]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/ssltest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Code style: space after 'if'
[thirdparty/openssl.git] / test / ssltest.c
CommitLineData
d02b48c6 1/* ssl/ssltest.c */
58964a49 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6
RE		 3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
0f113f3e 8 *
d02b48c6
RE		 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e 15 *
d02b48c6
RE		 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
0f113f3e 22 *
d02b48c6
RE		 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
0f113f3e 37 * 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6
RE		 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e 40 *
d02b48c6
RE		 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
0f113f3e 52 *
d02b48c6
RE		 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
3ac82faa
BM		 58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
0f113f3e 66 * notice, this list of conditions and the following disclaimer.
3ac82faa
BM		 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
ea262260
BM		 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
0f113f3e 113 * ECC cipher suite support in OpenSSL originally developed by
ea262260
BM		 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
ddac1974
NL		 116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
d02b48c6 142
dbd87ffc
MC		 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */
144#define _BSD_SOURCE 1
37289744 145
6f7af152
BM		 146#include <assert.h>
147#include <errno.h>
148#include <limits.h>
d02b48c6
RE		 149#include <stdio.h>
150#include <stdlib.h>
151#include <string.h>
563f1503 152#include <time.h>
17e3dd1c 153
e7a28569 154#define USE_SOCKETS
41d2a336 155#include "e_os.h"
17e3dd1c 156
bc120a54 157#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 158/*
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
160 */
161# define _XOPEN_SOURCE 500
bc120a54
DSH		 162#endif
163
a963395a
RL		 164#include <ctype.h>
165
ec577822
BM		 166#include <openssl/bio.h>
167#include <openssl/crypto.h>
563f1503 168#include <openssl/evp.h>
ec577822 169#include <openssl/x509.h>
a7201e9a 170#include <openssl/x509v3.h>
ec577822 171#include <openssl/ssl.h>
0b13e9f0 172#ifndef OPENSSL_NO_ENGINE
0f113f3e 173# include <openssl/engine.h>
0b13e9f0 174#endif
ec577822 175#include <openssl/err.h>
b9d82f47 176#include <openssl/rand.h>
3eeaab4b 177#ifndef OPENSSL_NO_RSA
0f113f3e 178# include <openssl/rsa.h>
3eeaab4b
NL		 179#endif
180#ifndef OPENSSL_NO_DSA
0f113f3e 181# include <openssl/dsa.h>
3eeaab4b
NL		 182#endif
183#ifndef OPENSSL_NO_DH
0f113f3e 184# include <openssl/dh.h>
3eeaab4b 185#endif
edc032b5 186#ifndef OPENSSL_NO_SRP
0f113f3e 187# include <openssl/srp.h>
edc032b5 188#endif
d095b68d 189#include <openssl/bn.h>
09867a47 190
b6ba4014
MC		 191#include "../ssl/ssl_locl.h"
192
dbd87ffc
MC		 193/*
194 * Or gethostname won't be declared properly
195 * on Compaq platforms (at least with DEC C).
196 * Do not try to put it earlier, or IPv6 includes
197 * get screwed...
0f113f3e
MC		 198 */
199#define _XOPEN_SOURCE_EXTENDED 1
09867a47 200
bc36ee62 201#ifdef OPENSSL_SYS_WINDOWS
0f113f3e 202# include <winsock.h>
37289744 203#else
0f113f3e 204# include OPENSSL_UNISTD
d02b48c6
RE		 205#endif
206
bc36ee62 207#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 208# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
209# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
0bf23d9b 210#elif defined(OPENSSL_SYS_WINCE)
0f113f3e
MC		 211# define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
212# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
4d8743f4 213#elif defined(OPENSSL_SYS_NETWARE)
0f113f3e
MC		 214# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
215# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
7d7d2cbc 216#else
0f113f3e
MC		 217# define TEST_SERVER_CERT "../apps/server.pem"
218# define TEST_CLIENT_CERT "../apps/client.pem"
7d7d2cbc 219#endif
d02b48c6 220
0f113f3e
MC		 221/*
222 * There is really no standard for this, so let's assign some tentative
223 * numbers. In any case, these numbers are only for this test
224 */
225#define COMP_RLE 255
226#define COMP_ZLIB 1
23f80f46 227
6d23cf97 228static int verify_callback(int ok, X509_STORE_CTX *ctx);
bc36ee62 229#ifndef OPENSSL_NO_RSA
0f113f3e 230static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
46b3bd54 231static void free_tmp_rsa(void);
79df9d62 232#endif
6d23cf97 233static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
a7201e9a 234#define APP_CALLBACK_STRING "Test Callback Argument"
0f113f3e
MC		 235struct app_verify_arg {
236 char *string;
237 int app_verify;
238 int allow_proxy_certs;
239 char *proxy_auth;
240 char *proxy_cond;
241};
023ec151 242
bc36ee62 243#ifndef OPENSSL_NO_DH
d02b48c6 244static DH *get_dh512(void);
e4589582
BM		 245static DH *get_dh1024(void);
246static DH *get_dh1024dsa(void);
53002dc6
BM		 247#endif
248
0f113f3e 249static char *psk_key = NULL; /* by default PSK is not used */
ddac1974 250#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 251static unsigned int psk_client_callback(SSL *ssl, const char *hint,
252 char *identity,
253 unsigned int max_identity_len,
254 unsigned char *psk,
255 unsigned int max_psk_len);
256static unsigned int psk_server_callback(SSL *ssl, const char *identity,
257 unsigned char *psk,
258 unsigned int max_psk_len);
ddac1974
NL		 259#endif
260
edc032b5
BL		 261#ifndef OPENSSL_NO_SRP
262/* SRP client */
263/* This is a context that we pass to all callbacks */
0f113f3e
MC		 264typedef struct srp_client_arg_st {
265 char *srppassin;
266 char *srplogin;
267} SRP_CLIENT_ARG;
edc032b5 268
0f113f3e 269# define PWD_STRLEN 1024
edc032b5 270
0f113f3e
MC		 271static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
272{
273 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
274 return BUF_strdup((char *)srp_client_arg->srppassin);
275}
edc032b5 276
edc032b5
BL		 277/* SRP server */
278/* This is a context that we pass to SRP server callbacks */
0f113f3e
MC		 279typedef struct srp_server_arg_st {
280 char *expected_user;
281 char *pass;
282} SRP_SERVER_ARG;
edc032b5 283
6d23cf97 284static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
0f113f3e
MC		 285{
286 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
287
288 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
289 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
290 return SSL3_AL_FATAL;
291 }
292 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
293 *ad = SSL_AD_INTERNAL_ERROR;
294 return SSL3_AL_FATAL;
295 }
296 return SSL_ERROR_NONE;
297}
298#endif
299
300static BIO *bio_err = NULL;
301static BIO *bio_stdout = NULL;
d02b48c6 302
2911575c 303#ifndef OPENSSL_NO_NEXTPROTONEG
d9a268b9
BL		 304/* Note that this code assumes that this is only a one element list: */
305static const char NEXT_PROTO_STRING[] = "\x09testproto";
306int npn_client = 0;
307int npn_server = 0;
308int npn_server_reject = 0;
309
0f113f3e
MC		 310static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
311 const unsigned char *in, unsigned int inlen,
312 void *arg)
313{
314 /*
315 * This callback only returns the protocol string, rather than a length
316 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
317 * and remove the first byte to chop off the length prefix.
318 */
319 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
320 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
321 return SSL_TLSEXT_ERR_OK;
322}
323
324static int cb_server_npn(SSL *s, const unsigned char **data,
325 unsigned int *len, void *arg)
326{
327 *data = (const unsigned char *)NEXT_PROTO_STRING;
328 *len = sizeof(NEXT_PROTO_STRING) - 1;
329 return SSL_TLSEXT_ERR_OK;
330}
331
332static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
333 unsigned int *len, void *arg)
334{
335 return SSL_TLSEXT_ERR_NOACK;
336}
d9a268b9
BL		 337
338static int verify_npn(SSL *client, SSL *server)
0f113f3e
MC		 339{
340 const unsigned char *client_s;
341 unsigned client_len;
342 const unsigned char *server_s;
343 unsigned server_len;
344
345 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
346 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
347
348 if (client_len) {
349 BIO_printf(bio_stdout, "Client NPN: ");
350 BIO_write(bio_stdout, client_s, client_len);
351 BIO_printf(bio_stdout, "\n");
352 }
353
354 if (server_len) {
355 BIO_printf(bio_stdout, "Server NPN: ");
356 BIO_write(bio_stdout, server_s, server_len);
357 BIO_printf(bio_stdout, "\n");
358 }
359
360 /*
361 * If an NPN string was returned, it must be the protocol that we
362 * expected to negotiate.
363 */
364 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
365 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
366 return -1;
367 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
368 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
369 return -1;
370
371 if (!npn_client && client_len)
372 return -1;
373 if (!npn_server && server_len)
374 return -1;
375 if (npn_server_reject && server_len)
376 return -1;
377 if (npn_client && npn_server && (!client_len || !server_len))
378 return -1;
379
380 return 0;
381}
d9a268b9
BL		 382#endif
383
a8989362
AL		 384static const char *alpn_client;
385static const char *alpn_server;
386static const char *alpn_expected;
387static unsigned char *alpn_selected;
388
3a83462d
MC		 389/*-
390 * next_protos_parse parses a comma separated list of strings into a string
a8989362
AL		 391 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
392 * outlen: (output) set to the length of the resulting buffer on success.
393 * err: (maybe NULL) on failure, an error message line is written to this BIO.
4eadd11c 394 * in: a NUL terminated string like "abc,def,ghi"
a8989362
AL		 395 *
396 * returns: a malloced buffer or NULL on failure.
397 */
0f113f3e
MC		 398static unsigned char *next_protos_parse(unsigned short *outlen,
399 const char *in)
400{
401 size_t len;
402 unsigned char *out;
403 size_t i, start = 0;
404
405 len = strlen(in);
406 if (len >= 65535)
407 return NULL;
408
409 out = OPENSSL_malloc(strlen(in) + 1);
410 if (!out)
411 return NULL;
412
413 for (i = 0; i <= len; ++i) {
414 if (i == len || in[i] == ',') {
415 if (i - start > 255) {
416 OPENSSL_free(out);
417 return NULL;
418 }
419 out[start] = i - start;
420 start = i + 1;
421 } else
422 out[i + 1] = in[i];
423 }
424
425 *outlen = len + 1;
426 return out;
427}
428
429static int cb_server_alpn(SSL *s, const unsigned char **out,
430 unsigned char *outlen, const unsigned char *in,
431 unsigned int inlen, void *arg)
432{
433 unsigned char *protos;
434 unsigned short protos_len;
435
436 protos = next_protos_parse(&protos_len, alpn_server);
437 if (protos == NULL) {
438 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
439 alpn_server);
440 abort();
441 }
442
443 if (SSL_select_next_proto
444 ((unsigned char **)out, outlen, protos, protos_len, in,
445 inlen) != OPENSSL_NPN_NEGOTIATED) {
446 OPENSSL_free(protos);
447 return SSL_TLSEXT_ERR_NOACK;
448 }
449
450 /*
451 * Make a copy of the selected protocol which will be freed in
452 * verify_alpn.
453 */
454 alpn_selected = OPENSSL_malloc(*outlen);
455 memcpy(alpn_selected, *out, *outlen);
456 *out = alpn_selected;
457
458 OPENSSL_free(protos);
459 return SSL_TLSEXT_ERR_OK;
460}
a8989362
AL		 461
462static int verify_alpn(SSL *client, SSL *server)
0f113f3e
MC		 463{
464 const unsigned char *client_proto, *server_proto;
465 unsigned int client_proto_len = 0, server_proto_len = 0;
466 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
467 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
468
469 if (alpn_selected != NULL) {
470 OPENSSL_free(alpn_selected);
471 alpn_selected = NULL;
472 }
473
474 if (client_proto_len != server_proto_len ||
475 memcmp(client_proto, server_proto, client_proto_len) != 0) {
476 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
477 goto err;
478 }
479
480 if (client_proto_len > 0 && alpn_expected == NULL) {
481 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
482 goto err;
483 }
484
485 if (alpn_expected != NULL &&
486 (client_proto_len != strlen(alpn_expected) ||
487 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
488 BIO_printf(bio_stdout,
489 "ALPN selected protocols not equal to expected protocol: %s\n",
490 alpn_expected);
491 goto err;
492 }
493
494 return 0;
495
496 err:
497 BIO_printf(bio_stdout, "ALPN results: client: '");
498 BIO_write(bio_stdout, client_proto, client_proto_len);
499 BIO_printf(bio_stdout, "', server: '");
500 BIO_write(bio_stdout, server_proto, server_proto_len);
501 BIO_printf(bio_stdout, "'\n");
502 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
503 alpn_client, alpn_server);
504 return -1;
505}
a8989362 506
a398f821 507#define SCT_EXT_TYPE 18
9cd50f73 508
0f113f3e
MC		 509/*
510 * WARNING : below extension types are *NOT* IETF assigned, and could
511 * conflict if these types are reassigned and handled specially by OpenSSL
512 * in the future
513 */
a398f821 514#define TACK_EXT_TYPE 62208
9cd50f73
T		 515#define CUSTOM_EXT_TYPE_0 1000
516#define CUSTOM_EXT_TYPE_1 1001
517#define CUSTOM_EXT_TYPE_2 1002
518#define CUSTOM_EXT_TYPE_3 1003
519
520const char custom_ext_cli_string[] = "abc";
521const char custom_ext_srv_string[] = "defg";
a398f821
T		 522
523/* These set from cmdline */
0f113f3e 524char *serverinfo_file = NULL;
a398f821
T		 525int serverinfo_sct = 0;
526int serverinfo_tack = 0;
9cd50f73
T		 527
528/* These set based on extension callbacks */
a398f821
T		 529int serverinfo_sct_seen = 0;
530int serverinfo_tack_seen = 0;
531int serverinfo_other_seen = 0;
532
9cd50f73
T		 533/* This set from cmdline */
534int custom_ext = 0;
535
536/* This set based on extension callbacks */
537int custom_ext_error = 0;
538
0cfefe4b 539static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 540 const unsigned char *in, size_t inlen,
541 int *al, void *arg)
542{
543 if (ext_type == SCT_EXT_TYPE)
544 serverinfo_sct_seen++;
545 else if (ext_type == TACK_EXT_TYPE)
546 serverinfo_tack_seen++;
547 else
548 serverinfo_other_seen++;
549 return 1;
550}
a398f821
T		 551
552static int verify_serverinfo()
0f113f3e
MC		 553{
554 if (serverinfo_sct != serverinfo_sct_seen)
555 return -1;
556 if (serverinfo_tack != serverinfo_tack_seen)
557 return -1;
558 if (serverinfo_other_seen)
559 return -1;
560 return 0;
561}
a398f821 562
1d97c843
TH		 563/*-
564 * Four test cases for custom extensions:
9cd50f73
T		 565 * 0 - no ClientHello extension or ServerHello response
566 * 1 - ClientHello with "abc", no response
567 * 2 - ClientHello with "abc", empty response
568 * 3 - ClientHello with "abc", "defg" response
569 */
570
de2a9e38 571static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 572 const unsigned char **out,
573 size_t *outlen, int *al, void *arg)
574{
575 if (ext_type != CUSTOM_EXT_TYPE_0)
576 custom_ext_error = 1;
577 return 0; /* Don't send an extension */
578}
9cd50f73 579
de2a9e38 580static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 581 const unsigned char *in,
582 size_t inlen, int *al, void *arg)
583{
584 return 1;
585}
9cd50f73 586
de2a9e38 587static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 588 const unsigned char **out,
589 size_t *outlen, int *al, void *arg)
590{
591 if (ext_type != CUSTOM_EXT_TYPE_1)
592 custom_ext_error = 1;
593 *out = (const unsigned char *)custom_ext_cli_string;
594 *outlen = strlen(custom_ext_cli_string);
595 return 1; /* Send "abc" */
596}
9cd50f73 597
de2a9e38 598static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 599 const unsigned char *in,
600 size_t inlen, int *al, void *arg)
601{
602 return 1;
603}
9cd50f73 604
de2a9e38 605static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 606 const unsigned char **out,
607 size_t *outlen, int *al, void *arg)
608{
609 if (ext_type != CUSTOM_EXT_TYPE_2)
610 custom_ext_error = 1;
611 *out = (const unsigned char *)custom_ext_cli_string;
612 *outlen = strlen(custom_ext_cli_string);
613 return 1; /* Send "abc" */
614}
9cd50f73 615
de2a9e38 616static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 617 const unsigned char *in,
618 size_t inlen, int *al, void *arg)
619{
620 if (ext_type != CUSTOM_EXT_TYPE_2)
621 custom_ext_error = 1;
622 if (inlen != 0)
623 custom_ext_error = 1; /* Should be empty response */
624 return 1;
625}
9cd50f73 626
de2a9e38 627static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 628 const unsigned char **out,
629 size_t *outlen, int *al, void *arg)
630{
631 if (ext_type != CUSTOM_EXT_TYPE_3)
632 custom_ext_error = 1;
633 *out = (const unsigned char *)custom_ext_cli_string;
634 *outlen = strlen(custom_ext_cli_string);
635 return 1; /* Send "abc" */
636}
9cd50f73 637
de2a9e38 638static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 639 const unsigned char *in,
640 size_t inlen, int *al, void *arg)
641{
642 if (ext_type != CUSTOM_EXT_TYPE_3)
643 custom_ext_error = 1;
644 if (inlen != strlen(custom_ext_srv_string))
645 custom_ext_error = 1;
646 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
647 custom_ext_error = 1; /* Check for "defg" */
648 return 1;
649}
650
651/*
652 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
653 * for this extension
654 */
de2a9e38 655static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 656 const unsigned char *in,
657 size_t inlen, int *al, void *arg)
658{
659 custom_ext_error = 1;
660 return 1;
661}
9cd50f73 662
f47e2039 663/* 'add' callbacks are only called if the 'parse' callback is called */
de2a9e38 664static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 665 const unsigned char **out,
666 size_t *outlen, int *al, void *arg)
667{
668 /* Error: should not have been called */
669 custom_ext_error = 1;
670 return 0; /* Don't send an extension */
671}
9cd50f73 672
de2a9e38 673static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 674 const unsigned char *in,
675 size_t inlen, int *al, void *arg)
676{
677 if (ext_type != CUSTOM_EXT_TYPE_1)
678 custom_ext_error = 1;
679 /* Check for "abc" */
680 if (inlen != strlen(custom_ext_cli_string))
681 custom_ext_error = 1;
682 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
683 custom_ext_error = 1;
684 return 1;
685}
9cd50f73 686
de2a9e38 687static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 688 const unsigned char **out,
689 size_t *outlen, int *al, void *arg)
690{
691 return 0; /* Don't send an extension */
692}
9cd50f73 693
de2a9e38 694static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 695 const unsigned char *in,
696 size_t inlen, int *al, void *arg)
697{
698 if (ext_type != CUSTOM_EXT_TYPE_2)
699 custom_ext_error = 1;
700 /* Check for "abc" */
701 if (inlen != strlen(custom_ext_cli_string))
702 custom_ext_error = 1;
703 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
704 custom_ext_error = 1;
705 return 1;
706}
9cd50f73 707
de2a9e38 708static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 709 const unsigned char **out,
710 size_t *outlen, int *al, void *arg)
711{
712 *out = NULL;
713 *outlen = 0;
714 return 1; /* Send empty extension */
715}
9cd50f73 716
de2a9e38 717static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 718 const unsigned char *in,
719 size_t inlen, int *al, void *arg)
720{
721 if (ext_type != CUSTOM_EXT_TYPE_3)
722 custom_ext_error = 1;
723 /* Check for "abc" */
724 if (inlen != strlen(custom_ext_cli_string))
725 custom_ext_error = 1;
726 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
727 custom_ext_error = 1;
728 return 1;
729}
9cd50f73 730
de2a9e38 731static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 732 const unsigned char **out,
733 size_t *outlen, int *al, void *arg)
734{
735 *out = (const unsigned char *)custom_ext_srv_string;
736 *outlen = strlen(custom_ext_srv_string);
737 return 1; /* Send "defg" */
738}
739
740static char *cipher = NULL;
741static int verbose = 0;
742static int debug = 0;
0f113f3e
MC		 743static const char rnd_seed[] =
744 "string to make the random number generator think it has entropy";
d02b48c6 745
0f113f3e
MC		 746int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
747 clock_t *c_time);
748int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
6e119bb0 749static int do_test_cipherlist(void);
9ccc00ef 750
6b691a5c 751static void sv_usage(void)
0f113f3e
MC		 752{
753 fprintf(stderr, "usage: ssltest [args ...]\n");
754 fprintf(stderr, "\n");
086e32a6 755#ifdef OPENSSL_FIPS
0f113f3e
MC		 756 fprintf(stderr, "-F - run test in FIPS mode\n");
757#endif
758 fprintf(stderr, " -server_auth - check server certificate\n");
759 fprintf(stderr, " -client_auth - do client authentication\n");
760 fprintf(stderr, " -proxy - allow proxy certificates\n");
761 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
762 fprintf(stderr,
763 " -proxy_cond <val> - expression to test proxy policy rights\n");
764 fprintf(stderr, " -v - more output\n");
765 fprintf(stderr, " -d - debug output\n");
766 fprintf(stderr, " -reuse - use session-id reuse\n");
767 fprintf(stderr, " -num <val> - number of connections to perform\n");
768 fprintf(stderr,
769 " -bytes <val> - number of bytes to swap between client/server\n");
bc36ee62 770#ifndef OPENSSL_NO_DH
0f113f3e
MC		 771 fprintf(stderr,
772 " -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
773 fprintf(stderr,
774 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
775 fprintf(stderr, " -no_dhe - disable DHE\n");
77fa04a9 776#endif
10bf4fc2 777#ifndef OPENSSL_NO_EC
0f113f3e 778 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
ea262260 779#endif
ddac1974 780#ifndef OPENSSL_NO_PSK
0f113f3e 781 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
ddac1974 782#endif
edc032b5 783#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 784 fprintf(stderr, " -srpuser user - SRP username to use\n");
785 fprintf(stderr, " -srppass arg - password for 'user'\n");
edc032b5 786#endif
3881d810 787#ifndef OPENSSL_NO_SSL3_METHOD
0f113f3e 788 fprintf(stderr, " -ssl3 - use SSLv3\n");
58964a49 789#endif
0f113f3e 790 fprintf(stderr, " -tls1 - use TLSv1\n");
98b8cdd3
DW		 791#ifndef OPENSSL_NO_DTLS
792 fprintf(stderr, " -dtls1 - use DTLSv1\n");
793 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
794#endif
0f113f3e
MC		 795 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
796 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
797 fprintf(stderr, " -cert arg - Server certificate file\n");
798 fprintf(stderr,
799 " -key arg - Server key file (default: same as -cert)\n");
800 fprintf(stderr, " -c_cert arg - Client certificate file\n");
801 fprintf(stderr,
802 " -c_key arg - Client key file (default: same as -c_cert)\n");
803 fprintf(stderr, " -cipher arg - The cipher list\n");
804 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
805 fprintf(stderr, " -f - Test even cases that can't work\n");
806 fprintf(stderr,
807 " -time - measure processor time used by client and server\n");
808 fprintf(stderr, " -zlib - use zlib compression\n");
809 fprintf(stderr, " -rle - use rle compression\n");
10bf4fc2 810#ifndef OPENSSL_NO_EC
0f113f3e
MC		 811 fprintf(stderr,
812 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
813 " Use \"openssl ecparam -list_curves\" for all names\n"
814 " (default is sect163r2).\n");
815#endif
816 fprintf(stderr,
817 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
818 " When this option is requested, the cipherlist\n"
819 " tests are run instead of handshake tests.\n");
2911575c 820#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 821 fprintf(stderr, " -npn_client - have client side offer NPN\n");
822 fprintf(stderr, " -npn_server - have server side offer NPN\n");
823 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
824#endif
825 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
826 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
827 fprintf(stderr,
828 " -serverinfo_tack - have client offer and expect TACK\n");
829 fprintf(stderr,
830 " -custom_ext - try various custom extension callbacks\n");
831 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
832 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
833 fprintf(stderr,
834 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
835}
563f1503 836
f756f1fc 837static void print_key_details(BIO *out, EVP_PKEY *key)
0f113f3e
MC		 838{
839 int keyid = EVP_PKEY_id(key);
f756f1fc 840#ifndef OPENSSL_NO_EC
0f113f3e
MC		 841 if (keyid == EVP_PKEY_EC) {
842 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
843 int nid;
844 const char *cname;
845 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
846 EC_KEY_free(ec);
847 cname = EC_curve_nid2nist(nid);
848 if (!cname)
849 cname = OBJ_nid2sn(nid);
850 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
851 } else
852#endif
853 {
854 const char *algname;
855 switch (keyid) {
856 case EVP_PKEY_RSA:
857 algname = "RSA";
858 break;
859 case EVP_PKEY_DSA:
860 algname = "DSA";
861 break;
862 case EVP_PKEY_DH:
863 algname = "DH";
864 break;
865 default:
866 algname = OBJ_nid2sn(keyid);
867 break;
868 }
869 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
870 }
871}
f756f1fc 872
563f1503 873static void print_details(SSL *c_ssl, const char *prefix)
0f113f3e
MC		 874{
875 const SSL_CIPHER *ciph;
876 int mdnid;
877 X509 *cert;
878 EVP_PKEY *pkey;
879
880 ciph = SSL_get_current_cipher(c_ssl);
881 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
882 prefix,
883 SSL_get_version(c_ssl),
884 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
885 cert = SSL_get_peer_certificate(c_ssl);
886 if (cert != NULL) {
887 pkey = X509_get_pubkey(cert);
888 if (pkey != NULL) {
889 BIO_puts(bio_stdout, ", ");
890 print_key_details(bio_stdout, pkey);
891 EVP_PKEY_free(pkey);
892 }
893 X509_free(cert);
894 }
895 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
896 BIO_puts(bio_stdout, ", temp key: ");
897 print_key_details(bio_stdout, pkey);
898 EVP_PKEY_free(pkey);
899 }
900 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
901 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
902 BIO_printf(bio_stdout, "\n");
903}
d02b48c6 904
3ac82faa 905static void lock_dbg_cb(int mode, int type, const char *file, int line)
0f113f3e
MC		 906{
907 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
908 const char *errstr = NULL;
909 int rw;
910
911 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
912 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
913 errstr = "invalid mode";
914 goto err;
915 }
916
917 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
918 errstr = "type out of bounds";
919 goto err;
920 }
921
922 if (mode & CRYPTO_LOCK) {
923 if (modes[type]) {
924 errstr = "already locked";
925 /*
926 * must not happen in a single-threaded program (would deadlock)
927 */
928 goto err;
929 }
930
931 modes[type] = rw;
932 } else if (mode & CRYPTO_UNLOCK) {
933 if (!modes[type]) {
934 errstr = "not locked";
935 goto err;
936 }
937
938 if (modes[type] != rw) {
939 errstr = (rw == CRYPTO_READ) ?
940 "CRYPTO_r_unlock on write lock" :
941 "CRYPTO_w_unlock on read lock";
942 }
943
944 modes[type] = 0;
945 } else {
946 errstr = "invalid mode";
947 goto err;
948 }
3ac82faa
BM		 949
950 err:
0f113f3e
MC		 951 if (errstr) {
952 /* we cannot use bio_err here */
953 fprintf(stderr,
954 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
955 errstr, mode, type, file, line);
956 }
957}
3ac82faa 958
6b691a5c 959int main(int argc, char *argv[])
0f113f3e
MC		 960{
961 char *CApath = NULL, *CAfile = NULL;
962 int badop = 0;
963 int bio_pair = 0;
964 int force = 0;
98b8cdd3 965 int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl3 = 0, ret = 1;
0f113f3e
MC		 966 int client_auth = 0;
967 int server_auth = 0, i;
968 struct app_verify_arg app_verify_arg =
969 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
970 char *server_cert = TEST_SERVER_CERT;
971 char *server_key = NULL;
972 char *client_cert = TEST_CLIENT_CERT;
973 char *client_key = NULL;
10bf4fc2 974#ifndef OPENSSL_NO_EC
0f113f3e
MC		 975 char *named_curve = NULL;
976#endif
977 SSL_CTX *s_ctx = NULL;
978 SSL_CTX *c_ctx = NULL;
979 const SSL_METHOD *meth = NULL;
980 SSL *c_ssl, *s_ssl;
981 int number = 1, reuse = 0;
982 long bytes = 256L;
bc36ee62 983#ifndef OPENSSL_NO_DH
0f113f3e
MC		 984 DH *dh;
985 int dhe1024 = 0, dhe1024dsa = 0;
ea262260 986#endif
10bf4fc2 987#ifndef OPENSSL_NO_EC
0f113f3e 988 EC_KEY *ecdh = NULL;
edc032b5
BL		 989#endif
990#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 991 /* client */
992 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
993 /* server */
994 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
995#endif
996 int no_dhe = 0;
997 int no_ecdhe = 0;
998 int no_psk = 0;
999 int print_time = 0;
1000 clock_t s_time = 0, c_time = 0;
09b6c2ef 1001#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1002 int comp = 0;
1003 COMP_METHOD *cm = NULL;
1004 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
00a37b5a 1005#endif
0f113f3e 1006 int test_cipherlist = 0;
086e32a6 1007#ifdef OPENSSL_FIPS
0f113f3e
MC		 1008 int fips_mode = 0;
1009#endif
1010 int no_protocol = 0;
1011
1012 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1013 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1014 const char *arg = NULL, *argn = NULL;
1015
1016 verbose = 0;
1017 debug = 0;
1018 cipher = 0;
1019
1020 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1021
1022 CRYPTO_set_locking_callback(lock_dbg_cb);
1023
1024 /* enable memory leak checking unless explicitly disabled */
1025 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
1026 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
1027 CRYPTO_malloc_debug_init();
1028 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1029 } else {
1030 /* OPENSSL_DEBUG_MEMORY=off */
1031 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1032 }
1033 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1034
1035 RAND_seed(rnd_seed, sizeof rnd_seed);
1036
1037 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1038
1039 s_cctx = SSL_CONF_CTX_new();
1040 c_cctx = SSL_CONF_CTX_new();
1041
1042 if (!s_cctx || !c_cctx) {
1043 ERR_print_errors(bio_err);
1044 goto end;
1045 }
1046
1047 SSL_CONF_CTX_set_flags(s_cctx,
1048 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER);
1049 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1050 ERR_print_errors(bio_err);
1051 goto end;
1052 }
1053
1054 SSL_CONF_CTX_set_flags(c_cctx,
1055 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT);
1056 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1057 ERR_print_errors(bio_err);
1058 goto end;
1059 }
1060
1061 argc--;
1062 argv++;
1063
1064 while (argc >= 1) {
1065 if (!strcmp(*argv, "-F")) {
086e32a6 1066#ifdef OPENSSL_FIPS
0f113f3e 1067 fips_mode = 1;
086e32a6 1068#else
0f113f3e
MC		 1069 fprintf(stderr,
1070 "not compiled with FIPS support, so exiting without running.\n");
1071 EXIT(0);
1072#endif
1073 } else if (strcmp(*argv, "-server_auth") == 0)
1074 server_auth = 1;
1075 else if (strcmp(*argv, "-client_auth") == 0)
1076 client_auth = 1;
1077 else if (strcmp(*argv, "-proxy_auth") == 0) {
1078 if (--argc < 1)
1079 goto bad;
1080 app_verify_arg.proxy_auth = *(++argv);
1081 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1082 if (--argc < 1)
1083 goto bad;
1084 app_verify_arg.proxy_cond = *(++argv);
1085 } else if (strcmp(*argv, "-v") == 0)
1086 verbose = 1;
1087 else if (strcmp(*argv, "-d") == 0)
1088 debug = 1;
1089 else if (strcmp(*argv, "-reuse") == 0)
1090 reuse = 1;
1091 else if (strcmp(*argv, "-dhe1024") == 0) {
90f5a2b6 1092#ifndef OPENSSL_NO_DH
0f113f3e 1093 dhe1024 = 1;
90f5a2b6 1094#else
0f113f3e
MC		 1095 fprintf(stderr,
1096 "ignoring -dhe1024, since I'm compiled without DH\n");
90f5a2b6 1097#endif
0f113f3e 1098 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
90f5a2b6 1099#ifndef OPENSSL_NO_DH
0f113f3e 1100 dhe1024dsa = 1;
90f5a2b6 1101#else
0f113f3e
MC		 1102 fprintf(stderr,
1103 "ignoring -dhe1024, since I'm compiled without DH\n");
1104#endif
1105 } else if (strcmp(*argv, "-no_dhe") == 0)
1106 no_dhe = 1;
1107 else if (strcmp(*argv, "-no_ecdhe") == 0)
1108 no_ecdhe = 1;
1109 else if (strcmp(*argv, "-psk") == 0) {
1110 if (--argc < 1)
1111 goto bad;
1112 psk_key = *(++argv);
ddac1974 1113#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1114 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1115 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1116 goto bad;
1117 }
ddac1974 1118#else
0f113f3e 1119 no_psk = 1;
ddac1974 1120#endif
0f113f3e 1121 }
edc032b5 1122#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1123 else if (strcmp(*argv, "-srpuser") == 0) {
1124 if (--argc < 1)
1125 goto bad;
1126 srp_server_arg.expected_user = srp_client_arg.srplogin =
1127 *(++argv);
1128 tls1 = 1;
1129 } else if (strcmp(*argv, "-srppass") == 0) {
1130 if (--argc < 1)
1131 goto bad;
1132 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1133 tls1 = 1;
1134 }
1135#endif
1136 else if (strcmp(*argv, "-tls1") == 0) {
0f113f3e
MC		 1137 tls1 = 1;
1138 } else if (strcmp(*argv, "-ssl3") == 0) {
3881d810 1139#ifdef OPENSSL_NO_SSL3_METHOD
0f113f3e
MC		 1140 no_protocol = 1;
1141#endif
1142 ssl3 = 1;
98b8cdd3
DW		 1143 } else if (strcmp(*argv, "-dtls1") == 0) {
1144#ifdef OPENSSL_NO_DTLS
1145 no_protocol = 1;
1146#endif
1147 dtls1 = 1;
1148 } else if (strcmp(*argv, "-dtls12") == 0) {
1149#ifdef OPENSSL_NO_DTLS
1150 no_protocol = 1;
1151#endif
1152 dtls12 = 1;
0f113f3e
MC		 1153 } else if (strncmp(*argv, "-num", 4) == 0) {
1154 if (--argc < 1)
1155 goto bad;
1156 number = atoi(*(++argv));
1157 if (number == 0)
1158 number = 1;
1159 } else if (strcmp(*argv, "-bytes") == 0) {
1160 if (--argc < 1)
1161 goto bad;
1162 bytes = atol(*(++argv));
1163 if (bytes == 0L)
1164 bytes = 1L;
1165 i = strlen(argv[0]);
1166 if (argv[0][i - 1] == 'k')
1167 bytes *= 1024L;
1168 if (argv[0][i - 1] == 'm')
1169 bytes *= 1024L * 1024L;
1170 } else if (strcmp(*argv, "-cert") == 0) {
1171 if (--argc < 1)
1172 goto bad;
1173 server_cert = *(++argv);
1174 } else if (strcmp(*argv, "-s_cert") == 0) {
1175 if (--argc < 1)
1176 goto bad;
1177 server_cert = *(++argv);
1178 } else if (strcmp(*argv, "-key") == 0) {
1179 if (--argc < 1)
1180 goto bad;
1181 server_key = *(++argv);
1182 } else if (strcmp(*argv, "-s_key") == 0) {
1183 if (--argc < 1)
1184 goto bad;
1185 server_key = *(++argv);
1186 } else if (strcmp(*argv, "-c_cert") == 0) {
1187 if (--argc < 1)
1188 goto bad;
1189 client_cert = *(++argv);
1190 } else if (strcmp(*argv, "-c_key") == 0) {
1191 if (--argc < 1)
1192 goto bad;
1193 client_key = *(++argv);
1194 } else if (strcmp(*argv, "-cipher") == 0) {
1195 if (--argc < 1)
1196 goto bad;
1197 cipher = *(++argv);
1198 } else if (strcmp(*argv, "-CApath") == 0) {
1199 if (--argc < 1)
1200 goto bad;
1201 CApath = *(++argv);
1202 } else if (strcmp(*argv, "-CAfile") == 0) {
1203 if (--argc < 1)
1204 goto bad;
1205 CAfile = *(++argv);
1206 } else if (strcmp(*argv, "-bio_pair") == 0) {
1207 bio_pair = 1;
1208 } else if (strcmp(*argv, "-f") == 0) {
1209 force = 1;
1210 } else if (strcmp(*argv, "-time") == 0) {
1211 print_time = 1;
1212 }
a4c4a7d5 1213#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1214 else if (strcmp(*argv, "-zlib") == 0) {
1215 comp = COMP_ZLIB;
1216 } else if (strcmp(*argv, "-rle") == 0) {
1217 comp = COMP_RLE;
1218 }
1219#endif
1220 else if (strcmp(*argv, "-named_curve") == 0) {
1221 if (--argc < 1)
1222 goto bad;
10bf4fc2 1223#ifndef OPENSSL_NO_EC
0f113f3e 1224 named_curve = *(++argv);
90f5a2b6 1225#else
0f113f3e
MC		 1226 fprintf(stderr,
1227 "ignoring -named_curve, since I'm compiled without ECDH\n");
1228 ++argv;
1229#endif
1230 } else if (strcmp(*argv, "-app_verify") == 0) {
1231 app_verify_arg.app_verify = 1;
1232 } else if (strcmp(*argv, "-proxy") == 0) {
1233 app_verify_arg.allow_proxy_certs = 1;
1234 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1235 test_cipherlist = 1;
1236 }
2911575c 1237#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1238 else if (strcmp(*argv, "-npn_client") == 0) {
1239 npn_client = 1;
1240 } else if (strcmp(*argv, "-npn_server") == 0) {
1241 npn_server = 1;
1242 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1243 npn_server_reject = 1;
1244 }
1245#endif
1246 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1247 serverinfo_sct = 1;
1248 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1249 serverinfo_tack = 1;
1250 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1251 if (--argc < 1)
1252 goto bad;
1253 serverinfo_file = *(++argv);
1254 } else if (strcmp(*argv, "-custom_ext") == 0) {
1255 custom_ext = 1;
1256 } else if (strcmp(*argv, "-alpn_client") == 0) {
1257 if (--argc < 1)
1258 goto bad;
1259 alpn_client = *(++argv);
1260 } else if (strcmp(*argv, "-alpn_server") == 0) {
1261 if (--argc < 1)
1262 goto bad;
1263 alpn_server = *(++argv);
1264 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1265 if (--argc < 1)
1266 goto bad;
1267 alpn_expected = *(++argv);
1268 } else {
1269 int rv;
1270 arg = argv[0];
1271 argn = argv[1];
1272 /* Try to process command using SSL_CONF */
1273 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1274 /* If not processed try server */
1275 if (rv == 0)
1276 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1277 /* Recognised: store it for later use */
1278 if (rv > 0) {
1279 if (rv == 1)
1280 argn = NULL;
1281 if (!conf_args) {
1282 conf_args = sk_OPENSSL_STRING_new_null();
1283 if (!conf_args)
1284 goto end;
1285 }
1286 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1287 goto end;
1288 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1289 goto end;
1290 continue;
1291 }
1292 if (rv == -3)
1293 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1294 else if (rv < 0)
1295 BIO_printf(bio_err, "Error with command %s\n", arg);
1296 else if (rv == 0)
1297 BIO_printf(bio_err, "unknown option %s\n", arg);
1298 badop = 1;
1299 break;
1300 }
1301 argc--;
1302 argv++;
1303 }
1304 if (badop) {
1305 bad:
1306 sv_usage();
1307 goto end;
1308 }
1309
1310 /*
1311 * test_cipherlist prevails over protocol switch: we test the cipherlist
1312 * for all enabled protocols.
1313 */
1314 if (test_cipherlist == 1) {
1315 /*
1316 * ensure that the cipher list are correctly sorted and exit
1317 */
1318 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1319 "other options.\n");
1320 if (do_test_cipherlist() == 0)
1321 EXIT(1);
1322 ret = 0;
1323 goto end;
1324 }
1325
98b8cdd3
DW		 1326 if (ssl3 + tls1 + dtls1 + dtls12 > 1) {
1327 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls1 or -dtls12 should "
0f113f3e
MC		 1328 "be requested.\n");
1329 EXIT(1);
1330 }
1331
1332 /*
1333 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1334 * Ideally, we would error out, but the generic test wrapper can't know
1335 * when to expect failure. So we do nothing and return success.
1336 */
1337 if (no_protocol) {
1338 fprintf(stderr, "Testing was requested for a disabled protocol. "
1339 "Skipping tests.\n");
1340 ret = 0;
1341 goto end;
1342 }
1343
98b8cdd3 1344 if (!ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
0f113f3e
MC		 1345 fprintf(stderr, "This case cannot work. Use -f to perform "
1346 "the test anyway (and\n-d to see what happens), "
98b8cdd3 1347 "or add one of -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
0f113f3e
MC		 1348 "to avoid protocol mismatch.\n");
1349 EXIT(1);
1350 }
086e32a6 1351#ifdef OPENSSL_FIPS
0f113f3e
MC		 1352 if (fips_mode) {
1353 if (!FIPS_mode_set(1)) {
1354 ERR_load_crypto_strings();
1355 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
1356 EXIT(1);
1357 } else
1358 fprintf(stderr, "*** IN FIPS MODE ***\n");
1359 }
1360#endif
1361
1362 if (print_time) {
1363 if (!bio_pair) {
1364 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1365 bio_pair = 1;
1366 }
1367 if (number < 50 && !force)
1368 fprintf(stderr,
1369 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1370 }
1371
1372/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1373
1374 SSL_library_init();
1375 SSL_load_error_strings();
d02b48c6 1376
09b6c2ef 1377#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1378 if (comp == COMP_ZLIB)
1379 cm = COMP_zlib();
1380 if (comp == COMP_RLE)
1381 cm = COMP_rle();
1382 if (cm != NULL) {
1383 if (cm->type != NID_undef) {
1384 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1385 fprintf(stderr, "Failed to add compression method\n");
1386 ERR_print_errors_fp(stderr);
1387 }
1388 } else {
1389 fprintf(stderr,
1390 "Warning: %s compression not supported\n",
1391 (comp == COMP_RLE ? "rle" :
1392 (comp == COMP_ZLIB ? "zlib" : "unknown")));
1393 ERR_print_errors_fp(stderr);
1394 }
1395 }
1396 ssl_comp_methods = SSL_COMP_get_compression_methods();
22ebaae0 1397 fprintf(stderr, "Available compression methods:");
0f113f3e
MC		 1398 {
1399 int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1400 if (n == 0)
1401 fprintf(stderr, " NONE\n");
22ebaae0 1402 else {
0f113f3e
MC		 1403 for (j = 0; j < n; j++) {
1404 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
22ebaae0 1405 fprintf(stderr, " %s:%d", c->name, c->id);
0f113f3e 1406 }
22ebaae0
RS		 1407 fprintf(stderr, "\n");
1408 }
0f113f3e
MC		 1409 }
1410#endif
1411
1412 /*
1413 * At this point, ssl3/tls1 is only set if the protocol is available.
1414 * (Otherwise we exit early.) However the compiler doesn't know this, so
1415 * we ifdef.
1416 */
fd28a41e 1417#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 1418 if (ssl3)
1419 meth = SSLv3_method();
1420 else
98b8cdd3
DW		 1421#endif
1422#ifndef OPENSSL_NO_DTLS
1423 if (dtls1)
1424 meth = DTLSv1_method();
1425 else if (dtls12)
1426 meth = DTLSv1_2_method();
1427 else
fd28a41e 1428#endif
0f113f3e
MC		 1429 if (tls1)
1430 meth = TLSv1_method();
1431 else
0f113f3e
MC		 1432 meth = SSLv23_method();
1433
1434 c_ctx = SSL_CTX_new(meth);
1435 s_ctx = SSL_CTX_new(meth);
1436 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1437 ERR_print_errors(bio_err);
1438 goto end;
1439 }
1440 /*
1441 * Since we will use low security ciphersuites and keys for testing set
1442 * security level to zero.
1443 */
1444 SSL_CTX_set_security_level(c_ctx, 0);
1445 SSL_CTX_set_security_level(s_ctx, 0);
1446
1447 if (cipher != NULL) {
61986d32 1448 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
69f68237
MC		 1449 || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1450 ERR_print_errors(bio_err);
1451 goto end;
1452 }
0f113f3e
MC		 1453 }
1454
1455 /* Process SSL_CONF arguments */
1456 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1457 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1458
1459 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1460 int rv;
1461 arg = sk_OPENSSL_STRING_value(conf_args, i);
1462 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1463 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1464 /* If not recognised use server context */
1465 if (rv == -2)
1466 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1467 if (rv <= 0) {
1468 BIO_printf(bio_err, "Error processing %s %s\n",
1469 arg, argn ? argn : "");
1470 ERR_print_errors(bio_err);
1471 goto end;
1472 }
1473 }
1474
1475 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
1476 BIO_puts(bio_err, "Error finishing context\n");
1477 ERR_print_errors(bio_err);
1478 goto end;
1479 }
bc36ee62 1480#ifndef OPENSSL_NO_DH
0f113f3e
MC		 1481 if (!no_dhe) {
1482 if (dhe1024dsa) {
1483 /*
1484 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1485 */
1486 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1487 dh = get_dh1024dsa();
1488 } else if (dhe1024)
1489 dh = get_dh1024();
1490 else
1491 dh = get_dh512();
1492 SSL_CTX_set_tmp_dh(s_ctx, dh);
1493 DH_free(dh);
1494 }
e4589582 1495#else
0f113f3e 1496 (void)no_dhe;
58964a49
RE		 1497#endif
1498
10bf4fc2 1499#ifndef OPENSSL_NO_EC
0f113f3e
MC		 1500 if (!no_ecdhe) {
1501 int nid;
1502
1503 if (named_curve != NULL) {
1504 nid = OBJ_sn2nid(named_curve);
1505 if (nid == 0) {
1506 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1507 goto end;
1508 }
1509 } else
1510# ifdef OPENSSL_NO_EC2M
1511 nid = NID_X9_62_prime256v1;
1512# else
1513 nid = NID_sect163r2;
1514# endif
1515
1516 ecdh = EC_KEY_new_by_curve_name(nid);
1517 if (ecdh == NULL) {
1518 BIO_printf(bio_err, "unable to create curve\n");
1519 goto end;
1520 }
1521
1522 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1523 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1524 EC_KEY_free(ecdh);
1525 }
b3310161 1526#else
0f113f3e 1527 (void)no_ecdhe;
ea262260
BM		 1528#endif
1529
bc36ee62 1530#ifndef OPENSSL_NO_RSA
0f113f3e 1531 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
d02b48c6
RE		 1532#endif
1533
0f113f3e
MC		 1534 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
1535 ERR_print_errors(bio_err);
1536 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1537 (server_key ? server_key :
1538 server_cert),
1539 SSL_FILETYPE_PEM)) {
1540 ERR_print_errors(bio_err);
1541 goto end;
1542 }
1543
1544 if (client_auth) {
61986d32 1545 if (!SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM)
69f68237 1546 || !SSL_CTX_use_PrivateKey_file(c_ctx,
0f113f3e 1547 (client_key ? client_key : client_cert),
69f68237
MC		 1548 SSL_FILETYPE_PEM)) {
1549 ERR_print_errors(bio_err);
1550 goto end;
1551 }
0f113f3e
MC		 1552 }
1553
1554 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1555 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1556 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1557 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1558 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1559 ERR_print_errors(bio_err);
1560 /* goto end; */
1561 }
1562
1563 if (client_auth) {
1564 BIO_printf(bio_err, "client authentication\n");
1565 SSL_CTX_set_verify(s_ctx,
1566 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1567 verify_callback);
1568 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1569 &app_verify_arg);
1570 }
1571 if (server_auth) {
1572 BIO_printf(bio_err, "server authentication\n");
1573 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1574 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1575 &app_verify_arg);
1576 }
1577
1578 {
1579 int session_id_context = 0;
61986d32 1580 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
69f68237
MC		 1581 sizeof session_id_context)) {
1582 ERR_print_errors(bio_err);
1583 goto end;
1584 }
0f113f3e
MC		 1585 }
1586
1587 /* Use PSK only if PSK key is given */
1588 if (psk_key != NULL) {
1589 /*
1590 * no_psk is used to avoid putting psk command to openssl tool
1591 */
1592 if (no_psk) {
1593 /*
1594 * if PSK is not compiled in and psk key is given, do nothing and
1595 * exit successfully
1596 */
1597 ret = 0;
1598 goto end;
1599 }
ddac1974 1600#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1601 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1602 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1603 if (debug)
1604 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1605 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1606 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1607 ERR_print_errors(bio_err);
1608 goto end;
1609 }
1610#endif
1611 }
edc032b5 1612#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1613 if (srp_client_arg.srplogin) {
1614 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1615 BIO_printf(bio_err, "Unable to set SRP username\n");
1616 goto end;
1617 }
1618 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1619 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1620 ssl_give_srp_client_pwd_cb);
1621 /*
1622 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1623 */
1624 }
1625
1626 if (srp_server_arg.expected_user != NULL) {
1627 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1628 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1629 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1630 }
edc032b5 1631#endif
ddac1974 1632
2911575c 1633#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1634 if (npn_client) {
1635 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1636 }
1637 if (npn_server) {
1638 if (npn_server_reject) {
1639 BIO_printf(bio_err,
1640 "Can't have both -npn_server and -npn_server_reject\n");
1641 goto end;
1642 }
1643 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1644 }
1645 if (npn_server_reject) {
1646 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1647 NULL);
1648 }
1649#endif
1650
69f68237 1651 if (serverinfo_sct) {
61986d32 1652 if (!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
0f113f3e 1653 NULL, NULL, NULL,
69f68237
MC		 1654 serverinfo_cli_parse_cb, NULL)) {
1655 BIO_printf(bio_err, "Error adding SCT extension\n");
1656 goto end;
1657 }
1658 }
1659 if (serverinfo_tack) {
61986d32 1660 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
0f113f3e 1661 NULL, NULL, NULL,
69f68237
MC		 1662 serverinfo_cli_parse_cb, NULL)) {
1663 BIO_printf(bio_err, "Error adding TACK extension\n");
1664 goto end;
1665 }
1666 }
0f113f3e
MC		 1667 if (serverinfo_file)
1668 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1669 BIO_printf(bio_err, "missing serverinfo file\n");
1670 goto end;
1671 }
1672
1673 if (custom_ext) {
61986d32 1674 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1675 custom_ext_0_cli_add_cb,
1676 NULL, NULL,
69f68237 1677 custom_ext_0_cli_parse_cb, NULL)
61986d32 1678 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1679 custom_ext_1_cli_add_cb,
1680 NULL, NULL,
69f68237 1681 custom_ext_1_cli_parse_cb, NULL)
61986d32 1682 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1683 custom_ext_2_cli_add_cb,
1684 NULL, NULL,
69f68237 1685 custom_ext_2_cli_parse_cb, NULL)
61986d32 1686 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1687 custom_ext_3_cli_add_cb,
1688 NULL, NULL,
69f68237 1689 custom_ext_3_cli_parse_cb, NULL)
61986d32 1690 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1691 custom_ext_0_srv_add_cb,
1692 NULL, NULL,
69f68237 1693 custom_ext_0_srv_parse_cb, NULL)
61986d32 1694 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1695 custom_ext_1_srv_add_cb,
1696 NULL, NULL,
69f68237 1697 custom_ext_1_srv_parse_cb, NULL)
61986d32 1698 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1699 custom_ext_2_srv_add_cb,
1700 NULL, NULL,
69f68237 1701 custom_ext_2_srv_parse_cb, NULL)
61986d32 1702 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1703 custom_ext_3_srv_add_cb,
1704 NULL, NULL,
69f68237
MC		 1705 custom_ext_3_srv_parse_cb, NULL)) {
1706 BIO_printf(bio_err, "Error setting custom extensions\n");
1707 goto end;
1708 }
0f113f3e
MC		 1709 }
1710
1711 if (alpn_server)
1712 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1713
1714 if (alpn_client) {
1715 unsigned short alpn_len;
1716 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1717
1718 if (alpn == NULL) {
1719 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1720 goto end;
1721 }
69f68237 1722 /* Returns 0 on success!! */
61986d32 1723 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
69f68237
MC		 1724 BIO_printf(bio_err, "Error setting ALPN\n");
1725 OPENSSL_free(alpn);
1726 goto end;
1727 }
0f113f3e
MC		 1728 OPENSSL_free(alpn);
1729 }
1730
1731 c_ssl = SSL_new(c_ctx);
1732 s_ssl = SSL_new(s_ctx);
58964a49 1733
bc36ee62 1734#ifndef OPENSSL_NO_KRB5
0f113f3e
MC		 1735 if (c_ssl && c_ssl->kssl_ctx) {
1736 char localhost[MAXHOSTNAMELEN + 2];
1737
1738 if (gethostname(localhost, sizeof localhost - 1) == 0) {
1739 localhost[sizeof localhost - 1] = '\0';
1740 if (strlen(localhost) == sizeof localhost - 1) {
1741 BIO_printf(bio_err, "localhost name too long\n");
1742 goto end;
1743 }
1744 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost);
1745 }
1746 }
1747#endif /* OPENSSL_NO_KRB5 */
1748
1749 for (i = 0; i < number; i++) {
69f68237 1750 if (!reuse) {
61986d32 1751 if (!SSL_set_session(c_ssl, NULL)) {
69f68237
MC		 1752 BIO_printf(bio_err, "Failed to set session\n");
1753 goto end;
1754 }
1755 }
0f113f3e
MC		 1756 if (bio_pair)
1757 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1758 else
1759 ret = doit(s_ssl, c_ssl, bytes);
6b937f8b 1760 if (ret) break;
0f113f3e
MC		 1761 }
1762
1763 if (!verbose) {
1764 print_details(c_ssl, "");
1765 }
6b937f8b
AP		 1766 if ((i > 1) || (bytes > 1L))
1767 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", i,
0f113f3e
MC		 1768 bytes);
1769 if (print_time) {
617d71bc 1770#ifdef CLOCKS_PER_SEC
0f113f3e
MC		 1771 /*
1772 * "To determine the time in seconds, the value returned by the clock
1773 * function should be divided by the value of the macro
1774 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1775 */
1776 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1777 "Approximate total client time: %6.2f s\n",
1778 (double)s_time / CLOCKS_PER_SEC,
1779 (double)c_time / CLOCKS_PER_SEC);
617d71bc 1780#else
0f113f3e
MC		 1781 BIO_printf(bio_stdout,
1782 "Approximate total server time: %6.2f units\n"
1783 "Approximate total client time: %6.2f units\n",
1784 (double)s_time, (double)c_time);
617d71bc 1785#endif
0f113f3e 1786 }
58964a49 1787
0f113f3e
MC		 1788 SSL_free(s_ssl);
1789 SSL_free(c_ssl);
58964a49 1790
0f113f3e 1791 end:
62adbcee
RS		 1792 SSL_CTX_free(s_ctx);
1793 SSL_CTX_free(c_ctx);
62adbcee
RS		 1794 SSL_CONF_CTX_free(s_cctx);
1795 SSL_CONF_CTX_free(c_cctx);
0f113f3e 1796 sk_OPENSSL_STRING_free(conf_args);
de94222d 1797
ca3a82c3 1798 BIO_free(bio_stdout);
d02b48c6 1799
bc36ee62 1800#ifndef OPENSSL_NO_RSA
0f113f3e 1801 free_tmp_rsa();
46b3bd54 1802#endif
0b13e9f0 1803#ifndef OPENSSL_NO_ENGINE
0f113f3e
MC		 1804 ENGINE_cleanup();
1805#endif
1806 CRYPTO_cleanup_all_ex_data();
1807 ERR_free_strings();
1808 ERR_remove_thread_state(NULL);
1809 EVP_cleanup();
1810 CRYPTO_mem_leaks(bio_err);
ca3a82c3 1811 BIO_free(bio_err);
0f113f3e 1812 EXIT(ret);
0f113f3e 1813}
d02b48c6 1814
563f1503 1815int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
0f113f3e
MC		 1816 clock_t *s_time, clock_t *c_time)
1817{
1818 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1819 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1820 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1821 int ret = 1;
1822
1823 size_t bufsiz = 256; /* small buffer for testing */
1824
1825 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1826 goto err;
1827 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1828 goto err;
1829
1830 s_ssl_bio = BIO_new(BIO_f_ssl());
1831 if (!s_ssl_bio)
1832 goto err;
1833
1834 c_ssl_bio = BIO_new(BIO_f_ssl());
1835 if (!c_ssl_bio)
1836 goto err;
1837
1838 SSL_set_connect_state(c_ssl);
1839 SSL_set_bio(c_ssl, client, client);
1840 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1841
1842 SSL_set_accept_state(s_ssl);
1843 SSL_set_bio(s_ssl, server, server);
1844 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1845
1846 do {
35a1cc90
MC		 1847 /*-
1848 * c_ssl_bio: SSL filter BIO
1849 *
1850 * client: pseudo-I/O for SSL library
1851 *
1852 * client_io: client's SSL communication; usually to be
1853 * relayed over some I/O facility, but in this
1854 * test program, we're the server, too:
1855 *
1856 * server_io: server's SSL communication
1857 *
1858 * server: pseudo-I/O for SSL library
1859 *
1860 * s_ssl_bio: SSL filter BIO
1861 *
1862 * The client and the server each employ a "BIO pair":
1863 * client + client_io, server + server_io.
1864 * BIO pairs are symmetric. A BIO pair behaves similar
1865 * to a non-blocking socketpair (but both endpoints must
1866 * be handled by the same thread).
1867 * [Here we could connect client and server to the ends
1868 * of a single BIO pair, but then this code would be less
1869 * suitable as an example for BIO pairs in general.]
1870 *
1871 * Useful functions for querying the state of BIO pair endpoints:
1872 *
1873 * BIO_ctrl_pending(bio) number of bytes we can read now
1874 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1875 * other side's read attempt
1876 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1877 *
1878 * ..._read_request is never more than ..._write_guarantee;
1879 * it depends on the application which one you should use.
1880 */
0f113f3e
MC		 1881
1882 /*
1883 * We have non-blocking behaviour throughout this test program, but
1884 * can be sure that there is *some* progress in each iteration; so we
1885 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1886 * we just try everything in each iteration
1887 */
1888
1889 {
1890 /* CLIENT */
1891
68b00c23 1892 char cbuf[1024 * 8];
0f113f3e
MC		 1893 int i, r;
1894 clock_t c_clock = clock();
1895
1896 memset(cbuf, 0, sizeof(cbuf));
1897
1898 if (debug)
1899 if (SSL_in_init(c_ssl))
1900 printf("client waiting in SSL_connect - %s\n",
1901 SSL_state_string_long(c_ssl));
1902
1903 if (cw_num > 0) {
1904 /* Write to server. */
1905
1906 if (cw_num > (long)sizeof cbuf)
1907 i = sizeof cbuf;
1908 else
1909 i = (int)cw_num;
1910 r = BIO_write(c_ssl_bio, cbuf, i);
1911 if (r < 0) {
1912 if (!BIO_should_retry(c_ssl_bio)) {
1913 fprintf(stderr, "ERROR in CLIENT\n");
1914 goto err;
1915 }
1916 /*
1917 * BIO_should_retry(...) can just be ignored here. The
1918 * library expects us to call BIO_write with the same
1919 * arguments again, and that's what we will do in the
1920 * next iteration.
1921 */
1922 } else if (r == 0) {
1923 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1924 goto err;
1925 } else {
1926 if (debug)
1927 printf("client wrote %d\n", r);
1928 cw_num -= r;
1929 }
1930 }
1931
1932 if (cr_num > 0) {
1933 /* Read from server. */
1934
1935 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1936 if (r < 0) {
1937 if (!BIO_should_retry(c_ssl_bio)) {
1938 fprintf(stderr, "ERROR in CLIENT\n");
1939 goto err;
1940 }
1941 /*
1942 * Again, "BIO_should_retry" can be ignored.
1943 */
1944 } else if (r == 0) {
1945 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1946 goto err;
1947 } else {
1948 if (debug)
1949 printf("client read %d\n", r);
1950 cr_num -= r;
1951 }
1952 }
1953
1954 /*
1955 * c_time and s_time increments will typically be very small
1956 * (depending on machine speed and clock tick intervals), but
1957 * sampling over a large number of connections should result in
1958 * fairly accurate figures. We cannot guarantee a lot, however
1959 * -- if each connection lasts for exactly one clock tick, it
1960 * will be counted only for the client or only for the server or
1961 * even not at all.
1962 */
1963 *c_time += (clock() - c_clock);
1964 }
1965
1966 {
1967 /* SERVER */
1968
68b00c23 1969 char sbuf[1024 * 8];
0f113f3e
MC		 1970 int i, r;
1971 clock_t s_clock = clock();
1972
1973 memset(sbuf, 0, sizeof(sbuf));
1974
1975 if (debug)
1976 if (SSL_in_init(s_ssl))
1977 printf("server waiting in SSL_accept - %s\n",
1978 SSL_state_string_long(s_ssl));
1979
1980 if (sw_num > 0) {
1981 /* Write to client. */
1982
1983 if (sw_num > (long)sizeof sbuf)
1984 i = sizeof sbuf;
1985 else
1986 i = (int)sw_num;
1987 r = BIO_write(s_ssl_bio, sbuf, i);
1988 if (r < 0) {
1989 if (!BIO_should_retry(s_ssl_bio)) {
1990 fprintf(stderr, "ERROR in SERVER\n");
1991 goto err;
1992 }
1993 /* Ignore "BIO_should_retry". */
1994 } else if (r == 0) {
1995 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1996 goto err;
1997 } else {
1998 if (debug)
1999 printf("server wrote %d\n", r);
2000 sw_num -= r;
2001 }
2002 }
2003
2004 if (sr_num > 0) {
2005 /* Read from client. */
2006
2007 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2008 if (r < 0) {
2009 if (!BIO_should_retry(s_ssl_bio)) {
2010 fprintf(stderr, "ERROR in SERVER\n");
2011 goto err;
2012 }
2013 /* blah, blah */
2014 } else if (r == 0) {
2015 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2016 goto err;
2017 } else {
2018 if (debug)
2019 printf("server read %d\n", r);
2020 sr_num -= r;
2021 }
2022 }
2023
2024 *s_time += (clock() - s_clock);
2025 }
2026
2027 {
2028 /* "I/O" BETWEEN CLIENT AND SERVER. */
2029
2030 size_t r1, r2;
2031 BIO *io1 = server_io, *io2 = client_io;
2032 /*
2033 * we use the non-copying interface for io1 and the standard
2034 * BIO_write/BIO_read interface for io2
2035 */
2036
2037 static int prev_progress = 1;
2038 int progress = 0;
2039
2040 /* io1 to io2 */
2041 do {
2042 size_t num;
2043 int r;
2044
2045 r1 = BIO_ctrl_pending(io1);
2046 r2 = BIO_ctrl_get_write_guarantee(io2);
2047
2048 num = r1;
2049 if (r2 < num)
2050 num = r2;
2051 if (num) {
2052 char *dataptr;
2053
2054 if (INT_MAX < num) /* yeah, right */
2055 num = INT_MAX;
2056
2057 r = BIO_nread(io1, &dataptr, (int)num);
2058 assert(r > 0);
2059 assert(r <= (int)num);
2060 /*
2061 * possibly r < num (non-contiguous data)
2062 */
2063 num = r;
2064 r = BIO_write(io2, dataptr, (int)num);
2065 if (r != (int)num) { /* can't happen */
2066 fprintf(stderr, "ERROR: BIO_write could not write "
2067 "BIO_ctrl_get_write_guarantee() bytes");
2068 goto err;
2069 }
2070 progress = 1;
2071
2072 if (debug)
2073 printf((io1 == client_io) ?
2074 "C->S relaying: %d bytes\n" :
2075 "S->C relaying: %d bytes\n", (int)num);
2076 }
2077 }
2078 while (r1 && r2);
2079
2080 /* io2 to io1 */
2081 {
2082 size_t num;
2083 int r;
2084
2085 r1 = BIO_ctrl_pending(io2);
2086 r2 = BIO_ctrl_get_read_request(io1);
2087 /*
2088 * here we could use ..._get_write_guarantee instead of
2089 * ..._get_read_request, but by using the latter we test
2090 * restartability of the SSL implementation more thoroughly
2091 */
2092 num = r1;
2093 if (r2 < num)
2094 num = r2;
2095 if (num) {
2096 char *dataptr;
2097
2098 if (INT_MAX < num)
2099 num = INT_MAX;
2100
2101 if (num > 1)
2102 --num; /* test restartability even more thoroughly */
2103
2104 r = BIO_nwrite0(io1, &dataptr);
2105 assert(r > 0);
2106 if (r < (int)num)
2107 num = r;
2108 r = BIO_read(io2, dataptr, (int)num);
2109 if (r != (int)num) { /* can't happen */
2110 fprintf(stderr, "ERROR: BIO_read could not read "
2111 "BIO_ctrl_pending() bytes");
2112 goto err;
2113 }
2114 progress = 1;
2115 r = BIO_nwrite(io1, &dataptr, (int)num);
2116 if (r != (int)num) { /* can't happen */
2117 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2118 "BIO_nwrite0() bytes");
2119 goto err;
2120 }
2121
2122 if (debug)
2123 printf((io2 == client_io) ?
2124 "C->S relaying: %d bytes\n" :
2125 "S->C relaying: %d bytes\n", (int)num);
2126 }
2127 } /* no loop, BIO_ctrl_get_read_request now
2128 * returns 0 anyway */
2129
2130 if (!progress && !prev_progress)
2131 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2132 fprintf(stderr, "ERROR: got stuck\n");
2133 fprintf(stderr, " ERROR.\n");
2134 goto err;
2135 }
2136 prev_progress = progress;
2137 }
2138 }
2139 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2140
2141 if (verbose)
2142 print_details(c_ssl, "DONE via BIO pair: ");
2911575c 2143#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2144 if (verify_npn(c_ssl, s_ssl) < 0) {
2145 ret = 1;
2146 goto end;
2147 }
2148#endif
2149 if (verify_serverinfo() < 0) {
2150 fprintf(stderr, "Server info verify error\n");
2151 ret = 1;
2152 goto err;
2153 }
2154 if (verify_alpn(c_ssl, s_ssl) < 0) {
2155 ret = 1;
2156 goto err;
2157 }
2158
2159 if (custom_ext_error) {
2160 fprintf(stderr, "Custom extension error\n");
2161 ret = 1;
2162 goto err;
2163 }
2164
2165 end:
2166 ret = 0;
95d29597
BM		 2167
2168 err:
0f113f3e
MC		 2169 ERR_print_errors(bio_err);
2170
ca3a82c3
RS		 2171 BIO_free(server);
2172 BIO_free(server_io);
2173 BIO_free(client);
2174 BIO_free(client_io);
2175 BIO_free(s_ssl_bio);
2176 BIO_free(c_ssl_bio);
0f113f3e
MC		 2177
2178 return ret;
2179}
2180
2181#define W_READ 1
2182#define W_WRITE 2
2183#define C_DONE 1
2184#define S_DONE 2
d02b48c6 2185
6b691a5c 2186int doit(SSL *s_ssl, SSL *c_ssl, long count)
0f113f3e
MC		 2187{
2188 char *cbuf = NULL, *sbuf = NULL;
2189 long bufsiz;
2190 long cw_num = count, cr_num = count;
2191 long sw_num = count, sr_num = count;
2192 int ret = 1;
2193 BIO *c_to_s = NULL;
2194 BIO *s_to_c = NULL;
2195 BIO *c_bio = NULL;
2196 BIO *s_bio = NULL;
2197 int c_r, c_w, s_r, s_w;
2198 int i, j;
2199 int done = 0;
2200 int c_write, s_write;
2201 int do_server = 0, do_client = 0;
2202 int max_frag = 5 * 1024;
2203
2204 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2205
2206 if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
2207 goto err;
2208 if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
2209 goto err;
2210
2211 memset(cbuf, 0, bufsiz);
2212 memset(sbuf, 0, bufsiz);
2213
2214 c_to_s = BIO_new(BIO_s_mem());
2215 s_to_c = BIO_new(BIO_s_mem());
2216 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2217 ERR_print_errors(bio_err);
2218 goto err;
2219 }
2220
2221 c_bio = BIO_new(BIO_f_ssl());
2222 s_bio = BIO_new(BIO_f_ssl());
2223 if ((c_bio == NULL) || (s_bio == NULL)) {
2224 ERR_print_errors(bio_err);
2225 goto err;
2226 }
2227
2228 SSL_set_connect_state(c_ssl);
2229 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2230 SSL_set_max_send_fragment(c_ssl, max_frag);
2231 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2232
2233 SSL_set_accept_state(s_ssl);
2234 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2235 SSL_set_max_send_fragment(s_ssl, max_frag);
2236 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2237
2238 c_r = 0;
2239 s_r = 1;
2240 c_w = 1;
2241 s_w = 0;
2242 c_write = 1, s_write = 0;
2243
2244 /* We can always do writes */
2245 for (;;) {
2246 do_server = 0;
2247 do_client = 0;
2248
2249 i = (int)BIO_pending(s_bio);
2250 if ((i && s_r) || s_w)
2251 do_server = 1;
2252
2253 i = (int)BIO_pending(c_bio);
2254 if ((i && c_r) || c_w)
2255 do_client = 1;
2256
2257 if (do_server && debug) {
2258 if (SSL_in_init(s_ssl))
2259 printf("server waiting in SSL_accept - %s\n",
2260 SSL_state_string_long(s_ssl));
3a83462d 2261/*-
35a1cc90
MC		 2262 else if (s_write)
2263 printf("server:SSL_write()\n");
2264 else
2265 printf("server:SSL_read()\n"); */
0f113f3e
MC		 2266 }
2267
2268 if (do_client && debug) {
2269 if (SSL_in_init(c_ssl))
2270 printf("client waiting in SSL_connect - %s\n",
2271 SSL_state_string_long(c_ssl));
3a83462d 2272/*-
35a1cc90
MC		 2273 else if (c_write)
2274 printf("client:SSL_write()\n");
2275 else
2276 printf("client:SSL_read()\n"); */
0f113f3e
MC		 2277 }
2278
2279 if (!do_client && !do_server) {
2280 fprintf(stdout, "ERROR IN STARTUP\n");
2281 ERR_print_errors(bio_err);
ae632974 2282 goto err;
0f113f3e
MC		 2283 }
2284 if (do_client && !(done & C_DONE)) {
2285 if (c_write) {
2286 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2287 i = BIO_write(c_bio, cbuf, j);
2288 if (i < 0) {
2289 c_r = 0;
2290 c_w = 0;
2291 if (BIO_should_retry(c_bio)) {
2292 if (BIO_should_read(c_bio))
2293 c_r = 1;
2294 if (BIO_should_write(c_bio))
2295 c_w = 1;
2296 } else {
2297 fprintf(stderr, "ERROR in CLIENT\n");
2298 ERR_print_errors(bio_err);
2299 goto err;
2300 }
2301 } else if (i == 0) {
2302 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2303 goto err;
2304 } else {
2305 if (debug)
2306 printf("client wrote %d\n", i);
2307 /* ok */
2308 s_r = 1;
2309 c_write = 0;
2310 cw_num -= i;
2311 if (max_frag > 1029)
2312 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2313 }
2314 } else {
2315 i = BIO_read(c_bio, cbuf, bufsiz);
2316 if (i < 0) {
2317 c_r = 0;
2318 c_w = 0;
2319 if (BIO_should_retry(c_bio)) {
2320 if (BIO_should_read(c_bio))
2321 c_r = 1;
2322 if (BIO_should_write(c_bio))
2323 c_w = 1;
2324 } else {
2325 fprintf(stderr, "ERROR in CLIENT\n");
2326 ERR_print_errors(bio_err);
2327 goto err;
2328 }
2329 } else if (i == 0) {
2330 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2331 goto err;
2332 } else {
2333 if (debug)
2334 printf("client read %d\n", i);
2335 cr_num -= i;
2336 if (sw_num > 0) {
2337 s_write = 1;
2338 s_w = 1;
2339 }
2340 if (cr_num <= 0) {
2341 s_write = 1;
2342 s_w = 1;
2343 done = S_DONE | C_DONE;
2344 }
2345 }
2346 }
2347 }
2348
2349 if (do_server && !(done & S_DONE)) {
2350 if (!s_write) {
2351 i = BIO_read(s_bio, sbuf, bufsiz);
2352 if (i < 0) {
2353 s_r = 0;
2354 s_w = 0;
2355 if (BIO_should_retry(s_bio)) {
2356 if (BIO_should_read(s_bio))
2357 s_r = 1;
2358 if (BIO_should_write(s_bio))
2359 s_w = 1;
2360 } else {
2361 fprintf(stderr, "ERROR in SERVER\n");
2362 ERR_print_errors(bio_err);
2363 goto err;
2364 }
2365 } else if (i == 0) {
2366 ERR_print_errors(bio_err);
2367 fprintf(stderr,
2368 "SSL SERVER STARTUP FAILED in SSL_read\n");
2369 goto err;
2370 } else {
2371 if (debug)
2372 printf("server read %d\n", i);
2373 sr_num -= i;
2374 if (cw_num > 0) {
2375 c_write = 1;
2376 c_w = 1;
2377 }
2378 if (sr_num <= 0) {
2379 s_write = 1;
2380 s_w = 1;
2381 c_write = 0;
2382 }
2383 }
2384 } else {
2385 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2386 i = BIO_write(s_bio, sbuf, j);
2387 if (i < 0) {
2388 s_r = 0;
2389 s_w = 0;
2390 if (BIO_should_retry(s_bio)) {
2391 if (BIO_should_read(s_bio))
2392 s_r = 1;
2393 if (BIO_should_write(s_bio))
2394 s_w = 1;
2395 } else {
2396 fprintf(stderr, "ERROR in SERVER\n");
2397 ERR_print_errors(bio_err);
2398 goto err;
2399 }
2400 } else if (i == 0) {
2401 ERR_print_errors(bio_err);
2402 fprintf(stderr,
2403 "SSL SERVER STARTUP FAILED in SSL_write\n");
2404 goto err;
2405 } else {
2406 if (debug)
2407 printf("server wrote %d\n", i);
2408 sw_num -= i;
2409 s_write = 0;
2410 c_r = 1;
2411 if (sw_num <= 0)
2412 done |= S_DONE;
2413 if (max_frag > 1029)
2414 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2415 }
2416 }
2417 }
2418
2419 if ((done & S_DONE) && (done & C_DONE))
2420 break;
2421 }
2422
2423 if (verbose)
2424 print_details(c_ssl, "DONE: ");
2911575c 2425#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2426 if (verify_npn(c_ssl, s_ssl) < 0) {
2427 ret = 1;
2428 goto err;
2429 }
2430#endif
2431 if (verify_serverinfo() < 0) {
2432 fprintf(stderr, "Server info verify error\n");
2433 ret = 1;
2434 goto err;
2435 }
2436 if (custom_ext_error) {
2437 fprintf(stderr, "Custom extension error\n");
2438 ret = 1;
2439 goto err;
2440 }
2441 ret = 0;
2442 err:
2443 /*
2444 * We have to set the BIO's to NULL otherwise they will be
2445 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2446 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2447 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2448 * SSL_free() automatically BIO_free non NULL entries. You should not
2449 * normally do this or be required to do this
2450 */
2451 if (s_ssl != NULL) {
2452 s_ssl->rbio = NULL;
2453 s_ssl->wbio = NULL;
2454 }
2455 if (c_ssl != NULL) {
2456 c_ssl->rbio = NULL;
2457 c_ssl->wbio = NULL;
2458 }
2459
ca3a82c3
RS		 2460 BIO_free(c_to_s);
2461 BIO_free(s_to_c);
2462 BIO_free_all(c_bio);
2463 BIO_free_all(s_bio);
0f113f3e
MC		 2464
2465 if (cbuf)
2466 OPENSSL_free(cbuf);
2467 if (sbuf)
2468 OPENSSL_free(sbuf);
2469
2470 return (ret);
2471}
d02b48c6 2472
a7201e9a 2473static int get_proxy_auth_ex_data_idx(void)
0f113f3e
MC		 2474{
2475 static volatile int idx = -1;
2476 if (idx < 0) {
2477 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2478 if (idx < 0) {
2479 idx = X509_STORE_CTX_get_ex_new_index(0,
2480 "SSLtest for verify callback",
2481 NULL, NULL, NULL);
2482 }
2483 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2484 }
2485 return idx;
2486}
a7201e9a 2487
6d23cf97 2488static int verify_callback(int ok, X509_STORE_CTX *ctx)
0f113f3e
MC		 2489{
2490 char *s, buf[256];
2491
2492 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2493 sizeof buf);
2494 if (s != NULL) {
2495 if (ok)
2496 fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
2497 else {
2498 fprintf(stderr, "depth=%d error=%d %s\n",
2499 ctx->error_depth, ctx->error, buf);
2500 }
2501 }
2502
2503 if (ok == 0) {
2504 fprintf(stderr, "Error string: %s\n",
2505 X509_verify_cert_error_string(ctx->error));
2506 switch (ctx->error) {
2507 case X509_V_ERR_CERT_NOT_YET_VALID:
2508 case X509_V_ERR_CERT_HAS_EXPIRED:
2509 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2510 fprintf(stderr, " ... ignored.\n");
2511 ok = 1;
2512 }
2513 }
2514
2515 if (ok == 1) {
2516 X509 *xs = ctx->current_cert;
0f113f3e
MC		 2517 if (xs->ex_flags & EXFLAG_PROXY) {
2518 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2519 get_proxy_auth_ex_data_idx
2520 ());
2521
2522 if (letters) {
2523 int found_any = 0;
2524 int i;
2525 PROXY_CERT_INFO_EXTENSION *pci =
2526 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2527 NULL, NULL);
2528
2529 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2530 case NID_Independent:
2531 /*
2532 * Completely meaningless in this program, as there's no
2533 * way to grant explicit rights to a specific PrC.
2534 * Basically, using id-ppl-Independent is the perfect way
2535 * to grant no rights at all.
2536 */
2537 fprintf(stderr, " Independent proxy certificate");
2538 for (i = 0; i < 26; i++)
2539 letters[i] = 0;
2540 break;
2541 case NID_id_ppl_inheritAll:
2542 /*
2543 * This is basically a NOP, we simply let the current
2544 * rights stand as they are.
2545 */
2546 fprintf(stderr, " Proxy certificate inherits all");
2547 break;
2548 default:
2549 s = (char *)
2550 pci->proxyPolicy->policy->data;
2551 i = pci->proxyPolicy->policy->length;
2552
2553 /*
2554 * The algorithm works as follows: it is assumed that
2555 * previous iterations or the initial granted rights has
2556 * already set some elements of `letters'. What we need
2557 * to do is to clear those that weren't granted by the
2558 * current PrC as well. The easiest way to do this is to
2559 * add 1 to all the elements whose letters are given with
2560 * the current policy. That way, all elements that are
2561 * set by the current policy and were already set by
2562 * earlier policies and through the original grant of
2563 * rights will get the value 2 or higher. The last thing
2564 * to do is to sweep through `letters' and keep the
2565 * elements having the value 2 as set, and clear all the
2566 * others.
2567 */
2568
2569 fprintf(stderr, " Certificate proxy rights = %*.*s", i,
2570 i, s);
2571 while (i-- > 0) {
2572 int c = *s++;
2573 if (isascii(c) && isalpha(c)) {
2574 if (islower(c))
2575 c = toupper(c);
2576 letters[c - 'A']++;
2577 }
2578 }
2579 for (i = 0; i < 26; i++)
2580 if (letters[i] < 2)
2581 letters[i] = 0;
2582 else
2583 letters[i] = 1;
2584 }
2585
2586 found_any = 0;
2587 fprintf(stderr, ", resulting proxy rights = ");
2588 for (i = 0; i < 26; i++)
2589 if (letters[i]) {
2590 fprintf(stderr, "%c", i + 'A');
2591 found_any = 1;
2592 }
2593 if (!found_any)
2594 fprintf(stderr, "none");
2595 fprintf(stderr, "\n");
2596
2597 PROXY_CERT_INFO_EXTENSION_free(pci);
2598 }
2599 }
2600 }
2601
2602 return (ok);
2603}
d02b48c6 2604
a7201e9a 2605static void process_proxy_debug(int indent, const char *format, ...)
0f113f3e
MC		 2606{
2607 /* That's 80 > */
2608 static const char indentation[] =
2609 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2610 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2611 char my_format[256];
2612 va_list args;
2613
2614 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2615 indent, indent, indentation, format);
2616
2617 va_start(args, format);
2618 vfprintf(stderr, my_format, args);
2619 va_end(args);
2620}
2621
1d97c843
TH		 2622/*-
2623 * Priority levels:
0f113f3e
MC		 2624 * 0 [!]var, ()
2625 * 1 & ^
2626 * 2 |
1d97c843 2627 */
a7201e9a 2628static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2629 const char *cond, const char **cond_end,
2630 int *pos, int indent);
2631static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2632 const char **cond_end, int *pos, int indent)
2633{
2634 int c;
2635 int ok = 1;
2636 int negate = 0;
2637
2638 while (isspace((int)*cond)) {
2639 cond++;
2640 (*pos)++;
2641 }
2642 c = *cond;
2643
2644 if (debug)
2645 process_proxy_debug(indent,
2646 "Start process_proxy_cond_val at position %d: %s\n",
2647 *pos, cond);
2648
2649 while (c == '!') {
2650 negate = !negate;
2651 cond++;
2652 (*pos)++;
2653 while (isspace((int)*cond)) {
2654 cond++;
2655 (*pos)++;
2656 }
2657 c = *cond;
2658 }
2659
2660 if (c == '(') {
2661 cond++;
2662 (*pos)++;
2663 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2664 indent + 1);
2665 cond = *cond_end;
2666 if (ok < 0)
2667 goto end;
2668 while (isspace((int)*cond)) {
2669 cond++;
2670 (*pos)++;
2671 }
2672 c = *cond;
2673 if (c != ')') {
2674 fprintf(stderr,
2675 "Weird condition character in position %d: "
2676 "%c\n", *pos, c);
2677 ok = -1;
2678 goto end;
2679 }
2680 cond++;
2681 (*pos)++;
2682 } else if (isascii(c) && isalpha(c)) {
2683 if (islower(c))
2684 c = toupper(c);
2685 ok = letters[c - 'A'];
2686 cond++;
2687 (*pos)++;
2688 } else {
2689 fprintf(stderr,
2690 "Weird condition character in position %d: " "%c\n", *pos, c);
2691 ok = -1;
2692 goto end;
2693 }
a7201e9a 2694 end:
0f113f3e
MC		 2695 *cond_end = cond;
2696 if (ok >= 0 && negate)
2697 ok = !ok;
a7201e9a 2698
0f113f3e
MC		 2699 if (debug)
2700 process_proxy_debug(indent,
2701 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2702 *pos, cond, ok);
2703
2704 return ok;
2705}
a7201e9a 2706
a7201e9a 2707static int process_proxy_cond_multipliers(unsigned int letters[26],
0f113f3e
MC		 2708 const char *cond,
2709 const char **cond_end, int *pos,
2710 int indent)
2711{
2712 int ok;
2713 char c;
2714
2715 if (debug)
2716 process_proxy_debug(indent,
2717 "Start process_proxy_cond_multipliers at position %d: %s\n",
2718 *pos, cond);
2719
2720 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2721 cond = *cond_end;
2722 if (ok < 0)
2723 goto end;
2724
2725 while (ok >= 0) {
2726 while (isspace((int)*cond)) {
2727 cond++;
2728 (*pos)++;
2729 }
2730 c = *cond;
2731
2732 switch (c) {
2733 case '&':
2734 case '^':
2735 {
2736 int save_ok = ok;
2737
2738 cond++;
2739 (*pos)++;
2740 ok = process_proxy_cond_val(letters,
2741 cond, cond_end, pos, indent + 1);
2742 cond = *cond_end;
2743 if (ok < 0)
2744 break;
2745
2746 switch (c) {
2747 case '&':
2748 ok &= save_ok;
2749 break;
2750 case '^':
2751 ok ^= save_ok;
2752 break;
2753 default:
2754 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2755 " STOPPING\n");
2756 EXIT(1);
2757 }
2758 }
2759 break;
2760 default:
2761 goto end;
2762 }
2763 }
a7201e9a 2764 end:
0f113f3e
MC		 2765 if (debug)
2766 process_proxy_debug(indent,
2767 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2768 *pos, cond, ok);
2769
2770 *cond_end = cond;
2771 return ok;
2772}
2773
a7201e9a 2774static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2775 const char *cond, const char **cond_end,
2776 int *pos, int indent)
2777{
2778 int ok;
2779 char c;
2780
2781 if (debug)
2782 process_proxy_debug(indent,
2783 "Start process_proxy_cond_adders at position %d: %s\n",
2784 *pos, cond);
2785
2786 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2787 indent + 1);
2788 cond = *cond_end;
2789 if (ok < 0)
2790 goto end;
2791
2792 while (ok >= 0) {
2793 while (isspace((int)*cond)) {
2794 cond++;
2795 (*pos)++;
2796 }
2797 c = *cond;
2798
2799 switch (c) {
2800 case '|':
2801 {
2802 int save_ok = ok;
2803
2804 cond++;
2805 (*pos)++;
2806 ok = process_proxy_cond_multipliers(letters,
2807 cond, cond_end, pos,
2808 indent + 1);
2809 cond = *cond_end;
2810 if (ok < 0)
2811 break;
2812
2813 switch (c) {
2814 case '|':
2815 ok |= save_ok;
2816 break;
2817 default:
2818 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2819 " STOPPING\n");
2820 EXIT(1);
2821 }
2822 }
2823 break;
2824 default:
2825 goto end;
2826 }
2827 }
a7201e9a 2828 end:
0f113f3e
MC		 2829 if (debug)
2830 process_proxy_debug(indent,
2831 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2832 *pos, cond, ok);
a7201e9a 2833
0f113f3e
MC		 2834 *cond_end = cond;
2835 return ok;
2836}
a7201e9a
RL		 2837
2838static int process_proxy_cond(unsigned int letters[26],
0f113f3e
MC		 2839 const char *cond, const char **cond_end)
2840{
2841 int pos = 1;
2842 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2843}
a7201e9a 2844
6d23cf97 2845static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
0f113f3e
MC		 2846{
2847 int ok = 1;
2848 struct app_verify_arg *cb_arg = arg;
2849 unsigned int letters[26]; /* only used with proxy_auth */
2850
2851 if (cb_arg->app_verify) {
2852 char *s = NULL, buf[256];
2853
2854 fprintf(stderr, "In app_verify_callback, allowing cert. ");
2855 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
2856 fprintf(stderr,
2857 "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2858 (void *)ctx, (void *)ctx->cert);
2859 if (ctx->cert)
2860 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
2861 if (s != NULL) {
2862 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
2863 }
2864 return (1);
2865 }
2866 if (cb_arg->proxy_auth) {
2867 int found_any = 0, i;
2868 char *sp;
2869
2870 for (i = 0; i < 26; i++)
2871 letters[i] = 0;
2872 for (sp = cb_arg->proxy_auth; *sp; sp++) {
2873 int c = *sp;
2874 if (isascii(c) && isalpha(c)) {
2875 if (islower(c))
2876 c = toupper(c);
2877 letters[c - 'A'] = 1;
2878 }
2879 }
2880
2881 fprintf(stderr, " Initial proxy rights = ");
2882 for (i = 0; i < 26; i++)
2883 if (letters[i]) {
2884 fprintf(stderr, "%c", i + 'A');
2885 found_any = 1;
2886 }
2887 if (!found_any)
2888 fprintf(stderr, "none");
2889 fprintf(stderr, "\n");
2890
2891 X509_STORE_CTX_set_ex_data(ctx,
2892 get_proxy_auth_ex_data_idx(), letters);
2893 }
2894 if (cb_arg->allow_proxy_certs) {
2895 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2896 }
0f113f3e 2897 ok = X509_verify_cert(ctx);
0f113f3e
MC		 2898
2899 if (cb_arg->proxy_auth) {
2900 if (ok > 0) {
2901 const char *cond_end = NULL;
2902
2903 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
2904
2905 if (ok < 0)
2906 EXIT(3);
2907 if (*cond_end) {
2908 fprintf(stderr,
2909 "Stopped processing condition before it's end.\n");
2910 ok = 0;
2911 }
2912 if (!ok)
2913 fprintf(stderr,
2914 "Proxy rights check with condition '%s' proved invalid\n",
2915 cb_arg->proxy_cond);
2916 else
2917 fprintf(stderr,
2918 "Proxy rights check with condition '%s' proved valid\n",
2919 cb_arg->proxy_cond);
2920 }
2921 }
2922 return (ok);
2923}
023ec151 2924
bc36ee62 2925#ifndef OPENSSL_NO_RSA
0f113f3e 2926static RSA *rsa_tmp = NULL;
46b3bd54 2927
6d23cf97 2928static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
0f113f3e
MC		 2929{
2930 BIGNUM *bn = NULL;
2931 if (rsa_tmp == NULL) {
2932 bn = BN_new();
2933 rsa_tmp = RSA_new();
2934 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
2935 BIO_printf(bio_err, "Memory error...");
2936 goto end;
2937 }
2938 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength);
2939 (void)BIO_flush(bio_err);
2940 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2941 BIO_printf(bio_err, "Error generating key.");
2942 RSA_free(rsa_tmp);
2943 rsa_tmp = NULL;
2944 }
2945 end:
2946 BIO_printf(bio_err, "\n");
2947 (void)BIO_flush(bio_err);
2948 }
2949 if (bn)
2950 BN_free(bn);
2951 return (rsa_tmp);
2952}
46b3bd54
BM		 2953
2954static void free_tmp_rsa(void)
0f113f3e 2955{
d6407083
RS		 2956 RSA_free(rsa_tmp);
2957 rsa_tmp = NULL;
0f113f3e 2958}
79df9d62 2959#endif
53002dc6 2960
bc36ee62 2961#ifndef OPENSSL_NO_DH
1d97c843
TH		 2962/*-
2963 * These DH parameters have been generated as follows:
e4589582
BM		 2964 * $ openssl dhparam -C -noout 512
2965 * $ openssl dhparam -C -noout 1024
2966 * $ openssl dhparam -C -noout -dsaparam 1024
2967 * (The third function has been renamed to avoid name conflicts.)
2968 */
f3f316f1 2969static DH *get_dh512()
0f113f3e
MC		 2970{
2971 static unsigned char dh512_p[] = {
2972 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2973 0xC6,
2974 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2975 0xB0,
2976 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2977 0x5F,
2978 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2979 0xB8,
2980 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2981 0x33,
2982 0x02, 0xC5, 0xAE, 0x23,
2983 };
2984 static unsigned char dh512_g[] = {
2985 0x02,
2986 };
2987 DH *dh;
2988
2989 if ((dh = DH_new()) == NULL)
2990 return (NULL);
2991 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2992 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2993 if ((dh->p == NULL) || (dh->g == NULL)) {
2994 DH_free(dh);
2995 return (NULL);
2996 }
2997 return (dh);
2998}
e4589582 2999
f3f316f1 3000static DH *get_dh1024()
0f113f3e
MC		 3001{
3002 static unsigned char dh1024_p[] = {
3003 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
3004 0x3A,
3005 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
3006 0xA2,
3007 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
3008 0xB0,
3009 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
3010 0xC2,
3011 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
3012 0x8C,
3013 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3014 0xB8,
3015 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3016 0x52,
3017 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3018 0xC1,
3019 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3020 0xB1,
3021 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3022 0xAB,
3023 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3024 };
3025 static unsigned char dh1024_g[] = {
3026 0x02,
3027 };
3028 DH *dh;
3029
3030 if ((dh = DH_new()) == NULL)
3031 return (NULL);
3032 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3033 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3034 if ((dh->p == NULL) || (dh->g == NULL)) {
3035 DH_free(dh);
3036 return (NULL);
3037 }
3038 return (dh);
3039}
53002dc6 3040
f3f316f1 3041static DH *get_dh1024dsa()
0f113f3e
MC		 3042{
3043 static unsigned char dh1024_p[] = {
3044 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3045 0x00,
3046 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3047 0x19,
3048 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3049 0xD2,
3050 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3051 0x55,
3052 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3053 0xFC,
3054 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3055 0x97,
3056 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3057 0x8D,
3058 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3059 0xBB,
3060 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3061 0xF6,
3062 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3063 0x9E,
3064 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3065 };
3066 static unsigned char dh1024_g[] = {
3067 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3068 0x05,
3069 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3070 0xF3,
3071 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3072 0xE9,
3073 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3074 0x3C,
3075 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3076 0x65,
3077 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3078 0x60,
3079 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3080 0xF6,
3081 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3082 0xA7,
3083 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3084 0xA1,
3085 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3086 0x60,
3087 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3088 };
3089 DH *dh;
3090
3091 if ((dh = DH_new()) == NULL)
3092 return (NULL);
3093 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3094 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3095 if ((dh->p == NULL) || (dh->g == NULL)) {
3096 DH_free(dh);
3097 return (NULL);
3098 }
3099 dh->length = 160;
3100 return (dh);
3101}
f71165b5 3102#endif
6e119bb0 3103
ddac1974
NL		 3104#ifndef OPENSSL_NO_PSK
3105/* convert the PSK key (psk_key) in ascii to binary (psk) */
3106static int psk_key2bn(const char *pskkey, unsigned char *psk,
0f113f3e
MC		 3107 unsigned int max_psk_len)
3108{
3109 int ret;
3110 BIGNUM *bn = NULL;
3111
3112 ret = BN_hex2bn(&bn, pskkey);
3113 if (!ret) {
3114 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3115 pskkey);
3116 if (bn)
3117 BN_free(bn);
3118 return 0;
3119 }
3120 if (BN_num_bytes(bn) > (int)max_psk_len) {
3121 BIO_printf(bio_err,
3122 "psk buffer of callback is too small (%d) for key (%d)\n",
3123 max_psk_len, BN_num_bytes(bn));
3124 BN_free(bn);
3125 return 0;
3126 }
3127 ret = BN_bn2bin(bn, psk);
3128 BN_free(bn);
3129 return ret;
3130}
3131
3132static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3133 char *identity,
3134 unsigned int max_identity_len,
3135 unsigned char *psk,
3136 unsigned int max_psk_len)
3137{
3138 int ret;
3139 unsigned int psk_len = 0;
3140
3141 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3142 if (ret < 0)
3143 goto out_err;
3144 if (debug)
3145 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3146 ret);
3147 ret = psk_key2bn(psk_key, psk, max_psk_len);
3148 if (ret < 0)
3149 goto out_err;
3150 psk_len = ret;
3151 out_err:
3152 return psk_len;
3153}
ddac1974
NL		 3154
3155static unsigned int psk_server_callback(SSL *ssl, const char *identity,
0f113f3e
MC		 3156 unsigned char *psk,
3157 unsigned int max_psk_len)
3158{
3159 unsigned int psk_len = 0;
ddac1974 3160
0f113f3e
MC		 3161 if (strcmp(identity, "Client_identity") != 0) {
3162 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3163 return 0;
3164 }
3165 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3166 return psk_len;
3167}
ddac1974
NL		 3168#endif
3169
6e119bb0 3170static int do_test_cipherlist(void)
0f113f3e
MC		 3171{
3172 int i = 0;
3173 const SSL_METHOD *meth;
3174 const SSL_CIPHER *ci, *tci = NULL;
6e119bb0 3175
00fe865d 3176#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 3177 fprintf(stderr, "testing SSLv3 cipher list order: ");
3178 meth = SSLv3_method();
3179 tci = NULL;
3180 while ((ci = meth->get_cipher(i++)) != NULL) {
3181 if (tci != NULL)
3182 if (ci->id >= tci->id) {
3183 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3184 return 0;
3185 }
3186 tci = ci;
3187 }
3188 fprintf(stderr, "ok\n");
00fe865d 3189#endif
0f113f3e
MC		 3190 fprintf(stderr, "testing TLSv1 cipher list order: ");
3191 meth = TLSv1_method();
3192 tci = NULL;
3193 while ((ci = meth->get_cipher(i++)) != NULL) {
3194 if (tci != NULL)
3195 if (ci->id >= tci->id) {
3196 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3197 return 0;
3198 }
3199 tci = ci;
3200 }
3201 fprintf(stderr, "ok\n");
0f113f3e
MC		 3202
3203 return 1;
3204}
A mirror of the official openssl repository