]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/ssltest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
GH787: Fix ALPN
[thirdparty/openssl.git] / test / ssltest.c
CommitLineData
58964a49 1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6
RE		 2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
0f113f3e 7 *
d02b48c6
RE		 8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e 14 *
d02b48c6
RE		 15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
0f113f3e 21 *
d02b48c6
RE		 22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
0f113f3e 36 * 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6
RE		 37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e 39 *
d02b48c6
RE		 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
0f113f3e 51 *
d02b48c6
RE		 52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
56 */
3ac82faa
BM		 57/* ====================================================================
58 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
59 *
60 * Redistribution and use in source and binary forms, with or without
61 * modification, are permitted provided that the following conditions
62 * are met:
63 *
64 * 1. Redistributions of source code must retain the above copyright
0f113f3e 65 * notice, this list of conditions and the following disclaimer.
3ac82faa
BM		 66 *
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in
69 * the documentation and/or other materials provided with the
70 * distribution.
71 *
72 * 3. All advertising materials mentioning features or use of this
73 * software must display the following acknowledgment:
74 * "This product includes software developed by the OpenSSL Project
75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76 *
77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78 * endorse or promote products derived from this software without
79 * prior written permission. For written permission, please contact
80 * openssl-core@openssl.org.
81 *
82 * 5. Products derived from this software may not be called "OpenSSL"
83 * nor may "OpenSSL" appear in their names without prior written
84 * permission of the OpenSSL Project.
85 *
86 * 6. Redistributions of any form whatsoever must retain the following
87 * acknowledgment:
88 * "This product includes software developed by the OpenSSL Project
89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90 *
91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102 * OF THE POSSIBILITY OF SUCH DAMAGE.
103 * ====================================================================
104 *
105 * This product includes cryptographic software written by Eric Young
106 * (eay@cryptsoft.com). This product includes software written by Tim
107 * Hudson (tjh@cryptsoft.com).
108 *
109 */
ea262260
BM		 110/* ====================================================================
111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
0f113f3e 112 * ECC cipher suite support in OpenSSL originally developed by
ea262260
BM		 113 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
114 */
ddac1974
NL		 115/* ====================================================================
116 * Copyright 2005 Nokia. All rights reserved.
117 *
118 * The portions of the attached software ("Contribution") is developed by
119 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
120 * license.
121 *
122 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124 * support (see RFC 4279) to OpenSSL.
125 *
126 * No patent licenses or other rights except those expressly stated in
127 * the OpenSSL open source license shall be deemed granted or received
128 * expressly, by implication, estoppel, or otherwise.
129 *
130 * No assurances are provided by Nokia that the Contribution does not
131 * infringe the patent or other intellectual property rights of any third
132 * party or that the license provides you with all the necessary rights
133 * to make use of the Contribution.
134 *
135 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
139 * OTHERWISE.
140 */
d02b48c6 141
dbd87ffc
MC		 142/* Or gethostname won't be declared properly on Linux and GNU platforms. */
143#define _BSD_SOURCE 1
f9fd3524 144#define _DEFAULT_SOURCE 1
37289744 145
6f7af152
BM		 146#include <assert.h>
147#include <errno.h>
148#include <limits.h>
d02b48c6
RE		 149#include <stdio.h>
150#include <stdlib.h>
151#include <string.h>
563f1503 152#include <time.h>
17e3dd1c 153
e7a28569 154#define USE_SOCKETS
41d2a336 155#include "e_os.h"
17e3dd1c 156
bc120a54 157#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 158/*
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
160 */
161# define _XOPEN_SOURCE 500
bc120a54
DSH		 162#endif
163
a963395a
RL		 164#include <ctype.h>
165
ec577822
BM		 166#include <openssl/bio.h>
167#include <openssl/crypto.h>
563f1503 168#include <openssl/evp.h>
ec577822 169#include <openssl/x509.h>
a7201e9a 170#include <openssl/x509v3.h>
ec577822 171#include <openssl/ssl.h>
0b13e9f0 172#ifndef OPENSSL_NO_ENGINE
0f113f3e 173# include <openssl/engine.h>
0b13e9f0 174#endif
ec577822 175#include <openssl/err.h>
b9d82f47 176#include <openssl/rand.h>
3eeaab4b 177#ifndef OPENSSL_NO_RSA
0f113f3e 178# include <openssl/rsa.h>
3eeaab4b
NL		 179#endif
180#ifndef OPENSSL_NO_DSA
0f113f3e 181# include <openssl/dsa.h>
3eeaab4b
NL		 182#endif
183#ifndef OPENSSL_NO_DH
0f113f3e 184# include <openssl/dh.h>
3eeaab4b 185#endif
edc032b5 186#ifndef OPENSSL_NO_SRP
0f113f3e 187# include <openssl/srp.h>
edc032b5 188#endif
d095b68d 189#include <openssl/bn.h>
dd696a55
RP		 190#ifndef OPENSSL_NO_CT
191# include <openssl/ct.h>
192#endif
09867a47 193
b6ba4014
MC		 194#include "../ssl/ssl_locl.h"
195
dbd87ffc
MC		 196/*
197 * Or gethostname won't be declared properly
198 * on Compaq platforms (at least with DEC C).
199 * Do not try to put it earlier, or IPv6 includes
200 * get screwed...
0f113f3e
MC		 201 */
202#define _XOPEN_SOURCE_EXTENDED 1
09867a47 203
bc36ee62 204#ifdef OPENSSL_SYS_WINDOWS
0f113f3e 205# include <winsock.h>
37289744 206#else
0f113f3e 207# include OPENSSL_UNISTD
d02b48c6
RE		 208#endif
209
817cd0d5
TS		 210SSL_CTX *s_ctx = NULL;
211SSL_CTX *s_ctx2 = NULL;
212
0f113f3e 213/*
45ddce21
RS		 214 * There is really no standard for this, so let's assign something
215 * only for this test
0f113f3e 216 */
0f113f3e 217#define COMP_ZLIB 1
23f80f46 218
6d23cf97 219static int verify_callback(int ok, X509_STORE_CTX *ctx);
6d23cf97 220static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
a7201e9a 221#define APP_CALLBACK_STRING "Test Callback Argument"
0f113f3e
MC		 222struct app_verify_arg {
223 char *string;
224 int app_verify;
225 int allow_proxy_certs;
226 char *proxy_auth;
227 char *proxy_cond;
228};
023ec151 229
bc36ee62 230#ifndef OPENSSL_NO_DH
d02b48c6 231static DH *get_dh512(void);
e4589582
BM		 232static DH *get_dh1024(void);
233static DH *get_dh1024dsa(void);
53002dc6
BM		 234#endif
235
0f113f3e 236static char *psk_key = NULL; /* by default PSK is not used */
ddac1974 237#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 238static unsigned int psk_client_callback(SSL *ssl, const char *hint,
239 char *identity,
240 unsigned int max_identity_len,
241 unsigned char *psk,
242 unsigned int max_psk_len);
243static unsigned int psk_server_callback(SSL *ssl, const char *identity,
244 unsigned char *psk,
245 unsigned int max_psk_len);
ddac1974
NL		 246#endif
247
edc032b5
BL		 248#ifndef OPENSSL_NO_SRP
249/* SRP client */
250/* This is a context that we pass to all callbacks */
0f113f3e
MC		 251typedef struct srp_client_arg_st {
252 char *srppassin;
253 char *srplogin;
254} SRP_CLIENT_ARG;
edc032b5 255
0f113f3e 256# define PWD_STRLEN 1024
edc032b5 257
0f113f3e
MC		 258static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
259{
260 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
7644a9ae 261 return OPENSSL_strdup((char *)srp_client_arg->srppassin);
0f113f3e 262}
edc032b5 263
edc032b5
BL		 264/* SRP server */
265/* This is a context that we pass to SRP server callbacks */
0f113f3e
MC		 266typedef struct srp_server_arg_st {
267 char *expected_user;
268 char *pass;
269} SRP_SERVER_ARG;
edc032b5 270
6d23cf97 271static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
0f113f3e
MC		 272{
273 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
274
275 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
276 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
277 return SSL3_AL_FATAL;
278 }
279 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
280 *ad = SSL_AD_INTERNAL_ERROR;
281 return SSL3_AL_FATAL;
282 }
283 return SSL_ERROR_NONE;
284}
285#endif
286
287static BIO *bio_err = NULL;
288static BIO *bio_stdout = NULL;
d02b48c6 289
2911575c 290#ifndef OPENSSL_NO_NEXTPROTONEG
d9a268b9
BL		 291/* Note that this code assumes that this is only a one element list: */
292static const char NEXT_PROTO_STRING[] = "\x09testproto";
df2ee0e2
BL		 293static int npn_client = 0;
294static int npn_server = 0;
295static int npn_server_reject = 0;
d9a268b9 296
0f113f3e
MC		 297static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
298 const unsigned char *in, unsigned int inlen,
299 void *arg)
300{
301 /*
302 * This callback only returns the protocol string, rather than a length
303 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
304 * and remove the first byte to chop off the length prefix.
305 */
306 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
307 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
308 return SSL_TLSEXT_ERR_OK;
309}
310
311static int cb_server_npn(SSL *s, const unsigned char **data,
312 unsigned int *len, void *arg)
313{
314 *data = (const unsigned char *)NEXT_PROTO_STRING;
315 *len = sizeof(NEXT_PROTO_STRING) - 1;
316 return SSL_TLSEXT_ERR_OK;
317}
318
319static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
320 unsigned int *len, void *arg)
321{
322 return SSL_TLSEXT_ERR_NOACK;
323}
d9a268b9
BL		 324
325static int verify_npn(SSL *client, SSL *server)
0f113f3e
MC		 326{
327 const unsigned char *client_s;
328 unsigned client_len;
329 const unsigned char *server_s;
330 unsigned server_len;
331
332 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
333 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
334
335 if (client_len) {
336 BIO_printf(bio_stdout, "Client NPN: ");
337 BIO_write(bio_stdout, client_s, client_len);
338 BIO_printf(bio_stdout, "\n");
339 }
340
341 if (server_len) {
342 BIO_printf(bio_stdout, "Server NPN: ");
343 BIO_write(bio_stdout, server_s, server_len);
344 BIO_printf(bio_stdout, "\n");
345 }
346
347 /*
348 * If an NPN string was returned, it must be the protocol that we
349 * expected to negotiate.
350 */
351 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
352 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
353 return -1;
354 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
355 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
356 return -1;
357
358 if (!npn_client && client_len)
359 return -1;
360 if (!npn_server && server_len)
361 return -1;
362 if (npn_server_reject && server_len)
363 return -1;
364 if (npn_client && npn_server && (!client_len || !server_len))
365 return -1;
366
367 return 0;
368}
d9a268b9
BL		 369#endif
370
a8989362 371static const char *alpn_client;
817cd0d5
TS		 372static char *alpn_server;
373static char *alpn_server2;
a8989362
AL		 374static const char *alpn_expected;
375static unsigned char *alpn_selected;
7946ab33
KR		 376static const char *server_min_proto;
377static const char *server_max_proto;
378static const char *client_min_proto;
379static const char *client_max_proto;
380static const char *should_negotiate;
817cd0d5
TS		 381static const char *sn_client;
382static const char *sn_server1;
383static const char *sn_server2;
384static int sn_expect = 0;
385
386static int servername_cb(SSL *s, int *ad, void *arg)
387{
388 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
389 if (sn_server2 == NULL) {
390 BIO_printf(bio_stdout, "Servername 2 is NULL\n");
391 return SSL_TLSEXT_ERR_NOACK;
392 }
393
394 if (servername) {
395 if (s_ctx2 != NULL && sn_server2 != NULL &&
396 !strcasecmp(servername, sn_server2)) {
397 BIO_printf(bio_stdout, "Switching server context.\n");
398 SSL_set_SSL_CTX(s, s_ctx2);
399 }
400 }
401 return SSL_TLSEXT_ERR_OK;
402}
403static int verify_servername(SSL *client, SSL *server)
404{
405 /* just need to see if sn_context is what we expect */
406 SSL_CTX* ctx = SSL_get_SSL_CTX(server);
407 if (sn_expect == 0)
408 return 0;
409 if (sn_expect == 1 && ctx == s_ctx)
410 return 0;
411 if (sn_expect == 2 && ctx == s_ctx2)
412 return 0;
413 BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect);
414 if (ctx == s_ctx2)
415 BIO_printf(bio_stdout, "Servername: context is 2\n");
416 else if (ctx == s_ctx)
417 BIO_printf(bio_stdout, "Servername: context is 1\n");
418 else
419 BIO_printf(bio_stdout, "Servername: context is unknown\n");
420 return -1;
421}
422
a8989362 423
3a83462d
MC		 424/*-
425 * next_protos_parse parses a comma separated list of strings into a string
a8989362
AL		 426 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
427 * outlen: (output) set to the length of the resulting buffer on success.
428 * err: (maybe NULL) on failure, an error message line is written to this BIO.
4eadd11c 429 * in: a NUL terminated string like "abc,def,ghi"
a8989362
AL		 430 *
431 * returns: a malloced buffer or NULL on failure.
432 */
817cd0d5 433static unsigned char *next_protos_parse(size_t *outlen,
0f113f3e
MC		 434 const char *in)
435{
436 size_t len;
437 unsigned char *out;
438 size_t i, start = 0;
439
440 len = strlen(in);
441 if (len >= 65535)
442 return NULL;
443
444 out = OPENSSL_malloc(strlen(in) + 1);
445 if (!out)
446 return NULL;
447
448 for (i = 0; i <= len; ++i) {
449 if (i == len || in[i] == ',') {
450 if (i - start > 255) {
451 OPENSSL_free(out);
452 return NULL;
453 }
454 out[start] = i - start;
455 start = i + 1;
456 } else
457 out[i + 1] = in[i];
458 }
459
460 *outlen = len + 1;
461 return out;
462}
463
464static int cb_server_alpn(SSL *s, const unsigned char **out,
465 unsigned char *outlen, const unsigned char *in,
466 unsigned int inlen, void *arg)
467{
468 unsigned char *protos;
817cd0d5
TS		 469 size_t protos_len;
470 char* alpn_str = arg;
0f113f3e 471
817cd0d5 472 protos = next_protos_parse(&protos_len, alpn_str);
0f113f3e
MC		 473 if (protos == NULL) {
474 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
817cd0d5 475 alpn_str);
0f113f3e
MC		 476 abort();
477 }
478
479 if (SSL_select_next_proto
480 ((unsigned char **)out, outlen, protos, protos_len, in,
481 inlen) != OPENSSL_NPN_NEGOTIATED) {
482 OPENSSL_free(protos);
483 return SSL_TLSEXT_ERR_NOACK;
484 }
485
486 /*
487 * Make a copy of the selected protocol which will be freed in
488 * verify_alpn.
489 */
490 alpn_selected = OPENSSL_malloc(*outlen);
491 memcpy(alpn_selected, *out, *outlen);
492 *out = alpn_selected;
493
494 OPENSSL_free(protos);
495 return SSL_TLSEXT_ERR_OK;
496}
a8989362
AL		 497
498static int verify_alpn(SSL *client, SSL *server)
0f113f3e
MC		 499{
500 const unsigned char *client_proto, *server_proto;
501 unsigned int client_proto_len = 0, server_proto_len = 0;
502 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
503 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
504
b548a1f1
RS		 505 OPENSSL_free(alpn_selected);
506 alpn_selected = NULL;
0f113f3e 507
3003e0a4
AG		 508 if (client_proto_len != server_proto_len) {
509 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
510 goto err;
511 }
512
513 if (client_proto != NULL &&
0f113f3e
MC		 514 memcmp(client_proto, server_proto, client_proto_len) != 0) {
515 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
516 goto err;
517 }
518
519 if (client_proto_len > 0 && alpn_expected == NULL) {
520 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
521 goto err;
522 }
523
524 if (alpn_expected != NULL &&
525 (client_proto_len != strlen(alpn_expected) ||
526 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
527 BIO_printf(bio_stdout,
528 "ALPN selected protocols not equal to expected protocol: %s\n",
529 alpn_expected);
530 goto err;
531 }
532
533 return 0;
534
535 err:
536 BIO_printf(bio_stdout, "ALPN results: client: '");
537 BIO_write(bio_stdout, client_proto, client_proto_len);
538 BIO_printf(bio_stdout, "', server: '");
539 BIO_write(bio_stdout, server_proto, server_proto_len);
540 BIO_printf(bio_stdout, "'\n");
817cd0d5
TS		 541 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '",
542 alpn_client);
543 if (SSL_get_SSL_CTX(server) == s_ctx2) {
544 BIO_printf(bio_stdout, "%s'\n",
545 alpn_server2);
546 } else {
547 BIO_printf(bio_stdout, "%s'\n",
548 alpn_server);
549 }
0f113f3e
MC		 550 return -1;
551}
a8989362 552
0f113f3e
MC		 553/*
554 * WARNING : below extension types are *NOT* IETF assigned, and could
555 * conflict if these types are reassigned and handled specially by OpenSSL
556 * in the future
557 */
a398f821 558#define TACK_EXT_TYPE 62208
9cd50f73
T		 559#define CUSTOM_EXT_TYPE_0 1000
560#define CUSTOM_EXT_TYPE_1 1001
561#define CUSTOM_EXT_TYPE_2 1002
562#define CUSTOM_EXT_TYPE_3 1003
563
df2ee0e2
BL		 564static const char custom_ext_cli_string[] = "abc";
565static const char custom_ext_srv_string[] = "defg";
a398f821
T		 566
567/* These set from cmdline */
df2ee0e2
BL		 568static char *serverinfo_file = NULL;
569static int serverinfo_sct = 0;
570static int serverinfo_tack = 0;
9cd50f73
T		 571
572/* These set based on extension callbacks */
df2ee0e2
BL		 573static int serverinfo_sct_seen = 0;
574static int serverinfo_tack_seen = 0;
575static int serverinfo_other_seen = 0;
a398f821 576
9cd50f73 577/* This set from cmdline */
df2ee0e2 578static int custom_ext = 0;
9cd50f73
T		 579
580/* This set based on extension callbacks */
df2ee0e2 581static int custom_ext_error = 0;
9cd50f73 582
0cfefe4b 583static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 584 const unsigned char *in, size_t inlen,
585 int *al, void *arg)
586{
dd696a55 587 if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp)
0f113f3e
MC		 588 serverinfo_sct_seen++;
589 else if (ext_type == TACK_EXT_TYPE)
590 serverinfo_tack_seen++;
591 else
592 serverinfo_other_seen++;
593 return 1;
594}
a398f821
T		 595
596static int verify_serverinfo()
0f113f3e
MC		 597{
598 if (serverinfo_sct != serverinfo_sct_seen)
599 return -1;
600 if (serverinfo_tack != serverinfo_tack_seen)
601 return -1;
602 if (serverinfo_other_seen)
603 return -1;
604 return 0;
605}
a398f821 606
1d97c843
TH		 607/*-
608 * Four test cases for custom extensions:
9cd50f73
T		 609 * 0 - no ClientHello extension or ServerHello response
610 * 1 - ClientHello with "abc", no response
611 * 2 - ClientHello with "abc", empty response
612 * 3 - ClientHello with "abc", "defg" response
613 */
614
de2a9e38 615static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 616 const unsigned char **out,
617 size_t *outlen, int *al, void *arg)
618{
619 if (ext_type != CUSTOM_EXT_TYPE_0)
620 custom_ext_error = 1;
621 return 0; /* Don't send an extension */
622}
9cd50f73 623
de2a9e38 624static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 625 const unsigned char *in,
626 size_t inlen, int *al, void *arg)
627{
628 return 1;
629}
9cd50f73 630
de2a9e38 631static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 632 const unsigned char **out,
633 size_t *outlen, int *al, void *arg)
634{
635 if (ext_type != CUSTOM_EXT_TYPE_1)
636 custom_ext_error = 1;
637 *out = (const unsigned char *)custom_ext_cli_string;
638 *outlen = strlen(custom_ext_cli_string);
639 return 1; /* Send "abc" */
640}
9cd50f73 641
de2a9e38 642static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 643 const unsigned char *in,
644 size_t inlen, int *al, void *arg)
645{
646 return 1;
647}
9cd50f73 648
de2a9e38 649static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 650 const unsigned char **out,
651 size_t *outlen, int *al, void *arg)
652{
653 if (ext_type != CUSTOM_EXT_TYPE_2)
654 custom_ext_error = 1;
655 *out = (const unsigned char *)custom_ext_cli_string;
656 *outlen = strlen(custom_ext_cli_string);
657 return 1; /* Send "abc" */
658}
9cd50f73 659
de2a9e38 660static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 661 const unsigned char *in,
662 size_t inlen, int *al, void *arg)
663{
664 if (ext_type != CUSTOM_EXT_TYPE_2)
665 custom_ext_error = 1;
666 if (inlen != 0)
667 custom_ext_error = 1; /* Should be empty response */
668 return 1;
669}
9cd50f73 670
de2a9e38 671static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 672 const unsigned char **out,
673 size_t *outlen, int *al, void *arg)
674{
675 if (ext_type != CUSTOM_EXT_TYPE_3)
676 custom_ext_error = 1;
677 *out = (const unsigned char *)custom_ext_cli_string;
678 *outlen = strlen(custom_ext_cli_string);
679 return 1; /* Send "abc" */
680}
9cd50f73 681
de2a9e38 682static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 683 const unsigned char *in,
684 size_t inlen, int *al, void *arg)
685{
686 if (ext_type != CUSTOM_EXT_TYPE_3)
687 custom_ext_error = 1;
688 if (inlen != strlen(custom_ext_srv_string))
689 custom_ext_error = 1;
690 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
691 custom_ext_error = 1; /* Check for "defg" */
692 return 1;
693}
694
695/*
696 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
697 * for this extension
698 */
de2a9e38 699static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 700 const unsigned char *in,
701 size_t inlen, int *al, void *arg)
702{
703 custom_ext_error = 1;
704 return 1;
705}
9cd50f73 706
f47e2039 707/* 'add' callbacks are only called if the 'parse' callback is called */
de2a9e38 708static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 709 const unsigned char **out,
710 size_t *outlen, int *al, void *arg)
711{
712 /* Error: should not have been called */
713 custom_ext_error = 1;
714 return 0; /* Don't send an extension */
715}
9cd50f73 716
de2a9e38 717static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 718 const unsigned char *in,
719 size_t inlen, int *al, void *arg)
720{
721 if (ext_type != CUSTOM_EXT_TYPE_1)
722 custom_ext_error = 1;
723 /* Check for "abc" */
724 if (inlen != strlen(custom_ext_cli_string))
725 custom_ext_error = 1;
726 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
727 custom_ext_error = 1;
728 return 1;
729}
9cd50f73 730
de2a9e38 731static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 732 const unsigned char **out,
733 size_t *outlen, int *al, void *arg)
734{
735 return 0; /* Don't send an extension */
736}
9cd50f73 737
de2a9e38 738static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 739 const unsigned char *in,
740 size_t inlen, int *al, void *arg)
741{
742 if (ext_type != CUSTOM_EXT_TYPE_2)
743 custom_ext_error = 1;
744 /* Check for "abc" */
745 if (inlen != strlen(custom_ext_cli_string))
746 custom_ext_error = 1;
747 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
748 custom_ext_error = 1;
749 return 1;
750}
9cd50f73 751
de2a9e38 752static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 753 const unsigned char **out,
754 size_t *outlen, int *al, void *arg)
755{
756 *out = NULL;
757 *outlen = 0;
758 return 1; /* Send empty extension */
759}
9cd50f73 760
de2a9e38 761static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 762 const unsigned char *in,
763 size_t inlen, int *al, void *arg)
764{
765 if (ext_type != CUSTOM_EXT_TYPE_3)
766 custom_ext_error = 1;
767 /* Check for "abc" */
768 if (inlen != strlen(custom_ext_cli_string))
769 custom_ext_error = 1;
770 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
771 custom_ext_error = 1;
772 return 1;
773}
9cd50f73 774
de2a9e38 775static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 776 const unsigned char **out,
777 size_t *outlen, int *al, void *arg)
778{
779 *out = (const unsigned char *)custom_ext_srv_string;
780 *outlen = strlen(custom_ext_srv_string);
781 return 1; /* Send "defg" */
782}
783
784static char *cipher = NULL;
785static int verbose = 0;
786static int debug = 0;
0f113f3e
MC		 787static const char rnd_seed[] =
788 "string to make the random number generator think it has entropy";
d02b48c6 789
75d5bd4e
RL		 790int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family,
791 long bytes, clock_t *s_time, clock_t *c_time);
0f113f3e
MC		 792int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
793 clock_t *c_time);
794int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
6e119bb0 795static int do_test_cipherlist(void);
9ccc00ef 796
6b691a5c 797static void sv_usage(void)
0f113f3e
MC		 798{
799 fprintf(stderr, "usage: ssltest [args ...]\n");
800 fprintf(stderr, "\n");
086e32a6 801#ifdef OPENSSL_FIPS
0f113f3e
MC		 802 fprintf(stderr, "-F - run test in FIPS mode\n");
803#endif
804 fprintf(stderr, " -server_auth - check server certificate\n");
805 fprintf(stderr, " -client_auth - do client authentication\n");
806 fprintf(stderr, " -proxy - allow proxy certificates\n");
807 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
808 fprintf(stderr,
809 " -proxy_cond <val> - expression to test proxy policy rights\n");
810 fprintf(stderr, " -v - more output\n");
811 fprintf(stderr, " -d - debug output\n");
812 fprintf(stderr, " -reuse - use session-id reuse\n");
813 fprintf(stderr, " -num <val> - number of connections to perform\n");
814 fprintf(stderr,
815 " -bytes <val> - number of bytes to swap between client/server\n");
bc36ee62 816#ifndef OPENSSL_NO_DH
0f113f3e 817 fprintf(stderr,
e8356e32
EK		 818 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
819 fprintf(stderr,
820 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
0f113f3e
MC		 821 fprintf(stderr,
822 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
823 fprintf(stderr, " -no_dhe - disable DHE\n");
77fa04a9 824#endif
10bf4fc2 825#ifndef OPENSSL_NO_EC
817cd0d5 826 fprintf(stderr, " -no_ecdhe - disable ECDHE\nTODO(openssl-team): no_ecdhe was broken by auto ecdh. Make this work again.\n");
ea262260 827#endif
ddac1974 828#ifndef OPENSSL_NO_PSK
0f113f3e 829 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
ddac1974 830#endif
edc032b5 831#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 832 fprintf(stderr, " -srpuser user - SRP username to use\n");
833 fprintf(stderr, " -srppass arg - password for 'user'\n");
edc032b5 834#endif
6b01bed2 835#ifndef OPENSSL_NO_SSL3
0f113f3e 836 fprintf(stderr, " -ssl3 - use SSLv3\n");
58964a49 837#endif
6b01bed2 838#ifndef OPENSSL_NO_TLS1
0f113f3e 839 fprintf(stderr, " -tls1 - use TLSv1\n");
6b01bed2 840#endif
98b8cdd3 841#ifndef OPENSSL_NO_DTLS
7946ab33 842 fprintf(stderr, " -dtls - use DTLS\n");
6b01bed2 843#ifndef OPENSSL_NO_DTLS1
98b8cdd3 844 fprintf(stderr, " -dtls1 - use DTLSv1\n");
6b01bed2
VD		 845#endif
846#ifndef OPENSSL_NO_DTLS1_2
98b8cdd3 847 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
6b01bed2 848#endif
98b8cdd3 849#endif
0f113f3e
MC		 850 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
851 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
852 fprintf(stderr, " -cert arg - Server certificate file\n");
853 fprintf(stderr,
854 " -key arg - Server key file (default: same as -cert)\n");
855 fprintf(stderr, " -c_cert arg - Client certificate file\n");
856 fprintf(stderr,
857 " -c_key arg - Client key file (default: same as -c_cert)\n");
858 fprintf(stderr, " -cipher arg - The cipher list\n");
859 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
75d5bd4e
RL		 860 fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n");
861 fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n");
0f113f3e
MC		 862 fprintf(stderr, " -f - Test even cases that can't work\n");
863 fprintf(stderr,
864 " -time - measure processor time used by client and server\n");
865 fprintf(stderr, " -zlib - use zlib compression\n");
0f113f3e
MC		 866 fprintf(stderr,
867 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
868 " When this option is requested, the cipherlist\n"
869 " tests are run instead of handshake tests.\n");
2911575c 870#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 871 fprintf(stderr, " -npn_client - have client side offer NPN\n");
872 fprintf(stderr, " -npn_server - have server side offer NPN\n");
873 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
874#endif
875 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
876 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
877 fprintf(stderr,
878 " -serverinfo_tack - have client offer and expect TACK\n");
879 fprintf(stderr,
880 " -custom_ext - try various custom extension callbacks\n");
881 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
882 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
817cd0d5
TS		 883 fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n");
884 fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n");
0f113f3e
MC		 885 fprintf(stderr,
886 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
7946ab33
KR		 887 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n");
888 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n");
889 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n");
890 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n");
891 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n");
dd696a55
RP		 892#ifndef OPENSSL_NO_CT
893 fprintf(stderr, " -noct - no certificate transparency\n");
894 fprintf(stderr, " -requestct - request certificate transparency\n");
895 fprintf(stderr, " -requirect - require certificate transparency\n");
896#endif
817cd0d5
TS		 897 fprintf(stderr, " -sn_client <string> - have client request this servername\n");
898 fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n");
899 fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n");
900 fprintf(stderr, " -sn_expect1 - expected server 1\n");
901 fprintf(stderr, " -sn_expect2 - expected server 2\n");
0f113f3e 902}
563f1503 903
f756f1fc 904static void print_key_details(BIO *out, EVP_PKEY *key)
0f113f3e
MC		 905{
906 int keyid = EVP_PKEY_id(key);
f756f1fc 907#ifndef OPENSSL_NO_EC
0f113f3e
MC		 908 if (keyid == EVP_PKEY_EC) {
909 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
910 int nid;
911 const char *cname;
912 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
913 EC_KEY_free(ec);
914 cname = EC_curve_nid2nist(nid);
915 if (!cname)
916 cname = OBJ_nid2sn(nid);
917 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
918 } else
919#endif
920 {
921 const char *algname;
922 switch (keyid) {
923 case EVP_PKEY_RSA:
924 algname = "RSA";
925 break;
926 case EVP_PKEY_DSA:
927 algname = "DSA";
928 break;
929 case EVP_PKEY_DH:
930 algname = "DH";
931 break;
932 default:
933 algname = OBJ_nid2sn(keyid);
934 break;
935 }
936 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
937 }
938}
f756f1fc 939
563f1503 940static void print_details(SSL *c_ssl, const char *prefix)
0f113f3e
MC		 941{
942 const SSL_CIPHER *ciph;
943 int mdnid;
944 X509 *cert;
945 EVP_PKEY *pkey;
946
947 ciph = SSL_get_current_cipher(c_ssl);
948 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
949 prefix,
950 SSL_get_version(c_ssl),
951 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
952 cert = SSL_get_peer_certificate(c_ssl);
953 if (cert != NULL) {
954 pkey = X509_get_pubkey(cert);
955 if (pkey != NULL) {
956 BIO_puts(bio_stdout, ", ");
957 print_key_details(bio_stdout, pkey);
958 EVP_PKEY_free(pkey);
959 }
960 X509_free(cert);
961 }
962 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
963 BIO_puts(bio_stdout, ", temp key: ");
964 print_key_details(bio_stdout, pkey);
965 EVP_PKEY_free(pkey);
966 }
967 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
968 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
969 BIO_printf(bio_stdout, "\n");
970}
d02b48c6 971
3ac82faa 972static void lock_dbg_cb(int mode, int type, const char *file, int line)
0f113f3e
MC		 973{
974 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
975 const char *errstr = NULL;
976 int rw;
977
978 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
979 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
980 errstr = "invalid mode";
981 goto err;
982 }
983
984 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
985 errstr = "type out of bounds";
986 goto err;
987 }
988
989 if (mode & CRYPTO_LOCK) {
990 if (modes[type]) {
991 errstr = "already locked";
992 /*
993 * must not happen in a single-threaded program (would deadlock)
994 */
995 goto err;
996 }
997
998 modes[type] = rw;
999 } else if (mode & CRYPTO_UNLOCK) {
1000 if (!modes[type]) {
1001 errstr = "not locked";
1002 goto err;
1003 }
1004
1005 if (modes[type] != rw) {
1006 errstr = (rw == CRYPTO_READ) ?
1007 "CRYPTO_r_unlock on write lock" :
1008 "CRYPTO_w_unlock on read lock";
1009 }
1010
1011 modes[type] = 0;
1012 } else {
1013 errstr = "invalid mode";
1014 goto err;
1015 }
3ac82faa
BM		 1016
1017 err:
0f113f3e
MC		 1018 if (errstr) {
1019 /* we cannot use bio_err here */
1020 fprintf(stderr,
1021 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
1022 errstr, mode, type, file, line);
1023 }
1024}
3ac82faa 1025
7946ab33
KR		 1026/*
1027 * protocol_from_string - converts a protocol version string to a number
1028 *
1029 * Returns -1 on failure or the version on success
1030 */
1031static int protocol_from_string(const char *value)
1032{
1033 struct protocol_versions {
1034 const char *name;
1035 int version;
1036 };
1037 static const struct protocol_versions versions[] = {
1038 {"ssl3", SSL3_VERSION},
1039 {"tls1", TLS1_VERSION},
1040 {"tls1.1", TLS1_1_VERSION},
1041 {"tls1.2", TLS1_2_VERSION},
1042 {"dtls1", DTLS1_VERSION},
1043 {"dtls1.2", DTLS1_2_VERSION}};
1044 size_t i;
1045 size_t n = OSSL_NELEM(versions);
1046
1047 for (i = 0; i < n; i++)
1048 if (strcmp(versions[i].name, value) == 0)
1049 return versions[i].version;
1050 return -1;
1051}
1052
1053/*
1054 * set_protocol_version - Sets protocol version minimum or maximum
1055 *
1056 * Returns 0 on failure and 1 on success
1057 */
1058static int set_protocol_version(const char *version, SSL *ssl, int setting)
1059{
1060 if (version != NULL) {
1061 int ver = protocol_from_string(version);
1062 if (ver < 0) {
1063 BIO_printf(bio_err, "Error parsing: %s\n", version);
1064 return 0;
1065 }
1066 return SSL_ctrl(ssl, setting, ver, NULL);
1067 }
1068 return 1;
1069}
1070
6b691a5c 1071int main(int argc, char *argv[])
0f113f3e
MC		 1072{
1073 char *CApath = NULL, *CAfile = NULL;
1074 int badop = 0;
75d5bd4e 1075 enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
0f113f3e 1076 int force = 0;
7946ab33 1077 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1;
0f113f3e
MC		 1078 int client_auth = 0;
1079 int server_auth = 0, i;
1080 struct app_verify_arg app_verify_arg =
1081 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
bbd86bf5 1082 char *p;
0f113f3e
MC		 1083 SSL_CTX *c_ctx = NULL;
1084 const SSL_METHOD *meth = NULL;
1085 SSL *c_ssl, *s_ssl;
1086 int number = 1, reuse = 0;
1087 long bytes = 256L;
bc36ee62 1088#ifndef OPENSSL_NO_DH
0f113f3e 1089 DH *dh;
e8356e32 1090 int dhe512 = 0, dhe1024dsa = 0;
ea262260 1091#endif
edc032b5 1092#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1093 /* client */
1094 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
1095 /* server */
1096 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
1097#endif
1098 int no_dhe = 0;
0f113f3e
MC		 1099 int no_psk = 0;
1100 int print_time = 0;
1101 clock_t s_time = 0, c_time = 0;
09b6c2ef 1102#ifndef OPENSSL_NO_COMP
9a555706 1103 int n, comp = 0;
0f113f3e
MC		 1104 COMP_METHOD *cm = NULL;
1105 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
00a37b5a 1106#endif
0f113f3e 1107 int test_cipherlist = 0;
086e32a6 1108#ifdef OPENSSL_FIPS
0f113f3e
MC		 1109 int fips_mode = 0;
1110#endif
6b01bed2 1111 int no_protocol;
0f113f3e 1112
dd696a55
RP		 1113#ifndef OPENSSL_NO_CT
1114 /*
1115 * Disable CT validation by default, because it will interfere with
1116 * anything using custom extension handlers to deal with SCT extensions.
1117 */
1118 ct_validation_cb ct_validation = NULL;
1119#endif
1120
817cd0d5 1121 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL, *s_cctx2 = NULL;
0f113f3e 1122 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
4a640fb6 1123 char *arg = NULL, *argn = NULL;
0f113f3e
MC		 1124
1125 verbose = 0;
1126 debug = 0;
1127 cipher = 0;
1128
1129 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1130
1131 CRYPTO_set_locking_callback(lock_dbg_cb);
1132
bbd86bf5
RS		 1133 p = getenv("OPENSSL_DEBUG_MEMORY");
1134 if (p != NULL && strcmp(p, "on") == 0)
1135 CRYPTO_set_mem_debug(1);
0f113f3e
MC		 1136 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1137
1138 RAND_seed(rnd_seed, sizeof rnd_seed);
1139
1140 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1141
1142 s_cctx = SSL_CONF_CTX_new();
817cd0d5 1143 s_cctx2 = SSL_CONF_CTX_new();
0f113f3e
MC		 1144 c_cctx = SSL_CONF_CTX_new();
1145
817cd0d5 1146 if (!s_cctx || !c_cctx || !s_cctx2) {
0f113f3e
MC		 1147 ERR_print_errors(bio_err);
1148 goto end;
1149 }
1150
1151 SSL_CONF_CTX_set_flags(s_cctx,
6a096889
DSH		 1152 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1153 SSL_CONF_FLAG_CERTIFICATE |
1154 SSL_CONF_FLAG_REQUIRE_PRIVATE);
817cd0d5
TS		 1155 SSL_CONF_CTX_set_flags(s_cctx2,
1156 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1157 SSL_CONF_FLAG_CERTIFICATE |
1158 SSL_CONF_FLAG_REQUIRE_PRIVATE);
0f113f3e
MC		 1159 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1160 ERR_print_errors(bio_err);
1161 goto end;
1162 }
817cd0d5
TS		 1163 if (!SSL_CONF_CTX_set1_prefix(s_cctx2, "-s_")) {
1164 ERR_print_errors(bio_err);
1165 goto end;
1166 }
0f113f3e
MC		 1167
1168 SSL_CONF_CTX_set_flags(c_cctx,
6a096889
DSH		 1169 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
1170 SSL_CONF_FLAG_CERTIFICATE |
1171 SSL_CONF_FLAG_REQUIRE_PRIVATE);
0f113f3e
MC		 1172 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1173 ERR_print_errors(bio_err);
1174 goto end;
1175 }
1176
1177 argc--;
1178 argv++;
1179
1180 while (argc >= 1) {
86885c28 1181 if (strcmp(*argv, "-F") == 0) {
086e32a6 1182#ifdef OPENSSL_FIPS
0f113f3e 1183 fips_mode = 1;
086e32a6 1184#else
0f113f3e
MC		 1185 fprintf(stderr,
1186 "not compiled with FIPS support, so exiting without running.\n");
1187 EXIT(0);
1188#endif
1189 } else if (strcmp(*argv, "-server_auth") == 0)
1190 server_auth = 1;
1191 else if (strcmp(*argv, "-client_auth") == 0)
1192 client_auth = 1;
1193 else if (strcmp(*argv, "-proxy_auth") == 0) {
1194 if (--argc < 1)
1195 goto bad;
1196 app_verify_arg.proxy_auth = *(++argv);
1197 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1198 if (--argc < 1)
1199 goto bad;
1200 app_verify_arg.proxy_cond = *(++argv);
1201 } else if (strcmp(*argv, "-v") == 0)
1202 verbose = 1;
1203 else if (strcmp(*argv, "-d") == 0)
1204 debug = 1;
1205 else if (strcmp(*argv, "-reuse") == 0)
1206 reuse = 1;
e8356e32 1207 else if (strcmp(*argv, "-dhe512") == 0) {
90f5a2b6 1208#ifndef OPENSSL_NO_DH
e8356e32 1209 dhe512 = 1;
90f5a2b6 1210#else
0f113f3e 1211 fprintf(stderr,
e8356e32 1212 "ignoring -dhe512, since I'm compiled without DH\n");
90f5a2b6 1213#endif
0f113f3e 1214 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
90f5a2b6 1215#ifndef OPENSSL_NO_DH
0f113f3e 1216 dhe1024dsa = 1;
90f5a2b6 1217#else
0f113f3e 1218 fprintf(stderr,
e8356e32 1219 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
0f113f3e
MC		 1220#endif
1221 } else if (strcmp(*argv, "-no_dhe") == 0)
1222 no_dhe = 1;
1223 else if (strcmp(*argv, "-no_ecdhe") == 0)
817cd0d5 1224 /* obsolete */;
0f113f3e
MC		 1225 else if (strcmp(*argv, "-psk") == 0) {
1226 if (--argc < 1)
1227 goto bad;
1228 psk_key = *(++argv);
ddac1974 1229#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1230 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1231 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1232 goto bad;
1233 }
ddac1974 1234#else
0f113f3e 1235 no_psk = 1;
ddac1974 1236#endif
0f113f3e 1237 }
edc032b5 1238#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1239 else if (strcmp(*argv, "-srpuser") == 0) {
1240 if (--argc < 1)
1241 goto bad;
1242 srp_server_arg.expected_user = srp_client_arg.srplogin =
1243 *(++argv);
1244 tls1 = 1;
1245 } else if (strcmp(*argv, "-srppass") == 0) {
1246 if (--argc < 1)
1247 goto bad;
1248 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1249 tls1 = 1;
1250 }
1251#endif
1252 else if (strcmp(*argv, "-tls1") == 0) {
0f113f3e
MC		 1253 tls1 = 1;
1254 } else if (strcmp(*argv, "-ssl3") == 0) {
0f113f3e 1255 ssl3 = 1;
98b8cdd3 1256 } else if (strcmp(*argv, "-dtls1") == 0) {
98b8cdd3
DW		 1257 dtls1 = 1;
1258 } else if (strcmp(*argv, "-dtls12") == 0) {
98b8cdd3 1259 dtls12 = 1;
7946ab33 1260 } else if (strcmp(*argv, "-dtls") == 0) {
7946ab33 1261 dtls = 1;
0f113f3e
MC		 1262 } else if (strncmp(*argv, "-num", 4) == 0) {
1263 if (--argc < 1)
1264 goto bad;
1265 number = atoi(*(++argv));
1266 if (number == 0)
1267 number = 1;
1268 } else if (strcmp(*argv, "-bytes") == 0) {
1269 if (--argc < 1)
1270 goto bad;
1271 bytes = atol(*(++argv));
1272 if (bytes == 0L)
1273 bytes = 1L;
1274 i = strlen(argv[0]);
1275 if (argv[0][i - 1] == 'k')
1276 bytes *= 1024L;
1277 if (argv[0][i - 1] == 'm')
1278 bytes *= 1024L * 1024L;
0f113f3e
MC		 1279 } else if (strcmp(*argv, "-cipher") == 0) {
1280 if (--argc < 1)
1281 goto bad;
1282 cipher = *(++argv);
1283 } else if (strcmp(*argv, "-CApath") == 0) {
1284 if (--argc < 1)
1285 goto bad;
1286 CApath = *(++argv);
1287 } else if (strcmp(*argv, "-CAfile") == 0) {
1288 if (--argc < 1)
1289 goto bad;
1290 CAfile = *(++argv);
1291 } else if (strcmp(*argv, "-bio_pair") == 0) {
75d5bd4e
RL		 1292 bio_type = BIO_PAIR;
1293 } else if (strcmp(*argv, "-ipv4") == 0) {
1294 bio_type = BIO_IPV4;
1295 } else if (strcmp(*argv, "-ipv6") == 0) {
1296 bio_type = BIO_IPV6;
0f113f3e
MC		 1297 } else if (strcmp(*argv, "-f") == 0) {
1298 force = 1;
1299 } else if (strcmp(*argv, "-time") == 0) {
1300 print_time = 1;
1301 }
dd696a55
RP		 1302#ifndef OPENSSL_NO_CT
1303 else if (strcmp(*argv, "-noct") == 0) {
1304 ct_validation = NULL;
1305 }
1306 else if (strcmp(*argv, "-requestct") == 0) {
1307 ct_validation = CT_verify_no_bad_scts;
1308 }
1309 else if (strcmp(*argv, "-requirect") == 0) {
1310 ct_validation = CT_verify_at_least_one_good_sct;
1311 }
1312#endif
a4c4a7d5 1313#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1314 else if (strcmp(*argv, "-zlib") == 0) {
1315 comp = COMP_ZLIB;
0f113f3e
MC		 1316 }
1317#endif
817cd0d5 1318 else if (strcmp(*argv, "-app_verify") == 0) {
0f113f3e
MC		 1319 app_verify_arg.app_verify = 1;
1320 } else if (strcmp(*argv, "-proxy") == 0) {
1321 app_verify_arg.allow_proxy_certs = 1;
1322 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1323 test_cipherlist = 1;
1324 }
2911575c 1325#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1326 else if (strcmp(*argv, "-npn_client") == 0) {
1327 npn_client = 1;
1328 } else if (strcmp(*argv, "-npn_server") == 0) {
1329 npn_server = 1;
1330 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1331 npn_server_reject = 1;
1332 }
1333#endif
1334 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1335 serverinfo_sct = 1;
1336 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1337 serverinfo_tack = 1;
1338 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1339 if (--argc < 1)
1340 goto bad;
1341 serverinfo_file = *(++argv);
1342 } else if (strcmp(*argv, "-custom_ext") == 0) {
1343 custom_ext = 1;
1344 } else if (strcmp(*argv, "-alpn_client") == 0) {
1345 if (--argc < 1)
1346 goto bad;
1347 alpn_client = *(++argv);
817cd0d5
TS		 1348 } else if (strcmp(*argv, "-alpn_server") == 0 ||
1349 strcmp(*argv, "-alpn_server1") == 0) {
0f113f3e
MC		 1350 if (--argc < 1)
1351 goto bad;
1352 alpn_server = *(++argv);
817cd0d5
TS		 1353 } else if (strcmp(*argv, "-alpn_server2") == 0) {
1354 if (--argc < 1)
1355 goto bad;
1356 alpn_server2 = *(++argv);
0f113f3e
MC		 1357 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1358 if (--argc < 1)
1359 goto bad;
1360 alpn_expected = *(++argv);
7946ab33
KR		 1361 } else if (strcmp(*argv, "-server_min_proto") == 0) {
1362 if (--argc < 1)
1363 goto bad;
1364 server_min_proto = *(++argv);
1365 } else if (strcmp(*argv, "-server_max_proto") == 0) {
1366 if (--argc < 1)
1367 goto bad;
1368 server_max_proto = *(++argv);
1369 } else if (strcmp(*argv, "-client_min_proto") == 0) {
1370 if (--argc < 1)
1371 goto bad;
1372 client_min_proto = *(++argv);
1373 } else if (strcmp(*argv, "-client_max_proto") == 0) {
1374 if (--argc < 1)
1375 goto bad;
1376 client_max_proto = *(++argv);
1377 } else if (strcmp(*argv, "-should_negotiate") == 0) {
1378 if (--argc < 1)
1379 goto bad;
1380 should_negotiate = *(++argv);
817cd0d5
TS		 1381 } else if (strcmp(*argv, "-sn_client") == 0) {
1382 if (--argc < 1)
1383 goto bad;
1384 sn_client = *(++argv);
1385 } else if (strcmp(*argv, "-sn_server1") == 0) {
1386 if (--argc < 1)
1387 goto bad;
1388 sn_server1 = *(++argv);
1389 } else if (strcmp(*argv, "-sn_server2") == 0) {
1390 if (--argc < 1)
1391 goto bad;
1392 sn_server2 = *(++argv);
1393 } else if (strcmp(*argv, "-sn_expect1") == 0) {
1394 sn_expect = 1;
1395 } else if (strcmp(*argv, "-sn_expect2") == 0) {
1396 sn_expect = 2;
0f113f3e
MC		 1397 } else {
1398 int rv;
1399 arg = argv[0];
1400 argn = argv[1];
1401 /* Try to process command using SSL_CONF */
1402 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1403 /* If not processed try server */
1404 if (rv == 0)
1405 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1406 /* Recognised: store it for later use */
1407 if (rv > 0) {
1408 if (rv == 1)
1409 argn = NULL;
1410 if (!conf_args) {
1411 conf_args = sk_OPENSSL_STRING_new_null();
1412 if (!conf_args)
1413 goto end;
1414 }
1415 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1416 goto end;
1417 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1418 goto end;
1419 continue;
1420 }
1421 if (rv == -3)
1422 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1423 else if (rv < 0)
1424 BIO_printf(bio_err, "Error with command %s\n", arg);
1425 else if (rv == 0)
1426 BIO_printf(bio_err, "unknown option %s\n", arg);
1427 badop = 1;
1428 break;
1429 }
1430 argc--;
1431 argv++;
1432 }
1433 if (badop) {
1434 bad:
1435 sv_usage();
1436 goto end;
1437 }
1438
1439 /*
1440 * test_cipherlist prevails over protocol switch: we test the cipherlist
1441 * for all enabled protocols.
1442 */
1443 if (test_cipherlist == 1) {
1444 /*
1445 * ensure that the cipher list are correctly sorted and exit
1446 */
1447 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1448 "other options.\n");
1449 if (do_test_cipherlist() == 0)
1450 EXIT(1);
1451 ret = 0;
1452 goto end;
1453 }
1454
7946ab33
KR		 1455 if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
1456 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
0f113f3e
MC		 1457 "be requested.\n");
1458 EXIT(1);
1459 }
1460
6b01bed2
VD		 1461#ifdef OPENSSL_NO_SSL3
1462 if (ssl3)
1463 no_protocol = 1;
1464 else
1465#endif
1466#ifdef OPENSSL_NO_TLS1
1467 if (tls1)
1468 no_protocol = 1;
1469 else
1470#endif
1471#if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
1472 if (dtls1)
1473 no_protocol = 1;
1474 else
1475#endif
1476#if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1_2)
1477 if (dtls12)
1478 no_protocol = 1;
1479 else
1480#endif
1481 no_protocol = 0;
1482
0f113f3e
MC		 1483 /*
1484 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1485 * Ideally, we would error out, but the generic test wrapper can't know
1486 * when to expect failure. So we do nothing and return success.
1487 */
1488 if (no_protocol) {
1489 fprintf(stderr, "Testing was requested for a disabled protocol. "
1490 "Skipping tests.\n");
1491 ret = 0;
1492 goto end;
1493 }
1494
7946ab33 1495 if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
0f113f3e
MC		 1496 fprintf(stderr, "This case cannot work. Use -f to perform "
1497 "the test anyway (and\n-d to see what happens), "
7946ab33 1498 "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n"
0f113f3e
MC		 1499 "to avoid protocol mismatch.\n");
1500 EXIT(1);
1501 }
086e32a6 1502#ifdef OPENSSL_FIPS
0f113f3e
MC		 1503 if (fips_mode) {
1504 if (!FIPS_mode_set(1)) {
0f81f5f7 1505 ERR_print_errors(bio_err);
0f113f3e
MC		 1506 EXIT(1);
1507 } else
1508 fprintf(stderr, "*** IN FIPS MODE ***\n");
1509 }
1510#endif
1511
1512 if (print_time) {
75d5bd4e 1513 if (bio_type != BIO_PAIR) {
0f113f3e 1514 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
75d5bd4e 1515 bio_type = BIO_PAIR;
0f113f3e
MC		 1516 }
1517 if (number < 50 && !force)
1518 fprintf(stderr,
1519 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1520 }
1521
1522/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1523
09b6c2ef 1524#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1525 if (comp == COMP_ZLIB)
1526 cm = COMP_zlib();
0f113f3e 1527 if (cm != NULL) {
9a555706 1528 if (COMP_get_type(cm) != NID_undef) {
0f113f3e
MC		 1529 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1530 fprintf(stderr, "Failed to add compression method\n");
1531 ERR_print_errors_fp(stderr);
1532 }
1533 } else {
1534 fprintf(stderr,
1535 "Warning: %s compression not supported\n",
45ddce21 1536 comp == COMP_ZLIB ? "zlib" : "unknown");
0f113f3e
MC		 1537 ERR_print_errors_fp(stderr);
1538 }
1539 }
1540 ssl_comp_methods = SSL_COMP_get_compression_methods();
3dca57f8
RS		 1541 n = sk_SSL_COMP_num(ssl_comp_methods);
1542 if (n) {
1543 int j;
1544 printf("Available compression methods:");
1545 for (j = 0; j < n; j++) {
1546 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1547 printf(" %s:%d", c->name, c->id);
22ebaae0 1548 }
3dca57f8 1549 printf("\n");
0f113f3e
MC		 1550 }
1551#endif
1552
1553 /*
1554 * At this point, ssl3/tls1 is only set if the protocol is available.
1555 * (Otherwise we exit early.) However the compiler doesn't know this, so
1556 * we ifdef.
1557 */
98b8cdd3 1558#ifndef OPENSSL_NO_DTLS
6b01bed2 1559#ifndef OPENSSL_NO_DTLS1
98b8cdd3
DW		 1560 if (dtls1)
1561 meth = DTLSv1_method();
6b01bed2
VD		 1562 else
1563#endif
1564#ifndef OPENSSL_NO_DTLS1_2
1565 if (dtls12)
98b8cdd3 1566 meth = DTLSv1_2_method();
6b01bed2
VD		 1567 else
1568#endif
1569 if (dtls)
7946ab33 1570 meth = DTLS_method();
98b8cdd3 1571 else
fd28a41e 1572#endif
6b01bed2
VD		 1573#ifndef OPENSSL_NO_SSL3
1574 if (ssl3)
1575 meth = SSLv3_method();
1576 else
1577#endif
1578#ifndef OPENSSL_NO_TLS1
0f113f3e
MC		 1579 if (tls1)
1580 meth = TLSv1_method();
1581 else
6b01bed2 1582#endif
32ec4153 1583 meth = TLS_method();
0f113f3e
MC		 1584
1585 c_ctx = SSL_CTX_new(meth);
1586 s_ctx = SSL_CTX_new(meth);
817cd0d5
TS		 1587 s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */
1588 if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) {
0f113f3e
MC		 1589 ERR_print_errors(bio_err);
1590 goto end;
1591 }
1592 /*
1593 * Since we will use low security ciphersuites and keys for testing set
15a06488
EK		 1594 * security level to zero by default. Tests can override this by adding
1595 * "@SECLEVEL=n" to the cipher string.
0f113f3e
MC		 1596 */
1597 SSL_CTX_set_security_level(c_ctx, 0);
1598 SSL_CTX_set_security_level(s_ctx, 0);
817cd0d5 1599 SSL_CTX_set_security_level(s_ctx2, 0);
0f113f3e
MC		 1600
1601 if (cipher != NULL) {
61986d32 1602 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
817cd0d5
TS		 1603 || !SSL_CTX_set_cipher_list(s_ctx, cipher)
1604 || !SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
69f68237
MC		 1605 ERR_print_errors(bio_err);
1606 goto end;
1607 }
0f113f3e
MC		 1608 }
1609
dd696a55
RP		 1610#ifndef OPENSSL_NO_CT
1611 if (!SSL_CTX_set_ct_validation_callback(c_ctx, ct_validation, NULL)) {
1612 ERR_print_errors(bio_err);
1613 goto end;
1614 }
1615#endif
1616
0f113f3e
MC		 1617 /* Process SSL_CONF arguments */
1618 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1619 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
817cd0d5 1620 SSL_CONF_CTX_set_ssl_ctx(s_cctx2, s_ctx2);
0f113f3e
MC		 1621
1622 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1623 int rv;
1624 arg = sk_OPENSSL_STRING_value(conf_args, i);
1625 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1626 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1627 /* If not recognised use server context */
817cd0d5
TS		 1628 if (rv == -2) {
1629 SSL_CONF_cmd(s_cctx2, arg, argn);
0f113f3e 1630 rv = SSL_CONF_cmd(s_cctx, arg, argn);
817cd0d5 1631 }
0f113f3e
MC		 1632 if (rv <= 0) {
1633 BIO_printf(bio_err, "Error processing %s %s\n",
1634 arg, argn ? argn : "");
1635 ERR_print_errors(bio_err);
1636 goto end;
1637 }
1638 }
1639
817cd0d5 1640 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx) || !SSL_CONF_CTX_finish(s_cctx2)) {
0f113f3e
MC		 1641 BIO_puts(bio_err, "Error finishing context\n");
1642 ERR_print_errors(bio_err);
1643 goto end;
1644 }
bc36ee62 1645#ifndef OPENSSL_NO_DH
0f113f3e
MC		 1646 if (!no_dhe) {
1647 if (dhe1024dsa) {
0f113f3e 1648 dh = get_dh1024dsa();
e8356e32 1649 } else if (dhe512)
0f113f3e 1650 dh = get_dh512();
e8356e32
EK		 1651 else
1652 dh = get_dh1024();
0f113f3e 1653 SSL_CTX_set_tmp_dh(s_ctx, dh);
817cd0d5 1654 SSL_CTX_set_tmp_dh(s_ctx2, dh);
0f113f3e
MC		 1655 DH_free(dh);
1656 }
e4589582 1657#else
0f113f3e 1658 (void)no_dhe;
58964a49
RE		 1659#endif
1660
0f113f3e
MC		 1661 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1662 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
817cd0d5
TS		 1663 (!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) ||
1664 (!SSL_CTX_set_default_verify_paths(s_ctx2)) ||
0f113f3e 1665 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
dd696a55 1666 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
0f113f3e
MC		 1667 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1668 ERR_print_errors(bio_err);
1669 /* goto end; */
1670 }
1671
dd696a55 1672 if (!SSL_CTX_set_default_ctlog_list_file(s_ctx) ||
817cd0d5 1673 !SSL_CTX_set_default_ctlog_list_file(s_ctx2) ||
dd696a55
RP		 1674 !SSL_CTX_set_default_ctlog_list_file(c_ctx)) {
1675 ERR_print_errors(bio_err);
1676 }
1677
0f113f3e 1678 if (client_auth) {
3dca57f8 1679 printf("client authentication\n");
0f113f3e
MC		 1680 SSL_CTX_set_verify(s_ctx,
1681 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1682 verify_callback);
817cd0d5
TS		 1683 SSL_CTX_set_verify(s_ctx2,
1684 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1685 verify_callback);
0f113f3e
MC		 1686 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1687 &app_verify_arg);
817cd0d5
TS		 1688 SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback,
1689 &app_verify_arg);
0f113f3e
MC		 1690 }
1691 if (server_auth) {
3dca57f8 1692 printf("server authentication\n");
0f113f3e
MC		 1693 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1694 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1695 &app_verify_arg);
1696 }
1697
1698 {
1699 int session_id_context = 0;
61986d32 1700 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
817cd0d5
TS		 1701 sizeof session_id_context) ||
1702 !SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context,
1703 sizeof session_id_context)) {
69f68237
MC		 1704 ERR_print_errors(bio_err);
1705 goto end;
1706 }
0f113f3e
MC		 1707 }
1708
1709 /* Use PSK only if PSK key is given */
1710 if (psk_key != NULL) {
1711 /*
1712 * no_psk is used to avoid putting psk command to openssl tool
1713 */
1714 if (no_psk) {
1715 /*
1716 * if PSK is not compiled in and psk key is given, do nothing and
1717 * exit successfully
1718 */
1719 ret = 0;
1720 goto end;
1721 }
ddac1974 1722#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1723 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1724 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
817cd0d5 1725 SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback);
0f113f3e
MC		 1726 if (debug)
1727 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
817cd0d5
TS		 1728 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint") ||
1729 !SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) {
0f113f3e
MC		 1730 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1731 ERR_print_errors(bio_err);
1732 goto end;
1733 }
1734#endif
1735 }
edc032b5 1736#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1737 if (srp_client_arg.srplogin) {
1738 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1739 BIO_printf(bio_err, "Unable to set SRP username\n");
1740 goto end;
1741 }
1742 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1743 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1744 ssl_give_srp_client_pwd_cb);
1745 /*
1746 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1747 */
1748 }
1749
1750 if (srp_server_arg.expected_user != NULL) {
1751 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
817cd0d5 1752 SSL_CTX_set_verify(s_ctx2, SSL_VERIFY_NONE, verify_callback);
0f113f3e 1753 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
817cd0d5 1754 SSL_CTX_set_srp_cb_arg(s_ctx2, &srp_server_arg);
0f113f3e 1755 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
817cd0d5 1756 SSL_CTX_set_srp_username_callback(s_ctx2, ssl_srp_server_param_cb);
0f113f3e 1757 }
edc032b5 1758#endif
ddac1974 1759
2911575c 1760#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1761 if (npn_client) {
1762 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1763 }
1764 if (npn_server) {
1765 if (npn_server_reject) {
1766 BIO_printf(bio_err,
1767 "Can't have both -npn_server and -npn_server_reject\n");
1768 goto end;
1769 }
1770 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
817cd0d5 1771 SSL_CTX_set_next_protos_advertised_cb(s_ctx2, cb_server_npn, NULL);
0f113f3e
MC		 1772 }
1773 if (npn_server_reject) {
1774 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1775 NULL);
817cd0d5
TS		 1776 SSL_CTX_set_next_protos_advertised_cb(s_ctx2, cb_server_rejects_npn,
1777 NULL);
0f113f3e
MC		 1778 }
1779#endif
1780
69f68237 1781 if (serverinfo_sct) {
dd696a55
RP		 1782 if (!SSL_CTX_add_client_custom_ext(c_ctx,
1783 TLSEXT_TYPE_signed_certificate_timestamp,
1784 NULL, NULL, NULL,
1785 serverinfo_cli_parse_cb, NULL)) {
69f68237
MC		 1786 BIO_printf(bio_err, "Error adding SCT extension\n");
1787 goto end;
1788 }
1789 }
1790 if (serverinfo_tack) {
61986d32 1791 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
0f113f3e 1792 NULL, NULL, NULL,
69f68237
MC		 1793 serverinfo_cli_parse_cb, NULL)) {
1794 BIO_printf(bio_err, "Error adding TACK extension\n");
1795 goto end;
1796 }
1797 }
0f113f3e 1798 if (serverinfo_file)
817cd0d5
TS		 1799 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file) ||
1800 !SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) {
0f113f3e
MC		 1801 BIO_printf(bio_err, "missing serverinfo file\n");
1802 goto end;
1803 }
1804
1805 if (custom_ext) {
61986d32 1806 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1807 custom_ext_0_cli_add_cb,
1808 NULL, NULL,
69f68237 1809 custom_ext_0_cli_parse_cb, NULL)
61986d32 1810 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1811 custom_ext_1_cli_add_cb,
1812 NULL, NULL,
69f68237 1813 custom_ext_1_cli_parse_cb, NULL)
61986d32 1814 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1815 custom_ext_2_cli_add_cb,
1816 NULL, NULL,
69f68237 1817 custom_ext_2_cli_parse_cb, NULL)
61986d32 1818 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1819 custom_ext_3_cli_add_cb,
1820 NULL, NULL,
69f68237 1821 custom_ext_3_cli_parse_cb, NULL)
61986d32 1822 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1823 custom_ext_0_srv_add_cb,
1824 NULL, NULL,
69f68237 1825 custom_ext_0_srv_parse_cb, NULL)
817cd0d5
TS		 1826 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0,
1827 custom_ext_0_srv_add_cb,
1828 NULL, NULL,
1829 custom_ext_0_srv_parse_cb, NULL)
61986d32 1830 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1831 custom_ext_1_srv_add_cb,
1832 NULL, NULL,
69f68237 1833 custom_ext_1_srv_parse_cb, NULL)
817cd0d5
TS		 1834 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1,
1835 custom_ext_1_srv_add_cb,
1836 NULL, NULL,
1837 custom_ext_1_srv_parse_cb, NULL)
61986d32 1838 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1839 custom_ext_2_srv_add_cb,
1840 NULL, NULL,
69f68237 1841 custom_ext_2_srv_parse_cb, NULL)
817cd0d5
TS		 1842 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2,
1843 custom_ext_2_srv_add_cb,
1844 NULL, NULL,
1845 custom_ext_2_srv_parse_cb, NULL)
61986d32 1846 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
817cd0d5
TS		 1847 custom_ext_3_srv_add_cb,
1848 NULL, NULL,
1849 custom_ext_3_srv_parse_cb, NULL)
1850 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1851 custom_ext_3_srv_add_cb,
1852 NULL, NULL,
69f68237
MC		 1853 custom_ext_3_srv_parse_cb, NULL)) {
1854 BIO_printf(bio_err, "Error setting custom extensions\n");
1855 goto end;
1856 }
0f113f3e
MC		 1857 }
1858
1859 if (alpn_server)
817cd0d5
TS		 1860 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server);
1861 if (alpn_server2)
1862 SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2);
0f113f3e
MC		 1863
1864 if (alpn_client) {
817cd0d5 1865 size_t alpn_len;
0f113f3e
MC		 1866 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1867
1868 if (alpn == NULL) {
1869 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1870 goto end;
1871 }
69f68237 1872 /* Returns 0 on success!! */
61986d32 1873 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
69f68237
MC		 1874 BIO_printf(bio_err, "Error setting ALPN\n");
1875 OPENSSL_free(alpn);
1876 goto end;
1877 }
0f113f3e
MC		 1878 OPENSSL_free(alpn);
1879 }
1880
817cd0d5
TS		 1881 if (sn_server1 != NULL || sn_server2 != NULL)
1882 SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
1883
0f113f3e
MC		 1884 c_ssl = SSL_new(c_ctx);
1885 s_ssl = SSL_new(s_ctx);
58964a49 1886
817cd0d5
TS		 1887 if (sn_client)
1888 SSL_set_tlsext_host_name(c_ssl, sn_client);
1889
7946ab33
KR		 1890 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1891 goto end;
1892 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1893 goto end;
1894 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1895 goto end;
1896 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1897 goto end;
1898
3dca57f8 1899 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
0f113f3e 1900 for (i = 0; i < number; i++) {
69f68237 1901 if (!reuse) {
61986d32 1902 if (!SSL_set_session(c_ssl, NULL)) {
69f68237
MC		 1903 BIO_printf(bio_err, "Failed to set session\n");
1904 goto end;
1905 }
1906 }
75d5bd4e
RL		 1907 switch (bio_type) {
1908 case BIO_MEM:
0f113f3e 1909 ret = doit(s_ssl, c_ssl, bytes);
75d5bd4e
RL		 1910 break;
1911 case BIO_PAIR:
1912 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1913 break;
1914 case BIO_IPV4:
1915 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV4,
1916 bytes, &s_time, &c_time);
1917 break;
1918 case BIO_IPV6:
1919 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV6,
1920 bytes, &s_time, &c_time);
1921 break;
1922 }
1923 if (ret) break;
0f113f3e
MC		 1924 }
1925
7946ab33
KR		 1926 if (should_negotiate && ret == 0 &&
1927 strcmp(should_negotiate, "fail-server") != 0 &&
1928 strcmp(should_negotiate, "fail-client") != 0) {
1929 int version = protocol_from_string(should_negotiate);
1930 if (version < 0) {
1931 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate);
1932 ret = 1;
1933 goto err;
1934 }
1935 if (SSL_version(c_ssl) != version) {
1936 BIO_printf(bio_err, "Unxpected version negotiated. "
1937 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl));
1938 ret = 1;
1939 goto err;
1940 }
1941 }
1942
0f113f3e
MC		 1943 if (!verbose) {
1944 print_details(c_ssl, "");
1945 }
0f113f3e 1946 if (print_time) {
617d71bc 1947#ifdef CLOCKS_PER_SEC
0f113f3e
MC		 1948 /*
1949 * "To determine the time in seconds, the value returned by the clock
1950 * function should be divided by the value of the macro
1951 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1952 */
1953 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1954 "Approximate total client time: %6.2f s\n",
1955 (double)s_time / CLOCKS_PER_SEC,
1956 (double)c_time / CLOCKS_PER_SEC);
617d71bc 1957#else
0f113f3e
MC		 1958 BIO_printf(bio_stdout,
1959 "Approximate total server time: %6.2f units\n"
1960 "Approximate total client time: %6.2f units\n",
1961 (double)s_time, (double)c_time);
617d71bc 1962#endif
0f113f3e 1963 }
58964a49 1964
7946ab33 1965 err:
0f113f3e
MC		 1966 SSL_free(s_ssl);
1967 SSL_free(c_ssl);
58964a49 1968
0f113f3e 1969 end:
62adbcee 1970 SSL_CTX_free(s_ctx);
817cd0d5 1971 SSL_CTX_free(s_ctx2);
62adbcee 1972 SSL_CTX_free(c_ctx);
62adbcee 1973 SSL_CONF_CTX_free(s_cctx);
817cd0d5 1974 SSL_CONF_CTX_free(s_cctx2);
62adbcee 1975 SSL_CONF_CTX_free(c_cctx);
0f113f3e 1976 sk_OPENSSL_STRING_free(conf_args);
de94222d 1977
ca3a82c3 1978 BIO_free(bio_stdout);
d02b48c6 1979
c2e27310 1980#ifndef OPENSSL_NO_CRYPTO_MDEBUG
541e9565
DSH		 1981 if (CRYPTO_mem_leaks(bio_err) <= 0)
1982 ret = 1;
bbd86bf5 1983#endif
ca3a82c3 1984 BIO_free(bio_err);
0f113f3e 1985 EXIT(ret);
0f113f3e 1986}
d02b48c6 1987
75d5bd4e
RL		 1988int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
1989 clock_t *s_time, clock_t *c_time)
1990{
1991 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1992 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1993 BIO *acpt = NULL, *server = NULL, *client = NULL;
1994 char addr_str[40];
1995 int ret = 1;
1996 int err_in_client = 0;
1997 int err_in_server = 0;
1998
1999 acpt = BIO_new_accept("0");
2000 if (acpt == NULL)
2001 goto err;
2002 BIO_set_accept_ip_family(acpt, family);
2003 BIO_set_bind_mode(acpt, BIO_SOCK_NONBLOCK | BIO_SOCK_REUSEADDR);
2004 if (BIO_do_accept(acpt) <= 0)
2005 goto err;
2006
6339ece1 2007 BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt));
75d5bd4e
RL		 2008
2009 client = BIO_new_connect(addr_str);
2010 BIO_set_conn_ip_family(client, family);
2011 if (!client)
2012 goto err;
2013
2014 if (BIO_set_nbio(client, 1) <= 0)
2015 goto err;
2016 if (BIO_set_nbio(acpt, 1) <= 0)
2017 goto err;
2018
2019 {
2020 int st_connect = 0, st_accept = 0;
2021
2022 while(!st_connect || !st_accept) {
2023 if (!st_connect) {
2024 if (BIO_do_connect(client) <= 0) {
2025 if (!BIO_should_retry(client))
2026 goto err;
2027 } else {
2028 st_connect = 1;
2029 }
2030 }
2031 if (!st_accept) {
2032 if (BIO_do_accept(acpt) <= 0) {
2033 if (!BIO_should_retry(acpt))
2034 goto err;
2035 } else {
2036 st_accept = 1;
2037 }
2038 }
2039 }
2040 }
2041 /* We're not interested in accepting further connects */
2042 server = BIO_pop(acpt);
2043 BIO_free_all(acpt);
2044 acpt = NULL;
2045
2046 s_ssl_bio = BIO_new(BIO_f_ssl());
2047 if (!s_ssl_bio)
2048 goto err;
2049
2050 c_ssl_bio = BIO_new(BIO_f_ssl());
2051 if (!c_ssl_bio)
2052 goto err;
2053
2054 SSL_set_connect_state(c_ssl);
2055 SSL_set_bio(c_ssl, client, client);
2056 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2057
2058 SSL_set_accept_state(s_ssl);
2059 SSL_set_bio(s_ssl, server, server);
2060 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2061
2062 do {
2063 /*-
2064 * c_ssl_bio: SSL filter BIO
2065 *
2066 * client: I/O for SSL library
2067 *
2068 *
2069 * server: I/O for SSL library
2070 *
2071 * s_ssl_bio: SSL filter BIO
2072 */
2073
2074 /*
2075 * We have non-blocking behaviour throughout this test program, but
2076 * can be sure that there is *some* progress in each iteration; so we
2077 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2078 * we just try everything in each iteration
2079 */
2080
2081 {
2082 /* CLIENT */
2083
2084 char cbuf[1024 * 8];
2085 int i, r;
2086 clock_t c_clock = clock();
2087
2088 memset(cbuf, 0, sizeof(cbuf));
2089
2090 if (debug)
2091 if (SSL_in_init(c_ssl))
2092 printf("client waiting in SSL_connect - %s\n",
2093 SSL_state_string_long(c_ssl));
2094
2095 if (cw_num > 0) {
2096 /* Write to server. */
2097
2098 if (cw_num > (long)sizeof cbuf)
2099 i = sizeof cbuf;
2100 else
2101 i = (int)cw_num;
2102 r = BIO_write(c_ssl_bio, cbuf, i);
2103 if (r < 0) {
2104 if (!BIO_should_retry(c_ssl_bio)) {
2105 fprintf(stderr, "ERROR in CLIENT\n");
2106 err_in_client = 1;
2107 goto err;
2108 }
2109 /*
2110 * BIO_should_retry(...) can just be ignored here. The
2111 * library expects us to call BIO_write with the same
2112 * arguments again, and that's what we will do in the
2113 * next iteration.
2114 */
2115 } else if (r == 0) {
2116 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2117 goto err;
2118 } else {
2119 if (debug)
2120 printf("client wrote %d\n", r);
2121 cw_num -= r;
2122 }
2123 }
2124
2125 if (cr_num > 0) {
2126 /* Read from server. */
2127
2128 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2129 if (r < 0) {
2130 if (!BIO_should_retry(c_ssl_bio)) {
2131 fprintf(stderr, "ERROR in CLIENT\n");
2132 err_in_client = 1;
2133 goto err;
2134 }
2135 /*
2136 * Again, "BIO_should_retry" can be ignored.
2137 */
2138 } else if (r == 0) {
2139 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2140 goto err;
2141 } else {
2142 if (debug)
2143 printf("client read %d\n", r);
2144 cr_num -= r;
2145 }
2146 }
2147
2148 /*
2149 * c_time and s_time increments will typically be very small
2150 * (depending on machine speed and clock tick intervals), but
2151 * sampling over a large number of connections should result in
2152 * fairly accurate figures. We cannot guarantee a lot, however
2153 * -- if each connection lasts for exactly one clock tick, it
2154 * will be counted only for the client or only for the server or
2155 * even not at all.
2156 */
2157 *c_time += (clock() - c_clock);
2158 }
2159
2160 {
2161 /* SERVER */
2162
2163 char sbuf[1024 * 8];
2164 int i, r;
2165 clock_t s_clock = clock();
2166
2167 memset(sbuf, 0, sizeof(sbuf));
2168
2169 if (debug)
2170 if (SSL_in_init(s_ssl))
2171 printf("server waiting in SSL_accept - %s\n",
2172 SSL_state_string_long(s_ssl));
2173
2174 if (sw_num > 0) {
2175 /* Write to client. */
2176
2177 if (sw_num > (long)sizeof sbuf)
2178 i = sizeof sbuf;
2179 else
2180 i = (int)sw_num;
2181 r = BIO_write(s_ssl_bio, sbuf, i);
2182 if (r < 0) {
2183 if (!BIO_should_retry(s_ssl_bio)) {
2184 fprintf(stderr, "ERROR in SERVER\n");
2185 err_in_server = 1;
2186 goto err;
2187 }
2188 /* Ignore "BIO_should_retry". */
2189 } else if (r == 0) {
2190 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2191 goto err;
2192 } else {
2193 if (debug)
2194 printf("server wrote %d\n", r);
2195 sw_num -= r;
2196 }
2197 }
2198
2199 if (sr_num > 0) {
2200 /* Read from client. */
2201
2202 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2203 if (r < 0) {
2204 if (!BIO_should_retry(s_ssl_bio)) {
2205 fprintf(stderr, "ERROR in SERVER\n");
2206 err_in_server = 1;
2207 goto err;
2208 }
2209 /* blah, blah */
2210 } else if (r == 0) {
2211 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2212 goto err;
2213 } else {
2214 if (debug)
2215 printf("server read %d\n", r);
2216 sr_num -= r;
2217 }
2218 }
2219
2220 *s_time += (clock() - s_clock);
2221 }
2222 }
2223 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2224
2225 if (verbose)
2226 print_details(c_ssl, "DONE via TCP connect: ");
2227#ifndef OPENSSL_NO_NEXTPROTONEG
2228 if (verify_npn(c_ssl, s_ssl) < 0) {
2229 ret = 1;
2230 goto end;
2231 }
2232#endif
2233 if (verify_serverinfo() < 0) {
2234 fprintf(stderr, "Server info verify error\n");
2235 ret = 1;
2236 goto err;
2237 }
2238 if (verify_alpn(c_ssl, s_ssl) < 0) {
2239 ret = 1;
2240 goto err;
2241 }
817cd0d5
TS		 2242 if (verify_servername(c_ssl, s_ssl) < 0) {
2243 ret = 1;
2244 goto err;
2245 }
75d5bd4e
RL		 2246
2247 if (custom_ext_error) {
2248 fprintf(stderr, "Custom extension error\n");
2249 ret = 1;
2250 goto err;
2251 }
2252
2253 end:
2254 ret = 0;
2255
2256 err:
2257 ERR_print_errors(bio_err);
2258
2259 BIO_free_all(acpt);
2260 BIO_free(server);
2261 BIO_free(client);
2262 BIO_free(s_ssl_bio);
2263 BIO_free(c_ssl_bio);
2264
2265 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2266 ret = (err_in_client != 0) ? 0 : 1;
2267 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2268 ret = (err_in_server != 0) ? 0 : 1;
2269
2270 return ret;
2271}
2272
563f1503 2273int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
0f113f3e
MC		 2274 clock_t *s_time, clock_t *c_time)
2275{
2276 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
2277 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
2278 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
2279 int ret = 1;
7946ab33
KR		 2280 int err_in_client = 0;
2281 int err_in_server = 0;
0f113f3e
MC		 2282
2283 size_t bufsiz = 256; /* small buffer for testing */
2284
2285 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
2286 goto err;
2287 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
2288 goto err;
2289
2290 s_ssl_bio = BIO_new(BIO_f_ssl());
2291 if (!s_ssl_bio)
2292 goto err;
2293
2294 c_ssl_bio = BIO_new(BIO_f_ssl());
2295 if (!c_ssl_bio)
2296 goto err;
2297
2298 SSL_set_connect_state(c_ssl);
2299 SSL_set_bio(c_ssl, client, client);
2300 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2301
2302 SSL_set_accept_state(s_ssl);
2303 SSL_set_bio(s_ssl, server, server);
2304 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2305
2306 do {
35a1cc90
MC		 2307 /*-
2308 * c_ssl_bio: SSL filter BIO
2309 *
2310 * client: pseudo-I/O for SSL library
2311 *
2312 * client_io: client's SSL communication; usually to be
2313 * relayed over some I/O facility, but in this
2314 * test program, we're the server, too:
2315 *
2316 * server_io: server's SSL communication
2317 *
2318 * server: pseudo-I/O for SSL library
2319 *
2320 * s_ssl_bio: SSL filter BIO
2321 *
2322 * The client and the server each employ a "BIO pair":
2323 * client + client_io, server + server_io.
2324 * BIO pairs are symmetric. A BIO pair behaves similar
2325 * to a non-blocking socketpair (but both endpoints must
2326 * be handled by the same thread).
2327 * [Here we could connect client and server to the ends
2328 * of a single BIO pair, but then this code would be less
2329 * suitable as an example for BIO pairs in general.]
2330 *
2331 * Useful functions for querying the state of BIO pair endpoints:
2332 *
2333 * BIO_ctrl_pending(bio) number of bytes we can read now
2334 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
2335 * other side's read attempt
2336 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
2337 *
2338 * ..._read_request is never more than ..._write_guarantee;
2339 * it depends on the application which one you should use.
2340 */
0f113f3e
MC		 2341
2342 /*
2343 * We have non-blocking behaviour throughout this test program, but
2344 * can be sure that there is *some* progress in each iteration; so we
2345 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2346 * we just try everything in each iteration
2347 */
2348
2349 {
2350 /* CLIENT */
2351
68b00c23 2352 char cbuf[1024 * 8];
0f113f3e
MC		 2353 int i, r;
2354 clock_t c_clock = clock();
2355
2356 memset(cbuf, 0, sizeof(cbuf));
2357
2358 if (debug)
2359 if (SSL_in_init(c_ssl))
2360 printf("client waiting in SSL_connect - %s\n",
2361 SSL_state_string_long(c_ssl));
2362
2363 if (cw_num > 0) {
2364 /* Write to server. */
2365
2366 if (cw_num > (long)sizeof cbuf)
2367 i = sizeof cbuf;
2368 else
2369 i = (int)cw_num;
2370 r = BIO_write(c_ssl_bio, cbuf, i);
2371 if (r < 0) {
2372 if (!BIO_should_retry(c_ssl_bio)) {
2373 fprintf(stderr, "ERROR in CLIENT\n");
7946ab33 2374 err_in_client = 1;
0f113f3e
MC		 2375 goto err;
2376 }
2377 /*
2378 * BIO_should_retry(...) can just be ignored here. The
2379 * library expects us to call BIO_write with the same
2380 * arguments again, and that's what we will do in the
2381 * next iteration.
2382 */
2383 } else if (r == 0) {
2384 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2385 goto err;
2386 } else {
2387 if (debug)
2388 printf("client wrote %d\n", r);
2389 cw_num -= r;
2390 }
2391 }
2392
2393 if (cr_num > 0) {
2394 /* Read from server. */
2395
2396 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2397 if (r < 0) {
2398 if (!BIO_should_retry(c_ssl_bio)) {
2399 fprintf(stderr, "ERROR in CLIENT\n");
7946ab33 2400 err_in_client = 1;
0f113f3e
MC		 2401 goto err;
2402 }
2403 /*
2404 * Again, "BIO_should_retry" can be ignored.
2405 */
2406 } else if (r == 0) {
2407 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2408 goto err;
2409 } else {
2410 if (debug)
2411 printf("client read %d\n", r);
2412 cr_num -= r;
2413 }
2414 }
2415
2416 /*
2417 * c_time and s_time increments will typically be very small
2418 * (depending on machine speed and clock tick intervals), but
2419 * sampling over a large number of connections should result in
2420 * fairly accurate figures. We cannot guarantee a lot, however
2421 * -- if each connection lasts for exactly one clock tick, it
2422 * will be counted only for the client or only for the server or
2423 * even not at all.
2424 */
2425 *c_time += (clock() - c_clock);
2426 }
2427
2428 {
2429 /* SERVER */
2430
68b00c23 2431 char sbuf[1024 * 8];
0f113f3e
MC		 2432 int i, r;
2433 clock_t s_clock = clock();
2434
2435 memset(sbuf, 0, sizeof(sbuf));
2436
2437 if (debug)
2438 if (SSL_in_init(s_ssl))
2439 printf("server waiting in SSL_accept - %s\n",
2440 SSL_state_string_long(s_ssl));
2441
2442 if (sw_num > 0) {
2443 /* Write to client. */
2444
2445 if (sw_num > (long)sizeof sbuf)
2446 i = sizeof sbuf;
2447 else
2448 i = (int)sw_num;
2449 r = BIO_write(s_ssl_bio, sbuf, i);
2450 if (r < 0) {
2451 if (!BIO_should_retry(s_ssl_bio)) {
2452 fprintf(stderr, "ERROR in SERVER\n");
7946ab33 2453 err_in_server = 1;
0f113f3e
MC		 2454 goto err;
2455 }
2456 /* Ignore "BIO_should_retry". */
2457 } else if (r == 0) {
2458 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2459 goto err;
2460 } else {
2461 if (debug)
2462 printf("server wrote %d\n", r);
2463 sw_num -= r;
2464 }
2465 }
2466
2467 if (sr_num > 0) {
2468 /* Read from client. */
2469
2470 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2471 if (r < 0) {
2472 if (!BIO_should_retry(s_ssl_bio)) {
2473 fprintf(stderr, "ERROR in SERVER\n");
7946ab33 2474 err_in_server = 1;
0f113f3e
MC		 2475 goto err;
2476 }
2477 /* blah, blah */
2478 } else if (r == 0) {
2479 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2480 goto err;
2481 } else {
2482 if (debug)
2483 printf("server read %d\n", r);
2484 sr_num -= r;
2485 }
2486 }
2487
2488 *s_time += (clock() - s_clock);
2489 }
2490
2491 {
2492 /* "I/O" BETWEEN CLIENT AND SERVER. */
2493
2494 size_t r1, r2;
2495 BIO *io1 = server_io, *io2 = client_io;
2496 /*
2497 * we use the non-copying interface for io1 and the standard
2498 * BIO_write/BIO_read interface for io2
2499 */
2500
2501 static int prev_progress = 1;
2502 int progress = 0;
2503
2504 /* io1 to io2 */
2505 do {
2506 size_t num;
2507 int r;
2508
2509 r1 = BIO_ctrl_pending(io1);
2510 r2 = BIO_ctrl_get_write_guarantee(io2);
2511
2512 num = r1;
2513 if (r2 < num)
2514 num = r2;
2515 if (num) {
2516 char *dataptr;
2517
2518 if (INT_MAX < num) /* yeah, right */
2519 num = INT_MAX;
2520
2521 r = BIO_nread(io1, &dataptr, (int)num);
2522 assert(r > 0);
2523 assert(r <= (int)num);
2524 /*
2525 * possibly r < num (non-contiguous data)
2526 */
2527 num = r;
2528 r = BIO_write(io2, dataptr, (int)num);
2529 if (r != (int)num) { /* can't happen */
2530 fprintf(stderr, "ERROR: BIO_write could not write "
2531 "BIO_ctrl_get_write_guarantee() bytes");
2532 goto err;
2533 }
2534 progress = 1;
2535
2536 if (debug)
2537 printf((io1 == client_io) ?
2538 "C->S relaying: %d bytes\n" :
2539 "S->C relaying: %d bytes\n", (int)num);
2540 }
2541 }
2542 while (r1 && r2);
2543
2544 /* io2 to io1 */
2545 {
2546 size_t num;
2547 int r;
2548
2549 r1 = BIO_ctrl_pending(io2);
2550 r2 = BIO_ctrl_get_read_request(io1);
2551 /*
2552 * here we could use ..._get_write_guarantee instead of
2553 * ..._get_read_request, but by using the latter we test
2554 * restartability of the SSL implementation more thoroughly
2555 */
2556 num = r1;
2557 if (r2 < num)
2558 num = r2;
2559 if (num) {
2560 char *dataptr;
2561
2562 if (INT_MAX < num)
2563 num = INT_MAX;
2564
2565 if (num > 1)
2566 --num; /* test restartability even more thoroughly */
2567
2568 r = BIO_nwrite0(io1, &dataptr);
2569 assert(r > 0);
2570 if (r < (int)num)
2571 num = r;
2572 r = BIO_read(io2, dataptr, (int)num);
2573 if (r != (int)num) { /* can't happen */
2574 fprintf(stderr, "ERROR: BIO_read could not read "
2575 "BIO_ctrl_pending() bytes");
2576 goto err;
2577 }
2578 progress = 1;
2579 r = BIO_nwrite(io1, &dataptr, (int)num);
2580 if (r != (int)num) { /* can't happen */
2581 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2582 "BIO_nwrite0() bytes");
2583 goto err;
2584 }
2585
2586 if (debug)
2587 printf((io2 == client_io) ?
2588 "C->S relaying: %d bytes\n" :
2589 "S->C relaying: %d bytes\n", (int)num);
2590 }
2591 } /* no loop, BIO_ctrl_get_read_request now
2592 * returns 0 anyway */
2593
2594 if (!progress && !prev_progress)
2595 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2596 fprintf(stderr, "ERROR: got stuck\n");
2597 fprintf(stderr, " ERROR.\n");
2598 goto err;
2599 }
2600 prev_progress = progress;
2601 }
2602 }
2603 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2604
2605 if (verbose)
2606 print_details(c_ssl, "DONE via BIO pair: ");
2911575c 2607#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2608 if (verify_npn(c_ssl, s_ssl) < 0) {
2609 ret = 1;
2610 goto end;
2611 }
2612#endif
2613 if (verify_serverinfo() < 0) {
2614 fprintf(stderr, "Server info verify error\n");
2615 ret = 1;
2616 goto err;
2617 }
2618 if (verify_alpn(c_ssl, s_ssl) < 0) {
2619 ret = 1;
2620 goto err;
817cd0d5
TS		 2621 }
2622 if (verify_servername(c_ssl, s_ssl) < 0) {
2623 ret = 1;
2624 goto err;
0f113f3e
MC		 2625 }
2626
2627 if (custom_ext_error) {
2628 fprintf(stderr, "Custom extension error\n");
2629 ret = 1;
2630 goto err;
2631 }
2632
2633 end:
2634 ret = 0;
95d29597
BM		 2635
2636 err:
0f113f3e
MC		 2637 ERR_print_errors(bio_err);
2638
ca3a82c3
RS		 2639 BIO_free(server);
2640 BIO_free(server_io);
2641 BIO_free(client);
2642 BIO_free(client_io);
2643 BIO_free(s_ssl_bio);
2644 BIO_free(c_ssl_bio);
0f113f3e 2645
7946ab33
KR		 2646 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2647 ret = (err_in_client != 0) ? 0 : 1;
2648 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2649 ret = (err_in_server != 0) ? 0 : 1;
2650
0f113f3e
MC		 2651 return ret;
2652}
2653
2654#define W_READ 1
2655#define W_WRITE 2
2656#define C_DONE 1
2657#define S_DONE 2
d02b48c6 2658
6b691a5c 2659int doit(SSL *s_ssl, SSL *c_ssl, long count)
0f113f3e
MC		 2660{
2661 char *cbuf = NULL, *sbuf = NULL;
2662 long bufsiz;
2663 long cw_num = count, cr_num = count;
2664 long sw_num = count, sr_num = count;
2665 int ret = 1;
2666 BIO *c_to_s = NULL;
2667 BIO *s_to_c = NULL;
2668 BIO *c_bio = NULL;
2669 BIO *s_bio = NULL;
2670 int c_r, c_w, s_r, s_w;
2671 int i, j;
2672 int done = 0;
2673 int c_write, s_write;
2674 int do_server = 0, do_client = 0;
2675 int max_frag = 5 * 1024;
7946ab33
KR		 2676 int err_in_client = 0;
2677 int err_in_server = 0;
0f113f3e
MC		 2678
2679 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2680
b51bce94 2681 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
0f113f3e 2682 goto err;
b51bce94 2683 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
0f113f3e
MC		 2684 goto err;
2685
0f113f3e
MC		 2686 c_to_s = BIO_new(BIO_s_mem());
2687 s_to_c = BIO_new(BIO_s_mem());
2688 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2689 ERR_print_errors(bio_err);
2690 goto err;
2691 }
2692
2693 c_bio = BIO_new(BIO_f_ssl());
2694 s_bio = BIO_new(BIO_f_ssl());
2695 if ((c_bio == NULL) || (s_bio == NULL)) {
2696 ERR_print_errors(bio_err);
2697 goto err;
2698 }
2699
2700 SSL_set_connect_state(c_ssl);
2701 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2702 SSL_set_max_send_fragment(c_ssl, max_frag);
2703 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2704
2705 SSL_set_accept_state(s_ssl);
2706 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2707 SSL_set_max_send_fragment(s_ssl, max_frag);
2708 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2709
2710 c_r = 0;
2711 s_r = 1;
2712 c_w = 1;
2713 s_w = 0;
2714 c_write = 1, s_write = 0;
2715
2716 /* We can always do writes */
2717 for (;;) {
2718 do_server = 0;
2719 do_client = 0;
2720
2721 i = (int)BIO_pending(s_bio);
2722 if ((i && s_r) || s_w)
2723 do_server = 1;
2724
2725 i = (int)BIO_pending(c_bio);
2726 if ((i && c_r) || c_w)
2727 do_client = 1;
2728
2729 if (do_server && debug) {
2730 if (SSL_in_init(s_ssl))
2731 printf("server waiting in SSL_accept - %s\n",
2732 SSL_state_string_long(s_ssl));
3a83462d 2733/*-
35a1cc90
MC		 2734 else if (s_write)
2735 printf("server:SSL_write()\n");
2736 else
2737 printf("server:SSL_read()\n"); */
0f113f3e
MC		 2738 }
2739
2740 if (do_client && debug) {
2741 if (SSL_in_init(c_ssl))
2742 printf("client waiting in SSL_connect - %s\n",
2743 SSL_state_string_long(c_ssl));
3a83462d 2744/*-
35a1cc90
MC		 2745 else if (c_write)
2746 printf("client:SSL_write()\n");
2747 else
2748 printf("client:SSL_read()\n"); */
0f113f3e
MC		 2749 }
2750
2751 if (!do_client && !do_server) {
2752 fprintf(stdout, "ERROR IN STARTUP\n");
2753 ERR_print_errors(bio_err);
ae632974 2754 goto err;
0f113f3e
MC		 2755 }
2756 if (do_client && !(done & C_DONE)) {
2757 if (c_write) {
2758 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2759 i = BIO_write(c_bio, cbuf, j);
2760 if (i < 0) {
2761 c_r = 0;
2762 c_w = 0;
2763 if (BIO_should_retry(c_bio)) {
2764 if (BIO_should_read(c_bio))
2765 c_r = 1;
2766 if (BIO_should_write(c_bio))
2767 c_w = 1;
2768 } else {
2769 fprintf(stderr, "ERROR in CLIENT\n");
7946ab33 2770 err_in_client = 1;
0f113f3e
MC		 2771 ERR_print_errors(bio_err);
2772 goto err;
2773 }
2774 } else if (i == 0) {
2775 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2776 goto err;
2777 } else {
2778 if (debug)
2779 printf("client wrote %d\n", i);
2780 /* ok */
2781 s_r = 1;
2782 c_write = 0;
2783 cw_num -= i;
2784 if (max_frag > 1029)
2785 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2786 }
2787 } else {
2788 i = BIO_read(c_bio, cbuf, bufsiz);
2789 if (i < 0) {
2790 c_r = 0;
2791 c_w = 0;
2792 if (BIO_should_retry(c_bio)) {
2793 if (BIO_should_read(c_bio))
2794 c_r = 1;
2795 if (BIO_should_write(c_bio))
2796 c_w = 1;
2797 } else {
2798 fprintf(stderr, "ERROR in CLIENT\n");
7946ab33 2799 err_in_client = 1;
0f113f3e
MC		 2800 ERR_print_errors(bio_err);
2801 goto err;
2802 }
2803 } else if (i == 0) {
2804 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2805 goto err;
2806 } else {
2807 if (debug)
2808 printf("client read %d\n", i);
2809 cr_num -= i;
2810 if (sw_num > 0) {
2811 s_write = 1;
2812 s_w = 1;
2813 }
2814 if (cr_num <= 0) {
2815 s_write = 1;
2816 s_w = 1;
2817 done = S_DONE | C_DONE;
2818 }
2819 }
2820 }
2821 }
2822
2823 if (do_server && !(done & S_DONE)) {
2824 if (!s_write) {
2825 i = BIO_read(s_bio, sbuf, bufsiz);
2826 if (i < 0) {
2827 s_r = 0;
2828 s_w = 0;
2829 if (BIO_should_retry(s_bio)) {
2830 if (BIO_should_read(s_bio))
2831 s_r = 1;
2832 if (BIO_should_write(s_bio))
2833 s_w = 1;
2834 } else {
2835 fprintf(stderr, "ERROR in SERVER\n");
7946ab33 2836 err_in_server = 1;
0f113f3e
MC		 2837 ERR_print_errors(bio_err);
2838 goto err;
2839 }
2840 } else if (i == 0) {
2841 ERR_print_errors(bio_err);
2842 fprintf(stderr,
2843 "SSL SERVER STARTUP FAILED in SSL_read\n");
2844 goto err;
2845 } else {
2846 if (debug)
2847 printf("server read %d\n", i);
2848 sr_num -= i;
2849 if (cw_num > 0) {
2850 c_write = 1;
2851 c_w = 1;
2852 }
2853 if (sr_num <= 0) {
2854 s_write = 1;
2855 s_w = 1;
2856 c_write = 0;
2857 }
2858 }
2859 } else {
2860 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2861 i = BIO_write(s_bio, sbuf, j);
2862 if (i < 0) {
2863 s_r = 0;
2864 s_w = 0;
2865 if (BIO_should_retry(s_bio)) {
2866 if (BIO_should_read(s_bio))
2867 s_r = 1;
2868 if (BIO_should_write(s_bio))
2869 s_w = 1;
2870 } else {
2871 fprintf(stderr, "ERROR in SERVER\n");
7946ab33 2872 err_in_server = 1;
0f113f3e
MC		 2873 ERR_print_errors(bio_err);
2874 goto err;
2875 }
2876 } else if (i == 0) {
2877 ERR_print_errors(bio_err);
2878 fprintf(stderr,
2879 "SSL SERVER STARTUP FAILED in SSL_write\n");
2880 goto err;
2881 } else {
2882 if (debug)
2883 printf("server wrote %d\n", i);
2884 sw_num -= i;
2885 s_write = 0;
2886 c_r = 1;
2887 if (sw_num <= 0)
2888 done |= S_DONE;
2889 if (max_frag > 1029)
2890 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2891 }
2892 }
2893 }
2894
2895 if ((done & S_DONE) && (done & C_DONE))
2896 break;
2897 }
2898
2899 if (verbose)
2900 print_details(c_ssl, "DONE: ");
2911575c 2901#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2902 if (verify_npn(c_ssl, s_ssl) < 0) {
2903 ret = 1;
2904 goto err;
2905 }
2906#endif
2907 if (verify_serverinfo() < 0) {
2908 fprintf(stderr, "Server info verify error\n");
2909 ret = 1;
2910 goto err;
2911 }
2912 if (custom_ext_error) {
2913 fprintf(stderr, "Custom extension error\n");
2914 ret = 1;
2915 goto err;
2916 }
2917 ret = 0;
2918 err:
2919 /*
2920 * We have to set the BIO's to NULL otherwise they will be
2921 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2922 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2923 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2924 * SSL_free() automatically BIO_free non NULL entries. You should not
2925 * normally do this or be required to do this
2926 */
2927 if (s_ssl != NULL) {
2928 s_ssl->rbio = NULL;
2929 s_ssl->wbio = NULL;
2930 }
2931 if (c_ssl != NULL) {
2932 c_ssl->rbio = NULL;
2933 c_ssl->wbio = NULL;
2934 }
2935
ca3a82c3
RS		 2936 BIO_free(c_to_s);
2937 BIO_free(s_to_c);
2938 BIO_free_all(c_bio);
2939 BIO_free_all(s_bio);
b548a1f1
RS		 2940 OPENSSL_free(cbuf);
2941 OPENSSL_free(sbuf);
0f113f3e 2942
7946ab33
KR		 2943 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2944 ret = (err_in_client != 0) ? 0 : 1;
2945 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2946 ret = (err_in_server != 0) ? 0 : 1;
2947
0f113f3e
MC		 2948 return (ret);
2949}
d02b48c6 2950
a7201e9a 2951static int get_proxy_auth_ex_data_idx(void)
0f113f3e
MC		 2952{
2953 static volatile int idx = -1;
2954 if (idx < 0) {
2955 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2956 if (idx < 0) {
2957 idx = X509_STORE_CTX_get_ex_new_index(0,
2958 "SSLtest for verify callback",
2959 NULL, NULL, NULL);
2960 }
2961 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2962 }
2963 return idx;
2964}
a7201e9a 2965
6d23cf97 2966static int verify_callback(int ok, X509_STORE_CTX *ctx)
0f113f3e
MC		 2967{
2968 char *s, buf[256];
2969
2970 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2971 sizeof buf);
2972 if (s != NULL) {
2973 if (ok)
3dca57f8 2974 printf("depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2975 else {
2976 fprintf(stderr, "depth=%d error=%d %s\n",
2977 ctx->error_depth, ctx->error, buf);
2978 }
2979 }
2980
2981 if (ok == 0) {
0f113f3e 2982 switch (ctx->error) {
3dca57f8
RS		 2983 default:
2984 fprintf(stderr, "Error string: %s\n",
2985 X509_verify_cert_error_string(ctx->error));
2986 break;
0f113f3e
MC		 2987 case X509_V_ERR_CERT_NOT_YET_VALID:
2988 case X509_V_ERR_CERT_HAS_EXPIRED:
2989 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
0f113f3e
MC		 2990 ok = 1;
2991 }
2992 }
2993
2994 if (ok == 1) {
2995 X509 *xs = ctx->current_cert;
a8d8e06b 2996 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
0f113f3e
MC		 2997 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2998 get_proxy_auth_ex_data_idx
2999 ());
3000
3001 if (letters) {
3002 int found_any = 0;
3003 int i;
3004 PROXY_CERT_INFO_EXTENSION *pci =
3005 X509_get_ext_d2i(xs, NID_proxyCertInfo,
3006 NULL, NULL);
3007
3008 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
3009 case NID_Independent:
3010 /*
3011 * Completely meaningless in this program, as there's no
3012 * way to grant explicit rights to a specific PrC.
3013 * Basically, using id-ppl-Independent is the perfect way
3014 * to grant no rights at all.
3015 */
3016 fprintf(stderr, " Independent proxy certificate");
3017 for (i = 0; i < 26; i++)
3018 letters[i] = 0;
3019 break;
3020 case NID_id_ppl_inheritAll:
3021 /*
3022 * This is basically a NOP, we simply let the current
3023 * rights stand as they are.
3024 */
3025 fprintf(stderr, " Proxy certificate inherits all");
3026 break;
3027 default:
3028 s = (char *)
3029 pci->proxyPolicy->policy->data;
3030 i = pci->proxyPolicy->policy->length;
3031
3032 /*
3033 * The algorithm works as follows: it is assumed that
3034 * previous iterations or the initial granted rights has
3035 * already set some elements of `letters'. What we need
3036 * to do is to clear those that weren't granted by the
3037 * current PrC as well. The easiest way to do this is to
3038 * add 1 to all the elements whose letters are given with
3039 * the current policy. That way, all elements that are
3040 * set by the current policy and were already set by
3041 * earlier policies and through the original grant of
3042 * rights will get the value 2 or higher. The last thing
3043 * to do is to sweep through `letters' and keep the
3044 * elements having the value 2 as set, and clear all the
3045 * others.
3046 */
3047
3dca57f8 3048 printf(" Certificate proxy rights = %*.*s", i,
0f113f3e
MC		 3049 i, s);
3050 while (i-- > 0) {
3051 int c = *s++;
3052 if (isascii(c) && isalpha(c)) {
3053 if (islower(c))
3054 c = toupper(c);
3055 letters[c - 'A']++;
3056 }
3057 }
3058 for (i = 0; i < 26; i++)
3059 if (letters[i] < 2)
3060 letters[i] = 0;
3061 else
3062 letters[i] = 1;
3063 }
3064
3065 found_any = 0;
3dca57f8 3066 printf(", resulting proxy rights = ");
0f113f3e
MC		 3067 for (i = 0; i < 26; i++)
3068 if (letters[i]) {
3dca57f8 3069 printf("%c", i + 'A');
0f113f3e
MC		 3070 found_any = 1;
3071 }
3072 if (!found_any)
3dca57f8
RS		 3073 printf("none");
3074 printf("\n");
0f113f3e
MC		 3075
3076 PROXY_CERT_INFO_EXTENSION_free(pci);
3077 }
3078 }
3079 }
3080
3081 return (ok);
3082}
d02b48c6 3083
a7201e9a 3084static void process_proxy_debug(int indent, const char *format, ...)
0f113f3e
MC		 3085{
3086 /* That's 80 > */
3087 static const char indentation[] =
3088 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
3089 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
3090 char my_format[256];
3091 va_list args;
3092
3093 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
3094 indent, indent, indentation, format);
3095
3096 va_start(args, format);
3097 vfprintf(stderr, my_format, args);
3098 va_end(args);
3099}
3100
1d97c843
TH		 3101/*-
3102 * Priority levels:
0f113f3e
MC		 3103 * 0 [!]var, ()
3104 * 1 & ^
3105 * 2 |
1d97c843 3106 */
a7201e9a 3107static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 3108 const char *cond, const char **cond_end,
3109 int *pos, int indent);
3110static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
3111 const char **cond_end, int *pos, int indent)
3112{
3113 int c;
3114 int ok = 1;
3115 int negate = 0;
3116
3117 while (isspace((int)*cond)) {
3118 cond++;
3119 (*pos)++;
3120 }
3121 c = *cond;
3122
3123 if (debug)
3124 process_proxy_debug(indent,
3125 "Start process_proxy_cond_val at position %d: %s\n",
3126 *pos, cond);
3127
3128 while (c == '!') {
3129 negate = !negate;
3130 cond++;
3131 (*pos)++;
3132 while (isspace((int)*cond)) {
3133 cond++;
3134 (*pos)++;
3135 }
3136 c = *cond;
3137 }
3138
3139 if (c == '(') {
3140 cond++;
3141 (*pos)++;
3142 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
3143 indent + 1);
3144 cond = *cond_end;
3145 if (ok < 0)
3146 goto end;
3147 while (isspace((int)*cond)) {
3148 cond++;
3149 (*pos)++;
3150 }
3151 c = *cond;
3152 if (c != ')') {
3153 fprintf(stderr,
3154 "Weird condition character in position %d: "
3155 "%c\n", *pos, c);
3156 ok = -1;
3157 goto end;
3158 }
3159 cond++;
3160 (*pos)++;
3161 } else if (isascii(c) && isalpha(c)) {
3162 if (islower(c))
3163 c = toupper(c);
3164 ok = letters[c - 'A'];
3165 cond++;
3166 (*pos)++;
3167 } else {
3168 fprintf(stderr,
3169 "Weird condition character in position %d: " "%c\n", *pos, c);
3170 ok = -1;
3171 goto end;
3172 }
a7201e9a 3173 end:
0f113f3e
MC		 3174 *cond_end = cond;
3175 if (ok >= 0 && negate)
3176 ok = !ok;
a7201e9a 3177
0f113f3e
MC		 3178 if (debug)
3179 process_proxy_debug(indent,
3180 "End process_proxy_cond_val at position %d: %s, returning %d\n",
3181 *pos, cond, ok);
3182
3183 return ok;
3184}
a7201e9a 3185
a7201e9a 3186static int process_proxy_cond_multipliers(unsigned int letters[26],
0f113f3e
MC		 3187 const char *cond,
3188 const char **cond_end, int *pos,
3189 int indent)
3190{
3191 int ok;
3192 char c;
3193
3194 if (debug)
3195 process_proxy_debug(indent,
3196 "Start process_proxy_cond_multipliers at position %d: %s\n",
3197 *pos, cond);
3198
3199 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
3200 cond = *cond_end;
3201 if (ok < 0)
3202 goto end;
3203
3204 while (ok >= 0) {
3205 while (isspace((int)*cond)) {
3206 cond++;
3207 (*pos)++;
3208 }
3209 c = *cond;
3210
3211 switch (c) {
3212 case '&':
3213 case '^':
3214 {
3215 int save_ok = ok;
3216
3217 cond++;
3218 (*pos)++;
3219 ok = process_proxy_cond_val(letters,
3220 cond, cond_end, pos, indent + 1);
3221 cond = *cond_end;
3222 if (ok < 0)
3223 break;
3224
3225 switch (c) {
3226 case '&':
3227 ok &= save_ok;
3228 break;
3229 case '^':
3230 ok ^= save_ok;
3231 break;
3232 default:
3233 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3234 " STOPPING\n");
3235 EXIT(1);
3236 }
3237 }
3238 break;
3239 default:
3240 goto end;
3241 }
3242 }
a7201e9a 3243 end:
0f113f3e
MC		 3244 if (debug)
3245 process_proxy_debug(indent,
3246 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
3247 *pos, cond, ok);
3248
3249 *cond_end = cond;
3250 return ok;
3251}
3252
a7201e9a 3253static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 3254 const char *cond, const char **cond_end,
3255 int *pos, int indent)
3256{
3257 int ok;
3258 char c;
3259
3260 if (debug)
3261 process_proxy_debug(indent,
3262 "Start process_proxy_cond_adders at position %d: %s\n",
3263 *pos, cond);
3264
3265 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
3266 indent + 1);
3267 cond = *cond_end;
3268 if (ok < 0)
3269 goto end;
3270
3271 while (ok >= 0) {
3272 while (isspace((int)*cond)) {
3273 cond++;
3274 (*pos)++;
3275 }
3276 c = *cond;
3277
3278 switch (c) {
3279 case '|':
3280 {
3281 int save_ok = ok;
3282
3283 cond++;
3284 (*pos)++;
3285 ok = process_proxy_cond_multipliers(letters,
3286 cond, cond_end, pos,
3287 indent + 1);
3288 cond = *cond_end;
3289 if (ok < 0)
3290 break;
3291
3292 switch (c) {
3293 case '|':
3294 ok |= save_ok;
3295 break;
3296 default:
3297 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3298 " STOPPING\n");
3299 EXIT(1);
3300 }
3301 }
3302 break;
3303 default:
3304 goto end;
3305 }
3306 }
a7201e9a 3307 end:
0f113f3e
MC		 3308 if (debug)
3309 process_proxy_debug(indent,
3310 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
3311 *pos, cond, ok);
a7201e9a 3312
0f113f3e
MC		 3313 *cond_end = cond;
3314 return ok;
3315}
a7201e9a
RL		 3316
3317static int process_proxy_cond(unsigned int letters[26],
0f113f3e
MC		 3318 const char *cond, const char **cond_end)
3319{
3320 int pos = 1;
3321 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3322}
a7201e9a 3323
6d23cf97 3324static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
0f113f3e
MC		 3325{
3326 int ok = 1;
3327 struct app_verify_arg *cb_arg = arg;
3328 unsigned int letters[26]; /* only used with proxy_auth */
3329
3330 if (cb_arg->app_verify) {
3331 char *s = NULL, buf[256];
3332
3dca57f8
RS		 3333 printf("In app_verify_callback, allowing cert. ");
3334 printf("Arg is: %s\n", cb_arg->string);
3335 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
0f113f3e
MC		 3336 (void *)ctx, (void *)ctx->cert);
3337 if (ctx->cert)
3338 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
3339 if (s != NULL) {
3dca57f8 3340 printf("cert depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 3341 }
3342 return (1);
3343 }
3344 if (cb_arg->proxy_auth) {
3345 int found_any = 0, i;
3346 char *sp;
3347
3348 for (i = 0; i < 26; i++)
3349 letters[i] = 0;
3350 for (sp = cb_arg->proxy_auth; *sp; sp++) {
3351 int c = *sp;
3352 if (isascii(c) && isalpha(c)) {
3353 if (islower(c))
3354 c = toupper(c);
3355 letters[c - 'A'] = 1;
3356 }
3357 }
3358
3dca57f8 3359 printf(" Initial proxy rights = ");
0f113f3e
MC		 3360 for (i = 0; i < 26; i++)
3361 if (letters[i]) {
3dca57f8 3362 printf("%c", i + 'A');
0f113f3e
MC		 3363 found_any = 1;
3364 }
3365 if (!found_any)
3dca57f8
RS		 3366 printf("none");
3367 printf("\n");
0f113f3e
MC		 3368
3369 X509_STORE_CTX_set_ex_data(ctx,
3370 get_proxy_auth_ex_data_idx(), letters);
3371 }
3372 if (cb_arg->allow_proxy_certs) {
3373 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
3374 }
0f113f3e 3375 ok = X509_verify_cert(ctx);
0f113f3e
MC		 3376
3377 if (cb_arg->proxy_auth) {
3378 if (ok > 0) {
3379 const char *cond_end = NULL;
3380
3381 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
3382
3383 if (ok < 0)
3384 EXIT(3);
3385 if (*cond_end) {
3386 fprintf(stderr,
3387 "Stopped processing condition before it's end.\n");
3388 ok = 0;
3389 }
3390 if (!ok)
3391 fprintf(stderr,
3dca57f8 3392 "Proxy rights check with condition '%s' invalid\n",
0f113f3e
MC		 3393 cb_arg->proxy_cond);
3394 else
3dca57f8 3395 printf("Proxy rights check with condition '%s' ok\n",
0f113f3e
MC		 3396 cb_arg->proxy_cond);
3397 }
3398 }
3399 return (ok);
3400}
023ec151 3401
bc36ee62 3402#ifndef OPENSSL_NO_DH
1d97c843
TH		 3403/*-
3404 * These DH parameters have been generated as follows:
e4589582
BM		 3405 * $ openssl dhparam -C -noout 512
3406 * $ openssl dhparam -C -noout 1024
3407 * $ openssl dhparam -C -noout -dsaparam 1024
3408 * (The third function has been renamed to avoid name conflicts.)
3409 */
f3f316f1 3410static DH *get_dh512()
0f113f3e
MC		 3411{
3412 static unsigned char dh512_p[] = {
3413 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
3414 0xC6,
3415 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
3416 0xB0,
3417 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
3418 0x5F,
3419 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
3420 0xB8,
3421 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
3422 0x33,
3423 0x02, 0xC5, 0xAE, 0x23,
3424 };
3425 static unsigned char dh512_g[] = {
3426 0x02,
3427 };
3428 DH *dh;
3429
3430 if ((dh = DH_new()) == NULL)
3431 return (NULL);
3432 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
3433 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
3434 if ((dh->p == NULL) || (dh->g == NULL)) {
3435 DH_free(dh);
3436 return (NULL);
3437 }
3438 return (dh);
3439}
e4589582 3440
f3f316f1 3441static DH *get_dh1024()
0f113f3e
MC		 3442{
3443 static unsigned char dh1024_p[] = {
3444 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
3445 0x3A,
3446 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
3447 0xA2,
3448 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
3449 0xB0,
3450 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
3451 0xC2,
3452 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
3453 0x8C,
3454 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3455 0xB8,
3456 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3457 0x52,
3458 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3459 0xC1,
3460 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3461 0xB1,
3462 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3463 0xAB,
3464 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3465 };
3466 static unsigned char dh1024_g[] = {
3467 0x02,
3468 };
3469 DH *dh;
3470
3471 if ((dh = DH_new()) == NULL)
3472 return (NULL);
3473 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3474 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3475 if ((dh->p == NULL) || (dh->g == NULL)) {
3476 DH_free(dh);
3477 return (NULL);
3478 }
3479 return (dh);
3480}
53002dc6 3481
f3f316f1 3482static DH *get_dh1024dsa()
0f113f3e
MC		 3483{
3484 static unsigned char dh1024_p[] = {
3485 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3486 0x00,
3487 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3488 0x19,
3489 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3490 0xD2,
3491 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3492 0x55,
3493 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3494 0xFC,
3495 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3496 0x97,
3497 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3498 0x8D,
3499 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3500 0xBB,
3501 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3502 0xF6,
3503 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3504 0x9E,
3505 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3506 };
3507 static unsigned char dh1024_g[] = {
3508 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3509 0x05,
3510 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3511 0xF3,
3512 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3513 0xE9,
3514 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3515 0x3C,
3516 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3517 0x65,
3518 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3519 0x60,
3520 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3521 0xF6,
3522 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3523 0xA7,
3524 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3525 0xA1,
3526 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3527 0x60,
3528 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3529 };
3530 DH *dh;
3531
3532 if ((dh = DH_new()) == NULL)
3533 return (NULL);
3534 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3535 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3536 if ((dh->p == NULL) || (dh->g == NULL)) {
3537 DH_free(dh);
3538 return (NULL);
3539 }
3540 dh->length = 160;
3541 return (dh);
3542}
f71165b5 3543#endif
6e119bb0 3544
ddac1974
NL		 3545#ifndef OPENSSL_NO_PSK
3546/* convert the PSK key (psk_key) in ascii to binary (psk) */
3547static int psk_key2bn(const char *pskkey, unsigned char *psk,
0f113f3e
MC		 3548 unsigned int max_psk_len)
3549{
3550 int ret;
3551 BIGNUM *bn = NULL;
3552
3553 ret = BN_hex2bn(&bn, pskkey);
3554 if (!ret) {
3555 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3556 pskkey);
23a1d5e9 3557 BN_free(bn);
0f113f3e
MC		 3558 return 0;
3559 }
3560 if (BN_num_bytes(bn) > (int)max_psk_len) {
3561 BIO_printf(bio_err,
3562 "psk buffer of callback is too small (%d) for key (%d)\n",
3563 max_psk_len, BN_num_bytes(bn));
3564 BN_free(bn);
3565 return 0;
3566 }
3567 ret = BN_bn2bin(bn, psk);
3568 BN_free(bn);
3569 return ret;
3570}
3571
3572static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3573 char *identity,
3574 unsigned int max_identity_len,
3575 unsigned char *psk,
3576 unsigned int max_psk_len)
3577{
3578 int ret;
3579 unsigned int psk_len = 0;
3580
3581 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3582 if (ret < 0)
3583 goto out_err;
3584 if (debug)
3585 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3586 ret);
3587 ret = psk_key2bn(psk_key, psk, max_psk_len);
3588 if (ret < 0)
3589 goto out_err;
3590 psk_len = ret;
3591 out_err:
3592 return psk_len;
3593}
ddac1974
NL		 3594
3595static unsigned int psk_server_callback(SSL *ssl, const char *identity,
0f113f3e
MC		 3596 unsigned char *psk,
3597 unsigned int max_psk_len)
3598{
3599 unsigned int psk_len = 0;
ddac1974 3600
0f113f3e
MC		 3601 if (strcmp(identity, "Client_identity") != 0) {
3602 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3603 return 0;
3604 }
3605 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3606 return psk_len;
3607}
ddac1974
NL		 3608#endif
3609
6e119bb0 3610static int do_test_cipherlist(void)
0f113f3e 3611{
6b01bed2 3612#if !defined(OPENSSL_NO_SSL3) || !defined(OPENSSL_NO_TLS1)
0f113f3e
MC		 3613 int i = 0;
3614 const SSL_METHOD *meth;
3615 const SSL_CIPHER *ci, *tci = NULL;
6b01bed2 3616#endif
6e119bb0 3617
00fe865d 3618#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 3619 meth = SSLv3_method();
3620 tci = NULL;
3621 while ((ci = meth->get_cipher(i++)) != NULL) {
3622 if (tci != NULL)
3623 if (ci->id >= tci->id) {
3dca57f8 3624 fprintf(stderr, "testing SSLv3 cipher list order: ");
90d9e49a 3625 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
0f113f3e
MC		 3626 return 0;
3627 }
3628 tci = ci;
3629 }
00fe865d 3630#endif
6b01bed2 3631#ifndef OPENSSL_NO_TLS1
0f113f3e
MC		 3632 meth = TLSv1_method();
3633 tci = NULL;
3634 while ((ci = meth->get_cipher(i++)) != NULL) {
3635 if (tci != NULL)
3636 if (ci->id >= tci->id) {
3dca57f8 3637 fprintf(stderr, "testing TLSv1 cipher list order: ");
90d9e49a 3638 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
0f113f3e
MC		 3639 return 0;
3640 }
3641 tci = ci;
3642 }
6b01bed2 3643#endif
0f113f3e
MC		 3644
3645 return 1;
3646}
A mirror of the official openssl repository