]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/ssltest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Avoid direct X509 structure access
[thirdparty/openssl.git] / test / ssltest.c
CommitLineData
d02b48c6 1/* ssl/ssltest.c */
58964a49 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6
RE		 3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
0f113f3e 8 *
d02b48c6
RE		 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e 15 *
d02b48c6
RE		 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
0f113f3e 22 *
d02b48c6
RE		 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
0f113f3e 37 * 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6
RE		 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e 40 *
d02b48c6
RE		 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
0f113f3e 52 *
d02b48c6
RE		 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
3ac82faa
BM		 58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
0f113f3e 66 * notice, this list of conditions and the following disclaimer.
3ac82faa
BM		 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
ea262260
BM		 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
0f113f3e 113 * ECC cipher suite support in OpenSSL originally developed by
ea262260
BM		 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
ddac1974
NL		 116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
d02b48c6 142
dbd87ffc
MC		 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */
144#define _BSD_SOURCE 1
37289744 145
6f7af152
BM		 146#include <assert.h>
147#include <errno.h>
148#include <limits.h>
d02b48c6
RE		 149#include <stdio.h>
150#include <stdlib.h>
151#include <string.h>
563f1503 152#include <time.h>
17e3dd1c 153
e7a28569 154#define USE_SOCKETS
41d2a336 155#include "e_os.h"
17e3dd1c 156
bc120a54 157#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 158/*
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
160 */
161# define _XOPEN_SOURCE 500
bc120a54
DSH		 162#endif
163
a963395a
RL		 164#include <ctype.h>
165
ec577822
BM		 166#include <openssl/bio.h>
167#include <openssl/crypto.h>
563f1503 168#include <openssl/evp.h>
ec577822 169#include <openssl/x509.h>
a7201e9a 170#include <openssl/x509v3.h>
ec577822 171#include <openssl/ssl.h>
0b13e9f0 172#ifndef OPENSSL_NO_ENGINE
0f113f3e 173# include <openssl/engine.h>
0b13e9f0 174#endif
ec577822 175#include <openssl/err.h>
b9d82f47 176#include <openssl/rand.h>
3eeaab4b 177#ifndef OPENSSL_NO_RSA
0f113f3e 178# include <openssl/rsa.h>
3eeaab4b
NL		 179#endif
180#ifndef OPENSSL_NO_DSA
0f113f3e 181# include <openssl/dsa.h>
3eeaab4b
NL		 182#endif
183#ifndef OPENSSL_NO_DH
0f113f3e 184# include <openssl/dh.h>
3eeaab4b 185#endif
edc032b5 186#ifndef OPENSSL_NO_SRP
0f113f3e 187# include <openssl/srp.h>
edc032b5 188#endif
d095b68d 189#include <openssl/bn.h>
09867a47 190
b6ba4014
MC		 191#include "../ssl/ssl_locl.h"
192
dbd87ffc
MC		 193/*
194 * Or gethostname won't be declared properly
195 * on Compaq platforms (at least with DEC C).
196 * Do not try to put it earlier, or IPv6 includes
197 * get screwed...
0f113f3e
MC		 198 */
199#define _XOPEN_SOURCE_EXTENDED 1
09867a47 200
bc36ee62 201#ifdef OPENSSL_SYS_WINDOWS
0f113f3e 202# include <winsock.h>
37289744 203#else
0f113f3e 204# include OPENSSL_UNISTD
d02b48c6
RE		 205#endif
206
0f113f3e 207/*
45ddce21
RS		 208 * There is really no standard for this, so let's assign something
209 * only for this test
0f113f3e 210 */
0f113f3e 211#define COMP_ZLIB 1
23f80f46 212
6d23cf97 213static int verify_callback(int ok, X509_STORE_CTX *ctx);
bc36ee62 214#ifndef OPENSSL_NO_RSA
0f113f3e 215static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
46b3bd54 216static void free_tmp_rsa(void);
79df9d62 217#endif
6d23cf97 218static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
a7201e9a 219#define APP_CALLBACK_STRING "Test Callback Argument"
0f113f3e
MC		 220struct app_verify_arg {
221 char *string;
222 int app_verify;
223 int allow_proxy_certs;
224 char *proxy_auth;
225 char *proxy_cond;
226};
023ec151 227
bc36ee62 228#ifndef OPENSSL_NO_DH
d02b48c6 229static DH *get_dh512(void);
e4589582
BM		 230static DH *get_dh1024(void);
231static DH *get_dh1024dsa(void);
53002dc6
BM		 232#endif
233
0f113f3e 234static char *psk_key = NULL; /* by default PSK is not used */
ddac1974 235#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 236static unsigned int psk_client_callback(SSL *ssl, const char *hint,
237 char *identity,
238 unsigned int max_identity_len,
239 unsigned char *psk,
240 unsigned int max_psk_len);
241static unsigned int psk_server_callback(SSL *ssl, const char *identity,
242 unsigned char *psk,
243 unsigned int max_psk_len);
ddac1974
NL		 244#endif
245
edc032b5
BL		 246#ifndef OPENSSL_NO_SRP
247/* SRP client */
248/* This is a context that we pass to all callbacks */
0f113f3e
MC		 249typedef struct srp_client_arg_st {
250 char *srppassin;
251 char *srplogin;
252} SRP_CLIENT_ARG;
edc032b5 253
0f113f3e 254# define PWD_STRLEN 1024
edc032b5 255
0f113f3e
MC		 256static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
257{
258 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
259 return BUF_strdup((char *)srp_client_arg->srppassin);
260}
edc032b5 261
edc032b5
BL		 262/* SRP server */
263/* This is a context that we pass to SRP server callbacks */
0f113f3e
MC		 264typedef struct srp_server_arg_st {
265 char *expected_user;
266 char *pass;
267} SRP_SERVER_ARG;
edc032b5 268
6d23cf97 269static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
0f113f3e
MC		 270{
271 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
272
273 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
274 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
275 return SSL3_AL_FATAL;
276 }
277 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
278 *ad = SSL_AD_INTERNAL_ERROR;
279 return SSL3_AL_FATAL;
280 }
281 return SSL_ERROR_NONE;
282}
283#endif
284
285static BIO *bio_err = NULL;
286static BIO *bio_stdout = NULL;
d02b48c6 287
2911575c 288#ifndef OPENSSL_NO_NEXTPROTONEG
d9a268b9
BL		 289/* Note that this code assumes that this is only a one element list: */
290static const char NEXT_PROTO_STRING[] = "\x09testproto";
291int npn_client = 0;
292int npn_server = 0;
293int npn_server_reject = 0;
294
0f113f3e
MC		 295static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
296 const unsigned char *in, unsigned int inlen,
297 void *arg)
298{
299 /*
300 * This callback only returns the protocol string, rather than a length
301 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
302 * and remove the first byte to chop off the length prefix.
303 */
304 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
305 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
306 return SSL_TLSEXT_ERR_OK;
307}
308
309static int cb_server_npn(SSL *s, const unsigned char **data,
310 unsigned int *len, void *arg)
311{
312 *data = (const unsigned char *)NEXT_PROTO_STRING;
313 *len = sizeof(NEXT_PROTO_STRING) - 1;
314 return SSL_TLSEXT_ERR_OK;
315}
316
317static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
318 unsigned int *len, void *arg)
319{
320 return SSL_TLSEXT_ERR_NOACK;
321}
d9a268b9
BL		 322
323static int verify_npn(SSL *client, SSL *server)
0f113f3e
MC		 324{
325 const unsigned char *client_s;
326 unsigned client_len;
327 const unsigned char *server_s;
328 unsigned server_len;
329
330 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
331 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
332
333 if (client_len) {
334 BIO_printf(bio_stdout, "Client NPN: ");
335 BIO_write(bio_stdout, client_s, client_len);
336 BIO_printf(bio_stdout, "\n");
337 }
338
339 if (server_len) {
340 BIO_printf(bio_stdout, "Server NPN: ");
341 BIO_write(bio_stdout, server_s, server_len);
342 BIO_printf(bio_stdout, "\n");
343 }
344
345 /*
346 * If an NPN string was returned, it must be the protocol that we
347 * expected to negotiate.
348 */
349 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
350 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
351 return -1;
352 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
353 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
354 return -1;
355
356 if (!npn_client && client_len)
357 return -1;
358 if (!npn_server && server_len)
359 return -1;
360 if (npn_server_reject && server_len)
361 return -1;
362 if (npn_client && npn_server && (!client_len || !server_len))
363 return -1;
364
365 return 0;
366}
d9a268b9
BL		 367#endif
368
a8989362
AL		 369static const char *alpn_client;
370static const char *alpn_server;
371static const char *alpn_expected;
372static unsigned char *alpn_selected;
373
3a83462d
MC		 374/*-
375 * next_protos_parse parses a comma separated list of strings into a string
a8989362
AL		 376 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
377 * outlen: (output) set to the length of the resulting buffer on success.
378 * err: (maybe NULL) on failure, an error message line is written to this BIO.
4eadd11c 379 * in: a NUL terminated string like "abc,def,ghi"
a8989362
AL		 380 *
381 * returns: a malloced buffer or NULL on failure.
382 */
0f113f3e
MC		 383static unsigned char *next_protos_parse(unsigned short *outlen,
384 const char *in)
385{
386 size_t len;
387 unsigned char *out;
388 size_t i, start = 0;
389
390 len = strlen(in);
391 if (len >= 65535)
392 return NULL;
393
394 out = OPENSSL_malloc(strlen(in) + 1);
395 if (!out)
396 return NULL;
397
398 for (i = 0; i <= len; ++i) {
399 if (i == len || in[i] == ',') {
400 if (i - start > 255) {
401 OPENSSL_free(out);
402 return NULL;
403 }
404 out[start] = i - start;
405 start = i + 1;
406 } else
407 out[i + 1] = in[i];
408 }
409
410 *outlen = len + 1;
411 return out;
412}
413
414static int cb_server_alpn(SSL *s, const unsigned char **out,
415 unsigned char *outlen, const unsigned char *in,
416 unsigned int inlen, void *arg)
417{
418 unsigned char *protos;
419 unsigned short protos_len;
420
421 protos = next_protos_parse(&protos_len, alpn_server);
422 if (protos == NULL) {
423 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
424 alpn_server);
425 abort();
426 }
427
428 if (SSL_select_next_proto
429 ((unsigned char **)out, outlen, protos, protos_len, in,
430 inlen) != OPENSSL_NPN_NEGOTIATED) {
431 OPENSSL_free(protos);
432 return SSL_TLSEXT_ERR_NOACK;
433 }
434
435 /*
436 * Make a copy of the selected protocol which will be freed in
437 * verify_alpn.
438 */
439 alpn_selected = OPENSSL_malloc(*outlen);
440 memcpy(alpn_selected, *out, *outlen);
441 *out = alpn_selected;
442
443 OPENSSL_free(protos);
444 return SSL_TLSEXT_ERR_OK;
445}
a8989362
AL		 446
447static int verify_alpn(SSL *client, SSL *server)
0f113f3e
MC		 448{
449 const unsigned char *client_proto, *server_proto;
450 unsigned int client_proto_len = 0, server_proto_len = 0;
451 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
452 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
453
b548a1f1
RS		 454 OPENSSL_free(alpn_selected);
455 alpn_selected = NULL;
0f113f3e
MC		 456
457 if (client_proto_len != server_proto_len ||
458 memcmp(client_proto, server_proto, client_proto_len) != 0) {
459 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
460 goto err;
461 }
462
463 if (client_proto_len > 0 && alpn_expected == NULL) {
464 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
465 goto err;
466 }
467
468 if (alpn_expected != NULL &&
469 (client_proto_len != strlen(alpn_expected) ||
470 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
471 BIO_printf(bio_stdout,
472 "ALPN selected protocols not equal to expected protocol: %s\n",
473 alpn_expected);
474 goto err;
475 }
476
477 return 0;
478
479 err:
480 BIO_printf(bio_stdout, "ALPN results: client: '");
481 BIO_write(bio_stdout, client_proto, client_proto_len);
482 BIO_printf(bio_stdout, "', server: '");
483 BIO_write(bio_stdout, server_proto, server_proto_len);
484 BIO_printf(bio_stdout, "'\n");
485 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
486 alpn_client, alpn_server);
487 return -1;
488}
a8989362 489
a398f821 490#define SCT_EXT_TYPE 18
9cd50f73 491
0f113f3e
MC		 492/*
493 * WARNING : below extension types are *NOT* IETF assigned, and could
494 * conflict if these types are reassigned and handled specially by OpenSSL
495 * in the future
496 */
a398f821 497#define TACK_EXT_TYPE 62208
9cd50f73
T		 498#define CUSTOM_EXT_TYPE_0 1000
499#define CUSTOM_EXT_TYPE_1 1001
500#define CUSTOM_EXT_TYPE_2 1002
501#define CUSTOM_EXT_TYPE_3 1003
502
503const char custom_ext_cli_string[] = "abc";
504const char custom_ext_srv_string[] = "defg";
a398f821
T		 505
506/* These set from cmdline */
0f113f3e 507char *serverinfo_file = NULL;
a398f821
T		 508int serverinfo_sct = 0;
509int serverinfo_tack = 0;
9cd50f73
T		 510
511/* These set based on extension callbacks */
a398f821
T		 512int serverinfo_sct_seen = 0;
513int serverinfo_tack_seen = 0;
514int serverinfo_other_seen = 0;
515
9cd50f73
T		 516/* This set from cmdline */
517int custom_ext = 0;
518
519/* This set based on extension callbacks */
520int custom_ext_error = 0;
521
0cfefe4b 522static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 523 const unsigned char *in, size_t inlen,
524 int *al, void *arg)
525{
526 if (ext_type == SCT_EXT_TYPE)
527 serverinfo_sct_seen++;
528 else if (ext_type == TACK_EXT_TYPE)
529 serverinfo_tack_seen++;
530 else
531 serverinfo_other_seen++;
532 return 1;
533}
a398f821
T		 534
535static int verify_serverinfo()
0f113f3e
MC		 536{
537 if (serverinfo_sct != serverinfo_sct_seen)
538 return -1;
539 if (serverinfo_tack != serverinfo_tack_seen)
540 return -1;
541 if (serverinfo_other_seen)
542 return -1;
543 return 0;
544}
a398f821 545
1d97c843
TH		 546/*-
547 * Four test cases for custom extensions:
9cd50f73
T		 548 * 0 - no ClientHello extension or ServerHello response
549 * 1 - ClientHello with "abc", no response
550 * 2 - ClientHello with "abc", empty response
551 * 3 - ClientHello with "abc", "defg" response
552 */
553
de2a9e38 554static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 555 const unsigned char **out,
556 size_t *outlen, int *al, void *arg)
557{
558 if (ext_type != CUSTOM_EXT_TYPE_0)
559 custom_ext_error = 1;
560 return 0; /* Don't send an extension */
561}
9cd50f73 562
de2a9e38 563static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 564 const unsigned char *in,
565 size_t inlen, int *al, void *arg)
566{
567 return 1;
568}
9cd50f73 569
de2a9e38 570static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 571 const unsigned char **out,
572 size_t *outlen, int *al, void *arg)
573{
574 if (ext_type != CUSTOM_EXT_TYPE_1)
575 custom_ext_error = 1;
576 *out = (const unsigned char *)custom_ext_cli_string;
577 *outlen = strlen(custom_ext_cli_string);
578 return 1; /* Send "abc" */
579}
9cd50f73 580
de2a9e38 581static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 582 const unsigned char *in,
583 size_t inlen, int *al, void *arg)
584{
585 return 1;
586}
9cd50f73 587
de2a9e38 588static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 589 const unsigned char **out,
590 size_t *outlen, int *al, void *arg)
591{
592 if (ext_type != CUSTOM_EXT_TYPE_2)
593 custom_ext_error = 1;
594 *out = (const unsigned char *)custom_ext_cli_string;
595 *outlen = strlen(custom_ext_cli_string);
596 return 1; /* Send "abc" */
597}
9cd50f73 598
de2a9e38 599static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 600 const unsigned char *in,
601 size_t inlen, int *al, void *arg)
602{
603 if (ext_type != CUSTOM_EXT_TYPE_2)
604 custom_ext_error = 1;
605 if (inlen != 0)
606 custom_ext_error = 1; /* Should be empty response */
607 return 1;
608}
9cd50f73 609
de2a9e38 610static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 611 const unsigned char **out,
612 size_t *outlen, int *al, void *arg)
613{
614 if (ext_type != CUSTOM_EXT_TYPE_3)
615 custom_ext_error = 1;
616 *out = (const unsigned char *)custom_ext_cli_string;
617 *outlen = strlen(custom_ext_cli_string);
618 return 1; /* Send "abc" */
619}
9cd50f73 620
de2a9e38 621static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 622 const unsigned char *in,
623 size_t inlen, int *al, void *arg)
624{
625 if (ext_type != CUSTOM_EXT_TYPE_3)
626 custom_ext_error = 1;
627 if (inlen != strlen(custom_ext_srv_string))
628 custom_ext_error = 1;
629 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
630 custom_ext_error = 1; /* Check for "defg" */
631 return 1;
632}
633
634/*
635 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
636 * for this extension
637 */
de2a9e38 638static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 639 const unsigned char *in,
640 size_t inlen, int *al, void *arg)
641{
642 custom_ext_error = 1;
643 return 1;
644}
9cd50f73 645
f47e2039 646/* 'add' callbacks are only called if the 'parse' callback is called */
de2a9e38 647static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 648 const unsigned char **out,
649 size_t *outlen, int *al, void *arg)
650{
651 /* Error: should not have been called */
652 custom_ext_error = 1;
653 return 0; /* Don't send an extension */
654}
9cd50f73 655
de2a9e38 656static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 657 const unsigned char *in,
658 size_t inlen, int *al, void *arg)
659{
660 if (ext_type != CUSTOM_EXT_TYPE_1)
661 custom_ext_error = 1;
662 /* Check for "abc" */
663 if (inlen != strlen(custom_ext_cli_string))
664 custom_ext_error = 1;
665 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
666 custom_ext_error = 1;
667 return 1;
668}
9cd50f73 669
de2a9e38 670static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 671 const unsigned char **out,
672 size_t *outlen, int *al, void *arg)
673{
674 return 0; /* Don't send an extension */
675}
9cd50f73 676
de2a9e38 677static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 678 const unsigned char *in,
679 size_t inlen, int *al, void *arg)
680{
681 if (ext_type != CUSTOM_EXT_TYPE_2)
682 custom_ext_error = 1;
683 /* Check for "abc" */
684 if (inlen != strlen(custom_ext_cli_string))
685 custom_ext_error = 1;
686 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
687 custom_ext_error = 1;
688 return 1;
689}
9cd50f73 690
de2a9e38 691static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 692 const unsigned char **out,
693 size_t *outlen, int *al, void *arg)
694{
695 *out = NULL;
696 *outlen = 0;
697 return 1; /* Send empty extension */
698}
9cd50f73 699
de2a9e38 700static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 701 const unsigned char *in,
702 size_t inlen, int *al, void *arg)
703{
704 if (ext_type != CUSTOM_EXT_TYPE_3)
705 custom_ext_error = 1;
706 /* Check for "abc" */
707 if (inlen != strlen(custom_ext_cli_string))
708 custom_ext_error = 1;
709 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
710 custom_ext_error = 1;
711 return 1;
712}
9cd50f73 713
de2a9e38 714static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 715 const unsigned char **out,
716 size_t *outlen, int *al, void *arg)
717{
718 *out = (const unsigned char *)custom_ext_srv_string;
719 *outlen = strlen(custom_ext_srv_string);
720 return 1; /* Send "defg" */
721}
722
723static char *cipher = NULL;
724static int verbose = 0;
725static int debug = 0;
0f113f3e
MC		 726static const char rnd_seed[] =
727 "string to make the random number generator think it has entropy";
d02b48c6 728
0f113f3e
MC		 729int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
730 clock_t *c_time);
731int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
6e119bb0 732static int do_test_cipherlist(void);
9ccc00ef 733
6b691a5c 734static void sv_usage(void)
0f113f3e
MC		 735{
736 fprintf(stderr, "usage: ssltest [args ...]\n");
737 fprintf(stderr, "\n");
086e32a6 738#ifdef OPENSSL_FIPS
0f113f3e
MC		 739 fprintf(stderr, "-F - run test in FIPS mode\n");
740#endif
741 fprintf(stderr, " -server_auth - check server certificate\n");
742 fprintf(stderr, " -client_auth - do client authentication\n");
743 fprintf(stderr, " -proxy - allow proxy certificates\n");
744 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
745 fprintf(stderr,
746 " -proxy_cond <val> - expression to test proxy policy rights\n");
747 fprintf(stderr, " -v - more output\n");
748 fprintf(stderr, " -d - debug output\n");
749 fprintf(stderr, " -reuse - use session-id reuse\n");
750 fprintf(stderr, " -num <val> - number of connections to perform\n");
751 fprintf(stderr,
752 " -bytes <val> - number of bytes to swap between client/server\n");
bc36ee62 753#ifndef OPENSSL_NO_DH
0f113f3e 754 fprintf(stderr,
e8356e32
EK		 755 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
756 fprintf(stderr,
757 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
0f113f3e
MC		 758 fprintf(stderr,
759 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
760 fprintf(stderr, " -no_dhe - disable DHE\n");
77fa04a9 761#endif
10bf4fc2 762#ifndef OPENSSL_NO_EC
0f113f3e 763 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
ea262260 764#endif
ddac1974 765#ifndef OPENSSL_NO_PSK
0f113f3e 766 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
ddac1974 767#endif
edc032b5 768#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 769 fprintf(stderr, " -srpuser user - SRP username to use\n");
770 fprintf(stderr, " -srppass arg - password for 'user'\n");
edc032b5 771#endif
3881d810 772#ifndef OPENSSL_NO_SSL3_METHOD
0f113f3e 773 fprintf(stderr, " -ssl3 - use SSLv3\n");
58964a49 774#endif
0f113f3e 775 fprintf(stderr, " -tls1 - use TLSv1\n");
98b8cdd3
DW		 776#ifndef OPENSSL_NO_DTLS
777 fprintf(stderr, " -dtls1 - use DTLSv1\n");
778 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
779#endif
0f113f3e
MC		 780 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
781 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
782 fprintf(stderr, " -cert arg - Server certificate file\n");
783 fprintf(stderr,
784 " -key arg - Server key file (default: same as -cert)\n");
785 fprintf(stderr, " -c_cert arg - Client certificate file\n");
786 fprintf(stderr,
787 " -c_key arg - Client key file (default: same as -c_cert)\n");
788 fprintf(stderr, " -cipher arg - The cipher list\n");
789 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
790 fprintf(stderr, " -f - Test even cases that can't work\n");
791 fprintf(stderr,
792 " -time - measure processor time used by client and server\n");
793 fprintf(stderr, " -zlib - use zlib compression\n");
10bf4fc2 794#ifndef OPENSSL_NO_EC
0f113f3e
MC		 795 fprintf(stderr,
796 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
797 " Use \"openssl ecparam -list_curves\" for all names\n"
798 " (default is sect163r2).\n");
799#endif
800 fprintf(stderr,
801 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
802 " When this option is requested, the cipherlist\n"
803 " tests are run instead of handshake tests.\n");
2911575c 804#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 805 fprintf(stderr, " -npn_client - have client side offer NPN\n");
806 fprintf(stderr, " -npn_server - have server side offer NPN\n");
807 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
808#endif
809 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
810 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
811 fprintf(stderr,
812 " -serverinfo_tack - have client offer and expect TACK\n");
813 fprintf(stderr,
814 " -custom_ext - try various custom extension callbacks\n");
815 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
816 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
817 fprintf(stderr,
818 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
819}
563f1503 820
f756f1fc 821static void print_key_details(BIO *out, EVP_PKEY *key)
0f113f3e
MC		 822{
823 int keyid = EVP_PKEY_id(key);
f756f1fc 824#ifndef OPENSSL_NO_EC
0f113f3e
MC		 825 if (keyid == EVP_PKEY_EC) {
826 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
827 int nid;
828 const char *cname;
829 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
830 EC_KEY_free(ec);
831 cname = EC_curve_nid2nist(nid);
832 if (!cname)
833 cname = OBJ_nid2sn(nid);
834 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
835 } else
836#endif
837 {
838 const char *algname;
839 switch (keyid) {
840 case EVP_PKEY_RSA:
841 algname = "RSA";
842 break;
843 case EVP_PKEY_DSA:
844 algname = "DSA";
845 break;
846 case EVP_PKEY_DH:
847 algname = "DH";
848 break;
849 default:
850 algname = OBJ_nid2sn(keyid);
851 break;
852 }
853 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
854 }
855}
f756f1fc 856
563f1503 857static void print_details(SSL *c_ssl, const char *prefix)
0f113f3e
MC		 858{
859 const SSL_CIPHER *ciph;
860 int mdnid;
861 X509 *cert;
862 EVP_PKEY *pkey;
863
864 ciph = SSL_get_current_cipher(c_ssl);
865 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
866 prefix,
867 SSL_get_version(c_ssl),
868 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
869 cert = SSL_get_peer_certificate(c_ssl);
870 if (cert != NULL) {
871 pkey = X509_get_pubkey(cert);
872 if (pkey != NULL) {
873 BIO_puts(bio_stdout, ", ");
874 print_key_details(bio_stdout, pkey);
875 EVP_PKEY_free(pkey);
876 }
877 X509_free(cert);
878 }
879 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
880 BIO_puts(bio_stdout, ", temp key: ");
881 print_key_details(bio_stdout, pkey);
882 EVP_PKEY_free(pkey);
883 }
884 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
885 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
886 BIO_printf(bio_stdout, "\n");
887}
d02b48c6 888
3ac82faa 889static void lock_dbg_cb(int mode, int type, const char *file, int line)
0f113f3e
MC		 890{
891 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
892 const char *errstr = NULL;
893 int rw;
894
895 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
896 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
897 errstr = "invalid mode";
898 goto err;
899 }
900
901 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
902 errstr = "type out of bounds";
903 goto err;
904 }
905
906 if (mode & CRYPTO_LOCK) {
907 if (modes[type]) {
908 errstr = "already locked";
909 /*
910 * must not happen in a single-threaded program (would deadlock)
911 */
912 goto err;
913 }
914
915 modes[type] = rw;
916 } else if (mode & CRYPTO_UNLOCK) {
917 if (!modes[type]) {
918 errstr = "not locked";
919 goto err;
920 }
921
922 if (modes[type] != rw) {
923 errstr = (rw == CRYPTO_READ) ?
924 "CRYPTO_r_unlock on write lock" :
925 "CRYPTO_w_unlock on read lock";
926 }
927
928 modes[type] = 0;
929 } else {
930 errstr = "invalid mode";
931 goto err;
932 }
3ac82faa
BM		 933
934 err:
0f113f3e
MC		 935 if (errstr) {
936 /* we cannot use bio_err here */
937 fprintf(stderr,
938 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
939 errstr, mode, type, file, line);
940 }
941}
3ac82faa 942
6b691a5c 943int main(int argc, char *argv[])
0f113f3e
MC		 944{
945 char *CApath = NULL, *CAfile = NULL;
946 int badop = 0;
947 int bio_pair = 0;
948 int force = 0;
98b8cdd3 949 int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl3 = 0, ret = 1;
0f113f3e
MC		 950 int client_auth = 0;
951 int server_auth = 0, i;
952 struct app_verify_arg app_verify_arg =
953 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
10bf4fc2 954#ifndef OPENSSL_NO_EC
0f113f3e
MC		 955 char *named_curve = NULL;
956#endif
957 SSL_CTX *s_ctx = NULL;
958 SSL_CTX *c_ctx = NULL;
959 const SSL_METHOD *meth = NULL;
960 SSL *c_ssl, *s_ssl;
961 int number = 1, reuse = 0;
962 long bytes = 256L;
bc36ee62 963#ifndef OPENSSL_NO_DH
0f113f3e 964 DH *dh;
e8356e32 965 int dhe512 = 0, dhe1024dsa = 0;
ea262260 966#endif
10bf4fc2 967#ifndef OPENSSL_NO_EC
0f113f3e 968 EC_KEY *ecdh = NULL;
edc032b5
BL		 969#endif
970#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 971 /* client */
972 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
973 /* server */
974 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
975#endif
976 int no_dhe = 0;
977 int no_ecdhe = 0;
978 int no_psk = 0;
979 int print_time = 0;
980 clock_t s_time = 0, c_time = 0;
09b6c2ef 981#ifndef OPENSSL_NO_COMP
9a555706 982 int n, comp = 0;
0f113f3e
MC		 983 COMP_METHOD *cm = NULL;
984 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
00a37b5a 985#endif
0f113f3e 986 int test_cipherlist = 0;
086e32a6 987#ifdef OPENSSL_FIPS
0f113f3e
MC		 988 int fips_mode = 0;
989#endif
990 int no_protocol = 0;
991
992 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
993 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
994 const char *arg = NULL, *argn = NULL;
995
996 verbose = 0;
997 debug = 0;
998 cipher = 0;
999
1000 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1001
1002 CRYPTO_set_locking_callback(lock_dbg_cb);
1003
1004 /* enable memory leak checking unless explicitly disabled */
1005 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
1006 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
1007 CRYPTO_malloc_debug_init();
1008 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1009 } else {
1010 /* OPENSSL_DEBUG_MEMORY=off */
1011 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1012 }
1013 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1014
1015 RAND_seed(rnd_seed, sizeof rnd_seed);
1016
1017 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1018
1019 s_cctx = SSL_CONF_CTX_new();
1020 c_cctx = SSL_CONF_CTX_new();
1021
1022 if (!s_cctx || !c_cctx) {
1023 ERR_print_errors(bio_err);
1024 goto end;
1025 }
1026
1027 SSL_CONF_CTX_set_flags(s_cctx,
6a096889
DSH		 1028 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1029 SSL_CONF_FLAG_CERTIFICATE |
1030 SSL_CONF_FLAG_REQUIRE_PRIVATE);
0f113f3e
MC		 1031 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1032 ERR_print_errors(bio_err);
1033 goto end;
1034 }
1035
1036 SSL_CONF_CTX_set_flags(c_cctx,
6a096889
DSH		 1037 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
1038 SSL_CONF_FLAG_CERTIFICATE |
1039 SSL_CONF_FLAG_REQUIRE_PRIVATE);
0f113f3e
MC		 1040 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1041 ERR_print_errors(bio_err);
1042 goto end;
1043 }
1044
1045 argc--;
1046 argv++;
1047
1048 while (argc >= 1) {
86885c28 1049 if (strcmp(*argv, "-F") == 0) {
086e32a6 1050#ifdef OPENSSL_FIPS
0f113f3e 1051 fips_mode = 1;
086e32a6 1052#else
0f113f3e
MC		 1053 fprintf(stderr,
1054 "not compiled with FIPS support, so exiting without running.\n");
1055 EXIT(0);
1056#endif
1057 } else if (strcmp(*argv, "-server_auth") == 0)
1058 server_auth = 1;
1059 else if (strcmp(*argv, "-client_auth") == 0)
1060 client_auth = 1;
1061 else if (strcmp(*argv, "-proxy_auth") == 0) {
1062 if (--argc < 1)
1063 goto bad;
1064 app_verify_arg.proxy_auth = *(++argv);
1065 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1066 if (--argc < 1)
1067 goto bad;
1068 app_verify_arg.proxy_cond = *(++argv);
1069 } else if (strcmp(*argv, "-v") == 0)
1070 verbose = 1;
1071 else if (strcmp(*argv, "-d") == 0)
1072 debug = 1;
1073 else if (strcmp(*argv, "-reuse") == 0)
1074 reuse = 1;
e8356e32 1075 else if (strcmp(*argv, "-dhe512") == 0) {
90f5a2b6 1076#ifndef OPENSSL_NO_DH
e8356e32 1077 dhe512 = 1;
90f5a2b6 1078#else
0f113f3e 1079 fprintf(stderr,
e8356e32 1080 "ignoring -dhe512, since I'm compiled without DH\n");
90f5a2b6 1081#endif
0f113f3e 1082 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
90f5a2b6 1083#ifndef OPENSSL_NO_DH
0f113f3e 1084 dhe1024dsa = 1;
90f5a2b6 1085#else
0f113f3e 1086 fprintf(stderr,
e8356e32 1087 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
0f113f3e
MC		 1088#endif
1089 } else if (strcmp(*argv, "-no_dhe") == 0)
1090 no_dhe = 1;
1091 else if (strcmp(*argv, "-no_ecdhe") == 0)
1092 no_ecdhe = 1;
1093 else if (strcmp(*argv, "-psk") == 0) {
1094 if (--argc < 1)
1095 goto bad;
1096 psk_key = *(++argv);
ddac1974 1097#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1098 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1099 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1100 goto bad;
1101 }
ddac1974 1102#else
0f113f3e 1103 no_psk = 1;
ddac1974 1104#endif
0f113f3e 1105 }
edc032b5 1106#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1107 else if (strcmp(*argv, "-srpuser") == 0) {
1108 if (--argc < 1)
1109 goto bad;
1110 srp_server_arg.expected_user = srp_client_arg.srplogin =
1111 *(++argv);
1112 tls1 = 1;
1113 } else if (strcmp(*argv, "-srppass") == 0) {
1114 if (--argc < 1)
1115 goto bad;
1116 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1117 tls1 = 1;
1118 }
1119#endif
1120 else if (strcmp(*argv, "-tls1") == 0) {
0f113f3e
MC		 1121 tls1 = 1;
1122 } else if (strcmp(*argv, "-ssl3") == 0) {
3881d810 1123#ifdef OPENSSL_NO_SSL3_METHOD
0f113f3e
MC		 1124 no_protocol = 1;
1125#endif
1126 ssl3 = 1;
98b8cdd3
DW		 1127 } else if (strcmp(*argv, "-dtls1") == 0) {
1128#ifdef OPENSSL_NO_DTLS
1129 no_protocol = 1;
1130#endif
1131 dtls1 = 1;
1132 } else if (strcmp(*argv, "-dtls12") == 0) {
1133#ifdef OPENSSL_NO_DTLS
1134 no_protocol = 1;
1135#endif
1136 dtls12 = 1;
0f113f3e
MC		 1137 } else if (strncmp(*argv, "-num", 4) == 0) {
1138 if (--argc < 1)
1139 goto bad;
1140 number = atoi(*(++argv));
1141 if (number == 0)
1142 number = 1;
1143 } else if (strcmp(*argv, "-bytes") == 0) {
1144 if (--argc < 1)
1145 goto bad;
1146 bytes = atol(*(++argv));
1147 if (bytes == 0L)
1148 bytes = 1L;
1149 i = strlen(argv[0]);
1150 if (argv[0][i - 1] == 'k')
1151 bytes *= 1024L;
1152 if (argv[0][i - 1] == 'm')
1153 bytes *= 1024L * 1024L;
0f113f3e
MC		 1154 } else if (strcmp(*argv, "-cipher") == 0) {
1155 if (--argc < 1)
1156 goto bad;
1157 cipher = *(++argv);
1158 } else if (strcmp(*argv, "-CApath") == 0) {
1159 if (--argc < 1)
1160 goto bad;
1161 CApath = *(++argv);
1162 } else if (strcmp(*argv, "-CAfile") == 0) {
1163 if (--argc < 1)
1164 goto bad;
1165 CAfile = *(++argv);
1166 } else if (strcmp(*argv, "-bio_pair") == 0) {
1167 bio_pair = 1;
1168 } else if (strcmp(*argv, "-f") == 0) {
1169 force = 1;
1170 } else if (strcmp(*argv, "-time") == 0) {
1171 print_time = 1;
1172 }
a4c4a7d5 1173#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1174 else if (strcmp(*argv, "-zlib") == 0) {
1175 comp = COMP_ZLIB;
0f113f3e
MC		 1176 }
1177#endif
1178 else if (strcmp(*argv, "-named_curve") == 0) {
1179 if (--argc < 1)
1180 goto bad;
10bf4fc2 1181#ifndef OPENSSL_NO_EC
0f113f3e 1182 named_curve = *(++argv);
90f5a2b6 1183#else
0f113f3e
MC		 1184 fprintf(stderr,
1185 "ignoring -named_curve, since I'm compiled without ECDH\n");
1186 ++argv;
1187#endif
1188 } else if (strcmp(*argv, "-app_verify") == 0) {
1189 app_verify_arg.app_verify = 1;
1190 } else if (strcmp(*argv, "-proxy") == 0) {
1191 app_verify_arg.allow_proxy_certs = 1;
1192 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1193 test_cipherlist = 1;
1194 }
2911575c 1195#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1196 else if (strcmp(*argv, "-npn_client") == 0) {
1197 npn_client = 1;
1198 } else if (strcmp(*argv, "-npn_server") == 0) {
1199 npn_server = 1;
1200 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1201 npn_server_reject = 1;
1202 }
1203#endif
1204 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1205 serverinfo_sct = 1;
1206 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1207 serverinfo_tack = 1;
1208 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1209 if (--argc < 1)
1210 goto bad;
1211 serverinfo_file = *(++argv);
1212 } else if (strcmp(*argv, "-custom_ext") == 0) {
1213 custom_ext = 1;
1214 } else if (strcmp(*argv, "-alpn_client") == 0) {
1215 if (--argc < 1)
1216 goto bad;
1217 alpn_client = *(++argv);
1218 } else if (strcmp(*argv, "-alpn_server") == 0) {
1219 if (--argc < 1)
1220 goto bad;
1221 alpn_server = *(++argv);
1222 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1223 if (--argc < 1)
1224 goto bad;
1225 alpn_expected = *(++argv);
1226 } else {
1227 int rv;
1228 arg = argv[0];
1229 argn = argv[1];
1230 /* Try to process command using SSL_CONF */
1231 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1232 /* If not processed try server */
1233 if (rv == 0)
1234 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1235 /* Recognised: store it for later use */
1236 if (rv > 0) {
1237 if (rv == 1)
1238 argn = NULL;
1239 if (!conf_args) {
1240 conf_args = sk_OPENSSL_STRING_new_null();
1241 if (!conf_args)
1242 goto end;
1243 }
1244 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1245 goto end;
1246 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1247 goto end;
1248 continue;
1249 }
1250 if (rv == -3)
1251 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1252 else if (rv < 0)
1253 BIO_printf(bio_err, "Error with command %s\n", arg);
1254 else if (rv == 0)
1255 BIO_printf(bio_err, "unknown option %s\n", arg);
1256 badop = 1;
1257 break;
1258 }
1259 argc--;
1260 argv++;
1261 }
1262 if (badop) {
1263 bad:
1264 sv_usage();
1265 goto end;
1266 }
1267
1268 /*
1269 * test_cipherlist prevails over protocol switch: we test the cipherlist
1270 * for all enabled protocols.
1271 */
1272 if (test_cipherlist == 1) {
1273 /*
1274 * ensure that the cipher list are correctly sorted and exit
1275 */
1276 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1277 "other options.\n");
1278 if (do_test_cipherlist() == 0)
1279 EXIT(1);
1280 ret = 0;
1281 goto end;
1282 }
1283
98b8cdd3
DW		 1284 if (ssl3 + tls1 + dtls1 + dtls12 > 1) {
1285 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls1 or -dtls12 should "
0f113f3e
MC		 1286 "be requested.\n");
1287 EXIT(1);
1288 }
1289
1290 /*
1291 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1292 * Ideally, we would error out, but the generic test wrapper can't know
1293 * when to expect failure. So we do nothing and return success.
1294 */
1295 if (no_protocol) {
1296 fprintf(stderr, "Testing was requested for a disabled protocol. "
1297 "Skipping tests.\n");
1298 ret = 0;
1299 goto end;
1300 }
1301
98b8cdd3 1302 if (!ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
0f113f3e
MC		 1303 fprintf(stderr, "This case cannot work. Use -f to perform "
1304 "the test anyway (and\n-d to see what happens), "
98b8cdd3 1305 "or add one of -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
0f113f3e
MC		 1306 "to avoid protocol mismatch.\n");
1307 EXIT(1);
1308 }
086e32a6 1309#ifdef OPENSSL_FIPS
0f113f3e
MC		 1310 if (fips_mode) {
1311 if (!FIPS_mode_set(1)) {
1312 ERR_load_crypto_strings();
1313 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
1314 EXIT(1);
1315 } else
1316 fprintf(stderr, "*** IN FIPS MODE ***\n");
1317 }
1318#endif
1319
1320 if (print_time) {
1321 if (!bio_pair) {
1322 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1323 bio_pair = 1;
1324 }
1325 if (number < 50 && !force)
1326 fprintf(stderr,
1327 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1328 }
1329
1330/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1331
1332 SSL_library_init();
1333 SSL_load_error_strings();
d02b48c6 1334
09b6c2ef 1335#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1336 if (comp == COMP_ZLIB)
1337 cm = COMP_zlib();
0f113f3e 1338 if (cm != NULL) {
9a555706 1339 if (COMP_get_type(cm) != NID_undef) {
0f113f3e
MC		 1340 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1341 fprintf(stderr, "Failed to add compression method\n");
1342 ERR_print_errors_fp(stderr);
1343 }
1344 } else {
1345 fprintf(stderr,
1346 "Warning: %s compression not supported\n",
45ddce21 1347 comp == COMP_ZLIB ? "zlib" : "unknown");
0f113f3e
MC		 1348 ERR_print_errors_fp(stderr);
1349 }
1350 }
1351 ssl_comp_methods = SSL_COMP_get_compression_methods();
3dca57f8
RS		 1352 n = sk_SSL_COMP_num(ssl_comp_methods);
1353 if (n) {
1354 int j;
1355 printf("Available compression methods:");
1356 for (j = 0; j < n; j++) {
1357 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1358 printf(" %s:%d", c->name, c->id);
22ebaae0 1359 }
3dca57f8 1360 printf("\n");
0f113f3e
MC		 1361 }
1362#endif
1363
1364 /*
1365 * At this point, ssl3/tls1 is only set if the protocol is available.
1366 * (Otherwise we exit early.) However the compiler doesn't know this, so
1367 * we ifdef.
1368 */
fd28a41e 1369#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 1370 if (ssl3)
1371 meth = SSLv3_method();
1372 else
98b8cdd3
DW		 1373#endif
1374#ifndef OPENSSL_NO_DTLS
1375 if (dtls1)
1376 meth = DTLSv1_method();
1377 else if (dtls12)
1378 meth = DTLSv1_2_method();
1379 else
fd28a41e 1380#endif
0f113f3e
MC		 1381 if (tls1)
1382 meth = TLSv1_method();
1383 else
32ec4153 1384 meth = TLS_method();
0f113f3e
MC		 1385
1386 c_ctx = SSL_CTX_new(meth);
1387 s_ctx = SSL_CTX_new(meth);
1388 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1389 ERR_print_errors(bio_err);
1390 goto end;
1391 }
1392 /*
1393 * Since we will use low security ciphersuites and keys for testing set
15a06488
EK		 1394 * security level to zero by default. Tests can override this by adding
1395 * "@SECLEVEL=n" to the cipher string.
0f113f3e
MC		 1396 */
1397 SSL_CTX_set_security_level(c_ctx, 0);
1398 SSL_CTX_set_security_level(s_ctx, 0);
1399
1400 if (cipher != NULL) {
61986d32 1401 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
69f68237
MC		 1402 || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1403 ERR_print_errors(bio_err);
1404 goto end;
1405 }
0f113f3e
MC		 1406 }
1407
1408 /* Process SSL_CONF arguments */
1409 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1410 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1411
1412 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1413 int rv;
1414 arg = sk_OPENSSL_STRING_value(conf_args, i);
1415 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1416 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1417 /* If not recognised use server context */
1418 if (rv == -2)
1419 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1420 if (rv <= 0) {
1421 BIO_printf(bio_err, "Error processing %s %s\n",
1422 arg, argn ? argn : "");
1423 ERR_print_errors(bio_err);
1424 goto end;
1425 }
1426 }
1427
1428 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
1429 BIO_puts(bio_err, "Error finishing context\n");
1430 ERR_print_errors(bio_err);
1431 goto end;
1432 }
bc36ee62 1433#ifndef OPENSSL_NO_DH
0f113f3e
MC		 1434 if (!no_dhe) {
1435 if (dhe1024dsa) {
1436 /*
1437 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1438 */
1439 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1440 dh = get_dh1024dsa();
e8356e32 1441 } else if (dhe512)
0f113f3e 1442 dh = get_dh512();
e8356e32
EK		 1443 else
1444 dh = get_dh1024();
0f113f3e
MC		 1445 SSL_CTX_set_tmp_dh(s_ctx, dh);
1446 DH_free(dh);
1447 }
e4589582 1448#else
0f113f3e 1449 (void)no_dhe;
58964a49
RE		 1450#endif
1451
10bf4fc2 1452#ifndef OPENSSL_NO_EC
0f113f3e
MC		 1453 if (!no_ecdhe) {
1454 int nid;
1455
1456 if (named_curve != NULL) {
1457 nid = OBJ_sn2nid(named_curve);
1458 if (nid == 0) {
1459 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1460 goto end;
1461 }
de57d237 1462 } else {
0f113f3e 1463 nid = NID_X9_62_prime256v1;
de57d237 1464 }
0f113f3e
MC		 1465
1466 ecdh = EC_KEY_new_by_curve_name(nid);
1467 if (ecdh == NULL) {
1468 BIO_printf(bio_err, "unable to create curve\n");
1469 goto end;
1470 }
1471
1472 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1473 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1474 EC_KEY_free(ecdh);
1475 }
b3310161 1476#else
0f113f3e 1477 (void)no_ecdhe;
ea262260
BM		 1478#endif
1479
bc36ee62 1480#ifndef OPENSSL_NO_RSA
0f113f3e 1481 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
d02b48c6
RE		 1482#endif
1483
0f113f3e
MC		 1484 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1485 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1486 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1487 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1488 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1489 ERR_print_errors(bio_err);
1490 /* goto end; */
1491 }
1492
1493 if (client_auth) {
3dca57f8 1494 printf("client authentication\n");
0f113f3e
MC		 1495 SSL_CTX_set_verify(s_ctx,
1496 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1497 verify_callback);
1498 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1499 &app_verify_arg);
1500 }
1501 if (server_auth) {
3dca57f8 1502 printf("server authentication\n");
0f113f3e
MC		 1503 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1504 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1505 &app_verify_arg);
1506 }
1507
1508 {
1509 int session_id_context = 0;
61986d32 1510 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
69f68237
MC		 1511 sizeof session_id_context)) {
1512 ERR_print_errors(bio_err);
1513 goto end;
1514 }
0f113f3e
MC		 1515 }
1516
1517 /* Use PSK only if PSK key is given */
1518 if (psk_key != NULL) {
1519 /*
1520 * no_psk is used to avoid putting psk command to openssl tool
1521 */
1522 if (no_psk) {
1523 /*
1524 * if PSK is not compiled in and psk key is given, do nothing and
1525 * exit successfully
1526 */
1527 ret = 0;
1528 goto end;
1529 }
ddac1974 1530#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1531 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1532 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1533 if (debug)
1534 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1535 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1536 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1537 ERR_print_errors(bio_err);
1538 goto end;
1539 }
1540#endif
1541 }
edc032b5 1542#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1543 if (srp_client_arg.srplogin) {
1544 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1545 BIO_printf(bio_err, "Unable to set SRP username\n");
1546 goto end;
1547 }
1548 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1549 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1550 ssl_give_srp_client_pwd_cb);
1551 /*
1552 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1553 */
1554 }
1555
1556 if (srp_server_arg.expected_user != NULL) {
1557 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1558 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1559 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1560 }
edc032b5 1561#endif
ddac1974 1562
2911575c 1563#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1564 if (npn_client) {
1565 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1566 }
1567 if (npn_server) {
1568 if (npn_server_reject) {
1569 BIO_printf(bio_err,
1570 "Can't have both -npn_server and -npn_server_reject\n");
1571 goto end;
1572 }
1573 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1574 }
1575 if (npn_server_reject) {
1576 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1577 NULL);
1578 }
1579#endif
1580
69f68237 1581 if (serverinfo_sct) {
61986d32 1582 if (!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
0f113f3e 1583 NULL, NULL, NULL,
69f68237
MC		 1584 serverinfo_cli_parse_cb, NULL)) {
1585 BIO_printf(bio_err, "Error adding SCT extension\n");
1586 goto end;
1587 }
1588 }
1589 if (serverinfo_tack) {
61986d32 1590 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
0f113f3e 1591 NULL, NULL, NULL,
69f68237
MC		 1592 serverinfo_cli_parse_cb, NULL)) {
1593 BIO_printf(bio_err, "Error adding TACK extension\n");
1594 goto end;
1595 }
1596 }
0f113f3e
MC		 1597 if (serverinfo_file)
1598 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1599 BIO_printf(bio_err, "missing serverinfo file\n");
1600 goto end;
1601 }
1602
1603 if (custom_ext) {
61986d32 1604 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1605 custom_ext_0_cli_add_cb,
1606 NULL, NULL,
69f68237 1607 custom_ext_0_cli_parse_cb, NULL)
61986d32 1608 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1609 custom_ext_1_cli_add_cb,
1610 NULL, NULL,
69f68237 1611 custom_ext_1_cli_parse_cb, NULL)
61986d32 1612 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1613 custom_ext_2_cli_add_cb,
1614 NULL, NULL,
69f68237 1615 custom_ext_2_cli_parse_cb, NULL)
61986d32 1616 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1617 custom_ext_3_cli_add_cb,
1618 NULL, NULL,
69f68237 1619 custom_ext_3_cli_parse_cb, NULL)
61986d32 1620 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1621 custom_ext_0_srv_add_cb,
1622 NULL, NULL,
69f68237 1623 custom_ext_0_srv_parse_cb, NULL)
61986d32 1624 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1625 custom_ext_1_srv_add_cb,
1626 NULL, NULL,
69f68237 1627 custom_ext_1_srv_parse_cb, NULL)
61986d32 1628 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1629 custom_ext_2_srv_add_cb,
1630 NULL, NULL,
69f68237 1631 custom_ext_2_srv_parse_cb, NULL)
61986d32 1632 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1633 custom_ext_3_srv_add_cb,
1634 NULL, NULL,
69f68237
MC		 1635 custom_ext_3_srv_parse_cb, NULL)) {
1636 BIO_printf(bio_err, "Error setting custom extensions\n");
1637 goto end;
1638 }
0f113f3e
MC		 1639 }
1640
1641 if (alpn_server)
1642 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1643
1644 if (alpn_client) {
1645 unsigned short alpn_len;
1646 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1647
1648 if (alpn == NULL) {
1649 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1650 goto end;
1651 }
69f68237 1652 /* Returns 0 on success!! */
61986d32 1653 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
69f68237
MC		 1654 BIO_printf(bio_err, "Error setting ALPN\n");
1655 OPENSSL_free(alpn);
1656 goto end;
1657 }
0f113f3e
MC		 1658 OPENSSL_free(alpn);
1659 }
1660
1661 c_ssl = SSL_new(c_ctx);
1662 s_ssl = SSL_new(s_ctx);
58964a49 1663
3dca57f8 1664 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
0f113f3e 1665 for (i = 0; i < number; i++) {
69f68237 1666 if (!reuse) {
61986d32 1667 if (!SSL_set_session(c_ssl, NULL)) {
69f68237
MC		 1668 BIO_printf(bio_err, "Failed to set session\n");
1669 goto end;
1670 }
1671 }
0f113f3e
MC		 1672 if (bio_pair)
1673 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1674 else
1675 ret = doit(s_ssl, c_ssl, bytes);
6b937f8b 1676 if (ret) break;
0f113f3e
MC		 1677 }
1678
1679 if (!verbose) {
1680 print_details(c_ssl, "");
1681 }
0f113f3e 1682 if (print_time) {
617d71bc 1683#ifdef CLOCKS_PER_SEC
0f113f3e
MC		 1684 /*
1685 * "To determine the time in seconds, the value returned by the clock
1686 * function should be divided by the value of the macro
1687 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1688 */
1689 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1690 "Approximate total client time: %6.2f s\n",
1691 (double)s_time / CLOCKS_PER_SEC,
1692 (double)c_time / CLOCKS_PER_SEC);
617d71bc 1693#else
0f113f3e
MC		 1694 BIO_printf(bio_stdout,
1695 "Approximate total server time: %6.2f units\n"
1696 "Approximate total client time: %6.2f units\n",
1697 (double)s_time, (double)c_time);
617d71bc 1698#endif
0f113f3e 1699 }
58964a49 1700
0f113f3e
MC		 1701 SSL_free(s_ssl);
1702 SSL_free(c_ssl);
58964a49 1703
0f113f3e 1704 end:
62adbcee
RS		 1705 SSL_CTX_free(s_ctx);
1706 SSL_CTX_free(c_ctx);
62adbcee
RS		 1707 SSL_CONF_CTX_free(s_cctx);
1708 SSL_CONF_CTX_free(c_cctx);
0f113f3e 1709 sk_OPENSSL_STRING_free(conf_args);
de94222d 1710
ca3a82c3 1711 BIO_free(bio_stdout);
d02b48c6 1712
bc36ee62 1713#ifndef OPENSSL_NO_RSA
0f113f3e 1714 free_tmp_rsa();
46b3bd54 1715#endif
0b13e9f0 1716#ifndef OPENSSL_NO_ENGINE
0f113f3e
MC		 1717 ENGINE_cleanup();
1718#endif
1719 CRYPTO_cleanup_all_ex_data();
1720 ERR_free_strings();
1721 ERR_remove_thread_state(NULL);
1722 EVP_cleanup();
1723 CRYPTO_mem_leaks(bio_err);
ca3a82c3 1724 BIO_free(bio_err);
0f113f3e 1725 EXIT(ret);
0f113f3e 1726}
d02b48c6 1727
563f1503 1728int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
0f113f3e
MC		 1729 clock_t *s_time, clock_t *c_time)
1730{
1731 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1732 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1733 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1734 int ret = 1;
1735
1736 size_t bufsiz = 256; /* small buffer for testing */
1737
1738 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1739 goto err;
1740 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1741 goto err;
1742
1743 s_ssl_bio = BIO_new(BIO_f_ssl());
1744 if (!s_ssl_bio)
1745 goto err;
1746
1747 c_ssl_bio = BIO_new(BIO_f_ssl());
1748 if (!c_ssl_bio)
1749 goto err;
1750
1751 SSL_set_connect_state(c_ssl);
1752 SSL_set_bio(c_ssl, client, client);
1753 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1754
1755 SSL_set_accept_state(s_ssl);
1756 SSL_set_bio(s_ssl, server, server);
1757 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1758
1759 do {
35a1cc90
MC		 1760 /*-
1761 * c_ssl_bio: SSL filter BIO
1762 *
1763 * client: pseudo-I/O for SSL library
1764 *
1765 * client_io: client's SSL communication; usually to be
1766 * relayed over some I/O facility, but in this
1767 * test program, we're the server, too:
1768 *
1769 * server_io: server's SSL communication
1770 *
1771 * server: pseudo-I/O for SSL library
1772 *
1773 * s_ssl_bio: SSL filter BIO
1774 *
1775 * The client and the server each employ a "BIO pair":
1776 * client + client_io, server + server_io.
1777 * BIO pairs are symmetric. A BIO pair behaves similar
1778 * to a non-blocking socketpair (but both endpoints must
1779 * be handled by the same thread).
1780 * [Here we could connect client and server to the ends
1781 * of a single BIO pair, but then this code would be less
1782 * suitable as an example for BIO pairs in general.]
1783 *
1784 * Useful functions for querying the state of BIO pair endpoints:
1785 *
1786 * BIO_ctrl_pending(bio) number of bytes we can read now
1787 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1788 * other side's read attempt
1789 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1790 *
1791 * ..._read_request is never more than ..._write_guarantee;
1792 * it depends on the application which one you should use.
1793 */
0f113f3e
MC		 1794
1795 /*
1796 * We have non-blocking behaviour throughout this test program, but
1797 * can be sure that there is *some* progress in each iteration; so we
1798 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1799 * we just try everything in each iteration
1800 */
1801
1802 {
1803 /* CLIENT */
1804
68b00c23 1805 char cbuf[1024 * 8];
0f113f3e
MC		 1806 int i, r;
1807 clock_t c_clock = clock();
1808
1809 memset(cbuf, 0, sizeof(cbuf));
1810
1811 if (debug)
1812 if (SSL_in_init(c_ssl))
1813 printf("client waiting in SSL_connect - %s\n",
1814 SSL_state_string_long(c_ssl));
1815
1816 if (cw_num > 0) {
1817 /* Write to server. */
1818
1819 if (cw_num > (long)sizeof cbuf)
1820 i = sizeof cbuf;
1821 else
1822 i = (int)cw_num;
1823 r = BIO_write(c_ssl_bio, cbuf, i);
1824 if (r < 0) {
1825 if (!BIO_should_retry(c_ssl_bio)) {
1826 fprintf(stderr, "ERROR in CLIENT\n");
1827 goto err;
1828 }
1829 /*
1830 * BIO_should_retry(...) can just be ignored here. The
1831 * library expects us to call BIO_write with the same
1832 * arguments again, and that's what we will do in the
1833 * next iteration.
1834 */
1835 } else if (r == 0) {
1836 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1837 goto err;
1838 } else {
1839 if (debug)
1840 printf("client wrote %d\n", r);
1841 cw_num -= r;
1842 }
1843 }
1844
1845 if (cr_num > 0) {
1846 /* Read from server. */
1847
1848 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1849 if (r < 0) {
1850 if (!BIO_should_retry(c_ssl_bio)) {
1851 fprintf(stderr, "ERROR in CLIENT\n");
1852 goto err;
1853 }
1854 /*
1855 * Again, "BIO_should_retry" can be ignored.
1856 */
1857 } else if (r == 0) {
1858 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1859 goto err;
1860 } else {
1861 if (debug)
1862 printf("client read %d\n", r);
1863 cr_num -= r;
1864 }
1865 }
1866
1867 /*
1868 * c_time and s_time increments will typically be very small
1869 * (depending on machine speed and clock tick intervals), but
1870 * sampling over a large number of connections should result in
1871 * fairly accurate figures. We cannot guarantee a lot, however
1872 * -- if each connection lasts for exactly one clock tick, it
1873 * will be counted only for the client or only for the server or
1874 * even not at all.
1875 */
1876 *c_time += (clock() - c_clock);
1877 }
1878
1879 {
1880 /* SERVER */
1881
68b00c23 1882 char sbuf[1024 * 8];
0f113f3e
MC		 1883 int i, r;
1884 clock_t s_clock = clock();
1885
1886 memset(sbuf, 0, sizeof(sbuf));
1887
1888 if (debug)
1889 if (SSL_in_init(s_ssl))
1890 printf("server waiting in SSL_accept - %s\n",
1891 SSL_state_string_long(s_ssl));
1892
1893 if (sw_num > 0) {
1894 /* Write to client. */
1895
1896 if (sw_num > (long)sizeof sbuf)
1897 i = sizeof sbuf;
1898 else
1899 i = (int)sw_num;
1900 r = BIO_write(s_ssl_bio, sbuf, i);
1901 if (r < 0) {
1902 if (!BIO_should_retry(s_ssl_bio)) {
1903 fprintf(stderr, "ERROR in SERVER\n");
1904 goto err;
1905 }
1906 /* Ignore "BIO_should_retry". */
1907 } else if (r == 0) {
1908 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1909 goto err;
1910 } else {
1911 if (debug)
1912 printf("server wrote %d\n", r);
1913 sw_num -= r;
1914 }
1915 }
1916
1917 if (sr_num > 0) {
1918 /* Read from client. */
1919
1920 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
1921 if (r < 0) {
1922 if (!BIO_should_retry(s_ssl_bio)) {
1923 fprintf(stderr, "ERROR in SERVER\n");
1924 goto err;
1925 }
1926 /* blah, blah */
1927 } else if (r == 0) {
1928 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1929 goto err;
1930 } else {
1931 if (debug)
1932 printf("server read %d\n", r);
1933 sr_num -= r;
1934 }
1935 }
1936
1937 *s_time += (clock() - s_clock);
1938 }
1939
1940 {
1941 /* "I/O" BETWEEN CLIENT AND SERVER. */
1942
1943 size_t r1, r2;
1944 BIO *io1 = server_io, *io2 = client_io;
1945 /*
1946 * we use the non-copying interface for io1 and the standard
1947 * BIO_write/BIO_read interface for io2
1948 */
1949
1950 static int prev_progress = 1;
1951 int progress = 0;
1952
1953 /* io1 to io2 */
1954 do {
1955 size_t num;
1956 int r;
1957
1958 r1 = BIO_ctrl_pending(io1);
1959 r2 = BIO_ctrl_get_write_guarantee(io2);
1960
1961 num = r1;
1962 if (r2 < num)
1963 num = r2;
1964 if (num) {
1965 char *dataptr;
1966
1967 if (INT_MAX < num) /* yeah, right */
1968 num = INT_MAX;
1969
1970 r = BIO_nread(io1, &dataptr, (int)num);
1971 assert(r > 0);
1972 assert(r <= (int)num);
1973 /*
1974 * possibly r < num (non-contiguous data)
1975 */
1976 num = r;
1977 r = BIO_write(io2, dataptr, (int)num);
1978 if (r != (int)num) { /* can't happen */
1979 fprintf(stderr, "ERROR: BIO_write could not write "
1980 "BIO_ctrl_get_write_guarantee() bytes");
1981 goto err;
1982 }
1983 progress = 1;
1984
1985 if (debug)
1986 printf((io1 == client_io) ?
1987 "C->S relaying: %d bytes\n" :
1988 "S->C relaying: %d bytes\n", (int)num);
1989 }
1990 }
1991 while (r1 && r2);
1992
1993 /* io2 to io1 */
1994 {
1995 size_t num;
1996 int r;
1997
1998 r1 = BIO_ctrl_pending(io2);
1999 r2 = BIO_ctrl_get_read_request(io1);
2000 /*
2001 * here we could use ..._get_write_guarantee instead of
2002 * ..._get_read_request, but by using the latter we test
2003 * restartability of the SSL implementation more thoroughly
2004 */
2005 num = r1;
2006 if (r2 < num)
2007 num = r2;
2008 if (num) {
2009 char *dataptr;
2010
2011 if (INT_MAX < num)
2012 num = INT_MAX;
2013
2014 if (num > 1)
2015 --num; /* test restartability even more thoroughly */
2016
2017 r = BIO_nwrite0(io1, &dataptr);
2018 assert(r > 0);
2019 if (r < (int)num)
2020 num = r;
2021 r = BIO_read(io2, dataptr, (int)num);
2022 if (r != (int)num) { /* can't happen */
2023 fprintf(stderr, "ERROR: BIO_read could not read "
2024 "BIO_ctrl_pending() bytes");
2025 goto err;
2026 }
2027 progress = 1;
2028 r = BIO_nwrite(io1, &dataptr, (int)num);
2029 if (r != (int)num) { /* can't happen */
2030 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2031 "BIO_nwrite0() bytes");
2032 goto err;
2033 }
2034
2035 if (debug)
2036 printf((io2 == client_io) ?
2037 "C->S relaying: %d bytes\n" :
2038 "S->C relaying: %d bytes\n", (int)num);
2039 }
2040 } /* no loop, BIO_ctrl_get_read_request now
2041 * returns 0 anyway */
2042
2043 if (!progress && !prev_progress)
2044 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2045 fprintf(stderr, "ERROR: got stuck\n");
2046 fprintf(stderr, " ERROR.\n");
2047 goto err;
2048 }
2049 prev_progress = progress;
2050 }
2051 }
2052 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2053
2054 if (verbose)
2055 print_details(c_ssl, "DONE via BIO pair: ");
2911575c 2056#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2057 if (verify_npn(c_ssl, s_ssl) < 0) {
2058 ret = 1;
2059 goto end;
2060 }
2061#endif
2062 if (verify_serverinfo() < 0) {
2063 fprintf(stderr, "Server info verify error\n");
2064 ret = 1;
2065 goto err;
2066 }
2067 if (verify_alpn(c_ssl, s_ssl) < 0) {
2068 ret = 1;
2069 goto err;
2070 }
2071
2072 if (custom_ext_error) {
2073 fprintf(stderr, "Custom extension error\n");
2074 ret = 1;
2075 goto err;
2076 }
2077
2078 end:
2079 ret = 0;
95d29597
BM		 2080
2081 err:
0f113f3e
MC		 2082 ERR_print_errors(bio_err);
2083
ca3a82c3
RS		 2084 BIO_free(server);
2085 BIO_free(server_io);
2086 BIO_free(client);
2087 BIO_free(client_io);
2088 BIO_free(s_ssl_bio);
2089 BIO_free(c_ssl_bio);
0f113f3e
MC		 2090
2091 return ret;
2092}
2093
2094#define W_READ 1
2095#define W_WRITE 2
2096#define C_DONE 1
2097#define S_DONE 2
d02b48c6 2098
6b691a5c 2099int doit(SSL *s_ssl, SSL *c_ssl, long count)
0f113f3e
MC		 2100{
2101 char *cbuf = NULL, *sbuf = NULL;
2102 long bufsiz;
2103 long cw_num = count, cr_num = count;
2104 long sw_num = count, sr_num = count;
2105 int ret = 1;
2106 BIO *c_to_s = NULL;
2107 BIO *s_to_c = NULL;
2108 BIO *c_bio = NULL;
2109 BIO *s_bio = NULL;
2110 int c_r, c_w, s_r, s_w;
2111 int i, j;
2112 int done = 0;
2113 int c_write, s_write;
2114 int do_server = 0, do_client = 0;
2115 int max_frag = 5 * 1024;
2116
2117 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2118
b51bce94 2119 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
0f113f3e 2120 goto err;
b51bce94 2121 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
0f113f3e
MC		 2122 goto err;
2123
0f113f3e
MC		 2124 c_to_s = BIO_new(BIO_s_mem());
2125 s_to_c = BIO_new(BIO_s_mem());
2126 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2127 ERR_print_errors(bio_err);
2128 goto err;
2129 }
2130
2131 c_bio = BIO_new(BIO_f_ssl());
2132 s_bio = BIO_new(BIO_f_ssl());
2133 if ((c_bio == NULL) || (s_bio == NULL)) {
2134 ERR_print_errors(bio_err);
2135 goto err;
2136 }
2137
2138 SSL_set_connect_state(c_ssl);
2139 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2140 SSL_set_max_send_fragment(c_ssl, max_frag);
2141 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2142
2143 SSL_set_accept_state(s_ssl);
2144 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2145 SSL_set_max_send_fragment(s_ssl, max_frag);
2146 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2147
2148 c_r = 0;
2149 s_r = 1;
2150 c_w = 1;
2151 s_w = 0;
2152 c_write = 1, s_write = 0;
2153
2154 /* We can always do writes */
2155 for (;;) {
2156 do_server = 0;
2157 do_client = 0;
2158
2159 i = (int)BIO_pending(s_bio);
2160 if ((i && s_r) || s_w)
2161 do_server = 1;
2162
2163 i = (int)BIO_pending(c_bio);
2164 if ((i && c_r) || c_w)
2165 do_client = 1;
2166
2167 if (do_server && debug) {
2168 if (SSL_in_init(s_ssl))
2169 printf("server waiting in SSL_accept - %s\n",
2170 SSL_state_string_long(s_ssl));
3a83462d 2171/*-
35a1cc90
MC		 2172 else if (s_write)
2173 printf("server:SSL_write()\n");
2174 else
2175 printf("server:SSL_read()\n"); */
0f113f3e
MC		 2176 }
2177
2178 if (do_client && debug) {
2179 if (SSL_in_init(c_ssl))
2180 printf("client waiting in SSL_connect - %s\n",
2181 SSL_state_string_long(c_ssl));
3a83462d 2182/*-
35a1cc90
MC		 2183 else if (c_write)
2184 printf("client:SSL_write()\n");
2185 else
2186 printf("client:SSL_read()\n"); */
0f113f3e
MC		 2187 }
2188
2189 if (!do_client && !do_server) {
2190 fprintf(stdout, "ERROR IN STARTUP\n");
2191 ERR_print_errors(bio_err);
ae632974 2192 goto err;
0f113f3e
MC		 2193 }
2194 if (do_client && !(done & C_DONE)) {
2195 if (c_write) {
2196 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2197 i = BIO_write(c_bio, cbuf, j);
2198 if (i < 0) {
2199 c_r = 0;
2200 c_w = 0;
2201 if (BIO_should_retry(c_bio)) {
2202 if (BIO_should_read(c_bio))
2203 c_r = 1;
2204 if (BIO_should_write(c_bio))
2205 c_w = 1;
2206 } else {
2207 fprintf(stderr, "ERROR in CLIENT\n");
2208 ERR_print_errors(bio_err);
2209 goto err;
2210 }
2211 } else if (i == 0) {
2212 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2213 goto err;
2214 } else {
2215 if (debug)
2216 printf("client wrote %d\n", i);
2217 /* ok */
2218 s_r = 1;
2219 c_write = 0;
2220 cw_num -= i;
2221 if (max_frag > 1029)
2222 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2223 }
2224 } else {
2225 i = BIO_read(c_bio, cbuf, bufsiz);
2226 if (i < 0) {
2227 c_r = 0;
2228 c_w = 0;
2229 if (BIO_should_retry(c_bio)) {
2230 if (BIO_should_read(c_bio))
2231 c_r = 1;
2232 if (BIO_should_write(c_bio))
2233 c_w = 1;
2234 } else {
2235 fprintf(stderr, "ERROR in CLIENT\n");
2236 ERR_print_errors(bio_err);
2237 goto err;
2238 }
2239 } else if (i == 0) {
2240 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2241 goto err;
2242 } else {
2243 if (debug)
2244 printf("client read %d\n", i);
2245 cr_num -= i;
2246 if (sw_num > 0) {
2247 s_write = 1;
2248 s_w = 1;
2249 }
2250 if (cr_num <= 0) {
2251 s_write = 1;
2252 s_w = 1;
2253 done = S_DONE | C_DONE;
2254 }
2255 }
2256 }
2257 }
2258
2259 if (do_server && !(done & S_DONE)) {
2260 if (!s_write) {
2261 i = BIO_read(s_bio, sbuf, bufsiz);
2262 if (i < 0) {
2263 s_r = 0;
2264 s_w = 0;
2265 if (BIO_should_retry(s_bio)) {
2266 if (BIO_should_read(s_bio))
2267 s_r = 1;
2268 if (BIO_should_write(s_bio))
2269 s_w = 1;
2270 } else {
2271 fprintf(stderr, "ERROR in SERVER\n");
2272 ERR_print_errors(bio_err);
2273 goto err;
2274 }
2275 } else if (i == 0) {
2276 ERR_print_errors(bio_err);
2277 fprintf(stderr,
2278 "SSL SERVER STARTUP FAILED in SSL_read\n");
2279 goto err;
2280 } else {
2281 if (debug)
2282 printf("server read %d\n", i);
2283 sr_num -= i;
2284 if (cw_num > 0) {
2285 c_write = 1;
2286 c_w = 1;
2287 }
2288 if (sr_num <= 0) {
2289 s_write = 1;
2290 s_w = 1;
2291 c_write = 0;
2292 }
2293 }
2294 } else {
2295 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2296 i = BIO_write(s_bio, sbuf, j);
2297 if (i < 0) {
2298 s_r = 0;
2299 s_w = 0;
2300 if (BIO_should_retry(s_bio)) {
2301 if (BIO_should_read(s_bio))
2302 s_r = 1;
2303 if (BIO_should_write(s_bio))
2304 s_w = 1;
2305 } else {
2306 fprintf(stderr, "ERROR in SERVER\n");
2307 ERR_print_errors(bio_err);
2308 goto err;
2309 }
2310 } else if (i == 0) {
2311 ERR_print_errors(bio_err);
2312 fprintf(stderr,
2313 "SSL SERVER STARTUP FAILED in SSL_write\n");
2314 goto err;
2315 } else {
2316 if (debug)
2317 printf("server wrote %d\n", i);
2318 sw_num -= i;
2319 s_write = 0;
2320 c_r = 1;
2321 if (sw_num <= 0)
2322 done |= S_DONE;
2323 if (max_frag > 1029)
2324 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2325 }
2326 }
2327 }
2328
2329 if ((done & S_DONE) && (done & C_DONE))
2330 break;
2331 }
2332
2333 if (verbose)
2334 print_details(c_ssl, "DONE: ");
2911575c 2335#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2336 if (verify_npn(c_ssl, s_ssl) < 0) {
2337 ret = 1;
2338 goto err;
2339 }
2340#endif
2341 if (verify_serverinfo() < 0) {
2342 fprintf(stderr, "Server info verify error\n");
2343 ret = 1;
2344 goto err;
2345 }
2346 if (custom_ext_error) {
2347 fprintf(stderr, "Custom extension error\n");
2348 ret = 1;
2349 goto err;
2350 }
2351 ret = 0;
2352 err:
2353 /*
2354 * We have to set the BIO's to NULL otherwise they will be
2355 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2356 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2357 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2358 * SSL_free() automatically BIO_free non NULL entries. You should not
2359 * normally do this or be required to do this
2360 */
2361 if (s_ssl != NULL) {
2362 s_ssl->rbio = NULL;
2363 s_ssl->wbio = NULL;
2364 }
2365 if (c_ssl != NULL) {
2366 c_ssl->rbio = NULL;
2367 c_ssl->wbio = NULL;
2368 }
2369
ca3a82c3
RS		 2370 BIO_free(c_to_s);
2371 BIO_free(s_to_c);
2372 BIO_free_all(c_bio);
2373 BIO_free_all(s_bio);
b548a1f1
RS		 2374 OPENSSL_free(cbuf);
2375 OPENSSL_free(sbuf);
0f113f3e
MC		 2376
2377 return (ret);
2378}
d02b48c6 2379
a7201e9a 2380static int get_proxy_auth_ex_data_idx(void)
0f113f3e
MC		 2381{
2382 static volatile int idx = -1;
2383 if (idx < 0) {
2384 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2385 if (idx < 0) {
2386 idx = X509_STORE_CTX_get_ex_new_index(0,
2387 "SSLtest for verify callback",
2388 NULL, NULL, NULL);
2389 }
2390 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2391 }
2392 return idx;
2393}
a7201e9a 2394
6d23cf97 2395static int verify_callback(int ok, X509_STORE_CTX *ctx)
0f113f3e
MC		 2396{
2397 char *s, buf[256];
2398
2399 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2400 sizeof buf);
2401 if (s != NULL) {
2402 if (ok)
3dca57f8 2403 printf("depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2404 else {
2405 fprintf(stderr, "depth=%d error=%d %s\n",
2406 ctx->error_depth, ctx->error, buf);
2407 }
2408 }
2409
2410 if (ok == 0) {
0f113f3e 2411 switch (ctx->error) {
3dca57f8
RS		 2412 default:
2413 fprintf(stderr, "Error string: %s\n",
2414 X509_verify_cert_error_string(ctx->error));
2415 break;
0f113f3e
MC		 2416 case X509_V_ERR_CERT_NOT_YET_VALID:
2417 case X509_V_ERR_CERT_HAS_EXPIRED:
2418 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
0f113f3e
MC		 2419 ok = 1;
2420 }
2421 }
2422
2423 if (ok == 1) {
2424 X509 *xs = ctx->current_cert;
a8d8e06b 2425 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
0f113f3e
MC		 2426 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2427 get_proxy_auth_ex_data_idx
2428 ());
2429
2430 if (letters) {
2431 int found_any = 0;
2432 int i;
2433 PROXY_CERT_INFO_EXTENSION *pci =
2434 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2435 NULL, NULL);
2436
2437 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2438 case NID_Independent:
2439 /*
2440 * Completely meaningless in this program, as there's no
2441 * way to grant explicit rights to a specific PrC.
2442 * Basically, using id-ppl-Independent is the perfect way
2443 * to grant no rights at all.
2444 */
2445 fprintf(stderr, " Independent proxy certificate");
2446 for (i = 0; i < 26; i++)
2447 letters[i] = 0;
2448 break;
2449 case NID_id_ppl_inheritAll:
2450 /*
2451 * This is basically a NOP, we simply let the current
2452 * rights stand as they are.
2453 */
2454 fprintf(stderr, " Proxy certificate inherits all");
2455 break;
2456 default:
2457 s = (char *)
2458 pci->proxyPolicy->policy->data;
2459 i = pci->proxyPolicy->policy->length;
2460
2461 /*
2462 * The algorithm works as follows: it is assumed that
2463 * previous iterations or the initial granted rights has
2464 * already set some elements of `letters'. What we need
2465 * to do is to clear those that weren't granted by the
2466 * current PrC as well. The easiest way to do this is to
2467 * add 1 to all the elements whose letters are given with
2468 * the current policy. That way, all elements that are
2469 * set by the current policy and were already set by
2470 * earlier policies and through the original grant of
2471 * rights will get the value 2 or higher. The last thing
2472 * to do is to sweep through `letters' and keep the
2473 * elements having the value 2 as set, and clear all the
2474 * others.
2475 */
2476
3dca57f8 2477 printf(" Certificate proxy rights = %*.*s", i,
0f113f3e
MC		 2478 i, s);
2479 while (i-- > 0) {
2480 int c = *s++;
2481 if (isascii(c) && isalpha(c)) {
2482 if (islower(c))
2483 c = toupper(c);
2484 letters[c - 'A']++;
2485 }
2486 }
2487 for (i = 0; i < 26; i++)
2488 if (letters[i] < 2)
2489 letters[i] = 0;
2490 else
2491 letters[i] = 1;
2492 }
2493
2494 found_any = 0;
3dca57f8 2495 printf(", resulting proxy rights = ");
0f113f3e
MC		 2496 for (i = 0; i < 26; i++)
2497 if (letters[i]) {
3dca57f8 2498 printf("%c", i + 'A');
0f113f3e
MC		 2499 found_any = 1;
2500 }
2501 if (!found_any)
3dca57f8
RS		 2502 printf("none");
2503 printf("\n");
0f113f3e
MC		 2504
2505 PROXY_CERT_INFO_EXTENSION_free(pci);
2506 }
2507 }
2508 }
2509
2510 return (ok);
2511}
d02b48c6 2512
a7201e9a 2513static void process_proxy_debug(int indent, const char *format, ...)
0f113f3e
MC		 2514{
2515 /* That's 80 > */
2516 static const char indentation[] =
2517 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2518 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2519 char my_format[256];
2520 va_list args;
2521
2522 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2523 indent, indent, indentation, format);
2524
2525 va_start(args, format);
2526 vfprintf(stderr, my_format, args);
2527 va_end(args);
2528}
2529
1d97c843
TH		 2530/*-
2531 * Priority levels:
0f113f3e
MC		 2532 * 0 [!]var, ()
2533 * 1 & ^
2534 * 2 |
1d97c843 2535 */
a7201e9a 2536static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2537 const char *cond, const char **cond_end,
2538 int *pos, int indent);
2539static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2540 const char **cond_end, int *pos, int indent)
2541{
2542 int c;
2543 int ok = 1;
2544 int negate = 0;
2545
2546 while (isspace((int)*cond)) {
2547 cond++;
2548 (*pos)++;
2549 }
2550 c = *cond;
2551
2552 if (debug)
2553 process_proxy_debug(indent,
2554 "Start process_proxy_cond_val at position %d: %s\n",
2555 *pos, cond);
2556
2557 while (c == '!') {
2558 negate = !negate;
2559 cond++;
2560 (*pos)++;
2561 while (isspace((int)*cond)) {
2562 cond++;
2563 (*pos)++;
2564 }
2565 c = *cond;
2566 }
2567
2568 if (c == '(') {
2569 cond++;
2570 (*pos)++;
2571 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2572 indent + 1);
2573 cond = *cond_end;
2574 if (ok < 0)
2575 goto end;
2576 while (isspace((int)*cond)) {
2577 cond++;
2578 (*pos)++;
2579 }
2580 c = *cond;
2581 if (c != ')') {
2582 fprintf(stderr,
2583 "Weird condition character in position %d: "
2584 "%c\n", *pos, c);
2585 ok = -1;
2586 goto end;
2587 }
2588 cond++;
2589 (*pos)++;
2590 } else if (isascii(c) && isalpha(c)) {
2591 if (islower(c))
2592 c = toupper(c);
2593 ok = letters[c - 'A'];
2594 cond++;
2595 (*pos)++;
2596 } else {
2597 fprintf(stderr,
2598 "Weird condition character in position %d: " "%c\n", *pos, c);
2599 ok = -1;
2600 goto end;
2601 }
a7201e9a 2602 end:
0f113f3e
MC		 2603 *cond_end = cond;
2604 if (ok >= 0 && negate)
2605 ok = !ok;
a7201e9a 2606
0f113f3e
MC		 2607 if (debug)
2608 process_proxy_debug(indent,
2609 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2610 *pos, cond, ok);
2611
2612 return ok;
2613}
a7201e9a 2614
a7201e9a 2615static int process_proxy_cond_multipliers(unsigned int letters[26],
0f113f3e
MC		 2616 const char *cond,
2617 const char **cond_end, int *pos,
2618 int indent)
2619{
2620 int ok;
2621 char c;
2622
2623 if (debug)
2624 process_proxy_debug(indent,
2625 "Start process_proxy_cond_multipliers at position %d: %s\n",
2626 *pos, cond);
2627
2628 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2629 cond = *cond_end;
2630 if (ok < 0)
2631 goto end;
2632
2633 while (ok >= 0) {
2634 while (isspace((int)*cond)) {
2635 cond++;
2636 (*pos)++;
2637 }
2638 c = *cond;
2639
2640 switch (c) {
2641 case '&':
2642 case '^':
2643 {
2644 int save_ok = ok;
2645
2646 cond++;
2647 (*pos)++;
2648 ok = process_proxy_cond_val(letters,
2649 cond, cond_end, pos, indent + 1);
2650 cond = *cond_end;
2651 if (ok < 0)
2652 break;
2653
2654 switch (c) {
2655 case '&':
2656 ok &= save_ok;
2657 break;
2658 case '^':
2659 ok ^= save_ok;
2660 break;
2661 default:
2662 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2663 " STOPPING\n");
2664 EXIT(1);
2665 }
2666 }
2667 break;
2668 default:
2669 goto end;
2670 }
2671 }
a7201e9a 2672 end:
0f113f3e
MC		 2673 if (debug)
2674 process_proxy_debug(indent,
2675 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2676 *pos, cond, ok);
2677
2678 *cond_end = cond;
2679 return ok;
2680}
2681
a7201e9a 2682static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2683 const char *cond, const char **cond_end,
2684 int *pos, int indent)
2685{
2686 int ok;
2687 char c;
2688
2689 if (debug)
2690 process_proxy_debug(indent,
2691 "Start process_proxy_cond_adders at position %d: %s\n",
2692 *pos, cond);
2693
2694 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2695 indent + 1);
2696 cond = *cond_end;
2697 if (ok < 0)
2698 goto end;
2699
2700 while (ok >= 0) {
2701 while (isspace((int)*cond)) {
2702 cond++;
2703 (*pos)++;
2704 }
2705 c = *cond;
2706
2707 switch (c) {
2708 case '|':
2709 {
2710 int save_ok = ok;
2711
2712 cond++;
2713 (*pos)++;
2714 ok = process_proxy_cond_multipliers(letters,
2715 cond, cond_end, pos,
2716 indent + 1);
2717 cond = *cond_end;
2718 if (ok < 0)
2719 break;
2720
2721 switch (c) {
2722 case '|':
2723 ok |= save_ok;
2724 break;
2725 default:
2726 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2727 " STOPPING\n");
2728 EXIT(1);
2729 }
2730 }
2731 break;
2732 default:
2733 goto end;
2734 }
2735 }
a7201e9a 2736 end:
0f113f3e
MC		 2737 if (debug)
2738 process_proxy_debug(indent,
2739 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2740 *pos, cond, ok);
a7201e9a 2741
0f113f3e
MC		 2742 *cond_end = cond;
2743 return ok;
2744}
a7201e9a
RL		 2745
2746static int process_proxy_cond(unsigned int letters[26],
0f113f3e
MC		 2747 const char *cond, const char **cond_end)
2748{
2749 int pos = 1;
2750 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2751}
a7201e9a 2752
6d23cf97 2753static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
0f113f3e
MC		 2754{
2755 int ok = 1;
2756 struct app_verify_arg *cb_arg = arg;
2757 unsigned int letters[26]; /* only used with proxy_auth */
2758
2759 if (cb_arg->app_verify) {
2760 char *s = NULL, buf[256];
2761
3dca57f8
RS		 2762 printf("In app_verify_callback, allowing cert. ");
2763 printf("Arg is: %s\n", cb_arg->string);
2764 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
0f113f3e
MC		 2765 (void *)ctx, (void *)ctx->cert);
2766 if (ctx->cert)
2767 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
2768 if (s != NULL) {
3dca57f8 2769 printf("cert depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2770 }
2771 return (1);
2772 }
2773 if (cb_arg->proxy_auth) {
2774 int found_any = 0, i;
2775 char *sp;
2776
2777 for (i = 0; i < 26; i++)
2778 letters[i] = 0;
2779 for (sp = cb_arg->proxy_auth; *sp; sp++) {
2780 int c = *sp;
2781 if (isascii(c) && isalpha(c)) {
2782 if (islower(c))
2783 c = toupper(c);
2784 letters[c - 'A'] = 1;
2785 }
2786 }
2787
3dca57f8 2788 printf(" Initial proxy rights = ");
0f113f3e
MC		 2789 for (i = 0; i < 26; i++)
2790 if (letters[i]) {
3dca57f8 2791 printf("%c", i + 'A');
0f113f3e
MC		 2792 found_any = 1;
2793 }
2794 if (!found_any)
3dca57f8
RS		 2795 printf("none");
2796 printf("\n");
0f113f3e
MC		 2797
2798 X509_STORE_CTX_set_ex_data(ctx,
2799 get_proxy_auth_ex_data_idx(), letters);
2800 }
2801 if (cb_arg->allow_proxy_certs) {
2802 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2803 }
0f113f3e 2804 ok = X509_verify_cert(ctx);
0f113f3e
MC		 2805
2806 if (cb_arg->proxy_auth) {
2807 if (ok > 0) {
2808 const char *cond_end = NULL;
2809
2810 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
2811
2812 if (ok < 0)
2813 EXIT(3);
2814 if (*cond_end) {
2815 fprintf(stderr,
2816 "Stopped processing condition before it's end.\n");
2817 ok = 0;
2818 }
2819 if (!ok)
2820 fprintf(stderr,
3dca57f8 2821 "Proxy rights check with condition '%s' invalid\n",
0f113f3e
MC		 2822 cb_arg->proxy_cond);
2823 else
3dca57f8 2824 printf("Proxy rights check with condition '%s' ok\n",
0f113f3e
MC		 2825 cb_arg->proxy_cond);
2826 }
2827 }
2828 return (ok);
2829}
023ec151 2830
bc36ee62 2831#ifndef OPENSSL_NO_RSA
0f113f3e 2832static RSA *rsa_tmp = NULL;
46b3bd54 2833
6d23cf97 2834static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
0f113f3e
MC		 2835{
2836 BIGNUM *bn = NULL;
2837 if (rsa_tmp == NULL) {
2838 bn = BN_new();
2839 rsa_tmp = RSA_new();
2840 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
2841 BIO_printf(bio_err, "Memory error...");
2842 goto end;
2843 }
3dca57f8 2844 printf("Generating temp (%d bit) RSA key...", keylength);
0f113f3e
MC		 2845 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2846 BIO_printf(bio_err, "Error generating key.");
2847 RSA_free(rsa_tmp);
2848 rsa_tmp = NULL;
2849 }
2850 end:
3dca57f8 2851 printf("\n");
0f113f3e 2852 }
23a1d5e9 2853 BN_free(bn);
0f113f3e
MC		 2854 return (rsa_tmp);
2855}
46b3bd54
BM		 2856
2857static void free_tmp_rsa(void)
0f113f3e 2858{
d6407083
RS		 2859 RSA_free(rsa_tmp);
2860 rsa_tmp = NULL;
0f113f3e 2861}
79df9d62 2862#endif
53002dc6 2863
bc36ee62 2864#ifndef OPENSSL_NO_DH
1d97c843
TH		 2865/*-
2866 * These DH parameters have been generated as follows:
e4589582
BM		 2867 * $ openssl dhparam -C -noout 512
2868 * $ openssl dhparam -C -noout 1024
2869 * $ openssl dhparam -C -noout -dsaparam 1024
2870 * (The third function has been renamed to avoid name conflicts.)
2871 */
f3f316f1 2872static DH *get_dh512()
0f113f3e
MC		 2873{
2874 static unsigned char dh512_p[] = {
2875 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2876 0xC6,
2877 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2878 0xB0,
2879 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2880 0x5F,
2881 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2882 0xB8,
2883 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2884 0x33,
2885 0x02, 0xC5, 0xAE, 0x23,
2886 };
2887 static unsigned char dh512_g[] = {
2888 0x02,
2889 };
2890 DH *dh;
2891
2892 if ((dh = DH_new()) == NULL)
2893 return (NULL);
2894 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2895 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2896 if ((dh->p == NULL) || (dh->g == NULL)) {
2897 DH_free(dh);
2898 return (NULL);
2899 }
2900 return (dh);
2901}
e4589582 2902
f3f316f1 2903static DH *get_dh1024()
0f113f3e
MC		 2904{
2905 static unsigned char dh1024_p[] = {
2906 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
2907 0x3A,
2908 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
2909 0xA2,
2910 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
2911 0xB0,
2912 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
2913 0xC2,
2914 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
2915 0x8C,
2916 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
2917 0xB8,
2918 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
2919 0x52,
2920 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
2921 0xC1,
2922 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
2923 0xB1,
2924 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
2925 0xAB,
2926 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
2927 };
2928 static unsigned char dh1024_g[] = {
2929 0x02,
2930 };
2931 DH *dh;
2932
2933 if ((dh = DH_new()) == NULL)
2934 return (NULL);
2935 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2936 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2937 if ((dh->p == NULL) || (dh->g == NULL)) {
2938 DH_free(dh);
2939 return (NULL);
2940 }
2941 return (dh);
2942}
53002dc6 2943
f3f316f1 2944static DH *get_dh1024dsa()
0f113f3e
MC		 2945{
2946 static unsigned char dh1024_p[] = {
2947 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
2948 0x00,
2949 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
2950 0x19,
2951 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
2952 0xD2,
2953 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
2954 0x55,
2955 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
2956 0xFC,
2957 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
2958 0x97,
2959 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
2960 0x8D,
2961 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
2962 0xBB,
2963 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
2964 0xF6,
2965 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
2966 0x9E,
2967 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
2968 };
2969 static unsigned char dh1024_g[] = {
2970 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
2971 0x05,
2972 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
2973 0xF3,
2974 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
2975 0xE9,
2976 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
2977 0x3C,
2978 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
2979 0x65,
2980 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
2981 0x60,
2982 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
2983 0xF6,
2984 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
2985 0xA7,
2986 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
2987 0xA1,
2988 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
2989 0x60,
2990 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
2991 };
2992 DH *dh;
2993
2994 if ((dh = DH_new()) == NULL)
2995 return (NULL);
2996 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2997 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2998 if ((dh->p == NULL) || (dh->g == NULL)) {
2999 DH_free(dh);
3000 return (NULL);
3001 }
3002 dh->length = 160;
3003 return (dh);
3004}
f71165b5 3005#endif
6e119bb0 3006
ddac1974
NL		 3007#ifndef OPENSSL_NO_PSK
3008/* convert the PSK key (psk_key) in ascii to binary (psk) */
3009static int psk_key2bn(const char *pskkey, unsigned char *psk,
0f113f3e
MC		 3010 unsigned int max_psk_len)
3011{
3012 int ret;
3013 BIGNUM *bn = NULL;
3014
3015 ret = BN_hex2bn(&bn, pskkey);
3016 if (!ret) {
3017 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3018 pskkey);
23a1d5e9 3019 BN_free(bn);
0f113f3e
MC		 3020 return 0;
3021 }
3022 if (BN_num_bytes(bn) > (int)max_psk_len) {
3023 BIO_printf(bio_err,
3024 "psk buffer of callback is too small (%d) for key (%d)\n",
3025 max_psk_len, BN_num_bytes(bn));
3026 BN_free(bn);
3027 return 0;
3028 }
3029 ret = BN_bn2bin(bn, psk);
3030 BN_free(bn);
3031 return ret;
3032}
3033
3034static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3035 char *identity,
3036 unsigned int max_identity_len,
3037 unsigned char *psk,
3038 unsigned int max_psk_len)
3039{
3040 int ret;
3041 unsigned int psk_len = 0;
3042
3043 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3044 if (ret < 0)
3045 goto out_err;
3046 if (debug)
3047 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3048 ret);
3049 ret = psk_key2bn(psk_key, psk, max_psk_len);
3050 if (ret < 0)
3051 goto out_err;
3052 psk_len = ret;
3053 out_err:
3054 return psk_len;
3055}
ddac1974
NL		 3056
3057static unsigned int psk_server_callback(SSL *ssl, const char *identity,
0f113f3e
MC		 3058 unsigned char *psk,
3059 unsigned int max_psk_len)
3060{
3061 unsigned int psk_len = 0;
ddac1974 3062
0f113f3e
MC		 3063 if (strcmp(identity, "Client_identity") != 0) {
3064 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3065 return 0;
3066 }
3067 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3068 return psk_len;
3069}
ddac1974
NL		 3070#endif
3071
6e119bb0 3072static int do_test_cipherlist(void)
0f113f3e
MC		 3073{
3074 int i = 0;
3075 const SSL_METHOD *meth;
3076 const SSL_CIPHER *ci, *tci = NULL;
6e119bb0 3077
00fe865d 3078#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 3079 meth = SSLv3_method();
3080 tci = NULL;
3081 while ((ci = meth->get_cipher(i++)) != NULL) {
3082 if (tci != NULL)
3083 if (ci->id >= tci->id) {
3dca57f8 3084 fprintf(stderr, "testing SSLv3 cipher list order: ");
0f113f3e
MC		 3085 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3086 return 0;
3087 }
3088 tci = ci;
3089 }
00fe865d 3090#endif
0f113f3e
MC		 3091 meth = TLSv1_method();
3092 tci = NULL;
3093 while ((ci = meth->get_cipher(i++)) != NULL) {
3094 if (tci != NULL)
3095 if (ci->id >= tci->id) {
3dca57f8 3096 fprintf(stderr, "testing TLSv1 cipher list order: ");
0f113f3e
MC		 3097 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3098 return 0;
3099 }
3100 tci = ci;
3101 }
0f113f3e
MC		 3102
3103 return 1;
3104}
A mirror of the official openssl repository