2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
144 * Until the key-gen callbacks are modified to use newer prototypes, we allow
145 * deprecated functions for openssl-internal code
147 #ifdef OPENSSL_NO_DEPRECATED
148 # undef OPENSSL_NO_DEPRECATED
157 #include <openssl/e_os2.h>
158 #ifdef OPENSSL_NO_STDIO
162 /* conflicts with winsock2 stuff on netware */
163 #if !defined(OPENSSL_SYS_NETWARE)
164 # include <sys/types.h>
168 * With IPv6, it looks like Digital has mixed up the proper order of
169 * recursive header file inclusion, resulting in the compiler complaining
170 * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
171 * needed to have fileno() declared correctly... So let's define u_int
173 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
175 typedef unsigned int u_int;
178 #include <openssl/lhash.h>
179 #include <openssl/bn.h>
182 #include <openssl/err.h>
183 #include <openssl/pem.h>
184 #include <openssl/x509.h>
185 #include <openssl/ssl.h>
186 #include <openssl/rand.h>
187 #include <openssl/ocsp.h>
188 #ifndef OPENSSL_NO_DH
189 # include <openssl/dh.h>
191 #ifndef OPENSSL_NO_RSA
192 # include <openssl/rsa.h>
194 #ifndef OPENSSL_NO_SRP
195 # include <openssl/srp.h>
198 #include "timeouts.h"
200 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
201 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
205 #if defined(OPENSSL_SYS_BEOS_R5)
209 #ifndef OPENSSL_NO_RSA
210 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
212 static int sv_body(char *hostname, int s, unsigned char *context);
213 static int www_body(char *hostname, int s, unsigned char *context);
214 static void close_accept_socket(void);
215 static void sv_usage(void);
216 static int init_ssl_connection(SSL *s);
217 static void print_stats(BIO *bp, SSL_CTX *ctx);
218 static int generate_session_id(const SSL *ssl, unsigned char *id,
219 unsigned int *id_len);
220 #ifndef OPENSSL_NO_DH
221 static DH *load_dh_param(const char *dhfile);
222 static DH *get_dh512(void);
226 static void s_server_init(void);
229 #ifndef OPENSSL_NO_DH
230 static unsigned char dh512_p[] = {
231 0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
232 0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
233 0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
234 0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
235 0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
236 0x47, 0x74, 0xE8, 0x33,
239 static unsigned char dh512_g[] = {
243 static DH *get_dh512(void)
247 if ((dh = DH_new()) == NULL)
249 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
250 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
251 if ((dh->p == NULL) || (dh->g == NULL))
257 /* static int load_CA(SSL_CTX *ctx, char *file);*/
260 #define BUFSIZZ 16*1024
261 static int bufsize = BUFSIZZ;
262 static int accept_socket = -1;
264 #define TEST_CERT "server.pem"
265 #ifndef OPENSSL_NO_TLSEXT
266 # define TEST_CERT2 "server2.pem"
269 #define PROG s_server_main
271 extern int verify_depth, verify_return_error;
273 static char *cipher = NULL;
274 static int s_server_verify = SSL_VERIFY_NONE;
275 static int s_server_session_id_context = 1; /* anything will do */
276 static const char *s_cert_file = TEST_CERT, *s_key_file = NULL;
277 #ifndef OPENSSL_NO_TLSEXT
278 static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
280 static char *s_dcert_file = NULL, *s_dkey_file = NULL;
282 static int s_nbio = 0;
284 static int s_nbio_test = 0;
286 static SSL_CTX *ctx = NULL;
287 #ifndef OPENSSL_NO_TLSEXT
288 static SSL_CTX *ctx2 = NULL;
292 static BIO *bio_s_out = NULL;
293 static int s_debug = 0;
294 #ifndef OPENSSL_NO_TLSEXT
295 static int s_tlsextdebug = 0;
296 static int s_tlsextstatus = 0;
297 static int cert_status_cb(SSL *s, void *arg);
299 static int s_msg = 0;
300 static int s_quiet = 0;
302 static char *keymatexportlabel = NULL;
303 static int keymatexportlen = 20;
306 #ifndef OPENSSL_NO_ENGINE
307 static char *engine_id = NULL;
309 static const char *session_id_prefix = NULL;
311 static int enable_timeouts = 0;
312 static long socket_mtu;
313 #ifndef OPENSSL_NO_DTLS1
314 static int cert_chain = 0;
317 #ifndef OPENSSL_NO_PSK
318 static char *psk_identity = "Client_identity";
319 char *psk_key = NULL; /* by default PSK is not used */
321 static unsigned int psk_server_cb(SSL *ssl, const char *identity,
323 unsigned int max_psk_len)
325 unsigned int psk_len = 0;
330 BIO_printf(bio_s_out, "psk_server_cb\n");
332 BIO_printf(bio_err, "Error: client did not send PSK identity\n");
336 BIO_printf(bio_s_out, "identity_len=%d identity=%s\n",
337 identity ? (int)strlen(identity) : 0, identity);
339 /* here we could lookup the given identity e.g. from a database */
340 if (strcmp(identity, psk_identity) != 0) {
341 BIO_printf(bio_s_out, "PSK error: client identity not found"
342 " (got '%s' expected '%s')\n", identity, psk_identity);
346 BIO_printf(bio_s_out, "PSK client identity found\n");
348 /* convert the PSK key to binary */
349 ret = BN_hex2bn(&bn, psk_key);
351 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
357 if (BN_num_bytes(bn) > (int)max_psk_len) {
359 "psk buffer of callback is too small (%d) for key (%d)\n",
360 max_psk_len, BN_num_bytes(bn));
365 ret = BN_bn2bin(bn, psk);
370 psk_len = (unsigned int)ret;
373 BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
377 BIO_printf(bio_err, "Error in PSK server callback\n");
382 #ifndef OPENSSL_NO_SRP
383 /* This is a context that we pass to callbacks */
384 typedef struct srpsrvparm_st {
391 * This callback pretends to require some asynchronous logic in order to
392 * obtain a verifier. When the callback is called for a new connection we
393 * return with a negative value. This will provoke the accept etc to return
394 * with an LOOKUP_X509. The main logic of the reinvokes the suspended call
395 * (which would normally occur after a worker has finished) and we set the
398 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
400 srpsrvparm *p = (srpsrvparm *) arg;
401 if (p->login == NULL && p->user == NULL) {
402 p->login = SSL_get_srp_username(s);
403 BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
407 if (p->user == NULL) {
408 BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
409 return SSL3_AL_FATAL;
411 if (SSL_set_srp_server_param
412 (s, p->user->N, p->user->g, p->user->s, p->user->v,
413 p->user->info) < 0) {
414 *ad = SSL_AD_INTERNAL_ERROR;
415 return SSL3_AL_FATAL;
418 "SRP parameters set: username = \"%s\" info=\"%s\" \n",
419 p->login, p->user->info);
420 /* need to check whether there are memory leaks */
423 return SSL_ERROR_NONE;
429 static void s_server_init(void)
433 s_server_verify = SSL_VERIFY_NONE;
436 s_cert_file = TEST_CERT;
438 # ifndef OPENSSL_NO_TLSEXT
439 s_cert_file2 = TEST_CERT2;
455 # ifndef OPENSSL_NO_ENGINE
461 static void sv_usage(void)
463 BIO_printf(bio_err, "usage: s_server [args ...]\n");
464 BIO_printf(bio_err, "\n");
466 " -accept arg - port to accept on (default is %d)\n", PORT);
467 BIO_printf(bio_err, " -context arg - set session ID context\n");
469 " -verify arg - turn on peer certificate verification\n");
471 " -Verify arg - turn on peer certificate verification, must have a cert.\n");
473 " -verify_return_error - return verification errors\n");
474 BIO_printf(bio_err, " -cert arg - certificate file to use\n");
475 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT);
477 " -crl_check - check the peer certificate has not been revoked by its CA.\n"
478 " The CRL(s) are appended to the certificate file\n");
480 " -crl_check_all - check the peer certificate has not been revoked by its CA\n"
481 " or any other CRL in the CA chain. CRL(s) are appened to the\n"
482 " the certificate file.\n");
484 " -certform arg - certificate format (PEM or DER) PEM default\n");
486 " -key arg - Private Key file to use, in cert file if\n");
487 BIO_printf(bio_err, " not specified (default is %s)\n",
490 " -keyform arg - key format (PEM, DER or ENGINE) PEM default\n");
492 " -pass arg - private key file pass phrase source\n");
494 " -dcert arg - second certificate file to use (usually for DSA)\n");
496 " -dcertform x - second certificate format (PEM or DER) PEM default\n");
498 " -dkey arg - second private key file to use (usually for DSA)\n");
500 " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
502 " -dpass arg - second private key file pass phrase source\n");
504 " -dhparam arg - DH parameter file to use, in cert file if not specified\n");
506 " or a default set of parameters is used\n");
507 #ifndef OPENSSL_NO_ECDH
509 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
510 " Use \"openssl ecparam -list_curves\" for all names\n"
511 " (default is nistp256).\n");
514 BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n");
517 " -nbio_test - test with the non-blocking test bio\n");
519 " -crlf - convert LF from terminal into CRLF\n");
520 BIO_printf(bio_err, " -debug - Print more output\n");
521 BIO_printf(bio_err, " -msg - Show protocol messages\n");
522 BIO_printf(bio_err, " -state - Print the SSL states\n");
523 BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
524 BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
526 " -nocert - Don't use any certificates (Anon-DH)\n");
528 " -cipher arg - play with 'openssl ciphers' to see what goes here\n");
529 BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n");
530 BIO_printf(bio_err, " -quiet - No server output\n");
531 BIO_printf(bio_err, " -no_tmp_rsa - Do not generate a tmp RSA key\n");
532 #ifndef OPENSSL_NO_PSK
533 BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n");
534 BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n");
535 # ifndef OPENSSL_NO_JPAKE
536 BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n");
539 #ifndef OPENSSL_NO_SRP
540 BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n");
542 " -srpuserseed string - A seed string for a default user salt.\n");
544 BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n");
545 #ifndef OPENSSL_NO_SSL3_METHOD
546 BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n");
548 BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n");
549 BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n");
550 BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n");
551 BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n");
552 BIO_printf(bio_err, " -timeout - Enable timeouts\n");
553 BIO_printf(bio_err, " -mtu - Set link layer MTU\n");
554 BIO_printf(bio_err, " -chain - Read a certificate chain\n");
555 BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n");
556 BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n");
557 BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n");
558 BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n");
559 BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n");
560 #ifndef OPENSSL_NO_DH
561 BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n");
563 #ifndef OPENSSL_NO_ECDH
564 BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n");
566 BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n");
568 " -hack - workaround for early Netscape code\n");
570 " -www - Respond to a 'GET /' with a status page\n");
572 " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
574 " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
576 " with the assumption it contains a complete HTTP response.\n");
577 #ifndef OPENSSL_NO_ENGINE
579 " -engine id - Initialise and use the specified engine\n");
582 " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
583 BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
584 LIST_SEPARATOR_CHAR);
585 #ifndef OPENSSL_NO_TLSEXT
587 " -servername host - servername for HostName TLS extension\n");
589 " -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
591 " -cert2 arg - certificate file to use for servername\n");
592 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT2);
594 " -key2 arg - Private Key file to use for servername, in cert file if\n");
595 BIO_printf(bio_err, " not specified (default is %s)\n",
598 " -tlsextdebug - hex dump of all TLS extensions received\n");
600 " -no_ticket - disable use of RFC4507bis session tickets\n");
602 " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
603 # ifndef OPENSSL_NO_NEXTPROTONEG
605 " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
607 # ifndef OPENSSL_NO_SRTP
609 " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
613 " -keymatexport label - Export keying material using label\n");
615 " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
617 " -status - respond to certificate status requests\n");
619 " -status_verbose - enable status request verbose printout\n");
621 " -status_timeout n - status request responder timeout\n");
622 BIO_printf(bio_err, " -status_url URL - status request fallback URL\n");
625 static int local_argc = 0;
626 static char **local_argv;
628 #ifdef CHARSET_EBCDIC
629 static int ebcdic_new(BIO *bi);
630 static int ebcdic_free(BIO *a);
631 static int ebcdic_read(BIO *b, char *out, int outl);
632 static int ebcdic_write(BIO *b, const char *in, int inl);
633 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
634 static int ebcdic_gets(BIO *bp, char *buf, int size);
635 static int ebcdic_puts(BIO *bp, const char *str);
637 # define BIO_TYPE_EBCDIC_FILTER (18|0x0200)
638 static BIO_METHOD methods_ebcdic = {
639 BIO_TYPE_EBCDIC_FILTER,
640 "EBCDIC/ASCII filter",
655 BIO_METHOD *BIO_f_ebcdic_filter()
657 return (&methods_ebcdic);
660 static int ebcdic_new(BIO *bi)
662 EBCDIC_OUTBUFF *wbuf;
664 wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
665 wbuf->alloced = 1024;
666 wbuf->buff[0] = '\0';
668 bi->ptr = (char *)wbuf;
674 static int ebcdic_free(BIO *a)
679 OPENSSL_free(a->ptr);
686 static int ebcdic_read(BIO *b, char *out, int outl)
690 if (out == NULL || outl == 0)
692 if (b->next_bio == NULL)
695 ret = BIO_read(b->next_bio, out, outl);
697 ascii2ebcdic(out, out, ret);
701 static int ebcdic_write(BIO *b, const char *in, int inl)
703 EBCDIC_OUTBUFF *wbuf;
708 if ((in == NULL) || (inl <= 0))
710 if (b->next_bio == NULL)
713 wbuf = (EBCDIC_OUTBUFF *) b->ptr;
715 if (inl > (num = wbuf->alloced)) {
716 num = num + num; /* double the size */
721 (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
724 wbuf->buff[0] = '\0';
726 b->ptr = (char *)wbuf;
729 ebcdic2ascii(wbuf->buff, in, inl);
731 ret = BIO_write(b->next_bio, wbuf->buff, inl);
736 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
740 if (b->next_bio == NULL)
747 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
753 static int ebcdic_gets(BIO *bp, char *buf, int size)
756 if (bp->next_bio == NULL)
758 /* return(BIO_gets(bp->next_bio,buf,size));*/
759 for (i = 0; i < size - 1; ++i) {
760 ret = ebcdic_read(bp, &buf[i], 1);
763 else if (buf[i] == '\n') {
770 return (ret < 0 && i == 0) ? ret : i;
773 static int ebcdic_puts(BIO *bp, const char *str)
775 if (bp->next_bio == NULL)
777 return ebcdic_write(bp, str, strlen(str));
781 #ifndef OPENSSL_NO_TLSEXT
783 /* This is a context that we pass to callbacks */
784 typedef struct tlsextctx_st {
790 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
792 tlsextctx *p = (tlsextctx *) arg;
793 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
794 if (servername && p->biodebug)
795 BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n",
799 return SSL_TLSEXT_ERR_NOACK;
802 if (strcasecmp(servername, p->servername))
803 return p->extension_error;
805 BIO_printf(p->biodebug, "Switching server context.\n");
806 SSL_set_SSL_CTX(s, ctx2);
809 return SSL_TLSEXT_ERR_OK;
812 /* Structure passed to cert status callback */
814 typedef struct tlsextstatusctx_st {
815 /* Default responder to use */
816 char *host, *path, *port;
823 static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, NULL, 0 };
826 * Certificate Status callback. This is called when a client includes a
827 * certificate status request extension. This is a simplified version. It
828 * examines certificates each time and makes one OCSP responder query for
829 * each request. A full version would store details such as the OCSP
830 * certificate IDs and minimise the number of OCSP responses by caching them
831 * until they were considered "expired".
834 static int cert_status_cb(SSL *s, void *arg)
836 tlsextstatusctx *srctx = arg;
837 BIO *err = srctx->err;
838 char *host, *port, *path;
840 unsigned char *rspder = NULL;
842 STACK_OF(OPENSSL_STRING) *aia = NULL;
844 X509_STORE_CTX inctx;
846 OCSP_REQUEST *req = NULL;
847 OCSP_RESPONSE *resp = NULL;
848 OCSP_CERTID *id = NULL;
849 STACK_OF(X509_EXTENSION) *exts;
850 int ret = SSL_TLSEXT_ERR_NOACK;
853 STACK_OF(OCSP_RESPID) *ids;
854 SSL_get_tlsext_status_ids(s, &ids);
855 BIO_printf(err, "cert_status: received %d ids\n",
856 sk_OCSP_RESPID_num(ids));
859 BIO_puts(err, "cert_status: callback called\n");
860 /* Build up OCSP query from server certificate */
861 x = SSL_get_certificate(s);
862 aia = X509_get1_ocsp(x);
864 if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
865 &host, &port, &path, &use_ssl)) {
866 BIO_puts(err, "cert_status: can't parse AIA URL\n");
870 BIO_printf(err, "cert_status: AIA URL: %s\n",
871 sk_OPENSSL_STRING_value(aia, 0));
875 "cert_status: no AIA and no default responder URL\n");
881 use_ssl = srctx->use_ssl;
884 if (!X509_STORE_CTX_init(&inctx,
885 SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
888 if (X509_STORE_get_by_subject(&inctx, X509_LU_X509,
889 X509_get_issuer_name(x), &obj) <= 0) {
890 BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
891 X509_STORE_CTX_cleanup(&inctx);
894 req = OCSP_REQUEST_new();
897 id = OCSP_cert_to_id(NULL, x, obj.data.x509);
898 X509_free(obj.data.x509);
899 X509_STORE_CTX_cleanup(&inctx);
902 if (!OCSP_request_add0_id(req, id))
905 /* Add any extensions to the request */
906 SSL_get_tlsext_status_exts(s, &exts);
907 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
908 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
909 if (!OCSP_REQUEST_add_ext(req, ext, -1))
912 resp = process_responder(err, req, host, path, port, use_ssl, NULL,
915 BIO_puts(err, "cert_status: error querying responder\n");
918 rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
921 SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
922 if (srctx->verbose) {
923 BIO_puts(err, "cert_status: ocsp response sent:\n");
924 OCSP_RESPONSE_print(err, resp, 2);
926 ret = SSL_TLSEXT_ERR_OK;
928 if (ret != SSL_TLSEXT_ERR_OK)
929 ERR_print_errors(err);
934 X509_email_free(aia);
937 OCSP_CERTID_free(id);
939 OCSP_REQUEST_free(req);
941 OCSP_RESPONSE_free(resp);
944 ret = SSL_TLSEXT_ERR_ALERT_FATAL;
948 # ifndef OPENSSL_NO_NEXTPROTONEG
949 /* This is the context that we pass to next_proto_cb */
950 typedef struct tlsextnextprotoctx_st {
953 } tlsextnextprotoctx;
955 static int next_proto_cb(SSL *s, const unsigned char **data,
956 unsigned int *len, void *arg)
958 tlsextnextprotoctx *next_proto = arg;
960 *data = next_proto->data;
961 *len = next_proto->len;
963 return SSL_TLSEXT_ERR_OK;
965 # endif /* ndef OPENSSL_NO_NEXTPROTONEG */
969 int MAIN(int, char **);
971 #ifndef OPENSSL_NO_JPAKE
972 static char *jpake_secret = NULL;
974 #ifndef OPENSSL_NO_SRP
975 static srpsrvparm srp_callback_parm;
977 #ifndef OPENSSL_NO_SRTP
978 static char *srtp_profiles = NULL;
981 int MAIN(int argc, char *argv[])
983 X509_VERIFY_PARAM *vpm = NULL;
986 char *CApath = NULL, *CAfile = NULL;
987 unsigned char *context = NULL;
989 #ifndef OPENSSL_NO_ECDH
990 char *named_curve = NULL;
992 int badop = 0, bugs = 0;
995 int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0;
997 const SSL_METHOD *meth = NULL;
998 int socket_type = SOCK_STREAM;
1000 char *inrand = NULL;
1001 int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
1002 char *passarg = NULL, *pass = NULL;
1003 char *dpassarg = NULL, *dpass = NULL;
1004 int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
1005 X509 *s_cert = NULL, *s_dcert = NULL;
1006 EVP_PKEY *s_key = NULL, *s_dkey = NULL;
1008 #ifndef OPENSSL_NO_TLSEXT
1009 EVP_PKEY *s_key2 = NULL;
1010 X509 *s_cert2 = NULL;
1011 tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
1012 # ifndef OPENSSL_NO_NEXTPROTONEG
1013 const char *next_proto_neg_in = NULL;
1014 tlsextnextprotoctx next_proto;
1017 #ifndef OPENSSL_NO_PSK
1018 /* by default do not send a PSK identity hint */
1019 static char *psk_identity_hint = NULL;
1021 #ifndef OPENSSL_NO_SRP
1022 char *srpuserseed = NULL;
1023 char *srp_verifier_file = NULL;
1025 meth = SSLv23_server_method();
1035 if (bio_err == NULL)
1036 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
1038 if (!load_config(bio_err, NULL))
1051 if ((strcmp(*argv, "-port") == 0) || (strcmp(*argv, "-accept") == 0)) {
1054 if (!extract_port(*(++argv), &port))
1056 } else if (strcmp(*argv, "-verify") == 0) {
1057 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
1060 verify_depth = atoi(*(++argv));
1061 BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
1062 } else if (strcmp(*argv, "-Verify") == 0) {
1064 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
1065 SSL_VERIFY_CLIENT_ONCE;
1068 verify_depth = atoi(*(++argv));
1070 "verify depth is %d, must return a certificate\n",
1072 } else if (strcmp(*argv, "-context") == 0) {
1075 context = (unsigned char *)*(++argv);
1076 } else if (strcmp(*argv, "-cert") == 0) {
1079 s_cert_file = *(++argv);
1080 } else if (strcmp(*argv, "-certform") == 0) {
1083 s_cert_format = str2fmt(*(++argv));
1084 } else if (strcmp(*argv, "-key") == 0) {
1087 s_key_file = *(++argv);
1088 } else if (strcmp(*argv, "-keyform") == 0) {
1091 s_key_format = str2fmt(*(++argv));
1092 } else if (strcmp(*argv, "-pass") == 0) {
1095 passarg = *(++argv);
1096 } else if (strcmp(*argv, "-dhparam") == 0) {
1101 #ifndef OPENSSL_NO_ECDH
1102 else if (strcmp(*argv, "-named_curve") == 0) {
1105 named_curve = *(++argv);
1108 else if (strcmp(*argv, "-dcertform") == 0) {
1111 s_dcert_format = str2fmt(*(++argv));
1112 } else if (strcmp(*argv, "-dcert") == 0) {
1115 s_dcert_file = *(++argv);
1116 } else if (strcmp(*argv, "-dkeyform") == 0) {
1119 s_dkey_format = str2fmt(*(++argv));
1120 } else if (strcmp(*argv, "-dpass") == 0) {
1123 dpassarg = *(++argv);
1124 } else if (strcmp(*argv, "-dkey") == 0) {
1127 s_dkey_file = *(++argv);
1128 } else if (strcmp(*argv, "-nocert") == 0) {
1130 } else if (strcmp(*argv, "-CApath") == 0) {
1134 } else if (strcmp(*argv, "-no_cache") == 0)
1136 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
1140 } else if (strcmp(*argv, "-verify_return_error") == 0)
1141 verify_return_error = 1;
1142 else if (strcmp(*argv, "-serverpref") == 0) {
1143 off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
1144 } else if (strcmp(*argv, "-legacy_renegotiation") == 0)
1145 off |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
1146 else if (strcmp(*argv, "-cipher") == 0) {
1150 } else if (strcmp(*argv, "-CAfile") == 0) {
1156 else if (strcmp(*argv, "-nbio") == 0) {
1160 else if (strcmp(*argv, "-nbio_test") == 0) {
1165 } else if (strcmp(*argv, "-debug") == 0) {
1168 #ifndef OPENSSL_NO_TLSEXT
1169 else if (strcmp(*argv, "-tlsextdebug") == 0)
1171 else if (strcmp(*argv, "-status") == 0)
1173 else if (strcmp(*argv, "-status_verbose") == 0) {
1175 tlscstatp.verbose = 1;
1176 } else if (!strcmp(*argv, "-status_timeout")) {
1180 tlscstatp.timeout = atoi(*(++argv));
1181 } else if (!strcmp(*argv, "-status_url")) {
1185 if (!OCSP_parse_url(*(++argv),
1188 &tlscstatp.path, &tlscstatp.use_ssl)) {
1189 BIO_printf(bio_err, "Error parsing URL\n");
1194 else if (strcmp(*argv, "-msg") == 0) {
1196 } else if (strcmp(*argv, "-hack") == 0) {
1198 } else if (strcmp(*argv, "-state") == 0) {
1200 } else if (strcmp(*argv, "-crlf") == 0) {
1202 } else if (strcmp(*argv, "-quiet") == 0) {
1204 } else if (strcmp(*argv, "-bugs") == 0) {
1206 } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
1208 } else if (strcmp(*argv, "-no_dhe") == 0) {
1210 } else if (strcmp(*argv, "-no_ecdhe") == 0) {
1213 #ifndef OPENSSL_NO_PSK
1214 else if (strcmp(*argv, "-psk_hint") == 0) {
1217 psk_identity_hint = *(++argv);
1218 } else if (strcmp(*argv, "-psk") == 0) {
1223 psk_key = *(++argv);
1224 for (i = 0; i < strlen(psk_key); i++) {
1225 if (isxdigit((unsigned char)psk_key[i]))
1227 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1232 #ifndef OPENSSL_NO_SRP
1233 else if (strcmp(*argv, "-srpvfile") == 0) {
1236 srp_verifier_file = *(++argv);
1237 meth = TLSv1_server_method();
1238 } else if (strcmp(*argv, "-srpuserseed") == 0) {
1241 srpuserseed = *(++argv);
1242 meth = TLSv1_server_method();
1245 else if (strcmp(*argv, "-www") == 0) {
1247 } else if (strcmp(*argv, "-WWW") == 0) {
1249 } else if (strcmp(*argv, "-HTTP") == 0) {
1251 } else if (strcmp(*argv, "-no_ssl2") == 0) {
1252 off |= SSL_OP_NO_SSLv2;
1253 } else if (strcmp(*argv, "-no_ssl3") == 0) {
1254 off |= SSL_OP_NO_SSLv3;
1255 } else if (strcmp(*argv, "-no_tls1") == 0) {
1256 off |= SSL_OP_NO_TLSv1;
1257 } else if (strcmp(*argv, "-no_tls1_1") == 0) {
1258 off |= SSL_OP_NO_TLSv1_1;
1259 } else if (strcmp(*argv, "-no_tls1_2") == 0) {
1260 off |= SSL_OP_NO_TLSv1_2;
1261 } else if (strcmp(*argv, "-no_comp") == 0) {
1262 off |= SSL_OP_NO_COMPRESSION;
1264 #ifndef OPENSSL_NO_TLSEXT
1265 else if (strcmp(*argv, "-no_ticket") == 0) {
1266 off |= SSL_OP_NO_TICKET;
1269 #ifndef OPENSSL_NO_SSL2
1270 else if (strcmp(*argv, "-ssl2") == 0) {
1271 meth = SSLv2_server_method();
1274 #ifndef OPENSSL_NO_SSL3_METHOD
1275 else if (strcmp(*argv, "-ssl3") == 0) {
1276 meth = SSLv3_server_method();
1279 #ifndef OPENSSL_NO_TLS1
1280 else if (strcmp(*argv, "-tls1") == 0) {
1281 meth = TLSv1_server_method();
1282 } else if (strcmp(*argv, "-tls1_1") == 0) {
1283 meth = TLSv1_1_server_method();
1284 } else if (strcmp(*argv, "-tls1_2") == 0) {
1285 meth = TLSv1_2_server_method();
1288 #ifndef OPENSSL_NO_DTLS1
1289 else if (strcmp(*argv, "-dtls1") == 0) {
1290 meth = DTLSv1_server_method();
1291 socket_type = SOCK_DGRAM;
1292 } else if (strcmp(*argv, "-timeout") == 0)
1293 enable_timeouts = 1;
1294 else if (strcmp(*argv, "-mtu") == 0) {
1297 socket_mtu = atol(*(++argv));
1298 } else if (strcmp(*argv, "-chain") == 0)
1301 else if (strcmp(*argv, "-id_prefix") == 0) {
1304 session_id_prefix = *(++argv);
1306 #ifndef OPENSSL_NO_ENGINE
1307 else if (strcmp(*argv, "-engine") == 0) {
1310 engine_id = *(++argv);
1313 else if (strcmp(*argv, "-rand") == 0) {
1318 #ifndef OPENSSL_NO_TLSEXT
1319 else if (strcmp(*argv, "-servername") == 0) {
1322 tlsextcbp.servername = *(++argv);
1323 } else if (strcmp(*argv, "-servername_fatal") == 0) {
1324 tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL;
1325 } else if (strcmp(*argv, "-cert2") == 0) {
1328 s_cert_file2 = *(++argv);
1329 } else if (strcmp(*argv, "-key2") == 0) {
1332 s_key_file2 = *(++argv);
1334 # ifndef OPENSSL_NO_NEXTPROTONEG
1335 else if (strcmp(*argv, "-nextprotoneg") == 0) {
1338 next_proto_neg_in = *(++argv);
1342 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1343 else if (strcmp(*argv, "-jpake") == 0) {
1346 jpake_secret = *(++argv);
1349 #ifndef OPENSSL_NO_SRTP
1350 else if (strcmp(*argv, "-use_srtp") == 0) {
1353 srtp_profiles = *(++argv);
1356 else if (strcmp(*argv, "-keymatexport") == 0) {
1359 keymatexportlabel = *(++argv);
1360 } else if (strcmp(*argv, "-keymatexportlen") == 0) {
1363 keymatexportlen = atoi(*(++argv));
1364 if (keymatexportlen == 0)
1367 BIO_printf(bio_err, "unknown option %s\n", *argv);
1379 #ifndef OPENSSL_NO_DTLS1
1380 if (www && socket_type == SOCK_DGRAM) {
1381 BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n");
1386 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1389 BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
1392 psk_identity = "JPAKE";
1394 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
1401 SSL_load_error_strings();
1402 OpenSSL_add_ssl_algorithms();
1404 #ifndef OPENSSL_NO_ENGINE
1405 e = setup_engine(bio_err, engine_id, 1);
1408 if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) {
1409 BIO_printf(bio_err, "Error getting password\n");
1413 if (s_key_file == NULL)
1414 s_key_file = s_cert_file;
1415 #ifndef OPENSSL_NO_TLSEXT
1416 if (s_key_file2 == NULL)
1417 s_key_file2 = s_cert_file2;
1421 s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
1422 "server certificate private key file");
1424 ERR_print_errors(bio_err);
1428 s_cert = load_cert(bio_err, s_cert_file, s_cert_format,
1429 NULL, e, "server certificate file");
1432 ERR_print_errors(bio_err);
1435 #ifndef OPENSSL_NO_TLSEXT
1436 if (tlsextcbp.servername) {
1437 s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
1438 "second server certificate private key file");
1440 ERR_print_errors(bio_err);
1444 s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format,
1445 NULL, e, "second server certificate file");
1448 ERR_print_errors(bio_err);
1454 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
1455 if (next_proto_neg_in) {
1457 next_proto.data = next_protos_parse(&len, next_proto_neg_in);
1458 if (next_proto.data == NULL)
1460 next_proto.len = len;
1462 next_proto.data = NULL;
1468 if (s_dkey_file == NULL)
1469 s_dkey_file = s_dcert_file;
1471 s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
1472 0, dpass, e, "second certificate private key file");
1474 ERR_print_errors(bio_err);
1478 s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format,
1479 NULL, e, "second server certificate file");
1482 ERR_print_errors(bio_err);
1488 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
1489 && !RAND_status()) {
1491 "warning, not much extra random data, consider using the -rand option\n");
1494 BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
1495 app_RAND_load_files(inrand));
1497 if (bio_s_out == NULL) {
1498 if (s_quiet && !s_debug && !s_msg) {
1499 bio_s_out = BIO_new(BIO_s_null());
1501 if (bio_s_out == NULL)
1502 bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE);
1505 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
1511 s_dcert_file = NULL;
1513 #ifndef OPENSSL_NO_TLSEXT
1514 s_cert_file2 = NULL;
1519 ctx = SSL_CTX_new(meth);
1521 ERR_print_errors(bio_err);
1524 if (session_id_prefix) {
1525 if (strlen(session_id_prefix) >= 32)
1527 "warning: id_prefix is too long, only one new session will be possible\n");
1528 else if (strlen(session_id_prefix) >= 16)
1530 "warning: id_prefix is too long if you use SSLv2\n");
1531 if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
1532 BIO_printf(bio_err, "error setting 'id_prefix'\n");
1533 ERR_print_errors(bio_err);
1536 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
1538 SSL_CTX_set_quiet_shutdown(ctx, 1);
1540 SSL_CTX_set_options(ctx, SSL_OP_ALL);
1542 SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
1543 SSL_CTX_set_options(ctx, off);
1546 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
1548 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
1550 SSL_CTX_sess_set_cache_size(ctx, 128);
1552 #ifndef OPENSSL_NO_SRTP
1553 if (srtp_profiles != NULL)
1554 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
1559 cipher = getenv("SSL_CIPHER");
1563 if (s_cert_file == NULL) {
1565 "You must specify a certificate file for the server to use\n");
1570 if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
1571 (!SSL_CTX_set_default_verify_paths(ctx))) {
1572 /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
1573 ERR_print_errors(bio_err);
1577 SSL_CTX_set1_param(ctx, vpm);
1579 #ifndef OPENSSL_NO_TLSEXT
1581 ctx2 = SSL_CTX_new(meth);
1583 ERR_print_errors(bio_err);
1589 BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
1591 if (session_id_prefix) {
1592 if (strlen(session_id_prefix) >= 32)
1594 "warning: id_prefix is too long, only one new session will be possible\n");
1595 else if (strlen(session_id_prefix) >= 16)
1597 "warning: id_prefix is too long if you use SSLv2\n");
1598 if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) {
1599 BIO_printf(bio_err, "error setting 'id_prefix'\n");
1600 ERR_print_errors(bio_err);
1603 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
1605 SSL_CTX_set_quiet_shutdown(ctx2, 1);
1607 SSL_CTX_set_options(ctx2, SSL_OP_ALL);
1609 SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
1610 SSL_CTX_set_options(ctx2, off);
1613 SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
1616 SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF);
1618 SSL_CTX_sess_set_cache_size(ctx2, 128);
1620 if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
1621 (!SSL_CTX_set_default_verify_paths(ctx2))) {
1622 ERR_print_errors(bio_err);
1625 SSL_CTX_set1_param(ctx2, vpm);
1627 # ifndef OPENSSL_NO_NEXTPROTONEG
1628 if (next_proto.data)
1629 SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb,
1634 #ifndef OPENSSL_NO_DH
1639 dh = load_dh_param(dhfile);
1640 else if (s_cert_file)
1641 dh = load_dh_param(s_cert_file);
1644 BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1646 BIO_printf(bio_s_out, "Using default temp DH parameters\n");
1649 (void)BIO_flush(bio_s_out);
1651 SSL_CTX_set_tmp_dh(ctx, dh);
1652 # ifndef OPENSSL_NO_TLSEXT
1655 DH *dh2 = load_dh_param(s_cert_file2);
1657 BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1658 (void)BIO_flush(bio_s_out);
1664 SSL_CTX_set_tmp_dh(ctx2, dh);
1671 #ifndef OPENSSL_NO_ECDH
1673 EC_KEY *ecdh = NULL;
1676 int nid = OBJ_sn2nid(named_curve);
1679 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1682 ecdh = EC_KEY_new_by_curve_name(nid);
1684 BIO_printf(bio_err, "unable to create curve (%s)\n",
1691 BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");
1693 BIO_printf(bio_s_out, "Using default temp ECDH parameters\n");
1694 ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
1696 BIO_printf(bio_err, "unable to create curve (nistp256)\n");
1700 (void)BIO_flush(bio_s_out);
1702 SSL_CTX_set_tmp_ecdh(ctx, ecdh);
1703 # ifndef OPENSSL_NO_TLSEXT
1705 SSL_CTX_set_tmp_ecdh(ctx2, ecdh);
1711 if (!set_cert_key_stuff(ctx, s_cert, s_key))
1713 #ifndef OPENSSL_NO_TLSEXT
1714 if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2))
1717 if (s_dcert != NULL) {
1718 if (!set_cert_key_stuff(ctx, s_dcert, s_dkey))
1721 #ifndef OPENSSL_NO_RSA
1724 SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
1725 # ifndef OPENSSL_NO_TLSEXT
1727 SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
1731 if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
1734 BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
1735 BIO_flush(bio_s_out);
1737 rsa = RSA_generate_key(512, RSA_F4, NULL);
1739 if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
1740 ERR_print_errors(bio_err);
1743 # ifndef OPENSSL_NO_TLSEXT
1745 if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
1746 ERR_print_errors(bio_err);
1752 BIO_printf(bio_s_out, "\n");
1757 #ifndef OPENSSL_NO_PSK
1758 # ifdef OPENSSL_NO_JPAKE
1759 if (psk_key != NULL)
1761 if (psk_key != NULL || jpake_secret)
1765 BIO_printf(bio_s_out,
1766 "PSK key given or JPAKE in use, setting server callback\n");
1767 SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
1770 if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) {
1771 BIO_printf(bio_err, "error setting PSK identity hint to context\n");
1772 ERR_print_errors(bio_err);
1777 if (cipher != NULL) {
1778 if (!SSL_CTX_set_cipher_list(ctx, cipher)) {
1779 BIO_printf(bio_err, "error setting cipher list\n");
1780 ERR_print_errors(bio_err);
1783 #ifndef OPENSSL_NO_TLSEXT
1784 if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) {
1785 BIO_printf(bio_err, "error setting cipher list\n");
1786 ERR_print_errors(bio_err);
1791 SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
1792 SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
1793 sizeof s_server_session_id_context);
1795 /* Set DTLS cookie generation and verification callbacks */
1796 SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
1797 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
1799 #ifndef OPENSSL_NO_TLSEXT
1801 SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
1802 SSL_CTX_set_session_id_context(ctx2,
1803 (void *)&s_server_session_id_context,
1804 sizeof s_server_session_id_context);
1806 tlsextcbp.biodebug = bio_s_out;
1807 SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
1808 SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
1809 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1810 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
1814 #ifndef OPENSSL_NO_SRP
1815 if (srp_verifier_file != NULL) {
1816 srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
1817 srp_callback_parm.user = NULL;
1818 srp_callback_parm.login = NULL;
1820 SRP_VBASE_init(srp_callback_parm.vb,
1821 srp_verifier_file)) != SRP_NO_ERROR) {
1823 "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
1824 srp_verifier_file, ret);
1827 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback);
1828 SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
1829 SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
1832 if (CAfile != NULL) {
1833 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
1834 #ifndef OPENSSL_NO_TLSEXT
1836 SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
1840 BIO_printf(bio_s_out, "ACCEPT\n");
1841 (void)BIO_flush(bio_s_out);
1843 do_server(port, socket_type, &accept_socket, www_body, context);
1845 do_server(port, socket_type, &accept_socket, sv_body, context);
1846 print_stats(bio_s_out, ctx);
1856 EVP_PKEY_free(s_key);
1858 EVP_PKEY_free(s_dkey);
1862 OPENSSL_free(dpass);
1864 X509_VERIFY_PARAM_free(vpm);
1865 #ifndef OPENSSL_NO_TLSEXT
1867 OPENSSL_free(tlscstatp.host);
1869 OPENSSL_free(tlscstatp.port);
1871 OPENSSL_free(tlscstatp.path);
1877 EVP_PKEY_free(s_key2);
1879 if (bio_s_out != NULL) {
1880 BIO_free(bio_s_out);
1887 static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
1889 BIO_printf(bio, "%4ld items in the session cache\n",
1890 SSL_CTX_sess_number(ssl_ctx));
1891 BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
1892 SSL_CTX_sess_connect(ssl_ctx));
1893 BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
1894 SSL_CTX_sess_connect_renegotiate(ssl_ctx));
1895 BIO_printf(bio, "%4ld client connects that finished\n",
1896 SSL_CTX_sess_connect_good(ssl_ctx));
1897 BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
1898 SSL_CTX_sess_accept(ssl_ctx));
1899 BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
1900 SSL_CTX_sess_accept_renegotiate(ssl_ctx));
1901 BIO_printf(bio, "%4ld server accepts that finished\n",
1902 SSL_CTX_sess_accept_good(ssl_ctx));
1903 BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx));
1904 BIO_printf(bio, "%4ld session cache misses\n",
1905 SSL_CTX_sess_misses(ssl_ctx));
1906 BIO_printf(bio, "%4ld session cache timeouts\n",
1907 SSL_CTX_sess_timeouts(ssl_ctx));
1908 BIO_printf(bio, "%4ld callback cache hits\n",
1909 SSL_CTX_sess_cb_hits(ssl_ctx));
1910 BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
1911 SSL_CTX_sess_cache_full(ssl_ctx),
1912 SSL_CTX_sess_get_cache_size(ssl_ctx));
1915 static int sv_body(char *hostname, int s, unsigned char *context)
1924 #ifndef OPENSSL_NO_KRB5
1927 struct timeval timeout;
1928 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
1931 struct timeval *timeoutp;
1934 if ((buf = OPENSSL_malloc(bufsize)) == NULL) {
1935 BIO_printf(bio_err, "out of memory\n");
1940 unsigned long sl = 1;
1943 BIO_printf(bio_err, "turning on non blocking io\n");
1944 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
1945 ERR_print_errors(bio_err);
1951 #ifndef OPENSSL_NO_TLSEXT
1952 if (s_tlsextdebug) {
1953 SSL_set_tlsext_debug_callback(con, tlsext_cb);
1954 SSL_set_tlsext_debug_arg(con, bio_s_out);
1956 if (s_tlsextstatus) {
1957 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
1958 tlscstatp.err = bio_err;
1959 SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
1962 #ifndef OPENSSL_NO_KRB5
1963 if ((kctx = kssl_ctx_new()) != NULL) {
1964 SSL_set0_kssl_ctx(con, kctx);
1965 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
1966 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
1968 #endif /* OPENSSL_NO_KRB5 */
1970 SSL_set_session_id_context(con, context, strlen((char *)context));
1974 # ifdef TLSEXT_TYPE_opaque_prf_input
1975 SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
1979 if (SSL_version(con) == DTLS1_VERSION) {
1981 sbio = BIO_new_dgram(s, BIO_NOCLOSE);
1983 if (enable_timeouts) {
1985 timeout.tv_usec = DGRAM_RCV_TIMEOUT;
1986 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
1989 timeout.tv_usec = DGRAM_SND_TIMEOUT;
1990 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
1994 if (socket_mtu < DTLS_get_link_min_mtu(con)) {
1995 BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
1996 DTLS_get_link_min_mtu(con));
2001 SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
2002 if (!DTLS_set_link_mtu(con, socket_mtu)) {
2003 BIO_printf(bio_err, "Failed to set MTU\n");
2009 /* want to do MTU discovery */
2010 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
2012 /* turn on cookie exchange */
2013 SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
2015 sbio = BIO_new_socket(s, BIO_NOCLOSE);
2020 test = BIO_new(BIO_f_nbio_test());
2021 sbio = BIO_push(test, sbio);
2023 #ifndef OPENSSL_NO_JPAKE
2025 jpake_server_auth(bio_s_out, sbio, jpake_secret);
2028 SSL_set_bio(con, sbio, sbio);
2029 SSL_set_accept_state(con);
2030 /* SSL_set_fd(con,s); */
2033 SSL_set_debug(con, 1);
2034 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
2035 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
2038 SSL_set_msg_callback(con, msg_cb);
2039 SSL_set_msg_callback_arg(con, bio_s_out);
2041 #ifndef OPENSSL_NO_TLSEXT
2042 if (s_tlsextdebug) {
2043 SSL_set_tlsext_debug_callback(con, tlsext_cb);
2044 SSL_set_tlsext_debug_arg(con, bio_s_out);
2050 int read_from_terminal;
2051 int read_from_sslcon;
2053 read_from_terminal = 0;
2054 read_from_sslcon = SSL_pending(con);
2056 if (!read_from_sslcon) {
2058 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
2059 openssl_fdset(fileno(stdin), &readfds);
2061 openssl_fdset(s, &readfds);
2063 * Note: under VMS with SOCKETSHR the second parameter is
2064 * currently of type (int *) whereas under other systems it is
2065 * (void *) if you don't have a cast it will choke the compiler:
2066 * if you do have a cast then you can either go for (int *) or
2069 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
2071 * Under DOS (non-djgpp) and Windows we can't select on stdin:
2072 * only on sockets. As a workaround we timeout the select every
2073 * second and check for any keypress. In a proper Windows
2074 * application we wouldn't do this because it is inefficient.
2078 i = select(width, (void *)&readfds, NULL, NULL, &tv);
2079 if ((i < 0) || (!i && !_kbhit()))
2082 read_from_terminal = 1;
2083 #elif defined(OPENSSL_SYS_BEOS_R5)
2084 /* Under BeOS-R5 the situation is similar to DOS */
2087 (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
2088 i = select(width, (void *)&readfds, NULL, NULL, &tv);
2089 if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
2091 if (read(fileno(stdin), buf, 0) >= 0)
2092 read_from_terminal = 1;
2093 (void)fcntl(fileno(stdin), F_SETFL, 0);
2095 if ((SSL_version(con) == DTLS1_VERSION) &&
2096 DTLSv1_get_timeout(con, &timeout))
2097 timeoutp = &timeout;
2101 i = select(width, (void *)&readfds, NULL, NULL, timeoutp);
2103 if ((SSL_version(con) == DTLS1_VERSION)
2104 && DTLSv1_handle_timeout(con) > 0) {
2105 BIO_printf(bio_err, "TIMEOUT occured\n");
2110 if (FD_ISSET(fileno(stdin), &readfds))
2111 read_from_terminal = 1;
2113 if (FD_ISSET(s, &readfds))
2114 read_from_sslcon = 1;
2116 if (read_from_terminal) {
2120 i = raw_read_stdin(buf, bufsize / 2);
2122 /* both loops are skipped when i <= 0 */
2123 for (j = 0; j < i; j++)
2126 for (j = i - 1; j >= 0; j--) {
2127 buf[j + lf_num] = buf[j];
2128 if (buf[j] == '\n') {
2131 buf[j + lf_num] = '\r';
2134 assert(lf_num == 0);
2136 i = raw_read_stdin(buf, bufsize);
2138 if ((i <= 0) || (buf[0] == 'Q')) {
2139 BIO_printf(bio_s_out, "DONE\n");
2141 close_accept_socket();
2145 if ((i <= 0) || (buf[0] == 'q')) {
2146 BIO_printf(bio_s_out, "DONE\n");
2147 if (SSL_version(con) != DTLS1_VERSION)
2150 * close_accept_socket(); ret= -11;
2154 #ifndef OPENSSL_NO_HEARTBEATS
2155 if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2156 BIO_printf(bio_err, "HEARTBEATING\n");
2162 if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2163 SSL_renegotiate(con);
2164 i = SSL_do_handshake(con);
2165 printf("SSL_do_handshake -> %d\n", i);
2169 * strcpy(buf,"server side RE-NEGOTIATE\n");
2172 if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2174 SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
2176 SSL_renegotiate(con);
2177 i = SSL_do_handshake(con);
2178 printf("SSL_do_handshake -> %d\n", i);
2182 * strcpy(buf,"server side RE-NEGOTIATE asking for client
2186 if (buf[0] == 'P') {
2187 static const char *str = "Lets print some clear text\n";
2188 BIO_write(SSL_get_wbio(con), str, strlen(str));
2190 if (buf[0] == 'S') {
2191 print_stats(bio_s_out, SSL_get_SSL_CTX(con));
2194 #ifdef CHARSET_EBCDIC
2195 ebcdic2ascii(buf, buf, i);
2199 /* should do a select for the write */
2203 if (++count == 100) {
2205 SSL_renegotiate(con);
2209 k = SSL_write(con, &(buf[l]), (unsigned int)i);
2210 #ifndef OPENSSL_NO_SRP
2211 while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) {
2212 BIO_printf(bio_s_out, "LOOKUP renego during write\n");
2213 srp_callback_parm.user =
2214 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2215 srp_callback_parm.login);
2216 if (srp_callback_parm.user)
2217 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2218 srp_callback_parm.user->info);
2220 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2221 k = SSL_write(con, &(buf[l]), (unsigned int)i);
2224 switch (SSL_get_error(con, k)) {
2225 case SSL_ERROR_NONE:
2227 case SSL_ERROR_WANT_WRITE:
2228 case SSL_ERROR_WANT_READ:
2229 case SSL_ERROR_WANT_X509_LOOKUP:
2230 BIO_printf(bio_s_out, "Write BLOCK\n");
2232 case SSL_ERROR_SYSCALL:
2234 BIO_printf(bio_s_out, "ERROR\n");
2235 ERR_print_errors(bio_err);
2239 case SSL_ERROR_ZERO_RETURN:
2240 BIO_printf(bio_s_out, "DONE\n");
2250 if (read_from_sslcon) {
2251 if (!SSL_is_init_finished(con)) {
2252 i = init_ssl_connection(con);
2257 } else if (i == 0) {
2263 i = SSL_read(con, (char *)buf, bufsize);
2264 #ifndef OPENSSL_NO_SRP
2265 while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2266 BIO_printf(bio_s_out, "LOOKUP renego during read\n");
2267 srp_callback_parm.user =
2268 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2269 srp_callback_parm.login);
2270 if (srp_callback_parm.user)
2271 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2272 srp_callback_parm.user->info);
2274 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2275 i = SSL_read(con, (char *)buf, bufsize);
2278 switch (SSL_get_error(con, i)) {
2279 case SSL_ERROR_NONE:
2280 #ifdef CHARSET_EBCDIC
2281 ascii2ebcdic(buf, buf, i);
2283 raw_write_stdout(buf, (unsigned int)i);
2284 if (SSL_pending(con))
2287 case SSL_ERROR_WANT_WRITE:
2288 case SSL_ERROR_WANT_READ:
2289 BIO_printf(bio_s_out, "Read BLOCK\n");
2291 case SSL_ERROR_SYSCALL:
2293 BIO_printf(bio_s_out, "ERROR\n");
2294 ERR_print_errors(bio_err);
2297 case SSL_ERROR_ZERO_RETURN:
2298 BIO_printf(bio_s_out, "DONE\n");
2307 BIO_printf(bio_s_out, "shutting down SSL\n");
2309 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
2315 BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
2317 OPENSSL_cleanse(buf, bufsize);
2321 BIO_printf(bio_s_out, "ACCEPT\n");
2325 static void close_accept_socket(void)
2327 BIO_printf(bio_err, "shutdown accept socket\n");
2328 if (accept_socket >= 0) {
2329 SHUTDOWN2(accept_socket);
2333 static int init_ssl_connection(SSL *con)
2339 MS_STATIC char buf[BUFSIZ];
2340 #ifndef OPENSSL_NO_KRB5
2343 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2344 const unsigned char *next_proto_neg;
2345 unsigned next_proto_neg_len;
2347 unsigned char *exportedkeymat;
2349 i = SSL_accept(con);
2350 #ifndef OPENSSL_NO_SRP
2351 while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2352 BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
2353 srp_callback_parm.login);
2354 srp_callback_parm.user =
2355 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2356 srp_callback_parm.login);
2357 if (srp_callback_parm.user)
2358 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2359 srp_callback_parm.user->info);
2361 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2362 i = SSL_accept(con);
2366 if (BIO_sock_should_retry(i)) {
2367 BIO_printf(bio_s_out, "DELAY\n");
2371 BIO_printf(bio_err, "ERROR\n");
2372 verify_error = SSL_get_verify_result(con);
2373 if (verify_error != X509_V_OK) {
2374 BIO_printf(bio_err, "verify error:%s\n",
2375 X509_verify_cert_error_string(verify_error));
2377 ERR_print_errors(bio_err);
2381 PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));
2383 peer = SSL_get_peer_certificate(con);
2385 BIO_printf(bio_s_out, "Client certificate\n");
2386 PEM_write_bio_X509(bio_s_out, peer);
2387 X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
2388 BIO_printf(bio_s_out, "subject=%s\n", buf);
2389 X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
2390 BIO_printf(bio_s_out, "issuer=%s\n", buf);
2394 if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
2395 BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
2396 str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
2397 BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
2399 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2400 SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
2401 if (next_proto_neg) {
2402 BIO_printf(bio_s_out, "NEXTPROTO is ");
2403 BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
2404 BIO_printf(bio_s_out, "\n");
2407 #ifndef OPENSSL_NO_SRTP
2409 SRTP_PROTECTION_PROFILE *srtp_profile
2410 = SSL_get_selected_srtp_profile(con);
2413 BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
2414 srtp_profile->name);
2417 if (SSL_cache_hit(con))
2418 BIO_printf(bio_s_out, "Reused session-id\n");
2419 if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
2420 TLS1_FLAGS_TLS_PADDING_BUG)
2421 BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
2422 #ifndef OPENSSL_NO_KRB5
2423 client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
2424 if (client_princ != NULL) {
2425 BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
2428 #endif /* OPENSSL_NO_KRB5 */
2429 BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
2430 SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
2431 if (keymatexportlabel != NULL) {
2432 BIO_printf(bio_s_out, "Keying material exporter:\n");
2433 BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel);
2434 BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen);
2435 exportedkeymat = OPENSSL_malloc(keymatexportlen);
2436 if (exportedkeymat != NULL) {
2437 if (!SSL_export_keying_material(con, exportedkeymat,
2440 strlen(keymatexportlabel),
2442 BIO_printf(bio_s_out, " Error\n");
2444 BIO_printf(bio_s_out, " Keying material: ");
2445 for (i = 0; i < keymatexportlen; i++)
2446 BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
2447 BIO_printf(bio_s_out, "\n");
2449 OPENSSL_free(exportedkeymat);
2456 #ifndef OPENSSL_NO_DH
2457 static DH *load_dh_param(const char *dhfile)
2462 if ((bio = BIO_new_file(dhfile, "r")) == NULL)
2464 ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
2471 #ifndef OPENSSL_NO_KRB5
2476 static int load_CA(SSL_CTX *ctx, char *file)
2481 if ((in = fopen(file, "r")) == NULL)
2485 if (PEM_read_X509(in, &x, NULL) == NULL)
2487 SSL_CTX_add_client_CA(ctx, x);
2496 static int www_body(char *hostname, int s, unsigned char *context)
2502 const SSL_CIPHER *c;
2503 BIO *io, *ssl_bio, *sbio;
2504 #ifndef OPENSSL_NO_KRB5
2508 buf = OPENSSL_malloc(bufsize);
2511 io = BIO_new(BIO_f_buffer());
2512 ssl_bio = BIO_new(BIO_f_ssl());
2513 if ((io == NULL) || (ssl_bio == NULL))
2518 unsigned long sl = 1;
2521 BIO_printf(bio_err, "turning on non blocking io\n");
2522 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
2523 ERR_print_errors(bio_err);
2527 /* lets make the output buffer a reasonable size */
2528 if (!BIO_set_write_buffer_size(io, bufsize))
2531 if ((con = SSL_new(ctx)) == NULL)
2533 #ifndef OPENSSL_NO_TLSEXT
2534 if (s_tlsextdebug) {
2535 SSL_set_tlsext_debug_callback(con, tlsext_cb);
2536 SSL_set_tlsext_debug_arg(con, bio_s_out);
2539 #ifndef OPENSSL_NO_KRB5
2540 if ((kctx = kssl_ctx_new()) != NULL) {
2541 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
2542 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
2544 #endif /* OPENSSL_NO_KRB5 */
2546 SSL_set_session_id_context(con, context, strlen((char *)context));
2548 sbio = BIO_new_socket(s, BIO_NOCLOSE);
2552 test = BIO_new(BIO_f_nbio_test());
2553 sbio = BIO_push(test, sbio);
2555 SSL_set_bio(con, sbio, sbio);
2556 SSL_set_accept_state(con);
2558 /* SSL_set_fd(con,s); */
2559 BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
2560 BIO_push(io, ssl_bio);
2561 #ifdef CHARSET_EBCDIC
2562 io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
2566 SSL_set_debug(con, 1);
2567 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
2568 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
2571 SSL_set_msg_callback(con, msg_cb);
2572 SSL_set_msg_callback_arg(con, bio_s_out);
2577 i = SSL_accept(con);
2578 #ifndef OPENSSL_NO_SRP
2580 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2581 BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
2582 srp_callback_parm.login);
2583 srp_callback_parm.user =
2584 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2585 srp_callback_parm.login);
2586 if (srp_callback_parm.user)
2587 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2588 srp_callback_parm.user->info);
2590 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2591 i = SSL_accept(con);
2594 switch (SSL_get_error(con, i)) {
2595 case SSL_ERROR_NONE:
2597 case SSL_ERROR_WANT_WRITE:
2598 case SSL_ERROR_WANT_READ:
2599 case SSL_ERROR_WANT_X509_LOOKUP:
2601 case SSL_ERROR_SYSCALL:
2603 case SSL_ERROR_ZERO_RETURN:
2609 SSL_renegotiate(con);
2610 SSL_write(con, NULL, 0);
2613 i = BIO_gets(io, buf, bufsize - 1);
2614 if (i < 0) { /* error */
2615 if (!BIO_should_retry(io)) {
2617 ERR_print_errors(bio_err);
2620 BIO_printf(bio_s_out, "read R BLOCK\n");
2621 #if defined(OPENSSL_SYS_NETWARE)
2623 #elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
2628 } else if (i == 0) { /* end of input */
2633 /* else we have data */
2634 if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
2635 ((www == 2) && (strncmp("GET /stats ", buf, 10) == 0))) {
2638 STACK_OF(SSL_CIPHER) *sk;
2639 static const char *space = " ";
2642 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2643 BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
2644 BIO_puts(io, "<pre>\n");
2645 /* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
2647 for (i = 0; i < local_argc; i++) {
2648 BIO_puts(io, local_argv[i]);
2649 BIO_write(io, " ", 1);
2654 "Secure Renegotiation IS%s supported\n",
2655 SSL_get_secure_renegotiation_support(con) ?
2659 * The following is evil and should not really be done
2661 BIO_printf(io, "Ciphers supported in s_server binary\n");
2662 sk = SSL_get_ciphers(con);
2663 j = sk_SSL_CIPHER_num(sk);
2664 for (i = 0; i < j; i++) {
2665 c = sk_SSL_CIPHER_value(sk, i);
2666 BIO_printf(io, "%-11s:%-25s",
2667 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
2668 if ((((i + 1) % 2) == 0) && (i + 1 != j))
2672 p = SSL_get_shared_ciphers(con, buf, bufsize);
2675 "---\nCiphers common between both SSL end points:\n");
2679 BIO_write(io, space, 26 - j);
2682 BIO_write(io, ((i % 3) ? " " : "\n"), 1);
2684 BIO_write(io, p, 1);
2691 BIO_printf(io, (SSL_cache_hit(con)
2692 ? "---\nReused, " : "---\nNew, "));
2693 c = SSL_get_current_cipher(con);
2694 BIO_printf(io, "%s, Cipher is %s\n",
2695 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
2696 SSL_SESSION_print(io, SSL_get_session(con));
2697 BIO_printf(io, "---\n");
2698 print_stats(io, SSL_get_SSL_CTX(con));
2699 BIO_printf(io, "---\n");
2700 peer = SSL_get_peer_certificate(con);
2702 BIO_printf(io, "Client certificate\n");
2703 X509_print(io, peer);
2704 PEM_write_bio_X509(io, peer);
2706 BIO_puts(io, "no client certificate available\n");
2707 BIO_puts(io, "</BODY></HTML>\r\n\r\n");
2709 } else if ((www == 2 || www == 3)
2710 && (strncmp("GET /", buf, 5) == 0)) {
2713 static const char *text =
2714 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
2720 for (e = p; *e != '\0'; e++) {
2726 dot = (e[0] == '.') ? 2 : 0;
2729 dot = (e[0] == '.') ? 3 : 0;
2732 dot = (e[0] == '/') ? -1 : 0;
2736 dot = (e[0] == '/') ? 1 : 0;
2738 dot = (dot == 3) || (dot == -1); /* filename contains ".."
2743 BIO_printf(io, "'%s' is an invalid file name\r\n", p);
2750 BIO_printf(io, "'%s' contains '..' reference\r\n", p);
2756 BIO_printf(io, "'%s' is an invalid path\r\n", p);
2760 /* append if a directory lookup */
2762 strcat(p, "index.html");
2765 /* if a directory, do the index thang */
2766 if (app_isdir(p) > 0) {
2767 #if 0 /* must check buffer size */
2768 strcat(p, "/index.html");
2771 BIO_printf(io, "'%s' is a directory\r\n", p);
2776 if ((file = BIO_new_file(p, "r")) == NULL) {
2778 BIO_printf(io, "Error opening '%s'\r\n", p);
2779 ERR_print_errors(io);
2784 BIO_printf(bio_err, "FILE:%s\n", p);
2788 if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) ||
2789 ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) ||
2790 ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
2792 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2795 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
2799 i = BIO_read(file, buf, bufsize);
2805 fprintf(stderr, "%d\n", i);
2806 if (total_bytes > 3 * 1024) {
2808 fprintf(stderr, "RENEGOTIATE\n");
2809 SSL_renegotiate(con);
2813 for (j = 0; j < i;) {
2817 if (++count == 13) {
2818 SSL_renegotiate(con);
2822 k = BIO_write(io, &(buf[j]), i - j);
2824 if (!BIO_should_retry(io))
2827 BIO_printf(bio_s_out, "rwrite W BLOCK\n");
2841 i = (int)BIO_flush(io);
2843 if (!BIO_should_retry(io))
2850 /* make sure we re-use sessions */
2851 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
2853 /* This kills performance */
2855 * SSL_shutdown(con); A shutdown gets sent in the BIO_free_all(io)
2863 BIO_printf(bio_s_out, "ACCEPT\n");
2869 /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
2873 #ifndef OPENSSL_NO_RSA
2874 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2877 static RSA *rsa_tmp = NULL;
2879 if (!rsa_tmp && ((bn = BN_new()) == NULL))
2880 BIO_printf(bio_err, "Allocation error in generating RSA key\n");
2881 if (!rsa_tmp && bn) {
2883 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...",
2885 (void)BIO_flush(bio_err);
2887 if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
2888 !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2894 BIO_printf(bio_err, "\n");
2895 (void)BIO_flush(bio_err);
2903 #define MAX_SESSION_ID_ATTEMPTS 10
2904 static int generate_session_id(const SSL *ssl, unsigned char *id,
2905 unsigned int *id_len)
2907 unsigned int count = 0;
2909 RAND_pseudo_bytes(id, *id_len);
2911 * Prefix the session_id with the required prefix. NB: If our prefix
2912 * is too long, clip it - but there will be worse effects anyway, eg.
2913 * the server could only possibly create 1 session ID (ie. the
2914 * prefix!) so all future session negotiations will fail due to
2917 memcpy(id, session_id_prefix,
2918 (strlen(session_id_prefix) < *id_len) ?
2919 strlen(session_id_prefix) : *id_len);
2921 while (SSL_has_matching_session_id(ssl, id, *id_len) &&
2922 (++count < MAX_SESSION_ID_ATTEMPTS));
2923 if (count >= MAX_SESSION_ID_ATTEMPTS)