]> git.ipfire.org Git - thirdparty/openssl.git/blame - test/ssltest.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix ssltest to use 1024-bit DHE parameters
[thirdparty/openssl.git] / test / ssltest.c
CommitLineData
d02b48c6 1/* ssl/ssltest.c */
58964a49 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6
RE		 3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
0f113f3e 8 *
d02b48c6
RE		 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e 15 *
d02b48c6
RE		 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
0f113f3e 22 *
d02b48c6
RE		 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
0f113f3e 37 * 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6
RE		 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e 40 *
d02b48c6
RE		 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
0f113f3e 52 *
d02b48c6
RE		 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
3ac82faa
BM		 58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
0f113f3e 66 * notice, this list of conditions and the following disclaimer.
3ac82faa
BM		 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
ea262260
BM		 111/* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
0f113f3e 113 * ECC cipher suite support in OpenSSL originally developed by
ea262260
BM		 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
ddac1974
NL		 116/* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
d02b48c6 142
dbd87ffc
MC		 143/* Or gethostname won't be declared properly on Linux and GNU platforms. */
144#define _BSD_SOURCE 1
37289744 145
6f7af152
BM		 146#include <assert.h>
147#include <errno.h>
148#include <limits.h>
d02b48c6
RE		 149#include <stdio.h>
150#include <stdlib.h>
151#include <string.h>
563f1503 152#include <time.h>
17e3dd1c 153
e7a28569 154#define USE_SOCKETS
41d2a336 155#include "e_os.h"
17e3dd1c 156
bc120a54 157#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 158/*
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
160 */
161# define _XOPEN_SOURCE 500
bc120a54
DSH		 162#endif
163
a963395a
RL		 164#include <ctype.h>
165
ec577822
BM		 166#include <openssl/bio.h>
167#include <openssl/crypto.h>
563f1503 168#include <openssl/evp.h>
ec577822 169#include <openssl/x509.h>
a7201e9a 170#include <openssl/x509v3.h>
ec577822 171#include <openssl/ssl.h>
0b13e9f0 172#ifndef OPENSSL_NO_ENGINE
0f113f3e 173# include <openssl/engine.h>
0b13e9f0 174#endif
ec577822 175#include <openssl/err.h>
b9d82f47 176#include <openssl/rand.h>
3eeaab4b 177#ifndef OPENSSL_NO_RSA
0f113f3e 178# include <openssl/rsa.h>
3eeaab4b
NL		 179#endif
180#ifndef OPENSSL_NO_DSA
0f113f3e 181# include <openssl/dsa.h>
3eeaab4b
NL		 182#endif
183#ifndef OPENSSL_NO_DH
0f113f3e 184# include <openssl/dh.h>
3eeaab4b 185#endif
edc032b5 186#ifndef OPENSSL_NO_SRP
0f113f3e 187# include <openssl/srp.h>
edc032b5 188#endif
d095b68d 189#include <openssl/bn.h>
09867a47 190
b6ba4014
MC		 191#include "../ssl/ssl_locl.h"
192
dbd87ffc
MC		 193/*
194 * Or gethostname won't be declared properly
195 * on Compaq platforms (at least with DEC C).
196 * Do not try to put it earlier, or IPv6 includes
197 * get screwed...
0f113f3e
MC		 198 */
199#define _XOPEN_SOURCE_EXTENDED 1
09867a47 200
bc36ee62 201#ifdef OPENSSL_SYS_WINDOWS
0f113f3e 202# include <winsock.h>
37289744 203#else
0f113f3e 204# include OPENSSL_UNISTD
d02b48c6
RE		 205#endif
206
bc36ee62 207#ifdef OPENSSL_SYS_VMS
0f113f3e
MC		 208# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
209# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
0bf23d9b 210#elif defined(OPENSSL_SYS_WINCE)
0f113f3e
MC		 211# define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
212# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
4d8743f4 213#elif defined(OPENSSL_SYS_NETWARE)
0f113f3e
MC		 214# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
215# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
7d7d2cbc 216#else
0f113f3e
MC		 217# define TEST_SERVER_CERT "../apps/server.pem"
218# define TEST_CLIENT_CERT "../apps/client.pem"
7d7d2cbc 219#endif
d02b48c6 220
0f113f3e 221/*
45ddce21
RS		 222 * There is really no standard for this, so let's assign something
223 * only for this test
0f113f3e 224 */
0f113f3e 225#define COMP_ZLIB 1
23f80f46 226
6d23cf97 227static int verify_callback(int ok, X509_STORE_CTX *ctx);
bc36ee62 228#ifndef OPENSSL_NO_RSA
0f113f3e 229static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
46b3bd54 230static void free_tmp_rsa(void);
79df9d62 231#endif
6d23cf97 232static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
a7201e9a 233#define APP_CALLBACK_STRING "Test Callback Argument"
0f113f3e
MC		 234struct app_verify_arg {
235 char *string;
236 int app_verify;
237 int allow_proxy_certs;
238 char *proxy_auth;
239 char *proxy_cond;
240};
023ec151 241
bc36ee62 242#ifndef OPENSSL_NO_DH
d02b48c6 243static DH *get_dh512(void);
e4589582
BM		 244static DH *get_dh1024(void);
245static DH *get_dh1024dsa(void);
53002dc6
BM		 246#endif
247
0f113f3e 248static char *psk_key = NULL; /* by default PSK is not used */
ddac1974 249#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 250static unsigned int psk_client_callback(SSL *ssl, const char *hint,
251 char *identity,
252 unsigned int max_identity_len,
253 unsigned char *psk,
254 unsigned int max_psk_len);
255static unsigned int psk_server_callback(SSL *ssl, const char *identity,
256 unsigned char *psk,
257 unsigned int max_psk_len);
ddac1974
NL		 258#endif
259
edc032b5
BL		 260#ifndef OPENSSL_NO_SRP
261/* SRP client */
262/* This is a context that we pass to all callbacks */
0f113f3e
MC		 263typedef struct srp_client_arg_st {
264 char *srppassin;
265 char *srplogin;
266} SRP_CLIENT_ARG;
edc032b5 267
0f113f3e 268# define PWD_STRLEN 1024
edc032b5 269
0f113f3e
MC		 270static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
271{
272 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
273 return BUF_strdup((char *)srp_client_arg->srppassin);
274}
edc032b5 275
edc032b5
BL		 276/* SRP server */
277/* This is a context that we pass to SRP server callbacks */
0f113f3e
MC		 278typedef struct srp_server_arg_st {
279 char *expected_user;
280 char *pass;
281} SRP_SERVER_ARG;
edc032b5 282
6d23cf97 283static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
0f113f3e
MC		 284{
285 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
286
287 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
288 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
289 return SSL3_AL_FATAL;
290 }
291 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
292 *ad = SSL_AD_INTERNAL_ERROR;
293 return SSL3_AL_FATAL;
294 }
295 return SSL_ERROR_NONE;
296}
297#endif
298
299static BIO *bio_err = NULL;
300static BIO *bio_stdout = NULL;
d02b48c6 301
2911575c 302#ifndef OPENSSL_NO_NEXTPROTONEG
d9a268b9
BL		 303/* Note that this code assumes that this is only a one element list: */
304static const char NEXT_PROTO_STRING[] = "\x09testproto";
305int npn_client = 0;
306int npn_server = 0;
307int npn_server_reject = 0;
308
0f113f3e
MC		 309static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
310 const unsigned char *in, unsigned int inlen,
311 void *arg)
312{
313 /*
314 * This callback only returns the protocol string, rather than a length
315 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
316 * and remove the first byte to chop off the length prefix.
317 */
318 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
319 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
320 return SSL_TLSEXT_ERR_OK;
321}
322
323static int cb_server_npn(SSL *s, const unsigned char **data,
324 unsigned int *len, void *arg)
325{
326 *data = (const unsigned char *)NEXT_PROTO_STRING;
327 *len = sizeof(NEXT_PROTO_STRING) - 1;
328 return SSL_TLSEXT_ERR_OK;
329}
330
331static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
332 unsigned int *len, void *arg)
333{
334 return SSL_TLSEXT_ERR_NOACK;
335}
d9a268b9
BL		 336
337static int verify_npn(SSL *client, SSL *server)
0f113f3e
MC		 338{
339 const unsigned char *client_s;
340 unsigned client_len;
341 const unsigned char *server_s;
342 unsigned server_len;
343
344 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
345 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
346
347 if (client_len) {
348 BIO_printf(bio_stdout, "Client NPN: ");
349 BIO_write(bio_stdout, client_s, client_len);
350 BIO_printf(bio_stdout, "\n");
351 }
352
353 if (server_len) {
354 BIO_printf(bio_stdout, "Server NPN: ");
355 BIO_write(bio_stdout, server_s, server_len);
356 BIO_printf(bio_stdout, "\n");
357 }
358
359 /*
360 * If an NPN string was returned, it must be the protocol that we
361 * expected to negotiate.
362 */
363 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
364 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
365 return -1;
366 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
367 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
368 return -1;
369
370 if (!npn_client && client_len)
371 return -1;
372 if (!npn_server && server_len)
373 return -1;
374 if (npn_server_reject && server_len)
375 return -1;
376 if (npn_client && npn_server && (!client_len || !server_len))
377 return -1;
378
379 return 0;
380}
d9a268b9
BL		 381#endif
382
a8989362
AL		 383static const char *alpn_client;
384static const char *alpn_server;
385static const char *alpn_expected;
386static unsigned char *alpn_selected;
387
3a83462d
MC		 388/*-
389 * next_protos_parse parses a comma separated list of strings into a string
a8989362
AL		 390 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
391 * outlen: (output) set to the length of the resulting buffer on success.
392 * err: (maybe NULL) on failure, an error message line is written to this BIO.
4eadd11c 393 * in: a NUL terminated string like "abc,def,ghi"
a8989362
AL		 394 *
395 * returns: a malloced buffer or NULL on failure.
396 */
0f113f3e
MC		 397static unsigned char *next_protos_parse(unsigned short *outlen,
398 const char *in)
399{
400 size_t len;
401 unsigned char *out;
402 size_t i, start = 0;
403
404 len = strlen(in);
405 if (len >= 65535)
406 return NULL;
407
408 out = OPENSSL_malloc(strlen(in) + 1);
409 if (!out)
410 return NULL;
411
412 for (i = 0; i <= len; ++i) {
413 if (i == len || in[i] == ',') {
414 if (i - start > 255) {
415 OPENSSL_free(out);
416 return NULL;
417 }
418 out[start] = i - start;
419 start = i + 1;
420 } else
421 out[i + 1] = in[i];
422 }
423
424 *outlen = len + 1;
425 return out;
426}
427
428static int cb_server_alpn(SSL *s, const unsigned char **out,
429 unsigned char *outlen, const unsigned char *in,
430 unsigned int inlen, void *arg)
431{
432 unsigned char *protos;
433 unsigned short protos_len;
434
435 protos = next_protos_parse(&protos_len, alpn_server);
436 if (protos == NULL) {
437 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
438 alpn_server);
439 abort();
440 }
441
442 if (SSL_select_next_proto
443 ((unsigned char **)out, outlen, protos, protos_len, in,
444 inlen) != OPENSSL_NPN_NEGOTIATED) {
445 OPENSSL_free(protos);
446 return SSL_TLSEXT_ERR_NOACK;
447 }
448
449 /*
450 * Make a copy of the selected protocol which will be freed in
451 * verify_alpn.
452 */
453 alpn_selected = OPENSSL_malloc(*outlen);
454 memcpy(alpn_selected, *out, *outlen);
455 *out = alpn_selected;
456
457 OPENSSL_free(protos);
458 return SSL_TLSEXT_ERR_OK;
459}
a8989362
AL		 460
461static int verify_alpn(SSL *client, SSL *server)
0f113f3e
MC		 462{
463 const unsigned char *client_proto, *server_proto;
464 unsigned int client_proto_len = 0, server_proto_len = 0;
465 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
466 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
467
b548a1f1
RS		 468 OPENSSL_free(alpn_selected);
469 alpn_selected = NULL;
0f113f3e
MC		 470
471 if (client_proto_len != server_proto_len ||
472 memcmp(client_proto, server_proto, client_proto_len) != 0) {
473 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
474 goto err;
475 }
476
477 if (client_proto_len > 0 && alpn_expected == NULL) {
478 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
479 goto err;
480 }
481
482 if (alpn_expected != NULL &&
483 (client_proto_len != strlen(alpn_expected) ||
484 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
485 BIO_printf(bio_stdout,
486 "ALPN selected protocols not equal to expected protocol: %s\n",
487 alpn_expected);
488 goto err;
489 }
490
491 return 0;
492
493 err:
494 BIO_printf(bio_stdout, "ALPN results: client: '");
495 BIO_write(bio_stdout, client_proto, client_proto_len);
496 BIO_printf(bio_stdout, "', server: '");
497 BIO_write(bio_stdout, server_proto, server_proto_len);
498 BIO_printf(bio_stdout, "'\n");
499 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
500 alpn_client, alpn_server);
501 return -1;
502}
a8989362 503
a398f821 504#define SCT_EXT_TYPE 18
9cd50f73 505
0f113f3e
MC		 506/*
507 * WARNING : below extension types are *NOT* IETF assigned, and could
508 * conflict if these types are reassigned and handled specially by OpenSSL
509 * in the future
510 */
a398f821 511#define TACK_EXT_TYPE 62208
9cd50f73
T		 512#define CUSTOM_EXT_TYPE_0 1000
513#define CUSTOM_EXT_TYPE_1 1001
514#define CUSTOM_EXT_TYPE_2 1002
515#define CUSTOM_EXT_TYPE_3 1003
516
517const char custom_ext_cli_string[] = "abc";
518const char custom_ext_srv_string[] = "defg";
a398f821
T		 519
520/* These set from cmdline */
0f113f3e 521char *serverinfo_file = NULL;
a398f821
T		 522int serverinfo_sct = 0;
523int serverinfo_tack = 0;
9cd50f73
T		 524
525/* These set based on extension callbacks */
a398f821
T		 526int serverinfo_sct_seen = 0;
527int serverinfo_tack_seen = 0;
528int serverinfo_other_seen = 0;
529
9cd50f73
T		 530/* This set from cmdline */
531int custom_ext = 0;
532
533/* This set based on extension callbacks */
534int custom_ext_error = 0;
535
0cfefe4b 536static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 537 const unsigned char *in, size_t inlen,
538 int *al, void *arg)
539{
540 if (ext_type == SCT_EXT_TYPE)
541 serverinfo_sct_seen++;
542 else if (ext_type == TACK_EXT_TYPE)
543 serverinfo_tack_seen++;
544 else
545 serverinfo_other_seen++;
546 return 1;
547}
a398f821
T		 548
549static int verify_serverinfo()
0f113f3e
MC		 550{
551 if (serverinfo_sct != serverinfo_sct_seen)
552 return -1;
553 if (serverinfo_tack != serverinfo_tack_seen)
554 return -1;
555 if (serverinfo_other_seen)
556 return -1;
557 return 0;
558}
a398f821 559
1d97c843
TH		 560/*-
561 * Four test cases for custom extensions:
9cd50f73
T		 562 * 0 - no ClientHello extension or ServerHello response
563 * 1 - ClientHello with "abc", no response
564 * 2 - ClientHello with "abc", empty response
565 * 3 - ClientHello with "abc", "defg" response
566 */
567
de2a9e38 568static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 569 const unsigned char **out,
570 size_t *outlen, int *al, void *arg)
571{
572 if (ext_type != CUSTOM_EXT_TYPE_0)
573 custom_ext_error = 1;
574 return 0; /* Don't send an extension */
575}
9cd50f73 576
de2a9e38 577static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 578 const unsigned char *in,
579 size_t inlen, int *al, void *arg)
580{
581 return 1;
582}
9cd50f73 583
de2a9e38 584static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 585 const unsigned char **out,
586 size_t *outlen, int *al, void *arg)
587{
588 if (ext_type != CUSTOM_EXT_TYPE_1)
589 custom_ext_error = 1;
590 *out = (const unsigned char *)custom_ext_cli_string;
591 *outlen = strlen(custom_ext_cli_string);
592 return 1; /* Send "abc" */
593}
9cd50f73 594
de2a9e38 595static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 596 const unsigned char *in,
597 size_t inlen, int *al, void *arg)
598{
599 return 1;
600}
9cd50f73 601
de2a9e38 602static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 603 const unsigned char **out,
604 size_t *outlen, int *al, void *arg)
605{
606 if (ext_type != CUSTOM_EXT_TYPE_2)
607 custom_ext_error = 1;
608 *out = (const unsigned char *)custom_ext_cli_string;
609 *outlen = strlen(custom_ext_cli_string);
610 return 1; /* Send "abc" */
611}
9cd50f73 612
de2a9e38 613static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 614 const unsigned char *in,
615 size_t inlen, int *al, void *arg)
616{
617 if (ext_type != CUSTOM_EXT_TYPE_2)
618 custom_ext_error = 1;
619 if (inlen != 0)
620 custom_ext_error = 1; /* Should be empty response */
621 return 1;
622}
9cd50f73 623
de2a9e38 624static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 625 const unsigned char **out,
626 size_t *outlen, int *al, void *arg)
627{
628 if (ext_type != CUSTOM_EXT_TYPE_3)
629 custom_ext_error = 1;
630 *out = (const unsigned char *)custom_ext_cli_string;
631 *outlen = strlen(custom_ext_cli_string);
632 return 1; /* Send "abc" */
633}
9cd50f73 634
de2a9e38 635static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 636 const unsigned char *in,
637 size_t inlen, int *al, void *arg)
638{
639 if (ext_type != CUSTOM_EXT_TYPE_3)
640 custom_ext_error = 1;
641 if (inlen != strlen(custom_ext_srv_string))
642 custom_ext_error = 1;
643 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
644 custom_ext_error = 1; /* Check for "defg" */
645 return 1;
646}
647
648/*
649 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
650 * for this extension
651 */
de2a9e38 652static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 653 const unsigned char *in,
654 size_t inlen, int *al, void *arg)
655{
656 custom_ext_error = 1;
657 return 1;
658}
9cd50f73 659
f47e2039 660/* 'add' callbacks are only called if the 'parse' callback is called */
de2a9e38 661static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 662 const unsigned char **out,
663 size_t *outlen, int *al, void *arg)
664{
665 /* Error: should not have been called */
666 custom_ext_error = 1;
667 return 0; /* Don't send an extension */
668}
9cd50f73 669
de2a9e38 670static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 671 const unsigned char *in,
672 size_t inlen, int *al, void *arg)
673{
674 if (ext_type != CUSTOM_EXT_TYPE_1)
675 custom_ext_error = 1;
676 /* Check for "abc" */
677 if (inlen != strlen(custom_ext_cli_string))
678 custom_ext_error = 1;
679 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
680 custom_ext_error = 1;
681 return 1;
682}
9cd50f73 683
de2a9e38 684static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 685 const unsigned char **out,
686 size_t *outlen, int *al, void *arg)
687{
688 return 0; /* Don't send an extension */
689}
9cd50f73 690
de2a9e38 691static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 692 const unsigned char *in,
693 size_t inlen, int *al, void *arg)
694{
695 if (ext_type != CUSTOM_EXT_TYPE_2)
696 custom_ext_error = 1;
697 /* Check for "abc" */
698 if (inlen != strlen(custom_ext_cli_string))
699 custom_ext_error = 1;
700 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
701 custom_ext_error = 1;
702 return 1;
703}
9cd50f73 704
de2a9e38 705static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 706 const unsigned char **out,
707 size_t *outlen, int *al, void *arg)
708{
709 *out = NULL;
710 *outlen = 0;
711 return 1; /* Send empty extension */
712}
9cd50f73 713
de2a9e38 714static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 715 const unsigned char *in,
716 size_t inlen, int *al, void *arg)
717{
718 if (ext_type != CUSTOM_EXT_TYPE_3)
719 custom_ext_error = 1;
720 /* Check for "abc" */
721 if (inlen != strlen(custom_ext_cli_string))
722 custom_ext_error = 1;
723 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
724 custom_ext_error = 1;
725 return 1;
726}
9cd50f73 727
de2a9e38 728static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
0f113f3e
MC		 729 const unsigned char **out,
730 size_t *outlen, int *al, void *arg)
731{
732 *out = (const unsigned char *)custom_ext_srv_string;
733 *outlen = strlen(custom_ext_srv_string);
734 return 1; /* Send "defg" */
735}
736
737static char *cipher = NULL;
738static int verbose = 0;
739static int debug = 0;
0f113f3e
MC		 740static const char rnd_seed[] =
741 "string to make the random number generator think it has entropy";
d02b48c6 742
0f113f3e
MC		 743int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
744 clock_t *c_time);
745int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
6e119bb0 746static int do_test_cipherlist(void);
9ccc00ef 747
6b691a5c 748static void sv_usage(void)
0f113f3e
MC		 749{
750 fprintf(stderr, "usage: ssltest [args ...]\n");
751 fprintf(stderr, "\n");
086e32a6 752#ifdef OPENSSL_FIPS
0f113f3e
MC		 753 fprintf(stderr, "-F - run test in FIPS mode\n");
754#endif
755 fprintf(stderr, " -server_auth - check server certificate\n");
756 fprintf(stderr, " -client_auth - do client authentication\n");
757 fprintf(stderr, " -proxy - allow proxy certificates\n");
758 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
759 fprintf(stderr,
760 " -proxy_cond <val> - expression to test proxy policy rights\n");
761 fprintf(stderr, " -v - more output\n");
762 fprintf(stderr, " -d - debug output\n");
763 fprintf(stderr, " -reuse - use session-id reuse\n");
764 fprintf(stderr, " -num <val> - number of connections to perform\n");
765 fprintf(stderr,
766 " -bytes <val> - number of bytes to swap between client/server\n");
bc36ee62 767#ifndef OPENSSL_NO_DH
0f113f3e 768 fprintf(stderr,
e8356e32
EK		 769 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
770 fprintf(stderr,
771 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
0f113f3e
MC		 772 fprintf(stderr,
773 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
774 fprintf(stderr, " -no_dhe - disable DHE\n");
77fa04a9 775#endif
10bf4fc2 776#ifndef OPENSSL_NO_EC
0f113f3e 777 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
ea262260 778#endif
ddac1974 779#ifndef OPENSSL_NO_PSK
0f113f3e 780 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
ddac1974 781#endif
edc032b5 782#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 783 fprintf(stderr, " -srpuser user - SRP username to use\n");
784 fprintf(stderr, " -srppass arg - password for 'user'\n");
edc032b5 785#endif
3881d810 786#ifndef OPENSSL_NO_SSL3_METHOD
0f113f3e 787 fprintf(stderr, " -ssl3 - use SSLv3\n");
58964a49 788#endif
0f113f3e 789 fprintf(stderr, " -tls1 - use TLSv1\n");
98b8cdd3
DW		 790#ifndef OPENSSL_NO_DTLS
791 fprintf(stderr, " -dtls1 - use DTLSv1\n");
792 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
793#endif
0f113f3e
MC		 794 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
795 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
796 fprintf(stderr, " -cert arg - Server certificate file\n");
797 fprintf(stderr,
798 " -key arg - Server key file (default: same as -cert)\n");
799 fprintf(stderr, " -c_cert arg - Client certificate file\n");
800 fprintf(stderr,
801 " -c_key arg - Client key file (default: same as -c_cert)\n");
802 fprintf(stderr, " -cipher arg - The cipher list\n");
803 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
804 fprintf(stderr, " -f - Test even cases that can't work\n");
805 fprintf(stderr,
806 " -time - measure processor time used by client and server\n");
807 fprintf(stderr, " -zlib - use zlib compression\n");
10bf4fc2 808#ifndef OPENSSL_NO_EC
0f113f3e
MC		 809 fprintf(stderr,
810 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
811 " Use \"openssl ecparam -list_curves\" for all names\n"
812 " (default is sect163r2).\n");
813#endif
814 fprintf(stderr,
815 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
816 " When this option is requested, the cipherlist\n"
817 " tests are run instead of handshake tests.\n");
2911575c 818#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 819 fprintf(stderr, " -npn_client - have client side offer NPN\n");
820 fprintf(stderr, " -npn_server - have server side offer NPN\n");
821 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
822#endif
823 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
824 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
825 fprintf(stderr,
826 " -serverinfo_tack - have client offer and expect TACK\n");
827 fprintf(stderr,
828 " -custom_ext - try various custom extension callbacks\n");
829 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
830 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
831 fprintf(stderr,
832 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
833}
563f1503 834
f756f1fc 835static void print_key_details(BIO *out, EVP_PKEY *key)
0f113f3e
MC		 836{
837 int keyid = EVP_PKEY_id(key);
f756f1fc 838#ifndef OPENSSL_NO_EC
0f113f3e
MC		 839 if (keyid == EVP_PKEY_EC) {
840 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
841 int nid;
842 const char *cname;
843 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
844 EC_KEY_free(ec);
845 cname = EC_curve_nid2nist(nid);
846 if (!cname)
847 cname = OBJ_nid2sn(nid);
848 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
849 } else
850#endif
851 {
852 const char *algname;
853 switch (keyid) {
854 case EVP_PKEY_RSA:
855 algname = "RSA";
856 break;
857 case EVP_PKEY_DSA:
858 algname = "DSA";
859 break;
860 case EVP_PKEY_DH:
861 algname = "DH";
862 break;
863 default:
864 algname = OBJ_nid2sn(keyid);
865 break;
866 }
867 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
868 }
869}
f756f1fc 870
563f1503 871static void print_details(SSL *c_ssl, const char *prefix)
0f113f3e
MC		 872{
873 const SSL_CIPHER *ciph;
874 int mdnid;
875 X509 *cert;
876 EVP_PKEY *pkey;
877
878 ciph = SSL_get_current_cipher(c_ssl);
879 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
880 prefix,
881 SSL_get_version(c_ssl),
882 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
883 cert = SSL_get_peer_certificate(c_ssl);
884 if (cert != NULL) {
885 pkey = X509_get_pubkey(cert);
886 if (pkey != NULL) {
887 BIO_puts(bio_stdout, ", ");
888 print_key_details(bio_stdout, pkey);
889 EVP_PKEY_free(pkey);
890 }
891 X509_free(cert);
892 }
893 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
894 BIO_puts(bio_stdout, ", temp key: ");
895 print_key_details(bio_stdout, pkey);
896 EVP_PKEY_free(pkey);
897 }
898 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
899 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
900 BIO_printf(bio_stdout, "\n");
901}
d02b48c6 902
3ac82faa 903static void lock_dbg_cb(int mode, int type, const char *file, int line)
0f113f3e
MC		 904{
905 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
906 const char *errstr = NULL;
907 int rw;
908
909 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
910 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
911 errstr = "invalid mode";
912 goto err;
913 }
914
915 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
916 errstr = "type out of bounds";
917 goto err;
918 }
919
920 if (mode & CRYPTO_LOCK) {
921 if (modes[type]) {
922 errstr = "already locked";
923 /*
924 * must not happen in a single-threaded program (would deadlock)
925 */
926 goto err;
927 }
928
929 modes[type] = rw;
930 } else if (mode & CRYPTO_UNLOCK) {
931 if (!modes[type]) {
932 errstr = "not locked";
933 goto err;
934 }
935
936 if (modes[type] != rw) {
937 errstr = (rw == CRYPTO_READ) ?
938 "CRYPTO_r_unlock on write lock" :
939 "CRYPTO_w_unlock on read lock";
940 }
941
942 modes[type] = 0;
943 } else {
944 errstr = "invalid mode";
945 goto err;
946 }
3ac82faa
BM		 947
948 err:
0f113f3e
MC		 949 if (errstr) {
950 /* we cannot use bio_err here */
951 fprintf(stderr,
952 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
953 errstr, mode, type, file, line);
954 }
955}
3ac82faa 956
6b691a5c 957int main(int argc, char *argv[])
0f113f3e
MC		 958{
959 char *CApath = NULL, *CAfile = NULL;
960 int badop = 0;
961 int bio_pair = 0;
962 int force = 0;
98b8cdd3 963 int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl3 = 0, ret = 1;
0f113f3e
MC		 964 int client_auth = 0;
965 int server_auth = 0, i;
966 struct app_verify_arg app_verify_arg =
967 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
968 char *server_cert = TEST_SERVER_CERT;
969 char *server_key = NULL;
970 char *client_cert = TEST_CLIENT_CERT;
971 char *client_key = NULL;
10bf4fc2 972#ifndef OPENSSL_NO_EC
0f113f3e
MC		 973 char *named_curve = NULL;
974#endif
975 SSL_CTX *s_ctx = NULL;
976 SSL_CTX *c_ctx = NULL;
977 const SSL_METHOD *meth = NULL;
978 SSL *c_ssl, *s_ssl;
979 int number = 1, reuse = 0;
980 long bytes = 256L;
bc36ee62 981#ifndef OPENSSL_NO_DH
0f113f3e 982 DH *dh;
e8356e32 983 int dhe512 = 0, dhe1024dsa = 0;
ea262260 984#endif
10bf4fc2 985#ifndef OPENSSL_NO_EC
0f113f3e 986 EC_KEY *ecdh = NULL;
edc032b5
BL		 987#endif
988#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 989 /* client */
990 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
991 /* server */
992 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
993#endif
994 int no_dhe = 0;
995 int no_ecdhe = 0;
996 int no_psk = 0;
997 int print_time = 0;
998 clock_t s_time = 0, c_time = 0;
09b6c2ef 999#ifndef OPENSSL_NO_COMP
9a555706 1000 int n, comp = 0;
0f113f3e
MC		 1001 COMP_METHOD *cm = NULL;
1002 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
00a37b5a 1003#endif
0f113f3e 1004 int test_cipherlist = 0;
086e32a6 1005#ifdef OPENSSL_FIPS
0f113f3e
MC		 1006 int fips_mode = 0;
1007#endif
1008 int no_protocol = 0;
1009
1010 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1011 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1012 const char *arg = NULL, *argn = NULL;
1013
1014 verbose = 0;
1015 debug = 0;
1016 cipher = 0;
1017
1018 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1019
1020 CRYPTO_set_locking_callback(lock_dbg_cb);
1021
1022 /* enable memory leak checking unless explicitly disabled */
1023 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
1024 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
1025 CRYPTO_malloc_debug_init();
1026 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1027 } else {
1028 /* OPENSSL_DEBUG_MEMORY=off */
1029 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1030 }
1031 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1032
1033 RAND_seed(rnd_seed, sizeof rnd_seed);
1034
1035 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1036
1037 s_cctx = SSL_CONF_CTX_new();
1038 c_cctx = SSL_CONF_CTX_new();
1039
1040 if (!s_cctx || !c_cctx) {
1041 ERR_print_errors(bio_err);
1042 goto end;
1043 }
1044
1045 SSL_CONF_CTX_set_flags(s_cctx,
1046 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER);
1047 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1048 ERR_print_errors(bio_err);
1049 goto end;
1050 }
1051
1052 SSL_CONF_CTX_set_flags(c_cctx,
1053 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT);
1054 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1055 ERR_print_errors(bio_err);
1056 goto end;
1057 }
1058
1059 argc--;
1060 argv++;
1061
1062 while (argc >= 1) {
86885c28 1063 if (strcmp(*argv, "-F") == 0) {
086e32a6 1064#ifdef OPENSSL_FIPS
0f113f3e 1065 fips_mode = 1;
086e32a6 1066#else
0f113f3e
MC		 1067 fprintf(stderr,
1068 "not compiled with FIPS support, so exiting without running.\n");
1069 EXIT(0);
1070#endif
1071 } else if (strcmp(*argv, "-server_auth") == 0)
1072 server_auth = 1;
1073 else if (strcmp(*argv, "-client_auth") == 0)
1074 client_auth = 1;
1075 else if (strcmp(*argv, "-proxy_auth") == 0) {
1076 if (--argc < 1)
1077 goto bad;
1078 app_verify_arg.proxy_auth = *(++argv);
1079 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1080 if (--argc < 1)
1081 goto bad;
1082 app_verify_arg.proxy_cond = *(++argv);
1083 } else if (strcmp(*argv, "-v") == 0)
1084 verbose = 1;
1085 else if (strcmp(*argv, "-d") == 0)
1086 debug = 1;
1087 else if (strcmp(*argv, "-reuse") == 0)
1088 reuse = 1;
e8356e32 1089 else if (strcmp(*argv, "-dhe512") == 0) {
90f5a2b6 1090#ifndef OPENSSL_NO_DH
e8356e32 1091 dhe512 = 1;
90f5a2b6 1092#else
0f113f3e 1093 fprintf(stderr,
e8356e32 1094 "ignoring -dhe512, since I'm compiled without DH\n");
90f5a2b6 1095#endif
0f113f3e 1096 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
90f5a2b6 1097#ifndef OPENSSL_NO_DH
0f113f3e 1098 dhe1024dsa = 1;
90f5a2b6 1099#else
0f113f3e 1100 fprintf(stderr,
e8356e32 1101 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
0f113f3e
MC		 1102#endif
1103 } else if (strcmp(*argv, "-no_dhe") == 0)
1104 no_dhe = 1;
1105 else if (strcmp(*argv, "-no_ecdhe") == 0)
1106 no_ecdhe = 1;
1107 else if (strcmp(*argv, "-psk") == 0) {
1108 if (--argc < 1)
1109 goto bad;
1110 psk_key = *(++argv);
ddac1974 1111#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1112 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1113 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1114 goto bad;
1115 }
ddac1974 1116#else
0f113f3e 1117 no_psk = 1;
ddac1974 1118#endif
0f113f3e 1119 }
edc032b5 1120#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1121 else if (strcmp(*argv, "-srpuser") == 0) {
1122 if (--argc < 1)
1123 goto bad;
1124 srp_server_arg.expected_user = srp_client_arg.srplogin =
1125 *(++argv);
1126 tls1 = 1;
1127 } else if (strcmp(*argv, "-srppass") == 0) {
1128 if (--argc < 1)
1129 goto bad;
1130 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1131 tls1 = 1;
1132 }
1133#endif
1134 else if (strcmp(*argv, "-tls1") == 0) {
0f113f3e
MC		 1135 tls1 = 1;
1136 } else if (strcmp(*argv, "-ssl3") == 0) {
3881d810 1137#ifdef OPENSSL_NO_SSL3_METHOD
0f113f3e
MC		 1138 no_protocol = 1;
1139#endif
1140 ssl3 = 1;
98b8cdd3
DW		 1141 } else if (strcmp(*argv, "-dtls1") == 0) {
1142#ifdef OPENSSL_NO_DTLS
1143 no_protocol = 1;
1144#endif
1145 dtls1 = 1;
1146 } else if (strcmp(*argv, "-dtls12") == 0) {
1147#ifdef OPENSSL_NO_DTLS
1148 no_protocol = 1;
1149#endif
1150 dtls12 = 1;
0f113f3e
MC		 1151 } else if (strncmp(*argv, "-num", 4) == 0) {
1152 if (--argc < 1)
1153 goto bad;
1154 number = atoi(*(++argv));
1155 if (number == 0)
1156 number = 1;
1157 } else if (strcmp(*argv, "-bytes") == 0) {
1158 if (--argc < 1)
1159 goto bad;
1160 bytes = atol(*(++argv));
1161 if (bytes == 0L)
1162 bytes = 1L;
1163 i = strlen(argv[0]);
1164 if (argv[0][i - 1] == 'k')
1165 bytes *= 1024L;
1166 if (argv[0][i - 1] == 'm')
1167 bytes *= 1024L * 1024L;
1168 } else if (strcmp(*argv, "-cert") == 0) {
1169 if (--argc < 1)
1170 goto bad;
1171 server_cert = *(++argv);
1172 } else if (strcmp(*argv, "-s_cert") == 0) {
1173 if (--argc < 1)
1174 goto bad;
1175 server_cert = *(++argv);
1176 } else if (strcmp(*argv, "-key") == 0) {
1177 if (--argc < 1)
1178 goto bad;
1179 server_key = *(++argv);
1180 } else if (strcmp(*argv, "-s_key") == 0) {
1181 if (--argc < 1)
1182 goto bad;
1183 server_key = *(++argv);
1184 } else if (strcmp(*argv, "-c_cert") == 0) {
1185 if (--argc < 1)
1186 goto bad;
1187 client_cert = *(++argv);
1188 } else if (strcmp(*argv, "-c_key") == 0) {
1189 if (--argc < 1)
1190 goto bad;
1191 client_key = *(++argv);
1192 } else if (strcmp(*argv, "-cipher") == 0) {
1193 if (--argc < 1)
1194 goto bad;
1195 cipher = *(++argv);
1196 } else if (strcmp(*argv, "-CApath") == 0) {
1197 if (--argc < 1)
1198 goto bad;
1199 CApath = *(++argv);
1200 } else if (strcmp(*argv, "-CAfile") == 0) {
1201 if (--argc < 1)
1202 goto bad;
1203 CAfile = *(++argv);
1204 } else if (strcmp(*argv, "-bio_pair") == 0) {
1205 bio_pair = 1;
1206 } else if (strcmp(*argv, "-f") == 0) {
1207 force = 1;
1208 } else if (strcmp(*argv, "-time") == 0) {
1209 print_time = 1;
1210 }
a4c4a7d5 1211#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1212 else if (strcmp(*argv, "-zlib") == 0) {
1213 comp = COMP_ZLIB;
0f113f3e
MC		 1214 }
1215#endif
1216 else if (strcmp(*argv, "-named_curve") == 0) {
1217 if (--argc < 1)
1218 goto bad;
10bf4fc2 1219#ifndef OPENSSL_NO_EC
0f113f3e 1220 named_curve = *(++argv);
90f5a2b6 1221#else
0f113f3e
MC		 1222 fprintf(stderr,
1223 "ignoring -named_curve, since I'm compiled without ECDH\n");
1224 ++argv;
1225#endif
1226 } else if (strcmp(*argv, "-app_verify") == 0) {
1227 app_verify_arg.app_verify = 1;
1228 } else if (strcmp(*argv, "-proxy") == 0) {
1229 app_verify_arg.allow_proxy_certs = 1;
1230 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1231 test_cipherlist = 1;
1232 }
2911575c 1233#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1234 else if (strcmp(*argv, "-npn_client") == 0) {
1235 npn_client = 1;
1236 } else if (strcmp(*argv, "-npn_server") == 0) {
1237 npn_server = 1;
1238 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1239 npn_server_reject = 1;
1240 }
1241#endif
1242 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1243 serverinfo_sct = 1;
1244 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1245 serverinfo_tack = 1;
1246 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1247 if (--argc < 1)
1248 goto bad;
1249 serverinfo_file = *(++argv);
1250 } else if (strcmp(*argv, "-custom_ext") == 0) {
1251 custom_ext = 1;
1252 } else if (strcmp(*argv, "-alpn_client") == 0) {
1253 if (--argc < 1)
1254 goto bad;
1255 alpn_client = *(++argv);
1256 } else if (strcmp(*argv, "-alpn_server") == 0) {
1257 if (--argc < 1)
1258 goto bad;
1259 alpn_server = *(++argv);
1260 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1261 if (--argc < 1)
1262 goto bad;
1263 alpn_expected = *(++argv);
1264 } else {
1265 int rv;
1266 arg = argv[0];
1267 argn = argv[1];
1268 /* Try to process command using SSL_CONF */
1269 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1270 /* If not processed try server */
1271 if (rv == 0)
1272 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1273 /* Recognised: store it for later use */
1274 if (rv > 0) {
1275 if (rv == 1)
1276 argn = NULL;
1277 if (!conf_args) {
1278 conf_args = sk_OPENSSL_STRING_new_null();
1279 if (!conf_args)
1280 goto end;
1281 }
1282 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1283 goto end;
1284 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1285 goto end;
1286 continue;
1287 }
1288 if (rv == -3)
1289 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1290 else if (rv < 0)
1291 BIO_printf(bio_err, "Error with command %s\n", arg);
1292 else if (rv == 0)
1293 BIO_printf(bio_err, "unknown option %s\n", arg);
1294 badop = 1;
1295 break;
1296 }
1297 argc--;
1298 argv++;
1299 }
1300 if (badop) {
1301 bad:
1302 sv_usage();
1303 goto end;
1304 }
1305
1306 /*
1307 * test_cipherlist prevails over protocol switch: we test the cipherlist
1308 * for all enabled protocols.
1309 */
1310 if (test_cipherlist == 1) {
1311 /*
1312 * ensure that the cipher list are correctly sorted and exit
1313 */
1314 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1315 "other options.\n");
1316 if (do_test_cipherlist() == 0)
1317 EXIT(1);
1318 ret = 0;
1319 goto end;
1320 }
1321
98b8cdd3
DW		 1322 if (ssl3 + tls1 + dtls1 + dtls12 > 1) {
1323 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls1 or -dtls12 should "
0f113f3e
MC		 1324 "be requested.\n");
1325 EXIT(1);
1326 }
1327
1328 /*
1329 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1330 * Ideally, we would error out, but the generic test wrapper can't know
1331 * when to expect failure. So we do nothing and return success.
1332 */
1333 if (no_protocol) {
1334 fprintf(stderr, "Testing was requested for a disabled protocol. "
1335 "Skipping tests.\n");
1336 ret = 0;
1337 goto end;
1338 }
1339
98b8cdd3 1340 if (!ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
0f113f3e
MC		 1341 fprintf(stderr, "This case cannot work. Use -f to perform "
1342 "the test anyway (and\n-d to see what happens), "
98b8cdd3 1343 "or add one of -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
0f113f3e
MC		 1344 "to avoid protocol mismatch.\n");
1345 EXIT(1);
1346 }
086e32a6 1347#ifdef OPENSSL_FIPS
0f113f3e
MC		 1348 if (fips_mode) {
1349 if (!FIPS_mode_set(1)) {
1350 ERR_load_crypto_strings();
1351 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
1352 EXIT(1);
1353 } else
1354 fprintf(stderr, "*** IN FIPS MODE ***\n");
1355 }
1356#endif
1357
1358 if (print_time) {
1359 if (!bio_pair) {
1360 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1361 bio_pair = 1;
1362 }
1363 if (number < 50 && !force)
1364 fprintf(stderr,
1365 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1366 }
1367
1368/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1369
1370 SSL_library_init();
1371 SSL_load_error_strings();
d02b48c6 1372
09b6c2ef 1373#ifndef OPENSSL_NO_COMP
0f113f3e
MC		 1374 if (comp == COMP_ZLIB)
1375 cm = COMP_zlib();
0f113f3e 1376 if (cm != NULL) {
9a555706 1377 if (COMP_get_type(cm) != NID_undef) {
0f113f3e
MC		 1378 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1379 fprintf(stderr, "Failed to add compression method\n");
1380 ERR_print_errors_fp(stderr);
1381 }
1382 } else {
1383 fprintf(stderr,
1384 "Warning: %s compression not supported\n",
45ddce21 1385 comp == COMP_ZLIB ? "zlib" : "unknown");
0f113f3e
MC		 1386 ERR_print_errors_fp(stderr);
1387 }
1388 }
1389 ssl_comp_methods = SSL_COMP_get_compression_methods();
3dca57f8
RS		 1390 n = sk_SSL_COMP_num(ssl_comp_methods);
1391 if (n) {
1392 int j;
1393 printf("Available compression methods:");
1394 for (j = 0; j < n; j++) {
1395 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1396 printf(" %s:%d", c->name, c->id);
22ebaae0 1397 }
3dca57f8 1398 printf("\n");
0f113f3e
MC		 1399 }
1400#endif
1401
1402 /*
1403 * At this point, ssl3/tls1 is only set if the protocol is available.
1404 * (Otherwise we exit early.) However the compiler doesn't know this, so
1405 * we ifdef.
1406 */
fd28a41e 1407#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 1408 if (ssl3)
1409 meth = SSLv3_method();
1410 else
98b8cdd3
DW		 1411#endif
1412#ifndef OPENSSL_NO_DTLS
1413 if (dtls1)
1414 meth = DTLSv1_method();
1415 else if (dtls12)
1416 meth = DTLSv1_2_method();
1417 else
fd28a41e 1418#endif
0f113f3e
MC		 1419 if (tls1)
1420 meth = TLSv1_method();
1421 else
32ec4153 1422 meth = TLS_method();
0f113f3e
MC		 1423
1424 c_ctx = SSL_CTX_new(meth);
1425 s_ctx = SSL_CTX_new(meth);
1426 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1427 ERR_print_errors(bio_err);
1428 goto end;
1429 }
1430 /*
1431 * Since we will use low security ciphersuites and keys for testing set
1432 * security level to zero.
1433 */
1434 SSL_CTX_set_security_level(c_ctx, 0);
1435 SSL_CTX_set_security_level(s_ctx, 0);
1436
1437 if (cipher != NULL) {
61986d32 1438 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
69f68237
MC		 1439 || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1440 ERR_print_errors(bio_err);
1441 goto end;
1442 }
0f113f3e
MC		 1443 }
1444
1445 /* Process SSL_CONF arguments */
1446 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1447 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1448
1449 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1450 int rv;
1451 arg = sk_OPENSSL_STRING_value(conf_args, i);
1452 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1453 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1454 /* If not recognised use server context */
1455 if (rv == -2)
1456 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1457 if (rv <= 0) {
1458 BIO_printf(bio_err, "Error processing %s %s\n",
1459 arg, argn ? argn : "");
1460 ERR_print_errors(bio_err);
1461 goto end;
1462 }
1463 }
1464
1465 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
1466 BIO_puts(bio_err, "Error finishing context\n");
1467 ERR_print_errors(bio_err);
1468 goto end;
1469 }
bc36ee62 1470#ifndef OPENSSL_NO_DH
0f113f3e
MC		 1471 if (!no_dhe) {
1472 if (dhe1024dsa) {
1473 /*
1474 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1475 */
1476 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1477 dh = get_dh1024dsa();
e8356e32 1478 } else if (dhe512)
0f113f3e 1479 dh = get_dh512();
e8356e32
EK		 1480 else
1481 dh = get_dh1024();
0f113f3e
MC		 1482 SSL_CTX_set_tmp_dh(s_ctx, dh);
1483 DH_free(dh);
1484 }
e4589582 1485#else
0f113f3e 1486 (void)no_dhe;
58964a49
RE		 1487#endif
1488
10bf4fc2 1489#ifndef OPENSSL_NO_EC
0f113f3e
MC		 1490 if (!no_ecdhe) {
1491 int nid;
1492
1493 if (named_curve != NULL) {
1494 nid = OBJ_sn2nid(named_curve);
1495 if (nid == 0) {
1496 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1497 goto end;
1498 }
de57d237 1499 } else {
0f113f3e 1500 nid = NID_X9_62_prime256v1;
de57d237 1501 }
0f113f3e
MC		 1502
1503 ecdh = EC_KEY_new_by_curve_name(nid);
1504 if (ecdh == NULL) {
1505 BIO_printf(bio_err, "unable to create curve\n");
1506 goto end;
1507 }
1508
1509 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1510 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1511 EC_KEY_free(ecdh);
1512 }
b3310161 1513#else
0f113f3e 1514 (void)no_ecdhe;
ea262260
BM		 1515#endif
1516
bc36ee62 1517#ifndef OPENSSL_NO_RSA
0f113f3e 1518 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
d02b48c6
RE		 1519#endif
1520
0f113f3e
MC		 1521 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
1522 ERR_print_errors(bio_err);
1523 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1524 (server_key ? server_key :
1525 server_cert),
1526 SSL_FILETYPE_PEM)) {
1527 ERR_print_errors(bio_err);
1528 goto end;
1529 }
1530
1531 if (client_auth) {
61986d32 1532 if (!SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM)
69f68237 1533 || !SSL_CTX_use_PrivateKey_file(c_ctx,
0f113f3e 1534 (client_key ? client_key : client_cert),
69f68237
MC		 1535 SSL_FILETYPE_PEM)) {
1536 ERR_print_errors(bio_err);
1537 goto end;
1538 }
0f113f3e
MC		 1539 }
1540
1541 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1542 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1543 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1544 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1545 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1546 ERR_print_errors(bio_err);
1547 /* goto end; */
1548 }
1549
1550 if (client_auth) {
3dca57f8 1551 printf("client authentication\n");
0f113f3e
MC		 1552 SSL_CTX_set_verify(s_ctx,
1553 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1554 verify_callback);
1555 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1556 &app_verify_arg);
1557 }
1558 if (server_auth) {
3dca57f8 1559 printf("server authentication\n");
0f113f3e
MC		 1560 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1561 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1562 &app_verify_arg);
1563 }
1564
1565 {
1566 int session_id_context = 0;
61986d32 1567 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
69f68237
MC		 1568 sizeof session_id_context)) {
1569 ERR_print_errors(bio_err);
1570 goto end;
1571 }
0f113f3e
MC		 1572 }
1573
1574 /* Use PSK only if PSK key is given */
1575 if (psk_key != NULL) {
1576 /*
1577 * no_psk is used to avoid putting psk command to openssl tool
1578 */
1579 if (no_psk) {
1580 /*
1581 * if PSK is not compiled in and psk key is given, do nothing and
1582 * exit successfully
1583 */
1584 ret = 0;
1585 goto end;
1586 }
ddac1974 1587#ifndef OPENSSL_NO_PSK
0f113f3e
MC		 1588 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1589 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1590 if (debug)
1591 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1592 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1593 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1594 ERR_print_errors(bio_err);
1595 goto end;
1596 }
1597#endif
1598 }
edc032b5 1599#ifndef OPENSSL_NO_SRP
0f113f3e
MC		 1600 if (srp_client_arg.srplogin) {
1601 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1602 BIO_printf(bio_err, "Unable to set SRP username\n");
1603 goto end;
1604 }
1605 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1606 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1607 ssl_give_srp_client_pwd_cb);
1608 /*
1609 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1610 */
1611 }
1612
1613 if (srp_server_arg.expected_user != NULL) {
1614 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1615 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1616 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1617 }
edc032b5 1618#endif
ddac1974 1619
2911575c 1620#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 1621 if (npn_client) {
1622 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1623 }
1624 if (npn_server) {
1625 if (npn_server_reject) {
1626 BIO_printf(bio_err,
1627 "Can't have both -npn_server and -npn_server_reject\n");
1628 goto end;
1629 }
1630 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1631 }
1632 if (npn_server_reject) {
1633 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1634 NULL);
1635 }
1636#endif
1637
69f68237 1638 if (serverinfo_sct) {
61986d32 1639 if (!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
0f113f3e 1640 NULL, NULL, NULL,
69f68237
MC		 1641 serverinfo_cli_parse_cb, NULL)) {
1642 BIO_printf(bio_err, "Error adding SCT extension\n");
1643 goto end;
1644 }
1645 }
1646 if (serverinfo_tack) {
61986d32 1647 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
0f113f3e 1648 NULL, NULL, NULL,
69f68237
MC		 1649 serverinfo_cli_parse_cb, NULL)) {
1650 BIO_printf(bio_err, "Error adding TACK extension\n");
1651 goto end;
1652 }
1653 }
0f113f3e
MC		 1654 if (serverinfo_file)
1655 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1656 BIO_printf(bio_err, "missing serverinfo file\n");
1657 goto end;
1658 }
1659
1660 if (custom_ext) {
61986d32 1661 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1662 custom_ext_0_cli_add_cb,
1663 NULL, NULL,
69f68237 1664 custom_ext_0_cli_parse_cb, NULL)
61986d32 1665 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1666 custom_ext_1_cli_add_cb,
1667 NULL, NULL,
69f68237 1668 custom_ext_1_cli_parse_cb, NULL)
61986d32 1669 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1670 custom_ext_2_cli_add_cb,
1671 NULL, NULL,
69f68237 1672 custom_ext_2_cli_parse_cb, NULL)
61986d32 1673 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1674 custom_ext_3_cli_add_cb,
1675 NULL, NULL,
69f68237 1676 custom_ext_3_cli_parse_cb, NULL)
61986d32 1677 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
0f113f3e
MC		 1678 custom_ext_0_srv_add_cb,
1679 NULL, NULL,
69f68237 1680 custom_ext_0_srv_parse_cb, NULL)
61986d32 1681 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
0f113f3e
MC		 1682 custom_ext_1_srv_add_cb,
1683 NULL, NULL,
69f68237 1684 custom_ext_1_srv_parse_cb, NULL)
61986d32 1685 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
0f113f3e
MC		 1686 custom_ext_2_srv_add_cb,
1687 NULL, NULL,
69f68237 1688 custom_ext_2_srv_parse_cb, NULL)
61986d32 1689 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
0f113f3e
MC		 1690 custom_ext_3_srv_add_cb,
1691 NULL, NULL,
69f68237
MC		 1692 custom_ext_3_srv_parse_cb, NULL)) {
1693 BIO_printf(bio_err, "Error setting custom extensions\n");
1694 goto end;
1695 }
0f113f3e
MC		 1696 }
1697
1698 if (alpn_server)
1699 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1700
1701 if (alpn_client) {
1702 unsigned short alpn_len;
1703 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1704
1705 if (alpn == NULL) {
1706 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1707 goto end;
1708 }
69f68237 1709 /* Returns 0 on success!! */
61986d32 1710 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
69f68237
MC		 1711 BIO_printf(bio_err, "Error setting ALPN\n");
1712 OPENSSL_free(alpn);
1713 goto end;
1714 }
0f113f3e
MC		 1715 OPENSSL_free(alpn);
1716 }
1717
1718 c_ssl = SSL_new(c_ctx);
1719 s_ssl = SSL_new(s_ctx);
58964a49 1720
3dca57f8 1721 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
0f113f3e 1722 for (i = 0; i < number; i++) {
69f68237 1723 if (!reuse) {
61986d32 1724 if (!SSL_set_session(c_ssl, NULL)) {
69f68237
MC		 1725 BIO_printf(bio_err, "Failed to set session\n");
1726 goto end;
1727 }
1728 }
0f113f3e
MC		 1729 if (bio_pair)
1730 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1731 else
1732 ret = doit(s_ssl, c_ssl, bytes);
6b937f8b 1733 if (ret) break;
0f113f3e
MC		 1734 }
1735
1736 if (!verbose) {
1737 print_details(c_ssl, "");
1738 }
0f113f3e 1739 if (print_time) {
617d71bc 1740#ifdef CLOCKS_PER_SEC
0f113f3e
MC		 1741 /*
1742 * "To determine the time in seconds, the value returned by the clock
1743 * function should be divided by the value of the macro
1744 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1745 */
1746 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1747 "Approximate total client time: %6.2f s\n",
1748 (double)s_time / CLOCKS_PER_SEC,
1749 (double)c_time / CLOCKS_PER_SEC);
617d71bc 1750#else
0f113f3e
MC		 1751 BIO_printf(bio_stdout,
1752 "Approximate total server time: %6.2f units\n"
1753 "Approximate total client time: %6.2f units\n",
1754 (double)s_time, (double)c_time);
617d71bc 1755#endif
0f113f3e 1756 }
58964a49 1757
0f113f3e
MC		 1758 SSL_free(s_ssl);
1759 SSL_free(c_ssl);
58964a49 1760
0f113f3e 1761 end:
62adbcee
RS		 1762 SSL_CTX_free(s_ctx);
1763 SSL_CTX_free(c_ctx);
62adbcee
RS		 1764 SSL_CONF_CTX_free(s_cctx);
1765 SSL_CONF_CTX_free(c_cctx);
0f113f3e 1766 sk_OPENSSL_STRING_free(conf_args);
de94222d 1767
ca3a82c3 1768 BIO_free(bio_stdout);
d02b48c6 1769
bc36ee62 1770#ifndef OPENSSL_NO_RSA
0f113f3e 1771 free_tmp_rsa();
46b3bd54 1772#endif
0b13e9f0 1773#ifndef OPENSSL_NO_ENGINE
0f113f3e
MC		 1774 ENGINE_cleanup();
1775#endif
1776 CRYPTO_cleanup_all_ex_data();
1777 ERR_free_strings();
1778 ERR_remove_thread_state(NULL);
1779 EVP_cleanup();
1780 CRYPTO_mem_leaks(bio_err);
ca3a82c3 1781 BIO_free(bio_err);
0f113f3e 1782 EXIT(ret);
0f113f3e 1783}
d02b48c6 1784
563f1503 1785int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
0f113f3e
MC		 1786 clock_t *s_time, clock_t *c_time)
1787{
1788 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1789 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1790 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1791 int ret = 1;
1792
1793 size_t bufsiz = 256; /* small buffer for testing */
1794
1795 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1796 goto err;
1797 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1798 goto err;
1799
1800 s_ssl_bio = BIO_new(BIO_f_ssl());
1801 if (!s_ssl_bio)
1802 goto err;
1803
1804 c_ssl_bio = BIO_new(BIO_f_ssl());
1805 if (!c_ssl_bio)
1806 goto err;
1807
1808 SSL_set_connect_state(c_ssl);
1809 SSL_set_bio(c_ssl, client, client);
1810 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1811
1812 SSL_set_accept_state(s_ssl);
1813 SSL_set_bio(s_ssl, server, server);
1814 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1815
1816 do {
35a1cc90
MC		 1817 /*-
1818 * c_ssl_bio: SSL filter BIO
1819 *
1820 * client: pseudo-I/O for SSL library
1821 *
1822 * client_io: client's SSL communication; usually to be
1823 * relayed over some I/O facility, but in this
1824 * test program, we're the server, too:
1825 *
1826 * server_io: server's SSL communication
1827 *
1828 * server: pseudo-I/O for SSL library
1829 *
1830 * s_ssl_bio: SSL filter BIO
1831 *
1832 * The client and the server each employ a "BIO pair":
1833 * client + client_io, server + server_io.
1834 * BIO pairs are symmetric. A BIO pair behaves similar
1835 * to a non-blocking socketpair (but both endpoints must
1836 * be handled by the same thread).
1837 * [Here we could connect client and server to the ends
1838 * of a single BIO pair, but then this code would be less
1839 * suitable as an example for BIO pairs in general.]
1840 *
1841 * Useful functions for querying the state of BIO pair endpoints:
1842 *
1843 * BIO_ctrl_pending(bio) number of bytes we can read now
1844 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1845 * other side's read attempt
1846 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1847 *
1848 * ..._read_request is never more than ..._write_guarantee;
1849 * it depends on the application which one you should use.
1850 */
0f113f3e
MC		 1851
1852 /*
1853 * We have non-blocking behaviour throughout this test program, but
1854 * can be sure that there is *some* progress in each iteration; so we
1855 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1856 * we just try everything in each iteration
1857 */
1858
1859 {
1860 /* CLIENT */
1861
68b00c23 1862 char cbuf[1024 * 8];
0f113f3e
MC		 1863 int i, r;
1864 clock_t c_clock = clock();
1865
1866 memset(cbuf, 0, sizeof(cbuf));
1867
1868 if (debug)
1869 if (SSL_in_init(c_ssl))
1870 printf("client waiting in SSL_connect - %s\n",
1871 SSL_state_string_long(c_ssl));
1872
1873 if (cw_num > 0) {
1874 /* Write to server. */
1875
1876 if (cw_num > (long)sizeof cbuf)
1877 i = sizeof cbuf;
1878 else
1879 i = (int)cw_num;
1880 r = BIO_write(c_ssl_bio, cbuf, i);
1881 if (r < 0) {
1882 if (!BIO_should_retry(c_ssl_bio)) {
1883 fprintf(stderr, "ERROR in CLIENT\n");
1884 goto err;
1885 }
1886 /*
1887 * BIO_should_retry(...) can just be ignored here. The
1888 * library expects us to call BIO_write with the same
1889 * arguments again, and that's what we will do in the
1890 * next iteration.
1891 */
1892 } else if (r == 0) {
1893 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1894 goto err;
1895 } else {
1896 if (debug)
1897 printf("client wrote %d\n", r);
1898 cw_num -= r;
1899 }
1900 }
1901
1902 if (cr_num > 0) {
1903 /* Read from server. */
1904
1905 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1906 if (r < 0) {
1907 if (!BIO_should_retry(c_ssl_bio)) {
1908 fprintf(stderr, "ERROR in CLIENT\n");
1909 goto err;
1910 }
1911 /*
1912 * Again, "BIO_should_retry" can be ignored.
1913 */
1914 } else if (r == 0) {
1915 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1916 goto err;
1917 } else {
1918 if (debug)
1919 printf("client read %d\n", r);
1920 cr_num -= r;
1921 }
1922 }
1923
1924 /*
1925 * c_time and s_time increments will typically be very small
1926 * (depending on machine speed and clock tick intervals), but
1927 * sampling over a large number of connections should result in
1928 * fairly accurate figures. We cannot guarantee a lot, however
1929 * -- if each connection lasts for exactly one clock tick, it
1930 * will be counted only for the client or only for the server or
1931 * even not at all.
1932 */
1933 *c_time += (clock() - c_clock);
1934 }
1935
1936 {
1937 /* SERVER */
1938
68b00c23 1939 char sbuf[1024 * 8];
0f113f3e
MC		 1940 int i, r;
1941 clock_t s_clock = clock();
1942
1943 memset(sbuf, 0, sizeof(sbuf));
1944
1945 if (debug)
1946 if (SSL_in_init(s_ssl))
1947 printf("server waiting in SSL_accept - %s\n",
1948 SSL_state_string_long(s_ssl));
1949
1950 if (sw_num > 0) {
1951 /* Write to client. */
1952
1953 if (sw_num > (long)sizeof sbuf)
1954 i = sizeof sbuf;
1955 else
1956 i = (int)sw_num;
1957 r = BIO_write(s_ssl_bio, sbuf, i);
1958 if (r < 0) {
1959 if (!BIO_should_retry(s_ssl_bio)) {
1960 fprintf(stderr, "ERROR in SERVER\n");
1961 goto err;
1962 }
1963 /* Ignore "BIO_should_retry". */
1964 } else if (r == 0) {
1965 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1966 goto err;
1967 } else {
1968 if (debug)
1969 printf("server wrote %d\n", r);
1970 sw_num -= r;
1971 }
1972 }
1973
1974 if (sr_num > 0) {
1975 /* Read from client. */
1976
1977 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
1978 if (r < 0) {
1979 if (!BIO_should_retry(s_ssl_bio)) {
1980 fprintf(stderr, "ERROR in SERVER\n");
1981 goto err;
1982 }
1983 /* blah, blah */
1984 } else if (r == 0) {
1985 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1986 goto err;
1987 } else {
1988 if (debug)
1989 printf("server read %d\n", r);
1990 sr_num -= r;
1991 }
1992 }
1993
1994 *s_time += (clock() - s_clock);
1995 }
1996
1997 {
1998 /* "I/O" BETWEEN CLIENT AND SERVER. */
1999
2000 size_t r1, r2;
2001 BIO *io1 = server_io, *io2 = client_io;
2002 /*
2003 * we use the non-copying interface for io1 and the standard
2004 * BIO_write/BIO_read interface for io2
2005 */
2006
2007 static int prev_progress = 1;
2008 int progress = 0;
2009
2010 /* io1 to io2 */
2011 do {
2012 size_t num;
2013 int r;
2014
2015 r1 = BIO_ctrl_pending(io1);
2016 r2 = BIO_ctrl_get_write_guarantee(io2);
2017
2018 num = r1;
2019 if (r2 < num)
2020 num = r2;
2021 if (num) {
2022 char *dataptr;
2023
2024 if (INT_MAX < num) /* yeah, right */
2025 num = INT_MAX;
2026
2027 r = BIO_nread(io1, &dataptr, (int)num);
2028 assert(r > 0);
2029 assert(r <= (int)num);
2030 /*
2031 * possibly r < num (non-contiguous data)
2032 */
2033 num = r;
2034 r = BIO_write(io2, dataptr, (int)num);
2035 if (r != (int)num) { /* can't happen */
2036 fprintf(stderr, "ERROR: BIO_write could not write "
2037 "BIO_ctrl_get_write_guarantee() bytes");
2038 goto err;
2039 }
2040 progress = 1;
2041
2042 if (debug)
2043 printf((io1 == client_io) ?
2044 "C->S relaying: %d bytes\n" :
2045 "S->C relaying: %d bytes\n", (int)num);
2046 }
2047 }
2048 while (r1 && r2);
2049
2050 /* io2 to io1 */
2051 {
2052 size_t num;
2053 int r;
2054
2055 r1 = BIO_ctrl_pending(io2);
2056 r2 = BIO_ctrl_get_read_request(io1);
2057 /*
2058 * here we could use ..._get_write_guarantee instead of
2059 * ..._get_read_request, but by using the latter we test
2060 * restartability of the SSL implementation more thoroughly
2061 */
2062 num = r1;
2063 if (r2 < num)
2064 num = r2;
2065 if (num) {
2066 char *dataptr;
2067
2068 if (INT_MAX < num)
2069 num = INT_MAX;
2070
2071 if (num > 1)
2072 --num; /* test restartability even more thoroughly */
2073
2074 r = BIO_nwrite0(io1, &dataptr);
2075 assert(r > 0);
2076 if (r < (int)num)
2077 num = r;
2078 r = BIO_read(io2, dataptr, (int)num);
2079 if (r != (int)num) { /* can't happen */
2080 fprintf(stderr, "ERROR: BIO_read could not read "
2081 "BIO_ctrl_pending() bytes");
2082 goto err;
2083 }
2084 progress = 1;
2085 r = BIO_nwrite(io1, &dataptr, (int)num);
2086 if (r != (int)num) { /* can't happen */
2087 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2088 "BIO_nwrite0() bytes");
2089 goto err;
2090 }
2091
2092 if (debug)
2093 printf((io2 == client_io) ?
2094 "C->S relaying: %d bytes\n" :
2095 "S->C relaying: %d bytes\n", (int)num);
2096 }
2097 } /* no loop, BIO_ctrl_get_read_request now
2098 * returns 0 anyway */
2099
2100 if (!progress && !prev_progress)
2101 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2102 fprintf(stderr, "ERROR: got stuck\n");
2103 fprintf(stderr, " ERROR.\n");
2104 goto err;
2105 }
2106 prev_progress = progress;
2107 }
2108 }
2109 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2110
2111 if (verbose)
2112 print_details(c_ssl, "DONE via BIO pair: ");
2911575c 2113#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2114 if (verify_npn(c_ssl, s_ssl) < 0) {
2115 ret = 1;
2116 goto end;
2117 }
2118#endif
2119 if (verify_serverinfo() < 0) {
2120 fprintf(stderr, "Server info verify error\n");
2121 ret = 1;
2122 goto err;
2123 }
2124 if (verify_alpn(c_ssl, s_ssl) < 0) {
2125 ret = 1;
2126 goto err;
2127 }
2128
2129 if (custom_ext_error) {
2130 fprintf(stderr, "Custom extension error\n");
2131 ret = 1;
2132 goto err;
2133 }
2134
2135 end:
2136 ret = 0;
95d29597
BM		 2137
2138 err:
0f113f3e
MC		 2139 ERR_print_errors(bio_err);
2140
ca3a82c3
RS		 2141 BIO_free(server);
2142 BIO_free(server_io);
2143 BIO_free(client);
2144 BIO_free(client_io);
2145 BIO_free(s_ssl_bio);
2146 BIO_free(c_ssl_bio);
0f113f3e
MC		 2147
2148 return ret;
2149}
2150
2151#define W_READ 1
2152#define W_WRITE 2
2153#define C_DONE 1
2154#define S_DONE 2
d02b48c6 2155
6b691a5c 2156int doit(SSL *s_ssl, SSL *c_ssl, long count)
0f113f3e
MC		 2157{
2158 char *cbuf = NULL, *sbuf = NULL;
2159 long bufsiz;
2160 long cw_num = count, cr_num = count;
2161 long sw_num = count, sr_num = count;
2162 int ret = 1;
2163 BIO *c_to_s = NULL;
2164 BIO *s_to_c = NULL;
2165 BIO *c_bio = NULL;
2166 BIO *s_bio = NULL;
2167 int c_r, c_w, s_r, s_w;
2168 int i, j;
2169 int done = 0;
2170 int c_write, s_write;
2171 int do_server = 0, do_client = 0;
2172 int max_frag = 5 * 1024;
2173
2174 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2175
2176 if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
2177 goto err;
2178 if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
2179 goto err;
2180
2181 memset(cbuf, 0, bufsiz);
2182 memset(sbuf, 0, bufsiz);
2183
2184 c_to_s = BIO_new(BIO_s_mem());
2185 s_to_c = BIO_new(BIO_s_mem());
2186 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2187 ERR_print_errors(bio_err);
2188 goto err;
2189 }
2190
2191 c_bio = BIO_new(BIO_f_ssl());
2192 s_bio = BIO_new(BIO_f_ssl());
2193 if ((c_bio == NULL) || (s_bio == NULL)) {
2194 ERR_print_errors(bio_err);
2195 goto err;
2196 }
2197
2198 SSL_set_connect_state(c_ssl);
2199 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2200 SSL_set_max_send_fragment(c_ssl, max_frag);
2201 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2202
2203 SSL_set_accept_state(s_ssl);
2204 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2205 SSL_set_max_send_fragment(s_ssl, max_frag);
2206 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2207
2208 c_r = 0;
2209 s_r = 1;
2210 c_w = 1;
2211 s_w = 0;
2212 c_write = 1, s_write = 0;
2213
2214 /* We can always do writes */
2215 for (;;) {
2216 do_server = 0;
2217 do_client = 0;
2218
2219 i = (int)BIO_pending(s_bio);
2220 if ((i && s_r) || s_w)
2221 do_server = 1;
2222
2223 i = (int)BIO_pending(c_bio);
2224 if ((i && c_r) || c_w)
2225 do_client = 1;
2226
2227 if (do_server && debug) {
2228 if (SSL_in_init(s_ssl))
2229 printf("server waiting in SSL_accept - %s\n",
2230 SSL_state_string_long(s_ssl));
3a83462d 2231/*-
35a1cc90
MC		 2232 else if (s_write)
2233 printf("server:SSL_write()\n");
2234 else
2235 printf("server:SSL_read()\n"); */
0f113f3e
MC		 2236 }
2237
2238 if (do_client && debug) {
2239 if (SSL_in_init(c_ssl))
2240 printf("client waiting in SSL_connect - %s\n",
2241 SSL_state_string_long(c_ssl));
3a83462d 2242/*-
35a1cc90
MC		 2243 else if (c_write)
2244 printf("client:SSL_write()\n");
2245 else
2246 printf("client:SSL_read()\n"); */
0f113f3e
MC		 2247 }
2248
2249 if (!do_client && !do_server) {
2250 fprintf(stdout, "ERROR IN STARTUP\n");
2251 ERR_print_errors(bio_err);
ae632974 2252 goto err;
0f113f3e
MC		 2253 }
2254 if (do_client && !(done & C_DONE)) {
2255 if (c_write) {
2256 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2257 i = BIO_write(c_bio, cbuf, j);
2258 if (i < 0) {
2259 c_r = 0;
2260 c_w = 0;
2261 if (BIO_should_retry(c_bio)) {
2262 if (BIO_should_read(c_bio))
2263 c_r = 1;
2264 if (BIO_should_write(c_bio))
2265 c_w = 1;
2266 } else {
2267 fprintf(stderr, "ERROR in CLIENT\n");
2268 ERR_print_errors(bio_err);
2269 goto err;
2270 }
2271 } else if (i == 0) {
2272 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2273 goto err;
2274 } else {
2275 if (debug)
2276 printf("client wrote %d\n", i);
2277 /* ok */
2278 s_r = 1;
2279 c_write = 0;
2280 cw_num -= i;
2281 if (max_frag > 1029)
2282 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2283 }
2284 } else {
2285 i = BIO_read(c_bio, cbuf, bufsiz);
2286 if (i < 0) {
2287 c_r = 0;
2288 c_w = 0;
2289 if (BIO_should_retry(c_bio)) {
2290 if (BIO_should_read(c_bio))
2291 c_r = 1;
2292 if (BIO_should_write(c_bio))
2293 c_w = 1;
2294 } else {
2295 fprintf(stderr, "ERROR in CLIENT\n");
2296 ERR_print_errors(bio_err);
2297 goto err;
2298 }
2299 } else if (i == 0) {
2300 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2301 goto err;
2302 } else {
2303 if (debug)
2304 printf("client read %d\n", i);
2305 cr_num -= i;
2306 if (sw_num > 0) {
2307 s_write = 1;
2308 s_w = 1;
2309 }
2310 if (cr_num <= 0) {
2311 s_write = 1;
2312 s_w = 1;
2313 done = S_DONE | C_DONE;
2314 }
2315 }
2316 }
2317 }
2318
2319 if (do_server && !(done & S_DONE)) {
2320 if (!s_write) {
2321 i = BIO_read(s_bio, sbuf, bufsiz);
2322 if (i < 0) {
2323 s_r = 0;
2324 s_w = 0;
2325 if (BIO_should_retry(s_bio)) {
2326 if (BIO_should_read(s_bio))
2327 s_r = 1;
2328 if (BIO_should_write(s_bio))
2329 s_w = 1;
2330 } else {
2331 fprintf(stderr, "ERROR in SERVER\n");
2332 ERR_print_errors(bio_err);
2333 goto err;
2334 }
2335 } else if (i == 0) {
2336 ERR_print_errors(bio_err);
2337 fprintf(stderr,
2338 "SSL SERVER STARTUP FAILED in SSL_read\n");
2339 goto err;
2340 } else {
2341 if (debug)
2342 printf("server read %d\n", i);
2343 sr_num -= i;
2344 if (cw_num > 0) {
2345 c_write = 1;
2346 c_w = 1;
2347 }
2348 if (sr_num <= 0) {
2349 s_write = 1;
2350 s_w = 1;
2351 c_write = 0;
2352 }
2353 }
2354 } else {
2355 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2356 i = BIO_write(s_bio, sbuf, j);
2357 if (i < 0) {
2358 s_r = 0;
2359 s_w = 0;
2360 if (BIO_should_retry(s_bio)) {
2361 if (BIO_should_read(s_bio))
2362 s_r = 1;
2363 if (BIO_should_write(s_bio))
2364 s_w = 1;
2365 } else {
2366 fprintf(stderr, "ERROR in SERVER\n");
2367 ERR_print_errors(bio_err);
2368 goto err;
2369 }
2370 } else if (i == 0) {
2371 ERR_print_errors(bio_err);
2372 fprintf(stderr,
2373 "SSL SERVER STARTUP FAILED in SSL_write\n");
2374 goto err;
2375 } else {
2376 if (debug)
2377 printf("server wrote %d\n", i);
2378 sw_num -= i;
2379 s_write = 0;
2380 c_r = 1;
2381 if (sw_num <= 0)
2382 done |= S_DONE;
2383 if (max_frag > 1029)
2384 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2385 }
2386 }
2387 }
2388
2389 if ((done & S_DONE) && (done & C_DONE))
2390 break;
2391 }
2392
2393 if (verbose)
2394 print_details(c_ssl, "DONE: ");
2911575c 2395#ifndef OPENSSL_NO_NEXTPROTONEG
0f113f3e
MC		 2396 if (verify_npn(c_ssl, s_ssl) < 0) {
2397 ret = 1;
2398 goto err;
2399 }
2400#endif
2401 if (verify_serverinfo() < 0) {
2402 fprintf(stderr, "Server info verify error\n");
2403 ret = 1;
2404 goto err;
2405 }
2406 if (custom_ext_error) {
2407 fprintf(stderr, "Custom extension error\n");
2408 ret = 1;
2409 goto err;
2410 }
2411 ret = 0;
2412 err:
2413 /*
2414 * We have to set the BIO's to NULL otherwise they will be
2415 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2416 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2417 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2418 * SSL_free() automatically BIO_free non NULL entries. You should not
2419 * normally do this or be required to do this
2420 */
2421 if (s_ssl != NULL) {
2422 s_ssl->rbio = NULL;
2423 s_ssl->wbio = NULL;
2424 }
2425 if (c_ssl != NULL) {
2426 c_ssl->rbio = NULL;
2427 c_ssl->wbio = NULL;
2428 }
2429
ca3a82c3
RS		 2430 BIO_free(c_to_s);
2431 BIO_free(s_to_c);
2432 BIO_free_all(c_bio);
2433 BIO_free_all(s_bio);
b548a1f1
RS		 2434 OPENSSL_free(cbuf);
2435 OPENSSL_free(sbuf);
0f113f3e
MC		 2436
2437 return (ret);
2438}
d02b48c6 2439
a7201e9a 2440static int get_proxy_auth_ex_data_idx(void)
0f113f3e
MC		 2441{
2442 static volatile int idx = -1;
2443 if (idx < 0) {
2444 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2445 if (idx < 0) {
2446 idx = X509_STORE_CTX_get_ex_new_index(0,
2447 "SSLtest for verify callback",
2448 NULL, NULL, NULL);
2449 }
2450 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2451 }
2452 return idx;
2453}
a7201e9a 2454
6d23cf97 2455static int verify_callback(int ok, X509_STORE_CTX *ctx)
0f113f3e
MC		 2456{
2457 char *s, buf[256];
2458
2459 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2460 sizeof buf);
2461 if (s != NULL) {
2462 if (ok)
3dca57f8 2463 printf("depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2464 else {
2465 fprintf(stderr, "depth=%d error=%d %s\n",
2466 ctx->error_depth, ctx->error, buf);
2467 }
2468 }
2469
2470 if (ok == 0) {
0f113f3e 2471 switch (ctx->error) {
3dca57f8
RS		 2472 default:
2473 fprintf(stderr, "Error string: %s\n",
2474 X509_verify_cert_error_string(ctx->error));
2475 break;
0f113f3e
MC		 2476 case X509_V_ERR_CERT_NOT_YET_VALID:
2477 case X509_V_ERR_CERT_HAS_EXPIRED:
2478 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
0f113f3e
MC		 2479 ok = 1;
2480 }
2481 }
2482
2483 if (ok == 1) {
2484 X509 *xs = ctx->current_cert;
0f113f3e
MC		 2485 if (xs->ex_flags & EXFLAG_PROXY) {
2486 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2487 get_proxy_auth_ex_data_idx
2488 ());
2489
2490 if (letters) {
2491 int found_any = 0;
2492 int i;
2493 PROXY_CERT_INFO_EXTENSION *pci =
2494 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2495 NULL, NULL);
2496
2497 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2498 case NID_Independent:
2499 /*
2500 * Completely meaningless in this program, as there's no
2501 * way to grant explicit rights to a specific PrC.
2502 * Basically, using id-ppl-Independent is the perfect way
2503 * to grant no rights at all.
2504 */
2505 fprintf(stderr, " Independent proxy certificate");
2506 for (i = 0; i < 26; i++)
2507 letters[i] = 0;
2508 break;
2509 case NID_id_ppl_inheritAll:
2510 /*
2511 * This is basically a NOP, we simply let the current
2512 * rights stand as they are.
2513 */
2514 fprintf(stderr, " Proxy certificate inherits all");
2515 break;
2516 default:
2517 s = (char *)
2518 pci->proxyPolicy->policy->data;
2519 i = pci->proxyPolicy->policy->length;
2520
2521 /*
2522 * The algorithm works as follows: it is assumed that
2523 * previous iterations or the initial granted rights has
2524 * already set some elements of `letters'. What we need
2525 * to do is to clear those that weren't granted by the
2526 * current PrC as well. The easiest way to do this is to
2527 * add 1 to all the elements whose letters are given with
2528 * the current policy. That way, all elements that are
2529 * set by the current policy and were already set by
2530 * earlier policies and through the original grant of
2531 * rights will get the value 2 or higher. The last thing
2532 * to do is to sweep through `letters' and keep the
2533 * elements having the value 2 as set, and clear all the
2534 * others.
2535 */
2536
3dca57f8 2537 printf(" Certificate proxy rights = %*.*s", i,
0f113f3e
MC		 2538 i, s);
2539 while (i-- > 0) {
2540 int c = *s++;
2541 if (isascii(c) && isalpha(c)) {
2542 if (islower(c))
2543 c = toupper(c);
2544 letters[c - 'A']++;
2545 }
2546 }
2547 for (i = 0; i < 26; i++)
2548 if (letters[i] < 2)
2549 letters[i] = 0;
2550 else
2551 letters[i] = 1;
2552 }
2553
2554 found_any = 0;
3dca57f8 2555 printf(", resulting proxy rights = ");
0f113f3e
MC		 2556 for (i = 0; i < 26; i++)
2557 if (letters[i]) {
3dca57f8 2558 printf("%c", i + 'A');
0f113f3e
MC		 2559 found_any = 1;
2560 }
2561 if (!found_any)
3dca57f8
RS		 2562 printf("none");
2563 printf("\n");
0f113f3e
MC		 2564
2565 PROXY_CERT_INFO_EXTENSION_free(pci);
2566 }
2567 }
2568 }
2569
2570 return (ok);
2571}
d02b48c6 2572
a7201e9a 2573static void process_proxy_debug(int indent, const char *format, ...)
0f113f3e
MC		 2574{
2575 /* That's 80 > */
2576 static const char indentation[] =
2577 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2578 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2579 char my_format[256];
2580 va_list args;
2581
2582 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2583 indent, indent, indentation, format);
2584
2585 va_start(args, format);
2586 vfprintf(stderr, my_format, args);
2587 va_end(args);
2588}
2589
1d97c843
TH		 2590/*-
2591 * Priority levels:
0f113f3e
MC		 2592 * 0 [!]var, ()
2593 * 1 & ^
2594 * 2 |
1d97c843 2595 */
a7201e9a 2596static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2597 const char *cond, const char **cond_end,
2598 int *pos, int indent);
2599static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2600 const char **cond_end, int *pos, int indent)
2601{
2602 int c;
2603 int ok = 1;
2604 int negate = 0;
2605
2606 while (isspace((int)*cond)) {
2607 cond++;
2608 (*pos)++;
2609 }
2610 c = *cond;
2611
2612 if (debug)
2613 process_proxy_debug(indent,
2614 "Start process_proxy_cond_val at position %d: %s\n",
2615 *pos, cond);
2616
2617 while (c == '!') {
2618 negate = !negate;
2619 cond++;
2620 (*pos)++;
2621 while (isspace((int)*cond)) {
2622 cond++;
2623 (*pos)++;
2624 }
2625 c = *cond;
2626 }
2627
2628 if (c == '(') {
2629 cond++;
2630 (*pos)++;
2631 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2632 indent + 1);
2633 cond = *cond_end;
2634 if (ok < 0)
2635 goto end;
2636 while (isspace((int)*cond)) {
2637 cond++;
2638 (*pos)++;
2639 }
2640 c = *cond;
2641 if (c != ')') {
2642 fprintf(stderr,
2643 "Weird condition character in position %d: "
2644 "%c\n", *pos, c);
2645 ok = -1;
2646 goto end;
2647 }
2648 cond++;
2649 (*pos)++;
2650 } else if (isascii(c) && isalpha(c)) {
2651 if (islower(c))
2652 c = toupper(c);
2653 ok = letters[c - 'A'];
2654 cond++;
2655 (*pos)++;
2656 } else {
2657 fprintf(stderr,
2658 "Weird condition character in position %d: " "%c\n", *pos, c);
2659 ok = -1;
2660 goto end;
2661 }
a7201e9a 2662 end:
0f113f3e
MC		 2663 *cond_end = cond;
2664 if (ok >= 0 && negate)
2665 ok = !ok;
a7201e9a 2666
0f113f3e
MC		 2667 if (debug)
2668 process_proxy_debug(indent,
2669 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2670 *pos, cond, ok);
2671
2672 return ok;
2673}
a7201e9a 2674
a7201e9a 2675static int process_proxy_cond_multipliers(unsigned int letters[26],
0f113f3e
MC		 2676 const char *cond,
2677 const char **cond_end, int *pos,
2678 int indent)
2679{
2680 int ok;
2681 char c;
2682
2683 if (debug)
2684 process_proxy_debug(indent,
2685 "Start process_proxy_cond_multipliers at position %d: %s\n",
2686 *pos, cond);
2687
2688 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2689 cond = *cond_end;
2690 if (ok < 0)
2691 goto end;
2692
2693 while (ok >= 0) {
2694 while (isspace((int)*cond)) {
2695 cond++;
2696 (*pos)++;
2697 }
2698 c = *cond;
2699
2700 switch (c) {
2701 case '&':
2702 case '^':
2703 {
2704 int save_ok = ok;
2705
2706 cond++;
2707 (*pos)++;
2708 ok = process_proxy_cond_val(letters,
2709 cond, cond_end, pos, indent + 1);
2710 cond = *cond_end;
2711 if (ok < 0)
2712 break;
2713
2714 switch (c) {
2715 case '&':
2716 ok &= save_ok;
2717 break;
2718 case '^':
2719 ok ^= save_ok;
2720 break;
2721 default:
2722 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2723 " STOPPING\n");
2724 EXIT(1);
2725 }
2726 }
2727 break;
2728 default:
2729 goto end;
2730 }
2731 }
a7201e9a 2732 end:
0f113f3e
MC		 2733 if (debug)
2734 process_proxy_debug(indent,
2735 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2736 *pos, cond, ok);
2737
2738 *cond_end = cond;
2739 return ok;
2740}
2741
a7201e9a 2742static int process_proxy_cond_adders(unsigned int letters[26],
0f113f3e
MC		 2743 const char *cond, const char **cond_end,
2744 int *pos, int indent)
2745{
2746 int ok;
2747 char c;
2748
2749 if (debug)
2750 process_proxy_debug(indent,
2751 "Start process_proxy_cond_adders at position %d: %s\n",
2752 *pos, cond);
2753
2754 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2755 indent + 1);
2756 cond = *cond_end;
2757 if (ok < 0)
2758 goto end;
2759
2760 while (ok >= 0) {
2761 while (isspace((int)*cond)) {
2762 cond++;
2763 (*pos)++;
2764 }
2765 c = *cond;
2766
2767 switch (c) {
2768 case '|':
2769 {
2770 int save_ok = ok;
2771
2772 cond++;
2773 (*pos)++;
2774 ok = process_proxy_cond_multipliers(letters,
2775 cond, cond_end, pos,
2776 indent + 1);
2777 cond = *cond_end;
2778 if (ok < 0)
2779 break;
2780
2781 switch (c) {
2782 case '|':
2783 ok |= save_ok;
2784 break;
2785 default:
2786 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2787 " STOPPING\n");
2788 EXIT(1);
2789 }
2790 }
2791 break;
2792 default:
2793 goto end;
2794 }
2795 }
a7201e9a 2796 end:
0f113f3e
MC		 2797 if (debug)
2798 process_proxy_debug(indent,
2799 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2800 *pos, cond, ok);
a7201e9a 2801
0f113f3e
MC		 2802 *cond_end = cond;
2803 return ok;
2804}
a7201e9a
RL		 2805
2806static int process_proxy_cond(unsigned int letters[26],
0f113f3e
MC		 2807 const char *cond, const char **cond_end)
2808{
2809 int pos = 1;
2810 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2811}
a7201e9a 2812
6d23cf97 2813static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
0f113f3e
MC		 2814{
2815 int ok = 1;
2816 struct app_verify_arg *cb_arg = arg;
2817 unsigned int letters[26]; /* only used with proxy_auth */
2818
2819 if (cb_arg->app_verify) {
2820 char *s = NULL, buf[256];
2821
3dca57f8
RS		 2822 printf("In app_verify_callback, allowing cert. ");
2823 printf("Arg is: %s\n", cb_arg->string);
2824 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
0f113f3e
MC		 2825 (void *)ctx, (void *)ctx->cert);
2826 if (ctx->cert)
2827 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
2828 if (s != NULL) {
3dca57f8 2829 printf("cert depth=%d %s\n", ctx->error_depth, buf);
0f113f3e
MC		 2830 }
2831 return (1);
2832 }
2833 if (cb_arg->proxy_auth) {
2834 int found_any = 0, i;
2835 char *sp;
2836
2837 for (i = 0; i < 26; i++)
2838 letters[i] = 0;
2839 for (sp = cb_arg->proxy_auth; *sp; sp++) {
2840 int c = *sp;
2841 if (isascii(c) && isalpha(c)) {
2842 if (islower(c))
2843 c = toupper(c);
2844 letters[c - 'A'] = 1;
2845 }
2846 }
2847
3dca57f8 2848 printf(" Initial proxy rights = ");
0f113f3e
MC		 2849 for (i = 0; i < 26; i++)
2850 if (letters[i]) {
3dca57f8 2851 printf("%c", i + 'A');
0f113f3e
MC		 2852 found_any = 1;
2853 }
2854 if (!found_any)
3dca57f8
RS		 2855 printf("none");
2856 printf("\n");
0f113f3e
MC		 2857
2858 X509_STORE_CTX_set_ex_data(ctx,
2859 get_proxy_auth_ex_data_idx(), letters);
2860 }
2861 if (cb_arg->allow_proxy_certs) {
2862 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2863 }
0f113f3e 2864 ok = X509_verify_cert(ctx);
0f113f3e
MC		 2865
2866 if (cb_arg->proxy_auth) {
2867 if (ok > 0) {
2868 const char *cond_end = NULL;
2869
2870 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
2871
2872 if (ok < 0)
2873 EXIT(3);
2874 if (*cond_end) {
2875 fprintf(stderr,
2876 "Stopped processing condition before it's end.\n");
2877 ok = 0;
2878 }
2879 if (!ok)
2880 fprintf(stderr,
3dca57f8 2881 "Proxy rights check with condition '%s' invalid\n",
0f113f3e
MC		 2882 cb_arg->proxy_cond);
2883 else
3dca57f8 2884 printf("Proxy rights check with condition '%s' ok\n",
0f113f3e
MC		 2885 cb_arg->proxy_cond);
2886 }
2887 }
2888 return (ok);
2889}
023ec151 2890
bc36ee62 2891#ifndef OPENSSL_NO_RSA
0f113f3e 2892static RSA *rsa_tmp = NULL;
46b3bd54 2893
6d23cf97 2894static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
0f113f3e
MC		 2895{
2896 BIGNUM *bn = NULL;
2897 if (rsa_tmp == NULL) {
2898 bn = BN_new();
2899 rsa_tmp = RSA_new();
2900 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
2901 BIO_printf(bio_err, "Memory error...");
2902 goto end;
2903 }
3dca57f8 2904 printf("Generating temp (%d bit) RSA key...", keylength);
0f113f3e
MC		 2905 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2906 BIO_printf(bio_err, "Error generating key.");
2907 RSA_free(rsa_tmp);
2908 rsa_tmp = NULL;
2909 }
2910 end:
3dca57f8 2911 printf("\n");
0f113f3e 2912 }
23a1d5e9 2913 BN_free(bn);
0f113f3e
MC		 2914 return (rsa_tmp);
2915}
46b3bd54
BM		 2916
2917static void free_tmp_rsa(void)
0f113f3e 2918{
d6407083
RS		 2919 RSA_free(rsa_tmp);
2920 rsa_tmp = NULL;
0f113f3e 2921}
79df9d62 2922#endif
53002dc6 2923
bc36ee62 2924#ifndef OPENSSL_NO_DH
1d97c843
TH		 2925/*-
2926 * These DH parameters have been generated as follows:
e4589582
BM		 2927 * $ openssl dhparam -C -noout 512
2928 * $ openssl dhparam -C -noout 1024
2929 * $ openssl dhparam -C -noout -dsaparam 1024
2930 * (The third function has been renamed to avoid name conflicts.)
2931 */
f3f316f1 2932static DH *get_dh512()
0f113f3e
MC		 2933{
2934 static unsigned char dh512_p[] = {
2935 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2936 0xC6,
2937 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2938 0xB0,
2939 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2940 0x5F,
2941 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2942 0xB8,
2943 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2944 0x33,
2945 0x02, 0xC5, 0xAE, 0x23,
2946 };
2947 static unsigned char dh512_g[] = {
2948 0x02,
2949 };
2950 DH *dh;
2951
2952 if ((dh = DH_new()) == NULL)
2953 return (NULL);
2954 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2955 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2956 if ((dh->p == NULL) || (dh->g == NULL)) {
2957 DH_free(dh);
2958 return (NULL);
2959 }
2960 return (dh);
2961}
e4589582 2962
f3f316f1 2963static DH *get_dh1024()
0f113f3e
MC		 2964{
2965 static unsigned char dh1024_p[] = {
2966 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
2967 0x3A,
2968 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
2969 0xA2,
2970 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
2971 0xB0,
2972 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
2973 0xC2,
2974 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
2975 0x8C,
2976 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
2977 0xB8,
2978 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
2979 0x52,
2980 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
2981 0xC1,
2982 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
2983 0xB1,
2984 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
2985 0xAB,
2986 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
2987 };
2988 static unsigned char dh1024_g[] = {
2989 0x02,
2990 };
2991 DH *dh;
2992
2993 if ((dh = DH_new()) == NULL)
2994 return (NULL);
2995 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2996 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2997 if ((dh->p == NULL) || (dh->g == NULL)) {
2998 DH_free(dh);
2999 return (NULL);
3000 }
3001 return (dh);
3002}
53002dc6 3003
f3f316f1 3004static DH *get_dh1024dsa()
0f113f3e
MC		 3005{
3006 static unsigned char dh1024_p[] = {
3007 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3008 0x00,
3009 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3010 0x19,
3011 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3012 0xD2,
3013 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3014 0x55,
3015 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3016 0xFC,
3017 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3018 0x97,
3019 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3020 0x8D,
3021 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3022 0xBB,
3023 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3024 0xF6,
3025 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3026 0x9E,
3027 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3028 };
3029 static unsigned char dh1024_g[] = {
3030 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3031 0x05,
3032 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3033 0xF3,
3034 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3035 0xE9,
3036 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3037 0x3C,
3038 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3039 0x65,
3040 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3041 0x60,
3042 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3043 0xF6,
3044 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3045 0xA7,
3046 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3047 0xA1,
3048 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3049 0x60,
3050 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3051 };
3052 DH *dh;
3053
3054 if ((dh = DH_new()) == NULL)
3055 return (NULL);
3056 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3057 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3058 if ((dh->p == NULL) || (dh->g == NULL)) {
3059 DH_free(dh);
3060 return (NULL);
3061 }
3062 dh->length = 160;
3063 return (dh);
3064}
f71165b5 3065#endif
6e119bb0 3066
ddac1974
NL		 3067#ifndef OPENSSL_NO_PSK
3068/* convert the PSK key (psk_key) in ascii to binary (psk) */
3069static int psk_key2bn(const char *pskkey, unsigned char *psk,
0f113f3e
MC		 3070 unsigned int max_psk_len)
3071{
3072 int ret;
3073 BIGNUM *bn = NULL;
3074
3075 ret = BN_hex2bn(&bn, pskkey);
3076 if (!ret) {
3077 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3078 pskkey);
23a1d5e9 3079 BN_free(bn);
0f113f3e
MC		 3080 return 0;
3081 }
3082 if (BN_num_bytes(bn) > (int)max_psk_len) {
3083 BIO_printf(bio_err,
3084 "psk buffer of callback is too small (%d) for key (%d)\n",
3085 max_psk_len, BN_num_bytes(bn));
3086 BN_free(bn);
3087 return 0;
3088 }
3089 ret = BN_bn2bin(bn, psk);
3090 BN_free(bn);
3091 return ret;
3092}
3093
3094static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3095 char *identity,
3096 unsigned int max_identity_len,
3097 unsigned char *psk,
3098 unsigned int max_psk_len)
3099{
3100 int ret;
3101 unsigned int psk_len = 0;
3102
3103 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3104 if (ret < 0)
3105 goto out_err;
3106 if (debug)
3107 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3108 ret);
3109 ret = psk_key2bn(psk_key, psk, max_psk_len);
3110 if (ret < 0)
3111 goto out_err;
3112 psk_len = ret;
3113 out_err:
3114 return psk_len;
3115}
ddac1974
NL		 3116
3117static unsigned int psk_server_callback(SSL *ssl, const char *identity,
0f113f3e
MC		 3118 unsigned char *psk,
3119 unsigned int max_psk_len)
3120{
3121 unsigned int psk_len = 0;
ddac1974 3122
0f113f3e
MC		 3123 if (strcmp(identity, "Client_identity") != 0) {
3124 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3125 return 0;
3126 }
3127 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3128 return psk_len;
3129}
ddac1974
NL		 3130#endif
3131
6e119bb0 3132static int do_test_cipherlist(void)
0f113f3e
MC		 3133{
3134 int i = 0;
3135 const SSL_METHOD *meth;
3136 const SSL_CIPHER *ci, *tci = NULL;
6e119bb0 3137
00fe865d 3138#ifndef OPENSSL_NO_SSL3
0f113f3e
MC		 3139 meth = SSLv3_method();
3140 tci = NULL;
3141 while ((ci = meth->get_cipher(i++)) != NULL) {
3142 if (tci != NULL)
3143 if (ci->id >= tci->id) {
3dca57f8 3144 fprintf(stderr, "testing SSLv3 cipher list order: ");
0f113f3e
MC		 3145 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3146 return 0;
3147 }
3148 tci = ci;
3149 }
00fe865d 3150#endif
0f113f3e
MC		 3151 meth = TLSv1_method();
3152 tci = NULL;
3153 while ((ci = meth->get_cipher(i++)) != NULL) {
3154 if (tci != NULL)
3155 if (ci->id >= tci->id) {
3dca57f8 3156 fprintf(stderr, "testing TLSv1 cipher list order: ");
0f113f3e
MC		 3157 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3158 return 0;
3159 }
3160 tci = ci;
3161 }
0f113f3e
MC		 3162
3163 return 1;
3164}
A mirror of the official openssl repository