]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/ssl_txt.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Remove SSLv2 support
[thirdparty/openssl.git] / ssl / ssl_txt.c
1 /* ssl/ssl_txt.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright 2005 Nokia. All rights reserved.
60 *
61 * The portions of the attached software ("Contribution") is developed by
62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
63 * license.
64 *
65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
67 * support (see RFC 4279) to OpenSSL.
68 *
69 * No patent licenses or other rights except those expressly stated in
70 * the OpenSSL open source license shall be deemed granted or received
71 * expressly, by implication, estoppel, or otherwise.
72 *
73 * No assurances are provided by Nokia that the Contribution does not
74 * infringe the patent or other intellectual property rights of any third
75 * party or that the license provides you with all the necessary rights
76 * to make use of the Contribution.
77 *
78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
82 * OTHERWISE.
83 */
84
85 #include <stdio.h>
86 #include <openssl/buffer.h>
87 #include "ssl_locl.h"
88
89 #ifndef OPENSSL_NO_FP_API
90 int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
91 {
92 BIO *b;
93 int ret;
94
95 if ((b=BIO_new(BIO_s_file_internal())) == NULL)
96 {
97 SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
98 return(0);
99 }
100 BIO_set_fp(b,fp,BIO_NOCLOSE);
101 ret=SSL_SESSION_print(b,x);
102 BIO_free(b);
103 return(ret);
104 }
105 #endif
106
107 int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
108 {
109 unsigned int i;
110 const char *s;
111
112 if (x == NULL) goto err;
113 if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
114 if (x->ssl_version == SSL3_VERSION)
115 s="SSLv3";
116 else if (x->ssl_version == TLS1_2_VERSION)
117 s="TLSv1.2";
118 else if (x->ssl_version == TLS1_1_VERSION)
119 s="TLSv1.1";
120 else if (x->ssl_version == TLS1_VERSION)
121 s="TLSv1";
122 else if (x->ssl_version == DTLS1_VERSION)
123 s="DTLSv1";
124 else if (x->ssl_version == DTLS1_2_VERSION)
125 s="DTLSv1.2";
126 else if (x->ssl_version == DTLS1_BAD_VER)
127 s="DTLSv1-bad";
128 else
129 s="unknown";
130 if (BIO_printf(bp," Protocol : %s\n",s) <= 0) goto err;
131
132 if (x->cipher == NULL)
133 {
134 if (((x->cipher_id) & 0xff000000) == 0x02000000)
135 {
136 if (BIO_printf(bp," Cipher : %06lX\n",x->cipher_id&0xffffff) <= 0)
137 goto err;
138 }
139 else
140 {
141 if (BIO_printf(bp," Cipher : %04lX\n",x->cipher_id&0xffff) <= 0)
142 goto err;
143 }
144 }
145 else
146 {
147 if (BIO_printf(bp," Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
148 goto err;
149 }
150 if (BIO_puts(bp," Session-ID: ") <= 0) goto err;
151 for (i=0; i<x->session_id_length; i++)
152 {
153 if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
154 }
155 if (BIO_puts(bp,"\n Session-ID-ctx: ") <= 0) goto err;
156 for (i=0; i<x->sid_ctx_length; i++)
157 {
158 if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0)
159 goto err;
160 }
161 if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err;
162 for (i=0; i<(unsigned int)x->master_key_length; i++)
163 {
164 if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
165 }
166 #ifndef OPENSSL_NO_KRB5
167 if (BIO_puts(bp,"\n Krb5 Principal: ") <= 0) goto err;
168 if (x->krb5_client_princ_len == 0)
169 {
170 if (BIO_puts(bp,"None") <= 0) goto err;
171 }
172 else
173 for (i=0; i<x->krb5_client_princ_len; i++)
174 {
175 if (BIO_printf(bp,"%02X",x->krb5_client_princ[i]) <= 0) goto err;
176 }
177 #endif /* OPENSSL_NO_KRB5 */
178 #ifndef OPENSSL_NO_PSK
179 if (BIO_puts(bp,"\n PSK identity: ") <= 0) goto err;
180 if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0) goto err;
181 if (BIO_puts(bp,"\n PSK identity hint: ") <= 0) goto err;
182 if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0) goto err;
183 #endif
184 #ifndef OPENSSL_NO_SRP
185 if (BIO_puts(bp,"\n SRP username: ") <= 0) goto err;
186 if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0) goto err;
187 #endif
188 #ifndef OPENSSL_NO_TLSEXT
189 if (x->tlsext_tick_lifetime_hint)
190 {
191 if (BIO_printf(bp,
192 "\n TLS session ticket lifetime hint: %ld (seconds)",
193 x->tlsext_tick_lifetime_hint) <=0)
194 goto err;
195 }
196 if (x->tlsext_tick)
197 {
198 if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0) goto err;
199 if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4) <= 0)
200 goto err;
201 }
202 #endif
203
204 #ifndef OPENSSL_NO_COMP
205 if (x->compress_meth != 0)
206 {
207 SSL_COMP *comp = NULL;
208
209 ssl_cipher_get_evp(x,NULL,NULL,NULL,NULL,&comp, 0);
210 if (comp == NULL)
211 {
212 if (BIO_printf(bp,"\n Compression: %d",x->compress_meth) <= 0) goto err;
213 }
214 else
215 {
216 if (BIO_printf(bp,"\n Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err;
217 }
218 }
219 #endif
220 if (x->time != 0L)
221 {
222 if (BIO_printf(bp, "\n Start Time: %ld",x->time) <= 0) goto err;
223 }
224 if (x->timeout != 0L)
225 {
226 if (BIO_printf(bp, "\n Timeout : %ld (sec)",x->timeout) <= 0) goto err;
227 }
228 if (BIO_puts(bp,"\n") <= 0) goto err;
229
230 if (BIO_puts(bp, " Verify return code: ") <= 0) goto err;
231 if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
232 X509_verify_cert_error_string(x->verify_result)) <= 0) goto err;
233
234 return(1);
235 err:
236 return(0);
237 }
238
239 /* print session id and master key in NSS keylog format
240 (RSA Session-ID:<session id> Master-Key:<master key>) */
241 int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
242 {
243 unsigned int i;
244
245 if (x == NULL) goto err;
246 if (x->session_id_length==0 || x->master_key_length==0) goto err;
247
248 /* the RSA prefix is required by the format's definition although there's
249 nothing RSA-specifc in the output, therefore, we don't have to check
250 if the cipher suite is based on RSA */
251 if (BIO_puts(bp,"RSA ") <= 0) goto err;
252
253 if (BIO_puts(bp,"Session-ID:") <= 0) goto err;
254 for (i=0; i<x->session_id_length; i++)
255 {
256 if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
257 }
258 if (BIO_puts(bp," Master-Key:") <= 0) goto err;
259 for (i=0; i<(unsigned int)x->master_key_length; i++)
260 {
261 if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
262 }
263 if (BIO_puts(bp,"\n") <= 0) goto err;
264
265 return(1);
266 err:
267 return(0);
268 }
A mirror of the official openssl repository