X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=apps%2Fs_cb.c;h=49f3acd65f81200a65373db1e6f7dfe8f122a0cd;hb=0aeddcfa61250a6c474c4f8b3533772a63192f1b;hp=b8e1ccc1f236c9b17fb76c1e5bb467aaa6a53b3d;hpb=7429b3989d21a259ee0da00d9c626a09730aad8b;p=openssl.git diff --git a/apps/s_cb.c b/apps/s_cb.c index b8e1ccc1f2..49f3acd65f 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -131,8 +131,10 @@ int verify_depth = 0; int verify_quiet = 0; int verify_error = X509_V_OK; int verify_return_error = 0; +#ifndef OPENSSL_NO_SOCK static unsigned char cookie_secret[COOKIE_SECRET_LENGTH]; static int cookie_initialized = 0; +#endif static const char *lookup(int val, const STRINT_PAIR* list, const char* def) { @@ -167,7 +169,7 @@ int verify_callback(int ok, X509_STORE_CTX *ctx) if (verify_depth >= depth) { if (!verify_return_error) ok = 1; - verify_error = X509_V_OK; + verify_error = err; } else { ok = 0; verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG; @@ -711,6 +713,7 @@ static STRINT_PAIR tlsext_types[] = { {"heartbeat", TLSEXT_TYPE_heartbeat}, {"session ticket", TLSEXT_TYPE_session_ticket}, {"renegotiation info", TLSEXT_TYPE_renegotiate}, + {"signed certificate timestamps", TLSEXT_TYPE_signed_certificate_timestamp}, {"TLS padding", TLSEXT_TYPE_padding}, #ifdef TLSEXT_TYPE_next_proto_neg {"next protocol", TLSEXT_TYPE_next_proto_neg}, @@ -740,6 +743,7 @@ void tlsext_cb(SSL *s, int client_server, int type, (void)BIO_flush(bio); } +#ifndef OPENSSL_NO_SOCK int generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len) { @@ -802,6 +806,7 @@ int verify_cookie_callback(SSL *ssl, const unsigned char *cookie, return 0; } +#endif /* * Example of extended certificate handling. Where the standard support of @@ -831,7 +836,7 @@ static STRINT_PAIR chain_flags[] = { {"CA signature", CERT_PKEY_CA_SIGNATURE}, {"EE key parameters", CERT_PKEY_EE_PARAM}, {"CA key parameters", CERT_PKEY_CA_PARAM}, - {"Explicity sign with EE key", CERT_PKEY_EXPLICIT_SIGN}, + {"Explicitly sign with EE key", CERT_PKEY_EXPLICIT_SIGN}, {"Issuer Name", CERT_PKEY_ISSUER_NAME}, {"Certificate Type", CERT_PKEY_CERT_TYPE}, {NULL} @@ -972,7 +977,7 @@ int load_excert(SSL_EXCERT **pexc) return 0; } exc->cert = load_cert(exc->certfile, exc->certform, - NULL, NULL, "Server Certificate"); + "Server Certificate"); if (!exc->cert) return 0; if (exc->keyfile) { @@ -986,7 +991,7 @@ int load_excert(SSL_EXCERT **pexc) return 0; if (exc->chainfile) { if (!load_certs(exc->chainfile, &exc->chain, FORMAT_PEM, NULL, - NULL, "Server Chain")) + "Server Chain")) return 0; } } @@ -1061,11 +1066,12 @@ int args_excert(int opt, SSL_EXCERT **pexc) static void print_raw_cipherlist(SSL *s) { const unsigned char *rlist; - static const unsigned char scsv_id[] = { 0, 0, 0xFF }; + static const unsigned char scsv_id[] = { 0, 0xFF }; size_t i, rlistlen, num; if (!SSL_is_server(s)) return; num = SSL_get0_raw_cipherlist(s, NULL); + OPENSSL_assert(num == 2); rlistlen = SSL_get0_raw_cipherlist(s, &rlist); BIO_puts(bio_err, "Client cipher list: "); for (i = 0; i < rlistlen; i += num, rlist += num) { @@ -1074,7 +1080,7 @@ static void print_raw_cipherlist(SSL *s) BIO_puts(bio_err, ":"); if (c) BIO_puts(bio_err, SSL_CIPHER_get_name(c)); - else if (!memcmp(rlist, scsv_id - num + 3, num)) + else if (!memcmp(rlist, scsv_id, num)) BIO_puts(bio_err, "SCSV"); else { size_t j; @@ -1086,6 +1092,80 @@ static void print_raw_cipherlist(SSL *s) BIO_puts(bio_err, "\n"); } +/* + * Hex encoder for TLSA RRdata, not ':' delimited. + */ +static char *hexencode(const unsigned char *data, size_t len) +{ + static const char *hex = "0123456789abcdef"; + char *out; + char *cp; + size_t outlen = 2 * len + 1; + int ilen = (int) outlen; + + if (outlen < len || ilen < 0 || outlen != (size_t)ilen) { + BIO_printf(bio_err, "%s: %" PRIu64 "-byte buffer too large to hexencode\n", + opt_getprog(), (uint64_t)len); + exit(1); + } + cp = out = app_malloc(ilen, "TLSA hex data buffer"); + + while (len-- > 0) { + *cp++ = hex[(*data >> 4) & 0x0f]; + *cp++ = hex[*data++ & 0x0f]; + } + *cp = '\0'; + return out; +} + +void print_verify_detail(SSL *s, BIO *bio) +{ + int mdpth; + EVP_PKEY *mspki; + long verify_err = SSL_get_verify_result(s); + + if (verify_err == X509_V_OK) { + const char *peername = SSL_get0_peername(s); + + BIO_printf(bio, "Verification: OK\n"); + if (peername != NULL) + BIO_printf(bio, "Verified peername: %s\n", peername); + } else { + const char *reason = X509_verify_cert_error_string(verify_err); + + BIO_printf(bio, "Verification error: %s\n", reason); + } + + if ((mdpth = SSL_get0_dane_authority(s, NULL, &mspki)) >= 0) { + uint8_t usage, selector, mtype; + const unsigned char *data = NULL; + size_t dlen = 0; + char *hexdata; + + mdpth = SSL_get0_dane_tlsa(s, &usage, &selector, &mtype, &data, &dlen); + + /* + * The TLSA data field can be quite long when it is a certificate, + * public key or even a SHA2-512 digest. Because the initial octets of + * ASN.1 certificates and public keys contain mostly boilerplate OIDs + * and lengths, we show the last 12 bytes of the data instead, as these + * are more likely to distinguish distinct TLSA records. + */ +#define TLSA_TAIL_SIZE 12 + if (dlen > TLSA_TAIL_SIZE) + hexdata = hexencode(data + dlen - TLSA_TAIL_SIZE, TLSA_TAIL_SIZE); + else + hexdata = hexencode(data, dlen); + BIO_printf(bio, "DANE TLSA %d %d %d %s%s %s at depth %d\n", + usage, selector, mtype, + (dlen > TLSA_TAIL_SIZE) ? "..." : "", hexdata, + (mspki != NULL) ? "signed the certificate" : + mdpth ? "matched TA certificate" : "matched EE certificate", + mdpth); + OPENSSL_free(hexdata); + } +} + void print_ssl_summary(SSL *s) { const SSL_CIPHER *c; @@ -1100,12 +1180,14 @@ void print_ssl_summary(SSL *s) peer = SSL_get_peer_certificate(s); if (peer) { int nid; + BIO_puts(bio_err, "Peer certificate: "); X509_NAME_print_ex(bio_err, X509_get_subject_name(peer), 0, XN_FLAG_ONELINE); BIO_puts(bio_err, "\n"); if (SSL_get_peer_signature_nid(s, &nid)) BIO_printf(bio_err, "Hash used: %s\n", OBJ_nid2sn(nid)); + print_verify_detail(s, bio_err); } else BIO_puts(bio_err, "No peer certificate\n"); X509_free(peer); @@ -1122,7 +1204,7 @@ void print_ssl_summary(SSL *s) } int config_ctx(SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, - SSL_CTX *ctx, int no_jpake) + SSL_CTX *ctx) { int i; @@ -1130,12 +1212,6 @@ int config_ctx(SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, for (i = 0; i < sk_OPENSSL_STRING_num(str); i += 2) { const char *flag = sk_OPENSSL_STRING_value(str, i); const char *arg = sk_OPENSSL_STRING_value(str, i + 1); -#ifndef OPENSSL_NO_JPAKE - if (!no_jpake && (strcmp(flag, "-cipher") == 0)) { - BIO_puts(bio_err, "JPAKE sets cipher to PSK\n"); - return 0; - } -#endif if (SSL_CONF_cmd(cctx, flag, arg) <= 0) { if (arg) BIO_printf(bio_err, "Error with command: \"%s %s\"\n", @@ -1146,15 +1222,6 @@ int config_ctx(SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, return 0; } } -#ifndef OPENSSL_NO_JPAKE - if (!no_jpake) { - if (SSL_CONF_cmd(cctx, "-cipher", "PSK") <= 0) { - BIO_puts(bio_err, "Error setting cipher to PSK\n"); - ERR_print_errors(bio_err); - return 0; - } - } -#endif if (!SSL_CONF_CTX_finish(cctx)) { BIO_puts(bio_err, "Error finishing context\n"); ERR_print_errors(bio_err); @@ -1222,7 +1289,7 @@ int ssl_load_stores(SSL_CTX *ctx, typedef struct { BIO *out; int verbose; - int (*old_cb) (SSL *s, SSL_CTX *ctx, int op, int bits, int nid, + int (*old_cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex); } security_debug_ex; @@ -1251,7 +1318,7 @@ static STRINT_PAIR callback_types[] = { {NULL} }; -static int security_callback_debug(SSL *s, SSL_CTX *ctx, +static int security_callback_debug(const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex) { @@ -1304,7 +1371,7 @@ static int security_callback_debug(SSL *s, SSL_CTX *ctx, case SSL_SECOP_OTHER_DH: { DH *dh = other; - BIO_printf(sdb->out, "%d", BN_num_bits(dh->p)); + BIO_printf(sdb->out, "%d", DH_bits(dh)); break; } #endif