[people/teissler/ipfire-2.x.git] / src / patches / Pound-2.6-reneg-ciphers-altnames-nosslv2.patch

diff -Naur Pound-2.6.orig/config.c Pound-2.6.reneg-ciphers-altnames-nosslv2/config.c
--- Pound-2.6.orig/config.c	2011-12-28 14:57:45.000000000 +0100
+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/config.c	2012-02-15 21:49:39.000000000 +0100
@@ -31,6 +31,8 @@
 
 #include    "pound.h"
 
+#include    <openssl/x509v3.h>
+
 #ifdef MISS_FACILITYNAMES
 
 /* This is lifted verbatim from the Linux sys/syslog.h */
@@ -76,7 +78,7 @@
 static regex_t  Err414, Err500, Err501, Err503, MaxRequest, HeadRemove, RewriteLocation, RewriteDestination;
 static regex_t  Service, ServiceName, URL, HeadRequire, HeadDeny, BackEnd, Emergency, Priority, HAport, HAportAddr;
 static regex_t  Redirect, RedirectN, TimeOut, Session, Type, TTL, ID, DynScale;
-static regex_t  ClientCert, AddHeader, Ciphers, CAlist, VerifyList, CRLlist, NoHTTPS11;
+static regex_t  ClientCert, AddHeader, DisableSSLv2, SSLAllowClientRenegotiation, SSLHonorCipherOrder, Ciphers, CAlist, VerifyList, CRLlist, NoHTTPS11;
 static regex_t  Grace, Include, ConnTO, IgnoreCase, HTTPS, HTTPSCert, Disabled, Threads, CNName;
 
 static regmatch_t   matches[5];
@@ -167,6 +169,53 @@
     }
 }
 
+unsigned char **
+get_subjectaltnames(X509 *x509, unsigned int *count)
+{
+    *count = 0;
+    unsigned int local_count = 0;
+    unsigned char **result = NULL;
+
+    STACK_OF(GENERAL_NAME) *san_stack = (STACK_OF(GENERAL_NAME)*)X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL);     
+
+    unsigned char *temp[sk_GENERAL_NAME_num(san_stack)];
+
+    GENERAL_NAME *name = NULL;
+    while(sk_GENERAL_NAME_num(san_stack) > 0)
+    {
+        name = sk_GENERAL_NAME_pop(san_stack);
+
+        switch(name->type)
+        {
+            case GEN_DNS:
+                temp[local_count] = strndup(ASN1_STRING_data(name->d.dNSName), ASN1_STRING_length(name->d.dNSName)+1);
+                if(temp[local_count] == NULL) { conf_err("out of memory"); }
+                local_count++;
+                break;
+            default:
+              logmsg(LOG_INFO, "unsupported subjectAltName type encountered: %i", name->type);
+        }
+
+        GENERAL_NAME_free(name);
+    }
+
+    result = (unsigned char**)malloc(sizeof(unsigned char*)*local_count);
+    if(result == NULL) { conf_err("out of memory"); }
+    int i;
+    for(i = 0;i < local_count; i++)
+    {
+        result[i] = strndup(temp[i], strlen(temp[i])+1);
+        if(result[i] == NULL) { conf_err("out of memory"); }
+
+        free(temp[i]);
+    }
+    *count = local_count;
+
+    sk_GENERAL_NAME_pop_free(san_stack, GENERAL_NAME_free);
+
+    return result;
+}
+
 /*
  * parse a back-end
  */
@@ -289,9 +338,12 @@
         } else if(!regexec(&HTTPS, lin, 4, matches, 0)) {
             if((res->ctx = SSL_CTX_new(SSLv23_client_method())) == NULL)
                 conf_err("SSL_CTX_new failed - aborted");
+            SSL_CTX_set_app_data(res->ctx, res);
             SSL_CTX_set_verify(res->ctx, SSL_VERIFY_NONE, NULL);
             SSL_CTX_set_mode(res->ctx, SSL_MODE_AUTO_RETRY);
             SSL_CTX_set_options(res->ctx, SSL_OP_ALL);
+            SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+            SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
             sprintf(lin, "%d-Pound-%ld", getpid(), random());
             SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
             SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);
@@ -299,6 +351,7 @@
         } else if(!regexec(&HTTPSCert, lin, 4, matches, 0)) {
             if((res->ctx = SSL_CTX_new(SSLv23_client_method())) == NULL)
                 conf_err("SSL_CTX_new failed - aborted");
+            SSL_CTX_set_app_data(res->ctx, res);
             lin[matches[1].rm_eo] = '\0';
             if(SSL_CTX_use_certificate_chain_file(res->ctx, lin + matches[1].rm_so) != 1)
                 conf_err("SSL_CTX_use_certificate_chain_file failed - aborted");
@@ -309,6 +362,8 @@
             SSL_CTX_set_verify(res->ctx, SSL_VERIFY_NONE, NULL);
             SSL_CTX_set_mode(res->ctx, SSL_MODE_AUTO_RETRY);
             SSL_CTX_set_options(res->ctx, SSL_OP_ALL);
+            SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+            SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
             sprintf(lin, "%d-Pound-%ld", getpid(), random());
             SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
             SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);
@@ -805,13 +860,23 @@
     /* logmsg(LOG_DEBUG, "Received SSL SNI Header for servername %s", servername); */
 
     SSL_set_SSL_CTX(ssl, NULL);
-    for(pc = ctx; pc; pc = pc->next)
+    for(pc = ctx; pc; pc = pc->next) {
         if(fnmatch(pc->server_name, server_name, 0) == 0) {
             /* logmsg(LOG_DEBUG, "Found cert for %s", servername); */
             SSL_set_SSL_CTX(ssl, pc->ctx);
             return SSL_TLSEXT_ERR_OK;
         }
-
+        else if(pc->subjectAltNameCount > 0 && pc->subjectAltNames != NULL) {
+            int i;
+            for(i = 0; i < pc->subjectAltNameCount; i++) {
+                if(fnmatch(pc->subjectAltNames[i], server_name, 0) == 0) {
+                    SSL_set_SSL_CTX(ssl, pc->ctx);
+                    return SSL_TLSEXT_ERR_OK;
+                }
+            }
+        }
+    }
+    
     /* logmsg(LOG_DEBUG, "No match for %s, default used", server_name); */
     SSL_set_SSL_CTX(ssl, ctx->ctx);
     return SSL_TLSEXT_ERR_OK;
@@ -829,11 +894,15 @@
     SERVICE     *svc;
     MATCHER     *m;
     int         has_addr, has_port, has_other;
+    long	ssl_op_enable, ssl_op_disable;
     struct hostent      *host;
     struct sockaddr_in  in;
     struct sockaddr_in6 in6;
     POUND_CTX   *pc;
 
+    ssl_op_enable = SSL_OP_ALL;
+    ssl_op_disable = SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION | SSL_OP_LEGACY_SERVER_CONNECT;
+
     if((res = (LISTENER *)malloc(sizeof(LISTENER))) == NULL)
         conf_err("ListenHTTPS config: out of memory - aborted");
     memset(res, 0, sizeof(LISTENER));
@@ -844,6 +913,8 @@
     res->err500 = "An internal server error occurred. Please try again later.";
     res->err501 = "This method may not be used.";
     res->err503 = "The service is not available. Please try again later.";
+    res->allow_client_reneg = 0;
+    res->disable_ssl_v2 = 0;
     res->log_level = log_level;
     if(regcomp(&res->verb, xhttp[0], REG_ICASE | REG_NEWLINE | REG_EXTENDED))
         conf_err("xHTTP bad default pattern - aborted");
@@ -959,6 +1030,9 @@
             fclose(fcert);
             memset(server_name, '\0', MAXBUF);
             X509_NAME_oneline(X509_get_subject_name(x509), server_name, MAXBUF - 1);
+            pc->subjectAltNameCount = 0;
+            pc->subjectAltNames = NULL;
+            pc->subjectAltNames = get_subjectaltnames(x509, &(pc->subjectAltNameCount));
             X509_free(x509);
             if(!regexec(&CNName, server_name, 4, matches, 0)) {
                 server_name[matches[1].rm_eo] = '\0';
@@ -1029,6 +1103,25 @@
                 strcat(res->add_head, "\r\n");
                 strcat(res->add_head, lin + matches[1].rm_so);
             }
+	} else if(!regexec(&DisableSSLv2, lin, 4, matches, 0)) {
+	    res->disable_ssl_v2 = 1;
+        } else if(!regexec(&SSLAllowClientRenegotiation, lin, 4, matches, 0)) {
+            res->allow_client_reneg = atoi(lin + matches[1].rm_so);
+            if (res->allow_client_reneg == 2) {
+                ssl_op_enable |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+                ssl_op_disable &= ~SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+            } else {
+                ssl_op_disable |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+                ssl_op_enable &= ~SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+            }
+        } else if(!regexec(&SSLHonorCipherOrder, lin, 4, matches, 0)) {
+            if (atoi(lin + matches[1].rm_so)) {
+                ssl_op_enable |= SSL_OP_CIPHER_SERVER_PREFERENCE;
+                ssl_op_disable &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
+            } else {
+                ssl_op_disable |= SSL_OP_CIPHER_SERVER_PREFERENCE;
+                ssl_op_enable &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
+            }
         } else if(!regexec(&Ciphers, lin, 4, matches, 0)) {
             has_other = 1;
             if(res->ctx == NULL)
@@ -1105,12 +1198,19 @@
                 conf_err("ListenHTTPS: can't set SNI callback");
 #endif
             for(pc = res->ctx; pc; pc = pc->next) {
+                SSL_CTX_set_app_data(pc->ctx, res);
                 SSL_CTX_set_mode(pc->ctx, SSL_MODE_AUTO_RETRY);
-                SSL_CTX_set_options(pc->ctx, SSL_OP_ALL);
+                SSL_CTX_set_options(pc->ctx, ssl_op_enable);
+                SSL_CTX_clear_options(pc->ctx, ssl_op_disable);
+		if (res->disable_ssl_v2 == 1)
+		{
+		    SSL_CTX_set_options(pc->ctx, SSL_OP_NO_SSLv2);
+		}
                 sprintf(lin, "%d-Pound-%ld", getpid(), random());
                 SSL_CTX_set_session_id_context(pc->ctx, (unsigned char *)lin, strlen(lin));
                 SSL_CTX_set_tmp_rsa_callback(pc->ctx, RSA_tmp_callback);
                 SSL_CTX_set_tmp_dh_callback(pc->ctx, DH_tmp_callback);
+                SSL_CTX_set_info_callback(pc->ctx, SSLINFO_callback);
             }
             return res;
         } else {
@@ -1305,6 +1405,9 @@
     || regcomp(&DynScale, "^[ \t]*DynScale[ \t]+([01])[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
     || regcomp(&ClientCert, "^[ \t]*ClientCert[ \t]+([0-3])[ \t]+([1-9])[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
     || regcomp(&AddHeader, "^[ \t]*AddHeader[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
+    || regcomp(&SSLAllowClientRenegotiation, "^[ \t]*SSLAllowClientRenegotiation[ \t]+([012])[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
+    || regcomp(&DisableSSLv2, "^[ \t]*DisableSSLv2[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
+    || regcomp(&SSLHonorCipherOrder, "^[ \t]*SSLHonorCipherOrder[ \t]+([01])[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
     || regcomp(&Ciphers, "^[ \t]*Ciphers[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
     || regcomp(&CAlist, "^[ \t]*CAlist[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
     || regcomp(&VerifyList, "^[ \t]*VerifyList[ \t]+\"(.+)\"[ \t]*$", REG_ICASE | REG_NEWLINE | REG_EXTENDED)
@@ -1463,6 +1566,9 @@
     regfree(&DynScale);
     regfree(&ClientCert);
     regfree(&AddHeader);
+    regfree(&SSLAllowClientRenegotiation);
+    regfree(&DisableSSLv2);
+    regfree(&SSLHonorCipherOrder);
     regfree(&Ciphers);
     regfree(&CAlist);
     regfree(&VerifyList);
diff -Naur Pound-2.6.orig/http.c Pound-2.6.reneg-ciphers-altnames-nosslv2/http.c
--- Pound-2.6.orig/http.c	2011-12-28 14:57:45.000000000 +0100
+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/http.c	2012-02-15 21:44:46.000000000 +0100
@@ -246,6 +246,11 @@
 
 static int  err_to = -1;
 
+typedef struct {
+    int timeout;
+    RENEG_STATE *reneg_state;
+} BIO_ARG;
+
 /*
  * Time-out for client read/gets
  * the SSL manual says not to do it, but it works well enough anyway...
@@ -253,18 +258,32 @@
 static long
 bio_callback(BIO *const bio, const int cmd, const char *argp, int argi, long argl, long ret)
 {
+    BIO_ARG *bio_arg;
     struct pollfd   p;
     int             to, p_res, p_err;
 
     if(cmd != BIO_CB_READ && cmd != BIO_CB_WRITE)
         return ret;
 
+    //logmsg(LOG_NOTICE, "bio callback");
     /* a time-out already occured */
-    if((to = *((int *)BIO_get_callback_arg(bio)) * 1000) < 0) {
+    if((bio_arg = (BIO_ARG*)BIO_get_callback_arg(bio))==NULL) return ret;
+    if((to = bio_arg->timeout * 1000) < 0) {
         errno = ETIMEDOUT;
         return -1;
     }
 
+    /* Renegotiations */
+    //logmsg(LOG_NOTICE, "RENEG STATE %d", bio_arg->reneg_state==NULL?-1:*bio_arg->reneg_state);
+    if (bio_arg->reneg_state != NULL && *bio_arg->reneg_state == RENEG_ABORT) {
+        logmsg(LOG_NOTICE, "REJECTING renegotiated session");
+        errno = ECONNABORTED;
+        return -1;
+    }
+
+    //logmsg(LOG_NOTICE, "TO %d", to);
+    if (to == 0) return ret;
+
     for(;;) {
         memset(&p, 0, sizeof(p));
         BIO_get_fd(bio, &p.fd);
@@ -299,7 +318,7 @@
             return -1;
         case 0:
             /* timeout - mark the BIO as unusable for the future */
-            BIO_set_callback_arg(bio, (char *)&err_to);
+            bio_arg->timeout = err_to;
 #ifdef  EBUG
             logmsg(LOG_WARNING, "(%lx) CALLBACK timeout poll after %d secs: %s",
                 pthread_self(), to / 1000, strerror(p_err));
@@ -503,7 +522,14 @@
     regmatch_t          matches[4];
     struct linger       l;
     double              start_req, end_req;
+    RENEG_STATE		reneg_state;
+    BIO_ARG		ba1, ba2;
 
+    reneg_state = RENEG_INIT;
+    ba1.reneg_state =  &reneg_state;
+    ba2.reneg_state = &reneg_state;
+    ba1.timeout = 0;
+    ba2.timeout = 0;
     from_host = ((thr_arg *)arg)->from_host;
     memcpy(&from_host_addr, from_host.ai_addr, from_host.ai_addrlen);
     from_host.ai_addr = (struct sockaddr *)&from_host_addr;
@@ -512,6 +538,8 @@
     free(((thr_arg *)arg)->from_host.ai_addr);
     free(arg);
 
+    if(lstn->allow_client_reneg) reneg_state = RENEG_ALLOW;
+
     n = 1;
     setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&n, sizeof(n));
     l.l_onoff = 1;
@@ -535,10 +563,11 @@
         close(sock);
         return;
     }
-    if(lstn->to > 0) {
-        BIO_set_callback_arg(cl, (char *)&lstn->to);
+    //if(lstn->to > 0) {
+        ba1.timeout = lstn->to;
+        BIO_set_callback_arg(cl, (char *)&ba1);
         BIO_set_callback(cl, bio_callback);
-    }
+    //}
 
     if(lstn->ctx != NULL) {
         if((ssl = SSL_new(lstn->ctx->ctx)) == NULL) {
@@ -547,6 +576,7 @@
             BIO_free_all(cl);
             return;
         }
+        SSL_set_app_data(ssl, &reneg_state);
         SSL_set_bio(ssl, cl, cl);
         if((bb = BIO_new(BIO_f_ssl())) == NULL) {
             logmsg(LOG_WARNING, "(%lx) BIO_new(Bio_f_ssl()) failed", pthread_self());
@@ -848,7 +878,8 @@
             }
             BIO_set_close(be, BIO_CLOSE);
             if(backend->to > 0) {
-                BIO_set_callback_arg(be, (char *)&backend->to);
+                ba2.timeout = backend->to;
+                BIO_set_callback_arg(be, (char *)&ba2);
                 BIO_set_callback(be, bio_callback);
             }
             if(backend->ctx != NULL) {
diff -Naur Pound-2.6.orig/pound.8 Pound-2.6.reneg-ciphers-altnames-nosslv2/pound.8
--- Pound-2.6.orig/pound.8	2011-12-28 14:57:45.000000000 +0100
+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/pound.8	2012-02-15 21:44:46.000000000 +0100
@@ -501,6 +501,19 @@
 and
 .I SSL_CTX_set_cipher_list(3).
 .TP
+\fBSSLHonorCipherOrder\fR 0|1
+If this value is 1, the server will broadcast a preference to use \fBCiphers\fR in the
+order supplied in the \fBCiphers\fR directive.  If the value is 0, the server will treat
+the Ciphers list as the list of Ciphers it will accept, but no preference will be
+indicated.  Default value is 0.
+.TP
+\fBSSLAllowClientRenegotiation\fR 0|1|2
+If this value is 0, client initiated renegotiation will be disabled.  This will mitigate
+DoS exploits based on client renegotiation, regardless of the patch status of clients and
+servers related to "Secure renegotiation".  If the value is 1, secure renegotiation is
+supported.  If the value is 2, insecure renegotiation is supported, with unpatched
+clients.  /fBThis can lead to a DoS and a Man in the Middle attack!/fR  Default value is 0.
+.TP
 \fBCAlist\fR "CAcert_file"
 Set the list of "trusted" CA's for this server. The CAcert_file is a file containing
 a sequence of CA certificates (PEM format). The names of the defined CA certificates
diff -Naur Pound-2.6.orig/pound.h Pound-2.6.reneg-ciphers-altnames-nosslv2/pound.h
--- Pound-2.6.orig/pound.h	2011-12-28 14:57:45.000000000 +0100
+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/pound.h	2012-02-15 21:49:39.000000000 +0100
@@ -380,6 +380,8 @@
     SSL_CTX             *ctx;
     char                *server_name;
     struct _pound_ctx   *next;
+    unsigned int        subjectAltNameCount;
+    unsigned char       **subjectAltNames;
 } POUND_CTX;
 
 /* Listener definition */
@@ -404,6 +406,8 @@
     int                 rewr_dest;      /* rewrite destination header */
     int                 disabled;       /* true if the listener is disabled */
     int                 log_level;      /* log level for this listener */
+    int                 allow_client_reneg; /* Allow Client SSL Renegotiation */
+    int                disable_ssl_v2; /* Disable SSL version 2 */
     SERVICE             *services;
     struct _listener    *next;
 }   LISTENER;
@@ -419,6 +423,9 @@
     struct _thr_arg *next;
 }   thr_arg;                        /* argument to processing threads: socket, origin */
 
+/* Track SSL handshare/renegotiation so we can reject client-renegotiations. */
+typedef enum { RENEG_INIT=0, RENEG_REJECT, RENEG_ALLOW, RENEG_ABORT } RENEG_STATE;
+
 /* Header types */
 #define HEADER_ILLEGAL              -1
 #define HEADER_OTHER                0
@@ -591,6 +598,11 @@
 extern DH   *DH_tmp_callback(SSL *, int, int);
 
 /*
+ * Renegotiation callback
+ */
+extern void SSLINFO_callback(const SSL *s, int where, int rc);
+
+/*
  * expiration stuff
  */
 #ifndef EXPIRE_TO
diff -Naur Pound-2.6.orig/svc.c Pound-2.6.reneg-ciphers-altnames-nosslv2/svc.c
--- Pound-2.6.orig/svc.c	2011-12-28 14:57:45.000000000 +0100
+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/svc.c	2012-02-15 21:44:46.000000000 +0100
@@ -1797,3 +1797,34 @@
         close(ctl);
     }
 }
+
+void
+SSLINFO_callback(const SSL *ssl, int where, int rc)
+{
+    RENEG_STATE *reneg_state;
+
+    /* Get our thr_arg where we're tracking this connection info */
+    if ((reneg_state = (RENEG_STATE *)SSL_get_app_data(ssl)) == NULL) return;
+
+    /* If we're rejecting renegotiations, move to ABORT if Client Hello is being read. */
+    if ((where & SSL_CB_ACCEPT_LOOP) && *reneg_state == RENEG_REJECT) {
+        int state = SSL_get_state(ssl);
+
+        if (state == SSL3_ST_SR_CLNT_HELLO_A || state == SSL23_ST_SR_CLNT_HELLO_A) {
+           *reneg_state = RENEG_ABORT;
+           logmsg(LOG_WARNING,"rejecting client initiated renegotiation");
+        }
+    }
+    else if (where & SSL_CB_HANDSHAKE_DONE && *reneg_state == RENEG_INIT) {
+       // Reject any followup renegotiations
+       *reneg_state = RENEG_REJECT;
+    }
+
+    //if (where & SSL_CB_HANDSHAKE_START) logmsg(LOG_DEBUG, "handshake start");
+    //else if (where & SSL_CB_HANDSHAKE_DONE) logmsg(LOG_DEBUG, "handshake done");
+    //else if (where & SSL_CB_LOOP) logmsg(LOG_DEBUG, "loop");
+    //else if (where & SSL_CB_READ) logmsg(LOG_DEBUG, "read");
+    //else if (where & SSL_CB_WRITE) logmsg(LOG_DEBUG, "write");
+    //else if (where & SSL_CB_ALERT) logmsg(LOG_DEBUG, "alert");
+}
+
Commit	Line	Data
34374067 MT	1	diff -Naur Pound-2.6.orig/config.c Pound-2.6.reneg-ciphers-altnames-nosslv2/config.c
	2	--- Pound-2.6.orig/config.c 2011-12-28 14:57:45.000000000 +0100
	3	+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/config.c 2012-02-15 21:49:39.000000000 +0100
	4	@@ -31,6 +31,8 @@
	5
	6	#include "pound.h"
	7
	8	+#include <openssl/x509v3.h>
	9	+
	10	#ifdef MISS_FACILITYNAMES
	11
	12	/* This is lifted verbatim from the Linux sys/syslog.h */
	13	@@ -76,7 +78,7 @@
	14	static regex_t Err414, Err500, Err501, Err503, MaxRequest, HeadRemove, RewriteLocation, RewriteDestination;
	15	static regex_t Service, ServiceName, URL, HeadRequire, HeadDeny, BackEnd, Emergency, Priority, HAport, HAportAddr;
	16	static regex_t Redirect, RedirectN, TimeOut, Session, Type, TTL, ID, DynScale;
	17	-static regex_t ClientCert, AddHeader, Ciphers, CAlist, VerifyList, CRLlist, NoHTTPS11;
	18	+static regex_t ClientCert, AddHeader, DisableSSLv2, SSLAllowClientRenegotiation, SSLHonorCipherOrder, Ciphers, CAlist, VerifyList, CRLlist, NoHTTPS11;
	19	static regex_t Grace, Include, ConnTO, IgnoreCase, HTTPS, HTTPSCert, Disabled, Threads, CNName;
	20
	21	static regmatch_t matches[5];
	22	@@ -167,6 +169,53 @@
	23	}
	24	}
	25
	26	+unsigned char **
	27	+get_subjectaltnames(X509 x509, unsigned int count)
	28	+{
	29	+ *count = 0;
	30	+ unsigned int local_count = 0;
	31	+ unsigned char **result = NULL;
	32	+
	33	+ STACK_OF(GENERAL_NAME) san_stack = (STACK_OF(GENERAL_NAME))X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL);
	34	+
	35	+ unsigned char *temp[sk_GENERAL_NAME_num(san_stack)];
	36	+
	37	+ GENERAL_NAME *name = NULL;
	38	+ while(sk_GENERAL_NAME_num(san_stack) > 0)
	39	+ {
	40	+ name = sk_GENERAL_NAME_pop(san_stack);
	41	+
	42	+ switch(name->type)
	43	+ {
	44	+ case GEN_DNS:
	45	+ temp[local_count] = strndup(ASN1_STRING_data(name->d.dNSName), ASN1_STRING_length(name->d.dNSName)+1);
	46	+ if(temp[local_count] == NULL) { conf_err("out of memory"); }
	47	+ local_count++;
	48	+ break;
	49	+ default:
	50	+ logmsg(LOG_INFO, "unsupported subjectAltName type encountered: %i", name->type);
	51	+ }
	52	+
	53	+ GENERAL_NAME_free(name);
	54	+ }
	55	+
	56	+ result = (unsigned char*)malloc(sizeof(unsigned char)*local_count);
	57	+ if(result == NULL) { conf_err("out of memory"); }
	58	+ int i;
	59	+ for(i = 0;i < local_count; i++)
	60	+ {
	61	+ result[i] = strndup(temp[i], strlen(temp[i])+1);
	62	+ if(result[i] == NULL) { conf_err("out of memory"); }
	63	+
	64	+ free(temp[i]);
65	+ }
66	+ *count = local_count;
67	+
68	+ sk_GENERAL_NAME_pop_free(san_stack, GENERAL_NAME_free);
69	+
70	+ return result;
71	+}
72	+
73	/*
74	* parse a back-end
75	*/
76	@@ -289,9 +338,12 @@
77	} else if(!regexec(&HTTPS, lin, 4, matches, 0)) {
78	if((res->ctx = SSL_CTX_new(SSLv23_client_method())) == NULL)
79	conf_err("SSL_CTX_new failed - aborted");
80	+ SSL_CTX_set_app_data(res->ctx, res);
81	SSL_CTX_set_verify(res->ctx, SSL_VERIFY_NONE, NULL);
82	SSL_CTX_set_mode(res->ctx, SSL_MODE_AUTO_RETRY);
83	SSL_CTX_set_options(res->ctx, SSL_OP_ALL);
84	+ SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
85	+ SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
86	sprintf(lin, "%d-Pound-%ld", getpid(), random());
87	SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
88	SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);
89	@@ -299,6 +351,7 @@
90	} else if(!regexec(&HTTPSCert, lin, 4, matches, 0)) {
91	if((res->ctx = SSL_CTX_new(SSLv23_client_method())) == NULL)
92	conf_err("SSL_CTX_new failed - aborted");
93	+ SSL_CTX_set_app_data(res->ctx, res);
94	lin[matches[1].rm_eo] = '\0';
95	if(SSL_CTX_use_certificate_chain_file(res->ctx, lin + matches[1].rm_so) != 1)
96	conf_err("SSL_CTX_use_certificate_chain_file failed - aborted");
97	@@ -309,6 +362,8 @@
98	SSL_CTX_set_verify(res->ctx, SSL_VERIFY_NONE, NULL);
99	SSL_CTX_set_mode(res->ctx, SSL_MODE_AUTO_RETRY);
100	SSL_CTX_set_options(res->ctx, SSL_OP_ALL);
101	+ SSL_CTX_clear_options(res->ctx, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
102	+ SSL_CTX_clear_options(res->ctx, SSL_OP_LEGACY_SERVER_CONNECT);
103	sprintf(lin, "%d-Pound-%ld", getpid(), random());
104	SSL_CTX_set_session_id_context(res->ctx, (unsigned char *)lin, strlen(lin));
105	SSL_CTX_set_tmp_rsa_callback(res->ctx, RSA_tmp_callback);
106	@@ -805,13 +860,23 @@
107	/* logmsg(LOG_DEBUG, "Received SSL SNI Header for servername %s", servername); */
108
109	SSL_set_SSL_CTX(ssl, NULL);
110	- for(pc = ctx; pc; pc = pc->next)
111	+ for(pc = ctx; pc; pc = pc->next) {
112	if(fnmatch(pc->server_name, server_name, 0) == 0) {
113	/* logmsg(LOG_DEBUG, "Found cert for %s", servername); */
114	SSL_set_SSL_CTX(ssl, pc->ctx);
115	return SSL_TLSEXT_ERR_OK;
116	}
117	-
118	+ else if(pc->subjectAltNameCount > 0 && pc->subjectAltNames != NULL) {
119	+ int i;
120	+ for(i = 0; i < pc->subjectAltNameCount; i++) {
121	+ if(fnmatch(pc->subjectAltNames[i], server_name, 0) == 0) {
122	+ SSL_set_SSL_CTX(ssl, pc->ctx);
123	+ return SSL_TLSEXT_ERR_OK;
124	+ }
125	+ }
126	+ }
127	+ }
128	+
129	/* logmsg(LOG_DEBUG, "No match for %s, default used", server_name); */
130	SSL_set_SSL_CTX(ssl, ctx->ctx);
131	return SSL_TLSEXT_ERR_OK;
132	@@ -829,11 +894,15 @@
133	SERVICE *svc;
134	MATCHER *m;
135	int has_addr, has_port, has_other;
136	+ long ssl_op_enable, ssl_op_disable;
137	struct hostent *host;
138	struct sockaddr_in in;
139	struct sockaddr_in6 in6;
140	POUND_CTX *pc;
141
142	+ ssl_op_enable = SSL_OP_ALL;
143	+ ssl_op_disable = SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION \| SSL_OP_LEGACY_SERVER_CONNECT;
144	+
145	if((res = (LISTENER *)malloc(sizeof(LISTENER))) == NULL)
146	conf_err("ListenHTTPS config: out of memory - aborted");
147	memset(res, 0, sizeof(LISTENER));
148	@@ -844,6 +913,8 @@
149	res->err500 = "An internal server error occurred. Please try again later.";
150	res->err501 = "This method may not be used.";
151	res->err503 = "The service is not available. Please try again later.";
152	+ res->allow_client_reneg = 0;
153	+ res->disable_ssl_v2 = 0;
154	res->log_level = log_level;
155	if(regcomp(&res->verb, xhttp[0], REG_ICASE \| REG_NEWLINE \| REG_EXTENDED))
156	conf_err("xHTTP bad default pattern - aborted");
157	@@ -959,6 +1030,9 @@
158	fclose(fcert);
159	memset(server_name, '\0', MAXBUF);
160	X509_NAME_oneline(X509_get_subject_name(x509), server_name, MAXBUF - 1);
161	+ pc->subjectAltNameCount = 0;
162	+ pc->subjectAltNames = NULL;
163	+ pc->subjectAltNames = get_subjectaltnames(x509, &(pc->subjectAltNameCount));
164	X509_free(x509);
165	if(!regexec(&CNName, server_name, 4, matches, 0)) {
166	server_name[matches[1].rm_eo] = '\0';
167	@@ -1029,6 +1103,25 @@
168	strcat(res->add_head, "\r\n");
169	strcat(res->add_head, lin + matches[1].rm_so);
170	}
171	+ } else if(!regexec(&DisableSSLv2, lin, 4, matches, 0)) {
172	+ res->disable_ssl_v2 = 1;
173	+ } else if(!regexec(&SSLAllowClientRenegotiation, lin, 4, matches, 0)) {
174	+ res->allow_client_reneg = atoi(lin + matches[1].rm_so);
175	+ if (res->allow_client_reneg == 2) {
176	+ ssl_op_enable \|= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
177	+ ssl_op_disable &= ~SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
178	+ } else {
179	+ ssl_op_disable \|= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
180	+ ssl_op_enable &= ~SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
181	+ }
182	+ } else if(!regexec(&SSLHonorCipherOrder, lin, 4, matches, 0)) {
183	+ if (atoi(lin + matches[1].rm_so)) {
184	+ ssl_op_enable \|= SSL_OP_CIPHER_SERVER_PREFERENCE;
185	+ ssl_op_disable &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
186	+ } else {
187	+ ssl_op_disable \|= SSL_OP_CIPHER_SERVER_PREFERENCE;
188	+ ssl_op_enable &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
189	+ }
190	} else if(!regexec(&Ciphers, lin, 4, matches, 0)) {
191	has_other = 1;
192	if(res->ctx == NULL)
193	@@ -1105,12 +1198,19 @@
194	conf_err("ListenHTTPS: can't set SNI callback");
195	#endif
196	for(pc = res->ctx; pc; pc = pc->next) {
197	+ SSL_CTX_set_app_data(pc->ctx, res);
198	SSL_CTX_set_mode(pc->ctx, SSL_MODE_AUTO_RETRY);
199	- SSL_CTX_set_options(pc->ctx, SSL_OP_ALL);
200	+ SSL_CTX_set_options(pc->ctx, ssl_op_enable);
201	+ SSL_CTX_clear_options(pc->ctx, ssl_op_disable);
202	+ if (res->disable_ssl_v2 == 1)
203	+ {
204	+ SSL_CTX_set_options(pc->ctx, SSL_OP_NO_SSLv2);
205	+ }
206	sprintf(lin, "%d-Pound-%ld", getpid(), random());
207	SSL_CTX_set_session_id_context(pc->ctx, (unsigned char *)lin, strlen(lin));
208	SSL_CTX_set_tmp_rsa_callback(pc->ctx, RSA_tmp_callback);
209	SSL_CTX_set_tmp_dh_callback(pc->ctx, DH_tmp_callback);
210	+ SSL_CTX_set_info_callback(pc->ctx, SSLINFO_callback);
211	}
212	return res;
213	} else {
214	@@ -1305,6 +1405,9 @@
215	\|\| regcomp(&DynScale, "^[ \t]DynScale[ \t]+([01])[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
216	\|\| regcomp(&ClientCert, "^[ \t]ClientCert[ \t]+([0-3])[ \t]+([1-9])[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
217	\|\| regcomp(&AddHeader, "^[ \t]AddHeader[ \t]+\"(.+)\"[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
218	+ \|\| regcomp(&SSLAllowClientRenegotiation, "^[ \t]SSLAllowClientRenegotiation[ \t]+([012])[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
219	+ \|\| regcomp(&DisableSSLv2, "^[ \t]DisableSSLv2[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
220	+ \|\| regcomp(&SSLHonorCipherOrder, "^[ \t]SSLHonorCipherOrder[ \t]+([01])[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
221	\|\| regcomp(&Ciphers, "^[ \t]Ciphers[ \t]+\"(.+)\"[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
222	\|\| regcomp(&CAlist, "^[ \t]CAlist[ \t]+\"(.+)\"[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
223	\|\| regcomp(&VerifyList, "^[ \t]VerifyList[ \t]+\"(.+)\"[ \t]$", REG_ICASE \| REG_NEWLINE \| REG_EXTENDED)
224	@@ -1463,6 +1566,9 @@
225	regfree(&DynScale);
226	regfree(&ClientCert);
227	regfree(&AddHeader);
228	+ regfree(&SSLAllowClientRenegotiation);
229	+ regfree(&DisableSSLv2);
230	+ regfree(&SSLHonorCipherOrder);
231	regfree(&Ciphers);
232	regfree(&CAlist);
233	regfree(&VerifyList);
234	diff -Naur Pound-2.6.orig/http.c Pound-2.6.reneg-ciphers-altnames-nosslv2/http.c
235	--- Pound-2.6.orig/http.c 2011-12-28 14:57:45.000000000 +0100
236	+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/http.c 2012-02-15 21:44:46.000000000 +0100
237	@@ -246,6 +246,11 @@
238
239	static int err_to = -1;
240
241	+typedef struct {
242	+ int timeout;
243	+ RENEG_STATE *reneg_state;
244	+} BIO_ARG;
245	+
246	/*
247	* Time-out for client read/gets
248	* the SSL manual says not to do it, but it works well enough anyway...
249	@@ -253,18 +258,32 @@
250	static long
251	bio_callback(BIO const bio, const int cmd, const char argp, int argi, long argl, long ret)
252	{
253	+ BIO_ARG *bio_arg;
254	struct pollfd p;
255	int to, p_res, p_err;
256
257	if(cmd != BIO_CB_READ && cmd != BIO_CB_WRITE)
258	return ret;
259
260	+ //logmsg(LOG_NOTICE, "bio callback");
261	/* a time-out already occured */
262	- if((to = ((int )BIO_get_callback_arg(bio)) * 1000) < 0) {
263	+ if((bio_arg = (BIO_ARG*)BIO_get_callback_arg(bio))==NULL) return ret;
264	+ if((to = bio_arg->timeout * 1000) < 0) {
265	errno = ETIMEDOUT;
266	return -1;
267	}
268
269	+ /* Renegotiations */
270	+ //logmsg(LOG_NOTICE, "RENEG STATE %d", bio_arg->reneg_state==NULL?-1:*bio_arg->reneg_state);
271	+ if (bio_arg->reneg_state != NULL && *bio_arg->reneg_state == RENEG_ABORT) {
272	+ logmsg(LOG_NOTICE, "REJECTING renegotiated session");
273	+ errno = ECONNABORTED;
274	+ return -1;
275	+ }
276	+
277	+ //logmsg(LOG_NOTICE, "TO %d", to);
278	+ if (to == 0) return ret;
279	+
280	for(;;) {
281	memset(&p, 0, sizeof(p));
282	BIO_get_fd(bio, &p.fd);
283	@@ -299,7 +318,7 @@
284	return -1;
285	case 0:
286	/* timeout - mark the BIO as unusable for the future */
287	- BIO_set_callback_arg(bio, (char *)&err_to);
288	+ bio_arg->timeout = err_to;
289	#ifdef EBUG
290	logmsg(LOG_WARNING, "(%lx) CALLBACK timeout poll after %d secs: %s",
291	pthread_self(), to / 1000, strerror(p_err));
292	@@ -503,7 +522,14 @@
293	regmatch_t matches[4];
294	struct linger l;
295	double start_req, end_req;
296	+ RENEG_STATE reneg_state;
297	+ BIO_ARG ba1, ba2;
298
299	+ reneg_state = RENEG_INIT;
300	+ ba1.reneg_state = &reneg_state;
301	+ ba2.reneg_state = &reneg_state;
302	+ ba1.timeout = 0;
303	+ ba2.timeout = 0;
304	from_host = ((thr_arg *)arg)->from_host;
305	memcpy(&from_host_addr, from_host.ai_addr, from_host.ai_addrlen);
306	from_host.ai_addr = (struct sockaddr *)&from_host_addr;
307	@@ -512,6 +538,8 @@
308	free(((thr_arg *)arg)->from_host.ai_addr);
309	free(arg);
310
311	+ if(lstn->allow_client_reneg) reneg_state = RENEG_ALLOW;
312	+
313	n = 1;
314	setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&n, sizeof(n));
315	l.l_onoff = 1;
316	@@ -535,10 +563,11 @@
317	close(sock);
318	return;
319	}
320	- if(lstn->to > 0) {
321	- BIO_set_callback_arg(cl, (char *)&lstn->to);
322	+ //if(lstn->to > 0) {
323	+ ba1.timeout = lstn->to;
324	+ BIO_set_callback_arg(cl, (char *)&ba1);
325	BIO_set_callback(cl, bio_callback);
326	- }
327	+ //}
328
329	if(lstn->ctx != NULL) {
330	if((ssl = SSL_new(lstn->ctx->ctx)) == NULL) {
331	@@ -547,6 +576,7 @@
332	BIO_free_all(cl);
333	return;
334	}
335	+ SSL_set_app_data(ssl, &reneg_state);
336	SSL_set_bio(ssl, cl, cl);
337	if((bb = BIO_new(BIO_f_ssl())) == NULL) {
338	logmsg(LOG_WARNING, "(%lx) BIO_new(Bio_f_ssl()) failed", pthread_self());
339	@@ -848,7 +878,8 @@
340	}
341	BIO_set_close(be, BIO_CLOSE);
342	if(backend->to > 0) {
343	- BIO_set_callback_arg(be, (char *)&backend->to);
344	+ ba2.timeout = backend->to;
345	+ BIO_set_callback_arg(be, (char *)&ba2);
346	BIO_set_callback(be, bio_callback);
347	}
348	if(backend->ctx != NULL) {
349	diff -Naur Pound-2.6.orig/pound.8 Pound-2.6.reneg-ciphers-altnames-nosslv2/pound.8
350	--- Pound-2.6.orig/pound.8 2011-12-28 14:57:45.000000000 +0100
351	+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/pound.8 2012-02-15 21:44:46.000000000 +0100
352	@@ -501,6 +501,19 @@
353	and
354	.I SSL_CTX_set_cipher_list(3).
355	.TP
356	+\fBSSLHonorCipherOrder\fR 0\|1
357	+If this value is 1, the server will broadcast a preference to use \fBCiphers\fR in the
358	+order supplied in the \fBCiphers\fR directive. If the value is 0, the server will treat
359	+the Ciphers list as the list of Ciphers it will accept, but no preference will be
360	+indicated. Default value is 0.
361	+.TP
362	+\fBSSLAllowClientRenegotiation\fR 0\|1\|2
363	+If this value is 0, client initiated renegotiation will be disabled. This will mitigate
364	+DoS exploits based on client renegotiation, regardless of the patch status of clients and
365	+servers related to "Secure renegotiation". If the value is 1, secure renegotiation is
366	+supported. If the value is 2, insecure renegotiation is supported, with unpatched
367	+clients. /fBThis can lead to a DoS and a Man in the Middle attack!/fR Default value is 0.
368	+.TP
369	\fBCAlist\fR "CAcert_file"
370	Set the list of "trusted" CA's for this server. The CAcert_file is a file containing
371	a sequence of CA certificates (PEM format). The names of the defined CA certificates
372	diff -Naur Pound-2.6.orig/pound.h Pound-2.6.reneg-ciphers-altnames-nosslv2/pound.h
373	--- Pound-2.6.orig/pound.h 2011-12-28 14:57:45.000000000 +0100
374	+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/pound.h 2012-02-15 21:49:39.000000000 +0100
375	@@ -380,6 +380,8 @@
376	SSL_CTX *ctx;
377	char *server_name;
378	struct _pound_ctx *next;
379	+ unsigned int subjectAltNameCount;
380	+ unsigned char **subjectAltNames;
381	} POUND_CTX;
382
383	/* Listener definition */
384	@@ -404,6 +406,8 @@
385	int rewr_dest; /* rewrite destination header */
386	int disabled; /* true if the listener is disabled */
387	int log_level; /* log level for this listener */
388	+ int allow_client_reneg; /* Allow Client SSL Renegotiation */
389	+ int disable_ssl_v2; /* Disable SSL version 2 */
390	SERVICE *services;
391	struct _listener *next;
392	} LISTENER;
393	@@ -419,6 +423,9 @@
394	struct _thr_arg *next;
395	} thr_arg; /* argument to processing threads: socket, origin */
396
397	+/* Track SSL handshare/renegotiation so we can reject client-renegotiations. */
398	+typedef enum { RENEG_INIT=0, RENEG_REJECT, RENEG_ALLOW, RENEG_ABORT } RENEG_STATE;
399	+
400	/* Header types */
401	#define HEADER_ILLEGAL -1
402	#define HEADER_OTHER 0
403	@@ -591,6 +598,11 @@
404	extern DH DH_tmp_callback(SSL , int, int);
405
406	/*
407	+ * Renegotiation callback
408	+ */
409	+extern void SSLINFO_callback(const SSL *s, int where, int rc);
410	+
411	+/*
412	* expiration stuff
413	*/
414	#ifndef EXPIRE_TO
415	diff -Naur Pound-2.6.orig/svc.c Pound-2.6.reneg-ciphers-altnames-nosslv2/svc.c
416	--- Pound-2.6.orig/svc.c 2011-12-28 14:57:45.000000000 +0100
417	+++ Pound-2.6.reneg-ciphers-altnames-nosslv2/svc.c 2012-02-15 21:44:46.000000000 +0100
418	@@ -1797,3 +1797,34 @@
419	close(ctl);
420	}
421	}
422	+
423	+void
424	+SSLINFO_callback(const SSL *ssl, int where, int rc)
425	+{
426	+ RENEG_STATE *reneg_state;
427	+
428	+ /* Get our thr_arg where we're tracking this connection info */
429	+ if ((reneg_state = (RENEG_STATE *)SSL_get_app_data(ssl)) == NULL) return;
430	+
431	+ /* If we're rejecting renegotiations, move to ABORT if Client Hello is being read. */
432	+ if ((where & SSL_CB_ACCEPT_LOOP) && *reneg_state == RENEG_REJECT) {
433	+ int state = SSL_get_state(ssl);
434	+
435	+ if (state == SSL3_ST_SR_CLNT_HELLO_A \|\| state == SSL23_ST_SR_CLNT_HELLO_A) {
436	+ *reneg_state = RENEG_ABORT;
437	+ logmsg(LOG_WARNING,"rejecting client initiated renegotiation");
438	+ }
439	+ }
440	+ else if (where & SSL_CB_HANDSHAKE_DONE && *reneg_state == RENEG_INIT) {
441	+ // Reject any followup renegotiations
442	+ *reneg_state = RENEG_REJECT;
443	+ }
444	+
445	+ //if (where & SSL_CB_HANDSHAKE_START) logmsg(LOG_DEBUG, "handshake start");
446	+ //else if (where & SSL_CB_HANDSHAKE_DONE) logmsg(LOG_DEBUG, "handshake done");
447	+ //else if (where & SSL_CB_LOOP) logmsg(LOG_DEBUG, "loop");
448	+ //else if (where & SSL_CB_READ) logmsg(LOG_DEBUG, "read");
449	+ //else if (where & SSL_CB_WRITE) logmsg(LOG_DEBUG, "write");
450	+ //else if (where & SSL_CB_ALERT) logmsg(LOG_DEBUG, "alert");
451	+}
452	+