1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
57 /* ====================================================================
58 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 * Redistribution and use in source and binary forms, with or without
61 * modification, are permitted provided that the following conditions
64 * 1. Redistributions of source code must retain the above copyright
65 * notice, this list of conditions and the following disclaimer.
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in
69 * the documentation and/or other materials provided with the
72 * 3. All advertising materials mentioning features or use of this
73 * software must display the following acknowledgment:
74 * "This product includes software developed by the OpenSSL Project
75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78 * endorse or promote products derived from this software without
79 * prior written permission. For written permission, please contact
80 * openssl-core@openssl.org.
82 * 5. Products derived from this software may not be called "OpenSSL"
83 * nor may "OpenSSL" appear in their names without prior written
84 * permission of the OpenSSL Project.
86 * 6. Redistributions of any form whatsoever must retain the following
88 * "This product includes software developed by the OpenSSL Project
89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102 * OF THE POSSIBILITY OF SUCH DAMAGE.
103 * ====================================================================
105 * This product includes cryptographic software written by Eric Young
106 * (eay@cryptsoft.com). This product includes software written by Tim
107 * Hudson (tjh@cryptsoft.com).
110 /* ====================================================================
111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112 * ECC cipher suite support in OpenSSL originally developed by
113 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 /* ====================================================================
116 * Copyright 2005 Nokia. All rights reserved.
118 * The portions of the attached software ("Contribution") is developed by
119 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
122 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124 * support (see RFC 4279) to OpenSSL.
126 * No patent licenses or other rights except those expressly stated in
127 * the OpenSSL open source license shall be deemed granted or received
128 * expressly, by implication, estoppel, or otherwise.
130 * No assurances are provided by Nokia that the Contribution does not
131 * infringe the patent or other intellectual property rights of any third
132 * party or that the license provides you with all the necessary rights
133 * to make use of the Contribution.
135 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
142 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
143 #define _BSD_SOURCE 1
144 #define _DEFAULT_SOURCE 1
157 #ifdef OPENSSL_SYS_VMS
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
161 # define _XOPEN_SOURCE 500
166 #include <openssl/bio.h>
167 #include <openssl/crypto.h>
168 #include <openssl/evp.h>
169 #include <openssl/x509.h>
170 #include <openssl/x509v3.h>
171 #include <openssl/ssl.h>
172 #ifndef OPENSSL_NO_ENGINE
173 # include <openssl/engine.h>
175 #include <openssl/err.h>
176 #include <openssl/rand.h>
177 #ifndef OPENSSL_NO_RSA
178 # include <openssl/rsa.h>
180 #ifndef OPENSSL_NO_DSA
181 # include <openssl/dsa.h>
183 #ifndef OPENSSL_NO_DH
184 # include <openssl/dh.h>
186 #ifndef OPENSSL_NO_SRP
187 # include <openssl/srp.h>
189 #include <openssl/bn.h>
191 #include "../ssl/ssl_locl.h"
194 * Or gethostname won't be declared properly
195 * on Compaq platforms (at least with DEC C).
196 * Do not try to put it earlier, or IPv6 includes
199 #define _XOPEN_SOURCE_EXTENDED 1
201 #ifdef OPENSSL_SYS_WINDOWS
202 # include <winsock.h>
204 # include OPENSSL_UNISTD
208 * There is really no standard for this, so let's assign something
213 static int verify_callback(int ok, X509_STORE_CTX *ctx);
214 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
215 #define APP_CALLBACK_STRING "Test Callback Argument"
216 struct app_verify_arg {
219 int allow_proxy_certs;
224 #ifndef OPENSSL_NO_DH
225 static DH *get_dh512(void);
226 static DH *get_dh1024(void);
227 static DH *get_dh1024dsa(void);
230 static char *psk_key = NULL; /* by default PSK is not used */
231 #ifndef OPENSSL_NO_PSK
232 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
234 unsigned int max_identity_len,
236 unsigned int max_psk_len);
237 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
239 unsigned int max_psk_len);
242 #ifndef OPENSSL_NO_SRP
244 /* This is a context that we pass to all callbacks */
245 typedef struct srp_client_arg_st {
250 # define PWD_STRLEN 1024
252 static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
254 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
255 return OPENSSL_strdup((char *)srp_client_arg->srppassin);
259 /* This is a context that we pass to SRP server callbacks */
260 typedef struct srp_server_arg_st {
265 static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
267 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
269 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
270 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
271 return SSL3_AL_FATAL;
273 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
274 *ad = SSL_AD_INTERNAL_ERROR;
275 return SSL3_AL_FATAL;
277 return SSL_ERROR_NONE;
281 static BIO *bio_err = NULL;
282 static BIO *bio_stdout = NULL;
284 #ifndef OPENSSL_NO_NEXTPROTONEG
285 /* Note that this code assumes that this is only a one element list: */
286 static const char NEXT_PROTO_STRING[] = "\x09testproto";
287 static int npn_client = 0;
288 static int npn_server = 0;
289 static int npn_server_reject = 0;
291 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
292 const unsigned char *in, unsigned int inlen,
296 * This callback only returns the protocol string, rather than a length
297 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
298 * and remove the first byte to chop off the length prefix.
300 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
301 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
302 return SSL_TLSEXT_ERR_OK;
305 static int cb_server_npn(SSL *s, const unsigned char **data,
306 unsigned int *len, void *arg)
308 *data = (const unsigned char *)NEXT_PROTO_STRING;
309 *len = sizeof(NEXT_PROTO_STRING) - 1;
310 return SSL_TLSEXT_ERR_OK;
313 static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
314 unsigned int *len, void *arg)
316 return SSL_TLSEXT_ERR_NOACK;
319 static int verify_npn(SSL *client, SSL *server)
321 const unsigned char *client_s;
323 const unsigned char *server_s;
326 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
327 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
330 BIO_printf(bio_stdout, "Client NPN: ");
331 BIO_write(bio_stdout, client_s, client_len);
332 BIO_printf(bio_stdout, "\n");
336 BIO_printf(bio_stdout, "Server NPN: ");
337 BIO_write(bio_stdout, server_s, server_len);
338 BIO_printf(bio_stdout, "\n");
342 * If an NPN string was returned, it must be the protocol that we
343 * expected to negotiate.
345 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
346 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
348 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
349 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
352 if (!npn_client && client_len)
354 if (!npn_server && server_len)
356 if (npn_server_reject && server_len)
358 if (npn_client && npn_server && (!client_len || !server_len))
365 static const char *alpn_client;
366 static const char *alpn_server;
367 static const char *alpn_expected;
368 static unsigned char *alpn_selected;
369 static const char *server_min_proto;
370 static const char *server_max_proto;
371 static const char *client_min_proto;
372 static const char *client_max_proto;
373 static const char *should_negotiate;
376 * next_protos_parse parses a comma separated list of strings into a string
377 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
378 * outlen: (output) set to the length of the resulting buffer on success.
379 * err: (maybe NULL) on failure, an error message line is written to this BIO.
380 * in: a NUL terminated string like "abc,def,ghi"
382 * returns: a malloced buffer or NULL on failure.
384 static unsigned char *next_protos_parse(unsigned short *outlen,
395 out = OPENSSL_malloc(strlen(in) + 1);
399 for (i = 0; i <= len; ++i) {
400 if (i == len || in[i] == ',') {
401 if (i - start > 255) {
405 out[start] = i - start;
415 static int cb_server_alpn(SSL *s, const unsigned char **out,
416 unsigned char *outlen, const unsigned char *in,
417 unsigned int inlen, void *arg)
419 unsigned char *protos;
420 unsigned short protos_len;
422 protos = next_protos_parse(&protos_len, alpn_server);
423 if (protos == NULL) {
424 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
429 if (SSL_select_next_proto
430 ((unsigned char **)out, outlen, protos, protos_len, in,
431 inlen) != OPENSSL_NPN_NEGOTIATED) {
432 OPENSSL_free(protos);
433 return SSL_TLSEXT_ERR_NOACK;
437 * Make a copy of the selected protocol which will be freed in
440 alpn_selected = OPENSSL_malloc(*outlen);
441 memcpy(alpn_selected, *out, *outlen);
442 *out = alpn_selected;
444 OPENSSL_free(protos);
445 return SSL_TLSEXT_ERR_OK;
448 static int verify_alpn(SSL *client, SSL *server)
450 const unsigned char *client_proto, *server_proto;
451 unsigned int client_proto_len = 0, server_proto_len = 0;
452 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
453 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
455 OPENSSL_free(alpn_selected);
456 alpn_selected = NULL;
458 if (client_proto_len != server_proto_len) {
459 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
463 if (client_proto != NULL &&
464 memcmp(client_proto, server_proto, client_proto_len) != 0) {
465 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
469 if (client_proto_len > 0 && alpn_expected == NULL) {
470 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
474 if (alpn_expected != NULL &&
475 (client_proto_len != strlen(alpn_expected) ||
476 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
477 BIO_printf(bio_stdout,
478 "ALPN selected protocols not equal to expected protocol: %s\n",
486 BIO_printf(bio_stdout, "ALPN results: client: '");
487 BIO_write(bio_stdout, client_proto, client_proto_len);
488 BIO_printf(bio_stdout, "', server: '");
489 BIO_write(bio_stdout, server_proto, server_proto_len);
490 BIO_printf(bio_stdout, "'\n");
491 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
492 alpn_client, alpn_server);
496 #define SCT_EXT_TYPE 18
499 * WARNING : below extension types are *NOT* IETF assigned, and could
500 * conflict if these types are reassigned and handled specially by OpenSSL
503 #define TACK_EXT_TYPE 62208
504 #define CUSTOM_EXT_TYPE_0 1000
505 #define CUSTOM_EXT_TYPE_1 1001
506 #define CUSTOM_EXT_TYPE_2 1002
507 #define CUSTOM_EXT_TYPE_3 1003
509 static const char custom_ext_cli_string[] = "abc";
510 static const char custom_ext_srv_string[] = "defg";
512 /* These set from cmdline */
513 static char *serverinfo_file = NULL;
514 static int serverinfo_sct = 0;
515 static int serverinfo_tack = 0;
517 /* These set based on extension callbacks */
518 static int serverinfo_sct_seen = 0;
519 static int serverinfo_tack_seen = 0;
520 static int serverinfo_other_seen = 0;
522 /* This set from cmdline */
523 static int custom_ext = 0;
525 /* This set based on extension callbacks */
526 static int custom_ext_error = 0;
528 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
529 const unsigned char *in, size_t inlen,
532 if (ext_type == SCT_EXT_TYPE)
533 serverinfo_sct_seen++;
534 else if (ext_type == TACK_EXT_TYPE)
535 serverinfo_tack_seen++;
537 serverinfo_other_seen++;
541 static int verify_serverinfo()
543 if (serverinfo_sct != serverinfo_sct_seen)
545 if (serverinfo_tack != serverinfo_tack_seen)
547 if (serverinfo_other_seen)
553 * Four test cases for custom extensions:
554 * 0 - no ClientHello extension or ServerHello response
555 * 1 - ClientHello with "abc", no response
556 * 2 - ClientHello with "abc", empty response
557 * 3 - ClientHello with "abc", "defg" response
560 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
561 const unsigned char **out,
562 size_t *outlen, int *al, void *arg)
564 if (ext_type != CUSTOM_EXT_TYPE_0)
565 custom_ext_error = 1;
566 return 0; /* Don't send an extension */
569 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
570 const unsigned char *in,
571 size_t inlen, int *al, void *arg)
576 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
577 const unsigned char **out,
578 size_t *outlen, int *al, void *arg)
580 if (ext_type != CUSTOM_EXT_TYPE_1)
581 custom_ext_error = 1;
582 *out = (const unsigned char *)custom_ext_cli_string;
583 *outlen = strlen(custom_ext_cli_string);
584 return 1; /* Send "abc" */
587 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
588 const unsigned char *in,
589 size_t inlen, int *al, void *arg)
594 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
595 const unsigned char **out,
596 size_t *outlen, int *al, void *arg)
598 if (ext_type != CUSTOM_EXT_TYPE_2)
599 custom_ext_error = 1;
600 *out = (const unsigned char *)custom_ext_cli_string;
601 *outlen = strlen(custom_ext_cli_string);
602 return 1; /* Send "abc" */
605 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
606 const unsigned char *in,
607 size_t inlen, int *al, void *arg)
609 if (ext_type != CUSTOM_EXT_TYPE_2)
610 custom_ext_error = 1;
612 custom_ext_error = 1; /* Should be empty response */
616 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
617 const unsigned char **out,
618 size_t *outlen, int *al, void *arg)
620 if (ext_type != CUSTOM_EXT_TYPE_3)
621 custom_ext_error = 1;
622 *out = (const unsigned char *)custom_ext_cli_string;
623 *outlen = strlen(custom_ext_cli_string);
624 return 1; /* Send "abc" */
627 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
628 const unsigned char *in,
629 size_t inlen, int *al, void *arg)
631 if (ext_type != CUSTOM_EXT_TYPE_3)
632 custom_ext_error = 1;
633 if (inlen != strlen(custom_ext_srv_string))
634 custom_ext_error = 1;
635 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
636 custom_ext_error = 1; /* Check for "defg" */
641 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
644 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
645 const unsigned char *in,
646 size_t inlen, int *al, void *arg)
648 custom_ext_error = 1;
652 /* 'add' callbacks are only called if the 'parse' callback is called */
653 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
654 const unsigned char **out,
655 size_t *outlen, int *al, void *arg)
657 /* Error: should not have been called */
658 custom_ext_error = 1;
659 return 0; /* Don't send an extension */
662 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
663 const unsigned char *in,
664 size_t inlen, int *al, void *arg)
666 if (ext_type != CUSTOM_EXT_TYPE_1)
667 custom_ext_error = 1;
668 /* Check for "abc" */
669 if (inlen != strlen(custom_ext_cli_string))
670 custom_ext_error = 1;
671 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
672 custom_ext_error = 1;
676 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
677 const unsigned char **out,
678 size_t *outlen, int *al, void *arg)
680 return 0; /* Don't send an extension */
683 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
684 const unsigned char *in,
685 size_t inlen, int *al, void *arg)
687 if (ext_type != CUSTOM_EXT_TYPE_2)
688 custom_ext_error = 1;
689 /* Check for "abc" */
690 if (inlen != strlen(custom_ext_cli_string))
691 custom_ext_error = 1;
692 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
693 custom_ext_error = 1;
697 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
698 const unsigned char **out,
699 size_t *outlen, int *al, void *arg)
703 return 1; /* Send empty extension */
706 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
707 const unsigned char *in,
708 size_t inlen, int *al, void *arg)
710 if (ext_type != CUSTOM_EXT_TYPE_3)
711 custom_ext_error = 1;
712 /* Check for "abc" */
713 if (inlen != strlen(custom_ext_cli_string))
714 custom_ext_error = 1;
715 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
716 custom_ext_error = 1;
720 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
721 const unsigned char **out,
722 size_t *outlen, int *al, void *arg)
724 *out = (const unsigned char *)custom_ext_srv_string;
725 *outlen = strlen(custom_ext_srv_string);
726 return 1; /* Send "defg" */
729 static char *cipher = NULL;
730 static int verbose = 0;
731 static int debug = 0;
732 static const char rnd_seed[] =
733 "string to make the random number generator think it has entropy";
735 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family,
736 long bytes, clock_t *s_time, clock_t *c_time);
737 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
739 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
740 static int do_test_cipherlist(void);
742 static void sv_usage(void)
744 fprintf(stderr, "usage: ssltest [args ...]\n");
745 fprintf(stderr, "\n");
747 fprintf(stderr, "-F - run test in FIPS mode\n");
749 fprintf(stderr, " -server_auth - check server certificate\n");
750 fprintf(stderr, " -client_auth - do client authentication\n");
751 fprintf(stderr, " -proxy - allow proxy certificates\n");
752 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
754 " -proxy_cond <val> - expression to test proxy policy rights\n");
755 fprintf(stderr, " -v - more output\n");
756 fprintf(stderr, " -d - debug output\n");
757 fprintf(stderr, " -reuse - use session-id reuse\n");
758 fprintf(stderr, " -num <val> - number of connections to perform\n");
760 " -bytes <val> - number of bytes to swap between client/server\n");
761 #ifndef OPENSSL_NO_DH
763 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
765 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
767 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
768 fprintf(stderr, " -no_dhe - disable DHE\n");
770 #ifndef OPENSSL_NO_EC
771 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
773 #ifndef OPENSSL_NO_PSK
774 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
776 #ifndef OPENSSL_NO_SRP
777 fprintf(stderr, " -srpuser user - SRP username to use\n");
778 fprintf(stderr, " -srppass arg - password for 'user'\n");
780 #ifndef OPENSSL_NO_SSL3
781 fprintf(stderr, " -ssl3 - use SSLv3\n");
783 #ifndef OPENSSL_NO_TLS1
784 fprintf(stderr, " -tls1 - use TLSv1\n");
786 #ifndef OPENSSL_NO_DTLS
787 fprintf(stderr, " -dtls - use DTLS\n");
788 #ifndef OPENSSL_NO_DTLS1
789 fprintf(stderr, " -dtls1 - use DTLSv1\n");
791 #ifndef OPENSSL_NO_DTLS1_2
792 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
795 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
796 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
797 fprintf(stderr, " -cert arg - Server certificate file\n");
799 " -key arg - Server key file (default: same as -cert)\n");
800 fprintf(stderr, " -c_cert arg - Client certificate file\n");
802 " -c_key arg - Client key file (default: same as -c_cert)\n");
803 fprintf(stderr, " -cipher arg - The cipher list\n");
804 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
805 fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n");
806 fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n");
807 fprintf(stderr, " -f - Test even cases that can't work\n");
809 " -time - measure processor time used by client and server\n");
810 fprintf(stderr, " -zlib - use zlib compression\n");
811 #ifndef OPENSSL_NO_EC
813 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
814 " Use \"openssl ecparam -list_curves\" for all names\n"
815 " (default is sect163r2).\n");
818 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
819 " When this option is requested, the cipherlist\n"
820 " tests are run instead of handshake tests.\n");
821 #ifndef OPENSSL_NO_NEXTPROTONEG
822 fprintf(stderr, " -npn_client - have client side offer NPN\n");
823 fprintf(stderr, " -npn_server - have server side offer NPN\n");
824 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
826 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
827 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
829 " -serverinfo_tack - have client offer and expect TACK\n");
831 " -custom_ext - try various custom extension callbacks\n");
832 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
833 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
835 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
836 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n");
837 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n");
838 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n");
839 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n");
840 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n");
843 static void print_key_details(BIO *out, EVP_PKEY *key)
845 int keyid = EVP_PKEY_id(key);
846 #ifndef OPENSSL_NO_EC
847 if (keyid == EVP_PKEY_EC) {
848 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
851 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
853 cname = EC_curve_nid2nist(nid);
855 cname = OBJ_nid2sn(nid);
856 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
872 algname = OBJ_nid2sn(keyid);
875 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
879 static void print_details(SSL *c_ssl, const char *prefix)
881 const SSL_CIPHER *ciph;
886 ciph = SSL_get_current_cipher(c_ssl);
887 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
889 SSL_get_version(c_ssl),
890 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
891 cert = SSL_get_peer_certificate(c_ssl);
893 pkey = X509_get_pubkey(cert);
895 BIO_puts(bio_stdout, ", ");
896 print_key_details(bio_stdout, pkey);
901 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
902 BIO_puts(bio_stdout, ", temp key: ");
903 print_key_details(bio_stdout, pkey);
906 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
907 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
908 BIO_printf(bio_stdout, "\n");
911 static void lock_dbg_cb(int mode, int type, const char *file, int line)
913 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
914 const char *errstr = NULL;
917 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
918 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
919 errstr = "invalid mode";
923 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
924 errstr = "type out of bounds";
928 if (mode & CRYPTO_LOCK) {
930 errstr = "already locked";
932 * must not happen in a single-threaded program (would deadlock)
938 } else if (mode & CRYPTO_UNLOCK) {
940 errstr = "not locked";
944 if (modes[type] != rw) {
945 errstr = (rw == CRYPTO_READ) ?
946 "CRYPTO_r_unlock on write lock" :
947 "CRYPTO_w_unlock on read lock";
952 errstr = "invalid mode";
958 /* we cannot use bio_err here */
960 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
961 errstr, mode, type, file, line);
966 * protocol_from_string - converts a protocol version string to a number
968 * Returns -1 on failure or the version on success
970 static int protocol_from_string(const char *value)
972 struct protocol_versions {
976 static const struct protocol_versions versions[] = {
977 {"ssl3", SSL3_VERSION},
978 {"tls1", TLS1_VERSION},
979 {"tls1.1", TLS1_1_VERSION},
980 {"tls1.2", TLS1_2_VERSION},
981 {"dtls1", DTLS1_VERSION},
982 {"dtls1.2", DTLS1_2_VERSION}};
984 size_t n = OSSL_NELEM(versions);
986 for (i = 0; i < n; i++)
987 if (strcmp(versions[i].name, value) == 0)
988 return versions[i].version;
993 * set_protocol_version - Sets protocol version minimum or maximum
995 * Returns 0 on failure and 1 on success
997 static int set_protocol_version(const char *version, SSL *ssl, int setting)
999 if (version != NULL) {
1000 int ver = protocol_from_string(version);
1002 BIO_printf(bio_err, "Error parsing: %s\n", version);
1005 return SSL_ctrl(ssl, setting, ver, NULL);
1010 int main(int argc, char *argv[])
1012 char *CApath = NULL, *CAfile = NULL;
1014 enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
1016 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1;
1017 int client_auth = 0;
1018 int server_auth = 0, i;
1019 struct app_verify_arg app_verify_arg =
1020 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
1022 #ifndef OPENSSL_NO_EC
1023 char *named_curve = NULL;
1025 SSL_CTX *s_ctx = NULL;
1026 SSL_CTX *c_ctx = NULL;
1027 const SSL_METHOD *meth = NULL;
1029 int number = 1, reuse = 0;
1031 #ifndef OPENSSL_NO_DH
1033 int dhe512 = 0, dhe1024dsa = 0;
1035 #ifndef OPENSSL_NO_EC
1036 EC_KEY *ecdh = NULL;
1038 #ifndef OPENSSL_NO_SRP
1040 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
1042 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
1048 clock_t s_time = 0, c_time = 0;
1049 #ifndef OPENSSL_NO_COMP
1051 COMP_METHOD *cm = NULL;
1052 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1054 int test_cipherlist = 0;
1060 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1061 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1062 char *arg = NULL, *argn = NULL;
1068 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1070 CRYPTO_set_locking_callback(lock_dbg_cb);
1072 p = getenv("OPENSSL_DEBUG_MEMORY");
1073 if (p != NULL && strcmp(p, "on") == 0)
1074 CRYPTO_set_mem_debug(1);
1075 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1077 RAND_seed(rnd_seed, sizeof rnd_seed);
1079 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1081 s_cctx = SSL_CONF_CTX_new();
1082 c_cctx = SSL_CONF_CTX_new();
1084 if (!s_cctx || !c_cctx) {
1085 ERR_print_errors(bio_err);
1089 SSL_CONF_CTX_set_flags(s_cctx,
1090 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1091 SSL_CONF_FLAG_CERTIFICATE |
1092 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1093 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1094 ERR_print_errors(bio_err);
1098 SSL_CONF_CTX_set_flags(c_cctx,
1099 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
1100 SSL_CONF_FLAG_CERTIFICATE |
1101 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1102 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1103 ERR_print_errors(bio_err);
1111 if (strcmp(*argv, "-F") == 0) {
1116 "not compiled with FIPS support, so exiting without running.\n");
1119 } else if (strcmp(*argv, "-server_auth") == 0)
1121 else if (strcmp(*argv, "-client_auth") == 0)
1123 else if (strcmp(*argv, "-proxy_auth") == 0) {
1126 app_verify_arg.proxy_auth = *(++argv);
1127 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1130 app_verify_arg.proxy_cond = *(++argv);
1131 } else if (strcmp(*argv, "-v") == 0)
1133 else if (strcmp(*argv, "-d") == 0)
1135 else if (strcmp(*argv, "-reuse") == 0)
1137 else if (strcmp(*argv, "-dhe512") == 0) {
1138 #ifndef OPENSSL_NO_DH
1142 "ignoring -dhe512, since I'm compiled without DH\n");
1144 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
1145 #ifndef OPENSSL_NO_DH
1149 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
1151 } else if (strcmp(*argv, "-no_dhe") == 0)
1153 else if (strcmp(*argv, "-no_ecdhe") == 0)
1155 else if (strcmp(*argv, "-psk") == 0) {
1158 psk_key = *(++argv);
1159 #ifndef OPENSSL_NO_PSK
1160 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1161 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1168 #ifndef OPENSSL_NO_SRP
1169 else if (strcmp(*argv, "-srpuser") == 0) {
1172 srp_server_arg.expected_user = srp_client_arg.srplogin =
1175 } else if (strcmp(*argv, "-srppass") == 0) {
1178 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1182 else if (strcmp(*argv, "-tls1") == 0) {
1184 } else if (strcmp(*argv, "-ssl3") == 0) {
1186 } else if (strcmp(*argv, "-dtls1") == 0) {
1188 } else if (strcmp(*argv, "-dtls12") == 0) {
1190 } else if (strcmp(*argv, "-dtls") == 0) {
1192 } else if (strncmp(*argv, "-num", 4) == 0) {
1195 number = atoi(*(++argv));
1198 } else if (strcmp(*argv, "-bytes") == 0) {
1201 bytes = atol(*(++argv));
1204 i = strlen(argv[0]);
1205 if (argv[0][i - 1] == 'k')
1207 if (argv[0][i - 1] == 'm')
1208 bytes *= 1024L * 1024L;
1209 } else if (strcmp(*argv, "-cipher") == 0) {
1213 } else if (strcmp(*argv, "-CApath") == 0) {
1217 } else if (strcmp(*argv, "-CAfile") == 0) {
1221 } else if (strcmp(*argv, "-bio_pair") == 0) {
1222 bio_type = BIO_PAIR;
1223 } else if (strcmp(*argv, "-ipv4") == 0) {
1224 bio_type = BIO_IPV4;
1225 } else if (strcmp(*argv, "-ipv6") == 0) {
1226 bio_type = BIO_IPV6;
1227 } else if (strcmp(*argv, "-f") == 0) {
1229 } else if (strcmp(*argv, "-time") == 0) {
1232 #ifndef OPENSSL_NO_COMP
1233 else if (strcmp(*argv, "-zlib") == 0) {
1237 else if (strcmp(*argv, "-named_curve") == 0) {
1240 #ifndef OPENSSL_NO_EC
1241 named_curve = *(++argv);
1244 "ignoring -named_curve, since I'm compiled without ECDH\n");
1247 } else if (strcmp(*argv, "-app_verify") == 0) {
1248 app_verify_arg.app_verify = 1;
1249 } else if (strcmp(*argv, "-proxy") == 0) {
1250 app_verify_arg.allow_proxy_certs = 1;
1251 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1252 test_cipherlist = 1;
1254 #ifndef OPENSSL_NO_NEXTPROTONEG
1255 else if (strcmp(*argv, "-npn_client") == 0) {
1257 } else if (strcmp(*argv, "-npn_server") == 0) {
1259 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1260 npn_server_reject = 1;
1263 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1265 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1266 serverinfo_tack = 1;
1267 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1270 serverinfo_file = *(++argv);
1271 } else if (strcmp(*argv, "-custom_ext") == 0) {
1273 } else if (strcmp(*argv, "-alpn_client") == 0) {
1276 alpn_client = *(++argv);
1277 } else if (strcmp(*argv, "-alpn_server") == 0) {
1280 alpn_server = *(++argv);
1281 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1284 alpn_expected = *(++argv);
1285 } else if (strcmp(*argv, "-server_min_proto") == 0) {
1288 server_min_proto = *(++argv);
1289 } else if (strcmp(*argv, "-server_max_proto") == 0) {
1292 server_max_proto = *(++argv);
1293 } else if (strcmp(*argv, "-client_min_proto") == 0) {
1296 client_min_proto = *(++argv);
1297 } else if (strcmp(*argv, "-client_max_proto") == 0) {
1300 client_max_proto = *(++argv);
1301 } else if (strcmp(*argv, "-should_negotiate") == 0) {
1304 should_negotiate = *(++argv);
1309 /* Try to process command using SSL_CONF */
1310 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1311 /* If not processed try server */
1313 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1314 /* Recognised: store it for later use */
1319 conf_args = sk_OPENSSL_STRING_new_null();
1323 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1325 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1330 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1332 BIO_printf(bio_err, "Error with command %s\n", arg);
1334 BIO_printf(bio_err, "unknown option %s\n", arg);
1348 * test_cipherlist prevails over protocol switch: we test the cipherlist
1349 * for all enabled protocols.
1351 if (test_cipherlist == 1) {
1353 * ensure that the cipher list are correctly sorted and exit
1355 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1356 "other options.\n");
1357 if (do_test_cipherlist() == 0)
1363 if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
1364 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
1369 #ifdef OPENSSL_NO_SSL3
1374 #ifdef OPENSSL_NO_TLS1
1379 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
1384 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1_2)
1392 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1393 * Ideally, we would error out, but the generic test wrapper can't know
1394 * when to expect failure. So we do nothing and return success.
1397 fprintf(stderr, "Testing was requested for a disabled protocol. "
1398 "Skipping tests.\n");
1403 if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
1404 fprintf(stderr, "This case cannot work. Use -f to perform "
1405 "the test anyway (and\n-d to see what happens), "
1406 "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n"
1407 "to avoid protocol mismatch.\n");
1412 if (!FIPS_mode_set(1)) {
1413 ERR_load_crypto_strings();
1414 ERR_print_errors(bio_err);
1417 fprintf(stderr, "*** IN FIPS MODE ***\n");
1422 if (bio_type != BIO_PAIR) {
1423 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1424 bio_type = BIO_PAIR;
1426 if (number < 50 && !force)
1428 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1431 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1434 SSL_load_error_strings();
1436 #ifndef OPENSSL_NO_COMP
1437 if (comp == COMP_ZLIB)
1440 if (COMP_get_type(cm) != NID_undef) {
1441 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1442 fprintf(stderr, "Failed to add compression method\n");
1443 ERR_print_errors_fp(stderr);
1447 "Warning: %s compression not supported\n",
1448 comp == COMP_ZLIB ? "zlib" : "unknown");
1449 ERR_print_errors_fp(stderr);
1452 ssl_comp_methods = SSL_COMP_get_compression_methods();
1453 n = sk_SSL_COMP_num(ssl_comp_methods);
1456 printf("Available compression methods:");
1457 for (j = 0; j < n; j++) {
1458 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1459 printf(" %s:%d", c->name, c->id);
1466 * At this point, ssl3/tls1 is only set if the protocol is available.
1467 * (Otherwise we exit early.) However the compiler doesn't know this, so
1470 #ifndef OPENSSL_NO_DTLS
1471 #ifndef OPENSSL_NO_DTLS1
1473 meth = DTLSv1_method();
1476 #ifndef OPENSSL_NO_DTLS1_2
1478 meth = DTLSv1_2_method();
1482 meth = DTLS_method();
1485 #ifndef OPENSSL_NO_SSL3
1487 meth = SSLv3_method();
1490 #ifndef OPENSSL_NO_TLS1
1492 meth = TLSv1_method();
1495 meth = TLS_method();
1497 c_ctx = SSL_CTX_new(meth);
1498 s_ctx = SSL_CTX_new(meth);
1499 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1500 ERR_print_errors(bio_err);
1504 * Since we will use low security ciphersuites and keys for testing set
1505 * security level to zero by default. Tests can override this by adding
1506 * "@SECLEVEL=n" to the cipher string.
1508 SSL_CTX_set_security_level(c_ctx, 0);
1509 SSL_CTX_set_security_level(s_ctx, 0);
1511 if (cipher != NULL) {
1512 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
1513 || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1514 ERR_print_errors(bio_err);
1519 /* Process SSL_CONF arguments */
1520 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1521 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1523 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1525 arg = sk_OPENSSL_STRING_value(conf_args, i);
1526 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1527 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1528 /* If not recognised use server context */
1530 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1532 BIO_printf(bio_err, "Error processing %s %s\n",
1533 arg, argn ? argn : "");
1534 ERR_print_errors(bio_err);
1539 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
1540 BIO_puts(bio_err, "Error finishing context\n");
1541 ERR_print_errors(bio_err);
1544 #ifndef OPENSSL_NO_DH
1548 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1550 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1551 dh = get_dh1024dsa();
1556 SSL_CTX_set_tmp_dh(s_ctx, dh);
1563 #ifndef OPENSSL_NO_EC
1567 if (named_curve != NULL) {
1568 nid = OBJ_sn2nid(named_curve);
1570 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1574 nid = NID_X9_62_prime256v1;
1577 ecdh = EC_KEY_new_by_curve_name(nid);
1579 BIO_printf(bio_err, "unable to create curve\n");
1583 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1584 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1591 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1592 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1593 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1594 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1595 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1596 ERR_print_errors(bio_err);
1601 printf("client authentication\n");
1602 SSL_CTX_set_verify(s_ctx,
1603 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1605 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1609 printf("server authentication\n");
1610 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1611 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1616 int session_id_context = 0;
1617 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1618 sizeof session_id_context)) {
1619 ERR_print_errors(bio_err);
1624 /* Use PSK only if PSK key is given */
1625 if (psk_key != NULL) {
1627 * no_psk is used to avoid putting psk command to openssl tool
1631 * if PSK is not compiled in and psk key is given, do nothing and
1637 #ifndef OPENSSL_NO_PSK
1638 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1639 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1641 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1642 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1643 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1644 ERR_print_errors(bio_err);
1649 #ifndef OPENSSL_NO_SRP
1650 if (srp_client_arg.srplogin) {
1651 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1652 BIO_printf(bio_err, "Unable to set SRP username\n");
1655 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1656 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1657 ssl_give_srp_client_pwd_cb);
1659 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1663 if (srp_server_arg.expected_user != NULL) {
1664 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1665 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1666 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1670 #ifndef OPENSSL_NO_NEXTPROTONEG
1672 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1675 if (npn_server_reject) {
1677 "Can't have both -npn_server and -npn_server_reject\n");
1680 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1682 if (npn_server_reject) {
1683 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1688 if (serverinfo_sct) {
1689 if (!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1691 serverinfo_cli_parse_cb, NULL)) {
1692 BIO_printf(bio_err, "Error adding SCT extension\n");
1696 if (serverinfo_tack) {
1697 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1699 serverinfo_cli_parse_cb, NULL)) {
1700 BIO_printf(bio_err, "Error adding TACK extension\n");
1704 if (serverinfo_file)
1705 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1706 BIO_printf(bio_err, "missing serverinfo file\n");
1711 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1712 custom_ext_0_cli_add_cb,
1714 custom_ext_0_cli_parse_cb, NULL)
1715 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1716 custom_ext_1_cli_add_cb,
1718 custom_ext_1_cli_parse_cb, NULL)
1719 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1720 custom_ext_2_cli_add_cb,
1722 custom_ext_2_cli_parse_cb, NULL)
1723 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1724 custom_ext_3_cli_add_cb,
1726 custom_ext_3_cli_parse_cb, NULL)
1727 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1728 custom_ext_0_srv_add_cb,
1730 custom_ext_0_srv_parse_cb, NULL)
1731 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1732 custom_ext_1_srv_add_cb,
1734 custom_ext_1_srv_parse_cb, NULL)
1735 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1736 custom_ext_2_srv_add_cb,
1738 custom_ext_2_srv_parse_cb, NULL)
1739 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1740 custom_ext_3_srv_add_cb,
1742 custom_ext_3_srv_parse_cb, NULL)) {
1743 BIO_printf(bio_err, "Error setting custom extensions\n");
1749 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1752 unsigned short alpn_len;
1753 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1756 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1759 /* Returns 0 on success!! */
1760 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
1761 BIO_printf(bio_err, "Error setting ALPN\n");
1768 c_ssl = SSL_new(c_ctx);
1769 s_ssl = SSL_new(s_ctx);
1771 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1773 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1775 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1777 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1780 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
1781 for (i = 0; i < number; i++) {
1783 if (!SSL_set_session(c_ssl, NULL)) {
1784 BIO_printf(bio_err, "Failed to set session\n");
1790 ret = doit(s_ssl, c_ssl, bytes);
1793 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1796 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV4,
1797 bytes, &s_time, &c_time);
1800 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV6,
1801 bytes, &s_time, &c_time);
1807 if (should_negotiate && ret == 0 &&
1808 strcmp(should_negotiate, "fail-server") != 0 &&
1809 strcmp(should_negotiate, "fail-client") != 0) {
1810 int version = protocol_from_string(should_negotiate);
1812 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate);
1816 if (SSL_version(c_ssl) != version) {
1817 BIO_printf(bio_err, "Unxpected version negotiated. "
1818 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl));
1825 print_details(c_ssl, "");
1828 #ifdef CLOCKS_PER_SEC
1830 * "To determine the time in seconds, the value returned by the clock
1831 * function should be divided by the value of the macro
1832 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1834 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1835 "Approximate total client time: %6.2f s\n",
1836 (double)s_time / CLOCKS_PER_SEC,
1837 (double)c_time / CLOCKS_PER_SEC);
1839 BIO_printf(bio_stdout,
1840 "Approximate total server time: %6.2f units\n"
1841 "Approximate total client time: %6.2f units\n",
1842 (double)s_time, (double)c_time);
1851 SSL_CTX_free(s_ctx);
1852 SSL_CTX_free(c_ctx);
1853 SSL_CONF_CTX_free(s_cctx);
1854 SSL_CONF_CTX_free(c_cctx);
1855 sk_OPENSSL_STRING_free(conf_args);
1857 BIO_free(bio_stdout);
1859 #ifndef OPENSSL_NO_ENGINE
1862 CONF_modules_unload(1);
1863 CRYPTO_cleanup_all_ex_data();
1865 ERR_remove_thread_state(NULL);
1867 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
1868 CRYPTO_mem_leaks(bio_err);
1874 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
1875 clock_t *s_time, clock_t *c_time)
1877 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1878 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1879 BIO *acpt = NULL, *server = NULL, *client = NULL;
1882 int err_in_client = 0;
1883 int err_in_server = 0;
1885 acpt = BIO_new_accept("0");
1888 BIO_set_accept_ip_family(acpt, family);
1889 BIO_set_bind_mode(acpt, BIO_SOCK_NONBLOCK | BIO_SOCK_REUSEADDR);
1890 if (BIO_do_accept(acpt) <= 0)
1893 BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt));
1895 client = BIO_new_connect(addr_str);
1896 BIO_set_conn_ip_family(client, family);
1900 if (BIO_set_nbio(client, 1) <= 0)
1902 if (BIO_set_nbio(acpt, 1) <= 0)
1906 int st_connect = 0, st_accept = 0;
1908 while(!st_connect || !st_accept) {
1910 if (BIO_do_connect(client) <= 0) {
1911 if (!BIO_should_retry(client))
1918 if (BIO_do_accept(acpt) <= 0) {
1919 if (!BIO_should_retry(acpt))
1927 /* We're not interested in accepting further connects */
1928 server = BIO_pop(acpt);
1932 s_ssl_bio = BIO_new(BIO_f_ssl());
1936 c_ssl_bio = BIO_new(BIO_f_ssl());
1940 SSL_set_connect_state(c_ssl);
1941 SSL_set_bio(c_ssl, client, client);
1942 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1944 SSL_set_accept_state(s_ssl);
1945 SSL_set_bio(s_ssl, server, server);
1946 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1950 * c_ssl_bio: SSL filter BIO
1952 * client: I/O for SSL library
1955 * server: I/O for SSL library
1957 * s_ssl_bio: SSL filter BIO
1961 * We have non-blocking behaviour throughout this test program, but
1962 * can be sure that there is *some* progress in each iteration; so we
1963 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1964 * we just try everything in each iteration
1970 char cbuf[1024 * 8];
1972 clock_t c_clock = clock();
1974 memset(cbuf, 0, sizeof(cbuf));
1977 if (SSL_in_init(c_ssl))
1978 printf("client waiting in SSL_connect - %s\n",
1979 SSL_state_string_long(c_ssl));
1982 /* Write to server. */
1984 if (cw_num > (long)sizeof cbuf)
1988 r = BIO_write(c_ssl_bio, cbuf, i);
1990 if (!BIO_should_retry(c_ssl_bio)) {
1991 fprintf(stderr, "ERROR in CLIENT\n");
1996 * BIO_should_retry(...) can just be ignored here. The
1997 * library expects us to call BIO_write with the same
1998 * arguments again, and that's what we will do in the
2001 } else if (r == 0) {
2002 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2006 printf("client wrote %d\n", r);
2012 /* Read from server. */
2014 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2016 if (!BIO_should_retry(c_ssl_bio)) {
2017 fprintf(stderr, "ERROR in CLIENT\n");
2022 * Again, "BIO_should_retry" can be ignored.
2024 } else if (r == 0) {
2025 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2029 printf("client read %d\n", r);
2035 * c_time and s_time increments will typically be very small
2036 * (depending on machine speed and clock tick intervals), but
2037 * sampling over a large number of connections should result in
2038 * fairly accurate figures. We cannot guarantee a lot, however
2039 * -- if each connection lasts for exactly one clock tick, it
2040 * will be counted only for the client or only for the server or
2043 *c_time += (clock() - c_clock);
2049 char sbuf[1024 * 8];
2051 clock_t s_clock = clock();
2053 memset(sbuf, 0, sizeof(sbuf));
2056 if (SSL_in_init(s_ssl))
2057 printf("server waiting in SSL_accept - %s\n",
2058 SSL_state_string_long(s_ssl));
2061 /* Write to client. */
2063 if (sw_num > (long)sizeof sbuf)
2067 r = BIO_write(s_ssl_bio, sbuf, i);
2069 if (!BIO_should_retry(s_ssl_bio)) {
2070 fprintf(stderr, "ERROR in SERVER\n");
2074 /* Ignore "BIO_should_retry". */
2075 } else if (r == 0) {
2076 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2080 printf("server wrote %d\n", r);
2086 /* Read from client. */
2088 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2090 if (!BIO_should_retry(s_ssl_bio)) {
2091 fprintf(stderr, "ERROR in SERVER\n");
2096 } else if (r == 0) {
2097 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2101 printf("server read %d\n", r);
2106 *s_time += (clock() - s_clock);
2109 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2112 print_details(c_ssl, "DONE via TCP connect: ");
2113 #ifndef OPENSSL_NO_NEXTPROTONEG
2114 if (verify_npn(c_ssl, s_ssl) < 0) {
2119 if (verify_serverinfo() < 0) {
2120 fprintf(stderr, "Server info verify error\n");
2124 if (verify_alpn(c_ssl, s_ssl) < 0) {
2129 if (custom_ext_error) {
2130 fprintf(stderr, "Custom extension error\n");
2139 ERR_print_errors(bio_err);
2144 BIO_free(s_ssl_bio);
2145 BIO_free(c_ssl_bio);
2147 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2148 ret = (err_in_client != 0) ? 0 : 1;
2149 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2150 ret = (err_in_server != 0) ? 0 : 1;
2155 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
2156 clock_t *s_time, clock_t *c_time)
2158 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
2159 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
2160 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
2162 int err_in_client = 0;
2163 int err_in_server = 0;
2165 size_t bufsiz = 256; /* small buffer for testing */
2167 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
2169 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
2172 s_ssl_bio = BIO_new(BIO_f_ssl());
2176 c_ssl_bio = BIO_new(BIO_f_ssl());
2180 SSL_set_connect_state(c_ssl);
2181 SSL_set_bio(c_ssl, client, client);
2182 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2184 SSL_set_accept_state(s_ssl);
2185 SSL_set_bio(s_ssl, server, server);
2186 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2190 * c_ssl_bio: SSL filter BIO
2192 * client: pseudo-I/O for SSL library
2194 * client_io: client's SSL communication; usually to be
2195 * relayed over some I/O facility, but in this
2196 * test program, we're the server, too:
2198 * server_io: server's SSL communication
2200 * server: pseudo-I/O for SSL library
2202 * s_ssl_bio: SSL filter BIO
2204 * The client and the server each employ a "BIO pair":
2205 * client + client_io, server + server_io.
2206 * BIO pairs are symmetric. A BIO pair behaves similar
2207 * to a non-blocking socketpair (but both endpoints must
2208 * be handled by the same thread).
2209 * [Here we could connect client and server to the ends
2210 * of a single BIO pair, but then this code would be less
2211 * suitable as an example for BIO pairs in general.]
2213 * Useful functions for querying the state of BIO pair endpoints:
2215 * BIO_ctrl_pending(bio) number of bytes we can read now
2216 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
2217 * other side's read attempt
2218 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
2220 * ..._read_request is never more than ..._write_guarantee;
2221 * it depends on the application which one you should use.
2225 * We have non-blocking behaviour throughout this test program, but
2226 * can be sure that there is *some* progress in each iteration; so we
2227 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2228 * we just try everything in each iteration
2234 char cbuf[1024 * 8];
2236 clock_t c_clock = clock();
2238 memset(cbuf, 0, sizeof(cbuf));
2241 if (SSL_in_init(c_ssl))
2242 printf("client waiting in SSL_connect - %s\n",
2243 SSL_state_string_long(c_ssl));
2246 /* Write to server. */
2248 if (cw_num > (long)sizeof cbuf)
2252 r = BIO_write(c_ssl_bio, cbuf, i);
2254 if (!BIO_should_retry(c_ssl_bio)) {
2255 fprintf(stderr, "ERROR in CLIENT\n");
2260 * BIO_should_retry(...) can just be ignored here. The
2261 * library expects us to call BIO_write with the same
2262 * arguments again, and that's what we will do in the
2265 } else if (r == 0) {
2266 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2270 printf("client wrote %d\n", r);
2276 /* Read from server. */
2278 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2280 if (!BIO_should_retry(c_ssl_bio)) {
2281 fprintf(stderr, "ERROR in CLIENT\n");
2286 * Again, "BIO_should_retry" can be ignored.
2288 } else if (r == 0) {
2289 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2293 printf("client read %d\n", r);
2299 * c_time and s_time increments will typically be very small
2300 * (depending on machine speed and clock tick intervals), but
2301 * sampling over a large number of connections should result in
2302 * fairly accurate figures. We cannot guarantee a lot, however
2303 * -- if each connection lasts for exactly one clock tick, it
2304 * will be counted only for the client or only for the server or
2307 *c_time += (clock() - c_clock);
2313 char sbuf[1024 * 8];
2315 clock_t s_clock = clock();
2317 memset(sbuf, 0, sizeof(sbuf));
2320 if (SSL_in_init(s_ssl))
2321 printf("server waiting in SSL_accept - %s\n",
2322 SSL_state_string_long(s_ssl));
2325 /* Write to client. */
2327 if (sw_num > (long)sizeof sbuf)
2331 r = BIO_write(s_ssl_bio, sbuf, i);
2333 if (!BIO_should_retry(s_ssl_bio)) {
2334 fprintf(stderr, "ERROR in SERVER\n");
2338 /* Ignore "BIO_should_retry". */
2339 } else if (r == 0) {
2340 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2344 printf("server wrote %d\n", r);
2350 /* Read from client. */
2352 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2354 if (!BIO_should_retry(s_ssl_bio)) {
2355 fprintf(stderr, "ERROR in SERVER\n");
2360 } else if (r == 0) {
2361 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2365 printf("server read %d\n", r);
2370 *s_time += (clock() - s_clock);
2374 /* "I/O" BETWEEN CLIENT AND SERVER. */
2377 BIO *io1 = server_io, *io2 = client_io;
2379 * we use the non-copying interface for io1 and the standard
2380 * BIO_write/BIO_read interface for io2
2383 static int prev_progress = 1;
2391 r1 = BIO_ctrl_pending(io1);
2392 r2 = BIO_ctrl_get_write_guarantee(io2);
2400 if (INT_MAX < num) /* yeah, right */
2403 r = BIO_nread(io1, &dataptr, (int)num);
2405 assert(r <= (int)num);
2407 * possibly r < num (non-contiguous data)
2410 r = BIO_write(io2, dataptr, (int)num);
2411 if (r != (int)num) { /* can't happen */
2412 fprintf(stderr, "ERROR: BIO_write could not write "
2413 "BIO_ctrl_get_write_guarantee() bytes");
2419 printf((io1 == client_io) ?
2420 "C->S relaying: %d bytes\n" :
2421 "S->C relaying: %d bytes\n", (int)num);
2431 r1 = BIO_ctrl_pending(io2);
2432 r2 = BIO_ctrl_get_read_request(io1);
2434 * here we could use ..._get_write_guarantee instead of
2435 * ..._get_read_request, but by using the latter we test
2436 * restartability of the SSL implementation more thoroughly
2448 --num; /* test restartability even more thoroughly */
2450 r = BIO_nwrite0(io1, &dataptr);
2454 r = BIO_read(io2, dataptr, (int)num);
2455 if (r != (int)num) { /* can't happen */
2456 fprintf(stderr, "ERROR: BIO_read could not read "
2457 "BIO_ctrl_pending() bytes");
2461 r = BIO_nwrite(io1, &dataptr, (int)num);
2462 if (r != (int)num) { /* can't happen */
2463 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2464 "BIO_nwrite0() bytes");
2469 printf((io2 == client_io) ?
2470 "C->S relaying: %d bytes\n" :
2471 "S->C relaying: %d bytes\n", (int)num);
2473 } /* no loop, BIO_ctrl_get_read_request now
2474 * returns 0 anyway */
2476 if (!progress && !prev_progress)
2477 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2478 fprintf(stderr, "ERROR: got stuck\n");
2479 fprintf(stderr, " ERROR.\n");
2482 prev_progress = progress;
2485 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2488 print_details(c_ssl, "DONE via BIO pair: ");
2489 #ifndef OPENSSL_NO_NEXTPROTONEG
2490 if (verify_npn(c_ssl, s_ssl) < 0) {
2495 if (verify_serverinfo() < 0) {
2496 fprintf(stderr, "Server info verify error\n");
2500 if (verify_alpn(c_ssl, s_ssl) < 0) {
2505 if (custom_ext_error) {
2506 fprintf(stderr, "Custom extension error\n");
2515 ERR_print_errors(bio_err);
2518 BIO_free(server_io);
2520 BIO_free(client_io);
2521 BIO_free(s_ssl_bio);
2522 BIO_free(c_ssl_bio);
2524 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2525 ret = (err_in_client != 0) ? 0 : 1;
2526 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2527 ret = (err_in_server != 0) ? 0 : 1;
2537 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2539 char *cbuf = NULL, *sbuf = NULL;
2541 long cw_num = count, cr_num = count;
2542 long sw_num = count, sr_num = count;
2548 int c_r, c_w, s_r, s_w;
2551 int c_write, s_write;
2552 int do_server = 0, do_client = 0;
2553 int max_frag = 5 * 1024;
2554 int err_in_client = 0;
2555 int err_in_server = 0;
2557 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2559 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2561 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2564 c_to_s = BIO_new(BIO_s_mem());
2565 s_to_c = BIO_new(BIO_s_mem());
2566 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2567 ERR_print_errors(bio_err);
2571 c_bio = BIO_new(BIO_f_ssl());
2572 s_bio = BIO_new(BIO_f_ssl());
2573 if ((c_bio == NULL) || (s_bio == NULL)) {
2574 ERR_print_errors(bio_err);
2578 SSL_set_connect_state(c_ssl);
2579 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2580 SSL_set_max_send_fragment(c_ssl, max_frag);
2581 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2583 SSL_set_accept_state(s_ssl);
2584 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2585 SSL_set_max_send_fragment(s_ssl, max_frag);
2586 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2592 c_write = 1, s_write = 0;
2594 /* We can always do writes */
2599 i = (int)BIO_pending(s_bio);
2600 if ((i && s_r) || s_w)
2603 i = (int)BIO_pending(c_bio);
2604 if ((i && c_r) || c_w)
2607 if (do_server && debug) {
2608 if (SSL_in_init(s_ssl))
2609 printf("server waiting in SSL_accept - %s\n",
2610 SSL_state_string_long(s_ssl));
2613 printf("server:SSL_write()\n");
2615 printf("server:SSL_read()\n"); */
2618 if (do_client && debug) {
2619 if (SSL_in_init(c_ssl))
2620 printf("client waiting in SSL_connect - %s\n",
2621 SSL_state_string_long(c_ssl));
2624 printf("client:SSL_write()\n");
2626 printf("client:SSL_read()\n"); */
2629 if (!do_client && !do_server) {
2630 fprintf(stdout, "ERROR IN STARTUP\n");
2631 ERR_print_errors(bio_err);
2634 if (do_client && !(done & C_DONE)) {
2636 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2637 i = BIO_write(c_bio, cbuf, j);
2641 if (BIO_should_retry(c_bio)) {
2642 if (BIO_should_read(c_bio))
2644 if (BIO_should_write(c_bio))
2647 fprintf(stderr, "ERROR in CLIENT\n");
2649 ERR_print_errors(bio_err);
2652 } else if (i == 0) {
2653 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2657 printf("client wrote %d\n", i);
2662 if (max_frag > 1029)
2663 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2666 i = BIO_read(c_bio, cbuf, bufsiz);
2670 if (BIO_should_retry(c_bio)) {
2671 if (BIO_should_read(c_bio))
2673 if (BIO_should_write(c_bio))
2676 fprintf(stderr, "ERROR in CLIENT\n");
2678 ERR_print_errors(bio_err);
2681 } else if (i == 0) {
2682 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2686 printf("client read %d\n", i);
2695 done = S_DONE | C_DONE;
2701 if (do_server && !(done & S_DONE)) {
2703 i = BIO_read(s_bio, sbuf, bufsiz);
2707 if (BIO_should_retry(s_bio)) {
2708 if (BIO_should_read(s_bio))
2710 if (BIO_should_write(s_bio))
2713 fprintf(stderr, "ERROR in SERVER\n");
2715 ERR_print_errors(bio_err);
2718 } else if (i == 0) {
2719 ERR_print_errors(bio_err);
2721 "SSL SERVER STARTUP FAILED in SSL_read\n");
2725 printf("server read %d\n", i);
2738 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2739 i = BIO_write(s_bio, sbuf, j);
2743 if (BIO_should_retry(s_bio)) {
2744 if (BIO_should_read(s_bio))
2746 if (BIO_should_write(s_bio))
2749 fprintf(stderr, "ERROR in SERVER\n");
2751 ERR_print_errors(bio_err);
2754 } else if (i == 0) {
2755 ERR_print_errors(bio_err);
2757 "SSL SERVER STARTUP FAILED in SSL_write\n");
2761 printf("server wrote %d\n", i);
2767 if (max_frag > 1029)
2768 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2773 if ((done & S_DONE) && (done & C_DONE))
2778 print_details(c_ssl, "DONE: ");
2779 #ifndef OPENSSL_NO_NEXTPROTONEG
2780 if (verify_npn(c_ssl, s_ssl) < 0) {
2785 if (verify_serverinfo() < 0) {
2786 fprintf(stderr, "Server info verify error\n");
2790 if (custom_ext_error) {
2791 fprintf(stderr, "Custom extension error\n");
2798 * We have to set the BIO's to NULL otherwise they will be
2799 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2800 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2801 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2802 * SSL_free() automatically BIO_free non NULL entries. You should not
2803 * normally do this or be required to do this
2805 if (s_ssl != NULL) {
2809 if (c_ssl != NULL) {
2816 BIO_free_all(c_bio);
2817 BIO_free_all(s_bio);
2821 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2822 ret = (err_in_client != 0) ? 0 : 1;
2823 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2824 ret = (err_in_server != 0) ? 0 : 1;
2829 static int get_proxy_auth_ex_data_idx(void)
2831 static volatile int idx = -1;
2833 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2835 idx = X509_STORE_CTX_get_ex_new_index(0,
2836 "SSLtest for verify callback",
2839 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2844 static int verify_callback(int ok, X509_STORE_CTX *ctx)
2848 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2852 printf("depth=%d %s\n", ctx->error_depth, buf);
2854 fprintf(stderr, "depth=%d error=%d %s\n",
2855 ctx->error_depth, ctx->error, buf);
2860 switch (ctx->error) {
2862 fprintf(stderr, "Error string: %s\n",
2863 X509_verify_cert_error_string(ctx->error));
2865 case X509_V_ERR_CERT_NOT_YET_VALID:
2866 case X509_V_ERR_CERT_HAS_EXPIRED:
2867 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2873 X509 *xs = ctx->current_cert;
2874 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
2875 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2876 get_proxy_auth_ex_data_idx
2882 PROXY_CERT_INFO_EXTENSION *pci =
2883 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2886 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2887 case NID_Independent:
2889 * Completely meaningless in this program, as there's no
2890 * way to grant explicit rights to a specific PrC.
2891 * Basically, using id-ppl-Independent is the perfect way
2892 * to grant no rights at all.
2894 fprintf(stderr, " Independent proxy certificate");
2895 for (i = 0; i < 26; i++)
2898 case NID_id_ppl_inheritAll:
2900 * This is basically a NOP, we simply let the current
2901 * rights stand as they are.
2903 fprintf(stderr, " Proxy certificate inherits all");
2907 pci->proxyPolicy->policy->data;
2908 i = pci->proxyPolicy->policy->length;
2911 * The algorithm works as follows: it is assumed that
2912 * previous iterations or the initial granted rights has
2913 * already set some elements of `letters'. What we need
2914 * to do is to clear those that weren't granted by the
2915 * current PrC as well. The easiest way to do this is to
2916 * add 1 to all the elements whose letters are given with
2917 * the current policy. That way, all elements that are
2918 * set by the current policy and were already set by
2919 * earlier policies and through the original grant of
2920 * rights will get the value 2 or higher. The last thing
2921 * to do is to sweep through `letters' and keep the
2922 * elements having the value 2 as set, and clear all the
2926 printf(" Certificate proxy rights = %*.*s", i,
2930 if (isascii(c) && isalpha(c)) {
2936 for (i = 0; i < 26; i++)
2944 printf(", resulting proxy rights = ");
2945 for (i = 0; i < 26; i++)
2947 printf("%c", i + 'A');
2954 PROXY_CERT_INFO_EXTENSION_free(pci);
2962 static void process_proxy_debug(int indent, const char *format, ...)
2965 static const char indentation[] =
2966 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2967 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2968 char my_format[256];
2971 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2972 indent, indent, indentation, format);
2974 va_start(args, format);
2975 vfprintf(stderr, my_format, args);
2985 static int process_proxy_cond_adders(unsigned int letters[26],
2986 const char *cond, const char **cond_end,
2987 int *pos, int indent);
2988 static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2989 const char **cond_end, int *pos, int indent)
2995 while (isspace((int)*cond)) {
3002 process_proxy_debug(indent,
3003 "Start process_proxy_cond_val at position %d: %s\n",
3010 while (isspace((int)*cond)) {
3020 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
3025 while (isspace((int)*cond)) {
3032 "Weird condition character in position %d: "
3039 } else if (isascii(c) && isalpha(c)) {
3042 ok = letters[c - 'A'];
3047 "Weird condition character in position %d: " "%c\n", *pos, c);
3053 if (ok >= 0 && negate)
3057 process_proxy_debug(indent,
3058 "End process_proxy_cond_val at position %d: %s, returning %d\n",
3064 static int process_proxy_cond_multipliers(unsigned int letters[26],
3066 const char **cond_end, int *pos,
3073 process_proxy_debug(indent,
3074 "Start process_proxy_cond_multipliers at position %d: %s\n",
3077 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
3083 while (isspace((int)*cond)) {
3097 ok = process_proxy_cond_val(letters,
3098 cond, cond_end, pos, indent + 1);
3111 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3123 process_proxy_debug(indent,
3124 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
3131 static int process_proxy_cond_adders(unsigned int letters[26],
3132 const char *cond, const char **cond_end,
3133 int *pos, int indent)
3139 process_proxy_debug(indent,
3140 "Start process_proxy_cond_adders at position %d: %s\n",
3143 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
3150 while (isspace((int)*cond)) {
3163 ok = process_proxy_cond_multipliers(letters,
3164 cond, cond_end, pos,
3175 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3187 process_proxy_debug(indent,
3188 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
3195 static int process_proxy_cond(unsigned int letters[26],
3196 const char *cond, const char **cond_end)
3199 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3202 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
3205 struct app_verify_arg *cb_arg = arg;
3206 unsigned int letters[26]; /* only used with proxy_auth */
3208 if (cb_arg->app_verify) {
3209 char *s = NULL, buf[256];
3211 printf("In app_verify_callback, allowing cert. ");
3212 printf("Arg is: %s\n", cb_arg->string);
3213 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
3214 (void *)ctx, (void *)ctx->cert);
3216 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
3218 printf("cert depth=%d %s\n", ctx->error_depth, buf);
3222 if (cb_arg->proxy_auth) {
3223 int found_any = 0, i;
3226 for (i = 0; i < 26; i++)
3228 for (sp = cb_arg->proxy_auth; *sp; sp++) {
3230 if (isascii(c) && isalpha(c)) {
3233 letters[c - 'A'] = 1;
3237 printf(" Initial proxy rights = ");
3238 for (i = 0; i < 26; i++)
3240 printf("%c", i + 'A');
3247 X509_STORE_CTX_set_ex_data(ctx,
3248 get_proxy_auth_ex_data_idx(), letters);
3250 if (cb_arg->allow_proxy_certs) {
3251 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
3253 ok = X509_verify_cert(ctx);
3255 if (cb_arg->proxy_auth) {
3257 const char *cond_end = NULL;
3259 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
3265 "Stopped processing condition before it's end.\n");
3270 "Proxy rights check with condition '%s' invalid\n",
3271 cb_arg->proxy_cond);
3273 printf("Proxy rights check with condition '%s' ok\n",
3274 cb_arg->proxy_cond);
3280 #ifndef OPENSSL_NO_DH
3282 * These DH parameters have been generated as follows:
3283 * $ openssl dhparam -C -noout 512
3284 * $ openssl dhparam -C -noout 1024
3285 * $ openssl dhparam -C -noout -dsaparam 1024
3286 * (The third function has been renamed to avoid name conflicts.)
3288 static DH *get_dh512()
3290 static unsigned char dh512_p[] = {
3291 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
3293 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
3295 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
3297 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
3299 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
3301 0x02, 0xC5, 0xAE, 0x23,
3303 static unsigned char dh512_g[] = {
3308 if ((dh = DH_new()) == NULL)
3310 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
3311 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
3312 if ((dh->p == NULL) || (dh->g == NULL)) {
3319 static DH *get_dh1024()
3321 static unsigned char dh1024_p[] = {
3322 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
3324 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
3326 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
3328 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
3330 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
3332 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3334 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3336 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3338 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3340 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3342 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3344 static unsigned char dh1024_g[] = {
3349 if ((dh = DH_new()) == NULL)
3351 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3352 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3353 if ((dh->p == NULL) || (dh->g == NULL)) {
3360 static DH *get_dh1024dsa()
3362 static unsigned char dh1024_p[] = {
3363 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3365 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3367 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3369 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3371 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3373 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3375 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3377 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3379 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3381 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3383 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3385 static unsigned char dh1024_g[] = {
3386 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3388 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3390 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3392 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3394 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3396 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3398 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3400 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3402 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3404 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3406 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3410 if ((dh = DH_new()) == NULL)
3412 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3413 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3414 if ((dh->p == NULL) || (dh->g == NULL)) {
3423 #ifndef OPENSSL_NO_PSK
3424 /* convert the PSK key (psk_key) in ascii to binary (psk) */
3425 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3426 unsigned int max_psk_len)
3431 ret = BN_hex2bn(&bn, pskkey);
3433 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3438 if (BN_num_bytes(bn) > (int)max_psk_len) {
3440 "psk buffer of callback is too small (%d) for key (%d)\n",
3441 max_psk_len, BN_num_bytes(bn));
3445 ret = BN_bn2bin(bn, psk);
3450 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3452 unsigned int max_identity_len,
3454 unsigned int max_psk_len)
3457 unsigned int psk_len = 0;
3459 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3463 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3465 ret = psk_key2bn(psk_key, psk, max_psk_len);
3473 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3475 unsigned int max_psk_len)
3477 unsigned int psk_len = 0;
3479 if (strcmp(identity, "Client_identity") != 0) {
3480 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3483 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3488 static int do_test_cipherlist(void)
3490 #if !defined(OPENSSL_NO_SSL3) || !defined(OPENSSL_NO_TLS1)
3492 const SSL_METHOD *meth;
3493 const SSL_CIPHER *ci, *tci = NULL;
3496 #ifndef OPENSSL_NO_SSL3
3497 meth = SSLv3_method();
3499 while ((ci = meth->get_cipher(i++)) != NULL) {
3501 if (ci->id >= tci->id) {
3502 fprintf(stderr, "testing SSLv3 cipher list order: ");
3503 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
3509 #ifndef OPENSSL_NO_TLS1
3510 meth = TLSv1_method();
3512 while ((ci = meth->get_cipher(i++)) != NULL) {
3514 if (ci->id >= tci->id) {
3515 fprintf(stderr, "testing TLSv1 cipher list order: ");
3516 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
projects / oweals / openssl.git / blob