Fix ssltest logic when some protocols are compiled out.
[openssl.git] / ssl / ssltest.c
1 /* ssl/ssltest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  * ECC cipher suite support in OpenSSL originally developed by 
114  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115  */
116 /* ====================================================================
117  * Copyright 2005 Nokia. All rights reserved.
118  *
119  * The portions of the attached software ("Contribution") is developed by
120  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121  * license.
122  *
123  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125  * support (see RFC 4279) to OpenSSL.
126  *
127  * No patent licenses or other rights except those expressly stated in
128  * the OpenSSL open source license shall be deemed granted or received
129  * expressly, by implication, estoppel, or otherwise.
130  *
131  * No assurances are provided by Nokia that the Contribution does not
132  * infringe the patent or other intellectual property rights of any third
133  * party or that the license provides you with all the necessary rights
134  * to make use of the Contribution.
135  *
136  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140  * OTHERWISE.
141  */
142
143 #define _BSD_SOURCE 1           /* Or gethostname won't be declared properly
144                                    on Linux and GNU platforms. */
145
146 #include <assert.h>
147 #include <errno.h>
148 #include <limits.h>
149 #include <stdio.h>
150 #include <stdlib.h>
151 #include <string.h>
152 #include <time.h>
153
154 #define USE_SOCKETS
155 #include "e_os.h"
156
157 #ifdef OPENSSL_SYS_VMS
158 #define _XOPEN_SOURCE 500       /* Or isascii won't be declared properly on
159                                    VMS (at least with DECompHP C).  */
160 #endif
161
162 #include <ctype.h>
163
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
172 #endif
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
177 #endif
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
180 #endif
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
183 #endif
184 #ifndef OPENSSL_NO_SRP
185 #include <openssl/srp.h>
186 #endif
187 #include <openssl/bn.h>
188
189 #define _XOPEN_SOURCE_EXTENDED  1 /* Or gethostname won't be declared properly
190                                      on Compaq platforms (at least with DEC C).
191                                      Do not try to put it earlier, or IPv6 includes
192                                      get screwed...
193                                   */
194
195 #ifdef OPENSSL_SYS_WINDOWS
196 #include <winsock.h>
197 #else
198 #include OPENSSL_UNISTD
199 #endif
200
201 #ifdef OPENSSL_SYS_VMS
202 #  define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
203 #  define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
204 #elif defined(OPENSSL_SYS_WINCE)
205 #  define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
206 #  define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
207 #elif defined(OPENSSL_SYS_NETWARE)
208 #  define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
209 #  define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
210 #else
211 #  define TEST_SERVER_CERT "../apps/server.pem"
212 #  define TEST_CLIENT_CERT "../apps/client.pem"
213 #endif
214
215 /* There is really no standard for this, so let's assign some tentative
216    numbers.  In any case, these numbers are only for this test */
217 #define COMP_RLE        255
218 #define COMP_ZLIB       1
219
220 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
221 #ifndef OPENSSL_NO_RSA
222 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
223 static void free_tmp_rsa(void);
224 #endif
225 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
226 #define APP_CALLBACK_STRING "Test Callback Argument"
227 struct app_verify_arg
228         {
229         char *string;
230         int app_verify;
231         int allow_proxy_certs;
232         char *proxy_auth;
233         char *proxy_cond;
234         };
235
236 #ifndef OPENSSL_NO_DH
237 static DH *get_dh512(void);
238 static DH *get_dh1024(void);
239 static DH *get_dh1024dsa(void);
240 #endif
241
242
243 static char *psk_key=NULL; /* by default PSK is not used */
244 #ifndef OPENSSL_NO_PSK
245 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
246         unsigned int max_identity_len, unsigned char *psk,
247         unsigned int max_psk_len);
248 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
249         unsigned int max_psk_len);
250 #endif
251
252 #ifndef OPENSSL_NO_SRP
253 /* SRP client */
254 /* This is a context that we pass to all callbacks */
255 typedef struct srp_client_arg_st
256         {
257         char *srppassin;
258         char *srplogin;
259         } SRP_CLIENT_ARG;
260
261 #define PWD_STRLEN 1024
262
263 static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
264         {
265         SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
266         return BUF_strdup((char *)srp_client_arg->srppassin);
267         }
268
269 /* SRP server */
270 /* This is a context that we pass to SRP server callbacks */
271 typedef struct srp_server_arg_st
272         {
273         char *expected_user;
274         char *pass;
275         } SRP_SERVER_ARG;
276
277 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
278         {
279         SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
280
281         if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
282                 {
283                 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
284                 return SSL3_AL_FATAL;
285                 }
286         if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
287                 {
288                 *ad = SSL_AD_INTERNAL_ERROR;
289                 return SSL3_AL_FATAL;
290                 }
291         return SSL_ERROR_NONE;
292         }
293 #endif
294
295 static BIO *bio_err=NULL;
296 static BIO *bio_stdout=NULL;
297
298 #ifndef OPENSSL_NO_NEXTPROTONEG
299 /* Note that this code assumes that this is only a one element list: */
300 static const char NEXT_PROTO_STRING[] = "\x09testproto";
301 int npn_client = 0;
302 int npn_server = 0;
303 int npn_server_reject = 0;
304
305 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
306         {
307         /* This callback only returns the protocol string, rather than a length
308            prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
309            remove the first byte to chop off the length prefix. */
310         *out = (unsigned char*) NEXT_PROTO_STRING + 1;
311         *outlen = sizeof(NEXT_PROTO_STRING) - 2;
312         return SSL_TLSEXT_ERR_OK;
313         }
314
315 static int cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
316         {
317         *data = (const unsigned char *) NEXT_PROTO_STRING;
318         *len = sizeof(NEXT_PROTO_STRING) - 1;
319         return SSL_TLSEXT_ERR_OK;
320         }
321
322 static int cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
323         {
324         return SSL_TLSEXT_ERR_NOACK;
325         }
326
327 static int verify_npn(SSL *client, SSL *server)
328         {
329         const unsigned char *client_s;
330         unsigned client_len;
331         const unsigned char *server_s;
332         unsigned server_len;
333
334         SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
335         SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
336
337         if (client_len)
338                 {
339                 BIO_printf(bio_stdout, "Client NPN: ");
340                 BIO_write(bio_stdout, client_s, client_len);
341                 BIO_printf(bio_stdout, "\n");
342                 }
343
344         if (server_len)
345                 {
346                 BIO_printf(bio_stdout, "Server NPN: ");
347                 BIO_write(bio_stdout, server_s, server_len);
348                 BIO_printf(bio_stdout, "\n");
349                 }
350
351         /* If an NPN string was returned, it must be the protocol that we
352          * expected to negotiate. */
353         if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
354                            memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
355                 return -1;
356         if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
357                            memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
358                 return -1;
359
360         if (!npn_client && client_len)
361                 return -1;
362         if (!npn_server && server_len)
363                 return -1;
364         if (npn_server_reject && server_len)
365                 return -1;
366         if (npn_client && npn_server && (!client_len || !server_len))
367                 return -1;
368
369         return 0;
370         }
371 #endif
372
373 static const char *alpn_client;
374 static const char *alpn_server;
375 static const char *alpn_expected;
376 static unsigned char *alpn_selected;
377
378 /* next_protos_parse parses a comma separated list of strings into a string
379  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
380  *   outlen: (output) set to the length of the resulting buffer on success.
381  *   err: (maybe NULL) on failure, an error message line is written to this BIO.
382  *   in: a NUL terminated string like "abc,def,ghi"
383  *
384  *   returns: a malloced buffer or NULL on failure.
385  */
386 static unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
387         {
388         size_t len;
389         unsigned char *out;
390         size_t i, start = 0;
391
392         len = strlen(in);
393         if (len >= 65535)
394                 return NULL;
395
396         out = OPENSSL_malloc(strlen(in) + 1);
397         if (!out)
398                 return NULL;
399
400         for (i = 0; i <= len; ++i)
401                 {
402                 if (i == len || in[i] == ',')
403                         {
404                         if (i - start > 255)
405                                 {
406                                 OPENSSL_free(out);
407                                 return NULL;
408                                 }
409                         out[start] = i - start;
410                         start = i + 1;
411                         }
412                 else
413                         out[i+1] = in[i];
414                 }
415
416         *outlen = len + 1;
417         return out;
418         }
419
420 static int cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
421         {
422         unsigned char *protos;
423         unsigned short protos_len;
424
425         protos = next_protos_parse(&protos_len, alpn_server);
426         if (protos == NULL)
427                 {
428                 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", alpn_server);
429                 abort();
430                 }
431
432         if (SSL_select_next_proto((unsigned char**) out, outlen, protos, protos_len, in, inlen) !=
433             OPENSSL_NPN_NEGOTIATED)
434                 {
435                 OPENSSL_free(protos);
436                 return SSL_TLSEXT_ERR_NOACK;
437                 }
438
439         /* Make a copy of the selected protocol which will be freed in verify_alpn. */
440         alpn_selected = OPENSSL_malloc(*outlen);
441         memcpy(alpn_selected, *out, *outlen);
442         *out = alpn_selected;
443
444         OPENSSL_free(protos);
445         return SSL_TLSEXT_ERR_OK;
446         }
447
448 static int verify_alpn(SSL *client, SSL *server)
449         {
450         const unsigned char *client_proto, *server_proto;
451         unsigned int client_proto_len = 0, server_proto_len = 0;
452         SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
453         SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
454
455         if (alpn_selected != NULL)
456                 {
457                 OPENSSL_free(alpn_selected);
458                 alpn_selected = NULL;
459                 }
460
461         if (client_proto_len != server_proto_len ||
462             memcmp(client_proto, server_proto, client_proto_len) != 0)
463                 {
464                 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
465                 goto err;
466                 }
467
468         if (client_proto_len > 0 && alpn_expected == NULL)
469                 {
470                 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
471                 goto err;
472                 }
473
474         if (alpn_expected != NULL &&
475             (client_proto_len != strlen(alpn_expected) ||
476              memcmp(client_proto, alpn_expected, client_proto_len) != 0))
477                 {
478                 BIO_printf(bio_stdout, "ALPN selected protocols not equal to expected protocol: %s\n", alpn_expected);
479                 goto err;
480                 }
481
482         return 0;
483
484 err:
485         BIO_printf(bio_stdout, "ALPN results: client: '");
486         BIO_write(bio_stdout, client_proto, client_proto_len);
487         BIO_printf(bio_stdout, "', server: '");
488         BIO_write(bio_stdout, server_proto, server_proto_len);
489         BIO_printf(bio_stdout, "'\n");
490         BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", alpn_client, alpn_server);
491         return -1;
492         }
493
494 #define SCT_EXT_TYPE 18
495
496 /* WARNING : below extension types are *NOT* IETF assigned, and 
497    could conflict if these types are reassigned and handled 
498    specially by OpenSSL in the future */
499 #define TACK_EXT_TYPE 62208
500 #define CUSTOM_EXT_TYPE_0 1000
501 #define CUSTOM_EXT_TYPE_1 1001
502 #define CUSTOM_EXT_TYPE_2 1002
503 #define CUSTOM_EXT_TYPE_3 1003
504
505 const char custom_ext_cli_string[] = "abc";
506 const char custom_ext_srv_string[] = "defg";
507
508 /* These set from cmdline */
509 char* serverinfo_file = NULL;
510 int serverinfo_sct = 0;
511 int serverinfo_tack = 0;
512
513 /* These set based on extension callbacks */
514 int serverinfo_sct_seen = 0;
515 int serverinfo_tack_seen = 0;
516 int serverinfo_other_seen = 0;
517
518 /* This set from cmdline */
519 int custom_ext = 0;
520
521 /* This set based on extension callbacks */
522 int custom_ext_error = 0;
523
524 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
525                                    const unsigned char *in, size_t inlen, 
526                                    int *al, void *arg)
527         {
528         if (ext_type == SCT_EXT_TYPE)
529                 serverinfo_sct_seen++;
530         else if (ext_type == TACK_EXT_TYPE)
531                 serverinfo_tack_seen++;
532         else
533                 serverinfo_other_seen++;
534         return 1;
535         }
536
537 static int verify_serverinfo()
538         {
539         if (serverinfo_sct != serverinfo_sct_seen)
540                 return -1;
541         if (serverinfo_tack != serverinfo_tack_seen)
542                 return -1;
543         if (serverinfo_other_seen)
544                 return -1;
545         return 0;
546         }
547
548 /* Four test cases for custom extensions:
549  * 0 - no ClientHello extension or ServerHello response
550  * 1 - ClientHello with "abc", no response
551  * 2 - ClientHello with "abc", empty response
552  * 3 - ClientHello with "abc", "defg" response
553  */
554
555 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
556                                      const unsigned char **out,
557                                      size_t *outlen, int *al, void *arg)
558         {
559         if (ext_type != CUSTOM_EXT_TYPE_0)
560                 custom_ext_error = 1;
561         return 0;  /* Don't send an extension */
562         }
563
564 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
565                                       const unsigned char *in,
566                                       size_t inlen, int *al,
567                                       void *arg)
568         {
569         return 1;
570         }
571
572 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
573                                      const unsigned char **out,
574                                      size_t *outlen, int *al, void *arg)
575         {
576         if (ext_type != CUSTOM_EXT_TYPE_1)
577                 custom_ext_error = 1;
578         *out = (const unsigned char*)custom_ext_cli_string;
579         *outlen = strlen(custom_ext_cli_string);
580         return 1; /* Send "abc" */
581         }
582
583 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
584                                       const unsigned char *in,
585                                       size_t inlen, int *al,
586                                       void *arg)
587         {
588         return 1;
589         }
590
591 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
592                                      const unsigned char **out,
593                                      size_t *outlen, int *al, void *arg)
594         {
595         if (ext_type != CUSTOM_EXT_TYPE_2)
596                 custom_ext_error = 1;
597         *out = (const unsigned char*)custom_ext_cli_string;
598         *outlen = strlen(custom_ext_cli_string);
599         return 1; /* Send "abc" */
600         }
601
602 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
603                                       const unsigned char *in,
604                                       size_t inlen, int *al,
605                                       void *arg)
606         {
607         if (ext_type != CUSTOM_EXT_TYPE_2)
608                 custom_ext_error = 1;
609         if (inlen != 0)
610                 custom_ext_error = 1; /* Should be empty response */
611         return 1;
612         }
613
614 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
615                                      const unsigned char **out,
616                                      size_t *outlen, int *al, void *arg)
617         {
618         if (ext_type != CUSTOM_EXT_TYPE_3)
619                 custom_ext_error = 1;
620         *out = (const unsigned char*)custom_ext_cli_string;
621         *outlen = strlen(custom_ext_cli_string);
622         return 1; /* Send "abc" */
623         }
624
625 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
626                                       const unsigned char *in,
627                                       size_t inlen, int *al,
628                                       void *arg)
629         {
630         if (ext_type != CUSTOM_EXT_TYPE_3)
631                 custom_ext_error = 1;
632         if (inlen != strlen(custom_ext_srv_string))
633                 custom_ext_error = 1;
634         if (memcmp(custom_ext_srv_string, in, inlen) != 0)
635                 custom_ext_error = 1; /* Check for "defg" */
636         return 1;
637         }
638
639 /* custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback for this extension */
640 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
641                                      const unsigned char *in,
642                                      size_t inlen, int *al,
643                                      void *arg)
644         {
645         custom_ext_error = 1;
646         return 1;
647         }
648
649 /* 'add' callbacks are only called if the 'parse' callback is called */
650 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
651                                       const unsigned char **out,
652                                       size_t *outlen, int *al, void *arg)
653         {
654         /* Error: should not have been called */
655         custom_ext_error = 1;
656         return 0; /* Don't send an extension */
657         }
658
659 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
660                                 const unsigned char *in,
661                                 size_t inlen, int *al,
662                                 void *arg)
663         {
664         if (ext_type != CUSTOM_EXT_TYPE_1)
665                 custom_ext_error = 1;           
666          /* Check for "abc" */
667         if (inlen != strlen(custom_ext_cli_string))
668                 custom_ext_error = 1;
669         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
670                 custom_ext_error = 1;
671         return 1;
672         }
673
674 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
675                                       const unsigned char **out,
676                                       size_t *outlen, int *al, void *arg)
677         {
678         return 0; /* Don't send an extension */
679         }
680
681 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
682                                      const unsigned char *in,
683                                      size_t inlen, int *al,
684                                      void *arg)
685         {
686         if (ext_type != CUSTOM_EXT_TYPE_2)
687                 custom_ext_error = 1;           
688          /* Check for "abc" */
689         if (inlen != strlen(custom_ext_cli_string))
690                 custom_ext_error = 1;
691         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
692                 custom_ext_error = 1;
693         return 1;
694         }
695
696 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
697                                       const unsigned char **out,
698                                       size_t *outlen, int *al, void *arg)
699         {
700         *out = NULL;
701         *outlen = 0;
702         return 1; /* Send empty extension */
703         }
704
705 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
706                                      const unsigned char *in,
707                                      size_t inlen, int *al,
708                                      void *arg)
709         {
710         if (ext_type != CUSTOM_EXT_TYPE_3)
711                 custom_ext_error = 1;           
712          /* Check for "abc" */  
713         if (inlen != strlen(custom_ext_cli_string))
714                 custom_ext_error = 1;
715         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
716                 custom_ext_error = 1;
717         return 1;
718         }
719
720 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
721                                       const unsigned char **out,
722                                       size_t *outlen, int *al, void *arg)
723         {
724         *out = (const unsigned char*)custom_ext_srv_string;
725         *outlen = strlen(custom_ext_srv_string);
726         return 1; /* Send "defg" */
727         }
728
729 static char *cipher=NULL;
730 static int verbose=0;
731 static int debug=0;
732 #if 0
733 /* Not used yet. */
734 #ifdef FIONBIO
735 static int s_nbio=0;
736 #endif
737 #endif
738
739 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
740
741 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
742 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
743 static int do_test_cipherlist(void);
744 static void sv_usage(void)
745         {
746         fprintf(stderr,"usage: ssltest [args ...]\n");
747         fprintf(stderr,"\n");
748 #ifdef OPENSSL_FIPS
749         fprintf(stderr,"-F             - run test in FIPS mode\n");
750 #endif
751         fprintf(stderr," -server_auth  - check server certificate\n");
752         fprintf(stderr," -client_auth  - do client authentication\n");
753         fprintf(stderr," -proxy        - allow proxy certificates\n");
754         fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
755         fprintf(stderr," -proxy_cond <val> - expression to test proxy policy rights\n");
756         fprintf(stderr," -v            - more output\n");
757         fprintf(stderr," -d            - debug output\n");
758         fprintf(stderr," -reuse        - use session-id reuse\n");
759         fprintf(stderr," -num <val>    - number of connections to perform\n");
760         fprintf(stderr," -bytes <val>  - number of bytes to swap between client/server\n");
761 #ifndef OPENSSL_NO_DH
762         fprintf(stderr," -dhe1024      - use 1024 bit key (safe prime) for DHE\n");
763         fprintf(stderr," -dhe1024dsa   - use 1024 bit key (with 160-bit subprime) for DHE\n");
764         fprintf(stderr," -no_dhe       - disable DHE\n");
765 #endif
766 #ifndef OPENSSL_NO_ECDH
767         fprintf(stderr," -no_ecdhe     - disable ECDHE\n");
768 #endif
769 #ifndef OPENSSL_NO_PSK
770         fprintf(stderr," -psk arg      - PSK in hex (without 0x)\n");
771 #endif
772 #ifndef OPENSSL_NO_SRP
773         fprintf(stderr," -srpuser user  - SRP username to use\n");
774         fprintf(stderr," -srppass arg   - password for 'user'\n");
775 #endif
776 #ifndef OPENSSL_NO_SSL2
777         fprintf(stderr," -ssl2         - use SSLv2\n");
778 #endif
779 #ifndef OPENSSL_NO_SSL3
780         fprintf(stderr," -ssl3         - use SSLv3\n");
781 #endif
782 #ifndef OPENSSL_NO_TLS1
783         fprintf(stderr," -tls1         - use TLSv1\n");
784 #endif
785         fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
786         fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
787         fprintf(stderr," -cert arg     - Server certificate file\n");
788         fprintf(stderr," -key arg      - Server key file (default: same as -cert)\n");
789         fprintf(stderr," -c_cert arg   - Client certificate file\n");
790         fprintf(stderr," -c_key arg    - Client key file (default: same as -c_cert)\n");
791         fprintf(stderr," -cipher arg   - The cipher list\n");
792         fprintf(stderr," -bio_pair     - Use BIO pairs\n");
793         fprintf(stderr," -f            - Test even cases that can't work\n");
794         fprintf(stderr," -time         - measure processor time used by client and server\n");
795         fprintf(stderr," -zlib         - use zlib compression\n");
796         fprintf(stderr," -rle          - use rle compression\n");
797 #ifndef OPENSSL_NO_ECDH
798         fprintf(stderr," -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n" \
799                        "                 Use \"openssl ecparam -list_curves\" for all names\n"  \
800                        "                 (default is sect163r2).\n");
801 #endif
802         fprintf(stderr," -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
803                        "                    When this option is requested, the cipherlist\n"
804                        "                    tests are run instead of handshake tests.\n");
805 #ifndef OPENSSL_NO_NEXTPROTONEG
806         fprintf(stderr," -npn_client - have client side offer NPN\n");
807         fprintf(stderr," -npn_server - have server side offer NPN\n");
808         fprintf(stderr," -npn_server_reject - have server reject NPN\n");
809 #endif
810         fprintf(stderr," -serverinfo_file file - have server use this file\n");
811         fprintf(stderr," -serverinfo_sct  - have client offer and expect SCT\n");
812         fprintf(stderr," -serverinfo_tack - have client offer and expect TACK\n");
813         fprintf(stderr," -custom_ext - try various custom extension callbacks\n");
814         fprintf(stderr," -alpn_client <string> - have client side offer ALPN\n");
815         fprintf(stderr," -alpn_server <string> - have server side offer ALPN\n");
816         fprintf(stderr," -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
817         }
818
819 static void print_details(SSL *c_ssl, const char *prefix)
820         {
821         const SSL_CIPHER *ciph;
822         X509 *cert;
823                 
824         ciph=SSL_get_current_cipher(c_ssl);
825         BIO_printf(bio_stdout,"%s%s, cipher %s %s",
826                 prefix,
827                 SSL_get_version(c_ssl),
828                 SSL_CIPHER_get_version(ciph),
829                 SSL_CIPHER_get_name(ciph));
830         cert=SSL_get_peer_certificate(c_ssl);
831         if (cert != NULL)
832                 {
833                 EVP_PKEY *pkey = X509_get_pubkey(cert);
834                 if (pkey != NULL)
835                         {
836                         if (0) 
837                                 ;
838 #ifndef OPENSSL_NO_RSA
839                         else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
840                                 && pkey->pkey.rsa->n != NULL)
841                                 {
842                                 BIO_printf(bio_stdout, ", %d bit RSA",
843                                         BN_num_bits(pkey->pkey.rsa->n));
844                                 }
845 #endif
846 #ifndef OPENSSL_NO_DSA
847                         else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
848                                 && pkey->pkey.dsa->p != NULL)
849                                 {
850                                 BIO_printf(bio_stdout, ", %d bit DSA",
851                                         BN_num_bits(pkey->pkey.dsa->p));
852                                 }
853 #endif
854                         EVP_PKEY_free(pkey);
855                         }
856                 X509_free(cert);
857                 }
858         /* The SSL API does not allow us to look at temporary RSA/DH keys,
859          * otherwise we should print their lengths too */
860         BIO_printf(bio_stdout,"\n");
861         }
862
863 static void lock_dbg_cb(int mode, int type, const char *file, int line)
864         {
865         static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
866         const char *errstr = NULL;
867         int rw;
868         
869         rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
870         if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
871                 {
872                 errstr = "invalid mode";
873                 goto err;
874                 }
875
876         if (type < 0 || type >= CRYPTO_NUM_LOCKS)
877                 {
878                 errstr = "type out of bounds";
879                 goto err;
880                 }
881
882         if (mode & CRYPTO_LOCK)
883                 {
884                 if (modes[type])
885                         {
886                         errstr = "already locked";
887                         /* must not happen in a single-threaded program
888                          * (would deadlock) */
889                         goto err;
890                         }
891
892                 modes[type] = rw;
893                 }
894         else if (mode & CRYPTO_UNLOCK)
895                 {
896                 if (!modes[type])
897                         {
898                         errstr = "not locked";
899                         goto err;
900                         }
901                 
902                 if (modes[type] != rw)
903                         {
904                         errstr = (rw == CRYPTO_READ) ?
905                                 "CRYPTO_r_unlock on write lock" :
906                                 "CRYPTO_w_unlock on read lock";
907                         }
908
909                 modes[type] = 0;
910                 }
911         else
912                 {
913                 errstr = "invalid mode";
914                 goto err;
915                 }
916
917  err:
918         if (errstr)
919                 {
920                 /* we cannot use bio_err here */
921                 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
922                         errstr, mode, type, file, line);
923                 }
924         }
925
926 #ifdef TLSEXT_TYPE_opaque_prf_input
927 struct cb_info_st { void *input; size_t len; int ret; };
928 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
929 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
930 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
931 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
932
933 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
934         {
935         struct cb_info_st *arg = arg_;
936
937         if (arg == NULL)
938                 return 1;
939         
940         if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
941                 return 0;
942         return arg->ret;
943         }
944 #endif
945
946 int main(int argc, char *argv[])
947         {
948         char *CApath=NULL,*CAfile=NULL;
949         int badop=0;
950         int bio_pair=0;
951         int force=0;
952         int tls1=0,ssl2=0,ssl3=0,ret=1;
953         int client_auth=0;
954         int server_auth=0,i;
955         struct app_verify_arg app_verify_arg =
956                 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
957         char *server_cert=TEST_SERVER_CERT;
958         char *server_key=NULL;
959         char *client_cert=TEST_CLIENT_CERT;
960         char *client_key=NULL;
961 #ifndef OPENSSL_NO_ECDH
962         char *named_curve = NULL;
963 #endif
964         SSL_CTX *s_ctx=NULL;
965         SSL_CTX *c_ctx=NULL;
966         const SSL_METHOD *meth=NULL;
967         SSL *c_ssl,*s_ssl;
968         int number=1,reuse=0;
969         long bytes=256L;
970 #ifndef OPENSSL_NO_DH
971         DH *dh;
972         int dhe1024 = 0, dhe1024dsa = 0;
973 #endif
974 #ifndef OPENSSL_NO_ECDH
975         EC_KEY *ecdh = NULL;
976 #endif
977 #ifndef OPENSSL_NO_SRP
978         /* client */
979         SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
980         /* server */
981         SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
982 #endif
983         int no_dhe = 0;
984         int no_ecdhe = 0;
985         int no_psk = 0;
986         int print_time = 0;
987         clock_t s_time = 0, c_time = 0;
988 #ifndef OPENSSL_NO_COMP
989         int comp = 0;
990         COMP_METHOD *cm = NULL;
991         STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
992 #endif
993         int test_cipherlist = 0;
994 #ifdef OPENSSL_FIPS
995         int fips_mode=0;
996 #endif
997         int no_protocol = 0;
998
999         verbose = 0;
1000         debug = 0;
1001         cipher = 0;
1002
1003         bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);     
1004
1005         CRYPTO_set_locking_callback(lock_dbg_cb);
1006
1007         /* enable memory leak checking unless explicitly disabled */
1008         if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
1009                 {
1010                 CRYPTO_malloc_debug_init();
1011                 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1012                 }
1013         else
1014                 {
1015                 /* OPENSSL_DEBUG_MEMORY=off */
1016                 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1017                 }
1018         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1019
1020         RAND_seed(rnd_seed, sizeof rnd_seed);
1021
1022         bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
1023
1024         argc--;
1025         argv++;
1026
1027         while (argc >= 1)
1028                 {
1029                 if(!strcmp(*argv,"-F"))
1030                         {
1031 #ifdef OPENSSL_FIPS
1032                         fips_mode=1;
1033 #else
1034                         fprintf(stderr,"not compiled with FIPS support, so exiting without running.\n");
1035                         EXIT(0);
1036 #endif
1037                         }
1038                 else if (strcmp(*argv,"-server_auth") == 0)
1039                         server_auth=1;
1040                 else if (strcmp(*argv,"-client_auth") == 0)
1041                         client_auth=1;
1042                 else if (strcmp(*argv,"-proxy_auth") == 0)
1043                         {
1044                         if (--argc < 1) goto bad;
1045                         app_verify_arg.proxy_auth= *(++argv);
1046                         }
1047                 else if (strcmp(*argv,"-proxy_cond") == 0)
1048                         {
1049                         if (--argc < 1) goto bad;
1050                         app_verify_arg.proxy_cond= *(++argv);
1051                         }
1052                 else if (strcmp(*argv,"-v") == 0)
1053                         verbose=1;
1054                 else if (strcmp(*argv,"-d") == 0)
1055                         debug=1;
1056                 else if (strcmp(*argv,"-reuse") == 0)
1057                         reuse=1;
1058                 else if (strcmp(*argv,"-dhe1024") == 0)
1059                         {
1060 #ifndef OPENSSL_NO_DH
1061                         dhe1024=1;
1062 #else
1063                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1064 #endif
1065                         }
1066                 else if (strcmp(*argv,"-dhe1024dsa") == 0)
1067                         {
1068 #ifndef OPENSSL_NO_DH
1069                         dhe1024dsa=1;
1070 #else
1071                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1072 #endif
1073                         }
1074                 else if (strcmp(*argv,"-no_dhe") == 0)
1075                         no_dhe=1;
1076                 else if (strcmp(*argv,"-no_ecdhe") == 0)
1077                         no_ecdhe=1;
1078                 else if (strcmp(*argv,"-psk") == 0)
1079                         {
1080                         if (--argc < 1) goto bad;
1081                         psk_key=*(++argv);
1082 #ifndef OPENSSL_NO_PSK
1083                         if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
1084                                 {
1085                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1086                                 goto bad;
1087                                 }
1088 #else
1089                         no_psk=1;
1090 #endif
1091                         }
1092 #ifndef OPENSSL_NO_SRP
1093                 else if (strcmp(*argv,"-srpuser") == 0)
1094                         {
1095                         if (--argc < 1) goto bad;
1096                         srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
1097                         tls1=1;
1098                         }
1099                 else if (strcmp(*argv,"-srppass") == 0)
1100                         {
1101                         if (--argc < 1) goto bad;
1102                         srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
1103                         tls1=1;
1104                         }
1105 #endif
1106                 else if (strcmp(*argv,"-ssl2") == 0)
1107                         {
1108 #ifdef OPENSSL_NO_SSL2
1109                         no_protocol = 1;
1110 #endif
1111                         ssl2 = 1;
1112                         }
1113                 else if (strcmp(*argv,"-tls1") == 0)
1114                         {
1115 #ifdef OPENSSL_NO_TLS1
1116                         no_protocol = 1;
1117 #endif
1118                         tls1 = 1;
1119                         }
1120                 else if (strcmp(*argv,"-ssl3") == 0)
1121                         {
1122 #ifdef OPENSSL_NO_SSL3
1123                         no_protocol = 1;
1124 #endif
1125                         ssl3 = 1;
1126                         }
1127                 else if (strncmp(*argv,"-num",4) == 0)
1128                         {
1129                         if (--argc < 1) goto bad;
1130                         number= atoi(*(++argv));
1131                         if (number == 0) number=1;
1132                         }
1133                 else if (strcmp(*argv,"-bytes") == 0)
1134                         {
1135                         if (--argc < 1) goto bad;
1136                         bytes= atol(*(++argv));
1137                         if (bytes == 0L) bytes=1L;
1138                         i=strlen(argv[0]);
1139                         if (argv[0][i-1] == 'k') bytes*=1024L;
1140                         if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
1141                         }
1142                 else if (strcmp(*argv,"-cert") == 0)
1143                         {
1144                         if (--argc < 1) goto bad;
1145                         server_cert= *(++argv);
1146                         }
1147                 else if (strcmp(*argv,"-s_cert") == 0)
1148                         {
1149                         if (--argc < 1) goto bad;
1150                         server_cert= *(++argv);
1151                         }
1152                 else if (strcmp(*argv,"-key") == 0)
1153                         {
1154                         if (--argc < 1) goto bad;
1155                         server_key= *(++argv);
1156                         }
1157                 else if (strcmp(*argv,"-s_key") == 0)
1158                         {
1159                         if (--argc < 1) goto bad;
1160                         server_key= *(++argv);
1161                         }
1162                 else if (strcmp(*argv,"-c_cert") == 0)
1163                         {
1164                         if (--argc < 1) goto bad;
1165                         client_cert= *(++argv);
1166                         }
1167                 else if (strcmp(*argv,"-c_key") == 0)
1168                         {
1169                         if (--argc < 1) goto bad;
1170                         client_key= *(++argv);
1171                         }
1172                 else if (strcmp(*argv,"-cipher") == 0)
1173                         {
1174                         if (--argc < 1) goto bad;
1175                         cipher= *(++argv);
1176                         }
1177                 else if (strcmp(*argv,"-CApath") == 0)
1178                         {
1179                         if (--argc < 1) goto bad;
1180                         CApath= *(++argv);
1181                         }
1182                 else if (strcmp(*argv,"-CAfile") == 0)
1183                         {
1184                         if (--argc < 1) goto bad;
1185                         CAfile= *(++argv);
1186                         }
1187                 else if (strcmp(*argv,"-bio_pair") == 0)
1188                         {
1189                         bio_pair = 1;
1190                         }
1191                 else if (strcmp(*argv,"-f") == 0)
1192                         {
1193                         force = 1;
1194                         }
1195                 else if (strcmp(*argv,"-time") == 0)
1196                         {
1197                         print_time = 1;
1198                         }
1199 #ifndef OPENSSL_NO_COMP
1200                 else if (strcmp(*argv,"-zlib") == 0)
1201                         {
1202                         comp = COMP_ZLIB;
1203                         }
1204                 else if (strcmp(*argv,"-rle") == 0)
1205                         {
1206                         comp = COMP_RLE;
1207                         }
1208 #endif
1209                 else if (strcmp(*argv,"-named_curve") == 0)
1210                         {
1211                         if (--argc < 1) goto bad;
1212 #ifndef OPENSSL_NO_ECDH         
1213                         named_curve = *(++argv);
1214 #else
1215                         fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
1216                         ++argv;
1217 #endif
1218                         }
1219                 else if (strcmp(*argv,"-app_verify") == 0)
1220                         {
1221                         app_verify_arg.app_verify = 1;
1222                         }
1223                 else if (strcmp(*argv,"-proxy") == 0)
1224                         {
1225                         app_verify_arg.allow_proxy_certs = 1;
1226                         }
1227                 else if (strcmp(*argv,"-test_cipherlist") == 0)
1228                         {
1229                         test_cipherlist = 1;
1230                         }
1231 #ifndef OPENSSL_NO_NEXTPROTONEG
1232                 else if (strcmp(*argv,"-npn_client") == 0)
1233                         {
1234                         npn_client = 1;
1235                         }
1236                 else if (strcmp(*argv,"-npn_server") == 0)
1237                         {
1238                         npn_server = 1;
1239                         }
1240                 else if (strcmp(*argv,"-npn_server_reject") == 0)
1241                         {
1242                         npn_server_reject = 1;
1243                         }
1244 #endif
1245                 else if (strcmp(*argv,"-serverinfo_sct") == 0)
1246                         {
1247                         serverinfo_sct = 1;
1248                         }
1249                 else if (strcmp(*argv,"-serverinfo_tack") == 0)
1250                         {
1251                         serverinfo_tack = 1;
1252                         }
1253                 else if (strcmp(*argv,"-serverinfo_file") == 0)
1254                         {
1255                         if (--argc < 1) goto bad;
1256                         serverinfo_file = *(++argv);
1257                         }
1258                 else if (strcmp(*argv,"-custom_ext") == 0)
1259                         {
1260                         custom_ext = 1;
1261                         }
1262                 else if (strcmp(*argv,"-alpn_client") == 0)
1263                         {
1264                         if (--argc < 1) goto bad;
1265                         alpn_client = *(++argv);
1266                         }
1267                 else if (strcmp(*argv,"-alpn_server") == 0)
1268                         {
1269                         if (--argc < 1) goto bad;
1270                         alpn_server = *(++argv);
1271                         }
1272                 else if (strcmp(*argv,"-alpn_expected") == 0)
1273                         {
1274                         if (--argc < 1) goto bad;
1275                         alpn_expected = *(++argv);
1276                         }
1277                 else
1278                         {
1279                         fprintf(stderr,"unknown option %s\n",*argv);
1280                         badop=1;
1281                         break;
1282                         }
1283                 argc--;
1284                 argv++;
1285                 }
1286         if (badop)
1287                 {
1288 bad:
1289                 sv_usage();
1290                 goto end;
1291                 }
1292
1293         /*
1294          * test_cipherlist prevails over protocol switch: we test the cipherlist
1295          * for all enabled protocols.
1296          */
1297         if (test_cipherlist == 1)
1298                 {
1299                 /* ensure that the cipher list are correctly sorted and exit */
1300                 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1301                         "other options.\n");
1302                 if (do_test_cipherlist() == 0)
1303                         EXIT(1);
1304                 ret = 0;
1305                 goto end;
1306                 }
1307
1308         if (ssl2 + ssl3 + tls1 > 1)
1309                 {
1310                 fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should "
1311                         "be requested.\n");
1312                 EXIT(1);
1313                 }
1314
1315         /*
1316          * Testing was requested for a compiled-out protocol (e.g. SSLv2).
1317          * Ideally, we would error out, but the generic test wrapper can't know
1318          * when to expect failure. So we do nothing and return success.
1319          */
1320         if (no_protocol)
1321                 {
1322                 fprintf(stderr, "Testing was requested for a disabled protocol. "
1323                         "Skipping tests.\n");
1324                 ret = 0;
1325                 goto end;
1326                 }
1327
1328         if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
1329                 {
1330                 fprintf(stderr, "This case cannot work.  Use -f to perform "
1331                         "the test anyway (and\n-d to see what happens), "
1332                         "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
1333                         "to avoid protocol mismatch.\n");
1334                 EXIT(1);
1335                 }
1336
1337 #ifdef OPENSSL_FIPS
1338         if(fips_mode)
1339                 {
1340                 if(!FIPS_mode_set(1))
1341                         {
1342                         ERR_load_crypto_strings();
1343                         ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
1344                         EXIT(1);
1345                         }
1346                 else
1347                         fprintf(stderr,"*** IN FIPS MODE ***\n");
1348                 }
1349 #endif
1350
1351         if (print_time)
1352                 {
1353                 if (!bio_pair)
1354                         {
1355                         fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1356                         bio_pair = 1;
1357                         }
1358                 if (number < 50 && !force)
1359                         fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1360                 }
1361
1362 /*      if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1363
1364         SSL_library_init();
1365         SSL_load_error_strings();
1366
1367 #ifndef OPENSSL_NO_COMP
1368         if (comp == COMP_ZLIB) cm = COMP_zlib();
1369         if (comp == COMP_RLE) cm = COMP_rle();
1370         if (cm != NULL)
1371                 {
1372                 if (cm->type != NID_undef)
1373                         {
1374                         if (SSL_COMP_add_compression_method(comp, cm) != 0)
1375                                 {
1376                                 fprintf(stderr,
1377                                         "Failed to add compression method\n");
1378                                 ERR_print_errors_fp(stderr);
1379                                 }
1380                         }
1381                 else
1382                         {
1383                         fprintf(stderr,
1384                                 "Warning: %s compression not supported\n",
1385                                 (comp == COMP_RLE ? "rle" :
1386                                         (comp == COMP_ZLIB ? "zlib" :
1387                                                 "unknown")));
1388                         ERR_print_errors_fp(stderr);
1389                         }
1390                 }
1391         ssl_comp_methods = SSL_COMP_get_compression_methods();
1392         fprintf(stderr, "Available compression methods:\n");
1393         {
1394         int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1395         if (n == 0)
1396                 fprintf(stderr, "  NONE\n");
1397         else
1398                 for (j = 0; j < n; j++)
1399                         {
1400                         SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1401                         fprintf(stderr, "  %d: %s\n", c->id, c->name);
1402                         }
1403         }
1404 #endif
1405
1406 /* At this point, ssl2/ssl3/tls1 is only set if the protocol is available.
1407  * (Otherwise we exit early.)
1408  * However the compiler doesn't know this, so we ifdef. */
1409 #ifndef OPENSSL_NO_SSL2
1410         if (ssl2)
1411                 meth=SSLv2_method();
1412         else
1413 #endif
1414 #ifndef OPENSSL_NO_SSL3
1415         if (ssl3)
1416                 meth=SSLv3_method();
1417         else
1418 #endif
1419 #ifndef OPENSSL_NO_TLS1
1420         if (tls1)
1421                 meth=TLSv1_method();
1422         else
1423 #endif
1424         meth=SSLv23_method();
1425
1426         c_ctx=SSL_CTX_new(meth);
1427         s_ctx=SSL_CTX_new(meth);
1428         if ((c_ctx == NULL) || (s_ctx == NULL))
1429                 {
1430                 ERR_print_errors(bio_err);
1431                 goto end;
1432                 }
1433         /* Since we will use low security ciphersuites and keys for
1434          * testing set security level to zero.
1435          */
1436         SSL_CTX_set_security_level(c_ctx, 0);
1437         SSL_CTX_set_security_level(s_ctx, 0);
1438
1439         if (cipher != NULL)
1440                 {
1441                 SSL_CTX_set_cipher_list(c_ctx,cipher);
1442                 SSL_CTX_set_cipher_list(s_ctx,cipher);
1443                 }
1444
1445 #ifndef OPENSSL_NO_DH
1446         if (!no_dhe)
1447                 {
1448                 if (dhe1024dsa)
1449                         {
1450                         /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
1451                         SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1452                         dh=get_dh1024dsa();
1453                         }
1454                 else if (dhe1024)
1455                         dh=get_dh1024();
1456                 else
1457                         dh=get_dh512();
1458                 SSL_CTX_set_tmp_dh(s_ctx,dh);
1459                 DH_free(dh);
1460                 }
1461 #else
1462         (void)no_dhe;
1463 #endif
1464
1465 #ifndef OPENSSL_NO_ECDH
1466         if (!no_ecdhe)
1467                 {
1468                 int nid;
1469
1470                 if (named_curve != NULL)
1471                         {
1472                         nid = OBJ_sn2nid(named_curve);
1473                         if (nid == 0)
1474                         {
1475                                 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1476                                 goto end;
1477                                 }
1478                         }
1479                 else
1480 #ifdef OPENSSL_NO_EC2M
1481                         nid = NID_X9_62_prime256v1;
1482 #else
1483                         nid = NID_sect163r2;
1484 #endif
1485
1486                 ecdh = EC_KEY_new_by_curve_name(nid);
1487                 if (ecdh == NULL)
1488                         {
1489                         BIO_printf(bio_err, "unable to create curve\n");
1490                         goto end;
1491                         }
1492
1493                 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1494                 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1495                 EC_KEY_free(ecdh);
1496                 }
1497 #else
1498         (void)no_ecdhe;
1499 #endif
1500
1501 #ifndef OPENSSL_NO_RSA
1502         SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
1503 #endif
1504
1505 #ifdef TLSEXT_TYPE_opaque_prf_input
1506         SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1507         SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1508         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
1509         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
1510 #endif
1511
1512         if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
1513                 {
1514                 ERR_print_errors(bio_err);
1515                 }
1516         else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1517                 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
1518                 {
1519                 ERR_print_errors(bio_err);
1520                 goto end;
1521                 }
1522
1523         if (client_auth)
1524                 {
1525                 SSL_CTX_use_certificate_file(c_ctx,client_cert,
1526                         SSL_FILETYPE_PEM);
1527                 SSL_CTX_use_PrivateKey_file(c_ctx,
1528                         (client_key?client_key:client_cert),
1529                         SSL_FILETYPE_PEM);
1530                 }
1531
1532         if (    (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
1533                 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1534                 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
1535                 (!SSL_CTX_set_default_verify_paths(c_ctx)))
1536                 {
1537                 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1538                 ERR_print_errors(bio_err);
1539                 /* goto end; */
1540                 }
1541
1542         if (client_auth)
1543                 {
1544                 BIO_printf(bio_err,"client authentication\n");
1545                 SSL_CTX_set_verify(s_ctx,
1546                         SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1547                         verify_callback);
1548                 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1549                 }
1550         if (server_auth)
1551                 {
1552                 BIO_printf(bio_err,"server authentication\n");
1553                 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1554                         verify_callback);
1555                 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1556                 }
1557         
1558         {
1559                 int session_id_context = 0;
1560                 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1561         }
1562
1563         /* Use PSK only if PSK key is given */
1564         if (psk_key != NULL)
1565                 {
1566                 /* no_psk is used to avoid putting psk command to openssl tool */
1567                 if (no_psk)
1568                         {
1569                         /* if PSK is not compiled in and psk key is
1570                          * given, do nothing and exit successfully */
1571                         ret=0;
1572                         goto end;
1573                         }
1574 #ifndef OPENSSL_NO_PSK
1575                 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1576                 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1577                 if (debug)
1578                         BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1579                 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1580                         {
1581                         BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1582                         ERR_print_errors(bio_err);
1583                         goto end;
1584                         }
1585 #endif
1586                 }
1587 #ifndef OPENSSL_NO_SRP
1588         if (srp_client_arg.srplogin)
1589                 {
1590                 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
1591                         {
1592                         BIO_printf(bio_err,"Unable to set SRP username\n");
1593                         goto end;
1594                         }
1595                 SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
1596                 SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
1597                 /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
1598                 }
1599
1600         if (srp_server_arg.expected_user != NULL)
1601                 {
1602                 SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
1603                 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1604                 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1605                 }
1606 #endif
1607
1608 #ifndef OPENSSL_NO_NEXTPROTONEG
1609         if (npn_client)
1610                 {
1611                 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1612                 }
1613         if (npn_server)
1614                 {
1615                 if (npn_server_reject)
1616                         {
1617                         BIO_printf(bio_err, "Can't have both -npn_server and -npn_server_reject\n");
1618                         goto end;
1619                         }
1620                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1621                 }
1622         if (npn_server_reject)
1623                 {
1624                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1625                 }
1626 #endif
1627
1628         if (serverinfo_sct)
1629                 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1630                                               NULL, NULL, NULL,
1631                                               serverinfo_cli_parse_cb, NULL);
1632         if (serverinfo_tack)
1633                 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1634                                               NULL, NULL, NULL,
1635                                               serverinfo_cli_parse_cb, NULL);
1636
1637         if (serverinfo_file)
1638                 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file))
1639                         {
1640                         BIO_printf(bio_err, "missing serverinfo file\n");
1641                         goto end;
1642                         }
1643
1644         if (custom_ext)
1645                 {
1646                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0, 
1647                                               custom_ext_0_cli_add_cb,
1648                                               NULL, NULL,
1649                                               custom_ext_0_cli_parse_cb, NULL);
1650                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1, 
1651                                               custom_ext_1_cli_add_cb,
1652                                               NULL, NULL,
1653                                               custom_ext_1_cli_parse_cb, NULL);
1654                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2, 
1655                                               custom_ext_2_cli_add_cb,
1656                                               NULL, NULL,
1657                                               custom_ext_2_cli_parse_cb, NULL);
1658                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3, 
1659                                               custom_ext_3_cli_add_cb,
1660                                               NULL, NULL,
1661                                               custom_ext_3_cli_parse_cb, NULL);
1662
1663
1664                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0, 
1665                                               custom_ext_0_srv_add_cb,
1666                                               NULL, NULL,
1667                                               custom_ext_0_srv_parse_cb, NULL);
1668                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1, 
1669                                               custom_ext_1_srv_add_cb,
1670                                               NULL, NULL,
1671                                               custom_ext_1_srv_parse_cb, NULL);
1672                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2, 
1673                                               custom_ext_2_srv_add_cb,
1674                                               NULL, NULL,
1675                                               custom_ext_2_srv_parse_cb, NULL);
1676                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3, 
1677                                               custom_ext_3_srv_add_cb,
1678                                               NULL, NULL,
1679                                               custom_ext_3_srv_parse_cb, NULL);
1680                 }
1681
1682         if (alpn_server)
1683                 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1684
1685         if (alpn_client)
1686                 {
1687                 unsigned short alpn_len;
1688                 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1689
1690                 if (alpn == NULL)
1691                         {
1692                         BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1693                         goto end;
1694                         }
1695                 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1696                 OPENSSL_free(alpn);
1697                 }
1698
1699         c_ssl=SSL_new(c_ctx);
1700         s_ssl=SSL_new(s_ctx);
1701
1702 #ifndef OPENSSL_NO_KRB5
1703         if (c_ssl  &&  c_ssl->kssl_ctx)
1704                 {
1705                 char    localhost[MAXHOSTNAMELEN+2];
1706
1707                 if (gethostname(localhost, sizeof localhost-1) == 0)
1708                         {
1709                         localhost[sizeof localhost-1]='\0';
1710                         if(strlen(localhost) == sizeof localhost-1)
1711                                 {
1712                                 BIO_printf(bio_err,"localhost name too long\n");
1713                                 goto end;
1714                                 }
1715                         kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1716                                 localhost);
1717                         }
1718                 }
1719 #endif    /* OPENSSL_NO_KRB5  */
1720
1721         for (i=0; i<number; i++)
1722                 {
1723                 if (!reuse) SSL_set_session(c_ssl,NULL);
1724                 if (bio_pair)
1725                         ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1726                 else
1727                         ret=doit(s_ssl,c_ssl,bytes);
1728                 }
1729
1730         if (!verbose)
1731                 {
1732                 print_details(c_ssl, "");
1733                 }
1734         if ((number > 1) || (bytes > 1L))
1735                 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1736         if (print_time)
1737                 {
1738 #ifdef CLOCKS_PER_SEC
1739                 /* "To determine the time in seconds, the value returned
1740                  * by the clock function should be divided by the value
1741                  * of the macro CLOCKS_PER_SEC."
1742                  *                                       -- ISO/IEC 9899 */
1743                 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1744                         "Approximate total client time: %6.2f s\n",
1745                         (double)s_time/CLOCKS_PER_SEC,
1746                         (double)c_time/CLOCKS_PER_SEC);
1747 #else
1748                 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
1749                  *                            -- cc on NeXTstep/OpenStep */
1750                 BIO_printf(bio_stdout,
1751                         "Approximate total server time: %6.2f units\n"
1752                         "Approximate total client time: %6.2f units\n",
1753                         (double)s_time,
1754                         (double)c_time);
1755 #endif
1756                 }
1757
1758         SSL_free(s_ssl);
1759         SSL_free(c_ssl);
1760
1761 end:
1762         if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1763         if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1764
1765         if (bio_stdout != NULL) BIO_free(bio_stdout);
1766
1767 #ifndef OPENSSL_NO_RSA
1768         free_tmp_rsa();
1769 #endif
1770 #ifndef OPENSSL_NO_ENGINE
1771         ENGINE_cleanup();
1772 #endif
1773         CRYPTO_cleanup_all_ex_data();
1774         ERR_free_strings();
1775         ERR_remove_thread_state(NULL);
1776         EVP_cleanup();
1777         CRYPTO_mem_leaks(bio_err);
1778         if (bio_err != NULL) BIO_free(bio_err);
1779         EXIT(ret);
1780         return ret;
1781         }
1782
1783 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1784         clock_t *s_time, clock_t *c_time)
1785         {
1786         long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1787         BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1788         BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1789         int ret = 1;
1790         
1791         size_t bufsiz = 256; /* small buffer for testing */
1792
1793         if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1794                 goto err;
1795         if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1796                 goto err;
1797         
1798         s_ssl_bio = BIO_new(BIO_f_ssl());
1799         if (!s_ssl_bio)
1800                 goto err;
1801
1802         c_ssl_bio = BIO_new(BIO_f_ssl());
1803         if (!c_ssl_bio)
1804                 goto err;
1805
1806         SSL_set_connect_state(c_ssl);
1807         SSL_set_bio(c_ssl, client, client);
1808         (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1809
1810         SSL_set_accept_state(s_ssl);
1811         SSL_set_bio(s_ssl, server, server);
1812         (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1813
1814         do
1815                 {
1816                 /* c_ssl_bio:          SSL filter BIO
1817                  *
1818                  * client:             pseudo-I/O for SSL library
1819                  *
1820                  * client_io:          client's SSL communication; usually to be
1821                  *                     relayed over some I/O facility, but in this
1822                  *                     test program, we're the server, too:
1823                  *
1824                  * server_io:          server's SSL communication
1825                  *
1826                  * server:             pseudo-I/O for SSL library
1827                  *
1828                  * s_ssl_bio:          SSL filter BIO
1829                  *
1830                  * The client and the server each employ a "BIO pair":
1831                  * client + client_io, server + server_io.
1832                  * BIO pairs are symmetric.  A BIO pair behaves similar
1833                  * to a non-blocking socketpair (but both endpoints must
1834                  * be handled by the same thread).
1835                  * [Here we could connect client and server to the ends
1836                  * of a single BIO pair, but then this code would be less
1837                  * suitable as an example for BIO pairs in general.]
1838                  *
1839                  * Useful functions for querying the state of BIO pair endpoints:
1840                  *
1841                  * BIO_ctrl_pending(bio)              number of bytes we can read now
1842                  * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
1843                  *                                      other side's read attempt
1844                  * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
1845                  *
1846                  * ..._read_request is never more than ..._write_guarantee;
1847                  * it depends on the application which one you should use.
1848                  */
1849
1850                 /* We have non-blocking behaviour throughout this test program, but
1851                  * can be sure that there is *some* progress in each iteration; so
1852                  * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1853                  * -- we just try everything in each iteration
1854                  */
1855
1856                         {
1857                         /* CLIENT */
1858                 
1859                         MS_STATIC char cbuf[1024*8];
1860                         int i, r;
1861                         clock_t c_clock = clock();
1862
1863                         memset(cbuf, 0, sizeof(cbuf));
1864
1865                         if (debug)
1866                                 if (SSL_in_init(c_ssl))
1867                                         printf("client waiting in SSL_connect - %s\n",
1868                                                 SSL_state_string_long(c_ssl));
1869
1870                         if (cw_num > 0)
1871                                 {
1872                                 /* Write to server. */
1873                                 
1874                                 if (cw_num > (long)sizeof cbuf)
1875                                         i = sizeof cbuf;
1876                                 else
1877                                         i = (int)cw_num;
1878                                 r = BIO_write(c_ssl_bio, cbuf, i);
1879                                 if (r < 0)
1880                                         {
1881                                         if (!BIO_should_retry(c_ssl_bio))
1882                                                 {
1883                                                 fprintf(stderr,"ERROR in CLIENT\n");
1884                                                 goto err;
1885                                                 }
1886                                         /* BIO_should_retry(...) can just be ignored here.
1887                                          * The library expects us to call BIO_write with
1888                                          * the same arguments again, and that's what we will
1889                                          * do in the next iteration. */
1890                                         }
1891                                 else if (r == 0)
1892                                         {
1893                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1894                                         goto err;
1895                                         }
1896                                 else
1897                                         {
1898                                         if (debug)
1899                                                 printf("client wrote %d\n", r);
1900                                         cw_num -= r;                            
1901                                         }
1902                                 }
1903
1904                         if (cr_num > 0)
1905                                 {
1906                                 /* Read from server. */
1907
1908                                 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1909                                 if (r < 0)
1910                                         {
1911                                         if (!BIO_should_retry(c_ssl_bio))
1912                                                 {
1913                                                 fprintf(stderr,"ERROR in CLIENT\n");
1914                                                 goto err;
1915                                                 }
1916                                         /* Again, "BIO_should_retry" can be ignored. */
1917                                         }
1918                                 else if (r == 0)
1919                                         {
1920                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1921                                         goto err;
1922                                         }
1923                                 else
1924                                         {
1925                                         if (debug)
1926                                                 printf("client read %d\n", r);
1927                                         cr_num -= r;
1928                                         }
1929                                 }
1930
1931                         /* c_time and s_time increments will typically be very small
1932                          * (depending on machine speed and clock tick intervals),
1933                          * but sampling over a large number of connections should
1934                          * result in fairly accurate figures.  We cannot guarantee
1935                          * a lot, however -- if each connection lasts for exactly
1936                          * one clock tick, it will be counted only for the client
1937                          * or only for the server or even not at all.
1938                          */
1939                         *c_time += (clock() - c_clock);
1940                         }
1941
1942                         {
1943                         /* SERVER */
1944                 
1945                         MS_STATIC char sbuf[1024*8];
1946                         int i, r;
1947                         clock_t s_clock = clock();
1948
1949                         memset(sbuf, 0, sizeof(sbuf));
1950
1951                         if (debug)
1952                                 if (SSL_in_init(s_ssl))
1953                                         printf("server waiting in SSL_accept - %s\n",
1954                                                 SSL_state_string_long(s_ssl));
1955
1956                         if (sw_num > 0)
1957                                 {
1958                                 /* Write to client. */
1959                                 
1960                                 if (sw_num > (long)sizeof sbuf)
1961                                         i = sizeof sbuf;
1962                                 else
1963                                         i = (int)sw_num;
1964                                 r = BIO_write(s_ssl_bio, sbuf, i);
1965                                 if (r < 0)
1966                                         {
1967                                         if (!BIO_should_retry(s_ssl_bio))
1968                                                 {
1969                                                 fprintf(stderr,"ERROR in SERVER\n");
1970                                                 goto err;
1971                                                 }
1972                                         /* Ignore "BIO_should_retry". */
1973                                         }
1974                                 else if (r == 0)
1975                                         {
1976                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
1977                                         goto err;
1978                                         }
1979                                 else
1980                                         {
1981                                         if (debug)
1982                                                 printf("server wrote %d\n", r);
1983                                         sw_num -= r;                            
1984                                         }
1985                                 }
1986
1987                         if (sr_num > 0)
1988                                 {
1989                                 /* Read from client. */
1990
1991                                 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
1992                                 if (r < 0)
1993                                         {
1994                                         if (!BIO_should_retry(s_ssl_bio))
1995                                                 {
1996                                                 fprintf(stderr,"ERROR in SERVER\n");
1997                                                 goto err;
1998                                                 }
1999                                         /* blah, blah */
2000                                         }
2001                                 else if (r == 0)
2002                                         {
2003                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2004                                         goto err;
2005                                         }
2006                                 else
2007                                         {
2008                                         if (debug)
2009                                                 printf("server read %d\n", r);
2010                                         sr_num -= r;
2011                                         }
2012                                 }
2013
2014                         *s_time += (clock() - s_clock);
2015                         }
2016                         
2017                         {
2018                         /* "I/O" BETWEEN CLIENT AND SERVER. */
2019
2020                         size_t r1, r2;
2021                         BIO *io1 = server_io, *io2 = client_io;
2022                         /* we use the non-copying interface for io1
2023                          * and the standard BIO_write/BIO_read interface for io2
2024                          */
2025                         
2026                         static int prev_progress = 1;
2027                         int progress = 0;
2028                         
2029                         /* io1 to io2 */
2030                         do
2031                                 {
2032                                 size_t num;
2033                                 int r;
2034
2035                                 r1 = BIO_ctrl_pending(io1);
2036                                 r2 = BIO_ctrl_get_write_guarantee(io2);
2037
2038                                 num = r1;
2039                                 if (r2 < num)
2040                                         num = r2;
2041                                 if (num)
2042                                         {
2043                                         char *dataptr;
2044
2045                                         if (INT_MAX < num) /* yeah, right */
2046                                                 num = INT_MAX;
2047                                         
2048                                         r = BIO_nread(io1, &dataptr, (int)num);
2049                                         assert(r > 0);
2050                                         assert(r <= (int)num);
2051                                         /* possibly r < num (non-contiguous data) */
2052                                         num = r;
2053                                         r = BIO_write(io2, dataptr, (int)num);
2054                                         if (r != (int)num) /* can't happen */
2055                                                 {
2056                                                 fprintf(stderr, "ERROR: BIO_write could not write "
2057                                                         "BIO_ctrl_get_write_guarantee() bytes");
2058                                                 goto err;
2059                                                 }
2060                                         progress = 1;
2061
2062                                         if (debug)
2063                                                 printf((io1 == client_io) ?
2064                                                         "C->S relaying: %d bytes\n" :
2065                                                         "S->C relaying: %d bytes\n",
2066                                                         (int)num);
2067                                         }
2068                                 }
2069                         while (r1 && r2);
2070
2071                         /* io2 to io1 */
2072                         {
2073                                 size_t num;
2074                                 int r;
2075
2076                                 r1 = BIO_ctrl_pending(io2);
2077                                 r2 = BIO_ctrl_get_read_request(io1);
2078                                 /* here we could use ..._get_write_guarantee instead of
2079                                  * ..._get_read_request, but by using the latter
2080                                  * we test restartability of the SSL implementation
2081                                  * more thoroughly */
2082                                 num = r1;
2083                                 if (r2 < num)
2084                                         num = r2;
2085                                 if (num)
2086                                         {
2087                                         char *dataptr;
2088                                         
2089                                         if (INT_MAX < num)
2090                                                 num = INT_MAX;
2091
2092                                         if (num > 1)
2093                                                 --num; /* test restartability even more thoroughly */
2094                                         
2095                                         r = BIO_nwrite0(io1, &dataptr);
2096                                         assert(r > 0);
2097                                         if (r < (int)num)
2098                                                 num = r;
2099                                         r = BIO_read(io2, dataptr, (int)num);
2100                                         if (r != (int)num) /* can't happen */
2101                                                 {
2102                                                 fprintf(stderr, "ERROR: BIO_read could not read "
2103                                                         "BIO_ctrl_pending() bytes");
2104                                                 goto err;
2105                                                 }
2106                                         progress = 1;
2107                                         r = BIO_nwrite(io1, &dataptr, (int)num);
2108                                         if (r != (int)num) /* can't happen */
2109                                                 {
2110                                                 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2111                                                         "BIO_nwrite0() bytes");
2112                                                 goto err;
2113                                                 }
2114                                         
2115                                         if (debug)
2116                                                 printf((io2 == client_io) ?
2117                                                         "C->S relaying: %d bytes\n" :
2118                                                         "S->C relaying: %d bytes\n",
2119                                                         (int)num);
2120                                         }
2121                         } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
2122
2123                         if (!progress && !prev_progress)
2124                                 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
2125                                         {
2126                                         fprintf(stderr, "ERROR: got stuck\n");
2127                                         if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
2128                                                 {
2129                                                 fprintf(stderr, "This can happen for SSL2 because "
2130                                                         "CLIENT-FINISHED and SERVER-VERIFY are written \n"
2131                                                         "concurrently ...");
2132                                                 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
2133                                                         && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
2134                                                         {
2135                                                         fprintf(stderr, " ok.\n");
2136                                                         goto end;
2137                                                         }
2138                                                 }
2139                                         fprintf(stderr, " ERROR.\n");
2140                                         goto err;
2141                                         }
2142                         prev_progress = progress;
2143                         }
2144                 }
2145         while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2146
2147         if (verbose)
2148                 print_details(c_ssl, "DONE via BIO pair: ");
2149 #ifndef OPENSSL_NO_NEXTPROTONEG
2150         if (verify_npn(c_ssl, s_ssl) < 0)
2151                 {
2152                 ret = 1;
2153                 goto end;
2154                 }
2155 #endif
2156         if (verify_serverinfo() < 0)
2157                 {
2158                 fprintf(stderr, "Server info verify error\n");
2159                 ret = 1;
2160                 goto err;
2161                 }
2162         if (verify_alpn(c_ssl, s_ssl) < 0)
2163                 {
2164                 ret = 1;
2165                 goto err;
2166                 }
2167
2168         if (custom_ext_error)
2169                 {
2170                 fprintf(stderr, "Custom extension error\n");
2171                 ret = 1;
2172                 goto err;
2173                 }
2174
2175 end:
2176         ret = 0;
2177
2178  err:
2179         ERR_print_errors(bio_err);
2180         
2181         if (server)
2182                 BIO_free(server);
2183         if (server_io)
2184                 BIO_free(server_io);
2185         if (client)
2186                 BIO_free(client);
2187         if (client_io)
2188                 BIO_free(client_io);
2189         if (s_ssl_bio)
2190                 BIO_free(s_ssl_bio);
2191         if (c_ssl_bio)
2192                 BIO_free(c_ssl_bio);
2193
2194         return ret;
2195         }
2196
2197
2198 #define W_READ  1
2199 #define W_WRITE 2
2200 #define C_DONE  1
2201 #define S_DONE  2
2202
2203 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2204         {
2205         char *cbuf=NULL,*sbuf=NULL;
2206         long bufsiz;
2207         long cw_num=count,cr_num=count;
2208         long sw_num=count,sr_num=count;
2209         int ret=1;
2210         BIO *c_to_s=NULL;
2211         BIO *s_to_c=NULL;
2212         BIO *c_bio=NULL;
2213         BIO *s_bio=NULL;
2214         int c_r,c_w,s_r,s_w;
2215         int i,j;
2216         int done=0;
2217         int c_write,s_write;
2218         int do_server=0,do_client=0;
2219         int max_frag = 5*1024;
2220
2221         bufsiz = count>40*1024 ? 40*1024 : count;
2222
2223         if ((cbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2224         if ((sbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2225
2226         memset(cbuf,0,bufsiz);
2227         memset(sbuf,0,bufsiz);
2228
2229         c_to_s=BIO_new(BIO_s_mem());
2230         s_to_c=BIO_new(BIO_s_mem());
2231         if ((s_to_c == NULL) || (c_to_s == NULL))
2232                 {
2233                 ERR_print_errors(bio_err);
2234                 goto err;
2235                 }
2236
2237         c_bio=BIO_new(BIO_f_ssl());
2238         s_bio=BIO_new(BIO_f_ssl());
2239         if ((c_bio == NULL) || (s_bio == NULL))
2240                 {
2241                 ERR_print_errors(bio_err);
2242                 goto err;
2243                 }
2244
2245         SSL_set_connect_state(c_ssl);
2246         SSL_set_bio(c_ssl,s_to_c,c_to_s);
2247         SSL_set_max_send_fragment(c_ssl,max_frag);
2248         BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
2249
2250         SSL_set_accept_state(s_ssl);
2251         SSL_set_bio(s_ssl,c_to_s,s_to_c);
2252         SSL_set_max_send_fragment(s_ssl,max_frag);
2253         BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
2254
2255         c_r=0; s_r=1;
2256         c_w=1; s_w=0;
2257         c_write=1,s_write=0;
2258
2259         /* We can always do writes */
2260         for (;;)
2261                 {
2262                 do_server=0;
2263                 do_client=0;
2264
2265                 i=(int)BIO_pending(s_bio);
2266                 if ((i && s_r) || s_w) do_server=1;
2267
2268                 i=(int)BIO_pending(c_bio);
2269                 if ((i && c_r) || c_w) do_client=1;
2270
2271                 if (do_server && debug)
2272                         {
2273                         if (SSL_in_init(s_ssl))
2274                                 printf("server waiting in SSL_accept - %s\n",
2275                                         SSL_state_string_long(s_ssl));
2276 /*                      else if (s_write)
2277                                 printf("server:SSL_write()\n");
2278                         else
2279                                 printf("server:SSL_read()\n"); */
2280                         }
2281
2282                 if (do_client && debug)
2283                         {
2284                         if (SSL_in_init(c_ssl))
2285                                 printf("client waiting in SSL_connect - %s\n",
2286                                         SSL_state_string_long(c_ssl));
2287 /*                      else if (c_write)
2288                                 printf("client:SSL_write()\n");
2289                         else
2290                                 printf("client:SSL_read()\n"); */
2291                         }
2292
2293                 if (!do_client && !do_server)
2294                         {
2295                         fprintf(stdout,"ERROR IN STARTUP\n");
2296                         ERR_print_errors(bio_err);
2297                         break;
2298                         }
2299                 if (do_client && !(done & C_DONE))
2300                         {
2301                         if (c_write)
2302                                 {
2303                                 j = (cw_num > bufsiz) ?
2304                                         (int)bufsiz : (int)cw_num;
2305                                 i=BIO_write(c_bio,cbuf,j);
2306                                 if (i < 0)
2307                                         {
2308                                         c_r=0;
2309                                         c_w=0;
2310                                         if (BIO_should_retry(c_bio))
2311                                                 {
2312                                                 if (BIO_should_read(c_bio))
2313                                                         c_r=1;
2314                                                 if (BIO_should_write(c_bio))
2315                                                         c_w=1;
2316                                                 }
2317                                         else
2318                                                 {
2319                                                 fprintf(stderr,"ERROR in CLIENT\n");
2320                                                 ERR_print_errors(bio_err);
2321                                                 goto err;
2322                                                 }
2323                                         }
2324                                 else if (i == 0)
2325                                         {
2326                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2327                                         goto err;
2328                                         }
2329                                 else
2330                                         {
2331                                         if (debug)
2332                                                 printf("client wrote %d\n",i);
2333                                         /* ok */
2334                                         s_r=1;
2335                                         c_write=0;
2336                                         cw_num-=i;
2337                                         if (max_frag>1029)
2338                                                 SSL_set_max_send_fragment(c_ssl,max_frag-=5);
2339                                         }
2340                                 }
2341                         else
2342                                 {
2343                                 i=BIO_read(c_bio,cbuf,bufsiz);
2344                                 if (i < 0)
2345                                         {
2346                                         c_r=0;
2347                                         c_w=0;
2348                                         if (BIO_should_retry(c_bio))
2349                                                 {
2350                                                 if (BIO_should_read(c_bio))
2351                                                         c_r=1;
2352                                                 if (BIO_should_write(c_bio))
2353                                                         c_w=1;
2354                                                 }
2355                                         else
2356                                                 {
2357                                                 fprintf(stderr,"ERROR in CLIENT\n");
2358                                                 ERR_print_errors(bio_err);
2359                                                 goto err;
2360                                                 }
2361                                         }
2362                                 else if (i == 0)
2363                                         {
2364                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2365                                         goto err;
2366                                         }
2367                                 else
2368                                         {
2369                                         if (debug)
2370                                                 printf("client read %d\n",i);
2371                                         cr_num-=i;
2372                                         if (sw_num > 0)
2373                                                 {
2374                                                 s_write=1;
2375                                                 s_w=1;
2376                                                 }
2377                                         if (cr_num <= 0)
2378                                                 {
2379                                                 s_write=1;
2380                                                 s_w=1;
2381                                                 done=S_DONE|C_DONE;
2382                                                 }
2383                                         }
2384                                 }
2385                         }
2386
2387                 if (do_server && !(done & S_DONE))
2388                         {
2389                         if (!s_write)
2390                                 {
2391                                 i=BIO_read(s_bio,sbuf,bufsiz);
2392                                 if (i < 0)
2393                                         {
2394                                         s_r=0;
2395                                         s_w=0;
2396                                         if (BIO_should_retry(s_bio))
2397                                                 {
2398                                                 if (BIO_should_read(s_bio))
2399                                                         s_r=1;
2400                                                 if (BIO_should_write(s_bio))
2401                                                         s_w=1;
2402                                                 }
2403                                         else
2404                                                 {
2405                                                 fprintf(stderr,"ERROR in SERVER\n");
2406                                                 ERR_print_errors(bio_err);
2407                                                 goto err;
2408                                                 }
2409                                         }
2410                                 else if (i == 0)
2411                                         {
2412                                         ERR_print_errors(bio_err);
2413                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
2414                                         goto err;
2415                                         }
2416                                 else
2417                                         {
2418                                         if (debug)
2419                                                 printf("server read %d\n",i);
2420                                         sr_num-=i;
2421                                         if (cw_num > 0)
2422                                                 {
2423                                                 c_write=1;
2424                                                 c_w=1;
2425                                                 }
2426                                         if (sr_num <= 0)
2427                                                 {
2428                                                 s_write=1;
2429                                                 s_w=1;
2430                                                 c_write=0;
2431                                                 }
2432                                         }
2433                                 }
2434                         else
2435                                 {
2436                                 j = (sw_num > bufsiz) ?
2437                                         (int)bufsiz : (int)sw_num;
2438                                 i=BIO_write(s_bio,sbuf,j);
2439                                 if (i < 0)
2440                                         {
2441                                         s_r=0;
2442                                         s_w=0;
2443                                         if (BIO_should_retry(s_bio))
2444                                                 {
2445                                                 if (BIO_should_read(s_bio))
2446                                                         s_r=1;
2447                                                 if (BIO_should_write(s_bio))
2448                                                         s_w=1;
2449                                                 }
2450                                         else
2451                                                 {
2452                                                 fprintf(stderr,"ERROR in SERVER\n");
2453                                                 ERR_print_errors(bio_err);
2454                                                 goto err;
2455                                                 }
2456                                         }
2457                                 else if (i == 0)
2458                                         {
2459                                         ERR_print_errors(bio_err);
2460                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
2461                                         goto err;
2462                                         }
2463                                 else
2464                                         {
2465                                         if (debug)
2466                                                 printf("server wrote %d\n",i);
2467                                         sw_num-=i;
2468                                         s_write=0;
2469                                         c_r=1;
2470                                         if (sw_num <= 0)
2471                                                 done|=S_DONE;
2472                                         if (max_frag>1029)
2473                                                 SSL_set_max_send_fragment(s_ssl,max_frag-=5);
2474                                         }
2475                                 }
2476                         }
2477
2478                 if ((done & S_DONE) && (done & C_DONE)) break;
2479                 }
2480
2481         if (verbose)
2482                 print_details(c_ssl, "DONE: ");
2483 #ifndef OPENSSL_NO_NEXTPROTONEG
2484         if (verify_npn(c_ssl, s_ssl) < 0)
2485                 {
2486                 ret = 1;
2487                 goto err;
2488                 }
2489 #endif
2490         if (verify_serverinfo() < 0)
2491                 {
2492                 fprintf(stderr, "Server info verify error\n");
2493                 ret = 1;
2494                 goto err;
2495                 }
2496         if (custom_ext_error)
2497                 {
2498                 fprintf(stderr, "Custom extension error\n");
2499                 ret = 1;
2500                 goto err;
2501                 }
2502         ret=0;
2503 err:
2504         /* We have to set the BIO's to NULL otherwise they will be
2505          * OPENSSL_free()ed twice.  Once when th s_ssl is SSL_free()ed and
2506          * again when c_ssl is SSL_free()ed.
2507          * This is a hack required because s_ssl and c_ssl are sharing the same
2508          * BIO structure and SSL_set_bio() and SSL_free() automatically
2509          * BIO_free non NULL entries.
2510          * You should not normally do this or be required to do this */
2511         if (s_ssl != NULL)
2512                 {
2513                 s_ssl->rbio=NULL;
2514                 s_ssl->wbio=NULL;
2515                 }
2516         if (c_ssl != NULL)
2517                 {
2518                 c_ssl->rbio=NULL;
2519                 c_ssl->wbio=NULL;
2520                 }
2521
2522         if (c_to_s != NULL) BIO_free(c_to_s);
2523         if (s_to_c != NULL) BIO_free(s_to_c);
2524         if (c_bio != NULL) BIO_free_all(c_bio);
2525         if (s_bio != NULL) BIO_free_all(s_bio);
2526
2527         if (cbuf) OPENSSL_free(cbuf);
2528         if (sbuf) OPENSSL_free(sbuf);
2529
2530         return(ret);
2531         }
2532
2533 static int get_proxy_auth_ex_data_idx(void)
2534         {
2535         static volatile int idx = -1;
2536         if (idx < 0)
2537                 {
2538                 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2539                 if (idx < 0)
2540                         {
2541                         idx = X509_STORE_CTX_get_ex_new_index(0,
2542                                 "SSLtest for verify callback", NULL,NULL,NULL);
2543                         }
2544                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2545                 }
2546         return idx;
2547         }
2548
2549 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2550         {
2551         char *s,buf[256];
2552
2553         s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
2554                             sizeof buf);
2555         if (s != NULL)
2556                 {
2557                 if (ok)
2558                         fprintf(stderr,"depth=%d %s\n",
2559                                 ctx->error_depth,buf);
2560                 else
2561                         {
2562                         fprintf(stderr,"depth=%d error=%d %s\n",
2563                                 ctx->error_depth,ctx->error,buf);
2564                         }
2565                 }
2566
2567         if (ok == 0)
2568                 {
2569                 fprintf(stderr,"Error string: %s\n",
2570                         X509_verify_cert_error_string(ctx->error));
2571                 switch (ctx->error)
2572                         {
2573                 case X509_V_ERR_CERT_NOT_YET_VALID:
2574                 case X509_V_ERR_CERT_HAS_EXPIRED:
2575                 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2576                         fprintf(stderr,"  ... ignored.\n");
2577                         ok=1;
2578                         }
2579                 }
2580
2581         if (ok == 1)
2582                 {
2583                 X509 *xs = ctx->current_cert;
2584 #if 0
2585                 X509 *xi = ctx->current_issuer;
2586 #endif
2587
2588                 if (xs->ex_flags & EXFLAG_PROXY)
2589                         {
2590                         unsigned int *letters =
2591                                 X509_STORE_CTX_get_ex_data(ctx,
2592                                         get_proxy_auth_ex_data_idx());
2593
2594                         if (letters)
2595                                 {
2596                                 int found_any = 0;
2597                                 int i;
2598                                 PROXY_CERT_INFO_EXTENSION *pci =
2599                                         X509_get_ext_d2i(xs, NID_proxyCertInfo,
2600                                                 NULL, NULL);
2601
2602                                 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
2603                                         {
2604                                 case NID_Independent:
2605                                         /* Completely meaningless in this
2606                                            program, as there's no way to
2607                                            grant explicit rights to a
2608                                            specific PrC.  Basically, using
2609                                            id-ppl-Independent is the perfect
2610                                            way to grant no rights at all. */
2611                                         fprintf(stderr, "  Independent proxy certificate");
2612                                         for (i = 0; i < 26; i++)
2613                                                 letters[i] = 0;
2614                                         break;
2615                                 case NID_id_ppl_inheritAll:
2616                                         /* This is basically a NOP, we
2617                                            simply let the current rights
2618                                            stand as they are. */
2619                                         fprintf(stderr, "  Proxy certificate inherits all");
2620                                         break;
2621                                 default:
2622                                         s = (char *)
2623                                                 pci->proxyPolicy->policy->data;
2624                                         i = pci->proxyPolicy->policy->length;
2625
2626                                         /* The algorithm works as follows:
2627                                            it is assumed that previous
2628                                            iterations or the initial granted
2629                                            rights has already set some elements
2630                                            of `letters'.  What we need to do is
2631                                            to clear those that weren't granted
2632                                            by the current PrC as well.  The
2633                                            easiest way to do this is to add 1
2634                                            to all the elements whose letters
2635                                            are given with the current policy.
2636                                            That way, all elements that are set
2637                                            by the current policy and were
2638                                            already set by earlier policies and
2639                                            through the original grant of rights
2640                                            will get the value 2 or higher.
2641                                            The last thing to do is to sweep
2642                                            through `letters' and keep the
2643                                            elements having the value 2 as set,
2644                                            and clear all the others. */
2645
2646                                         fprintf(stderr, "  Certificate proxy rights = %*.*s", i, i, s);
2647                                         while(i-- > 0)
2648                                                 {
2649                                                 int c = *s++;
2650                                                 if (isascii(c) && isalpha(c))
2651                                                         {
2652                                                         if (islower(c))
2653                                                                 c = toupper(c);
2654                                                         letters[c - 'A']++;
2655                                                         }
2656                                                 }
2657                                         for (i = 0; i < 26; i++)
2658                                                 if (letters[i] < 2)
2659                                                         letters[i] = 0;
2660                                                 else
2661                                                         letters[i] = 1;
2662                                         }
2663
2664                                 found_any = 0;
2665                                 fprintf(stderr,
2666                                         ", resulting proxy rights = ");
2667                                 for(i = 0; i < 26; i++)
2668                                         if (letters[i])
2669                                                 {
2670                                                 fprintf(stderr, "%c", i + 'A');
2671                                                 found_any = 1;
2672                                                 }
2673                                 if (!found_any)
2674                                         fprintf(stderr, "none");
2675                                 fprintf(stderr, "\n");
2676
2677                                 PROXY_CERT_INFO_EXTENSION_free(pci);
2678                                 }
2679                         }
2680                 }
2681
2682         return(ok);
2683         }
2684
2685 static void process_proxy_debug(int indent, const char *format, ...)
2686         {
2687         static const char indentation[] =
2688                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2689                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
2690         char my_format[256];
2691         va_list args;
2692
2693         BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2694                 indent, indent, indentation, format);
2695
2696         va_start(args, format);
2697         vfprintf(stderr, my_format, args);
2698         va_end(args);
2699         }
2700 /* Priority levels:
2701    0    [!]var, ()
2702    1    & ^
2703    2    |
2704 */
2705 static int process_proxy_cond_adders(unsigned int letters[26],
2706         const char *cond, const char **cond_end, int *pos, int indent);
2707 static int process_proxy_cond_val(unsigned int letters[26],
2708         const char *cond, const char **cond_end, int *pos, int indent)
2709         {
2710         int c;
2711         int ok = 1;
2712         int negate = 0;
2713
2714         while(isspace((int)*cond))
2715                 {
2716                 cond++; (*pos)++;
2717                 }
2718         c = *cond;
2719
2720         if (debug)
2721                 process_proxy_debug(indent,
2722                         "Start process_proxy_cond_val at position %d: %s\n",
2723                         *pos, cond);
2724
2725         while(c == '!')
2726                 {
2727                 negate = !negate;
2728                 cond++; (*pos)++;
2729                 while(isspace((int)*cond))
2730                         {
2731                         cond++; (*pos)++;
2732                         }
2733                 c = *cond;
2734                 }
2735
2736         if (c == '(')
2737                 {
2738                 cond++; (*pos)++;
2739                 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2740                         indent + 1);
2741                 cond = *cond_end;
2742                 if (ok < 0)
2743                         goto end;
2744                 while(isspace((int)*cond))
2745                         {
2746                         cond++; (*pos)++;
2747                         }
2748                 c = *cond;
2749                 if (c != ')')
2750                         {
2751                         fprintf(stderr,
2752                                 "Weird condition character in position %d: "
2753                                 "%c\n", *pos, c);
2754                         ok = -1;
2755                         goto end;
2756                         }
2757                 cond++; (*pos)++;
2758                 }
2759         else if (isascii(c) && isalpha(c))
2760                 {
2761                 if (islower(c))
2762                         c = toupper(c);
2763                 ok = letters[c - 'A'];
2764                 cond++; (*pos)++;
2765                 }
2766         else
2767                 {
2768                 fprintf(stderr,
2769                         "Weird condition character in position %d: "
2770                         "%c\n", *pos, c);
2771                 ok = -1;
2772                 goto end;
2773                 }
2774  end:
2775         *cond_end = cond;
2776         if (ok >= 0 && negate)
2777                 ok = !ok;
2778
2779         if (debug)
2780                 process_proxy_debug(indent,
2781                         "End process_proxy_cond_val at position %d: %s, returning %d\n",
2782                         *pos, cond, ok);
2783
2784         return ok;
2785         }
2786 static int process_proxy_cond_multipliers(unsigned int letters[26],
2787         const char *cond, const char **cond_end, int *pos, int indent)
2788         {
2789         int ok;
2790         char c;
2791
2792         if (debug)
2793                 process_proxy_debug(indent,
2794                         "Start process_proxy_cond_multipliers at position %d: %s\n",
2795                         *pos, cond);
2796
2797         ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2798         cond = *cond_end;
2799         if (ok < 0)
2800                 goto end;
2801
2802         while(ok >= 0)
2803                 {
2804                 while(isspace((int)*cond))
2805                         {
2806                         cond++; (*pos)++;
2807                         }
2808                 c = *cond;
2809
2810                 switch(c)
2811                         {
2812                 case '&':
2813                 case '^':
2814                         {
2815                         int save_ok = ok;
2816
2817                         cond++; (*pos)++;
2818                         ok = process_proxy_cond_val(letters,
2819                                 cond, cond_end, pos, indent + 1);
2820                         cond = *cond_end;
2821                         if (ok < 0)
2822                                 break;
2823
2824                         switch(c)
2825                                 {
2826                         case '&':
2827                                 ok &= save_ok;
2828                                 break;
2829                         case '^':
2830                                 ok ^= save_ok;
2831                                 break;
2832                         default:
2833                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2834                                         " STOPPING\n");
2835                                 EXIT(1);
2836                                 }
2837                         }
2838                         break;
2839                 default:
2840                         goto end;
2841                         }
2842                 }
2843  end:
2844         if (debug)
2845                 process_proxy_debug(indent,
2846                         "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2847                         *pos, cond, ok);
2848
2849         *cond_end = cond;
2850         return ok;
2851         }
2852 static int process_proxy_cond_adders(unsigned int letters[26],
2853         const char *cond, const char **cond_end, int *pos, int indent)
2854         {
2855         int ok;
2856         char c;
2857
2858         if (debug)
2859                 process_proxy_debug(indent,
2860                         "Start process_proxy_cond_adders at position %d: %s\n",
2861                         *pos, cond);
2862
2863         ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2864                 indent + 1);
2865         cond = *cond_end;
2866         if (ok < 0)
2867                 goto end;
2868
2869         while(ok >= 0)
2870                 {
2871                 while(isspace((int)*cond))
2872                         {
2873                         cond++; (*pos)++;
2874                         }
2875                 c = *cond;
2876
2877                 switch(c)
2878                         {
2879                 case '|':
2880                         {
2881                         int save_ok = ok;
2882
2883                         cond++; (*pos)++;
2884                         ok = process_proxy_cond_multipliers(letters,
2885                                 cond, cond_end, pos, indent + 1);
2886                         cond = *cond_end;
2887                         if (ok < 0)
2888                                 break;
2889
2890                         switch(c)
2891                                 {
2892                         case '|':
2893                                 ok |= save_ok;
2894                                 break;
2895                         default:
2896                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2897                                         " STOPPING\n");
2898                                 EXIT(1);
2899                                 }
2900                         }
2901                         break;
2902                 default:
2903                         goto end;
2904                         }
2905                 }
2906  end:
2907         if (debug)
2908                 process_proxy_debug(indent,
2909                         "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2910                         *pos, cond, ok);
2911
2912         *cond_end = cond;
2913         return ok;
2914         }
2915
2916 static int process_proxy_cond(unsigned int letters[26],
2917         const char *cond, const char **cond_end)
2918         {
2919         int pos = 1;
2920         return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2921         }
2922
2923 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2924         {
2925         int ok=1;
2926         struct app_verify_arg *cb_arg = arg;
2927         unsigned int letters[26]; /* only used with proxy_auth */
2928
2929         if (cb_arg->app_verify)
2930                 {
2931                 char *s = NULL,buf[256];
2932
2933                 fprintf(stderr, "In app_verify_callback, allowing cert. ");
2934                 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
2935                 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2936                         (void *)ctx, (void *)ctx->cert);
2937                 if (ctx->cert)
2938                         s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
2939                 if (s != NULL)
2940                         {
2941                         fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
2942                         }
2943                 return(1);
2944                 }
2945         if (cb_arg->proxy_auth)
2946                 {
2947                 int found_any = 0, i;
2948                 char *sp;
2949
2950                 for(i = 0; i < 26; i++)
2951                         letters[i] = 0;
2952                 for(sp = cb_arg->proxy_auth; *sp; sp++)
2953                         {
2954                         int c = *sp;
2955                         if (isascii(c) && isalpha(c))
2956                                 {
2957                                 if (islower(c))
2958                                         c = toupper(c);
2959                                 letters[c - 'A'] = 1;
2960                                 }
2961                         }
2962
2963                 fprintf(stderr,
2964                         "  Initial proxy rights = ");
2965                 for(i = 0; i < 26; i++)
2966                         if (letters[i])
2967                                 {
2968                                 fprintf(stderr, "%c", i + 'A');
2969                                 found_any = 1;
2970                                 }
2971                 if (!found_any)
2972                         fprintf(stderr, "none");
2973                 fprintf(stderr, "\n");
2974
2975                 X509_STORE_CTX_set_ex_data(ctx,
2976                         get_proxy_auth_ex_data_idx(),letters);
2977                 }
2978         if (cb_arg->allow_proxy_certs)
2979                 {
2980                 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2981                 }
2982
2983 #ifndef OPENSSL_NO_X509_VERIFY
2984         ok = X509_verify_cert(ctx);
2985 #endif
2986
2987         if (cb_arg->proxy_auth)
2988                 {
2989                 if (ok > 0)
2990                         {
2991                         const char *cond_end = NULL;
2992
2993                         ok = process_proxy_cond(letters,
2994                                 cb_arg->proxy_cond, &cond_end);
2995
2996                         if (ok < 0)
2997                                 EXIT(3);
2998                         if (*cond_end)
2999                                 {
3000                                 fprintf(stderr, "Stopped processing condition before it's end.\n");
3001                                 ok = 0;
3002                                 }
3003                         if (!ok)
3004                                 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
3005                                         cb_arg->proxy_cond);
3006                         else
3007                                 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
3008                                         cb_arg->proxy_cond);
3009                         }
3010                 }
3011         return(ok);
3012         }
3013
3014 #ifndef OPENSSL_NO_RSA
3015 static RSA *rsa_tmp=NULL;
3016
3017 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
3018         {
3019         BIGNUM *bn = NULL;
3020         if (rsa_tmp == NULL)
3021                 {
3022                 bn = BN_new();
3023                 rsa_tmp = RSA_new();
3024                 if(!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4))
3025                         {
3026                         BIO_printf(bio_err, "Memory error...");
3027                         goto end;
3028                         }
3029                 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
3030                 (void)BIO_flush(bio_err);
3031                 if(!RSA_generate_key_ex(rsa_tmp,keylength,bn,NULL))
3032                         {
3033                         BIO_printf(bio_err, "Error generating key.");
3034                         RSA_free(rsa_tmp);
3035                         rsa_tmp = NULL;
3036                         }
3037 end:
3038                 BIO_printf(bio_err,"\n");
3039                 (void)BIO_flush(bio_err);
3040                 }
3041         if(bn) BN_free(bn);
3042         return(rsa_tmp);
3043         }
3044
3045 static void free_tmp_rsa(void)
3046         {
3047         if (rsa_tmp != NULL)
3048                 {
3049                 RSA_free(rsa_tmp);
3050                 rsa_tmp = NULL;
3051                 }
3052         }
3053 #endif
3054
3055 #ifndef OPENSSL_NO_DH
3056 /* These DH parameters have been generated as follows:
3057  *    $ openssl dhparam -C -noout 512
3058  *    $ openssl dhparam -C -noout 1024
3059  *    $ openssl dhparam -C -noout -dsaparam 1024
3060  * (The third function has been renamed to avoid name conflicts.)
3061  */
3062 static DH *get_dh512()
3063         {
3064         static unsigned char dh512_p[]={
3065                 0xCB,0xC8,0xE1,0x86,0xD0,0x1F,0x94,0x17,0xA6,0x99,0xF0,0xC6,
3066                 0x1F,0x0D,0xAC,0xB6,0x25,0x3E,0x06,0x39,0xCA,0x72,0x04,0xB0,
3067                 0x6E,0xDA,0xC0,0x61,0xE6,0x7A,0x77,0x25,0xE8,0x3B,0xB9,0x5F,
3068                 0x9A,0xB6,0xB5,0xFE,0x99,0x0B,0xA1,0x93,0x4E,0x35,0x33,0xB8,
3069                 0xE1,0xF1,0x13,0x4F,0x59,0x1A,0xD2,0x57,0xC0,0x26,0x21,0x33,
3070                 0x02,0xC5,0xAE,0x23,
3071                 };
3072         static unsigned char dh512_g[]={
3073                 0x02,
3074                 };
3075         DH *dh;
3076
3077         if ((dh=DH_new()) == NULL) return(NULL);
3078         dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
3079         dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
3080         if ((dh->p == NULL) || (dh->g == NULL))
3081                 { DH_free(dh); return(NULL); }
3082         return(dh);
3083         }
3084
3085 static DH *get_dh1024()
3086         {
3087         static unsigned char dh1024_p[]={
3088                 0xF8,0x81,0x89,0x7D,0x14,0x24,0xC5,0xD1,0xE6,0xF7,0xBF,0x3A,
3089                 0xE4,0x90,0xF4,0xFC,0x73,0xFB,0x34,0xB5,0xFA,0x4C,0x56,0xA2,
3090                 0xEA,0xA7,0xE9,0xC0,0xC0,0xCE,0x89,0xE1,0xFA,0x63,0x3F,0xB0,
3091                 0x6B,0x32,0x66,0xF1,0xD1,0x7B,0xB0,0x00,0x8F,0xCA,0x87,0xC2,
3092                 0xAE,0x98,0x89,0x26,0x17,0xC2,0x05,0xD2,0xEC,0x08,0xD0,0x8C,
3093                 0xFF,0x17,0x52,0x8C,0xC5,0x07,0x93,0x03,0xB1,0xF6,0x2F,0xB8,
3094                 0x1C,0x52,0x47,0x27,0x1B,0xDB,0xD1,0x8D,0x9D,0x69,0x1D,0x52,
3095                 0x4B,0x32,0x81,0xAA,0x7F,0x00,0xC8,0xDC,0xE6,0xD9,0xCC,0xC1,
3096                 0x11,0x2D,0x37,0x34,0x6C,0xEA,0x02,0x97,0x4B,0x0E,0xBB,0xB1,
3097                 0x71,0x33,0x09,0x15,0xFD,0xDD,0x23,0x87,0x07,0x5E,0x89,0xAB,
3098                 0x6B,0x7C,0x5F,0xEC,0xA6,0x24,0xDC,0x53,
3099                 };
3100         static unsigned char dh1024_g[]={
3101                 0x02,
3102                 };
3103         DH *dh;
3104
3105         if ((dh=DH_new()) == NULL) return(NULL);
3106         dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);