2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
144 * Until the key-gen callbacks are modified to use newer prototypes, we allow
145 * deprecated functions for openssl-internal code
147 #ifdef OPENSSL_NO_DEPRECATED
148 # undef OPENSSL_NO_DEPRECATED
157 #include <openssl/e_os2.h>
158 #ifdef OPENSSL_NO_STDIO
162 /* conflicts with winsock2 stuff on netware */
163 #if !defined(OPENSSL_SYS_NETWARE)
164 # include <sys/types.h>
168 * With IPv6, it looks like Digital has mixed up the proper order of
169 * recursive header file inclusion, resulting in the compiler complaining
170 * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
171 * needed to have fileno() declared correctly... So let's define u_int
173 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
175 typedef unsigned int u_int;
178 #include <openssl/lhash.h>
179 #include <openssl/bn.h>
182 #include <openssl/err.h>
183 #include <openssl/pem.h>
184 #include <openssl/x509.h>
185 #include <openssl/ssl.h>
186 #include <openssl/rand.h>
187 #include <openssl/ocsp.h>
188 #ifndef OPENSSL_NO_DH
189 # include <openssl/dh.h>
191 #ifndef OPENSSL_NO_RSA
192 # include <openssl/rsa.h>
194 #ifndef OPENSSL_NO_SRP
195 # include <openssl/srp.h>
198 #include "timeouts.h"
200 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
201 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
205 #if defined(OPENSSL_SYS_BEOS_R5)
209 #ifndef OPENSSL_NO_RSA
210 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
212 static int sv_body(char *hostname, int s, unsigned char *context);
213 static int www_body(char *hostname, int s, unsigned char *context);
214 static void close_accept_socket(void);
215 static void sv_usage(void);
216 static int init_ssl_connection(SSL *s);
217 static void print_stats(BIO *bp, SSL_CTX *ctx);
218 static int generate_session_id(const SSL *ssl, unsigned char *id,
219 unsigned int *id_len);
220 #ifndef OPENSSL_NO_DH
221 static DH *load_dh_param(const char *dhfile);
222 static DH *get_dh512(void);
226 static void s_server_init(void);
229 #ifndef OPENSSL_NO_DH
230 static unsigned char dh512_p[] = {
231 0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
232 0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
233 0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
234 0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
235 0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
236 0x47, 0x74, 0xE8, 0x33,
239 static unsigned char dh512_g[] = {
243 static DH *get_dh512(void)
247 if ((dh = DH_new()) == NULL)
249 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
250 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
251 if ((dh->p == NULL) || (dh->g == NULL))
257 /* static int load_CA(SSL_CTX *ctx, char *file);*/
260 #define BUFSIZZ 16*1024
261 static int bufsize = BUFSIZZ;
262 static int accept_socket = -1;
264 #define TEST_CERT "server.pem"
265 #ifndef OPENSSL_NO_TLSEXT
266 # define TEST_CERT2 "server2.pem"
269 #define PROG s_server_main
271 extern int verify_depth, verify_return_error;
273 static char *cipher = NULL;
274 static int s_server_verify = SSL_VERIFY_NONE;
275 static int s_server_session_id_context = 1; /* anything will do */
276 static const char *s_cert_file = TEST_CERT, *s_key_file = NULL;
277 #ifndef OPENSSL_NO_TLSEXT
278 static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
280 static char *s_dcert_file = NULL, *s_dkey_file = NULL;
282 static int s_nbio = 0;
284 static int s_nbio_test = 0;
286 static SSL_CTX *ctx = NULL;
287 #ifndef OPENSSL_NO_TLSEXT
288 static SSL_CTX *ctx2 = NULL;
292 static BIO *bio_s_out = NULL;
293 static int s_debug = 0;
294 #ifndef OPENSSL_NO_TLSEXT
295 static int s_tlsextdebug = 0;
296 static int s_tlsextstatus = 0;
297 static int cert_status_cb(SSL *s, void *arg);
299 static int s_msg = 0;
300 static int s_quiet = 0;
302 static char *keymatexportlabel = NULL;
303 static int keymatexportlen = 20;
306 #ifndef OPENSSL_NO_ENGINE
307 static char *engine_id = NULL;
309 static const char *session_id_prefix = NULL;
311 static int enable_timeouts = 0;
312 static long socket_mtu;
313 #ifndef OPENSSL_NO_DTLS1
314 static int cert_chain = 0;
317 #ifndef OPENSSL_NO_PSK
318 static char *psk_identity = "Client_identity";
319 char *psk_key = NULL; /* by default PSK is not used */
321 static unsigned int psk_server_cb(SSL *ssl, const char *identity,
323 unsigned int max_psk_len)
325 unsigned int psk_len = 0;
330 BIO_printf(bio_s_out, "psk_server_cb\n");
332 BIO_printf(bio_err, "Error: client did not send PSK identity\n");
336 BIO_printf(bio_s_out, "identity_len=%d identity=%s\n",
337 identity ? (int)strlen(identity) : 0, identity);
339 /* here we could lookup the given identity e.g. from a database */
340 if (strcmp(identity, psk_identity) != 0) {
341 BIO_printf(bio_s_out, "PSK error: client identity not found"
342 " (got '%s' expected '%s')\n", identity, psk_identity);
346 BIO_printf(bio_s_out, "PSK client identity found\n");
348 /* convert the PSK key to binary */
349 ret = BN_hex2bn(&bn, psk_key);
351 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
357 if (BN_num_bytes(bn) > (int)max_psk_len) {
359 "psk buffer of callback is too small (%d) for key (%d)\n",
360 max_psk_len, BN_num_bytes(bn));
365 ret = BN_bn2bin(bn, psk);
370 psk_len = (unsigned int)ret;
373 BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
377 BIO_printf(bio_err, "Error in PSK server callback\n");
382 #ifndef OPENSSL_NO_SRP
383 /* This is a context that we pass to callbacks */
384 typedef struct srpsrvparm_st {
391 * This callback pretends to require some asynchronous logic in order to
392 * obtain a verifier. When the callback is called for a new connection we
393 * return with a negative value. This will provoke the accept etc to return
394 * with an LOOKUP_X509. The main logic of the reinvokes the suspended call
395 * (which would normally occur after a worker has finished) and we set the
398 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
400 srpsrvparm *p = (srpsrvparm *) arg;
401 if (p->login == NULL && p->user == NULL) {
402 p->login = SSL_get_srp_username(s);
403 BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
407 if (p->user == NULL) {
408 BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
409 return SSL3_AL_FATAL;
411 if (SSL_set_srp_server_param
412 (s, p->user->N, p->user->g, p->user->s, p->user->v,
413 p->user->info) < 0) {
414 *ad = SSL_AD_INTERNAL_ERROR;
415 return SSL3_AL_FATAL;
418 "SRP parameters set: username = \"%s\" info=\"%s\" \n",
419 p->login, p->user->info);
420 /* need to check whether there are memory leaks */
423 return SSL_ERROR_NONE;
429 static void s_server_init(void)
433 s_server_verify = SSL_VERIFY_NONE;
436 s_cert_file = TEST_CERT;
438 # ifndef OPENSSL_NO_TLSEXT
439 s_cert_file2 = TEST_CERT2;
455 # ifndef OPENSSL_NO_ENGINE
461 static void sv_usage(void)
463 BIO_printf(bio_err, "usage: s_server [args ...]\n");
464 BIO_printf(bio_err, "\n");
466 " -accept arg - port to accept on (default is %d)\n", PORT);
467 BIO_printf(bio_err, " -context arg - set session ID context\n");
469 " -verify arg - turn on peer certificate verification\n");
471 " -Verify arg - turn on peer certificate verification, must have a cert.\n");
473 " -verify_return_error - return verification errors\n");
474 BIO_printf(bio_err, " -cert arg - certificate file to use\n");
475 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT);
477 " -crl_check - check the peer certificate has not been revoked by its CA.\n"
478 " The CRL(s) are appended to the certificate file\n");
480 " -crl_check_all - check the peer certificate has not been revoked by its CA\n"
481 " or any other CRL in the CA chain. CRL(s) are appened to the\n"
482 " the certificate file.\n");
484 " -certform arg - certificate format (PEM or DER) PEM default\n");
486 " -key arg - Private Key file to use, in cert file if\n");
487 BIO_printf(bio_err, " not specified (default is %s)\n",
490 " -keyform arg - key format (PEM, DER or ENGINE) PEM default\n");
492 " -pass arg - private key file pass phrase source\n");
494 " -dcert arg - second certificate file to use (usually for DSA)\n");
496 " -dcertform x - second certificate format (PEM or DER) PEM default\n");
498 " -dkey arg - second private key file to use (usually for DSA)\n");
500 " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
502 " -dpass arg - second private key file pass phrase source\n");
504 " -dhparam arg - DH parameter file to use, in cert file if not specified\n");
506 " or a default set of parameters is used\n");
507 #ifndef OPENSSL_NO_ECDH
509 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
510 " Use \"openssl ecparam -list_curves\" for all names\n"
511 " (default is nistp256).\n");
514 BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n");
517 " -nbio_test - test with the non-blocking test bio\n");
519 " -crlf - convert LF from terminal into CRLF\n");
520 BIO_printf(bio_err, " -debug - Print more output\n");
521 BIO_printf(bio_err, " -msg - Show protocol messages\n");
522 BIO_printf(bio_err, " -state - Print the SSL states\n");
523 BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
524 BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
526 " -nocert - Don't use any certificates (Anon-DH)\n");
528 " -cipher arg - play with 'openssl ciphers' to see what goes here\n");
529 BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n");
530 BIO_printf(bio_err, " -quiet - No server output\n");
531 BIO_printf(bio_err, " -no_tmp_rsa - Do not generate a tmp RSA key\n");
532 #ifndef OPENSSL_NO_PSK
533 BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n");
534 BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n");
535 # ifndef OPENSSL_NO_JPAKE
536 BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n");
539 #ifndef OPENSSL_NO_SRP
540 BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n");
542 " -srpuserseed string - A seed string for a default user salt.\n");
544 BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n");
545 #ifndef OPENSSL_NO_SSL3_METHOD
546 BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n");
548 BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n");
549 BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n");
550 BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n");
551 BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n");
552 BIO_printf(bio_err, " -timeout - Enable timeouts\n");
553 BIO_printf(bio_err, " -mtu - Set link layer MTU\n");
554 BIO_printf(bio_err, " -chain - Read a certificate chain\n");
555 BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n");
556 BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n");
557 BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n");
558 BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n");
559 BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n");
560 #ifndef OPENSSL_NO_DH
561 BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n");
563 #ifndef OPENSSL_NO_ECDH
564 BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n");
566 BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n");
568 " -hack - workaround for early Netscape code\n");
570 " -www - Respond to a 'GET /' with a status page\n");
572 " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
574 " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
576 " with the assumption it contains a complete HTTP response.\n");
577 #ifndef OPENSSL_NO_ENGINE
579 " -engine id - Initialise and use the specified engine\n");
582 " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
583 BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
584 LIST_SEPARATOR_CHAR);
585 #ifndef OPENSSL_NO_TLSEXT
587 " -servername host - servername for HostName TLS extension\n");
589 " -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
591 " -cert2 arg - certificate file to use for servername\n");
592 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT2);
594 " -key2 arg - Private Key file to use for servername, in cert file if\n");
595 BIO_printf(bio_err, " not specified (default is %s)\n",
598 " -tlsextdebug - hex dump of all TLS extensions received\n");
600 " -no_ticket - disable use of RFC4507bis session tickets\n");
602 " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
603 # ifndef OPENSSL_NO_NEXTPROTONEG
605 " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
607 # ifndef OPENSSL_NO_SRTP
609 " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
613 " -keymatexport label - Export keying material using label\n");
615 " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
617 " -status - respond to certificate status requests\n");
619 " -status_verbose - enable status request verbose printout\n");
621 " -status_timeout n - status request responder timeout\n");
622 BIO_printf(bio_err, " -status_url URL - status request fallback URL\n");
625 static int local_argc = 0;
626 static char **local_argv;
628 #ifdef CHARSET_EBCDIC
629 static int ebcdic_new(BIO *bi);
630 static int ebcdic_free(BIO *a);
631 static int ebcdic_read(BIO *b, char *out, int outl);
632 static int ebcdic_write(BIO *b, const char *in, int inl);
633 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
634 static int ebcdic_gets(BIO *bp, char *buf, int size);
635 static int ebcdic_puts(BIO *bp, const char *str);
637 # define BIO_TYPE_EBCDIC_FILTER (18|0x0200)
638 static BIO_METHOD methods_ebcdic = {
639 BIO_TYPE_EBCDIC_FILTER,
640 "EBCDIC/ASCII filter",
655 BIO_METHOD *BIO_f_ebcdic_filter()
657 return (&methods_ebcdic);
660 static int ebcdic_new(BIO *bi)
662 EBCDIC_OUTBUFF *wbuf;
664 wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
665 wbuf->alloced = 1024;
666 wbuf->buff[0] = '\0';
668 bi->ptr = (char *)wbuf;
674 static int ebcdic_free(BIO *a)
679 OPENSSL_free(a->ptr);
686 static int ebcdic_read(BIO *b, char *out, int outl)
690 if (out == NULL || outl == 0)
692 if (b->next_bio == NULL)
695 ret = BIO_read(b->next_bio, out, outl);
697 ascii2ebcdic(out, out, ret);
701 static int ebcdic_write(BIO *b, const char *in, int inl)
703 EBCDIC_OUTBUFF *wbuf;
708 if ((in == NULL) || (inl <= 0))
710 if (b->next_bio == NULL)
713 wbuf = (EBCDIC_OUTBUFF *) b->ptr;
715 if (inl > (num = wbuf->alloced)) {
716 num = num + num; /* double the size */
721 (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
724 wbuf->buff[0] = '\0';
726 b->ptr = (char *)wbuf;
729 ebcdic2ascii(wbuf->buff, in, inl);
731 ret = BIO_write(b->next_bio, wbuf->buff, inl);
736 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
740 if (b->next_bio == NULL)
747 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
753 static int ebcdic_gets(BIO *bp, char *buf, int size)
756 if (bp->next_bio == NULL)
758 /* return(BIO_gets(bp->next_bio,buf,size));*/
759 for (i = 0; i < size - 1; ++i) {
760 ret = ebcdic_read(bp, &buf[i], 1);
763 else if (buf[i] == '\n') {
770 return (ret < 0 && i == 0) ? ret : i;
773 static int ebcdic_puts(BIO *bp, const char *str)
775 if (bp->next_bio == NULL)
777 return ebcdic_write(bp, str, strlen(str));
781 #ifndef OPENSSL_NO_TLSEXT
783 /* This is a context that we pass to callbacks */
784 typedef struct tlsextctx_st {
790 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
792 tlsextctx *p = (tlsextctx *) arg;
793 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
794 if (servername && p->biodebug)
795 BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n",
799 return SSL_TLSEXT_ERR_NOACK;
802 if (strcasecmp(servername, p->servername))
803 return p->extension_error;
805 BIO_printf(p->biodebug, "Switching server context.\n");
806 SSL_set_SSL_CTX(s, ctx2);
809 return SSL_TLSEXT_ERR_OK;
812 /* Structure passed to cert status callback */
814 typedef struct tlsextstatusctx_st {
815 /* Default responder to use */
816 char *host, *path, *port;
823 static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, NULL, 0 };
826 * Certificate Status callback. This is called when a client includes a
827 * certificate status request extension. This is a simplified version. It
828 * examines certificates each time and makes one OCSP responder query for
829 * each request. A full version would store details such as the OCSP
830 * certificate IDs and minimise the number of OCSP responses by caching them
831 * until they were considered "expired".
834 static int cert_status_cb(SSL *s, void *arg)
836 tlsextstatusctx *srctx = arg;
837 BIO *err = srctx->err;
838 char *host, *port, *path;
840 unsigned char *rspder = NULL;
842 STACK_OF(OPENSSL_STRING) *aia = NULL;
844 X509_STORE_CTX inctx;
846 OCSP_REQUEST *req = NULL;
847 OCSP_RESPONSE *resp = NULL;
848 OCSP_CERTID *id = NULL;
849 STACK_OF(X509_EXTENSION) *exts;
850 int ret = SSL_TLSEXT_ERR_NOACK;
853 STACK_OF(OCSP_RESPID) *ids;
854 SSL_get_tlsext_status_ids(s, &ids);
855 BIO_printf(err, "cert_status: received %d ids\n",
856 sk_OCSP_RESPID_num(ids));
859 BIO_puts(err, "cert_status: callback called\n");
860 /* Build up OCSP query from server certificate */
861 x = SSL_get_certificate(s);
862 aia = X509_get1_ocsp(x);
864 if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
865 &host, &port, &path, &use_ssl)) {
866 BIO_puts(err, "cert_status: can't parse AIA URL\n");
870 BIO_printf(err, "cert_status: AIA URL: %s\n",
871 sk_OPENSSL_STRING_value(aia, 0));
875 "cert_status: no AIA and no default responder URL\n");
881 use_ssl = srctx->use_ssl;
884 if (!X509_STORE_CTX_init(&inctx,
885 SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
888 if (X509_STORE_get_by_subject(&inctx, X509_LU_X509,
889 X509_get_issuer_name(x), &obj) <= 0) {
890 BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
891 X509_STORE_CTX_cleanup(&inctx);
894 req = OCSP_REQUEST_new();
897 id = OCSP_cert_to_id(NULL, x, obj.data.x509);
898 X509_free(obj.data.x509);
899 X509_STORE_CTX_cleanup(&inctx);
902 if (!OCSP_request_add0_id(req, id))
905 /* Add any extensions to the request */
906 SSL_get_tlsext_status_exts(s, &exts);
907 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
908 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
909 if (!OCSP_REQUEST_add_ext(req, ext, -1))
912 resp = process_responder(err, req, host, path, port, use_ssl, NULL,
915 BIO_puts(err, "cert_status: error querying responder\n");
918 rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
921 SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
922 if (srctx->verbose) {
923 BIO_puts(err, "cert_status: ocsp response sent:\n");
924 OCSP_RESPONSE_print(err, resp, 2);
926 ret = SSL_TLSEXT_ERR_OK;
928 if (ret != SSL_TLSEXT_ERR_OK)
929 ERR_print_errors(err);
934 X509_email_free(aia);
937 OCSP_CERTID_free(id);
939 OCSP_REQUEST_free(req);
941 OCSP_RESPONSE_free(resp);
944 ret = SSL_TLSEXT_ERR_ALERT_FATAL;
948 # ifndef OPENSSL_NO_NEXTPROTONEG
949 /* This is the context that we pass to next_proto_cb */
950 typedef struct tlsextnextprotoctx_st {
953 } tlsextnextprotoctx;
955 static int next_proto_cb(SSL *s, const unsigned char **data,
956 unsigned int *len, void *arg)
958 tlsextnextprotoctx *next_proto = arg;
960 *data = next_proto->data;
961 *len = next_proto->len;
963 return SSL_TLSEXT_ERR_OK;
965 # endif /* ndef OPENSSL_NO_NEXTPROTONEG */
969 int MAIN(int, char **);
971 #ifndef OPENSSL_NO_JPAKE
972 static char *jpake_secret = NULL;
974 #ifndef OPENSSL_NO_SRP
975 static srpsrvparm srp_callback_parm;
977 #ifndef OPENSSL_NO_SRTP
978 static char *srtp_profiles = NULL;
981 int MAIN(int argc, char *argv[])
983 X509_VERIFY_PARAM *vpm = NULL;
986 char *CApath = NULL, *CAfile = NULL;
987 unsigned char *context = NULL;
989 #ifndef OPENSSL_NO_ECDH
990 char *named_curve = NULL;
992 int badop = 0, bugs = 0;
995 int no_tmp_rsa = 0, no_dhe = 0, nocert = 0;
996 #ifndef OPENSSL_NO_ECDH
1000 const SSL_METHOD *meth = NULL;
1001 int socket_type = SOCK_STREAM;
1003 char *inrand = NULL;
1004 int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
1005 char *passarg = NULL, *pass = NULL;
1006 char *dpassarg = NULL, *dpass = NULL;
1007 int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
1008 X509 *s_cert = NULL, *s_dcert = NULL;
1009 EVP_PKEY *s_key = NULL, *s_dkey = NULL;
1011 #ifndef OPENSSL_NO_TLSEXT
1012 EVP_PKEY *s_key2 = NULL;
1013 X509 *s_cert2 = NULL;
1014 tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
1015 # ifndef OPENSSL_NO_NEXTPROTONEG
1016 const char *next_proto_neg_in = NULL;
1017 tlsextnextprotoctx next_proto;
1020 #ifndef OPENSSL_NO_PSK
1021 /* by default do not send a PSK identity hint */
1022 static char *psk_identity_hint = NULL;
1024 #ifndef OPENSSL_NO_SRP
1025 char *srpuserseed = NULL;
1026 char *srp_verifier_file = NULL;
1028 meth = SSLv23_server_method();
1038 if (bio_err == NULL)
1039 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
1041 if (!load_config(bio_err, NULL))
1054 if ((strcmp(*argv, "-port") == 0) || (strcmp(*argv, "-accept") == 0)) {
1057 if (!extract_port(*(++argv), &port))
1059 } else if (strcmp(*argv, "-verify") == 0) {
1060 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
1063 verify_depth = atoi(*(++argv));
1064 BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
1065 } else if (strcmp(*argv, "-Verify") == 0) {
1067 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
1068 SSL_VERIFY_CLIENT_ONCE;
1071 verify_depth = atoi(*(++argv));
1073 "verify depth is %d, must return a certificate\n",
1075 } else if (strcmp(*argv, "-context") == 0) {
1078 context = (unsigned char *)*(++argv);
1079 } else if (strcmp(*argv, "-cert") == 0) {
1082 s_cert_file = *(++argv);
1083 } else if (strcmp(*argv, "-certform") == 0) {
1086 s_cert_format = str2fmt(*(++argv));
1087 } else if (strcmp(*argv, "-key") == 0) {
1090 s_key_file = *(++argv);
1091 } else if (strcmp(*argv, "-keyform") == 0) {
1094 s_key_format = str2fmt(*(++argv));
1095 } else if (strcmp(*argv, "-pass") == 0) {
1098 passarg = *(++argv);
1099 } else if (strcmp(*argv, "-dhparam") == 0) {
1104 #ifndef OPENSSL_NO_ECDH
1105 else if (strcmp(*argv, "-named_curve") == 0) {
1108 named_curve = *(++argv);
1111 else if (strcmp(*argv, "-dcertform") == 0) {
1114 s_dcert_format = str2fmt(*(++argv));
1115 } else if (strcmp(*argv, "-dcert") == 0) {
1118 s_dcert_file = *(++argv);
1119 } else if (strcmp(*argv, "-dkeyform") == 0) {
1122 s_dkey_format = str2fmt(*(++argv));
1123 } else if (strcmp(*argv, "-dpass") == 0) {
1126 dpassarg = *(++argv);
1127 } else if (strcmp(*argv, "-dkey") == 0) {
1130 s_dkey_file = *(++argv);
1131 } else if (strcmp(*argv, "-nocert") == 0) {
1133 } else if (strcmp(*argv, "-CApath") == 0) {
1137 } else if (strcmp(*argv, "-no_cache") == 0)
1139 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
1143 } else if (strcmp(*argv, "-verify_return_error") == 0)
1144 verify_return_error = 1;
1145 else if (strcmp(*argv, "-serverpref") == 0) {
1146 off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
1147 } else if (strcmp(*argv, "-legacy_renegotiation") == 0)
1148 off |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
1149 else if (strcmp(*argv, "-cipher") == 0) {
1153 } else if (strcmp(*argv, "-CAfile") == 0) {
1159 else if (strcmp(*argv, "-nbio") == 0) {
1163 else if (strcmp(*argv, "-nbio_test") == 0) {
1168 } else if (strcmp(*argv, "-debug") == 0) {
1171 #ifndef OPENSSL_NO_TLSEXT
1172 else if (strcmp(*argv, "-tlsextdebug") == 0)
1174 else if (strcmp(*argv, "-status") == 0)
1176 else if (strcmp(*argv, "-status_verbose") == 0) {
1178 tlscstatp.verbose = 1;
1179 } else if (!strcmp(*argv, "-status_timeout")) {
1183 tlscstatp.timeout = atoi(*(++argv));
1184 } else if (!strcmp(*argv, "-status_url")) {
1188 if (!OCSP_parse_url(*(++argv),
1191 &tlscstatp.path, &tlscstatp.use_ssl)) {
1192 BIO_printf(bio_err, "Error parsing URL\n");
1197 else if (strcmp(*argv, "-msg") == 0) {
1199 } else if (strcmp(*argv, "-hack") == 0) {
1201 } else if (strcmp(*argv, "-state") == 0) {
1203 } else if (strcmp(*argv, "-crlf") == 0) {
1205 } else if (strcmp(*argv, "-quiet") == 0) {
1207 } else if (strcmp(*argv, "-bugs") == 0) {
1209 } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
1211 } else if (strcmp(*argv, "-no_dhe") == 0) {
1214 #ifndef OPENSSL_NO_ECDH
1215 else if (strcmp(*argv, "-no_ecdhe") == 0) {
1219 #ifndef OPENSSL_NO_PSK
1220 else if (strcmp(*argv, "-psk_hint") == 0) {
1223 psk_identity_hint = *(++argv);
1224 } else if (strcmp(*argv, "-psk") == 0) {
1229 psk_key = *(++argv);
1230 for (i = 0; i < strlen(psk_key); i++) {
1231 if (isxdigit((unsigned char)psk_key[i]))
1233 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1238 #ifndef OPENSSL_NO_SRP
1239 else if (strcmp(*argv, "-srpvfile") == 0) {
1242 srp_verifier_file = *(++argv);
1243 meth = TLSv1_server_method();
1244 } else if (strcmp(*argv, "-srpuserseed") == 0) {
1247 srpuserseed = *(++argv);
1248 meth = TLSv1_server_method();
1251 else if (strcmp(*argv, "-www") == 0) {
1253 } else if (strcmp(*argv, "-WWW") == 0) {
1255 } else if (strcmp(*argv, "-HTTP") == 0) {
1257 } else if (strcmp(*argv, "-no_ssl2") == 0) {
1258 off |= SSL_OP_NO_SSLv2;
1259 } else if (strcmp(*argv, "-no_ssl3") == 0) {
1260 off |= SSL_OP_NO_SSLv3;
1261 } else if (strcmp(*argv, "-no_tls1") == 0) {
1262 off |= SSL_OP_NO_TLSv1;
1263 } else if (strcmp(*argv, "-no_tls1_1") == 0) {
1264 off |= SSL_OP_NO_TLSv1_1;
1265 } else if (strcmp(*argv, "-no_tls1_2") == 0) {
1266 off |= SSL_OP_NO_TLSv1_2;
1267 } else if (strcmp(*argv, "-no_comp") == 0) {
1268 off |= SSL_OP_NO_COMPRESSION;
1270 #ifndef OPENSSL_NO_TLSEXT
1271 else if (strcmp(*argv, "-no_ticket") == 0) {
1272 off |= SSL_OP_NO_TICKET;
1275 #ifndef OPENSSL_NO_SSL2
1276 else if (strcmp(*argv, "-ssl2") == 0) {
1277 meth = SSLv2_server_method();
1280 #ifndef OPENSSL_NO_SSL3_METHOD
1281 else if (strcmp(*argv, "-ssl3") == 0) {
1282 meth = SSLv3_server_method();
1285 #ifndef OPENSSL_NO_TLS1
1286 else if (strcmp(*argv, "-tls1") == 0) {
1287 meth = TLSv1_server_method();
1288 } else if (strcmp(*argv, "-tls1_1") == 0) {
1289 meth = TLSv1_1_server_method();
1290 } else if (strcmp(*argv, "-tls1_2") == 0) {
1291 meth = TLSv1_2_server_method();
1294 #ifndef OPENSSL_NO_DTLS1
1295 else if (strcmp(*argv, "-dtls1") == 0) {
1296 meth = DTLSv1_server_method();
1297 socket_type = SOCK_DGRAM;
1298 } else if (strcmp(*argv, "-timeout") == 0)
1299 enable_timeouts = 1;
1300 else if (strcmp(*argv, "-mtu") == 0) {
1303 socket_mtu = atol(*(++argv));
1304 } else if (strcmp(*argv, "-chain") == 0)
1307 else if (strcmp(*argv, "-id_prefix") == 0) {
1310 session_id_prefix = *(++argv);
1312 #ifndef OPENSSL_NO_ENGINE
1313 else if (strcmp(*argv, "-engine") == 0) {
1316 engine_id = *(++argv);
1319 else if (strcmp(*argv, "-rand") == 0) {
1324 #ifndef OPENSSL_NO_TLSEXT
1325 else if (strcmp(*argv, "-servername") == 0) {
1328 tlsextcbp.servername = *(++argv);
1329 } else if (strcmp(*argv, "-servername_fatal") == 0) {
1330 tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL;
1331 } else if (strcmp(*argv, "-cert2") == 0) {
1334 s_cert_file2 = *(++argv);
1335 } else if (strcmp(*argv, "-key2") == 0) {
1338 s_key_file2 = *(++argv);
1340 # ifndef OPENSSL_NO_NEXTPROTONEG
1341 else if (strcmp(*argv, "-nextprotoneg") == 0) {
1344 next_proto_neg_in = *(++argv);
1348 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1349 else if (strcmp(*argv, "-jpake") == 0) {
1352 jpake_secret = *(++argv);
1355 #ifndef OPENSSL_NO_SRTP
1356 else if (strcmp(*argv, "-use_srtp") == 0) {
1359 srtp_profiles = *(++argv);
1362 else if (strcmp(*argv, "-keymatexport") == 0) {
1365 keymatexportlabel = *(++argv);
1366 } else if (strcmp(*argv, "-keymatexportlen") == 0) {
1369 keymatexportlen = atoi(*(++argv));
1370 if (keymatexportlen == 0)
1373 BIO_printf(bio_err, "unknown option %s\n", *argv);
1385 #ifndef OPENSSL_NO_DTLS1
1386 if (www && socket_type == SOCK_DGRAM) {
1387 BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n");
1392 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1395 BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
1398 psk_identity = "JPAKE";
1400 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
1407 SSL_load_error_strings();
1408 OpenSSL_add_ssl_algorithms();
1410 #ifndef OPENSSL_NO_ENGINE
1411 e = setup_engine(bio_err, engine_id, 1);
1414 if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) {
1415 BIO_printf(bio_err, "Error getting password\n");
1419 if (s_key_file == NULL)
1420 s_key_file = s_cert_file;
1421 #ifndef OPENSSL_NO_TLSEXT
1422 if (s_key_file2 == NULL)
1423 s_key_file2 = s_cert_file2;
1427 s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
1428 "server certificate private key file");
1430 ERR_print_errors(bio_err);
1434 s_cert = load_cert(bio_err, s_cert_file, s_cert_format,
1435 NULL, e, "server certificate file");
1438 ERR_print_errors(bio_err);
1441 #ifndef OPENSSL_NO_TLSEXT
1442 if (tlsextcbp.servername) {
1443 s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
1444 "second server certificate private key file");
1446 ERR_print_errors(bio_err);
1450 s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format,
1451 NULL, e, "second server certificate file");
1454 ERR_print_errors(bio_err);
1460 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
1461 if (next_proto_neg_in) {
1463 next_proto.data = next_protos_parse(&len, next_proto_neg_in);
1464 if (next_proto.data == NULL)
1466 next_proto.len = len;
1468 next_proto.data = NULL;
1474 if (s_dkey_file == NULL)
1475 s_dkey_file = s_dcert_file;
1477 s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
1478 0, dpass, e, "second certificate private key file");
1480 ERR_print_errors(bio_err);
1484 s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format,
1485 NULL, e, "second server certificate file");
1488 ERR_print_errors(bio_err);
1494 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
1495 && !RAND_status()) {
1497 "warning, not much extra random data, consider using the -rand option\n");
1500 BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
1501 app_RAND_load_files(inrand));
1503 if (bio_s_out == NULL) {
1504 if (s_quiet && !s_debug && !s_msg) {
1505 bio_s_out = BIO_new(BIO_s_null());
1507 if (bio_s_out == NULL)
1508 bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE);
1511 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
1517 s_dcert_file = NULL;
1519 #ifndef OPENSSL_NO_TLSEXT
1520 s_cert_file2 = NULL;
1525 ctx = SSL_CTX_new(meth);
1527 ERR_print_errors(bio_err);
1530 if (session_id_prefix) {
1531 if (strlen(session_id_prefix) >= 32)
1533 "warning: id_prefix is too long, only one new session will be possible\n");
1534 else if (strlen(session_id_prefix) >= 16)
1536 "warning: id_prefix is too long if you use SSLv2\n");
1537 if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
1538 BIO_printf(bio_err, "error setting 'id_prefix'\n");
1539 ERR_print_errors(bio_err);
1542 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
1544 SSL_CTX_set_quiet_shutdown(ctx, 1);
1546 SSL_CTX_set_options(ctx, SSL_OP_ALL);
1548 SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
1549 SSL_CTX_set_options(ctx, off);
1552 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
1554 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
1556 SSL_CTX_sess_set_cache_size(ctx, 128);
1558 #ifndef OPENSSL_NO_SRTP
1559 if (srtp_profiles != NULL)
1560 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
1565 cipher = getenv("SSL_CIPHER");
1569 if (s_cert_file == NULL) {
1571 "You must specify a certificate file for the server to use\n");
1576 if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
1577 (!SSL_CTX_set_default_verify_paths(ctx))) {
1578 /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
1579 ERR_print_errors(bio_err);
1583 SSL_CTX_set1_param(ctx, vpm);
1585 #ifndef OPENSSL_NO_TLSEXT
1587 ctx2 = SSL_CTX_new(meth);
1589 ERR_print_errors(bio_err);
1595 BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
1597 if (session_id_prefix) {
1598 if (strlen(session_id_prefix) >= 32)
1600 "warning: id_prefix is too long, only one new session will be possible\n");
1601 else if (strlen(session_id_prefix) >= 16)
1603 "warning: id_prefix is too long if you use SSLv2\n");
1604 if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) {
1605 BIO_printf(bio_err, "error setting 'id_prefix'\n");
1606 ERR_print_errors(bio_err);
1609 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
1611 SSL_CTX_set_quiet_shutdown(ctx2, 1);
1613 SSL_CTX_set_options(ctx2, SSL_OP_ALL);
1615 SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
1616 SSL_CTX_set_options(ctx2, off);
1619 SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
1622 SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF);
1624 SSL_CTX_sess_set_cache_size(ctx2, 128);
1626 if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
1627 (!SSL_CTX_set_default_verify_paths(ctx2))) {
1628 ERR_print_errors(bio_err);
1631 SSL_CTX_set1_param(ctx2, vpm);
1633 # ifndef OPENSSL_NO_NEXTPROTONEG
1634 if (next_proto.data)
1635 SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb,
1640 #ifndef OPENSSL_NO_DH
1645 dh = load_dh_param(dhfile);
1646 else if (s_cert_file)
1647 dh = load_dh_param(s_cert_file);
1650 BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1652 BIO_printf(bio_s_out, "Using default temp DH parameters\n");
1655 (void)BIO_flush(bio_s_out);
1657 SSL_CTX_set_tmp_dh(ctx, dh);
1658 # ifndef OPENSSL_NO_TLSEXT
1661 DH *dh2 = load_dh_param(s_cert_file2);
1663 BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1664 (void)BIO_flush(bio_s_out);
1670 SSL_CTX_set_tmp_dh(ctx2, dh);
1677 #ifndef OPENSSL_NO_ECDH
1679 EC_KEY *ecdh = NULL;
1682 int nid = OBJ_sn2nid(named_curve);
1685 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1688 ecdh = EC_KEY_new_by_curve_name(nid);
1690 BIO_printf(bio_err, "unable to create curve (%s)\n",
1697 BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");
1699 BIO_printf(bio_s_out, "Using default temp ECDH parameters\n");
1700 ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
1702 BIO_printf(bio_err, "unable to create curve (nistp256)\n");
1706 (void)BIO_flush(bio_s_out);
1708 SSL_CTX_set_tmp_ecdh(ctx, ecdh);
1709 # ifndef OPENSSL_NO_TLSEXT
1711 SSL_CTX_set_tmp_ecdh(ctx2, ecdh);
1717 if (!set_cert_key_stuff(ctx, s_cert, s_key))
1719 #ifndef OPENSSL_NO_TLSEXT
1720 if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2))
1723 if (s_dcert != NULL) {
1724 if (!set_cert_key_stuff(ctx, s_dcert, s_dkey))
1727 #ifndef OPENSSL_NO_RSA
1730 SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
1731 # ifndef OPENSSL_NO_TLSEXT
1733 SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
1737 if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
1740 BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
1741 BIO_flush(bio_s_out);
1743 rsa = RSA_generate_key(512, RSA_F4, NULL);
1745 if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
1746 ERR_print_errors(bio_err);
1749 # ifndef OPENSSL_NO_TLSEXT
1751 if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
1752 ERR_print_errors(bio_err);
1758 BIO_printf(bio_s_out, "\n");
1763 #ifndef OPENSSL_NO_PSK
1764 # ifdef OPENSSL_NO_JPAKE
1765 if (psk_key != NULL)
1767 if (psk_key != NULL || jpake_secret)
1771 BIO_printf(bio_s_out,
1772 "PSK key given or JPAKE in use, setting server callback\n");
1773 SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
1776 if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) {
1777 BIO_printf(bio_err, "error setting PSK identity hint to context\n");
1778 ERR_print_errors(bio_err);
1783 if (cipher != NULL) {
1784 if (!SSL_CTX_set_cipher_list(ctx, cipher)) {
1785 BIO_printf(bio_err, "error setting cipher list\n");
1786 ERR_print_errors(bio_err);
1789 #ifndef OPENSSL_NO_TLSEXT
1790 if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) {
1791 BIO_printf(bio_err, "error setting cipher list\n");
1792 ERR_print_errors(bio_err);
1797 SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
1798 SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
1799 sizeof s_server_session_id_context);
1801 /* Set DTLS cookie generation and verification callbacks */
1802 SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
1803 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
1805 #ifndef OPENSSL_NO_TLSEXT
1807 SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
1808 SSL_CTX_set_session_id_context(ctx2,
1809 (void *)&s_server_session_id_context,
1810 sizeof s_server_session_id_context);
1812 tlsextcbp.biodebug = bio_s_out;
1813 SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
1814 SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
1815 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1816 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
1820 #ifndef OPENSSL_NO_SRP
1821 if (srp_verifier_file != NULL) {
1822 srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
1823 srp_callback_parm.user = NULL;
1824 srp_callback_parm.login = NULL;
1826 SRP_VBASE_init(srp_callback_parm.vb,
1827 srp_verifier_file)) != SRP_NO_ERROR) {
1829 "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
1830 srp_verifier_file, ret);
1833 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback);
1834 SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
1835 SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
1838 if (CAfile != NULL) {
1839 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
1840 #ifndef OPENSSL_NO_TLSEXT
1842 SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
1846 BIO_printf(bio_s_out, "ACCEPT\n");
1847 (void)BIO_flush(bio_s_out);
1849 do_server(port, socket_type, &accept_socket, www_body, context);
1851 do_server(port, socket_type, &accept_socket, sv_body, context);
1852 print_stats(bio_s_out, ctx);
1862 EVP_PKEY_free(s_key);
1864 EVP_PKEY_free(s_dkey);
1868 OPENSSL_free(dpass);
1870 X509_VERIFY_PARAM_free(vpm);
1871 #ifndef OPENSSL_NO_TLSEXT
1873 OPENSSL_free(tlscstatp.host);
1875 OPENSSL_free(tlscstatp.port);
1877 OPENSSL_free(tlscstatp.path);
1883 EVP_PKEY_free(s_key2);
1885 if (bio_s_out != NULL) {
1886 BIO_free(bio_s_out);
1893 static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
1895 BIO_printf(bio, "%4ld items in the session cache\n",
1896 SSL_CTX_sess_number(ssl_ctx));
1897 BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
1898 SSL_CTX_sess_connect(ssl_ctx));
1899 BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
1900 SSL_CTX_sess_connect_renegotiate(ssl_ctx));
1901 BIO_printf(bio, "%4ld client connects that finished\n",
1902 SSL_CTX_sess_connect_good(ssl_ctx));
1903 BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
1904 SSL_CTX_sess_accept(ssl_ctx));
1905 BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
1906 SSL_CTX_sess_accept_renegotiate(ssl_ctx));
1907 BIO_printf(bio, "%4ld server accepts that finished\n",
1908 SSL_CTX_sess_accept_good(ssl_ctx));
1909 BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx));
1910 BIO_printf(bio, "%4ld session cache misses\n",
1911 SSL_CTX_sess_misses(ssl_ctx));
1912 BIO_printf(bio, "%4ld session cache timeouts\n",
1913 SSL_CTX_sess_timeouts(ssl_ctx));
1914 BIO_printf(bio, "%4ld callback cache hits\n",
1915 SSL_CTX_sess_cb_hits(ssl_ctx));
1916 BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
1917 SSL_CTX_sess_cache_full(ssl_ctx),
1918 SSL_CTX_sess_get_cache_size(ssl_ctx));
1921 static int sv_body(char *hostname, int s, unsigned char *context)
1930 #ifndef OPENSSL_NO_KRB5
1933 struct timeval timeout;
1934 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
1937 struct timeval *timeoutp;
1940 if ((buf = OPENSSL_malloc(bufsize)) == NULL) {
1941 BIO_printf(bio_err, "out of memory\n");
1946 unsigned long sl = 1;
1949 BIO_printf(bio_err, "turning on non blocking io\n");
1950 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
1951 ERR_print_errors(bio_err);
1957 #ifndef OPENSSL_NO_TLSEXT
1958 if (s_tlsextdebug) {
1959 SSL_set_tlsext_debug_callback(con, tlsext_cb);
1960 SSL_set_tlsext_debug_arg(con, bio_s_out);
1962 if (s_tlsextstatus) {
1963 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
1964 tlscstatp.err = bio_err;
1965 SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
1968 #ifndef OPENSSL_NO_KRB5
1969 if ((kctx = kssl_ctx_new()) != NULL) {
1970 SSL_set0_kssl_ctx(con, kctx);
1971 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
1972 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
1974 #endif /* OPENSSL_NO_KRB5 */
1976 SSL_set_session_id_context(con, context, strlen((char *)context));
1980 # ifdef TLSEXT_TYPE_opaque_prf_input
1981 SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
1985 if (SSL_version(con) == DTLS1_VERSION) {
1987 sbio = BIO_new_dgram(s, BIO_NOCLOSE);
1989 if (enable_timeouts) {
1991 timeout.tv_usec = DGRAM_RCV_TIMEOUT;
1992 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
1995 timeout.tv_usec = DGRAM_SND_TIMEOUT;
1996 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
2000 if (socket_mtu < DTLS_get_link_min_mtu(con)) {
2001 BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
2002 DTLS_get_link_min_mtu(con));
2007 SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
2008 if (!DTLS_set_link_mtu(con, socket_mtu)) {
2009 BIO_printf(bio_err, "Failed to set MTU\n");
2015 /* want to do MTU discovery */
2016 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
2018 /* turn on cookie exchange */
2019 SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
2021 sbio = BIO_new_socket(s, BIO_NOCLOSE);
2026 test = BIO_new(BIO_f_nbio_test());
2027 sbio = BIO_push(test, sbio);
2029 #ifndef OPENSSL_NO_JPAKE
2031 jpake_server_auth(bio_s_out, sbio, jpake_secret);
2034 SSL_set_bio(con, sbio, sbio);
2035 SSL_set_accept_state(con);
2036 /* SSL_set_fd(con,s); */
2039 SSL_set_debug(con, 1);
2040 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
2041 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
2044 SSL_set_msg_callback(con, msg_cb);
2045 SSL_set_msg_callback_arg(con, bio_s_out);
2047 #ifndef OPENSSL_NO_TLSEXT
2048 if (s_tlsextdebug) {
2049 SSL_set_tlsext_debug_callback(con, tlsext_cb);
2050 SSL_set_tlsext_debug_arg(con, bio_s_out);
2056 int read_from_terminal;
2057 int read_from_sslcon;
2059 read_from_terminal = 0;
2060 read_from_sslcon = SSL_pending(con);
2062 if (!read_from_sslcon) {
2064 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
2065 openssl_fdset(fileno(stdin), &readfds);
2067 openssl_fdset(s, &readfds);
2069 * Note: under VMS with SOCKETSHR the second parameter is
2070 * currently of type (int *) whereas under other systems it is
2071 * (void *) if you don't have a cast it will choke the compiler:
2072 * if you do have a cast then you can either go for (int *) or
2075 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
2077 * Under DOS (non-djgpp) and Windows we can't select on stdin:
2078 * only on sockets. As a workaround we timeout the select every
2079 * second and check for any keypress. In a proper Windows
2080 * application we wouldn't do this because it is inefficient.
2084 i = select(width, (void *)&readfds, NULL, NULL, &tv);
2085 if ((i < 0) || (!i && !_kbhit()))
2088 read_from_terminal = 1;
2089 #elif defined(OPENSSL_SYS_BEOS_R5)
2090 /* Under BeOS-R5 the situation is similar to DOS */
2093 (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
2094 i = select(width, (void *)&readfds, NULL, NULL, &tv);
2095 if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
2097 if (read(fileno(stdin), buf, 0) >= 0)
2098 read_from_terminal = 1;
2099 (void)fcntl(fileno(stdin), F_SETFL, 0);
2101 if ((SSL_version(con) == DTLS1_VERSION) &&
2102 DTLSv1_get_timeout(con, &timeout))
2103 timeoutp = &timeout;
2107 i = select(width, (void *)&readfds, NULL, NULL, timeoutp);
2109 if ((SSL_version(con) == DTLS1_VERSION)
2110 && DTLSv1_handle_timeout(con) > 0) {
2111 BIO_printf(bio_err, "TIMEOUT occured\n");
2116 if (FD_ISSET(fileno(stdin), &readfds))
2117 read_from_terminal = 1;
2119 if (FD_ISSET(s, &readfds))
2120 read_from_sslcon = 1;
2122 if (read_from_terminal) {
2126 i = raw_read_stdin(buf, bufsize / 2);
2128 /* both loops are skipped when i <= 0 */
2129 for (j = 0; j < i; j++)
2132 for (j = i - 1; j >= 0; j--) {
2133 buf[j + lf_num] = buf[j];
2134 if (buf[j] == '\n') {
2137 buf[j + lf_num] = '\r';
2140 assert(lf_num == 0);
2142 i = raw_read_stdin(buf, bufsize);
2144 if ((i <= 0) || (buf[0] == 'Q')) {
2145 BIO_printf(bio_s_out, "DONE\n");
2147 close_accept_socket();
2151 if ((i <= 0) || (buf[0] == 'q')) {
2152 BIO_printf(bio_s_out, "DONE\n");
2153 if (SSL_version(con) != DTLS1_VERSION)
2156 * close_accept_socket(); ret= -11;
2160 #ifndef OPENSSL_NO_HEARTBEATS
2161 if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2162 BIO_printf(bio_err, "HEARTBEATING\n");
2168 if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2169 SSL_renegotiate(con);
2170 i = SSL_do_handshake(con);
2171 printf("SSL_do_handshake -> %d\n", i);
2175 * strcpy(buf,"server side RE-NEGOTIATE\n");
2178 if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2180 SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
2182 SSL_renegotiate(con);
2183 i = SSL_do_handshake(con);
2184 printf("SSL_do_handshake -> %d\n", i);
2188 * strcpy(buf,"server side RE-NEGOTIATE asking for client
2192 if (buf[0] == 'P') {
2193 static const char *str = "Lets print some clear text\n";
2194 BIO_write(SSL_get_wbio(con), str, strlen(str));
2196 if (buf[0] == 'S') {
2197 print_stats(bio_s_out, SSL_get_SSL_CTX(con));
2200 #ifdef CHARSET_EBCDIC
2201 ebcdic2ascii(buf, buf, i);
2205 /* should do a select for the write */
2209 if (++count == 100) {
2211 SSL_renegotiate(con);
2215 k = SSL_write(con, &(buf[l]), (unsigned int)i);
2216 #ifndef OPENSSL_NO_SRP
2217 while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) {
2218 BIO_printf(bio_s_out, "LOOKUP renego during write\n");
2219 srp_callback_parm.user =
2220 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2221 srp_callback_parm.login);
2222 if (srp_callback_parm.user)
2223 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2224 srp_callback_parm.user->info);
2226 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2227 k = SSL_write(con, &(buf[l]), (unsigned int)i);
2230 switch (SSL_get_error(con, k)) {
2231 case SSL_ERROR_NONE:
2233 case SSL_ERROR_WANT_WRITE:
2234 case SSL_ERROR_WANT_READ:
2235 case SSL_ERROR_WANT_X509_LOOKUP:
2236 BIO_printf(bio_s_out, "Write BLOCK\n");
2238 case SSL_ERROR_SYSCALL:
2240 BIO_printf(bio_s_out, "ERROR\n");
2241 ERR_print_errors(bio_err);
2245 case SSL_ERROR_ZERO_RETURN:
2246 BIO_printf(bio_s_out, "DONE\n");
2256 if (read_from_sslcon) {
2257 if (!SSL_is_init_finished(con)) {
2258 i = init_ssl_connection(con);
2263 } else if (i == 0) {
2269 i = SSL_read(con, (char *)buf, bufsize);
2270 #ifndef OPENSSL_NO_SRP
2271 while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2272 BIO_printf(bio_s_out, "LOOKUP renego during read\n");
2273 srp_callback_parm.user =
2274 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2275 srp_callback_parm.login);
2276 if (srp_callback_parm.user)
2277 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2278 srp_callback_parm.user->info);
2280 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2281 i = SSL_read(con, (char *)buf, bufsize);
2284 switch (SSL_get_error(con, i)) {
2285 case SSL_ERROR_NONE:
2286 #ifdef CHARSET_EBCDIC
2287 ascii2ebcdic(buf, buf, i);
2289 raw_write_stdout(buf, (unsigned int)i);
2290 if (SSL_pending(con))
2293 case SSL_ERROR_WANT_WRITE:
2294 case SSL_ERROR_WANT_READ:
2295 BIO_printf(bio_s_out, "Read BLOCK\n");
2297 case SSL_ERROR_SYSCALL:
2299 BIO_printf(bio_s_out, "ERROR\n");
2300 ERR_print_errors(bio_err);
2303 case SSL_ERROR_ZERO_RETURN:
2304 BIO_printf(bio_s_out, "DONE\n");
2313 BIO_printf(bio_s_out, "shutting down SSL\n");
2315 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
2321 BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
2323 OPENSSL_cleanse(buf, bufsize);
2327 BIO_printf(bio_s_out, "ACCEPT\n");
2331 static void close_accept_socket(void)
2333 BIO_printf(bio_err, "shutdown accept socket\n");
2334 if (accept_socket >= 0) {
2335 SHUTDOWN2(accept_socket);
2339 static int init_ssl_connection(SSL *con)
2345 MS_STATIC char buf[BUFSIZ];
2346 #ifndef OPENSSL_NO_KRB5
2349 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2350 const unsigned char *next_proto_neg;
2351 unsigned next_proto_neg_len;
2353 unsigned char *exportedkeymat;
2355 i = SSL_accept(con);
2356 #ifndef OPENSSL_NO_SRP
2357 while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2358 BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
2359 srp_callback_parm.login);
2360 srp_callback_parm.user =
2361 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2362 srp_callback_parm.login);
2363 if (srp_callback_parm.user)
2364 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2365 srp_callback_parm.user->info);
2367 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2368 i = SSL_accept(con);
2372 if (BIO_sock_should_retry(i)) {
2373 BIO_printf(bio_s_out, "DELAY\n");
2377 BIO_printf(bio_err, "ERROR\n");
2378 verify_error = SSL_get_verify_result(con);
2379 if (verify_error != X509_V_OK) {
2380 BIO_printf(bio_err, "verify error:%s\n",
2381 X509_verify_cert_error_string(verify_error));
2383 ERR_print_errors(bio_err);
2387 PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));
2389 peer = SSL_get_peer_certificate(con);
2391 BIO_printf(bio_s_out, "Client certificate\n");
2392 PEM_write_bio_X509(bio_s_out, peer);
2393 X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
2394 BIO_printf(bio_s_out, "subject=%s\n", buf);
2395 X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
2396 BIO_printf(bio_s_out, "issuer=%s\n", buf);
2400 if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
2401 BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
2402 str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
2403 BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
2405 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2406 SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
2407 if (next_proto_neg) {
2408 BIO_printf(bio_s_out, "NEXTPROTO is ");
2409 BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
2410 BIO_printf(bio_s_out, "\n");
2413 #ifndef OPENSSL_NO_SRTP
2415 SRTP_PROTECTION_PROFILE *srtp_profile
2416 = SSL_get_selected_srtp_profile(con);
2419 BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
2420 srtp_profile->name);
2423 if (SSL_cache_hit(con))
2424 BIO_printf(bio_s_out, "Reused session-id\n");
2425 if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
2426 TLS1_FLAGS_TLS_PADDING_BUG)
2427 BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
2428 #ifndef OPENSSL_NO_KRB5
2429 client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
2430 if (client_princ != NULL) {
2431 BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
2434 #endif /* OPENSSL_NO_KRB5 */
2435 BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
2436 SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
2437 if (keymatexportlabel != NULL) {
2438 BIO_printf(bio_s_out, "Keying material exporter:\n");
2439 BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel);
2440 BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen);
2441 exportedkeymat = OPENSSL_malloc(keymatexportlen);
2442 if (exportedkeymat != NULL) {
2443 if (!SSL_export_keying_material(con, exportedkeymat,
2446 strlen(keymatexportlabel),
2448 BIO_printf(bio_s_out, " Error\n");
2450 BIO_printf(bio_s_out, " Keying material: ");
2451 for (i = 0; i < keymatexportlen; i++)
2452 BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
2453 BIO_printf(bio_s_out, "\n");
2455 OPENSSL_free(exportedkeymat);
2462 #ifndef OPENSSL_NO_DH
2463 static DH *load_dh_param(const char *dhfile)
2468 if ((bio = BIO_new_file(dhfile, "r")) == NULL)
2470 ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
2477 #ifndef OPENSSL_NO_KRB5
2482 static int load_CA(SSL_CTX *ctx, char *file)
2487 if ((in = fopen(file, "r")) == NULL)
2491 if (PEM_read_X509(in, &x, NULL) == NULL)
2493 SSL_CTX_add_client_CA(ctx, x);
2502 static int www_body(char *hostname, int s, unsigned char *context)
2508 const SSL_CIPHER *c;
2509 BIO *io, *ssl_bio, *sbio;
2510 #ifndef OPENSSL_NO_KRB5
2514 buf = OPENSSL_malloc(bufsize);
2517 io = BIO_new(BIO_f_buffer());
2518 ssl_bio = BIO_new(BIO_f_ssl());
2519 if ((io == NULL) || (ssl_bio == NULL))
2524 unsigned long sl = 1;
2527 BIO_printf(bio_err, "turning on non blocking io\n");
2528 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
2529 ERR_print_errors(bio_err);
2533 /* lets make the output buffer a reasonable size */
2534 if (!BIO_set_write_buffer_size(io, bufsize))
2537 if ((con = SSL_new(ctx)) == NULL)
2539 #ifndef OPENSSL_NO_TLSEXT
2540 if (s_tlsextdebug) {
2541 SSL_set_tlsext_debug_callback(con, tlsext_cb);
2542 SSL_set_tlsext_debug_arg(con, bio_s_out);
2545 #ifndef OPENSSL_NO_KRB5
2546 if ((kctx = kssl_ctx_new()) != NULL) {
2547 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
2548 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
2550 #endif /* OPENSSL_NO_KRB5 */
2552 SSL_set_session_id_context(con, context, strlen((char *)context));
2554 sbio = BIO_new_socket(s, BIO_NOCLOSE);
2558 test = BIO_new(BIO_f_nbio_test());
2559 sbio = BIO_push(test, sbio);
2561 SSL_set_bio(con, sbio, sbio);
2562 SSL_set_accept_state(con);
2564 /* SSL_set_fd(con,s); */
2565 BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
2566 BIO_push(io, ssl_bio);
2567 #ifdef CHARSET_EBCDIC
2568 io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
2572 SSL_set_debug(con, 1);
2573 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
2574 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
2577 SSL_set_msg_callback(con, msg_cb);
2578 SSL_set_msg_callback_arg(con, bio_s_out);
2583 i = SSL_accept(con);
2584 #ifndef OPENSSL_NO_SRP
2586 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2587 BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
2588 srp_callback_parm.login);
2589 srp_callback_parm.user =
2590 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2591 srp_callback_parm.login);
2592 if (srp_callback_parm.user)
2593 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2594 srp_callback_parm.user->info);
2596 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2597 i = SSL_accept(con);
2600 switch (SSL_get_error(con, i)) {
2601 case SSL_ERROR_NONE:
2603 case SSL_ERROR_WANT_WRITE:
2604 case SSL_ERROR_WANT_READ:
2605 case SSL_ERROR_WANT_X509_LOOKUP:
2607 case SSL_ERROR_SYSCALL:
2609 case SSL_ERROR_ZERO_RETURN:
2615 SSL_renegotiate(con);
2616 SSL_write(con, NULL, 0);
2619 i = BIO_gets(io, buf, bufsize - 1);
2620 if (i < 0) { /* error */
2621 if (!BIO_should_retry(io)) {
2623 ERR_print_errors(bio_err);
2626 BIO_printf(bio_s_out, "read R BLOCK\n");
2627 #if defined(OPENSSL_SYS_NETWARE)
2629 #elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
2634 } else if (i == 0) { /* end of input */
2639 /* else we have data */
2640 if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
2641 ((www == 2) && (strncmp("GET /stats ", buf, 10) == 0))) {
2644 STACK_OF(SSL_CIPHER) *sk;
2645 static const char *space = " ";
2648 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2649 BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
2650 BIO_puts(io, "<pre>\n");
2651 /* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
2653 for (i = 0; i < local_argc; i++) {
2654 BIO_puts(io, local_argv[i]);
2655 BIO_write(io, " ", 1);
2660 "Secure Renegotiation IS%s supported\n",
2661 SSL_get_secure_renegotiation_support(con) ?
2665 * The following is evil and should not really be done
2667 BIO_printf(io, "Ciphers supported in s_server binary\n");
2668 sk = SSL_get_ciphers(con);
2669 j = sk_SSL_CIPHER_num(sk);
2670 for (i = 0; i < j; i++) {
2671 c = sk_SSL_CIPHER_value(sk, i);
2672 BIO_printf(io, "%-11s:%-25s",
2673 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
2674 if ((((i + 1) % 2) == 0) && (i + 1 != j))
2678 p = SSL_get_shared_ciphers(con, buf, bufsize);
2681 "---\nCiphers common between both SSL end points:\n");
2685 BIO_write(io, space, 26 - j);
2688 BIO_write(io, ((i % 3) ? " " : "\n"), 1);
2690 BIO_write(io, p, 1);
2697 BIO_printf(io, (SSL_cache_hit(con)
2698 ? "---\nReused, " : "---\nNew, "));
2699 c = SSL_get_current_cipher(con);
2700 BIO_printf(io, "%s, Cipher is %s\n",
2701 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
2702 SSL_SESSION_print(io, SSL_get_session(con));
2703 BIO_printf(io, "---\n");
2704 print_stats(io, SSL_get_SSL_CTX(con));
2705 BIO_printf(io, "---\n");
2706 peer = SSL_get_peer_certificate(con);
2708 BIO_printf(io, "Client certificate\n");
2709 X509_print(io, peer);
2710 PEM_write_bio_X509(io, peer);
2712 BIO_puts(io, "no client certificate available\n");
2713 BIO_puts(io, "</BODY></HTML>\r\n\r\n");
2715 } else if ((www == 2 || www == 3)
2716 && (strncmp("GET /", buf, 5) == 0)) {
2719 static const char *text =
2720 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
2726 for (e = p; *e != '\0'; e++) {
2732 dot = (e[0] == '.') ? 2 : 0;
2735 dot = (e[0] == '.') ? 3 : 0;
2738 dot = (e[0] == '/') ? -1 : 0;
2742 dot = (e[0] == '/') ? 1 : 0;
2744 dot = (dot == 3) || (dot == -1); /* filename contains ".."
2749 BIO_printf(io, "'%s' is an invalid file name\r\n", p);
2756 BIO_printf(io, "'%s' contains '..' reference\r\n", p);
2762 BIO_printf(io, "'%s' is an invalid path\r\n", p);
2766 /* append if a directory lookup */
2768 strcat(p, "index.html");
2771 /* if a directory, do the index thang */
2772 if (app_isdir(p) > 0) {
2773 #if 0 /* must check buffer size */
2774 strcat(p, "/index.html");
2777 BIO_printf(io, "'%s' is a directory\r\n", p);
2782 if ((file = BIO_new_file(p, "r")) == NULL) {
2784 BIO_printf(io, "Error opening '%s'\r\n", p);
2785 ERR_print_errors(io);
2790 BIO_printf(bio_err, "FILE:%s\n", p);
2794 if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) ||
2795 ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) ||
2796 ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
2798 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2801 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
2805 i = BIO_read(file, buf, bufsize);
2811 fprintf(stderr, "%d\n", i);
2812 if (total_bytes > 3 * 1024) {
2814 fprintf(stderr, "RENEGOTIATE\n");
2815 SSL_renegotiate(con);
2819 for (j = 0; j < i;) {
2823 if (++count == 13) {
2824 SSL_renegotiate(con);
2828 k = BIO_write(io, &(buf[j]), i - j);
2830 if (!BIO_should_retry(io))
2833 BIO_printf(bio_s_out, "rwrite W BLOCK\n");
2847 i = (int)BIO_flush(io);
2849 if (!BIO_should_retry(io))
2856 /* make sure we re-use sessions */
2857 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
2859 /* This kills performance */
2861 * SSL_shutdown(con); A shutdown gets sent in the BIO_free_all(io)
2869 BIO_printf(bio_s_out, "ACCEPT\n");
2875 /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
2879 #ifndef OPENSSL_NO_RSA
2880 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2883 static RSA *rsa_tmp = NULL;
2885 if (!rsa_tmp && ((bn = BN_new()) == NULL))
2886 BIO_printf(bio_err, "Allocation error in generating RSA key\n");
2887 if (!rsa_tmp && bn) {
2889 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...",
2891 (void)BIO_flush(bio_err);
2893 if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
2894 !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2900 BIO_printf(bio_err, "\n");
2901 (void)BIO_flush(bio_err);
2909 #define MAX_SESSION_ID_ATTEMPTS 10
2910 static int generate_session_id(const SSL *ssl, unsigned char *id,
2911 unsigned int *id_len)
2913 unsigned int count = 0;
2915 RAND_pseudo_bytes(id, *id_len);
2917 * Prefix the session_id with the required prefix. NB: If our prefix
2918 * is too long, clip it - but there will be worse effects anyway, eg.
2919 * the server could only possibly create 1 session ID (ie. the
2920 * prefix!) so all future session negotiations will fail due to
2923 memcpy(id, session_id_prefix,
2924 (strlen(session_id_prefix) < *id_len) ?
2925 strlen(session_id_prefix) : *id_len);
2927 while (SSL_has_matching_session_id(ssl, id, *id_len) &&
2928 (++count < MAX_SESSION_ID_ATTEMPTS));
2929 if (count >= MAX_SESSION_ID_ATTEMPTS)