2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
143 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
144 #define _BSD_SOURCE 1
157 #ifdef OPENSSL_SYS_VMS
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
161 # define _XOPEN_SOURCE 500
166 #include <openssl/bio.h>
167 #include <openssl/crypto.h>
168 #include <openssl/evp.h>
169 #include <openssl/x509.h>
170 #include <openssl/x509v3.h>
171 #include <openssl/ssl.h>
172 #ifndef OPENSSL_NO_ENGINE
173 # include <openssl/engine.h>
175 #include <openssl/err.h>
176 #include <openssl/rand.h>
177 #ifndef OPENSSL_NO_RSA
178 # include <openssl/rsa.h>
180 #ifndef OPENSSL_NO_DSA
181 # include <openssl/dsa.h>
183 #ifndef OPENSSL_NO_DH
184 # include <openssl/dh.h>
186 #ifndef OPENSSL_NO_SRP
187 # include <openssl/srp.h>
189 #include <openssl/bn.h>
192 * Or gethostname won't be declared properly
193 * on Compaq platforms (at least with DEC C).
194 * Do not try to put it earlier, or IPv6 includes
197 #define _XOPEN_SOURCE_EXTENDED 1
199 #ifdef OPENSSL_SYS_WINDOWS
200 # include <winsock.h>
202 # include OPENSSL_UNISTD
205 #ifdef OPENSSL_SYS_VMS
206 # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
207 # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
208 #elif defined(OPENSSL_SYS_WINCE)
209 # define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
210 # define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
211 #elif defined(OPENSSL_SYS_NETWARE)
212 # define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
213 # define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
215 # define TEST_SERVER_CERT "../apps/server.pem"
216 # define TEST_CLIENT_CERT "../apps/client.pem"
220 * There is really no standard for this, so let's assign some tentative
221 * numbers. In any case, these numbers are only for this test
226 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
227 #ifndef OPENSSL_NO_RSA
228 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
229 static void free_tmp_rsa(void);
231 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
232 #define APP_CALLBACK_STRING "Test Callback Argument"
233 struct app_verify_arg {
236 int allow_proxy_certs;
241 #ifndef OPENSSL_NO_DH
242 static DH *get_dh512(void);
243 static DH *get_dh1024(void);
244 static DH *get_dh1024dsa(void);
247 static char *psk_key = NULL; /* by default PSK is not used */
248 #ifndef OPENSSL_NO_PSK
249 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
251 unsigned int max_identity_len,
253 unsigned int max_psk_len);
254 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
256 unsigned int max_psk_len);
259 #ifndef OPENSSL_NO_SRP
261 /* This is a context that we pass to all callbacks */
262 typedef struct srp_client_arg_st {
267 # define PWD_STRLEN 1024
269 static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
271 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
272 return BUF_strdup((char *)srp_client_arg->srppassin);
276 /* This is a context that we pass to SRP server callbacks */
277 typedef struct srp_server_arg_st {
282 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
284 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
286 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
287 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
288 return SSL3_AL_FATAL;
290 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
291 *ad = SSL_AD_INTERNAL_ERROR;
292 return SSL3_AL_FATAL;
294 return SSL_ERROR_NONE;
298 static BIO *bio_err = NULL;
299 static BIO *bio_stdout = NULL;
301 static const char *alpn_client;
302 static const char *alpn_server;
303 static const char *alpn_expected;
304 static unsigned char *alpn_selected;
307 * next_protos_parse parses a comma separated list of strings into a string
308 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
309 * outlen: (output) set to the length of the resulting buffer on success.
310 * err: (maybe NULL) on failure, an error message line is written to this BIO.
311 * in: a NUL terminated string like "abc,def,ghi"
313 * returns: a malloced buffer or NULL on failure.
315 static unsigned char *next_protos_parse(unsigned short *outlen,
326 out = OPENSSL_malloc(strlen(in) + 1);
330 for (i = 0; i <= len; ++i) {
331 if (i == len || in[i] == ',') {
332 if (i - start > 255) {
336 out[start] = i - start;
346 static int cb_server_alpn(SSL *s, const unsigned char **out,
347 unsigned char *outlen, const unsigned char *in,
348 unsigned int inlen, void *arg)
350 unsigned char *protos;
351 unsigned short protos_len;
353 protos = next_protos_parse(&protos_len, alpn_server);
354 if (protos == NULL) {
355 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
360 if (SSL_select_next_proto
361 ((unsigned char **)out, outlen, protos, protos_len, in,
362 inlen) != OPENSSL_NPN_NEGOTIATED) {
363 OPENSSL_free(protos);
364 return SSL_TLSEXT_ERR_NOACK;
368 * Make a copy of the selected protocol which will be freed in
371 alpn_selected = OPENSSL_malloc(*outlen);
372 memcpy(alpn_selected, *out, *outlen);
373 *out = alpn_selected;
375 OPENSSL_free(protos);
376 return SSL_TLSEXT_ERR_OK;
379 static int verify_alpn(SSL *client, SSL *server)
381 const unsigned char *client_proto, *server_proto;
382 unsigned int client_proto_len = 0, server_proto_len = 0;
383 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
384 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
386 if (alpn_selected != NULL) {
387 OPENSSL_free(alpn_selected);
388 alpn_selected = NULL;
391 if (client_proto_len != server_proto_len ||
392 memcmp(client_proto, server_proto, client_proto_len) != 0) {
393 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
397 if (client_proto_len > 0 && alpn_expected == NULL) {
398 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
402 if (alpn_expected != NULL &&
403 (client_proto_len != strlen(alpn_expected) ||
404 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
405 BIO_printf(bio_stdout,
406 "ALPN selected protocols not equal to expected protocol: %s\n",
414 BIO_printf(bio_stdout, "ALPN results: client: '");
415 BIO_write(bio_stdout, client_proto, client_proto_len);
416 BIO_printf(bio_stdout, "', server: '");
417 BIO_write(bio_stdout, server_proto, server_proto_len);
418 BIO_printf(bio_stdout, "'\n");
419 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
420 alpn_client, alpn_server);
424 #define SCT_EXT_TYPE 18
427 * WARNING : below extension types are *NOT* IETF assigned, and could
428 * conflict if these types are reassigned and handled specially by OpenSSL
431 #define TACK_EXT_TYPE 62208
432 #define CUSTOM_EXT_TYPE_0 1000
433 #define CUSTOM_EXT_TYPE_1 1001
434 #define CUSTOM_EXT_TYPE_2 1002
435 #define CUSTOM_EXT_TYPE_3 1003
437 const char custom_ext_cli_string[] = "abc";
438 const char custom_ext_srv_string[] = "defg";
440 /* These set from cmdline */
441 char *serverinfo_file = NULL;
442 int serverinfo_sct = 0;
443 int serverinfo_tack = 0;
445 /* These set based on extension callbacks */
446 int serverinfo_sct_seen = 0;
447 int serverinfo_tack_seen = 0;
448 int serverinfo_other_seen = 0;
450 /* This set from cmdline */
453 /* This set based on extension callbacks */
454 int custom_ext_error = 0;
456 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
457 const unsigned char *in, size_t inlen,
460 if (ext_type == SCT_EXT_TYPE)
461 serverinfo_sct_seen++;
462 else if (ext_type == TACK_EXT_TYPE)
463 serverinfo_tack_seen++;
465 serverinfo_other_seen++;
469 static int verify_serverinfo()
471 if (serverinfo_sct != serverinfo_sct_seen)
473 if (serverinfo_tack != serverinfo_tack_seen)
475 if (serverinfo_other_seen)
481 * Four test cases for custom extensions:
482 * 0 - no ClientHello extension or ServerHello response
483 * 1 - ClientHello with "abc", no response
484 * 2 - ClientHello with "abc", empty response
485 * 3 - ClientHello with "abc", "defg" response
488 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
489 const unsigned char **out,
490 size_t *outlen, int *al, void *arg)
492 if (ext_type != CUSTOM_EXT_TYPE_0)
493 custom_ext_error = 1;
494 return 0; /* Don't send an extension */
497 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
498 const unsigned char *in,
499 size_t inlen, int *al, void *arg)
504 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
505 const unsigned char **out,
506 size_t *outlen, int *al, void *arg)
508 if (ext_type != CUSTOM_EXT_TYPE_1)
509 custom_ext_error = 1;
510 *out = (const unsigned char *)custom_ext_cli_string;
511 *outlen = strlen(custom_ext_cli_string);
512 return 1; /* Send "abc" */
515 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
516 const unsigned char *in,
517 size_t inlen, int *al, void *arg)
522 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
523 const unsigned char **out,
524 size_t *outlen, int *al, void *arg)
526 if (ext_type != CUSTOM_EXT_TYPE_2)
527 custom_ext_error = 1;
528 *out = (const unsigned char *)custom_ext_cli_string;
529 *outlen = strlen(custom_ext_cli_string);
530 return 1; /* Send "abc" */
533 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
534 const unsigned char *in,
535 size_t inlen, int *al, void *arg)
537 if (ext_type != CUSTOM_EXT_TYPE_2)
538 custom_ext_error = 1;
540 custom_ext_error = 1; /* Should be empty response */
544 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
545 const unsigned char **out,
546 size_t *outlen, int *al, void *arg)
548 if (ext_type != CUSTOM_EXT_TYPE_3)
549 custom_ext_error = 1;
550 *out = (const unsigned char *)custom_ext_cli_string;
551 *outlen = strlen(custom_ext_cli_string);
552 return 1; /* Send "abc" */
555 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
556 const unsigned char *in,
557 size_t inlen, int *al, void *arg)
559 if (ext_type != CUSTOM_EXT_TYPE_3)
560 custom_ext_error = 1;
561 if (inlen != strlen(custom_ext_srv_string))
562 custom_ext_error = 1;
563 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
564 custom_ext_error = 1; /* Check for "defg" */
569 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
572 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
573 const unsigned char *in,
574 size_t inlen, int *al, void *arg)
576 custom_ext_error = 1;
580 /* 'add' callbacks are only called if the 'parse' callback is called */
581 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
582 const unsigned char **out,
583 size_t *outlen, int *al, void *arg)
585 /* Error: should not have been called */
586 custom_ext_error = 1;
587 return 0; /* Don't send an extension */
590 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
591 const unsigned char *in,
592 size_t inlen, int *al, void *arg)
594 if (ext_type != CUSTOM_EXT_TYPE_1)
595 custom_ext_error = 1;
596 /* Check for "abc" */
597 if (inlen != strlen(custom_ext_cli_string))
598 custom_ext_error = 1;
599 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
600 custom_ext_error = 1;
604 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
605 const unsigned char **out,
606 size_t *outlen, int *al, void *arg)
608 return 0; /* Don't send an extension */
611 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
612 const unsigned char *in,
613 size_t inlen, int *al, void *arg)
615 if (ext_type != CUSTOM_EXT_TYPE_2)
616 custom_ext_error = 1;
617 /* Check for "abc" */
618 if (inlen != strlen(custom_ext_cli_string))
619 custom_ext_error = 1;
620 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
621 custom_ext_error = 1;
625 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
626 const unsigned char **out,
627 size_t *outlen, int *al, void *arg)
631 return 1; /* Send empty extension */
634 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
635 const unsigned char *in,
636 size_t inlen, int *al, void *arg)
638 if (ext_type != CUSTOM_EXT_TYPE_3)
639 custom_ext_error = 1;
640 /* Check for "abc" */
641 if (inlen != strlen(custom_ext_cli_string))
642 custom_ext_error = 1;
643 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
644 custom_ext_error = 1;
648 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
649 const unsigned char **out,
650 size_t *outlen, int *al, void *arg)
652 *out = (const unsigned char *)custom_ext_srv_string;
653 *outlen = strlen(custom_ext_srv_string);
654 return 1; /* Send "defg" */
657 static char *cipher = NULL;
658 static int verbose = 0;
659 static int debug = 0;
663 static int s_nbio = 0;
667 static const char rnd_seed[] =
668 "string to make the random number generator think it has entropy";
670 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
672 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
673 static int do_test_cipherlist(void);
674 static void sv_usage(void)
676 fprintf(stderr, "usage: ssltest [args ...]\n");
677 fprintf(stderr, "\n");
679 fprintf(stderr, "-F - run test in FIPS mode\n");
681 fprintf(stderr, " -server_auth - check server certificate\n");
682 fprintf(stderr, " -client_auth - do client authentication\n");
683 fprintf(stderr, " -proxy - allow proxy certificates\n");
684 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
686 " -proxy_cond <val> - expression to test proxy policy rights\n");
687 fprintf(stderr, " -v - more output\n");
688 fprintf(stderr, " -d - debug output\n");
689 fprintf(stderr, " -reuse - use session-id reuse\n");
690 fprintf(stderr, " -num <val> - number of connections to perform\n");
692 " -bytes <val> - number of bytes to swap between client/server\n");
693 #ifndef OPENSSL_NO_DH
695 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
697 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
699 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
700 fprintf(stderr, " -no_dhe - disable DHE\n");
702 #ifndef OPENSSL_NO_ECDH
703 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
705 #ifndef OPENSSL_NO_PSK
706 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
708 #ifndef OPENSSL_NO_SRP
709 fprintf(stderr, " -srpuser user - SRP username to use\n");
710 fprintf(stderr, " -srppass arg - password for 'user'\n");
712 #ifndef OPENSSL_NO_SSL2
713 fprintf(stderr, " -ssl2 - use SSLv2\n");
715 #ifndef OPENSSL_NO_SSL3_METHOD
716 fprintf(stderr, " -ssl3 - use SSLv3\n");
718 #ifndef OPENSSL_NO_TLS1
719 fprintf(stderr, " -tls1 - use TLSv1\n");
721 #ifndef OPENSSL_NO_DTLS
722 fprintf(stderr, " -dtls1 - use DTLSv1\n");
723 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
725 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
726 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
727 fprintf(stderr, " -cert arg - Server certificate file\n");
729 " -key arg - Server key file (default: same as -cert)\n");
730 fprintf(stderr, " -c_cert arg - Client certificate file\n");
732 " -c_key arg - Client key file (default: same as -c_cert)\n");
733 fprintf(stderr, " -cipher arg - The cipher list\n");
734 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
735 fprintf(stderr, " -f - Test even cases that can't work\n");
737 " -time - measure processor time used by client and server\n");
738 fprintf(stderr, " -zlib - use zlib compression\n");
739 fprintf(stderr, " -rle - use rle compression\n");
740 #ifndef OPENSSL_NO_ECDH
742 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
743 " Use \"openssl ecparam -list_curves\" for all names\n"
744 " (default is sect163r2).\n");
747 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
748 " When this option is requested, the cipherlist\n"
749 " tests are run instead of handshake tests.\n");
750 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
751 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
753 " -serverinfo_tack - have client offer and expect TACK\n");
755 " -custom_ext - try various custom extension callbacks\n");
756 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
757 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
759 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
762 static void print_details(SSL *c_ssl, const char *prefix)
764 const SSL_CIPHER *ciph;
767 ciph = SSL_get_current_cipher(c_ssl);
768 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
770 SSL_get_version(c_ssl),
771 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
772 cert = SSL_get_peer_certificate(c_ssl);
774 EVP_PKEY *pkey = X509_get_pubkey(cert);
777 #ifndef OPENSSL_NO_RSA
778 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
779 && pkey->pkey.rsa->n != NULL) {
780 BIO_printf(bio_stdout, ", %d bit RSA",
781 BN_num_bits(pkey->pkey.rsa->n));
784 #ifndef OPENSSL_NO_DSA
785 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
786 && pkey->pkey.dsa->p != NULL) {
787 BIO_printf(bio_stdout, ", %d bit DSA",
788 BN_num_bits(pkey->pkey.dsa->p));
796 * The SSL API does not allow us to look at temporary RSA/DH keys,
797 * otherwise we should print their lengths too
799 BIO_printf(bio_stdout, "\n");
802 static void lock_dbg_cb(int mode, int type, const char *file, int line)
804 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
805 const char *errstr = NULL;
808 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
809 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
810 errstr = "invalid mode";
814 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
815 errstr = "type out of bounds";
819 if (mode & CRYPTO_LOCK) {
821 errstr = "already locked";
823 * must not happen in a single-threaded program (would deadlock)
829 } else if (mode & CRYPTO_UNLOCK) {
831 errstr = "not locked";
835 if (modes[type] != rw) {
836 errstr = (rw == CRYPTO_READ) ?
837 "CRYPTO_r_unlock on write lock" :
838 "CRYPTO_w_unlock on read lock";
843 errstr = "invalid mode";
849 /* we cannot use bio_err here */
851 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
852 errstr, mode, type, file, line);
856 #ifdef TLSEXT_TYPE_opaque_prf_input
862 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
863 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
864 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
865 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
867 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
869 struct cb_info_st *arg = arg_;
874 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
880 int main(int argc, char *argv[])
882 char *CApath = NULL, *CAfile = NULL;
886 int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1;
888 int server_auth = 0, i;
889 struct app_verify_arg app_verify_arg =
890 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
891 char *server_cert = TEST_SERVER_CERT;
892 char *server_key = NULL;
893 char *client_cert = TEST_CLIENT_CERT;
894 char *client_key = NULL;
895 #ifndef OPENSSL_NO_ECDH
896 char *named_curve = NULL;
898 SSL_CTX *s_ctx = NULL;
899 SSL_CTX *c_ctx = NULL;
900 const SSL_METHOD *meth = NULL;
902 int number = 1, reuse = 0;
904 #ifndef OPENSSL_NO_DH
906 int dhe512 = 0, dhe1024dsa = 0;
908 #ifndef OPENSSL_NO_ECDH
911 #ifndef OPENSSL_NO_SRP
913 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
915 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
921 clock_t s_time = 0, c_time = 0;
922 #ifndef OPENSSL_NO_COMP
924 COMP_METHOD *cm = NULL;
925 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
927 int test_cipherlist = 0;
937 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
939 CRYPTO_set_locking_callback(lock_dbg_cb);
941 /* enable memory leak checking unless explicitly disabled */
942 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
943 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
944 CRYPTO_malloc_debug_init();
945 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
947 /* OPENSSL_DEBUG_MEMORY=off */
948 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
950 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
952 RAND_seed(rnd_seed, sizeof rnd_seed);
954 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
960 if (!strcmp(*argv, "-F")) {
965 "not compiled with FIPS support, so exiting without running.\n");
968 } else if (strcmp(*argv, "-server_auth") == 0)
970 else if (strcmp(*argv, "-client_auth") == 0)
972 else if (strcmp(*argv, "-proxy_auth") == 0) {
975 app_verify_arg.proxy_auth = *(++argv);
976 } else if (strcmp(*argv, "-proxy_cond") == 0) {
979 app_verify_arg.proxy_cond = *(++argv);
980 } else if (strcmp(*argv, "-v") == 0)
982 else if (strcmp(*argv, "-d") == 0)
984 else if (strcmp(*argv, "-reuse") == 0)
986 else if (strcmp(*argv, "-dhe512") == 0) {
987 #ifndef OPENSSL_NO_DH
991 "ignoring -dhe512, since I'm compiled without DH\n");
993 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
994 #ifndef OPENSSL_NO_DH
998 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
1000 } else if (strcmp(*argv, "-no_dhe") == 0)
1002 else if (strcmp(*argv, "-no_ecdhe") == 0)
1004 else if (strcmp(*argv, "-psk") == 0) {
1007 psk_key = *(++argv);
1008 #ifndef OPENSSL_NO_PSK
1009 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1010 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1017 #ifndef OPENSSL_NO_SRP
1018 else if (strcmp(*argv, "-srpuser") == 0) {
1021 srp_server_arg.expected_user = srp_client_arg.srplogin =
1024 } else if (strcmp(*argv, "-srppass") == 0) {
1027 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1031 else if (strcmp(*argv, "-ssl2") == 0) {
1032 #ifdef OPENSSL_NO_SSL2
1036 } else if (strcmp(*argv, "-tls1") == 0) {
1037 #ifdef OPENSSL_NO_TLS1
1041 } else if (strcmp(*argv, "-ssl3") == 0) {
1042 #ifdef OPENSSL_NO_SSL3_METHOD
1046 } else if (strcmp(*argv, "-dtls1") == 0) {
1047 #ifdef OPENSSL_NO_DTLS
1051 } else if (strcmp(*argv, "-dtls12") == 0) {
1052 #ifdef OPENSSL_NO_DTLS
1056 } else if (strncmp(*argv, "-num", 4) == 0) {
1059 number = atoi(*(++argv));
1062 } else if (strcmp(*argv, "-bytes") == 0) {
1065 bytes = atol(*(++argv));
1068 i = strlen(argv[0]);
1069 if (argv[0][i - 1] == 'k')
1071 if (argv[0][i - 1] == 'm')
1072 bytes *= 1024L * 1024L;
1073 } else if (strcmp(*argv, "-cert") == 0) {
1076 server_cert = *(++argv);
1077 } else if (strcmp(*argv, "-s_cert") == 0) {
1080 server_cert = *(++argv);
1081 } else if (strcmp(*argv, "-key") == 0) {
1084 server_key = *(++argv);
1085 } else if (strcmp(*argv, "-s_key") == 0) {
1088 server_key = *(++argv);
1089 } else if (strcmp(*argv, "-c_cert") == 0) {
1092 client_cert = *(++argv);
1093 } else if (strcmp(*argv, "-c_key") == 0) {
1096 client_key = *(++argv);
1097 } else if (strcmp(*argv, "-cipher") == 0) {
1101 } else if (strcmp(*argv, "-CApath") == 0) {
1105 } else if (strcmp(*argv, "-CAfile") == 0) {
1109 } else if (strcmp(*argv, "-bio_pair") == 0) {
1111 } else if (strcmp(*argv, "-f") == 0) {
1113 } else if (strcmp(*argv, "-time") == 0) {
1116 #ifndef OPENSSL_NO_COMP
1117 else if (strcmp(*argv, "-zlib") == 0) {
1119 } else if (strcmp(*argv, "-rle") == 0) {
1123 else if (strcmp(*argv, "-named_curve") == 0) {
1126 #ifndef OPENSSL_NO_ECDH
1127 named_curve = *(++argv);
1130 "ignoring -named_curve, since I'm compiled without ECDH\n");
1133 } else if (strcmp(*argv, "-app_verify") == 0) {
1134 app_verify_arg.app_verify = 1;
1135 } else if (strcmp(*argv, "-proxy") == 0) {
1136 app_verify_arg.allow_proxy_certs = 1;
1137 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1138 test_cipherlist = 1;
1139 } else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1141 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1142 serverinfo_tack = 1;
1143 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1146 serverinfo_file = *(++argv);
1147 } else if (strcmp(*argv, "-custom_ext") == 0) {
1149 } else if (strcmp(*argv, "-alpn_client") == 0) {
1152 alpn_client = *(++argv);
1153 } else if (strcmp(*argv, "-alpn_server") == 0) {
1156 alpn_server = *(++argv);
1157 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1160 alpn_expected = *(++argv);
1162 fprintf(stderr, "unknown option %s\n", *argv);
1176 * test_cipherlist prevails over protocol switch: we test the cipherlist
1177 * for all enabled protocols.
1179 if (test_cipherlist == 1) {
1181 * ensure that the cipher list are correctly sorted and exit
1183 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1184 "other options.\n");
1185 if (do_test_cipherlist() == 0)
1191 if (ssl2 + ssl3 + tls1 + dtls1 + dtls12 > 1) {
1192 fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -dtls1 or -dtls12 should "
1198 * Testing was requested for a compiled-out protocol (e.g. SSLv2).
1199 * Ideally, we would error out, but the generic test wrapper can't know
1200 * when to expect failure. So we do nothing and return success.
1203 fprintf(stderr, "Testing was requested for a disabled protocol. "
1204 "Skipping tests.\n");
1209 if (!ssl2 && !ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
1210 fprintf(stderr, "This case cannot work. Use -f to perform "
1211 "the test anyway (and\n-d to see what happens), "
1212 "or add one of ssl2, -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
1213 "to avoid protocol mismatch.\n");
1218 if (!FIPS_mode_set(1)) {
1219 ERR_load_crypto_strings();
1220 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
1223 fprintf(stderr, "*** IN FIPS MODE ***\n");
1229 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1232 if (number < 50 && !force)
1234 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1237 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1240 SSL_load_error_strings();
1242 #ifndef OPENSSL_NO_COMP
1243 if (comp == COMP_ZLIB)
1245 if (comp == COMP_RLE)
1248 if (cm->type != NID_undef) {
1249 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1250 fprintf(stderr, "Failed to add compression method\n");
1251 ERR_print_errors_fp(stderr);
1255 "Warning: %s compression not supported\n",
1256 (comp == COMP_RLE ? "rle" :
1257 (comp == COMP_ZLIB ? "zlib" : "unknown")));
1258 ERR_print_errors_fp(stderr);
1261 ssl_comp_methods = SSL_COMP_get_compression_methods();
1262 fprintf(stderr, "Available compression methods:\n");
1264 int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1266 fprintf(stderr, " NONE\n");
1268 for (j = 0; j < n; j++) {
1269 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1270 fprintf(stderr, " %d: %s\n", c->id, c->name);
1276 * At this point, ssl2/ssl3/tls1 is only set if the protocol is
1277 * available. (Otherwise we exit early.) However the compiler doesn't
1278 * know this, so we ifdef.
1280 #ifndef OPENSSL_NO_SSL2
1282 meth = SSLv2_method();
1285 #ifndef OPENSSL_NO_SSL3
1287 meth = SSLv3_method();
1290 #ifndef OPENSSL_NO_DTLS
1292 meth = DTLSv1_method();
1294 meth = DTLSv1_2_method();
1297 #ifndef OPENSSL_NO_TLS1
1299 meth = TLSv1_method();
1302 meth = SSLv23_method();
1304 c_ctx = SSL_CTX_new(meth);
1305 s_ctx = SSL_CTX_new(meth);
1306 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1307 ERR_print_errors(bio_err);
1311 if (cipher != NULL) {
1312 SSL_CTX_set_cipher_list(c_ctx, cipher);
1313 SSL_CTX_set_cipher_list(s_ctx, cipher);
1315 #ifndef OPENSSL_NO_DH
1319 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1321 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1322 dh = get_dh1024dsa();
1327 SSL_CTX_set_tmp_dh(s_ctx, dh);
1334 #ifndef OPENSSL_NO_ECDH
1338 if (named_curve != NULL) {
1339 nid = OBJ_sn2nid(named_curve);
1341 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1345 nid = NID_X9_62_prime256v1;
1348 ecdh = EC_KEY_new_by_curve_name(nid);
1350 BIO_printf(bio_err, "unable to create curve\n");
1354 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1355 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1362 #ifndef OPENSSL_NO_RSA
1363 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
1366 #ifdef TLSEXT_TYPE_opaque_prf_input
1367 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1368 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1369 /* or &co2 or NULL */
1370 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
1371 /* or &so2 or NULL */
1372 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
1375 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
1376 ERR_print_errors(bio_err);
1377 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1378 (server_key ? server_key :
1380 SSL_FILETYPE_PEM)) {
1381 ERR_print_errors(bio_err);
1386 SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM);
1387 SSL_CTX_use_PrivateKey_file(c_ctx,
1388 (client_key ? client_key : client_cert),
1392 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1393 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1394 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1395 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1396 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1397 ERR_print_errors(bio_err);
1402 BIO_printf(bio_err, "client authentication\n");
1403 SSL_CTX_set_verify(s_ctx,
1404 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1406 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1410 BIO_printf(bio_err, "server authentication\n");
1411 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1412 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1417 int session_id_context = 0;
1418 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1419 sizeof session_id_context);
1422 /* Use PSK only if PSK key is given */
1423 if (psk_key != NULL) {
1425 * no_psk is used to avoid putting psk command to openssl tool
1429 * if PSK is not compiled in and psk key is given, do nothing and
1435 #ifndef OPENSSL_NO_PSK
1436 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1437 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1439 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1440 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1441 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1442 ERR_print_errors(bio_err);
1447 #ifndef OPENSSL_NO_SRP
1448 if (srp_client_arg.srplogin) {
1449 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1450 BIO_printf(bio_err, "Unable to set SRP username\n");
1453 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1454 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1455 ssl_give_srp_client_pwd_cb);
1457 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1461 if (srp_server_arg.expected_user != NULL) {
1462 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1463 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1464 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1469 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1471 serverinfo_cli_parse_cb, NULL);
1472 if (serverinfo_tack)
1473 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1475 serverinfo_cli_parse_cb, NULL);
1477 if (serverinfo_file)
1478 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1479 BIO_printf(bio_err, "missing serverinfo file\n");
1484 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1485 custom_ext_0_cli_add_cb,
1487 custom_ext_0_cli_parse_cb, NULL);
1488 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1489 custom_ext_1_cli_add_cb,
1491 custom_ext_1_cli_parse_cb, NULL);
1492 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1493 custom_ext_2_cli_add_cb,
1495 custom_ext_2_cli_parse_cb, NULL);
1496 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1497 custom_ext_3_cli_add_cb,
1499 custom_ext_3_cli_parse_cb, NULL);
1501 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1502 custom_ext_0_srv_add_cb,
1504 custom_ext_0_srv_parse_cb, NULL);
1505 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1506 custom_ext_1_srv_add_cb,
1508 custom_ext_1_srv_parse_cb, NULL);
1509 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1510 custom_ext_2_srv_add_cb,
1512 custom_ext_2_srv_parse_cb, NULL);
1513 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1514 custom_ext_3_srv_add_cb,
1516 custom_ext_3_srv_parse_cb, NULL);
1520 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1523 unsigned short alpn_len;
1524 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1527 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1530 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1534 c_ssl = SSL_new(c_ctx);
1535 s_ssl = SSL_new(s_ctx);
1537 #ifndef OPENSSL_NO_KRB5
1538 if (c_ssl && c_ssl->kssl_ctx) {
1539 char localhost[MAXHOSTNAMELEN + 2];
1541 if (gethostname(localhost, sizeof localhost - 1) == 0) {
1542 localhost[sizeof localhost - 1] = '\0';
1543 if (strlen(localhost) == sizeof localhost - 1) {
1544 BIO_printf(bio_err, "localhost name too long\n");
1547 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost);
1550 #endif /* OPENSSL_NO_KRB5 */
1552 for (i = 0; i < number; i++) {
1554 SSL_set_session(c_ssl, NULL);
1556 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1558 ret = doit(s_ssl, c_ssl, bytes);
1562 print_details(c_ssl, "");
1564 if ((number > 1) || (bytes > 1L))
1565 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number,
1568 #ifdef CLOCKS_PER_SEC
1570 * "To determine the time in seconds, the value returned by the clock
1571 * function should be divided by the value of the macro
1572 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1574 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1575 "Approximate total client time: %6.2f s\n",
1576 (double)s_time / CLOCKS_PER_SEC,
1577 (double)c_time / CLOCKS_PER_SEC);
1580 * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on
1583 BIO_printf(bio_stdout,
1584 "Approximate total server time: %6.2f units\n"
1585 "Approximate total client time: %6.2f units\n",
1586 (double)s_time, (double)c_time);
1595 SSL_CTX_free(s_ctx);
1597 SSL_CTX_free(c_ctx);
1599 if (bio_stdout != NULL)
1600 BIO_free(bio_stdout);
1602 #ifndef OPENSSL_NO_RSA
1605 #ifndef OPENSSL_NO_ENGINE
1608 CRYPTO_cleanup_all_ex_data();
1610 ERR_remove_thread_state(NULL);
1612 CRYPTO_mem_leaks(bio_err);
1613 if (bio_err != NULL)
1619 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1620 clock_t *s_time, clock_t *c_time)
1622 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1623 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1624 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1627 size_t bufsiz = 256; /* small buffer for testing */
1629 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1631 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1634 s_ssl_bio = BIO_new(BIO_f_ssl());
1638 c_ssl_bio = BIO_new(BIO_f_ssl());
1642 SSL_set_connect_state(c_ssl);
1643 SSL_set_bio(c_ssl, client, client);
1644 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1646 SSL_set_accept_state(s_ssl);
1647 SSL_set_bio(s_ssl, server, server);
1648 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1652 * c_ssl_bio: SSL filter BIO
1654 * client: pseudo-I/O for SSL library
1656 * client_io: client's SSL communication; usually to be
1657 * relayed over some I/O facility, but in this
1658 * test program, we're the server, too:
1660 * server_io: server's SSL communication
1662 * server: pseudo-I/O for SSL library
1664 * s_ssl_bio: SSL filter BIO
1666 * The client and the server each employ a "BIO pair":
1667 * client + client_io, server + server_io.
1668 * BIO pairs are symmetric. A BIO pair behaves similar
1669 * to a non-blocking socketpair (but both endpoints must
1670 * be handled by the same thread).
1671 * [Here we could connect client and server to the ends
1672 * of a single BIO pair, but then this code would be less
1673 * suitable as an example for BIO pairs in general.]
1675 * Useful functions for querying the state of BIO pair endpoints:
1677 * BIO_ctrl_pending(bio) number of bytes we can read now
1678 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1679 * other side's read attempt
1680 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1682 * ..._read_request is never more than ..._write_guarantee;
1683 * it depends on the application which one you should use.
1687 * We have non-blocking behaviour throughout this test program, but
1688 * can be sure that there is *some* progress in each iteration; so we
1689 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1690 * we just try everything in each iteration
1696 MS_STATIC char cbuf[1024 * 8];
1698 clock_t c_clock = clock();
1700 memset(cbuf, 0, sizeof(cbuf));
1703 if (SSL_in_init(c_ssl))
1704 printf("client waiting in SSL_connect - %s\n",
1705 SSL_state_string_long(c_ssl));
1708 /* Write to server. */
1710 if (cw_num > (long)sizeof cbuf)
1714 r = BIO_write(c_ssl_bio, cbuf, i);
1716 if (!BIO_should_retry(c_ssl_bio)) {
1717 fprintf(stderr, "ERROR in CLIENT\n");
1721 * BIO_should_retry(...) can just be ignored here. The
1722 * library expects us to call BIO_write with the same
1723 * arguments again, and that's what we will do in the
1726 } else if (r == 0) {
1727 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1731 printf("client wrote %d\n", r);
1737 /* Read from server. */
1739 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1741 if (!BIO_should_retry(c_ssl_bio)) {
1742 fprintf(stderr, "ERROR in CLIENT\n");
1746 * Again, "BIO_should_retry" can be ignored.
1748 } else if (r == 0) {
1749 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1753 printf("client read %d\n", r);
1759 * c_time and s_time increments will typically be very small
1760 * (depending on machine speed and clock tick intervals), but
1761 * sampling over a large number of connections should result in
1762 * fairly accurate figures. We cannot guarantee a lot, however
1763 * -- if each connection lasts for exactly one clock tick, it
1764 * will be counted only for the client or only for the server or
1767 *c_time += (clock() - c_clock);
1773 MS_STATIC char sbuf[1024 * 8];
1775 clock_t s_clock = clock();
1777 memset(sbuf, 0, sizeof(sbuf));
1780 if (SSL_in_init(s_ssl))
1781 printf("server waiting in SSL_accept - %s\n",
1782 SSL_state_string_long(s_ssl));
1785 /* Write to client. */
1787 if (sw_num > (long)sizeof sbuf)
1791 r = BIO_write(s_ssl_bio, sbuf, i);
1793 if (!BIO_should_retry(s_ssl_bio)) {
1794 fprintf(stderr, "ERROR in SERVER\n");
1797 /* Ignore "BIO_should_retry". */
1798 } else if (r == 0) {
1799 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1803 printf("server wrote %d\n", r);
1809 /* Read from client. */
1811 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
1813 if (!BIO_should_retry(s_ssl_bio)) {
1814 fprintf(stderr, "ERROR in SERVER\n");
1818 } else if (r == 0) {
1819 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1823 printf("server read %d\n", r);
1828 *s_time += (clock() - s_clock);
1832 /* "I/O" BETWEEN CLIENT AND SERVER. */
1835 BIO *io1 = server_io, *io2 = client_io;
1837 * we use the non-copying interface for io1 and the standard
1838 * BIO_write/BIO_read interface for io2
1841 static int prev_progress = 1;
1849 r1 = BIO_ctrl_pending(io1);
1850 r2 = BIO_ctrl_get_write_guarantee(io2);
1858 if (INT_MAX < num) /* yeah, right */
1861 r = BIO_nread(io1, &dataptr, (int)num);
1863 assert(r <= (int)num);
1865 * possibly r < num (non-contiguous data)
1868 r = BIO_write(io2, dataptr, (int)num);
1869 if (r != (int)num) { /* can't happen */
1870 fprintf(stderr, "ERROR: BIO_write could not write "
1871 "BIO_ctrl_get_write_guarantee() bytes");
1877 printf((io1 == client_io) ?
1878 "C->S relaying: %d bytes\n" :
1879 "S->C relaying: %d bytes\n", (int)num);
1889 r1 = BIO_ctrl_pending(io2);
1890 r2 = BIO_ctrl_get_read_request(io1);
1892 * here we could use ..._get_write_guarantee instead of
1893 * ..._get_read_request, but by using the latter we test
1894 * restartability of the SSL implementation more thoroughly
1906 --num; /* test restartability even more thoroughly */
1908 r = BIO_nwrite0(io1, &dataptr);
1912 r = BIO_read(io2, dataptr, (int)num);
1913 if (r != (int)num) { /* can't happen */
1914 fprintf(stderr, "ERROR: BIO_read could not read "
1915 "BIO_ctrl_pending() bytes");
1919 r = BIO_nwrite(io1, &dataptr, (int)num);
1920 if (r != (int)num) { /* can't happen */
1921 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
1922 "BIO_nwrite0() bytes");
1927 printf((io2 == client_io) ?
1928 "C->S relaying: %d bytes\n" :
1929 "S->C relaying: %d bytes\n", (int)num);
1931 } /* no loop, BIO_ctrl_get_read_request now
1932 * returns 0 anyway */
1934 if (!progress && !prev_progress)
1935 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
1936 fprintf(stderr, "ERROR: got stuck\n");
1937 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) {
1938 fprintf(stderr, "This can happen for SSL2 because "
1939 "CLIENT-FINISHED and SERVER-VERIFY are written \n"
1940 "concurrently ...");
1941 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
1942 && strncmp("2SSV", SSL_state_string(s_ssl),
1944 fprintf(stderr, " ok.\n");
1948 fprintf(stderr, " ERROR.\n");
1951 prev_progress = progress;
1954 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
1957 print_details(c_ssl, "DONE via BIO pair: ");
1959 if (verify_serverinfo() < 0) {
1963 if (verify_alpn(c_ssl, s_ssl) < 0) {
1968 if (custom_ext_error) {
1977 ERR_print_errors(bio_err);
1982 BIO_free(server_io);
1986 BIO_free(client_io);
1988 BIO_free(s_ssl_bio);
1990 BIO_free(c_ssl_bio);
2000 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2002 char *cbuf = NULL, *sbuf = NULL;
2004 long cw_num = count, cr_num = count;
2005 long sw_num = count, sr_num = count;
2011 int c_r, c_w, s_r, s_w;
2014 int c_write, s_write;
2015 int do_server = 0, do_client = 0;
2016 int max_frag = 5 * 1024;
2018 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2020 if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
2022 if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
2025 memset(cbuf, 0, bufsiz);
2026 memset(sbuf, 0, bufsiz);
2028 c_to_s = BIO_new(BIO_s_mem());
2029 s_to_c = BIO_new(BIO_s_mem());
2030 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2031 ERR_print_errors(bio_err);
2035 c_bio = BIO_new(BIO_f_ssl());
2036 s_bio = BIO_new(BIO_f_ssl());
2037 if ((c_bio == NULL) || (s_bio == NULL)) {
2038 ERR_print_errors(bio_err);
2042 SSL_set_connect_state(c_ssl);
2043 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2044 SSL_set_max_send_fragment(c_ssl, max_frag);
2045 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2047 SSL_set_accept_state(s_ssl);
2048 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2049 SSL_set_max_send_fragment(s_ssl, max_frag);
2050 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2056 c_write = 1, s_write = 0;
2058 /* We can always do writes */
2063 i = (int)BIO_pending(s_bio);
2064 if ((i && s_r) || s_w)
2067 i = (int)BIO_pending(c_bio);
2068 if ((i && c_r) || c_w)
2071 if (do_server && debug) {
2072 if (SSL_in_init(s_ssl))
2073 printf("server waiting in SSL_accept - %s\n",
2074 SSL_state_string_long(s_ssl));
2077 printf("server:SSL_write()\n");
2079 printf("server:SSL_read()\n"); */
2082 if (do_client && debug) {
2083 if (SSL_in_init(c_ssl))
2084 printf("client waiting in SSL_connect - %s\n",
2085 SSL_state_string_long(c_ssl));
2088 printf("client:SSL_write()\n");
2090 printf("client:SSL_read()\n"); */
2093 if (!do_client && !do_server) {
2094 fprintf(stdout, "ERROR IN STARTUP\n");
2095 ERR_print_errors(bio_err);
2098 if (do_client && !(done & C_DONE)) {
2100 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2101 i = BIO_write(c_bio, cbuf, j);
2105 if (BIO_should_retry(c_bio)) {
2106 if (BIO_should_read(c_bio))
2108 if (BIO_should_write(c_bio))
2111 fprintf(stderr, "ERROR in CLIENT\n");
2112 ERR_print_errors(bio_err);
2115 } else if (i == 0) {
2116 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2120 printf("client wrote %d\n", i);
2125 if (max_frag > 1029)
2126 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2129 i = BIO_read(c_bio, cbuf, bufsiz);
2133 if (BIO_should_retry(c_bio)) {
2134 if (BIO_should_read(c_bio))
2136 if (BIO_should_write(c_bio))
2139 fprintf(stderr, "ERROR in CLIENT\n");
2140 ERR_print_errors(bio_err);
2143 } else if (i == 0) {
2144 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2148 printf("client read %d\n", i);
2157 done = S_DONE | C_DONE;
2163 if (do_server && !(done & S_DONE)) {
2165 i = BIO_read(s_bio, sbuf, bufsiz);
2169 if (BIO_should_retry(s_bio)) {
2170 if (BIO_should_read(s_bio))
2172 if (BIO_should_write(s_bio))
2175 fprintf(stderr, "ERROR in SERVER\n");
2176 ERR_print_errors(bio_err);
2179 } else if (i == 0) {
2180 ERR_print_errors(bio_err);
2182 "SSL SERVER STARTUP FAILED in SSL_read\n");
2186 printf("server read %d\n", i);
2199 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2200 i = BIO_write(s_bio, sbuf, j);
2204 if (BIO_should_retry(s_bio)) {
2205 if (BIO_should_read(s_bio))
2207 if (BIO_should_write(s_bio))
2210 fprintf(stderr, "ERROR in SERVER\n");
2211 ERR_print_errors(bio_err);
2214 } else if (i == 0) {
2215 ERR_print_errors(bio_err);
2217 "SSL SERVER STARTUP FAILED in SSL_write\n");
2221 printf("server wrote %d\n", i);
2227 if (max_frag > 1029)
2228 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2233 if ((done & S_DONE) && (done & C_DONE))
2238 print_details(c_ssl, "DONE: ");
2239 if (verify_serverinfo() < 0) {
2243 if (custom_ext_error) {
2250 * We have to set the BIO's to NULL otherwise they will be
2251 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2252 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2253 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2254 * SSL_free() automatically BIO_free non NULL entries. You should not
2255 * normally do this or be required to do this
2257 if (s_ssl != NULL) {
2261 if (c_ssl != NULL) {
2271 BIO_free_all(c_bio);
2273 BIO_free_all(s_bio);
2283 static int get_proxy_auth_ex_data_idx(void)
2285 static volatile int idx = -1;
2287 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2289 idx = X509_STORE_CTX_get_ex_new_index(0,
2290 "SSLtest for verify callback",
2293 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2298 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2302 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2306 fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
2308 fprintf(stderr, "depth=%d error=%d %s\n",
2309 ctx->error_depth, ctx->error, buf);
2314 fprintf(stderr, "Error string: %s\n",
2315 X509_verify_cert_error_string(ctx->error));
2316 switch (ctx->error) {
2317 case X509_V_ERR_CERT_NOT_YET_VALID:
2318 case X509_V_ERR_CERT_HAS_EXPIRED:
2319 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2320 fprintf(stderr, " ... ignored.\n");
2326 X509 *xs = ctx->current_cert;
2328 X509 *xi = ctx->current_issuer;
2331 if (xs->ex_flags & EXFLAG_PROXY) {
2332 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2333 get_proxy_auth_ex_data_idx
2339 PROXY_CERT_INFO_EXTENSION *pci =
2340 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2343 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2344 case NID_Independent:
2346 * Completely meaningless in this program, as there's no
2347 * way to grant explicit rights to a specific PrC.
2348 * Basically, using id-ppl-Independent is the perfect way
2349 * to grant no rights at all.
2351 fprintf(stderr, " Independent proxy certificate");
2352 for (i = 0; i < 26; i++)
2355 case NID_id_ppl_inheritAll:
2357 * This is basically a NOP, we simply let the current
2358 * rights stand as they are.
2360 fprintf(stderr, " Proxy certificate inherits all");
2364 pci->proxyPolicy->policy->data;
2365 i = pci->proxyPolicy->policy->length;
2368 * The algorithm works as follows: it is assumed that
2369 * previous iterations or the initial granted rights has
2370 * already set some elements of `letters'. What we need
2371 * to do is to clear those that weren't granted by the
2372 * current PrC as well. The easiest way to do this is to
2373 * add 1 to all the elements whose letters are given with
2374 * the current policy. That way, all elements that are
2375 * set by the current policy and were already set by
2376 * earlier policies and through the original grant of
2377 * rights will get the value 2 or higher. The last thing
2378 * to do is to sweep through `letters' and keep the
2379 * elements having the value 2 as set, and clear all the
2383 fprintf(stderr, " Certificate proxy rights = %*.*s", i,
2387 if (isascii(c) && isalpha(c)) {
2393 for (i = 0; i < 26; i++)
2401 fprintf(stderr, ", resulting proxy rights = ");
2402 for (i = 0; i < 26; i++)
2404 fprintf(stderr, "%c", i + 'A');
2408 fprintf(stderr, "none");
2409 fprintf(stderr, "\n");
2411 PROXY_CERT_INFO_EXTENSION_free(pci);
2419 static void process_proxy_debug(int indent, const char *format, ...)
2422 static const char indentation[] =
2423 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2424 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2425 char my_format[256];
2428 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2429 indent, indent, indentation, format);
2431 va_start(args, format);
2432 vfprintf(stderr, my_format, args);
2442 static int process_proxy_cond_adders(unsigned int letters[26],
2443 const char *cond, const char **cond_end,
2444 int *pos, int indent);
2445 static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2446 const char **cond_end, int *pos, int indent)
2452 while (isspace((int)*cond)) {
2459 process_proxy_debug(indent,
2460 "Start process_proxy_cond_val at position %d: %s\n",
2467 while (isspace((int)*cond)) {
2477 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2482 while (isspace((int)*cond)) {
2489 "Weird condition character in position %d: "
2496 } else if (isascii(c) && isalpha(c)) {
2499 ok = letters[c - 'A'];
2504 "Weird condition character in position %d: " "%c\n", *pos, c);
2510 if (ok >= 0 && negate)
2514 process_proxy_debug(indent,
2515 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2521 static int process_proxy_cond_multipliers(unsigned int letters[26],
2523 const char **cond_end, int *pos,
2530 process_proxy_debug(indent,
2531 "Start process_proxy_cond_multipliers at position %d: %s\n",
2534 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2540 while (isspace((int)*cond)) {
2554 ok = process_proxy_cond_val(letters,
2555 cond, cond_end, pos, indent + 1);
2568 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2580 process_proxy_debug(indent,
2581 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2588 static int process_proxy_cond_adders(unsigned int letters[26],
2589 const char *cond, const char **cond_end,
2590 int *pos, int indent)
2596 process_proxy_debug(indent,
2597 "Start process_proxy_cond_adders at position %d: %s\n",
2600 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2607 while (isspace((int)*cond)) {
2620 ok = process_proxy_cond_multipliers(letters,
2621 cond, cond_end, pos,
2632 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2644 process_proxy_debug(indent,
2645 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2652 static int process_proxy_cond(unsigned int letters[26],
2653 const char *cond, const char **cond_end)
2656 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2659 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2662 struct app_verify_arg *cb_arg = arg;
2663 unsigned int letters[26]; /* only used with proxy_auth */
2665 if (cb_arg->app_verify) {
2666 char *s = NULL, buf[256];
2668 fprintf(stderr, "In app_verify_callback, allowing cert. ");
2669 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
2671 "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2672 (void *)ctx, (void *)ctx->cert);
2674 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
2676 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
2680 if (cb_arg->proxy_auth) {
2681 int found_any = 0, i;
2684 for (i = 0; i < 26; i++)
2686 for (sp = cb_arg->proxy_auth; *sp; sp++) {
2688 if (isascii(c) && isalpha(c)) {
2691 letters[c - 'A'] = 1;
2695 fprintf(stderr, " Initial proxy rights = ");
2696 for (i = 0; i < 26; i++)
2698 fprintf(stderr, "%c", i + 'A');
2702 fprintf(stderr, "none");
2703 fprintf(stderr, "\n");
2705 X509_STORE_CTX_set_ex_data(ctx,
2706 get_proxy_auth_ex_data_idx(), letters);
2708 if (cb_arg->allow_proxy_certs) {
2709 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2711 #ifndef OPENSSL_NO_X509_VERIFY
2712 ok = X509_verify_cert(ctx);
2715 if (cb_arg->proxy_auth) {
2717 const char *cond_end = NULL;
2719 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
2725 "Stopped processing condition before it's end.\n");
2730 "Proxy rights check with condition '%s' proved invalid\n",
2731 cb_arg->proxy_cond);
2734 "Proxy rights check with condition '%s' proved valid\n",
2735 cb_arg->proxy_cond);
2741 #ifndef OPENSSL_NO_RSA
2742 static RSA *rsa_tmp = NULL;
2744 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2747 if (rsa_tmp == NULL) {
2749 rsa_tmp = RSA_new();
2750 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
2751 BIO_printf(bio_err, "Memory error...");
2754 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength);
2755 (void)BIO_flush(bio_err);
2756 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2757 BIO_printf(bio_err, "Error generating key.");
2762 BIO_printf(bio_err, "\n");
2763 (void)BIO_flush(bio_err);
2770 static void free_tmp_rsa(void)
2772 if (rsa_tmp != NULL) {
2779 #ifndef OPENSSL_NO_DH
2781 * These DH parameters have been generated as follows:
2782 * $ openssl dhparam -C -noout 512
2783 * $ openssl dhparam -C -noout 1024
2784 * $ openssl dhparam -C -noout -dsaparam 1024
2785 * (The third function has been renamed to avoid name conflicts.)
2787 static DH *get_dh512()
2789 static unsigned char dh512_p[] = {
2790 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2792 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2794 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2796 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2798 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2800 0x02, 0xC5, 0xAE, 0x23,
2802 static unsigned char dh512_g[] = {
2807 if ((dh = DH_new()) == NULL)
2809 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2810 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2811 if ((dh->p == NULL) || (dh->g == NULL)) {
2818 static DH *get_dh1024()
2820 static unsigned char dh1024_p[] = {
2821 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
2823 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
2825 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
2827 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
2829 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
2831 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
2833 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
2835 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
2837 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
2839 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
2841 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
2843 static unsigned char dh1024_g[] = {
2848 if ((dh = DH_new()) == NULL)
2850 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2851 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2852 if ((dh->p == NULL) || (dh->g == NULL)) {
2859 static DH *get_dh1024dsa()
2861 static unsigned char dh1024_p[] = {
2862 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
2864 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
2866 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
2868 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
2870 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
2872 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
2874 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
2876 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
2878 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
2880 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
2882 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
2884 static unsigned char dh1024_g[] = {
2885 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
2887 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
2889 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
2891 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
2893 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
2895 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
2897 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
2899 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
2901 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
2903 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
2905 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
2909 if ((dh = DH_new()) == NULL)
2911 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2912 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2913 if ((dh->p == NULL) || (dh->g == NULL)) {
2922 #ifndef OPENSSL_NO_PSK
2923 /* convert the PSK key (psk_key) in ascii to binary (psk) */
2924 static int psk_key2bn(const char *pskkey, unsigned char *psk,
2925 unsigned int max_psk_len)
2930 ret = BN_hex2bn(&bn, pskkey);
2932 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
2938 if (BN_num_bytes(bn) > (int)max_psk_len) {
2940 "psk buffer of callback is too small (%d) for key (%d)\n",
2941 max_psk_len, BN_num_bytes(bn));
2945 ret = BN_bn2bin(bn, psk);
2950 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
2952 unsigned int max_identity_len,
2954 unsigned int max_psk_len)
2957 unsigned int psk_len = 0;
2959 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
2963 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
2965 ret = psk_key2bn(psk_key, psk, max_psk_len);
2973 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
2975 unsigned int max_psk_len)
2977 unsigned int psk_len = 0;
2979 if (strcmp(identity, "Client_identity") != 0) {
2980 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
2983 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
2988 static int do_test_cipherlist(void)
2991 const SSL_METHOD *meth;
2992 const SSL_CIPHER *ci, *tci = NULL;
2994 #ifndef OPENSSL_NO_SSL2
2995 fprintf(stderr, "testing SSLv2 cipher list order: ");
2996 meth = SSLv2_method();
2997 while ((ci = meth->get_cipher(i++)) != NULL) {
2999 if (ci->id >= tci->id) {
3000 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3005 fprintf(stderr, "ok\n");
3007 #ifndef OPENSSL_NO_SSL3
3008 fprintf(stderr, "testing SSLv3 cipher list order: ");
3009 meth = SSLv3_method();
3011 while ((ci = meth->get_cipher(i++)) != NULL) {
3013 if (ci->id >= tci->id) {
3014 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3019 fprintf(stderr, "ok\n");
3021 #ifndef OPENSSL_NO_TLS1
3022 fprintf(stderr, "testing TLSv1 cipher list order: ");
3023 meth = TLSv1_method();
3025 while ((ci = meth->get_cipher(i++)) != NULL) {
3027 if (ci->id >= tci->id) {
3028 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3033 fprintf(stderr, "ok\n");