2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly
144 on Linux and GNU platforms. */
157 #ifdef OPENSSL_SYS_VMS
158 #define _XOPEN_SOURCE 500 /* Or isascii won't be declared properly on
159 VMS (at least with DECompHP C). */
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
184 #include <openssl/bn.h>
186 #define _XOPEN_SOURCE_EXTENDED 1 /* Or gethostname won't be declared properly
187 on Compaq platforms (at least with DEC C).
188 Do not try to put it earlier, or IPv6 includes
192 #ifdef OPENSSL_SYS_WINDOWS
195 #include OPENSSL_UNISTD
198 #ifdef OPENSSL_SYS_VMS
199 # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
200 # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
201 #elif defined(OPENSSL_SYS_WINCE)
202 # define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
203 # define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
204 #elif defined(OPENSSL_SYS_NETWARE)
205 # define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
206 # define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
208 # define TEST_SERVER_CERT "../apps/server.pem"
209 # define TEST_CLIENT_CERT "../apps/client.pem"
212 /* There is really no standard for this, so let's assign some tentative
213 numbers. In any case, these numbers are only for this test */
217 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
218 #ifndef OPENSSL_NO_RSA
219 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
220 static void free_tmp_rsa(void);
222 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
223 #define APP_CALLBACK_STRING "Test Callback Argument"
224 struct app_verify_arg
228 int allow_proxy_certs;
233 #ifndef OPENSSL_NO_DH
234 static DH *get_dh512(void);
235 static DH *get_dh1024(void);
236 static DH *get_dh1024dsa(void);
240 static char *psk_key=NULL; /* by default PSK is not used */
241 #ifndef OPENSSL_NO_PSK
242 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
243 unsigned int max_identity_len, unsigned char *psk,
244 unsigned int max_psk_len);
245 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
246 unsigned int max_psk_len);
249 static BIO *bio_err=NULL;
250 static BIO *bio_stdout=NULL;
252 #ifndef OPENSSL_NO_NPN
253 /* Note that this code assumes that this is only a one element list: */
254 static const char NEXT_PROTO_STRING[] = "\x09testproto";
257 int npn_server_reject = 0;
259 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
261 /* This callback only returns the protocol string, rather than a length
262 prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
263 remove the first byte to chop off the length prefix. */
264 *out = (unsigned char*) NEXT_PROTO_STRING + 1;
265 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
266 return SSL_TLSEXT_ERR_OK;
269 static int cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
271 *data = (const unsigned char *) NEXT_PROTO_STRING;
272 *len = sizeof(NEXT_PROTO_STRING) - 1;
273 return SSL_TLSEXT_ERR_OK;
276 static int cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
278 return SSL_TLSEXT_ERR_NOACK;
281 static int verify_npn(SSL *client, SSL *server)
283 const unsigned char *client_s;
285 const unsigned char *server_s;
288 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
289 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
293 BIO_printf(bio_stdout, "Client NPN: ");
294 BIO_write(bio_stdout, client_s, client_len);
295 BIO_printf(bio_stdout, "\n");
300 BIO_printf(bio_stdout, "Server NPN: ");
301 BIO_write(bio_stdout, server_s, server_len);
302 BIO_printf(bio_stdout, "\n");
305 /* If an NPN string was returned, it must be the protocol that we
306 * expected to negotiate. */
307 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
308 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
310 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
311 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
314 if (!npn_client && client_len)
316 if (!npn_server && server_len)
318 if (npn_server_reject && server_len)
320 if (npn_client && npn_server && (!client_len || !server_len))
327 static char *cipher=NULL;
328 static int verbose=0;
337 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
339 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
340 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
341 static int do_test_cipherlist(void);
342 static void sv_usage(void)
344 fprintf(stderr,"usage: ssltest [args ...]\n");
345 fprintf(stderr,"\n");
346 fprintf(stderr," -server_auth - check server certificate\n");
347 fprintf(stderr," -client_auth - do client authentication\n");
348 fprintf(stderr," -proxy - allow proxy certificates\n");
349 fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
350 fprintf(stderr," -proxy_cond <val> - experssion to test proxy policy rights\n");
351 fprintf(stderr," -v - more output\n");
352 fprintf(stderr," -d - debug output\n");
353 fprintf(stderr," -reuse - use session-id reuse\n");
354 fprintf(stderr," -num <val> - number of connections to perform\n");
355 fprintf(stderr," -bytes <val> - number of bytes to swap between client/server\n");
356 #ifndef OPENSSL_NO_DH
357 fprintf(stderr," -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
358 fprintf(stderr," -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
359 fprintf(stderr," -no_dhe - disable DHE\n");
361 #ifndef OPENSSL_NO_ECDH
362 fprintf(stderr," -no_ecdhe - disable ECDHE\n");
364 #ifndef OPENSSL_NO_PSK
365 fprintf(stderr," -psk arg - PSK in hex (without 0x)\n");
367 #ifndef OPENSSL_NO_SSL2
368 fprintf(stderr," -ssl2 - use SSLv2\n");
370 #ifndef OPENSSL_NO_SSL3
371 fprintf(stderr," -ssl3 - use SSLv3\n");
373 #ifndef OPENSSL_NO_TLS1
374 fprintf(stderr," -tls1 - use TLSv1\n");
376 fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
377 fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
378 fprintf(stderr," -cert arg - Server certificate file\n");
379 fprintf(stderr," -key arg - Server key file (default: same as -cert)\n");
380 fprintf(stderr," -c_cert arg - Client certificate file\n");
381 fprintf(stderr," -c_key arg - Client key file (default: same as -c_cert)\n");
382 fprintf(stderr," -cipher arg - The cipher list\n");
383 fprintf(stderr," -bio_pair - Use BIO pairs\n");
384 fprintf(stderr," -f - Test even cases that can't work\n");
385 fprintf(stderr," -time - measure processor time used by client and server\n");
386 fprintf(stderr," -zlib - use zlib compression\n");
387 fprintf(stderr," -rle - use rle compression\n");
388 #ifndef OPENSSL_NO_ECDH
389 fprintf(stderr," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
390 " Use \"openssl ecparam -list_curves\" for all names\n" \
391 " (default is sect163r2).\n");
393 fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
394 #ifndef OPENSSL_NO_NPN
395 fprintf(stderr," -npn_client - have client side offer NPN\n");
396 fprintf(stderr," -npn_server - have server side offer NPN\n");
397 fprintf(stderr," -npn_server_reject - have server reject NPN\n");
401 static void print_details(SSL *c_ssl, const char *prefix)
403 const SSL_CIPHER *ciph;
406 ciph=SSL_get_current_cipher(c_ssl);
407 BIO_printf(bio_stdout,"%s%s, cipher %s %s",
409 SSL_get_version(c_ssl),
410 SSL_CIPHER_get_version(ciph),
411 SSL_CIPHER_get_name(ciph));
412 cert=SSL_get_peer_certificate(c_ssl);
415 EVP_PKEY *pkey = X509_get_pubkey(cert);
420 #ifndef OPENSSL_NO_RSA
421 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
422 && pkey->pkey.rsa->n != NULL)
424 BIO_printf(bio_stdout, ", %d bit RSA",
425 BN_num_bits(pkey->pkey.rsa->n));
428 #ifndef OPENSSL_NO_DSA
429 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
430 && pkey->pkey.dsa->p != NULL)
432 BIO_printf(bio_stdout, ", %d bit DSA",
433 BN_num_bits(pkey->pkey.dsa->p));
440 /* The SSL API does not allow us to look at temporary RSA/DH keys,
441 * otherwise we should print their lengths too */
442 BIO_printf(bio_stdout,"\n");
445 static void lock_dbg_cb(int mode, int type, const char *file, int line)
447 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
448 const char *errstr = NULL;
451 rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
452 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
454 errstr = "invalid mode";
458 if (type < 0 || type >= CRYPTO_NUM_LOCKS)
460 errstr = "type out of bounds";
464 if (mode & CRYPTO_LOCK)
468 errstr = "already locked";
469 /* must not happen in a single-threaded program
470 * (would deadlock) */
476 else if (mode & CRYPTO_UNLOCK)
480 errstr = "not locked";
484 if (modes[type] != rw)
486 errstr = (rw == CRYPTO_READ) ?
487 "CRYPTO_r_unlock on write lock" :
488 "CRYPTO_w_unlock on read lock";
495 errstr = "invalid mode";
502 /* we cannot use bio_err here */
503 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
504 errstr, mode, type, file, line);
508 #ifdef TLSEXT_TYPE_opaque_prf_input
509 struct cb_info_st { void *input; size_t len; int ret; };
510 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
511 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
512 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
513 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
515 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
517 struct cb_info_st *arg = arg_;
522 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
528 int main(int argc, char *argv[])
530 char *CApath=NULL,*CAfile=NULL;
534 int tls1=0,ssl2=0,ssl3=0,ret=1;
537 struct app_verify_arg app_verify_arg =
538 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
539 char *server_cert=TEST_SERVER_CERT;
540 char *server_key=NULL;
541 char *client_cert=TEST_CLIENT_CERT;
542 char *client_key=NULL;
543 #ifndef OPENSSL_NO_ECDH
544 char *named_curve = NULL;
548 const SSL_METHOD *meth=NULL;
550 int number=1,reuse=0;
552 #ifndef OPENSSL_NO_DH
554 int dhe1024 = 0, dhe1024dsa = 0;
556 #ifndef OPENSSL_NO_ECDH
563 clock_t s_time = 0, c_time = 0;
565 #ifndef OPENSSL_NO_COMP
566 COMP_METHOD *cm = NULL;
567 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
569 int test_cipherlist = 0;
575 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);
577 CRYPTO_set_locking_callback(lock_dbg_cb);
579 /* enable memory leak checking unless explicitly disabled */
580 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
582 CRYPTO_malloc_debug_init();
583 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
587 /* OPENSSL_DEBUG_MEMORY=off */
588 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
590 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
592 RAND_seed(rnd_seed, sizeof rnd_seed);
594 bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
601 if (strcmp(*argv,"-server_auth") == 0)
603 else if (strcmp(*argv,"-client_auth") == 0)
605 else if (strcmp(*argv,"-proxy_auth") == 0)
607 if (--argc < 1) goto bad;
608 app_verify_arg.proxy_auth= *(++argv);
610 else if (strcmp(*argv,"-proxy_cond") == 0)
612 if (--argc < 1) goto bad;
613 app_verify_arg.proxy_cond= *(++argv);
615 else if (strcmp(*argv,"-v") == 0)
617 else if (strcmp(*argv,"-d") == 0)
619 else if (strcmp(*argv,"-reuse") == 0)
621 else if (strcmp(*argv,"-dhe1024") == 0)
623 #ifndef OPENSSL_NO_DH
626 fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
629 else if (strcmp(*argv,"-dhe1024dsa") == 0)
631 #ifndef OPENSSL_NO_DH
634 fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
637 else if (strcmp(*argv,"-no_dhe") == 0)
639 else if (strcmp(*argv,"-no_ecdhe") == 0)
641 else if (strcmp(*argv,"-psk") == 0)
643 if (--argc < 1) goto bad;
645 #ifndef OPENSSL_NO_PSK
646 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
648 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
655 else if (strcmp(*argv,"-ssl2") == 0)
657 else if (strcmp(*argv,"-tls1") == 0)
659 else if (strcmp(*argv,"-ssl3") == 0)
661 else if (strncmp(*argv,"-num",4) == 0)
663 if (--argc < 1) goto bad;
664 number= atoi(*(++argv));
665 if (number == 0) number=1;
667 else if (strcmp(*argv,"-bytes") == 0)
669 if (--argc < 1) goto bad;
670 bytes= atol(*(++argv));
671 if (bytes == 0L) bytes=1L;
673 if (argv[0][i-1] == 'k') bytes*=1024L;
674 if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
676 else if (strcmp(*argv,"-cert") == 0)
678 if (--argc < 1) goto bad;
679 server_cert= *(++argv);
681 else if (strcmp(*argv,"-s_cert") == 0)
683 if (--argc < 1) goto bad;
684 server_cert= *(++argv);
686 else if (strcmp(*argv,"-key") == 0)
688 if (--argc < 1) goto bad;
689 server_key= *(++argv);
691 else if (strcmp(*argv,"-s_key") == 0)
693 if (--argc < 1) goto bad;
694 server_key= *(++argv);
696 else if (strcmp(*argv,"-c_cert") == 0)
698 if (--argc < 1) goto bad;
699 client_cert= *(++argv);
701 else if (strcmp(*argv,"-c_key") == 0)
703 if (--argc < 1) goto bad;
704 client_key= *(++argv);
706 else if (strcmp(*argv,"-cipher") == 0)
708 if (--argc < 1) goto bad;
711 else if (strcmp(*argv,"-CApath") == 0)
713 if (--argc < 1) goto bad;
716 else if (strcmp(*argv,"-CAfile") == 0)
718 if (--argc < 1) goto bad;
721 else if (strcmp(*argv,"-bio_pair") == 0)
725 else if (strcmp(*argv,"-f") == 0)
729 else if (strcmp(*argv,"-time") == 0)
733 else if (strcmp(*argv,"-zlib") == 0)
737 else if (strcmp(*argv,"-rle") == 0)
741 else if (strcmp(*argv,"-named_curve") == 0)
743 if (--argc < 1) goto bad;
744 #ifndef OPENSSL_NO_ECDH
745 named_curve = *(++argv);
747 fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
751 else if (strcmp(*argv,"-app_verify") == 0)
753 app_verify_arg.app_verify = 1;
755 else if (strcmp(*argv,"-proxy") == 0)
757 app_verify_arg.allow_proxy_certs = 1;
759 else if (strcmp(*argv,"-test_cipherlist") == 0)
763 #ifndef OPENSSL_NO_NPN
764 else if (strcmp(*argv,"-npn_client") == 0)
768 else if (strcmp(*argv,"-npn_server") == 0)
772 else if (strcmp(*argv,"-npn_server_reject") == 0)
774 npn_server_reject = 1;
779 fprintf(stderr,"unknown option %s\n",*argv);
793 if (test_cipherlist == 1)
795 /* ensure that the cipher list are correctly sorted and exit */
796 if (do_test_cipherlist() == 0)
802 if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
804 fprintf(stderr, "This case cannot work. Use -f to perform "
805 "the test anyway (and\n-d to see what happens), "
806 "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
807 "to avoid protocol mismatch.\n");
815 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
818 if (number < 50 && !force)
819 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
822 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
825 SSL_load_error_strings();
827 #ifndef OPENSSL_NO_COMP
828 if (comp == COMP_ZLIB) cm = COMP_zlib();
829 if (comp == COMP_RLE) cm = COMP_rle();
832 if (cm->type != NID_undef)
834 if (SSL_COMP_add_compression_method(comp, cm) != 0)
837 "Failed to add compression method\n");
838 ERR_print_errors_fp(stderr);
844 "Warning: %s compression not supported\n",
845 (comp == COMP_RLE ? "rle" :
846 (comp == COMP_ZLIB ? "zlib" :
848 ERR_print_errors_fp(stderr);
851 ssl_comp_methods = SSL_COMP_get_compression_methods();
852 fprintf(stderr, "Available compression methods:\n");
854 int j, n = sk_SSL_COMP_num(ssl_comp_methods);
856 fprintf(stderr, " NONE\n");
858 for (j = 0; j < n; j++)
860 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
861 fprintf(stderr, " %d: %s\n", c->id, c->name);
866 #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
876 meth=SSLv23_method();
878 #ifdef OPENSSL_NO_SSL2
885 c_ctx=SSL_CTX_new(meth);
886 s_ctx=SSL_CTX_new(meth);
887 if ((c_ctx == NULL) || (s_ctx == NULL))
889 ERR_print_errors(bio_err);
895 SSL_CTX_set_cipher_list(c_ctx,cipher);
896 SSL_CTX_set_cipher_list(s_ctx,cipher);
899 #ifndef OPENSSL_NO_DH
904 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
905 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
912 SSL_CTX_set_tmp_dh(s_ctx,dh);
919 #ifndef OPENSSL_NO_ECDH
924 if (named_curve != NULL)
926 nid = OBJ_sn2nid(named_curve);
929 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
936 ecdh = EC_KEY_new_by_curve_name(nid);
939 BIO_printf(bio_err, "unable to create curve\n");
943 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
944 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
951 #ifndef OPENSSL_NO_RSA
952 SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
955 #ifdef TLSEXT_TYPE_opaque_prf_input
956 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
957 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
958 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
959 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
962 if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
964 ERR_print_errors(bio_err);
966 else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
967 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
969 ERR_print_errors(bio_err);
975 SSL_CTX_use_certificate_file(c_ctx,client_cert,
977 SSL_CTX_use_PrivateKey_file(c_ctx,
978 (client_key?client_key:client_cert),
982 if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
983 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
984 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
985 (!SSL_CTX_set_default_verify_paths(c_ctx)))
987 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
988 ERR_print_errors(bio_err);
994 BIO_printf(bio_err,"client authentication\n");
995 SSL_CTX_set_verify(s_ctx,
996 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
998 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1002 BIO_printf(bio_err,"server authentication\n");
1003 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1005 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1009 int session_id_context = 0;
1010 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1013 /* Use PSK only if PSK key is given */
1014 if (psk_key != NULL)
1016 /* no_psk is used to avoid putting psk command to openssl tool */
1019 /* if PSK is not compiled in and psk key is
1020 * given, do nothing and exit successfully */
1024 #ifndef OPENSSL_NO_PSK
1025 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1026 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1028 BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1029 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1031 BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1032 ERR_print_errors(bio_err);
1038 #ifndef OPENSSL_NO_NPN
1041 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1045 if (npn_server_reject)
1047 BIO_printf(bio_err, "Can't have both -npn_server and -npn_server_reject\n");
1050 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1052 if (npn_server_reject)
1054 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1058 c_ssl=SSL_new(c_ctx);
1059 s_ssl=SSL_new(s_ctx);
1061 #ifndef OPENSSL_NO_KRB5
1062 if (c_ssl && c_ssl->kssl_ctx)
1064 char localhost[MAXHOSTNAMELEN+2];
1066 if (gethostname(localhost, sizeof localhost-1) == 0)
1068 localhost[sizeof localhost-1]='\0';
1069 if(strlen(localhost) == sizeof localhost-1)
1071 BIO_printf(bio_err,"localhost name too long\n");
1074 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1078 #endif /* OPENSSL_NO_KRB5 */
1080 for (i=0; i<number; i++)
1082 if (!reuse) SSL_set_session(c_ssl,NULL);
1084 ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1086 ret=doit(s_ssl,c_ssl,bytes);
1091 print_details(c_ssl, "");
1093 if ((number > 1) || (bytes > 1L))
1094 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1097 #ifdef CLOCKS_PER_SEC
1098 /* "To determine the time in seconds, the value returned
1099 * by the clock function should be divided by the value
1100 * of the macro CLOCKS_PER_SEC."
1101 * -- ISO/IEC 9899 */
1102 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1103 "Approximate total client time: %6.2f s\n",
1104 (double)s_time/CLOCKS_PER_SEC,
1105 (double)c_time/CLOCKS_PER_SEC);
1107 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
1108 * -- cc on NeXTstep/OpenStep */
1109 BIO_printf(bio_stdout,
1110 "Approximate total server time: %6.2f units\n"
1111 "Approximate total client time: %6.2f units\n",
1121 if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1122 if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1124 if (bio_stdout != NULL) BIO_free(bio_stdout);
1126 #ifndef OPENSSL_NO_RSA
1129 #ifndef OPENSSL_NO_ENGINE
1132 CRYPTO_cleanup_all_ex_data();
1134 ERR_remove_thread_state(NULL);
1136 CRYPTO_mem_leaks(bio_err);
1137 if (bio_err != NULL) BIO_free(bio_err);
1142 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1143 clock_t *s_time, clock_t *c_time)
1145 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1146 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1147 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1150 size_t bufsiz = 256; /* small buffer for testing */
1152 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1154 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1157 s_ssl_bio = BIO_new(BIO_f_ssl());
1161 c_ssl_bio = BIO_new(BIO_f_ssl());
1165 SSL_set_connect_state(c_ssl);
1166 SSL_set_bio(c_ssl, client, client);
1167 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1169 SSL_set_accept_state(s_ssl);
1170 SSL_set_bio(s_ssl, server, server);
1171 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1175 /* c_ssl_bio: SSL filter BIO
1177 * client: pseudo-I/O for SSL library
1179 * client_io: client's SSL communication; usually to be
1180 * relayed over some I/O facility, but in this
1181 * test program, we're the server, too:
1183 * server_io: server's SSL communication
1185 * server: pseudo-I/O for SSL library
1187 * s_ssl_bio: SSL filter BIO
1189 * The client and the server each employ a "BIO pair":
1190 * client + client_io, server + server_io.
1191 * BIO pairs are symmetric. A BIO pair behaves similar
1192 * to a non-blocking socketpair (but both endpoints must
1193 * be handled by the same thread).
1194 * [Here we could connect client and server to the ends
1195 * of a single BIO pair, but then this code would be less
1196 * suitable as an example for BIO pairs in general.]
1198 * Useful functions for querying the state of BIO pair endpoints:
1200 * BIO_ctrl_pending(bio) number of bytes we can read now
1201 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1202 * other side's read attempt
1203 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1205 * ..._read_request is never more than ..._write_guarantee;
1206 * it depends on the application which one you should use.
1209 /* We have non-blocking behaviour throughout this test program, but
1210 * can be sure that there is *some* progress in each iteration; so
1211 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1212 * -- we just try everything in each iteration
1218 MS_STATIC char cbuf[1024*8];
1220 clock_t c_clock = clock();
1222 memset(cbuf, 0, sizeof(cbuf));
1225 if (SSL_in_init(c_ssl))
1226 printf("client waiting in SSL_connect - %s\n",
1227 SSL_state_string_long(c_ssl));
1231 /* Write to server. */
1233 if (cw_num > (long)sizeof cbuf)
1237 r = BIO_write(c_ssl_bio, cbuf, i);
1240 if (!BIO_should_retry(c_ssl_bio))
1242 fprintf(stderr,"ERROR in CLIENT\n");
1245 /* BIO_should_retry(...) can just be ignored here.
1246 * The library expects us to call BIO_write with
1247 * the same arguments again, and that's what we will
1248 * do in the next iteration. */
1252 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1258 printf("client wrote %d\n", r);
1265 /* Read from server. */
1267 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1270 if (!BIO_should_retry(c_ssl_bio))
1272 fprintf(stderr,"ERROR in CLIENT\n");
1275 /* Again, "BIO_should_retry" can be ignored. */
1279 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1285 printf("client read %d\n", r);
1290 /* c_time and s_time increments will typically be very small
1291 * (depending on machine speed and clock tick intervals),
1292 * but sampling over a large number of connections should
1293 * result in fairly accurate figures. We cannot guarantee
1294 * a lot, however -- if each connection lasts for exactly
1295 * one clock tick, it will be counted only for the client
1296 * or only for the server or even not at all.
1298 *c_time += (clock() - c_clock);
1304 MS_STATIC char sbuf[1024*8];
1306 clock_t s_clock = clock();
1308 memset(sbuf, 0, sizeof(sbuf));
1311 if (SSL_in_init(s_ssl))
1312 printf("server waiting in SSL_accept - %s\n",
1313 SSL_state_string_long(s_ssl));
1317 /* Write to client. */
1319 if (sw_num > (long)sizeof sbuf)
1323 r = BIO_write(s_ssl_bio, sbuf, i);
1326 if (!BIO_should_retry(s_ssl_bio))
1328 fprintf(stderr,"ERROR in SERVER\n");
1331 /* Ignore "BIO_should_retry". */
1335 fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
1341 printf("server wrote %d\n", r);
1348 /* Read from client. */
1350 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
1353 if (!BIO_should_retry(s_ssl_bio))
1355 fprintf(stderr,"ERROR in SERVER\n");
1362 fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
1368 printf("server read %d\n", r);
1373 *s_time += (clock() - s_clock);
1377 /* "I/O" BETWEEN CLIENT AND SERVER. */
1380 BIO *io1 = server_io, *io2 = client_io;
1381 /* we use the non-copying interface for io1
1382 * and the standard BIO_write/BIO_read interface for io2
1385 static int prev_progress = 1;
1394 r1 = BIO_ctrl_pending(io1);
1395 r2 = BIO_ctrl_get_write_guarantee(io2);
1404 if (INT_MAX < num) /* yeah, right */
1407 r = BIO_nread(io1, &dataptr, (int)num);
1409 assert(r <= (int)num);
1410 /* possibly r < num (non-contiguous data) */
1412 r = BIO_write(io2, dataptr, (int)num);
1413 if (r != (int)num) /* can't happen */
1415 fprintf(stderr, "ERROR: BIO_write could not write "
1416 "BIO_ctrl_get_write_guarantee() bytes");
1422 printf((io1 == client_io) ?
1423 "C->S relaying: %d bytes\n" :
1424 "S->C relaying: %d bytes\n",
1435 r1 = BIO_ctrl_pending(io2);
1436 r2 = BIO_ctrl_get_read_request(io1);
1437 /* here we could use ..._get_write_guarantee instead of
1438 * ..._get_read_request, but by using the latter
1439 * we test restartability of the SSL implementation
1440 * more thoroughly */
1452 --num; /* test restartability even more thoroughly */
1454 r = BIO_nwrite0(io1, &dataptr);
1458 r = BIO_read(io2, dataptr, (int)num);
1459 if (r != (int)num) /* can't happen */
1461 fprintf(stderr, "ERROR: BIO_read could not read "
1462 "BIO_ctrl_pending() bytes");
1466 r = BIO_nwrite(io1, &dataptr, (int)num);
1467 if (r != (int)num) /* can't happen */
1469 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
1470 "BIO_nwrite0() bytes");
1475 printf((io2 == client_io) ?
1476 "C->S relaying: %d bytes\n" :
1477 "S->C relaying: %d bytes\n",
1480 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
1482 if (!progress && !prev_progress)
1483 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
1485 fprintf(stderr, "ERROR: got stuck\n");
1486 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
1488 fprintf(stderr, "This can happen for SSL2 because "
1489 "CLIENT-FINISHED and SERVER-VERIFY are written \n"
1490 "concurrently ...");
1491 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
1492 && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
1494 fprintf(stderr, " ok.\n");
1498 fprintf(stderr, " ERROR.\n");
1501 prev_progress = progress;
1504 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
1507 print_details(c_ssl, "DONE via BIO pair: ");
1508 #ifndef OPENSSL_NO_NPN
1509 if (verify_npn(c_ssl, s_ssl) < 0)
1519 ERR_print_errors(bio_err);
1524 BIO_free(server_io);
1528 BIO_free(client_io);
1530 BIO_free(s_ssl_bio);
1532 BIO_free(c_ssl_bio);
1543 int doit(SSL *s_ssl, SSL *c_ssl, long count)
1545 MS_STATIC char cbuf[1024*8],sbuf[1024*8];
1546 long cw_num=count,cr_num=count;
1547 long sw_num=count,sr_num=count;
1553 int c_r,c_w,s_r,s_w;
1556 int c_write,s_write;
1557 int do_server=0,do_client=0;
1559 memset(cbuf,0,sizeof(cbuf));
1560 memset(sbuf,0,sizeof(sbuf));
1562 c_to_s=BIO_new(BIO_s_mem());
1563 s_to_c=BIO_new(BIO_s_mem());
1564 if ((s_to_c == NULL) || (c_to_s == NULL))
1566 ERR_print_errors(bio_err);
1570 c_bio=BIO_new(BIO_f_ssl());
1571 s_bio=BIO_new(BIO_f_ssl());
1572 if ((c_bio == NULL) || (s_bio == NULL))
1574 ERR_print_errors(bio_err);
1578 SSL_set_connect_state(c_ssl);
1579 SSL_set_bio(c_ssl,s_to_c,c_to_s);
1580 BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
1582 SSL_set_accept_state(s_ssl);
1583 SSL_set_bio(s_ssl,c_to_s,s_to_c);
1584 BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
1588 c_write=1,s_write=0;
1590 /* We can always do writes */
1596 i=(int)BIO_pending(s_bio);
1597 if ((i && s_r) || s_w) do_server=1;
1599 i=(int)BIO_pending(c_bio);
1600 if ((i && c_r) || c_w) do_client=1;
1602 if (do_server && debug)
1604 if (SSL_in_init(s_ssl))
1605 printf("server waiting in SSL_accept - %s\n",
1606 SSL_state_string_long(s_ssl));
1607 /* else if (s_write)
1608 printf("server:SSL_write()\n");
1610 printf("server:SSL_read()\n"); */
1613 if (do_client && debug)
1615 if (SSL_in_init(c_ssl))
1616 printf("client waiting in SSL_connect - %s\n",
1617 SSL_state_string_long(c_ssl));
1618 /* else if (c_write)
1619 printf("client:SSL_write()\n");
1621 printf("client:SSL_read()\n"); */
1624 if (!do_client && !do_server)
1626 fprintf(stdout,"ERROR IN STARTUP\n");
1627 ERR_print_errors(bio_err);
1630 if (do_client && !(done & C_DONE))
1634 j = (cw_num > (long)sizeof(cbuf)) ?
1635 (int)sizeof(cbuf) : (int)cw_num;
1636 i=BIO_write(c_bio,cbuf,j);
1641 if (BIO_should_retry(c_bio))
1643 if (BIO_should_read(c_bio))
1645 if (BIO_should_write(c_bio))
1650 fprintf(stderr,"ERROR in CLIENT\n");
1651 ERR_print_errors(bio_err);
1657 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1663 printf("client wrote %d\n",i);
1672 i=BIO_read(c_bio,cbuf,sizeof(cbuf));
1677 if (BIO_should_retry(c_bio))
1679 if (BIO_should_read(c_bio))
1681 if (BIO_should_write(c_bio))
1686 fprintf(stderr,"ERROR in CLIENT\n");
1687 ERR_print_errors(bio_err);
1693 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1699 printf("client read %d\n",i);
1716 if (do_server && !(done & S_DONE))
1720 i=BIO_read(s_bio,sbuf,sizeof(cbuf));
1725 if (BIO_should_retry(s_bio))
1727 if (BIO_should_read(s_bio))
1729 if (BIO_should_write(s_bio))
1734 fprintf(stderr,"ERROR in SERVER\n");
1735 ERR_print_errors(bio_err);
1741 ERR_print_errors(bio_err);
1742 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
1748 printf("server read %d\n",i);
1765 j = (sw_num > (long)sizeof(sbuf)) ?
1766 (int)sizeof(sbuf) : (int)sw_num;
1767 i=BIO_write(s_bio,sbuf,j);
1772 if (BIO_should_retry(s_bio))
1774 if (BIO_should_read(s_bio))
1776 if (BIO_should_write(s_bio))
1781 fprintf(stderr,"ERROR in SERVER\n");
1782 ERR_print_errors(bio_err);
1788 ERR_print_errors(bio_err);
1789 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
1795 printf("server wrote %d\n",i);
1805 if ((done & S_DONE) && (done & C_DONE)) break;
1809 print_details(c_ssl, "DONE: ");
1810 #ifndef OPENSSL_NO_NPN
1811 if (verify_npn(c_ssl, s_ssl) < 0)
1819 /* We have to set the BIO's to NULL otherwise they will be
1820 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and
1821 * again when c_ssl is SSL_free()ed.
1822 * This is a hack required because s_ssl and c_ssl are sharing the same
1823 * BIO structure and SSL_set_bio() and SSL_free() automatically
1824 * BIO_free non NULL entries.
1825 * You should not normally do this or be required to do this */
1837 if (c_to_s != NULL) BIO_free(c_to_s);
1838 if (s_to_c != NULL) BIO_free(s_to_c);
1839 if (c_bio != NULL) BIO_free_all(c_bio);
1840 if (s_bio != NULL) BIO_free_all(s_bio);
1844 static int get_proxy_auth_ex_data_idx(void)
1846 static volatile int idx = -1;
1849 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
1852 idx = X509_STORE_CTX_get_ex_new_index(0,
1853 "SSLtest for verify callback", NULL,NULL,NULL);
1855 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
1860 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
1864 s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
1869 fprintf(stderr,"depth=%d %s\n",
1870 ctx->error_depth,buf);
1873 fprintf(stderr,"depth=%d error=%d %s\n",
1874 ctx->error_depth,ctx->error,buf);
1880 fprintf(stderr,"Error string: %s\n",
1881 X509_verify_cert_error_string(ctx->error));
1884 case X509_V_ERR_CERT_NOT_YET_VALID:
1885 case X509_V_ERR_CERT_HAS_EXPIRED:
1886 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
1887 fprintf(stderr," ... ignored.\n");
1894 X509 *xs = ctx->current_cert;
1896 X509 *xi = ctx->current_issuer;
1899 if (xs->ex_flags & EXFLAG_PROXY)
1901 unsigned int *letters =
1902 X509_STORE_CTX_get_ex_data(ctx,
1903 get_proxy_auth_ex_data_idx());
1909 PROXY_CERT_INFO_EXTENSION *pci =
1910 X509_get_ext_d2i(xs, NID_proxyCertInfo,
1913 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
1915 case NID_Independent:
1916 /* Completely meaningless in this
1917 program, as there's no way to
1918 grant explicit rights to a
1919 specific PrC. Basically, using
1920 id-ppl-Independent is the perfect
1921 way to grant no rights at all. */
1922 fprintf(stderr, " Independent proxy certificate");
1923 for (i = 0; i < 26; i++)
1926 case NID_id_ppl_inheritAll:
1927 /* This is basically a NOP, we
1928 simply let the current rights
1929 stand as they are. */
1930 fprintf(stderr, " Proxy certificate inherits all");
1934 pci->proxyPolicy->policy->data;
1935 i = pci->proxyPolicy->policy->length;
1937 /* The algorithm works as follows:
1938 it is assumed that previous
1939 iterations or the initial granted
1940 rights has already set some elements
1941 of `letters'. What we need to do is
1942 to clear those that weren't granted
1943 by the current PrC as well. The
1944 easiest way to do this is to add 1
1945 to all the elements whose letters
1946 are given with the current policy.
1947 That way, all elements that are set
1948 by the current policy and were
1949 already set by earlier policies and
1950 through the original grant of rights
1951 will get the value 2 or higher.
1952 The last thing to do is to sweep
1953 through `letters' and keep the
1954 elements having the value 2 as set,
1955 and clear all the others. */
1957 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
1961 if (isascii(c) && isalpha(c))
1968 for (i = 0; i < 26; i++)
1977 ", resulting proxy rights = ");
1978 for(i = 0; i < 26; i++)
1981 fprintf(stderr, "%c", i + 'A');
1985 fprintf(stderr, "none");
1986 fprintf(stderr, "\n");
1988 PROXY_CERT_INFO_EXTENSION_free(pci);
1996 static void process_proxy_debug(int indent, const char *format, ...)
1998 static const char indentation[] =
1999 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2000 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
2001 char my_format[256];
2004 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2005 indent, indent, indentation, format);
2007 va_start(args, format);
2008 vfprintf(stderr, my_format, args);
2016 static int process_proxy_cond_adders(unsigned int letters[26],
2017 const char *cond, const char **cond_end, int *pos, int indent);
2018 static int process_proxy_cond_val(unsigned int letters[26],
2019 const char *cond, const char **cond_end, int *pos, int indent)
2025 while(isspace((int)*cond))
2032 process_proxy_debug(indent,
2033 "Start process_proxy_cond_val at position %d: %s\n",
2040 while(isspace((int)*cond))
2050 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2055 while(isspace((int)*cond))
2063 "Weird condition character in position %d: "
2070 else if (isascii(c) && isalpha(c))
2074 ok = letters[c - 'A'];
2080 "Weird condition character in position %d: "
2087 if (ok >= 0 && negate)
2091 process_proxy_debug(indent,
2092 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2097 static int process_proxy_cond_multipliers(unsigned int letters[26],
2098 const char *cond, const char **cond_end, int *pos, int indent)
2104 process_proxy_debug(indent,
2105 "Start process_proxy_cond_multipliers at position %d: %s\n",
2108 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2115 while(isspace((int)*cond))
2129 ok = process_proxy_cond_val(letters,
2130 cond, cond_end, pos, indent + 1);
2144 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2156 process_proxy_debug(indent,
2157 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2163 static int process_proxy_cond_adders(unsigned int letters[26],
2164 const char *cond, const char **cond_end, int *pos, int indent)
2170 process_proxy_debug(indent,
2171 "Start process_proxy_cond_adders at position %d: %s\n",
2174 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2182 while(isspace((int)*cond))
2195 ok = process_proxy_cond_multipliers(letters,
2196 cond, cond_end, pos, indent + 1);
2207 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2219 process_proxy_debug(indent,
2220 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2227 static int process_proxy_cond(unsigned int letters[26],
2228 const char *cond, const char **cond_end)
2231 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2234 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2237 struct app_verify_arg *cb_arg = arg;
2238 unsigned int letters[26]; /* only used with proxy_auth */
2240 if (cb_arg->app_verify)
2242 char *s = NULL,buf[256];
2244 fprintf(stderr, "In app_verify_callback, allowing cert. ");
2245 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
2246 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2247 (void *)ctx, (void *)ctx->cert);
2249 s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
2252 fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
2256 if (cb_arg->proxy_auth)
2258 int found_any = 0, i;
2261 for(i = 0; i < 26; i++)
2263 for(sp = cb_arg->proxy_auth; *sp; sp++)
2266 if (isascii(c) && isalpha(c))
2270 letters[c - 'A'] = 1;
2275 " Initial proxy rights = ");
2276 for(i = 0; i < 26; i++)
2279 fprintf(stderr, "%c", i + 'A');
2283 fprintf(stderr, "none");
2284 fprintf(stderr, "\n");
2286 X509_STORE_CTX_set_ex_data(ctx,
2287 get_proxy_auth_ex_data_idx(),letters);
2289 if (cb_arg->allow_proxy_certs)
2291 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2294 #ifndef OPENSSL_NO_X509_VERIFY
2295 # ifdef OPENSSL_FIPS
2296 if(s->version == TLS1_VERSION)
2299 ok = X509_verify_cert(ctx);
2300 # ifdef OPENSSL_FIPS
2301 if(s->version == TLS1_VERSION)
2306 if (cb_arg->proxy_auth)
2310 const char *cond_end = NULL;
2312 ok = process_proxy_cond(letters,
2313 cb_arg->proxy_cond, &cond_end);
2319 fprintf(stderr, "Stopped processing condition before it's end.\n");
2323 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
2324 cb_arg->proxy_cond);
2326 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
2327 cb_arg->proxy_cond);
2333 #ifndef OPENSSL_NO_RSA
2334 static RSA *rsa_tmp=NULL;
2336 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2339 if (rsa_tmp == NULL)
2342 rsa_tmp = RSA_new();
2343 if(!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4))
2345 BIO_printf(bio_err, "Memory error...");
2348 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
2349 (void)BIO_flush(bio_err);
2350 if(!RSA_generate_key_ex(rsa_tmp,keylength,bn,NULL))
2352 BIO_printf(bio_err, "Error generating key.");
2357 BIO_printf(bio_err,"\n");
2358 (void)BIO_flush(bio_err);
2364 static void free_tmp_rsa(void)
2366 if (rsa_tmp != NULL)
2374 #ifndef OPENSSL_NO_DH
2375 /* These DH parameters have been generated as follows:
2376 * $ openssl dhparam -C -noout 512
2377 * $ openssl dhparam -C -noout 1024
2378 * $ openssl dhparam -C -noout -dsaparam 1024
2379 * (The third function has been renamed to avoid name conflicts.)
2381 static DH *get_dh512()
2383 static unsigned char dh512_p[]={
2384 0xCB,0xC8,0xE1,0x86,0xD0,0x1F,0x94,0x17,0xA6,0x99,0xF0,0xC6,
2385 0x1F,0x0D,0xAC,0xB6,0x25,0x3E,0x06,0x39,0xCA,0x72,0x04,0xB0,
2386 0x6E,0xDA,0xC0,0x61,0xE6,0x7A,0x77,0x25,0xE8,0x3B,0xB9,0x5F,
2387 0x9A,0xB6,0xB5,0xFE,0x99,0x0B,0xA1,0x93,0x4E,0x35,0x33,0xB8,
2388 0xE1,0xF1,0x13,0x4F,0x59,0x1A,0xD2,0x57,0xC0,0x26,0x21,0x33,
2389 0x02,0xC5,0xAE,0x23,
2391 static unsigned char dh512_g[]={
2396 if ((dh=DH_new()) == NULL) return(NULL);
2397 dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
2398 dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
2399 if ((dh->p == NULL) || (dh->g == NULL))
2400 { DH_free(dh); return(NULL); }
2404 static DH *get_dh1024()
2406 static unsigned char dh1024_p[]={
2407 0xF8,0x81,0x89,0x7D,0x14,0x24,0xC5,0xD1,0xE6,0xF7,0xBF,0x3A,
2408 0xE4,0x90,0xF4,0xFC,0x73,0xFB,0x34,0xB5,0xFA,0x4C,0x56,0xA2,
2409 0xEA,0xA7,0xE9,0xC0,0xC0,0xCE,0x89,0xE1,0xFA,0x63,0x3F,0xB0,
2410 0x6B,0x32,0x66,0xF1,0xD1,0x7B,0xB0,0x00,0x8F,0xCA,0x87,0xC2,
2411 0xAE,0x98,0x89,0x26,0x17,0xC2,0x05,0xD2,0xEC,0x08,0xD0,0x8C,
2412 0xFF,0x17,0x52,0x8C,0xC5,0x07,0x93,0x03,0xB1,0xF6,0x2F,0xB8,
2413 0x1C,0x52,0x47,0x27,0x1B,0xDB,0xD1,0x8D,0x9D,0x69,0x1D,0x52,
2414 0x4B,0x32,0x81,0xAA,0x7F,0x00,0xC8,0xDC,0xE6,0xD9,0xCC,0xC1,
2415 0x11,0x2D,0x37,0x34,0x6C,0xEA,0x02,0x97,0x4B,0x0E,0xBB,0xB1,
2416 0x71,0x33,0x09,0x15,0xFD,0xDD,0x23,0x87,0x07,0x5E,0x89,0xAB,
2417 0x6B,0x7C,0x5F,0xEC,0xA6,0x24,0xDC,0x53,
2419 static unsigned char dh1024_g[]={
2424 if ((dh=DH_new()) == NULL) return(NULL);
2425 dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
2426 dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
2427 if ((dh->p == NULL) || (dh->g == NULL))
2428 { DH_free(dh); return(NULL); }
2432 static DH *get_dh1024dsa()
2434 static unsigned char dh1024_p[]={
2435 0xC8,0x00,0xF7,0x08,0x07,0x89,0x4D,0x90,0x53,0xF3,0xD5,0x00,
2436 0x21,0x1B,0xF7,0x31,0xA6,0xA2,0xDA,0x23,0x9A,0xC7,0x87,0x19,
2437 0x3B,0x47,0xB6,0x8C,0x04,0x6F,0xFF,0xC6,0x9B,0xB8,0x65,0xD2,
2438 0xC2,0x5F,0x31,0x83,0x4A,0xA7,0x5F,0x2F,0x88,0x38,0xB6,0x55,
2439 0xCF,0xD9,0x87,0x6D,0x6F,0x9F,0xDA,0xAC,0xA6,0x48,0xAF,0xFC,
2440 0x33,0x84,0x37,0x5B,0x82,0x4A,0x31,0x5D,0xE7,0xBD,0x52,0x97,
2441 0xA1,0x77,0xBF,0x10,0x9E,0x37,0xEA,0x64,0xFA,0xCA,0x28,0x8D,
2442 0x9D,0x3B,0xD2,0x6E,0x09,0x5C,0x68,0xC7,0x45,0x90,0xFD,0xBB,
2443 0x70,0xC9,0x3A,0xBB,0xDF,0xD4,0x21,0x0F,0xC4,0x6A,0x3C,0xF6,
2444 0x61,0xCF,0x3F,0xD6,0x13,0xF1,0x5F,0xBC,0xCF,0xBC,0x26,0x9E,
2445 0xBC,0x0B,0xBD,0xAB,0x5D,0xC9,0x54,0x39,
2447 static unsigned char dh1024_g[]={
2448 0x3B,0x40,0x86,0xE7,0xF3,0x6C,0xDE,0x67,0x1C,0xCC,0x80,0x05,
2449 0x5A,0xDF,0xFE,0xBD,0x20,0x27,0x74,0x6C,0x24,0xC9,0x03,0xF3,
2450 0xE1,0x8D,0xC3,0x7D,0x98,0x27,0x40,0x08,0xB8,0x8C,0x6A,0xE9,
2451 0xBB,0x1A,0x3A,0xD6,0x86,0x83,0x5E,0x72,0x41,0xCE,0x85,0x3C,
2452 0xD2,0xB3,0xFC,0x13,0xCE,0x37,0x81,0x9E,0x4C,0x1C,0x7B,0x65,
2453 0xD3,0xE6,0xA6,0x00,0xF5,0x5A,0x95,0x43,0x5E,0x81,0xCF,0x60,
2454 0xA2,0x23,0xFC,0x36,0xA7,0x5D,0x7A,0x4C,0x06,0x91,0x6E,0xF6,
2455 0x57,0xEE,0x36,0xCB,0x06,0xEA,0xF5,0x3D,0x95,0x49,0xCB,0xA7,
2456 0xDD,0x81,0xDF,0x80,0x09,0x4A,0x97,0x4D,0xA8,0x22,0x72,0xA1,
2457 0x7F,0xC4,0x70,0x56,0x70,0xE8,0x20,0x10,0x18,0x8F,0x2E,0x60,
2458 0x07,0xE7,0x68,0x1A,0x82,0x5D,0x32,0xA2,
2462 if ((dh=DH_new()) == NULL) return(NULL);
2463 dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
2464 dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
2465 if ((dh->p == NULL) || (dh->g == NULL))
2466 { DH_free(dh); return(NULL); }
2472 #ifndef OPENSSL_NO_PSK
2473 /* convert the PSK key (psk_key) in ascii to binary (psk) */
2474 static int psk_key2bn(const char *pskkey, unsigned char *psk,
2475 unsigned int max_psk_len)
2480 ret = BN_hex2bn(&bn, pskkey);
2483 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", pskkey);
2488 if (BN_num_bytes(bn) > (int)max_psk_len)
2490 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
2491 max_psk_len, BN_num_bytes(bn));
2495 ret = BN_bn2bin(bn, psk);
2500 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
2501 unsigned int max_identity_len, unsigned char *psk,
2502 unsigned int max_psk_len)
2505 unsigned int psk_len = 0;
2507 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
2511 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, ret);
2512 ret = psk_key2bn(psk_key, psk, max_psk_len);
2520 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
2521 unsigned char *psk, unsigned int max_psk_len)
2523 unsigned int psk_len=0;
2525 if (strcmp(identity, "Client_identity") != 0)
2527 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
2530 psk_len=psk_key2bn(psk_key, psk, max_psk_len);
2535 static int do_test_cipherlist(void)
2538 const SSL_METHOD *meth;
2539 const SSL_CIPHER *ci, *tci = NULL;
2541 #ifndef OPENSSL_NO_SSL2
2542 fprintf(stderr, "testing SSLv2 cipher list order: ");
2543 meth = SSLv2_method();
2544 while ((ci = meth->get_cipher(i++)) != NULL)
2547 if (ci->id >= tci->id)
2549 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
2554 fprintf(stderr, "ok\n");
2556 #ifndef OPENSSL_NO_SSL3
2557 fprintf(stderr, "testing SSLv3 cipher list order: ");
2558 meth = SSLv3_method();
2560 while ((ci = meth->get_cipher(i++)) != NULL)
2563 if (ci->id >= tci->id)
2565 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
2570 fprintf(stderr, "ok\n");
2572 #ifndef OPENSSL_NO_TLS1
2573 fprintf(stderr, "testing TLSv1 cipher list order: ");
2574 meth = TLSv1_method();
2576 while ((ci = meth->get_cipher(i++)) != NULL)
2579 if (ci->id >= tci->id)
2581 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
2586 fprintf(stderr, "ok\n");