2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
143 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
144 #define _BSD_SOURCE 1
157 #ifdef OPENSSL_SYS_VMS
158 /* Or isascii won't be declared properly on VMS (at least with DECompHP C). */
159 #define _XOPEN_SOURCE 500
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
184 #ifndef OPENSSL_NO_SRP
185 #include <openssl/srp.h>
187 #include <openssl/bn.h>
190 * Or gethostname won't be declared properly
191 * on Compaq platforms (at least with DEC C).
192 * Do not try to put it earlier, or IPv6 includes
195 #define _XOPEN_SOURCE_EXTENDED 1
197 #ifdef OPENSSL_SYS_WINDOWS
200 #include OPENSSL_UNISTD
203 #ifdef OPENSSL_SYS_VMS
204 # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
205 # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
206 #elif defined(OPENSSL_SYS_WINCE)
207 # define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
208 # define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
209 #elif defined(OPENSSL_SYS_NETWARE)
210 # define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
211 # define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
213 # define TEST_SERVER_CERT "../apps/server.pem"
214 # define TEST_CLIENT_CERT "../apps/client.pem"
217 /* There is really no standard for this, so let's assign some tentative
218 numbers. In any case, these numbers are only for this test */
222 static int verify_callback(int ok, X509_STORE_CTX *ctx);
223 #ifndef OPENSSL_NO_RSA
224 static RSA *tmp_rsa_cb(SSL *s, int is_export,int keylength);
225 static void free_tmp_rsa(void);
227 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
228 #define APP_CALLBACK_STRING "Test Callback Argument"
229 struct app_verify_arg
233 int allow_proxy_certs;
238 #ifndef OPENSSL_NO_DH
239 static DH *get_dh512(void);
240 static DH *get_dh1024(void);
241 static DH *get_dh1024dsa(void);
245 static char *psk_key=NULL; /* by default PSK is not used */
246 #ifndef OPENSSL_NO_PSK
247 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
248 unsigned int max_identity_len, unsigned char *psk,
249 unsigned int max_psk_len);
250 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
251 unsigned int max_psk_len);
254 #ifndef OPENSSL_NO_SRP
256 /* This is a context that we pass to all callbacks */
257 typedef struct srp_client_arg_st
263 #define PWD_STRLEN 1024
265 static char * ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
267 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
268 return BUF_strdup((char *)srp_client_arg->srppassin);
272 /* This is a context that we pass to SRP server callbacks */
273 typedef struct srp_server_arg_st
279 static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
281 SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
283 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
285 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
286 return SSL3_AL_FATAL;
288 if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
290 *ad = SSL_AD_INTERNAL_ERROR;
291 return SSL3_AL_FATAL;
293 return SSL_ERROR_NONE;
297 static BIO *bio_err=NULL;
298 static BIO *bio_stdout=NULL;
300 #ifndef OPENSSL_NO_NEXTPROTONEG
301 /* Note that this code assumes that this is only a one element list: */
302 static const char NEXT_PROTO_STRING[] = "\x09testproto";
305 int npn_server_reject = 0;
307 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
309 /* This callback only returns the protocol string, rather than a length
310 prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
311 remove the first byte to chop off the length prefix. */
312 *out = (unsigned char*) NEXT_PROTO_STRING + 1;
313 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
314 return SSL_TLSEXT_ERR_OK;
317 static int cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
319 *data = (const unsigned char *) NEXT_PROTO_STRING;
320 *len = sizeof(NEXT_PROTO_STRING) - 1;
321 return SSL_TLSEXT_ERR_OK;
324 static int cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
326 return SSL_TLSEXT_ERR_NOACK;
329 static int verify_npn(SSL *client, SSL *server)
331 const unsigned char *client_s;
333 const unsigned char *server_s;
336 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
337 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
341 BIO_printf(bio_stdout, "Client NPN: ");
342 BIO_write(bio_stdout, client_s, client_len);
343 BIO_printf(bio_stdout, "\n");
348 BIO_printf(bio_stdout, "Server NPN: ");
349 BIO_write(bio_stdout, server_s, server_len);
350 BIO_printf(bio_stdout, "\n");
353 /* If an NPN string was returned, it must be the protocol that we
354 * expected to negotiate. */
355 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
356 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
358 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
359 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
362 if (!npn_client && client_len)
364 if (!npn_server && server_len)
366 if (npn_server_reject && server_len)
368 if (npn_client && npn_server && (!client_len || !server_len))
375 static const char *alpn_client;
376 static const char *alpn_server;
377 static const char *alpn_expected;
378 static unsigned char *alpn_selected;
381 * next_protos_parse parses a comma separated list of strings into a string
382 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
383 * outlen: (output) set to the length of the resulting buffer on success.
384 * err: (maybe NULL) on failure, an error message line is written to this BIO.
385 * in: a NUL terminated string like "abc,def,ghi"
387 * returns: a malloced buffer or NULL on failure.
389 static unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
399 out = OPENSSL_malloc(strlen(in) + 1);
403 for (i = 0; i <= len; ++i)
405 if (i == len || in[i] == ',')
412 out[start] = i - start;
423 static int cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
425 unsigned char *protos;
426 unsigned short protos_len;
428 protos = next_protos_parse(&protos_len, alpn_server);
431 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", alpn_server);
435 if (SSL_select_next_proto((unsigned char**) out, outlen, protos, protos_len, in, inlen) !=
436 OPENSSL_NPN_NEGOTIATED)
438 OPENSSL_free(protos);
439 return SSL_TLSEXT_ERR_NOACK;
442 /* Make a copy of the selected protocol which will be freed in verify_alpn. */
443 alpn_selected = OPENSSL_malloc(*outlen);
444 memcpy(alpn_selected, *out, *outlen);
445 *out = alpn_selected;
447 OPENSSL_free(protos);
448 return SSL_TLSEXT_ERR_OK;
451 static int verify_alpn(SSL *client, SSL *server)
453 const unsigned char *client_proto, *server_proto;
454 unsigned int client_proto_len = 0, server_proto_len = 0;
455 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
456 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
458 if (alpn_selected != NULL)
460 OPENSSL_free(alpn_selected);
461 alpn_selected = NULL;
464 if (client_proto_len != server_proto_len ||
465 memcmp(client_proto, server_proto, client_proto_len) != 0)
467 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
471 if (client_proto_len > 0 && alpn_expected == NULL)
473 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
477 if (alpn_expected != NULL &&
478 (client_proto_len != strlen(alpn_expected) ||
479 memcmp(client_proto, alpn_expected, client_proto_len) != 0))
481 BIO_printf(bio_stdout, "ALPN selected protocols not equal to expected protocol: %s\n", alpn_expected);
488 BIO_printf(bio_stdout, "ALPN results: client: '");
489 BIO_write(bio_stdout, client_proto, client_proto_len);
490 BIO_printf(bio_stdout, "', server: '");
491 BIO_write(bio_stdout, server_proto, server_proto_len);
492 BIO_printf(bio_stdout, "'\n");
493 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", alpn_client, alpn_server);
497 #define SCT_EXT_TYPE 18
499 /* WARNING : below extension types are *NOT* IETF assigned, and
500 could conflict if these types are reassigned and handled
501 specially by OpenSSL in the future */
502 #define TACK_EXT_TYPE 62208
503 #define CUSTOM_EXT_TYPE_0 1000
504 #define CUSTOM_EXT_TYPE_1 1001
505 #define CUSTOM_EXT_TYPE_2 1002
506 #define CUSTOM_EXT_TYPE_3 1003
508 const char custom_ext_cli_string[] = "abc";
509 const char custom_ext_srv_string[] = "defg";
511 /* These set from cmdline */
512 char* serverinfo_file = NULL;
513 int serverinfo_sct = 0;
514 int serverinfo_tack = 0;
516 /* These set based on extension callbacks */
517 int serverinfo_sct_seen = 0;
518 int serverinfo_tack_seen = 0;
519 int serverinfo_other_seen = 0;
521 /* This set from cmdline */
524 /* This set based on extension callbacks */
525 int custom_ext_error = 0;
527 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
528 const unsigned char *in, size_t inlen,
531 if (ext_type == SCT_EXT_TYPE)
532 serverinfo_sct_seen++;
533 else if (ext_type == TACK_EXT_TYPE)
534 serverinfo_tack_seen++;
536 serverinfo_other_seen++;
540 static int verify_serverinfo()
542 if (serverinfo_sct != serverinfo_sct_seen)
544 if (serverinfo_tack != serverinfo_tack_seen)
546 if (serverinfo_other_seen)
552 * Four test cases for custom extensions:
553 * 0 - no ClientHello extension or ServerHello response
554 * 1 - ClientHello with "abc", no response
555 * 2 - ClientHello with "abc", empty response
556 * 3 - ClientHello with "abc", "defg" response
559 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
560 const unsigned char **out,
561 size_t *outlen, int *al, void *arg)
563 if (ext_type != CUSTOM_EXT_TYPE_0)
564 custom_ext_error = 1;
565 return 0; /* Don't send an extension */
568 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
569 const unsigned char *in,
570 size_t inlen, int *al,
576 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
577 const unsigned char **out,
578 size_t *outlen, int *al, void *arg)
580 if (ext_type != CUSTOM_EXT_TYPE_1)
581 custom_ext_error = 1;
582 *out = (const unsigned char*)custom_ext_cli_string;
583 *outlen = strlen(custom_ext_cli_string);
584 return 1; /* Send "abc" */
587 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
588 const unsigned char *in,
589 size_t inlen, int *al,
595 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
596 const unsigned char **out,
597 size_t *outlen, int *al, void *arg)
599 if (ext_type != CUSTOM_EXT_TYPE_2)
600 custom_ext_error = 1;
601 *out = (const unsigned char*)custom_ext_cli_string;
602 *outlen = strlen(custom_ext_cli_string);
603 return 1; /* Send "abc" */
606 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
607 const unsigned char *in,
608 size_t inlen, int *al,
611 if (ext_type != CUSTOM_EXT_TYPE_2)
612 custom_ext_error = 1;
614 custom_ext_error = 1; /* Should be empty response */
618 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
619 const unsigned char **out,
620 size_t *outlen, int *al, void *arg)
622 if (ext_type != CUSTOM_EXT_TYPE_3)
623 custom_ext_error = 1;
624 *out = (const unsigned char*)custom_ext_cli_string;
625 *outlen = strlen(custom_ext_cli_string);
626 return 1; /* Send "abc" */
629 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
630 const unsigned char *in,
631 size_t inlen, int *al,
634 if (ext_type != CUSTOM_EXT_TYPE_3)
635 custom_ext_error = 1;
636 if (inlen != strlen(custom_ext_srv_string))
637 custom_ext_error = 1;
638 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
639 custom_ext_error = 1; /* Check for "defg" */
643 /* custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback for this extension */
644 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
645 const unsigned char *in,
646 size_t inlen, int *al,
649 custom_ext_error = 1;
653 /* 'add' callbacks are only called if the 'parse' callback is called */
654 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
655 const unsigned char **out,
656 size_t *outlen, int *al, void *arg)
658 /* Error: should not have been called */
659 custom_ext_error = 1;
660 return 0; /* Don't send an extension */
663 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
664 const unsigned char *in,
665 size_t inlen, int *al,
668 if (ext_type != CUSTOM_EXT_TYPE_1)
669 custom_ext_error = 1;
670 /* Check for "abc" */
671 if (inlen != strlen(custom_ext_cli_string))
672 custom_ext_error = 1;
673 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
674 custom_ext_error = 1;
678 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
679 const unsigned char **out,
680 size_t *outlen, int *al, void *arg)
682 return 0; /* Don't send an extension */
685 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
686 const unsigned char *in,
687 size_t inlen, int *al,
690 if (ext_type != CUSTOM_EXT_TYPE_2)
691 custom_ext_error = 1;
692 /* Check for "abc" */
693 if (inlen != strlen(custom_ext_cli_string))
694 custom_ext_error = 1;
695 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
696 custom_ext_error = 1;
700 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
701 const unsigned char **out,
702 size_t *outlen, int *al, void *arg)
706 return 1; /* Send empty extension */
709 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
710 const unsigned char *in,
711 size_t inlen, int *al,
714 if (ext_type != CUSTOM_EXT_TYPE_3)
715 custom_ext_error = 1;
716 /* Check for "abc" */
717 if (inlen != strlen(custom_ext_cli_string))
718 custom_ext_error = 1;
719 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
720 custom_ext_error = 1;
724 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
725 const unsigned char **out,
726 size_t *outlen, int *al, void *arg)
728 *out = (const unsigned char*)custom_ext_srv_string;
729 *outlen = strlen(custom_ext_srv_string);
730 return 1; /* Send "defg" */
733 static char *cipher=NULL;
734 static int verbose=0;
743 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
745 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
746 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
747 static int do_test_cipherlist(void);
748 static void sv_usage(void)
750 fprintf(stderr,"usage: ssltest [args ...]\n");
751 fprintf(stderr,"\n");
753 fprintf(stderr,"-F - run test in FIPS mode\n");
755 fprintf(stderr," -server_auth - check server certificate\n");
756 fprintf(stderr," -client_auth - do client authentication\n");
757 fprintf(stderr," -proxy - allow proxy certificates\n");
758 fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
759 fprintf(stderr," -proxy_cond <val> - expression to test proxy policy rights\n");
760 fprintf(stderr," -v - more output\n");
761 fprintf(stderr," -d - debug output\n");
762 fprintf(stderr," -reuse - use session-id reuse\n");
763 fprintf(stderr," -num <val> - number of connections to perform\n");
764 fprintf(stderr," -bytes <val> - number of bytes to swap between client/server\n");
765 #ifndef OPENSSL_NO_DH
766 fprintf(stderr," -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
767 fprintf(stderr," -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
768 fprintf(stderr," -no_dhe - disable DHE\n");
770 #ifndef OPENSSL_NO_ECDH
771 fprintf(stderr," -no_ecdhe - disable ECDHE\n");
773 #ifndef OPENSSL_NO_PSK
774 fprintf(stderr," -psk arg - PSK in hex (without 0x)\n");
776 #ifndef OPENSSL_NO_SRP
777 fprintf(stderr," -srpuser user - SRP username to use\n");
778 fprintf(stderr," -srppass arg - password for 'user'\n");
780 #ifndef OPENSSL_NO_SSL3_METHOD
781 fprintf(stderr," -ssl3 - use SSLv3\n");
783 #ifndef OPENSSL_NO_TLS1
784 fprintf(stderr," -tls1 - use TLSv1\n");
786 fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
787 fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
788 fprintf(stderr," -cert arg - Server certificate file\n");
789 fprintf(stderr," -key arg - Server key file (default: same as -cert)\n");
790 fprintf(stderr," -c_cert arg - Client certificate file\n");
791 fprintf(stderr," -c_key arg - Client key file (default: same as -c_cert)\n");
792 fprintf(stderr," -cipher arg - The cipher list\n");
793 fprintf(stderr," -bio_pair - Use BIO pairs\n");
794 fprintf(stderr," -f - Test even cases that can't work\n");
795 fprintf(stderr," -time - measure processor time used by client and server\n");
796 fprintf(stderr," -zlib - use zlib compression\n");
797 fprintf(stderr," -rle - use rle compression\n");
798 #ifndef OPENSSL_NO_ECDH
799 fprintf(stderr," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
800 " Use \"openssl ecparam -list_curves\" for all names\n" \
801 " (default is sect163r2).\n");
803 fprintf(stderr," -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
804 " When this option is requested, the cipherlist\n"
805 " tests are run instead of handshake tests.\n");
806 #ifndef OPENSSL_NO_NEXTPROTONEG
807 fprintf(stderr," -npn_client - have client side offer NPN\n");
808 fprintf(stderr," -npn_server - have server side offer NPN\n");
809 fprintf(stderr," -npn_server_reject - have server reject NPN\n");
811 fprintf(stderr," -serverinfo_file file - have server use this file\n");
812 fprintf(stderr," -serverinfo_sct - have client offer and expect SCT\n");
813 fprintf(stderr," -serverinfo_tack - have client offer and expect TACK\n");
814 fprintf(stderr," -custom_ext - try various custom extension callbacks\n");
815 fprintf(stderr," -alpn_client <string> - have client side offer ALPN\n");
816 fprintf(stderr," -alpn_server <string> - have server side offer ALPN\n");
817 fprintf(stderr," -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
820 static void print_key_details(BIO *out, EVP_PKEY *key)
822 int keyid = EVP_PKEY_id(key);
823 #ifndef OPENSSL_NO_EC
824 if (keyid == EVP_PKEY_EC)
826 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
829 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
831 cname = EC_curve_nid2nist(nid);
833 cname = OBJ_nid2sn(nid);
834 BIO_printf(out, "%d bits EC (%s)",
835 EVP_PKEY_bits(key), cname);
853 algname = OBJ_nid2sn(keyid);
856 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
860 static void print_details(SSL *c_ssl, const char *prefix)
862 const SSL_CIPHER *ciph;
867 ciph=SSL_get_current_cipher(c_ssl);
868 BIO_printf(bio_stdout,"%s%s, cipher %s %s",
870 SSL_get_version(c_ssl),
871 SSL_CIPHER_get_version(ciph),
872 SSL_CIPHER_get_name(ciph));
873 cert=SSL_get_peer_certificate(c_ssl);
876 pkey = X509_get_pubkey(cert);
879 BIO_puts(bio_stdout, ", ");
880 print_key_details(bio_stdout, pkey);
885 if (SSL_get_server_tmp_key(c_ssl, &pkey))
887 BIO_puts(bio_stdout, ", temp key: ");
888 print_key_details(bio_stdout, pkey);
891 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
892 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
893 BIO_printf(bio_stdout,"\n");
896 static void lock_dbg_cb(int mode, int type, const char *file, int line)
898 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
899 const char *errstr = NULL;
902 rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
903 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
905 errstr = "invalid mode";
909 if (type < 0 || type >= CRYPTO_NUM_LOCKS)
911 errstr = "type out of bounds";
915 if (mode & CRYPTO_LOCK)
919 errstr = "already locked";
920 /* must not happen in a single-threaded program
921 * (would deadlock) */
927 else if (mode & CRYPTO_UNLOCK)
931 errstr = "not locked";
935 if (modes[type] != rw)
937 errstr = (rw == CRYPTO_READ) ?
938 "CRYPTO_r_unlock on write lock" :
939 "CRYPTO_w_unlock on read lock";
946 errstr = "invalid mode";
953 /* we cannot use bio_err here */
954 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
955 errstr, mode, type, file, line);
959 #ifdef TLSEXT_TYPE_opaque_prf_input
960 struct cb_info_st { void *input; size_t len; int ret; };
961 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
962 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
963 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
964 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
966 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
968 struct cb_info_st *arg = arg_;
973 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
979 int main(int argc, char *argv[])
981 char *CApath=NULL,*CAfile=NULL;
985 int tls1=0,ssl3=0,ret=1;
988 struct app_verify_arg app_verify_arg =
989 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
990 char *server_cert=TEST_SERVER_CERT;
991 char *server_key=NULL;
992 char *client_cert=TEST_CLIENT_CERT;
993 char *client_key=NULL;
994 #ifndef OPENSSL_NO_ECDH
995 char *named_curve = NULL;
999 const SSL_METHOD *meth=NULL;
1001 int number=1,reuse=0;
1003 #ifndef OPENSSL_NO_DH
1005 int dhe1024 = 0, dhe1024dsa = 0;
1007 #ifndef OPENSSL_NO_ECDH
1008 EC_KEY *ecdh = NULL;
1010 #ifndef OPENSSL_NO_SRP
1012 SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
1014 SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
1020 clock_t s_time = 0, c_time = 0;
1021 #ifndef OPENSSL_NO_COMP
1023 COMP_METHOD *cm = NULL;
1024 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1026 int test_cipherlist = 0;
1030 int no_protocol = 0;
1032 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1033 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1034 const char *arg = NULL, *argn = NULL;
1040 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);
1042 CRYPTO_set_locking_callback(lock_dbg_cb);
1044 /* enable memory leak checking unless explicitly disabled */
1045 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
1047 CRYPTO_malloc_debug_init();
1048 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1052 /* OPENSSL_DEBUG_MEMORY=off */
1053 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1055 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1057 RAND_seed(rnd_seed, sizeof rnd_seed);
1059 bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
1061 s_cctx = SSL_CONF_CTX_new();
1062 c_cctx = SSL_CONF_CTX_new();
1064 if (!s_cctx || !c_cctx)
1066 ERR_print_errors(bio_err);
1070 SSL_CONF_CTX_set_flags(s_cctx,
1071 SSL_CONF_FLAG_CMDLINE|SSL_CONF_FLAG_SERVER);
1072 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_"))
1074 ERR_print_errors(bio_err);
1078 SSL_CONF_CTX_set_flags(c_cctx,
1079 SSL_CONF_FLAG_CMDLINE|SSL_CONF_FLAG_CLIENT);
1080 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_"))
1082 ERR_print_errors(bio_err);
1091 if(!strcmp(*argv,"-F"))
1096 fprintf(stderr,"not compiled with FIPS support, so exiting without running.\n");
1100 else if (strcmp(*argv,"-server_auth") == 0)
1102 else if (strcmp(*argv,"-client_auth") == 0)
1104 else if (strcmp(*argv,"-proxy_auth") == 0)
1106 if (--argc < 1) goto bad;
1107 app_verify_arg.proxy_auth= *(++argv);
1109 else if (strcmp(*argv,"-proxy_cond") == 0)
1111 if (--argc < 1) goto bad;
1112 app_verify_arg.proxy_cond= *(++argv);
1114 else if (strcmp(*argv,"-v") == 0)
1116 else if (strcmp(*argv,"-d") == 0)
1118 else if (strcmp(*argv,"-reuse") == 0)
1120 else if (strcmp(*argv,"-dhe1024") == 0)
1122 #ifndef OPENSSL_NO_DH
1125 fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1128 else if (strcmp(*argv,"-dhe1024dsa") == 0)
1130 #ifndef OPENSSL_NO_DH
1133 fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1136 else if (strcmp(*argv,"-no_dhe") == 0)
1138 else if (strcmp(*argv,"-no_ecdhe") == 0)
1140 else if (strcmp(*argv,"-psk") == 0)
1142 if (--argc < 1) goto bad;
1144 #ifndef OPENSSL_NO_PSK
1145 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
1147 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1154 #ifndef OPENSSL_NO_SRP
1155 else if (strcmp(*argv,"-srpuser") == 0)
1157 if (--argc < 1) goto bad;
1158 srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
1161 else if (strcmp(*argv,"-srppass") == 0)
1163 if (--argc < 1) goto bad;
1164 srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
1168 else if (strcmp(*argv,"-tls1") == 0)
1170 #ifdef OPENSSL_NO_TLS1
1175 else if (strcmp(*argv,"-ssl3") == 0)
1177 #ifdef OPENSSL_NO_SSL3_METHOD
1182 else if (strncmp(*argv,"-num",4) == 0)
1184 if (--argc < 1) goto bad;
1185 number= atoi(*(++argv));
1186 if (number == 0) number=1;
1188 else if (strcmp(*argv,"-bytes") == 0)
1190 if (--argc < 1) goto bad;
1191 bytes= atol(*(++argv));
1192 if (bytes == 0L) bytes=1L;
1194 if (argv[0][i-1] == 'k') bytes*=1024L;
1195 if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
1197 else if (strcmp(*argv,"-cert") == 0)
1199 if (--argc < 1) goto bad;
1200 server_cert= *(++argv);
1202 else if (strcmp(*argv,"-s_cert") == 0)
1204 if (--argc < 1) goto bad;
1205 server_cert= *(++argv);
1207 else if (strcmp(*argv,"-key") == 0)
1209 if (--argc < 1) goto bad;
1210 server_key= *(++argv);
1212 else if (strcmp(*argv,"-s_key") == 0)
1214 if (--argc < 1) goto bad;
1215 server_key= *(++argv);
1217 else if (strcmp(*argv,"-c_cert") == 0)
1219 if (--argc < 1) goto bad;
1220 client_cert= *(++argv);
1222 else if (strcmp(*argv,"-c_key") == 0)
1224 if (--argc < 1) goto bad;
1225 client_key= *(++argv);
1227 else if (strcmp(*argv,"-cipher") == 0)
1229 if (--argc < 1) goto bad;
1232 else if (strcmp(*argv,"-CApath") == 0)
1234 if (--argc < 1) goto bad;
1237 else if (strcmp(*argv,"-CAfile") == 0)
1239 if (--argc < 1) goto bad;
1242 else if (strcmp(*argv,"-bio_pair") == 0)
1246 else if (strcmp(*argv,"-f") == 0)
1250 else if (strcmp(*argv,"-time") == 0)
1254 #ifndef OPENSSL_NO_COMP
1255 else if (strcmp(*argv,"-zlib") == 0)
1259 else if (strcmp(*argv,"-rle") == 0)
1264 else if (strcmp(*argv,"-named_curve") == 0)
1266 if (--argc < 1) goto bad;
1267 #ifndef OPENSSL_NO_ECDH
1268 named_curve = *(++argv);
1270 fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
1274 else if (strcmp(*argv,"-app_verify") == 0)
1276 app_verify_arg.app_verify = 1;
1278 else if (strcmp(*argv,"-proxy") == 0)
1280 app_verify_arg.allow_proxy_certs = 1;
1282 else if (strcmp(*argv,"-test_cipherlist") == 0)
1284 test_cipherlist = 1;
1286 #ifndef OPENSSL_NO_NEXTPROTONEG
1287 else if (strcmp(*argv,"-npn_client") == 0)
1291 else if (strcmp(*argv,"-npn_server") == 0)
1295 else if (strcmp(*argv,"-npn_server_reject") == 0)
1297 npn_server_reject = 1;
1300 else if (strcmp(*argv,"-serverinfo_sct") == 0)
1304 else if (strcmp(*argv,"-serverinfo_tack") == 0)
1306 serverinfo_tack = 1;
1308 else if (strcmp(*argv,"-serverinfo_file") == 0)
1310 if (--argc < 1) goto bad;
1311 serverinfo_file = *(++argv);
1313 else if (strcmp(*argv,"-custom_ext") == 0)
1317 else if (strcmp(*argv,"-alpn_client") == 0)
1319 if (--argc < 1) goto bad;
1320 alpn_client = *(++argv);
1322 else if (strcmp(*argv,"-alpn_server") == 0)
1324 if (--argc < 1) goto bad;
1325 alpn_server = *(++argv);
1327 else if (strcmp(*argv,"-alpn_expected") == 0)
1329 if (--argc < 1) goto bad;
1330 alpn_expected = *(++argv);
1337 /* Try to process command using SSL_CONF */
1338 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1339 /* If not processed try server */
1341 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1342 /* Recognised: store it for later use */
1349 conf_args = sk_OPENSSL_STRING_new_null();
1353 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1355 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1360 BIO_printf(bio_err, "Missing argument for %s\n",
1363 BIO_printf(bio_err, "Error with command %s\n",
1366 BIO_printf(bio_err,"unknown option %s\n", arg);
1381 * test_cipherlist prevails over protocol switch: we test the cipherlist
1382 * for all enabled protocols.
1384 if (test_cipherlist == 1)
1386 /* ensure that the cipher list are correctly sorted and exit */
1387 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1388 "other options.\n");
1389 if (do_test_cipherlist() == 0)
1395 if (ssl3 + tls1 > 1)
1397 fprintf(stderr, "At most one of -ssl3, or -tls1 should "
1403 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1404 * Ideally, we would error out, but the generic test wrapper can't know
1405 * when to expect failure. So we do nothing and return success.
1409 fprintf(stderr, "Testing was requested for a disabled protocol. "
1410 "Skipping tests.\n");
1415 if (!ssl3 && !tls1 && number > 1 && !reuse && !force)
1417 fprintf(stderr, "This case cannot work. Use -f to perform "
1418 "the test anyway (and\n-d to see what happens), "
1419 "or add one of -ssl3, -tls1, -reuse\n"
1420 "to avoid protocol mismatch.\n");
1427 if(!FIPS_mode_set(1))
1429 ERR_load_crypto_strings();
1430 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
1434 fprintf(stderr,"*** IN FIPS MODE ***\n");
1442 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1445 if (number < 50 && !force)
1446 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1449 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1452 SSL_load_error_strings();
1454 #ifndef OPENSSL_NO_COMP
1455 if (comp == COMP_ZLIB) cm = COMP_zlib();
1456 if (comp == COMP_RLE) cm = COMP_rle();
1459 if (cm->type != NID_undef)
1461 if (SSL_COMP_add_compression_method(comp, cm) != 0)
1464 "Failed to add compression method\n");
1465 ERR_print_errors_fp(stderr);
1471 "Warning: %s compression not supported\n",
1472 (comp == COMP_RLE ? "rle" :
1473 (comp == COMP_ZLIB ? "zlib" :
1475 ERR_print_errors_fp(stderr);
1478 ssl_comp_methods = SSL_COMP_get_compression_methods();
1479 fprintf(stderr, "Available compression methods:\n");
1481 int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1483 fprintf(stderr, " NONE\n");
1485 for (j = 0; j < n; j++)
1487 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1488 fprintf(stderr, " %d: %s\n", c->id, c->name);
1493 /* At this point, ssl3/tls1 is only set if the protocol is available.
1494 * (Otherwise we exit early.)
1495 * However the compiler doesn't know this, so we ifdef. */
1496 #ifndef OPENSSL_NO_SSL3
1498 meth=SSLv3_method();
1501 #ifndef OPENSSL_NO_TLS1
1503 meth=TLSv1_method();
1506 meth=SSLv23_method();
1508 c_ctx=SSL_CTX_new(meth);
1509 s_ctx=SSL_CTX_new(meth);
1510 if ((c_ctx == NULL) || (s_ctx == NULL))
1512 ERR_print_errors(bio_err);
1515 /* Since we will use low security ciphersuites and keys for
1516 * testing set security level to zero.
1518 SSL_CTX_set_security_level(c_ctx, 0);
1519 SSL_CTX_set_security_level(s_ctx, 0);
1523 SSL_CTX_set_cipher_list(c_ctx,cipher);
1524 SSL_CTX_set_cipher_list(s_ctx,cipher);
1527 /* Process SSL_CONF arguments */
1528 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1529 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1531 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2)
1534 arg = sk_OPENSSL_STRING_value(conf_args, i);
1535 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1536 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1537 /* If not recognised use server context */
1539 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1542 BIO_printf(bio_err, "Error processing %s %s\n",
1543 arg, argn ? argn : "");
1544 ERR_print_errors(bio_err);
1549 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx))
1551 BIO_puts(bio_err, "Error finishing context\n");
1552 ERR_print_errors(bio_err);
1556 #ifndef OPENSSL_NO_DH
1561 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
1562 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1569 SSL_CTX_set_tmp_dh(s_ctx,dh);
1576 #ifndef OPENSSL_NO_ECDH
1581 if (named_curve != NULL)
1583 nid = OBJ_sn2nid(named_curve);
1586 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1591 #ifdef OPENSSL_NO_EC2M
1592 nid = NID_X9_62_prime256v1;
1594 nid = NID_sect163r2;
1597 ecdh = EC_KEY_new_by_curve_name(nid);
1600 BIO_printf(bio_err, "unable to create curve\n");
1604 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1605 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1612 #ifndef OPENSSL_NO_RSA
1613 SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
1616 #ifdef TLSEXT_TYPE_opaque_prf_input
1617 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1618 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1619 /* or &co2 or NULL */
1620 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
1621 /* or &so2 or NULL */
1622 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
1625 if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
1627 ERR_print_errors(bio_err);
1629 else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1630 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
1632 ERR_print_errors(bio_err);
1638 SSL_CTX_use_certificate_file(c_ctx,client_cert,
1640 SSL_CTX_use_PrivateKey_file(c_ctx,
1641 (client_key?client_key:client_cert),
1645 if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
1646 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1647 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
1648 (!SSL_CTX_set_default_verify_paths(c_ctx)))
1650 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1651 ERR_print_errors(bio_err);
1657 BIO_printf(bio_err,"client authentication\n");
1658 SSL_CTX_set_verify(s_ctx,
1659 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1661 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1665 BIO_printf(bio_err,"server authentication\n");
1666 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1668 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1672 int session_id_context = 0;
1673 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1676 /* Use PSK only if PSK key is given */
1677 if (psk_key != NULL)
1679 /* no_psk is used to avoid putting psk command to openssl tool */
1682 /* if PSK is not compiled in and psk key is
1683 * given, do nothing and exit successfully */
1687 #ifndef OPENSSL_NO_PSK
1688 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1689 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1691 BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1692 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1694 BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1695 ERR_print_errors(bio_err);
1700 #ifndef OPENSSL_NO_SRP
1701 if (srp_client_arg.srplogin)
1703 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
1705 BIO_printf(bio_err,"Unable to set SRP username\n");
1708 SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
1709 SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
1710 /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
1713 if (srp_server_arg.expected_user != NULL)
1715 SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
1716 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1717 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1721 #ifndef OPENSSL_NO_NEXTPROTONEG
1724 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1728 if (npn_server_reject)
1730 BIO_printf(bio_err, "Can't have both -npn_server and -npn_server_reject\n");
1733 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1735 if (npn_server_reject)
1737 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1742 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1744 serverinfo_cli_parse_cb, NULL);
1745 if (serverinfo_tack)
1746 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1748 serverinfo_cli_parse_cb, NULL);
1750 if (serverinfo_file)
1751 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file))
1753 BIO_printf(bio_err, "missing serverinfo file\n");
1759 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1760 custom_ext_0_cli_add_cb,
1762 custom_ext_0_cli_parse_cb, NULL);
1763 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1764 custom_ext_1_cli_add_cb,
1766 custom_ext_1_cli_parse_cb, NULL);
1767 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1768 custom_ext_2_cli_add_cb,
1770 custom_ext_2_cli_parse_cb, NULL);
1771 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1772 custom_ext_3_cli_add_cb,
1774 custom_ext_3_cli_parse_cb, NULL);
1777 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1778 custom_ext_0_srv_add_cb,
1780 custom_ext_0_srv_parse_cb, NULL);
1781 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1782 custom_ext_1_srv_add_cb,
1784 custom_ext_1_srv_parse_cb, NULL);
1785 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1786 custom_ext_2_srv_add_cb,
1788 custom_ext_2_srv_parse_cb, NULL);
1789 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1790 custom_ext_3_srv_add_cb,
1792 custom_ext_3_srv_parse_cb, NULL);
1796 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1800 unsigned short alpn_len;
1801 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1805 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1808 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1812 c_ssl=SSL_new(c_ctx);
1813 s_ssl=SSL_new(s_ctx);
1815 #ifndef OPENSSL_NO_KRB5
1816 if (c_ssl && c_ssl->kssl_ctx)
1818 char localhost[MAXHOSTNAMELEN+2];
1820 if (gethostname(localhost, sizeof localhost-1) == 0)
1822 localhost[sizeof localhost-1]='\0';
1823 if(strlen(localhost) == sizeof localhost-1)
1825 BIO_printf(bio_err,"localhost name too long\n");
1828 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1832 #endif /* OPENSSL_NO_KRB5 */
1834 for (i=0; i<number; i++)
1836 if (!reuse) SSL_set_session(c_ssl,NULL);
1838 ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1840 ret=doit(s_ssl,c_ssl,bytes);
1845 print_details(c_ssl, "");
1847 if ((number > 1) || (bytes > 1L))
1848 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1851 #ifdef CLOCKS_PER_SEC
1852 /* "To determine the time in seconds, the value returned
1853 * by the clock function should be divided by the value
1854 * of the macro CLOCKS_PER_SEC."
1855 * -- ISO/IEC 9899 */
1856 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1857 "Approximate total client time: %6.2f s\n",
1858 (double)s_time/CLOCKS_PER_SEC,
1859 (double)c_time/CLOCKS_PER_SEC);
1861 BIO_printf(bio_stdout,
1862 "Approximate total server time: %6.2f units\n"
1863 "Approximate total client time: %6.2f units\n",
1873 if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1874 if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1877 SSL_CONF_CTX_free(s_cctx);
1879 SSL_CONF_CTX_free(c_cctx);
1880 sk_OPENSSL_STRING_free(conf_args);
1882 if (bio_stdout != NULL) BIO_free(bio_stdout);
1884 #ifndef OPENSSL_NO_RSA
1887 #ifndef OPENSSL_NO_ENGINE
1890 CRYPTO_cleanup_all_ex_data();
1892 ERR_remove_thread_state(NULL);
1894 CRYPTO_mem_leaks(bio_err);
1895 if (bio_err != NULL) BIO_free(bio_err);
1900 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1901 clock_t *s_time, clock_t *c_time)
1903 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1904 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1905 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1908 size_t bufsiz = 256; /* small buffer for testing */
1910 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1912 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1915 s_ssl_bio = BIO_new(BIO_f_ssl());
1919 c_ssl_bio = BIO_new(BIO_f_ssl());
1923 SSL_set_connect_state(c_ssl);
1924 SSL_set_bio(c_ssl, client, client);
1925 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1927 SSL_set_accept_state(s_ssl);
1928 SSL_set_bio(s_ssl, server, server);
1929 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1934 * c_ssl_bio: SSL filter BIO
1936 * client: pseudo-I/O for SSL library
1938 * client_io: client's SSL communication; usually to be
1939 * relayed over some I/O facility, but in this
1940 * test program, we're the server, too:
1942 * server_io: server's SSL communication
1944 * server: pseudo-I/O for SSL library
1946 * s_ssl_bio: SSL filter BIO
1948 * The client and the server each employ a "BIO pair":
1949 * client + client_io, server + server_io.
1950 * BIO pairs are symmetric. A BIO pair behaves similar
1951 * to a non-blocking socketpair (but both endpoints must
1952 * be handled by the same thread).
1953 * [Here we could connect client and server to the ends
1954 * of a single BIO pair, but then this code would be less
1955 * suitable as an example for BIO pairs in general.]
1957 * Useful functions for querying the state of BIO pair endpoints:
1959 * BIO_ctrl_pending(bio) number of bytes we can read now
1960 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1961 * other side's read attempt
1962 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1964 * ..._read_request is never more than ..._write_guarantee;
1965 * it depends on the application which one you should use.
1968 /* We have non-blocking behaviour throughout this test program, but
1969 * can be sure that there is *some* progress in each iteration; so
1970 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1971 * -- we just try everything in each iteration
1977 MS_STATIC char cbuf[1024*8];
1979 clock_t c_clock = clock();
1981 memset(cbuf, 0, sizeof(cbuf));
1984 if (SSL_in_init(c_ssl))
1985 printf("client waiting in SSL_connect - %s\n",
1986 SSL_state_string_long(c_ssl));
1990 /* Write to server. */
1992 if (cw_num > (long)sizeof cbuf)
1996 r = BIO_write(c_ssl_bio, cbuf, i);
1999 if (!BIO_should_retry(c_ssl_bio))
2001 fprintf(stderr,"ERROR in CLIENT\n");
2004 /* BIO_should_retry(...) can just be ignored here.
2005 * The library expects us to call BIO_write with
2006 * the same arguments again, and that's what we will
2007 * do in the next iteration. */
2011 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2017 printf("client wrote %d\n", r);
2024 /* Read from server. */
2026 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2029 if (!BIO_should_retry(c_ssl_bio))
2031 fprintf(stderr,"ERROR in CLIENT\n");
2034 /* Again, "BIO_should_retry" can be ignored. */
2038 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2044 printf("client read %d\n", r);
2049 /* c_time and s_time increments will typically be very small
2050 * (depending on machine speed and clock tick intervals),
2051 * but sampling over a large number of connections should
2052 * result in fairly accurate figures. We cannot guarantee
2053 * a lot, however -- if each connection lasts for exactly
2054 * one clock tick, it will be counted only for the client
2055 * or only for the server or even not at all.
2057 *c_time += (clock() - c_clock);
2063 MS_STATIC char sbuf[1024*8];
2065 clock_t s_clock = clock();
2067 memset(sbuf, 0, sizeof(sbuf));
2070 if (SSL_in_init(s_ssl))
2071 printf("server waiting in SSL_accept - %s\n",
2072 SSL_state_string_long(s_ssl));
2076 /* Write to client. */
2078 if (sw_num > (long)sizeof sbuf)
2082 r = BIO_write(s_ssl_bio, sbuf, i);
2085 if (!BIO_should_retry(s_ssl_bio))
2087 fprintf(stderr,"ERROR in SERVER\n");
2090 /* Ignore "BIO_should_retry". */
2094 fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2100 printf("server wrote %d\n", r);
2107 /* Read from client. */
2109 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2112 if (!BIO_should_retry(s_ssl_bio))
2114 fprintf(stderr,"ERROR in SERVER\n");
2121 fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2127 printf("server read %d\n", r);
2132 *s_time += (clock() - s_clock);
2136 /* "I/O" BETWEEN CLIENT AND SERVER. */
2139 BIO *io1 = server_io, *io2 = client_io;
2140 /* we use the non-copying interface for io1
2141 * and the standard BIO_write/BIO_read interface for io2
2144 static int prev_progress = 1;
2153 r1 = BIO_ctrl_pending(io1);
2154 r2 = BIO_ctrl_get_write_guarantee(io2);
2163 if (INT_MAX < num) /* yeah, right */
2166 r = BIO_nread(io1, &dataptr, (int)num);
2168 assert(r <= (int)num);
2169 /* possibly r < num (non-contiguous data) */
2171 r = BIO_write(io2, dataptr, (int)num);
2172 if (r != (int)num) /* can't happen */
2174 fprintf(stderr, "ERROR: BIO_write could not write "
2175 "BIO_ctrl_get_write_guarantee() bytes");
2181 printf((io1 == client_io) ?
2182 "C->S relaying: %d bytes\n" :
2183 "S->C relaying: %d bytes\n",
2194 r1 = BIO_ctrl_pending(io2);
2195 r2 = BIO_ctrl_get_read_request(io1);
2196 /* here we could use ..._get_write_guarantee instead of
2197 * ..._get_read_request, but by using the latter
2198 * we test restartability of the SSL implementation
2199 * more thoroughly */
2211 --num; /* test restartability even more thoroughly */
2213 r = BIO_nwrite0(io1, &dataptr);
2217 r = BIO_read(io2, dataptr, (int)num);
2218 if (r != (int)num) /* can't happen */
2220 fprintf(stderr, "ERROR: BIO_read could not read "
2221 "BIO_ctrl_pending() bytes");
2225 r = BIO_nwrite(io1, &dataptr, (int)num);
2226 if (r != (int)num) /* can't happen */
2228 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2229 "BIO_nwrite0() bytes");
2234 printf((io2 == client_io) ?
2235 "C->S relaying: %d bytes\n" :
2236 "S->C relaying: %d bytes\n",
2239 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
2241 if (!progress && !prev_progress)
2242 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
2244 fprintf(stderr, "ERROR: got stuck\n");
2245 fprintf(stderr, " ERROR.\n");
2248 prev_progress = progress;
2251 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2254 print_details(c_ssl, "DONE via BIO pair: ");
2255 #ifndef OPENSSL_NO_NEXTPROTONEG
2256 if (verify_npn(c_ssl, s_ssl) < 0)
2262 if (verify_serverinfo() < 0)
2264 fprintf(stderr, "Server info verify error\n");
2268 if (verify_alpn(c_ssl, s_ssl) < 0)
2274 if (custom_ext_error)
2276 fprintf(stderr, "Custom extension error\n");
2285 ERR_print_errors(bio_err);
2290 BIO_free(server_io);
2294 BIO_free(client_io);
2296 BIO_free(s_ssl_bio);
2298 BIO_free(c_ssl_bio);
2309 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2311 char *cbuf=NULL,*sbuf=NULL;
2313 long cw_num=count,cr_num=count;
2314 long sw_num=count,sr_num=count;
2320 int c_r,c_w,s_r,s_w;
2323 int c_write,s_write;
2324 int do_server=0,do_client=0;
2325 int max_frag = 5*1024;
2327 bufsiz = count>40*1024 ? 40*1024 : count;
2329 if ((cbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2330 if ((sbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2332 memset(cbuf,0,bufsiz);
2333 memset(sbuf,0,bufsiz);
2335 c_to_s=BIO_new(BIO_s_mem());
2336 s_to_c=BIO_new(BIO_s_mem());
2337 if ((s_to_c == NULL) || (c_to_s == NULL))
2339 ERR_print_errors(bio_err);
2343 c_bio=BIO_new(BIO_f_ssl());
2344 s_bio=BIO_new(BIO_f_ssl());
2345 if ((c_bio == NULL) || (s_bio == NULL))
2347 ERR_print_errors(bio_err);
2351 SSL_set_connect_state(c_ssl);
2352 SSL_set_bio(c_ssl,s_to_c,c_to_s);
2353 SSL_set_max_send_fragment(c_ssl,max_frag);
2354 BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
2356 SSL_set_accept_state(s_ssl);
2357 SSL_set_bio(s_ssl,c_to_s,s_to_c);
2358 SSL_set_max_send_fragment(s_ssl,max_frag);
2359 BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
2363 c_write=1,s_write=0;
2365 /* We can always do writes */
2371 i=(int)BIO_pending(s_bio);
2372 if ((i && s_r) || s_w) do_server=1;
2374 i=(int)BIO_pending(c_bio);
2375 if ((i && c_r) || c_w) do_client=1;
2377 if (do_server && debug)
2379 if (SSL_in_init(s_ssl))
2380 printf("server waiting in SSL_accept - %s\n",
2381 SSL_state_string_long(s_ssl));
2384 printf("server:SSL_write()\n");
2386 printf("server:SSL_read()\n"); */
2389 if (do_client && debug)
2391 if (SSL_in_init(c_ssl))
2392 printf("client waiting in SSL_connect - %s\n",
2393 SSL_state_string_long(c_ssl));
2396 printf("client:SSL_write()\n");
2398 printf("client:SSL_read()\n"); */
2401 if (!do_client && !do_server)
2403 fprintf(stdout,"ERROR IN STARTUP\n");
2404 ERR_print_errors(bio_err);
2407 if (do_client && !(done & C_DONE))
2411 j = (cw_num > bufsiz) ?
2412 (int)bufsiz : (int)cw_num;
2413 i=BIO_write(c_bio,cbuf,j);
2418 if (BIO_should_retry(c_bio))
2420 if (BIO_should_read(c_bio))
2422 if (BIO_should_write(c_bio))
2427 fprintf(stderr,"ERROR in CLIENT\n");
2428 ERR_print_errors(bio_err);
2434 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2440 printf("client wrote %d\n",i);
2446 SSL_set_max_send_fragment(c_ssl,max_frag-=5);
2451 i=BIO_read(c_bio,cbuf,bufsiz);
2456 if (BIO_should_retry(c_bio))
2458 if (BIO_should_read(c_bio))
2460 if (BIO_should_write(c_bio))
2465 fprintf(stderr,"ERROR in CLIENT\n");
2466 ERR_print_errors(bio_err);
2472 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2478 printf("client read %d\n",i);
2495 if (do_server && !(done & S_DONE))
2499 i=BIO_read(s_bio,sbuf,bufsiz);
2504 if (BIO_should_retry(s_bio))
2506 if (BIO_should_read(s_bio))
2508 if (BIO_should_write(s_bio))
2513 fprintf(stderr,"ERROR in SERVER\n");
2514 ERR_print_errors(bio_err);
2520 ERR_print_errors(bio_err);
2521 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
2527 printf("server read %d\n",i);
2544 j = (sw_num > bufsiz) ?
2545 (int)bufsiz : (int)sw_num;
2546 i=BIO_write(s_bio,sbuf,j);
2551 if (BIO_should_retry(s_bio))
2553 if (BIO_should_read(s_bio))
2555 if (BIO_should_write(s_bio))
2560 fprintf(stderr,"ERROR in SERVER\n");
2561 ERR_print_errors(bio_err);
2567 ERR_print_errors(bio_err);
2568 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
2574 printf("server wrote %d\n",i);
2581 SSL_set_max_send_fragment(s_ssl,max_frag-=5);
2586 if ((done & S_DONE) && (done & C_DONE)) break;
2590 print_details(c_ssl, "DONE: ");
2591 #ifndef OPENSSL_NO_NEXTPROTONEG
2592 if (verify_npn(c_ssl, s_ssl) < 0)
2598 if (verify_serverinfo() < 0)
2600 fprintf(stderr, "Server info verify error\n");
2604 if (custom_ext_error)
2606 fprintf(stderr, "Custom extension error\n");
2612 /* We have to set the BIO's to NULL otherwise they will be
2613 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and
2614 * again when c_ssl is SSL_free()ed.
2615 * This is a hack required because s_ssl and c_ssl are sharing the same
2616 * BIO structure and SSL_set_bio() and SSL_free() automatically
2617 * BIO_free non NULL entries.
2618 * You should not normally do this or be required to do this */
2630 if (c_to_s != NULL) BIO_free(c_to_s);
2631 if (s_to_c != NULL) BIO_free(s_to_c);
2632 if (c_bio != NULL) BIO_free_all(c_bio);
2633 if (s_bio != NULL) BIO_free_all(s_bio);
2635 if (cbuf) OPENSSL_free(cbuf);
2636 if (sbuf) OPENSSL_free(sbuf);
2641 static int get_proxy_auth_ex_data_idx(void)
2643 static volatile int idx = -1;
2646 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2649 idx = X509_STORE_CTX_get_ex_new_index(0,
2650 "SSLtest for verify callback", NULL,NULL,NULL);
2652 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2657 static int verify_callback(int ok, X509_STORE_CTX *ctx)
2661 s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
2666 fprintf(stderr,"depth=%d %s\n",
2667 ctx->error_depth,buf);
2670 fprintf(stderr,"depth=%d error=%d %s\n",
2671 ctx->error_depth,ctx->error,buf);
2677 fprintf(stderr,"Error string: %s\n",
2678 X509_verify_cert_error_string(ctx->error));
2681 case X509_V_ERR_CERT_NOT_YET_VALID:
2682 case X509_V_ERR_CERT_HAS_EXPIRED:
2683 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2684 fprintf(stderr," ... ignored.\n");
2691 X509 *xs = ctx->current_cert;
2693 X509 *xi = ctx->current_issuer;
2696 if (xs->ex_flags & EXFLAG_PROXY)
2698 unsigned int *letters =
2699 X509_STORE_CTX_get_ex_data(ctx,
2700 get_proxy_auth_ex_data_idx());
2706 PROXY_CERT_INFO_EXTENSION *pci =
2707 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2710 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
2712 case NID_Independent:
2713 /* Completely meaningless in this
2714 program, as there's no way to
2715 grant explicit rights to a
2716 specific PrC. Basically, using
2717 id-ppl-Independent is the perfect
2718 way to grant no rights at all. */
2719 fprintf(stderr, " Independent proxy certificate");
2720 for (i = 0; i < 26; i++)
2723 case NID_id_ppl_inheritAll:
2724 /* This is basically a NOP, we
2725 simply let the current rights
2726 stand as they are. */
2727 fprintf(stderr, " Proxy certificate inherits all");
2731 pci->proxyPolicy->policy->data;
2732 i = pci->proxyPolicy->policy->length;
2734 /* The algorithm works as follows:
2735 it is assumed that previous
2736 iterations or the initial granted
2737 rights has already set some elements
2738 of `letters'. What we need to do is
2739 to clear those that weren't granted
2740 by the current PrC as well. The
2741 easiest way to do this is to add 1
2742 to all the elements whose letters
2743 are given with the current policy.
2744 That way, all elements that are set
2745 by the current policy and were
2746 already set by earlier policies and
2747 through the original grant of rights
2748 will get the value 2 or higher.
2749 The last thing to do is to sweep
2750 through `letters' and keep the
2751 elements having the value 2 as set,
2752 and clear all the others. */
2754 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
2758 if (isascii(c) && isalpha(c))
2765 for (i = 0; i < 26; i++)
2774 ", resulting proxy rights = ");
2775 for(i = 0; i < 26; i++)
2778 fprintf(stderr, "%c", i + 'A');
2782 fprintf(stderr, "none");
2783 fprintf(stderr, "\n");
2785 PROXY_CERT_INFO_EXTENSION_free(pci);
2793 static void process_proxy_debug(int indent, const char *format, ...)
2796 static const char indentation[] =
2797 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2798 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2799 char my_format[256];
2802 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2803 indent, indent, indentation, format);
2805 va_start(args, format);
2806 vfprintf(stderr, my_format, args);
2815 static int process_proxy_cond_adders(unsigned int letters[26],
2816 const char *cond, const char **cond_end, int *pos, int indent);
2817 static int process_proxy_cond_val(unsigned int letters[26],
2818 const char *cond, const char **cond_end, int *pos, int indent)
2824 while(isspace((int)*cond))
2831 process_proxy_debug(indent,
2832 "Start process_proxy_cond_val at position %d: %s\n",
2839 while(isspace((int)*cond))
2849 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2854 while(isspace((int)*cond))
2862 "Weird condition character in position %d: "
2869 else if (isascii(c) && isalpha(c))
2873 ok = letters[c - 'A'];
2879 "Weird condition character in position %d: "
2886 if (ok >= 0 && negate)
2890 process_proxy_debug(indent,
2891 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2896 static int process_proxy_cond_multipliers(unsigned int letters[26],
2897 const char *cond, const char **cond_end, int *pos, int indent)
2903 process_proxy_debug(indent,
2904 "Start process_proxy_cond_multipliers at position %d: %s\n",
2907 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2914 while(isspace((int)*cond))
2928 ok = process_proxy_cond_val(letters,
2929 cond, cond_end, pos, indent + 1);
2943 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2955 process_proxy_debug(indent,
2956 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2962 static int process_proxy_cond_adders(unsigned int letters[26],
2963 const char *cond, const char **cond_end, int *pos, int indent)
2969 process_proxy_debug(indent,
2970 "Start process_proxy_cond_adders at position %d: %s\n",
2973 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2981 while(isspace((int)*cond))
2994 ok = process_proxy_cond_multipliers(letters,
2995 cond, cond_end, pos, indent + 1);
3006 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3018 process_proxy_debug(indent,
3019 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
3026 static int process_proxy_cond(unsigned int letters[26],
3027 const char *cond, const char **cond_end)
3030 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3033 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
3036 struct app_verify_arg *cb_arg = arg;
3037 unsigned int letters[26]; /* only used with proxy_auth */
3039 if (cb_arg->app_verify)
3041 char *s = NULL,buf[256];
3043 fprintf(stderr, "In app_verify_callback, allowing cert. ");
3044 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
3045 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
3046 (void *)ctx, (void *)ctx->cert);
3048 s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
3051 fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
3055 if (cb_arg->proxy_auth)
3057 int found_any = 0, i;
3060 for(i = 0; i < 26; i++)
3062 for(sp = cb_arg->proxy_auth; *sp; sp++)
3065 if (isascii(c) && isalpha(c))
3069 letters[c - 'A'] = 1;
3074 " Initial proxy rights = ");
3075 for(i = 0; i < 26; i++)
3078 fprintf(stderr, "%c", i + 'A');
3082 fprintf(stderr, "none");
3083 fprintf(stderr, "\n");
3085 X509_STORE_CTX_set_ex_data(ctx,
3086 get_proxy_auth_ex_data_idx(),letters);
3088 if (cb_arg->allow_proxy_certs)
3090 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
3093 #ifndef OPENSSL_NO_X509_VERIFY
3094 ok = X509_verify_cert(ctx);
3097 if (cb_arg->proxy_auth)
3101 const char *cond_end = NULL;
3103 ok = process_proxy_cond(letters,
3104 cb_arg->proxy_cond, &cond_end);
3110 fprintf(stderr, "Stopped processing condition before it's end.\n");
3114 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
3115 cb_arg->proxy_cond);
3117 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
3118 cb_arg->proxy_cond);
3124 #ifndef OPENSSL_NO_RSA
3125 static RSA *rsa_tmp=NULL;
3127 static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
3130 if (rsa_tmp == NULL)
3133 rsa_tmp = RSA_new();
3134 if(!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4))
3136 BIO_printf(bio_err, "Memory error...");
3139 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
3140 (void)BIO_flush(bio_err);
3141 if(!RSA_generate_key_ex(rsa_tmp,keylength,bn,NULL))
3143 BIO_printf(bio_err, "Error generating key.");
3148 BIO_printf(bio_err,"\n");
3149 (void)BIO_flush(bio_err);
3155 static void free_tmp_rsa(void)
3157 if (rsa_tmp != NULL)
3165 #ifndef OPENSSL_NO_DH
3167 * These DH parameters have been generated as follows:
3168 * $ openssl dhparam -C -noout 512
3169 * $ openssl dhparam -C -noout 1024
3170 * $ openssl dhparam -C -noout -dsaparam 1024
3171 * (The third function has been renamed to avoid name conflicts.)
3173 static DH *get_dh512()
3175 static unsigned char dh512_p[]={
3176 0xCB,0xC8,0xE1,0x86,0xD0,0x1F,0x94,0x17,0xA6,0x99,0xF0,0xC6,
3177 0x1F,0x0D,0xAC,0xB6,0x25,0x3E,0x06,0x39,0xCA,0x72,0x04,0xB0,
3178 0x6E,0xDA,0xC0,0x61,0xE6,0x7A,0x77,0x25,0xE8,0x3B,0xB9,0x5F,
3179 0x9A,0xB6,0xB5,0xFE,0x99,0x0B,0xA1,0x93,0x4E,0x35,0x33,0xB8,
3180 0xE1,0xF1,0x13,0x4F,0x59,0x1A,0xD2,0x57,0xC0,0x26,0x21,0x33,
3181 0x02,0xC5,0xAE,0x23,
3183 static unsigned char dh512_g[]={
3188 if ((dh=DH_new()) == NULL) return(NULL);
3189 dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
3190 dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
3191 if ((dh->p == NULL) || (dh->g == NULL))
3192 { DH_free(dh); return(NULL); }
3196 static DH *get_dh1024()
3198 static unsigned char dh1024_p[]={
3199 0xF8,0x81,0x89,0x7D,0x14,0x24,0xC5,0xD1,0xE6,0xF7,0xBF,0x3A,
3200 0xE4,0x90,0xF4,0xFC,0x73,0xFB,0x34,0xB5,0xFA,0x4C,0x56,0xA2,
3201 0xEA,0xA7,0xE9,0xC0,0xC0,0xCE,0x89,0xE1,0xFA,0x63,0x3F,0xB0,
3202 0x6B,0x32,0x66,0xF1,0xD1,0x7B,0xB0,0x00,0x8F,0xCA,0x87,0xC2,
3203 0xAE,0x98,0x89,0x26,0x17,0xC2,0x05,0xD2,0xEC,0x08,0xD0,0x8C,
3204 0xFF,0x17,0x52,0x8C,0xC5,0x07,0x93,0x03,0xB1,0xF6,0x2F,0xB8,
3205 0x1C,0x52,0x47,0x27,0x1B,0xDB,0xD1,0x8D,0x9D,0x69,0x1D,0x52,
3206 0x4B,0x32,0x81,0xAA,0x7F,0x00,0xC8,0xDC,0xE6,0xD9,0xCC,0xC1,
3207 0x11,0x2D,0x37,0x34,0x6C,0xEA,0x02,0x97,0x4B,0x0E,0xBB,0xB1,
3208 0x71,0x33,0x09,0x15,0xFD,0xDD,0x23,0x87,0x07,0x5E,0x89,0xAB,
3209 0x6B,0x7C,0x5F,0xEC,0xA6,0x24,0xDC,0x53,
3211 static unsigned char dh1024_g[]={
3216 if ((dh=DH_new()) == NULL) return(NULL);
3217 dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
3218 dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
3219 if ((dh->p == NULL) || (dh->g == NULL))
3220 { DH_free(dh); return(NULL); }
3224 static DH *get_dh1024dsa()
3226 static unsigned char dh1024_p[]={
3227 0xC8,0x00,0xF7,0x08,0x07,0x89,0x4D,0x90,0x53,0xF3,0xD5,0x00,
3228 0x21,0x1B,0xF7,0x31,0xA6,0xA2,0xDA,0x23,0x9A,0xC7,0x87,0x19,
3229 0x3B,0x47,0xB6,0x8C,0x04,0x6F,0xFF,0xC6,0x9B,0xB8,0x65,0xD2,
3230 0xC2,0x5F,0x31,0x83,0x4A,0xA7,0x5F,0x2F,0x88,0x38,0xB6,0x55,
3231 0xCF,0xD9,0x87,0x6D,0x6F,0x9F,0xDA,0xAC,0xA6,0x48,0xAF,0xFC,
3232 0x33,0x84,0x37,0x5B,0x82,0x4A,0x31,0x5D,0xE7,0xBD,0x52,0x97,
3233 0xA1,0x77,0xBF,0x10,0x9E,0x37,0xEA,0x64,0xFA,0xCA,0x28,0x8D,
3234 0x9D,0x3B,0xD2,0x6E,0x09,0x5C,0x68,0xC7,0x45,0x90,0xFD,0xBB,
3235 0x70,0xC9,0x3A,0xBB,0xDF,0xD4,0x21,0x0F,0xC4,0x6A,0x3C,0xF6,
3236 0x61,0xCF,0x3F,0xD6,0x13,0xF1,0x5F,0xBC,0xCF,0xBC,0x26,0x9E,
3237 0xBC,0x0B,0xBD,0xAB,0x5D,0xC9,0x54,0x39,
3239 static unsigned char dh1024_g[]={
3240 0x3B,0x40,0x86,0xE7,0xF3,0x6C,0xDE,0x67,0x1C,0xCC,0x80,0x05,
3241 0x5A,0xDF,0xFE,0xBD,0x20,0x27,0x74,0x6C,0x24,0xC9,0x03,0xF3,
3242 0xE1,0x8D,0xC3,0x7D,0x98,0x27,0x40,0x08,0xB8,0x8C,0x6A,0xE9,
3243 0xBB,0x1A,0x3A,0xD6,0x86,0x83,0x5E,0x72,0x41,0xCE,0x85,0x3C,
3244 0xD2,0xB3,0xFC,0x13,0xCE,0x37,0x81,0x9E,0x4C,0x1C,0x7B,0x65,
3245 0xD3,0xE6,0xA6,0x00,0xF5,0x5A,0x95,0x43,0x5E,0x81,0xCF,0x60,
3246 0xA2,0x23,0xFC,0x36,0xA7,0x5D,0x7A,0x4C,0x06,0x91,0x6E,0xF6,
3247 0x57,0xEE,0x36,0xCB,0x06,0xEA,0xF5,0x3D,0x95,0x49,0xCB,0xA7,
3248 0xDD,0x81,0xDF,0x80,0x09,0x4A,0x97,0x4D,0xA8,0x22,0x72,0xA1,
3249 0x7F,0xC4,0x70,0x56,0x70,0xE8,0x20,0x10,0x18,0x8F,0x2E,0x60,
3250 0x07,0xE7,0x68,0x1A,0x82,0x5D,0x32,0xA2,
3254 if ((dh=DH_new()) == NULL) return(NULL);
3255 dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
3256 dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
3257 if ((dh->p == NULL) || (dh->g == NULL))
3258 { DH_free(dh); return(NULL); }
3264 #ifndef OPENSSL_NO_PSK
3265 /* convert the PSK key (psk_key) in ascii to binary (psk) */
3266 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3267 unsigned int max_psk_len)
3272 ret = BN_hex2bn(&bn, pskkey);
3275 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", pskkey);
3280 if (BN_num_bytes(bn) > (int)max_psk_len)
3282 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
3283 max_psk_len, BN_num_bytes(bn));
3287 ret = BN_bn2bin(bn, psk);
3292 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
3293 unsigned int max_identity_len, unsigned char *psk,
3294 unsigned int max_psk_len)
3297 unsigned int psk_len = 0;
3299 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3303 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, ret);
3304 ret = psk_key2bn(psk_key, psk, max_psk_len);
3312 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3313 unsigned char *psk, unsigned int max_psk_len)
3315 unsigned int psk_len=0;
3317 if (strcmp(identity, "Client_identity") != 0)
3319 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3322 psk_len=psk_key2bn(psk_key, psk, max_psk_len);
3327 static int do_test_cipherlist(void)
3330 const SSL_METHOD *meth;
3331 const SSL_CIPHER *ci, *tci = NULL;
3333 #ifndef OPENSSL_NO_SSL3
3334 fprintf(stderr, "testing SSLv3 cipher list order: ");
3335 meth = SSLv3_method();
3337 while ((ci = meth->get_cipher(i++)) != NULL)
3340 if (ci->id >= tci->id)
3342 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3347 fprintf(stderr, "ok\n");
3349 #ifndef OPENSSL_NO_TLS1
3350 fprintf(stderr, "testing TLSv1 cipher list order: ");
3351 meth = TLSv1_method();
3353 while ((ci = meth->get_cipher(i++)) != NULL)
3356 if (ci->id >= tci->id)
3358 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3363 fprintf(stderr, "ok\n");