2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
143 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
144 #define _BSD_SOURCE 1
157 #ifdef OPENSSL_SYS_VMS
158 /* Or isascii won't be declared properly on VMS (at least with DECompHP C). */
159 #define _XOPEN_SOURCE 500
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
184 #ifndef OPENSSL_NO_SRP
185 #include <openssl/srp.h>
187 #include <openssl/bn.h>
190 * Or gethostname won't be declared properly
191 * on Compaq platforms (at least with DEC C).
192 * Do not try to put it earlier, or IPv6 includes
195 #define _XOPEN_SOURCE_EXTENDED 1
197 #ifdef OPENSSL_SYS_WINDOWS
200 #include OPENSSL_UNISTD
203 #ifdef OPENSSL_SYS_VMS
204 # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
205 # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
206 #elif defined(OPENSSL_SYS_WINCE)
207 # define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
208 # define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
209 #elif defined(OPENSSL_SYS_NETWARE)
210 # define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
211 # define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
213 # define TEST_SERVER_CERT "../apps/server.pem"
214 # define TEST_CLIENT_CERT "../apps/client.pem"
217 /* There is really no standard for this, so let's assign some tentative
218 numbers. In any case, these numbers are only for this test */
222 static int verify_callback(int ok, X509_STORE_CTX *ctx);
223 #ifndef OPENSSL_NO_RSA
224 static RSA *tmp_rsa_cb(SSL *s, int is_export,int keylength);
225 static void free_tmp_rsa(void);
227 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
228 #define APP_CALLBACK_STRING "Test Callback Argument"
229 struct app_verify_arg
233 int allow_proxy_certs;
238 #ifndef OPENSSL_NO_DH
239 static DH *get_dh512(void);
240 static DH *get_dh1024(void);
241 static DH *get_dh1024dsa(void);
245 static char *psk_key=NULL; /* by default PSK is not used */
246 #ifndef OPENSSL_NO_PSK
247 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
248 unsigned int max_identity_len, unsigned char *psk,
249 unsigned int max_psk_len);
250 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
251 unsigned int max_psk_len);
254 #ifndef OPENSSL_NO_SRP
256 /* This is a context that we pass to all callbacks */
257 typedef struct srp_client_arg_st
263 #define PWD_STRLEN 1024
265 static char * ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
267 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
268 return BUF_strdup((char *)srp_client_arg->srppassin);
272 /* This is a context that we pass to SRP server callbacks */
273 typedef struct srp_server_arg_st
279 static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
281 SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
283 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
285 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
286 return SSL3_AL_FATAL;
288 if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
290 *ad = SSL_AD_INTERNAL_ERROR;
291 return SSL3_AL_FATAL;
293 return SSL_ERROR_NONE;
297 static BIO *bio_err=NULL;
298 static BIO *bio_stdout=NULL;
300 #ifndef OPENSSL_NO_NEXTPROTONEG
301 /* Note that this code assumes that this is only a one element list: */
302 static const char NEXT_PROTO_STRING[] = "\x09testproto";
305 int npn_server_reject = 0;
307 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
309 /* This callback only returns the protocol string, rather than a length
310 prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
311 remove the first byte to chop off the length prefix. */
312 *out = (unsigned char*) NEXT_PROTO_STRING + 1;
313 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
314 return SSL_TLSEXT_ERR_OK;
317 static int cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
319 *data = (const unsigned char *) NEXT_PROTO_STRING;
320 *len = sizeof(NEXT_PROTO_STRING) - 1;
321 return SSL_TLSEXT_ERR_OK;
324 static int cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
326 return SSL_TLSEXT_ERR_NOACK;
329 static int verify_npn(SSL *client, SSL *server)
331 const unsigned char *client_s;
333 const unsigned char *server_s;
336 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
337 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
341 BIO_printf(bio_stdout, "Client NPN: ");
342 BIO_write(bio_stdout, client_s, client_len);
343 BIO_printf(bio_stdout, "\n");
348 BIO_printf(bio_stdout, "Server NPN: ");
349 BIO_write(bio_stdout, server_s, server_len);
350 BIO_printf(bio_stdout, "\n");
353 /* If an NPN string was returned, it must be the protocol that we
354 * expected to negotiate. */
355 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
356 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
358 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
359 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
362 if (!npn_client && client_len)
364 if (!npn_server && server_len)
366 if (npn_server_reject && server_len)
368 if (npn_client && npn_server && (!client_len || !server_len))
375 static const char *alpn_client;
376 static const char *alpn_server;
377 static const char *alpn_expected;
378 static unsigned char *alpn_selected;
381 * next_protos_parse parses a comma separated list of strings into a string
382 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
383 * outlen: (output) set to the length of the resulting buffer on success.
384 * err: (maybe NULL) on failure, an error message line is written to this BIO.
385 * in: a NUL terminated string like "abc,def,ghi"
387 * returns: a malloced buffer or NULL on failure.
389 static unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
399 out = OPENSSL_malloc(strlen(in) + 1);
403 for (i = 0; i <= len; ++i)
405 if (i == len || in[i] == ',')
412 out[start] = i - start;
423 static int cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
425 unsigned char *protos;
426 unsigned short protos_len;
428 protos = next_protos_parse(&protos_len, alpn_server);
431 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", alpn_server);
435 if (SSL_select_next_proto((unsigned char**) out, outlen, protos, protos_len, in, inlen) !=
436 OPENSSL_NPN_NEGOTIATED)
438 OPENSSL_free(protos);
439 return SSL_TLSEXT_ERR_NOACK;
442 /* Make a copy of the selected protocol which will be freed in verify_alpn. */
443 alpn_selected = OPENSSL_malloc(*outlen);
444 memcpy(alpn_selected, *out, *outlen);
445 *out = alpn_selected;
447 OPENSSL_free(protos);
448 return SSL_TLSEXT_ERR_OK;
451 static int verify_alpn(SSL *client, SSL *server)
453 const unsigned char *client_proto, *server_proto;
454 unsigned int client_proto_len = 0, server_proto_len = 0;
455 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
456 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
458 if (alpn_selected != NULL)
460 OPENSSL_free(alpn_selected);
461 alpn_selected = NULL;
464 if (client_proto_len != server_proto_len ||
465 memcmp(client_proto, server_proto, client_proto_len) != 0)
467 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
471 if (client_proto_len > 0 && alpn_expected == NULL)
473 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
477 if (alpn_expected != NULL &&
478 (client_proto_len != strlen(alpn_expected) ||
479 memcmp(client_proto, alpn_expected, client_proto_len) != 0))
481 BIO_printf(bio_stdout, "ALPN selected protocols not equal to expected protocol: %s\n", alpn_expected);
488 BIO_printf(bio_stdout, "ALPN results: client: '");
489 BIO_write(bio_stdout, client_proto, client_proto_len);
490 BIO_printf(bio_stdout, "', server: '");
491 BIO_write(bio_stdout, server_proto, server_proto_len);
492 BIO_printf(bio_stdout, "'\n");
493 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", alpn_client, alpn_server);
497 #define SCT_EXT_TYPE 18
499 /* WARNING : below extension types are *NOT* IETF assigned, and
500 could conflict if these types are reassigned and handled
501 specially by OpenSSL in the future */
502 #define TACK_EXT_TYPE 62208
503 #define CUSTOM_EXT_TYPE_0 1000
504 #define CUSTOM_EXT_TYPE_1 1001
505 #define CUSTOM_EXT_TYPE_2 1002
506 #define CUSTOM_EXT_TYPE_3 1003
508 const char custom_ext_cli_string[] = "abc";
509 const char custom_ext_srv_string[] = "defg";
511 /* These set from cmdline */
512 char* serverinfo_file = NULL;
513 int serverinfo_sct = 0;
514 int serverinfo_tack = 0;
516 /* These set based on extension callbacks */
517 int serverinfo_sct_seen = 0;
518 int serverinfo_tack_seen = 0;
519 int serverinfo_other_seen = 0;
521 /* This set from cmdline */
524 /* This set based on extension callbacks */
525 int custom_ext_error = 0;
527 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
528 const unsigned char *in, size_t inlen,
531 if (ext_type == SCT_EXT_TYPE)
532 serverinfo_sct_seen++;
533 else if (ext_type == TACK_EXT_TYPE)
534 serverinfo_tack_seen++;
536 serverinfo_other_seen++;
540 static int verify_serverinfo()
542 if (serverinfo_sct != serverinfo_sct_seen)
544 if (serverinfo_tack != serverinfo_tack_seen)
546 if (serverinfo_other_seen)
552 * Four test cases for custom extensions:
553 * 0 - no ClientHello extension or ServerHello response
554 * 1 - ClientHello with "abc", no response
555 * 2 - ClientHello with "abc", empty response
556 * 3 - ClientHello with "abc", "defg" response
559 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
560 const unsigned char **out,
561 size_t *outlen, int *al, void *arg)
563 if (ext_type != CUSTOM_EXT_TYPE_0)
564 custom_ext_error = 1;
565 return 0; /* Don't send an extension */
568 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
569 const unsigned char *in,
570 size_t inlen, int *al,
576 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
577 const unsigned char **out,
578 size_t *outlen, int *al, void *arg)
580 if (ext_type != CUSTOM_EXT_TYPE_1)
581 custom_ext_error = 1;
582 *out = (const unsigned char*)custom_ext_cli_string;
583 *outlen = strlen(custom_ext_cli_string);
584 return 1; /* Send "abc" */
587 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
588 const unsigned char *in,
589 size_t inlen, int *al,
595 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
596 const unsigned char **out,
597 size_t *outlen, int *al, void *arg)
599 if (ext_type != CUSTOM_EXT_TYPE_2)
600 custom_ext_error = 1;
601 *out = (const unsigned char*)custom_ext_cli_string;
602 *outlen = strlen(custom_ext_cli_string);
603 return 1; /* Send "abc" */
606 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
607 const unsigned char *in,
608 size_t inlen, int *al,
611 if (ext_type != CUSTOM_EXT_TYPE_2)
612 custom_ext_error = 1;
614 custom_ext_error = 1; /* Should be empty response */
618 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
619 const unsigned char **out,
620 size_t *outlen, int *al, void *arg)
622 if (ext_type != CUSTOM_EXT_TYPE_3)
623 custom_ext_error = 1;
624 *out = (const unsigned char*)custom_ext_cli_string;
625 *outlen = strlen(custom_ext_cli_string);
626 return 1; /* Send "abc" */
629 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
630 const unsigned char *in,
631 size_t inlen, int *al,
634 if (ext_type != CUSTOM_EXT_TYPE_3)
635 custom_ext_error = 1;
636 if (inlen != strlen(custom_ext_srv_string))
637 custom_ext_error = 1;
638 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
639 custom_ext_error = 1; /* Check for "defg" */
643 /* custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback for this extension */
644 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
645 const unsigned char *in,
646 size_t inlen, int *al,
649 custom_ext_error = 1;
653 /* 'add' callbacks are only called if the 'parse' callback is called */
654 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
655 const unsigned char **out,
656 size_t *outlen, int *al, void *arg)
658 /* Error: should not have been called */
659 custom_ext_error = 1;
660 return 0; /* Don't send an extension */
663 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
664 const unsigned char *in,
665 size_t inlen, int *al,
668 if (ext_type != CUSTOM_EXT_TYPE_1)
669 custom_ext_error = 1;
670 /* Check for "abc" */
671 if (inlen != strlen(custom_ext_cli_string))
672 custom_ext_error = 1;
673 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
674 custom_ext_error = 1;
678 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
679 const unsigned char **out,
680 size_t *outlen, int *al, void *arg)
682 return 0; /* Don't send an extension */
685 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
686 const unsigned char *in,
687 size_t inlen, int *al,
690 if (ext_type != CUSTOM_EXT_TYPE_2)
691 custom_ext_error = 1;
692 /* Check for "abc" */
693 if (inlen != strlen(custom_ext_cli_string))
694 custom_ext_error = 1;
695 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
696 custom_ext_error = 1;
700 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
701 const unsigned char **out,
702 size_t *outlen, int *al, void *arg)
706 return 1; /* Send empty extension */
709 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
710 const unsigned char *in,
711 size_t inlen, int *al,
714 if (ext_type != CUSTOM_EXT_TYPE_3)
715 custom_ext_error = 1;
716 /* Check for "abc" */
717 if (inlen != strlen(custom_ext_cli_string))
718 custom_ext_error = 1;
719 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
720 custom_ext_error = 1;
724 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
725 const unsigned char **out,
726 size_t *outlen, int *al, void *arg)
728 *out = (const unsigned char*)custom_ext_srv_string;
729 *outlen = strlen(custom_ext_srv_string);
730 return 1; /* Send "defg" */
733 static char *cipher=NULL;
734 static int verbose=0;
743 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
745 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
746 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
747 static int do_test_cipherlist(void);
748 static void sv_usage(void)
750 fprintf(stderr,"usage: ssltest [args ...]\n");
751 fprintf(stderr,"\n");
753 fprintf(stderr,"-F - run test in FIPS mode\n");
755 fprintf(stderr," -server_auth - check server certificate\n");
756 fprintf(stderr," -client_auth - do client authentication\n");
757 fprintf(stderr," -proxy - allow proxy certificates\n");
758 fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
759 fprintf(stderr," -proxy_cond <val> - expression to test proxy policy rights\n");
760 fprintf(stderr," -v - more output\n");
761 fprintf(stderr," -d - debug output\n");
762 fprintf(stderr," -reuse - use session-id reuse\n");
763 fprintf(stderr," -num <val> - number of connections to perform\n");
764 fprintf(stderr," -bytes <val> - number of bytes to swap between client/server\n");
765 #ifndef OPENSSL_NO_DH
766 fprintf(stderr," -dhe1024 - use 1024 bit key (safe prime) for DHE\n");
767 fprintf(stderr," -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
768 fprintf(stderr," -no_dhe - disable DHE\n");
770 #ifndef OPENSSL_NO_ECDH
771 fprintf(stderr," -no_ecdhe - disable ECDHE\n");
773 #ifndef OPENSSL_NO_PSK
774 fprintf(stderr," -psk arg - PSK in hex (without 0x)\n");
776 #ifndef OPENSSL_NO_SRP
777 fprintf(stderr," -srpuser user - SRP username to use\n");
778 fprintf(stderr," -srppass arg - password for 'user'\n");
780 #ifndef OPENSSL_NO_SSL3_METHOD
781 fprintf(stderr," -ssl3 - use SSLv3\n");
783 #ifndef OPENSSL_NO_TLS1
784 fprintf(stderr," -tls1 - use TLSv1\n");
786 fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
787 fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
788 fprintf(stderr," -cert arg - Server certificate file\n");
789 fprintf(stderr," -key arg - Server key file (default: same as -cert)\n");
790 fprintf(stderr," -c_cert arg - Client certificate file\n");
791 fprintf(stderr," -c_key arg - Client key file (default: same as -c_cert)\n");
792 fprintf(stderr," -cipher arg - The cipher list\n");
793 fprintf(stderr," -bio_pair - Use BIO pairs\n");
794 fprintf(stderr," -f - Test even cases that can't work\n");
795 fprintf(stderr," -time - measure processor time used by client and server\n");
796 fprintf(stderr," -zlib - use zlib compression\n");
797 fprintf(stderr," -rle - use rle compression\n");
798 #ifndef OPENSSL_NO_ECDH
799 fprintf(stderr," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
800 " Use \"openssl ecparam -list_curves\" for all names\n" \
801 " (default is sect163r2).\n");
803 fprintf(stderr," -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
804 " When this option is requested, the cipherlist\n"
805 " tests are run instead of handshake tests.\n");
806 #ifndef OPENSSL_NO_NEXTPROTONEG
807 fprintf(stderr," -npn_client - have client side offer NPN\n");
808 fprintf(stderr," -npn_server - have server side offer NPN\n");
809 fprintf(stderr," -npn_server_reject - have server reject NPN\n");
811 fprintf(stderr," -serverinfo_file file - have server use this file\n");
812 fprintf(stderr," -serverinfo_sct - have client offer and expect SCT\n");
813 fprintf(stderr," -serverinfo_tack - have client offer and expect TACK\n");
814 fprintf(stderr," -custom_ext - try various custom extension callbacks\n");
815 fprintf(stderr," -alpn_client <string> - have client side offer ALPN\n");
816 fprintf(stderr," -alpn_server <string> - have server side offer ALPN\n");
817 fprintf(stderr," -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
820 static void print_key_details(BIO *out, EVP_PKEY *key)
822 int keyid = EVP_PKEY_id(key);
823 #ifndef OPENSSL_NO_EC
824 if (keyid == EVP_PKEY_EC)
826 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
829 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
831 cname = EC_curve_nid2nist(nid);
833 cname = OBJ_nid2sn(nid);
834 BIO_printf(out, "%d bits EC (%s)",
835 EVP_PKEY_bits(key), cname);
853 algname = OBJ_nid2sn(keyid);
856 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
860 static void print_details(SSL *c_ssl, const char *prefix)
862 const SSL_CIPHER *ciph;
867 ciph=SSL_get_current_cipher(c_ssl);
868 BIO_printf(bio_stdout,"%s%s, cipher %s %s",
870 SSL_get_version(c_ssl),
871 SSL_CIPHER_get_version(ciph),
872 SSL_CIPHER_get_name(ciph));
873 cert=SSL_get_peer_certificate(c_ssl);
876 pkey = X509_get_pubkey(cert);
879 BIO_puts(bio_stdout, ", ");
880 print_key_details(bio_stdout, pkey);
885 if (SSL_get_server_tmp_key(c_ssl, &pkey))
887 BIO_puts(bio_stdout, ", temp key: ");
888 print_key_details(bio_stdout, pkey);
891 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
892 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
893 BIO_printf(bio_stdout,"\n");
896 static void lock_dbg_cb(int mode, int type, const char *file, int line)
898 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
899 const char *errstr = NULL;
902 rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
903 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
905 errstr = "invalid mode";
909 if (type < 0 || type >= CRYPTO_NUM_LOCKS)
911 errstr = "type out of bounds";
915 if (mode & CRYPTO_LOCK)
919 errstr = "already locked";
920 /* must not happen in a single-threaded program
921 * (would deadlock) */
927 else if (mode & CRYPTO_UNLOCK)
931 errstr = "not locked";
935 if (modes[type] != rw)
937 errstr = (rw == CRYPTO_READ) ?
938 "CRYPTO_r_unlock on write lock" :
939 "CRYPTO_w_unlock on read lock";
946 errstr = "invalid mode";
953 /* we cannot use bio_err here */
954 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
955 errstr, mode, type, file, line);
959 #ifdef TLSEXT_TYPE_opaque_prf_input
960 struct cb_info_st { void *input; size_t len; int ret; };
961 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
962 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
963 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
964 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
966 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
968 struct cb_info_st *arg = arg_;
973 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
979 int main(int argc, char *argv[])
981 char *CApath=NULL,*CAfile=NULL;
985 int tls1=0,ssl3=0,ret=1;
988 struct app_verify_arg app_verify_arg =
989 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
990 char *server_cert=TEST_SERVER_CERT;
991 char *server_key=NULL;
992 char *client_cert=TEST_CLIENT_CERT;
993 char *client_key=NULL;
994 #ifndef OPENSSL_NO_ECDH
995 char *named_curve = NULL;
999 const SSL_METHOD *meth=NULL;
1001 int number=1,reuse=0;
1003 #ifndef OPENSSL_NO_DH
1005 int dhe1024 = 0, dhe1024dsa = 0;
1007 #ifndef OPENSSL_NO_ECDH
1008 EC_KEY *ecdh = NULL;
1010 #ifndef OPENSSL_NO_SRP
1012 SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
1014 SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
1020 clock_t s_time = 0, c_time = 0;
1021 #ifndef OPENSSL_NO_COMP
1023 COMP_METHOD *cm = NULL;
1024 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1026 int test_cipherlist = 0;
1030 int no_protocol = 0;
1032 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1033 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1034 const char *arg = NULL, *argn = NULL;
1040 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);
1042 CRYPTO_set_locking_callback(lock_dbg_cb);
1044 /* enable memory leak checking unless explicitly disabled */
1045 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
1047 CRYPTO_malloc_debug_init();
1048 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1052 /* OPENSSL_DEBUG_MEMORY=off */
1053 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1055 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1057 RAND_seed(rnd_seed, sizeof rnd_seed);
1059 bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
1061 s_cctx = SSL_CONF_CTX_new();
1062 c_cctx = SSL_CONF_CTX_new();
1064 if (!s_cctx || !c_cctx)
1066 ERR_print_errors(bio_err);
1070 SSL_CONF_CTX_set_flags(s_cctx,
1071 SSL_CONF_FLAG_CMDLINE|SSL_CONF_FLAG_SERVER);
1072 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_"))
1074 ERR_print_errors(bio_err);
1078 SSL_CONF_CTX_set_flags(c_cctx,
1079 SSL_CONF_FLAG_CMDLINE|SSL_CONF_FLAG_CLIENT);
1080 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_"))
1082 ERR_print_errors(bio_err);
1091 if(!strcmp(*argv,"-F"))
1096 fprintf(stderr,"not compiled with FIPS support, so exiting without running.\n");
1100 else if (strcmp(*argv,"-server_auth") == 0)
1102 else if (strcmp(*argv,"-client_auth") == 0)
1104 else if (strcmp(*argv,"-proxy_auth") == 0)
1106 if (--argc < 1) goto bad;
1107 app_verify_arg.proxy_auth= *(++argv);
1109 else if (strcmp(*argv,"-proxy_cond") == 0)
1111 if (--argc < 1) goto bad;
1112 app_verify_arg.proxy_cond= *(++argv);
1114 else if (strcmp(*argv,"-v") == 0)
1116 else if (strcmp(*argv,"-d") == 0)
1118 else if (strcmp(*argv,"-reuse") == 0)
1120 else if (strcmp(*argv,"-dhe1024") == 0)
1122 #ifndef OPENSSL_NO_DH
1125 fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1128 else if (strcmp(*argv,"-dhe1024dsa") == 0)
1130 #ifndef OPENSSL_NO_DH
1133 fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1136 else if (strcmp(*argv,"-no_dhe") == 0)
1138 else if (strcmp(*argv,"-no_ecdhe") == 0)
1140 else if (strcmp(*argv,"-psk") == 0)
1142 if (--argc < 1) goto bad;
1144 #ifndef OPENSSL_NO_PSK
1145 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
1147 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1154 #ifndef OPENSSL_NO_SRP
1155 else if (strcmp(*argv,"-srpuser") == 0)
1157 if (--argc < 1) goto bad;
1158 srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
1161 else if (strcmp(*argv,"-srppass") == 0)
1163 if (--argc < 1) goto bad;
1164 srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
1168 else if (strcmp(*argv,"-tls1") == 0)
1170 #ifdef OPENSSL_NO_TLS1
1175 else if (strcmp(*argv,"-ssl3") == 0)
1177 #ifdef OPENSSL_NO_SSL3_METHOD
1182 else if (strncmp(*argv,"-num",4) == 0)
1184 if (--argc < 1) goto bad;
1185 number= atoi(*(++argv));
1186 if (number == 0) number=1;
1188 else if (strcmp(*argv,"-bytes") == 0)
1190 if (--argc < 1) goto bad;
1191 bytes= atol(*(++argv));
1192 if (bytes == 0L) bytes=1L;
1194 if (argv[0][i-1] == 'k') bytes*=1024L;
1195 if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
1197 else if (strcmp(*argv,"-cert") == 0)
1199 if (--argc < 1) goto bad;
1200 server_cert= *(++argv);
1202 else if (strcmp(*argv,"-s_cert") == 0)
1204 if (--argc < 1) goto bad;
1205 server_cert= *(++argv);
1207 else if (strcmp(*argv,"-key") == 0)
1209 if (--argc < 1) goto bad;
1210 server_key= *(++argv);
1212 else if (strcmp(*argv,"-s_key") == 0)
1214 if (--argc < 1) goto bad;
1215 server_key= *(++argv);
1217 else if (strcmp(*argv,"-c_cert") == 0)
1219 if (--argc < 1) goto bad;
1220 client_cert= *(++argv);
1222 else if (strcmp(*argv,"-c_key") == 0)
1224 if (--argc < 1) goto bad;
1225 client_key= *(++argv);
1227 else if (strcmp(*argv,"-cipher") == 0)
1229 if (--argc < 1) goto bad;
1232 else if (strcmp(*argv,"-CApath") == 0)
1234 if (--argc < 1) goto bad;
1237 else if (strcmp(*argv,"-CAfile") == 0)
1239 if (--argc < 1) goto bad;
1242 else if (strcmp(*argv,"-bio_pair") == 0)
1246 else if (strcmp(*argv,"-f") == 0)
1250 else if (strcmp(*argv,"-time") == 0)
1254 #ifndef OPENSSL_NO_COMP
1255 else if (strcmp(*argv,"-zlib") == 0)
1259 else if (strcmp(*argv,"-rle") == 0)
1264 else if (strcmp(*argv,"-named_curve") == 0)
1266 if (--argc < 1) goto bad;
1267 #ifndef OPENSSL_NO_ECDH
1268 named_curve = *(++argv);
1270 fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
1274 else if (strcmp(*argv,"-app_verify") == 0)
1276 app_verify_arg.app_verify = 1;
1278 else if (strcmp(*argv,"-proxy") == 0)
1280 app_verify_arg.allow_proxy_certs = 1;
1282 else if (strcmp(*argv,"-test_cipherlist") == 0)
1284 test_cipherlist = 1;
1286 #ifndef OPENSSL_NO_NEXTPROTONEG
1287 else if (strcmp(*argv,"-npn_client") == 0)
1291 else if (strcmp(*argv,"-npn_server") == 0)
1295 else if (strcmp(*argv,"-npn_server_reject") == 0)
1297 npn_server_reject = 1;
1300 else if (strcmp(*argv,"-serverinfo_sct") == 0)
1304 else if (strcmp(*argv,"-serverinfo_tack") == 0)
1306 serverinfo_tack = 1;
1308 else if (strcmp(*argv,"-serverinfo_file") == 0)
1310 if (--argc < 1) goto bad;
1311 serverinfo_file = *(++argv);
1313 else if (strcmp(*argv,"-custom_ext") == 0)
1317 else if (strcmp(*argv,"-alpn_client") == 0)
1319 if (--argc < 1) goto bad;
1320 alpn_client = *(++argv);
1322 else if (strcmp(*argv,"-alpn_server") == 0)
1324 if (--argc < 1) goto bad;
1325 alpn_server = *(++argv);
1327 else if (strcmp(*argv,"-alpn_expected") == 0)
1329 if (--argc < 1) goto bad;
1330 alpn_expected = *(++argv);
1337 /* Try to process command using SSL_CONF */
1338 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1339 /* If not processed try server */
1341 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1342 /* Recognised: store it for later use */
1349 conf_args = sk_OPENSSL_STRING_new_null();
1353 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1355 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1360 BIO_printf(bio_err, "Missing argument for %s\n",
1363 BIO_printf(bio_err, "Error with command %s\n",
1366 BIO_printf(bio_err,"unknown option %s\n", arg);
1381 * test_cipherlist prevails over protocol switch: we test the cipherlist
1382 * for all enabled protocols.
1384 if (test_cipherlist == 1)
1386 /* ensure that the cipher list are correctly sorted and exit */
1387 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1388 "other options.\n");
1389 if (do_test_cipherlist() == 0)
1395 if (ssl3 + tls1 > 1)
1397 fprintf(stderr, "At most one of -ssl3, or -tls1 should "
1403 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1404 * Ideally, we would error out, but the generic test wrapper can't know
1405 * when to expect failure. So we do nothing and return success.
1409 fprintf(stderr, "Testing was requested for a disabled protocol. "
1410 "Skipping tests.\n");
1415 if (!ssl3 && !tls1 && number > 1 && !reuse && !force)
1417 fprintf(stderr, "This case cannot work. Use -f to perform "
1418 "the test anyway (and\n-d to see what happens), "
1419 "or add one of -ssl3, -tls1, -reuse\n"
1420 "to avoid protocol mismatch.\n");
1427 if(!FIPS_mode_set(1))
1429 ERR_load_crypto_strings();
1430 ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
1434 fprintf(stderr,"*** IN FIPS MODE ***\n");
1442 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1445 if (number < 50 && !force)
1446 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1449 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1452 SSL_load_error_strings();
1454 #ifndef OPENSSL_NO_COMP
1455 if (comp == COMP_ZLIB) cm = COMP_zlib();
1456 if (comp == COMP_RLE) cm = COMP_rle();
1459 if (cm->type != NID_undef)
1461 if (SSL_COMP_add_compression_method(comp, cm) != 0)
1464 "Failed to add compression method\n");
1465 ERR_print_errors_fp(stderr);
1471 "Warning: %s compression not supported\n",
1472 (comp == COMP_RLE ? "rle" :
1473 (comp == COMP_ZLIB ? "zlib" :
1475 ERR_print_errors_fp(stderr);
1478 ssl_comp_methods = SSL_COMP_get_compression_methods();
1479 fprintf(stderr, "Available compression methods:\n");
1481 int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1483 fprintf(stderr, " NONE\n");
1485 for (j = 0; j < n; j++)
1487 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1488 fprintf(stderr, " %d: %s\n", c->id, c->name);
1493 /* At this point, ssl3/tls1 is only set if the protocol is available.
1494 * (Otherwise we exit early.)
1495 * However the compiler doesn't know this, so we ifdef. */
1496 #ifndef OPENSSL_NO_SSL3
1498 meth=SSLv3_method();
1501 #ifndef OPENSSL_NO_TLS1
1503 meth=TLSv1_method();
1506 meth=SSLv23_method();
1508 c_ctx=SSL_CTX_new(meth);
1509 s_ctx=SSL_CTX_new(meth);
1510 if ((c_ctx == NULL) || (s_ctx == NULL))
1512 ERR_print_errors(bio_err);
1515 /* Since we will use low security ciphersuites and keys for
1516 * testing set security level to zero.
1518 SSL_CTX_set_security_level(c_ctx, 0);
1519 SSL_CTX_set_security_level(s_ctx, 0);
1523 SSL_CTX_set_cipher_list(c_ctx,cipher);
1524 SSL_CTX_set_cipher_list(s_ctx,cipher);
1527 /* Process SSL_CONF arguments */
1528 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1529 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1531 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2)
1534 arg = sk_OPENSSL_STRING_value(conf_args, i);
1535 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1536 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1537 /* If not recognised use server context */
1539 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1542 BIO_printf(bio_err, "Error processing %s %s\n",
1543 arg, argn ? argn : "");
1544 ERR_print_errors(bio_err);
1549 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx))
1551 BIO_puts(bio_err, "Error finishing context\n");
1552 ERR_print_errors(bio_err);
1556 #ifndef OPENSSL_NO_DH
1561 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
1562 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1569 SSL_CTX_set_tmp_dh(s_ctx,dh);
1576 #ifndef OPENSSL_NO_ECDH
1581 if (named_curve != NULL)
1583 nid = OBJ_sn2nid(named_curve);
1586 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1591 #ifdef OPENSSL_NO_EC2M
1592 nid = NID_X9_62_prime256v1;
1594 nid = NID_sect163r2;
1597 ecdh = EC_KEY_new_by_curve_name(nid);
1600 BIO_printf(bio_err, "unable to create curve\n");
1604 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1605 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1612 #ifndef OPENSSL_NO_RSA
1613 SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
1616 #ifdef TLSEXT_TYPE_opaque_prf_input
1617 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1618 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1619 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
1620 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
1623 if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
1625 ERR_print_errors(bio_err);
1627 else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1628 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
1630 ERR_print_errors(bio_err);
1636 SSL_CTX_use_certificate_file(c_ctx,client_cert,
1638 SSL_CTX_use_PrivateKey_file(c_ctx,
1639 (client_key?client_key:client_cert),
1643 if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
1644 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1645 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
1646 (!SSL_CTX_set_default_verify_paths(c_ctx)))
1648 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1649 ERR_print_errors(bio_err);
1655 BIO_printf(bio_err,"client authentication\n");
1656 SSL_CTX_set_verify(s_ctx,
1657 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1659 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1663 BIO_printf(bio_err,"server authentication\n");
1664 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1666 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1670 int session_id_context = 0;
1671 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1674 /* Use PSK only if PSK key is given */
1675 if (psk_key != NULL)
1677 /* no_psk is used to avoid putting psk command to openssl tool */
1680 /* if PSK is not compiled in and psk key is
1681 * given, do nothing and exit successfully */
1685 #ifndef OPENSSL_NO_PSK
1686 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1687 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1689 BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1690 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1692 BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1693 ERR_print_errors(bio_err);
1698 #ifndef OPENSSL_NO_SRP
1699 if (srp_client_arg.srplogin)
1701 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
1703 BIO_printf(bio_err,"Unable to set SRP username\n");
1706 SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
1707 SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
1708 /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
1711 if (srp_server_arg.expected_user != NULL)
1713 SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
1714 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1715 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1719 #ifndef OPENSSL_NO_NEXTPROTONEG
1722 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1726 if (npn_server_reject)
1728 BIO_printf(bio_err, "Can't have both -npn_server and -npn_server_reject\n");
1731 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1733 if (npn_server_reject)
1735 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1740 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1742 serverinfo_cli_parse_cb, NULL);
1743 if (serverinfo_tack)
1744 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1746 serverinfo_cli_parse_cb, NULL);
1748 if (serverinfo_file)
1749 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file))
1751 BIO_printf(bio_err, "missing serverinfo file\n");
1757 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1758 custom_ext_0_cli_add_cb,
1760 custom_ext_0_cli_parse_cb, NULL);
1761 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1762 custom_ext_1_cli_add_cb,
1764 custom_ext_1_cli_parse_cb, NULL);
1765 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1766 custom_ext_2_cli_add_cb,
1768 custom_ext_2_cli_parse_cb, NULL);
1769 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1770 custom_ext_3_cli_add_cb,
1772 custom_ext_3_cli_parse_cb, NULL);
1775 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1776 custom_ext_0_srv_add_cb,
1778 custom_ext_0_srv_parse_cb, NULL);
1779 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1780 custom_ext_1_srv_add_cb,
1782 custom_ext_1_srv_parse_cb, NULL);
1783 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1784 custom_ext_2_srv_add_cb,
1786 custom_ext_2_srv_parse_cb, NULL);
1787 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1788 custom_ext_3_srv_add_cb,
1790 custom_ext_3_srv_parse_cb, NULL);
1794 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1798 unsigned short alpn_len;
1799 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1803 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1806 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1810 c_ssl=SSL_new(c_ctx);
1811 s_ssl=SSL_new(s_ctx);
1813 #ifndef OPENSSL_NO_KRB5
1814 if (c_ssl && c_ssl->kssl_ctx)
1816 char localhost[MAXHOSTNAMELEN+2];
1818 if (gethostname(localhost, sizeof localhost-1) == 0)
1820 localhost[sizeof localhost-1]='\0';
1821 if(strlen(localhost) == sizeof localhost-1)
1823 BIO_printf(bio_err,"localhost name too long\n");
1826 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1830 #endif /* OPENSSL_NO_KRB5 */
1832 for (i=0; i<number; i++)
1834 if (!reuse) SSL_set_session(c_ssl,NULL);
1836 ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1838 ret=doit(s_ssl,c_ssl,bytes);
1843 print_details(c_ssl, "");
1845 if ((number > 1) || (bytes > 1L))
1846 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1849 #ifdef CLOCKS_PER_SEC
1850 /* "To determine the time in seconds, the value returned
1851 * by the clock function should be divided by the value
1852 * of the macro CLOCKS_PER_SEC."
1853 * -- ISO/IEC 9899 */
1854 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1855 "Approximate total client time: %6.2f s\n",
1856 (double)s_time/CLOCKS_PER_SEC,
1857 (double)c_time/CLOCKS_PER_SEC);
1859 BIO_printf(bio_stdout,
1860 "Approximate total server time: %6.2f units\n"
1861 "Approximate total client time: %6.2f units\n",
1871 if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1872 if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1875 SSL_CONF_CTX_free(s_cctx);
1877 SSL_CONF_CTX_free(c_cctx);
1878 sk_OPENSSL_STRING_free(conf_args);
1880 if (bio_stdout != NULL) BIO_free(bio_stdout);
1882 #ifndef OPENSSL_NO_RSA
1885 #ifndef OPENSSL_NO_ENGINE
1888 CRYPTO_cleanup_all_ex_data();
1890 ERR_remove_thread_state(NULL);
1892 CRYPTO_mem_leaks(bio_err);
1893 if (bio_err != NULL) BIO_free(bio_err);
1898 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1899 clock_t *s_time, clock_t *c_time)
1901 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1902 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1903 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1906 size_t bufsiz = 256; /* small buffer for testing */
1908 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1910 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1913 s_ssl_bio = BIO_new(BIO_f_ssl());
1917 c_ssl_bio = BIO_new(BIO_f_ssl());
1921 SSL_set_connect_state(c_ssl);
1922 SSL_set_bio(c_ssl, client, client);
1923 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1925 SSL_set_accept_state(s_ssl);
1926 SSL_set_bio(s_ssl, server, server);
1927 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1932 * c_ssl_bio: SSL filter BIO
1934 * client: pseudo-I/O for SSL library
1936 * client_io: client's SSL communication; usually to be
1937 * relayed over some I/O facility, but in this
1938 * test program, we're the server, too:
1940 * server_io: server's SSL communication
1942 * server: pseudo-I/O for SSL library
1944 * s_ssl_bio: SSL filter BIO
1946 * The client and the server each employ a "BIO pair":
1947 * client + client_io, server + server_io.
1948 * BIO pairs are symmetric. A BIO pair behaves similar
1949 * to a non-blocking socketpair (but both endpoints must
1950 * be handled by the same thread).
1951 * [Here we could connect client and server to the ends
1952 * of a single BIO pair, but then this code would be less
1953 * suitable as an example for BIO pairs in general.]
1955 * Useful functions for querying the state of BIO pair endpoints:
1957 * BIO_ctrl_pending(bio) number of bytes we can read now
1958 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1959 * other side's read attempt
1960 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1962 * ..._read_request is never more than ..._write_guarantee;
1963 * it depends on the application which one you should use.
1966 /* We have non-blocking behaviour throughout this test program, but
1967 * can be sure that there is *some* progress in each iteration; so
1968 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1969 * -- we just try everything in each iteration
1975 MS_STATIC char cbuf[1024*8];
1977 clock_t c_clock = clock();
1979 memset(cbuf, 0, sizeof(cbuf));
1982 if (SSL_in_init(c_ssl))
1983 printf("client waiting in SSL_connect - %s\n",
1984 SSL_state_string_long(c_ssl));
1988 /* Write to server. */
1990 if (cw_num > (long)sizeof cbuf)
1994 r = BIO_write(c_ssl_bio, cbuf, i);
1997 if (!BIO_should_retry(c_ssl_bio))
1999 fprintf(stderr,"ERROR in CLIENT\n");
2002 /* BIO_should_retry(...) can just be ignored here.
2003 * The library expects us to call BIO_write with
2004 * the same arguments again, and that's what we will
2005 * do in the next iteration. */
2009 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2015 printf("client wrote %d\n", r);
2022 /* Read from server. */
2024 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2027 if (!BIO_should_retry(c_ssl_bio))
2029 fprintf(stderr,"ERROR in CLIENT\n");
2032 /* Again, "BIO_should_retry" can be ignored. */
2036 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2042 printf("client read %d\n", r);
2047 /* c_time and s_time increments will typically be very small
2048 * (depending on machine speed and clock tick intervals),
2049 * but sampling over a large number of connections should
2050 * result in fairly accurate figures. We cannot guarantee
2051 * a lot, however -- if each connection lasts for exactly
2052 * one clock tick, it will be counted only for the client
2053 * or only for the server or even not at all.
2055 *c_time += (clock() - c_clock);
2061 MS_STATIC char sbuf[1024*8];
2063 clock_t s_clock = clock();
2065 memset(sbuf, 0, sizeof(sbuf));
2068 if (SSL_in_init(s_ssl))
2069 printf("server waiting in SSL_accept - %s\n",
2070 SSL_state_string_long(s_ssl));
2074 /* Write to client. */
2076 if (sw_num > (long)sizeof sbuf)
2080 r = BIO_write(s_ssl_bio, sbuf, i);
2083 if (!BIO_should_retry(s_ssl_bio))
2085 fprintf(stderr,"ERROR in SERVER\n");
2088 /* Ignore "BIO_should_retry". */
2092 fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2098 printf("server wrote %d\n", r);
2105 /* Read from client. */
2107 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2110 if (!BIO_should_retry(s_ssl_bio))
2112 fprintf(stderr,"ERROR in SERVER\n");
2119 fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2125 printf("server read %d\n", r);
2130 *s_time += (clock() - s_clock);
2134 /* "I/O" BETWEEN CLIENT AND SERVER. */
2137 BIO *io1 = server_io, *io2 = client_io;
2138 /* we use the non-copying interface for io1
2139 * and the standard BIO_write/BIO_read interface for io2
2142 static int prev_progress = 1;
2151 r1 = BIO_ctrl_pending(io1);
2152 r2 = BIO_ctrl_get_write_guarantee(io2);
2161 if (INT_MAX < num) /* yeah, right */
2164 r = BIO_nread(io1, &dataptr, (int)num);
2166 assert(r <= (int)num);
2167 /* possibly r < num (non-contiguous data) */
2169 r = BIO_write(io2, dataptr, (int)num);
2170 if (r != (int)num) /* can't happen */
2172 fprintf(stderr, "ERROR: BIO_write could not write "
2173 "BIO_ctrl_get_write_guarantee() bytes");
2179 printf((io1 == client_io) ?
2180 "C->S relaying: %d bytes\n" :
2181 "S->C relaying: %d bytes\n",
2192 r1 = BIO_ctrl_pending(io2);
2193 r2 = BIO_ctrl_get_read_request(io1);
2194 /* here we could use ..._get_write_guarantee instead of
2195 * ..._get_read_request, but by using the latter
2196 * we test restartability of the SSL implementation
2197 * more thoroughly */
2209 --num; /* test restartability even more thoroughly */
2211 r = BIO_nwrite0(io1, &dataptr);
2215 r = BIO_read(io2, dataptr, (int)num);
2216 if (r != (int)num) /* can't happen */
2218 fprintf(stderr, "ERROR: BIO_read could not read "
2219 "BIO_ctrl_pending() bytes");
2223 r = BIO_nwrite(io1, &dataptr, (int)num);
2224 if (r != (int)num) /* can't happen */
2226 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2227 "BIO_nwrite0() bytes");
2232 printf((io2 == client_io) ?
2233 "C->S relaying: %d bytes\n" :
2234 "S->C relaying: %d bytes\n",
2237 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
2239 if (!progress && !prev_progress)
2240 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
2242 fprintf(stderr, "ERROR: got stuck\n");
2243 fprintf(stderr, " ERROR.\n");
2246 prev_progress = progress;
2249 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2252 print_details(c_ssl, "DONE via BIO pair: ");
2253 #ifndef OPENSSL_NO_NEXTPROTONEG
2254 if (verify_npn(c_ssl, s_ssl) < 0)
2260 if (verify_serverinfo() < 0)
2262 fprintf(stderr, "Server info verify error\n");
2266 if (verify_alpn(c_ssl, s_ssl) < 0)
2272 if (custom_ext_error)
2274 fprintf(stderr, "Custom extension error\n");
2283 ERR_print_errors(bio_err);
2288 BIO_free(server_io);
2292 BIO_free(client_io);
2294 BIO_free(s_ssl_bio);
2296 BIO_free(c_ssl_bio);
2307 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2309 char *cbuf=NULL,*sbuf=NULL;
2311 long cw_num=count,cr_num=count;
2312 long sw_num=count,sr_num=count;
2318 int c_r,c_w,s_r,s_w;
2321 int c_write,s_write;
2322 int do_server=0,do_client=0;
2323 int max_frag = 5*1024;
2325 bufsiz = count>40*1024 ? 40*1024 : count;
2327 if ((cbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2328 if ((sbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2330 memset(cbuf,0,bufsiz);
2331 memset(sbuf,0,bufsiz);
2333 c_to_s=BIO_new(BIO_s_mem());
2334 s_to_c=BIO_new(BIO_s_mem());
2335 if ((s_to_c == NULL) || (c_to_s == NULL))
2337 ERR_print_errors(bio_err);
2341 c_bio=BIO_new(BIO_f_ssl());
2342 s_bio=BIO_new(BIO_f_ssl());
2343 if ((c_bio == NULL) || (s_bio == NULL))
2345 ERR_print_errors(bio_err);
2349 SSL_set_connect_state(c_ssl);
2350 SSL_set_bio(c_ssl,s_to_c,c_to_s);
2351 SSL_set_max_send_fragment(c_ssl,max_frag);
2352 BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
2354 SSL_set_accept_state(s_ssl);
2355 SSL_set_bio(s_ssl,c_to_s,s_to_c);
2356 SSL_set_max_send_fragment(s_ssl,max_frag);
2357 BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
2361 c_write=1,s_write=0;
2363 /* We can always do writes */
2369 i=(int)BIO_pending(s_bio);
2370 if ((i && s_r) || s_w) do_server=1;
2372 i=(int)BIO_pending(c_bio);
2373 if ((i && c_r) || c_w) do_client=1;
2375 if (do_server && debug)
2377 if (SSL_in_init(s_ssl))
2378 printf("server waiting in SSL_accept - %s\n",
2379 SSL_state_string_long(s_ssl));
2382 printf("server:SSL_write()\n");
2384 printf("server:SSL_read()\n"); */
2387 if (do_client && debug)
2389 if (SSL_in_init(c_ssl))
2390 printf("client waiting in SSL_connect - %s\n",
2391 SSL_state_string_long(c_ssl));
2394 printf("client:SSL_write()\n");
2396 printf("client:SSL_read()\n"); */
2399 if (!do_client && !do_server)
2401 fprintf(stdout,"ERROR IN STARTUP\n");
2402 ERR_print_errors(bio_err);
2405 if (do_client && !(done & C_DONE))
2409 j = (cw_num > bufsiz) ?
2410 (int)bufsiz : (int)cw_num;
2411 i=BIO_write(c_bio,cbuf,j);
2416 if (BIO_should_retry(c_bio))
2418 if (BIO_should_read(c_bio))
2420 if (BIO_should_write(c_bio))
2425 fprintf(stderr,"ERROR in CLIENT\n");
2426 ERR_print_errors(bio_err);
2432 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2438 printf("client wrote %d\n",i);
2444 SSL_set_max_send_fragment(c_ssl,max_frag-=5);
2449 i=BIO_read(c_bio,cbuf,bufsiz);
2454 if (BIO_should_retry(c_bio))
2456 if (BIO_should_read(c_bio))
2458 if (BIO_should_write(c_bio))
2463 fprintf(stderr,"ERROR in CLIENT\n");
2464 ERR_print_errors(bio_err);
2470 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2476 printf("client read %d\n",i);
2493 if (do_server && !(done & S_DONE))
2497 i=BIO_read(s_bio,sbuf,bufsiz);
2502 if (BIO_should_retry(s_bio))
2504 if (BIO_should_read(s_bio))
2506 if (BIO_should_write(s_bio))
2511 fprintf(stderr,"ERROR in SERVER\n");
2512 ERR_print_errors(bio_err);
2518 ERR_print_errors(bio_err);
2519 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
2525 printf("server read %d\n",i);
2542 j = (sw_num > bufsiz) ?
2543 (int)bufsiz : (int)sw_num;
2544 i=BIO_write(s_bio,sbuf,j);
2549 if (BIO_should_retry(s_bio))
2551 if (BIO_should_read(s_bio))
2553 if (BIO_should_write(s_bio))
2558 fprintf(stderr,"ERROR in SERVER\n");
2559 ERR_print_errors(bio_err);
2565 ERR_print_errors(bio_err);
2566 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
2572 printf("server wrote %d\n",i);
2579 SSL_set_max_send_fragment(s_ssl,max_frag-=5);
2584 if ((done & S_DONE) && (done & C_DONE)) break;
2588 print_details(c_ssl, "DONE: ");
2589 #ifndef OPENSSL_NO_NEXTPROTONEG
2590 if (verify_npn(c_ssl, s_ssl) < 0)
2596 if (verify_serverinfo() < 0)
2598 fprintf(stderr, "Server info verify error\n");
2602 if (custom_ext_error)
2604 fprintf(stderr, "Custom extension error\n");
2610 /* We have to set the BIO's to NULL otherwise they will be
2611 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and
2612 * again when c_ssl is SSL_free()ed.
2613 * This is a hack required because s_ssl and c_ssl are sharing the same
2614 * BIO structure and SSL_set_bio() and SSL_free() automatically
2615 * BIO_free non NULL entries.
2616 * You should not normally do this or be required to do this */
2628 if (c_to_s != NULL) BIO_free(c_to_s);
2629 if (s_to_c != NULL) BIO_free(s_to_c);
2630 if (c_bio != NULL) BIO_free_all(c_bio);
2631 if (s_bio != NULL) BIO_free_all(s_bio);
2633 if (cbuf) OPENSSL_free(cbuf);
2634 if (sbuf) OPENSSL_free(sbuf);
2639 static int get_proxy_auth_ex_data_idx(void)
2641 static volatile int idx = -1;
2644 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2647 idx = X509_STORE_CTX_get_ex_new_index(0,
2648 "SSLtest for verify callback", NULL,NULL,NULL);
2650 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2655 static int verify_callback(int ok, X509_STORE_CTX *ctx)
2659 s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
2664 fprintf(stderr,"depth=%d %s\n",
2665 ctx->error_depth,buf);
2668 fprintf(stderr,"depth=%d error=%d %s\n",
2669 ctx->error_depth,ctx->error,buf);
2675 fprintf(stderr,"Error string: %s\n",
2676 X509_verify_cert_error_string(ctx->error));
2679 case X509_V_ERR_CERT_NOT_YET_VALID:
2680 case X509_V_ERR_CERT_HAS_EXPIRED:
2681 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2682 fprintf(stderr," ... ignored.\n");
2689 X509 *xs = ctx->current_cert;
2691 X509 *xi = ctx->current_issuer;
2694 if (xs->ex_flags & EXFLAG_PROXY)
2696 unsigned int *letters =
2697 X509_STORE_CTX_get_ex_data(ctx,
2698 get_proxy_auth_ex_data_idx());
2704 PROXY_CERT_INFO_EXTENSION *pci =
2705 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2708 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
2710 case NID_Independent:
2711 /* Completely meaningless in this
2712 program, as there's no way to
2713 grant explicit rights to a
2714 specific PrC. Basically, using
2715 id-ppl-Independent is the perfect
2716 way to grant no rights at all. */
2717 fprintf(stderr, " Independent proxy certificate");
2718 for (i = 0; i < 26; i++)
2721 case NID_id_ppl_inheritAll:
2722 /* This is basically a NOP, we
2723 simply let the current rights
2724 stand as they are. */
2725 fprintf(stderr, " Proxy certificate inherits all");
2729 pci->proxyPolicy->policy->data;
2730 i = pci->proxyPolicy->policy->length;
2732 /* The algorithm works as follows:
2733 it is assumed that previous
2734 iterations or the initial granted
2735 rights has already set some elements
2736 of `letters'. What we need to do is
2737 to clear those that weren't granted
2738 by the current PrC as well. The
2739 easiest way to do this is to add 1
2740 to all the elements whose letters
2741 are given with the current policy.
2742 That way, all elements that are set
2743 by the current policy and were
2744 already set by earlier policies and
2745 through the original grant of rights
2746 will get the value 2 or higher.
2747 The last thing to do is to sweep
2748 through `letters' and keep the
2749 elements having the value 2 as set,
2750 and clear all the others. */
2752 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s);
2756 if (isascii(c) && isalpha(c))
2763 for (i = 0; i < 26; i++)
2772 ", resulting proxy rights = ");
2773 for(i = 0; i < 26; i++)
2776 fprintf(stderr, "%c", i + 'A');
2780 fprintf(stderr, "none");
2781 fprintf(stderr, "\n");
2783 PROXY_CERT_INFO_EXTENSION_free(pci);
2791 static void process_proxy_debug(int indent, const char *format, ...)
2794 static const char indentation[] =
2795 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2796 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2797 char my_format[256];
2800 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2801 indent, indent, indentation, format);
2803 va_start(args, format);
2804 vfprintf(stderr, my_format, args);
2813 static int process_proxy_cond_adders(unsigned int letters[26],
2814 const char *cond, const char **cond_end, int *pos, int indent);
2815 static int process_proxy_cond_val(unsigned int letters[26],
2816 const char *cond, const char **cond_end, int *pos, int indent)
2822 while(isspace((int)*cond))
2829 process_proxy_debug(indent,
2830 "Start process_proxy_cond_val at position %d: %s\n",
2837 while(isspace((int)*cond))
2847 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2852 while(isspace((int)*cond))
2860 "Weird condition character in position %d: "
2867 else if (isascii(c) && isalpha(c))
2871 ok = letters[c - 'A'];
2877 "Weird condition character in position %d: "
2884 if (ok >= 0 && negate)
2888 process_proxy_debug(indent,
2889 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2894 static int process_proxy_cond_multipliers(unsigned int letters[26],
2895 const char *cond, const char **cond_end, int *pos, int indent)
2901 process_proxy_debug(indent,
2902 "Start process_proxy_cond_multipliers at position %d: %s\n",
2905 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2912 while(isspace((int)*cond))
2926 ok = process_proxy_cond_val(letters,
2927 cond, cond_end, pos, indent + 1);
2941 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2953 process_proxy_debug(indent,
2954 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2960 static int process_proxy_cond_adders(unsigned int letters[26],
2961 const char *cond, const char **cond_end, int *pos, int indent)
2967 process_proxy_debug(indent,
2968 "Start process_proxy_cond_adders at position %d: %s\n",
2971 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2979 while(isspace((int)*cond))
2992 ok = process_proxy_cond_multipliers(letters,
2993 cond, cond_end, pos, indent + 1);
3004 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3016 process_proxy_debug(indent,
3017 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
3024 static int process_proxy_cond(unsigned int letters[26],
3025 const char *cond, const char **cond_end)
3028 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3031 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
3034 struct app_verify_arg *cb_arg = arg;
3035 unsigned int letters[26]; /* only used with proxy_auth */
3037 if (cb_arg->app_verify)
3039 char *s = NULL,buf[256];
3041 fprintf(stderr, "In app_verify_callback, allowing cert. ");
3042 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
3043 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
3044 (void *)ctx, (void *)ctx->cert);
3046 s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
3049 fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
3053 if (cb_arg->proxy_auth)
3055 int found_any = 0, i;
3058 for(i = 0; i < 26; i++)
3060 for(sp = cb_arg->proxy_auth; *sp; sp++)
3063 if (isascii(c) && isalpha(c))
3067 letters[c - 'A'] = 1;
3072 " Initial proxy rights = ");
3073 for(i = 0; i < 26; i++)
3076 fprintf(stderr, "%c", i + 'A');
3080 fprintf(stderr, "none");
3081 fprintf(stderr, "\n");
3083 X509_STORE_CTX_set_ex_data(ctx,
3084 get_proxy_auth_ex_data_idx(),letters);
3086 if (cb_arg->allow_proxy_certs)
3088 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
3091 #ifndef OPENSSL_NO_X509_VERIFY
3092 ok = X509_verify_cert(ctx);
3095 if (cb_arg->proxy_auth)
3099 const char *cond_end = NULL;
3101 ok = process_proxy_cond(letters,
3102 cb_arg->proxy_cond, &cond_end);
3108 fprintf(stderr, "Stopped processing condition before it's end.\n");
3112 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
3113 cb_arg->proxy_cond);
3115 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
3116 cb_arg->proxy_cond);
3122 #ifndef OPENSSL_NO_RSA
3123 static RSA *rsa_tmp=NULL;
3125 static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
3128 if (rsa_tmp == NULL)
3131 rsa_tmp = RSA_new();
3132 if(!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4))
3134 BIO_printf(bio_err, "Memory error...");
3137 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
3138 (void)BIO_flush(bio_err);
3139 if(!RSA_generate_key_ex(rsa_tmp,keylength,bn,NULL))
3141 BIO_printf(bio_err, "Error generating key.");
3146 BIO_printf(bio_err,"\n");
3147 (void)BIO_flush(bio_err);
3153 static void free_tmp_rsa(void)
3155 if (rsa_tmp != NULL)
3163 #ifndef OPENSSL_NO_DH
3165 * These DH parameters have been generated as follows:
3166 * $ openssl dhparam -C -noout 512
3167 * $ openssl dhparam -C -noout 1024
3168 * $ openssl dhparam -C -noout -dsaparam 1024
3169 * (The third function has been renamed to avoid name conflicts.)
3171 static DH *get_dh512()
3173 static unsigned char dh512_p[]={
3174 0xCB,0xC8,0xE1,0x86,0xD0,0x1F,0x94,0x17,0xA6,0x99,0xF0,0xC6,
3175 0x1F,0x0D,0xAC,0xB6,0x25,0x3E,0x06,0x39,0xCA,0x72,0x04,0xB0,
3176 0x6E,0xDA,0xC0,0x61,0xE6,0x7A,0x77,0x25,0xE8,0x3B,0xB9,0x5F,
3177 0x9A,0xB6,0xB5,0xFE,0x99,0x0B,0xA1,0x93,0x4E,0x35,0x33,0xB8,
3178 0xE1,0xF1,0x13,0x4F,0x59,0x1A,0xD2,0x57,0xC0,0x26,0x21,0x33,
3179 0x02,0xC5,0xAE,0x23,
3181 static unsigned char dh512_g[]={
3186 if ((dh=DH_new()) == NULL) return(NULL);
3187 dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
3188 dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
3189 if ((dh->p == NULL) || (dh->g == NULL))
3190 { DH_free(dh); return(NULL); }
3194 static DH *get_dh1024()
3196 static unsigned char dh1024_p[]={
3197 0xF8,0x81,0x89,0x7D,0x14,0x24,0xC5,0xD1,0xE6,0xF7,0xBF,0x3A,
3198 0xE4,0x90,0xF4,0xFC,0x73,0xFB,0x34,0xB5,0xFA,0x4C,0x56,0xA2,
3199 0xEA,0xA7,0xE9,0xC0,0xC0,0xCE,0x89,0xE1,0xFA,0x63,0x3F,0xB0,
3200 0x6B,0x32,0x66,0xF1,0xD1,0x7B,0xB0,0x00,0x8F,0xCA,0x87,0xC2,
3201 0xAE,0x98,0x89,0x26,0x17,0xC2,0x05,0xD2,0xEC,0x08,0xD0,0x8C,
3202 0xFF,0x17,0x52,0x8C,0xC5,0x07,0x93,0x03,0xB1,0xF6,0x2F,0xB8,
3203 0x1C,0x52,0x47,0x27,0x1B,0xDB,0xD1,0x8D,0x9D,0x69,0x1D,0x52,
3204 0x4B,0x32,0x81,0xAA,0x7F,0x00,0xC8,0xDC,0xE6,0xD9,0xCC,0xC1,
3205 0x11,0x2D,0x37,0x34,0x6C,0xEA,0x02,0x97,0x4B,0x0E,0xBB,0xB1,
3206 0x71,0x33,0x09,0x15,0xFD,0xDD,0x23,0x87,0x07,0x5E,0x89,0xAB,
3207 0x6B,0x7C,0x5F,0xEC,0xA6,0x24,0xDC,0x53,
3209 static unsigned char dh1024_g[]={
3214 if ((dh=DH_new()) == NULL) return(NULL);
3215 dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
3216 dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
3217 if ((dh->p == NULL) || (dh->g == NULL))
3218 { DH_free(dh); return(NULL); }
3222 static DH *get_dh1024dsa()
3224 static unsigned char dh1024_p[]={
3225 0xC8,0x00,0xF7,0x08,0x07,0x89,0x4D,0x90,0x53,0xF3,0xD5,0x00,
3226 0x21,0x1B,0xF7,0x31,0xA6,0xA2,0xDA,0x23,0x9A,0xC7,0x87,0x19,
3227 0x3B,0x47,0xB6,0x8C,0x04,0x6F,0xFF,0xC6,0x9B,0xB8,0x65,0xD2,
3228 0xC2,0x5F,0x31,0x83,0x4A,0xA7,0x5F,0x2F,0x88,0x38,0xB6,0x55,
3229 0xCF,0xD9,0x87,0x6D,0x6F,0x9F,0xDA,0xAC,0xA6,0x48,0xAF,0xFC,
3230 0x33,0x84,0x37,0x5B,0x82,0x4A,0x31,0x5D,0xE7,0xBD,0x52,0x97,
3231 0xA1,0x77,0xBF,0x10,0x9E,0x37,0xEA,0x64,0xFA,0xCA,0x28,0x8D,
3232 0x9D,0x3B,0xD2,0x6E,0x09,0x5C,0x68,0xC7,0x45,0x90,0xFD,0xBB,
3233 0x70,0xC9,0x3A,0xBB,0xDF,0xD4,0x21,0x0F,0xC4,0x6A,0x3C,0xF6,
3234 0x61,0xCF,0x3F,0xD6,0x13,0xF1,0x5F,0xBC,0xCF,0xBC,0x26,0x9E,
3235 0xBC,0x0B,0xBD,0xAB,0x5D,0xC9,0x54,0x39,
3237 static unsigned char dh1024_g[]={
3238 0x3B,0x40,0x86,0xE7,0xF3,0x6C,0xDE,0x67,0x1C,0xCC,0x80,0x05,
3239 0x5A,0xDF,0xFE,0xBD,0x20,0x27,0x74,0x6C,0x24,0xC9,0x03,0xF3,
3240 0xE1,0x8D,0xC3,0x7D,0x98,0x27,0x40,0x08,0xB8,0x8C,0x6A,0xE9,
3241 0xBB,0x1A,0x3A,0xD6,0x86,0x83,0x5E,0x72,0x41,0xCE,0x85,0x3C,
3242 0xD2,0xB3,0xFC,0x13,0xCE,0x37,0x81,0x9E,0x4C,0x1C,0x7B,0x65,
3243 0xD3,0xE6,0xA6,0x00,0xF5,0x5A,0x95,0x43,0x5E,0x81,0xCF,0x60,
3244 0xA2,0x23,0xFC,0x36,0xA7,0x5D,0x7A,0x4C,0x06,0x91,0x6E,0xF6,
3245 0x57,0xEE,0x36,0xCB,0x06,0xEA,0xF5,0x3D,0x95,0x49,0xCB,0xA7,
3246 0xDD,0x81,0xDF,0x80,0x09,0x4A,0x97,0x4D,0xA8,0x22,0x72,0xA1,
3247 0x7F,0xC4,0x70,0x56,0x70,0xE8,0x20,0x10,0x18,0x8F,0x2E,0x60,
3248 0x07,0xE7,0x68,0x1A,0x82,0x5D,0x32,0xA2,
3252 if ((dh=DH_new()) == NULL) return(NULL);
3253 dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
3254 dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
3255 if ((dh->p == NULL) || (dh->g == NULL))
3256 { DH_free(dh); return(NULL); }
3262 #ifndef OPENSSL_NO_PSK
3263 /* convert the PSK key (psk_key) in ascii to binary (psk) */
3264 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3265 unsigned int max_psk_len)
3270 ret = BN_hex2bn(&bn, pskkey);
3273 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", pskkey);
3278 if (BN_num_bytes(bn) > (int)max_psk_len)
3280 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
3281 max_psk_len, BN_num_bytes(bn));
3285 ret = BN_bn2bin(bn, psk);
3290 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
3291 unsigned int max_identity_len, unsigned char *psk,
3292 unsigned int max_psk_len)
3295 unsigned int psk_len = 0;
3297 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3301 fprintf(stderr, "client: created identity '%s' len=%d\n", identity, ret);
3302 ret = psk_key2bn(psk_key, psk, max_psk_len);
3310 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3311 unsigned char *psk, unsigned int max_psk_len)
3313 unsigned int psk_len=0;
3315 if (strcmp(identity, "Client_identity") != 0)
3317 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3320 psk_len=psk_key2bn(psk_key, psk, max_psk_len);
3325 static int do_test_cipherlist(void)
3328 const SSL_METHOD *meth;
3329 const SSL_CIPHER *ci, *tci = NULL;
3331 #ifndef OPENSSL_NO_SSL3
3332 fprintf(stderr, "testing SSLv3 cipher list order: ");
3333 meth = SSLv3_method();
3335 while ((ci = meth->get_cipher(i++)) != NULL)
3338 if (ci->id >= tci->id)
3340 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3345 fprintf(stderr, "ok\n");
3347 #ifndef OPENSSL_NO_TLS1
3348 fprintf(stderr, "testing TLSv1 cipher list order: ");
3349 meth = TLSv1_method();
3351 while ((ci = meth->get_cipher(i++)) != NULL)
3354 if (ci->id >= tci->id)
3356 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3361 fprintf(stderr, "ok\n");