X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fs_client.c;h=e6e8a0713d9bf5b3c27eb1707a08e0bebea0e2c2;hp=5f251a424782807e4d6cca6d1f4417036a1d7ee6;hb=c30c8761766d98c7fcd257b7332df5cd56c40a6f;hpb=68b33cc5c7aa1bb98e95bfb4b61c34192a7a50e3 diff --git a/apps/s_client.c b/apps/s_client.c index 5f251a4247..e6e8a0713d 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -193,6 +193,7 @@ typedef unsigned int u_int; extern int verify_depth; extern int verify_error; extern int verify_return_error; +extern int verify_quiet; #ifdef FIONBIO static int c_nbio=0; @@ -206,14 +207,19 @@ static int c_status_req=0; static int c_msg=0; static int c_showcerts=0; +static char *keymatexportlabel=NULL; +static int keymatexportlen=20; + static void sc_usage(void); static void print_stuff(BIO *berr,SSL *con,int full); #ifndef OPENSSL_NO_TLSEXT static int ocsp_resp_cb(SSL *s, void *arg); #endif static BIO *bio_c_out=NULL; +static BIO *bio_c_msg=NULL; static int c_quiet=0; static int c_ign_eof=0; +static int c_brief=0; #ifndef OPENSSL_NO_PSK /* Default PSK identity and key */ @@ -285,8 +291,12 @@ static void sc_usage(void) BIO_printf(bio_err," -host host - use -connect instead\n"); BIO_printf(bio_err," -port port - use -connect instead\n"); BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); + BIO_printf(bio_err," -verify_host host - check peer certificate matches \"host\"\n"); + BIO_printf(bio_err," -verify_email email - check peer certificate matches \"email\"\n"); + BIO_printf(bio_err," -verify_ip ipaddr - check peer certificate matches \"ipaddr\"\n"); BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); + BIO_printf(bio_err," -verify_return_error - return verification errors\n"); BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); @@ -297,6 +307,7 @@ static void sc_usage(void) BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); + BIO_printf(bio_err," -prexit - print session information even on connection failure\n"); BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); BIO_printf(bio_err," -debug - extra output\n"); #ifdef WATT32 @@ -324,14 +335,17 @@ static void sc_usage(void) BIO_printf(bio_err," -srppass arg - password for 'user'\n"); BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n"); BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); - BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); + BIO_printf(bio_err," -srp_strength int - minimal length in bits for N (default %d).\n",SRP_MINIMAL_N); #endif BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); +#ifndef OPENSSL_NO_SSL3_METHOD BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); +#endif BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); + BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n"); BIO_printf(bio_err," -mtu - set the link layer MTU\n"); BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); @@ -354,11 +368,16 @@ static void sc_usage(void) BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -status - request certificate status from server\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); -# if !defined(OPENSSL_NO_NEXTPROTONEG) + BIO_printf(bio_err," -serverinfo types - send empty ClientHello extensions (comma-separated numbers)\n"); +#endif +# ifndef OPENSSL_NO_NEXTPROTONEG BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); # endif -#endif + BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n"); BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); + BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); + BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); + BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); } #ifndef OPENSSL_NO_TLSEXT @@ -397,7 +416,7 @@ typedef struct srp_arg_st #define SRP_NUMBER_ITERATIONS_FOR_PRIME 64 -static int SRP_Verify_N_and_g(BIGNUM *N, BIGNUM *g) +static int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g) { BN_CTX *bn_ctx = BN_CTX_new(); BIGNUM *p = BN_new(); @@ -425,6 +444,21 @@ static int SRP_Verify_N_and_g(BIGNUM *N, BIGNUM *g) return ret; } +/* This callback is used here for two purposes: + - extended debugging + - making some primality tests for unknown groups + The callback is only called for a non default group. + + An application does not need the call back at all if + only the stanard groups are used. In real life situations, + client and server already share well known groups, + thus there is no need to verify them. + Furthermore, in case that a server actually proposes a group that + is not one of those defined in RFC 5054, it is more appropriate + to add the group to a static list and then compare since + primality tests are rather cpu consuming. +*/ + static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg) { SRP_ARG *srp_arg = (SRP_ARG *)arg; @@ -447,11 +481,11 @@ static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg) if (srp_arg->debug) BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n"); -/* The srp_moregroups must be used with caution, testing primes costs time. +/* The srp_moregroups is a real debugging feature. Implementors should rather add the value to the known ones. The minimal size has already been tested. */ - if (BN_num_bits(g) <= BN_BITS && SRP_Verify_N_and_g(N,g)) + if (BN_num_bits(g) <= BN_BITS && srp_Verify_N_and_g(N,g)) return 1; } BIO_printf(bio_err, "SRP param N and g rejected.\n"); @@ -480,13 +514,8 @@ static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) return pass; } -static char * MS_CALLBACK missing_srp_username_callback(SSL *s, void *arg) - { - SRP_ARG *srp_arg = (SRP_ARG *)arg; - return BUF_strdup(srp_arg->srplogin); - } - #endif + char *srtp_profiles = NULL; # ifndef OPENSSL_NO_NEXTPROTONEG /* This the context that we pass to next_proto_cb */ @@ -520,7 +549,28 @@ static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, con ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); return SSL_TLSEXT_ERR_OK; } -# endif +# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ + +static int serverinfo_cli_parse_cb(SSL* s, unsigned int ext_type, + const unsigned char* in, size_t inlen, + int* al, void* arg) + { + char pem_name[100]; + unsigned char ext_buf[4 + 65536]; + + /* Reconstruct the type/len fields prior to extension data */ + ext_buf[0] = ext_type >> 8; + ext_buf[1] = ext_type & 0xFF; + ext_buf[2] = inlen >> 8; + ext_buf[3] = inlen & 0xFF; + memcpy(ext_buf+4, in, inlen); + + BIO_snprintf(pem_name, sizeof(pem_name), "SERVERINFO FOR EXTENSION %d", + ext_type); + PEM_write_bio(bio_c_out, pem_name, "", ext_buf, 4 + inlen); + return 1; + } + #endif enum @@ -537,7 +587,7 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { - unsigned int off=0, clr=0; + int build_chain = 0; SSL *con=NULL; #ifndef OPENSSL_NO_KRB5 KSSL_CTX *kctx; @@ -550,13 +600,16 @@ int MAIN(int argc, char **argv) short port=PORT; int full_log=1; char *host=SSL_HOST_NAME; - char *cert_file=NULL,*key_file=NULL; + char *cert_file=NULL,*key_file=NULL,*chain_file=NULL; int cert_format = FORMAT_PEM, key_format = FORMAT_PEM; char *passarg = NULL, *pass = NULL; X509 *cert = NULL; EVP_PKEY *key = NULL; - char *CApath=NULL,*CAfile=NULL,*cipher=NULL; - int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; + STACK_OF(X509) *chain = NULL; + char *CApath=NULL,*CAfile=NULL; + char *chCApath=NULL,*chCAfile=NULL; + char *vfyCApath=NULL,*vfyCAfile=NULL; + int reconnect=0,badop=0,verify=SSL_VERIFY_NONE; int crlf=0; int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; SSL_CTX *ctx=NULL; @@ -590,29 +643,40 @@ int MAIN(int argc, char **argv) # ifndef OPENSSL_NO_NEXTPROTONEG const char *next_proto_neg_in = NULL; # endif + const char *alpn_in = NULL; +# define MAX_SI_TYPES 100 + unsigned short serverinfo_types[MAX_SI_TYPES]; + int serverinfo_types_count = 0; #endif char *sess_in = NULL; char *sess_out = NULL; struct sockaddr peer; int peerlen = sizeof(peer); + int fallback_scsv = 0; int enable_timeouts = 0 ; long socket_mtu = 0; #ifndef OPENSSL_NO_JPAKE - char *jpake_secret = NULL; +static char *jpake_secret = NULL; +#define no_jpake !jpake_secret +#else +#define no_jpake 1 #endif #ifndef OPENSSL_NO_SRP char * srppass = NULL; int srp_lateuser = 0; SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024}; #endif + SSL_EXCERT *exc = NULL; + + SSL_CONF_CTX *cctx = NULL; + STACK_OF(OPENSSL_STRING) *ssl_args = NULL; + + char *crl_file = NULL; + int crl_format = FORMAT_PEM; + int crl_download = 0; + STACK_OF(X509_CRL) *crls = NULL; -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_client_method(); -#elif !defined(OPENSSL_NO_SSL3) - meth=SSLv3_client_method(); -#elif !defined(OPENSSL_NO_SSL2) - meth=SSLv2_client_method(); -#endif apps_startup(); c_Pause=0; @@ -628,6 +692,12 @@ int MAIN(int argc, char **argv) if (!load_config(bio_err, NULL)) goto end; + cctx = SSL_CONF_CTX_new(); + if (!cctx) + goto end; + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT); + SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CMDLINE); + if ( ((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || ((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || ((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL)) @@ -668,13 +738,21 @@ int MAIN(int argc, char **argv) verify=SSL_VERIFY_PEER; if (--argc < 1) goto bad; verify_depth=atoi(*(++argv)); - BIO_printf(bio_err,"verify depth is %d\n",verify_depth); + if (!c_quiet) + BIO_printf(bio_err,"verify depth is %d\n",verify_depth); } else if (strcmp(*argv,"-cert") == 0) { if (--argc < 1) goto bad; cert_file= *(++argv); } + else if (strcmp(*argv,"-CRL") == 0) + { + if (--argc < 1) goto bad; + crl_file= *(++argv); + } + else if (strcmp(*argv,"-crl_download") == 0) + crl_download = 1; else if (strcmp(*argv,"-sess_out") == 0) { if (--argc < 1) goto bad; @@ -690,6 +768,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; cert_format = str2fmt(*(++argv)); } + else if (strcmp(*argv,"-CRLform") == 0) + { + if (--argc < 1) goto bad; + crl_format = str2fmt(*(++argv)); + } else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) { if (badarg) @@ -698,6 +781,26 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-verify_return_error") == 0) verify_return_error = 1; + else if (strcmp(*argv,"-verify_quiet") == 0) + verify_quiet = 1; + else if (strcmp(*argv,"-brief") == 0) + { + c_brief = 1; + verify_quiet = 1; + c_quiet = 1; + } + else if (args_excert(&argv, &argc, &badarg, bio_err, &exc)) + { + if (badarg) + goto bad; + continue; + } + else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args)) + { + if (badarg) + goto bad; + continue; + } else if (strcmp(*argv,"-prexit") == 0) prexit=1; else if (strcmp(*argv,"-crlf") == 0) @@ -727,6 +830,15 @@ int MAIN(int argc, char **argv) #endif else if (strcmp(*argv,"-msg") == 0) c_msg=1; + else if (strcmp(*argv,"-msgfile") == 0) + { + if (--argc < 1) goto bad; + bio_c_msg = BIO_new_file(*(++argv), "w"); + } +#ifndef OPENSSL_NO_SSL_TRACE + else if (strcmp(*argv,"-trace") == 0) + c_msg=2; +#endif else if (strcmp(*argv,"-showcerts") == 0) c_showcerts=1; else if (strcmp(*argv,"-nbio_test") == 0) @@ -747,7 +859,7 @@ int MAIN(int argc, char **argv) psk_key=*(++argv); for (j = 0; j < strlen(psk_key); j++) { - if (isxdigit((int)psk_key[j])) + if (isxdigit((unsigned char)psk_key[j])) continue; BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); goto bad; @@ -789,7 +901,7 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-ssl2") == 0) meth=SSLv2_client_method(); #endif -#ifndef OPENSSL_NO_SSL3 +#ifndef OPENSSL_NO_SSL3_METHOD else if (strcmp(*argv,"-ssl3") == 0) meth=SSLv3_client_method(); #endif @@ -802,11 +914,21 @@ int MAIN(int argc, char **argv) meth=TLSv1_client_method(); #endif #ifndef OPENSSL_NO_DTLS1 + else if (strcmp(*argv,"-dtls") == 0) + { + meth=DTLS_client_method(); + socket_type=SOCK_DGRAM; + } else if (strcmp(*argv,"-dtls1") == 0) { meth=DTLSv1_client_method(); socket_type=SOCK_DGRAM; } + else if (strcmp(*argv,"-dtls1_2") == 0) + { + meth=DTLSv1_2_client_method(); + socket_type=SOCK_DGRAM; + } else if (strcmp(*argv,"-timeout") == 0) enable_timeouts=1; else if (strcmp(*argv,"-mtu") == 0) @@ -815,8 +937,10 @@ int MAIN(int argc, char **argv) socket_mtu = atol(*(++argv)); } #endif - else if (strcmp(*argv,"-bugs") == 0) - bugs=1; + else if (strcmp(*argv,"-fallback_scsv") == 0) + { + fallback_scsv = 1; + } else if (strcmp(*argv,"-keyform") == 0) { if (--argc < 1) goto bad; @@ -827,6 +951,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; passarg = *(++argv); } + else if (strcmp(*argv,"-cert_chain") == 0) + { + if (--argc < 1) goto bad; + chain_file= *(++argv); + } else if (strcmp(*argv,"-key") == 0) { if (--argc < 1) goto bad; @@ -841,26 +970,34 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; CApath= *(++argv); } + else if (strcmp(*argv,"-chainCApath") == 0) + { + if (--argc < 1) goto bad; + chCApath= *(++argv); + } + else if (strcmp(*argv,"-verifyCApath") == 0) + { + if (--argc < 1) goto bad; + vfyCApath= *(++argv); + } + else if (strcmp(*argv,"-build_chain") == 0) + build_chain = 1; else if (strcmp(*argv,"-CAfile") == 0) { if (--argc < 1) goto bad; CAfile= *(++argv); } - else if (strcmp(*argv,"-no_tls1_2") == 0) - off|=SSL_OP_NO_TLSv1_2; - else if (strcmp(*argv,"-no_tls1_1") == 0) - off|=SSL_OP_NO_TLSv1_1; - else if (strcmp(*argv,"-no_tls1") == 0) - off|=SSL_OP_NO_TLSv1; - else if (strcmp(*argv,"-no_ssl3") == 0) - off|=SSL_OP_NO_SSLv3; - else if (strcmp(*argv,"-no_ssl2") == 0) - off|=SSL_OP_NO_SSLv2; - else if (strcmp(*argv,"-no_comp") == 0) - { off|=SSL_OP_NO_COMPRESSION; } + else if (strcmp(*argv,"-chainCAfile") == 0) + { + if (--argc < 1) goto bad; + chCAfile= *(++argv); + } + else if (strcmp(*argv,"-verifyCAfile") == 0) + { + if (--argc < 1) goto bad; + vfyCAfile= *(++argv); + } #ifndef OPENSSL_NO_TLSEXT - else if (strcmp(*argv,"-no_ticket") == 0) - { off|=SSL_OP_NO_TICKET; } # ifndef OPENSSL_NO_NEXTPROTONEG else if (strcmp(*argv,"-nextprotoneg") == 0) { @@ -868,20 +1005,35 @@ int MAIN(int argc, char **argv) next_proto_neg_in = *(++argv); } # endif -#endif - else if (strcmp(*argv,"-serverpref") == 0) - off|=SSL_OP_CIPHER_SERVER_PREFERENCE; - else if (strcmp(*argv,"-legacy_renegotiation") == 0) - off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; - else if (strcmp(*argv,"-legacy_server_connect") == 0) - { off|=SSL_OP_LEGACY_SERVER_CONNECT; } - else if (strcmp(*argv,"-no_legacy_server_connect") == 0) - { clr|=SSL_OP_LEGACY_SERVER_CONNECT; } - else if (strcmp(*argv,"-cipher") == 0) + else if (strcmp(*argv,"-alpn") == 0) { if (--argc < 1) goto bad; - cipher= *(++argv); + alpn_in = *(++argv); } + else if (strcmp(*argv,"-serverinfo") == 0) + { + char *c; + int start = 0; + int len; + + if (--argc < 1) goto bad; + c = *(++argv); + serverinfo_types_count = 0; + len = strlen(c); + for (i = 0; i <= len; ++i) + { + if (i == len || c[i] == ',') + { + serverinfo_types[serverinfo_types_count] + = atoi(c+start); + serverinfo_types_count++; + start = i+1; + } + if (serverinfo_types_count == MAX_SI_TYPES) + break; + } + } +#endif #ifdef FIONBIO else if (strcmp(*argv,"-nbio") == 0) { c_nbio=1; } @@ -935,7 +1087,23 @@ int MAIN(int argc, char **argv) jpake_secret = *++argv; } #endif - else + else if (strcmp(*argv,"-use_srtp") == 0) + { + if (--argc < 1) goto bad; + srtp_profiles = *(++argv); + } + else if (strcmp(*argv,"-keymatexport") == 0) + { + if (--argc < 1) goto bad; + keymatexportlabel= *(++argv); + } + else if (strcmp(*argv,"-keymatexportlen") == 0) + { + if (--argc < 1) goto bad; + keymatexportlen=atoi(*(++argv)); + if (keymatexportlen == 0) goto bad; + } + else { BIO_printf(bio_err,"unknown option %s\n",*argv); badop=1; @@ -962,13 +1130,6 @@ bad: } psk_identity = "JPAKE"; } - - if (cipher) - { - BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); - goto end; - } - cipher = "PSK"; #endif OpenSSL_add_ssl_algorithms(); @@ -1040,6 +1201,37 @@ bad: } } + if (chain_file) + { + chain = load_certs(bio_err, chain_file,FORMAT_PEM, + NULL, e, "client certificate chain"); + if (!chain) + goto end; + } + + if (crl_file) + { + X509_CRL *crl; + crl = load_crl(crl_file, crl_format); + if (!crl) + { + BIO_puts(bio_err, "Error loading CRL\n"); + ERR_print_errors(bio_err); + goto end; + } + crls = sk_X509_CRL_new_null(); + if (!crls || !sk_X509_CRL_push(crls, crl)) + { + BIO_puts(bio_err, "Error adding CRL\n"); + ERR_print_errors(bio_err); + X509_CRL_free(crl); + goto end; + } + } + + if (!load_excert(&exc, bio_err)) + goto end; + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && !RAND_status()) { @@ -1051,9 +1243,11 @@ bad: if (bio_c_out == NULL) { - if (c_quiet && !c_debug && !c_msg) + if (c_quiet && !c_debug) { bio_c_out=BIO_new(BIO_s_null()); + if (c_msg && !bio_c_msg) + bio_c_msg=BIO_new_fp(stdout,BIO_NOCLOSE); } else { @@ -1080,6 +1274,20 @@ bad: if (vpm) SSL_CTX_set1_param(ctx, vpm); + if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, 1, no_jpake)) + { + ERR_print_errors(bio_err); + goto end; + } + + if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile, + crls, crl_download)) + { + BIO_printf(bio_err, "Error loading store locations\n"); + ERR_print_errors(bio_err); + goto end; + } + #ifndef OPENSSL_NO_ENGINE if (ssl_client_engine) { @@ -1105,39 +1313,52 @@ bad: BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n"); SSL_CTX_set_psk_client_callback(ctx, psk_client_cb); } + if (srtp_profiles != NULL) + SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); #endif - if (bugs) - SSL_CTX_set_options(ctx,SSL_OP_ALL|off); - else - SSL_CTX_set_options(ctx,off); - - if (clr) - SSL_CTX_clear_options(ctx, clr); + if (exc) ssl_ctx_set_excert(ctx, exc); /* DTLS: partial reads end up discarding unread UDP bytes :-( * Setting read ahead solves this problem. */ if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); -#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if !defined(OPENSSL_NO_TLSEXT) +# if !defined(OPENSSL_NO_NEXTPROTONEG) if (next_proto.data) SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); +# endif + if (alpn_in) + { + unsigned short alpn_len; + unsigned char *alpn = next_protos_parse(&alpn_len, alpn_in); + + if (alpn == NULL) + { + BIO_printf(bio_err, "Error parsing -alpn argument\n"); + goto end; + } + SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); + OPENSSL_free(alpn); + } +#endif +#ifndef OPENSSL_NO_TLSEXT + for (i = 0; i < serverinfo_types_count; i++) + { + SSL_CTX_add_client_custom_ext(ctx, + serverinfo_types[i], + NULL, NULL, NULL, + serverinfo_cli_parse_cb, + NULL); + } #endif if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); - if (cipher != NULL) - if(!SSL_CTX_set_cipher_list(ctx,cipher)) { - BIO_printf(bio_err,"error setting cipher list\n"); - ERR_print_errors(bio_err); - goto end; - } #if 0 else SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER")); #endif SSL_CTX_set_verify(ctx,verify,verify_callback); - if (!set_cert_key_stuff(ctx,cert,key)) - goto end; if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || (!SSL_CTX_set_default_verify_paths(ctx))) @@ -1147,6 +1368,10 @@ bad: /* goto end; */ } + ssl_ctx_add_crls(ctx, crls, crl_download); + if (!set_cert_key_stuff(ctx,cert,key,chain,build_chain)) + goto end; + #ifndef OPENSSL_NO_TLSEXT if (servername != NULL) { @@ -1157,9 +1382,7 @@ bad: #ifndef OPENSSL_NO_SRP if (srp_arg.srplogin) { - if (srp_lateuser) - SSL_CTX_set_srp_missing_srp_username_callback(ctx,missing_srp_username_callback); - else if (!SSL_CTX_set_srp_username(ctx, srp_arg.srplogin)) + if (!srp_lateuser && !SSL_CTX_set_srp_username(ctx, srp_arg.srplogin)) { BIO_printf(bio_err,"Unable to set SRP username\n"); goto end; @@ -1200,6 +1423,10 @@ bad: SSL_set_session(con, sess); SSL_SESSION_free(sess); } + + if (fallback_scsv) + SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV); + #ifndef OPENSSL_NO_TLSEXT if (servername != NULL) { @@ -1249,7 +1476,7 @@ re_start: #endif if (c_Pause & 0x01) SSL_set_debug(con, 1); - if ( SSL_version(con) == DTLS1_VERSION) + if (socket_type == SOCK_DGRAM) { sbio=BIO_new_dgram(s,BIO_NOCLOSE); @@ -1274,10 +1501,22 @@ re_start: BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); } - if (socket_mtu > 28) + if (socket_mtu) { + if(socket_mtu < DTLS_get_link_min_mtu(con)) + { + BIO_printf(bio_err,"MTU too small. Must be at least %ld\n", + DTLS_get_link_min_mtu(con)); + BIO_free(sbio); + goto shut; + } SSL_set_options(con, SSL_OP_NO_QUERY_MTU); - SSL_set_mtu(con, socket_mtu - 28); + if(!DTLS_set_link_mtu(con, socket_mtu)) + { + BIO_printf(bio_err, "Failed to set MTU\n"); + BIO_free(sbio); + goto shut; + } } else /* want to do MTU discovery */ @@ -1302,8 +1541,13 @@ re_start: } if (c_msg) { - SSL_set_msg_callback(con, msg_cb); - SSL_set_msg_callback_arg(con, bio_c_out); +#ifndef OPENSSL_NO_SSL_TRACE + if (c_msg == 2) + SSL_set_msg_callback(con, SSL_trace); + else +#endif + SSL_set_msg_callback(con, msg_cb); + SSL_set_msg_callback_arg(con, bio_c_msg ? bio_c_msg : bio_c_out); } #ifndef OPENSSL_NO_TLSEXT if (c_tlsextdebug) @@ -1503,6 +1747,13 @@ SSL_set_tlsext_status_ids(con, ids); else BIO_printf(bio_err, "Error writing session file %s\n", sess_out); } + if (c_brief) + { + BIO_puts(bio_err, + "CONNECTION ESTABLISHED\n"); + print_ssl_summary(bio_err, con); + } + print_stuff(bio_c_out,con,full_log); if (full_log > 0) full_log--; @@ -1765,7 +2016,10 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240 break; case SSL_ERROR_SYSCALL: ret=get_last_socket_error(); - BIO_printf(bio_err,"read:errno=%d\n",ret); + if (c_brief) + BIO_puts(bio_err, "CONNECTION CLOSED BY SERVER\n"); + else + BIO_printf(bio_err,"read:errno=%d\n",ret); goto shut; case SSL_ERROR_ZERO_RETURN: BIO_printf(bio_c_out,"closed\n"); @@ -1830,6 +2084,14 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240 SSL_renegotiate(con); cbuf_len=0; } +#ifndef OPENSSL_NO_HEARTBEATS + else if ((!c_ign_eof) && (cbuf[0] == 'B')) + { + BIO_printf(bio_err,"HEARTBEATING\n"); + SSL_heartbeat(con); + cbuf_len=0; + } +#endif else { cbuf_len=i; @@ -1857,13 +2119,32 @@ end: print_stuff(bio_c_out,con,1); SSL_free(con); } +#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) + if (next_proto.data) + OPENSSL_free(next_proto.data); +#endif if (ctx != NULL) SSL_CTX_free(ctx); if (cert) X509_free(cert); + if (crls) + sk_X509_CRL_pop_free(crls, X509_CRL_free); if (key) EVP_PKEY_free(key); + if (chain) + sk_X509_pop_free(chain, X509_free); if (pass) OPENSSL_free(pass); + if (vpm) + X509_VERIFY_PARAM_free(vpm); + ssl_excert_free(exc); + if (ssl_args) + sk_OPENSSL_STRING_free(ssl_args); + if (cctx) + SSL_CONF_CTX_free(cctx); +#ifndef OPENSSL_NO_JPAKE + if (jpake_secret && psk_key) + OPENSSL_free(psk_key); +#endif if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } @@ -1872,6 +2153,11 @@ end: BIO_free(bio_c_out); bio_c_out=NULL; } + if (bio_c_msg != NULL) + { + BIO_free(bio_c_msg); + bio_c_msg=NULL; + } apps_shutdown(); OPENSSL_EXIT(ret); } @@ -1891,6 +2177,7 @@ static void print_stuff(BIO *bio, SSL *s, int full) #ifndef OPENSSL_NO_COMP const COMP_METHOD *comp, *expansion; #endif + unsigned char *exportedkeymat; if (full) { @@ -1977,6 +2264,9 @@ static void print_stuff(BIO *bio, SSL *s, int full) BIO_write(bio,"\n",1); } + ssl_print_sigalgs(bio, s); + ssl_print_tmp_key(bio, s); + BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n", BIO_number_read(SSL_get_rbio(s)), BIO_number_written(SSL_get_wbio(s))); @@ -2016,7 +2306,8 @@ static void print_stuff(BIO *bio, SSL *s, int full) } #endif -#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if !defined(OPENSSL_NO_TLSEXT) +# if !defined(OPENSSL_NO_NEXTPROTONEG) if (next_proto.status != -1) { const unsigned char *proto; unsigned int proto_len; @@ -2025,9 +2316,58 @@ static void print_stuff(BIO *bio, SSL *s, int full) BIO_write(bio, proto, proto_len); BIO_write(bio, "\n", 1); } +# endif + { + const unsigned char *proto; + unsigned int proto_len; + SSL_get0_alpn_selected(s, &proto, &proto_len); + if (proto_len > 0) + { + BIO_printf(bio, "ALPN protocol: "); + BIO_write(bio, proto, proto_len); + BIO_write(bio, "\n", 1); + } + else + BIO_printf(bio, "No ALPN negotiated\n"); + } #endif + { + SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s); + + if(srtp_profile) + BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n", + srtp_profile->name); + } + SSL_SESSION_print(bio,SSL_get_session(s)); + if (keymatexportlabel != NULL) + { + BIO_printf(bio, "Keying material exporter:\n"); + BIO_printf(bio, " Label: '%s'\n", keymatexportlabel); + BIO_printf(bio, " Length: %i bytes\n", keymatexportlen); + exportedkeymat = OPENSSL_malloc(keymatexportlen); + if (exportedkeymat != NULL) + { + if (!SSL_export_keying_material(s, exportedkeymat, + keymatexportlen, + keymatexportlabel, + strlen(keymatexportlabel), + NULL, 0, 0)) + { + BIO_printf(bio, " Error\n"); + } + else + { + BIO_printf(bio, " Keying material: "); + for (i=0; i