perlasm: fix symptom-less bugs, missing semicolons and 'my' declarations.
[openssl.git] / apps / s_cb.c
1 /* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111
112 #include <stdio.h>
113 #include <stdlib.h>
114 #define USE_SOCKETS
115 #define NON_MAIN
116 #include "apps.h"
117 #undef NON_MAIN
118 #undef USE_SOCKETS
119 #include <openssl/err.h>
120 #include <openssl/rand.h>
121 #include <openssl/x509.h>
122 #include <openssl/ssl.h>
123 #include "s_apps.h"
124
125 #define COOKIE_SECRET_LENGTH    16
126
127 int verify_depth=0;
128 int verify_error=X509_V_OK;
129 int verify_return_error=0;
130 unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
131 int cookie_initialized=0;
132
133 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
134         {
135         X509 *err_cert;
136         int err,depth;
137
138         err_cert=X509_STORE_CTX_get_current_cert(ctx);
139         err=    X509_STORE_CTX_get_error(ctx);
140         depth=  X509_STORE_CTX_get_error_depth(ctx);
141
142         BIO_printf(bio_err,"depth=%d ",depth);
143         if (err_cert)
144                 {
145                 X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
146                                         0, XN_FLAG_ONELINE);
147                 BIO_puts(bio_err, "\n");
148                 }
149         else
150                 BIO_puts(bio_err, "<no cert>\n");
151         if (!ok)
152                 {
153                 BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
154                         X509_verify_cert_error_string(err));
155                 if (verify_depth >= depth)
156                         {
157                         if (!verify_return_error)
158                                 ok=1;
159                         verify_error=X509_V_OK;
160                         }
161                 else
162                         {
163                         ok=0;
164                         verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
165                         }
166                 }
167         switch (err)
168                 {
169         case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
170                 BIO_puts(bio_err,"issuer= ");
171                 X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
172                                         0, XN_FLAG_ONELINE);
173                 BIO_puts(bio_err, "\n");
174                 break;
175         case X509_V_ERR_CERT_NOT_YET_VALID:
176         case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
177                 BIO_printf(bio_err,"notBefore=");
178                 ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
179                 BIO_printf(bio_err,"\n");
180                 break;
181         case X509_V_ERR_CERT_HAS_EXPIRED:
182         case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
183                 BIO_printf(bio_err,"notAfter=");
184                 ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
185                 BIO_printf(bio_err,"\n");
186                 break;
187         case X509_V_ERR_NO_EXPLICIT_POLICY:
188                 policies_print(bio_err, ctx);
189                 break;
190                 }
191         if (err == X509_V_OK && ok == 2)
192                 policies_print(bio_err, ctx);
193
194         BIO_printf(bio_err,"verify return:%d\n",ok);
195         return(ok);
196         }
197
198 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
199         {
200         if (cert_file != NULL)
201                 {
202                 /*
203                 SSL *ssl;
204                 X509 *x509;
205                 */
206
207                 if (SSL_CTX_use_certificate_file(ctx,cert_file,
208                         SSL_FILETYPE_PEM) <= 0)
209                         {
210                         BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
211                         ERR_print_errors(bio_err);
212                         return(0);
213                         }
214                 if (key_file == NULL) key_file=cert_file;
215                 if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
216                         SSL_FILETYPE_PEM) <= 0)
217                         {
218                         BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
219                         ERR_print_errors(bio_err);
220                         return(0);
221                         }
222
223                 /*
224                 In theory this is no longer needed 
225                 ssl=SSL_new(ctx);
226                 x509=SSL_get_certificate(ssl);
227
228                 if (x509 != NULL) {
229                         EVP_PKEY *pktmp;
230                         pktmp = X509_get_pubkey(x509);
231                         EVP_PKEY_copy_parameters(pktmp,
232                                                 SSL_get_privatekey(ssl));
233                         EVP_PKEY_free(pktmp);
234                 }
235                 SSL_free(ssl);
236                 */
237
238                 /* If we are using DSA, we can copy the parameters from
239                  * the private key */
240                 
241                 
242                 /* Now we know that a key and cert have been set against
243                  * the SSL context */
244                 if (!SSL_CTX_check_private_key(ctx))
245                         {
246                         BIO_printf(bio_err,"Private key does not match the certificate public key\n");
247                         return(0);
248                         }
249                 }
250         return(1);
251         }
252
253 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
254                                                         STACK_OF(X509) *chain)
255         {
256         if (cert ==  NULL)
257                 return 1;
258         if (SSL_CTX_use_certificate(ctx,cert) <= 0)
259                 {
260                 BIO_printf(bio_err,"error setting certificate\n");
261                 ERR_print_errors(bio_err);
262                 return 0;
263                 }
264         if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
265                 {
266                 BIO_printf(bio_err,"error setting private key\n");
267                 ERR_print_errors(bio_err);
268                 return 0;
269                 }
270
271                 
272                 /* Now we know that a key and cert have been set against
273                  * the SSL context */
274         if (!SSL_CTX_check_private_key(ctx))
275                 {
276                 BIO_printf(bio_err,"Private key does not match the certificate public key\n");
277                 return 0;
278                 }
279         if (chain && !SSL_CTX_set1_chain(ctx, chain))
280                 {
281                 BIO_printf(bio_err,"error setting certificate chain\n");
282                 ERR_print_errors(bio_err);
283                 return 0;
284                 }
285         return 1;
286         }
287
288 int ssl_print_sigalgs(BIO *out, SSL *s)
289         {
290         int i, nsig;
291         nsig = SSL_get_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL);
292         if (nsig == 0)
293                 return 1;
294
295         BIO_puts(out, "Signature Algorithms: ");
296         for (i = 0; i < nsig; i++)
297                 {
298                 int hash_nid, sign_nid;
299                 unsigned char rhash, rsign;
300                 const char *sstr = NULL;
301                 SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL,
302                                                         &rsign, &rhash);
303                 if (i)
304                         BIO_puts(out, ":");
305                 if (sign_nid == EVP_PKEY_RSA)
306                         sstr = "RSA";
307                 else if(sign_nid == EVP_PKEY_DSA)
308                         sstr = "DSA";
309                 else if(sign_nid == EVP_PKEY_EC)
310                         sstr = "ECDSA";
311                 if (sstr)
312                         BIO_printf(out,"%s+", sstr);
313                 else
314                         BIO_printf(out,"0x%02X+", (int)rsign);
315                 if (hash_nid != NID_undef)
316                         BIO_printf(out, "%s", OBJ_nid2sn(hash_nid));
317                 else
318                         BIO_printf(out,"0x%02X", (int)rhash);
319                 }
320         BIO_puts(out, "\n");
321         return 1;
322         }
323
324 int ssl_print_curves(BIO *out, SSL *s)
325         {
326         int i, ncurves, *curves, nid;
327         const char *cname;
328         ncurves = SSL_get1_curves(s, NULL);
329         if (ncurves <= 0)
330                 return 1;
331         curves = OPENSSL_malloc(ncurves * sizeof(int));
332         SSL_get1_curves(s, curves);
333
334         BIO_puts(out, "Supported Elliptic Curves: ");
335         for (i = 0; i < ncurves; i++)
336                 {
337                 if (i)
338                         BIO_puts(out, ":");
339                 nid = curves[i];
340                 /* If unrecognised print out hex version */
341                 if (nid & TLSEXT_nid_unknown)
342                         BIO_printf(out, "0x%04X", nid & 0xFFFF);
343                 else
344                         {
345                         /* Use NIST name for curve if it exists */
346                         cname = EC_curve_nid2nist(nid);
347                         if (!cname)
348                                 cname = OBJ_nid2sn(nid);
349                         BIO_printf(out, "%s", cname);
350                         }
351                 }
352         BIO_puts(out, "\nShared Elliptic curves: ");
353         OPENSSL_free(curves);
354         ncurves = SSL_get_shared_curve(s, -1);
355         for (i = 0; i < ncurves; i++)
356                 {
357                 if (i)
358                         BIO_puts(out, ":");
359                 nid = SSL_get_shared_curve(s, i);
360                 cname = EC_curve_nid2nist(nid);
361                 if (!cname)
362                         cname = OBJ_nid2sn(nid);
363                 BIO_printf(out, "%s", cname);
364                 }
365         if (ncurves == 0)
366                 BIO_puts(out, "NONE");
367         BIO_puts(out, "\n");
368         return 1;
369         }
370
371
372 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
373                                    int argi, long argl, long ret)
374         {
375         BIO *out;
376
377         out=(BIO *)BIO_get_callback_arg(bio);
378         if (out == NULL) return(ret);
379
380         if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
381                 {
382                 BIO_printf(out,"read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
383                         (void *)bio,argp,(unsigned long)argi,ret,ret);
384                 BIO_dump(out,argp,(int)ret);
385                 return(ret);
386                 }
387         else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
388                 {
389                 BIO_printf(out,"write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
390                         (void *)bio,argp,(unsigned long)argi,ret,ret);
391                 BIO_dump(out,argp,(int)ret);
392                 }
393         return(ret);
394         }
395
396 void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
397         {
398         const char *str;
399         int w;
400
401         w=where& ~SSL_ST_MASK;
402
403         if (w & SSL_ST_CONNECT) str="SSL_connect";
404         else if (w & SSL_ST_ACCEPT) str="SSL_accept";
405         else str="undefined";
406
407         if (where & SSL_CB_LOOP)
408                 {
409                 BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
410                 }
411         else if (where & SSL_CB_ALERT)
412                 {
413                 str=(where & SSL_CB_READ)?"read":"write";
414                 BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
415                         str,
416                         SSL_alert_type_string_long(ret),
417                         SSL_alert_desc_string_long(ret));
418                 }
419         else if (where & SSL_CB_EXIT)
420                 {
421                 if (ret == 0)
422                         BIO_printf(bio_err,"%s:failed in %s\n",
423                                 str,SSL_state_string_long(s));
424                 else if (ret < 0)
425                         {
426                         BIO_printf(bio_err,"%s:error in %s\n",
427                                 str,SSL_state_string_long(s));
428                         }
429                 }
430         }
431
432
433 void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
434         {
435         BIO *bio = arg;
436         const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2= "";
437         
438         str_write_p = write_p ? ">>>" : "<<<";
439
440         switch (version)
441                 {
442         case SSL2_VERSION:
443                 str_version = "SSL 2.0";
444                 break;
445         case SSL3_VERSION:
446                 str_version = "SSL 3.0 ";
447                 break;
448         case TLS1_VERSION:
449                 str_version = "TLS 1.0 ";
450                 break;
451         case TLS1_1_VERSION:
452                 str_version = "TLS 1.1 ";
453                 break;
454         case TLS1_2_VERSION:
455                 str_version = "TLS 1.2 ";
456                 break;
457         case DTLS1_VERSION:
458                 str_version = "DTLS 1.0 ";
459                 break;
460         case DTLS1_BAD_VER:
461                 str_version = "DTLS 1.0 (bad) ";
462                 break;
463         default:
464                 str_version = "???";
465                 }
466
467         if (version == SSL2_VERSION)
468                 {
469                 str_details1 = "???";
470
471                 if (len > 0)
472                         {
473                         switch (((const unsigned char*)buf)[0])
474                                 {
475                                 case 0:
476                                         str_details1 = ", ERROR:";
477                                         str_details2 = " ???";
478                                         if (len >= 3)
479                                                 {
480                                                 unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
481                                                 
482                                                 switch (err)
483                                                         {
484                                                 case 0x0001:
485                                                         str_details2 = " NO-CIPHER-ERROR";
486                                                         break;
487                                                 case 0x0002:
488                                                         str_details2 = " NO-CERTIFICATE-ERROR";
489                                                         break;
490                                                 case 0x0004:
491                                                         str_details2 = " BAD-CERTIFICATE-ERROR";
492                                                         break;
493                                                 case 0x0006:
494                                                         str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
495                                                         break;
496                                                         }
497                                                 }
498
499                                         break;
500                                 case 1:
501                                         str_details1 = ", CLIENT-HELLO";
502                                         break;
503                                 case 2:
504                                         str_details1 = ", CLIENT-MASTER-KEY";
505                                         break;
506                                 case 3:
507                                         str_details1 = ", CLIENT-FINISHED";
508                                         break;
509                                 case 4:
510                                         str_details1 = ", SERVER-HELLO";
511                                         break;
512                                 case 5:
513                                         str_details1 = ", SERVER-VERIFY";
514                                         break;
515                                 case 6:
516                                         str_details1 = ", SERVER-FINISHED";
517                                         break;
518                                 case 7:
519                                         str_details1 = ", REQUEST-CERTIFICATE";
520                                         break;
521                                 case 8:
522                                         str_details1 = ", CLIENT-CERTIFICATE";
523                                         break;
524                                 }
525                         }
526                 }
527
528         if (version == SSL3_VERSION ||
529             version == TLS1_VERSION ||
530             version == DTLS1_VERSION ||
531             version == DTLS1_BAD_VER)
532                 {
533                 switch (content_type)
534                         {
535                 case 20:
536                         str_content_type = "ChangeCipherSpec";
537                         break;
538                 case 21:
539                         str_content_type = "Alert";
540                         break;
541                 case 22:
542                         str_content_type = "Handshake";
543                         break;
544                         }
545
546                 if (content_type == 21) /* Alert */
547                         {
548                         str_details1 = ", ???";
549                         
550                         if (len == 2)
551                                 {
552                                 switch (((const unsigned char*)buf)[0])
553                                         {
554                                 case 1:
555                                         str_details1 = ", warning";
556                                         break;
557                                 case 2:
558                                         str_details1 = ", fatal";
559                                         break;
560                                         }
561
562                                 str_details2 = " ???";
563                                 switch (((const unsigned char*)buf)[1])
564                                         {
565                                 case 0:
566                                         str_details2 = " close_notify";
567                                         break;
568                                 case 10:
569                                         str_details2 = " unexpected_message";
570                                         break;
571                                 case 20:
572                                         str_details2 = " bad_record_mac";
573                                         break;
574                                 case 21:
575                                         str_details2 = " decryption_failed";
576                                         break;
577                                 case 22:
578                                         str_details2 = " record_overflow";
579                                         break;
580                                 case 30:
581                                         str_details2 = " decompression_failure";
582                                         break;
583                                 case 40:
584                                         str_details2 = " handshake_failure";
585                                         break;
586                                 case 42:
587                                         str_details2 = " bad_certificate";
588                                         break;
589                                 case 43:
590                                         str_details2 = " unsupported_certificate";
591                                         break;
592                                 case 44:
593                                         str_details2 = " certificate_revoked";
594                                         break;
595                                 case 45:
596                                         str_details2 = " certificate_expired";
597                                         break;
598                                 case 46:
599                                         str_details2 = " certificate_unknown";
600                                         break;
601                                 case 47:
602                                         str_details2 = " illegal_parameter";
603                                         break;
604                                 case 48:
605                                         str_details2 = " unknown_ca";
606                                         break;
607                                 case 49:
608                                         str_details2 = " access_denied";
609                                         break;
610                                 case 50:
611                                         str_details2 = " decode_error";
612                                         break;
613                                 case 51:
614                                         str_details2 = " decrypt_error";
615                                         break;
616                                 case 60:
617                                         str_details2 = " export_restriction";
618                                         break;
619                                 case 70:
620                                         str_details2 = " protocol_version";
621                                         break;
622                                 case 71:
623                                         str_details2 = " insufficient_security";
624                                         break;
625                                 case 80:
626                                         str_details2 = " internal_error";
627                                         break;
628                                 case 90:
629                                         str_details2 = " user_canceled";
630                                         break;
631                                 case 100:
632                                         str_details2 = " no_renegotiation";
633                                         break;
634                                 case 110:
635                                         str_details2 = " unsupported_extension";
636                                         break;
637                                 case 111:
638                                         str_details2 = " certificate_unobtainable";
639                                         break;
640                                 case 112:
641                                         str_details2 = " unrecognized_name";
642                                         break;
643                                 case 113:
644                                         str_details2 = " bad_certificate_status_response";
645                                         break;
646                                 case 114:
647                                         str_details2 = " bad_certificate_hash_value";
648                                         break;
649                                 case 115:
650                                         str_details2 = " unknown_psk_identity";
651                                         break;
652                                         }
653                                 }
654                         }
655                 
656                 if (content_type == 22) /* Handshake */
657                         {
658                         str_details1 = "???";
659
660                         if (len > 0)
661                                 {
662                                 switch (((const unsigned char*)buf)[0])
663                                         {
664                                 case 0:
665                                         str_details1 = ", HelloRequest";
666                                         break;
667                                 case 1:
668                                         str_details1 = ", ClientHello";
669                                         break;
670                                 case 2:
671                                         str_details1 = ", ServerHello";
672                                         break;
673                                 case 3:
674                                         str_details1 = ", HelloVerifyRequest";
675                                         break;
676                                 case 11:
677                                         str_details1 = ", Certificate";
678                                         break;
679                                 case 12:
680                                         str_details1 = ", ServerKeyExchange";
681                                         break;
682                                 case 13:
683                                         str_details1 = ", CertificateRequest";
684                                         break;
685                                 case 14:
686                                         str_details1 = ", ServerHelloDone";
687                                         break;
688                                 case 15:
689                                         str_details1 = ", CertificateVerify";
690                                         break;
691                                 case 16:
692                                         str_details1 = ", ClientKeyExchange";
693                                         break;
694                                 case 20:
695                                         str_details1 = ", Finished";
696                                         break;
697                                         }
698                                 }
699                         }
700
701 #ifndef OPENSSL_NO_HEARTBEATS
702                 if (content_type == 24) /* Heartbeat */
703                         {
704                         str_details1 = ", Heartbeat";
705                         
706                         if (len > 0)
707                                 {
708                                 switch (((const unsigned char*)buf)[0])
709                                         {
710                                 case 1:
711                                         str_details1 = ", HeartbeatRequest";
712                                         break;
713                                 case 2:
714                                         str_details1 = ", HeartbeatResponse";
715                                         break;
716                                         }
717                                 }
718                         }
719 #endif
720                 }
721
722         BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type, (unsigned long)len, str_details1, str_details2);
723
724         if (len > 0)
725                 {
726                 size_t num, i;
727                 
728                 BIO_printf(bio, "   ");
729                 num = len;
730 #if 0
731                 if (num > 16)
732                         num = 16;
733 #endif
734                 for (i = 0; i < num; i++)
735                         {
736                         if (i % 16 == 0 && i > 0)
737                                 BIO_printf(bio, "\n   ");
738                         BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
739                         }
740                 if (i < len)
741                         BIO_printf(bio, " ...");
742                 BIO_printf(bio, "\n");
743                 }
744         (void)BIO_flush(bio);
745         }
746
747 void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
748                                         unsigned char *data, int len,
749                                         void *arg)
750         {
751         BIO *bio = arg;
752         char *extname;
753
754         switch(type)
755                 {
756                 case TLSEXT_TYPE_server_name:
757                 extname = "server name";
758                 break;
759
760                 case TLSEXT_TYPE_max_fragment_length:
761                 extname = "max fragment length";
762                 break;
763
764                 case TLSEXT_TYPE_client_certificate_url:
765                 extname = "client certificate URL";
766                 break;
767
768                 case TLSEXT_TYPE_trusted_ca_keys:
769                 extname = "trusted CA keys";
770                 break;
771
772                 case TLSEXT_TYPE_truncated_hmac:
773                 extname = "truncated HMAC";
774                 break;
775
776                 case TLSEXT_TYPE_status_request:
777                 extname = "status request";
778                 break;
779
780                 case TLSEXT_TYPE_user_mapping:
781                 extname = "user mapping";
782                 break;
783
784                 case TLSEXT_TYPE_client_authz:
785                 extname = "client authz";
786                 break;
787
788                 case TLSEXT_TYPE_server_authz:
789                 extname = "server authz";
790                 break;
791
792                 case TLSEXT_TYPE_cert_type:
793                 extname = "cert type";
794                 break;
795
796                 case TLSEXT_TYPE_elliptic_curves:
797                 extname = "elliptic curves";
798                 break;
799
800                 case TLSEXT_TYPE_ec_point_formats:
801                 extname = "EC point formats";
802                 break;
803
804                 case TLSEXT_TYPE_srp:
805                 extname = "SRP";
806                 break;
807
808                 case TLSEXT_TYPE_signature_algorithms:
809                 extname = "signature algorithms";
810                 break;
811
812                 case TLSEXT_TYPE_use_srtp:
813                 extname = "use SRTP";
814                 break;
815
816                 case TLSEXT_TYPE_heartbeat:
817                 extname = "heartbeat";
818                 break;
819
820                 case TLSEXT_TYPE_session_ticket:
821                 extname = "session ticket";
822                 break;
823
824                 case TLSEXT_TYPE_renegotiate: 
825                 extname = "renegotiation info";
826                 break;
827
828 #ifdef TLSEXT_TYPE_opaque_prf_input
829                 case TLSEXT_TYPE_opaque_prf_input:
830                 extname = "opaque PRF input";
831                 break;
832 #endif
833 #ifdef TLSEXT_TYPE_next_proto_neg
834                 case TLSEXT_TYPE_next_proto_neg:
835                 extname = "next protocol";
836                 break;
837 #endif
838
839                 default:
840                 extname = "unknown";
841                 break;
842
843                 }
844         
845         BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
846                         client_server ? "server": "client",
847                         extname, type, len);
848         BIO_dump(bio, (char *)data, len);
849         (void)BIO_flush(bio);
850         }
851
852 int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)
853         {
854         unsigned char *buffer, result[EVP_MAX_MD_SIZE];
855         unsigned int length, resultlength;
856         union {
857                 struct sockaddr sa;
858                 struct sockaddr_in s4;
859 #if OPENSSL_USE_IPV6
860                 struct sockaddr_in6 s6;
861 #endif
862         } peer;
863
864         /* Initialize a random secret */
865         if (!cookie_initialized)
866                 {
867                 if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH))
868                         {
869                         BIO_printf(bio_err,"error setting random cookie secret\n");
870                         return 0;
871                         }
872                 cookie_initialized = 1;
873                 }
874
875         /* Read peer information */
876         (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
877
878         /* Create buffer with peer's address and port */
879         length = 0;
880         switch (peer.sa.sa_family)
881                 {
882         case AF_INET:
883                 length += sizeof(struct in_addr);
884                 length += sizeof(peer.s4.sin_port);
885                 break;
886 #if OPENSSL_USE_IPV6
887         case AF_INET6:
888                 length += sizeof(struct in6_addr);
889                 length += sizeof(peer.s6.sin6_port);
890                 break;
891 #endif
892         default:
893                 OPENSSL_assert(0);
894                 break;
895                 }
896         buffer = OPENSSL_malloc(length);
897
898         if (buffer == NULL)
899                 {
900                 BIO_printf(bio_err,"out of memory\n");
901                 return 0;
902                 }
903
904         switch (peer.sa.sa_family)
905                 {
906         case AF_INET:
907                 memcpy(buffer,
908                        &peer.s4.sin_port,
909                        sizeof(peer.s4.sin_port));
910                 memcpy(buffer + sizeof(peer.s4.sin_port),
911                        &peer.s4.sin_addr,
912                        sizeof(struct in_addr));
913                 break;
914 #if OPENSSL_USE_IPV6
915         case AF_INET6:
916                 memcpy(buffer,
917                        &peer.s6.sin6_port,
918                        sizeof(peer.s6.sin6_port));
919                 memcpy(buffer + sizeof(peer.s6.sin6_port),
920                        &peer.s6.sin6_addr,
921                        sizeof(struct in6_addr));
922                 break;
923 #endif
924         default:
925                 OPENSSL_assert(0);
926                 break;
927                 }
928
929         /* Calculate HMAC of buffer using the secret */
930         HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
931              buffer, length, result, &resultlength);
932         OPENSSL_free(buffer);
933
934         memcpy(cookie, result, resultlength);
935         *cookie_len = resultlength;
936
937         return 1;
938         }
939
940 int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)
941         {
942         unsigned char *buffer, result[EVP_MAX_MD_SIZE];
943         unsigned int length, resultlength;
944         union {
945                 struct sockaddr sa;
946                 struct sockaddr_in s4;
947 #if OPENSSL_USE_IPV6
948                 struct sockaddr_in6 s6;
949 #endif
950         } peer;
951
952         /* If secret isn't initialized yet, the cookie can't be valid */
953         if (!cookie_initialized)
954                 return 0;
955
956         /* Read peer information */
957         (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
958
959         /* Create buffer with peer's address and port */
960         length = 0;
961         switch (peer.sa.sa_family)
962                 {
963         case AF_INET:
964                 length += sizeof(struct in_addr);
965                 length += sizeof(peer.s4.sin_port);
966                 break;
967 #if OPENSSL_USE_IPV6
968         case AF_INET6:
969                 length += sizeof(struct in6_addr);
970                 length += sizeof(peer.s6.sin6_port);
971                 break;
972 #endif
973         default:
974                 OPENSSL_assert(0);
975                 break;
976                 }
977         buffer = OPENSSL_malloc(length);
978         
979         if (buffer == NULL)
980                 {
981                 BIO_printf(bio_err,"out of memory\n");
982                 return 0;
983                 }
984
985         switch (peer.sa.sa_family)
986                 {
987         case AF_INET:
988                 memcpy(buffer,
989                        &peer.s4.sin_port,
990                        sizeof(peer.s4.sin_port));
991                 memcpy(buffer + sizeof(peer.s4.sin_port),
992                        &peer.s4.sin_addr,
993                        sizeof(struct in_addr));
994                 break;
995 #if OPENSSL_USE_IPV6
996         case AF_INET6:
997                 memcpy(buffer,
998                        &peer.s6.sin6_port,
999                        sizeof(peer.s6.sin6_port));
1000                 memcpy(buffer + sizeof(peer.s6.sin6_port),
1001                        &peer.s6.sin6_addr,
1002                        sizeof(struct in6_addr));
1003                 break;
1004 #endif
1005         default:
1006                 OPENSSL_assert(0);
1007                 break;
1008                 }
1009
1010         /* Calculate HMAC of buffer using the secret */
1011         HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
1012              buffer, length, result, &resultlength);
1013         OPENSSL_free(buffer);
1014
1015         if (cookie_len == resultlength && memcmp(result, cookie, resultlength) == 0)
1016                 return 1;
1017
1018         return 0;
1019         }