]> git.ipfire.org Git - thirdparty/openssl.git/blame_incremental - test/ssltest_old.c
projects / thirdparty / openssl.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
BIO: respect opening in text mode
[thirdparty/openssl.git] / test / ssltest_old.c
... / ...
CommitLineData
1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
56 */
57/* ====================================================================
58 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
59 *
60 * Redistribution and use in source and binary forms, with or without
61 * modification, are permitted provided that the following conditions
62 * are met:
63 *
64 * 1. Redistributions of source code must retain the above copyright
65 * notice, this list of conditions and the following disclaimer.
66 *
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in
69 * the documentation and/or other materials provided with the
70 * distribution.
71 *
72 * 3. All advertising materials mentioning features or use of this
73 * software must display the following acknowledgment:
74 * "This product includes software developed by the OpenSSL Project
75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
76 *
77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78 * endorse or promote products derived from this software without
79 * prior written permission. For written permission, please contact
80 * openssl-core@openssl.org.
81 *
82 * 5. Products derived from this software may not be called "OpenSSL"
83 * nor may "OpenSSL" appear in their names without prior written
84 * permission of the OpenSSL Project.
85 *
86 * 6. Redistributions of any form whatsoever must retain the following
87 * acknowledgment:
88 * "This product includes software developed by the OpenSSL Project
89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
90 *
91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102 * OF THE POSSIBILITY OF SUCH DAMAGE.
103 * ====================================================================
104 *
105 * This product includes cryptographic software written by Eric Young
106 * (eay@cryptsoft.com). This product includes software written by Tim
107 * Hudson (tjh@cryptsoft.com).
108 *
109 */
110/* ====================================================================
111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112 * ECC cipher suite support in OpenSSL originally developed by
113 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
114 */
115/* ====================================================================
116 * Copyright 2005 Nokia. All rights reserved.
117 *
118 * The portions of the attached software ("Contribution") is developed by
119 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
120 * license.
121 *
122 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124 * support (see RFC 4279) to OpenSSL.
125 *
126 * No patent licenses or other rights except those expressly stated in
127 * the OpenSSL open source license shall be deemed granted or received
128 * expressly, by implication, estoppel, or otherwise.
129 *
130 * No assurances are provided by Nokia that the Contribution does not
131 * infringe the patent or other intellectual property rights of any third
132 * party or that the license provides you with all the necessary rights
133 * to make use of the Contribution.
134 *
135 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
139 * OTHERWISE.
140 */
141
142/* Or gethostname won't be declared properly on Linux and GNU platforms. */
143#define _BSD_SOURCE 1
144#define _DEFAULT_SOURCE 1
145
146#include <assert.h>
147#include <errno.h>
148#include <limits.h>
149#include <stdio.h>
150#include <stdlib.h>
151#include <string.h>
152#include <time.h>
153
154#define USE_SOCKETS
155#include "e_os.h"
156
157#ifdef OPENSSL_SYS_VMS
158/*
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
160 */
161# define _XOPEN_SOURCE 500
162#endif
163
164#include <ctype.h>
165
166#include <openssl/bio.h>
167#include <openssl/crypto.h>
168#include <openssl/evp.h>
169#include <openssl/x509.h>
170#include <openssl/x509v3.h>
171#include <openssl/ssl.h>
172#ifndef OPENSSL_NO_ENGINE
173# include <openssl/engine.h>
174#endif
175#include <openssl/err.h>
176#include <openssl/rand.h>
177#ifndef OPENSSL_NO_RSA
178# include <openssl/rsa.h>
179#endif
180#ifndef OPENSSL_NO_DSA
181# include <openssl/dsa.h>
182#endif
183#ifndef OPENSSL_NO_DH
184# include <openssl/dh.h>
185#endif
186#ifndef OPENSSL_NO_SRP
187# include <openssl/srp.h>
188#endif
189#include <openssl/bn.h>
190#ifndef OPENSSL_NO_CT
191# include <openssl/ct.h>
192#endif
193
194#include "internal/threads.h"
195#include "../ssl/ssl_locl.h"
196
197/*
198 * Or gethostname won't be declared properly
199 * on Compaq platforms (at least with DEC C).
200 * Do not try to put it earlier, or IPv6 includes
201 * get screwed...
202 */
203#define _XOPEN_SOURCE_EXTENDED 1
204
205#ifdef OPENSSL_SYS_WINDOWS
206# include <winsock.h>
207#else
208# include OPENSSL_UNISTD
209#endif
210
211static SSL_CTX *s_ctx = NULL;
212static SSL_CTX *s_ctx2 = NULL;
213
214/*
215 * There is really no standard for this, so let's assign something
216 * only for this test
217 */
218#define COMP_ZLIB 1
219
220static int verify_callback(int ok, X509_STORE_CTX *ctx);
221static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
222#define APP_CALLBACK_STRING "Test Callback Argument"
223struct app_verify_arg {
224 char *string;
225 int app_verify;
226 int allow_proxy_certs;
227 char *proxy_auth;
228 char *proxy_cond;
229};
230
231#ifndef OPENSSL_NO_DH
232static DH *get_dh512(void);
233static DH *get_dh1024(void);
234static DH *get_dh1024dsa(void);
235#endif
236
237static char *psk_key = NULL; /* by default PSK is not used */
238#ifndef OPENSSL_NO_PSK
239static unsigned int psk_client_callback(SSL *ssl, const char *hint,
240 char *identity,
241 unsigned int max_identity_len,
242 unsigned char *psk,
243 unsigned int max_psk_len);
244static unsigned int psk_server_callback(SSL *ssl, const char *identity,
245 unsigned char *psk,
246 unsigned int max_psk_len);
247#endif
248
249#ifndef OPENSSL_NO_SRP
250/* SRP client */
251/* This is a context that we pass to all callbacks */
252typedef struct srp_client_arg_st {
253 char *srppassin;
254 char *srplogin;
255} SRP_CLIENT_ARG;
256
257# define PWD_STRLEN 1024
258
259static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
260{
261 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
262 return OPENSSL_strdup((char *)srp_client_arg->srppassin);
263}
264
265/* SRP server */
266/* This is a context that we pass to SRP server callbacks */
267typedef struct srp_server_arg_st {
268 char *expected_user;
269 char *pass;
270} SRP_SERVER_ARG;
271
272static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
273{
274 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
275
276 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
277 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
278 return SSL3_AL_FATAL;
279 }
280 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
281 *ad = SSL_AD_INTERNAL_ERROR;
282 return SSL3_AL_FATAL;
283 }
284 return SSL_ERROR_NONE;
285}
286#endif
287
288static BIO *bio_err = NULL;
289static BIO *bio_stdout = NULL;
290
291#ifndef OPENSSL_NO_NEXTPROTONEG
292/* Note that this code assumes that this is only a one element list: */
293static const char NEXT_PROTO_STRING[] = "\x09testproto";
294static int npn_client = 0;
295static int npn_server = 0;
296static int npn_server_reject = 0;
297
298static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
299 const unsigned char *in, unsigned int inlen,
300 void *arg)
301{
302 /*
303 * This callback only returns the protocol string, rather than a length
304 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
305 * and remove the first byte to chop off the length prefix.
306 */
307 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
308 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
309 return SSL_TLSEXT_ERR_OK;
310}
311
312static int cb_server_npn(SSL *s, const unsigned char **data,
313 unsigned int *len, void *arg)
314{
315 *data = (const unsigned char *)NEXT_PROTO_STRING;
316 *len = sizeof(NEXT_PROTO_STRING) - 1;
317 return SSL_TLSEXT_ERR_OK;
318}
319
320static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
321 unsigned int *len, void *arg)
322{
323 return SSL_TLSEXT_ERR_NOACK;
324}
325
326static int verify_npn(SSL *client, SSL *server)
327{
328 const unsigned char *client_s;
329 unsigned client_len;
330 const unsigned char *server_s;
331 unsigned server_len;
332
333 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
334 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
335
336 if (client_len) {
337 BIO_printf(bio_stdout, "Client NPN: ");
338 BIO_write(bio_stdout, client_s, client_len);
339 BIO_printf(bio_stdout, "\n");
340 }
341
342 if (server_len) {
343 BIO_printf(bio_stdout, "Server NPN: ");
344 BIO_write(bio_stdout, server_s, server_len);
345 BIO_printf(bio_stdout, "\n");
346 }
347
348 /*
349 * If an NPN string was returned, it must be the protocol that we
350 * expected to negotiate.
351 */
352 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
353 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
354 return -1;
355 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
356 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
357 return -1;
358
359 if (!npn_client && client_len)
360 return -1;
361 if (!npn_server && server_len)
362 return -1;
363 if (npn_server_reject && server_len)
364 return -1;
365 if (npn_client && npn_server && (!client_len || !server_len))
366 return -1;
367
368 return 0;
369}
370#endif
371
372static const char *alpn_client;
373static char *alpn_server;
374static char *alpn_server2;
375static const char *alpn_expected;
376static unsigned char *alpn_selected;
377static const char *server_min_proto;
378static const char *server_max_proto;
379static const char *client_min_proto;
380static const char *client_max_proto;
381static const char *should_negotiate;
382static const char *sn_client;
383static const char *sn_server1;
384static const char *sn_server2;
385static int sn_expect = 0;
386static const char *server_sess_out;
387static const char *server_sess_in;
388static const char *client_sess_out;
389static const char *client_sess_in;
390static SSL_SESSION *server_sess;
391static SSL_SESSION *client_sess;
392
393static int servername_cb(SSL *s, int *ad, void *arg)
394{
395 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
396 if (sn_server2 == NULL) {
397 BIO_printf(bio_stdout, "Servername 2 is NULL\n");
398 return SSL_TLSEXT_ERR_NOACK;
399 }
400
401 if (servername) {
402 if (s_ctx2 != NULL && sn_server2 != NULL &&
403 !strcasecmp(servername, sn_server2)) {
404 BIO_printf(bio_stdout, "Switching server context.\n");
405 SSL_set_SSL_CTX(s, s_ctx2);
406 }
407 }
408 return SSL_TLSEXT_ERR_OK;
409}
410static int verify_servername(SSL *client, SSL *server)
411{
412 /* just need to see if sn_context is what we expect */
413 SSL_CTX* ctx = SSL_get_SSL_CTX(server);
414 if (sn_expect == 0)
415 return 0;
416 if (sn_expect == 1 && ctx == s_ctx)
417 return 0;
418 if (sn_expect == 2 && ctx == s_ctx2)
419 return 0;
420 BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect);
421 if (ctx == s_ctx2)
422 BIO_printf(bio_stdout, "Servername: context is 2\n");
423 else if (ctx == s_ctx)
424 BIO_printf(bio_stdout, "Servername: context is 1\n");
425 else
426 BIO_printf(bio_stdout, "Servername: context is unknown\n");
427 return -1;
428}
429
430
431/*-
432 * next_protos_parse parses a comma separated list of strings into a string
433 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
434 * outlen: (output) set to the length of the resulting buffer on success.
435 * err: (maybe NULL) on failure, an error message line is written to this BIO.
436 * in: a NUL terminated string like "abc,def,ghi"
437 *
438 * returns: a malloced buffer or NULL on failure.
439 */
440static unsigned char *next_protos_parse(size_t *outlen,
441 const char *in)
442{
443 size_t len;
444 unsigned char *out;
445 size_t i, start = 0;
446
447 len = strlen(in);
448 if (len >= 65535)
449 return NULL;
450
451 out = OPENSSL_malloc(strlen(in) + 1);
452 if (!out)
453 return NULL;
454
455 for (i = 0; i <= len; ++i) {
456 if (i == len || in[i] == ',') {
457 if (i - start > 255) {
458 OPENSSL_free(out);
459 return NULL;
460 }
461 out[start] = i - start;
462 start = i + 1;
463 } else
464 out[i + 1] = in[i];
465 }
466
467 *outlen = len + 1;
468 return out;
469}
470
471static int cb_server_alpn(SSL *s, const unsigned char **out,
472 unsigned char *outlen, const unsigned char *in,
473 unsigned int inlen, void *arg)
474{
475 unsigned char *protos;
476 size_t protos_len;
477 char* alpn_str = arg;
478
479 protos = next_protos_parse(&protos_len, alpn_str);
480 if (protos == NULL) {
481 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
482 alpn_str);
483 abort();
484 }
485
486 if (SSL_select_next_proto
487 ((unsigned char **)out, outlen, protos, protos_len, in,
488 inlen) != OPENSSL_NPN_NEGOTIATED) {
489 OPENSSL_free(protos);
490 return SSL_TLSEXT_ERR_NOACK;
491 }
492
493 /*
494 * Make a copy of the selected protocol which will be freed in
495 * verify_alpn.
496 */
497 alpn_selected = OPENSSL_malloc(*outlen);
498 memcpy(alpn_selected, *out, *outlen);
499 *out = alpn_selected;
500
501 OPENSSL_free(protos);
502 return SSL_TLSEXT_ERR_OK;
503}
504
505static int verify_alpn(SSL *client, SSL *server)
506{
507 const unsigned char *client_proto, *server_proto;
508 unsigned int client_proto_len = 0, server_proto_len = 0;
509 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
510 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
511
512 OPENSSL_free(alpn_selected);
513 alpn_selected = NULL;
514
515 if (client_proto_len != server_proto_len) {
516 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
517 goto err;
518 }
519
520 if (client_proto != NULL &&
521 memcmp(client_proto, server_proto, client_proto_len) != 0) {
522 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
523 goto err;
524 }
525
526 if (client_proto_len > 0 && alpn_expected == NULL) {
527 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
528 goto err;
529 }
530
531 if (alpn_expected != NULL &&
532 (client_proto_len != strlen(alpn_expected) ||
533 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
534 BIO_printf(bio_stdout,
535 "ALPN selected protocols not equal to expected protocol: %s\n",
536 alpn_expected);
537 goto err;
538 }
539
540 return 0;
541
542 err:
543 BIO_printf(bio_stdout, "ALPN results: client: '");
544 BIO_write(bio_stdout, client_proto, client_proto_len);
545 BIO_printf(bio_stdout, "', server: '");
546 BIO_write(bio_stdout, server_proto, server_proto_len);
547 BIO_printf(bio_stdout, "'\n");
548 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '",
549 alpn_client);
550 if (SSL_get_SSL_CTX(server) == s_ctx2) {
551 BIO_printf(bio_stdout, "%s'\n",
552 alpn_server2);
553 } else {
554 BIO_printf(bio_stdout, "%s'\n",
555 alpn_server);
556 }
557 return -1;
558}
559
560/*
561 * WARNING : below extension types are *NOT* IETF assigned, and could
562 * conflict if these types are reassigned and handled specially by OpenSSL
563 * in the future
564 */
565#define TACK_EXT_TYPE 62208
566#define CUSTOM_EXT_TYPE_0 1000
567#define CUSTOM_EXT_TYPE_1 1001
568#define CUSTOM_EXT_TYPE_2 1002
569#define CUSTOM_EXT_TYPE_3 1003
570
571static const char custom_ext_cli_string[] = "abc";
572static const char custom_ext_srv_string[] = "defg";
573
574/* These set from cmdline */
575static char *serverinfo_file = NULL;
576static int serverinfo_sct = 0;
577static int serverinfo_tack = 0;
578
579/* These set based on extension callbacks */
580static int serverinfo_sct_seen = 0;
581static int serverinfo_tack_seen = 0;
582static int serverinfo_other_seen = 0;
583
584/* This set from cmdline */
585static int custom_ext = 0;
586
587/* This set based on extension callbacks */
588static int custom_ext_error = 0;
589
590static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
591 const unsigned char *in, size_t inlen,
592 int *al, void *arg)
593{
594 if (ext_type == TLSEXT_TYPE_signed_certificate_timestamp)
595 serverinfo_sct_seen++;
596 else if (ext_type == TACK_EXT_TYPE)
597 serverinfo_tack_seen++;
598 else
599 serverinfo_other_seen++;
600 return 1;
601}
602
603static int verify_serverinfo()
604{
605 if (serverinfo_sct != serverinfo_sct_seen)
606 return -1;
607 if (serverinfo_tack != serverinfo_tack_seen)
608 return -1;
609 if (serverinfo_other_seen)
610 return -1;
611 return 0;
612}
613
614/*-
615 * Four test cases for custom extensions:
616 * 0 - no ClientHello extension or ServerHello response
617 * 1 - ClientHello with "abc", no response
618 * 2 - ClientHello with "abc", empty response
619 * 3 - ClientHello with "abc", "defg" response
620 */
621
622static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
623 const unsigned char **out,
624 size_t *outlen, int *al, void *arg)
625{
626 if (ext_type != CUSTOM_EXT_TYPE_0)
627 custom_ext_error = 1;
628 return 0; /* Don't send an extension */
629}
630
631static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
632 const unsigned char *in,
633 size_t inlen, int *al, void *arg)
634{
635 return 1;
636}
637
638static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
639 const unsigned char **out,
640 size_t *outlen, int *al, void *arg)
641{
642 if (ext_type != CUSTOM_EXT_TYPE_1)
643 custom_ext_error = 1;
644 *out = (const unsigned char *)custom_ext_cli_string;
645 *outlen = strlen(custom_ext_cli_string);
646 return 1; /* Send "abc" */
647}
648
649static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
650 const unsigned char *in,
651 size_t inlen, int *al, void *arg)
652{
653 return 1;
654}
655
656static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
657 const unsigned char **out,
658 size_t *outlen, int *al, void *arg)
659{
660 if (ext_type != CUSTOM_EXT_TYPE_2)
661 custom_ext_error = 1;
662 *out = (const unsigned char *)custom_ext_cli_string;
663 *outlen = strlen(custom_ext_cli_string);
664 return 1; /* Send "abc" */
665}
666
667static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
668 const unsigned char *in,
669 size_t inlen, int *al, void *arg)
670{
671 if (ext_type != CUSTOM_EXT_TYPE_2)
672 custom_ext_error = 1;
673 if (inlen != 0)
674 custom_ext_error = 1; /* Should be empty response */
675 return 1;
676}
677
678static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
679 const unsigned char **out,
680 size_t *outlen, int *al, void *arg)
681{
682 if (ext_type != CUSTOM_EXT_TYPE_3)
683 custom_ext_error = 1;
684 *out = (const unsigned char *)custom_ext_cli_string;
685 *outlen = strlen(custom_ext_cli_string);
686 return 1; /* Send "abc" */
687}
688
689static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
690 const unsigned char *in,
691 size_t inlen, int *al, void *arg)
692{
693 if (ext_type != CUSTOM_EXT_TYPE_3)
694 custom_ext_error = 1;
695 if (inlen != strlen(custom_ext_srv_string))
696 custom_ext_error = 1;
697 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
698 custom_ext_error = 1; /* Check for "defg" */
699 return 1;
700}
701
702/*
703 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
704 * for this extension
705 */
706static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
707 const unsigned char *in,
708 size_t inlen, int *al, void *arg)
709{
710 custom_ext_error = 1;
711 return 1;
712}
713
714/* 'add' callbacks are only called if the 'parse' callback is called */
715static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
716 const unsigned char **out,
717 size_t *outlen, int *al, void *arg)
718{
719 /* Error: should not have been called */
720 custom_ext_error = 1;
721 return 0; /* Don't send an extension */
722}
723
724static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
725 const unsigned char *in,
726 size_t inlen, int *al, void *arg)
727{
728 if (ext_type != CUSTOM_EXT_TYPE_1)
729 custom_ext_error = 1;
730 /* Check for "abc" */
731 if (inlen != strlen(custom_ext_cli_string))
732 custom_ext_error = 1;
733 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
734 custom_ext_error = 1;
735 return 1;
736}
737
738static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
739 const unsigned char **out,
740 size_t *outlen, int *al, void *arg)
741{
742 return 0; /* Don't send an extension */
743}
744
745static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
746 const unsigned char *in,
747 size_t inlen, int *al, void *arg)
748{
749 if (ext_type != CUSTOM_EXT_TYPE_2)
750 custom_ext_error = 1;
751 /* Check for "abc" */
752 if (inlen != strlen(custom_ext_cli_string))
753 custom_ext_error = 1;
754 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
755 custom_ext_error = 1;
756 return 1;
757}
758
759static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
760 const unsigned char **out,
761 size_t *outlen, int *al, void *arg)
762{
763 *out = NULL;
764 *outlen = 0;
765 return 1; /* Send empty extension */
766}
767
768static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
769 const unsigned char *in,
770 size_t inlen, int *al, void *arg)
771{
772 if (ext_type != CUSTOM_EXT_TYPE_3)
773 custom_ext_error = 1;
774 /* Check for "abc" */
775 if (inlen != strlen(custom_ext_cli_string))
776 custom_ext_error = 1;
777 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
778 custom_ext_error = 1;
779 return 1;
780}
781
782static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
783 const unsigned char **out,
784 size_t *outlen, int *al, void *arg)
785{
786 *out = (const unsigned char *)custom_ext_srv_string;
787 *outlen = strlen(custom_ext_srv_string);
788 return 1; /* Send "defg" */
789}
790
791static char *cipher = NULL;
792static int verbose = 0;
793static int debug = 0;
794static const char rnd_seed[] =
795 "string to make the random number generator think it has entropy";
796
797int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family,
798 long bytes, clock_t *s_time, clock_t *c_time);
799int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
800 clock_t *c_time);
801int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
802static int do_test_cipherlist(void);
803
804static void sv_usage(void)
805{
806 fprintf(stderr, "usage: ssltest [args ...]\n");
807 fprintf(stderr, "\n");
808#ifdef OPENSSL_FIPS
809 fprintf(stderr, "-F - run test in FIPS mode\n");
810#endif
811 fprintf(stderr, " -server_auth - check server certificate\n");
812 fprintf(stderr, " -client_auth - do client authentication\n");
813 fprintf(stderr, " -proxy - allow proxy certificates\n");
814 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
815 fprintf(stderr,
816 " -proxy_cond <val> - expression to test proxy policy rights\n");
817 fprintf(stderr, " -v - more output\n");
818 fprintf(stderr, " -d - debug output\n");
819 fprintf(stderr, " -reuse - use session-id reuse\n");
820 fprintf(stderr, " -num <val> - number of connections to perform\n");
821 fprintf(stderr,
822 " -bytes <val> - number of bytes to swap between client/server\n");
823#ifndef OPENSSL_NO_DH
824 fprintf(stderr,
825 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
826 fprintf(stderr,
827 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
828 fprintf(stderr,
829 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
830 fprintf(stderr, " -no_dhe - disable DHE\n");
831#endif
832#ifndef OPENSSL_NO_EC
833 fprintf(stderr, " -no_ecdhe - disable ECDHE\nTODO(openssl-team): no_ecdhe was broken by auto ecdh. Make this work again.\n");
834#endif
835#ifndef OPENSSL_NO_PSK
836 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
837#endif
838#ifndef OPENSSL_NO_SRP
839 fprintf(stderr, " -srpuser user - SRP username to use\n");
840 fprintf(stderr, " -srppass arg - password for 'user'\n");
841#endif
842#ifndef OPENSSL_NO_SSL3
843 fprintf(stderr, " -ssl3 - use SSLv3\n");
844#endif
845#ifndef OPENSSL_NO_TLS1
846 fprintf(stderr, " -tls1 - use TLSv1\n");
847#endif
848#ifndef OPENSSL_NO_DTLS
849 fprintf(stderr, " -dtls - use DTLS\n");
850#ifndef OPENSSL_NO_DTLS1
851 fprintf(stderr, " -dtls1 - use DTLSv1\n");
852#endif
853#ifndef OPENSSL_NO_DTLS1_2
854 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
855#endif
856#endif
857 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
858 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
859 fprintf(stderr, " -cert arg - Server certificate file\n");
860 fprintf(stderr,
861 " -key arg - Server key file (default: same as -cert)\n");
862 fprintf(stderr, " -c_cert arg - Client certificate file\n");
863 fprintf(stderr,
864 " -c_key arg - Client key file (default: same as -c_cert)\n");
865 fprintf(stderr, " -cipher arg - The cipher list\n");
866 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
867 fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n");
868 fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n");
869 fprintf(stderr, " -f - Test even cases that can't work\n");
870 fprintf(stderr,
871 " -time - measure processor time used by client and server\n");
872 fprintf(stderr, " -zlib - use zlib compression\n");
873 fprintf(stderr,
874 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
875 " When this option is requested, the cipherlist\n"
876 " tests are run instead of handshake tests.\n");
877#ifndef OPENSSL_NO_NEXTPROTONEG
878 fprintf(stderr, " -npn_client - have client side offer NPN\n");
879 fprintf(stderr, " -npn_server - have server side offer NPN\n");
880 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
881#endif
882 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
883 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
884 fprintf(stderr,
885 " -serverinfo_tack - have client offer and expect TACK\n");
886 fprintf(stderr,
887 " -custom_ext - try various custom extension callbacks\n");
888 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
889 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
890 fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n");
891 fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n");
892 fprintf(stderr,
893 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
894 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n");
895 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n");
896 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n");
897 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n");
898 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n");
899#ifndef OPENSSL_NO_CT
900 fprintf(stderr, " -noct - no certificate transparency\n");
901 fprintf(stderr, " -requestct - request certificate transparency\n");
902 fprintf(stderr, " -requirect - require certificate transparency\n");
903#endif
904 fprintf(stderr, " -sn_client <string> - have client request this servername\n");
905 fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n");
906 fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n");
907 fprintf(stderr, " -sn_expect1 - expected server 1\n");
908 fprintf(stderr, " -sn_expect2 - expected server 2\n");
909 fprintf(stderr, " -server_sess_out <file> - Save the server session to a file\n");
910 fprintf(stderr, " -server_sess_in <file> - Read the server session from a file\n");
911 fprintf(stderr, " -client_sess_out <file> - Save the client session to a file\n");
912 fprintf(stderr, " -client_sess_in <file> - Read the client session from a file\n");
913 fprintf(stderr, " -should_reuse <number> - The expected state of reusing the session\n");
914 fprintf(stderr, " -no_ticket - do not issue TLS session ticket\n");
915}
916
917static void print_key_details(BIO *out, EVP_PKEY *key)
918{
919 int keyid = EVP_PKEY_id(key);
920#ifndef OPENSSL_NO_EC
921 if (keyid == EVP_PKEY_EC) {
922 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
923 int nid;
924 const char *cname;
925 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
926 EC_KEY_free(ec);
927 cname = EC_curve_nid2nist(nid);
928 if (!cname)
929 cname = OBJ_nid2sn(nid);
930 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
931 } else
932#endif
933 {
934 const char *algname;
935 switch (keyid) {
936 case EVP_PKEY_RSA:
937 algname = "RSA";
938 break;
939 case EVP_PKEY_DSA:
940 algname = "DSA";
941 break;
942 case EVP_PKEY_DH:
943 algname = "DH";
944 break;
945 default:
946 algname = OBJ_nid2sn(keyid);
947 break;
948 }
949 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
950 }
951}
952
953static void print_details(SSL *c_ssl, const char *prefix)
954{
955 const SSL_CIPHER *ciph;
956 int mdnid;
957 X509 *cert;
958 EVP_PKEY *pkey;
959
960 ciph = SSL_get_current_cipher(c_ssl);
961 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
962 prefix,
963 SSL_get_version(c_ssl),
964 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
965 cert = SSL_get_peer_certificate(c_ssl);
966 if (cert != NULL) {
967 pkey = X509_get_pubkey(cert);
968 if (pkey != NULL) {
969 BIO_puts(bio_stdout, ", ");
970 print_key_details(bio_stdout, pkey);
971 EVP_PKEY_free(pkey);
972 }
973 X509_free(cert);
974 }
975 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
976 BIO_puts(bio_stdout, ", temp key: ");
977 print_key_details(bio_stdout, pkey);
978 EVP_PKEY_free(pkey);
979 }
980 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
981 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
982 BIO_printf(bio_stdout, "\n");
983}
984
985/*
986 * protocol_from_string - converts a protocol version string to a number
987 *
988 * Returns -1 on failure or the version on success
989 */
990static int protocol_from_string(const char *value)
991{
992 struct protocol_versions {
993 const char *name;
994 int version;
995 };
996 static const struct protocol_versions versions[] = {
997 {"ssl3", SSL3_VERSION},
998 {"tls1", TLS1_VERSION},
999 {"tls1.1", TLS1_1_VERSION},
1000 {"tls1.2", TLS1_2_VERSION},
1001 {"dtls1", DTLS1_VERSION},
1002 {"dtls1.2", DTLS1_2_VERSION}};
1003 size_t i;
1004 size_t n = OSSL_NELEM(versions);
1005
1006 for (i = 0; i < n; i++)
1007 if (strcmp(versions[i].name, value) == 0)
1008 return versions[i].version;
1009 return -1;
1010}
1011
1012static SSL_SESSION *read_session(const char *filename)
1013{
1014 SSL_SESSION *sess;
1015 BIO *f = BIO_new_file(filename, "r");
1016
1017 if (f == NULL) {
1018 BIO_printf(bio_err, "Can't open session file %s\n", filename);
1019 ERR_print_errors(bio_err);
1020 return NULL;
1021 }
1022 sess = PEM_read_bio_SSL_SESSION(f, NULL, 0, NULL);
1023 if (sess == NULL) {
1024 BIO_printf(bio_err, "Can't parse session file %s\n", filename);
1025 ERR_print_errors(bio_err);
1026 }
1027 BIO_free(f);
1028 return sess;
1029}
1030
1031static int write_session(const char *filename, SSL_SESSION *sess)
1032{
1033 BIO *f = BIO_new_file(filename, "w");
1034
1035 if (sess == NULL) {
1036 BIO_printf(bio_err, "No session information\n");
1037 return 0;
1038 }
1039 if (f == NULL) {
1040 BIO_printf(bio_err, "Can't open session file %s\n", filename);
1041 ERR_print_errors(bio_err);
1042 return 0;
1043 }
1044 PEM_write_bio_SSL_SESSION(f, sess);
1045 BIO_free(f);
1046 return 1;
1047}
1048
1049/*
1050 * set_protocol_version - Sets protocol version minimum or maximum
1051 *
1052 * Returns 0 on failure and 1 on success
1053 */
1054static int set_protocol_version(const char *version, SSL *ssl, int setting)
1055{
1056 if (version != NULL) {
1057 int ver = protocol_from_string(version);
1058 if (ver < 0) {
1059 BIO_printf(bio_err, "Error parsing: %s\n", version);
1060 return 0;
1061 }
1062 return SSL_ctrl(ssl, setting, ver, NULL);
1063 }
1064 return 1;
1065}
1066
1067int main(int argc, char *argv[])
1068{
1069 char *CApath = NULL, *CAfile = NULL;
1070 int badop = 0;
1071 enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
1072 int force = 0;
1073 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1;
1074 int client_auth = 0;
1075 int server_auth = 0, i;
1076 struct app_verify_arg app_verify_arg =
1077 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
1078 char *p;
1079 SSL_CTX *c_ctx = NULL;
1080 const SSL_METHOD *meth = NULL;
1081 SSL *c_ssl, *s_ssl;
1082 int number = 1, reuse = 0;
1083 int should_reuse = -1;
1084 int no_ticket = 0;
1085 long bytes = 256L;
1086#ifndef OPENSSL_NO_DH
1087 DH *dh;
1088 int dhe512 = 0, dhe1024dsa = 0;
1089#endif
1090#ifndef OPENSSL_NO_SRP
1091 /* client */
1092 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
1093 /* server */
1094 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
1095#endif
1096 int no_dhe = 0;
1097 int no_psk = 0;
1098 int print_time = 0;
1099 clock_t s_time = 0, c_time = 0;
1100#ifndef OPENSSL_NO_COMP
1101 int n, comp = 0;
1102 COMP_METHOD *cm = NULL;
1103 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1104#endif
1105 int test_cipherlist = 0;
1106#ifdef OPENSSL_FIPS
1107 int fips_mode = 0;
1108#endif
1109 int no_protocol;
1110 int min_version = 0, max_version = 0;
1111#ifndef OPENSSL_NO_CT
1112 /*
1113 * Disable CT validation by default, because it will interfere with
1114 * anything using custom extension handlers to deal with SCT extensions.
1115 */
1116 int ct_validation = 0;
1117#endif
1118 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL, *s_cctx2 = NULL;
1119 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1120 char *arg = NULL, *argn = NULL;
1121
1122 verbose = 0;
1123 debug = 0;
1124 cipher = 0;
1125
1126 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1127
1128 p = getenv("OPENSSL_DEBUG_MEMORY");
1129 if (p != NULL && strcmp(p, "on") == 0)
1130 CRYPTO_set_mem_debug(1);
1131 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1132
1133 RAND_seed(rnd_seed, sizeof rnd_seed);
1134
1135 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1136
1137 s_cctx = SSL_CONF_CTX_new();
1138 s_cctx2 = SSL_CONF_CTX_new();
1139 c_cctx = SSL_CONF_CTX_new();
1140
1141 if (!s_cctx || !c_cctx || !s_cctx2) {
1142 ERR_print_errors(bio_err);
1143 goto end;
1144 }
1145
1146 SSL_CONF_CTX_set_flags(s_cctx,
1147 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1148 SSL_CONF_FLAG_CERTIFICATE |
1149 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1150 SSL_CONF_CTX_set_flags(s_cctx2,
1151 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1152 SSL_CONF_FLAG_CERTIFICATE |
1153 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1154 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1155 ERR_print_errors(bio_err);
1156 goto end;
1157 }
1158 if (!SSL_CONF_CTX_set1_prefix(s_cctx2, "-s_")) {
1159 ERR_print_errors(bio_err);
1160 goto end;
1161 }
1162
1163 SSL_CONF_CTX_set_flags(c_cctx,
1164 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
1165 SSL_CONF_FLAG_CERTIFICATE |
1166 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1167 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1168 ERR_print_errors(bio_err);
1169 goto end;
1170 }
1171
1172 argc--;
1173 argv++;
1174
1175 while (argc >= 1) {
1176 if (strcmp(*argv, "-F") == 0) {
1177#ifdef OPENSSL_FIPS
1178 fips_mode = 1;
1179#else
1180 fprintf(stderr,
1181 "not compiled with FIPS support, so exiting without running.\n");
1182 EXIT(0);
1183#endif
1184 } else if (strcmp(*argv, "-server_auth") == 0)
1185 server_auth = 1;
1186 else if (strcmp(*argv, "-client_auth") == 0)
1187 client_auth = 1;
1188 else if (strcmp(*argv, "-proxy_auth") == 0) {
1189 if (--argc < 1)
1190 goto bad;
1191 app_verify_arg.proxy_auth = *(++argv);
1192 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1193 if (--argc < 1)
1194 goto bad;
1195 app_verify_arg.proxy_cond = *(++argv);
1196 } else if (strcmp(*argv, "-v") == 0)
1197 verbose = 1;
1198 else if (strcmp(*argv, "-d") == 0)
1199 debug = 1;
1200 else if (strcmp(*argv, "-reuse") == 0)
1201 reuse = 1;
1202 else if (strcmp(*argv, "-dhe512") == 0) {
1203#ifndef OPENSSL_NO_DH
1204 dhe512 = 1;
1205#else
1206 fprintf(stderr,
1207 "ignoring -dhe512, since I'm compiled without DH\n");
1208#endif
1209 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
1210#ifndef OPENSSL_NO_DH
1211 dhe1024dsa = 1;
1212#else
1213 fprintf(stderr,
1214 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
1215#endif
1216 } else if (strcmp(*argv, "-no_dhe") == 0)
1217 no_dhe = 1;
1218 else if (strcmp(*argv, "-no_ecdhe") == 0)
1219 /* obsolete */;
1220 else if (strcmp(*argv, "-psk") == 0) {
1221 if (--argc < 1)
1222 goto bad;
1223 psk_key = *(++argv);
1224#ifndef OPENSSL_NO_PSK
1225 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1226 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1227 goto bad;
1228 }
1229#else
1230 no_psk = 1;
1231#endif
1232 }
1233#ifndef OPENSSL_NO_SRP
1234 else if (strcmp(*argv, "-srpuser") == 0) {
1235 if (--argc < 1)
1236 goto bad;
1237 srp_server_arg.expected_user = srp_client_arg.srplogin =
1238 *(++argv);
1239 min_version = TLS1_VERSION;
1240 } else if (strcmp(*argv, "-srppass") == 0) {
1241 if (--argc < 1)
1242 goto bad;
1243 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1244 min_version = TLS1_VERSION;
1245 }
1246#endif
1247 else if (strcmp(*argv, "-tls1") == 0) {
1248 tls1 = 1;
1249 } else if (strcmp(*argv, "-ssl3") == 0) {
1250 ssl3 = 1;
1251 } else if (strcmp(*argv, "-dtls1") == 0) {
1252 dtls1 = 1;
1253 } else if (strcmp(*argv, "-dtls12") == 0) {
1254 dtls12 = 1;
1255 } else if (strcmp(*argv, "-dtls") == 0) {
1256 dtls = 1;
1257 } else if (strncmp(*argv, "-num", 4) == 0) {
1258 if (--argc < 1)
1259 goto bad;
1260 number = atoi(*(++argv));
1261 if (number == 0)
1262 number = 1;
1263 } else if (strcmp(*argv, "-bytes") == 0) {
1264 if (--argc < 1)
1265 goto bad;
1266 bytes = atol(*(++argv));
1267 if (bytes == 0L)
1268 bytes = 1L;
1269 i = strlen(argv[0]);
1270 if (argv[0][i - 1] == 'k')
1271 bytes *= 1024L;
1272 if (argv[0][i - 1] == 'm')
1273 bytes *= 1024L * 1024L;
1274 } else if (strcmp(*argv, "-cipher") == 0) {
1275 if (--argc < 1)
1276 goto bad;
1277 cipher = *(++argv);
1278 } else if (strcmp(*argv, "-CApath") == 0) {
1279 if (--argc < 1)
1280 goto bad;
1281 CApath = *(++argv);
1282 } else if (strcmp(*argv, "-CAfile") == 0) {
1283 if (--argc < 1)
1284 goto bad;
1285 CAfile = *(++argv);
1286 } else if (strcmp(*argv, "-bio_pair") == 0) {
1287 bio_type = BIO_PAIR;
1288 }
1289#ifndef OPENSSL_NO_SOCK
1290 else if (strcmp(*argv, "-ipv4") == 0) {
1291 bio_type = BIO_IPV4;
1292 } else if (strcmp(*argv, "-ipv6") == 0) {
1293 bio_type = BIO_IPV6;
1294 }
1295#endif
1296 else if (strcmp(*argv, "-f") == 0) {
1297 force = 1;
1298 } else if (strcmp(*argv, "-time") == 0) {
1299 print_time = 1;
1300 }
1301#ifndef OPENSSL_NO_CT
1302 else if (strcmp(*argv, "-noct") == 0) {
1303 ct_validation = 0;
1304 }
1305 else if (strcmp(*argv, "-ct") == 0) {
1306 ct_validation = 1;
1307 }
1308#endif
1309#ifndef OPENSSL_NO_COMP
1310 else if (strcmp(*argv, "-zlib") == 0) {
1311 comp = COMP_ZLIB;
1312 }
1313#endif
1314 else if (strcmp(*argv, "-app_verify") == 0) {
1315 app_verify_arg.app_verify = 1;
1316 } else if (strcmp(*argv, "-proxy") == 0) {
1317 app_verify_arg.allow_proxy_certs = 1;
1318 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1319 test_cipherlist = 1;
1320 }
1321#ifndef OPENSSL_NO_NEXTPROTONEG
1322 else if (strcmp(*argv, "-npn_client") == 0) {
1323 npn_client = 1;
1324 } else if (strcmp(*argv, "-npn_server") == 0) {
1325 npn_server = 1;
1326 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1327 npn_server_reject = 1;
1328 }
1329#endif
1330 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1331 serverinfo_sct = 1;
1332 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1333 serverinfo_tack = 1;
1334 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1335 if (--argc < 1)
1336 goto bad;
1337 serverinfo_file = *(++argv);
1338 } else if (strcmp(*argv, "-custom_ext") == 0) {
1339 custom_ext = 1;
1340 } else if (strcmp(*argv, "-alpn_client") == 0) {
1341 if (--argc < 1)
1342 goto bad;
1343 alpn_client = *(++argv);
1344 } else if (strcmp(*argv, "-alpn_server") == 0 ||
1345 strcmp(*argv, "-alpn_server1") == 0) {
1346 if (--argc < 1)
1347 goto bad;
1348 alpn_server = *(++argv);
1349 } else if (strcmp(*argv, "-alpn_server2") == 0) {
1350 if (--argc < 1)
1351 goto bad;
1352 alpn_server2 = *(++argv);
1353 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1354 if (--argc < 1)
1355 goto bad;
1356 alpn_expected = *(++argv);
1357 } else if (strcmp(*argv, "-server_min_proto") == 0) {
1358 if (--argc < 1)
1359 goto bad;
1360 server_min_proto = *(++argv);
1361 } else if (strcmp(*argv, "-server_max_proto") == 0) {
1362 if (--argc < 1)
1363 goto bad;
1364 server_max_proto = *(++argv);
1365 } else if (strcmp(*argv, "-client_min_proto") == 0) {
1366 if (--argc < 1)
1367 goto bad;
1368 client_min_proto = *(++argv);
1369 } else if (strcmp(*argv, "-client_max_proto") == 0) {
1370 if (--argc < 1)
1371 goto bad;
1372 client_max_proto = *(++argv);
1373 } else if (strcmp(*argv, "-should_negotiate") == 0) {
1374 if (--argc < 1)
1375 goto bad;
1376 should_negotiate = *(++argv);
1377 } else if (strcmp(*argv, "-sn_client") == 0) {
1378 if (--argc < 1)
1379 goto bad;
1380 sn_client = *(++argv);
1381 } else if (strcmp(*argv, "-sn_server1") == 0) {
1382 if (--argc < 1)
1383 goto bad;
1384 sn_server1 = *(++argv);
1385 } else if (strcmp(*argv, "-sn_server2") == 0) {
1386 if (--argc < 1)
1387 goto bad;
1388 sn_server2 = *(++argv);
1389 } else if (strcmp(*argv, "-sn_expect1") == 0) {
1390 sn_expect = 1;
1391 } else if (strcmp(*argv, "-sn_expect2") == 0) {
1392 sn_expect = 2;
1393 } else if (strcmp(*argv, "-server_sess_out") == 0) {
1394 if (--argc < 1)
1395 goto bad;
1396 server_sess_out = *(++argv);
1397 } else if (strcmp(*argv, "-server_sess_in") == 0) {
1398 if (--argc < 1)
1399 goto bad;
1400 server_sess_in = *(++argv);
1401 } else if (strcmp(*argv, "-client_sess_out") == 0) {
1402 if (--argc < 1)
1403 goto bad;
1404 client_sess_out = *(++argv);
1405 } else if (strcmp(*argv, "-client_sess_in") == 0) {
1406 if (--argc < 1)
1407 goto bad;
1408 client_sess_in = *(++argv);
1409 } else if (strcmp(*argv, "-should_reuse") == 0) {
1410 if (--argc < 1)
1411 goto bad;
1412 should_reuse = !!atoi(*(++argv));
1413 } else if (strcmp(*argv, "-no_ticket") == 0) {
1414 no_ticket = 1;
1415 } else {
1416 int rv;
1417 arg = argv[0];
1418 argn = argv[1];
1419 /* Try to process command using SSL_CONF */
1420 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1421 /* If not processed try server */
1422 if (rv == 0)
1423 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1424 /* Recognised: store it for later use */
1425 if (rv > 0) {
1426 if (rv == 1)
1427 argn = NULL;
1428 if (!conf_args) {
1429 conf_args = sk_OPENSSL_STRING_new_null();
1430 if (!conf_args)
1431 goto end;
1432 }
1433 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1434 goto end;
1435 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1436 goto end;
1437 continue;
1438 }
1439 if (rv == -3)
1440 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1441 else if (rv < 0)
1442 BIO_printf(bio_err, "Error with command %s\n", arg);
1443 else if (rv == 0)
1444 BIO_printf(bio_err, "unknown option %s\n", arg);
1445 badop = 1;
1446 break;
1447 }
1448 argc--;
1449 argv++;
1450 }
1451 if (badop) {
1452 bad:
1453 sv_usage();
1454 goto end;
1455 }
1456
1457 /*
1458 * test_cipherlist prevails over protocol switch: we test the cipherlist
1459 * for all enabled protocols.
1460 */
1461 if (test_cipherlist == 1) {
1462 /*
1463 * ensure that the cipher list are correctly sorted and exit
1464 */
1465 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1466 "other options.\n");
1467 if (do_test_cipherlist() == 0)
1468 EXIT(1);
1469 ret = 0;
1470 goto end;
1471 }
1472
1473 if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
1474 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
1475 "be requested.\n");
1476 EXIT(1);
1477 }
1478
1479#ifdef OPENSSL_NO_SSL3
1480 if (ssl3)
1481 no_protocol = 1;
1482 else
1483#endif
1484#ifdef OPENSSL_NO_TLS1
1485 if (tls1)
1486 no_protocol = 1;
1487 else
1488#endif
1489#if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
1490 if (dtls1)
1491 no_protocol = 1;
1492 else
1493#endif
1494#if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1_2)
1495 if (dtls12)
1496 no_protocol = 1;
1497 else
1498#endif
1499 no_protocol = 0;
1500
1501 /*
1502 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1503 * Ideally, we would error out, but the generic test wrapper can't know
1504 * when to expect failure. So we do nothing and return success.
1505 */
1506 if (no_protocol) {
1507 fprintf(stderr, "Testing was requested for a disabled protocol. "
1508 "Skipping tests.\n");
1509 ret = 0;
1510 goto end;
1511 }
1512
1513 if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
1514 fprintf(stderr, "This case cannot work. Use -f to perform "
1515 "the test anyway (and\n-d to see what happens), "
1516 "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n"
1517 "to avoid protocol mismatch.\n");
1518 EXIT(1);
1519 }
1520#ifdef OPENSSL_FIPS
1521 if (fips_mode) {
1522 if (!FIPS_mode_set(1)) {
1523 ERR_print_errors(bio_err);
1524 EXIT(1);
1525 } else
1526 fprintf(stderr, "*** IN FIPS MODE ***\n");
1527 }
1528#endif
1529
1530 if (print_time) {
1531 if (bio_type != BIO_PAIR) {
1532 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1533 bio_type = BIO_PAIR;
1534 }
1535 if (number < 50 && !force)
1536 fprintf(stderr,
1537 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1538 }
1539
1540/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1541
1542#ifndef OPENSSL_NO_COMP
1543 if (comp == COMP_ZLIB)
1544 cm = COMP_zlib();
1545 if (cm != NULL) {
1546 if (COMP_get_type(cm) != NID_undef) {
1547 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1548 fprintf(stderr, "Failed to add compression method\n");
1549 ERR_print_errors_fp(stderr);
1550 }
1551 } else {
1552 fprintf(stderr,
1553 "Warning: %s compression not supported\n",
1554 comp == COMP_ZLIB ? "zlib" : "unknown");
1555 ERR_print_errors_fp(stderr);
1556 }
1557 }
1558 ssl_comp_methods = SSL_COMP_get_compression_methods();
1559 n = sk_SSL_COMP_num(ssl_comp_methods);
1560 if (n) {
1561 int j;
1562 printf("Available compression methods:");
1563 for (j = 0; j < n; j++) {
1564 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1565 printf(" %s:%d", c->name, c->id);
1566 }
1567 printf("\n");
1568 }
1569#endif
1570
1571#ifndef OPENSSL_NO_TLS
1572 meth = TLS_method();
1573 if (ssl3) {
1574 min_version = SSL3_VERSION;
1575 max_version = SSL3_VERSION;
1576 } else if (tls1) {
1577 min_version = TLS1_VERSION;
1578 max_version = TLS1_VERSION;
1579 }
1580#endif
1581#ifndef OPENSSL_NO_DTLS
1582 if (dtls || dtls1 || dtls12)
1583 meth = DTLS_method();
1584 if (dtls1) {
1585 min_version = DTLS1_VERSION;
1586 max_version = DTLS1_VERSION;
1587 } else if (dtls12) {
1588 min_version = DTLS1_2_VERSION;
1589 max_version = DTLS1_2_VERSION;
1590 }
1591#endif
1592
1593 c_ctx = SSL_CTX_new(meth);
1594 s_ctx = SSL_CTX_new(meth);
1595 s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */
1596 if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) {
1597 ERR_print_errors(bio_err);
1598 goto end;
1599 }
1600 /*
1601 * Since we will use low security ciphersuites and keys for testing set
1602 * security level to zero by default. Tests can override this by adding
1603 * "@SECLEVEL=n" to the cipher string.
1604 */
1605 SSL_CTX_set_security_level(c_ctx, 0);
1606 SSL_CTX_set_security_level(s_ctx, 0);
1607 SSL_CTX_set_security_level(s_ctx2, 0);
1608
1609 if (no_ticket) {
1610 SSL_CTX_set_options(c_ctx, SSL_OP_NO_TICKET);
1611 SSL_CTX_set_options(s_ctx, SSL_OP_NO_TICKET);
1612 }
1613
1614 if (SSL_CTX_set_min_proto_version(c_ctx, min_version) == 0)
1615 goto end;
1616 if (SSL_CTX_set_max_proto_version(c_ctx, max_version) == 0)
1617 goto end;
1618 if (SSL_CTX_set_min_proto_version(s_ctx, min_version) == 0)
1619 goto end;
1620 if (SSL_CTX_set_max_proto_version(s_ctx, max_version) == 0)
1621 goto end;
1622
1623 if (cipher != NULL) {
1624 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
1625 || !SSL_CTX_set_cipher_list(s_ctx, cipher)
1626 || !SSL_CTX_set_cipher_list(s_ctx2, cipher)) {
1627 ERR_print_errors(bio_err);
1628 goto end;
1629 }
1630 }
1631
1632#ifndef OPENSSL_NO_CT
1633 if (ct_validation &&
1634 !SSL_CTX_enable_ct(c_ctx, SSL_CT_VALIDATION_STRICT)) {
1635 ERR_print_errors(bio_err);
1636 goto end;
1637 }
1638#endif
1639
1640 /* Process SSL_CONF arguments */
1641 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1642 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1643 SSL_CONF_CTX_set_ssl_ctx(s_cctx2, s_ctx2);
1644
1645 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1646 int rv;
1647 arg = sk_OPENSSL_STRING_value(conf_args, i);
1648 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1649 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1650 /* If not recognised use server context */
1651 if (rv == -2) {
1652 rv = SSL_CONF_cmd(s_cctx2, arg, argn);
1653 if (rv > 0)
1654 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1655 }
1656 if (rv <= 0) {
1657 BIO_printf(bio_err, "Error processing %s %s\n",
1658 arg, argn ? argn : "");
1659 ERR_print_errors(bio_err);
1660 goto end;
1661 }
1662 }
1663
1664 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx) || !SSL_CONF_CTX_finish(s_cctx2)) {
1665 BIO_puts(bio_err, "Error finishing context\n");
1666 ERR_print_errors(bio_err);
1667 goto end;
1668 }
1669#ifndef OPENSSL_NO_DH
1670 if (!no_dhe) {
1671 if (dhe1024dsa) {
1672 dh = get_dh1024dsa();
1673 } else if (dhe512)
1674 dh = get_dh512();
1675 else
1676 dh = get_dh1024();
1677 SSL_CTX_set_tmp_dh(s_ctx, dh);
1678 SSL_CTX_set_tmp_dh(s_ctx2, dh);
1679 DH_free(dh);
1680 }
1681#else
1682 (void)no_dhe;
1683#endif
1684
1685 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1686 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1687 (!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) ||
1688 (!SSL_CTX_set_default_verify_paths(s_ctx2)) ||
1689 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1690 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1691 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1692 ERR_print_errors(bio_err);
1693 /* goto end; */
1694 }
1695
1696#ifndef OPENSSL_NO_CT
1697 if (!SSL_CTX_set_default_ctlog_list_file(s_ctx) ||
1698 !SSL_CTX_set_default_ctlog_list_file(s_ctx2) ||
1699 !SSL_CTX_set_default_ctlog_list_file(c_ctx)) {
1700 ERR_print_errors(bio_err);
1701 }
1702#endif
1703
1704 if (client_auth) {
1705 printf("client authentication\n");
1706 SSL_CTX_set_verify(s_ctx,
1707 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1708 verify_callback);
1709 SSL_CTX_set_verify(s_ctx2,
1710 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1711 verify_callback);
1712 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1713 &app_verify_arg);
1714 SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback,
1715 &app_verify_arg);
1716 }
1717 if (server_auth) {
1718 printf("server authentication\n");
1719 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1720 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1721 &app_verify_arg);
1722 }
1723
1724 {
1725 int session_id_context = 0;
1726 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1727 sizeof session_id_context) ||
1728 !SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context,
1729 sizeof session_id_context)) {
1730 ERR_print_errors(bio_err);
1731 goto end;
1732 }
1733 }
1734
1735 /* Use PSK only if PSK key is given */
1736 if (psk_key != NULL) {
1737 /*
1738 * no_psk is used to avoid putting psk command to openssl tool
1739 */
1740 if (no_psk) {
1741 /*
1742 * if PSK is not compiled in and psk key is given, do nothing and
1743 * exit successfully
1744 */
1745 ret = 0;
1746 goto end;
1747 }
1748#ifndef OPENSSL_NO_PSK
1749 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1750 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1751 SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback);
1752 if (debug)
1753 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1754 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint") ||
1755 !SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) {
1756 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1757 ERR_print_errors(bio_err);
1758 goto end;
1759 }
1760#endif
1761 }
1762#ifndef OPENSSL_NO_SRP
1763 if (srp_client_arg.srplogin) {
1764 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1765 BIO_printf(bio_err, "Unable to set SRP username\n");
1766 goto end;
1767 }
1768 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1769 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1770 ssl_give_srp_client_pwd_cb);
1771 /*
1772 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1773 */
1774 }
1775
1776 if (srp_server_arg.expected_user != NULL) {
1777 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1778 SSL_CTX_set_verify(s_ctx2, SSL_VERIFY_NONE, verify_callback);
1779 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1780 SSL_CTX_set_srp_cb_arg(s_ctx2, &srp_server_arg);
1781 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1782 SSL_CTX_set_srp_username_callback(s_ctx2, ssl_srp_server_param_cb);
1783 }
1784#endif
1785
1786#ifndef OPENSSL_NO_NEXTPROTONEG
1787 if (npn_client) {
1788 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1789 }
1790 if (npn_server) {
1791 if (npn_server_reject) {
1792 BIO_printf(bio_err,
1793 "Can't have both -npn_server and -npn_server_reject\n");
1794 goto end;
1795 }
1796 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1797 SSL_CTX_set_next_protos_advertised_cb(s_ctx2, cb_server_npn, NULL);
1798 }
1799 if (npn_server_reject) {
1800 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1801 NULL);
1802 SSL_CTX_set_next_protos_advertised_cb(s_ctx2, cb_server_rejects_npn,
1803 NULL);
1804 }
1805#endif
1806
1807 if (serverinfo_sct) {
1808 if (!SSL_CTX_add_client_custom_ext(c_ctx,
1809 TLSEXT_TYPE_signed_certificate_timestamp,
1810 NULL, NULL, NULL,
1811 serverinfo_cli_parse_cb, NULL)) {
1812 BIO_printf(bio_err, "Error adding SCT extension\n");
1813 goto end;
1814 }
1815 }
1816 if (serverinfo_tack) {
1817 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1818 NULL, NULL, NULL,
1819 serverinfo_cli_parse_cb, NULL)) {
1820 BIO_printf(bio_err, "Error adding TACK extension\n");
1821 goto end;
1822 }
1823 }
1824 if (serverinfo_file)
1825 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file) ||
1826 !SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) {
1827 BIO_printf(bio_err, "missing serverinfo file\n");
1828 goto end;
1829 }
1830
1831 if (custom_ext) {
1832 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1833 custom_ext_0_cli_add_cb,
1834 NULL, NULL,
1835 custom_ext_0_cli_parse_cb, NULL)
1836 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1837 custom_ext_1_cli_add_cb,
1838 NULL, NULL,
1839 custom_ext_1_cli_parse_cb, NULL)
1840 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1841 custom_ext_2_cli_add_cb,
1842 NULL, NULL,
1843 custom_ext_2_cli_parse_cb, NULL)
1844 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1845 custom_ext_3_cli_add_cb,
1846 NULL, NULL,
1847 custom_ext_3_cli_parse_cb, NULL)
1848 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1849 custom_ext_0_srv_add_cb,
1850 NULL, NULL,
1851 custom_ext_0_srv_parse_cb, NULL)
1852 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0,
1853 custom_ext_0_srv_add_cb,
1854 NULL, NULL,
1855 custom_ext_0_srv_parse_cb, NULL)
1856 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1857 custom_ext_1_srv_add_cb,
1858 NULL, NULL,
1859 custom_ext_1_srv_parse_cb, NULL)
1860 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1,
1861 custom_ext_1_srv_add_cb,
1862 NULL, NULL,
1863 custom_ext_1_srv_parse_cb, NULL)
1864 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1865 custom_ext_2_srv_add_cb,
1866 NULL, NULL,
1867 custom_ext_2_srv_parse_cb, NULL)
1868 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2,
1869 custom_ext_2_srv_add_cb,
1870 NULL, NULL,
1871 custom_ext_2_srv_parse_cb, NULL)
1872 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1873 custom_ext_3_srv_add_cb,
1874 NULL, NULL,
1875 custom_ext_3_srv_parse_cb, NULL)
1876 || !SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3,
1877 custom_ext_3_srv_add_cb,
1878 NULL, NULL,
1879 custom_ext_3_srv_parse_cb, NULL)) {
1880 BIO_printf(bio_err, "Error setting custom extensions\n");
1881 goto end;
1882 }
1883 }
1884
1885 if (alpn_server)
1886 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server);
1887 if (alpn_server2)
1888 SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2);
1889
1890 if (alpn_client) {
1891 size_t alpn_len;
1892 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1893
1894 if (alpn == NULL) {
1895 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1896 goto end;
1897 }
1898 /* Returns 0 on success!! */
1899 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
1900 BIO_printf(bio_err, "Error setting ALPN\n");
1901 OPENSSL_free(alpn);
1902 goto end;
1903 }
1904 OPENSSL_free(alpn);
1905 }
1906
1907 if (server_sess_in != NULL) {
1908 server_sess = read_session(server_sess_in);
1909 if (server_sess == NULL)
1910 goto end;
1911 }
1912 if (client_sess_in != NULL) {
1913 client_sess = read_session(client_sess_in);
1914 if (client_sess == NULL)
1915 goto end;
1916 }
1917
1918 if (server_sess_out != NULL || server_sess_in != NULL) {
1919 char *keys;
1920 long size;
1921
1922 /* Use a fixed key so that we can decrypt the ticket. */
1923 size = SSL_CTX_set_tlsext_ticket_keys(s_ctx, NULL, 0);
1924 keys = OPENSSL_zalloc(size);
1925 SSL_CTX_set_tlsext_ticket_keys(s_ctx, keys, size);
1926 OPENSSL_free(keys);
1927 }
1928
1929 if (sn_server1 != NULL || sn_server2 != NULL)
1930 SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
1931
1932 c_ssl = SSL_new(c_ctx);
1933 s_ssl = SSL_new(s_ctx);
1934
1935 if (sn_client)
1936 SSL_set_tlsext_host_name(c_ssl, sn_client);
1937
1938 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1939 goto end;
1940 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1941 goto end;
1942 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1943 goto end;
1944 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1945 goto end;
1946
1947 if (server_sess) {
1948 if (SSL_CTX_add_session(s_ctx, server_sess) == 0) {
1949 BIO_printf(bio_err, "Can't add server session\n");
1950 ERR_print_errors(bio_err);
1951 goto end;
1952 }
1953 }
1954
1955 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
1956 for (i = 0; i < number; i++) {
1957 if (!reuse) {
1958 if (!SSL_set_session(c_ssl, NULL)) {
1959 BIO_printf(bio_err, "Failed to set session\n");
1960 goto end;
1961 }
1962 }
1963 if (client_sess_in != NULL) {
1964 if (SSL_set_session(c_ssl, client_sess) == 0) {
1965 BIO_printf(bio_err, "Can't set client session\n");
1966 ERR_print_errors(bio_err);
1967 goto end;
1968 }
1969 }
1970 switch (bio_type) {
1971 case BIO_MEM:
1972 ret = doit(s_ssl, c_ssl, bytes);
1973 break;
1974 case BIO_PAIR:
1975 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1976 break;
1977#ifndef OPENSSL_NO_SOCK
1978 case BIO_IPV4:
1979 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV4,
1980 bytes, &s_time, &c_time);
1981 break;
1982 case BIO_IPV6:
1983 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV6,
1984 bytes, &s_time, &c_time);
1985 break;
1986#else
1987 case BIO_IPV4:
1988 case BIO_IPV6:
1989 ret = 1;
1990 goto err;
1991#endif
1992 }
1993 if (ret) break;
1994 }
1995
1996 if (should_negotiate && ret == 0 &&
1997 strcmp(should_negotiate, "fail-server") != 0 &&
1998 strcmp(should_negotiate, "fail-client") != 0) {
1999 int version = protocol_from_string(should_negotiate);
2000 if (version < 0) {
2001 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate);
2002 ret = 1;
2003 goto err;
2004 }
2005 if (SSL_version(c_ssl) != version) {
2006 BIO_printf(bio_err, "Unxpected version negotiated. "
2007 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl));
2008 ret = 1;
2009 goto err;
2010 }
2011 }
2012
2013 if (should_reuse != -1) {
2014 if (SSL_session_reused(s_ssl) != should_reuse ||
2015 SSL_session_reused(c_ssl) != should_reuse) {
2016 BIO_printf(bio_err, "Unexpected session reuse state. "
2017 "Expected: %d, server: %d, client: %d\n", should_reuse,
2018 SSL_session_reused(s_ssl), SSL_session_reused(c_ssl));
2019 ret = 1;
2020 goto err;
2021 }
2022 }
2023
2024 if (server_sess_out != NULL) {
2025 if (write_session(server_sess_out, SSL_get_session(s_ssl)) == 0) {
2026 ret = 1;
2027 goto err;
2028 }
2029 }
2030 if (client_sess_out != NULL) {
2031 if (write_session(client_sess_out, SSL_get_session(c_ssl)) == 0) {
2032 ret = 1;
2033 goto err;
2034 }
2035 }
2036
2037 if (!verbose) {
2038 print_details(c_ssl, "");
2039 }
2040 if (print_time) {
2041#ifdef CLOCKS_PER_SEC
2042 /*
2043 * "To determine the time in seconds, the value returned by the clock
2044 * function should be divided by the value of the macro
2045 * CLOCKS_PER_SEC." -- ISO/IEC 9899
2046 */
2047 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
2048 "Approximate total client time: %6.2f s\n",
2049 (double)s_time / CLOCKS_PER_SEC,
2050 (double)c_time / CLOCKS_PER_SEC);
2051#else
2052 BIO_printf(bio_stdout,
2053 "Approximate total server time: %6.2f units\n"
2054 "Approximate total client time: %6.2f units\n",
2055 (double)s_time, (double)c_time);
2056#endif
2057 }
2058
2059 err:
2060 SSL_free(s_ssl);
2061 SSL_free(c_ssl);
2062
2063 end:
2064 SSL_CTX_free(s_ctx);
2065 SSL_CTX_free(s_ctx2);
2066 SSL_CTX_free(c_ctx);
2067 SSL_CONF_CTX_free(s_cctx);
2068 SSL_CONF_CTX_free(s_cctx2);
2069 SSL_CONF_CTX_free(c_cctx);
2070 sk_OPENSSL_STRING_free(conf_args);
2071
2072 BIO_free(bio_stdout);
2073
2074 SSL_SESSION_free(server_sess);
2075 SSL_SESSION_free(client_sess);
2076
2077#ifndef OPENSSL_NO_CRYPTO_MDEBUG
2078 if (CRYPTO_mem_leaks(bio_err) <= 0)
2079 ret = 1;
2080#endif
2081 BIO_free(bio_err);
2082 EXIT(ret);
2083}
2084
2085#ifndef OPENSSL_NO_SOCK
2086int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
2087 clock_t *s_time, clock_t *c_time)
2088{
2089 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
2090 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
2091 BIO *acpt = NULL, *server = NULL, *client = NULL;
2092 char addr_str[40];
2093 int ret = 1;
2094 int err_in_client = 0;
2095 int err_in_server = 0;
2096
2097 acpt = BIO_new_accept("0");
2098 if (acpt == NULL)
2099 goto err;
2100 BIO_set_accept_ip_family(acpt, family);
2101 BIO_set_bind_mode(acpt, BIO_SOCK_NONBLOCK | BIO_SOCK_REUSEADDR);
2102 if (BIO_do_accept(acpt) <= 0)
2103 goto err;
2104
2105 BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt));
2106
2107 client = BIO_new_connect(addr_str);
2108 BIO_set_conn_ip_family(client, family);
2109 if (!client)
2110 goto err;
2111
2112 if (BIO_set_nbio(client, 1) <= 0)
2113 goto err;
2114 if (BIO_set_nbio(acpt, 1) <= 0)
2115 goto err;
2116
2117 {
2118 int st_connect = 0, st_accept = 0;
2119
2120 while(!st_connect || !st_accept) {
2121 if (!st_connect) {
2122 if (BIO_do_connect(client) <= 0) {
2123 if (!BIO_should_retry(client))
2124 goto err;
2125 } else {
2126 st_connect = 1;
2127 }
2128 }
2129 if (!st_accept) {
2130 if (BIO_do_accept(acpt) <= 0) {
2131 if (!BIO_should_retry(acpt))
2132 goto err;
2133 } else {
2134 st_accept = 1;
2135 }
2136 }
2137 }
2138 }
2139 /* We're not interested in accepting further connects */
2140 server = BIO_pop(acpt);
2141 BIO_free_all(acpt);
2142 acpt = NULL;
2143
2144 s_ssl_bio = BIO_new(BIO_f_ssl());
2145 if (!s_ssl_bio)
2146 goto err;
2147
2148 c_ssl_bio = BIO_new(BIO_f_ssl());
2149 if (!c_ssl_bio)
2150 goto err;
2151
2152 SSL_set_connect_state(c_ssl);
2153 SSL_set_bio(c_ssl, client, client);
2154 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2155
2156 SSL_set_accept_state(s_ssl);
2157 SSL_set_bio(s_ssl, server, server);
2158 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2159
2160 do {
2161 /*-
2162 * c_ssl_bio: SSL filter BIO
2163 *
2164 * client: I/O for SSL library
2165 *
2166 *
2167 * server: I/O for SSL library
2168 *
2169 * s_ssl_bio: SSL filter BIO
2170 */
2171
2172 /*
2173 * We have non-blocking behaviour throughout this test program, but
2174 * can be sure that there is *some* progress in each iteration; so we
2175 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2176 * we just try everything in each iteration
2177 */
2178
2179 {
2180 /* CLIENT */
2181
2182 char cbuf[1024 * 8];
2183 int i, r;
2184 clock_t c_clock = clock();
2185
2186 memset(cbuf, 0, sizeof(cbuf));
2187
2188 if (debug)
2189 if (SSL_in_init(c_ssl))
2190 printf("client waiting in SSL_connect - %s\n",
2191 SSL_state_string_long(c_ssl));
2192
2193 if (cw_num > 0) {
2194 /* Write to server. */
2195
2196 if (cw_num > (long)sizeof cbuf)
2197 i = sizeof cbuf;
2198 else
2199 i = (int)cw_num;
2200 r = BIO_write(c_ssl_bio, cbuf, i);
2201 if (r < 0) {
2202 if (!BIO_should_retry(c_ssl_bio)) {
2203 fprintf(stderr, "ERROR in CLIENT\n");
2204 err_in_client = 1;
2205 goto err;
2206 }
2207 /*
2208 * BIO_should_retry(...) can just be ignored here. The
2209 * library expects us to call BIO_write with the same
2210 * arguments again, and that's what we will do in the
2211 * next iteration.
2212 */
2213 } else if (r == 0) {
2214 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2215 goto err;
2216 } else {
2217 if (debug)
2218 printf("client wrote %d\n", r);
2219 cw_num -= r;
2220 }
2221 }
2222
2223 if (cr_num > 0) {
2224 /* Read from server. */
2225
2226 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2227 if (r < 0) {
2228 if (!BIO_should_retry(c_ssl_bio)) {
2229 fprintf(stderr, "ERROR in CLIENT\n");
2230 err_in_client = 1;
2231 goto err;
2232 }
2233 /*
2234 * Again, "BIO_should_retry" can be ignored.
2235 */
2236 } else if (r == 0) {
2237 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2238 goto err;
2239 } else {
2240 if (debug)
2241 printf("client read %d\n", r);
2242 cr_num -= r;
2243 }
2244 }
2245
2246 /*
2247 * c_time and s_time increments will typically be very small
2248 * (depending on machine speed and clock tick intervals), but
2249 * sampling over a large number of connections should result in
2250 * fairly accurate figures. We cannot guarantee a lot, however
2251 * -- if each connection lasts for exactly one clock tick, it
2252 * will be counted only for the client or only for the server or
2253 * even not at all.
2254 */
2255 *c_time += (clock() - c_clock);
2256 }
2257
2258 {
2259 /* SERVER */
2260
2261 char sbuf[1024 * 8];
2262 int i, r;
2263 clock_t s_clock = clock();
2264
2265 memset(sbuf, 0, sizeof(sbuf));
2266
2267 if (debug)
2268 if (SSL_in_init(s_ssl))
2269 printf("server waiting in SSL_accept - %s\n",
2270 SSL_state_string_long(s_ssl));
2271
2272 if (sw_num > 0) {
2273 /* Write to client. */
2274
2275 if (sw_num > (long)sizeof sbuf)
2276 i = sizeof sbuf;
2277 else
2278 i = (int)sw_num;
2279 r = BIO_write(s_ssl_bio, sbuf, i);
2280 if (r < 0) {
2281 if (!BIO_should_retry(s_ssl_bio)) {
2282 fprintf(stderr, "ERROR in SERVER\n");
2283 err_in_server = 1;
2284 goto err;
2285 }
2286 /* Ignore "BIO_should_retry". */
2287 } else if (r == 0) {
2288 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2289 goto err;
2290 } else {
2291 if (debug)
2292 printf("server wrote %d\n", r);
2293 sw_num -= r;
2294 }
2295 }
2296
2297 if (sr_num > 0) {
2298 /* Read from client. */
2299
2300 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2301 if (r < 0) {
2302 if (!BIO_should_retry(s_ssl_bio)) {
2303 fprintf(stderr, "ERROR in SERVER\n");
2304 err_in_server = 1;
2305 goto err;
2306 }
2307 /* blah, blah */
2308 } else if (r == 0) {
2309 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2310 goto err;
2311 } else {
2312 if (debug)
2313 printf("server read %d\n", r);
2314 sr_num -= r;
2315 }
2316 }
2317
2318 *s_time += (clock() - s_clock);
2319 }
2320 }
2321 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2322
2323 if (verbose)
2324 print_details(c_ssl, "DONE via TCP connect: ");
2325# ifndef OPENSSL_NO_NEXTPROTONEG
2326 if (verify_npn(c_ssl, s_ssl) < 0) {
2327 ret = 1;
2328 goto end;
2329 }
2330# endif
2331 if (verify_serverinfo() < 0) {
2332 fprintf(stderr, "Server info verify error\n");
2333 ret = 1;
2334 goto err;
2335 }
2336 if (verify_alpn(c_ssl, s_ssl) < 0) {
2337 ret = 1;
2338 goto err;
2339 }
2340 if (verify_servername(c_ssl, s_ssl) < 0) {
2341 ret = 1;
2342 goto err;
2343 }
2344
2345 if (custom_ext_error) {
2346 fprintf(stderr, "Custom extension error\n");
2347 ret = 1;
2348 goto err;
2349 }
2350
2351 end:
2352 ret = 0;
2353
2354 err:
2355 ERR_print_errors(bio_err);
2356
2357 BIO_free_all(acpt);
2358 BIO_free(server);
2359 BIO_free(client);
2360 BIO_free(s_ssl_bio);
2361 BIO_free(c_ssl_bio);
2362
2363 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2364 ret = (err_in_client != 0) ? 0 : 1;
2365 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2366 ret = (err_in_server != 0) ? 0 : 1;
2367
2368 return ret;
2369}
2370#endif
2371
2372int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
2373 clock_t *s_time, clock_t *c_time)
2374{
2375 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
2376 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
2377 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
2378 int ret = 1;
2379 int err_in_client = 0;
2380 int err_in_server = 0;
2381
2382 size_t bufsiz = 256; /* small buffer for testing */
2383
2384 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
2385 goto err;
2386 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
2387 goto err;
2388
2389 s_ssl_bio = BIO_new(BIO_f_ssl());
2390 if (!s_ssl_bio)
2391 goto err;
2392
2393 c_ssl_bio = BIO_new(BIO_f_ssl());
2394 if (!c_ssl_bio)
2395 goto err;
2396
2397 SSL_set_connect_state(c_ssl);
2398 SSL_set_bio(c_ssl, client, client);
2399 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2400
2401 SSL_set_accept_state(s_ssl);
2402 SSL_set_bio(s_ssl, server, server);
2403 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2404
2405 do {
2406 /*-
2407 * c_ssl_bio: SSL filter BIO
2408 *
2409 * client: pseudo-I/O for SSL library
2410 *
2411 * client_io: client's SSL communication; usually to be
2412 * relayed over some I/O facility, but in this
2413 * test program, we're the server, too:
2414 *
2415 * server_io: server's SSL communication
2416 *
2417 * server: pseudo-I/O for SSL library
2418 *
2419 * s_ssl_bio: SSL filter BIO
2420 *
2421 * The client and the server each employ a "BIO pair":
2422 * client + client_io, server + server_io.
2423 * BIO pairs are symmetric. A BIO pair behaves similar
2424 * to a non-blocking socketpair (but both endpoints must
2425 * be handled by the same thread).
2426 * [Here we could connect client and server to the ends
2427 * of a single BIO pair, but then this code would be less
2428 * suitable as an example for BIO pairs in general.]
2429 *
2430 * Useful functions for querying the state of BIO pair endpoints:
2431 *
2432 * BIO_ctrl_pending(bio) number of bytes we can read now
2433 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
2434 * other side's read attempt
2435 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
2436 *
2437 * ..._read_request is never more than ..._write_guarantee;
2438 * it depends on the application which one you should use.
2439 */
2440
2441 /*
2442 * We have non-blocking behaviour throughout this test program, but
2443 * can be sure that there is *some* progress in each iteration; so we
2444 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2445 * we just try everything in each iteration
2446 */
2447
2448 {
2449 /* CLIENT */
2450
2451 char cbuf[1024 * 8];
2452 int i, r;
2453 clock_t c_clock = clock();
2454
2455 memset(cbuf, 0, sizeof(cbuf));
2456
2457 if (debug)
2458 if (SSL_in_init(c_ssl))
2459 printf("client waiting in SSL_connect - %s\n",
2460 SSL_state_string_long(c_ssl));
2461
2462 if (cw_num > 0) {
2463 /* Write to server. */
2464
2465 if (cw_num > (long)sizeof cbuf)
2466 i = sizeof cbuf;
2467 else
2468 i = (int)cw_num;
2469 r = BIO_write(c_ssl_bio, cbuf, i);
2470 if (r < 0) {
2471 if (!BIO_should_retry(c_ssl_bio)) {
2472 fprintf(stderr, "ERROR in CLIENT\n");
2473 err_in_client = 1;
2474 goto err;
2475 }
2476 /*
2477 * BIO_should_retry(...) can just be ignored here. The
2478 * library expects us to call BIO_write with the same
2479 * arguments again, and that's what we will do in the
2480 * next iteration.
2481 */
2482 } else if (r == 0) {
2483 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2484 goto err;
2485 } else {
2486 if (debug)
2487 printf("client wrote %d\n", r);
2488 cw_num -= r;
2489 }
2490 }
2491
2492 if (cr_num > 0) {
2493 /* Read from server. */
2494
2495 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2496 if (r < 0) {
2497 if (!BIO_should_retry(c_ssl_bio)) {
2498 fprintf(stderr, "ERROR in CLIENT\n");
2499 err_in_client = 1;
2500 goto err;
2501 }
2502 /*
2503 * Again, "BIO_should_retry" can be ignored.
2504 */
2505 } else if (r == 0) {
2506 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2507 goto err;
2508 } else {
2509 if (debug)
2510 printf("client read %d\n", r);
2511 cr_num -= r;
2512 }
2513 }
2514
2515 /*
2516 * c_time and s_time increments will typically be very small
2517 * (depending on machine speed and clock tick intervals), but
2518 * sampling over a large number of connections should result in
2519 * fairly accurate figures. We cannot guarantee a lot, however
2520 * -- if each connection lasts for exactly one clock tick, it
2521 * will be counted only for the client or only for the server or
2522 * even not at all.
2523 */
2524 *c_time += (clock() - c_clock);
2525 }
2526
2527 {
2528 /* SERVER */
2529
2530 char sbuf[1024 * 8];
2531 int i, r;
2532 clock_t s_clock = clock();
2533
2534 memset(sbuf, 0, sizeof(sbuf));
2535
2536 if (debug)
2537 if (SSL_in_init(s_ssl))
2538 printf("server waiting in SSL_accept - %s\n",
2539 SSL_state_string_long(s_ssl));
2540
2541 if (sw_num > 0) {
2542 /* Write to client. */
2543
2544 if (sw_num > (long)sizeof sbuf)
2545 i = sizeof sbuf;
2546 else
2547 i = (int)sw_num;
2548 r = BIO_write(s_ssl_bio, sbuf, i);
2549 if (r < 0) {
2550 if (!BIO_should_retry(s_ssl_bio)) {
2551 fprintf(stderr, "ERROR in SERVER\n");
2552 err_in_server = 1;
2553 goto err;
2554 }
2555 /* Ignore "BIO_should_retry". */
2556 } else if (r == 0) {
2557 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2558 goto err;
2559 } else {
2560 if (debug)
2561 printf("server wrote %d\n", r);
2562 sw_num -= r;
2563 }
2564 }
2565
2566 if (sr_num > 0) {
2567 /* Read from client. */
2568
2569 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2570 if (r < 0) {
2571 if (!BIO_should_retry(s_ssl_bio)) {
2572 fprintf(stderr, "ERROR in SERVER\n");
2573 err_in_server = 1;
2574 goto err;
2575 }
2576 /* blah, blah */
2577 } else if (r == 0) {
2578 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2579 goto err;
2580 } else {
2581 if (debug)
2582 printf("server read %d\n", r);
2583 sr_num -= r;
2584 }
2585 }
2586
2587 *s_time += (clock() - s_clock);
2588 }
2589
2590 {
2591 /* "I/O" BETWEEN CLIENT AND SERVER. */
2592
2593 size_t r1, r2;
2594 BIO *io1 = server_io, *io2 = client_io;
2595 /*
2596 * we use the non-copying interface for io1 and the standard
2597 * BIO_write/BIO_read interface for io2
2598 */
2599
2600 static int prev_progress = 1;
2601 int progress = 0;
2602
2603 /* io1 to io2 */
2604 do {
2605 size_t num;
2606 int r;
2607
2608 r1 = BIO_ctrl_pending(io1);
2609 r2 = BIO_ctrl_get_write_guarantee(io2);
2610
2611 num = r1;
2612 if (r2 < num)
2613 num = r2;
2614 if (num) {
2615 char *dataptr;
2616
2617 if (INT_MAX < num) /* yeah, right */
2618 num = INT_MAX;
2619
2620 r = BIO_nread(io1, &dataptr, (int)num);
2621 assert(r > 0);
2622 assert(r <= (int)num);
2623 /*
2624 * possibly r < num (non-contiguous data)
2625 */
2626 num = r;
2627 r = BIO_write(io2, dataptr, (int)num);
2628 if (r != (int)num) { /* can't happen */
2629 fprintf(stderr, "ERROR: BIO_write could not write "
2630 "BIO_ctrl_get_write_guarantee() bytes");
2631 goto err;
2632 }
2633 progress = 1;
2634
2635 if (debug)
2636 printf((io1 == client_io) ?
2637 "C->S relaying: %d bytes\n" :
2638 "S->C relaying: %d bytes\n", (int)num);
2639 }
2640 }
2641 while (r1 && r2);
2642
2643 /* io2 to io1 */
2644 {
2645 size_t num;
2646 int r;
2647
2648 r1 = BIO_ctrl_pending(io2);
2649 r2 = BIO_ctrl_get_read_request(io1);
2650 /*
2651 * here we could use ..._get_write_guarantee instead of
2652 * ..._get_read_request, but by using the latter we test
2653 * restartability of the SSL implementation more thoroughly
2654 */
2655 num = r1;
2656 if (r2 < num)
2657 num = r2;
2658 if (num) {
2659 char *dataptr;
2660
2661 if (INT_MAX < num)
2662 num = INT_MAX;
2663
2664 if (num > 1)
2665 --num; /* test restartability even more thoroughly */
2666
2667 r = BIO_nwrite0(io1, &dataptr);
2668 assert(r > 0);
2669 if (r < (int)num)
2670 num = r;
2671 r = BIO_read(io2, dataptr, (int)num);
2672 if (r != (int)num) { /* can't happen */
2673 fprintf(stderr, "ERROR: BIO_read could not read "
2674 "BIO_ctrl_pending() bytes");
2675 goto err;
2676 }
2677 progress = 1;
2678 r = BIO_nwrite(io1, &dataptr, (int)num);
2679 if (r != (int)num) { /* can't happen */
2680 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2681 "BIO_nwrite0() bytes");
2682 goto err;
2683 }
2684
2685 if (debug)
2686 printf((io2 == client_io) ?
2687 "C->S relaying: %d bytes\n" :
2688 "S->C relaying: %d bytes\n", (int)num);
2689 }
2690 } /* no loop, BIO_ctrl_get_read_request now
2691 * returns 0 anyway */
2692
2693 if (!progress && !prev_progress)
2694 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2695 fprintf(stderr, "ERROR: got stuck\n");
2696 fprintf(stderr, " ERROR.\n");
2697 goto err;
2698 }
2699 prev_progress = progress;
2700 }
2701 }
2702 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2703
2704 if (verbose)
2705 print_details(c_ssl, "DONE via BIO pair: ");
2706#ifndef OPENSSL_NO_NEXTPROTONEG
2707 if (verify_npn(c_ssl, s_ssl) < 0) {
2708 ret = 1;
2709 goto end;
2710 }
2711#endif
2712 if (verify_serverinfo() < 0) {
2713 fprintf(stderr, "Server info verify error\n");
2714 ret = 1;
2715 goto err;
2716 }
2717 if (verify_alpn(c_ssl, s_ssl) < 0) {
2718 ret = 1;
2719 goto err;
2720 }
2721 if (verify_servername(c_ssl, s_ssl) < 0) {
2722 ret = 1;
2723 goto err;
2724 }
2725
2726 if (custom_ext_error) {
2727 fprintf(stderr, "Custom extension error\n");
2728 ret = 1;
2729 goto err;
2730 }
2731
2732 end:
2733 ret = 0;
2734
2735 err:
2736 ERR_print_errors(bio_err);
2737
2738 BIO_free(server);
2739 BIO_free(server_io);
2740 BIO_free(client);
2741 BIO_free(client_io);
2742 BIO_free(s_ssl_bio);
2743 BIO_free(c_ssl_bio);
2744
2745 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2746 ret = (err_in_client != 0) ? 0 : 1;
2747 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2748 ret = (err_in_server != 0) ? 0 : 1;
2749
2750 return ret;
2751}
2752
2753#define W_READ 1
2754#define W_WRITE 2
2755#define C_DONE 1
2756#define S_DONE 2
2757
2758int doit(SSL *s_ssl, SSL *c_ssl, long count)
2759{
2760 char *cbuf = NULL, *sbuf = NULL;
2761 long bufsiz;
2762 long cw_num = count, cr_num = count;
2763 long sw_num = count, sr_num = count;
2764 int ret = 1;
2765 BIO *c_to_s = NULL;
2766 BIO *s_to_c = NULL;
2767 BIO *c_bio = NULL;
2768 BIO *s_bio = NULL;
2769 int c_r, c_w, s_r, s_w;
2770 int i, j;
2771 int done = 0;
2772 int c_write, s_write;
2773 int do_server = 0, do_client = 0;
2774 int max_frag = 5 * 1024;
2775 int err_in_client = 0;
2776 int err_in_server = 0;
2777
2778 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2779
2780 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2781 goto err;
2782 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2783 goto err;
2784
2785 c_to_s = BIO_new(BIO_s_mem());
2786 s_to_c = BIO_new(BIO_s_mem());
2787 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2788 ERR_print_errors(bio_err);
2789 goto err;
2790 }
2791
2792 c_bio = BIO_new(BIO_f_ssl());
2793 s_bio = BIO_new(BIO_f_ssl());
2794 if ((c_bio == NULL) || (s_bio == NULL)) {
2795 ERR_print_errors(bio_err);
2796 goto err;
2797 }
2798
2799 SSL_set_connect_state(c_ssl);
2800 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2801 SSL_set_max_send_fragment(c_ssl, max_frag);
2802 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2803
2804 SSL_set_accept_state(s_ssl);
2805 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2806 SSL_set_max_send_fragment(s_ssl, max_frag);
2807 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2808
2809 c_r = 0;
2810 s_r = 1;
2811 c_w = 1;
2812 s_w = 0;
2813 c_write = 1, s_write = 0;
2814
2815 /* We can always do writes */
2816 for (;;) {
2817 do_server = 0;
2818 do_client = 0;
2819
2820 i = (int)BIO_pending(s_bio);
2821 if ((i && s_r) || s_w)
2822 do_server = 1;
2823
2824 i = (int)BIO_pending(c_bio);
2825 if ((i && c_r) || c_w)
2826 do_client = 1;
2827
2828 if (do_server && debug) {
2829 if (SSL_in_init(s_ssl))
2830 printf("server waiting in SSL_accept - %s\n",
2831 SSL_state_string_long(s_ssl));
2832/*-
2833 else if (s_write)
2834 printf("server:SSL_write()\n");
2835 else
2836 printf("server:SSL_read()\n"); */
2837 }
2838
2839 if (do_client && debug) {
2840 if (SSL_in_init(c_ssl))
2841 printf("client waiting in SSL_connect - %s\n",
2842 SSL_state_string_long(c_ssl));
2843/*-
2844 else if (c_write)
2845 printf("client:SSL_write()\n");
2846 else
2847 printf("client:SSL_read()\n"); */
2848 }
2849
2850 if (!do_client && !do_server) {
2851 fprintf(stdout, "ERROR IN STARTUP\n");
2852 ERR_print_errors(bio_err);
2853 goto err;
2854 }
2855 if (do_client && !(done & C_DONE)) {
2856 if (c_write) {
2857 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2858 i = BIO_write(c_bio, cbuf, j);
2859 if (i < 0) {
2860 c_r = 0;
2861 c_w = 0;
2862 if (BIO_should_retry(c_bio)) {
2863 if (BIO_should_read(c_bio))
2864 c_r = 1;
2865 if (BIO_should_write(c_bio))
2866 c_w = 1;
2867 } else {
2868 fprintf(stderr, "ERROR in CLIENT\n");
2869 err_in_client = 1;
2870 ERR_print_errors(bio_err);
2871 goto err;
2872 }
2873 } else if (i == 0) {
2874 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2875 goto err;
2876 } else {
2877 if (debug)
2878 printf("client wrote %d\n", i);
2879 /* ok */
2880 s_r = 1;
2881 c_write = 0;
2882 cw_num -= i;
2883 if (max_frag > 1029)
2884 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2885 }
2886 } else {
2887 i = BIO_read(c_bio, cbuf, bufsiz);
2888 if (i < 0) {
2889 c_r = 0;
2890 c_w = 0;
2891 if (BIO_should_retry(c_bio)) {
2892 if (BIO_should_read(c_bio))
2893 c_r = 1;
2894 if (BIO_should_write(c_bio))
2895 c_w = 1;
2896 } else {
2897 fprintf(stderr, "ERROR in CLIENT\n");
2898 err_in_client = 1;
2899 ERR_print_errors(bio_err);
2900 goto err;
2901 }
2902 } else if (i == 0) {
2903 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2904 goto err;
2905 } else {
2906 if (debug)
2907 printf("client read %d\n", i);
2908 cr_num -= i;
2909 if (sw_num > 0) {
2910 s_write = 1;
2911 s_w = 1;
2912 }
2913 if (cr_num <= 0) {
2914 s_write = 1;
2915 s_w = 1;
2916 done = S_DONE | C_DONE;
2917 }
2918 }
2919 }
2920 }
2921
2922 if (do_server && !(done & S_DONE)) {
2923 if (!s_write) {
2924 i = BIO_read(s_bio, sbuf, bufsiz);
2925 if (i < 0) {
2926 s_r = 0;
2927 s_w = 0;
2928 if (BIO_should_retry(s_bio)) {
2929 if (BIO_should_read(s_bio))
2930 s_r = 1;
2931 if (BIO_should_write(s_bio))
2932 s_w = 1;
2933 } else {
2934 fprintf(stderr, "ERROR in SERVER\n");
2935 err_in_server = 1;
2936 ERR_print_errors(bio_err);
2937 goto err;
2938 }
2939 } else if (i == 0) {
2940 ERR_print_errors(bio_err);
2941 fprintf(stderr,
2942 "SSL SERVER STARTUP FAILED in SSL_read\n");
2943 goto err;
2944 } else {
2945 if (debug)
2946 printf("server read %d\n", i);
2947 sr_num -= i;
2948 if (cw_num > 0) {
2949 c_write = 1;
2950 c_w = 1;
2951 }
2952 if (sr_num <= 0) {
2953 s_write = 1;
2954 s_w = 1;
2955 c_write = 0;
2956 }
2957 }
2958 } else {
2959 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2960 i = BIO_write(s_bio, sbuf, j);
2961 if (i < 0) {
2962 s_r = 0;
2963 s_w = 0;
2964 if (BIO_should_retry(s_bio)) {
2965 if (BIO_should_read(s_bio))
2966 s_r = 1;
2967 if (BIO_should_write(s_bio))
2968 s_w = 1;
2969 } else {
2970 fprintf(stderr, "ERROR in SERVER\n");
2971 err_in_server = 1;
2972 ERR_print_errors(bio_err);
2973 goto err;
2974 }
2975 } else if (i == 0) {
2976 ERR_print_errors(bio_err);
2977 fprintf(stderr,
2978 "SSL SERVER STARTUP FAILED in SSL_write\n");
2979 goto err;
2980 } else {
2981 if (debug)
2982 printf("server wrote %d\n", i);
2983 sw_num -= i;
2984 s_write = 0;
2985 c_r = 1;
2986 if (sw_num <= 0)
2987 done |= S_DONE;
2988 if (max_frag > 1029)
2989 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2990 }
2991 }
2992 }
2993
2994 if ((done & S_DONE) && (done & C_DONE))
2995 break;
2996 }
2997
2998 if (verbose)
2999 print_details(c_ssl, "DONE: ");
3000#ifndef OPENSSL_NO_NEXTPROTONEG
3001 if (verify_npn(c_ssl, s_ssl) < 0) {
3002 ret = 1;
3003 goto err;
3004 }
3005#endif
3006 if (verify_serverinfo() < 0) {
3007 fprintf(stderr, "Server info verify error\n");
3008 ret = 1;
3009 goto err;
3010 }
3011 if (custom_ext_error) {
3012 fprintf(stderr, "Custom extension error\n");
3013 ret = 1;
3014 goto err;
3015 }
3016 ret = 0;
3017 err:
3018 /*
3019 * We have to set the BIO's to NULL otherwise they will be
3020 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
3021 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
3022 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
3023 * SSL_free() automatically BIO_free non NULL entries. You should not
3024 * normally do this or be required to do this
3025 */
3026 if (s_ssl != NULL) {
3027 s_ssl->rbio = NULL;
3028 s_ssl->wbio = NULL;
3029 }
3030 if (c_ssl != NULL) {
3031 c_ssl->rbio = NULL;
3032 c_ssl->wbio = NULL;
3033 }
3034
3035 BIO_free(c_to_s);
3036 BIO_free(s_to_c);
3037 BIO_free_all(c_bio);
3038 BIO_free_all(s_bio);
3039 OPENSSL_free(cbuf);
3040 OPENSSL_free(sbuf);
3041
3042 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
3043 ret = (err_in_client != 0) ? 0 : 1;
3044 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
3045 ret = (err_in_server != 0) ? 0 : 1;
3046
3047 return (ret);
3048}
3049
3050static CRYPTO_ONCE proxy_auth_ex_data_once = CRYPTO_ONCE_STATIC_INIT;
3051static volatile int proxy_auth_ex_data_idx = -1;
3052
3053static void do_get_proxy_auth_ex_data_idx(void)
3054{
3055 proxy_auth_ex_data_idx = X509_STORE_CTX_get_ex_new_index(0,
3056 "SSLtest for verify callback",
3057 NULL, NULL, NULL);
3058}
3059
3060static int get_proxy_auth_ex_data_idx(void)
3061{
3062 CRYPTO_THREAD_run_once(&proxy_auth_ex_data_once,
3063 do_get_proxy_auth_ex_data_idx);
3064 return proxy_auth_ex_data_idx;
3065}
3066
3067static int verify_callback(int ok, X509_STORE_CTX *ctx)
3068{
3069 char *s, buf[256];
3070
3071 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
3072 sizeof buf);
3073 if (s != NULL) {
3074 if (ok)
3075 printf("depth=%d %s\n", ctx->error_depth, buf);
3076 else {
3077 fprintf(stderr, "depth=%d error=%d %s\n",
3078 ctx->error_depth, ctx->error, buf);
3079 }
3080 }
3081
3082 if (ok == 0) {
3083 switch (ctx->error) {
3084 default:
3085 fprintf(stderr, "Error string: %s\n",
3086 X509_verify_cert_error_string(ctx->error));
3087 break;
3088 case X509_V_ERR_CERT_NOT_YET_VALID:
3089 case X509_V_ERR_CERT_HAS_EXPIRED:
3090 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
3091 ok = 1;
3092 }
3093 }
3094
3095 if (ok == 1) {
3096 X509 *xs = ctx->current_cert;
3097 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
3098 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
3099 get_proxy_auth_ex_data_idx
3100 ());
3101
3102 if (letters) {
3103 int found_any = 0;
3104 int i;
3105 PROXY_CERT_INFO_EXTENSION *pci =
3106 X509_get_ext_d2i(xs, NID_proxyCertInfo,
3107 NULL, NULL);
3108
3109 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
3110 case NID_Independent:
3111 /*
3112 * Completely meaningless in this program, as there's no
3113 * way to grant explicit rights to a specific PrC.
3114 * Basically, using id-ppl-Independent is the perfect way
3115 * to grant no rights at all.
3116 */
3117 fprintf(stderr, " Independent proxy certificate");
3118 for (i = 0; i < 26; i++)
3119 letters[i] = 0;
3120 break;
3121 case NID_id_ppl_inheritAll:
3122 /*
3123 * This is basically a NOP, we simply let the current
3124 * rights stand as they are.
3125 */
3126 fprintf(stderr, " Proxy certificate inherits all");
3127 break;
3128 default:
3129 s = (char *)
3130 pci->proxyPolicy->policy->data;
3131 i = pci->proxyPolicy->policy->length;
3132
3133 /*
3134 * The algorithm works as follows: it is assumed that
3135 * previous iterations or the initial granted rights has
3136 * already set some elements of `letters'. What we need
3137 * to do is to clear those that weren't granted by the
3138 * current PrC as well. The easiest way to do this is to
3139 * add 1 to all the elements whose letters are given with
3140 * the current policy. That way, all elements that are
3141 * set by the current policy and were already set by
3142 * earlier policies and through the original grant of
3143 * rights will get the value 2 or higher. The last thing
3144 * to do is to sweep through `letters' and keep the
3145 * elements having the value 2 as set, and clear all the
3146 * others.
3147 */
3148
3149 printf(" Certificate proxy rights = %*.*s", i,
3150 i, s);
3151 while (i-- > 0) {
3152 int c = *s++;
3153 if (isascii(c) && isalpha(c)) {
3154 if (islower(c))
3155 c = toupper(c);
3156 letters[c - 'A']++;
3157 }
3158 }
3159 for (i = 0; i < 26; i++)
3160 if (letters[i] < 2)
3161 letters[i] = 0;
3162 else
3163 letters[i] = 1;
3164 }
3165
3166 found_any = 0;
3167 printf(", resulting proxy rights = ");
3168 for (i = 0; i < 26; i++)
3169 if (letters[i]) {
3170 printf("%c", i + 'A');
3171 found_any = 1;
3172 }
3173 if (!found_any)
3174 printf("none");
3175 printf("\n");
3176
3177 PROXY_CERT_INFO_EXTENSION_free(pci);
3178 }
3179 }
3180 }
3181
3182 return (ok);
3183}
3184
3185static void process_proxy_debug(int indent, const char *format, ...)
3186{
3187 /* That's 80 > */
3188 static const char indentation[] =
3189 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
3190 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
3191 char my_format[256];
3192 va_list args;
3193
3194 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
3195 indent, indent, indentation, format);
3196
3197 va_start(args, format);
3198 vfprintf(stderr, my_format, args);
3199 va_end(args);
3200}
3201
3202/*-
3203 * Priority levels:
3204 * 0 [!]var, ()
3205 * 1 & ^
3206 * 2 |
3207 */
3208static int process_proxy_cond_adders(unsigned int letters[26],
3209 const char *cond, const char **cond_end,
3210 int *pos, int indent);
3211static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
3212 const char **cond_end, int *pos, int indent)
3213{
3214 int c;
3215 int ok = 1;
3216 int negate = 0;
3217
3218 while (isspace((int)*cond)) {
3219 cond++;
3220 (*pos)++;
3221 }
3222 c = *cond;
3223
3224 if (debug)
3225 process_proxy_debug(indent,
3226 "Start process_proxy_cond_val at position %d: %s\n",
3227 *pos, cond);
3228
3229 while (c == '!') {
3230 negate = !negate;
3231 cond++;
3232 (*pos)++;
3233 while (isspace((int)*cond)) {
3234 cond++;
3235 (*pos)++;
3236 }
3237 c = *cond;
3238 }
3239
3240 if (c == '(') {
3241 cond++;
3242 (*pos)++;
3243 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
3244 indent + 1);
3245 cond = *cond_end;
3246 if (ok < 0)
3247 goto end;
3248 while (isspace((int)*cond)) {
3249 cond++;
3250 (*pos)++;
3251 }
3252 c = *cond;
3253 if (c != ')') {
3254 fprintf(stderr,
3255 "Weird condition character in position %d: "
3256 "%c\n", *pos, c);
3257 ok = -1;
3258 goto end;
3259 }
3260 cond++;
3261 (*pos)++;
3262 } else if (isascii(c) && isalpha(c)) {
3263 if (islower(c))
3264 c = toupper(c);
3265 ok = letters[c - 'A'];
3266 cond++;
3267 (*pos)++;
3268 } else {
3269 fprintf(stderr,
3270 "Weird condition character in position %d: " "%c\n", *pos, c);
3271 ok = -1;
3272 goto end;
3273 }
3274 end:
3275 *cond_end = cond;
3276 if (ok >= 0 && negate)
3277 ok = !ok;
3278
3279 if (debug)
3280 process_proxy_debug(indent,
3281 "End process_proxy_cond_val at position %d: %s, returning %d\n",
3282 *pos, cond, ok);
3283
3284 return ok;
3285}
3286
3287static int process_proxy_cond_multipliers(unsigned int letters[26],
3288 const char *cond,
3289 const char **cond_end, int *pos,
3290 int indent)
3291{
3292 int ok;
3293 char c;
3294
3295 if (debug)
3296 process_proxy_debug(indent,
3297 "Start process_proxy_cond_multipliers at position %d: %s\n",
3298 *pos, cond);
3299
3300 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
3301 cond = *cond_end;
3302 if (ok < 0)
3303 goto end;
3304
3305 while (ok >= 0) {
3306 while (isspace((int)*cond)) {
3307 cond++;
3308 (*pos)++;
3309 }
3310 c = *cond;
3311
3312 switch (c) {
3313 case '&':
3314 case '^':
3315 {
3316 int save_ok = ok;
3317
3318 cond++;
3319 (*pos)++;
3320 ok = process_proxy_cond_val(letters,
3321 cond, cond_end, pos, indent + 1);
3322 cond = *cond_end;
3323 if (ok < 0)
3324 break;
3325
3326 switch (c) {
3327 case '&':
3328 ok &= save_ok;
3329 break;
3330 case '^':
3331 ok ^= save_ok;
3332 break;
3333 default:
3334 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3335 " STOPPING\n");
3336 EXIT(1);
3337 }
3338 }
3339 break;
3340 default:
3341 goto end;
3342 }
3343 }
3344 end:
3345 if (debug)
3346 process_proxy_debug(indent,
3347 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
3348 *pos, cond, ok);
3349
3350 *cond_end = cond;
3351 return ok;
3352}
3353
3354static int process_proxy_cond_adders(unsigned int letters[26],
3355 const char *cond, const char **cond_end,
3356 int *pos, int indent)
3357{
3358 int ok;
3359 char c;
3360
3361 if (debug)
3362 process_proxy_debug(indent,
3363 "Start process_proxy_cond_adders at position %d: %s\n",
3364 *pos, cond);
3365
3366 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
3367 indent + 1);
3368 cond = *cond_end;
3369 if (ok < 0)
3370 goto end;
3371
3372 while (ok >= 0) {
3373 while (isspace((int)*cond)) {
3374 cond++;
3375 (*pos)++;
3376 }
3377 c = *cond;
3378
3379 switch (c) {
3380 case '|':
3381 {
3382 int save_ok = ok;
3383
3384 cond++;
3385 (*pos)++;
3386 ok = process_proxy_cond_multipliers(letters,
3387 cond, cond_end, pos,
3388 indent + 1);
3389 cond = *cond_end;
3390 if (ok < 0)
3391 break;
3392
3393 switch (c) {
3394 case '|':
3395 ok |= save_ok;
3396 break;
3397 default:
3398 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3399 " STOPPING\n");
3400 EXIT(1);
3401 }
3402 }
3403 break;
3404 default:
3405 goto end;
3406 }
3407 }
3408 end:
3409 if (debug)
3410 process_proxy_debug(indent,
3411 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
3412 *pos, cond, ok);
3413
3414 *cond_end = cond;
3415 return ok;
3416}
3417
3418static int process_proxy_cond(unsigned int letters[26],
3419 const char *cond, const char **cond_end)
3420{
3421 int pos = 1;
3422 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3423}
3424
3425static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
3426{
3427 int ok = 1;
3428 struct app_verify_arg *cb_arg = arg;
3429 unsigned int letters[26]; /* only used with proxy_auth */
3430
3431 if (cb_arg->app_verify) {
3432 char *s = NULL, buf[256];
3433
3434 printf("In app_verify_callback, allowing cert. ");
3435 printf("Arg is: %s\n", cb_arg->string);
3436 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
3437 (void *)ctx, (void *)ctx->cert);
3438 if (ctx->cert)
3439 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
3440 if (s != NULL) {
3441 printf("cert depth=%d %s\n", ctx->error_depth, buf);
3442 }
3443 return (1);
3444 }
3445 if (cb_arg->proxy_auth) {
3446 int found_any = 0, i;
3447 char *sp;
3448
3449 for (i = 0; i < 26; i++)
3450 letters[i] = 0;
3451 for (sp = cb_arg->proxy_auth; *sp; sp++) {
3452 int c = *sp;
3453 if (isascii(c) && isalpha(c)) {
3454 if (islower(c))
3455 c = toupper(c);
3456 letters[c - 'A'] = 1;
3457 }
3458 }
3459
3460 printf(" Initial proxy rights = ");
3461 for (i = 0; i < 26; i++)
3462 if (letters[i]) {
3463 printf("%c", i + 'A');
3464 found_any = 1;
3465 }
3466 if (!found_any)
3467 printf("none");
3468 printf("\n");
3469
3470 X509_STORE_CTX_set_ex_data(ctx,
3471 get_proxy_auth_ex_data_idx(), letters);
3472 }
3473 if (cb_arg->allow_proxy_certs) {
3474 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
3475 }
3476 ok = X509_verify_cert(ctx);
3477
3478 if (cb_arg->proxy_auth) {
3479 if (ok > 0) {
3480 const char *cond_end = NULL;
3481
3482 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
3483
3484 if (ok < 0)
3485 EXIT(3);
3486 if (*cond_end) {
3487 fprintf(stderr,
3488 "Stopped processing condition before it's end.\n");
3489 ok = 0;
3490 }
3491 if (!ok)
3492 fprintf(stderr,
3493 "Proxy rights check with condition '%s' invalid\n",
3494 cb_arg->proxy_cond);
3495 else
3496 printf("Proxy rights check with condition '%s' ok\n",
3497 cb_arg->proxy_cond);
3498 }
3499 }
3500 return (ok);
3501}
3502
3503#ifndef OPENSSL_NO_DH
3504/*-
3505 * These DH parameters have been generated as follows:
3506 * $ openssl dhparam -C -noout 512
3507 * $ openssl dhparam -C -noout 1024
3508 * $ openssl dhparam -C -noout -dsaparam 1024
3509 * (The third function has been renamed to avoid name conflicts.)
3510 */
3511static DH *get_dh512()
3512{
3513 static unsigned char dh512_p[] = {
3514 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
3515 0xC6,
3516 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
3517 0xB0,
3518 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
3519 0x5F,
3520 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
3521 0xB8,
3522 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
3523 0x33,
3524 0x02, 0xC5, 0xAE, 0x23,
3525 };
3526 static unsigned char dh512_g[] = {
3527 0x02,
3528 };
3529 DH *dh;
3530 BIGNUM *p, *g;
3531
3532 if ((dh = DH_new()) == NULL)
3533 return (NULL);
3534 p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
3535 g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
3536 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
3537 DH_free(dh);
3538 BN_free(p);
3539 BN_free(g);
3540 return (NULL);
3541 }
3542 return (dh);
3543}
3544
3545static DH *get_dh1024()
3546{
3547 static unsigned char dh1024_p[] = {
3548 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
3549 0x3A,
3550 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
3551 0xA2,
3552 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
3553 0xB0,
3554 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
3555 0xC2,
3556 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
3557 0x8C,
3558 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3559 0xB8,
3560 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3561 0x52,
3562 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3563 0xC1,
3564 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3565 0xB1,
3566 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3567 0xAB,
3568 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3569 };
3570 static unsigned char dh1024_g[] = {
3571 0x02,
3572 };
3573 DH *dh;
3574 BIGNUM *p, *g;
3575
3576 if ((dh = DH_new()) == NULL)
3577 return (NULL);
3578 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3579 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3580 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
3581 DH_free(dh);
3582 BN_free(p);
3583 BN_free(g);
3584 return (NULL);
3585 }
3586 return (dh);
3587}
3588
3589static DH *get_dh1024dsa()
3590{
3591 static unsigned char dh1024_p[] = {
3592 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3593 0x00,
3594 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3595 0x19,
3596 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3597 0xD2,
3598 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3599 0x55,
3600 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3601 0xFC,
3602 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3603 0x97,
3604 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3605 0x8D,
3606 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3607 0xBB,
3608 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3609 0xF6,
3610 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3611 0x9E,
3612 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3613 };
3614 static unsigned char dh1024_g[] = {
3615 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3616 0x05,
3617 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3618 0xF3,
3619 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3620 0xE9,
3621 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3622 0x3C,
3623 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3624 0x65,
3625 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3626 0x60,
3627 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3628 0xF6,
3629 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3630 0xA7,
3631 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3632 0xA1,
3633 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3634 0x60,
3635 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3636 };
3637 DH *dh;
3638 BIGNUM *p, *g;
3639
3640 if ((dh = DH_new()) == NULL)
3641 return (NULL);
3642 p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3643 g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3644 if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) {
3645 DH_free(dh);
3646 BN_free(p);
3647 BN_free(g);
3648 return (NULL);
3649 }
3650 DH_set_length(dh, 160);
3651 return (dh);
3652}
3653#endif
3654
3655#ifndef OPENSSL_NO_PSK
3656/* convert the PSK key (psk_key) in ascii to binary (psk) */
3657static int psk_key2bn(const char *pskkey, unsigned char *psk,
3658 unsigned int max_psk_len)
3659{
3660 int ret;
3661 BIGNUM *bn = NULL;
3662
3663 ret = BN_hex2bn(&bn, pskkey);
3664 if (!ret) {
3665 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3666 pskkey);
3667 BN_free(bn);
3668 return 0;
3669 }
3670 if (BN_num_bytes(bn) > (int)max_psk_len) {
3671 BIO_printf(bio_err,
3672 "psk buffer of callback is too small (%d) for key (%d)\n",
3673 max_psk_len, BN_num_bytes(bn));
3674 BN_free(bn);
3675 return 0;
3676 }
3677 ret = BN_bn2bin(bn, psk);
3678 BN_free(bn);
3679 return ret;
3680}
3681
3682static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3683 char *identity,
3684 unsigned int max_identity_len,
3685 unsigned char *psk,
3686 unsigned int max_psk_len)
3687{
3688 int ret;
3689 unsigned int psk_len = 0;
3690
3691 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3692 if (ret < 0)
3693 goto out_err;
3694 if (debug)
3695 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3696 ret);
3697 ret = psk_key2bn(psk_key, psk, max_psk_len);
3698 if (ret < 0)
3699 goto out_err;
3700 psk_len = ret;
3701 out_err:
3702 return psk_len;
3703}
3704
3705static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3706 unsigned char *psk,
3707 unsigned int max_psk_len)
3708{
3709 unsigned int psk_len = 0;
3710
3711 if (strcmp(identity, "Client_identity") != 0) {
3712 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3713 return 0;
3714 }
3715 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3716 return psk_len;
3717}
3718#endif
3719
3720static int do_test_cipherlist(void)
3721{
3722#ifndef OPENSSL_NO_TLS
3723 int i = 0;
3724 const SSL_METHOD *meth;
3725 const SSL_CIPHER *ci, *tci = NULL;
3726
3727 /*
3728 * This is required because ssltest "cheats" and uses internal headers to
3729 * call functions, thus avoiding auto-init
3730 */
3731 OPENSSL_init_crypto(0, NULL);
3732 OPENSSL_init_ssl(0, NULL);
3733
3734 meth = TLS_method();
3735 tci = NULL;
3736 while ((ci = meth->get_cipher(i++)) != NULL) {
3737 if (tci != NULL)
3738 if (ci->id >= tci->id) {
3739 fprintf(stderr, "testing SSLv3 cipher list order: ");
3740 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
3741 return 0;
3742 }
3743 tci = ci;
3744 }
3745#endif
3746
3747 return 1;
3748}
A mirror of the official openssl repository