2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly
144 on Linux and GNU platforms. */
157 #ifdef OPENSSL_SYS_VMS
158 #define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on
159 VMS (at least with DECompHP C). */
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
184 #ifndef OPENSSL_NO_SRP
185 #include <openssl/srp.h>
187 #include <openssl/bn.h>
189 #define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly
190 on Compaq platforms (at least with DEC C).
191 Do not try to put it earlier, or IPv6 includes
195 #ifdef OPENSSL_SYS_WINDOWS
198 #include OPENSSL_UNISTD
201 #ifdef OPENSSL_SYS_VMS
202 # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
203 # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
204 #elif defined(OPENSSL_SYS_WINCE)
205 # define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
206 # define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
207 #elif defined(OPENSSL_SYS_NETWARE)
208 # define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
209 # define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
211 # define TEST_SERVER_CERT "../apps/server.pem"
212 # define TEST_CLIENT_CERT "../apps/client.pem"
215 /* There is really no standard for this, so let's assign some tentative
216 numbers. In any case, these numbers are only for this test */
220 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
221 #ifndef OPENSSL_NO_RSA
222 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
223 static void free_tmp_rsa(void);
225 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
226 #define APP_CALLBACK_STRING "Test Callback Argument"
227 struct app_verify_arg
231 int allow_proxy_certs;
236 #ifndef OPENSSL_NO_DH
237 static DH *get_dh512(void);
238 static DH *get_dh1024(void);
239 static DH *get_dh1024dsa(void);
243 static char *psk_key=NULL; /* by default PSK is not used */
244 #ifndef OPENSSL_NO_PSK
245 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
246 unsigned int max_identity_len, unsigned char *psk,
247 unsigned int max_psk_len);
248 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
249 unsigned int max_psk_len);
252 #ifndef OPENSSL_NO_SRP
254 /* This is a context that we pass to all callbacks */
255 typedef struct srp_client_arg_st
261 #define PWD_STRLEN 1024
263 static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
265 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
266 return BUF_strdup((char *)srp_client_arg->srppassin);
270 /* This is a context that we pass to SRP server callbacks */
271 typedef struct srp_server_arg_st
277 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
279 SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
281 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
283 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
284 return SSL3_AL_FATAL;
286 if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
288 *ad = SSL_AD_INTERNAL_ERROR;
289 return SSL3_AL_FATAL;
291 return SSL_ERROR_NONE;
295 static BIO *bio_err=NULL;
296 static BIO *bio_stdout=NULL;
298 static const char *alpn_client;
299 static const char *alpn_server;
300 static const char *alpn_expected;
301 static unsigned char *alpn_selected;
303 /* next_protos_parse parses a comma separated list of strings into a string
304 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
305 * outlen: (output) set to the length of the resulting buffer on success.
306 * err: (maybe NULL) on failure, an error message line is written to this BIO.
307 * in: a NUL termianted string like "abc,def,ghi"
309 * returns: a malloced buffer or NULL on failure.
311 static unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
321 out = OPENSSL_malloc(strlen(in) + 1);
325 for (i = 0; i <= len; ++i)
327 if (i == len || in[i] == ',')
334 out[start] = i - start;
345 static int cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
347 unsigned char *protos;
348 unsigned short protos_len;
350 protos = next_protos_parse(&protos_len, alpn_server);
353 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", alpn_server);
357 if (SSL_select_next_proto((unsigned char**) out, outlen, protos, protos_len, in, inlen) !=
358 OPENSSL_NPN_NEGOTIATED)
360 OPENSSL_free(protos);
361 return SSL_TLSEXT_ERR_NOACK;
364 /* Make a copy of the selected protocol which will be freed in verify_alpn. */
365 alpn_selected = OPENSSL_malloc(*outlen);
366 memcpy(alpn_selected, *out, *outlen);
367 *out = alpn_selected;
369 OPENSSL_free(protos);
370 return SSL_TLSEXT_ERR_OK;
373 static int verify_alpn(SSL *client, SSL *server)
375 const unsigned char *client_proto, *server_proto;
376 unsigned int client_proto_len = 0, server_proto_len = 0;
377 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
378 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
380 if (alpn_selected != NULL)
382 OPENSSL_free(alpn_selected);
383 alpn_selected = NULL;
386 if (client_proto_len != server_proto_len ||
387 memcmp(client_proto, server_proto, client_proto_len) != 0)
389 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
393 if (client_proto_len > 0 && alpn_expected == NULL)
395 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
399 if (alpn_expected != NULL &&
400 (client_proto_len != strlen(alpn_expected) ||
401 memcmp(client_proto, alpn_expected, client_proto_len) != 0))
403 BIO_printf(bio_stdout, "ALPN selected protocols not equal to expected protocol: %s\n", alpn_expected);
410 BIO_printf(bio_stdout, "ALPN results: client: '");
411 BIO_write(bio_stdout, client_proto, client_proto_len);
412 BIO_printf(bio_stdout, "', server: '");
413 BIO_write(bio_stdout, server_proto, server_proto_len);
414 BIO_printf(bio_stdout, "'\n");
415 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", alpn_client, alpn_server);
419 #define SCT_EXT_TYPE 18
421 /* WARNING : below extension types are *NOT* IETF assigned, and
422 could conflict if these types are reassigned and handled
423 specially by OpenSSL in the future */
424 #define TACK_EXT_TYPE 62208
425 #define CUSTOM_EXT_TYPE_0 1000
426 #define CUSTOM_EXT_TYPE_1 1001
427 #define CUSTOM_EXT_TYPE_2 1002
428 #define CUSTOM_EXT_TYPE_3 1003
430 const char custom_ext_cli_string[] = "abc";
431 const char custom_ext_srv_string[] = "defg";
433 /* These set from cmdline */
434 char* serverinfo_file = NULL;
435 int serverinfo_sct = 0;
436 int serverinfo_tack = 0;
438 /* These set based on extension callbacks */
439 int serverinfo_sct_seen = 0;
440 int serverinfo_tack_seen = 0;
441 int serverinfo_other_seen = 0;
443 /* This set from cmdline */
446 /* This set based on extension callbacks */
447 int custom_ext_error = 0;
449 /*Not IETF assigned supplemental data types*/
450 #define CUSTOM_SUPP_DATA_TYPE_0 100
451 #define CUSTOM_SUPP_DATA_TYPE_1 101
452 #define CUSTOM_SUPP_DATA_TYPE_2 102
454 const char supp_data_0_string[] = "00000";
457 int suppdata_error = 0;
459 static int serverinfo_cli_cb(SSL* s, unsigned short ext_type,
460 const unsigned char* in, unsigned short inlen,
463 if (ext_type == SCT_EXT_TYPE)
464 serverinfo_sct_seen++;
465 else if (ext_type == TACK_EXT_TYPE)
466 serverinfo_tack_seen++;
468 serverinfo_other_seen++;
472 static int verify_serverinfo()
474 if (serverinfo_sct != serverinfo_sct_seen)
476 if (serverinfo_tack != serverinfo_tack_seen)
478 if (serverinfo_other_seen)
483 /* Four test cases for custom extensions:
484 * 0 - no ClientHello extension or ServerHello response
485 * 1 - ClientHello with "abc", no response
486 * 2 - ClientHello with "abc", empty response
487 * 3 - ClientHello with "abc", "defg" response
490 static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type,
491 const unsigned char **out,
492 unsigned short *outlen, int *al, void *arg)
494 if (ext_type != CUSTOM_EXT_TYPE_0)
495 custom_ext_error = 1;
496 return -1; /* Don't send an extension */
499 static int custom_ext_0_cli_second_cb(SSL *s, unsigned short ext_type,
500 const unsigned char *in,
501 unsigned short inlen, int *al,
504 custom_ext_error = 1; /* Shouldn't be called */
508 static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type,
509 const unsigned char **out,
510 unsigned short *outlen, int *al, void *arg)
512 if (ext_type != CUSTOM_EXT_TYPE_1)
513 custom_ext_error = 1;
514 *out = (const unsigned char*)custom_ext_cli_string;
515 *outlen = strlen(custom_ext_cli_string);
516 return 1; /* Send "abc" */
519 static int custom_ext_1_cli_second_cb(SSL *s, unsigned short ext_type,
520 const unsigned char *in,
521 unsigned short inlen, int *al,
524 custom_ext_error = 1; /* Shouldn't be called */
528 static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type,
529 const unsigned char **out,
530 unsigned short *outlen, int *al, void *arg)
532 if (ext_type != CUSTOM_EXT_TYPE_2)
533 custom_ext_error = 1;
534 *out = (const unsigned char*)custom_ext_cli_string;
535 *outlen = strlen(custom_ext_cli_string);
536 return 1; /* Send "abc" */
539 static int custom_ext_2_cli_second_cb(SSL *s, unsigned short ext_type,
540 const unsigned char *in,
541 unsigned short inlen, int *al,
544 if (ext_type != CUSTOM_EXT_TYPE_2)
545 custom_ext_error = 1;
547 custom_ext_error = 1; /* Should be empty response */
551 static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type,
552 const unsigned char **out,
553 unsigned short *outlen, int *al, void *arg)
555 if (ext_type != CUSTOM_EXT_TYPE_3)
556 custom_ext_error = 1;
557 *out = (const unsigned char*)custom_ext_cli_string;
558 *outlen = strlen(custom_ext_cli_string);
559 return 1; /* Send "abc" */
562 static int custom_ext_3_cli_second_cb(SSL *s, unsigned short ext_type,
563 const unsigned char *in,
564 unsigned short inlen, int *al,
567 if (ext_type != CUSTOM_EXT_TYPE_3)
568 custom_ext_error = 1;
569 if (inlen != strlen(custom_ext_srv_string))
570 custom_ext_error = 1;
571 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
572 custom_ext_error = 1; /* Check for "defg" */
576 //custom_ext_0_cli_first_cb returns -1 - the server won't receive a callback for this extension
577 static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type,
578 const unsigned char *in,
579 unsigned short inlen, int *al,
582 custom_ext_error = 1;
583 return 0; /* Shouldn't be called */
586 //'generate' callbacks are always called, even if the 'receive' callback isn't called
587 static int custom_ext_0_srv_second_cb(SSL *s, unsigned short ext_type,
588 const unsigned char **out,
589 unsigned short *outlen, int *al, void *arg)
591 return -1; /* Don't send an extension */
594 static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
595 const unsigned char *in,
596 unsigned short inlen, int *al,
599 if (ext_type != CUSTOM_EXT_TYPE_1)
600 custom_ext_error = 1;
601 /* Check for "abc" */
602 if (inlen != strlen(custom_ext_cli_string))
603 custom_ext_error = 1;
604 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
605 custom_ext_error = 1;
609 static int custom_ext_1_srv_second_cb(SSL *s, unsigned short ext_type,
610 const unsigned char **out,
611 unsigned short *outlen, int *al, void *arg)
613 return -1; /* Don't send an extension */
616 static int custom_ext_2_srv_first_cb(SSL *s, unsigned short ext_type,
617 const unsigned char *in,
618 unsigned short inlen, int *al,
621 if (ext_type != CUSTOM_EXT_TYPE_2)
622 custom_ext_error = 1;
623 /* Check for "abc" */
624 if (inlen != strlen(custom_ext_cli_string))
625 custom_ext_error = 1;
626 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
627 custom_ext_error = 1;
631 static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type,
632 const unsigned char **out,
633 unsigned short *outlen, int *al, void *arg)
637 return 1; /* Send empty extension */
640 static int custom_ext_3_srv_first_cb(SSL *s, unsigned short ext_type,
641 const unsigned char *in,
642 unsigned short inlen, int *al,
645 if (ext_type != CUSTOM_EXT_TYPE_3)
646 custom_ext_error = 1;
647 /* Check for "abc" */
648 if (inlen != strlen(custom_ext_cli_string))
649 custom_ext_error = 1;
650 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
651 custom_ext_error = 1;
655 static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
656 const unsigned char **out,
657 unsigned short *outlen, int *al, void *arg)
659 *out = (const unsigned char*)custom_ext_srv_string;
660 *outlen = strlen(custom_ext_srv_string);
661 return 1; /* Send "defg" */
664 static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type,
665 const unsigned char **out,
666 unsigned short *outlen, int *al, void *arg)
668 *out = (const unsigned char*)supp_data_0_string;
669 *outlen = strlen(supp_data_0_string);
675 static int supp_data_0_srv_second_cb(SSL *s, unsigned short supp_data_type,
676 const unsigned char *in,
677 unsigned short inlen, int *al,
680 if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0)
682 if (inlen != strlen(supp_data_0_string))
684 if (memcmp(in, supp_data_0_string, inlen) != 0)
691 static int supp_data_1_srv_first_cb(SSL *s, unsigned short supp_data_type,
692 const unsigned char **out,
693 unsigned short *outlen, int *al, void *arg)
698 static int supp_data_1_srv_second_cb(SSL *s, unsigned short supp_data_type,
699 const unsigned char *in,
700 unsigned short inlen, int *al,
707 static int supp_data_2_srv_second_cb(SSL *s, unsigned short supp_data_type,
708 const unsigned char *in,
709 unsigned short inlen, int *al,
716 static int supp_data_0_cli_first_cb(SSL *s, unsigned short supp_data_type,
717 const unsigned char *in,
718 unsigned short inlen, int *al,
721 if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0)
723 if (inlen != strlen(supp_data_0_string))
725 if (memcmp(in, supp_data_0_string, inlen) != 0)
732 static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type,
733 const unsigned char **out,
734 unsigned short *outlen, int *al, void *arg)
736 *out = (const unsigned char*)supp_data_0_string;
737 *outlen = strlen(supp_data_0_string);
743 static int supp_data_1_cli_first_cb(SSL *s, unsigned short supp_data_type,
744 const unsigned char *in,
745 unsigned short inlen, int *al,
752 static int supp_data_1_cli_second_cb(SSL *s, unsigned short supp_data_type,
753 const unsigned char **out,
754 unsigned short *outlen, int *al, void *arg)
759 static int supp_data_2_cli_first_cb(SSL *s, unsigned short supp_data_type,
760 const unsigned char *in,
761 unsigned short inlen, int *al,
768 static char *cipher=NULL;
769 static int verbose=0;
778 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
780 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
781 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
782 static int do_test_cipherlist(void);
783 static void sv_usage(void)
785 fprintf(stderr,"usage: ssltest [args ...]\n");
786 fprintf(stderr,"\n");
788 fprintf(stderr,"-F - run test in FIPS mode\n");
790 fprintf(stderr," -server_auth - check server certificate\n");
791 fprintf(stderr," -client_auth - do client authentication\n");
792 fprintf(stderr," -proxy - allow proxy certificates\n");
793 fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
794 fprintf(stderr," -proxy_cond <val> - experssion to test proxy policy rights\n");
795 fprintf(stderr," -v - more output\n");
796 fprintf(stderr," -d - debug output\n");
797 fprintf(stderr," -reuse - use session-id reuse\n");
798 fprintf(stderr," -num <val> - number of connections to perform\n");
799 fprintf(stderr," -bytes <val> - number of bytes to swap between client/server\n");
800 #ifndef OPENSSL_NO_DH
801 fprintf(stderr," -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
802 fprintf(stderr," -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
803 fprintf(stderr," -no_dhe - disable DHE\n");
805 #ifndef OPENSSL_NO_ECDH
806 fprintf(stderr," -no_ecdhe - disable ECDHE\n");
808 #ifndef OPENSSL_NO_PSK
809 fprintf(stderr," -psk arg - PSK in hex (without 0x)\n");
811 #ifndef OPENSSL_NO_SRP
812 fprintf(stderr," -srpuser user - SRP username to use\n");
813 fprintf(stderr," -srppass arg - password for 'user'\n");
815 #ifndef OPENSSL_NO_SSL2
816 fprintf(stderr," -ssl2 - use SSLv2\n");
818 #ifndef OPENSSL_NO_SSL3
819 fprintf(stderr," -ssl3 - use SSLv3\n");
821 #ifndef OPENSSL_NO_TLS1
822 fprintf(stderr," -tls1 - use TLSv1\n");
824 fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
825 fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
826 fprintf(stderr," -cert arg - Server certificate file\n");
827 fprintf(stderr," -key arg - Server key file (default: same as -cert)\n");
828 fprintf(stderr," -c_cert arg - Client certificate file\n");
829 fprintf(stderr," -c_key arg - Client key file (default: same as -c_cert)\n");
830 fprintf(stderr," -cipher arg - The cipher list\n");
831 fprintf(stderr," -bio_pair - Use BIO pairs\n");
832 fprintf(stderr," -f - Test even cases that can't work\n");
833 fprintf(stderr," -time - measure processor time used by client and server\n");
834 fprintf(stderr," -zlib - use zlib compression\n");
835 fprintf(stderr," -rle - use rle compression\n");
836 #ifndef OPENSSL_NO_ECDH
837 fprintf(stderr," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
838 " Use \"openssl ecparam -list_curves\" for all names\n" \
839 " (default is sect163r2).\n");
841 fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
842 #ifndef OPENSSL_NO_TLSEXT
843 fprintf(stderr," -server_authz arg - binary authz file for certificate\n");
844 fprintf(stderr," -c_support_proof - indicate client support for server_authz audit proofs\n");
845 fprintf(stderr," -c_require_proof - fail if no audit proof is sent\n");
847 fprintf(stderr," -serverinfo_file file - have server use this file\n");
848 fprintf(stderr," -serverinfo_sct - have client offer and expect SCT\n");
849 fprintf(stderr," -serverinfo_tack - have client offer and expect TACK\n");
850 fprintf(stderr," -custom_ext - try various custom extension callbacks\n");
851 fprintf(stderr," -alpn_client <string> - have client side offer ALPN\n");
852 fprintf(stderr," -alpn_server <string> - have server side offer ALPN\n");
853 fprintf(stderr," -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
854 fprintf(stderr, "-suppdata - exercise supplemental data callbacks\n");
857 static void print_details(SSL *c_ssl, const char *prefix)
859 const SSL_CIPHER *ciph;
862 ciph=SSL_get_current_cipher(c_ssl);
863 BIO_printf(bio_stdout,"%s%s, cipher %s %s",
865 SSL_get_version(c_ssl),
866 SSL_CIPHER_get_version(ciph),
867 SSL_CIPHER_get_name(ciph));
868 cert=SSL_get_peer_certificate(c_ssl);
871 EVP_PKEY *pkey = X509_get_pubkey(cert);
876 #ifndef OPENSSL_NO_RSA
877 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
878 && pkey->pkey.rsa->n != NULL)
880 BIO_printf(bio_stdout, ", %d bit RSA",
881 BN_num_bits(pkey->pkey.rsa->n));
884 #ifndef OPENSSL_NO_DSA
885 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
886 && pkey->pkey.dsa->p != NULL)
888 BIO_printf(bio_stdout, ", %d bit DSA",
889 BN_num_bits(pkey->pkey.dsa->p));
896 /* The SSL API does not allow us to look at temporary RSA/DH keys,
897 * otherwise we should print their lengths too */
898 BIO_printf(bio_stdout,"\n");
901 static void lock_dbg_cb(int mode, int type, const char *file, int line)
903 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
904 const char *errstr = NULL;
907 rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
908 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
910 errstr = "invalid mode";
914 if (type < 0 || type >= CRYPTO_NUM_LOCKS)
916 errstr = "type out of bounds";
920 if (mode & CRYPTO_LOCK)
924 errstr = "already locked";
925 /* must not happen in a single-threaded program
926 * (would deadlock) */
932 else if (mode & CRYPTO_UNLOCK)
936 errstr = "not locked";
940 if (modes[type] != rw)
942 errstr = (rw == CRYPTO_READ) ?
943 "CRYPTO_r_unlock on write lock" :
944 "CRYPTO_w_unlock on read lock";
951 errstr = "invalid mode";
958 /* we cannot use bio_err here */
959 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
960 errstr, mode, type, file, line);
964 #ifdef TLSEXT_TYPE_opaque_prf_input
965 struct cb_info_st { void *input; size_t len; int ret; };
966 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
967 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
968 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
969 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
971 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
973 struct cb_info_st *arg = arg_;
978 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
984 #ifndef OPENSSL_NO_TLSEXT
985 struct audit_proof_cb_arg_st
987 unsigned char *expected_proof;
988 size_t expected_proof_length;
992 struct audit_proof_cb_arg_st c_expected = { NULL, 0, 0 };
994 static int audit_proof_cb(SSL *s, void *arg)
996 const unsigned char *proof;
998 SSL_SESSION *sess = SSL_get_session(s);
999 struct audit_proof_cb_arg_st *cb_arg = (struct audit_proof_cb_arg_st*)arg;
1001 proof = SSL_SESSION_get_tlsext_authz_server_audit_proof(sess,
1005 if (proof_len == cb_arg->expected_proof_length &&
1006 cb_arg->expected_proof != NULL &&
1007 memcmp(proof, cb_arg->expected_proof, proof_len) == 0)
1009 BIO_printf(bio_stdout, "Audit proof OK (%lu bytes).\n",
1015 BIO_printf(bio_stdout, "Audit proof mismatch.\n");
1016 /* Cause handshake failure. */
1021 else /* proof == NULL */
1023 BIO_printf(bio_stdout, "No audit proof found.\n");
1024 if (cb_arg->require)
1026 /* Cause handshake failure. */
1034 int main(int argc, char *argv[])
1036 char *CApath=NULL,*CAfile=NULL;
1040 int tls1=0,ssl2=0,ssl3=0,ret=1;
1042 int server_auth=0,i;
1043 struct app_verify_arg app_verify_arg =
1044 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
1045 char *server_cert=TEST_SERVER_CERT;
1046 char *server_key=NULL;
1047 char *client_cert=TEST_CLIENT_CERT;
1048 char *client_key=NULL;
1049 #ifndef OPENSSL_NO_ECDH
1050 char *named_curve = NULL;
1052 SSL_CTX *s_ctx=NULL;
1053 SSL_CTX *c_ctx=NULL;
1054 const SSL_METHOD *meth=NULL;
1056 int number=1,reuse=0;
1058 #ifndef OPENSSL_NO_DH
1060 int dhe1024 = 0, dhe1024dsa = 0;
1062 #ifndef OPENSSL_NO_ECDH
1063 EC_KEY *ecdh = NULL;
1065 #ifndef OPENSSL_NO_SRP
1067 SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
1069 SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
1075 clock_t s_time = 0, c_time = 0;
1076 #ifndef OPENSSL_NO_COMP
1078 COMP_METHOD *cm = NULL;
1079 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1081 int test_cipherlist = 0;
1085 #ifndef OPENSSL_NO_TLSEXT
1086 char *s_authz_file = NULL;
1087 int c_support_proof = 0;
1088 int c_require_proof = 0;
1095 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);
1097 CRYPTO_set_locking_callback(lock_dbg_cb);
1099 /* enable memory leak checking unless explicitly disabled */
1100 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
1102 CRYPTO_malloc_debug_init();
1103 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1107 /* OPENSSL_DEBUG_MEMORY=off */
1108 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1110 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1112 RAND_seed(rnd_seed, sizeof rnd_seed);
1114 bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
1121 if(!strcmp(*argv,"-F"))
1126 fprintf(stderr,"not compiled with FIPS support, so exitting without running.\n");
1130 else if (strcmp(*argv,"-server_auth") == 0)
1132 else if (strcmp(*argv,"-client_auth") == 0)
1134 else if (strcmp(*argv,"-proxy_auth") == 0)
1136 if (--argc < 1) goto bad;
1137 app_verify_arg.proxy_auth= *(++argv);
1139 else if (strcmp(*argv,"-proxy_cond") == 0)
1141 if (--argc < 1) goto bad;
1142 app_verify_arg.proxy_cond= *(++argv);
1144 else if (strcmp(*argv,"-v") == 0)
1146 else if (strcmp(*argv,"-d") == 0)
1148 else if (strcmp(*argv,"-reuse") == 0)
1150 else if (strcmp(*argv,"-dhe1024") == 0)
1152 #ifndef OPENSSL_NO_DH
1155 fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1158 else if (strcmp(*argv,"-dhe1024dsa") == 0)
1160 #ifndef OPENSSL_NO_DH
1163 fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1166 else if (strcmp(*argv,"-no_dhe") == 0)
1168 else if (strcmp(*argv,"-no_ecdhe") == 0)
1170 else if (strcmp(*argv,"-psk") == 0)
1172 if (--argc < 1) goto bad;
1174 #ifndef OPENSSL_NO_PSK
1175 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
1177 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1184 #ifndef OPENSSL_NO_SRP
1185 else if (strcmp(*argv,"-srpuser") == 0)
1187 if (--argc < 1) goto bad;
1188 srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
1191 else if (strcmp(*argv,"-srppass") == 0)
1193 if (--argc < 1) goto bad;
1194 srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
1198 else if (strcmp(*argv,"-ssl2") == 0)
1200 else if (strcmp(*argv,"-tls1") == 0)
1202 else if (strcmp(*argv,"-ssl3") == 0)
1204 else if (strncmp(*argv,"-num",4) == 0)
1206 if (--argc < 1) goto bad;
1207 number= atoi(*(++argv));
1208 if (number == 0) number=1;
1210 else if (strcmp(*argv,"-bytes") == 0)
1212 if (--argc < 1) goto bad;
1213 bytes= atol(*(++argv));
1214 if (bytes == 0L) bytes=1L;
1216 if (argv[0][i-1] == 'k') bytes*=1024L;
1217 if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
1219 else if (strcmp(*argv,"-cert") == 0)
1221 if (--argc < 1) goto bad;
1222 server_cert= *(++argv);
1224 else if (strcmp(*argv,"-s_cert") == 0)
1226 if (--argc < 1) goto bad;
1227 server_cert= *(++argv);
1229 else if (strcmp(*argv,"-key") == 0)
1231 if (--argc < 1) goto bad;
1232 server_key= *(++argv);
1234 else if (strcmp(*argv,"-s_key") == 0)
1236 if (--argc < 1) goto bad;
1237 server_key= *(++argv);
1239 else if (strcmp(*argv,"-c_cert") == 0)
1241 if (--argc < 1) goto bad;
1242 client_cert= *(++argv);
1244 else if (strcmp(*argv,"-c_key") == 0)
1246 if (--argc < 1) goto bad;
1247 client_key= *(++argv);
1249 else if (strcmp(*argv,"-cipher") == 0)
1251 if (--argc < 1) goto bad;
1254 else if (strcmp(*argv,"-CApath") == 0)
1256 if (--argc < 1) goto bad;
1259 else if (strcmp(*argv,"-CAfile") == 0)
1261 if (--argc < 1) goto bad;
1264 else if (strcmp(*argv,"-bio_pair") == 0)
1268 else if (strcmp(*argv,"-f") == 0)
1272 else if (strcmp(*argv,"-time") == 0)
1276 #ifndef OPENSSL_NO_COMP
1277 else if (strcmp(*argv,"-zlib") == 0)
1281 else if (strcmp(*argv,"-rle") == 0)
1286 else if (strcmp(*argv,"-named_curve") == 0)
1288 if (--argc < 1) goto bad;
1289 #ifndef OPENSSL_NO_ECDH
1290 named_curve = *(++argv);
1292 fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
1296 else if (strcmp(*argv,"-app_verify") == 0)
1298 app_verify_arg.app_verify = 1;
1300 else if (strcmp(*argv,"-proxy") == 0)
1302 app_verify_arg.allow_proxy_certs = 1;
1304 else if (strcmp(*argv,"-test_cipherlist") == 0)
1306 test_cipherlist = 1;
1308 #ifndef OPENSSL_NO_TLSEXT
1309 else if(strcmp(*argv,"-server_authz") == 0)
1311 if (--argc < 1) goto bad;
1312 s_authz_file = *(++argv);
1315 else if (strcmp(*argv,"-c_support_proof") == 0)
1317 c_support_proof = 1;
1320 else if (strcmp(*argv,"-c_require_proof") == 0)
1322 c_require_proof = 1;
1326 else if (strcmp(*argv,"-serverinfo_sct") == 0)
1330 else if (strcmp(*argv,"-serverinfo_tack") == 0)
1332 serverinfo_tack = 1;
1334 else if (strcmp(*argv,"-serverinfo_file") == 0)
1336 if (--argc < 1) goto bad;
1337 serverinfo_file = *(++argv);
1339 else if (strcmp(*argv,"-custom_ext") == 0)
1343 else if (strcmp(*argv,"-alpn_client") == 0)
1345 if (--argc < 1) goto bad;
1346 alpn_client = *(++argv);
1348 else if (strcmp(*argv,"-alpn_server") == 0)
1350 if (--argc < 1) goto bad;
1351 alpn_server = *(++argv);
1353 else if (strcmp(*argv,"-alpn_expected") == 0)
1355 if (--argc < 1) goto bad;
1356 alpn_expected = *(++argv);
1358 else if (strcmp(*argv,"-suppdata") == 0)
1364 fprintf(stderr,"unknown option %s\n",*argv);
1378 if (test_cipherlist == 1)
1380 /* ensure that the cipher list are correctly sorted and exit */
1381 if (do_test_cipherlist() == 0)
1387 if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
1389 fprintf(stderr, "This case cannot work. Use -f to perform "
1390 "the test anyway (and\n-d to see what happens), "
1391 "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
1392 "to avoid protocol mismatch.\n");
1395 if (c_require_proof && s_authz_file == NULL && !force)
1397 fprintf(stderr, "This case cannot work. -c_require_proof "
1398 "requires an audit proof, but none was supplied. "
1399 "Use -f to perform the test anyway (and\n-d to see "
1400 "what happens), or use -server_authz to supply an "
1408 if(!FIPS_mode_set(1))
1410 ERR_load_crypto_strings();
1411 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
1415 fprintf(stderr,"*** IN FIPS MODE ***\n");
1423 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1426 if (number < 50 && !force)
1427 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1430 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1433 SSL_load_error_strings();
1435 #ifndef OPENSSL_NO_COMP
1436 if (comp == COMP_ZLIB) cm = COMP_zlib();
1437 if (comp == COMP_RLE) cm = COMP_rle();
1440 if (cm->type != NID_undef)
1442 if (SSL_COMP_add_compression_method(comp, cm) != 0)
1445 "Failed to add compression method\n");
1446 ERR_print_errors_fp(stderr);
1452 "Warning: %s compression not supported\n",
1453 (comp == COMP_RLE ? "rle" :
1454 (comp == COMP_ZLIB ? "zlib" :
1456 ERR_print_errors_fp(stderr);
1459 ssl_comp_methods = SSL_COMP_get_compression_methods();
1460 fprintf(stderr, "Available compression methods:\n");
1462 int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1464 fprintf(stderr, " NONE\n");
1466 for (j = 0; j < n; j++)
1468 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1469 fprintf(stderr, " %d: %s\n", c->id, c->name);
1474 #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
1476 meth=SSLv2_method();
1479 meth=TLSv1_method();
1482 meth=SSLv3_method();
1484 meth=SSLv23_method();
1486 #ifdef OPENSSL_NO_SSL2
1488 meth=TLSv1_method();
1491 meth=SSLv3_method();
1493 meth=SSLv23_method();
1495 meth=SSLv2_method();
1499 c_ctx=SSL_CTX_new(meth);
1500 s_ctx=SSL_CTX_new(meth);
1501 if ((c_ctx == NULL) || (s_ctx == NULL))
1503 ERR_print_errors(bio_err);
1509 SSL_CTX_set_cipher_list(c_ctx,cipher);
1510 SSL_CTX_set_cipher_list(s_ctx,cipher);
1513 #ifndef OPENSSL_NO_DH
1518 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
1519 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1526 SSL_CTX_set_tmp_dh(s_ctx,dh);
1533 #ifndef OPENSSL_NO_ECDH
1538 if (named_curve != NULL)
1540 nid = OBJ_sn2nid(named_curve);
1543 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1548 #ifdef OPENSSL_NO_EC2M
1549 nid = NID_X9_62_prime256v1;
1551 nid = NID_sect163r2;
1554 ecdh = EC_KEY_new_by_curve_name(nid);
1557 BIO_printf(bio_err, "unable to create curve\n");
1561 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1562 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1569 #ifndef OPENSSL_NO_RSA
1570 SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
1573 #ifdef TLSEXT_TYPE_opaque_prf_input
1574 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1575 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1576 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
1577 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
1580 if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
1582 ERR_print_errors(bio_err);
1584 else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1585 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
1587 ERR_print_errors(bio_err);
1593 SSL_CTX_use_certificate_file(c_ctx,client_cert,
1595 SSL_CTX_use_PrivateKey_file(c_ctx,
1596 (client_key?client_key:client_cert),
1600 if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
1601 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1602 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
1603 (!SSL_CTX_set_default_verify_paths(c_ctx)))
1605 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1606 ERR_print_errors(bio_err);
1612 BIO_printf(bio_err,"client authentication\n");
1613 SSL_CTX_set_verify(s_ctx,
1614 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1616 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1620 BIO_printf(bio_err,"server authentication\n");
1621 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1623 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1627 int session_id_context = 0;
1628 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1631 /* Use PSK only if PSK key is given */
1632 if (psk_key != NULL)
1634 /* no_psk is used to avoid putting psk command to openssl tool */
1637 /* if PSK is not compiled in and psk key is
1638 * given, do nothing and exit successfully */
1642 #ifndef OPENSSL_NO_PSK
1643 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1644 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1646 BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1647 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1649 BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1650 ERR_print_errors(bio_err);
1655 #ifndef OPENSSL_NO_SRP
1656 if (srp_client_arg.srplogin)
1658 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
1660 BIO_printf(bio_err,"Unable to set SRP username\n");
1663 SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
1664 SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
1665 /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
1668 if (srp_server_arg.expected_user != NULL)
1670 SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
1671 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1672 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1675 #ifndef OPENSSL_NO_TLSEXT
1676 if (s_authz_file != NULL)
1678 if(!SSL_CTX_use_authz_file(s_ctx, s_authz_file))
1680 BIO_printf(bio_err, "Unable to set authz data\n");
1684 if (c_support_proof || c_require_proof)
1686 size_t proof_length;
1687 const unsigned char *proof = SSL_CTX_get_authz_data(s_ctx,
1688 TLSEXT_AUTHZDATAFORMAT_audit_proof, &proof_length);
1691 /* Store a local copy. */
1692 c_expected.expected_proof = OPENSSL_malloc(proof_length);
1693 c_expected.expected_proof_length = proof_length;
1694 memcpy(c_expected.expected_proof, proof, proof_length);
1696 c_expected.require = c_require_proof;
1697 SSL_CTX_set_tlsext_authz_server_audit_proof_cb(c_ctx,
1699 SSL_CTX_set_tlsext_authz_server_audit_proof_cb_arg(c_ctx,
1705 SSL_CTX_set_custom_cli_ext(c_ctx, SCT_EXT_TYPE, NULL,
1706 serverinfo_cli_cb, NULL);
1707 if (serverinfo_tack)
1708 SSL_CTX_set_custom_cli_ext(c_ctx, TACK_EXT_TYPE, NULL,
1709 serverinfo_cli_cb, NULL);
1711 if (serverinfo_file)
1712 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file))
1714 BIO_printf(bio_err, "missing serverinfo file\n");
1720 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1721 custom_ext_0_cli_first_cb,
1722 custom_ext_0_cli_second_cb, NULL);
1723 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1724 custom_ext_1_cli_first_cb,
1725 custom_ext_1_cli_second_cb, NULL);
1726 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1727 custom_ext_2_cli_first_cb,
1728 custom_ext_2_cli_second_cb, NULL);
1729 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1730 custom_ext_3_cli_first_cb,
1731 custom_ext_3_cli_second_cb, NULL);
1734 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1735 custom_ext_0_srv_first_cb,
1736 custom_ext_0_srv_second_cb, NULL);
1737 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1738 custom_ext_1_srv_first_cb,
1739 custom_ext_1_srv_second_cb, NULL);
1740 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1741 custom_ext_2_srv_first_cb,
1742 custom_ext_2_srv_second_cb, NULL);
1743 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1744 custom_ext_3_srv_first_cb,
1745 custom_ext_3_srv_second_cb, NULL);
1749 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1753 unsigned short alpn_len;
1754 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1758 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1761 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1765 c_ssl=SSL_new(c_ctx);
1766 s_ssl=SSL_new(s_ctx);
1771 //client and server both send and receive, verify additional arg passed back
1772 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_srv_first_cb, supp_data_0_srv_second_cb, s_ssl);
1773 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_cli_first_cb, supp_data_0_cli_second_cb, c_ssl);
1775 //-1 response from sending server/client doesn't receive, -1 response from sending client/server doesn't receive
1776 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_srv_first_cb, supp_data_1_srv_second_cb, NULL);
1777 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_cli_first_cb, supp_data_1_cli_second_cb, NULL);
1779 //null sending server/client doesn't receive, null sending client/server doesn't receive
1780 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2, /*supp_data_2_srv_first_cb*/NULL, supp_data_2_srv_second_cb, NULL);
1781 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2, supp_data_2_cli_first_cb, /*supp_data_2_cli_second_cb*/NULL, NULL);
1783 //alerts set to non-zero and zero return values not tested
1785 #ifndef OPENSSL_NO_KRB5
1786 if (c_ssl && c_ssl->kssl_ctx)
1788 char localhost[MAXHOSTNAMELEN+2];
1790 if (gethostname(localhost, sizeof localhost-1) == 0)
1792 localhost[sizeof localhost-1]='\0';
1793 if(strlen(localhost) == sizeof localhost-1)
1795 BIO_printf(bio_err,"localhost name too long\n");
1798 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1802 #endif /* OPENSSL_NO_KRB5 */
1804 for (i=0; i<number; i++)
1806 if (!reuse) SSL_set_session(c_ssl,NULL);
1808 ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1810 ret=doit(s_ssl,c_ssl,bytes);
1815 print_details(c_ssl, "");
1817 if ((number > 1) || (bytes > 1L))
1818 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1821 #ifdef CLOCKS_PER_SEC
1822 /* "To determine the time in seconds, the value returned
1823 * by the clock function should be divided by the value
1824 * of the macro CLOCKS_PER_SEC."
1825 * -- ISO/IEC 9899 */
1826 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1827 "Approximate total client time: %6.2f s\n",
1828 (double)s_time/CLOCKS_PER_SEC,
1829 (double)c_time/CLOCKS_PER_SEC);
1831 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
1832 * -- cc on NeXTstep/OpenStep */
1833 BIO_printf(bio_stdout,
1834 "Approximate total server time: %6.2f units\n"
1835 "Approximate total client time: %6.2f units\n",
1845 if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1846 if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1848 if (bio_stdout != NULL) BIO_free(bio_stdout);
1850 #ifndef OPENSSL_NO_RSA
1853 #ifndef OPENSSL_NO_ENGINE
1856 #ifndef OPENSSL_NO_TLSEXT
1857 if (c_expected.expected_proof != NULL)
1858 OPENSSL_free(c_expected.expected_proof);
1860 CRYPTO_cleanup_all_ex_data();
1862 ERR_remove_thread_state(NULL);
1864 CRYPTO_mem_leaks(bio_err);
1865 if (bio_err != NULL) BIO_free(bio_err);
1870 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1871 clock_t *s_time, clock_t *c_time)
1873 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1874 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1875 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1878 size_t bufsiz = 256; /* small buffer for testing */
1880 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1882 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1885 s_ssl_bio = BIO_new(BIO_f_ssl());
1889 c_ssl_bio = BIO_new(BIO_f_ssl());
1893 SSL_set_connect_state(c_ssl);
1894 SSL_set_bio(c_ssl, client, client);
1895 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1897 SSL_set_accept_state(s_ssl);
1898 SSL_set_bio(s_ssl, server, server);
1899 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1903 /* c_ssl_bio: SSL filter BIO
1905 * client: pseudo-I/O for SSL library
1907 * client_io: client's SSL communication; usually to be
1908 * relayed over some I/O facility, but in this
1909 * test program, we're the server, too:
1911 * server_io: server's SSL communication
1913 * server: pseudo-I/O for SSL library
1915 * s_ssl_bio: SSL filter BIO
1917 * The client and the server each employ a "BIO pair":
1918 * client + client_io, server + server_io.
1919 * BIO pairs are symmetric. A BIO pair behaves similar
1920 * to a non-blocking socketpair (but both endpoints must
1921 * be handled by the same thread).
1922 * [Here we could connect client and server to the ends
1923 * of a single BIO pair, but then this code would be less
1924 * suitable as an example for BIO pairs in general.]
1926 * Useful functions for querying the state of BIO pair endpoints:
1928 * BIO_ctrl_pending(bio) number of bytes we can read now
1929 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1930 * other side's read attempt
1931 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1933 * ..._read_request is never more than ..._write_guarantee;
1934 * it depends on the application which one you should use.
1937 /* We have non-blocking behaviour throughout this test program, but
1938 * can be sure that there is *some* progress in each iteration; so
1939 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1940 * -- we just try everything in each iteration
1946 MS_STATIC char cbuf[1024*8];
1948 clock_t c_clock = clock();
1950 memset(cbuf, 0, sizeof(cbuf));
1953 if (SSL_in_init(c_ssl))
1954 printf("client waiting in SSL_connect - %s\n",
1955 SSL_state_string_long(c_ssl));
1959 /* Write to server. */
1961 if (cw_num > (long)sizeof cbuf)
1965 r = BIO_write(c_ssl_bio, cbuf, i);
1968 if (!BIO_should_retry(c_ssl_bio))
1970 fprintf(stderr,"ERROR in CLIENT\n");
1973 /* BIO_should_retry(...) can just be ignored here.
1974 * The library expects us to call BIO_write with
1975 * the same arguments again, and that's what we will
1976 * do in the next iteration. */
1980 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1986 printf("client wrote %d\n", r);
1993 /* Read from server. */
1995 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1998 if (!BIO_should_retry(c_ssl_bio))
2000 fprintf(stderr,"ERROR in CLIENT\n");
2003 /* Again, "BIO_should_retry" can be ignored. */
2007 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2013 printf("client read %d\n", r);
2018 /* c_time and s_time increments will typically be very small
2019 * (depending on machine speed and clock tick intervals),
2020 * but sampling over a large number of connections should
2021 * result in fairly accurate figures. We cannot guarantee
2022 * a lot, however -- if each connection lasts for exactly
2023 * one clock tick, it will be counted only for the client
2024 * or only for the server or even not at all.
2026 *c_time += (clock() - c_clock);
2032 MS_STATIC char sbuf[1024*8];
2034 clock_t s_clock = clock();
2036 memset(sbuf, 0, sizeof(sbuf));
2039 if (SSL_in_init(s_ssl))
2040 printf("server waiting in SSL_accept - %s\n",
2041 SSL_state_string_long(s_ssl));
2045 /* Write to client. */
2047 if (sw_num > (long)sizeof sbuf)
2051 r = BIO_write(s_ssl_bio, sbuf, i);
2054 if (!BIO_should_retry(s_ssl_bio))
2056 fprintf(stderr,"ERROR in SERVER\n");
2059 /* Ignore "BIO_should_retry". */
2063 fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2069 printf("server wrote %d\n", r);
2076 /* Read from client. */
2078 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2081 if (!BIO_should_retry(s_ssl_bio))
2083 fprintf(stderr,"ERROR in SERVER\n");
2090 fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2096 printf("server read %d\n", r);
2101 *s_time += (clock() - s_clock);
2105 /* "I/O" BETWEEN CLIENT AND SERVER. */
2108 BIO *io1 = server_io, *io2 = client_io;
2109 /* we use the non-copying interface for io1
2110 * and the standard BIO_write/BIO_read interface for io2
2113 static int prev_progress = 1;
2122 r1 = BIO_ctrl_pending(io1);
2123 r2 = BIO_ctrl_get_write_guarantee(io2);
2132 if (INT_MAX < num) /* yeah, right */
2135 r = BIO_nread(io1, &dataptr, (int)num);
2137 assert(r <= (int)num);
2138 /* possibly r < num (non-contiguous data) */
2140 r = BIO_write(io2, dataptr, (int)num);
2141 if (r != (int)num) /* can't happen */
2143 fprintf(stderr, "ERROR: BIO_write could not write "
2144 "BIO_ctrl_get_write_guarantee() bytes");
2150 printf((io1 == client_io) ?
2151 "C->S relaying: %d bytes\n" :
2152 "S->C relaying: %d bytes\n",
2163 r1 = BIO_ctrl_pending(io2);
2164 r2 = BIO_ctrl_get_read_request(io1);
2165 /* here we could use ..._get_write_guarantee instead of
2166 * ..._get_read_request, but by using the latter
2167 * we test restartability of the SSL implementation
2168 * more thoroughly */
2180 --num; /* test restartability even more thoroughly */
2182 r = BIO_nwrite0(io1, &dataptr);
2186 r = BIO_read(io2, dataptr, (int)num);
2187 if (r != (int)num) /* can't happen */
2189 fprintf(stderr, "ERROR: BIO_read could not read "
2190 "BIO_ctrl_pending() bytes");
2194 r = BIO_nwrite(io1, &dataptr, (int)num);
2195 if (r != (int)num) /* can't happen */
2197 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2198 "BIO_nwrite0() bytes");
2203 printf((io2 == client_io) ?
2204 "C->S relaying: %d bytes\n" :
2205 "S->C relaying: %d bytes\n",
2208 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
2210 if (!progress && !prev_progress)
2211 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
2213 fprintf(stderr, "ERROR: got stuck\n");
2214 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
2216 fprintf(stderr, "This can happen for SSL2 because "
2217 "CLIENT-FINISHED and SERVER-VERIFY are written \n"
2218 "concurrently ...");
2219 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
2220 && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
2222 fprintf(stderr, " ok.\n");
2226 fprintf(stderr, " ERROR.\n");
2229 prev_progress = progress;
2232 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2235 print_details(c_ssl, "DONE via BIO pair: ");
2237 if (verify_serverinfo() < 0)
2242 if (verify_alpn(c_ssl, s_ssl) < 0)
2248 if (custom_ext_error)
2258 ERR_print_errors(bio_err);
2263 BIO_free(server_io);
2267 BIO_free(client_io);
2269 BIO_free(s_ssl_bio);
2271 BIO_free(c_ssl_bio);
2282 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2284 MS_STATIC char cbuf[1024*8],sbuf[1024*8];
2285 long cw_num=count,cr_num=count;
2286 long sw_num=count,sr_num=count;
2292 int c_r,c_w,s_r,s_w;
2295 int c_write,s_write;
2296 int do_server=0,do_client=0;
2298 memset(cbuf,0,sizeof(cbuf));
2299 memset(sbuf,0,sizeof(sbuf));
2301 c_to_s=BIO_new(BIO_s_mem());
2302 s_to_c=BIO_new(BIO_s_mem());
2303 if ((s_to_c == NULL) || (c_to_s == NULL))
2305 ERR_print_errors(bio_err);
2309 c_bio=BIO_new(BIO_f_ssl());
2310 s_bio=BIO_new(BIO_f_ssl());
2311 if ((c_bio == NULL) || (s_bio == NULL))
2313 ERR_print_errors(bio_err);
2317 SSL_set_connect_state(c_ssl);
2318 SSL_set_bio(c_ssl,s_to_c,c_to_s);
2319 BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
2321 SSL_set_accept_state(s_ssl);
2322 SSL_set_bio(s_ssl,c_to_s,s_to_c);
2323 BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
2327 c_write=1,s_write=0;
2329 /* We can always do writes */
2335 i=(int)BIO_pending(s_bio);
2336 if ((i && s_r) || s_w) do_server=1;
2338 i=(int)BIO_pending(c_bio);
2339 if ((i && c_r) || c_w) do_client=1;
2341 if (do_server && debug)
2343 if (SSL_in_init(s_ssl))
2344 printf("server waiting in SSL_accept - %s\n",
2345 SSL_state_string_long(s_ssl));
2346 /* else if (s_write)
2347 printf("server:SSL_write()\n");
2349 printf("server:SSL_read()\n"); */
2352 if (do_client && debug)
2354 if (SSL_in_init(c_ssl))
2355 printf("client waiting in SSL_connect - %s\n",
2356 SSL_state_string_long(c_ssl));
2357 /* else if (c_write)
2358 printf("client:SSL_write()\n");
2360 printf("client:SSL_read()\n"); */
2363 if (!do_client && !do_server)
2365 fprintf(stdout,"ERROR IN STARTUP\n");
2366 ERR_print_errors(bio_err);
2369 if (do_client && !(done & C_DONE))
2373 j = (cw_num > (long)sizeof(cbuf)) ?
2374 (int)sizeof(cbuf) : (int)cw_num;
2375 i=BIO_write(c_bio,cbuf,j);
2380 if (BIO_should_retry(c_bio))
2382 if (BIO_should_read(c_bio))
2384 if (BIO_should_write(c_bio))
2389 fprintf(stderr,"ERROR in CLIENT\n");
2390 ERR_print_errors(bio_err);
2396 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2402 printf("client wrote %d\n",i);
2411 i=BIO_read(c_bio,cbuf,sizeof(cbuf));
2416 if (BIO_should_retry(c_bio))
2418 if (BIO_should_read(c_bio))
2420 if (BIO_should_write(c_bio))
2425 fprintf(stderr,"ERROR in CLIENT\n");
2426 ERR_print_errors(bio_err);
2432 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2438 printf("client read %d\n",i);
2455 if (do_server && !(done & S_DONE))
2459 i=BIO_read(s_bio,sbuf,sizeof(cbuf));
2464 if (BIO_should_retry(s_bio))
2466 if (BIO_should_read(s_bio))
2468 if (BIO_should_write(s_bio))
2473 fprintf(stderr,"ERROR in SERVER\n");
2474 ERR_print_errors(bio_err);
2480 ERR_print_errors(bio_err);
2481 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
2487 printf("server read %d\n",i);
2504 j = (sw_num > (long)sizeof(sbuf)) ?
2505 (int)sizeof(sbuf) : (int)sw_num;
2506 i=BIO_write(s_bio,sbuf,j);
2511 if (BIO_should_retry(s_bio))
2513 if (BIO_should_read(s_bio))
2515 if (BIO_should_write(s_bio))
2520 fprintf(stderr,"ERROR in SERVER\n");
2521 ERR_print_errors(bio_err);
2527 ERR_print_errors(bio_err);
2528 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
2534 printf("server wrote %d\n",i);
2544 if ((done & S_DONE) && (done & C_DONE)) break;
2548 print_details(c_ssl, "DONE: ");
2549 if (suppdata_error < 0)
2554 if (verify_serverinfo() < 0)
2559 if (custom_ext_error)
2566 /* We have to set the BIO's to NULL otherwise they will be
2567 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and
2568 * again when c_ssl is SSL_free()ed.
2569 * This is a hack required because s_ssl and c_ssl are sharing the same
2570 * BIO structure and SSL_set_bio() and SSL_free() automatically
2571 * BIO_free non NULL entries.
2572 * You should not normally do this or be required to do this */
2584 if (c_to_s != NULL) BIO_free(c_to_s);
2585 if (s_to_c != NULL) BIO_free(s_to_c);
2586 if (c_bio != NULL) BIO_free_all(c_bio);
2587 if (s_bio != NULL) BIO_free_all(s_bio);
2591 static int get_proxy_auth_ex_data_idx(void)
2593 static volatile int idx = -1;
2596 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2599 idx = X509_STORE_CTX_get_ex_new_index(0,
2600 "SSLtest for verify callback", NULL,NULL,NULL);
2602 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2607 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2611 s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
2616 fprintf(stderr,"depth=%d %s\n",
2617 ctx->error_depth,buf);
2620 fprintf(stderr,"depth=%d error=%d %s\n",
2621 ctx->error_depth,ctx->error,buf);
2627 fprintf(stderr,"Error string: %s\n",
2628 X509_verify_cert_error_string(ctx->error));
2631 case X509_V_ERR_CERT_NOT_YET_VALID:
2632 case X509_V_ERR_CERT_HAS_EXPIRED:
2633 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2634 fprintf(stderr," ... ignored.\n");
2641 X509 *xs = ctx->current_cert;
2643 X509 *xi = ctx->current_issuer;
2646 if (xs->ex_flags & EXFLAG_PROXY)
2648 unsigned int *letters =
2649 X509_STORE_CTX_get_ex_data(ctx,
2650 get_proxy_auth_ex_data_idx());
2656 PROXY_CERT_INFO_EXTENSION *pci =
2657 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2660 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
2662 case NID_Independent:
2663 /* Completely meaningless in this
2664 program, as there's no way to
2665 grant explicit rights to a
2666 specific PrC. Basically, using
2667 id-ppl-Independent is the perfect
2668 way to grant no rights at all. */
2669 fprintf(stderr, " Independent proxy certificate");
2670 for (i = 0; i < 26; i++)
2673 case NID_id_ppl_inheritAll:
2674 /* This is basically a NOP, we
2675 simply let the current rights
2676 stand as they are. */
2677 fprintf(stderr, " Proxy certificate inherits all");
2681 pci->proxyPolicy->policy->data;
2682 i = pci->proxyPolicy->policy->length;
2684 /* The algorithm works as follows:
2685 it is assumed that previous
2686 iterations or the initial granted
2687 rights has already set some elements
2688 of `letters'. What we need to do is
2689 to clear those that weren't granted
2690 by the current PrC as well. The
2691 easiest way to do this is to add 1
2692 to all the elements whose letters
2693 are given with the current policy.
2694 That way, all elements that are set
2695 by the current policy and were
2696 already set by earlier policies and
2697 through the original grant of rights
2698 will get the value 2 or higher.
2699 The last thing to do is to sweep
2700 through `letters' and keep the
2701 elements having the value 2 as set,
2702 and clear all the others. */
2704 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
2708 if (isascii(c) && isalpha(c))
2715 for (i = 0; i < 26; i++)
2724 ", resulting proxy rights = ");
2725 for(i = 0; i < 26; i++)
2728 fprintf(stderr, "%c", i + 'A');
2732 fprintf(stderr, "none");
2733 fprintf(stderr, "\n");
2735 PROXY_CERT_INFO_EXTENSION_free(pci);
2743 static void process_proxy_debug(int indent, const char *format, ...)
2745 static const char indentation[] =
2746 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2747 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
2748 char my_format[256];
2751 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2752 indent, indent, indentation, format);
2754 va_start(args, format);
2755 vfprintf(stderr, my_format, args);
2763 static int process_proxy_cond_adders(unsigned int letters[26],
2764 const char *cond, const char **cond_end, int *pos, int indent);
2765 static int process_proxy_cond_val(unsigned int letters[26],
2766 const char *cond, const char **cond_end, int *pos, int indent)
2772 while(isspace((int)*cond))
2779 process_proxy_debug(indent,
2780 "Start process_proxy_cond_val at position %d: %s\n",
2787 while(isspace((int)*cond))
2797 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2802 while(isspace((int)*cond))
2810 "Weird condition character in position %d: "
2817 else if (isascii(c) && isalpha(c))
2821 ok = letters[c - 'A'];
2827 "Weird condition character in position %d: "
2834 if (ok >= 0 && negate)
2838 process_proxy_debug(indent,
2839 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2844 static int process_proxy_cond_multipliers(unsigned int letters[26],
2845 const char *cond, const char **cond_end, int *pos, int indent)
2851 process_proxy_debug(indent,
2852 "Start process_proxy_cond_multipliers at position %d: %s\n",
2855 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2862 while(isspace((int)*cond))
2876 ok = process_proxy_cond_val(letters,
2877 cond, cond_end, pos, indent + 1);
2891 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2903 process_proxy_debug(indent,
2904 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2910 static int process_proxy_cond_adders(unsigned int letters[26],
2911 const char *cond, const char **cond_end, int *pos, int indent)
2917 process_proxy_debug(indent,
2918 "Start process_proxy_cond_adders at position %d: %s\n",
2921 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2929 while(isspace((int)*cond))
2942 ok = process_proxy_cond_multipliers(letters,
2943 cond, cond_end, pos, indent + 1);
2954 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2966 process_proxy_debug(indent,
2967 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2974 static int process_proxy_cond(unsigned int letters[26],
2975 const char *cond, const char **cond_end)
2978 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2981 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2984 struct app_verify_arg *cb_arg = arg;
2985 unsigned int letters[26]; /* only used with proxy_auth */
2987 if (cb_arg->app_verify)
2989 char *s = NULL,buf[256];
2991 fprintf(stderr, "In app_verify_callback, allowing cert. ");
2992 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
2993 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2994 (void *)ctx, (void *)ctx->cert);
2996 s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
2999 fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
3003 if (cb_arg->proxy_auth)
3005 int found_any = 0, i;
3008 for(i = 0; i < 26; i++)
3010 for(sp = cb_arg->proxy_auth; *sp; sp++)
3013 if (isascii(c) && isalpha(c))
3017 letters[c - 'A'] = 1;
3022 " Initial proxy rights = ");
3023 for(i = 0; i < 26; i++)
3026 fprintf(stderr, "%c", i + 'A');
3030 fprintf(stderr, "none");
3031 fprintf(stderr, "\n");
3033 X509_STORE_CTX_set_ex_data(ctx,
3034 get_proxy_auth_ex_data_idx(),letters);
3036 if (cb_arg->allow_proxy_certs)
3038 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
3041 #ifndef OPENSSL_NO_X509_VERIFY
3042 ok = X509_verify_cert(ctx);
3045 if (cb_arg->proxy_auth)
3049 const char *cond_end = NULL;
3051 ok = process_proxy_cond(letters,
3052 cb_arg->proxy_cond, &cond_end);
3058 fprintf(stderr, "Stopped processing condition before it's end.\n");
3062 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
3063 cb_arg->proxy_cond);
3065 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
3066 cb_arg->proxy_cond);
3072 #ifndef OPENSSL_NO_RSA
3073 static RSA *rsa_tmp=NULL;
3075 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
3078 if (rsa_tmp == NULL)
3081 rsa_tmp = RSA_new();
3082 if(!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4))
3084 BIO_printf(bio_err, "Memory error...");
3087 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
3088 (void)BIO_flush(bio_err);
3089 if(!RSA_generate_key_ex(rsa_tmp,keylength,bn,NULL))
3091 BIO_printf(bio_err, "Error generating key.");
3096 BIO_printf(bio_err,"\n");
3097 (void)BIO_flush(bio_err);
3103 static void free_tmp_rsa(void)
3105 if (rsa_tmp != NULL)
3113 #ifndef OPENSSL_NO_DH
3114 /* These DH parameters have been generated as follows:
3115 * $ openssl dhparam -C -noout 512
3116 * $ openssl dhparam -C -noout 1024
3117 * $ openssl dhparam -C -noout -dsaparam 1024
3118 * (The third function has been renamed to avoid name conflicts.)
3120 static DH *get_dh512()
3122 static unsigned char dh512_p[]={
3123 0xCB,0xC8,0xE1,0x86,0xD0,0x1F,0x94,0x17,0xA6,0x99,0xF0,0xC6,
3124 0x1F,0x0D,0xAC,0xB6,0x25,0x3E,0x06,0x39,0xCA,0x72,0x04,0xB0,
3125 0x6E,0xDA,0xC0,0x61,0xE6,0x7A,0x77,0x25,0xE8,0x3B,0xB9,0x5F,
3126 0x9A,0xB6,0xB5,0xFE,0x99,0x0B,0xA1,0x93,0x4E,0x35,0x33,0xB8,
3127 0xE1,0xF1,0x13,0x4F,0x59,0x1A,0xD2,0x57,0xC0,0x26,0x21,0x33,
3128 0x02,0xC5,0xAE,0x23,
3130 static unsigned char dh512_g[]={
3135 if ((dh=DH_new()) == NULL) return(NULL);
3136 dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
3137 dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
3138 if ((dh->p == NULL) || (dh->g == NULL))
3139 { DH_free(dh); return(NULL); }
3143 static DH *get_dh1024()
3145 static unsigned char dh1024_p[]={
3146 0xF8,0x81,0x89,0x7D,0x14,0x24,0xC5,0xD1,0xE6,0xF7,0xBF,0x3A,
3147 0xE4,0x90,0xF4,0xFC,0x73,0xFB,0x34,0xB5,0xFA,0x4C,0x56,0xA2,
3148 0xEA,0xA7,0xE9,0xC0,0xC0,0xCE,0x89,0xE1,0xFA,0x63,0x3F,0xB0,
3149 0x6B,0x32,0x66,0xF1,0xD1,0x7B,0xB0,0x00,0x8F,0xCA,0x87,0xC2,
3150 0xAE,0x98,0x89,0x26,0x17,0xC2,0x05,0xD2,0xEC,0x08,0xD0,0x8C,
3151 0xFF,0x17,0x52,0x8C,0xC5,0x07,0x93,0x03,0xB1,0xF6,0x2F,0xB8,
3152 0x1C,0x52,0x47,0x27,0x1B,0xDB,0xD1,0x8D,0x9D,0x69,0x1D,0x52,
3153 0x4B,0x32,0x81,0xAA,0x7F,0x00,0xC8,0xDC,0xE6,0xD9,0xCC,0xC1,
3154 0x11,0x2D,0x37,0x34,0x6C,0xEA,0x02,0x97,0x4B,0x0E,0xBB,0xB1,
3155 0x71,0x33,0x09,0x15,0xFD,0xDD,0x23,0x87,0x07,0x5E,0x89,0xAB,
3156 0x6B,0x7C,0x5F,0xEC,0xA6,0x24,0xDC,0x53,
3158 static unsigned char dh1024_g[]={
3163 if ((dh=DH_new()) == NULL) return(NULL);
3164 dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
3165 dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
3166 if ((dh->p == NULL) || (dh->g == NULL))
3167 { DH_free(dh); return(NULL); }
3171 static DH *get_dh1024dsa()
3173 static unsigned char dh1024_p[]={
3174 0xC8,0x00,0xF7,0x08,0x07,0x89,0x4D,0x90,0x53,0xF3,0xD5,0x00,
3175 0x21,0x1B,0xF7,0x31,0xA6,0xA2,0xDA,0x23,0x9A,0xC7,0x87,0x19,
3176 0x3B,0x47,0xB6,0x8C,0x04,0x6F,0xFF,0xC6,0x9B,0xB8,0x65,0xD2,
3177 0xC2,0x5F,0x31,0x83,0x4A,0xA7,0x5F,0x2F,0x88,0x38,0xB6,0x55,
3178 0xCF,0xD9,0x87,0x6D,0x6F,0x9F,0xDA,0xAC,0xA6,0x48,0xAF,0xFC,
3179 0x33,0x84,0x37,0x5B,0x82,0x4A,0x31,0x5D,0xE7,0xBD,0x52,0x97,
3180 0xA1,0x77,0xBF,0x10,0x9E,0x37,0xEA,0x64,0xFA,0xCA,0x28,0x8D,
3181 0x9D,0x3B,0xD2,0x6E,0x09,0x5C,0x68,0xC7,0x45,0x90,0xFD,0xBB,
3182 0x70,0xC9,0x3A,0xBB,0xDF,0xD4,0x21,0x0F,0xC4,0x6A,0x3C,0xF6,
3183 0x61,0xCF,0x3F,0xD6,0x13,0xF1,0x5F,0xBC,0xCF,0xBC,0x26,0x9E,
3184 0xBC,0x0B,0xBD,0xAB,0x5D,0xC9,0x54,0x39,
3186 static unsigned char dh1024_g[]={
3187 0x3B,0x40,0x86,0xE7,0xF3,0x6C,0xDE,0x67,0x1C,0xCC,0x80,0x05,
3188 0x5A,0xDF,0xFE,0xBD,0x20,0x27,0x74,0x6C,0x24,0xC9,0x03,0xF3,
3189 0xE1,0x8D,0xC3,0x7D,0x98,0x27,0x40,0x08,0xB8,0x8C,0x6A,0xE9,
3190 0xBB,0x1A,0x3A,0xD6,0x86,0x83,0x5E,0x72,0x41,0xCE,0x85,0x3C,
3191 0xD2,0xB3,0xFC,0x13,0xCE,0x37,0x81,0x9E,0x4C,0x1C,0x7B,0x65,
3192 0xD3,0xE6,0xA6,0x00,0xF5,0x5A,0x95,0x43,0x5E,0x81,0xCF,0x60,
3193 0xA2,0x23,0xFC,0x36,0xA7,0x5D,0x7A,0x4C,0x06,0x91,0x6E,0xF6,
3194 0x57,0xEE,0x36,0xCB,0x06,0xEA,0xF5,0x3D,0x95,0x49,0xCB,0xA7,
3195 0xDD,0x81,0xDF,0x80,0x09,0x4A,0x97,0x4D,0xA8,0x22,0x72,0xA1,
3196 0x7F,0xC4,0x70,0x56,0x70,0xE8,0x20,0x10,0x18,0x8F,0x2E,0x60,
3197 0x07,0xE7,0x68,0x1A,0x82,0x5D,0x32,0xA2,
3201 if ((dh=DH_new()) == NULL) return(NULL);
3202 dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
3203 dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
3204 if ((dh->p == NULL) || (dh->g == NULL))
3205 { DH_free(dh); return(NULL); }
3211 #ifndef OPENSSL_NO_PSK
3212 /* convert the PSK key (psk_key) in ascii to binary (psk) */
3213 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3214 unsigned int max_psk_len)
3219 ret = BN_hex2bn(&bn, pskkey);
3222 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", pskkey);
3227 if (BN_num_bytes(bn) > (int)max_psk_len)
3229 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
3230 max_psk_len, BN_num_bytes(bn));
3234 ret = BN_bn2bin(bn, psk);
3239 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
3240 unsigned int max_identity_len, unsigned char *psk,
3241 unsigned int max_psk_len)
3244 unsigned int psk_len = 0;
3246 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3250 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, ret);
3251 ret = psk_key2bn(psk_key, psk, max_psk_len);
3259 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3260 unsigned char *psk, unsigned int max_psk_len)
3262 unsigned int psk_len=0;
3264 if (strcmp(identity, "Client_identity") != 0)
3266 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3269 psk_len=psk_key2bn(psk_key, psk, max_psk_len);
3274 static int do_test_cipherlist(void)
3277 const SSL_METHOD *meth;
3278 const SSL_CIPHER *ci, *tci = NULL;
3280 #ifndef OPENSSL_NO_SSL2
3281 fprintf(stderr, "testing SSLv2 cipher list order: ");
3282 meth = SSLv2_method();
3283 while ((ci = meth->get_cipher(i++)) != NULL)
3286 if (ci->id >= tci->id)
3288 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3293 fprintf(stderr, "ok\n");
3295 #ifndef OPENSSL_NO_SSL3
3296 fprintf(stderr, "testing SSLv3 cipher list order: ");
3297 meth = SSLv3_method();
3299 while ((ci = meth->get_cipher(i++)) != NULL)
3302 if (ci->id >= tci->id)
3304 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3309 fprintf(stderr, "ok\n");
3311 #ifndef OPENSSL_NO_TLS1
3312 fprintf(stderr, "testing TLSv1 cipher list order: ");
3313 meth = TLSv1_method();
3315 while ((ci = meth->get_cipher(i++)) != NULL)
3318 if (ci->id >= tci->id)
3320 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3325 fprintf(stderr, "ok\n");