "Client NPN: ");
332 BIO_write(bio_stdout, client_s, client_len);
333 BIO_printf(bio_stdout, "\n");
334 }
335
336 if (server_len) {
337 BIO_printf(bio_stdout, "Server NPN: ");
338 BIO_write(bio_stdout, server_s, server_len);
339 BIO_printf(bio_stdout, "\n");
340 }
341
342 /*
343 * If an NPN string was returned, it must be the protocol that we
344 * expected to negotiate.
345 */
346 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
347 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
348 return -1;
349 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
350 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
351 return -1;
352
353 if (!npn_client && client_len)
354 return -1;
355 if (!npn_server && server_len)
356 return -1;
357 if (npn_server_reject && server_len)
358 return -1;
359 if (npn_client && npn_server && (!client_len || !server_len))
360 return -1;
361
362 return 0;
363}
d9a268b9
BL		 364#endif
365
a8989362
AL		 366static const char *alpn_client;
367static const char *alpn_server;
368static const char *alpn_expected;
369static unsigned char *alpn_selected;
7946ab33
KR		 370static const char *server_min_proto;
371static const char *server_max_proto;
372static const char *client_min_proto;
373static const char *client_max_proto;
374static const char *should_negotiate;
a8989362 375
3a83462d
MC		 376/*-
377 * next_protos_parse parses a comma separated list of strings into a string
a8989362
AL		 378 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
379 * outlen: (output) set to the length of the resulting buffer on success.
380 * err: (maybe NULL) on failure, an error message line is written to this BIO.
4eadd11c 381 * in: a NUL terminated string like "abc,def,ghi"
a8989362
AL		 382 *
383 * returns: a malloced buffer or NULL on failure.
384 */
0f113f3e
MC		 385static unsigned char *next_protos_parse(unsigned short *outlen,
386 const char *in)
387{
388 size_t len;
389 unsigned char *out;
390 size_t i, start = 0;
391
392 len = strlen(in);
393 if (len >= 65535)
394 return NULL;
395
396 out = OPENSSL_malloc(strlen(in) + 1);
397 if (!out)
398 return NULL;
399
400 for (i = 0; i <= len; ++i) {
401 if (i == len || in[i] == ',') {
402 if (i - start > 255) {
403 OPENSSL_free(out);
404 return NULL;
405 }
406 out[start] = i - start;
407 start = i + 1;
408 } else
409 out[i + 1] = in[i];
410 }
411
412 *outlen = len + 1;
413 return out;
414}
415
416static int cb_server_alpn(SSL *s, const unsigned char **out,
417 unsigned char *outlen, const unsigned char *in,
418 unsigned int inlen, void *arg)
419{
420 unsigned char *protos;
421 unsigned short protos_len;
422
423 protos = next_protos_parse(&protos_len, alpn_server);
424 if (protos == NULL) {
425 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
426 alpn_server);
427 abort();
428 }
429
430 if (SSL_select_next_proto
431 ((unsigned char **)out, outlen, protos, protos_len, in,
432 inlen) != OPENSSL_NPN_NEGOTIATED) {
433 OPENSSL_free(protos);
434 return SSL_TLSEXT_ERR_NOACK;
435 }
436
437 /*
438 * Make a copy of the selected protocol which will be freed in
439 * verify_alpn.
440 */
441 alpn_selected = OPENSSL_malloc(*outlen);
442 memcpy(alpn_selected, *out, *outlen);
443 *out = alpn_selected;
444
445 OPENSSL_free(protos);
446 return SSL_TLSEXT_ERR_OK;
447}
a8989362
AL		 448
449static int verify_alpn(SSL *client, SSL *server)
0f113f3e
MC		 450{
451 const unsigned char *client_proto, *server_proto;
452 unsigned int client_proto_len = 0, server_proto_len = 0;
453 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
454 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
455
b548a1f1
RS		 456 OPENSSL_free(alpn_selected);
457 alpn_selected = NULL;
0f113f3e 458
3003e0a4
AG		 459 if (client_proto_len != server_proto_len) {
460 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
461 goto err;
462 }
463
464 if (client_proto != NULL &&
0f113f3e
MC		 465 memcmp(client_proto, server_proto, client_proto_len) != 0) {
466 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
467 goto err;
468 }
469
470 if (client_proto_len > 0 && alpn_expected == NULL) {
471 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
472 goto err;
473 }
474
475 if (alpn_expected != NULL &&
476 (client_proto_len != strlen(alpn_expected) ||
477 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
478 BIO_printf(bio_stdout,
479 "ALPN selected protocols not equal to expected protocol: %s\n",
480 alpn_expected);
481 goto err;
482 }
483
484 return 0;
485
486 err:
487 BIO_printf(bio_stdout, "ALPN results: client: '");
488 BIO_write(bio_stdout, client_proto, client_proto_len);
489 BIO_printf(bio_stdout, "', server: '");
490 BIO_write(bio_stdout, server_proto, server_proto_len);
491 BIO_printf(bio_stdout, "'\n");
492 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
493 alpn_client, alpn_server);
494 return -1;
495}
a8989362 496
a398f821 497#define SCT_EXT_TYPE 18
9cd50f73 498
0f113f3e
MC		 499/*
500 * WARNING : below extension types are *NOT* IETF assigned, and could
501 * conflict if these types are reassigned and handled specially by OpenSSL
502 * in the future
503 */
a398f821 504#define TACK_EXT_TYPE 62208
9cd50f73
T		 505#define CUSTOM_EXT_TYPE_0 1000
506#define CUSTOM_EXT_TYPE_1 1001
507#define CUSTOM_EXT_TYPE_2 1002
508#define CUSTOM_EXT_TYPE_3 1003
509
df2ee0e2
BL		 510static const char custom_ext_cli_string[] = "abc";
511static const char custom_ext_srv_string[] = "defg";
a398f821
T		 512
513/* These set from cmdline */
df2ee0e2
BL		 514static char *serverinfo_file = NULL;
515static int serverinfo_sct = 0;
516static int serverinfo_tack = 0;
9cd50f73
T		 517
518/* These set based on extension callbacks */
df2ee0e2
BL		 519static int serverinfo_sct_seen = 0;
520static int serverinfo_tack_seen = 0;
521static int serverinfo_other_seen = 0;
a398f821 522
9cd50f73 523/* This set from cmdline */
df2ee0e2 524static int custom_ext = 0;
9cd50f73
T		 525
526/* This set based on extension callbacks */
df2ee0e2 527static int custom_ext_error = 0;
9cd50f73 528
0cfefe4b 529static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 530 const unsigned char *in, size_t inlen,
531 int *al, void *arg)
532{
533 if (ext_type == SCT_EXT_TYPE)
534 serverinfo_sct_seen++;
535 else if (ext_type == TACK_EXT_TYPE)
536 serverinfo_tack_seen++;
537 else
538 serverinfo_other_seen++;
539 return 1;
540}
a398f821
T		 541
542static int verify_serverinfo()
0f113f3e
MC		 543{
544 if (serverinfo_sct != serverinfo_sct_seen)
545 return -1;
546 if (serverinfo_tack != serverinfo_tack_seen)
547 return -1;
548 if (serverinfo_other_seen)
549 return -1;
550 return 0;
551}
a398f821 552
1d97c843
TH		 553/*-
554 * Four test cases for custom extensions:
9cd50f73
T		 555 * 0 - no ClientHello extension or ServerHello response
556 * 1 - ClientHello with "abc", no response
557 * 2 - ClientHello with "abc", empty response
558 * 3 - ClientHello with "abc", "defg" response
559 */
560
de2a9e38 561static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 562 const unsigned char **out,
563 size_t *outlen, int *al, void *arg)
564{
565 if (ext_type != CUSTOM_EXT_TYPE_0)
566 custom_ext_error = 1;
567 return 0; /* Don't send an extension */
568}
9cd50f73 569
de2a9e38 570static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 571 const unsigned char *in,
572 size_t inlen, int *al, void *arg)
573{
574 return 1;
575}
9cd50f73 576
de2a9e38 577static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 578 const unsigned char **out,
579 size_t *outlen, int *al, void *arg)
580{
581 if (ext_type != CUSTOM_EXT_TYPE_1)
582 custom_ext_error = 1;
583 *out = (const unsigned char *)custom_ext_cli_string;
584 *outlen = strlen(custom_ext_cli_string);
585 return 1; /* Send "abc" */
586}
9cd50f73 587
de2a9e38 588static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 589 const unsigned char *in,
590 size_t inlen, int *al, void *arg)
591{
592 return 1;
593}
9cd50f73 594
de2a9e38 595static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 596 const unsigned char **out,
597 size_t *outlen, int *al, void *arg)
598{
599 if (ext_type != CUSTOM_EXT_TYPE_2)
600 custom_ext_error = 1;
601 *out = (const unsigned char *)custom_ext_cli_string;
602 *outlen = strlen(custom_ext_cli_string);
603 return 1; /* Send "abc" */
604}
9cd50f73 605
de2a9e38 606static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 607 const unsigned char *in,
608 size_t inlen, int *al, void *arg)
609{
610 if (ext_type != CUSTOM_EXT_TYPE_2)
611 custom_ext_error = 1;
612 if (inlen != 0)
613 custom_ext_error = 1; /* Should be empty response */
614 return 1;
615}
9cd50f73 616
de2a9e38 617static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 618 const unsigned char **out,
619 size_t *outlen, int *al, void *arg)
620{
621 if (ext_type != CUSTOM_EXT_TYPE_3)
622 custom_ext_error = 1;
623 *out = (const unsigned char *)custom_ext_cli_string;
624 *outlen = strlen(custom_ext_cli_string);
625 return 1; /* Send "abc" */
626}
9cd50f73 627
de2a9e38 628static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 629 const unsigned char *in,
630 size_t inlen, int *al, void *arg)
631{
632 if (ext_type != CUSTOM_EXT_TYPE_3)
633 custom_ext_error = 1;
634 if (inlen != strlen(custom_ext_srv_string))
635 custom_ext_error = 1;
636 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
637 custom_ext_error = 1; /* Check for "defg" */
638 return 1;
639}
640
641/*
642 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
643 * for this extension
644 */
de2a9e38 645static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 646 const unsigned char *in,
647 size_t inlen, int *al, void *arg)
648{
649 custom_ext_error = 1;
650 return 1;
651}
9cd50f73 652
f47e2039 653/* 'add' callbacks are only called if the 'parse' callback is called */
de2a9e38 654static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 655 const unsigned char **out,
656 size_t *outlen, int *al, void *arg)
657{
658 /* Error: should not have been called */
659 custom_ext_error = 1;
660 return 0; /* Don't send an extension */
661}
9cd50f73 662
de2a9e38 663static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 664 const unsigned char *in,
665 size_t inlen, int *al, void *arg)
666{
667 if (ext_type != CUSTOM_EXT_TYPE_1)
668 custom_ext_error = 1;
669 /* Check for "abc" */
670 if (inlen != strlen(custom_ext_cli_string))
671 custom_ext_error = 1;
672 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
673 custom_ext_error = 1;
674 return 1;
675}
9cd50f73 676
de2a9e38 677static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 678 const unsigned char **out,
679 size_t *outlen, int *al, void *arg)
680{
681 return 0; /* Don't send an extension */
682}
9cd50f73 683
de2a9e38 684static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 685 const unsigned char *in,
686 size_t inlen, int *al, void *arg)
687{
688 if (ext_type != CUSTOM_EXT_TYPE_2)
689 custom_ext_error = 1;
690 /* Check for "abc" */
691 if (inlen != strlen(custom_ext_cli_string))
692 custom_ext_error = 1;
693 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
694 custom_ext_error = 1;
695 return 1;
696}
9cd50f73 697
de2a9e38 698static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 699 const unsigned char **out,
700 size_t *outlen, int *al, void *arg)
701{
702 *out = NULL;
703 *outlen = 0;
704 return 1; /* Send empty extension */
705}
9cd50f73 706
de2a9e38 707static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 708 const unsigned char *in,
709 size_t inlen, int *al, void *arg)
710{
711 if (ext_type != CUSTOM_EXT_TYPE_3)
712 custom_ext_error = 1;
713 /* Check for "abc" */
714 if (inlen != strlen(custom_ext_cli_string))
715 custom_ext_error = 1;
716 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
717 custom_ext_error = 1;
718 return 1;
719}
9cd50f73 720
de2a9e38 721static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 722 const unsigned char **out,
723 size_t *outlen, int *al, void *arg)
724{
725 *out = (const unsigned char *)custom_ext_srv_string;
726 *outlen = strlen(custom_ext_srv_string);
727 return 1; /* Send "defg" */
728}
729
730static char *cipher = NULL;
731static int verbose = 0;
732static int debug = 0;
0f113f3e
MC		 733static const char rnd_seed[] =
734 "string to make the random number generator think it has entropy";
d02b48c6 735
0f113f3e
MC		 736int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
737 clock_t *c_time);
738int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
6e119bb0 739static int do_test_cipherlist(void);
9ccc00ef 740
6b691a5c 741static void sv_usage(void)
0f113f3e
MC		 742{
743 fprintf(stderr, "usage: ssltest [args ...]\n");
744 fprintf(stderr, "\n");
086e32a6 745#ifdef OPENSSL_FIPS
0f113f3e
MC		 746 fprintf(stderr, "-F - run test in FIPS mode\n");
747#endif
748 fprintf(stderr, " -server_auth - check server certificate\n");
749 fprintf(stderr, " -client_auth - do client authentication\n");
750 fprintf(stderr, " -proxy - allow proxy certificates\n");
751 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
752 fprintf(stderr,
753 " -proxy_cond <val> - expression to test proxy policy rights\n");
754 fprintf(stderr, " -v - more output\n");
755 fprintf(stderr, " -d - debug output\n");
756 fprintf(stderr, " -reuse - use session-id reuse\n");
757 fprintf(stderr, " -num <val> - number of connections to perform\n");
758 fprintf(stderr,
759 " -bytes <val> - number of bytes to swap between client/server\n");
bc36ee62 760#ifndef OPENSSL_NO_DH
0f113f3e 761 fprintf(stderr,
e8356e32
EK		 762 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
763 fprintf(stderr,
764 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
0f113f3e
MC		 765 fprintf(stderr,
766 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
767 fprintf(stderr, " -no_dhe - disable DHE\n");
77fa04a9 768#endif
10bf4fc2 769#ifndef OPENSSL_NO_EC
0f113f3e 770 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
ea262260 771#endif
ddac1974 772#ifndef OPENSSL_NO_PSK
0f113f3e 773 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
ddac1974 774#endif
edc032b5 775#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 776 fprintf(stderr, " -srpuser user - SRP username to use\n");
777 fprintf(stderr, " -srppass arg - password for 'user'\n");
edc032b5 778#endif
3881d810 779#ifndef OPENSSL_NO_SSL3_METHOD
0f113f3e 780 fprintf(stderr, " -ssl3 - use SSLv3\n");
58964a49 781#endif
0f113f3e 782 fprintf(stderr, " -tls1 - use TLSv1\n");
98b8cdd3 783#ifndef OPENSSL_NO_DTLS
7946ab33 784 fprintf(stderr, " -dtls - use DTLS\n");
98b8cdd3
DW		 785 fprintf(stderr, " -dtls1 - use DTLSv1\n");
786 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
787#endif
0f113f3e
MC		 788 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
789 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
790 fprintf(stderr, " -cert arg - Server certificate file\n");
791 fprintf(stderr,
792 " -key arg - Server key file (default: same as -cert)\n");
793 fprintf(stderr, " -c_cert arg - Client certificate file\n");
794 fprintf(stderr,
795 " -c_key arg - Client key file (default: same as -c_cert)\n");
796 fprintf(stderr, " -cipher arg - The cipher list\n");
797 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
798 fprintf(stderr, " -f - Test even cases that can't work\n");
799 fprintf(stderr,
800 " -time - measure processor time used by client and server\n");
801 fprintf(stderr, " -zlib - use zlib compression\n");
10bf4fc2 802#ifndef OPENSSL_NO_EC
0f113f3e
MC		 803 fprintf(stderr,
804 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
805 " Use \"openssl ecparam -list_curves\" for all names\n"
806 " (default is sect163r2).\n");
807#endif
808 fprintf(stderr,
809 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
810 " When this option is requested, the cipherlist\n"
811 " tests are run instead of handshake tests.\n");
2911575c 812#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 813 fprintf(stderr, " -npn_client - have client side offer NPN\n");
814 fprintf(stderr, " -npn_server - have server side offer NPN\n");
815 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
816#endif
817 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
818 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
819 fprintf(stderr,
820 " -serverinfo_tack - have client offer and expect TACK\n");
821 fprintf(stderr,
822 " -custom_ext - try various custom extension callbacks\n");
823 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
824 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
825 fprintf(stderr,
826 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
7946ab33
KR		 827 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n");
828 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n");
829 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n");
830 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n");
831 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n");
0f113f3e 832}
563f1503 833
f756f1fc 834static void print_key_details(BIO *out, EVP_PKEY *key)
0f113f3e
MC		 835{
836 int keyid = EVP_PKEY_id(key);
f756f1fc 837#ifndef OPENSSL_NO_EC
0f113f3e
MC		 838 if (keyid == EVP_PKEY_EC) {
839 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
840 int nid;
841 const char *cname;
842 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
843 EC_KEY_free(ec);
844 cname = EC_curve_nid2nist(nid);
845 if (!cname)
846 cname = OBJ_nid2sn(nid);
847 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
848 } else
849#endif
850 {
851 const char *algname;
852 switch (keyid) {
853 case EVP_PKEY_RSA:
854 algname = "RSA";
855 break;
856 case EVP_PKEY_DSA:
857 algname = "DSA";
858 break;
859 case EVP_PKEY_DH:
860 algname = "DH";
861 break;
862 default:
863 algname = OBJ_nid2sn(keyid);
864 break;
865 }
866 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
867 }
868}
f756f1fc 869
563f1503 870static void print_details(SSL *c_ssl, const char *prefix)
0f113f3e
MC		 871{
872 const SSL_CIPHER *ciph;
873 int mdnid;
874 X509 *cert;
875 EVP_PKEY *pkey;
876
877 ciph = SSL_get_current_cipher(c_ssl);
878 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
879 prefix,
880 SSL_get_version(c_ssl),
881 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
882 cert = SSL_get_peer_certificate(c_ssl);
883 if (cert != NULL) {
884 pkey = X509_get_pubkey(cert);
885 if (pkey != NULL) {
886 BIO_puts(bio_stdout, ", ");
887 print_key_details(bio_stdout, pkey);
888 EVP_PKEY_free(pkey);
889 }
890 X509_free(cert);
891 }
892 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
893 BIO_puts(bio_stdout, ", temp key: ");
894 print_key_details(bio_stdout, pkey);
895 EVP_PKEY_free(pkey);
896 }
897 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
898 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
899 BIO_printf(bio_stdout, "\n");
900}
d02b48c6 901
3ac82faa 902static void lock_dbg_cb(int mode, int type, const char *file, int line)
0f113f3e
MC		 903{
904 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
905 const char *errstr = NULL;
906 int rw;
907
908 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
909 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
910 errstr = "invalid mode";
911 goto err;
912 }
913
914 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
915 errstr = "type out of bounds";
916 goto err;
917 }
918
919 if (mode & CRYPTO_LOCK) {
920 if (modes[type]) {
921 errstr = "already locked";
922 /*
923 * must not happen in a single-threaded program (would deadlock)
924 */
925 goto err;
926 }
927
928 modes[type] = rw;
929 } else if (mode & CRYPTO_UNLOCK) {
930 if (!modes[type]) {
931 errstr = "not locked";
932 goto err;
933 }
934
935 if (modes[type] != rw) {
936 errstr = (rw == CRYPTO_READ) ?
937 "CRYPTO_r_unlock on write lock" :
938 "CRYPTO_w_unlock on read lock";
939 }
940
941 modes[type] = 0;
942 } else {
943 errstr = "invalid mode";
944 goto err;
945 }
3ac82faa
BM		 946
947 err:
0f113f3e
MC		 948 if (errstr) {
949 /* we cannot use bio_err here */
950 fprintf(stderr,
951 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
952 errstr, mode, type, file, line);
953 }
954}
3ac82faa 955
7946ab33
KR		 956/*
957 * protocol_from_string - converts a protocol version string to a number
958 *
959 * Returns -1 on failure or the version on success
960 */
961static int protocol_from_string(const char *value)
962{
963 struct protocol_versions {
964 const char *name;
965 int version;
966 };
967 static const struct protocol_versions versions[] = {
968 {"ssl3", SSL3_VERSION},
969 {"tls1", TLS1_VERSION},
970 {"tls1.1", TLS1_1_VERSION},
971 {"tls1.2", TLS1_2_VERSION},
972 {"dtls1", DTLS1_VERSION},
973 {"dtls1.2", DTLS1_2_VERSION}};
974 size_t i;
975 size_t n = OSSL_NELEM(versions);
976
977 for (i = 0; i < n; i++)
978 if (strcmp(versions[i].name, value) == 0)
979 return versions[i].version;
980 return -1;
981}
982
983/*
984 * set_protocol_version - Sets protocol version minimum or maximum
985 *
986 * Returns 0 on failure and 1 on success
987 */
988static int set_protocol_version(const char *version, SSL *ssl, int setting)
989{
990 if (version != NULL) {
991 int ver = protocol_from_string(version);
992 if (ver < 0) {
993 BIO_printf(bio_err, "Error parsing: %s\n", version);
994 return 0;
995 }
996 return SSL_ctrl(ssl, setting, ver, NULL);
997 }
998 return 1;
999}
1000
6b691a5c 1001int main(int argc, char *argv[])
0f113f3e
MC		 1002{
1003 char *CApath = NULL, *CAfile = NULL;
1004 int badop = 0;
1005 int bio_pair = 0;
1006 int force = 0;
7946ab33 1007 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1;
0f113f3e
MC		 1008 int client_auth = 0;
1009 int server_auth = 0, i;
1010 struct app_verify_arg app_verify_arg =
1011 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
bbd86bf5 1012 char *p;
10bf4fc2 1013#ifndef OPENSSL_NO_EC
0f113f3e
MC		 1014 char *named_curve = NULL;
1015#endif
1016 SSL_CTX *s_ctx = NULL;
1017 SSL_CTX *c_ctx = NULL;
1018 const SSL_METHOD *meth = NULL;
1019 SSL *c_ssl, *s_ssl;
1020 int number = 1, reuse = 0;
1021 long bytes = 256L;
bc36ee62 1022#ifndef OPENSSL_NO_DH
0f113f3e 1023 DH *dh;
e8356e32 1024 int dhe512 = 0, dhe1024dsa = 0;
ea262260 1025#endif
10bf4fc2 1026#ifndef OPENSSL_NO_EC
0f113f3e 1027 EC_KEY *ecdh = NULL;
edc032b5
BL		 1028#endif
1029#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1030 /* client */
1031 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
1032 /* server */
1033 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
1034#endif
1035 int no_dhe = 0;
1036 int no_ecdhe = 0;
1037 int no_psk = 0;
1038 int print_time = 0;
1039 clock_t s_time = 0, c_time = 0;
09b6c2ef 1040#ifndef OPENSSL_NO_COMP
9a555706 1041 int n, comp = 0;
0f113f3e
MC		 1042 COMP_METHOD *cm = NULL;
1043 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
00a37b5a 1044#endif
0f113f3e 1045 int test_cipherlist = 0;
086e32a6 1046#ifdef OPENSSL_FIPS
0f113f3e
MC		 1047 int fips_mode = 0;
1048#endif
1049 int no_protocol = 0;
1050
1051 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1052 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
4a640fb6 1053 char *arg = NULL, *argn = NULL;
0f113f3e
MC		 1054
1055 verbose = 0;
1056 debug = 0;
1057 cipher = 0;
1058
1059 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1060
1061 CRYPTO_set_locking_callback(lock_dbg_cb);
1062
bbd86bf5
RS		 1063 p = getenv("OPENSSL_DEBUG_MEMORY");
1064 if (p != NULL && strcmp(p, "on") == 0)
1065 CRYPTO_set_mem_debug(1);
0f113f3e
MC		 1066 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1067
1068 RAND_seed(rnd_seed, sizeof rnd_seed);
1069
1070 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1071
1072 s_cctx = SSL_CONF_CTX_new();
1073 c_cctx = SSL_CONF_CTX_new();
1074
1075 if (!s_cctx || !c_cctx) {
1076 ERR_print_errors(bio_err);
1077 goto end;
1078 }
1079
1080 SSL_CONF_CTX_set_flags(s_cctx,
6a096889
DSH		 1081 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1082 SSL_CONF_FLAG_CERTIFICATE |
1083 SSL_CONF_FLAG_REQUIRE_PRIVATE);
0f113f3e
MC		 1084 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1085 ERR_print_errors(bio_err);
1086 goto end;
1087 }
1088
1089 SSL_CONF_CTX_set_flags(c_cctx,
6a096889
DSH		 1090 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
1091 SSL_CONF_FLAG_CERTIFICATE |
1092 SSL_CONF_FLAG_REQUIRE_PRIVATE);
0f113f3e
MC		 1093 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1094 ERR_print_errors(bio_err);
1095 goto end;
1096 }
1097
1098 argc--;
1099 argv++;
1100
1101 while (argc >= 1) {
86885c28 1102 if (strcmp(*argv, "-F") == 0) {
086e32a6 1103#ifdef OPENSSL_FIPS
0f113f3e 1104 fips_mode = 1;
086e32a6 1105#else
0f113f3e
MC		 1106 fprintf(stderr,
1107 "not compiled with FIPS support, so exiting without running.\n");
1108 EXIT(0);
1109#endif
1110 } else if (strcmp(*argv, "-server_auth") == 0)
1111 server_auth = 1;
1112 else if (strcmp(*argv, "-client_auth") == 0)
1113 client_auth = 1;
1114 else if (strcmp(*argv, "-proxy_auth") == 0) {
1115 if (--argc < 1)
1116 goto bad;
1117 app_verify_arg.proxy_auth = *(++argv);
1118 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1119 if (--argc < 1)
1120 goto bad;
1121 app_verify_arg.proxy_cond = *(++argv);
1122 } else if (strcmp(*argv, "-v") == 0)
1123 verbose = 1;
1124 else if (strcmp(*argv, "-d") == 0)
1125 debug = 1;
1126 else if (strcmp(*argv, "-reuse") == 0)
1127 reuse = 1;
e8356e32 1128 else if (strcmp(*argv, "-dhe512") == 0) {
90f5a2b6 1129#ifndef OPENSSL_NO_DH
e8356e32 1130 dhe512 = 1;
90f5a2b6 1131#else
0f113f3e 1132 fprintf(stderr,
e8356e32 1133 "ignoring -dhe512, since I'm compiled without DH\n");
90f5a2b6 1134#endif
0f113f3e 1135 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
90f5a2b6 1136#ifndef OPENSSL_NO_DH
0f113f3e 1137 dhe1024dsa = 1;
90f5a2b6 1138#else
0f113f3e 1139 fprintf(stderr,
e8356e32 1140 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
0f113f3e
MC		 1141#endif
1142 } else if (strcmp(*argv, "-no_dhe") == 0)
1143 no_dhe = 1;
1144 else if (strcmp(*argv, "-no_ecdhe") == 0)
1145 no_ecdhe = 1;
1146 else if (strcmp(*argv, "-psk") == 0) {
1147 if (--argc < 1)
1148 goto bad;
1149 psk_key = *(++argv);
ddac1974 1150#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1151 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1152 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1153 goto bad;
1154 }
ddac1974 1155#else
0f113f3e 1156 no_psk = 1;
ddac1974 1157#endif
0f113f3e 1158 }
edc032b5 1159#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1160 else if (strcmp(*argv, "-srpuser") == 0) {
1161 if (--argc < 1)
1162 goto bad;
1163 srp_server_arg.expected_user = srp_client_arg.srplogin =
1164 *(++argv);
1165 tls1 = 1;
1166 } else if (strcmp(*argv, "-srppass") == 0) {
1167 if (--argc < 1)
1168 goto bad;
1169 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1170 tls1 = 1;
1171 }
1172#endif
1173 else if (strcmp(*argv, "-tls1") == 0) {
0f113f3e
MC		 1174 tls1 = 1;
1175 } else if (strcmp(*argv, "-ssl3") == 0) {
3881d810 1176#ifdef OPENSSL_NO_SSL3_METHOD
0f113f3e
MC		 1177 no_protocol = 1;
1178#endif
1179 ssl3 = 1;
98b8cdd3
DW		 1180 } else if (strcmp(*argv, "-dtls1") == 0) {
1181#ifdef OPENSSL_NO_DTLS
1182 no_protocol = 1;
1183#endif
1184 dtls1 = 1;
1185 } else if (strcmp(*argv, "-dtls12") == 0) {
1186#ifdef OPENSSL_NO_DTLS
1187 no_protocol = 1;
1188#endif
1189 dtls12 = 1;
7946ab33
KR		 1190 } else if (strcmp(*argv, "-dtls") == 0) {
1191#ifdef OPENSSL_NO_DTLS
1192 no_protocol = 1;
1193#endif
1194 dtls = 1;
0f113f3e
MC		 1195 } else if (strncmp(*argv, "-num", 4) == 0) {
1196 if (--argc < 1)
1197 goto bad;
1198 number = atoi(*(++argv));
1199 if (number == 0)
1200 number = 1;
1201 } else if (strcmp(*argv, "-bytes") == 0) {
1202 if (--argc < 1)
1203 goto bad;
1204 bytes = atol(*(++argv));
1205 if (bytes == 0L)
1206 bytes = 1L;
1207 i = strlen(argv[0]);
1208 if (argv[0][i - 1] == 'k')
1209 bytes *= 1024L;
1210 if (argv[0][i - 1] == 'm')
1211 bytes *= 1024L * 1024L;
0f113f3e
MC		 1212 } else if (strcmp(*argv, "-cipher") == 0) {
1213 if (--argc < 1)
1214 goto bad;
1215 cipher = *(++argv);
1216 } else if (strcmp(*argv, "-CApath") == 0) {
1217 if (--argc < 1)
1218 goto bad;
1219 CApath = *(++argv);
1220 } else if (strcmp(*argv, "-CAfile") == 0) {
1221 if (--argc < 1)
1222 goto bad;
1223 CAfile = *(++argv);
1224 } else if (strcmp(*argv, "-bio_pair") == 0) {
1225 bio_pair = 1;
1226 } else if (strcmp(*argv, "-f") == 0) {
1227 force = 1;
1228 } else if (strcmp(*argv, "-time") == 0) {
1229 print_time = 1;
1230 }
a4c4a7d5 1231#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1232 else if (strcmp(*argv, "-zlib") == 0) {
1233 comp = COMP_ZLIB;
0f113f3e
MC		 1234 }
1235#endif
1236 else if (strcmp(*argv, "-named_curve") == 0) {
1237 if (--argc < 1)
1238 goto bad;
10bf4fc2 1239#ifndef OPENSSL_NO_EC
0f113f3e 1240 named_curve = *(++argv);
90f5a2b6 1241#else
0f113f3e
MC		 1242 fprintf(stderr,
1243 "ignoring -named_curve, since I'm compiled without ECDH\n");
1244 ++argv;
1245#endif
1246 } else if (strcmp(*argv, "-app_verify") == 0) {
1247 app_verify_arg.app_verify = 1;
1248 } else if (strcmp(*argv, "-proxy") == 0) {
1249 app_verify_arg.allow_proxy_certs = 1;
1250 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1251 test_cipherlist = 1;
1252 }
2911575c 1253#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1254 else if (strcmp(*argv, "-npn_client") == 0) {
1255 npn_client = 1;
1256 } else if (strcmp(*argv, "-npn_server") == 0) {
1257 npn_server = 1;
1258 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1259 npn_server_reject = 1;
1260 }
1261#endif
1262 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1263 serverinfo_sct = 1;
1264 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1265 serverinfo_tack = 1;
1266 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1267 if (--argc < 1)
1268 goto bad;
1269 serverinfo_file = *(++argv);
1270 } else if (strcmp(*argv, "-custom_ext") == 0) {
1271 custom_ext = 1;
1272 } else if (strcmp(*argv, "-alpn_client") == 0) {
1273 if (--argc < 1)
1274 goto bad;
1275 alpn_client = *(++argv);
1276 } else if (strcmp(*argv, "-alpn_server") == 0) {
1277 if (--argc < 1)
1278 goto bad;
1279 alpn_server = *(++argv);
1280 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1281 if (--argc < 1)
1282 goto bad;
1283 alpn_expected = *(++argv);
7946ab33
KR		 1284 } else if (strcmp(*argv, "-server_min_proto") == 0) {
1285 if (--argc < 1)
1286 goto bad;
1287 server_min_proto = *(++argv);
1288 } else if (strcmp(*argv, "-server_max_proto") == 0) {
1289 if (--argc < 1)
1290 goto bad;
1291 server_max_proto = *(++argv);
1292 } else if (strcmp(*argv, "-client_min_proto") == 0) {
1293 if (--argc < 1)
1294 goto bad;
1295 client_min_proto = *(++argv);
1296 } else if (strcmp(*argv, "-client_max_proto") == 0) {
1297 if (--argc < 1)
1298 goto bad;
1299 client_max_proto = *(++argv);
1300 } else if (strcmp(*argv, "-should_negotiate") == 0) {
1301 if (--argc < 1)
1302 goto bad;
1303 should_negotiate = *(++argv);
0f113f3e
MC		 1304 } else {
1305 int rv;
1306 arg = argv[0];
1307 argn = argv[1];
1308 /* Try to process command using SSL_CONF */
1309 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1310 /* If not processed try server */
1311 if (rv == 0)
1312 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1313 /* Recognised: store it for later use */
1314 if (rv > 0) {
1315 if (rv == 1)
1316 argn = NULL;
1317 if (!conf_args) {
1318 conf_args = sk_OPENSSL_STRING_new_null();
1319 if (!conf_args)
1320 goto end;
1321 }
1322 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1323 goto end;
1324 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1325 goto end;
1326 continue;
1327 }
1328 if (rv == -3)
1329 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1330 else if (rv < 0)
1331 BIO_printf(bio_err, "Error with command %s\n", arg);
1332 else if (rv == 0)
1333 BIO_printf(bio_err, "unknown option %s\n", arg);
1334 badop = 1;
1335 break;
1336 }
1337 argc--;
1338 argv++;
1339 }
1340 if (badop) {
1341 bad:
1342 sv_usage();
1343 goto end;
1344 }
1345
1346 /*
1347 * test_cipherlist prevails over protocol switch: we test the cipherlist
1348 * for all enabled protocols.
1349 */
1350 if (test_cipherlist == 1) {
1351 /*
1352 * ensure that the cipher list are correctly sorted and exit
1353 */
1354 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1355 "other options.\n");
1356 if (do_test_cipherlist() == 0)
1357 EXIT(1);
1358 ret = 0;
1359 goto end;
1360 }
1361
7946ab33
KR		 1362 if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
1363 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
0f113f3e
MC		 1364 "be requested.\n");
1365 EXIT(1);
1366 }
1367
1368 /*
1369 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1370 * Ideally, we would error out, but the generic test wrapper can't know
1371 * when to expect failure. So we do nothing and return success.
1372 */
1373 if (no_protocol) {
1374 fprintf(stderr, "Testing was requested for a disabled protocol. "
1375 "Skipping tests.\n");
1376 ret = 0;
1377 goto end;
1378 }
1379
7946ab33 1380 if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
0f113f3e
MC		 1381 fprintf(stderr, "This case cannot work. Use -f to perform "
1382 "the test anyway (and\n-d to see what happens), "
7946ab33 1383 "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n"
0f113f3e
MC		 1384 "to avoid protocol mismatch.\n");
1385 EXIT(1);
1386 }
086e32a6 1387#ifdef OPENSSL_FIPS
0f113f3e
MC		 1388 if (fips_mode) {
1389 if (!FIPS_mode_set(1)) {
1390 ERR_load_crypto_strings();
0f81f5f7 1391 ERR_print_errors(bio_err);
0f113f3e
MC		 1392 EXIT(1);
1393 } else
1394 fprintf(stderr, "*** IN FIPS MODE ***\n");
1395 }
1396#endif
1397
1398 if (print_time) {
1399 if (!bio_pair) {
1400 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1401 bio_pair = 1;
1402 }
1403 if (number < 50 && !force)
1404 fprintf(stderr,
1405 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1406 }
1407
1408/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1409
1410 SSL_library_init();
1411 SSL_load_error_strings();
d02b48c6 1412
09b6c2ef 1413#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1414 if (comp == COMP_ZLIB)
1415 cm = COMP_zlib();
0f113f3e 1416 if (cm != NULL) {
9a555706 1417 if (COMP_get_type(cm) != NID_undef) {
0f113f3e
MC		 1418 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1419 fprintf(stderr, "Failed to add compression method\n");
1420 ERR_print_errors_fp(stderr);
1421 }
1422 } else {
1423 fprintf(stderr,
1424 "Warning: %s compression not supported\n",
45ddce21 1425 comp == COMP_ZLIB ? "zlib" : "unknown");
0f113f3e
MC		 1426 ERR_print_errors_fp(stderr);
1427 }
1428 }
1429 ssl_comp_methods = SSL_COMP_get_compression_methods();
3dca57f8
RS		 1430 n = sk_SSL_COMP_num(ssl_comp_methods);
1431 if (n) {
1432 int j;
1433 printf("Available compression methods:");
1434 for (j = 0; j < n; j++) {
1435 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1436 printf(" %s:%d", c->name, c->id);
22ebaae0 1437 }
3dca57f8 1438 printf("\n");
0f113f3e
MC		 1439 }
1440#endif
1441
1442 /*
1443 * At this point, ssl3/tls1 is only set if the protocol is available.
1444 * (Otherwise we exit early.) However the compiler doesn't know this, so
1445 * we ifdef.
1446 */
fd28a41e 1447#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 1448 if (ssl3)
1449 meth = SSLv3_method();
1450 else
98b8cdd3
DW		 1451#endif
1452#ifndef OPENSSL_NO_DTLS
1453 if (dtls1)
1454 meth = DTLSv1_method();
1455 else if (dtls12)
1456 meth = DTLSv1_2_method();
7946ab33
KR		 1457 else if (dtls)
1458 meth = DTLS_method();
98b8cdd3 1459 else
fd28a41e 1460#endif
0f113f3e
MC		 1461 if (tls1)
1462 meth = TLSv1_method();
1463 else
32ec4153 1464 meth = TLS_method();
0f113f3e
MC		 1465
1466 c_ctx = SSL_CTX_new(meth);
1467 s_ctx = SSL_CTX_new(meth);
1468 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1469 ERR_print_errors(bio_err);
1470 goto end;
1471 }
1472 /*
1473 * Since we will use low security ciphersuites and keys for testing set
15a06488
EK		 1474 * security level to zero by default. Tests can override this by adding
1475 * "@SECLEVEL=n" to the cipher string.
0f113f3e
MC		 1476 */
1477 SSL_CTX_set_security_level(c_ctx, 0);
1478 SSL_CTX_set_security_level(s_ctx, 0);
1479
1480 if (cipher != NULL) {
61986d32 1481 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
69f68237
MC		 1482 || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1483 ERR_print_errors(bio_err);
1484 goto end;
1485 }
0f113f3e
MC		 1486 }
1487
1488 /* Process SSL_CONF arguments */
1489 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1490 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1491
1492 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1493 int rv;
1494 arg = sk_OPENSSL_STRING_value(conf_args, i);
1495 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1496 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1497 /* If not recognised use server context */
1498 if (rv == -2)
1499 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1500 if (rv <= 0) {
1501 BIO_printf(bio_err, "Error processing %s %s\n",
1502 arg, argn ? argn : "");
1503 ERR_print_errors(bio_err);
1504 goto end;
1505 }
1506 }
1507
1508 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
1509 BIO_puts(bio_err, "Error finishing context\n");
1510 ERR_print_errors(bio_err);
1511 goto end;
1512 }
bc36ee62 1513#ifndef OPENSSL_NO_DH
0f113f3e
MC		 1514 if (!no_dhe) {
1515 if (dhe1024dsa) {
1516 /*
1517 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1518 */
1519 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1520 dh = get_dh1024dsa();
e8356e32 1521 } else if (dhe512)
0f113f3e 1522 dh = get_dh512();
e8356e32
EK		 1523 else
1524 dh = get_dh1024();
0f113f3e
MC		 1525 SSL_CTX_set_tmp_dh(s_ctx, dh);
1526 DH_free(dh);
1527 }
e4589582 1528#else
0f113f3e 1529 (void)no_dhe;
58964a49
RE		 1530#endif
1531
10bf4fc2 1532#ifndef OPENSSL_NO_EC
0f113f3e
MC		 1533 if (!no_ecdhe) {
1534 int nid;
1535
1536 if (named_curve != NULL) {
1537 nid = OBJ_sn2nid(named_curve);
1538 if (nid == 0) {
1539 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1540 goto end;
1541 }
de57d237 1542 } else {
0f113f3e 1543 nid = NID_X9_62_prime256v1;
de57d237 1544 }
0f113f3e
MC		 1545
1546 ecdh = EC_KEY_new_by_curve_name(nid);
1547 if (ecdh == NULL) {
1548 BIO_printf(bio_err, "unable to create curve\n");
1549 goto end;
1550 }
1551
1552 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1553 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1554 EC_KEY_free(ecdh);
1555 }
b3310161 1556#else
0f113f3e 1557 (void)no_ecdhe;
ea262260
BM		 1558#endif
1559
0f113f3e
MC		 1560 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1561 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1562 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1563 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1564 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1565 ERR_print_errors(bio_err);
1566 /* goto end; */
1567 }
1568
1569 if (client_auth) {
3dca57f8 1570 printf("client authentication\n");
0f113f3e
MC		 1571 SSL_CTX_set_verify(s_ctx,
1572 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1573 verify_callback);
1574 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1575 &app_verify_arg);
1576 }
1577 if (server_auth) {
3dca57f8 1578 printf("server authentication\n");
0f113f3e
MC		 1579 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1580 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1581 &app_verify_arg);
1582 }
1583
1584 {
1585 int session_id_context = 0;
61986d32 1586 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
69f68237
MC		 1587 sizeof session_id_context)) {
1588 ERR_print_errors(bio_err);
1589 goto end;
1590 }
0f113f3e
MC		 1591 }
1592
1593 /* Use PSK only if PSK key is given */
1594 if (psk_key != NULL) {
1595 /*
1596 * no_psk is used to avoid putting psk command to openssl tool
1597 */
1598 if (no_psk) {
1599 /*
1600 * if PSK is not compiled in and psk key is given, do nothing and
1601 * exit successfully
1602 */
1603 ret = 0;
1604 goto end;
1605 }
ddac1974 1606#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1607 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1608 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1609 if (debug)
1610 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1611 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1612 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1613 ERR_print_errors(bio_err);
1614 goto end;
1615 }
1616#endif
1617 }
edc032b5 1618#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1619 if (srp_client_arg.srplogin) {
1620 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1621 BIO_printf(bio_err, "Unable to set SRP username\n");
1622 goto end;
1623 }
1624 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1625 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1626 ssl_give_srp_client_pwd_cb);
1627 /*
1628 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1629 */
1630 }
1631
1632 if (srp_server_arg.expected_user != NULL) {
1633 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1634 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1635 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1636 }
edc032b5 1637#endif
ddac1974 1638
2911575c 1639#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1640 if (npn_client) {
1641 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1642 }
1643 if (npn_server) {
1644 if (npn_server_reject) {
1645 BIO_printf(bio_err,
1646 "Can't have both -npn_server and -npn_server_reject\n");
1647 goto end;
1648 }
1649 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1650 }
1651 if (npn_server_reject) {
1652 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1653 NULL);
1654 }
1655#endif
1656
69f68237 1657 if (serverinfo_sct) {
61986d32 1658 if (!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
0f113f3e 1659 NULL, NULL, NULL,
69f68237
MC		 1660 serverinfo_cli_parse_cb, NULL)) {
1661 BIO_printf(bio_err, "Error adding SCT extension\n");
1662 goto end;
1663 }
1664 }
1665 if (serverinfo_tack) {
61986d32 1666 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
0f113f3e 1667 NULL, NULL, NULL,
69f68237
MC		 1668 serverinfo_cli_parse_cb, NULL)) {
1669 BIO_printf(bio_err, "Error adding TACK extension\n");
1670 goto end;
1671 }
1672 }
0f113f3e
MC		 1673 if (serverinfo_file)
1674 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1675 BIO_printf(bio_err, "missing serverinfo file\n");
1676 goto end;
1677 }
1678
1679 if (custom_ext) {
61986d32 1680 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1681 custom_ext_0_cli_add_cb,
1682 NULL, NULL,
69f68237 1683 custom_ext_0_cli_parse_cb, NULL)
61986d32 1684 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1685 custom_ext_1_cli_add_cb,
1686 NULL, NULL,
69f68237 1687 custom_ext_1_cli_parse_cb, NULL)
61986d32 1688 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1689 custom_ext_2_cli_add_cb,
1690 NULL, NULL,
69f68237 1691 custom_ext_2_cli_parse_cb, NULL)
61986d32 1692 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1693 custom_ext_3_cli_add_cb,
1694 NULL, NULL,
69f68237 1695 custom_ext_3_cli_parse_cb, NULL)
61986d32 1696 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1697 custom_ext_0_srv_add_cb,
1698 NULL, NULL,
69f68237 1699 custom_ext_0_srv_parse_cb, NULL)
61986d32 1700 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1701 custom_ext_1_srv_add_cb,
1702 NULL, NULL,
69f68237 1703 custom_ext_1_srv_parse_cb, NULL)
61986d32 1704 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1705 custom_ext_2_srv_add_cb,
1706 NULL, NULL,
69f68237 1707 custom_ext_2_srv_parse_cb, NULL)
61986d32 1708 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1709 custom_ext_3_srv_add_cb,
1710 NULL, NULL,
69f68237
MC		 1711 custom_ext_3_srv_parse_cb, NULL)) {
1712 BIO_printf(bio_err, "Error setting custom extensions\n");
1713 goto end;
1714 }
0f113f3e
MC		 1715 }
1716
1717 if (alpn_server)
1718 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1719
1720 if (alpn_client) {
1721 unsigned short alpn_len;
1722 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1723
1724 if (alpn == NULL) {
1725 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1726 goto end;
1727 }
69f68237 1728 /* Returns 0 on success!! */
61986d32 1729 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
69f68237
MC		 1730 BIO_printf(bio_err, "Error setting ALPN\n");
1731 OPENSSL_free(alpn);
1732 goto end;
1733 }
0f113f3e
MC		 1734 OPENSSL_free(alpn);
1735 }
1736
1737 c_ssl = SSL_new(c_ctx);
1738 s_ssl = SSL_new(s_ctx);
58964a49 1739
7946ab33
KR		 1740 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1741 goto end;
1742 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1743 goto end;
1744 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1745 goto end;
1746 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1747 goto end;
1748
3dca57f8 1749 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
0f113f3e 1750 for (i = 0; i < number; i++) {
69f68237 1751 if (!reuse) {
61986d32 1752 if (!SSL_set_session(c_ssl, NULL)) {
69f68237
MC		 1753 BIO_printf(bio_err, "Failed to set session\n");
1754 goto end;
1755 }
1756 }
0f113f3e
MC		 1757 if (bio_pair)
1758 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1759 else
1760 ret = doit(s_ssl, c_ssl, bytes);
6b937f8b 1761 if (ret) break;
0f113f3e
MC		 1762 }
1763
7946ab33
KR		 1764 if (should_negotiate && ret == 0 &&
1765 strcmp(should_negotiate, "fail-server") != 0 &&
1766 strcmp(should_negotiate, "fail-client") != 0) {
1767 int version = protocol_from_string(should_negotiate);
1768 if (version < 0) {
1769 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate);
1770 ret = 1;
1771 goto err;
1772 }
1773 if (SSL_version(c_ssl) != version) {
1774 BIO_printf(bio_err, "Unxpected version negotiated. "
1775 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl));
1776 ret = 1;
1777 goto err;
1778 }
1779 }
1780
0f113f3e
MC		 1781 if (!verbose) {
1782 print_details(c_ssl, "");
1783 }
0f113f3e 1784 if (print_time) {
617d71bc 1785#ifdef CLOCKS_PER_SEC
0f113f3e
MC		 1786 /*
1787 * "To determine the time in seconds, the value returned by the clock
1788 * function should be divided by the value of the macro
1789 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1790 */
1791 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1792 "Approximate total client time: %6.2f s\n",
1793 (double)s_time / CLOCKS_PER_SEC,
1794 (double)c_time / CLOCKS_PER_SEC);
617d71bc 1795#else
0f113f3e
MC		 1796 BIO_printf(bio_stdout,
1797 "Approximate total server time: %6.2f units\n"
1798 "Approximate total client time: %6.2f units\n",
1799 (double)s_time, (double)c_time);
617d71bc 1800#endif
0f113f3e 1801 }
58964a49 1802
7946ab33 1803 err:
0f113f3e
MC		 1804 SSL_free(s_ssl);
1805 SSL_free(c_ssl);
58964a49 1806
0f113f3e 1807 end:
62adbcee
RS		 1808 SSL_CTX_free(s_ctx);
1809 SSL_CTX_free(c_ctx);
62adbcee
RS		 1810 SSL_CONF_CTX_free(s_cctx);
1811 SSL_CONF_CTX_free(c_cctx);
0f113f3e 1812 sk_OPENSSL_STRING_free(conf_args);
de94222d 1813
ca3a82c3 1814 BIO_free(bio_stdout);
d02b48c6 1815
0b13e9f0 1816#ifndef OPENSSL_NO_ENGINE
0f113f3e
MC		 1817 ENGINE_cleanup();
1818#endif
a470fdab 1819 CONF_modules_unload(1);
0f113f3e
MC		 1820 CRYPTO_cleanup_all_ex_data();
1821 ERR_free_strings();
1822 ERR_remove_thread_state(NULL);
1823 EVP_cleanup();
bbd86bf5 1824#ifdef CRYPTO_MDEBUG
0f113f3e 1825 CRYPTO_mem_leaks(bio_err);
bbd86bf5 1826#endif
ca3a82c3 1827 BIO_free(bio_err);
0f113f3e 1828 EXIT(ret);
0f113f3e 1829}
d02b48c6 1830
563f1503 1831int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
0f113f3e
MC		 1832 clock_t *s_time, clock_t *c_time)
1833{
1834 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1835 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1836 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1837 int ret = 1;
7946ab33
KR		 1838 int err_in_client = 0;
1839 int err_in_server = 0;
0f113f3e
MC		 1840
1841 size_t bufsiz = 256; /* small buffer for testing */
1842
1843 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1844 goto err;
1845 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1846 goto err;
1847
1848 s_ssl_bio = BIO_new(BIO_f_ssl());
1849 if (!s_ssl_bio)
1850 goto err;
1851
1852 c_ssl_bio = BIO_new(BIO_f_ssl());
1853 if (!c_ssl_bio)
1854 goto err;
1855
1856 SSL_set_connect_state(c_ssl);
1857 SSL_set_bio(c_ssl, client, client);
1858 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1859
1860 SSL_set_accept_state(s_ssl);
1861 SSL_set_bio(s_ssl, server, server);
1862 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1863
1864 do {
35a1cc90
MC		 1865 /*-
1866 * c_ssl_bio: SSL filter BIO
1867 *
1868 * client: pseudo-I/O for SSL library
1869 *
1870 * client_io: client's SSL communication; usually to be
1871 * relayed over some I/O facility, but in this
1872 * test program, we're the server, too:
1873 *
1874 * server_io: server's SSL communication
1875 *
1876 * server: pseudo-I/O for SSL library
1877 *
1878 * s_ssl_bio: SSL filter BIO
1879 *
1880 * The client and the server each employ a "BIO pair":
1881 * client + client_io, server + server_io.
1882 * BIO pairs are symmetric. A BIO pair behaves similar
1883 * to a non-blocking socketpair (but both endpoints must
1884 * be handled by the same thread).
1885 * [Here we could connect client and server to the ends
1886 * of a single BIO pair, but then this code would be less
1887 * suitable as an example for BIO pairs in general.]
1888 *
1889 * Useful functions for querying the state of BIO pair endpoints:
1890 *
1891 * BIO_ctrl_pending(bio) number of bytes we can read now
1892 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1893 * other side's read attempt
1894 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1895 *
1896 * ..._read_request is never more than ..._write_guarantee;
1897 * it depends on the application which one you should use.
1898 */
0f113f3e
MC		 1899
1900 /*
1901 * We have non-blocking behaviour throughout this test program, but
1902 * can be sure that there is *some* progress in each iteration; so we
1903 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1904 * we just try everything in each iteration
1905 */
1906
1907 {
1908 /* CLIENT */
1909
68b00c23 1910 char cbuf[1024 * 8];
0f113f3e
MC		 1911 int i, r;
1912 clock_t c_clock = clock();
1913
1914 memset(cbuf, 0, sizeof(cbuf));
1915
1916 if (debug)
1917 if (SSL_in_init(c_ssl))
1918 printf("client waiting in SSL_connect - %s\n",
1919 SSL_state_string_long(c_ssl));
1920
1921 if (cw_num > 0) {
1922 /* Write to server. */
1923
1924 if (cw_num > (long)sizeof cbuf)
1925 i = sizeof cbuf;
1926 else
1927 i = (int)cw_num;
1928 r = BIO_write(c_ssl_bio, cbuf, i);
1929 if (r < 0) {
1930 if (!BIO_should_retry(c_ssl_bio)) {
1931 fprintf(stderr, "ERROR in CLIENT\n");
7946ab33 1932 err_in_client = 1;
0f113f3e
MC		 1933 goto err;
1934 }
1935 /*
1936 * BIO_should_retry(...) can just be ignored here. The
1937 * library expects us to call BIO_write with the same
1938 * arguments again, and that's what we will do in the
1939 * next iteration.
1940 */
1941 } else if (r == 0) {
1942 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1943 goto err;
1944 } else {
1945 if (debug)
1946 printf("client wrote %d\n", r);
1947 cw_num -= r;
1948 }
1949 }
1950
1951 if (cr_num > 0) {
1952 /* Read from server. */
1953
1954 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1955 if (r < 0) {
1956 if (!BIO_should_retry(c_ssl_bio)) {
1957 fprintf(stderr, "ERROR in CLIENT\n");
7946ab33 1958 err_in_client = 1;
0f113f3e
MC		 1959 goto err;
1960 }
1961 /*
1962 * Again, "BIO_should_retry" can be ignored.
1963 */
1964 } else if (r == 0) {
1965 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1966 goto err;
1967 } else {
1968 if (debug)
1969 printf("client read %d\n", r);
1970 cr_num -= r;
1971 }
1972 }
1973
1974 /*
1975 * c_time and s_time increments will typically be very small
1976 * (depending on machine speed and clock tick intervals), but
1977 * sampling over a large number of connections should result in
1978 * fairly accurate figures. We cannot guarantee a lot, however
1979 * -- if each connection lasts for exactly one clock tick, it
1980 * will be counted only for the client or only for the server or
1981 * even not at all.
1982 */
1983 *c_time += (clock() - c_clock);
1984 }
1985
1986 {
1987 /* SERVER */
1988
68b00c23 1989 char sbuf[1024 * 8];
0f113f3e
MC		 1990 int i, r;
1991 clock_t s_clock = clock();
1992
1993 memset(sbuf, 0, sizeof(sbuf));
1994
1995 if (debug)
1996 if (SSL_in_init(s_ssl))
1997 printf("server waiting in SSL_accept - %s\n",
1998 SSL_state_string_long(s_ssl));
1999
2000 if (sw_num > 0) {
2001 /* Write to client. */
2002
2003 if (sw_num > (long)sizeof sbuf)
2004 i = sizeof sbuf;
2005 else
2006 i = (int)sw_num;
2007 r = BIO_write(s_ssl_bio, sbuf, i);
2008 if (r < 0) {
2009 if (!BIO_should_retry(s_ssl_bio)) {
2010 fprintf(stderr, "ERROR in SERVER\n");
7946ab33 2011 err_in_server = 1;
0f113f3e
MC		 2012 goto err;
2013 }
2014 /* Ignore "BIO_should_retry". */
2015 } else if (r == 0) {
2016 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2017 goto err;
2018 } else {
2019 if (debug)
2020 printf("server wrote %d\n", r);
2021 sw_num -= r;
2022 }
2023 }
2024
2025 if (sr_num > 0) {
2026 /* Read from client. */
2027
2028 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2029 if (r < 0) {
2030 if (!BIO_should_retry(s_ssl_bio)) {
2031 fprintf(stderr, "ERROR in SERVER\n");
7946ab33 2032 err_in_server = 1;
0f113f3e
MC		 2033 goto err;
2034 }
2035 /* blah, blah */
2036 } else if (r == 0) {
2037 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2038 goto err;
2039 } else {
2040 if (debug)
2041 printf("server read %d\n", r);
2042 sr_num -= r;
2043 }
2044 }
2045
2046 *s_time += (clock() - s_clock);
2047 }
2048
2049 {
2050 /* "I/O" BETWEEN CLIENT AND SERVER. */
2051
2052 size_t r1, r2;
2053 BIO *io1 = server_io, *io2 = client_io;
2054 /*
2055 * we use the non-copying interface for io1 and the standard
2056 * BIO_write/BIO_read interface for io2
2057 */
2058
2059 static int prev_progress = 1;
2060 int progress = 0;
2061
2062 /* io1 to io2 */
2063 do {
2064 size_t num;
2065 int r;
2066
2067 r1 = BIO_ctrl_pending(io1);
2068 r2 = BIO_ctrl_get_write_guarantee(io2);
2069
2070 num = r1;
2071 if (r2 < num)
2072 num = r2;
2073 if (num) {
2074 char *dataptr;
2075
2076 if (INT_MAX < num) /* yeah, right */
2077 num = INT_MAX;
2078
2079 r = BIO_nread(io1, &dataptr, (int)num);
2080 assert(r > 0);
2081 assert(r <= (int)num);
2082 /*
2083 * possibly r < num (non-contiguous data)
2084 */
2085 num = r;
2086 r = BIO_write(io2, dataptr, (int)num);
2087 if (r != (int)num) { /* can't happen */
2088 fprintf(stderr, "ERROR: BIO_write could not write "
2089 "BIO_ctrl_get_write_guarantee() bytes");
2090 goto err;
2091 }
2092 progress = 1;
2093
2094 if (debug)
2095 printf((io1 == client_io) ?
2096 "C->S relaying: %d bytes\n" :
2097 "S->C relaying: %d bytes\n", (int)num);
2098 }
2099 }
2100 while (r1 && r2);
2101
2102 /* io2 to io1 */
2103 {
2104 size_t num;
2105 int r;
2106
2107 r1 = BIO_ctrl_pending(io2);
2108 r2 = BIO_ctrl_get_read_request(io1);
2109 /*
2110 * here we could use ..._get_write_guarantee instead of
2111 * ..._get_read_request, but by using the latter we test
2112 * restartability of the SSL implementation more thoroughly
2113 */
2114 num = r1;
2115 if (r2 < num)
2116 num = r2;
2117 if (num) {
2118 char *dataptr;
2119
2120 if (INT_MAX < num)
2121 num = INT_MAX;
2122
2123 if (num > 1)
2124 --num; /* test restartability even more thoroughly */
2125
2126 r = BIO_nwrite0(io1, &dataptr);
2127 assert(r > 0);
2128 if (r < (int)num)
2129 num = r;
2130 r = BIO_read(io2, dataptr, (int)num);
2131 if (r != (int)num) { /* can't happen */
2132 fprintf(stderr, "ERROR: BIO_read could not read "
2133 "BIO_ctrl_pending() bytes");
2134 goto err;
2135 }
2136 progress = 1;
2137 r = BIO_nwrite(io1, &dataptr, (int)num);
2138 if (r != (int)num) { /* can't happen */
2139 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2140 "BIO_nwrite0() bytes");
2141 goto err;
2142 }
2143
2144 if (debug)
2145 printf((io2 == client_io) ?
2146 "C->S relaying: %d bytes\n" :
2147 "S->C relaying: %d bytes\n", (int)num);
2148 }
2149 } /* no loop, BIO_ctrl_get_read_request now
2150 * returns 0 anyway */
2151
2152 if (!progress && !prev_progress)
2153 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2154 fprintf(stderr, "ERROR: got stuck\n");
2155 fprintf(stderr, " ERROR.\n");
2156 goto err;
2157 }
2158 prev_progress = progress;
2159 }
2160 }
2161 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2162
2163 if (verbose)
2164 print_details(c_ssl, "DONE via BIO pair: ");
2911575c 2165#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2166 if (verify_npn(c_ssl, s_ssl) < 0) {
2167 ret = 1;
2168 goto end;
2169 }
2170#endif
2171 if (verify_serverinfo() < 0) {
2172 fprintf(stderr, "Server info verify error\n");
2173 ret = 1;
2174 goto err;
2175 }
2176 if (verify_alpn(c_ssl, s_ssl) < 0) {
2177 ret = 1;
2178 goto err;
2179 }
2180
2181 if (custom_ext_error) {
2182 fprintf(stderr, "Custom extension error\n");
2183 ret = 1;
2184 goto err;
2185 }
2186
2187 end:
2188 ret = 0;
95d29597
BM		 2189
2190 err:
0f113f3e
MC		 2191 ERR_print_errors(bio_err);
2192
ca3a82c3
RS		 2193 BIO_free(server);
2194 BIO_free(server_io);
2195 BIO_free(client);
2196 BIO_free(client_io);
2197 BIO_free(s_ssl_bio);
2198 BIO_free(c_ssl_bio);
0f113f3e 2199
7946ab33
KR		 2200 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2201 ret = (err_in_client != 0) ? 0 : 1;
2202 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2203 ret = (err_in_server != 0) ? 0 : 1;
2204
0f113f3e
MC		 2205 return ret;
2206}
2207
2208#define W_READ 1
2209#define W_WRITE 2
2210#define C_DONE 1
2211#define S_DONE 2
d02b48c6 2212
6b691a5c 2213int doit(SSL *s_ssl, SSL *c_ssl, long count)
0f113f3e
MC		 2214{
2215 char *cbuf = NULL, *sbuf = NULL;
2216 long bufsiz;
2217 long cw_num = count, cr_num = count;
2218 long sw_num = count, sr_num = count;
2219 int ret = 1;
2220 BIO *c_to_s = NULL;
2221 BIO *s_to_c = NULL;
2222 BIO *c_bio = NULL;
2223 BIO *s_bio = NULL;
2224 int c_r, c_w, s_r, s_w;
2225 int i, j;
2226 int done = 0;
2227 int c_write, s_write;
2228 int do_server = 0, do_client = 0;
2229 int max_frag = 5 * 1024;
7946ab33
KR		 2230 int err_in_client = 0;
2231 int err_in_server = 0;
0f113f3e
MC		 2232
2233 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2234
b51bce94 2235 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
0f113f3e 2236 goto err;
b51bce94 2237 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
0f113f3e
MC		 2238 goto err;
2239
0f113f3e
MC		 2240 c_to_s = BIO_new(BIO_s_mem());
2241 s_to_c = BIO_new(BIO_s_mem());
2242 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2243 ERR_print_errors(bio_err);
2244 goto err;
2245 }
2246
2247 c_bio = BIO_new(BIO_f_ssl());
2248 s_bio = BIO_new(BIO_f_ssl());
2249 if ((c_bio == NULL) || (s_bio == NULL)) {
2250 ERR_print_errors(bio_err);
2251 goto err;
2252 }
2253
2254 SSL_set_connect_state(c_ssl);
2255 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2256 SSL_set_max_send_fragment(c_ssl, max_frag);
2257 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2258
2259 SSL_set_accept_state(s_ssl);
2260 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2261 SSL_set_max_send_fragment(s_ssl, max_frag);
2262 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2263
2264 c_r = 0;
2265 s_r = 1;
2266 c_w = 1;
2267 s_w = 0;
2268 c_write = 1, s_write = 0;
2269
2270 /* We can always do writes */
2271 for (;;) {
2272 do_server = 0;
2273 do_client = 0;
2274
2275 i = (int)BIO_pending(s_bio);
2276 if ((i && s_r) || s_w)
2277 do_server = 1;
2278
2279 i = (int)BIO_pending(c_bio);
2280 if ((i && c_r) || c_w)
2281 do_client = 1;
2282
2283 if (do_server && debug) {
2284 if (SSL_in_init(s_ssl))
2285 printf("server waiting in SSL_accept - %s\n",
2286 SSL_state_string_long(s_ssl));
3a83462d 2287/*-
35a1cc90
MC		 2288 else if (s_write)
2289 printf("server:SSL_write()\n");
2290 else
2291 printf("server:SSL_read()\n"); */
0f113f3e
MC		 2292 }
2293
2294 if (do_client && debug) {
2295 if (SSL_in_init(c_ssl))
2296 printf("client waiting in SSL_connect - %s\n",
2297 SSL_state_string_long(c_ssl));
3a83462d 2298/*-
35a1cc90
MC		 2299 else if (c_write)
2300 printf("client:SSL_write()\n");
2301 else
2302 printf("client:SSL_read()\n"); */
0f113f3e
MC		 2303 }
2304
2305 if (!do_client && !do_server) {
2306 fprintf(stdout, "ERROR IN STARTUP\n");
2307 ERR_print_errors(bio_err);
ae632974 2308 goto err;
0f113f3e
MC		 2309 }
2310 if (do_client && !(done & C_DONE)) {
2311 if (c_write) {
2312 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2313 i = BIO_write(c_bio, cbuf, j);
2314 if (i < 0) {
2315 c_r = 0;
2316 c_w = 0;
2317 if (BIO_should_retry(c_bio)) {
2318 if (BIO_should_read(c_bio))
2319 c_r = 1;
2320 if (BIO_should_write(c_bio))
2321 c_w = 1;
2322 } else {
2323 fprintf(stderr, "ERROR in CLIENT\n");
7946ab33 2324 err_in_client = 1;
0f113f3e
MC		 2325 ERR_print_errors(bio_err);
2326 goto err;
2327 }
2328 } else if (i == 0) {
2329 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2330 goto err;
2331 } else {
2332 if (debug)
2333 printf("client wrote %d\n", i);
2334 /* ok */
2335 s_r = 1;
2336 c_write = 0;
2337 cw_num -= i;
2338 if (max_frag > 1029)
2339 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2340 }
2341 } else {
2342 i = BIO_read(c_bio, cbuf, bufsiz);
2343 if (i < 0) {
2344 c_r = 0;
2345 c_w = 0;
2346 if (BIO_should_retry(c_bio)) {
2347 if (BIO_should_read(c_bio))
2348 c_r = 1;
2349 if (BIO_should_write(c_bio))
2350 c_w = 1;
2351 } else {
2352 fprintf(stderr, "ERROR in CLIENT\n");
7946ab33 2353 err_in_client = 1;
0f113f3e
MC		 2354 ERR_print_errors(bio_err);
2355 goto err;
2356 }
2357 } else if (i == 0) {
2358 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2359 goto err;
2360 } else {
2361 if (debug)
2362 printf("client read %d\n", i);
2363 cr_num -= i;
2364 if (sw_num > 0) {
2365 s_write = 1;
2366 s_w = 1;
2367 }
2368 if (cr_num <= 0) {
2369 s_write = 1;
2370 s_w = 1;
2371 done = S_DONE | C_DONE;
2372 }
2373 }
2374 }
2375 }
2376
2377 if (do_server && !(done & S_DONE)) {
2378 if (!s_write) {
2379 i = BIO_read(s_bio, sbuf, bufsiz);
2380 if (i < 0) {
2381 s_r = 0;
2382 s_w = 0;
2383 if (BIO_should_retry(s_bio)) {
2384 if (BIO_should_read(s_bio))
2385 s_r = 1;
2386 if (BIO_should_write(s_bio))
2387 s_w = 1;
2388 } else {
2389 fprintf(stderr, "ERROR in SERVER\n");
7946ab33 2390 err_in_server = 1;
0f113f3e
MC		 2391 ERR_print_errors(bio_err);
2392 goto err;
2393 }
2394 } else if (i == 0) {
2395 ERR_print_errors(bio_err);
2396 fprintf(stderr,
2397 "SSL SERVER STARTUP FAILED in SSL_read\n");
2398 goto err;
2399 } else {
2400 if (debug)
2401 printf("server read %d\n", i);
2402 sr_num -= i;
2403 if (cw_num > 0) {
2404 c_write = 1;
2405 c_w = 1;
2406 }
2407 if (sr_num <= 0) {
2408 s_write = 1;
2409 s_w = 1;
2410 c_write = 0;
2411 }
2412 }
2413 } else {
2414 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2415 i = BIO_write(s_bio, sbuf, j);
2416 if (i < 0) {
2417 s_r = 0;
2418 s_w = 0;
2419 if (BIO_should_retry(s_bio)) {
2420 if (BIO_should_read(s_bio))
2421 s_r = 1;
2422 if (BIO_should_write(s_bio))
2423 s_w = 1;
2424 } else {
2425 fprintf(stderr, "ERROR in SERVER\n");
7946ab33 2426 err_in_server = 1;
0f113f3e
MC		 2427 ERR_print_errors(bio_err);
2428 goto err;
2429 }
2430 } else if (i == 0) {
2431 ERR_print_errors(bio_err);
2432 fprintf(stderr,
2433 "SSL SERVER STARTUP FAILED in SSL_write\n");
2434 goto err;
2435 } else {
2436 if (debug)
2437 printf("server wrote %d\n", i);
2438 sw_num -= i;
2439 s_write = 0;
2440 c_r = 1;
2441 if (sw_num <= 0)
2442 done |= S_DONE;
2443 if (max_frag > 1029)
2444 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2445 }
2446 }
2447 }
2448
2449 if ((done & S_DONE) && (done & C_DONE))
2450 break;
2451 }
2452
2453 if (verbose)
2454 print_details(c_ssl, "DONE: ");
2911575c 2455#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2456 if (verify_npn(c_ssl, s_ssl) < 0) {
2457 ret = 1;
2458 goto err;
2459 }
2460#endif
2461 if (verify_serverinfo() < 0) {
2462 fprintf(stderr, "Server info verify error\n");
2463 ret = 1;
2464 goto err;
2465 }
2466 if (custom_ext_error) {
2467 fprintf(stderr, "Custom extension error\n");
2468 ret = 1;
2469 goto err;
2470 }
2471 ret = 0;
2472 err:
2473 /*
2474 * We have to set the BIO's to NULL otherwise they will be
2475 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2476 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2477 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2478 * SSL_free() automatically BIO_free non NULL entries. You should not
2479 * normally do this or be required to do this
2480 */
2481 if (s_ssl != NULL) {
2482 s_ssl->rbio = NULL;
2483 s_ssl->wbio = NULL;
2484 }
2485 if (c_ssl != NULL) {
2486 c_ssl->rbio = NULL;
2487 c_ssl->wbio = NULL;
2488 }
2489
ca3a82c3
RS		 2490 BIO_free(c_to_s);
2491 BIO_free(s_to_c);
2492 BIO_free_all(c_bio);
2493 BIO_free_all(s_bio);
b548a1f1
RS		 2494 OPENSSL_free(cbuf);
2495 OPENSSL_free(sbuf);
0f113f3e 2496
7946ab33
KR		 2497 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2498 ret = (err_in_client != 0) ? 0 : 1;
2499 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2500 ret = (err_in_server != 0) ? 0 : 1;
2501
0f113f3e
MC		 2502 return (ret);
2503}
d02b48c6 2504
a7201e9a 2505static int get_proxy_auth_ex_data_idx(void)
0f113f3e
MC		 2506{
2507 static volatile int idx = -1;
2508 if (idx < 0) {
2509 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2510 if (idx < 0) {
2511 idx = X509_STORE_CTX_get_ex_new_index(0,
2512 "SSLtest for verify callback",
2513 NULL, NULL, NULL);
2514 }
2515 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2516 }
2517 return idx;
2518}
a7201e9a 2519
6d23cf97 2520static int verify_callback(int ok, X509_STORE_CTX *ctx)
0f113f3e
MC		 2521{
2522 char *s, buf[256];
2523
2524 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2525 sizeof buf);
2526 if (s != NULL) {
2527 if (ok)
3dca57f8 2528 printf("depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2529 else {
2530 fprintf(stderr, "depth=%d error=%d %s\n",
2531 ctx->error_depth, ctx->error, buf);
2532 }
2533 }
2534
2535 if (ok == 0) {
0f113f3e 2536 switch (ctx->error) {
3dca57f8
RS		 2537 default:
2538 fprintf(stderr, "Error string: %s\n",
2539 X509_verify_cert_error_string(ctx->error));
2540 break;
0f113f3e
MC		 2541 case X509_V_ERR_CERT_NOT_YET_VALID:
2542 case X509_V_ERR_CERT_HAS_EXPIRED:
2543 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
0f113f3e
MC		 2544 ok = 1;
2545 }
2546 }
2547
2548 if (ok == 1) {
2549 X509 *xs = ctx->current_cert;
a8d8e06b 2550 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
0f113f3e
MC		 2551 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2552 get_proxy_auth_ex_data_idx
2553 ());
2554
2555 if (letters) {
2556 int found_any = 0;
2557 int i;
2558 PROXY_CERT_INFO_EXTENSION *pci =
2559 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2560 NULL, NULL);
2561
2562 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2563 case NID_Independent:
2564 /*
2565 * Completely meaningless in this program, as there's no
2566 * way to grant explicit rights to a specific PrC.
2567 * Basically, using id-ppl-Independent is the perfect way
2568 * to grant no rights at all.
2569 */
2570 fprintf(stderr, " Independent proxy certificate");
2571 for (i = 0; i < 26; i++)
2572 letters[i] = 0;
2573 break;
2574 case NID_id_ppl_inheritAll:
2575 /*
2576 * This is basically a NOP, we simply let the current
2577 * rights stand as they are.
2578 */
2579 fprintf(stderr, " Proxy certificate inherits all");
2580 break;
2581 default:
2582 s = (char *)
2583 pci->proxyPolicy->policy->data;
2584 i = pci->proxyPolicy->policy->length;
2585
2586 /*
2587 * The algorithm works as follows: it is assumed that
2588 * previous iterations or the initial granted rights has
2589 * already set some elements of `letters'. What we need
2590 * to do is to clear those that weren't granted by the
2591 * current PrC as well. The easiest way to do this is to
2592 * add 1 to all the elements whose letters are given with
2593 * the current policy. That way, all elements that are
2594 * set by the current policy and were already set by
2595 * earlier policies and through the original grant of
2596 * rights will get the value 2 or higher. The last thing
2597 * to do is to sweep through `letters' and keep the
2598 * elements having the value 2 as set, and clear all the
2599 * others.
2600 */
2601
3dca57f8 2602 printf(" Certificate proxy rights = %*.*s", i,
0f113f3e
MC		 2603 i, s);
2604 while (i-- > 0) {
2605 int c = *s++;
2606 if (isascii(c) && isalpha(c)) {
2607 if (islower(c))
2608 c = toupper(c);
2609 letters[c - 'A']++;
2610 }
2611 }
2612 for (i = 0; i < 26; i++)
2613 if (letters[i] < 2)
2614 letters[i] = 0;
2615 else
2616 letters[i] = 1;
2617 }
2618
2619 found_any = 0;
3dca57f8 2620 printf(", resulting proxy rights = ");
0f113f3e
MC		 2621 for (i = 0; i < 26; i++)
2622 if (letters[i]) {
3dca57f8 2623 printf("%c", i + 'A');
0f113f3e
MC		 2624 found_any = 1;
2625 }
2626 if (!found_any)
3dca57f8
RS		 2627 printf("none");
2628 printf("\n");
0f113f3e
MC		 2629
2630 PROXY_CERT_INFO_EXTENSION_free(pci);
2631 }
2632 }
2633 }
2634
2635 return (ok);
2636}
d02b48c6 2637
a7201e9a 2638static void process_proxy_debug(int indent, const char *format, ...)
0f113f3e
MC		 2639{
2640 /* That's 80 > */
2641 static const char indentation[] =
2642 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2643 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2644 char my_format[256];
2645 va_list args;
2646
2647 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2648 indent, indent, indentation, format);
2649
2650 va_start(args, format);
2651 vfprintf(stderr, my_format, args);
2652 va_end(args);
2653}
2654
1d97c843
TH		 2655/*-
2656 * Priority levels:
0f113f3e
MC		 2657 * 0 [!]var, ()
2658 * 1 & ^
2659 * 2 |
1d97c843 2660 */
a7201e9a 2661static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2662 const char *cond, const char **cond_end,
2663 int *pos, int indent);
2664static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2665 const char **cond_end, int *pos, int indent)
2666{
2667 int c;
2668 int ok = 1;
2669 int negate = 0;
2670
2671 while (isspace((int)*cond)) {
2672 cond++;
2673 (*pos)++;
2674 }
2675 c = *cond;
2676
2677 if (debug)
2678 process_proxy_debug(indent,
2679 "Start process_proxy_cond_val at position %d: %s\n",
2680 *pos, cond);
2681
2682 while (c == '!') {
2683 negate = !negate;
2684 cond++;
2685 (*pos)++;
2686 while (isspace((int)*cond)) {
2687 cond++;
2688 (*pos)++;
2689 }
2690 c = *cond;
2691 }
2692
2693 if (c == '(') {
2694 cond++;
2695 (*pos)++;
2696 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2697 indent + 1);
2698 cond = *cond_end;
2699 if (ok < 0)
2700 goto end;
2701 while (isspace((int)*cond)) {
2702 cond++;
2703 (*pos)++;
2704 }
2705 c = *cond;
2706 if (c != ')') {
2707 fprintf(stderr,
2708 "Weird condition character in position %d: "
2709 "%c\n", *pos, c);
2710 ok = -1;
2711 goto end;
2712 }
2713 cond++;
2714 (*pos)++;
2715 } else if (isascii(c) && isalpha(c)) {
2716 if (islower(c))
2717 c = toupper(c);
2718 ok = letters[c - 'A'];
2719 cond++;
2720 (*pos)++;
2721 } else {
2722 fprintf(stderr,
2723 "Weird condition character in position %d: " "%c\n", *pos, c);
2724 ok = -1;
2725 goto end;
2726 }
a7201e9a 2727 end:
0f113f3e
MC		 2728 *cond_end = cond;
2729 if (ok >= 0 && negate)
2730 ok = !ok;
a7201e9a 2731
0f113f3e
MC		 2732 if (debug)
2733 process_proxy_debug(indent,
2734 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2735 *pos, cond, ok);
2736
2737 return ok;
2738}
a7201e9a 2739
a7201e9a 2740static int process_proxy_cond_multipliers(unsigned int letters[26],
0f113f3e
MC		 2741 const char *cond,
2742 const char **cond_end, int *pos,
2743 int indent)
2744{
2745 int ok;
2746 char c;
2747
2748 if (debug)
2749 process_proxy_debug(indent,
2750 "Start process_proxy_cond_multipliers at position %d: %s\n",
2751 *pos, cond);
2752
2753 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2754 cond = *cond_end;
2755 if (ok < 0)
2756 goto end;
2757
2758 while (ok >= 0) {
2759 while (isspace((int)*cond)) {
2760 cond++;
2761 (*pos)++;
2762 }
2763 c = *cond;
2764
2765 switch (c) {
2766 case '&':
2767 case '^':
2768 {
2769 int save_ok = ok;
2770
2771 cond++;
2772 (*pos)++;
2773 ok = process_proxy_cond_val(letters,
2774 cond, cond_end, pos, indent + 1);
2775 cond = *cond_end;
2776 if (ok < 0)
2777 break;
2778
2779 switch (c) {
2780 case '&':
2781 ok &= save_ok;
2782 break;
2783 case '^':
2784 ok ^= save_ok;
2785 break;
2786 default:
2787 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2788 " STOPPING\n");
2789 EXIT(1);
2790 }
2791 }
2792 break;
2793 default:
2794 goto end;
2795 }
2796 }
a7201e9a 2797 end:
0f113f3e
MC		 2798 if (debug)
2799 process_proxy_debug(indent,
2800 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2801 *pos, cond, ok);
2802
2803 *cond_end = cond;
2804 return ok;
2805}
2806
a7201e9a 2807static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2808 const char *cond, const char **cond_end,
2809 int *pos, int indent)
2810{
2811 int ok;
2812 char c;
2813
2814 if (debug)
2815 process_proxy_debug(indent,
2816 "Start process_proxy_cond_adders at position %d: %s\n",
2817 *pos, cond);
2818
2819 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2820 indent + 1);
2821 cond = *cond_end;
2822 if (ok < 0)
2823 goto end;
2824
2825 while (ok >= 0) {
2826 while (isspace((int)*cond)) {
2827 cond++;
2828 (*pos)++;
2829 }
2830 c = *cond;
2831
2832 switch (c) {
2833 case '|':
2834 {
2835 int save_ok = ok;
2836
2837 cond++;
2838 (*pos)++;
2839 ok = process_proxy_cond_multipliers(letters,
2840 cond, cond_end, pos,
2841 indent + 1);
2842 cond = *cond_end;
2843 if (ok < 0)
2844 break;
2845
2846 switch (c) {
2847 case '|':
2848 ok |= save_ok;
2849 break;
2850 default:
2851 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2852 " STOPPING\n");
2853 EXIT(1);
2854 }
2855 }
2856 break;
2857 default:
2858 goto end;
2859 }
2860 }
a7201e9a 2861 end:
0f113f3e
MC		 2862 if (debug)
2863 process_proxy_debug(indent,
2864 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2865 *pos, cond, ok);
a7201e9a 2866
0f113f3e
MC		 2867 *cond_end = cond;
2868 return ok;
2869}
a7201e9a
RL		 2870
2871static int process_proxy_cond(unsigned int letters[26],
0f113f3e
MC		 2872 const char *cond, const char **cond_end)
2873{
2874 int pos = 1;
2875 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2876}
a7201e9a 2877
6d23cf97 2878static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
0f113f3e
MC		 2879{
2880 int ok = 1;
2881 struct app_verify_arg *cb_arg = arg;
2882 unsigned int letters[26]; /* only used with proxy_auth */
2883
2884 if (cb_arg->app_verify) {
2885 char *s = NULL, buf[256];
2886
3dca57f8
RS		 2887 printf("In app_verify_callback, allowing cert. ");
2888 printf("Arg is: %s\n", cb_arg->string);
2889 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
0f113f3e
MC		 2890 (void *)ctx, (void *)ctx->cert);
2891 if (ctx->cert)
2892 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
2893 if (s != NULL) {
3dca57f8 2894 printf("cert depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2895 }
2896 return (1);
2897 }
2898 if (cb_arg->proxy_auth) {
2899 int found_any = 0, i;
2900 char *sp;
2901
2902 for (i = 0; i < 26; i++)
2903 letters[i] = 0;
2904 for (sp = cb_arg->proxy_auth; *sp; sp++) {
2905 int c = *sp;
2906 if (isascii(c) && isalpha(c)) {
2907 if (islower(c))
2908 c = toupper(c);
2909 letters[c - 'A'] = 1;
2910 }
2911 }
2912
3dca57f8 2913 printf(" Initial proxy rights = ");
0f113f3e
MC		 2914 for (i = 0; i < 26; i++)
2915 if (letters[i]) {
3dca57f8 2916 printf("%c", i + 'A');
0f113f3e
MC		 2917 found_any = 1;
2918 }
2919 if (!found_any)
3dca57f8
RS		 2920 printf("none");
2921 printf("\n");
0f113f3e
MC		 2922
2923 X509_STORE_CTX_set_ex_data(ctx,
2924 get_proxy_auth_ex_data_idx(), letters);
2925 }
2926 if (cb_arg->allow_proxy_certs) {
2927 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2928 }
0f113f3e 2929 ok = X509_verify_cert(ctx);
0f113f3e
MC		 2930
2931 if (cb_arg->proxy_auth) {
2932 if (ok > 0) {
2933 const char *cond_end = NULL;
2934
2935 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
2936
2937 if (ok < 0)
2938 EXIT(3);
2939 if (*cond_end) {
2940 fprintf(stderr,
2941 "Stopped processing condition before it's end.\n");
2942 ok = 0;
2943 }
2944 if (!ok)
2945 fprintf(stderr,
3dca57f8 2946 "Proxy rights check with condition '%s' invalid\n",
0f113f3e
MC		 2947 cb_arg->proxy_cond);
2948 else
3dca57f8 2949 printf("Proxy rights check with condition '%s' ok\n",
0f113f3e
MC		 2950 cb_arg->proxy_cond);
2951 }
2952 }
2953 return (ok);
2954}
023ec151 2955
bc36ee62 2956#ifndef OPENSSL_NO_DH
1d97c843
TH		 2957/*-
2958 * These DH parameters have been generated as follows:
e4589582
BM		 2959 * $ openssl dhparam -C -noout 512
2960 * $ openssl dhparam -C -noout 1024
2961 * $ openssl dhparam -C -noout -dsaparam 1024
2962 * (The third function has been renamed to avoid name conflicts.)
2963 */
f3f316f1 2964static DH *get_dh512()
0f113f3e
MC		 2965{
2966 static unsigned char dh512_p[] = {
2967 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2968 0xC6,
2969 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2970 0xB0,
2971 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2972 0x5F,
2973 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2974 0xB8,
2975 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2976 0x33,
2977 0x02, 0xC5, 0xAE, 0x23,
2978 };
2979 static unsigned char dh512_g[] = {
2980 0x02,
2981 };
2982 DH *dh;
2983
2984 if ((dh = DH_new()) == NULL)
2985 return (NULL);
2986 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2987 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2988 if ((dh->p == NULL) || (dh->g == NULL)) {
2989 DH_free(dh);
2990 return (NULL);
2991 }
2992 return (dh);
2993}
e4589582 2994
f3f316f1 2995static DH *get_dh1024()
0f113f3e
MC		 2996{
2997 static unsigned char dh1024_p[] = {
2998 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
2999 0x3A,
3000 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
3001 0xA2,
3002 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
3003 0xB0,
3004 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
3005 0xC2,
3006 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
3007 0x8C,
3008 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3009 0xB8,
3010 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3011 0x52,
3012 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3013 0xC1,
3014 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3015 0xB1,
3016 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3017 0xAB,
3018 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3019 };
3020 static unsigned char dh1024_g[] = {
3021 0x02,
3022 };
3023 DH *dh;
3024
3025 if ((dh = DH_new()) == NULL)
3026 return (NULL);
3027 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3028 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3029 if ((dh->p == NULL) || (dh->g == NULL)) {
3030 DH_free(dh);
3031 return (NULL);
3032 }
3033 return (dh);
3034}
53002dc6 3035
f3f316f1 3036static DH *get_dh1024dsa()
0f113f3e
MC		 3037{
3038 static unsigned char dh1024_p[] = {
3039 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3040 0x00,
3041 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3042 0x19,
3043 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3044 0xD2,
3045 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3046 0x55,
3047 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3048 0xFC,
3049 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3050 0x97,
3051 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3052 0x8D,
3053 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3054 0xBB,
3055 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3056 0xF6,
3057 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3058 0x9E,
3059 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3060 };
3061 static unsigned char dh1024_g[] = {
3062 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3063 0x05,
3064 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3065 0xF3,
3066 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3067 0xE9,
3068 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3069 0x3C,
3070 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3071 0x65,
3072 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3073 0x60,
3074 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3075 0xF6,
3076 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3077 0xA7,
3078 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3079 0xA1,
3080 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3081 0x60,
3082 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3083 };
3084 DH *dh;
3085
3086 if ((dh = DH_new()) == NULL)
3087 return (NULL);
3088 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3089 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3090 if ((dh->p == NULL) || (dh->g == NULL)) {
3091 DH_free(dh);
3092 return (NULL);
3093 }
3094 dh->length = 160;
3095 return (dh);
3096}
f71165b5 3097#endif
6e119bb0 3098
ddac1974
NL		 3099#ifndef OPENSSL_NO_PSK
3100/* convert the PSK key (psk_key) in ascii to binary (psk) */
3101static int psk_key2bn(const char *pskkey, unsigned char *psk,
0f113f3e
MC		 3102 unsigned int max_psk_len)
3103{
3104 int ret;
3105 BIGNUM *bn = NULL;
3106
3107 ret = BN_hex2bn(&bn, pskkey);
3108 if (!ret) {
3109 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3110 pskkey);
23a1d5e9 3111 BN_free(bn);
0f113f3e
MC		 3112 return 0;
3113 }
3114 if (BN_num_bytes(bn) > (int)max_psk_len) {
3115 BIO_printf(bio_err,
3116 "psk buffer of callback is too small (%d) for key (%d)\n",
3117 max_psk_len, BN_num_bytes(bn));
3118 BN_free(bn);
3119 return 0;
3120 }
3121 ret = BN_bn2bin(bn, psk);
3122 BN_free(bn);
3123 return ret;
3124}
3125
3126static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3127 char *identity,
3128 unsigned int max_identity_len,
3129 unsigned char *psk,
3130 unsigned int max_psk_len)
3131{
3132 int ret;
3133 unsigned int psk_len = 0;
3134
3135 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3136 if (ret < 0)
3137 goto out_err;
3138 if (debug)
3139 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3140 ret);
3141 ret = psk_key2bn(psk_key, psk, max_psk_len);
3142 if (ret < 0)
3143 goto out_err;
3144 psk_len = ret;
3145 out_err:
3146 return psk_len;
3147}
ddac1974
NL		 3148
3149static unsigned int psk_server_callback(SSL *ssl, const char *identity,
0f113f3e
MC		 3150 unsigned char *psk,
3151 unsigned int max_psk_len)
3152{
3153 unsigned int psk_len = 0;
ddac1974 3154
0f113f3e
MC		 3155 if (strcmp(identity, "Client_identity") != 0) {
3156 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3157 return 0;
3158 }
3159 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3160 return psk_len;
3161}
ddac1974
NL		 3162#endif
3163
6e119bb0 3164static int do_test_cipherlist(void)
0f113f3e
MC		 3165{
3166 int i = 0;
3167 const SSL_METHOD *meth;
3168 const SSL_CIPHER *ci, *tci = NULL;
6e119bb0 3169
00fe865d 3170#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 3171 meth = SSLv3_method();
3172 tci = NULL;
3173 while ((ci = meth->get_cipher(i++)) != NULL) {
3174 if (tci != NULL)
3175 if (ci->id >= tci->id) {
3dca57f8 3176 fprintf(stderr, "testing SSLv3 cipher list order: ");
90d9e49a 3177 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
0f113f3e
MC		 3178 return 0;
3179 }
3180 tci = ci;
3181 }
00fe865d 3182#endif
0f113f3e
MC		 3183 meth = TLSv1_method();
3184 tci = NULL;
3185 while ((ci = meth->get_cipher(i++)) != NULL) {
3186 if (tci != NULL)
3187 if (ci->id >= tci->id) {
3dca57f8 3188 fprintf(stderr, "testing TLSv1 cipher list order: ");
90d9e49a 3189 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
0f113f3e
MC		 3190 return 0;
3191 }
3192 tci = ci;
3193 }
0f113f3e
MC		 3194
3195 return 1;
3196}
A mirror of the official openssl repository