1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.]
57 /* ====================================================================
58 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 * Redistribution and use in source and binary forms, with or without
61 * modification, are permitted provided that the following conditions
64 * 1. Redistributions of source code must retain the above copyright
65 * notice, this list of conditions and the following disclaimer.
67 * 2. Redistributions in binary form must reproduce the above copyright
68 * notice, this list of conditions and the following disclaimer in
69 * the documentation and/or other materials provided with the
72 * 3. All advertising materials mentioning features or use of this
73 * software must display the following acknowledgment:
74 * "This product includes software developed by the OpenSSL Project
75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
78 * endorse or promote products derived from this software without
79 * prior written permission. For written permission, please contact
80 * openssl-core@openssl.org.
82 * 5. Products derived from this software may not be called "OpenSSL"
83 * nor may "OpenSSL" appear in their names without prior written
84 * permission of the OpenSSL Project.
86 * 6. Redistributions of any form whatsoever must retain the following
88 * "This product includes software developed by the OpenSSL Project
89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
102 * OF THE POSSIBILITY OF SUCH DAMAGE.
103 * ====================================================================
105 * This product includes cryptographic software written by Eric Young
106 * (eay@cryptsoft.com). This product includes software written by Tim
107 * Hudson (tjh@cryptsoft.com).
110 /* ====================================================================
111 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112 * ECC cipher suite support in OpenSSL originally developed by
113 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 /* ====================================================================
116 * Copyright 2005 Nokia. All rights reserved.
118 * The portions of the attached software ("Contribution") is developed by
119 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
122 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
123 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
124 * support (see RFC 4279) to OpenSSL.
126 * No patent licenses or other rights except those expressly stated in
127 * the OpenSSL open source license shall be deemed granted or received
128 * expressly, by implication, estoppel, or otherwise.
130 * No assurances are provided by Nokia that the Contribution does not
131 * infringe the patent or other intellectual property rights of any third
132 * party or that the license provides you with all the necessary rights
133 * to make use of the Contribution.
135 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
136 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
137 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
138 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
142 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
143 #define _BSD_SOURCE 1
144 #define _DEFAULT_SOURCE 1
157 #ifdef OPENSSL_SYS_VMS
159 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
161 # define _XOPEN_SOURCE 500
166 #include <openssl/bio.h>
167 #include <openssl/crypto.h>
168 #include <openssl/evp.h>
169 #include <openssl/x509.h>
170 #include <openssl/x509v3.h>
171 #include <openssl/ssl.h>
172 #ifndef OPENSSL_NO_ENGINE
173 # include <openssl/engine.h>
175 #include <openssl/err.h>
176 #include <openssl/rand.h>
177 #ifndef OPENSSL_NO_RSA
178 # include <openssl/rsa.h>
180 #ifndef OPENSSL_NO_DSA
181 # include <openssl/dsa.h>
183 #ifndef OPENSSL_NO_DH
184 # include <openssl/dh.h>
186 #ifndef OPENSSL_NO_SRP
187 # include <openssl/srp.h>
189 #include <openssl/bn.h>
191 #include "../ssl/ssl_locl.h"
194 * Or gethostname won't be declared properly
195 * on Compaq platforms (at least with DEC C).
196 * Do not try to put it earlier, or IPv6 includes
199 #define _XOPEN_SOURCE_EXTENDED 1
201 #ifdef OPENSSL_SYS_WINDOWS
202 # include <winsock.h>
204 # include OPENSSL_UNISTD
208 * There is really no standard for this, so let's assign something
213 static int verify_callback(int ok, X509_STORE_CTX *ctx);
214 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg);
215 #define APP_CALLBACK_STRING "Test Callback Argument"
216 struct app_verify_arg {
219 int allow_proxy_certs;
224 #ifndef OPENSSL_NO_DH
225 static DH *get_dh512(void);
226 static DH *get_dh1024(void);
227 static DH *get_dh1024dsa(void);
230 static char *psk_key = NULL; /* by default PSK is not used */
231 #ifndef OPENSSL_NO_PSK
232 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
234 unsigned int max_identity_len,
236 unsigned int max_psk_len);
237 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
239 unsigned int max_psk_len);
242 #ifndef OPENSSL_NO_SRP
244 /* This is a context that we pass to all callbacks */
245 typedef struct srp_client_arg_st {
250 # define PWD_STRLEN 1024
252 static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
254 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
255 return OPENSSL_strdup((char *)srp_client_arg->srppassin);
259 /* This is a context that we pass to SRP server callbacks */
260 typedef struct srp_server_arg_st {
265 static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
267 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
269 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
270 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
271 return SSL3_AL_FATAL;
273 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
274 *ad = SSL_AD_INTERNAL_ERROR;
275 return SSL3_AL_FATAL;
277 return SSL_ERROR_NONE;
281 static BIO *bio_err = NULL;
282 static BIO *bio_stdout = NULL;
284 #ifndef OPENSSL_NO_NEXTPROTONEG
285 /* Note that this code assumes that this is only a one element list: */
286 static const char NEXT_PROTO_STRING[] = "\x09testproto";
287 static int npn_client = 0;
288 static int npn_server = 0;
289 static int npn_server_reject = 0;
291 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen,
292 const unsigned char *in, unsigned int inlen,
296 * This callback only returns the protocol string, rather than a length
297 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list
298 * and remove the first byte to chop off the length prefix.
300 *out = (unsigned char *)NEXT_PROTO_STRING + 1;
301 *outlen = sizeof(NEXT_PROTO_STRING) - 2;
302 return SSL_TLSEXT_ERR_OK;
305 static int cb_server_npn(SSL *s, const unsigned char **data,
306 unsigned int *len, void *arg)
308 *data = (const unsigned char *)NEXT_PROTO_STRING;
309 *len = sizeof(NEXT_PROTO_STRING) - 1;
310 return SSL_TLSEXT_ERR_OK;
313 static int cb_server_rejects_npn(SSL *s, const unsigned char **data,
314 unsigned int *len, void *arg)
316 return SSL_TLSEXT_ERR_NOACK;
319 static int verify_npn(SSL *client, SSL *server)
321 const unsigned char *client_s;
323 const unsigned char *server_s;
326 SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
327 SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
330 BIO_printf(bio_stdout, "Client NPN: ");
331 BIO_write(bio_stdout, client_s, client_len);
332 BIO_printf(bio_stdout, "\n");
336 BIO_printf(bio_stdout, "Server NPN: ");
337 BIO_write(bio_stdout, server_s, server_len);
338 BIO_printf(bio_stdout, "\n");
342 * If an NPN string was returned, it must be the protocol that we
343 * expected to negotiate.
345 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
346 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
348 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
349 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
352 if (!npn_client && client_len)
354 if (!npn_server && server_len)
356 if (npn_server_reject && server_len)
358 if (npn_client && npn_server && (!client_len || !server_len))
365 static const char *alpn_client;
366 static const char *alpn_server;
367 static const char *alpn_expected;
368 static unsigned char *alpn_selected;
369 static const char *server_min_proto;
370 static const char *server_max_proto;
371 static const char *client_min_proto;
372 static const char *client_max_proto;
373 static const char *should_negotiate;
376 * next_protos_parse parses a comma separated list of strings into a string
377 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
378 * outlen: (output) set to the length of the resulting buffer on success.
379 * err: (maybe NULL) on failure, an error message line is written to this BIO.
380 * in: a NUL terminated string like "abc,def,ghi"
382 * returns: a malloced buffer or NULL on failure.
384 static unsigned char *next_protos_parse(unsigned short *outlen,
395 out = OPENSSL_malloc(strlen(in) + 1);
399 for (i = 0; i <= len; ++i) {
400 if (i == len || in[i] == ',') {
401 if (i - start > 255) {
405 out[start] = i - start;
415 static int cb_server_alpn(SSL *s, const unsigned char **out,
416 unsigned char *outlen, const unsigned char *in,
417 unsigned int inlen, void *arg)
419 unsigned char *protos;
420 unsigned short protos_len;
422 protos = next_protos_parse(&protos_len, alpn_server);
423 if (protos == NULL) {
424 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
429 if (SSL_select_next_proto
430 ((unsigned char **)out, outlen, protos, protos_len, in,
431 inlen) != OPENSSL_NPN_NEGOTIATED) {
432 OPENSSL_free(protos);
433 return SSL_TLSEXT_ERR_NOACK;
437 * Make a copy of the selected protocol which will be freed in
440 alpn_selected = OPENSSL_malloc(*outlen);
441 memcpy(alpn_selected, *out, *outlen);
442 *out = alpn_selected;
444 OPENSSL_free(protos);
445 return SSL_TLSEXT_ERR_OK;
448 static int verify_alpn(SSL *client, SSL *server)
450 const unsigned char *client_proto, *server_proto;
451 unsigned int client_proto_len = 0, server_proto_len = 0;
452 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
453 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
455 OPENSSL_free(alpn_selected);
456 alpn_selected = NULL;
458 if (client_proto_len != server_proto_len) {
459 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
463 if (client_proto != NULL &&
464 memcmp(client_proto, server_proto, client_proto_len) != 0) {
465 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
469 if (client_proto_len > 0 && alpn_expected == NULL) {
470 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
474 if (alpn_expected != NULL &&
475 (client_proto_len != strlen(alpn_expected) ||
476 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
477 BIO_printf(bio_stdout,
478 "ALPN selected protocols not equal to expected protocol: %s\n",
486 BIO_printf(bio_stdout, "ALPN results: client: '");
487 BIO_write(bio_stdout, client_proto, client_proto_len);
488 BIO_printf(bio_stdout, "', server: '");
489 BIO_write(bio_stdout, server_proto, server_proto_len);
490 BIO_printf(bio_stdout, "'\n");
491 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
492 alpn_client, alpn_server);
496 #define SCT_EXT_TYPE 18
499 * WARNING : below extension types are *NOT* IETF assigned, and could
500 * conflict if these types are reassigned and handled specially by OpenSSL
503 #define TACK_EXT_TYPE 62208
504 #define CUSTOM_EXT_TYPE_0 1000
505 #define CUSTOM_EXT_TYPE_1 1001
506 #define CUSTOM_EXT_TYPE_2 1002
507 #define CUSTOM_EXT_TYPE_3 1003
509 static const char custom_ext_cli_string[] = "abc";
510 static const char custom_ext_srv_string[] = "defg";
512 /* These set from cmdline */
513 static char *serverinfo_file = NULL;
514 static int serverinfo_sct = 0;
515 static int serverinfo_tack = 0;
517 /* These set based on extension callbacks */
518 static int serverinfo_sct_seen = 0;
519 static int serverinfo_tack_seen = 0;
520 static int serverinfo_other_seen = 0;
522 /* This set from cmdline */
523 static int custom_ext = 0;
525 /* This set based on extension callbacks */
526 static int custom_ext_error = 0;
528 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
529 const unsigned char *in, size_t inlen,
532 if (ext_type == SCT_EXT_TYPE)
533 serverinfo_sct_seen++;
534 else if (ext_type == TACK_EXT_TYPE)
535 serverinfo_tack_seen++;
537 serverinfo_other_seen++;
541 static int verify_serverinfo()
543 if (serverinfo_sct != serverinfo_sct_seen)
545 if (serverinfo_tack != serverinfo_tack_seen)
547 if (serverinfo_other_seen)
553 * Four test cases for custom extensions:
554 * 0 - no ClientHello extension or ServerHello response
555 * 1 - ClientHello with "abc", no response
556 * 2 - ClientHello with "abc", empty response
557 * 3 - ClientHello with "abc", "defg" response
560 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
561 const unsigned char **out,
562 size_t *outlen, int *al, void *arg)
564 if (ext_type != CUSTOM_EXT_TYPE_0)
565 custom_ext_error = 1;
566 return 0; /* Don't send an extension */
569 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
570 const unsigned char *in,
571 size_t inlen, int *al, void *arg)
576 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
577 const unsigned char **out,
578 size_t *outlen, int *al, void *arg)
580 if (ext_type != CUSTOM_EXT_TYPE_1)
581 custom_ext_error = 1;
582 *out = (const unsigned char *)custom_ext_cli_string;
583 *outlen = strlen(custom_ext_cli_string);
584 return 1; /* Send "abc" */
587 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
588 const unsigned char *in,
589 size_t inlen, int *al, void *arg)
594 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
595 const unsigned char **out,
596 size_t *outlen, int *al, void *arg)
598 if (ext_type != CUSTOM_EXT_TYPE_2)
599 custom_ext_error = 1;
600 *out = (const unsigned char *)custom_ext_cli_string;
601 *outlen = strlen(custom_ext_cli_string);
602 return 1; /* Send "abc" */
605 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
606 const unsigned char *in,
607 size_t inlen, int *al, void *arg)
609 if (ext_type != CUSTOM_EXT_TYPE_2)
610 custom_ext_error = 1;
612 custom_ext_error = 1; /* Should be empty response */
616 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
617 const unsigned char **out,
618 size_t *outlen, int *al, void *arg)
620 if (ext_type != CUSTOM_EXT_TYPE_3)
621 custom_ext_error = 1;
622 *out = (const unsigned char *)custom_ext_cli_string;
623 *outlen = strlen(custom_ext_cli_string);
624 return 1; /* Send "abc" */
627 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
628 const unsigned char *in,
629 size_t inlen, int *al, void *arg)
631 if (ext_type != CUSTOM_EXT_TYPE_3)
632 custom_ext_error = 1;
633 if (inlen != strlen(custom_ext_srv_string))
634 custom_ext_error = 1;
635 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
636 custom_ext_error = 1; /* Check for "defg" */
641 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
644 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
645 const unsigned char *in,
646 size_t inlen, int *al, void *arg)
648 custom_ext_error = 1;
652 /* 'add' callbacks are only called if the 'parse' callback is called */
653 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
654 const unsigned char **out,
655 size_t *outlen, int *al, void *arg)
657 /* Error: should not have been called */
658 custom_ext_error = 1;
659 return 0; /* Don't send an extension */
662 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
663 const unsigned char *in,
664 size_t inlen, int *al, void *arg)
666 if (ext_type != CUSTOM_EXT_TYPE_1)
667 custom_ext_error = 1;
668 /* Check for "abc" */
669 if (inlen != strlen(custom_ext_cli_string))
670 custom_ext_error = 1;
671 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
672 custom_ext_error = 1;
676 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
677 const unsigned char **out,
678 size_t *outlen, int *al, void *arg)
680 return 0; /* Don't send an extension */
683 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
684 const unsigned char *in,
685 size_t inlen, int *al, void *arg)
687 if (ext_type != CUSTOM_EXT_TYPE_2)
688 custom_ext_error = 1;
689 /* Check for "abc" */
690 if (inlen != strlen(custom_ext_cli_string))
691 custom_ext_error = 1;
692 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
693 custom_ext_error = 1;
697 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
698 const unsigned char **out,
699 size_t *outlen, int *al, void *arg)
703 return 1; /* Send empty extension */
706 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
707 const unsigned char *in,
708 size_t inlen, int *al, void *arg)
710 if (ext_type != CUSTOM_EXT_TYPE_3)
711 custom_ext_error = 1;
712 /* Check for "abc" */
713 if (inlen != strlen(custom_ext_cli_string))
714 custom_ext_error = 1;
715 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
716 custom_ext_error = 1;
720 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
721 const unsigned char **out,
722 size_t *outlen, int *al, void *arg)
724 *out = (const unsigned char *)custom_ext_srv_string;
725 *outlen = strlen(custom_ext_srv_string);
726 return 1; /* Send "defg" */
729 static char *cipher = NULL;
730 static int verbose = 0;
731 static int debug = 0;
732 static const char rnd_seed[] =
733 "string to make the random number generator think it has entropy";
735 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family,
736 long bytes, clock_t *s_time, clock_t *c_time);
737 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
739 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
740 static int do_test_cipherlist(void);
742 static void sv_usage(void)
744 fprintf(stderr, "usage: ssltest [args ...]\n");
745 fprintf(stderr, "\n");
747 fprintf(stderr, "-F - run test in FIPS mode\n");
749 fprintf(stderr, " -server_auth - check server certificate\n");
750 fprintf(stderr, " -client_auth - do client authentication\n");
751 fprintf(stderr, " -proxy - allow proxy certificates\n");
752 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
754 " -proxy_cond <val> - expression to test proxy policy rights\n");
755 fprintf(stderr, " -v - more output\n");
756 fprintf(stderr, " -d - debug output\n");
757 fprintf(stderr, " -reuse - use session-id reuse\n");
758 fprintf(stderr, " -num <val> - number of connections to perform\n");
760 " -bytes <val> - number of bytes to swap between client/server\n");
761 #ifndef OPENSSL_NO_DH
763 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
765 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
767 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
768 fprintf(stderr, " -no_dhe - disable DHE\n");
770 #ifndef OPENSSL_NO_EC
771 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
773 #ifndef OPENSSL_NO_PSK
774 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
776 #ifndef OPENSSL_NO_SRP
777 fprintf(stderr, " -srpuser user - SRP username to use\n");
778 fprintf(stderr, " -srppass arg - password for 'user'\n");
780 #ifndef OPENSSL_NO_SSL3
781 fprintf(stderr, " -ssl3 - use SSLv3\n");
783 #ifndef OPENSSL_NO_TLS1
784 fprintf(stderr, " -tls1 - use TLSv1\n");
786 #ifndef OPENSSL_NO_DTLS
787 fprintf(stderr, " -dtls - use DTLS\n");
788 #ifndef OPENSSL_NO_DTLS1
789 fprintf(stderr, " -dtls1 - use DTLSv1\n");
791 #ifndef OPENSSL_NO_DTLS1_2
792 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
795 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
796 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
797 fprintf(stderr, " -cert arg - Server certificate file\n");
799 " -key arg - Server key file (default: same as -cert)\n");
800 fprintf(stderr, " -c_cert arg - Client certificate file\n");
802 " -c_key arg - Client key file (default: same as -c_cert)\n");
803 fprintf(stderr, " -cipher arg - The cipher list\n");
804 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
805 fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n");
806 fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n");
807 fprintf(stderr, " -f - Test even cases that can't work\n");
809 " -time - measure processor time used by client and server\n");
810 fprintf(stderr, " -zlib - use zlib compression\n");
811 #ifndef OPENSSL_NO_EC
813 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
814 " Use \"openssl ecparam -list_curves\" for all names\n"
815 " (default is sect163r2).\n");
818 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
819 " When this option is requested, the cipherlist\n"
820 " tests are run instead of handshake tests.\n");
821 #ifndef OPENSSL_NO_NEXTPROTONEG
822 fprintf(stderr, " -npn_client - have client side offer NPN\n");
823 fprintf(stderr, " -npn_server - have server side offer NPN\n");
824 fprintf(stderr, " -npn_server_reject - have server reject NPN\n");
826 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
827 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
829 " -serverinfo_tack - have client offer and expect TACK\n");
831 " -custom_ext - try various custom extension callbacks\n");
832 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
833 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
835 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
836 fprintf(stderr, " -server_min_proto <string> - Minimum version the server should support\n");
837 fprintf(stderr, " -server_max_proto <string> - Maximum version the server should support\n");
838 fprintf(stderr, " -client_min_proto <string> - Minimum version the client should support\n");
839 fprintf(stderr, " -client_max_proto <string> - Maximum version the client should support\n");
840 fprintf(stderr, " -should_negotiate <string> - The version that should be negotiated, fail-client or fail-server\n");
843 static void print_key_details(BIO *out, EVP_PKEY *key)
845 int keyid = EVP_PKEY_id(key);
846 #ifndef OPENSSL_NO_EC
847 if (keyid == EVP_PKEY_EC) {
848 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
851 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
853 cname = EC_curve_nid2nist(nid);
855 cname = OBJ_nid2sn(nid);
856 BIO_printf(out, "%d bits EC (%s)", EVP_PKEY_bits(key), cname);
872 algname = OBJ_nid2sn(keyid);
875 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
879 static void print_details(SSL *c_ssl, const char *prefix)
881 const SSL_CIPHER *ciph;
886 ciph = SSL_get_current_cipher(c_ssl);
887 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
889 SSL_get_version(c_ssl),
890 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
891 cert = SSL_get_peer_certificate(c_ssl);
893 pkey = X509_get_pubkey(cert);
895 BIO_puts(bio_stdout, ", ");
896 print_key_details(bio_stdout, pkey);
901 if (SSL_get_server_tmp_key(c_ssl, &pkey)) {
902 BIO_puts(bio_stdout, ", temp key: ");
903 print_key_details(bio_stdout, pkey);
906 if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
907 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
908 BIO_printf(bio_stdout, "\n");
911 static void lock_dbg_cb(int mode, int type, const char *file, int line)
913 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
914 const char *errstr = NULL;
917 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
918 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
919 errstr = "invalid mode";
923 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
924 errstr = "type out of bounds";
928 if (mode & CRYPTO_LOCK) {
930 errstr = "already locked";
932 * must not happen in a single-threaded program (would deadlock)
938 } else if (mode & CRYPTO_UNLOCK) {
940 errstr = "not locked";
944 if (modes[type] != rw) {
945 errstr = (rw == CRYPTO_READ) ?
946 "CRYPTO_r_unlock on write lock" :
947 "CRYPTO_w_unlock on read lock";
952 errstr = "invalid mode";
958 /* we cannot use bio_err here */
960 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
961 errstr, mode, type, file, line);
966 * protocol_from_string - converts a protocol version string to a number
968 * Returns -1 on failure or the version on success
970 static int protocol_from_string(const char *value)
972 struct protocol_versions {
976 static const struct protocol_versions versions[] = {
977 {"ssl3", SSL3_VERSION},
978 {"tls1", TLS1_VERSION},
979 {"tls1.1", TLS1_1_VERSION},
980 {"tls1.2", TLS1_2_VERSION},
981 {"dtls1", DTLS1_VERSION},
982 {"dtls1.2", DTLS1_2_VERSION}};
984 size_t n = OSSL_NELEM(versions);
986 for (i = 0; i < n; i++)
987 if (strcmp(versions[i].name, value) == 0)
988 return versions[i].version;
993 * set_protocol_version - Sets protocol version minimum or maximum
995 * Returns 0 on failure and 1 on success
997 static int set_protocol_version(const char *version, SSL *ssl, int setting)
999 if (version != NULL) {
1000 int ver = protocol_from_string(version);
1002 BIO_printf(bio_err, "Error parsing: %s\n", version);
1005 return SSL_ctrl(ssl, setting, ver, NULL);
1010 int main(int argc, char *argv[])
1012 char *CApath = NULL, *CAfile = NULL;
1014 enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
1016 int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1;
1017 int client_auth = 0;
1018 int server_auth = 0, i;
1019 struct app_verify_arg app_verify_arg =
1020 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
1022 #ifndef OPENSSL_NO_EC
1023 char *named_curve = NULL;
1025 SSL_CTX *s_ctx = NULL;
1026 SSL_CTX *c_ctx = NULL;
1027 const SSL_METHOD *meth = NULL;
1029 int number = 1, reuse = 0;
1031 #ifndef OPENSSL_NO_DH
1033 int dhe512 = 0, dhe1024dsa = 0;
1035 #ifndef OPENSSL_NO_EC
1036 EC_KEY *ecdh = NULL;
1038 #ifndef OPENSSL_NO_SRP
1040 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
1042 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
1048 clock_t s_time = 0, c_time = 0;
1049 #ifndef OPENSSL_NO_COMP
1051 COMP_METHOD *cm = NULL;
1052 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1054 int test_cipherlist = 0;
1060 SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1061 STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1062 char *arg = NULL, *argn = NULL;
1068 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
1070 CRYPTO_set_locking_callback(lock_dbg_cb);
1072 p = getenv("OPENSSL_DEBUG_MEMORY");
1073 if (p != NULL && strcmp(p, "on") == 0)
1074 CRYPTO_set_mem_debug(1);
1075 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1077 RAND_seed(rnd_seed, sizeof rnd_seed);
1079 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
1081 s_cctx = SSL_CONF_CTX_new();
1082 c_cctx = SSL_CONF_CTX_new();
1084 if (!s_cctx || !c_cctx) {
1085 ERR_print_errors(bio_err);
1089 SSL_CONF_CTX_set_flags(s_cctx,
1090 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_SERVER |
1091 SSL_CONF_FLAG_CERTIFICATE |
1092 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1093 if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_")) {
1094 ERR_print_errors(bio_err);
1098 SSL_CONF_CTX_set_flags(c_cctx,
1099 SSL_CONF_FLAG_CMDLINE | SSL_CONF_FLAG_CLIENT |
1100 SSL_CONF_FLAG_CERTIFICATE |
1101 SSL_CONF_FLAG_REQUIRE_PRIVATE);
1102 if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_")) {
1103 ERR_print_errors(bio_err);
1111 if (strcmp(*argv, "-F") == 0) {
1116 "not compiled with FIPS support, so exiting without running.\n");
1119 } else if (strcmp(*argv, "-server_auth") == 0)
1121 else if (strcmp(*argv, "-client_auth") == 0)
1123 else if (strcmp(*argv, "-proxy_auth") == 0) {
1126 app_verify_arg.proxy_auth = *(++argv);
1127 } else if (strcmp(*argv, "-proxy_cond") == 0) {
1130 app_verify_arg.proxy_cond = *(++argv);
1131 } else if (strcmp(*argv, "-v") == 0)
1133 else if (strcmp(*argv, "-d") == 0)
1135 else if (strcmp(*argv, "-reuse") == 0)
1137 else if (strcmp(*argv, "-dhe512") == 0) {
1138 #ifndef OPENSSL_NO_DH
1142 "ignoring -dhe512, since I'm compiled without DH\n");
1144 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
1145 #ifndef OPENSSL_NO_DH
1149 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
1151 } else if (strcmp(*argv, "-no_dhe") == 0)
1153 else if (strcmp(*argv, "-no_ecdhe") == 0)
1155 else if (strcmp(*argv, "-psk") == 0) {
1158 psk_key = *(++argv);
1159 #ifndef OPENSSL_NO_PSK
1160 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1161 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1168 #ifndef OPENSSL_NO_SRP
1169 else if (strcmp(*argv, "-srpuser") == 0) {
1172 srp_server_arg.expected_user = srp_client_arg.srplogin =
1175 } else if (strcmp(*argv, "-srppass") == 0) {
1178 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1182 else if (strcmp(*argv, "-tls1") == 0) {
1184 } else if (strcmp(*argv, "-ssl3") == 0) {
1186 } else if (strcmp(*argv, "-dtls1") == 0) {
1188 } else if (strcmp(*argv, "-dtls12") == 0) {
1190 } else if (strcmp(*argv, "-dtls") == 0) {
1192 } else if (strncmp(*argv, "-num", 4) == 0) {
1195 number = atoi(*(++argv));
1198 } else if (strcmp(*argv, "-bytes") == 0) {
1201 bytes = atol(*(++argv));
1204 i = strlen(argv[0]);
1205 if (argv[0][i - 1] == 'k')
1207 if (argv[0][i - 1] == 'm')
1208 bytes *= 1024L * 1024L;
1209 } else if (strcmp(*argv, "-cipher") == 0) {
1213 } else if (strcmp(*argv, "-CApath") == 0) {
1217 } else if (strcmp(*argv, "-CAfile") == 0) {
1221 } else if (strcmp(*argv, "-bio_pair") == 0) {
1222 bio_type = BIO_PAIR;
1223 } else if (strcmp(*argv, "-ipv4") == 0) {
1224 bio_type = BIO_IPV4;
1225 } else if (strcmp(*argv, "-ipv6") == 0) {
1226 bio_type = BIO_IPV6;
1227 } else if (strcmp(*argv, "-f") == 0) {
1229 } else if (strcmp(*argv, "-time") == 0) {
1232 #ifndef OPENSSL_NO_COMP
1233 else if (strcmp(*argv, "-zlib") == 0) {
1237 else if (strcmp(*argv, "-named_curve") == 0) {
1240 #ifndef OPENSSL_NO_EC
1241 named_curve = *(++argv);
1244 "ignoring -named_curve, since I'm compiled without ECDH\n");
1247 } else if (strcmp(*argv, "-app_verify") == 0) {
1248 app_verify_arg.app_verify = 1;
1249 } else if (strcmp(*argv, "-proxy") == 0) {
1250 app_verify_arg.allow_proxy_certs = 1;
1251 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1252 test_cipherlist = 1;
1254 #ifndef OPENSSL_NO_NEXTPROTONEG
1255 else if (strcmp(*argv, "-npn_client") == 0) {
1257 } else if (strcmp(*argv, "-npn_server") == 0) {
1259 } else if (strcmp(*argv, "-npn_server_reject") == 0) {
1260 npn_server_reject = 1;
1263 else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1265 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1266 serverinfo_tack = 1;
1267 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1270 serverinfo_file = *(++argv);
1271 } else if (strcmp(*argv, "-custom_ext") == 0) {
1273 } else if (strcmp(*argv, "-alpn_client") == 0) {
1276 alpn_client = *(++argv);
1277 } else if (strcmp(*argv, "-alpn_server") == 0) {
1280 alpn_server = *(++argv);
1281 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1284 alpn_expected = *(++argv);
1285 } else if (strcmp(*argv, "-server_min_proto") == 0) {
1288 server_min_proto = *(++argv);
1289 } else if (strcmp(*argv, "-server_max_proto") == 0) {
1292 server_max_proto = *(++argv);
1293 } else if (strcmp(*argv, "-client_min_proto") == 0) {
1296 client_min_proto = *(++argv);
1297 } else if (strcmp(*argv, "-client_max_proto") == 0) {
1300 client_max_proto = *(++argv);
1301 } else if (strcmp(*argv, "-should_negotiate") == 0) {
1304 should_negotiate = *(++argv);
1309 /* Try to process command using SSL_CONF */
1310 rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1311 /* If not processed try server */
1313 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1314 /* Recognised: store it for later use */
1319 conf_args = sk_OPENSSL_STRING_new_null();
1323 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1325 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1330 BIO_printf(bio_err, "Missing argument for %s\n", arg);
1332 BIO_printf(bio_err, "Error with command %s\n", arg);
1334 BIO_printf(bio_err, "unknown option %s\n", arg);
1348 * test_cipherlist prevails over protocol switch: we test the cipherlist
1349 * for all enabled protocols.
1351 if (test_cipherlist == 1) {
1353 * ensure that the cipher list are correctly sorted and exit
1355 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1356 "other options.\n");
1357 if (do_test_cipherlist() == 0)
1363 if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) {
1364 fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should "
1369 #ifdef OPENSSL_NO_SSL3
1374 #ifdef OPENSSL_NO_TLS1
1379 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1)
1384 #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1_2)
1392 * Testing was requested for a compiled-out protocol (e.g. SSLv3).
1393 * Ideally, we would error out, but the generic test wrapper can't know
1394 * when to expect failure. So we do nothing and return success.
1397 fprintf(stderr, "Testing was requested for a disabled protocol. "
1398 "Skipping tests.\n");
1403 if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
1404 fprintf(stderr, "This case cannot work. Use -f to perform "
1405 "the test anyway (and\n-d to see what happens), "
1406 "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n"
1407 "to avoid protocol mismatch.\n");
1412 if (!FIPS_mode_set(1)) {
1413 ERR_print_errors(bio_err);
1416 fprintf(stderr, "*** IN FIPS MODE ***\n");
1421 if (bio_type != BIO_PAIR) {
1422 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1423 bio_type = BIO_PAIR;
1425 if (number < 50 && !force)
1427 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1430 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1432 #ifndef OPENSSL_NO_COMP
1433 if (comp == COMP_ZLIB)
1436 if (COMP_get_type(cm) != NID_undef) {
1437 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1438 fprintf(stderr, "Failed to add compression method\n");
1439 ERR_print_errors_fp(stderr);
1443 "Warning: %s compression not supported\n",
1444 comp == COMP_ZLIB ? "zlib" : "unknown");
1445 ERR_print_errors_fp(stderr);
1448 ssl_comp_methods = SSL_COMP_get_compression_methods();
1449 n = sk_SSL_COMP_num(ssl_comp_methods);
1452 printf("Available compression methods:");
1453 for (j = 0; j < n; j++) {
1454 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1455 printf(" %s:%d", c->name, c->id);
1462 * At this point, ssl3/tls1 is only set if the protocol is available.
1463 * (Otherwise we exit early.) However the compiler doesn't know this, so
1466 #ifndef OPENSSL_NO_DTLS
1467 #ifndef OPENSSL_NO_DTLS1
1469 meth = DTLSv1_method();
1472 #ifndef OPENSSL_NO_DTLS1_2
1474 meth = DTLSv1_2_method();
1478 meth = DTLS_method();
1481 #ifndef OPENSSL_NO_SSL3
1483 meth = SSLv3_method();
1486 #ifndef OPENSSL_NO_TLS1
1488 meth = TLSv1_method();
1491 meth = TLS_method();
1493 c_ctx = SSL_CTX_new(meth);
1494 s_ctx = SSL_CTX_new(meth);
1495 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1496 ERR_print_errors(bio_err);
1500 * Since we will use low security ciphersuites and keys for testing set
1501 * security level to zero by default. Tests can override this by adding
1502 * "@SECLEVEL=n" to the cipher string.
1504 SSL_CTX_set_security_level(c_ctx, 0);
1505 SSL_CTX_set_security_level(s_ctx, 0);
1507 if (cipher != NULL) {
1508 if (!SSL_CTX_set_cipher_list(c_ctx, cipher)
1509 || !SSL_CTX_set_cipher_list(s_ctx, cipher)) {
1510 ERR_print_errors(bio_err);
1515 /* Process SSL_CONF arguments */
1516 SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1517 SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1519 for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2) {
1521 arg = sk_OPENSSL_STRING_value(conf_args, i);
1522 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1523 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1524 /* If not recognised use server context */
1526 rv = SSL_CONF_cmd(s_cctx, arg, argn);
1528 BIO_printf(bio_err, "Error processing %s %s\n",
1529 arg, argn ? argn : "");
1530 ERR_print_errors(bio_err);
1535 if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx)) {
1536 BIO_puts(bio_err, "Error finishing context\n");
1537 ERR_print_errors(bio_err);
1540 #ifndef OPENSSL_NO_DH
1544 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1546 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1547 dh = get_dh1024dsa();
1552 SSL_CTX_set_tmp_dh(s_ctx, dh);
1559 #ifndef OPENSSL_NO_EC
1563 if (named_curve != NULL) {
1564 nid = OBJ_sn2nid(named_curve);
1566 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1570 nid = NID_X9_62_prime256v1;
1573 ecdh = EC_KEY_new_by_curve_name(nid);
1575 BIO_printf(bio_err, "unable to create curve\n");
1579 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1580 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1587 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1588 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1589 (!SSL_CTX_set_default_ctlog_list_file(s_ctx)) ||
1590 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1591 (!SSL_CTX_set_default_verify_paths(c_ctx)) ||
1592 (!SSL_CTX_set_default_ctlog_list_file(c_ctx))) {
1593 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1594 ERR_print_errors(bio_err);
1599 printf("client authentication\n");
1600 SSL_CTX_set_verify(s_ctx,
1601 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1603 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1607 printf("server authentication\n");
1608 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1609 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1614 int session_id_context = 0;
1615 if (!SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1616 sizeof session_id_context)) {
1617 ERR_print_errors(bio_err);
1622 /* Use PSK only if PSK key is given */
1623 if (psk_key != NULL) {
1625 * no_psk is used to avoid putting psk command to openssl tool
1629 * if PSK is not compiled in and psk key is given, do nothing and
1635 #ifndef OPENSSL_NO_PSK
1636 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1637 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1639 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1640 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1641 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1642 ERR_print_errors(bio_err);
1647 #ifndef OPENSSL_NO_SRP
1648 if (srp_client_arg.srplogin) {
1649 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1650 BIO_printf(bio_err, "Unable to set SRP username\n");
1653 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1654 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1655 ssl_give_srp_client_pwd_cb);
1657 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1661 if (srp_server_arg.expected_user != NULL) {
1662 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1663 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1664 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1668 #ifndef OPENSSL_NO_NEXTPROTONEG
1670 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1673 if (npn_server_reject) {
1675 "Can't have both -npn_server and -npn_server_reject\n");
1678 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1680 if (npn_server_reject) {
1681 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn,
1686 if (serverinfo_sct) {
1687 if (!SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1689 serverinfo_cli_parse_cb, NULL)) {
1690 BIO_printf(bio_err, "Error adding SCT extension\n");
1694 if (serverinfo_tack) {
1695 if (!SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1697 serverinfo_cli_parse_cb, NULL)) {
1698 BIO_printf(bio_err, "Error adding TACK extension\n");
1702 if (serverinfo_file)
1703 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1704 BIO_printf(bio_err, "missing serverinfo file\n");
1709 if (!SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1710 custom_ext_0_cli_add_cb,
1712 custom_ext_0_cli_parse_cb, NULL)
1713 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1714 custom_ext_1_cli_add_cb,
1716 custom_ext_1_cli_parse_cb, NULL)
1717 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1718 custom_ext_2_cli_add_cb,
1720 custom_ext_2_cli_parse_cb, NULL)
1721 || !SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1722 custom_ext_3_cli_add_cb,
1724 custom_ext_3_cli_parse_cb, NULL)
1725 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1726 custom_ext_0_srv_add_cb,
1728 custom_ext_0_srv_parse_cb, NULL)
1729 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1730 custom_ext_1_srv_add_cb,
1732 custom_ext_1_srv_parse_cb, NULL)
1733 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1734 custom_ext_2_srv_add_cb,
1736 custom_ext_2_srv_parse_cb, NULL)
1737 || !SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1738 custom_ext_3_srv_add_cb,
1740 custom_ext_3_srv_parse_cb, NULL)) {
1741 BIO_printf(bio_err, "Error setting custom extensions\n");
1747 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1750 unsigned short alpn_len;
1751 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1754 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1757 /* Returns 0 on success!! */
1758 if (SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len)) {
1759 BIO_printf(bio_err, "Error setting ALPN\n");
1766 c_ssl = SSL_new(c_ctx);
1767 s_ssl = SSL_new(s_ctx);
1769 if (!set_protocol_version(server_min_proto, s_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1771 if (!set_protocol_version(server_max_proto, s_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1773 if (!set_protocol_version(client_min_proto, c_ssl, SSL_CTRL_SET_MIN_PROTO_VERSION))
1775 if (!set_protocol_version(client_max_proto, c_ssl, SSL_CTRL_SET_MAX_PROTO_VERSION))
1778 BIO_printf(bio_stdout, "Doing handshakes=%d bytes=%ld\n", number, bytes);
1779 for (i = 0; i < number; i++) {
1781 if (!SSL_set_session(c_ssl, NULL)) {
1782 BIO_printf(bio_err, "Failed to set session\n");
1788 ret = doit(s_ssl, c_ssl, bytes);
1791 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1794 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV4,
1795 bytes, &s_time, &c_time);
1798 ret = doit_localhost(s_ssl, c_ssl, BIO_FAMILY_IPV6,
1799 bytes, &s_time, &c_time);
1805 if (should_negotiate && ret == 0 &&
1806 strcmp(should_negotiate, "fail-server") != 0 &&
1807 strcmp(should_negotiate, "fail-client") != 0) {
1808 int version = protocol_from_string(should_negotiate);
1810 BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate);
1814 if (SSL_version(c_ssl) != version) {
1815 BIO_printf(bio_err, "Unxpected version negotiated. "
1816 "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl));
1823 print_details(c_ssl, "");
1826 #ifdef CLOCKS_PER_SEC
1828 * "To determine the time in seconds, the value returned by the clock
1829 * function should be divided by the value of the macro
1830 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1832 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1833 "Approximate total client time: %6.2f s\n",
1834 (double)s_time / CLOCKS_PER_SEC,
1835 (double)c_time / CLOCKS_PER_SEC);
1837 BIO_printf(bio_stdout,
1838 "Approximate total server time: %6.2f units\n"
1839 "Approximate total client time: %6.2f units\n",
1840 (double)s_time, (double)c_time);
1849 SSL_CTX_free(s_ctx);
1850 SSL_CTX_free(c_ctx);
1851 SSL_CONF_CTX_free(s_cctx);
1852 SSL_CONF_CTX_free(c_cctx);
1853 sk_OPENSSL_STRING_free(conf_args);
1855 BIO_free(bio_stdout);
1857 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
1858 if (CRYPTO_mem_leaks(bio_err) <= 0)
1865 int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count,
1866 clock_t *s_time, clock_t *c_time)
1868 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1869 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1870 BIO *acpt = NULL, *server = NULL, *client = NULL;
1873 int err_in_client = 0;
1874 int err_in_server = 0;
1876 acpt = BIO_new_accept("0");
1879 BIO_set_accept_ip_family(acpt, family);
1880 BIO_set_bind_mode(acpt, BIO_SOCK_NONBLOCK | BIO_SOCK_REUSEADDR);
1881 if (BIO_do_accept(acpt) <= 0)
1884 BIO_snprintf(addr_str, sizeof(addr_str), ":%s", BIO_get_accept_port(acpt));
1886 client = BIO_new_connect(addr_str);
1887 BIO_set_conn_ip_family(client, family);
1891 if (BIO_set_nbio(client, 1) <= 0)
1893 if (BIO_set_nbio(acpt, 1) <= 0)
1897 int st_connect = 0, st_accept = 0;
1899 while(!st_connect || !st_accept) {
1901 if (BIO_do_connect(client) <= 0) {
1902 if (!BIO_should_retry(client))
1909 if (BIO_do_accept(acpt) <= 0) {
1910 if (!BIO_should_retry(acpt))
1918 /* We're not interested in accepting further connects */
1919 server = BIO_pop(acpt);
1923 s_ssl_bio = BIO_new(BIO_f_ssl());
1927 c_ssl_bio = BIO_new(BIO_f_ssl());
1931 SSL_set_connect_state(c_ssl);
1932 SSL_set_bio(c_ssl, client, client);
1933 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1935 SSL_set_accept_state(s_ssl);
1936 SSL_set_bio(s_ssl, server, server);
1937 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1941 * c_ssl_bio: SSL filter BIO
1943 * client: I/O for SSL library
1946 * server: I/O for SSL library
1948 * s_ssl_bio: SSL filter BIO
1952 * We have non-blocking behaviour throughout this test program, but
1953 * can be sure that there is *some* progress in each iteration; so we
1954 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1955 * we just try everything in each iteration
1961 char cbuf[1024 * 8];
1963 clock_t c_clock = clock();
1965 memset(cbuf, 0, sizeof(cbuf));
1968 if (SSL_in_init(c_ssl))
1969 printf("client waiting in SSL_connect - %s\n",
1970 SSL_state_string_long(c_ssl));
1973 /* Write to server. */
1975 if (cw_num > (long)sizeof cbuf)
1979 r = BIO_write(c_ssl_bio, cbuf, i);
1981 if (!BIO_should_retry(c_ssl_bio)) {
1982 fprintf(stderr, "ERROR in CLIENT\n");
1987 * BIO_should_retry(...) can just be ignored here. The
1988 * library expects us to call BIO_write with the same
1989 * arguments again, and that's what we will do in the
1992 } else if (r == 0) {
1993 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1997 printf("client wrote %d\n", r);
2003 /* Read from server. */
2005 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2007 if (!BIO_should_retry(c_ssl_bio)) {
2008 fprintf(stderr, "ERROR in CLIENT\n");
2013 * Again, "BIO_should_retry" can be ignored.
2015 } else if (r == 0) {
2016 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2020 printf("client read %d\n", r);
2026 * c_time and s_time increments will typically be very small
2027 * (depending on machine speed and clock tick intervals), but
2028 * sampling over a large number of connections should result in
2029 * fairly accurate figures. We cannot guarantee a lot, however
2030 * -- if each connection lasts for exactly one clock tick, it
2031 * will be counted only for the client or only for the server or
2034 *c_time += (clock() - c_clock);
2040 char sbuf[1024 * 8];
2042 clock_t s_clock = clock();
2044 memset(sbuf, 0, sizeof(sbuf));
2047 if (SSL_in_init(s_ssl))
2048 printf("server waiting in SSL_accept - %s\n",
2049 SSL_state_string_long(s_ssl));
2052 /* Write to client. */
2054 if (sw_num > (long)sizeof sbuf)
2058 r = BIO_write(s_ssl_bio, sbuf, i);
2060 if (!BIO_should_retry(s_ssl_bio)) {
2061 fprintf(stderr, "ERROR in SERVER\n");
2065 /* Ignore "BIO_should_retry". */
2066 } else if (r == 0) {
2067 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2071 printf("server wrote %d\n", r);
2077 /* Read from client. */
2079 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2081 if (!BIO_should_retry(s_ssl_bio)) {
2082 fprintf(stderr, "ERROR in SERVER\n");
2087 } else if (r == 0) {
2088 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2092 printf("server read %d\n", r);
2097 *s_time += (clock() - s_clock);
2100 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2103 print_details(c_ssl, "DONE via TCP connect: ");
2104 #ifndef OPENSSL_NO_NEXTPROTONEG
2105 if (verify_npn(c_ssl, s_ssl) < 0) {
2110 if (verify_serverinfo() < 0) {
2111 fprintf(stderr, "Server info verify error\n");
2115 if (verify_alpn(c_ssl, s_ssl) < 0) {
2120 if (custom_ext_error) {
2121 fprintf(stderr, "Custom extension error\n");
2130 ERR_print_errors(bio_err);
2135 BIO_free(s_ssl_bio);
2136 BIO_free(c_ssl_bio);
2138 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2139 ret = (err_in_client != 0) ? 0 : 1;
2140 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2141 ret = (err_in_server != 0) ? 0 : 1;
2146 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
2147 clock_t *s_time, clock_t *c_time)
2149 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
2150 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
2151 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
2153 int err_in_client = 0;
2154 int err_in_server = 0;
2156 size_t bufsiz = 256; /* small buffer for testing */
2158 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
2160 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
2163 s_ssl_bio = BIO_new(BIO_f_ssl());
2167 c_ssl_bio = BIO_new(BIO_f_ssl());
2171 SSL_set_connect_state(c_ssl);
2172 SSL_set_bio(c_ssl, client, client);
2173 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
2175 SSL_set_accept_state(s_ssl);
2176 SSL_set_bio(s_ssl, server, server);
2177 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
2181 * c_ssl_bio: SSL filter BIO
2183 * client: pseudo-I/O for SSL library
2185 * client_io: client's SSL communication; usually to be
2186 * relayed over some I/O facility, but in this
2187 * test program, we're the server, too:
2189 * server_io: server's SSL communication
2191 * server: pseudo-I/O for SSL library
2193 * s_ssl_bio: SSL filter BIO
2195 * The client and the server each employ a "BIO pair":
2196 * client + client_io, server + server_io.
2197 * BIO pairs are symmetric. A BIO pair behaves similar
2198 * to a non-blocking socketpair (but both endpoints must
2199 * be handled by the same thread).
2200 * [Here we could connect client and server to the ends
2201 * of a single BIO pair, but then this code would be less
2202 * suitable as an example for BIO pairs in general.]
2204 * Useful functions for querying the state of BIO pair endpoints:
2206 * BIO_ctrl_pending(bio) number of bytes we can read now
2207 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
2208 * other side's read attempt
2209 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
2211 * ..._read_request is never more than ..._write_guarantee;
2212 * it depends on the application which one you should use.
2216 * We have non-blocking behaviour throughout this test program, but
2217 * can be sure that there is *some* progress in each iteration; so we
2218 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
2219 * we just try everything in each iteration
2225 char cbuf[1024 * 8];
2227 clock_t c_clock = clock();
2229 memset(cbuf, 0, sizeof(cbuf));
2232 if (SSL_in_init(c_ssl))
2233 printf("client waiting in SSL_connect - %s\n",
2234 SSL_state_string_long(c_ssl));
2237 /* Write to server. */
2239 if (cw_num > (long)sizeof cbuf)
2243 r = BIO_write(c_ssl_bio, cbuf, i);
2245 if (!BIO_should_retry(c_ssl_bio)) {
2246 fprintf(stderr, "ERROR in CLIENT\n");
2251 * BIO_should_retry(...) can just be ignored here. The
2252 * library expects us to call BIO_write with the same
2253 * arguments again, and that's what we will do in the
2256 } else if (r == 0) {
2257 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2261 printf("client wrote %d\n", r);
2267 /* Read from server. */
2269 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2271 if (!BIO_should_retry(c_ssl_bio)) {
2272 fprintf(stderr, "ERROR in CLIENT\n");
2277 * Again, "BIO_should_retry" can be ignored.
2279 } else if (r == 0) {
2280 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2284 printf("client read %d\n", r);
2290 * c_time and s_time increments will typically be very small
2291 * (depending on machine speed and clock tick intervals), but
2292 * sampling over a large number of connections should result in
2293 * fairly accurate figures. We cannot guarantee a lot, however
2294 * -- if each connection lasts for exactly one clock tick, it
2295 * will be counted only for the client or only for the server or
2298 *c_time += (clock() - c_clock);
2304 char sbuf[1024 * 8];
2306 clock_t s_clock = clock();
2308 memset(sbuf, 0, sizeof(sbuf));
2311 if (SSL_in_init(s_ssl))
2312 printf("server waiting in SSL_accept - %s\n",
2313 SSL_state_string_long(s_ssl));
2316 /* Write to client. */
2318 if (sw_num > (long)sizeof sbuf)
2322 r = BIO_write(s_ssl_bio, sbuf, i);
2324 if (!BIO_should_retry(s_ssl_bio)) {
2325 fprintf(stderr, "ERROR in SERVER\n");
2329 /* Ignore "BIO_should_retry". */
2330 } else if (r == 0) {
2331 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2335 printf("server wrote %d\n", r);
2341 /* Read from client. */
2343 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2345 if (!BIO_should_retry(s_ssl_bio)) {
2346 fprintf(stderr, "ERROR in SERVER\n");
2351 } else if (r == 0) {
2352 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
2356 printf("server read %d\n", r);
2361 *s_time += (clock() - s_clock);
2365 /* "I/O" BETWEEN CLIENT AND SERVER. */
2368 BIO *io1 = server_io, *io2 = client_io;
2370 * we use the non-copying interface for io1 and the standard
2371 * BIO_write/BIO_read interface for io2
2374 static int prev_progress = 1;
2382 r1 = BIO_ctrl_pending(io1);
2383 r2 = BIO_ctrl_get_write_guarantee(io2);
2391 if (INT_MAX < num) /* yeah, right */
2394 r = BIO_nread(io1, &dataptr, (int)num);
2396 assert(r <= (int)num);
2398 * possibly r < num (non-contiguous data)
2401 r = BIO_write(io2, dataptr, (int)num);
2402 if (r != (int)num) { /* can't happen */
2403 fprintf(stderr, "ERROR: BIO_write could not write "
2404 "BIO_ctrl_get_write_guarantee() bytes");
2410 printf((io1 == client_io) ?
2411 "C->S relaying: %d bytes\n" :
2412 "S->C relaying: %d bytes\n", (int)num);
2422 r1 = BIO_ctrl_pending(io2);
2423 r2 = BIO_ctrl_get_read_request(io1);
2425 * here we could use ..._get_write_guarantee instead of
2426 * ..._get_read_request, but by using the latter we test
2427 * restartability of the SSL implementation more thoroughly
2439 --num; /* test restartability even more thoroughly */
2441 r = BIO_nwrite0(io1, &dataptr);
2445 r = BIO_read(io2, dataptr, (int)num);
2446 if (r != (int)num) { /* can't happen */
2447 fprintf(stderr, "ERROR: BIO_read could not read "
2448 "BIO_ctrl_pending() bytes");
2452 r = BIO_nwrite(io1, &dataptr, (int)num);
2453 if (r != (int)num) { /* can't happen */
2454 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2455 "BIO_nwrite0() bytes");
2460 printf((io2 == client_io) ?
2461 "C->S relaying: %d bytes\n" :
2462 "S->C relaying: %d bytes\n", (int)num);
2464 } /* no loop, BIO_ctrl_get_read_request now
2465 * returns 0 anyway */
2467 if (!progress && !prev_progress)
2468 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
2469 fprintf(stderr, "ERROR: got stuck\n");
2470 fprintf(stderr, " ERROR.\n");
2473 prev_progress = progress;
2476 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2479 print_details(c_ssl, "DONE via BIO pair: ");
2480 #ifndef OPENSSL_NO_NEXTPROTONEG
2481 if (verify_npn(c_ssl, s_ssl) < 0) {
2486 if (verify_serverinfo() < 0) {
2487 fprintf(stderr, "Server info verify error\n");
2491 if (verify_alpn(c_ssl, s_ssl) < 0) {
2496 if (custom_ext_error) {
2497 fprintf(stderr, "Custom extension error\n");
2506 ERR_print_errors(bio_err);
2509 BIO_free(server_io);
2511 BIO_free(client_io);
2512 BIO_free(s_ssl_bio);
2513 BIO_free(c_ssl_bio);
2515 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2516 ret = (err_in_client != 0) ? 0 : 1;
2517 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2518 ret = (err_in_server != 0) ? 0 : 1;
2528 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2530 char *cbuf = NULL, *sbuf = NULL;
2532 long cw_num = count, cr_num = count;
2533 long sw_num = count, sr_num = count;
2539 int c_r, c_w, s_r, s_w;
2542 int c_write, s_write;
2543 int do_server = 0, do_client = 0;
2544 int max_frag = 5 * 1024;
2545 int err_in_client = 0;
2546 int err_in_server = 0;
2548 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2550 if ((cbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2552 if ((sbuf = OPENSSL_zalloc(bufsiz)) == NULL)
2555 c_to_s = BIO_new(BIO_s_mem());
2556 s_to_c = BIO_new(BIO_s_mem());
2557 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2558 ERR_print_errors(bio_err);
2562 c_bio = BIO_new(BIO_f_ssl());
2563 s_bio = BIO_new(BIO_f_ssl());
2564 if ((c_bio == NULL) || (s_bio == NULL)) {
2565 ERR_print_errors(bio_err);
2569 SSL_set_connect_state(c_ssl);
2570 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2571 SSL_set_max_send_fragment(c_ssl, max_frag);
2572 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2574 SSL_set_accept_state(s_ssl);
2575 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2576 SSL_set_max_send_fragment(s_ssl, max_frag);
2577 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2583 c_write = 1, s_write = 0;
2585 /* We can always do writes */
2590 i = (int)BIO_pending(s_bio);
2591 if ((i && s_r) || s_w)
2594 i = (int)BIO_pending(c_bio);
2595 if ((i && c_r) || c_w)
2598 if (do_server && debug) {
2599 if (SSL_in_init(s_ssl))
2600 printf("server waiting in SSL_accept - %s\n",
2601 SSL_state_string_long(s_ssl));
2604 printf("server:SSL_write()\n");
2606 printf("server:SSL_read()\n"); */
2609 if (do_client && debug) {
2610 if (SSL_in_init(c_ssl))
2611 printf("client waiting in SSL_connect - %s\n",
2612 SSL_state_string_long(c_ssl));
2615 printf("client:SSL_write()\n");
2617 printf("client:SSL_read()\n"); */
2620 if (!do_client && !do_server) {
2621 fprintf(stdout, "ERROR IN STARTUP\n");
2622 ERR_print_errors(bio_err);
2625 if (do_client && !(done & C_DONE)) {
2627 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2628 i = BIO_write(c_bio, cbuf, j);
2632 if (BIO_should_retry(c_bio)) {
2633 if (BIO_should_read(c_bio))
2635 if (BIO_should_write(c_bio))
2638 fprintf(stderr, "ERROR in CLIENT\n");
2640 ERR_print_errors(bio_err);
2643 } else if (i == 0) {
2644 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2648 printf("client wrote %d\n", i);
2653 if (max_frag > 1029)
2654 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2657 i = BIO_read(c_bio, cbuf, bufsiz);
2661 if (BIO_should_retry(c_bio)) {
2662 if (BIO_should_read(c_bio))
2664 if (BIO_should_write(c_bio))
2667 fprintf(stderr, "ERROR in CLIENT\n");
2669 ERR_print_errors(bio_err);
2672 } else if (i == 0) {
2673 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2677 printf("client read %d\n", i);
2686 done = S_DONE | C_DONE;
2692 if (do_server && !(done & S_DONE)) {
2694 i = BIO_read(s_bio, sbuf, bufsiz);
2698 if (BIO_should_retry(s_bio)) {
2699 if (BIO_should_read(s_bio))
2701 if (BIO_should_write(s_bio))
2704 fprintf(stderr, "ERROR in SERVER\n");
2706 ERR_print_errors(bio_err);
2709 } else if (i == 0) {
2710 ERR_print_errors(bio_err);
2712 "SSL SERVER STARTUP FAILED in SSL_read\n");
2716 printf("server read %d\n", i);
2729 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2730 i = BIO_write(s_bio, sbuf, j);
2734 if (BIO_should_retry(s_bio)) {
2735 if (BIO_should_read(s_bio))
2737 if (BIO_should_write(s_bio))
2740 fprintf(stderr, "ERROR in SERVER\n");
2742 ERR_print_errors(bio_err);
2745 } else if (i == 0) {
2746 ERR_print_errors(bio_err);
2748 "SSL SERVER STARTUP FAILED in SSL_write\n");
2752 printf("server wrote %d\n", i);
2758 if (max_frag > 1029)
2759 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2764 if ((done & S_DONE) && (done & C_DONE))
2769 print_details(c_ssl, "DONE: ");
2770 #ifndef OPENSSL_NO_NEXTPROTONEG
2771 if (verify_npn(c_ssl, s_ssl) < 0) {
2776 if (verify_serverinfo() < 0) {
2777 fprintf(stderr, "Server info verify error\n");
2781 if (custom_ext_error) {
2782 fprintf(stderr, "Custom extension error\n");
2789 * We have to set the BIO's to NULL otherwise they will be
2790 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2791 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2792 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2793 * SSL_free() automatically BIO_free non NULL entries. You should not
2794 * normally do this or be required to do this
2796 if (s_ssl != NULL) {
2800 if (c_ssl != NULL) {
2807 BIO_free_all(c_bio);
2808 BIO_free_all(s_bio);
2812 if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0)
2813 ret = (err_in_client != 0) ? 0 : 1;
2814 else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0)
2815 ret = (err_in_server != 0) ? 0 : 1;
2820 static int get_proxy_auth_ex_data_idx(void)
2822 static volatile int idx = -1;
2824 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2826 idx = X509_STORE_CTX_get_ex_new_index(0,
2827 "SSLtest for verify callback",
2830 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2835 static int verify_callback(int ok, X509_STORE_CTX *ctx)
2839 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2843 printf("depth=%d %s\n", ctx->error_depth, buf);
2845 fprintf(stderr, "depth=%d error=%d %s\n",
2846 ctx->error_depth, ctx->error, buf);
2851 switch (ctx->error) {
2853 fprintf(stderr, "Error string: %s\n",
2854 X509_verify_cert_error_string(ctx->error));
2856 case X509_V_ERR_CERT_NOT_YET_VALID:
2857 case X509_V_ERR_CERT_HAS_EXPIRED:
2858 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2864 X509 *xs = ctx->current_cert;
2865 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
2866 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2867 get_proxy_auth_ex_data_idx
2873 PROXY_CERT_INFO_EXTENSION *pci =
2874 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2877 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2878 case NID_Independent:
2880 * Completely meaningless in this program, as there's no
2881 * way to grant explicit rights to a specific PrC.
2882 * Basically, using id-ppl-Independent is the perfect way
2883 * to grant no rights at all.
2885 fprintf(stderr, " Independent proxy certificate");
2886 for (i = 0; i < 26; i++)
2889 case NID_id_ppl_inheritAll:
2891 * This is basically a NOP, we simply let the current
2892 * rights stand as they are.
2894 fprintf(stderr, " Proxy certificate inherits all");
2898 pci->proxyPolicy->policy->data;
2899 i = pci->proxyPolicy->policy->length;
2902 * The algorithm works as follows: it is assumed that
2903 * previous iterations or the initial granted rights has
2904 * already set some elements of `letters'. What we need
2905 * to do is to clear those that weren't granted by the
2906 * current PrC as well. The easiest way to do this is to
2907 * add 1 to all the elements whose letters are given with
2908 * the current policy. That way, all elements that are
2909 * set by the current policy and were already set by
2910 * earlier policies and through the original grant of
2911 * rights will get the value 2 or higher. The last thing
2912 * to do is to sweep through `letters' and keep the
2913 * elements having the value 2 as set, and clear all the
2917 printf(" Certificate proxy rights = %*.*s", i,
2921 if (isascii(c) && isalpha(c)) {
2927 for (i = 0; i < 26; i++)
2935 printf(", resulting proxy rights = ");
2936 for (i = 0; i < 26; i++)
2938 printf("%c", i + 'A');
2945 PROXY_CERT_INFO_EXTENSION_free(pci);
2953 static void process_proxy_debug(int indent, const char *format, ...)
2956 static const char indentation[] =
2957 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2958 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2959 char my_format[256];
2962 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2963 indent, indent, indentation, format);
2965 va_start(args, format);
2966 vfprintf(stderr, my_format, args);
2976 static int process_proxy_cond_adders(unsigned int letters[26],
2977 const char *cond, const char **cond_end,
2978 int *pos, int indent);
2979 static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2980 const char **cond_end, int *pos, int indent)
2986 while (isspace((int)*cond)) {
2993 process_proxy_debug(indent,
2994 "Start process_proxy_cond_val at position %d: %s\n",
3001 while (isspace((int)*cond)) {
3011 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
3016 while (isspace((int)*cond)) {
3023 "Weird condition character in position %d: "
3030 } else if (isascii(c) && isalpha(c)) {
3033 ok = letters[c - 'A'];
3038 "Weird condition character in position %d: " "%c\n", *pos, c);
3044 if (ok >= 0 && negate)
3048 process_proxy_debug(indent,
3049 "End process_proxy_cond_val at position %d: %s, returning %d\n",
3055 static int process_proxy_cond_multipliers(unsigned int letters[26],
3057 const char **cond_end, int *pos,
3064 process_proxy_debug(indent,
3065 "Start process_proxy_cond_multipliers at position %d: %s\n",
3068 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
3074 while (isspace((int)*cond)) {
3088 ok = process_proxy_cond_val(letters,
3089 cond, cond_end, pos, indent + 1);
3102 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3114 process_proxy_debug(indent,
3115 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
3122 static int process_proxy_cond_adders(unsigned int letters[26],
3123 const char *cond, const char **cond_end,
3124 int *pos, int indent)
3130 process_proxy_debug(indent,
3131 "Start process_proxy_cond_adders at position %d: %s\n",
3134 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
3141 while (isspace((int)*cond)) {
3154 ok = process_proxy_cond_multipliers(letters,
3155 cond, cond_end, pos,
3166 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3178 process_proxy_debug(indent,
3179 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
3186 static int process_proxy_cond(unsigned int letters[26],
3187 const char *cond, const char **cond_end)
3190 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3193 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg)
3196 struct app_verify_arg *cb_arg = arg;
3197 unsigned int letters[26]; /* only used with proxy_auth */
3199 if (cb_arg->app_verify) {
3200 char *s = NULL, buf[256];
3202 printf("In app_verify_callback, allowing cert. ");
3203 printf("Arg is: %s\n", cb_arg->string);
3204 printf("Finished printing do we have a context? 0x%p a cert? 0x%p\n",
3205 (void *)ctx, (void *)ctx->cert);
3207 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
3209 printf("cert depth=%d %s\n", ctx->error_depth, buf);
3213 if (cb_arg->proxy_auth) {
3214 int found_any = 0, i;
3217 for (i = 0; i < 26; i++)
3219 for (sp = cb_arg->proxy_auth; *sp; sp++) {
3221 if (isascii(c) && isalpha(c)) {
3224 letters[c - 'A'] = 1;
3228 printf(" Initial proxy rights = ");
3229 for (i = 0; i < 26; i++)
3231 printf("%c", i + 'A');
3238 X509_STORE_CTX_set_ex_data(ctx,
3239 get_proxy_auth_ex_data_idx(), letters);
3241 if (cb_arg->allow_proxy_certs) {
3242 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
3244 ok = X509_verify_cert(ctx);
3246 if (cb_arg->proxy_auth) {
3248 const char *cond_end = NULL;
3250 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
3256 "Stopped processing condition before it's end.\n");
3261 "Proxy rights check with condition '%s' invalid\n",
3262 cb_arg->proxy_cond);
3264 printf("Proxy rights check with condition '%s' ok\n",
3265 cb_arg->proxy_cond);
3271 #ifndef OPENSSL_NO_DH
3273 * These DH parameters have been generated as follows:
3274 * $ openssl dhparam -C -noout 512
3275 * $ openssl dhparam -C -noout 1024
3276 * $ openssl dhparam -C -noout -dsaparam 1024
3277 * (The third function has been renamed to avoid name conflicts.)
3279 static DH *get_dh512()
3281 static unsigned char dh512_p[] = {
3282 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
3284 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
3286 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
3288 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
3290 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
3292 0x02, 0xC5, 0xAE, 0x23,
3294 static unsigned char dh512_g[] = {
3299 if ((dh = DH_new()) == NULL)
3301 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
3302 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
3303 if ((dh->p == NULL) || (dh->g == NULL)) {
3310 static DH *get_dh1024()
3312 static unsigned char dh1024_p[] = {
3313 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
3315 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
3317 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
3319 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
3321 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
3323 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
3325 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
3327 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
3329 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
3331 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
3333 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
3335 static unsigned char dh1024_g[] = {
3340 if ((dh = DH_new()) == NULL)
3342 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3343 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3344 if ((dh->p == NULL) || (dh->g == NULL)) {
3351 static DH *get_dh1024dsa()
3353 static unsigned char dh1024_p[] = {
3354 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
3356 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
3358 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
3360 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
3362 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
3364 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
3366 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
3368 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
3370 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
3372 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
3374 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
3376 static unsigned char dh1024_g[] = {
3377 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
3379 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
3381 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
3383 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
3385 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
3387 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
3389 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
3391 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
3393 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
3395 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
3397 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
3401 if ((dh = DH_new()) == NULL)
3403 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
3404 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
3405 if ((dh->p == NULL) || (dh->g == NULL)) {
3414 #ifndef OPENSSL_NO_PSK
3415 /* convert the PSK key (psk_key) in ascii to binary (psk) */
3416 static int psk_key2bn(const char *pskkey, unsigned char *psk,
3417 unsigned int max_psk_len)
3422 ret = BN_hex2bn(&bn, pskkey);
3424 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
3429 if (BN_num_bytes(bn) > (int)max_psk_len) {
3431 "psk buffer of callback is too small (%d) for key (%d)\n",
3432 max_psk_len, BN_num_bytes(bn));
3436 ret = BN_bn2bin(bn, psk);
3441 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
3443 unsigned int max_identity_len,
3445 unsigned int max_psk_len)
3448 unsigned int psk_len = 0;
3450 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
3454 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
3456 ret = psk_key2bn(psk_key, psk, max_psk_len);
3464 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
3466 unsigned int max_psk_len)
3468 unsigned int psk_len = 0;
3470 if (strcmp(identity, "Client_identity") != 0) {
3471 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
3474 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
3479 static int do_test_cipherlist(void)
3481 #if !defined(OPENSSL_NO_SSL3) || !defined(OPENSSL_NO_TLS1)
3483 const SSL_METHOD *meth;
3484 const SSL_CIPHER *ci, *tci = NULL;
3487 #ifndef OPENSSL_NO_SSL3
3488 meth = SSLv3_method();
3490 while ((ci = meth->get_cipher(i++)) != NULL) {
3492 if (ci->id >= tci->id) {
3493 fprintf(stderr, "testing SSLv3 cipher list order: ");
3494 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);
3500 #ifndef OPENSSL_NO_TLS1
3501 meth = TLSv1_method();
3503 while ((ci = meth->get_cipher(i++)) != NULL) {
3505 if (ci->id >= tci->id) {
3506 fprintf(stderr, "testing TLSv1 cipher list order: ");
3507 fprintf(stderr, "failed %x vs. %x\n", ci->id, tci->id);