4dd7c8b47adcbfe435095df3c9dc5301f7a077d6
[openssl.git] / ssl / ssltest.c
1 /* ssl/ssltest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  * ECC cipher suite support in OpenSSL originally developed by 
114  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115  */
116 /* ====================================================================
117  * Copyright 2005 Nokia. All rights reserved.
118  *
119  * The portions of the attached software ("Contribution") is developed by
120  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121  * license.
122  *
123  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125  * support (see RFC 4279) to OpenSSL.
126  *
127  * No patent licenses or other rights except those expressly stated in
128  * the OpenSSL open source license shall be deemed granted or received
129  * expressly, by implication, estoppel, or otherwise.
130  *
131  * No assurances are provided by Nokia that the Contribution does not
132  * infringe the patent or other intellectual property rights of any third
133  * party or that the license provides you with all the necessary rights
134  * to make use of the Contribution.
135  *
136  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140  * OTHERWISE.
141  */
142
143 #define _BSD_SOURCE 1           /* Or gethostname won't be declared properly
144                                    on Linux and GNU platforms. */
145
146 #include <assert.h>
147 #include <errno.h>
148 #include <limits.h>
149 #include <stdio.h>
150 #include <stdlib.h>
151 #include <string.h>
152 #include <time.h>
153
154 #define USE_SOCKETS
155 #include "e_os.h"
156
157 #ifdef OPENSSL_SYS_VMS
158 #define _XOPEN_SOURCE 500       /* Or isascii won't be declared properly on
159                                    VMS (at least with DECompHP C).  */
160 #endif
161
162 #include <ctype.h>
163
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
172 #endif
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
177 #endif
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
180 #endif
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
183 #endif
184 #ifndef OPENSSL_NO_SRP
185 #include <openssl/srp.h>
186 #endif
187 #include <openssl/bn.h>
188
189 #define _XOPEN_SOURCE_EXTENDED  1 /* Or gethostname won't be declared properly
190                                      on Compaq platforms (at least with DEC C).
191                                      Do not try to put it earlier, or IPv6 includes
192                                      get screwed...
193                                   */
194
195 #ifdef OPENSSL_SYS_WINDOWS
196 #include <winsock.h>
197 #else
198 #include OPENSSL_UNISTD
199 #endif
200
201 #ifdef OPENSSL_SYS_VMS
202 #  define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
203 #  define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
204 #elif defined(OPENSSL_SYS_WINCE)
205 #  define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
206 #  define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
207 #elif defined(OPENSSL_SYS_NETWARE)
208 #  define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
209 #  define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
210 #else
211 #  define TEST_SERVER_CERT "../apps/server.pem"
212 #  define TEST_CLIENT_CERT "../apps/client.pem"
213 #endif
214
215 /* There is really no standard for this, so let's assign some tentative
216    numbers.  In any case, these numbers are only for this test */
217 #define COMP_RLE        255
218 #define COMP_ZLIB       1
219
220 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
221 #ifndef OPENSSL_NO_RSA
222 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
223 static void free_tmp_rsa(void);
224 #endif
225 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
226 #define APP_CALLBACK_STRING "Test Callback Argument"
227 struct app_verify_arg
228         {
229         char *string;
230         int app_verify;
231         int allow_proxy_certs;
232         char *proxy_auth;
233         char *proxy_cond;
234         };
235
236 #ifndef OPENSSL_NO_DH
237 static DH *get_dh512(void);
238 static DH *get_dh1024(void);
239 static DH *get_dh1024dsa(void);
240 #endif
241
242
243 static char *psk_key=NULL; /* by default PSK is not used */
244 #ifndef OPENSSL_NO_PSK
245 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
246         unsigned int max_identity_len, unsigned char *psk,
247         unsigned int max_psk_len);
248 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
249         unsigned int max_psk_len);
250 #endif
251
252 #ifndef OPENSSL_NO_SRP
253 /* SRP client */
254 /* This is a context that we pass to all callbacks */
255 typedef struct srp_client_arg_st
256         {
257         char *srppassin;
258         char *srplogin;
259         } SRP_CLIENT_ARG;
260
261 #define PWD_STRLEN 1024
262
263 static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
264         {
265         SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
266         return BUF_strdup((char *)srp_client_arg->srppassin);
267         }
268
269 /* SRP server */
270 /* This is a context that we pass to SRP server callbacks */
271 typedef struct srp_server_arg_st
272         {
273         char *expected_user;
274         char *pass;
275         } SRP_SERVER_ARG;
276
277 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
278         {
279         SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
280
281         if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
282                 {
283                 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
284                 return SSL3_AL_FATAL;
285                 }
286         if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
287                 {
288                 *ad = SSL_AD_INTERNAL_ERROR;
289                 return SSL3_AL_FATAL;
290                 }
291         return SSL_ERROR_NONE;
292         }
293 #endif
294
295 static BIO *bio_err=NULL;
296 static BIO *bio_stdout=NULL;
297
298 #ifndef OPENSSL_NO_NEXTPROTONEG
299 /* Note that this code assumes that this is only a one element list: */
300 static const char NEXT_PROTO_STRING[] = "\x09testproto";
301 int npn_client = 0;
302 int npn_server = 0;
303 int npn_server_reject = 0;
304
305 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
306         {
307         /* This callback only returns the protocol string, rather than a length
308            prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
309            remove the first byte to chop off the length prefix. */
310         *out = (unsigned char*) NEXT_PROTO_STRING + 1;
311         *outlen = sizeof(NEXT_PROTO_STRING) - 2;
312         return SSL_TLSEXT_ERR_OK;
313         }
314
315 static int cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
316         {
317         *data = (const unsigned char *) NEXT_PROTO_STRING;
318         *len = sizeof(NEXT_PROTO_STRING) - 1;
319         return SSL_TLSEXT_ERR_OK;
320         }
321
322 static int cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
323         {
324         return SSL_TLSEXT_ERR_NOACK;
325         }
326
327 static int verify_npn(SSL *client, SSL *server)
328         {
329         const unsigned char *client_s;
330         unsigned client_len;
331         const unsigned char *server_s;
332         unsigned server_len;
333
334         SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
335         SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
336
337         if (client_len)
338                 {
339                 BIO_printf(bio_stdout, "Client NPN: ");
340                 BIO_write(bio_stdout, client_s, client_len);
341                 BIO_printf(bio_stdout, "\n");
342                 }
343
344         if (server_len)
345                 {
346                 BIO_printf(bio_stdout, "Server NPN: ");
347                 BIO_write(bio_stdout, server_s, server_len);
348                 BIO_printf(bio_stdout, "\n");
349                 }
350
351         /* If an NPN string was returned, it must be the protocol that we
352          * expected to negotiate. */
353         if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
354                            memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
355                 return -1;
356         if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
357                            memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
358                 return -1;
359
360         if (!npn_client && client_len)
361                 return -1;
362         if (!npn_server && server_len)
363                 return -1;
364         if (npn_server_reject && server_len)
365                 return -1;
366         if (npn_client && npn_server && (!client_len || !server_len))
367                 return -1;
368
369         return 0;
370         }
371 #endif
372
373 static const char *alpn_client;
374 static const char *alpn_server;
375 static const char *alpn_expected;
376 static unsigned char *alpn_selected;
377
378 /* next_protos_parse parses a comma separated list of strings into a string
379  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
380  *   outlen: (output) set to the length of the resulting buffer on success.
381  *   err: (maybe NULL) on failure, an error message line is written to this BIO.
382  *   in: a NUL termianted string like "abc,def,ghi"
383  *
384  *   returns: a malloced buffer or NULL on failure.
385  */
386 static unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
387         {
388         size_t len;
389         unsigned char *out;
390         size_t i, start = 0;
391
392         len = strlen(in);
393         if (len >= 65535)
394                 return NULL;
395
396         out = OPENSSL_malloc(strlen(in) + 1);
397         if (!out)
398                 return NULL;
399
400         for (i = 0; i <= len; ++i)
401                 {
402                 if (i == len || in[i] == ',')
403                         {
404                         if (i - start > 255)
405                                 {
406                                 OPENSSL_free(out);
407                                 return NULL;
408                                 }
409                         out[start] = i - start;
410                         start = i + 1;
411                         }
412                 else
413                         out[i+1] = in[i];
414                 }
415
416         *outlen = len + 1;
417         return out;
418         }
419
420 static int cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
421         {
422         unsigned char *protos;
423         unsigned short protos_len;
424
425         protos = next_protos_parse(&protos_len, alpn_server);
426         if (protos == NULL)
427                 {
428                 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", alpn_server);
429                 abort();
430                 }
431
432         if (SSL_select_next_proto((unsigned char**) out, outlen, protos, protos_len, in, inlen) !=
433             OPENSSL_NPN_NEGOTIATED)
434                 {
435                 OPENSSL_free(protos);
436                 return SSL_TLSEXT_ERR_NOACK;
437                 }
438
439         /* Make a copy of the selected protocol which will be freed in verify_alpn. */
440         alpn_selected = OPENSSL_malloc(*outlen);
441         memcpy(alpn_selected, *out, *outlen);
442         *out = alpn_selected;
443
444         OPENSSL_free(protos);
445         return SSL_TLSEXT_ERR_OK;
446         }
447
448 static int verify_alpn(SSL *client, SSL *server)
449         {
450         const unsigned char *client_proto, *server_proto;
451         unsigned int client_proto_len = 0, server_proto_len = 0;
452         SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
453         SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
454
455         if (alpn_selected != NULL)
456                 {
457                 OPENSSL_free(alpn_selected);
458                 alpn_selected = NULL;
459                 }
460
461         if (client_proto_len != server_proto_len ||
462             memcmp(client_proto, server_proto, client_proto_len) != 0)
463                 {
464                 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
465                 goto err;
466                 }
467
468         if (client_proto_len > 0 && alpn_expected == NULL)
469                 {
470                 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
471                 goto err;
472                 }
473
474         if (alpn_expected != NULL &&
475             (client_proto_len != strlen(alpn_expected) ||
476              memcmp(client_proto, alpn_expected, client_proto_len) != 0))
477                 {
478                 BIO_printf(bio_stdout, "ALPN selected protocols not equal to expected protocol: %s\n", alpn_expected);
479                 goto err;
480                 }
481
482         return 0;
483
484 err:
485         BIO_printf(bio_stdout, "ALPN results: client: '");
486         BIO_write(bio_stdout, client_proto, client_proto_len);
487         BIO_printf(bio_stdout, "', server: '");
488         BIO_write(bio_stdout, server_proto, server_proto_len);
489         BIO_printf(bio_stdout, "'\n");
490         BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", alpn_client, alpn_server);
491         return -1;
492         }
493
494 #define SCT_EXT_TYPE 18
495
496 /* WARNING : below extension types are *NOT* IETF assigned, and 
497    could conflict if these types are reassigned and handled 
498    specially by OpenSSL in the future */
499 #define TACK_EXT_TYPE 62208
500 #define CUSTOM_EXT_TYPE_0 1000
501 #define CUSTOM_EXT_TYPE_1 1001
502 #define CUSTOM_EXT_TYPE_2 1002
503 #define CUSTOM_EXT_TYPE_3 1003
504
505 const char custom_ext_cli_string[] = "abc";
506 const char custom_ext_srv_string[] = "defg";
507
508 /* These set from cmdline */
509 char* serverinfo_file = NULL;
510 int serverinfo_sct = 0;
511 int serverinfo_tack = 0;
512
513 /* These set based on extension callbacks */
514 int serverinfo_sct_seen = 0;
515 int serverinfo_tack_seen = 0;
516 int serverinfo_other_seen = 0;
517
518 /* This set from cmdline */
519 int custom_ext = 0;
520
521 /* This set based on extension callbacks */
522 int custom_ext_error = 0;
523
524 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
525                                    const unsigned char *in, size_t inlen, 
526                                    int *al, void *arg)
527         {
528         if (ext_type == SCT_EXT_TYPE)
529                 serverinfo_sct_seen++;
530         else if (ext_type == TACK_EXT_TYPE)
531                 serverinfo_tack_seen++;
532         else
533                 serverinfo_other_seen++;
534         return 1;
535         }
536
537 static int verify_serverinfo()
538         {
539         if (serverinfo_sct != serverinfo_sct_seen)
540                 return -1;
541         if (serverinfo_tack != serverinfo_tack_seen)
542                 return -1;
543         if (serverinfo_other_seen)
544                 return -1;
545         return 0;
546         }
547
548 /* Four test cases for custom extensions:
549  * 0 - no ClientHello extension or ServerHello response
550  * 1 - ClientHello with "abc", no response
551  * 2 - ClientHello with "abc", empty response
552  * 3 - ClientHello with "abc", "defg" response
553  */
554
555 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
556                                      const unsigned char **out,
557                                      size_t *outlen, int *al, void *arg)
558         {
559         if (ext_type != CUSTOM_EXT_TYPE_0)
560                 custom_ext_error = 1;
561         return 0;  /* Don't send an extension */
562         }
563
564 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
565                                       const unsigned char *in,
566                                       size_t inlen, int *al,
567                                       void *arg)
568         {
569         return 1;
570         }
571
572 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
573                                      const unsigned char **out,
574                                      size_t *outlen, int *al, void *arg)
575         {
576         if (ext_type != CUSTOM_EXT_TYPE_1)
577                 custom_ext_error = 1;
578         *out = (const unsigned char*)custom_ext_cli_string;
579         *outlen = strlen(custom_ext_cli_string);
580         return 1; /* Send "abc" */
581         }
582
583 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
584                                       const unsigned char *in,
585                                       size_t inlen, int *al,
586                                       void *arg)
587         {
588         return 1;
589         }
590
591 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
592                                      const unsigned char **out,
593                                      size_t *outlen, int *al, void *arg)
594         {
595         if (ext_type != CUSTOM_EXT_TYPE_2)
596                 custom_ext_error = 1;
597         *out = (const unsigned char*)custom_ext_cli_string;
598         *outlen = strlen(custom_ext_cli_string);
599         return 1; /* Send "abc" */
600         }
601
602 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
603                                       const unsigned char *in,
604                                       size_t inlen, int *al,
605                                       void *arg)
606         {
607         if (ext_type != CUSTOM_EXT_TYPE_2)
608                 custom_ext_error = 1;
609         if (inlen != 0)
610                 custom_ext_error = 1; /* Should be empty response */
611         return 1;
612         }
613
614 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
615                                      const unsigned char **out,
616                                      size_t *outlen, int *al, void *arg)
617         {
618         if (ext_type != CUSTOM_EXT_TYPE_3)
619                 custom_ext_error = 1;
620         *out = (const unsigned char*)custom_ext_cli_string;
621         *outlen = strlen(custom_ext_cli_string);
622         return 1; /* Send "abc" */
623         }
624
625 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
626                                       const unsigned char *in,
627                                       size_t inlen, int *al,
628                                       void *arg)
629         {
630         if (ext_type != CUSTOM_EXT_TYPE_3)
631                 custom_ext_error = 1;
632         if (inlen != strlen(custom_ext_srv_string))
633                 custom_ext_error = 1;
634         if (memcmp(custom_ext_srv_string, in, inlen) != 0)
635                 custom_ext_error = 1; /* Check for "defg" */
636         return 1;
637         }
638
639 /* custom_ext_0_cli_parse_cb returns -1 - the server won't receive a callback for this extension */
640 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
641                                      const unsigned char *in,
642                                      size_t inlen, int *al,
643                                      void *arg)
644         {
645         return 1;
646         }
647
648 /* 'generate' callbacks are always called, even if the 'receive' callback isn't called */
649 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
650                                       const unsigned char **out,
651                                       size_t *outlen, int *al, void *arg)
652         {
653         return 0; /* Don't send an extension */
654         }
655
656 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
657                                 const unsigned char *in,
658                                 size_t inlen, int *al,
659                                 void *arg)
660         {
661         if (ext_type != CUSTOM_EXT_TYPE_1)
662                 custom_ext_error = 1;           
663          /* Check for "abc" */
664         if (inlen != strlen(custom_ext_cli_string))
665                 custom_ext_error = 1;
666         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
667                 custom_ext_error = 1;
668         return 1;
669         }
670
671 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
672                                       const unsigned char **out,
673                                       size_t *outlen, int *al, void *arg)
674         {
675         return 0; /* Don't send an extension */
676         }
677
678 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
679                                      const unsigned char *in,
680                                      size_t inlen, int *al,
681                                      void *arg)
682         {
683         if (ext_type != CUSTOM_EXT_TYPE_2)
684                 custom_ext_error = 1;           
685          /* Check for "abc" */
686         if (inlen != strlen(custom_ext_cli_string))
687                 custom_ext_error = 1;
688         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
689                 custom_ext_error = 1;
690         return 1;
691         }
692
693 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
694                                       const unsigned char **out,
695                                       size_t *outlen, int *al, void *arg)
696         {
697         *out = NULL;
698         *outlen = 0;
699         return 1; /* Send empty extension */
700         }
701
702 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
703                                      const unsigned char *in,
704                                      size_t inlen, int *al,
705                                      void *arg)
706         {
707         if (ext_type != CUSTOM_EXT_TYPE_3)
708                 custom_ext_error = 1;           
709          /* Check for "abc" */  
710         if (inlen != strlen(custom_ext_cli_string))
711                 custom_ext_error = 1;
712         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
713                 custom_ext_error = 1;
714         return 1;
715         }
716
717 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
718                                       const unsigned char **out,
719                                       size_t *outlen, int *al, void *arg)
720         {
721         *out = (const unsigned char*)custom_ext_srv_string;
722         *outlen = strlen(custom_ext_srv_string);
723         return 1; /* Send "defg" */
724         }
725
726 static char *cipher=NULL;
727 static int verbose=0;
728 static int debug=0;
729 #if 0
730 /* Not used yet. */
731 #ifdef FIONBIO
732 static int s_nbio=0;
733 #endif
734 #endif
735
736 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
737
738 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
739 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
740 static int do_test_cipherlist(void);
741 static void sv_usage(void)
742         {
743         fprintf(stderr,"usage: ssltest [args ...]\n");
744         fprintf(stderr,"\n");
745 #ifdef OPENSSL_FIPS
746         fprintf(stderr,"-F             - run test in FIPS mode\n");
747 #endif
748         fprintf(stderr," -server_auth  - check server certificate\n");
749         fprintf(stderr," -client_auth  - do client authentication\n");
750         fprintf(stderr," -proxy        - allow proxy certificates\n");
751         fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
752         fprintf(stderr," -proxy_cond <val> - experssion to test proxy policy rights\n");
753         fprintf(stderr," -v            - more output\n");
754         fprintf(stderr," -d            - debug output\n");
755         fprintf(stderr," -reuse        - use session-id reuse\n");
756         fprintf(stderr," -num <val>    - number of connections to perform\n");
757         fprintf(stderr," -bytes <val>  - number of bytes to swap between client/server\n");
758 #ifndef OPENSSL_NO_DH
759         fprintf(stderr," -dhe1024      - use 1024 bit key (safe prime) for DHE\n");
760         fprintf(stderr," -dhe1024dsa   - use 1024 bit key (with 160-bit subprime) for DHE\n");
761         fprintf(stderr," -no_dhe       - disable DHE\n");
762 #endif
763 #ifndef OPENSSL_NO_ECDH
764         fprintf(stderr," -no_ecdhe     - disable ECDHE\n");
765 #endif
766 #ifndef OPENSSL_NO_PSK
767         fprintf(stderr," -psk arg      - PSK in hex (without 0x)\n");
768 #endif
769 #ifndef OPENSSL_NO_SRP
770         fprintf(stderr," -srpuser user  - SRP username to use\n");
771         fprintf(stderr," -srppass arg   - password for 'user'\n");
772 #endif
773 #ifndef OPENSSL_NO_SSL2
774         fprintf(stderr," -ssl2         - use SSLv2\n");
775 #endif
776 #ifndef OPENSSL_NO_SSL3
777         fprintf(stderr," -ssl3         - use SSLv3\n");
778 #endif
779 #ifndef OPENSSL_NO_TLS1
780         fprintf(stderr," -tls1         - use TLSv1\n");
781 #endif
782         fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
783         fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
784         fprintf(stderr," -cert arg     - Server certificate file\n");
785         fprintf(stderr," -key arg      - Server key file (default: same as -cert)\n");
786         fprintf(stderr," -c_cert arg   - Client certificate file\n");
787         fprintf(stderr," -c_key arg    - Client key file (default: same as -c_cert)\n");
788         fprintf(stderr," -cipher arg   - The cipher list\n");
789         fprintf(stderr," -bio_pair     - Use BIO pairs\n");
790         fprintf(stderr," -f            - Test even cases that can't work\n");
791         fprintf(stderr," -time         - measure processor time used by client and server\n");
792         fprintf(stderr," -zlib         - use zlib compression\n");
793         fprintf(stderr," -rle          - use rle compression\n");
794 #ifndef OPENSSL_NO_ECDH
795         fprintf(stderr," -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n" \
796                        "                 Use \"openssl ecparam -list_curves\" for all names\n"  \
797                        "                 (default is sect163r2).\n");
798 #endif
799         fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
800 #ifndef OPENSSL_NO_NEXTPROTONEG
801         fprintf(stderr," -npn_client - have client side offer NPN\n");
802         fprintf(stderr," -npn_server - have server side offer NPN\n");
803         fprintf(stderr," -npn_server_reject - have server reject NPN\n");
804 #endif
805         fprintf(stderr," -serverinfo_file file - have server use this file\n");
806         fprintf(stderr," -serverinfo_sct  - have client offer and expect SCT\n");
807         fprintf(stderr," -serverinfo_tack - have client offer and expect TACK\n");
808         fprintf(stderr," -custom_ext - try various custom extension callbacks\n");
809         fprintf(stderr," -alpn_client <string> - have client side offer ALPN\n");
810         fprintf(stderr," -alpn_server <string> - have server side offer ALPN\n");
811         fprintf(stderr," -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
812         }
813
814 static void print_details(SSL *c_ssl, const char *prefix)
815         {
816         const SSL_CIPHER *ciph;
817         X509 *cert;
818                 
819         ciph=SSL_get_current_cipher(c_ssl);
820         BIO_printf(bio_stdout,"%s%s, cipher %s %s",
821                 prefix,
822                 SSL_get_version(c_ssl),
823                 SSL_CIPHER_get_version(ciph),
824                 SSL_CIPHER_get_name(ciph));
825         cert=SSL_get_peer_certificate(c_ssl);
826         if (cert != NULL)
827                 {
828                 EVP_PKEY *pkey = X509_get_pubkey(cert);
829                 if (pkey != NULL)
830                         {
831                         if (0) 
832                                 ;
833 #ifndef OPENSSL_NO_RSA
834                         else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
835                                 && pkey->pkey.rsa->n != NULL)
836                                 {
837                                 BIO_printf(bio_stdout, ", %d bit RSA",
838                                         BN_num_bits(pkey->pkey.rsa->n));
839                                 }
840 #endif
841 #ifndef OPENSSL_NO_DSA
842                         else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
843                                 && pkey->pkey.dsa->p != NULL)
844                                 {
845                                 BIO_printf(bio_stdout, ", %d bit DSA",
846                                         BN_num_bits(pkey->pkey.dsa->p));
847                                 }
848 #endif
849                         EVP_PKEY_free(pkey);
850                         }
851                 X509_free(cert);
852                 }
853         /* The SSL API does not allow us to look at temporary RSA/DH keys,
854          * otherwise we should print their lengths too */
855         BIO_printf(bio_stdout,"\n");
856         }
857
858 static void lock_dbg_cb(int mode, int type, const char *file, int line)
859         {
860         static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
861         const char *errstr = NULL;
862         int rw;
863         
864         rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
865         if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
866                 {
867                 errstr = "invalid mode";
868                 goto err;
869                 }
870
871         if (type < 0 || type >= CRYPTO_NUM_LOCKS)
872                 {
873                 errstr = "type out of bounds";
874                 goto err;
875                 }
876
877         if (mode & CRYPTO_LOCK)
878                 {
879                 if (modes[type])
880                         {
881                         errstr = "already locked";
882                         /* must not happen in a single-threaded program
883                          * (would deadlock) */
884                         goto err;
885                         }
886
887                 modes[type] = rw;
888                 }
889         else if (mode & CRYPTO_UNLOCK)
890                 {
891                 if (!modes[type])
892                         {
893                         errstr = "not locked";
894                         goto err;
895                         }
896                 
897                 if (modes[type] != rw)
898                         {
899                         errstr = (rw == CRYPTO_READ) ?
900                                 "CRYPTO_r_unlock on write lock" :
901                                 "CRYPTO_w_unlock on read lock";
902                         }
903
904                 modes[type] = 0;
905                 }
906         else
907                 {
908                 errstr = "invalid mode";
909                 goto err;
910                 }
911
912  err:
913         if (errstr)
914                 {
915                 /* we cannot use bio_err here */
916                 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
917                         errstr, mode, type, file, line);
918                 }
919         }
920
921 #ifdef TLSEXT_TYPE_opaque_prf_input
922 struct cb_info_st { void *input; size_t len; int ret; };
923 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
924 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
925 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
926 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
927
928 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
929         {
930         struct cb_info_st *arg = arg_;
931
932         if (arg == NULL)
933                 return 1;
934         
935         if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
936                 return 0;
937         return arg->ret;
938         }
939 #endif
940
941 int main(int argc, char *argv[])
942         {
943         char *CApath=NULL,*CAfile=NULL;
944         int badop=0;
945         int bio_pair=0;
946         int force=0;
947         int tls1=0,ssl2=0,ssl3=0,ret=1;
948         int client_auth=0;
949         int server_auth=0,i;
950         struct app_verify_arg app_verify_arg =
951                 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
952         char *server_cert=TEST_SERVER_CERT;
953         char *server_key=NULL;
954         char *client_cert=TEST_CLIENT_CERT;
955         char *client_key=NULL;
956 #ifndef OPENSSL_NO_ECDH
957         char *named_curve = NULL;
958 #endif
959         SSL_CTX *s_ctx=NULL;
960         SSL_CTX *c_ctx=NULL;
961         const SSL_METHOD *meth=NULL;
962         SSL *c_ssl,*s_ssl;
963         int number=1,reuse=0;
964         long bytes=256L;
965 #ifndef OPENSSL_NO_DH
966         DH *dh;
967         int dhe1024 = 0, dhe1024dsa = 0;
968 #endif
969 #ifndef OPENSSL_NO_ECDH
970         EC_KEY *ecdh = NULL;
971 #endif
972 #ifndef OPENSSL_NO_SRP
973         /* client */
974         SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
975         /* server */
976         SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
977 #endif
978         int no_dhe = 0;
979         int no_ecdhe = 0;
980         int no_psk = 0;
981         int print_time = 0;
982         clock_t s_time = 0, c_time = 0;
983 #ifndef OPENSSL_NO_COMP
984         int comp = 0;
985         COMP_METHOD *cm = NULL;
986         STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
987 #endif
988         int test_cipherlist = 0;
989 #ifdef OPENSSL_FIPS
990         int fips_mode=0;
991 #endif
992
993         verbose = 0;
994         debug = 0;
995         cipher = 0;
996
997         bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);     
998
999         CRYPTO_set_locking_callback(lock_dbg_cb);
1000
1001         /* enable memory leak checking unless explicitly disabled */
1002         if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
1003                 {
1004                 CRYPTO_malloc_debug_init();
1005                 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1006                 }
1007         else
1008                 {
1009                 /* OPENSSL_DEBUG_MEMORY=off */
1010                 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1011                 }
1012         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1013
1014         RAND_seed(rnd_seed, sizeof rnd_seed);
1015
1016         bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
1017
1018         argc--;
1019         argv++;
1020
1021         while (argc >= 1)
1022                 {
1023                 if(!strcmp(*argv,"-F"))
1024                         {
1025 #ifdef OPENSSL_FIPS
1026                         fips_mode=1;
1027 #else
1028                         fprintf(stderr,"not compiled with FIPS support, so exitting without running.\n");
1029                         EXIT(0);
1030 #endif
1031                         }
1032                 else if (strcmp(*argv,"-server_auth") == 0)
1033                         server_auth=1;
1034                 else if (strcmp(*argv,"-client_auth") == 0)
1035                         client_auth=1;
1036                 else if (strcmp(*argv,"-proxy_auth") == 0)
1037                         {
1038                         if (--argc < 1) goto bad;
1039                         app_verify_arg.proxy_auth= *(++argv);
1040                         }
1041                 else if (strcmp(*argv,"-proxy_cond") == 0)
1042                         {
1043                         if (--argc < 1) goto bad;
1044                         app_verify_arg.proxy_cond= *(++argv);
1045                         }
1046                 else if (strcmp(*argv,"-v") == 0)
1047                         verbose=1;
1048                 else if (strcmp(*argv,"-d") == 0)
1049                         debug=1;
1050                 else if (strcmp(*argv,"-reuse") == 0)
1051                         reuse=1;
1052                 else if (strcmp(*argv,"-dhe1024") == 0)
1053                         {
1054 #ifndef OPENSSL_NO_DH
1055                         dhe1024=1;
1056 #else
1057                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1058 #endif
1059                         }
1060                 else if (strcmp(*argv,"-dhe1024dsa") == 0)
1061                         {
1062 #ifndef OPENSSL_NO_DH
1063                         dhe1024dsa=1;
1064 #else
1065                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1066 #endif
1067                         }
1068                 else if (strcmp(*argv,"-no_dhe") == 0)
1069                         no_dhe=1;
1070                 else if (strcmp(*argv,"-no_ecdhe") == 0)
1071                         no_ecdhe=1;
1072                 else if (strcmp(*argv,"-psk") == 0)
1073                         {
1074                         if (--argc < 1) goto bad;
1075                         psk_key=*(++argv);
1076 #ifndef OPENSSL_NO_PSK
1077                         if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
1078                                 {
1079                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1080                                 goto bad;
1081                                 }
1082 #else
1083                         no_psk=1;
1084 #endif
1085                         }
1086 #ifndef OPENSSL_NO_SRP
1087                 else if (strcmp(*argv,"-srpuser") == 0)
1088                         {
1089                         if (--argc < 1) goto bad;
1090                         srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
1091                         tls1=1;
1092                         }
1093                 else if (strcmp(*argv,"-srppass") == 0)
1094                         {
1095                         if (--argc < 1) goto bad;
1096                         srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
1097                         tls1=1;
1098                         }
1099 #endif
1100                 else if (strcmp(*argv,"-ssl2") == 0)
1101                         ssl2=1;
1102                 else if (strcmp(*argv,"-tls1") == 0)
1103                         tls1=1;
1104                 else if (strcmp(*argv,"-ssl3") == 0)
1105                         ssl3=1;
1106                 else if (strncmp(*argv,"-num",4) == 0)
1107                         {
1108                         if (--argc < 1) goto bad;
1109                         number= atoi(*(++argv));
1110                         if (number == 0) number=1;
1111                         }
1112                 else if (strcmp(*argv,"-bytes") == 0)
1113                         {
1114                         if (--argc < 1) goto bad;
1115                         bytes= atol(*(++argv));
1116                         if (bytes == 0L) bytes=1L;
1117                         i=strlen(argv[0]);
1118                         if (argv[0][i-1] == 'k') bytes*=1024L;
1119                         if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
1120                         }
1121                 else if (strcmp(*argv,"-cert") == 0)
1122                         {
1123                         if (--argc < 1) goto bad;
1124                         server_cert= *(++argv);
1125                         }
1126                 else if (strcmp(*argv,"-s_cert") == 0)
1127                         {
1128                         if (--argc < 1) goto bad;
1129                         server_cert= *(++argv);
1130                         }
1131                 else if (strcmp(*argv,"-key") == 0)
1132                         {
1133                         if (--argc < 1) goto bad;
1134                         server_key= *(++argv);
1135                         }
1136                 else if (strcmp(*argv,"-s_key") == 0)
1137                         {
1138                         if (--argc < 1) goto bad;
1139                         server_key= *(++argv);
1140                         }
1141                 else if (strcmp(*argv,"-c_cert") == 0)
1142                         {
1143                         if (--argc < 1) goto bad;
1144                         client_cert= *(++argv);
1145                         }
1146                 else if (strcmp(*argv,"-c_key") == 0)
1147                         {
1148                         if (--argc < 1) goto bad;
1149                         client_key= *(++argv);
1150                         }
1151                 else if (strcmp(*argv,"-cipher") == 0)
1152                         {
1153                         if (--argc < 1) goto bad;
1154                         cipher= *(++argv);
1155                         }
1156                 else if (strcmp(*argv,"-CApath") == 0)
1157                         {
1158                         if (--argc < 1) goto bad;
1159                         CApath= *(++argv);
1160                         }
1161                 else if (strcmp(*argv,"-CAfile") == 0)
1162                         {
1163                         if (--argc < 1) goto bad;
1164                         CAfile= *(++argv);
1165                         }
1166                 else if (strcmp(*argv,"-bio_pair") == 0)
1167                         {
1168                         bio_pair = 1;
1169                         }
1170                 else if (strcmp(*argv,"-f") == 0)
1171                         {
1172                         force = 1;
1173                         }
1174                 else if (strcmp(*argv,"-time") == 0)
1175                         {
1176                         print_time = 1;
1177                         }
1178 #ifndef OPENSSL_NO_COMP
1179                 else if (strcmp(*argv,"-zlib") == 0)
1180                         {
1181                         comp = COMP_ZLIB;
1182                         }
1183                 else if (strcmp(*argv,"-rle") == 0)
1184                         {
1185                         comp = COMP_RLE;
1186                         }
1187 #endif
1188                 else if (strcmp(*argv,"-named_curve") == 0)
1189                         {
1190                         if (--argc < 1) goto bad;
1191 #ifndef OPENSSL_NO_ECDH         
1192                         named_curve = *(++argv);
1193 #else
1194                         fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
1195                         ++argv;
1196 #endif
1197                         }
1198                 else if (strcmp(*argv,"-app_verify") == 0)
1199                         {
1200                         app_verify_arg.app_verify = 1;
1201                         }
1202                 else if (strcmp(*argv,"-proxy") == 0)
1203                         {
1204                         app_verify_arg.allow_proxy_certs = 1;
1205                         }
1206                 else if (strcmp(*argv,"-test_cipherlist") == 0)
1207                         {
1208                         test_cipherlist = 1;
1209                         }
1210 #ifndef OPENSSL_NO_NEXTPROTONEG
1211                 else if (strcmp(*argv,"-npn_client") == 0)
1212                         {
1213                         npn_client = 1;
1214                         }
1215                 else if (strcmp(*argv,"-npn_server") == 0)
1216                         {
1217                         npn_server = 1;
1218                         }
1219                 else if (strcmp(*argv,"-npn_server_reject") == 0)
1220                         {
1221                         npn_server_reject = 1;
1222                         }
1223 #endif
1224                 else if (strcmp(*argv,"-serverinfo_sct") == 0)
1225                         {
1226                         serverinfo_sct = 1;
1227                         }
1228                 else if (strcmp(*argv,"-serverinfo_tack") == 0)
1229                         {
1230                         serverinfo_tack = 1;
1231                         }
1232                 else if (strcmp(*argv,"-serverinfo_file") == 0)
1233                         {
1234                         if (--argc < 1) goto bad;
1235                         serverinfo_file = *(++argv);
1236                         }
1237                 else if (strcmp(*argv,"-custom_ext") == 0)
1238                         {
1239                         custom_ext = 1;
1240                         }
1241                 else if (strcmp(*argv,"-alpn_client") == 0)
1242                         {
1243                         if (--argc < 1) goto bad;
1244                         alpn_client = *(++argv);
1245                         }
1246                 else if (strcmp(*argv,"-alpn_server") == 0)
1247                         {
1248                         if (--argc < 1) goto bad;
1249                         alpn_server = *(++argv);
1250                         }
1251                 else if (strcmp(*argv,"-alpn_expected") == 0)
1252                         {
1253                         if (--argc < 1) goto bad;
1254                         alpn_expected = *(++argv);
1255                         }
1256                 else
1257                         {
1258                         fprintf(stderr,"unknown option %s\n",*argv);
1259                         badop=1;
1260                         break;
1261                         }
1262                 argc--;
1263                 argv++;
1264                 }
1265         if (badop)
1266                 {
1267 bad:
1268                 sv_usage();
1269                 goto end;
1270                 }
1271
1272         if (test_cipherlist == 1)
1273                 {
1274                 /* ensure that the cipher list are correctly sorted and exit */
1275                 if (do_test_cipherlist() == 0)
1276                         EXIT(1);
1277                 ret = 0;
1278                 goto end;
1279                 }
1280
1281         if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
1282                 {
1283                 fprintf(stderr, "This case cannot work.  Use -f to perform "
1284                         "the test anyway (and\n-d to see what happens), "
1285                         "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
1286                         "to avoid protocol mismatch.\n");
1287                 EXIT(1);
1288                 }
1289
1290 #ifdef OPENSSL_FIPS
1291         if(fips_mode)
1292                 {
1293                 if(!FIPS_mode_set(1))
1294                         {
1295                         ERR_load_crypto_strings();
1296                         ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
1297                         EXIT(1);
1298                         }
1299                 else
1300                         fprintf(stderr,"*** IN FIPS MODE ***\n");
1301                 }
1302 #endif
1303
1304         if (print_time)
1305                 {
1306                 if (!bio_pair)
1307                         {
1308                         fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1309                         bio_pair = 1;
1310                         }
1311                 if (number < 50 && !force)
1312                         fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1313                 }
1314
1315 /*      if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1316
1317         SSL_library_init();
1318         SSL_load_error_strings();
1319
1320 #ifndef OPENSSL_NO_COMP
1321         if (comp == COMP_ZLIB) cm = COMP_zlib();
1322         if (comp == COMP_RLE) cm = COMP_rle();
1323         if (cm != NULL)
1324                 {
1325                 if (cm->type != NID_undef)
1326                         {
1327                         if (SSL_COMP_add_compression_method(comp, cm) != 0)
1328                                 {
1329                                 fprintf(stderr,
1330                                         "Failed to add compression method\n");
1331                                 ERR_print_errors_fp(stderr);
1332                                 }
1333                         }
1334                 else
1335                         {
1336                         fprintf(stderr,
1337                                 "Warning: %s compression not supported\n",
1338                                 (comp == COMP_RLE ? "rle" :
1339                                         (comp == COMP_ZLIB ? "zlib" :
1340                                                 "unknown")));
1341                         ERR_print_errors_fp(stderr);
1342                         }
1343                 }
1344         ssl_comp_methods = SSL_COMP_get_compression_methods();
1345         fprintf(stderr, "Available compression methods:\n");
1346         {
1347         int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1348         if (n == 0)
1349                 fprintf(stderr, "  NONE\n");
1350         else
1351                 for (j = 0; j < n; j++)
1352                         {
1353                         SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1354                         fprintf(stderr, "  %d: %s\n", c->id, c->name);
1355                         }
1356         }
1357 #endif
1358
1359 #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
1360         if (ssl2)
1361                 meth=SSLv2_method();
1362         else 
1363         if (tls1)
1364                 meth=TLSv1_method();
1365         else
1366         if (ssl3)
1367                 meth=SSLv3_method();
1368         else
1369                 meth=SSLv23_method();
1370 #else
1371 #ifdef OPENSSL_NO_SSL2
1372         if (tls1)
1373                 meth=TLSv1_method();
1374         else
1375         if (ssl3)
1376                 meth=SSLv3_method();
1377         else
1378                 meth=SSLv23_method();
1379 #else
1380         meth=SSLv2_method();
1381 #endif
1382 #endif
1383
1384         c_ctx=SSL_CTX_new(meth);
1385         s_ctx=SSL_CTX_new(meth);
1386         if ((c_ctx == NULL) || (s_ctx == NULL))
1387                 {
1388                 ERR_print_errors(bio_err);
1389                 goto end;
1390                 }
1391         /* Since we will use low security ciphersuites and keys for
1392          * testing set security level to zero.
1393          */
1394         SSL_CTX_set_security_level(c_ctx, 0);
1395         SSL_CTX_set_security_level(s_ctx, 0);
1396
1397         if (cipher != NULL)
1398                 {
1399                 SSL_CTX_set_cipher_list(c_ctx,cipher);
1400                 SSL_CTX_set_cipher_list(s_ctx,cipher);
1401                 }
1402
1403 #ifndef OPENSSL_NO_DH
1404         if (!no_dhe)
1405                 {
1406                 if (dhe1024dsa)
1407                         {
1408                         /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
1409                         SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1410                         dh=get_dh1024dsa();
1411                         }
1412                 else if (dhe1024)
1413                         dh=get_dh1024();
1414                 else
1415                         dh=get_dh512();
1416                 SSL_CTX_set_tmp_dh(s_ctx,dh);
1417                 DH_free(dh);
1418                 }
1419 #else
1420         (void)no_dhe;
1421 #endif
1422
1423 #ifndef OPENSSL_NO_ECDH
1424         if (!no_ecdhe)
1425                 {
1426                 int nid;
1427
1428                 if (named_curve != NULL)
1429                         {
1430                         nid = OBJ_sn2nid(named_curve);
1431                         if (nid == 0)
1432                         {
1433                                 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1434                                 goto end;
1435                                 }
1436                         }
1437                 else
1438 #ifdef OPENSSL_NO_EC2M
1439                         nid = NID_X9_62_prime256v1;
1440 #else
1441                         nid = NID_sect163r2;
1442 #endif
1443
1444                 ecdh = EC_KEY_new_by_curve_name(nid);
1445                 if (ecdh == NULL)
1446                         {
1447                         BIO_printf(bio_err, "unable to create curve\n");
1448                         goto end;
1449                         }
1450
1451                 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1452                 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1453                 EC_KEY_free(ecdh);
1454                 }
1455 #else
1456         (void)no_ecdhe;
1457 #endif
1458
1459 #ifndef OPENSSL_NO_RSA
1460         SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
1461 #endif
1462
1463 #ifdef TLSEXT_TYPE_opaque_prf_input
1464         SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1465         SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1466         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
1467         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
1468 #endif
1469
1470         if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
1471                 {
1472                 ERR_print_errors(bio_err);
1473                 }
1474         else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1475                 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
1476                 {
1477                 ERR_print_errors(bio_err);
1478                 goto end;
1479                 }
1480
1481         if (client_auth)
1482                 {
1483                 SSL_CTX_use_certificate_file(c_ctx,client_cert,
1484                         SSL_FILETYPE_PEM);
1485                 SSL_CTX_use_PrivateKey_file(c_ctx,
1486                         (client_key?client_key:client_cert),
1487                         SSL_FILETYPE_PEM);
1488                 }
1489
1490         if (    (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
1491                 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1492                 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
1493                 (!SSL_CTX_set_default_verify_paths(c_ctx)))
1494                 {
1495                 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1496                 ERR_print_errors(bio_err);
1497                 /* goto end; */
1498                 }
1499
1500         if (client_auth)
1501                 {
1502                 BIO_printf(bio_err,"client authentication\n");
1503                 SSL_CTX_set_verify(s_ctx,
1504                         SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1505                         verify_callback);
1506                 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1507                 }
1508         if (server_auth)
1509                 {
1510                 BIO_printf(bio_err,"server authentication\n");
1511                 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1512                         verify_callback);
1513                 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1514                 }
1515         
1516         {
1517                 int session_id_context = 0;
1518                 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1519         }
1520
1521         /* Use PSK only if PSK key is given */
1522         if (psk_key != NULL)
1523                 {
1524                 /* no_psk is used to avoid putting psk command to openssl tool */
1525                 if (no_psk)
1526                         {
1527                         /* if PSK is not compiled in and psk key is
1528                          * given, do nothing and exit successfully */
1529                         ret=0;
1530                         goto end;
1531                         }
1532 #ifndef OPENSSL_NO_PSK
1533                 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1534                 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1535                 if (debug)
1536                         BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1537                 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1538                         {
1539                         BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1540                         ERR_print_errors(bio_err);
1541                         goto end;
1542                         }
1543 #endif
1544                 }
1545 #ifndef OPENSSL_NO_SRP
1546         if (srp_client_arg.srplogin)
1547                 {
1548                 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
1549                         {
1550                         BIO_printf(bio_err,"Unable to set SRP username\n");
1551                         goto end;
1552                         }
1553                 SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
1554                 SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
1555                 /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
1556                 }
1557
1558         if (srp_server_arg.expected_user != NULL)
1559                 {
1560                 SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
1561                 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1562                 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1563                 }
1564 #endif
1565
1566 #ifndef OPENSSL_NO_NEXTPROTONEG
1567         if (npn_client)
1568                 {
1569                 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1570                 }
1571         if (npn_server)
1572                 {
1573                 if (npn_server_reject)
1574                         {
1575                         BIO_printf(bio_err, "Can't have both -npn_server and -npn_server_reject\n");
1576                         goto end;
1577                         }
1578                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1579                 }
1580         if (npn_server_reject)
1581                 {
1582                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1583                 }
1584 #endif
1585
1586         if (serverinfo_sct)
1587                 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1588                                               NULL, NULL, NULL,
1589                                               serverinfo_cli_parse_cb, NULL);
1590         if (serverinfo_tack)
1591                 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1592                                               NULL, NULL, NULL,
1593                                               serverinfo_cli_parse_cb, NULL);
1594
1595         if (serverinfo_file)
1596                 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file))
1597                         {
1598                         BIO_printf(bio_err, "missing serverinfo file\n");
1599                         goto end;
1600                         }
1601
1602         if (custom_ext)
1603                 {
1604                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0, 
1605                                               custom_ext_0_cli_add_cb,
1606                                               NULL, NULL,
1607                                               custom_ext_0_cli_parse_cb, NULL);
1608                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1, 
1609                                               custom_ext_1_cli_add_cb,
1610                                               NULL, NULL,
1611                                               custom_ext_1_cli_parse_cb, NULL);
1612                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2, 
1613                                               custom_ext_2_cli_add_cb,
1614                                               NULL, NULL,
1615                                               custom_ext_2_cli_parse_cb, NULL);
1616                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3, 
1617                                               custom_ext_3_cli_add_cb,
1618                                               NULL, NULL,
1619                                               custom_ext_3_cli_parse_cb, NULL);
1620
1621
1622                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0, 
1623                                               custom_ext_0_srv_add_cb,
1624                                               NULL, NULL,
1625                                               custom_ext_0_srv_parse_cb, NULL);
1626                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1, 
1627                                               custom_ext_1_srv_add_cb,
1628                                               NULL, NULL,
1629                                               custom_ext_1_srv_parse_cb, NULL);
1630                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2, 
1631                                               custom_ext_2_srv_add_cb,
1632                                               NULL, NULL,
1633                                               custom_ext_2_srv_parse_cb, NULL);
1634                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3, 
1635                                               custom_ext_3_srv_add_cb,
1636                                               NULL, NULL,
1637                                               custom_ext_3_srv_parse_cb, NULL);
1638                 }
1639
1640         if (alpn_server)
1641                 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1642
1643         if (alpn_client)
1644                 {
1645                 unsigned short alpn_len;
1646                 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1647
1648                 if (alpn == NULL)
1649                         {
1650                         BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1651                         goto end;
1652                         }
1653                 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1654                 OPENSSL_free(alpn);
1655                 }
1656
1657         c_ssl=SSL_new(c_ctx);
1658         s_ssl=SSL_new(s_ctx);
1659
1660 #ifndef OPENSSL_NO_KRB5
1661         if (c_ssl  &&  c_ssl->kssl_ctx)
1662                 {
1663                 char    localhost[MAXHOSTNAMELEN+2];
1664
1665                 if (gethostname(localhost, sizeof localhost-1) == 0)
1666                         {
1667                         localhost[sizeof localhost-1]='\0';
1668                         if(strlen(localhost) == sizeof localhost-1)
1669                                 {
1670                                 BIO_printf(bio_err,"localhost name too long\n");
1671                                 goto end;
1672                                 }
1673                         kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1674                                 localhost);
1675                         }
1676                 }
1677 #endif    /* OPENSSL_NO_KRB5  */
1678
1679         for (i=0; i<number; i++)
1680                 {
1681                 if (!reuse) SSL_set_session(c_ssl,NULL);
1682                 if (bio_pair)
1683                         ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1684                 else
1685                         ret=doit(s_ssl,c_ssl,bytes);
1686                 }
1687
1688         if (!verbose)
1689                 {
1690                 print_details(c_ssl, "");
1691                 }
1692         if ((number > 1) || (bytes > 1L))
1693                 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1694         if (print_time)
1695                 {
1696 #ifdef CLOCKS_PER_SEC
1697                 /* "To determine the time in seconds, the value returned
1698                  * by the clock function should be divided by the value
1699                  * of the macro CLOCKS_PER_SEC."
1700                  *                                       -- ISO/IEC 9899 */
1701                 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1702                         "Approximate total client time: %6.2f s\n",
1703                         (double)s_time/CLOCKS_PER_SEC,
1704                         (double)c_time/CLOCKS_PER_SEC);
1705 #else
1706                 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
1707                  *                            -- cc on NeXTstep/OpenStep */
1708                 BIO_printf(bio_stdout,
1709                         "Approximate total server time: %6.2f units\n"
1710                         "Approximate total client time: %6.2f units\n",
1711                         (double)s_time,
1712                         (double)c_time);
1713 #endif
1714                 }
1715
1716         SSL_free(s_ssl);
1717         SSL_free(c_ssl);
1718
1719 end:
1720         if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1721         if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1722
1723         if (bio_stdout != NULL) BIO_free(bio_stdout);
1724
1725 #ifndef OPENSSL_NO_RSA
1726         free_tmp_rsa();
1727 #endif
1728 #ifndef OPENSSL_NO_ENGINE
1729         ENGINE_cleanup();
1730 #endif
1731         CRYPTO_cleanup_all_ex_data();
1732         ERR_free_strings();
1733         ERR_remove_thread_state(NULL);
1734         EVP_cleanup();
1735         CRYPTO_mem_leaks(bio_err);
1736         if (bio_err != NULL) BIO_free(bio_err);
1737         EXIT(ret);
1738         return ret;
1739         }
1740
1741 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1742         clock_t *s_time, clock_t *c_time)
1743         {
1744         long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1745         BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1746         BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1747         int ret = 1;
1748         
1749         size_t bufsiz = 256; /* small buffer for testing */
1750
1751         if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1752                 goto err;
1753         if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1754                 goto err;
1755         
1756         s_ssl_bio = BIO_new(BIO_f_ssl());
1757         if (!s_ssl_bio)
1758                 goto err;
1759
1760         c_ssl_bio = BIO_new(BIO_f_ssl());
1761         if (!c_ssl_bio)
1762                 goto err;
1763
1764         SSL_set_connect_state(c_ssl);
1765         SSL_set_bio(c_ssl, client, client);
1766         (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1767
1768         SSL_set_accept_state(s_ssl);
1769         SSL_set_bio(s_ssl, server, server);
1770         (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1771
1772         do
1773                 {
1774                 /* c_ssl_bio:          SSL filter BIO
1775                  *
1776                  * client:             pseudo-I/O for SSL library
1777                  *
1778                  * client_io:          client's SSL communication; usually to be
1779                  *                     relayed over some I/O facility, but in this
1780                  *                     test program, we're the server, too:
1781                  *
1782                  * server_io:          server's SSL communication
1783                  *
1784                  * server:             pseudo-I/O for SSL library
1785                  *
1786                  * s_ssl_bio:          SSL filter BIO
1787                  *
1788                  * The client and the server each employ a "BIO pair":
1789                  * client + client_io, server + server_io.
1790                  * BIO pairs are symmetric.  A BIO pair behaves similar
1791                  * to a non-blocking socketpair (but both endpoints must
1792                  * be handled by the same thread).
1793                  * [Here we could connect client and server to the ends
1794                  * of a single BIO pair, but then this code would be less
1795                  * suitable as an example for BIO pairs in general.]
1796                  *
1797                  * Useful functions for querying the state of BIO pair endpoints:
1798                  *
1799                  * BIO_ctrl_pending(bio)              number of bytes we can read now
1800                  * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
1801                  *                                      other side's read attempt
1802                  * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
1803                  *
1804                  * ..._read_request is never more than ..._write_guarantee;
1805                  * it depends on the application which one you should use.
1806                  */
1807
1808                 /* We have non-blocking behaviour throughout this test program, but
1809                  * can be sure that there is *some* progress in each iteration; so
1810                  * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1811                  * -- we just try everything in each iteration
1812                  */
1813
1814                         {
1815                         /* CLIENT */
1816                 
1817                         MS_STATIC char cbuf[1024*8];
1818                         int i, r;
1819                         clock_t c_clock = clock();
1820
1821                         memset(cbuf, 0, sizeof(cbuf));
1822
1823                         if (debug)
1824                                 if (SSL_in_init(c_ssl))
1825                                         printf("client waiting in SSL_connect - %s\n",
1826                                                 SSL_state_string_long(c_ssl));
1827
1828                         if (cw_num > 0)
1829                                 {
1830                                 /* Write to server. */
1831                                 
1832                                 if (cw_num > (long)sizeof cbuf)
1833                                         i = sizeof cbuf;
1834                                 else
1835                                         i = (int)cw_num;
1836                                 r = BIO_write(c_ssl_bio, cbuf, i);
1837                                 if (r < 0)
1838                                         {
1839                                         if (!BIO_should_retry(c_ssl_bio))
1840                                                 {
1841                                                 fprintf(stderr,"ERROR in CLIENT\n");
1842                                                 goto err;
1843                                                 }
1844                                         /* BIO_should_retry(...) can just be ignored here.
1845                                          * The library expects us to call BIO_write with
1846                                          * the same arguments again, and that's what we will
1847                                          * do in the next iteration. */
1848                                         }
1849                                 else if (r == 0)
1850                                         {
1851                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1852                                         goto err;
1853                                         }
1854                                 else
1855                                         {
1856                                         if (debug)
1857                                                 printf("client wrote %d\n", r);
1858                                         cw_num -= r;                            
1859                                         }
1860                                 }
1861
1862                         if (cr_num > 0)
1863                                 {
1864                                 /* Read from server. */
1865
1866                                 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1867                                 if (r < 0)
1868                                         {
1869                                         if (!BIO_should_retry(c_ssl_bio))
1870                                                 {
1871                                                 fprintf(stderr,"ERROR in CLIENT\n");
1872                                                 goto err;
1873                                                 }
1874                                         /* Again, "BIO_should_retry" can be ignored. */
1875                                         }
1876                                 else if (r == 0)
1877                                         {
1878                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1879                                         goto err;
1880                                         }
1881                                 else
1882                                         {
1883                                         if (debug)
1884                                                 printf("client read %d\n", r);
1885                                         cr_num -= r;
1886                                         }
1887                                 }
1888
1889                         /* c_time and s_time increments will typically be very small
1890                          * (depending on machine speed and clock tick intervals),
1891                          * but sampling over a large number of connections should
1892                          * result in fairly accurate figures.  We cannot guarantee
1893                          * a lot, however -- if each connection lasts for exactly
1894                          * one clock tick, it will be counted only for the client
1895                          * or only for the server or even not at all.
1896                          */
1897                         *c_time += (clock() - c_clock);
1898                         }
1899
1900                         {
1901                         /* SERVER */
1902                 
1903                         MS_STATIC char sbuf[1024*8];
1904                         int i, r;
1905                         clock_t s_clock = clock();
1906
1907                         memset(sbuf, 0, sizeof(sbuf));
1908
1909                         if (debug)
1910                                 if (SSL_in_init(s_ssl))
1911                                         printf("server waiting in SSL_accept - %s\n",
1912                                                 SSL_state_string_long(s_ssl));
1913
1914                         if (sw_num > 0)
1915                                 {
1916                                 /* Write to client. */
1917                                 
1918                                 if (sw_num > (long)sizeof sbuf)
1919                                         i = sizeof sbuf;
1920                                 else
1921                                         i = (int)sw_num;
1922                                 r = BIO_write(s_ssl_bio, sbuf, i);
1923                                 if (r < 0)
1924                                         {
1925                                         if (!BIO_should_retry(s_ssl_bio))
1926                                                 {
1927                                                 fprintf(stderr,"ERROR in SERVER\n");
1928                                                 goto err;
1929                                                 }
1930                                         /* Ignore "BIO_should_retry". */
1931                                         }
1932                                 else if (r == 0)
1933                                         {
1934                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
1935                                         goto err;
1936                                         }
1937                                 else
1938                                         {
1939                                         if (debug)
1940                                                 printf("server wrote %d\n", r);
1941                                         sw_num -= r;                            
1942                                         }
1943                                 }
1944
1945                         if (sr_num > 0)
1946                                 {
1947                                 /* Read from client. */
1948
1949                                 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
1950                                 if (r < 0)
1951                                         {
1952                                         if (!BIO_should_retry(s_ssl_bio))
1953                                                 {
1954                                                 fprintf(stderr,"ERROR in SERVER\n");
1955                                                 goto err;
1956                                                 }
1957                                         /* blah, blah */
1958                                         }
1959                                 else if (r == 0)
1960                                         {
1961                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
1962                                         goto err;
1963                                         }
1964                                 else
1965                                         {
1966                                         if (debug)
1967                                                 printf("server read %d\n", r);
1968                                         sr_num -= r;
1969                                         }
1970                                 }
1971
1972                         *s_time += (clock() - s_clock);
1973                         }
1974                         
1975                         {
1976                         /* "I/O" BETWEEN CLIENT AND SERVER. */
1977
1978                         size_t r1, r2;
1979                         BIO *io1 = server_io, *io2 = client_io;
1980                         /* we use the non-copying interface for io1
1981                          * and the standard BIO_write/BIO_read interface for io2
1982                          */
1983                         
1984                         static int prev_progress = 1;
1985                         int progress = 0;
1986                         
1987                         /* io1 to io2 */
1988                         do
1989                                 {
1990                                 size_t num;
1991                                 int r;
1992
1993                                 r1 = BIO_ctrl_pending(io1);
1994                                 r2 = BIO_ctrl_get_write_guarantee(io2);
1995
1996                                 num = r1;
1997                                 if (r2 < num)
1998                                         num = r2;
1999                                 if (num)
2000                                         {
2001                                         char *dataptr;
2002
2003                                         if (INT_MAX < num) /* yeah, right */
2004                                                 num = INT_MAX;
2005                                         
2006                                         r = BIO_nread(io1, &dataptr, (int)num);
2007                                         assert(r > 0);
2008                                         assert(r <= (int)num);
2009                                         /* possibly r < num (non-contiguous data) */
2010                                         num = r;
2011                                         r = BIO_write(io2, dataptr, (int)num);
2012                                         if (r != (int)num) /* can't happen */
2013                                                 {
2014                                                 fprintf(stderr, "ERROR: BIO_write could not write "
2015                                                         "BIO_ctrl_get_write_guarantee() bytes");
2016                                                 goto err;
2017                                                 }
2018                                         progress = 1;
2019
2020                                         if (debug)
2021                                                 printf((io1 == client_io) ?
2022                                                         "C->S relaying: %d bytes\n" :
2023                                                         "S->C relaying: %d bytes\n",
2024                                                         (int)num);
2025                                         }
2026                                 }
2027                         while (r1 && r2);
2028
2029                         /* io2 to io1 */
2030                         {
2031                                 size_t num;
2032                                 int r;
2033
2034                                 r1 = BIO_ctrl_pending(io2);
2035                                 r2 = BIO_ctrl_get_read_request(io1);
2036                                 /* here we could use ..._get_write_guarantee instead of
2037                                  * ..._get_read_request, but by using the latter
2038                                  * we test restartability of the SSL implementation
2039                                  * more thoroughly */
2040                                 num = r1;
2041                                 if (r2 < num)
2042                                         num = r2;
2043                                 if (num)
2044                                         {
2045                                         char *dataptr;
2046                                         
2047                                         if (INT_MAX < num)
2048                                                 num = INT_MAX;
2049
2050                                         if (num > 1)
2051                                                 --num; /* test restartability even more thoroughly */
2052                                         
2053                                         r = BIO_nwrite0(io1, &dataptr);
2054                                         assert(r > 0);
2055                                         if (r < (int)num)
2056                                                 num = r;
2057                                         r = BIO_read(io2, dataptr, (int)num);
2058                                         if (r != (int)num) /* can't happen */
2059                                                 {
2060                                                 fprintf(stderr, "ERROR: BIO_read could not read "
2061                                                         "BIO_ctrl_pending() bytes");
2062                                                 goto err;
2063                                                 }
2064                                         progress = 1;
2065                                         r = BIO_nwrite(io1, &dataptr, (int)num);
2066                                         if (r != (int)num) /* can't happen */
2067                                                 {
2068                                                 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2069                                                         "BIO_nwrite0() bytes");
2070                                                 goto err;
2071                                                 }
2072                                         
2073                                         if (debug)
2074                                                 printf((io2 == client_io) ?
2075                                                         "C->S relaying: %d bytes\n" :
2076                                                         "S->C relaying: %d bytes\n",
2077                                                         (int)num);
2078                                         }
2079                         } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
2080
2081                         if (!progress && !prev_progress)
2082                                 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
2083                                         {
2084                                         fprintf(stderr, "ERROR: got stuck\n");
2085                                         if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
2086                                                 {
2087                                                 fprintf(stderr, "This can happen for SSL2 because "
2088                                                         "CLIENT-FINISHED and SERVER-VERIFY are written \n"
2089                                                         "concurrently ...");
2090                                                 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
2091                                                         && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
2092                                                         {
2093                                                         fprintf(stderr, " ok.\n");
2094                                                         goto end;
2095                                                         }
2096                                                 }
2097                                         fprintf(stderr, " ERROR.\n");
2098                                         goto err;
2099                                         }
2100                         prev_progress = progress;
2101                         }
2102                 }
2103         while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2104
2105         if (verbose)
2106                 print_details(c_ssl, "DONE via BIO pair: ");
2107 #ifndef OPENSSL_NO_NEXTPROTONEG
2108         if (verify_npn(c_ssl, s_ssl) < 0)
2109                 {
2110                 ret = 1;
2111                 goto end;
2112                 }
2113 #endif
2114         if (verify_serverinfo() < 0)
2115                 {
2116                 fprintf(stderr, "Server info verify error\n");
2117                 ret = 1;
2118                 goto err;
2119                 }
2120         if (verify_alpn(c_ssl, s_ssl) < 0)
2121                 {
2122                 ret = 1;
2123                 goto err;
2124                 }
2125
2126         if (custom_ext_error)
2127                 {
2128                 fprintf(stderr, "Custom extension error\n");
2129                 ret = 1;
2130                 goto err;
2131                 }
2132
2133 end:
2134         ret = 0;
2135
2136  err:
2137         ERR_print_errors(bio_err);
2138         
2139         if (server)
2140                 BIO_free(server);
2141         if (server_io)
2142                 BIO_free(server_io);
2143         if (client)
2144                 BIO_free(client);
2145         if (client_io)
2146                 BIO_free(client_io);
2147         if (s_ssl_bio)
2148                 BIO_free(s_ssl_bio);
2149         if (c_ssl_bio)
2150                 BIO_free(c_ssl_bio);
2151
2152         return ret;
2153         }
2154
2155
2156 #define W_READ  1
2157 #define W_WRITE 2
2158 #define C_DONE  1
2159 #define S_DONE  2
2160
2161 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2162         {
2163         char *cbuf=NULL,*sbuf=NULL;
2164         long bufsiz;
2165         long cw_num=count,cr_num=count;
2166         long sw_num=count,sr_num=count;
2167         int ret=1;
2168         BIO *c_to_s=NULL;
2169         BIO *s_to_c=NULL;
2170         BIO *c_bio=NULL;
2171         BIO *s_bio=NULL;
2172         int c_r,c_w,s_r,s_w;
2173         int i,j;
2174         int done=0;
2175         int c_write,s_write;
2176         int do_server=0,do_client=0;
2177         int max_frag = 5*1024;
2178
2179         bufsiz = count>40*1024 ? 40*1024 : count;
2180
2181         if ((cbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2182         if ((sbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2183
2184         memset(cbuf,0,bufsiz);
2185         memset(sbuf,0,bufsiz);
2186
2187         c_to_s=BIO_new(BIO_s_mem());
2188         s_to_c=BIO_new(BIO_s_mem());
2189         if ((s_to_c == NULL) || (c_to_s == NULL))
2190                 {
2191                 ERR_print_errors(bio_err);
2192                 goto err;
2193                 }
2194
2195         c_bio=BIO_new(BIO_f_ssl());
2196         s_bio=BIO_new(BIO_f_ssl());
2197         if ((c_bio == NULL) || (s_bio == NULL))
2198                 {
2199                 ERR_print_errors(bio_err);
2200                 goto err;
2201                 }
2202
2203         SSL_set_connect_state(c_ssl);
2204         SSL_set_bio(c_ssl,s_to_c,c_to_s);
2205         SSL_set_max_send_fragment(c_ssl,max_frag);
2206         BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
2207
2208         SSL_set_accept_state(s_ssl);
2209         SSL_set_bio(s_ssl,c_to_s,s_to_c);
2210         SSL_set_max_send_fragment(s_ssl,max_frag);
2211         BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
2212
2213         c_r=0; s_r=1;
2214         c_w=1; s_w=0;
2215         c_write=1,s_write=0;
2216
2217         /* We can always do writes */
2218         for (;;)
2219                 {
2220                 do_server=0;
2221                 do_client=0;
2222
2223                 i=(int)BIO_pending(s_bio);
2224                 if ((i && s_r) || s_w) do_server=1;
2225
2226                 i=(int)BIO_pending(c_bio);
2227                 if ((i && c_r) || c_w) do_client=1;
2228
2229                 if (do_server && debug)
2230                         {
2231                         if (SSL_in_init(s_ssl))
2232                                 printf("server waiting in SSL_accept - %s\n",
2233                                         SSL_state_string_long(s_ssl));
2234 /*                      else if (s_write)
2235                                 printf("server:SSL_write()\n");
2236                         else
2237                                 printf("server:SSL_read()\n"); */
2238                         }
2239
2240                 if (do_client && debug)
2241                         {
2242                         if (SSL_in_init(c_ssl))
2243                                 printf("client waiting in SSL_connect - %s\n",
2244                                         SSL_state_string_long(c_ssl));
2245 /*                      else if (c_write)
2246                                 printf("client:SSL_write()\n");
2247                         else
2248                                 printf("client:SSL_read()\n"); */
2249                         }
2250
2251                 if (!do_client && !do_server)
2252                         {
2253                         fprintf(stdout,"ERROR IN STARTUP\n");
2254                         ERR_print_errors(bio_err);
2255                         break;
2256                         }
2257                 if (do_client && !(done & C_DONE))
2258                         {
2259                         if (c_write)
2260                                 {
2261                                 j = (cw_num > bufsiz) ?
2262                                         (int)bufsiz : (int)cw_num;
2263                                 i=BIO_write(c_bio,cbuf,j);
2264                                 if (i < 0)
2265                                         {
2266                                         c_r=0;
2267                                         c_w=0;
2268                                         if (BIO_should_retry(c_bio))
2269                                                 {
2270                                                 if (BIO_should_read(c_bio))
2271                                                         c_r=1;
2272                                                 if (BIO_should_write(c_bio))
2273                                                         c_w=1;
2274                                                 }
2275                                         else
2276                                                 {
2277                                                 fprintf(stderr,"ERROR in CLIENT\n");
2278                                                 ERR_print_errors(bio_err);
2279                                                 goto err;
2280                                                 }
2281                                         }
2282                                 else if (i == 0)
2283                                         {
2284                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2285                                         goto err;
2286                                         }
2287                                 else
2288                                         {
2289                                         if (debug)
2290                                                 printf("client wrote %d\n",i);
2291                                         /* ok */
2292                                         s_r=1;
2293                                         c_write=0;
2294                                         cw_num-=i;
2295                                         if (max_frag>1029)
2296                                                 SSL_set_max_send_fragment(c_ssl,max_frag-=5);
2297                                         }
2298                                 }
2299                         else
2300                                 {
2301                                 i=BIO_read(c_bio,cbuf,bufsiz);
2302                                 if (i < 0)
2303                                         {
2304                                         c_r=0;
2305                                         c_w=0;
2306                                         if (BIO_should_retry(c_bio))
2307                                                 {
2308                                                 if (BIO_should_read(c_bio))
2309                                                         c_r=1;
2310                                                 if (BIO_should_write(c_bio))
2311                                                         c_w=1;
2312                                                 }
2313                                         else
2314                                                 {
2315                                                 fprintf(stderr,"ERROR in CLIENT\n");
2316                                                 ERR_print_errors(bio_err);
2317                                                 goto err;
2318                                                 }
2319                                         }
2320                                 else if (i == 0)
2321                                         {
2322                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2323                                         goto err;
2324                                         }
2325                                 else
2326                                         {
2327                                         if (debug)
2328                                                 printf("client read %d\n",i);
2329                                         cr_num-=i;
2330                                         if (sw_num > 0)
2331                                                 {
2332                                                 s_write=1;
2333                                                 s_w=1;
2334                                                 }
2335                                         if (cr_num <= 0)
2336                                                 {
2337                                                 s_write=1;
2338                                                 s_w=1;
2339                                                 done=S_DONE|C_DONE;
2340                                                 }
2341                                         }
2342                                 }
2343                         }
2344
2345                 if (do_server && !(done & S_DONE))
2346                         {
2347                         if (!s_write)
2348                                 {
2349                                 i=BIO_read(s_bio,sbuf,bufsiz);
2350                                 if (i < 0)
2351                                         {
2352                                         s_r=0;
2353                                         s_w=0;
2354                                         if (BIO_should_retry(s_bio))
2355                                                 {
2356                                                 if (BIO_should_read(s_bio))
2357                                                         s_r=1;
2358                                                 if (BIO_should_write(s_bio))
2359                                                         s_w=1;
2360                                                 }
2361                                         else
2362                                                 {
2363                                                 fprintf(stderr,"ERROR in SERVER\n");
2364                                                 ERR_print_errors(bio_err);
2365                                                 goto err;
2366                                                 }
2367                                         }
2368                                 else if (i == 0)
2369                                         {
2370                                         ERR_print_errors(bio_err);
2371                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
2372                                         goto err;
2373                                         }
2374                                 else
2375                                         {
2376                                         if (debug)
2377                                                 printf("server read %d\n",i);
2378                                         sr_num-=i;
2379                                         if (cw_num > 0)
2380                                                 {
2381                                                 c_write=1;
2382                                                 c_w=1;
2383                                                 }
2384                                         if (sr_num <= 0)
2385                                                 {
2386                                                 s_write=1;
2387                                                 s_w=1;
2388                                                 c_write=0;
2389                                                 }
2390                                         }
2391                                 }
2392                         else
2393                                 {
2394                                 j = (sw_num > bufsiz) ?
2395                                         (int)bufsiz : (int)sw_num;
2396                                 i=BIO_write(s_bio,sbuf,j);
2397                                 if (i < 0)
2398                                         {
2399                                         s_r=0;
2400                                         s_w=0;
2401                                         if (BIO_should_retry(s_bio))
2402                                                 {
2403                                                 if (BIO_should_read(s_bio))
2404                                                         s_r=1;
2405                                                 if (BIO_should_write(s_bio))
2406                                                         s_w=1;
2407                                                 }
2408                                         else
2409                                                 {
2410                                                 fprintf(stderr,"ERROR in SERVER\n");
2411                                                 ERR_print_errors(bio_err);
2412                                                 goto err;
2413                                                 }
2414                                         }
2415                                 else if (i == 0)
2416                                         {
2417                                         ERR_print_errors(bio_err);
2418                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
2419                                         goto err;
2420                                         }
2421                                 else
2422                                         {
2423                                         if (debug)
2424                                                 printf("server wrote %d\n",i);
2425                                         sw_num-=i;
2426                                         s_write=0;
2427                                         c_r=1;
2428                                         if (sw_num <= 0)
2429                                                 done|=S_DONE;
2430                                         if (max_frag>1029)
2431                                                 SSL_set_max_send_fragment(s_ssl,max_frag-=5);
2432                                         }
2433                                 }
2434                         }
2435
2436                 if ((done & S_DONE) && (done & C_DONE)) break;
2437                 }
2438
2439         if (verbose)
2440                 print_details(c_ssl, "DONE: ");
2441 #ifndef OPENSSL_NO_NEXTPROTONEG
2442         if (verify_npn(c_ssl, s_ssl) < 0)
2443                 {
2444                 ret = 1;
2445                 goto err;
2446                 }
2447 #endif
2448         if (verify_serverinfo() < 0)
2449                 {
2450                 fprintf(stderr, "Server info verify error\n");
2451                 ret = 1;
2452                 goto err;
2453                 }
2454         if (custom_ext_error)
2455                 {
2456                 fprintf(stderr, "Custom extension error\n");
2457                 ret = 1;
2458                 goto err;
2459                 }
2460         ret=0;
2461 err:
2462         /* We have to set the BIO's to NULL otherwise they will be
2463          * OPENSSL_free()ed twice.  Once when th s_ssl is SSL_free()ed and
2464          * again when c_ssl is SSL_free()ed.
2465          * This is a hack required because s_ssl and c_ssl are sharing the same
2466          * BIO structure and SSL_set_bio() and SSL_free() automatically
2467          * BIO_free non NULL entries.
2468          * You should not normally do this or be required to do this */
2469         if (s_ssl != NULL)
2470                 {
2471                 s_ssl->rbio=NULL;
2472                 s_ssl->wbio=NULL;
2473                 }
2474         if (c_ssl != NULL)
2475                 {
2476                 c_ssl->rbio=NULL;
2477                 c_ssl->wbio=NULL;
2478                 }
2479
2480         if (c_to_s != NULL) BIO_free(c_to_s);
2481         if (s_to_c != NULL) BIO_free(s_to_c);
2482         if (c_bio != NULL) BIO_free_all(c_bio);
2483         if (s_bio != NULL) BIO_free_all(s_bio);
2484
2485         if (cbuf) OPENSSL_free(cbuf);
2486         if (sbuf) OPENSSL_free(sbuf);
2487
2488         return(ret);
2489         }
2490
2491 static int get_proxy_auth_ex_data_idx(void)
2492         {
2493         static volatile int idx = -1;
2494         if (idx < 0)
2495                 {
2496                 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2497                 if (idx < 0)
2498                         {
2499                         idx = X509_STORE_CTX_get_ex_new_index(0,
2500                                 "SSLtest for verify callback", NULL,NULL,NULL);
2501                         }
2502                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2503                 }
2504         return idx;
2505         }
2506
2507 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2508         {
2509         char *s,buf[256];
2510
2511         s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
2512                             sizeof buf);
2513         if (s != NULL)
2514                 {
2515                 if (ok)
2516                         fprintf(stderr,"depth=%d %s\n",
2517                                 ctx->error_depth,buf);
2518                 else
2519                         {
2520                         fprintf(stderr,"depth=%d error=%d %s\n",
2521                                 ctx->error_depth,ctx->error,buf);
2522                         }
2523                 }
2524
2525         if (ok == 0)
2526                 {
2527                 fprintf(stderr,"Error string: %s\n",
2528                         X509_verify_cert_error_string(ctx->error));
2529                 switch (ctx->error)
2530                         {
2531                 case X509_V_ERR_CERT_NOT_YET_VALID:
2532                 case X509_V_ERR_CERT_HAS_EXPIRED:
2533                 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2534                         fprintf(stderr,"  ... ignored.\n");
2535                         ok=1;
2536                         }
2537                 }
2538
2539         if (ok == 1)
2540                 {
2541                 X509 *xs = ctx->current_cert;
2542 #if 0
2543                 X509 *xi = ctx->current_issuer;
2544 #endif
2545
2546                 if (xs->ex_flags & EXFLAG_PROXY)
2547                         {
2548                         unsigned int *letters =
2549                                 X509_STORE_CTX_get_ex_data(ctx,
2550                                         get_proxy_auth_ex_data_idx());
2551
2552                         if (letters)
2553                                 {
2554                                 int found_any = 0;
2555                                 int i;
2556                                 PROXY_CERT_INFO_EXTENSION *pci =
2557                                         X509_get_ext_d2i(xs, NID_proxyCertInfo,
2558                                                 NULL, NULL);
2559
2560                                 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
2561                                         {
2562                                 case NID_Independent:
2563                                         /* Completely meaningless in this
2564                                            program, as there's no way to
2565                                            grant explicit rights to a
2566                                            specific PrC.  Basically, using
2567                                            id-ppl-Independent is the perfect
2568                                            way to grant no rights at all. */
2569                                         fprintf(stderr, "  Independent proxy certificate");
2570                                         for (i = 0; i < 26; i++)
2571                                                 letters[i] = 0;
2572                                         break;
2573                                 case NID_id_ppl_inheritAll:
2574                                         /* This is basically a NOP, we
2575                                            simply let the current rights
2576                                            stand as they are. */
2577                                         fprintf(stderr, "  Proxy certificate inherits all");
2578                                         break;
2579                                 default:
2580                                         s = (char *)
2581                                                 pci->proxyPolicy->policy->data;
2582                                         i = pci->proxyPolicy->policy->length;
2583
2584                                         /* The algorithm works as follows:
2585                                            it is assumed that previous
2586                                            iterations or the initial granted
2587                                            rights has already set some elements
2588                                            of `letters'.  What we need to do is
2589                                            to clear those that weren't granted
2590                                            by the current PrC as well.  The
2591                                            easiest way to do this is to add 1
2592                                            to all the elements whose letters
2593                                            are given with the current policy.
2594                                            That way, all elements that are set
2595                                            by the current policy and were
2596                                            already set by earlier policies and
2597                                            through the original grant of rights
2598                                            will get the value 2 or higher.
2599                                            The last thing to do is to sweep
2600                                            through `letters' and keep the
2601                                            elements having the value 2 as set,
2602                                            and clear all the others. */
2603
2604                                         fprintf(stderr, "  Certificate proxy rights = %*.*s", i, i, s);
2605                                         while(i-- > 0)
2606                                                 {
2607                                                 int c = *s++;
2608                                                 if (isascii(c) && isalpha(c))
2609                                                         {
2610                                                         if (islower(c))
2611                                                                 c = toupper(c);
2612                                                         letters[c - 'A']++;
2613                                                         }
2614                                                 }
2615                                         for (i = 0; i < 26; i++)
2616                                                 if (letters[i] < 2)
2617                                                         letters[i] = 0;
2618                                                 else
2619                                                         letters[i] = 1;
2620                                         }
2621
2622                                 found_any = 0;
2623                                 fprintf(stderr,
2624                                         ", resulting proxy rights = ");
2625                                 for(i = 0; i < 26; i++)
2626                                         if (letters[i])
2627                                                 {
2628                                                 fprintf(stderr, "%c", i + 'A');
2629                                                 found_any = 1;
2630                                                 }
2631                                 if (!found_any)
2632                                         fprintf(stderr, "none");
2633                                 fprintf(stderr, "\n");
2634
2635                                 PROXY_CERT_INFO_EXTENSION_free(pci);
2636                                 }
2637                         }
2638                 }
2639
2640         return(ok);
2641         }
2642
2643 static void process_proxy_debug(int indent, const char *format, ...)
2644         {
2645         static const char indentation[] =
2646                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2647                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
2648         char my_format[256];
2649         va_list args;
2650
2651         BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2652                 indent, indent, indentation, format);
2653
2654         va_start(args, format);
2655         vfprintf(stderr, my_format, args);
2656         va_end(args);
2657         }
2658 /* Priority levels:
2659    0    [!]var, ()
2660    1    & ^
2661    2    |
2662 */
2663 static int process_proxy_cond_adders(unsigned int letters[26],
2664         const char *cond, const char **cond_end, int *pos, int indent);
2665 static int process_proxy_cond_val(unsigned int letters[26],
2666         const char *cond, const char **cond_end, int *pos, int indent)
2667         {
2668         int c;
2669         int ok = 1;
2670         int negate = 0;
2671
2672         while(isspace((int)*cond))
2673                 {
2674                 cond++; (*pos)++;
2675                 }
2676         c = *cond;
2677
2678         if (debug)
2679                 process_proxy_debug(indent,
2680                         "Start process_proxy_cond_val at position %d: %s\n",
2681                         *pos, cond);
2682
2683         while(c == '!')
2684                 {
2685                 negate = !negate;
2686                 cond++; (*pos)++;
2687                 while(isspace((int)*cond))
2688                         {
2689                         cond++; (*pos)++;
2690                         }
2691                 c = *cond;
2692                 }
2693
2694         if (c == '(')
2695                 {
2696                 cond++; (*pos)++;
2697                 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2698                         indent + 1);
2699                 cond = *cond_end;
2700                 if (ok < 0)
2701                         goto end;
2702                 while(isspace((int)*cond))
2703                         {
2704                         cond++; (*pos)++;
2705                         }
2706                 c = *cond;
2707                 if (c != ')')
2708                         {
2709                         fprintf(stderr,
2710                                 "Weird condition character in position %d: "
2711                                 "%c\n", *pos, c);
2712                         ok = -1;
2713                         goto end;
2714                         }
2715                 cond++; (*pos)++;
2716                 }
2717         else if (isascii(c) && isalpha(c))
2718                 {
2719                 if (islower(c))
2720                         c = toupper(c);
2721                 ok = letters[c - 'A'];
2722                 cond++; (*pos)++;
2723                 }
2724         else
2725                 {
2726                 fprintf(stderr,
2727                         "Weird condition character in position %d: "
2728                         "%c\n", *pos, c);
2729                 ok = -1;
2730                 goto end;
2731                 }
2732  end:
2733         *cond_end = cond;
2734         if (ok >= 0 && negate)
2735                 ok = !ok;
2736
2737         if (debug)
2738                 process_proxy_debug(indent,
2739                         "End process_proxy_cond_val at position %d: %s, returning %d\n",
2740                         *pos, cond, ok);
2741
2742         return ok;
2743         }
2744 static int process_proxy_cond_multipliers(unsigned int letters[26],
2745         const char *cond, const char **cond_end, int *pos, int indent)
2746         {
2747         int ok;
2748         char c;
2749
2750         if (debug)
2751                 process_proxy_debug(indent,
2752                         "Start process_proxy_cond_multipliers at position %d: %s\n",
2753                         *pos, cond);
2754
2755         ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2756         cond = *cond_end;
2757         if (ok < 0)
2758                 goto end;
2759
2760         while(ok >= 0)
2761                 {
2762                 while(isspace((int)*cond))
2763                         {
2764                         cond++; (*pos)++;
2765                         }
2766                 c = *cond;
2767
2768                 switch(c)
2769                         {
2770                 case '&':
2771                 case '^':
2772                         {
2773                         int save_ok = ok;
2774
2775                         cond++; (*pos)++;
2776                         ok = process_proxy_cond_val(letters,
2777                                 cond, cond_end, pos, indent + 1);
2778                         cond = *cond_end;
2779                         if (ok < 0)
2780                                 break;
2781
2782                         switch(c)
2783                                 {
2784                         case '&':
2785                                 ok &= save_ok;
2786                                 break;
2787                         case '^':
2788                                 ok ^= save_ok;
2789                                 break;
2790                         default:
2791                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2792                                         " STOPPING\n");
2793                                 EXIT(1);
2794                                 }
2795                         }
2796                         break;
2797                 default:
2798                         goto end;
2799                         }
2800                 }
2801  end:
2802         if (debug)
2803                 process_proxy_debug(indent,
2804                         "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2805                         *pos, cond, ok);
2806
2807         *cond_end = cond;
2808         return ok;
2809         }
2810 static int process_proxy_cond_adders(unsigned int letters[26],
2811         const char *cond, const char **cond_end, int *pos, int indent)
2812         {
2813         int ok;
2814         char c;
2815
2816         if (debug)
2817                 process_proxy_debug(indent,
2818                         "Start process_proxy_cond_adders at position %d: %s\n",
2819                         *pos, cond);
2820
2821         ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2822                 indent + 1);
2823         cond = *cond_end;
2824         if (ok < 0)
2825                 goto end;
2826
2827         while(ok >= 0)
2828                 {
2829                 while(isspace((int)*cond))
2830                         {
2831                         cond++; (*pos)++;
2832                         }
2833                 c = *cond;
2834
2835                 switch(c)
2836                         {
2837                 case '|':
2838                         {
2839                         int save_ok = ok;
2840
2841                         cond++; (*pos)++;
2842                         ok = process_proxy_cond_multipliers(letters,
2843                                 cond, cond_end, pos, indent + 1);
2844                         cond = *cond_end;
2845                         if (ok < 0)
2846                                 break;
2847
2848                         switch(c)
2849                                 {
2850                         case '|':
2851                                 ok |= save_ok;
2852                                 break;
2853                         default:
2854                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2855                                         " STOPPING\n");
2856                                 EXIT(1);
2857                                 }
2858                         }
2859                         break;
2860                 default:
2861                         goto end;
2862                         }
2863                 }
2864  end:
2865         if (debug)
2866                 process_proxy_debug(indent,
2867                         "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2868                         *pos, cond, ok);
2869
2870         *cond_end = cond;
2871         return ok;
2872         }
2873
2874 static int process_proxy_cond(unsigned int letters[26],
2875         const char *cond, const char **cond_end)
2876         {
2877         int pos = 1;
2878         return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2879         }
2880
2881 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2882         {
2883         int ok=1;
2884         struct app_verify_arg *cb_arg = arg;
2885         unsigned int letters[26]; /* only used with proxy_auth */
2886
2887         if (cb_arg->app_verify)
2888                 {
2889                 char *s = NULL,buf[256];
2890
2891                 fprintf(stderr, "In app_verify_callback, allowing cert. ");
2892                 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
2893                 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2894                         (void *)ctx, (void *)ctx->cert);
2895                 if (ctx->cert)
2896                         s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
2897                 if (s != NULL)
2898                         {
2899                         fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
2900                         }
2901                 return(1);
2902                 }
2903         if (cb_arg->proxy_auth)
2904                 {
2905                 int found_any = 0, i;
2906                 char *sp;
2907
2908                 for(i = 0; i < 26; i++)
2909                         letters[i] = 0;
2910                 for(sp = cb_arg->proxy_auth; *sp; sp++)
2911                         {
2912                         int c = *sp;
2913                         if (isascii(c) && isalpha(c))
2914                                 {
2915                                 if (islower(c))
2916                                         c = toupper(c);
2917                                 letters[c - 'A'] = 1;
2918                                 }
2919                         }
2920
2921                 fprintf(stderr,
2922                         "  Initial proxy rights = ");
2923                 for(i = 0; i < 26; i++)
2924                         if (letters[i])
2925                                 {
2926                                 fprintf(stderr, "%c", i + 'A');
2927                                 found_any = 1;
2928                                 }
2929                 if (!found_any)
2930                         fprintf(stderr, "none");
2931                 fprintf(stderr, "\n");
2932
2933                 X509_STORE_CTX_set_ex_data(ctx,
2934                         get_proxy_auth_ex_data_idx(),letters);
2935                 }
2936         if (cb_arg->allow_proxy_certs)
2937                 {
2938                 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2939                 }
2940
2941 #ifndef OPENSSL_NO_X509_VERIFY
2942         ok = X509_verify_cert(ctx);
2943 #endif
2944
2945         if (cb_arg->proxy_auth)
2946                 {
2947                 if (ok > 0)
2948                         {
2949                         const char *cond_end = NULL;
2950
2951                         ok = process_proxy_cond(letters,
2952                                 cb_arg->proxy_cond, &cond_end);
2953
2954                         if (ok < 0)
2955                                 EXIT(3);
2956                         if (*cond_end)
2957                                 {
2958                                 fprintf(stderr, "Stopped processing condition before it's end.\n");
2959                                 ok = 0;
2960                                 }
2961                         if (!ok)
2962                                 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
2963                                         cb_arg->proxy_cond);
2964                         else
2965                                 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
2966                                         cb_arg->proxy_cond);
2967                         }
2968                 }
2969         return(ok);
2970         }
2971
2972 #ifndef OPENSSL_NO_RSA
2973 static RSA *rsa_tmp=NULL;
2974
2975 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2976         {
2977         BIGNUM *bn = NULL;
2978         if (rsa_tmp == NULL)
2979                 {
2980                 bn = BN_new();
2981                 rsa_tmp = RSA_new();
2982                 if(!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4))
2983                         {
2984                         BIO_printf(bio_err, "Memory error...");
2985                         goto end;
2986                         }
2987                 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
2988                 (void)BIO_flush(bio_err);
2989                 if(!RSA_generate_key_ex(rsa_tmp,keylength,bn,NULL))
2990                         {
2991                         BIO_printf(bio_err, "Error generating key.");
2992                         RSA_free(rsa_tmp);
2993                         rsa_tmp = NULL;
2994                         }
2995 end:
2996                 BIO_printf(bio_err,"\n");
2997                 (void)BIO_flush(bio_err);
2998                 }
2999         if(bn) BN_free(bn);
3000         return(rsa_tmp);
3001         }
3002
3003 static void free_tmp_rsa(void)
3004         {
3005         if (rsa_tmp != NULL)
3006                 {
3007                 RSA_free(rsa_tmp);
3008                 rsa_tmp = NULL;
3009                 }
3010         }
3011 #endif
3012
3013 #ifndef OPENSSL_NO_DH
3014 /* These DH parameters have been generated as follows:
3015  *    $ openssl dhparam -C -noout 512
3016  *    $ openssl dhparam -C -noout 1024
3017  *    $ openssl dhparam -C -noout -dsaparam 1024
3018  * (The third function has been renamed to avoid name conflicts.)
3019  */
3020 static DH *get_dh512()
3021         {
3022         static unsigned char dh512_p[]={
3023                 0xCB,0xC8,0xE1,0x86,0xD0,0x1F,0x94,0x17,0xA6,0x99,0xF0,0xC6,
3024                 0x1F,0x0D,0xAC,0xB6,0x25,0x3E,0x06,0x39,0xCA,0x72,0x04,0xB0,
3025                 0x6E,0xDA,0xC0,0x61,0xE6,0x7A,0x77,0x25,0xE8,0x3B,0xB9,0x5F,
3026                 0x9A,0xB6,0xB5,0xFE,0x99,0x0B,0xA1,0x93,0x4E,0x35,0x33,0xB8,
3027                 0xE1,0xF1,0x13,0x4F,0x59,0x1A,0xD2,0x57,0xC0,0x26,0x21,0x33,
3028                 0x02,0xC5,0xAE,0x23,
3029                 };
3030         static unsigned char dh512_g[]={
3031                 0x02,
3032                 };
3033         DH *dh;
3034
3035         if ((dh=DH_new()) == NULL) return(NULL);
3036         dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
3037         dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
3038         if ((dh->p == NULL) || (dh->g == NULL))
3039                 { DH_free(dh); return(NULL); }
3040         return(dh);
3041         }
3042
3043 static DH *get_dh1024()
3044         {
3045         static unsigned char dh1024_p[]={
3046                 0xF8,0x81,0x89,0x7D,0x14,0x24,0xC5,0xD1,0xE6,0xF7,0xBF,0x3A,
3047                 0xE4,0x90,0xF4,0xFC,0x73,0xFB,0x34,0xB5,0xFA,0x4C,0x56,0xA2,
3048                 0xEA,0xA7,0xE9,0xC0,0xC0,0xCE,0x89,0xE1,0xFA,0x63,0x3F,0xB0,
3049                 0x6B,0x32,0x66,0xF1,0xD1,0x7B,0xB0,0x00,0x8F,0xCA,0x87,0xC2,
3050                 0xAE,0x98,0x89,0x26,0x17,0xC2,0x05,0xD2,0xEC,0x08,0xD0,0x8C,
3051                 0xFF,0x17,0x52,0x8C,0xC5,0x07,0x93,0x03,0xB1,0xF6,0x2F,0xB8,
3052                 0x1C,0x52,0x47,0x27,0x1B,0xDB,0xD1,0x8D,0x9D,0x69,0x1D,0x52,
3053                 0x4B,0x32,0x81,0xAA,0x7F,0x00,0xC8,0xDC,0xE6,0xD9,0xCC,0xC1,
3054                 0x11,0x2D,0x37,0x34,0x6C,0xEA,0x02,0x97,0x4B,0x0E,0xBB,0xB1,
3055                 0x71,0x33,0x09,0x15,0xFD,0xDD,0x23,0x87,0x07,0x5E,0x89,0xAB,
3056                 0x6B,0x7C,0x5F,0xEC,0xA6,0x24,0xDC,0x53,
3057                 };
3058         static unsigned char dh1024_g[]={
3059                 0x02,
3060                 };
3061         DH *dh;
3062
3063         if ((dh=DH_new()) == NULL) return(NULL);
3064         dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
3065         dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
3066         if ((dh->p == NULL) || (dh->g == NULL))
3067                 { DH_free(dh); return(NULL); }
3068         return(dh);
3069         }
3070
3071 static DH *get_dh1024dsa()
3072         {
3073         static unsigned char dh1024_p[]={
3074                 0xC8,0x00,0xF7,0x08,0x07,0x89,0x4D,0x90,0x53,0xF3,0xD5,0x00,
3075                 0x21,0x1B,0xF7,0x31,0xA6,0xA2,0xDA,0x23,0x9A,0xC7,0x87,0x19,
3076                 0x3B,0x47,0xB6,0x8C,0x04,0x6F,0xFF,0xC6,0x9B,0xB8,0x65,0xD2,
3077                 0xC2,0x5F,0x31,0x83,0x4A,0xA7,0x5F,0x2F,0x88,0x38,0xB6,0x55,
3078                 0xCF,0xD9,0x87,0x6D,0x6F,0x9F,0xDA,0xAC,0xA6,0x48,0xAF,0xFC,
3079                 0x33,0x84,0x37,0x5B,0x82,0x4A,0x31,0x5D,0xE7,0xBD,0x52,0x97,
3080                 0xA1,0x77,0xBF,0x10,0x9E,0x37,0xEA,0x64,0xFA,0xCA,0x28,0x8D,
3081                 0x9D,0x3B,0xD2,0x6E,0x09,0x5C,0x68,0xC7,0x45,0x90,0xFD,0xBB,
3082                 0x70,0xC9,0x3A,0xBB,0xDF,0xD4,0x21,0x0F,0xC4,0x6A,0x3C,0xF6,
3083                 0x61,0xCF,0x3F,0xD6,0x13,0xF1,0x5F,0xBC,0xCF,0xBC,0x26,0x9E,
3084                 0xBC,0x0B,0xBD,0xAB,0x5D,0xC9,0x54,0x39,
3085                 };
3086         static unsigned char dh1024_g[]={
3087                 0x3B,0x40,0x86,0xE7,0xF3,0x6C,0xDE,0x67,0x1C,0xCC,0x80,0x05,
3088                 0x5A,0xDF,0xFE,0xBD,0x20,0x27,0x74,0x6C,0x24,0xC9,0x03,0xF3,
3089                 0xE1,0x8D,0xC3,0x7D,0x98,0x27,0x40,0x08,0xB8,0x8C,0x6A,0xE9,
3090                 0xBB,0x1A,0x3A,0xD6,0x86,0x83,0x5E,0x72,0x41,0xCE,0x85,0x3C,
3091                 0xD2,0xB3,0xFC,0x13,0xCE,0x37,0x81,0x9E,0x4C,0x1C,0x7B,0x65,
3092                 0xD3,0xE6,0xA6,0x00,0xF5,0x5A,0x95,0x43,0x5E,0x81,0xCF,0x60,
3093                 0xA2,0x23,0xFC,0x36,0xA7,0x5D,0x7A,0x4C,0x06,0x91,0x6E,0xF6,
3094                 0x57,0xEE,0x36,0xCB,0x06,0xEA,0xF5,0x3D,0x95,0x49,0xCB,0xA7,
3095                 0xDD,0x81,0xDF,0x80,0x09,0x4A,0x97,0x4D,0xA8,0x22,0x72,0xA1,
3096                 0x7F,0xC4,0x70,0x56,0x70,0xE8,0x20,0x10,0x18,0x8F,0x2E,0x60,
3097                 0x07,0xE7,0x68,0x1A,0x82,0x5D,0x32,0xA2,
3098                 };
3099         DH *dh;
3100
3101         if ((dh=DH_new()) == NULL) return(NULL);
3102         dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
3103         dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
3104         if ((dh->p == NULL) || (dh->g == NULL))
3105                 { DH_free(dh); return(NULL); }
3106         dh->length = 160;
3107         return(dh);
3108         }
3109 #endif
3110
3111 #ifndef OPENSSL_NO_PSK
3112 /* convert the PSK key (psk_key) in ascii to binary (psk) */
3113 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3114         unsigned int max_psk_len)
3115         {
3116         int ret;
3117         BIGNUM *bn = NULL;
3118
3119         ret = BN_hex2bn(&bn, pskkey);
3120         if (!ret)
3121                 {
3122                 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", pskkey); 
3123                 if (bn)
3124                         BN_free(bn);
3125                 return 0;
3126                 }
3127         if (BN_num_bytes(bn) > (int)max_psk_len)
3128                 {
3129                 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
3130                         max_psk_len, BN_num_bytes(bn));
3131                 BN_free(bn);
3132                 return 0;
3133                 }
3134         ret = BN_bn2bin(bn, psk);
3135         BN_free(bn);
3136         return ret;
3137         }
3138
3139 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
3140         unsigned int max_identity_len, unsigned char *psk,
3141         unsigned int max_psk_len)
3142         {
3143         int ret;
3144         unsigned int psk_len = 0;
3145
3146         ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3147         if (ret < 0)
3148                 goto out_err;
3149         if (debug)
3150                 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, ret);
3151         ret = psk_key2bn(psk_key, psk, max_psk_len);
3152         if (ret < 0)
3153                 goto out_err;
3154         psk_len = ret;
3155 out_err:
3156         return psk_len;
3157         }
3158
3159 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3160         unsigned char *psk, unsigned int max_psk_len)
3161         {
3162         unsigned int psk_len=0;
3163
3164         if (strcmp(identity, "Client_identity") != 0)
3165                 {
3166                 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3167                 return 0;
3168                 }
3169         psk_len=psk_key2bn(psk_key, psk, max_psk_len);
3170         return psk_len;
3171         }
3172 #endif
3173
3174 static int do_test_cipherlist(void)
3175         {
3176         int i = 0;
3177         const SSL_METHOD *meth;
3178         const SSL_CIPHER *ci, *tci = NULL;
3179
3180 #ifndef OPENSSL_NO_SSL2
3181         fprintf(stderr, "testing SSLv2 cipher list order: ");
3182         meth = SSLv2_method();
3183         while ((ci = meth->get_cipher(i++)) != NULL)
3184                 {
3185                 if (tci != NULL)
3186                         if (ci->id >= tci->id)
3187                                 {
3188                                 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3189                                 return 0;
3190                                 }
3191                 tci = ci;
3192                 }
3193         fprintf(stderr, "ok\n");
3194 #endif
3195 #ifndef OPENSSL_NO_SSL3
3196         fprintf(stderr, "testing SSLv3 cipher list order: ");
3197         meth = SSLv3_method();
3198         tci = NULL;
3199         while ((ci = meth->get_cipher(i++)) != NULL)
3200                 {
3201                 if (tci != NULL)
3202                         if (ci->id >= tci->id)
3203                                 {
3204                                 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3205                                 return 0;
3206                                 }
3207                 tci = ci;
3208                 }
3209         fprintf(stderr, "ok\n");
3210 #endif
3211 #ifndef OPENSSL_NO_TLS1
3212         fprintf(stderr, "testing TLSv1 cipher list order: ");
3213         meth = TLSv1_method();
3214         tci = NULL;
3215         while ((ci = meth->get_cipher(i++)) != NULL)
3216                 {
3217                 if (tci != NULL)
3218                         if (ci->id >= tci->id)
3219                                 {
3220                                 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3221                                 return 0;
3222                                 }
3223                 tci = ci;
3224                 }
3225         fprintf(stderr, "ok\n");
3226 #endif
3227
3228         return 1;
3229         }