/*
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
-#include <openssl/ssl.h>
#include <openssl/rand.h>
#include <openssl/ocsp.h>
#ifndef OPENSSL_NO_DH
static int async = 0;
static int use_sendfile = 0;
+static int use_zc_sendfile = 0;
static const char *session_id_prefix = NULL;
if (s_debug)
BIO_printf(bio_s_out, "psk_server_cb\n");
+
+ if (!SSL_is_dtls(ssl) && SSL_version(ssl) >= TLS1_3_VERSION) {
+ /*
+ * This callback is designed for use in (D)TLSv1.2 (or below). It is
+ * possible to use a single callback for all protocol versions - but it
+ * is preferred to use a dedicated callback for TLSv1.3. For TLSv1.3 we
+ * have psk_find_session_cb.
+ */
+ return 0;
+ }
+
if (identity == NULL) {
BIO_printf(bio_err, "Error: client did not send PSK identity\n");
goto out_err;
return SSL_TLSEXT_ERR_NOACK;
if (servername != NULL) {
- if (strcasecmp(servername, p->servername))
+ if (OPENSSL_strcasecmp(servername, p->servername))
return p->extension_error;
if (ctx2 != NULL) {
BIO_printf(p->biodebug, "Switching server context.\n");
OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN,
OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_RECV_MAX_EARLY, OPT_EARLY_DATA,
OPT_S_NUM_TICKETS, OPT_ANTI_REPLAY, OPT_NO_ANTI_REPLAY, OPT_SCTP_LABEL_BUG,
- OPT_HTTP_SERVER_BINMODE, OPT_NOCANAMES, OPT_IGNORE_UNEXPECTED_EOF,
+ OPT_HTTP_SERVER_BINMODE, OPT_NOCANAMES, OPT_IGNORE_UNEXPECTED_EOF, OPT_KTLS,
+ OPT_USE_ZC_SENDFILE,
+ OPT_TFO, OPT_CERT_COMP,
OPT_R_ENUM,
OPT_S_ENUM,
OPT_V_ENUM,
#endif
{"4", OPT_4, '-', "Use IPv4 only"},
{"6", OPT_6, '-', "Use IPv6 only"},
+#if defined(TCP_FASTOPEN) && !defined(OPENSSL_NO_TFO)
+ {"tfo", OPT_TFO, '-', "Listen for TCP Fast Open connections"},
+#endif
OPT_SECTION("Identity"),
{"context", OPT_CONTEXT, 's', "Set session ID context"},
"No verify output except verify errors"},
{"ign_eof", OPT_IGN_EOF, '-', "Ignore input EOF (default when -quiet)"},
{"no_ign_eof", OPT_NO_IGN_EOF, '-', "Do not ignore input EOF"},
+#ifndef OPENSSL_NO_COMP_ALG
+ {"cert_comp", OPT_CERT_COMP, '-', "Pre-compress server certificates"},
+#endif
#ifndef OPENSSL_NO_OCSP
OPT_SECTION("OCSP"),
{"alpn", OPT_ALPN, 's',
"Set the advertised protocols for the ALPN extension (comma-separated list)"},
#ifndef OPENSSL_NO_KTLS
+ {"ktls", OPT_KTLS, '-', "Enable Kernel TLS for sending and receiving"},
{"sendfile", OPT_SENDFILE, '-', "Use sendfile to response file with -WWW"},
+ {"zerocopy_sendfile", OPT_USE_ZC_SENDFILE, '-', "Use zerocopy mode of KTLS sendfile"},
#endif
OPT_R_OPTIONS,
int socket_family = AF_UNSPEC, socket_type = SOCK_STREAM, protocol = 0;
int state = 0, crl_format = FORMAT_UNDEF, crl_download = 0;
char *host = NULL;
- char *port = OPENSSL_strdup(PORT);
+ char *port = NULL;
unsigned char *context = NULL;
OPTION_CHOICE o;
EVP_PKEY *s_key2 = NULL;
int sctp_label_bug = 0;
#endif
int ignore_unexpected_eof = 0;
+#ifndef OPENSSL_NO_KTLS
+ int enable_ktls = 0;
+#endif
+ int tfo = 0;
+ int cert_comp = 0;
/* Init of few remaining global variables */
local_argc = argc;
s_brief = 0;
async = 0;
use_sendfile = 0;
+ use_zc_sendfile = 0;
+ port = OPENSSL_strdup(PORT);
cctx = SSL_CONF_CTX_new();
vpm = X509_VERIFY_PARAM_new();
- if (cctx == NULL || vpm == NULL)
+ if (port == NULL || cctx == NULL || vpm == NULL)
goto end;
SSL_CONF_CTX_set_flags(cctx,
SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CMDLINE);
case OPT_UNIX:
socket_family = AF_UNIX;
OPENSSL_free(host); host = OPENSSL_strdup(opt_arg());
+ if (host == NULL)
+ goto end;
OPENSSL_free(port); port = NULL;
break;
case OPT_UNLINK:
break;
case OPT_MSGFILE:
bio_s_msg = BIO_new_file(opt_arg(), "w");
+ if (bio_s_msg == NULL) {
+ BIO_printf(bio_err, "Error writing file %s\n", opt_arg());
+ goto end;
+ }
break;
case OPT_TRACE:
#ifndef OPENSSL_NO_SSL_TRACE
case OPT_NOCANAMES:
no_ca_names = 1;
break;
+ case OPT_KTLS:
+#ifndef OPENSSL_NO_KTLS
+ enable_ktls = 1;
+#endif
+ break;
case OPT_SENDFILE:
#ifndef OPENSSL_NO_KTLS
use_sendfile = 1;
+#endif
+ break;
+ case OPT_USE_ZC_SENDFILE:
+#ifndef OPENSSL_NO_KTLS
+ use_zc_sendfile = 1;
#endif
break;
case OPT_IGNORE_UNEXPECTED_EOF:
ignore_unexpected_eof = 1;
break;
+ case OPT_TFO:
+ tfo = 1;
+ break;
+ case OPT_CERT_COMP:
+ cert_comp = 1;
+ break;
}
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
}
#endif
+ if (tfo && socket_type != SOCK_STREAM) {
+ BIO_printf(bio_err, "Can only use -tfo with TLS\n");
+ goto end;
+ }
+
if (stateless && socket_type != SOCK_STREAM) {
BIO_printf(bio_err, "Can only use --stateless with TLS\n");
goto end;
#endif
#ifndef OPENSSL_NO_KTLS
+ if (use_zc_sendfile && !use_sendfile) {
+ BIO_printf(bio_out, "Warning: -zerocopy_sendfile depends on -sendfile, enabling -sendfile now.\n");
+ use_sendfile = 1;
+ }
+
+ if (use_sendfile && enable_ktls == 0) {
+ BIO_printf(bio_out, "Warning: -sendfile depends on -ktls, enabling -ktls now.\n");
+ enable_ktls = 1;
+ }
+
if (use_sendfile && www <= 1) {
BIO_printf(bio_err, "Can't use -sendfile without -WWW or -HTTP\n");
goto end;
if (bio_s_out == NULL) {
if (s_quiet && !s_debug) {
bio_s_out = BIO_new(BIO_s_null());
- if (s_msg && bio_s_msg == NULL)
+ if (s_msg && bio_s_msg == NULL) {
bio_s_msg = dup_bio_out(FORMAT_TEXT);
+ if (bio_s_msg == NULL) {
+ BIO_printf(bio_err, "Out of memory\n");
+ goto end;
+ }
+ }
} else {
- if (bio_s_out == NULL)
- bio_s_out = dup_bio_out(FORMAT_TEXT);
+ bio_s_out = dup_bio_out(FORMAT_TEXT);
}
}
+
+ if (bio_s_out == NULL)
+ goto end;
+
if (nocert) {
s_cert_file = NULL;
s_key_file = NULL;
if (ignore_unexpected_eof)
SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF);
+#ifndef OPENSSL_NO_KTLS
+ if (enable_ktls)
+ SSL_CTX_set_options(ctx, SSL_OP_ENABLE_KTLS);
+ if (use_zc_sendfile)
+ SSL_CTX_set_options(ctx, SSL_OP_ENABLE_KTLS_TX_ZEROCOPY_SENDFILE);
+#endif
if (max_send_fragment > 0
&& !SSL_CTX_set_max_send_fragment(ctx, max_send_fragment)) {
if (recv_max_early_data >= 0)
SSL_CTX_set_recv_max_early_data(ctx, recv_max_early_data);
+ if (cert_comp) {
+ BIO_printf(bio_s_out, "Compressing certificates\n");
+ if (!SSL_CTX_compress_certs(ctx, 0))
+ BIO_printf(bio_s_out, "Error compressing certs on ctx\n");
+ if (ctx2 != NULL && !SSL_CTX_compress_certs(ctx2, 0))
+ BIO_printf(bio_s_out, "Error compressing certs on ctx2\n");
+ }
+
if (rev)
server_cb = rev_body;
else if (www)
&& unlink_unix_path)
unlink(host);
#endif
+ if (tfo)
+ BIO_printf(bio_s_out, "Listening for TFO\n");
do_server(&accept_socket, host, port, socket_family, socket_type, protocol,
- server_cb, context, naccept, bio_s_out);
+ server_cb, context, naccept, bio_s_out, tfo);
print_stats(bio_s_out, ctx);
ret = 0;
end:
X509_free(s_dcert);
EVP_PKEY_free(s_key);
EVP_PKEY_free(s_dkey);
- sk_X509_pop_free(s_chain, X509_free);
- sk_X509_pop_free(s_dchain, X509_free);
+ OSSL_STACK_OF_X509_free(s_chain);
+ OSSL_STACK_OF_X509_free(s_dchain);
OPENSSL_free(pass);
OPENSSL_free(dpass);
OPENSSL_free(host);
SSL_CTX_sess_get_cache_size(ssl_ctx));
}
+static long int count_reads_callback(BIO *bio, int cmd, const char *argp, size_t len,
+ int argi, long argl, int ret, size_t *processed)
+{
+ unsigned int *p_counter = (unsigned int *)BIO_get_callback_arg(bio);
+
+ switch (cmd) {
+ case BIO_CB_READ: /* No break here */
+ case BIO_CB_GETS:
+ if (p_counter != NULL)
+ ++*p_counter;
+ break;
+ default:
+ break;
+ }
+
+ if (s_debug) {
+ BIO_set_callback_arg(bio, (char *)bio_s_out);
+ ret = (int)bio_dump_callback(bio, cmd, argp, len, argi, argl, ret, processed);
+ BIO_set_callback_arg(bio, (char *)p_counter);
+ }
+
+ return ret;
+}
+
static int sv_body(int s, int stype, int prot, unsigned char *context)
{
char *buf = NULL;
else
# endif
sbio = BIO_new_dgram(s, BIO_NOCLOSE);
+ if (sbio == NULL) {
+ BIO_printf(bio_err, "Unable to create BIO\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
if (enable_timeouts) {
timeout.tv_sec = 0;
BIO *test;
test = BIO_new(BIO_f_nbio_test());
+ if (test == NULL) {
+ BIO_printf(bio_err, "Unable to create BIO\n");
+ ret = -1;
+ BIO_free(sbio);
+ goto err;
+ }
sbio = BIO_push(test, sbio);
}
SSL_set_accept_state(con);
/* SSL_set_fd(con,s); */
- if (s_debug) {
- BIO_set_callback_ex(SSL_get_rbio(con), bio_dump_callback);
- BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
- }
+ BIO_set_callback_ex(SSL_get_rbio(con), count_reads_callback);
if (s_msg) {
#ifndef OPENSSL_NO_SSL_TRACE
if (s_msg == 2)
*/
if ((!async || !SSL_waiting_for_async(con))
&& !SSL_is_init_finished(con)) {
+ /*
+ * Count number of reads during init_ssl_connection.
+ * It helps us to distinguish configuration errors from errors
+ * caused by a client.
+ */
+ unsigned int read_counter = 0;
+
+ BIO_set_callback_arg(SSL_get_rbio(con), (char *)&read_counter);
i = init_ssl_connection(con);
+ BIO_set_callback_arg(SSL_get_rbio(con), NULL);
+ /*
+ * If initialization fails without reads, then
+ * there was a fatal error in configuration.
+ */
+ if (i <= 0 && read_counter == 0) {
+ ret = -1;
+ goto err;
+ }
if (i < 0) {
ret = 0;
goto err;
#endif
if (SSL_session_reused(con))
BIO_printf(bio_s_out, "Reused session-id\n");
- BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
- SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
+
+ ssl_print_secure_renegotiation_notes(bio_s_out, con);
+
if ((SSL_get_options(con) & SSL_OP_NO_RENEGOTIATION))
BIO_printf(bio_s_out, "Renegotiation is DISABLED\n");
BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel);
BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen);
exportedkeymat = app_malloc(keymatexportlen, "export key");
- if (!SSL_export_keying_material(con, exportedkeymat,
+ if (SSL_export_keying_material(con, exportedkeymat,
keymatexportlen,
keymatexportlabel,
strlen(keymatexportlabel),
- NULL, 0, 0)) {
+ NULL, 0, 0) <= 0) {
BIO_printf(bio_s_out, " Error\n");
} else {
BIO_printf(bio_s_out, " Keying material: ");
static int www_body(int s, int stype, int prot, unsigned char *context)
{
- char *buf = NULL;
+ char *buf = NULL, *p;
int ret = 1;
int i, j, k, dot;
SSL *con;
int total_bytes = 0;
#endif
int width;
+#ifndef OPENSSL_NO_KTLS
+ int use_sendfile_for_req = use_sendfile;
+#endif
fd_set readfds;
const char *opmode;
+#ifdef CHARSET_EBCDIC
+ BIO *filter;
+#endif
/* Set width for a select call if needed */
width = s + 1;
- buf = app_malloc(bufsize, "server www buffer");
+ /* as we use BIO_gets(), and it always null terminates data, we need
+ * to allocate 1 byte longer buffer to fit the full 2^14 byte record */
+ p = buf = app_malloc(bufsize + 1, "server www buffer");
io = BIO_new(BIO_f_buffer());
ssl_bio = BIO_new(BIO_f_ssl());
if ((io == NULL) || (ssl_bio == NULL))
}
/* lets make the output buffer a reasonable size */
- if (!BIO_set_write_buffer_size(io, bufsize))
+ if (BIO_set_write_buffer_size(io, bufsize) <= 0)
goto err;
if ((con = SSL_new(ctx)) == NULL)
}
sbio = BIO_new_socket(s, BIO_NOCLOSE);
+ if (sbio == NULL) {
+ SSL_free(con);
+ goto err;
+ }
+
if (s_nbio_test) {
BIO *test;
test = BIO_new(BIO_f_nbio_test());
+ if (test == NULL) {
+ SSL_free(con);
+ BIO_free(sbio);
+ goto err;
+ }
+
sbio = BIO_push(test, sbio);
}
SSL_set_bio(con, sbio, sbio);
/* No need to free |con| after this. Done by BIO_free(ssl_bio) */
BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
BIO_push(io, ssl_bio);
+ ssl_bio = NULL;
#ifdef CHARSET_EBCDIC
- io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
+ filter = BIO_new(BIO_f_ebcdic_filter());
+ if (filter == NULL)
+ goto err;
+
+ io = BIO_push(filter, io);
#endif
if (s_debug) {
}
for (;;) {
- i = BIO_gets(io, buf, bufsize - 1);
+ i = BIO_gets(io, buf, bufsize + 1);
if (i < 0) { /* error */
if (!BIO_should_retry(io) && !SSL_waiting_for_async(con)) {
if (!s_quiet)
continue;
}
#endif
- ossl_sleep(1000);
+ OSSL_sleep(1000);
continue;
}
} else if (i == 0) { /* end of input */
}
/* else we have data */
- if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
- ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
- char *p;
+ if ((www == 1 && HAS_PREFIX(buf, "GET "))
+ || (www == 2 && HAS_PREFIX(buf, "GET /stats "))) {
X509 *peer = NULL;
STACK_OF(SSL_CIPHER) *sk;
static const char *space = " ";
- if (www == 1 && strncmp("GET /reneg", buf, 10) == 0) {
- if (strncmp("GET /renegcert", buf, 14) == 0)
+ if (www == 1 && HAS_PREFIX(buf, "GET /reneg")) {
+ if (HAS_PREFIX(buf, "GET /renegcert"))
SSL_set_verify(con,
SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
NULL);
* we're expecting to come from the client. If they haven't
* sent one there's not much we can do.
*/
- BIO_gets(io, buf, bufsize - 1);
+ BIO_gets(io, buf, bufsize + 1);
}
BIO_puts(io,
BIO_puts(io, "\n");
for (i = 0; i < local_argc; i++) {
const char *myp;
+
for (myp = local_argv[i]; *myp; myp++)
switch (*myp) {
case '<':
}
BIO_puts(io, "\n");
- BIO_printf(io,
- "Secure Renegotiation IS%s supported\n",
- SSL_get_secure_renegotiation_support(con) ?
- "" : " NOT");
+ ssl_print_secure_renegotiation_notes(io, con);
/*
* The following is evil and should not really be done
}
BIO_puts(io, "</pre></BODY></HTML>\r\n\r\n");
break;
- } else if ((www == 2 || www == 3)
- && (strncmp("GET /", buf, 5) == 0)) {
+ } else if ((www == 2 || www == 3) && CHECK_AND_SKIP_PREFIX(p, "GET /")) {
BIO *file;
- char *p, *e;
+ char *e;
static const char *text =
"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
- /* skip the '/' */
- p = &(buf[5]);
-
dot = 1;
for (e = p; *e != '\0'; e++) {
if (e[0] == ' ')
}
/* send the file */
#ifndef OPENSSL_NO_KTLS
- if (use_sendfile) {
+ if (use_sendfile_for_req && !BIO_get_ktls_send(SSL_get_wbio(con))) {
+ BIO_printf(bio_err, "Warning: sendfile requested but KTLS is not available\n");
+ use_sendfile_for_req = 0;
+ }
+ if (use_sendfile_for_req) {
FILE *fp = NULL;
int fd;
struct stat st;
err:
OPENSSL_free(buf);
+ BIO_free(ssl_bio);
BIO_free_all(io);
return ret;
}
int ret = 1;
SSL *con;
BIO *io, *ssl_bio, *sbio;
+#ifdef CHARSET_EBCDIC
+ BIO *filter;
+#endif
- buf = app_malloc(bufsize, "server rev buffer");
+ /* as we use BIO_gets(), and it always null terminates data, we need
+ * to allocate 1 byte longer buffer to fit the full 2^14 byte record */
+ buf = app_malloc(bufsize + 1, "server rev buffer");
io = BIO_new(BIO_f_buffer());
ssl_bio = BIO_new(BIO_f_ssl());
if ((io == NULL) || (ssl_bio == NULL))
goto err;
/* lets make the output buffer a reasonable size */
- if (!BIO_set_write_buffer_size(io, bufsize))
+ if (BIO_set_write_buffer_size(io, bufsize) <= 0)
goto err;
if ((con = SSL_new(ctx)) == NULL)
}
sbio = BIO_new_socket(s, BIO_NOCLOSE);
+ if (sbio == NULL) {
+ SSL_free(con);
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
SSL_set_bio(con, sbio, sbio);
SSL_set_accept_state(con);
/* No need to free |con| after this. Done by BIO_free(ssl_bio) */
BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
BIO_push(io, ssl_bio);
+ ssl_bio = NULL;
#ifdef CHARSET_EBCDIC
- io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
+ filter = BIO_new(BIO_f_ebcdic_filter());
+ if (filter == NULL)
+ goto err;
+
+ io = BIO_push(filter, io);
#endif
if (s_debug) {
print_ssl_summary(con);
for (;;) {
- i = BIO_gets(io, buf, bufsize - 1);
+ i = BIO_gets(io, buf, bufsize + 1);
if (i < 0) { /* error */
if (!BIO_should_retry(io)) {
if (!s_quiet)
continue;
}
#endif
- ossl_sleep(1000);
+ OSSL_sleep(1000);
continue;
}
} else if (i == 0) { /* end of input */
p--;
i--;
}
- if (!s_ign_eof && (i == 5) && (strncmp(buf, "CLOSE", 5) == 0)) {
+ if (!s_ign_eof && i == 5 && HAS_PREFIX(buf, "CLOSE")) {
ret = 1;
BIO_printf(bio_err, "CONNECTION CLOSED\n");
goto end;
err:
OPENSSL_free(buf);
+ BIO_free(ssl_bio);
BIO_free_all(io);
return ret;
}