1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
57 /* ====================================================================
58 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 * Redistribution and use in source and binary forms, with or without
61 * modification, are permitted provided that the following conditions
64 * 1. Redistributions of source code must retain the above copyright
65 * notice, this list of conditions and the following disclaimer.
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in
69 * the documentation and/or other materials provided with the
72 * 3. All advertising materials mentioning features or use of this
73 * software must display the following acknowledgment:
74 * "This product includes software developed by the OpenSSL Project
75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78 * endorse or promote products derived from this software without
79 * prior written permission. For written permission, please contact
80 * openssl-core@openssl.org.
82 * 5. Products derived from this software may not be called "OpenSSL"
83 * nor may "OpenSSL" appear in their names without prior written
84 * permission of the OpenSSL Project.
86 * 6. Redistributions of any form whatsoever must retain the following
88 * "This product includes software developed by the OpenSSL Project
89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102 * OF THE POSSIBILITY OF SUCH DAMAGE.
103 * ====================================================================
105 * This product includes cryptographic software written by Eric Young
106 * (eay@cryptsoft.com). This product includes software written by Tim
107 * Hudson (tjh@cryptsoft.com).
110 /* ====================================================================
111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112 * ECC cipher suite support in OpenSSL originally developed by
113 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 /* ====================================================================
116 * Copyright 2005 Nokia. All rights reserved.
118 * The portions of the attached software ("Contribution") is developed by
119 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
122 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124 * support (see RFC 4279) to OpenSSL.
126 * No patent licenses or other rights except those expressly stated in
127 * the OpenSSL open source license shall be deemed granted or received
128 * expressly, by implication, estoppel, or otherwise.
130 * No assurances are provided by Nokia that the Contribution does not
131 * infringe the patent or other intellectual property rights of any third
132 * party or that the license provides you with all the necessary rights
133 * to make use of the Contribution.
135 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
142 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
143 #define _BSD_SOURCE 1
144 #define _DEFAULT_SOURCE 1
157 #ifdef OPENSSL_SYS_VMS
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
161 # define _XOPEN_SOURCE 500
166 #include <openssl/bio.h>
167 #include <openssl/crypto.h>
168 #include <openssl/evp.h>
169 #include <openssl/x509.h>
170 #include <openssl/x509v3.h>
171 #include <openssl/ssl.h>
172 #ifndef OPENSSL_NO_ENGINE
173 # include <openssl/engine.h>
175 #include <openssl/err.h>
176 #include <openssl/rand.h>
177 #ifndef OPENSSL_NO_RSA
178 # include <openssl/rsa.h>
180 #ifndef OPENSSL_NO_DSA
181 # include <openssl/dsa.h>
183 #ifndef OPENSSL_NO_DH
184 # include <openssl/dh.h>
186 #ifndef OPENSSL_NO_SRP
187 # include <openssl/srp.h>
189 #include <openssl/bn.h>
191 #include "../ssl/ssl_locl.h"
194 * Or gethostname won't be declared properly
195 * on Compaq platforms (at least with DEC C).
196 * Do not try to put it earlier, or IPv6 includes
199 #define _XOPEN_SOURCE_EXTENDED 1
201 #ifdef OPENSSL_SYS_WINDOWS
202 # include <winsock.h>
204 # include OPENSSL_UNISTD
208 * There is really no standard for this, so let's assign something
213 static int verify_callback(int ok, X509_STORE_CTX *ctx);
214 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
215 #define APP_CALLBACK_STRING "Test Callback Argument"
216 struct app_verify_arg {
219 int allow_proxy_certs;
224 #ifndef OPENSSL_NO_DH
225 static DH *get_dh512(void);
226 static DH *get_dh1024(void);
227 static DH *get_dh1024dsa(void);
230 static char *psk_key = NULL; /* by default PSK is not used */
231 #ifndef OPENSSL_NO_PSK
232 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
234 unsigned int max_identity_len,
236 unsigned int max_psk_len);
237 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
239 unsigned int max_psk_len);
242 #ifndef OPENSSL_NO_SRP
244 /* This is a context that we pass to all callbacks */
245 typedef struct srp_client_arg_st {
250 # define PWD_STRLEN 1024
252 static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
254 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
255 return OPENSSL_strdup((char *)srp_client_arg->srppassin);
259 /* This is a context that we pass to SRP server callbacks */
260 typedef struct srp_server_arg_st {
265 static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
267 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
269 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
270 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
271 return SSL3_AL_FATAL;
273 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
274 *ad = SSL_AD_INTERNAL_ERROR;
275 return SSL3_AL_FATAL;
277 return SSL_ERROR_NONE;
281 static BIO *bio_err = NULL;
282 static BIO *bio_stdout = NULL;
284 #ifndef OPENSSL_NO_NEXTPROTONEG
285 /* Note that this code assumes that this is only a one element list: */
286 static const char NEXT_PROTO_STRING[] = "\x09testproto";
287 static int npn_client = 0;
288 static int npn_server = 0;
289 static int npn_server_reject = 0;
291 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
292 const unsigned char *in, unsigned int inlen,
296 * This callback only returns the protocol string, rather than a length
297 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
298 * and remove the first byte to chop off the length prefix.
300 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
301 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
302 return SSL_TLSEXT_ERR_OK;
305 static int cb_server_npn(SSL *s, const unsigned char **data,
306 unsigned int *len, void *arg)
308 *data = (const unsigned char *)NEXT_PROTO_STRING;
309 *len = sizeof(NEXT_PROTO_STRING) - 1;
310 return SSL_TLSEXT_ERR_OK;
313 static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
314 unsigned int *len, void *arg)
316 return SSL_TLSEXT_ERR_NOACK;
319 static int verify_npn(SSL *client, SSL *server)
321 const unsigned char *client_s;
323 const unsigned char *server_s;
326 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
327 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
330 BIO_printf(bio_stdout, "Client NPN: ");
331 BIO_write(bio_stdout, client_s, client_len);
332 BIO_printf(bio_stdout, "\n");
336 BIO_printf(bio_stdout, "Server NPN: ");
337 BIO_write(bio_stdout, server_s, server_len);
338 BIO_printf(bio_stdout, "\n");
342 * If an NPN string was returned, it must be the protocol that we
343 * expected to negotiate.
345 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
346 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
348 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
349 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
352 if (!npn_client && client_len)
354 if (!npn_server && server_len)
356 if (npn_server_reject && server_len)
358 if (npn_client && npn_server && (!client_len || !server_len))
365 static const char *alpn_client;
366 static const char *alpn_server;
367 static const char *alpn_expected;
368 static unsigned char *alpn_selected;
369 static const char *server_min_proto;
370 static const char *server_max_proto;
371 static const char *client_min_proto;
372 static const char *client_max_proto;
373 static const char *should_negotiate;
376 * next_protos_parse parses a comma separated list of strings into a string
377 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
378 * outlen: (output) set to the length of the resulting buffer on success.
379 * err: (maybe NULL) on failure, an error message line is written to this BIO.
380 * in: a NUL terminated string like "abc,def,ghi"
382 * returns: a malloced buffer or NULL on failure.
384 static unsigned char *next_protos_parse(unsigned short *outlen,
395 out = OPENSSL_malloc(strlen(in) + 1);
399 for (i = 0; i <= len; ++i) {
400 if (i == len || in[i] == ',') {
401 if (i - start > 255) {
405 out[start] = i - start;
415 static int cb_server_alpn(SSL *s, const unsigned char **out,
416 unsigned char *outlen, const unsigned char *in,
417 unsigned int inlen, void *arg)
419 unsigned char *protos;
420 unsigned short protos_len;
422 protos = next_protos_parse(&protos_len, alpn_server);
423 if (protos == NULL) {
424 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
429 if (SSL_select_next_proto
430 ((unsigned char **)out, outlen, protos, protos_len, in,
431 inlen) != OPENSSL_NPN_NEGOTIATED) {
432 OPENSSL_free(protos);
433 return SSL_TLSEXT_ERR_NOACK;
437 * Make a copy of the selected protocol which will be freed in
440 alpn_selected = OPENSSL_malloc(*outlen);
441 memcpy(alpn_selected, *out, *outlen);
442 *out = alpn_selected;
444 OPENSSL_free(protos);
445 return SSL_TLSEXT_ERR_OK;
448 static int verify_alpn(SSL *client, SSL *server)
450 const unsigned char *client_proto, *server_proto;
451 unsigned int client_proto_len = 0, server_proto_len = 0;
452 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
453 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
455 OPENSSL_free(alpn_selected);
456 alpn_selected = NULL;
458 if (client_proto_len != server_proto_len) {
459 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
463 if (client_proto != NULL &&
464 memcmp(client_proto, server_proto, client_proto_len) != 0) {
465 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
469 if (client_proto_len > 0 && alpn_expected == NULL) {
470 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
474 if (alpn_expected != NULL &&
475 (client_proto_len != strlen(alpn_expected) ||
476 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
477 BIO_printf(bio_stdout,
478 "ALPN selected protocols not equal to expected protocol: %s\n",
486 BIO_printf(bio_stdout, "ALPN results: client: '");
487 BIO_write(bio_stdout, client_proto, client_proto_len);
488 BIO_printf(bio_stdout, "', server: '");
489 BIO_write(bio_stdout, server_proto, server_proto_len);
490 BIO_printf(bio_stdout, "'\n");
491 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
492 alpn_client, alpn_server);
496 #define SCT_EXT_TYPE 18
499 * WARNING : below extension types are *NOT* IETF assigned, and could
500 * conflict if these types are reassigned and handled specially by OpenSSL
503 #define TACK_EXT_TYPE 62208
504 #define CUSTOM_EXT_TYPE_0 1000
505 #define CUSTOM_EXT_TYPE_1 1001
506 #define CUSTOM_EXT_TYPE_2 1002
507 #define CUSTOM_EXT_TYPE_3 1003
509 static const char custom_ext_cli_string[] = "abc";
510 static const char custom_ext_srv_string[] = "defg";
512 /* These set from cmdline */
513 static char *serverinfo_file = NULL;
514 static int serverinfo_sct = 0;
515 static int serverinfo_tack = 0;
517 /* These set based on extension callbacks */
518 static int serverinfo_sct_seen = 0;
519 static int serverinfo_tack_seen = 0;
520 static int serverinfo_other_seen = 0;
522 /* This set from cmdline */
523 static int custom_ext = 0;
525 /* This set based on extension callbacks */
526 static int custom_ext_error = 0;
528 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
529 const unsigned char *in, size_t inlen,
532 if (ext_type == SCT_EXT_TYPE)
533 serverinfo_sct_seen++;
534 else if (ext_type == TACK_EXT_TYPE)
535 serverinfo_tack_seen++;
537 serverinfo_other_seen++;
541 static int verify_serverinfo()
543 if (serverinfo_sct != serverinfo_sct_seen)
545 if (serverinfo_tack != serverinfo_tack_seen)
547 if (serverinfo_other_seen)
553 * Four test cases for custom extensions:
554 * 0 - no ClientHello extension or ServerHello response
555 * 1 - ClientHello with "abc", no response
556 * 2 - ClientHello with "abc", empty response
557 * 3 - ClientHello with "abc", "defg" response
560 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
561 const unsigned char **out,
562 size_t *outlen, int *al, void *arg)
564 if (ext_type != CUSTOM_EXT_TYPE_0)
565 custom_ext_error = 1;
566 return 0; /* Don't send an extension */
569 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
570 const unsigned char *in,
571 size_t inlen, int *al, void *arg)
576 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
577 const unsigned char **out,
578 size_t *outlen, int *al, void *arg)
580 if (ext_type != CUSTOM_EXT_TYPE_1)
581 custom_ext_error = 1;
582 *out = (const unsigned char *)custom_ext_cli_string;
583 *outlen = strlen(custom_ext_cli_string);
584 return 1; /* Send "abc" */
587 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
588 const unsigned char *in,
589 size_t inlen, int *al, void *arg)
594 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
595 const unsigned char **out,
596 size_t *outlen, int *al, void *arg)
598 if (ext_type != CUSTOM_EXT_TYPE_2)
599 custom_ext_error = 1;
600 *out = (const unsigned char *)custom_ext_cli_string;
601 *outlen = strlen(custom_ext_cli_string);
602 return 1; /* Send "abc" */
605 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
606 const unsigned char *in,
607 size_t inlen, int *al, void *arg)
609 if (ext_type != CUSTOM_EXT_TYPE_2)
610 custom_ext_error = 1;
612 custom_ext_error = 1; /* Should be empty response */
616 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
617 const unsigned char **out,
618 size_t *outlen, int *al, void *arg)
620 if (ext_type != CUSTOM_EXT_TYPE_3)
621 custom_ext_error = 1;
622 *out = (const unsigned char *)custom_ext_cli_string;
623 *outlen = strlen(custom_ext_cli_string);
624 return 1; /* Send "abc" */
627 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
628 const unsigned char *in,
629 size_t inlen, int *al, void *arg)
631 if (ext_type != CUSTOM_EXT_TYPE_3)
632 custom_ext_error = 1;
633 if (inlen != strlen(custom_ext_srv_string))
634 custom_ext_error = 1;
635 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
636 custom_ext_error = 1; /* Check for "defg" */
641 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
644 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
645 const unsigned char *in,
646 size_t inlen, int *al, void *arg)
648 custom_ext_error = 1;
652 /* 'add' callbacks are only called if the 'parse' callback is called */
653 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
654 const unsigned char **out,
655 size_t *outlen, int *al, void *arg)
657 /* Error: should not have been called */
658 custom_ext_error = 1;
659 return 0; /* Don't send an extension */
662 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
663 const unsigned char *in,
664 size_t inlen, int *al, void *arg)
666 if (ext_type != CUSTOM_EXT_TYPE_1)
667 custom_ext_error = 1;
668 /* Check for "abc" */
669 if (inlen != strlen(custom_ext_cli_string))
670 custom_ext_error = 1;
671 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
672 custom_ext_error = 1;
676 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
677 const unsigned char **out,
678 size_t *outlen, int *al, void *arg)
680 return 0; /* Don't send an extension */
683 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
684 const unsigned char *in,
685 size_t inlen, int *al, void *arg)
687 if (ext_type != CUSTOM_EXT_TYPE_2)
688 custom_ext_error = 1;
689 /* Check for "abc" */
690 if (inlen != strlen(custom_ext_cli_string))
691 custom_ext_error = 1;
692 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
693 custom_ext_error = 1;
697 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
698 const unsigned char **out,
699 size_t *outlen, int *al, void *arg)
703 return 1; /* Send empty extension */
706 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
707 const unsigned char *in,
708 size_t inlen, int *al, void *arg)
710 if (ext_type != CUSTOM_EXT_TYPE_3)
711 custom_ext_error = 1;
712 /* Check for "abc" */
713 if (inlen != strlen(custom_ext_cli_string))
714 custom_ext_error = 1;
715 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
716 custom_ext_error = 1;
720 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
721 const unsigned char **out,
722 size_t *outlen, int *al, void *arg)
724 *out = (const unsigned char *)custom_ext_srv_string;
725 *outlen = strlen(custom_ext_srv_string);
726 return 1; /* Send "defg" */
729 static char *cipher = NULL;
730 static int verbose = 0;
731 static int debug = 0;
732 static const char rnd_seed[] =
733 "string to make the random number generator think it has entropy";
735 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family,
736 long bytes, clock_t *s_time, clock_t *c_time);
737 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
739 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
740 static int do_test_cipherlist(void);
742 static void sv_usage(void)
744 fprintf(stderr, "usage: ssltest [args ...]\n");
745 fprintf(stderr, "\n");
747 fprintf(stderr, "-F - run test in FIPS mode\n");
749 fprintf(stderr, " -server_auth - check server certificate\n");
750 fprintf(stderr, " -client_auth - do client authentication\n");
751 fprintf(stderr, " -proxy - allow proxy certificates\n");
752 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
754 " -proxy_cond <val> - expression to test proxy policy rights\n");
755 fprintf(stderr, " -v - more output\n");
756 fprintf(stderr, " -d - debug output\n");
757 fprintf(stderr, " -reuse - use session-id reuse\n");
758 fprintf(stderr, " -num <val> - number of connections to perform\n");
760 " -bytes <val> - number of bytes to swap between client/server\n");
761 #ifndef OPENSSL_NO_DH
763 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
765 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
767 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
768 fprintf(stderr, " -no_dhe - disable DHE\n");
770 #ifndef OPENSSL_NO_EC
771 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
773 #ifndef OPENSSL_NO_PSK
774 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
776 #ifndef OPENSSL_NO_SRP
777 fprintf(stderr, " -srpuser user - SRP username to use\n");
778 fprintf(stderr, " -srppass arg - password for 'user'\n");
780 #ifndef OPENSSL_NO_SSL3
781 fprintf(stderr, " -ssl3 - use SSLv3\n");
783 #ifndef OPENSSL_NO_TLS1
784 fprintf(stderr, " -tls1 - use TLSv1\n");
786 #ifndef OPENSSL_NO_DTLS
787 fprintf(stderr, " -dtls - use DTLS\n");
788 #ifndef OPENSSL_NO_DTLS1
789 fprintf(stderr, " -dtls1 - use DTLSv1\n");
791 #ifndef OPENSSL_NO_DTLS1_2
792 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
795 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
796 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
797 fprintf(stderr, " -cert arg - Server certificate file\n");
799 " -key arg - Server key file (default: same as -cert)\n");
800 fprintf(stderr, " -c_cert arg - Client certificate file\n");
802 " -c_key arg - Client key file (default: same as -c_cert)\n");
803 fprintf(stderr, " -cipher arg - The cipher list\n");
804 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
805 fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n");
806 fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n");
807 fprintf(stderr, " -f - Test even cases that can't work\n");
809 " -time - measure processor time used by client and server\n");
810 fprintf(stderr, " -zlib - use zlib compression\n");
811 #ifndef OPENSSL_NO_EC
813 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
814 " Use \"openssl ecparam -list_curves\" for all names\n"
815 " (default is sect163r2).\n");
818 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
819 " When this option is requested, the cipherlist\n"
820 " tests are run instead of handshake tests.\n");
821 #ifndef OPENSSL_NO_NEXTPROTONEG
822 fprintf(stderr, " -npn_client - have client side offer NPN\n");
823 fprintf(stderr, " -npn_server - have server side offer NPN\n");
824 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
826 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
827 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
829 " -serverinfo_tack - have client offer and expect TACK\n");
831 " -custom_ext - try various custom extension callbacks\n");
832 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
833 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
835 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
836 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n");
837 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n");
838 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n");
839 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n");
840 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n");
843 static void print_key_details(BIO *out, EVP_PKEY *key)
845 int keyid = EVP_PKEY_id(key);
846 #ifndef OPENSSL_NO_EC
847 if (keyid == EVP_PKEY_EC) {
848 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
851 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
853 cname = EC_curve_nid2nist(nid);
855 cname = OBJ_nid2sn(nid);
856 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
872 algname = OBJ_nid2sn(keyid);
875 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
879 static void print_details(SSL *c_ssl, const char *prefix)
881 const SSL_CIPHER *ciph;
886 ciph = SSL_get_current_cipher(c_ssl);
887 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
889 SSL_get_version(c_ssl),
890 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
891 cert = SSL_get_peer_certificate(c_ssl);
893 pkey = X509_get_pubkey(cert);
895 BIO_puts(bio_stdout, ", ");
896 print_key_details(bio_stdout, pkey);
901 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
902 BIO_puts(bio_stdout, ", temp key: ");
903 print_key_details(bio_stdout, pkey);
906 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
907 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
908 BIO_printf(bio_stdout, "\n");
911 static void lock_dbg_cb(int mode, int type, const char *file, int line)
913 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
914 const char *errstr = NULL;
917 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
918 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
919 errstr = "invalid mode";
923 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
924 errstr = "type out of bounds";
928 if (mode & CRYPTO_LOCK) {
930 errstr = "already locked";
932 * must not happen in a single-threaded program (would deadlock)
938 } else if (mode & CRYPTO_UNLOCK) {
940 errstr = "not locked";
944 if (modes[type] != rw) {
945 errstr = (rw == CRYPTO_READ) ?
946 "CRYPTO_r_unlock on write lock" :
947 "CRYPTO_w_unlock on read lock";
952 errstr = "invalid mode";
958 /* we cannot use bio_err here */
960 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
961 errstr, mode, type, file, line);
966 * protocol_from_string - converts a protocol version string to a number
968 * Returns -1 on failure or the version on success
970 static int protocol_from_string(const char *value)
972 struct protocol_versions {
976 static const struct protocol_versions versions[] = {
977 {"ssl3", SSL3_VERSION},
978 {"tls1", TLS1_VERSION},
979 {"tls1.1", TLS1_1_VERSION},
980 {"tls1.2", TLS1_2_VERSION},
981 {"dtls1", DTLS1_VERSION},
982 {"dtls1.2", DTLS1_2_VERSION}};
984 size_t n = OSSL_NELEM(versions);
986 for (i = 0; i < n; i++)
987 if (strcmp(versions[i].name, value) == 0)
988 return versions[i].version;
993 * set_protocol_version - Sets protocol version minimum or maximum
995 * Returns 0 on failure and 1 on success
997 static int set_protocol_version(const char *version, SSL *ssl, int setting)
999 if (version != NULL) {
1000 int ver = protocol_from_string(version);
1002 BIO_printf(bio_err, "Error parsing: %s\n", version);
1005 return SSL_ctrl(ssl, setting, ver, NULL);
1010 int main(int argc, char *argv[])
1012 char *CApath = NULL, *CAfile = NULL;
1014 enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
1016 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1;
1017 int client_auth = 0;
1018 int server_auth = 0, i;
1019 struct app_verify_arg app_verify_arg =
1020 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
1022 #ifndef OPENSSL_NO_EC
1023 char *named_curve = NULL;
1025 SSL_CTX *s_ctx = NULL;
1026 SSL_CTX *c_ctx = NULL;
1027 const SSL_METHOD *meth = NULL;
1029 int number = 1, reuse = 0;
1031 #ifndef OPENSSL_NO_DH
1033 int dhe512 = 0, dhe1024dsa = 0;
1035 #ifndef OPENSSL_NO_EC
1036 EC_KEY *ecdh = NULL;
1038 #ifndef OPENSSL_NO_SRP
1040 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
1042 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
1048 clock_t s_time = 0, c_time = 0;
1049 #ifndef OPENSSL_NO_COMP
1051 COMP_METHOD *cm = NULL;
1052 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1054 int test_cipherlist = 0;
1060 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1061 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1062 char *arg = NULL, *argn = NULL;
1068 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1070 CRYPTO_set_locking_callback(lock_dbg_cb);
1072 p = getenv("OPENSSL_DEBUG_MEMORY");
1073 if (p != NULL && strcmp(p, "on") == 0)
1074 CRYPTO_set_mem_debug(1);
1075 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1077 RAND_seed(rnd_seed, sizeof rnd_seed);
1079 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1081 s_cctx = SSL_CONF_CTX_new();
1082 c_cctx = SSL_CONF_CTX_new();
1084 if (!s_cctx || !c_cctx) {
1085 ERR_print_errors(bio_err);
1089 SSL_CONF_CTX_set_flags(s_cctx,
1090 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1091 SSL_CONF_FLAG_CERTIFICATE |
1092 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1093 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1094 ERR_print_errors(bio_err);
1098 SSL_CONF_CTX_set_flags(c_cctx,
1099 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
1100 SSL_CONF_FLAG_CERTIFICATE |
1101 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1102 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1103 ERR_print_errors(bio_err);
1111 if (strcmp(*argv, "-F") == 0) {
1116 "not compiled with FIPS support, so exiting without running.\n");
1119 } else if (strcmp(*argv, "-server_auth") == 0)
1121 else if (strcmp(*argv, "-client_auth") == 0)
1123 else if (strcmp(*argv, "-proxy_auth") == 0) {
1126 app_verify_arg.proxy_auth = *(++argv);
1127 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1130 app_verify_arg.proxy_cond = *(++argv);
1131 } else if (strcmp(*argv, "-v") == 0)
1133 else if (strcmp(*argv, "-d") == 0)
1135 else if (strcmp(*argv, "-reuse") == 0)
1137 else if (strcmp(*argv, "-dhe512") == 0) {
1138 #ifndef OPENSSL_NO_DH
1142 "ignoring -dhe512, since I'm compiled without DH\n");
1144 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
1145 #ifndef OPENSSL_NO_DH
1149 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
1151 } else if (strcmp(*argv, "-no_dhe") == 0)
1153 else if (strcmp(*argv, "-no_ecdhe") == 0)
1155 else if (strcmp(*argv, "-psk") == 0) {
1158 psk_key = *(++argv);
1159 #ifndef OPENSSL_NO_PSK
1160 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1161 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1168 #ifndef OPENSSL_NO_SRP
1169 else if (strcmp(*argv, "-srpuser") == 0) {
1172 srp_server_arg.expected_user = srp_client_arg.srplogin =
1175 } else if (strcmp(*argv, "-srppass") == 0) {
1178 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1182 else if (strcmp(*argv, "-tls1") == 0) {
1184 } else if (strcmp(*argv, "-ssl3") == 0) {
1186 } else if (strcmp(*argv, "-dtls1") == 0) {
1188 } else if (strcmp(*argv, "-dtls12") == 0) {
1190 } else if (strcmp(*argv, "-dtls") == 0) {
1192 } else if (strncmp(*argv, "-num", 4) == 0) {
1195 number = atoi(*(++argv));
1198 } else if (strcmp(*argv, "-bytes") == 0) {
1201 bytes = atol(*(++argv));
1204 i = strlen(argv[0]);
1205 if (argv[0][i - 1] == 'k')
1207 if (argv[0][i - 1] == 'm')
1208 bytes *= 1024L * 1024L;
1209 } else if (strcmp(*argv, "-cipher") == 0) {
1213 } else if (strcmp(*argv, "-CApath") == 0) {
1217 } else if (strcmp(*argv, "-CAfile") == 0) {
1221 } else if (strcmp(*argv, "-bio_pair") == 0) {
1222 bio_type = BIO_PAIR;
1223 } else if (strcmp(*argv, "-ipv4") == 0) {
1224 bio_type = BIO_IPV4;
1225 } else if (strcmp(*argv, "-ipv6") == 0) {
1226 bio_type = BIO_IPV6;
1227 } else if (strcmp(*argv, "-f") == 0) {
1229 } else if (strcmp(*argv, "-time") == 0) {
1232 #ifndef OPENSSL_NO_COMP
1233 else if (strcmp(*argv, "-zlib") == 0) {
1237 else if (strcmp(*argv, "-named_curve") == 0) {
1240 #ifndef OPENSSL_NO_EC
1241 named_curve = *(++argv);
1244 "ignoring -named_curve, since I'm compiled without ECDH\n");
1247 } else if (strcmp(*argv, "-app_verify") == 0) {
1248 app_verify_arg.app_verify = 1;
1249 } else if (strcmp(*argv, "-proxy") == 0) {
1250 app_verify_arg.allow_proxy_certs = 1;
1251 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1252 test_cipherlist = 1;
1254 #ifndef OPENSSL_NO_NEXTPROTONEG
1255 else if (strcmp(*argv, "-npn_client") == 0) {
1257 } else if (strcmp(*argv, "-npn_server") == 0) {
1259 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1260 npn_server_reject = 1;
1263 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1265 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1266 serverinfo_tack = 1;
1267 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1270 serverinfo_file = *(++argv);
1271 } else if (strcmp(*argv, "-custom_ext") == 0) {
1273 } else if (strcmp(*argv, "-alpn_client") == 0) {
1276 alpn_client = *(++argv);
1277 } else if (strcmp(*argv, "-alpn_server") == 0) {
1280 alpn_server = *(++argv);
1281 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1284 alpn_expected = *(++argv);
1285 } else if (strcmp(*argv, "-server_min_proto") == 0) {
1288 server_min_proto = *(++argv);
1289 } else if (strcmp(*argv, "-server_max_proto") == 0) {
1292 server_max_proto = *(++argv);
1293 } else if (strcmp(*argv, "-client_min_proto") == 0) {
1296 client_min_proto = *(++argv);
1297 } else if (strcmp(*argv, "-client_max_proto") == 0) {
1300 client_max_proto = *(++argv);
1301 } else if (strcmp(*argv, "-should_negotiate") == 0) {
1304 should_negotiate = *(++argv);
1309 /* Try to process command using SSL_CONF */
1310 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1311 /* If not processed try server */
1313 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1314 /* Recognised: store it for later use */
1319 conf_args = sk_OPENSSL_STRING_new_null();
1323 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1325 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1330 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1332 BIO_printf(bio_err, "Error with command %s\n", arg);
1334 BIO_printf(bio_err, "unknown option %s\n", arg);
1348 * test_cipherlist prevails over protocol switch: we test the cipherlist
1349 * for all enabled protocols.
1351 if (test_cipherlist == 1) {
1353 * ensure that the cipher list are correctly sorted and exit
1355 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1356 "other options.\n");
1357 if (do_test_cipherlist() == 0)
1363 if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
1364 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
1369 #ifdef OPENSSL_NO_SSL3
1374 #ifdef OPENSSL_NO_TLS1
1379 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
1384 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1_2)
1392 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1393 * Ideally, we would error out, but the generic test wrapper can't know
1394 * when to expect failure. So we do nothing and return success.
1397 fprintf(stderr, "Testing was requested for a disabled protocol. "
1398 "Skipping tests.\n");
1403 if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
1404 fprintf(stderr, "This case cannot work. Use -f to perform "
1405 "the test anyway (and\n-d to see what happens), "
1406 "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n"
1407 "to avoid protocol mismatch.\n");
1412 if (!FIPS_mode_set(1)) {
1413 ERR_load_crypto_strings();
1414 ERR_print_errors(bio_err);
1417 fprintf(stderr, "*** IN FIPS MODE ***\n");
1422 if (bio_type != BIO_PAIR) {
1423 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1424 bio_type = BIO_PAIR;
1426 if (number < 50 && !force)
1428 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1431 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1434 SSL_load_error_strings();
1436 #ifndef OPENSSL_NO_COMP
1437 if (comp == COMP_ZLIB)
1440 if (COMP_get_type(cm) != NID_undef) {
1441 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1442 fprintf(stderr, "Failed to add compression method\n");
1443 ERR_print_errors_fp(stderr);
1447 "Warning: %s compression not supported\n",
1448 comp == COMP_ZLIB ? "zlib" : "unknown");
1449 ERR_print_errors_fp(stderr);
1452 ssl_comp_methods = SSL_COMP_get_compression_methods();
1453 n = sk_SSL_COMP_num(ssl_comp_methods);
1456 printf("Available compression methods:");
1457 for (j = 0; j < n; j++) {
1458 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1459 printf(" %s:%d", c->name, c->id);
1466 * At this point, ssl3/tls1 is only set if the protocol is available.
1467 * (Otherwise we exit early.) However the compiler doesn't know this, so
1470 #ifndef OPENSSL_NO_DTLS
1471 #ifndef OPENSSL_NO_DTLS1
1473 meth = DTLSv1_method();
1476 #ifndef OPENSSL_NO_DTLS1_2
1478 meth = DTLSv1_2_method();
1482 meth = DTLS_method();
1485 #ifndef OPENSSL_NO_SSL3
1487 meth = SSLv3_method();
1490 #ifndef OPENSSL_NO_TLS1
1492 meth = TLSv1_method();
1495 meth = TLS_method();
1497 c_ctx = SSL_CTX_new(meth);
1498 s_ctx = SSL_CTX_new(meth);
1499 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1500 ERR_print_errors(bio_err);
1504 * Since we will use low security ciphersuites and keys for testing set
1505 * security level to zero by default. Tests can override this by adding
1506 * "@SECLEVEL=n" to the cipher string.
1508 SSL_CTX_set_security_level(c_ctx, 0);
1509 SSL_CTX_set_security_level(s_ctx, 0);
1511 if (cipher != NULL) {
1512 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
1513 || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1514 ERR_print_errors(bio_err);
1519 /* Process SSL_CONF arguments */
1520 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1521 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1523 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1525 arg = sk_OPENSSL_STRING_value(conf_args, i);
1526 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1527 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1528 /* If not recognised use server context */
1530 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1532 BIO_printf(bio_err, "Error processing %s %s\n",
1533 arg, argn ? argn : "");
1534 ERR_print_errors(bio_err);
1539 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
1540 BIO_puts(bio_err, "Error finishing context\n");
1541 ERR_print_errors(bio_err);
1544 #ifndef OPENSSL_NO_DH
1548 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1550 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1551 dh = get_dh1024dsa();
1556 SSL_CTX_set_tmp_dh(s_ctx, dh);
1563 #ifndef OPENSSL_NO_EC
1567 if (named_curve != NULL) {
1568 nid = OBJ_sn2nid(named_curve);
1570 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1574 nid = NID_X9_62_prime256v1;
1577 ecdh = EC_KEY_new_by_curve_name(nid);
1579 BIO_printf(bio_err, "unable to create curve\n");
1583 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1584 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1591 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1592 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1593 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1594 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1595 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1596 ERR_print_errors(bio_err);
1601 printf("client authentication\n");
1602 SSL_CTX_set_verify(s_ctx,
1603 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1605 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1609 printf("server authentication\n");
1610 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1611 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1616 int session_id_context = 0;
1617 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1618 sizeof session_id_context)) {
1619 ERR_print_errors(bio_err);
1624 /* Use PSK only if PSK key is given */
1625 if (psk_key != NULL) {
1627 * no_psk is used to avoid putting psk command to openssl tool
1631 * if PSK is not compiled in and psk key is given, do nothing and
1637 #ifndef OPENSSL_NO_PSK
1638 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1639 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1641 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1642 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1643 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1644 ERR_print_errors(bio_err);
1649 #ifndef OPENSSL_NO_SRP
1650 if (srp_client_arg.srplogin) {
1651 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1652 BIO_printf(bio_err, "Unable to set SRP username\n");
1655 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1656 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1657 ssl_give_srp_client_pwd_cb);
1659 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1663 if (srp_server_arg.expected_user != NULL) {
1664 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1665 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1666 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1670 #ifndef OPENSSL_NO_NEXTPROTONEG
1672 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1675 if (npn_server_reject) {
1677 "Can't have both -npn_server and -npn_server_reject\n");
1680 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1682 if (npn_server_reject) {
1683 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1688 if (serverinfo_sct) {
1689 if (!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1691 serverinfo_cli_parse_cb, NULL)) {
1692 BIO_printf(bio_err, "Error adding SCT extension\n");
1696 if (serverinfo_tack) {
1697 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1699 serverinfo_cli_parse_cb, NULL)) {
1700 BIO_printf(bio_err, "Error adding TACK extension\n");
1704 if (serverinfo_file)
1705 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1706 BIO_printf(bio_err, "missing serverinfo file\n");
1711 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1712 custom_ext_0_cli_add_cb,
1714 custom_ext_0_cli_parse_cb, NULL)
1715 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1716 custom_ext_1_cli_add_cb,
1718 custom_ext_1_cli_parse_cb, NULL)
1719 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1720 custom_ext_2_cli_add_cb,
1722 custom_ext_2_cli_parse_cb, NULL)
1723 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1724 custom_ext_3_cli_add_cb,
1726 custom_ext_3_cli_parse_cb, NULL)
1727 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1728 custom_ext_0_srv_add_cb,
1730 custom_ext_0_srv_parse_cb, NULL)
1731 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1732 custom_ext_1_srv_add_cb,
1734 custom_ext_1_srv_parse_cb, NULL)
1735 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1736 custom_ext_2_srv_add_cb,
1738 custom_ext_2_srv_parse_cb, NULL)
1739 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1740 custom_ext_3_srv_add_cb,
1742 custom_ext_3_srv_parse_cb, NULL)) {
1743 BIO_printf(bio_err, "Error setting custom extensions\n");
1749 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1752 unsigned short alpn_len;
1753 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1756 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1759 /* Returns 0 on success!! */
1760 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
1761 BIO_printf(bio_err, "Error setting ALPN\n");
1768 c_ssl = SSL_new(c_ctx);
1769 s_ssl = SSL_new(s_ctx);
1771 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1773 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1775 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1777 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1780 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
1781 for (i = 0; i < number; i++) {
1783 if (!SSL_set_session(c_ssl, NULL)) {
1784 BIO_printf(bio_err, "Failed to set session\n");
1790 ret = doit(s_ssl, c_ssl, bytes);
1793 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1796 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV4,
1797 bytes, &s_time, &c_time);
1800 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV6,
1801 bytes, &s_time, &c_time);
1807 if (should_negotiate && ret == 0 &&
1808 strcmp(should_negotiate, "fail-server") != 0 &&
1809 strcmp(should_negotiate, "fail-client") != 0) {
1810 int version = protocol_from_string(should_negotiate);
1812 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate);
1816 if (SSL_version(c_ssl) != version) {
1817 BIO_printf(bio_err, "Unxpected version negotiated. "
1818 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl));
1825 print_details(c_ssl, "");
1828 #ifdef CLOCKS_PER_SEC
1830 * "To determine the time in seconds, the value returned by the clock
1831 * function should be divided by the value of the macro
1832 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1834 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1835 "Approximate total client time: %6.2f s\n",
1836 (double)s_time / CLOCKS_PER_SEC,
1837 (double)c_time / CLOCKS_PER_SEC);
1839 BIO_printf(bio_stdout,
1840 "Approximate total server time: %6.2f units\n"
1841 "Approximate total client time: %6.2f units\n",
1842 (double)s_time, (double)c_time);
1851 SSL_CTX_free(s_ctx);
1852 SSL_CTX_free(c_ctx);
1853 SSL_CONF_CTX_free(s_cctx);
1854 SSL_CONF_CTX_free(c_cctx);
1855 sk_OPENSSL_STRING_free(conf_args);
1857 BIO_free(bio_stdout);
1859 #ifndef OPENSSL_NO_ENGINE
1862 CONF_modules_unload(1);
1863 CRYPTO_cleanup_all_ex_data();
1865 ERR_remove_thread_state(NULL);
1867 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
1868 if (CRYPTO_mem_leaks(bio_err) <= 0)
1875 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
1876 clock_t *s_time, clock_t *c_time)
1878 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1879 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1880 BIO *acpt = NULL, *server = NULL, *client = NULL;
1883 int err_in_client = 0;
1884 int err_in_server = 0;
1886 acpt = BIO_new_accept("0");
1889 BIO_set_accept_ip_family(acpt, family);
1890 BIO_set_bind_mode(acpt, BIO_SOCK_NONBLOCK | BIO_SOCK_REUSEADDR);
1891 if (BIO_do_accept(acpt) <= 0)
1894 BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt));
1896 client = BIO_new_connect(addr_str);
1897 BIO_set_conn_ip_family(client, family);
1901 if (BIO_set_nbio(client, 1) <= 0)
1903 if (BIO_set_nbio(acpt, 1) <= 0)
1907 int st_connect = 0, st_accept = 0;
1909 while(!st_connect || !st_accept) {
1911 if (BIO_do_connect(client) <= 0) {
1912 if (!BIO_should_retry(client))
1919 if (BIO_do_accept(acpt) <= 0) {
1920 if (!BIO_should_retry(acpt))
1928 /* We're not interested in accepting further connects */
1929 server = BIO_pop(acpt);
1933 s_ssl_bio = BIO_new(BIO_f_ssl());
1937 c_ssl_bio = BIO_new(BIO_f_ssl());
1941 SSL_set_connect_state(c_ssl);
1942 SSL_set_bio(c_ssl, client, client);
1943 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1945 SSL_set_accept_state(s_ssl);
1946 SSL_set_bio(s_ssl, server, server);
1947 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1951 * c_ssl_bio: SSL filter BIO
1953 * client: I/O for SSL library
1956 * server: I/O for SSL library
1958 * s_ssl_bio: SSL filter BIO
1962 * We have non-blocking behaviour throughout this test program, but
1963 * can be sure that there is *some* progress in each iteration; so we
1964 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1965 * we just try everything in each iteration
1971 char cbuf[1024 * 8];
1973 clock_t c_clock = clock();
1975 memset(cbuf, 0, sizeof(cbuf));
1978 if (SSL_in_init(c_ssl))
1979 printf("client waiting in SSL_connect - %s\n",
1980 SSL_state_string_long(c_ssl));
1983 /* Write to server. */
1985 if (cw_num > (long)sizeof cbuf)
1989 r = BIO_write(c_ssl_bio, cbuf, i);
1991 if (!BIO_should_retry(c_ssl_bio)) {
1992 fprintf(stderr, "ERROR in CLIENT\n");
1997 * BIO_should_retry(...) can just be ignored here. The
1998 * library expects us to call BIO_write with the same
1999 * arguments again, and that's what we will do in the
2002 } else if (r == 0) {
2003 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2007 printf("client wrote %d\n", r);
2013 /* Read from server. */
2015 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2017 if (!BIO_should_retry(c_ssl_bio)) {
2018 fprintf(stderr, "ERROR in CLIENT\n");
2023 * Again, "BIO_should_retry" can be ignored.
2025 } else if (r == 0) {
2026 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2030 printf("client read %d\n", r);
2036 * c_time and s_time increments will typically be very small
2037 * (depending on machine speed and clock tick intervals), but
2038 * sampling over a large number of connections should result in
2039 * fairly accurate figures. We cannot guarantee a lot, however
2040 * -- if each connection lasts for exactly one clock tick, it
2041 * will be counted only for the client or only for the server or
2044 *c_time += (clock() - c_clock);
2050 char sbuf[1024 * 8];
2052 clock_t s_clock = clock();
2054 memset(sbuf, 0, sizeof(sbuf));
2057 if (SSL_in_init(s_ssl))
2058 printf("server waiting in SSL_accept - %s\n",
2059 SSL_state_string_long(s_ssl));
2062 /* Write to client. */
2064 if (sw_num > (long)sizeof sbuf)
2068 r = BIO_write(s_ssl_bio, sbuf, i);
2070 if (!BIO_should_retry(s_ssl_bio)) {
2071 fprintf(stderr, "ERROR in SERVER\n");
2075 /* Ignore "BIO_should_retry". */
2076 } else if (r == 0) {
2077 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2081 printf("server wrote %d\n", r);
2087 /* Read from client. */
2089 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2091 if (!BIO_should_retry(s_ssl_bio)) {
2092 fprintf(stderr, "ERROR in SERVER\n");
2097 } else if (r == 0) {
2098 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2102 printf("server read %d\n", r);
2107 *s_time += (clock() - s_clock);
2110 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2113 print_details(c_ssl, "DONE via TCP connect: ");
2114 #ifndef OPENSSL_NO_NEXTPROTONEG
2115 if (verify_npn(c_ssl, s_ssl) < 0) {
2120 if (verify_serverinfo() < 0) {
2121 fprintf(stderr, "Server info verify error\n");
2125 if (verify_alpn(c_ssl, s_ssl) < 0) {
2130 if (custom_ext_error) {
2131 fprintf(stderr, "Custom extension error\n");
2140 ERR_print_errors(bio_err);
2145 BIO_free(s_ssl_bio);
2146 BIO_free(c_ssl_bio);
2148 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2149 ret = (err_in_client != 0) ? 0 : 1;
2150 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2151 ret = (err_in_server != 0) ? 0 : 1;
2156 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
2157 clock_t *s_time, clock_t *c_time)
2159 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
2160 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
2161 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
2163 int err_in_client = 0;
2164 int err_in_server = 0;
2166 size_t bufsiz = 256; /* small buffer for testing */
2168 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
2170 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
2173 s_ssl_bio = BIO_new(BIO_f_ssl());
2177 c_ssl_bio = BIO_new(BIO_f_ssl());
2181 SSL_set_connect_state(c_ssl);
2182 SSL_set_bio(c_ssl, client, client);
2183 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2185 SSL_set_accept_state(s_ssl);
2186 SSL_set_bio(s_ssl, server, server);
2187 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2191 * c_ssl_bio: SSL filter BIO
2193 * client: pseudo-I/O for SSL library
2195 * client_io: client's SSL communication; usually to be
2196 * relayed over some I/O facility, but in this
2197 * test program, we're the server, too:
2199 * server_io: server's SSL communication
2201 * server: pseudo-I/O for SSL library
2203 * s_ssl_bio: SSL filter BIO
2205 * The client and the server each employ a "BIO pair":
2206 * client + client_io, server + server_io.
2207 * BIO pairs are symmetric. A BIO pair behaves similar
2208 * to a non-blocking socketpair (but both endpoints must
2209 * be handled by the same thread).
2210 * [Here we could connect client and server to the ends
2211 * of a single BIO pair, but then this code would be less
2212 * suitable as an example for BIO pairs in general.]
2214 * Useful functions for querying the state of BIO pair endpoints:
2216 * BIO_ctrl_pending(bio) number of bytes we can read now
2217 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
2218 * other side's read attempt
2219 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
2221 * ..._read_request is never more than ..._write_guarantee;
2222 * it depends on the application which one you should use.
2226 * We have non-blocking behaviour throughout this test program, but
2227 * can be sure that there is *some* progress in each iteration; so we
2228 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2229 * we just try everything in each iteration
2235 char cbuf[1024 * 8];
2237 clock_t c_clock = clock();
2239 memset(cbuf, 0, sizeof(cbuf));
2242 if (SSL_in_init(c_ssl))
2243 printf("client waiting in SSL_connect - %s\n",
2244 SSL_state_string_long(c_ssl));
2247 /* Write to server. */
2249 if (cw_num > (long)sizeof cbuf)
2253 r = BIO_write(c_ssl_bio, cbuf, i);
2255 if (!BIO_should_retry(c_ssl_bio)) {
2256 fprintf(stderr, "ERROR in CLIENT\n");
2261 * BIO_should_retry(...) can just be ignored here. The
2262 * library expects us to call BIO_write with the same
2263 * arguments again, and that's what we will do in the
2266 } else if (r == 0) {
2267 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2271 printf("client wrote %d\n", r);
2277 /* Read from server. */
2279 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2281 if (!BIO_should_retry(c_ssl_bio)) {
2282 fprintf(stderr, "ERROR in CLIENT\n");
2287 * Again, "BIO_should_retry" can be ignored.
2289 } else if (r == 0) {
2290 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2294 printf("client read %d\n", r);
2300 * c_time and s_time increments will typically be very small
2301 * (depending on machine speed and clock tick intervals), but
2302 * sampling over a large number of connections should result in
2303 * fairly accurate figures. We cannot guarantee a lot, however
2304 * -- if each connection lasts for exactly one clock tick, it
2305 * will be counted only for the client or only for the server or
2308 *c_time += (clock() - c_clock);
2314 char sbuf[1024 * 8];
2316 clock_t s_clock = clock();
2318 memset(sbuf, 0, sizeof(sbuf));
2321 if (SSL_in_init(s_ssl))
2322 printf("server waiting in SSL_accept - %s\n",
2323 SSL_state_string_long(s_ssl));
2326 /* Write to client. */
2328 if (sw_num > (long)sizeof sbuf)
2332 r = BIO_write(s_ssl_bio, sbuf, i);
2334 if (!BIO_should_retry(s_ssl_bio)) {
2335 fprintf(stderr, "ERROR in SERVER\n");
2339 /* Ignore "BIO_should_retry". */
2340 } else if (r == 0) {
2341 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2345 printf("server wrote %d\n", r);
2351 /* Read from client. */
2353 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2355 if (!BIO_should_retry(s_ssl_bio)) {
2356 fprintf(stderr, "ERROR in SERVER\n");
2361 } else if (r == 0) {
2362 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2366 printf("server read %d\n", r);
2371 *s_time += (clock() - s_clock);
2375 /* "I/O" BETWEEN CLIENT AND SERVER. */
2378 BIO *io1 = server_io, *io2 = client_io;
2380 * we use the non-copying interface for io1 and the standard
2381 * BIO_write/BIO_read interface for io2
2384 static int prev_progress = 1;
2392 r1 = BIO_ctrl_pending(io1);
2393 r2 = BIO_ctrl_get_write_guarantee(io2);
2401 if (INT_MAX < num) /* yeah, right */
2404 r = BIO_nread(io1, &dataptr, (int)num);
2406 assert(r <= (int)num);
2408 * possibly r < num (non-contiguous data)
2411 r = BIO_write(io2, dataptr, (int)num);
2412 if (r != (int)num) { /* can't happen */
2413 fprintf(stderr, "ERROR: BIO_write could not write "
2414 "BIO_ctrl_get_write_guarantee() bytes");
2420 printf((io1 == client_io) ?
2421 "C->S relaying: %d bytes\n" :
2422 "S->C relaying: %d bytes\n", (int)num);
2432 r1 = BIO_ctrl_pending(io2);
2433 r2 = BIO_ctrl_get_read_request(io1);
2435 * here we could use ..._get_write_guarantee instead of
2436 * ..._get_read_request, but by using the latter we test
2437 * restartability of the SSL implementation more thoroughly
2449 --num; /* test restartability even more thoroughly */
2451 r = BIO_nwrite0(io1, &dataptr);
2455 r = BIO_read(io2, dataptr, (int)num);
2456 if (r != (int)num) { /* can't happen */
2457 fprintf(stderr, "ERROR: BIO_read could not read "
2458 "BIO_ctrl_pending() bytes");
2462 r = BIO_nwrite(io1, &dataptr, (int)num);
2463 if (r != (int)num) { /* can't happen */
2464 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2465 "BIO_nwrite0() bytes");
2470 printf((io2 == client_io) ?
2471 "C->S relaying: %d bytes\n" :
2472 "S->C relaying: %d bytes\n", (int)num);
2474 } /* no loop, BIO_ctrl_get_read_request now
2475 * returns 0 anyway */
2477 if (!progress && !prev_progress)
2478 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2479 fprintf(stderr, "ERROR: got stuck\n");
2480 fprintf(stderr, " ERROR.\n");
2483 prev_progress = progress;
2486 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2489 print_details(c_ssl, "DONE via BIO pair: ");
2490 #ifndef OPENSSL_NO_NEXTPROTONEG
2491 if (verify_npn(c_ssl, s_ssl) < 0) {
2496 if (verify_serverinfo() < 0) {
2497 fprintf(stderr, "Server info verify error\n");
2501 if (verify_alpn(c_ssl, s_ssl) < 0) {
2506 if (custom_ext_error) {
2507 fprintf(stderr, "Custom extension error\n");
2516 ERR_print_errors(bio_err);
2519 BIO_free(server_io);
2521 BIO_free(client_io);
2522 BIO_free(s_ssl_bio);
2523 BIO_free(c_ssl_bio);
2525 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2526 ret = (err_in_client != 0) ? 0 : 1;
2527 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2528 ret = (err_in_server != 0) ? 0 : 1;
2538 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2540 char *cbuf = NULL, *sbuf = NULL;
2542 long cw_num = count, cr_num = count;
2543 long sw_num = count, sr_num = count;
2549 int c_r, c_w, s_r, s_w;
2552 int c_write, s_write;
2553 int do_server = 0, do_client = 0;
2554 int max_frag = 5 * 1024;
2555 int err_in_client = 0;
2556 int err_in_server = 0;
2558 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2560 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2562 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2565 c_to_s = BIO_new(BIO_s_mem());
2566 s_to_c = BIO_new(BIO_s_mem());
2567 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2568 ERR_print_errors(bio_err);
2572 c_bio = BIO_new(BIO_f_ssl());
2573 s_bio = BIO_new(BIO_f_ssl());
2574 if ((c_bio == NULL) || (s_bio == NULL)) {
2575 ERR_print_errors(bio_err);
2579 SSL_set_connect_state(c_ssl);
2580 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2581 SSL_set_max_send_fragment(c_ssl, max_frag);
2582 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2584 SSL_set_accept_state(s_ssl);
2585 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2586 SSL_set_max_send_fragment(s_ssl, max_frag);
2587 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2593 c_write = 1, s_write = 0;
2595 /* We can always do writes */
2600 i = (int)BIO_pending(s_bio);
2601 if ((i && s_r) || s_w)
2604 i = (int)BIO_pending(c_bio);
2605 if ((i && c_r) || c_w)
2608 if (do_server && debug) {
2609 if (SSL_in_init(s_ssl))
2610 printf("server waiting in SSL_accept - %s\n",
2611 SSL_state_string_long(s_ssl));
2614 printf("server:SSL_write()\n");
2616 printf("server:SSL_read()\n"); */
2619 if (do_client && debug) {
2620 if (SSL_in_init(c_ssl))
2621 printf("client waiting in SSL_connect - %s\n",
2622 SSL_state_string_long(c_ssl));
2625 printf("client:SSL_write()\n");
2627 printf("client:SSL_read()\n"); */
2630 if (!do_client && !do_server) {
2631 fprintf(stdout, "ERROR IN STARTUP\n");
2632 ERR_print_errors(bio_err);
2635 if (do_client && !(done & C_DONE)) {
2637 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2638 i = BIO_write(c_bio, cbuf, j);
2642 if (BIO_should_retry(c_bio)) {
2643 if (BIO_should_read(c_bio))
2645 if (BIO_should_write(c_bio))
2648 fprintf(stderr, "ERROR in CLIENT\n");
2650 ERR_print_errors(bio_err);
2653 } else if (i == 0) {
2654 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2658 printf("client wrote %d\n", i);
2663 if (max_frag > 1029)
2664 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2667 i = BIO_read(c_bio, cbuf, bufsiz);
2671 if (BIO_should_retry(c_bio)) {
2672 if (BIO_should_read(c_bio))
2674 if (BIO_should_write(c_bio))
2677 fprintf(stderr, "ERROR in CLIENT\n");
2679 ERR_print_errors(bio_err);
2682 } else if (i == 0) {
2683 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2687 printf("client read %d\n", i);
2696 done = S_DONE | C_DONE;
2702 if (do_server && !(done & S_DONE)) {
2704 i = BIO_read(s_bio, sbuf, bufsiz);
2708 if (BIO_should_retry(s_bio)) {
2709 if (BIO_should_read(s_bio))
2711 if (BIO_should_write(s_bio))
2714 fprintf(stderr, "ERROR in SERVER\n");
2716 ERR_print_errors(bio_err);
2719 } else if (i == 0) {
2720 ERR_print_errors(bio_err);
2722 "SSL SERVER STARTUP FAILED in SSL_read\n");
2726 printf("server read %d\n", i);
2739 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2740 i = BIO_write(s_bio, sbuf, j);
2744 if (BIO_should_retry(s_bio)) {
2745 if (BIO_should_read(s_bio))
2747 if (BIO_should_write(s_bio))
2750 fprintf(stderr, "ERROR in SERVER\n");
2752 ERR_print_errors(bio_err);
2755 } else if (i == 0) {
2756 ERR_print_errors(bio_err);
2758 "SSL SERVER STARTUP FAILED in SSL_write\n");
2762 printf("server wrote %d\n", i);
2768 if (max_frag > 1029)
2769 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2774 if ((done & S_DONE) && (done & C_DONE))
2779 print_details(c_ssl, "DONE: ");
2780 #ifndef OPENSSL_NO_NEXTPROTONEG
2781 if (verify_npn(c_ssl, s_ssl) < 0) {
2786 if (verify_serverinfo() < 0) {
2787 fprintf(stderr, "Server info verify error\n");
2791 if (custom_ext_error) {
2792 fprintf(stderr, "Custom extension error\n");
2799 * We have to set the BIO's to NULL otherwise they will be
2800 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2801 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2802 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2803 * SSL_free() automatically BIO_free non NULL entries. You should not
2804 * normally do this or be required to do this
2806 if (s_ssl != NULL) {
2810 if (c_ssl != NULL) {
2817 BIO_free_all(c_bio);
2818 BIO_free_all(s_bio);
2822 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2823 ret = (err_in_client != 0) ? 0 : 1;
2824 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2825 ret = (err_in_server != 0) ? 0 : 1;
2830 static int get_proxy_auth_ex_data_idx(void)
2832 static volatile int idx = -1;
2834 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2836 idx = X509_STORE_CTX_get_ex_new_index(0,
2837 "SSLtest for verify callback",
2840 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2845 static int verify_callback(int ok, X509_STORE_CTX *ctx)
2849 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2853 printf("depth=%d %s\n", ctx->error_depth, buf);
2855 fprintf(stderr, "depth=%d error=%d %s\n",
2856 ctx->error_depth, ctx->error, buf);
2861 switch (ctx->error) {
2863 fprintf(stderr, "Error string: %s\n",
2864 X509_verify_cert_error_string(ctx->error));
2866 case X509_V_ERR_CERT_NOT_YET_VALID:
2867 case X509_V_ERR_CERT_HAS_EXPIRED:
2868 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2874 X509 *xs = ctx->current_cert;
2875 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
2876 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2877 get_proxy_auth_ex_data_idx
2883 PROXY_CERT_INFO_EXTENSION *pci =
2884 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2887 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2888 case NID_Independent:
2890 * Completely meaningless in this program, as there's no
2891 * way to grant explicit rights to a specific PrC.
2892 * Basically, using id-ppl-Independent is the perfect way
2893 * to grant no rights at all.
2895 fprintf(stderr, " Independent proxy certificate");
2896 for (i = 0; i < 26; i++)
2899 case NID_id_ppl_inheritAll:
2901 * This is basically a NOP, we simply let the current
2902 * rights stand as they are.
2904 fprintf(stderr, " Proxy certificate inherits all");
2908 pci->proxyPolicy->policy->data;
2909 i = pci->proxyPolicy->policy->length;
2912 * The algorithm works as follows: it is assumed that
2913 * previous iterations or the initial granted rights has
2914 * already set some elements of `letters'. What we need
2915 * to do is to clear those that weren't granted by the
2916 * current PrC as well. The easiest way to do this is to
2917 * add 1 to all the elements whose letters are given with
2918 * the current policy. That way, all elements that are
2919 * set by the current policy and were already set by
2920 * earlier policies and through the original grant of
2921 * rights will get the value 2 or higher. The last thing
2922 * to do is to sweep through `letters' and keep the
2923 * elements having the value 2 as set, and clear all the
2927 printf(" Certificate proxy rights = %*.*s", i,
2931 if (isascii(c) && isalpha(c)) {
2937 for (i = 0; i < 26; i++)
2945 printf(", resulting proxy rights = ");
2946 for (i = 0; i < 26; i++)
2948 printf("%c", i + 'A');
2955 PROXY_CERT_INFO_EXTENSION_free(pci);
2963 static void process_proxy_debug(int indent, const char *format, ...)
2966 static const char indentation[] =
2967 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2968 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2969 char my_format[256];
2972 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2973 indent, indent, indentation, format);
2975 va_start(args, format);
2976 vfprintf(stderr, my_format, args);
2986 static int process_proxy_cond_adders(unsigned int letters[26],
2987 const char *cond, const char **cond_end,
2988 int *pos, int indent);
2989 static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2990 const char **cond_end, int *pos, int indent)
2996 while (isspace((int)*cond)) {
3003 process_proxy_debug(indent,
3004 "Start process_proxy_cond_val at position %d: %s\n",
3011 while (isspace((int)*cond)) {
3021 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
3026 while (isspace((int)*cond)) {
3033 "Weird condition character in position %d: "
3040 } else if (isascii(c) && isalpha(c)) {
3043 ok = letters[c - 'A'];
3048 "Weird condition character in position %d: " "%c\n", *pos, c);
3054 if (ok >= 0 && negate)
3058 process_proxy_debug(indent,
3059 "End process_proxy_cond_val at position %d: %s, returning %d\n",
3065 static int process_proxy_cond_multipliers(unsigned int letters[26],
3067 const char **cond_end, int *pos,
3074 process_proxy_debug(indent,
3075 "Start process_proxy_cond_multipliers at position %d: %s\n",
3078 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
3084 while (isspace((int)*cond)) {
3098 ok = process_proxy_cond_val(letters,
3099 cond, cond_end, pos, indent + 1);
3112 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3124 process_proxy_debug(indent,
3125 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
3132 static int process_proxy_cond_adders(unsigned int letters[26],
3133 const char *cond, const char **cond_end,
3134 int *pos, int indent)
3140 process_proxy_debug(indent,
3141 "Start process_proxy_cond_adders at position %d: %s\n",
3144 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
3151 while (isspace((int)*cond)) {
3164 ok = process_proxy_cond_multipliers(letters,
3165 cond, cond_end, pos,
3176 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3188 process_proxy_debug(indent,
3189 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
3196 static int process_proxy_cond(unsigned int letters[26],
3197 const char *cond, const char **cond_end)
3200 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3203 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
3206 struct app_verify_arg *cb_arg = arg;
3207 unsigned int letters[26]; /* only used with proxy_auth */
3209 if (cb_arg->app_verify) {
3210 char *s = NULL, buf[256];
3212 printf("In app_verify_callback, allowing cert. ");
3213 printf("Arg is: %s\n", cb_arg->string);
3214 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
3215 (void *)ctx, (void *)ctx->cert);
3217 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
3219 printf("cert depth=%d %s\n", ctx->error_depth, buf);
3223 if (cb_arg->proxy_auth) {
3224 int found_any = 0, i;
3227 for (i = 0; i < 26; i++)
3229 for (sp = cb_arg->proxy_auth; *sp; sp++) {
3231 if (isascii(c) && isalpha(c)) {
3234 letters[c - 'A'] = 1;
3238 printf(" Initial proxy rights = ");
3239 for (i = 0; i < 26; i++)
3241 printf("%c", i + 'A');
3248 X509_STORE_CTX_set_ex_data(ctx,
3249 get_proxy_auth_ex_data_idx(), letters);
3251 if (cb_arg->allow_proxy_certs) {
3252 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
3254 ok = X509_verify_cert(ctx);
3256 if (cb_arg->proxy_auth) {
3258 const char *cond_end = NULL;
3260 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
3266 "Stopped processing condition before it's end.\n");
3271 "Proxy rights check with condition '%s' invalid\n",
3272 cb_arg->proxy_cond);
3274 printf("Proxy rights check with condition '%s' ok\n",
3275 cb_arg->proxy_cond);
3281 #ifndef OPENSSL_NO_DH
3283 * These DH parameters have been generated as follows:
3284 * $ openssl dhparam -C -noout 512
3285 * $ openssl dhparam -C -noout 1024
3286 * $ openssl dhparam -C -noout -dsaparam 1024
3287 * (The third function has been renamed to avoid name conflicts.)
3289 static DH *get_dh512()
3291 static unsigned char dh512_p[] = {
3292 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
3294 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
3296 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
3298 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
3300 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
3302 0x02, 0xC5, 0xAE, 0x23,
3304 static unsigned char dh512_g[] = {
3309 if ((dh = DH_new()) == NULL)
3311 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
3312 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
3313 if ((dh->p == NULL) || (dh->g == NULL)) {
3320 static DH *get_dh1024()
3322 static unsigned char dh1024_p[] = {
3323 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
3325 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
3327 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
3329 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
3331 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
3333 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3335 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3337 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3339 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3341 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3343 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3345 static unsigned char dh1024_g[] = {
3350 if ((dh = DH_new()) == NULL)
3352 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3353 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3354 if ((dh->p == NULL) || (dh->g == NULL)) {
3361 static DH *get_dh1024dsa()
3363 static unsigned char dh1024_p[] = {
3364 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3366 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3368 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3370 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3372 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3374 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3376 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3378 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3380 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3382 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3384 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3386 static unsigned char dh1024_g[] = {
3387 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3389 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3391 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3393 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3395 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3397 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3399 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3401 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3403 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3405 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3407 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3411 if ((dh = DH_new()) == NULL)
3413 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3414 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3415 if ((dh->p == NULL) || (dh->g == NULL)) {
3424 #ifndef OPENSSL_NO_PSK
3425 /* convert the PSK key (psk_key) in ascii to binary (psk) */
3426 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3427 unsigned int max_psk_len)
3432 ret = BN_hex2bn(&bn, pskkey);
3434 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3439 if (BN_num_bytes(bn) > (int)max_psk_len) {
3441 "psk buffer of callback is too small (%d) for key (%d)\n",
3442 max_psk_len, BN_num_bytes(bn));
3446 ret = BN_bn2bin(bn, psk);
3451 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3453 unsigned int max_identity_len,
3455 unsigned int max_psk_len)
3458 unsigned int psk_len = 0;
3460 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3464 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3466 ret = psk_key2bn(psk_key, psk, max_psk_len);
3474 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3476 unsigned int max_psk_len)
3478 unsigned int psk_len = 0;
3480 if (strcmp(identity, "Client_identity") != 0) {
3481 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3484 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3489 static int do_test_cipherlist(void)
3491 #if !defined(OPENSSL_NO_SSL3) || !defined(OPENSSL_NO_TLS1)
3493 const SSL_METHOD *meth;
3494 const SSL_CIPHER *ci, *tci = NULL;
3497 #ifndef OPENSSL_NO_SSL3
3498 meth = SSLv3_method();
3500 while ((ci = meth->get_cipher(i++)) != NULL) {
3502 if (ci->id >= tci->id) {
3503 fprintf(stderr, "testing SSLv3 cipher list order: ");
3504 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
3510 #ifndef OPENSSL_NO_TLS1
3511 meth = TLSv1_method();
3513 while ((ci = meth->get_cipher(i++)) != NULL) {
3515 if (ci->id >= tci->id) {
3516 fprintf(stderr, "testing TLSv1 cipher list order: ");
3517 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);