e339a6ce5d5ea26c7c17049d2f2acba17bc116e0
[openssl.git] / apps / s_cb.c
1 /* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111
112 #include <stdio.h>
113 #include <stdlib.h>
114 #define USE_SOCKETS
115 #define NON_MAIN
116 #include "apps.h"
117 #undef NON_MAIN
118 #undef USE_SOCKETS
119 #include <openssl/err.h>
120 #include <openssl/rand.h>
121 #include <openssl/x509.h>
122 #include <openssl/ssl.h>
123 #include "s_apps.h"
124
125 #define COOKIE_SECRET_LENGTH    16
126
127 int verify_depth=0;
128 int verify_quiet=0;
129 int verify_error=X509_V_OK;
130 int verify_return_error=0;
131 unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
132 int cookie_initialized=0;
133
134 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
135         {
136         X509 *err_cert;
137         int err,depth;
138
139         err_cert=X509_STORE_CTX_get_current_cert(ctx);
140         err=    X509_STORE_CTX_get_error(ctx);
141         depth=  X509_STORE_CTX_get_error_depth(ctx);
142
143         if (!verify_quiet || !ok)
144                 {
145                 BIO_printf(bio_err,"depth=%d ",depth);
146                 if (err_cert)
147                         {
148                         X509_NAME_print_ex(bio_err,
149                                         X509_get_subject_name(err_cert),
150                                         0, XN_FLAG_ONELINE);
151                         BIO_puts(bio_err, "\n");
152                         }
153                 else
154                         BIO_puts(bio_err, "<no cert>\n");
155                 }
156         if (!ok)
157                 {
158                 BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
159                         X509_verify_cert_error_string(err));
160                 if (verify_depth >= depth)
161                         {
162                         if (!verify_return_error)
163                                 ok=1;
164                         verify_error=X509_V_OK;
165                         }
166                 else
167                         {
168                         ok=0;
169                         verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
170                         }
171                 }
172         switch (err)
173                 {
174         case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
175                 BIO_puts(bio_err,"issuer= ");
176                 X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
177                                         0, XN_FLAG_ONELINE);
178                 BIO_puts(bio_err, "\n");
179                 break;
180         case X509_V_ERR_CERT_NOT_YET_VALID:
181         case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
182                 BIO_printf(bio_err,"notBefore=");
183                 ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
184                 BIO_printf(bio_err,"\n");
185                 break;
186         case X509_V_ERR_CERT_HAS_EXPIRED:
187         case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
188                 BIO_printf(bio_err,"notAfter=");
189                 ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
190                 BIO_printf(bio_err,"\n");
191                 break;
192         case X509_V_ERR_NO_EXPLICIT_POLICY:
193                 policies_print(bio_err, ctx);
194                 break;
195                 }
196         if (err == X509_V_OK && ok == 2 && !verify_quiet)
197                 policies_print(bio_err, ctx);
198         if (ok && !verify_quiet)
199                 BIO_printf(bio_err,"verify return:%d\n",ok);
200         return(ok);
201         }
202
203 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
204         {
205         if (cert_file != NULL)
206                 {
207                 /*
208                 SSL *ssl;
209                 X509 *x509;
210                 */
211
212                 if (SSL_CTX_use_certificate_file(ctx,cert_file,
213                         SSL_FILETYPE_PEM) <= 0)
214                         {
215                         BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
216                         ERR_print_errors(bio_err);
217                         return(0);
218                         }
219                 if (key_file == NULL) key_file=cert_file;
220                 if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
221                         SSL_FILETYPE_PEM) <= 0)
222                         {
223                         BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
224                         ERR_print_errors(bio_err);
225                         return(0);
226                         }
227
228                 /*
229                 In theory this is no longer needed 
230                 ssl=SSL_new(ctx);
231                 x509=SSL_get_certificate(ssl);
232
233                 if (x509 != NULL) {
234                         EVP_PKEY *pktmp;
235                         pktmp = X509_get_pubkey(x509);
236                         EVP_PKEY_copy_parameters(pktmp,
237                                                 SSL_get_privatekey(ssl));
238                         EVP_PKEY_free(pktmp);
239                 }
240                 SSL_free(ssl);
241                 */
242
243                 /* If we are using DSA, we can copy the parameters from
244                  * the private key */
245
246
247                 /* Now we know that a key and cert have been set against
248                  * the SSL context */
249                 if (!SSL_CTX_check_private_key(ctx))
250                         {
251                         BIO_printf(bio_err,"Private key does not match the certificate public key\n");
252                         return(0);
253                         }
254                 }
255         return(1);
256         }
257
258 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
259                        STACK_OF(X509) *chain, int build_chain)
260         {
261         if (cert == NULL)
262                 return 1;
263         if (SSL_CTX_use_certificate(ctx,cert) <= 0)
264                 {
265                 BIO_printf(bio_err,"error setting certificate\n");
266                 ERR_print_errors(bio_err);
267                 return 0;
268                 }
269
270         if (SSL_CTX_use_PrivateKey(ctx,key) <= 0)
271                 {
272                 BIO_printf(bio_err,"error setting private key\n");
273                 ERR_print_errors(bio_err);
274                 return 0;
275                 }
276                  
277         /* Now we know that a key and cert have been set against
278          * the SSL context */
279         if (!SSL_CTX_check_private_key(ctx))
280                 {
281                 BIO_printf(bio_err,"Private key does not match the certificate public key\n");
282                 return 0;
283                 }
284         if (chain && !SSL_CTX_set1_chain(ctx, chain))
285                 {
286                 BIO_printf(bio_err,"error setting certificate chain\n");
287                 ERR_print_errors(bio_err);
288                 return 0;
289                 }
290         if (!chain && build_chain && !SSL_CTX_build_cert_chain(ctx, 0))
291                 {
292                 BIO_printf(bio_err,"error building certificate chain\n");
293                 ERR_print_errors(bio_err);
294                 return 0;
295                 }
296                 
297         return 1;
298         }
299
300 static void ssl_print_client_cert_types(BIO *bio, SSL *s)
301         {
302         const unsigned char *p;
303         int i;
304         int cert_type_num = SSL_get0_certificate_types(s, &p);
305         if (!cert_type_num)
306                 return;
307         BIO_puts(bio, "Client Certificate Types: ");
308         for (i = 0; i < cert_type_num; i++)
309                 {
310                 unsigned char cert_type = p[i];
311                 char *cname;
312                 switch(cert_type)
313                         {
314                 case TLS_CT_RSA_SIGN:
315                         cname = "RSA sign";
316                         break;
317
318                 case TLS_CT_DSS_SIGN:
319                         cname = "DSA sign";
320                         break;
321
322                 case TLS_CT_RSA_FIXED_DH:
323                         cname = "RSA fixed DH";
324                         break;
325
326                 case TLS_CT_DSS_FIXED_DH:
327                         cname = "DSS fixed DH";
328                         break;
329
330                 case TLS_CT_ECDSA_SIGN:
331                         cname = "ECDSA sign";
332                         break;
333
334                 case TLS_CT_RSA_FIXED_ECDH:
335                         cname = "RSA fixed ECDH";
336                         break;
337
338                 case TLS_CT_ECDSA_FIXED_ECDH:
339                         cname = "ECDSA fixed ECDH";
340                         break;
341
342                 case TLS_CT_GOST94_SIGN:
343                         cname = "GOST94 Sign";
344                         break;
345
346                 case TLS_CT_GOST01_SIGN:
347                         cname = "GOST01 Sign";
348                         break;
349
350                 default:
351                          cname = NULL;
352                         }
353
354                 if (i)
355                         BIO_puts(bio, ", ");
356
357                 if (cname)
358                         BIO_puts(bio, cname);
359                 else
360                         BIO_printf(bio, "UNKNOWN (%d),", cert_type);
361                 }
362         BIO_puts(bio, "\n");
363         }
364
365 static int do_print_sigalgs(BIO *out, SSL *s, int shared)
366         {
367         int i, nsig, client;
368         client = SSL_is_server(s) ? 0 : 1;
369         if (shared)
370                 nsig = SSL_get_shared_sigalgs(s, -1, NULL, NULL, NULL,
371                                                         NULL, NULL);
372         else
373                 nsig = SSL_get_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL);
374         if (nsig == 0)
375                 return 1;
376
377         if (shared)
378                 BIO_puts(out, "Shared ");
379
380         if (client)
381                 BIO_puts(out, "Requested ");
382         BIO_puts(out, "Signature Algorithms: ");
383         for (i = 0; i < nsig; i++)
384                 {
385                 int hash_nid, sign_nid;
386                 unsigned char rhash, rsign;
387                 const char *sstr = NULL;
388                 if (shared)
389                         SSL_get_shared_sigalgs(s, i, &sign_nid, &hash_nid, NULL,
390                                                         &rsign, &rhash);
391                 else
392                         SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL,
393                                                         &rsign, &rhash);
394                 if (i)
395                         BIO_puts(out, ":");
396                 if (sign_nid == EVP_PKEY_RSA)
397                         sstr = "RSA";
398                 else if(sign_nid == EVP_PKEY_DSA)
399                         sstr = "DSA";
400                 else if(sign_nid == EVP_PKEY_EC)
401                         sstr = "ECDSA";
402                 if (sstr)
403                         BIO_printf(out,"%s+", sstr);
404                 else
405                         BIO_printf(out,"0x%02X+", (int)rsign);
406                 if (hash_nid != NID_undef)
407                         BIO_printf(out, "%s", OBJ_nid2sn(hash_nid));
408                 else
409                         BIO_printf(out,"0x%02X", (int)rhash);
410                 }
411         BIO_puts(out, "\n");
412         return 1;
413         }
414
415 int ssl_print_sigalgs(BIO *out, SSL *s)
416         {
417         int mdnid;
418         if (!SSL_is_server(s))
419                 ssl_print_client_cert_types(out, s);
420         do_print_sigalgs(out, s, 0);
421         do_print_sigalgs(out, s, 1);
422         if (SSL_get_peer_signature_nid(s, &mdnid))
423                 BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid));
424         return 1;
425         }
426
427 int ssl_print_curves(BIO *out, SSL *s, int noshared)
428         {
429         int i, ncurves, *curves, nid;
430         const char *cname;
431         ncurves = SSL_get1_curves(s, NULL);
432         if (ncurves <= 0)
433                 return 1;
434         curves = OPENSSL_malloc(ncurves * sizeof(int));
435         SSL_get1_curves(s, curves);
436
437         BIO_puts(out, "Supported Elliptic Curves: ");
438         for (i = 0; i < ncurves; i++)
439                 {
440                 if (i)
441                         BIO_puts(out, ":");
442                 nid = curves[i];
443                 /* If unrecognised print out hex version */
444                 if (nid & TLSEXT_nid_unknown)
445                         BIO_printf(out, "0x%04X", nid & 0xFFFF);
446                 else
447                         {
448                         /* Use NIST name for curve if it exists */
449                         cname = EC_curve_nid2nist(nid);
450                         if (!cname)
451                                 cname = OBJ_nid2sn(nid);
452                         BIO_printf(out, "%s", cname);
453                         }
454                 }
455         if (ncurves == 0)
456                 BIO_puts(out, "NONE");
457         if (noshared)
458                 {
459                 BIO_puts(out, "\n");
460                 return 1;
461                 }
462         BIO_puts(out, "\nShared Elliptic curves: ");
463         OPENSSL_free(curves);
464         ncurves = SSL_get_shared_curve(s, -1);
465         for (i = 0; i < ncurves; i++)
466                 {
467                 if (i)
468                         BIO_puts(out, ":");
469                 nid = SSL_get_shared_curve(s, i);
470                 cname = EC_curve_nid2nist(nid);
471                 if (!cname)
472                         cname = OBJ_nid2sn(nid);
473                 BIO_printf(out, "%s", cname);
474                 }
475         if (ncurves == 0)
476                 BIO_puts(out, "NONE");
477         BIO_puts(out, "\n");
478         return 1;
479         }
480
481 int ssl_print_tmp_key(BIO *out, SSL *s)
482         {
483         EVP_PKEY *key;
484         if (!SSL_get_server_tmp_key(s, &key))
485                 return 1;
486         BIO_puts(out, "Server Temp Key: ");
487         switch (EVP_PKEY_id(key))
488                 {
489         case EVP_PKEY_RSA:
490                 BIO_printf(out, "RSA, %d bits\n", EVP_PKEY_bits(key));
491                 break;
492
493         case EVP_PKEY_DH:
494                 BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key));
495                 break;
496
497         case EVP_PKEY_EC:
498                         {
499                         EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
500                         int nid;
501                         const char *cname;
502                         nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
503                         EC_KEY_free(ec);
504                         cname = EC_curve_nid2nist(nid);
505                         if (!cname)
506                                 cname = OBJ_nid2sn(nid);
507                         BIO_printf(out, "ECDH, %s, %d bits\n",
508                                                 cname, EVP_PKEY_bits(key));
509                         }
510                 }
511         EVP_PKEY_free(key);
512         return 1;
513         }
514                 
515
516 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
517                                    int argi, long argl, long ret)
518         {
519         BIO *out;
520
521         out=(BIO *)BIO_get_callback_arg(bio);
522         if (out == NULL) return(ret);
523
524         if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
525                 {
526                 BIO_printf(out,"read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
527                         (void *)bio,argp,(unsigned long)argi,ret,ret);
528                 BIO_dump(out,argp,(int)ret);
529                 return(ret);
530                 }
531         else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
532                 {
533                 BIO_printf(out,"write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
534                         (void *)bio,argp,(unsigned long)argi,ret,ret);
535                 BIO_dump(out,argp,(int)ret);
536                 }
537         return(ret);
538         }
539
540 void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
541         {
542         const char *str;
543         int w;
544
545         w=where& ~SSL_ST_MASK;
546
547         if (w & SSL_ST_CONNECT) str="SSL_connect";
548         else if (w & SSL_ST_ACCEPT) str="SSL_accept";
549         else str="undefined";
550
551         if (where & SSL_CB_LOOP)
552                 {
553                 BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
554                 }
555         else if (where & SSL_CB_ALERT)
556                 {
557                 str=(where & SSL_CB_READ)?"read":"write";
558                 BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
559                         str,
560                         SSL_alert_type_string_long(ret),
561                         SSL_alert_desc_string_long(ret));
562                 }
563         else if (where & SSL_CB_EXIT)
564                 {
565                 if (ret == 0)
566                         BIO_printf(bio_err,"%s:failed in %s\n",
567                                 str,SSL_state_string_long(s));
568                 else if (ret < 0)
569                         {
570                         BIO_printf(bio_err,"%s:error in %s\n",
571                                 str,SSL_state_string_long(s));
572                         }
573                 }
574         }
575
576
577 void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)
578         {
579         BIO *bio = arg;
580         const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2= "";
581         
582         str_write_p = write_p ? ">>>" : "<<<";
583
584         switch (version)
585                 {
586         case SSL2_VERSION:
587                 str_version = "SSL 2.0";
588                 break;
589         case SSL3_VERSION:
590                 str_version = "SSL 3.0 ";
591                 break;
592         case TLS1_VERSION:
593                 str_version = "TLS 1.0 ";
594                 break;
595         case TLS1_1_VERSION:
596                 str_version = "TLS 1.1 ";
597                 break;
598         case TLS1_2_VERSION:
599                 str_version = "TLS 1.2 ";
600                 break;
601         case DTLS1_VERSION:
602                 str_version = "DTLS 1.0 ";
603                 break;
604         case DTLS1_BAD_VER:
605                 str_version = "DTLS 1.0 (bad) ";
606                 break;
607         default:
608                 str_version = "???";
609                 }
610
611         if (version == SSL2_VERSION)
612                 {
613                 str_details1 = "???";
614
615                 if (len > 0)
616                         {
617                         switch (((const unsigned char*)buf)[0])
618                                 {
619                                 case 0:
620                                         str_details1 = ", ERROR:";
621                                         str_details2 = " ???";
622                                         if (len >= 3)
623                                                 {
624                                                 unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
625                                                 
626                                                 switch (err)
627                                                         {
628                                                 case 0x0001:
629                                                         str_details2 = " NO-CIPHER-ERROR";
630                                                         break;
631                                                 case 0x0002:
632                                                         str_details2 = " NO-CERTIFICATE-ERROR";
633                                                         break;
634                                                 case 0x0004:
635                                                         str_details2 = " BAD-CERTIFICATE-ERROR";
636                                                         break;
637                                                 case 0x0006:
638                                                         str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
639                                                         break;
640                                                         }
641                                                 }
642
643                                         break;
644                                 case 1:
645                                         str_details1 = ", CLIENT-HELLO";
646                                         break;
647                                 case 2:
648                                         str_details1 = ", CLIENT-MASTER-KEY";
649                                         break;
650                                 case 3:
651                                         str_details1 = ", CLIENT-FINISHED";
652                                         break;
653                                 case 4:
654                                         str_details1 = ", SERVER-HELLO";
655                                         break;
656                                 case 5:
657                                         str_details1 = ", SERVER-VERIFY";
658                                         break;
659                                 case 6:
660                                         str_details1 = ", SERVER-FINISHED";
661                                         break;
662                                 case 7:
663                                         str_details1 = ", REQUEST-CERTIFICATE";
664                                         break;
665                                 case 8:
666                                         str_details1 = ", CLIENT-CERTIFICATE";
667                                         break;
668                                 }
669                         }
670                 }
671
672         if (version == SSL3_VERSION ||
673             version == TLS1_VERSION ||
674             version == TLS1_1_VERSION ||
675             version == TLS1_2_VERSION ||
676             version == DTLS1_VERSION ||
677             version == DTLS1_BAD_VER)
678                 {
679                 switch (content_type)
680                         {
681                 case 20:
682                         str_content_type = "ChangeCipherSpec";
683                         break;
684                 case 21:
685                         str_content_type = "Alert";
686                         break;
687                 case 22:
688                         str_content_type = "Handshake";
689                         break;
690                         }
691
692                 if (content_type == 21) /* Alert */
693                         {
694                         str_details1 = ", ???";
695                         
696                         if (len == 2)
697                                 {
698                                 switch (((const unsigned char*)buf)[0])
699                                         {
700                                 case 1:
701                                         str_details1 = ", warning";
702                                         break;
703                                 case 2:
704                                         str_details1 = ", fatal";
705                                         break;
706                                         }
707
708                                 str_details2 = " ???";
709                                 switch (((const unsigned char*)buf)[1])
710                                         {
711                                 case 0:
712                                         str_details2 = " close_notify";
713                                         break;
714                                 case 10:
715                                         str_details2 = " unexpected_message";
716                                         break;
717                                 case 20:
718                                         str_details2 = " bad_record_mac";
719                                         break;
720                                 case 21:
721                                         str_details2 = " decryption_failed";
722                                         break;
723                                 case 22:
724                                         str_details2 = " record_overflow";
725                                         break;
726                                 case 30:
727                                         str_details2 = " decompression_failure";
728                                         break;
729                                 case 40:
730                                         str_details2 = " handshake_failure";
731                                         break;
732                                 case 42:
733                                         str_details2 = " bad_certificate";
734                                         break;
735                                 case 43:
736                                         str_details2 = " unsupported_certificate";
737                                         break;
738                                 case 44:
739                                         str_details2 = " certificate_revoked";
740                                         break;
741                                 case 45:
742                                         str_details2 = " certificate_expired";
743                                         break;
744                                 case 46:
745                                         str_details2 = " certificate_unknown";
746                                         break;
747                                 case 47:
748                                         str_details2 = " illegal_parameter";
749                                         break;
750                                 case 48:
751                                         str_details2 = " unknown_ca";
752                                         break;
753                                 case 49:
754                                         str_details2 = " access_denied";
755                                         break;
756                                 case 50:
757                                         str_details2 = " decode_error";
758                                         break;
759                                 case 51:
760                                         str_details2 = " decrypt_error";
761                                         break;
762                                 case 60:
763                                         str_details2 = " export_restriction";
764                                         break;
765                                 case 70:
766                                         str_details2 = " protocol_version";
767                                         break;
768                                 case 71:
769                                         str_details2 = " insufficient_security";
770                                         break;
771                                 case 80:
772                                         str_details2 = " internal_error";
773                                         break;
774                                 case 90:
775                                         str_details2 = " user_canceled";
776                                         break;
777                                 case 100:
778                                         str_details2 = " no_renegotiation";
779                                         break;
780                                 case 110:
781                                         str_details2 = " unsupported_extension";
782                                         break;
783                                 case 111:
784                                         str_details2 = " certificate_unobtainable";
785                                         break;
786                                 case 112:
787                                         str_details2 = " unrecognized_name";
788                                         break;
789                                 case 113:
790                                         str_details2 = " bad_certificate_status_response";
791                                         break;
792                                 case 114:
793                                         str_details2 = " bad_certificate_hash_value";
794                                         break;
795                                 case 115:
796                                         str_details2 = " unknown_psk_identity";
797                                         break;
798                                         }
799                                 }
800                         }
801                 
802                 if (content_type == 22) /* Handshake */
803                         {
804                         str_details1 = "???";
805
806                         if (len > 0)
807                                 {
808                                 switch (((const unsigned char*)buf)[0])
809                                         {
810                                 case 0:
811                                         str_details1 = ", HelloRequest";
812                                         break;
813                                 case 1:
814                                         str_details1 = ", ClientHello";
815                                         break;
816                                 case 2:
817                                         str_details1 = ", ServerHello";
818                                         break;
819                                 case 3:
820                                         str_details1 = ", HelloVerifyRequest";
821                                         break;
822                                 case 11:
823                                         str_details1 = ", Certificate";
824                                         break;
825                                 case 12:
826                                         str_details1 = ", ServerKeyExchange";
827                                         break;
828                                 case 13:
829                                         str_details1 = ", CertificateRequest";
830                                         break;
831                                 case 14:
832                                         str_details1 = ", ServerHelloDone";
833                                         break;
834                                 case 15:
835                                         str_details1 = ", CertificateVerify";
836                                         break;
837                                 case 16:
838                                         str_details1 = ", ClientKeyExchange";
839                                         break;
840                                 case 20:
841                                         str_details1 = ", Finished";
842                                         break;
843                                         }
844                                 }
845                         }
846
847 #ifndef OPENSSL_NO_HEARTBEATS
848                 if (content_type == 24) /* Heartbeat */
849                         {
850                         str_details1 = ", Heartbeat";
851                         
852                         if (len > 0)
853                                 {
854                                 switch (((const unsigned char*)buf)[0])
855                                         {
856                                 case 1:
857                                         str_details1 = ", HeartbeatRequest";
858                                         break;
859                                 case 2:
860                                         str_details1 = ", HeartbeatResponse";
861                                         break;
862                                         }
863                                 }
864                         }
865 #endif
866                 }
867
868         BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type, (unsigned long)len, str_details1, str_details2);
869
870         if (len > 0)
871                 {
872                 size_t num, i;
873                 
874                 BIO_printf(bio, "   ");
875                 num = len;
876 #if 0
877                 if (num > 16)
878                         num = 16;
879 #endif
880                 for (i = 0; i < num; i++)
881                         {
882                         if (i % 16 == 0 && i > 0)
883                                 BIO_printf(bio, "\n   ");
884                         BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
885                         }
886                 if (i < len)
887                         BIO_printf(bio, " ...");
888                 BIO_printf(bio, "\n");
889                 }
890         (void)BIO_flush(bio);
891         }
892
893 void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
894                                         unsigned char *data, int len,
895                                         void *arg)
896         {
897         BIO *bio = arg;
898         char *extname;
899
900         switch(type)
901                 {
902                 case TLSEXT_TYPE_server_name:
903                 extname = "server name";
904                 break;
905
906                 case TLSEXT_TYPE_max_fragment_length:
907                 extname = "max fragment length";
908                 break;
909
910                 case TLSEXT_TYPE_client_certificate_url:
911                 extname = "client certificate URL";
912                 break;
913
914                 case TLSEXT_TYPE_trusted_ca_keys:
915                 extname = "trusted CA keys";
916                 break;
917
918                 case TLSEXT_TYPE_truncated_hmac:
919                 extname = "truncated HMAC";
920                 break;
921
922                 case TLSEXT_TYPE_status_request:
923                 extname = "status request";
924                 break;
925
926                 case TLSEXT_TYPE_user_mapping:
927                 extname = "user mapping";
928                 break;
929
930                 case TLSEXT_TYPE_client_authz:
931                 extname = "client authz";
932                 break;
933
934                 case TLSEXT_TYPE_server_authz:
935                 extname = "server authz";
936                 break;
937
938                 case TLSEXT_TYPE_cert_type:
939                 extname = "cert type";
940                 break;
941
942                 case TLSEXT_TYPE_elliptic_curves:
943                 extname = "elliptic curves";
944                 break;
945
946                 case TLSEXT_TYPE_ec_point_formats:
947                 extname = "EC point formats";
948                 break;
949
950                 case TLSEXT_TYPE_srp:
951                 extname = "SRP";
952                 break;
953
954                 case TLSEXT_TYPE_signature_algorithms:
955                 extname = "signature algorithms";
956                 break;
957
958                 case TLSEXT_TYPE_use_srtp:
959                 extname = "use SRTP";
960                 break;
961
962                 case TLSEXT_TYPE_heartbeat:
963                 extname = "heartbeat";
964                 break;
965
966                 case TLSEXT_TYPE_session_ticket:
967                 extname = "session ticket";
968                 break;
969
970                 case TLSEXT_TYPE_renegotiate: 
971                 extname = "renegotiation info";
972                 break;
973
974 #ifdef TLSEXT_TYPE_opaque_prf_input
975                 case TLSEXT_TYPE_opaque_prf_input:
976                 extname = "opaque PRF input";
977                 break;
978 #endif
979 #ifdef TLSEXT_TYPE_next_proto_neg
980                 case TLSEXT_TYPE_next_proto_neg:
981                 extname = "next protocol";
982                 break;
983 #endif
984
985                 default:
986                 extname = "unknown";
987                 break;
988
989                 }
990         
991         BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
992                         client_server ? "server": "client",
993                         extname, type, len);
994         BIO_dump(bio, (char *)data, len);
995         (void)BIO_flush(bio);
996         }
997
998 int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)
999         {
1000         unsigned char *buffer, result[EVP_MAX_MD_SIZE];
1001         unsigned int length, resultlength;
1002         union {
1003                 struct sockaddr sa;
1004                 struct sockaddr_in s4;
1005 #if OPENSSL_USE_IPV6
1006                 struct sockaddr_in6 s6;
1007 #endif
1008         } peer;
1009
1010         /* Initialize a random secret */
1011         if (!cookie_initialized)
1012                 {
1013                 if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH))
1014                         {
1015                         BIO_printf(bio_err,"error setting random cookie secret\n");
1016                         return 0;
1017                         }
1018                 cookie_initialized = 1;
1019                 }
1020
1021         /* Read peer information */
1022         (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
1023
1024         /* Create buffer with peer's address and port */
1025         length = 0;
1026         switch (peer.sa.sa_family)
1027                 {
1028         case AF_INET:
1029                 length += sizeof(struct in_addr);
1030                 length += sizeof(peer.s4.sin_port);
1031                 break;
1032 #if OPENSSL_USE_IPV6
1033         case AF_INET6:
1034                 length += sizeof(struct in6_addr);
1035                 length += sizeof(peer.s6.sin6_port);
1036                 break;
1037 #endif
1038         default:
1039                 OPENSSL_assert(0);
1040                 break;
1041                 }
1042         buffer = OPENSSL_malloc(length);
1043
1044         if (buffer == NULL)
1045                 {
1046                 BIO_printf(bio_err,"out of memory\n");
1047                 return 0;
1048                 }
1049
1050         switch (peer.sa.sa_family)
1051                 {
1052         case AF_INET:
1053                 memcpy(buffer,
1054                        &peer.s4.sin_port,
1055                        sizeof(peer.s4.sin_port));
1056                 memcpy(buffer + sizeof(peer.s4.sin_port),
1057                        &peer.s4.sin_addr,
1058                        sizeof(struct in_addr));
1059                 break;
1060 #if OPENSSL_USE_IPV6
1061         case AF_INET6:
1062                 memcpy(buffer,
1063                        &peer.s6.sin6_port,
1064                        sizeof(peer.s6.sin6_port));
1065                 memcpy(buffer + sizeof(peer.s6.sin6_port),
1066                        &peer.s6.sin6_addr,
1067                        sizeof(struct in6_addr));
1068                 break;
1069 #endif
1070         default:
1071                 OPENSSL_assert(0);
1072                 break;
1073                 }
1074
1075         /* Calculate HMAC of buffer using the secret */
1076         HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
1077              buffer, length, result, &resultlength);
1078         OPENSSL_free(buffer);
1079
1080         memcpy(cookie, result, resultlength);
1081         *cookie_len = resultlength;
1082
1083         return 1;
1084         }
1085
1086 int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)
1087         {
1088         unsigned char *buffer, result[EVP_MAX_MD_SIZE];
1089         unsigned int length, resultlength;
1090         union {
1091                 struct sockaddr sa;
1092                 struct sockaddr_in s4;
1093 #if OPENSSL_USE_IPV6
1094                 struct sockaddr_in6 s6;
1095 #endif
1096         } peer;
1097
1098         /* If secret isn't initialized yet, the cookie can't be valid */
1099         if (!cookie_initialized)
1100                 return 0;
1101
1102         /* Read peer information */
1103         (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
1104
1105         /* Create buffer with peer's address and port */
1106         length = 0;
1107         switch (peer.sa.sa_family)
1108                 {
1109         case AF_INET:
1110                 length += sizeof(struct in_addr);
1111                 length += sizeof(peer.s4.sin_port);
1112                 break;
1113 #if OPENSSL_USE_IPV6
1114         case AF_INET6:
1115                 length += sizeof(struct in6_addr);
1116                 length += sizeof(peer.s6.sin6_port);
1117                 break;
1118 #endif
1119         default:
1120                 OPENSSL_assert(0);
1121                 break;
1122                 }
1123         buffer = OPENSSL_malloc(length);
1124         
1125         if (buffer == NULL)
1126                 {
1127                 BIO_printf(bio_err,"out of memory\n");
1128                 return 0;
1129                 }
1130
1131         switch (peer.sa.sa_family)
1132                 {
1133         case AF_INET:
1134                 memcpy(buffer,
1135                        &peer.s4.sin_port,
1136                        sizeof(peer.s4.sin_port));
1137                 memcpy(buffer + sizeof(peer.s4.sin_port),
1138                        &peer.s4.sin_addr,
1139                        sizeof(struct in_addr));
1140                 break;
1141 #if OPENSSL_USE_IPV6
1142         case AF_INET6:
1143                 memcpy(buffer,
1144                        &peer.s6.sin6_port,
1145                        sizeof(peer.s6.sin6_port));
1146                 memcpy(buffer + sizeof(peer.s6.sin6_port),
1147                        &peer.s6.sin6_addr,
1148                        sizeof(struct in6_addr));
1149                 break;
1150 #endif
1151         default:
1152                 OPENSSL_assert(0);
1153                 break;
1154                 }
1155
1156         /* Calculate HMAC of buffer using the secret */
1157         HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
1158              buffer, length, result, &resultlength);
1159         OPENSSL_free(buffer);
1160
1161         if (cookie_len == resultlength && memcmp(result, cookie, resultlength) == 0)
1162                 return 1;
1163
1164         return 0;
1165         }
1166
1167 /* Example of extended certificate handling. Where the standard support
1168  * of one certificate per algorithm is not sufficient an application
1169  * can decide which certificate(s) to use at runtime based on whatever
1170  * criteria it deems appropriate.
1171  */
1172
1173 /* Linked list of certificates, keys and chains */
1174 struct  ssl_excert_st
1175         {
1176         int certform;
1177         const char *certfile;
1178         int keyform;
1179         const char *keyfile;
1180         const char *chainfile;
1181         X509 *cert;
1182         EVP_PKEY *key;
1183         STACK_OF(X509) *chain;
1184         int build_chain;
1185         struct ssl_excert_st *next, *prev;
1186         };
1187
1188 struct chain_flags
1189         {
1190         int flag;
1191         const char *name;
1192         };
1193
1194 struct chain_flags chain_flags_list[] =
1195         {
1196                 {CERT_PKEY_VALID, "Overall Validity"},
1197                 {CERT_PKEY_SIGN,  "Sign with EE key"},
1198                 {CERT_PKEY_EE_SIGNATURE, "EE signature"},
1199                 {CERT_PKEY_CA_SIGNATURE, "CA signature"},
1200                 {CERT_PKEY_EE_PARAM, "EE key parameters"},
1201                 {CERT_PKEY_CA_PARAM, "CA key parameters"},
1202                 {CERT_PKEY_EXPLICIT_SIGN,  "Explicity sign with EE key"},
1203                 {CERT_PKEY_ISSUER_NAME,  "Issuer Name"},
1204                 {CERT_PKEY_CERT_TYPE,  "Certificate Type"},
1205                 {0, NULL}
1206         };
1207
1208
1209 static void print_chain_flags(BIO *out, int flags)
1210         {
1211         struct chain_flags *ctmp = chain_flags_list;
1212         while(ctmp->name)
1213                 {
1214                 BIO_printf(out, "\t%s: %s\n", ctmp->name,
1215                                 flags & ctmp->flag ? "OK" : "NOT OK");
1216                 ctmp++;
1217                 }
1218         }
1219
1220 /* Very basic selection callback: just use any certificate chain
1221  * reported as valid. More sophisticated could prioritise according
1222  * to local policy.
1223  */
1224 static int set_cert_cb(SSL *ssl, void *arg)
1225         {
1226         int i, rv;
1227         SSL_EXCERT *exc = arg;
1228         SSL_certs_clear(ssl);
1229
1230         if (!exc)
1231                 return 1;
1232
1233         /* Go to end of list and traverse backwards since we prepend
1234          * newer entries this retains the original order.
1235          */
1236         while (exc->next)
1237                 exc = exc->next;
1238
1239         i = 0;  
1240
1241         while(exc)
1242                 {
1243                 i++;
1244                 rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain);
1245                 BIO_printf(bio_err, "Checking cert chain %d:\nSubject: ", i);
1246                 X509_NAME_print_ex(bio_err, X509_get_subject_name(exc->cert), 0,
1247                                                         XN_FLAG_ONELINE);
1248                 BIO_puts(bio_err, "\n");
1249                 
1250                 print_chain_flags(bio_err, rv);
1251                 if (rv & CERT_PKEY_VALID)
1252                         {
1253                         SSL_use_certificate(ssl, exc->cert);
1254                         SSL_use_PrivateKey(ssl, exc->key);
1255                         /* NB: we wouldn't normally do this as it is
1256                          * not efficient building chains on each connection
1257                          * better to cache the chain in advance.
1258                          */
1259                         if (exc->build_chain)
1260                                 {
1261                                 if (!SSL_build_cert_chain(ssl, 0))
1262                                         return 0;
1263                                 }
1264                         else if (exc->chain)
1265                                 SSL_set1_chain(ssl, exc->chain);
1266                         }
1267                 exc = exc->prev;
1268                 }
1269         return 1;
1270         }
1271
1272 void ssl_ctx_set_excert(SSL_CTX *ctx, SSL_EXCERT *exc)
1273         {
1274         SSL_CTX_set_cert_cb(ctx, set_cert_cb, exc);
1275         }
1276
1277 static int ssl_excert_prepend(SSL_EXCERT **pexc)
1278         {
1279         SSL_EXCERT *exc;
1280         exc = OPENSSL_malloc(sizeof(SSL_EXCERT));
1281         if (!exc)
1282                 return 0;
1283         exc->certfile = NULL;
1284         exc->keyfile = NULL;
1285         exc->chainfile = NULL;
1286         exc->cert = NULL;
1287         exc->key = NULL;
1288         exc->chain = NULL;
1289         exc->prev = NULL;
1290         exc->build_chain = 0;
1291
1292         exc->next = *pexc;
1293         *pexc = exc;
1294                         
1295         if (exc->next)
1296                 {
1297                 exc->certform = exc->next->certform;
1298                 exc->keyform = exc->next->keyform;
1299                 exc->next->prev = exc;
1300                 }
1301         else
1302                 {
1303                 exc->certform = FORMAT_PEM;
1304                 exc->keyform = FORMAT_PEM;
1305                 }
1306         return 1;
1307
1308         }
1309
1310 void ssl_excert_free(SSL_EXCERT *exc)
1311         {
1312         SSL_EXCERT *curr;
1313         while (exc)
1314                 {
1315                 if (exc->cert)
1316                         X509_free(exc->cert);
1317                 if (exc->key)
1318                         EVP_PKEY_free(exc->key);
1319                 if (exc->chain)
1320                         sk_X509_pop_free(exc->chain, X509_free);
1321                 curr = exc;
1322                 exc = exc->next;
1323                 OPENSSL_free(curr);
1324                 }
1325         }
1326
1327 int load_excert(SSL_EXCERT **pexc, BIO *err)
1328         {
1329         SSL_EXCERT *exc = *pexc;
1330         if (!exc)
1331                 return 1;
1332         /* If nothing in list, free and set to NULL */
1333         if (!exc->certfile && !exc->next)
1334                 {
1335                 ssl_excert_free(exc);
1336                 *pexc = NULL;
1337                 return 1;
1338                 }
1339         for(; exc; exc=exc->next)
1340                 {
1341                 if (!exc->certfile)
1342                         {
1343                         BIO_printf(err, "Missing filename\n");
1344                         return 0;
1345                         }
1346                 exc->cert = load_cert(err, exc->certfile, exc->certform,
1347                                         NULL, NULL, "Server Certificate");
1348                 if (!exc->cert)
1349                         return 0;
1350                 if (exc->keyfile)
1351                         exc->keyfile = exc->certfile;
1352                 exc->key = load_key(err, exc->certfile, exc->certform, 0,
1353                                         NULL, NULL, "Server Certificate");
1354                 if (!exc->key)
1355                         return 0;
1356                 if (exc->chainfile)
1357                         {
1358                         exc->chain = load_certs(err,
1359                                                 exc->chainfile, FORMAT_PEM,
1360                                                 NULL, NULL,
1361                                                 "Server Chain");
1362                         if (!exc->chainfile)
1363                                 return 0;
1364                         }
1365                 }
1366         return 1;
1367         }
1368                 
1369
1370 int args_excert(char ***pargs, int *pargc,
1371                         int *badarg, BIO *err, SSL_EXCERT **pexc)
1372         {
1373         char *arg = **pargs, *argn = (*pargs)[1];
1374         SSL_EXCERT *exc = *pexc;
1375         int narg = 2;
1376         if (!exc)
1377                 {
1378                 if (ssl_excert_prepend(&exc))
1379                         *pexc = exc;
1380                 else
1381                         {
1382                         BIO_printf(err, "Error initialising xcert\n");
1383                         *badarg = 1;
1384                         goto err;
1385                         }
1386                 }
1387         if (strcmp(arg, "-xcert") == 0)
1388                 {
1389                 if (!argn)
1390                         {
1391                         *badarg = 1;
1392                         return 1;
1393                         }
1394                 if (exc->certfile && !ssl_excert_prepend(&exc))
1395                         {
1396                         BIO_printf(err, "Error adding xcert\n");
1397                         *badarg = 1;
1398                         goto err;
1399                         }
1400                 exc->certfile = argn;
1401                 }
1402         else if (strcmp(arg,"-xkey") == 0)
1403                 {
1404                 if (!argn)
1405                         {
1406                         *badarg = 1;
1407                         return 1;
1408                         }
1409                 if (exc->keyfile)
1410                         {
1411                         BIO_printf(err, "Key already specified\n");
1412                         *badarg = 1;
1413                         return 1;
1414                         }
1415                 exc->keyfile = argn;
1416                 }
1417         else if (strcmp(arg,"-xchain") == 0)
1418                 {
1419                 if (!argn)
1420                         {
1421                         *badarg = 1;
1422                         return 1;
1423                         }
1424                 if (exc->chainfile)
1425                         {
1426                         BIO_printf(err, "Chain already specified\n");
1427                         *badarg = 1;
1428                         return 1;
1429                         }
1430                 exc->chainfile = argn;
1431                 }
1432         else if (strcmp(arg,"-xchain_build") == 0)
1433                 {
1434                 narg = 1;
1435                 exc->build_chain = 1;
1436                 }
1437         else if (strcmp(arg,"-xcertform") == 0)
1438                 {
1439                 if (!argn)
1440                         {
1441                         *badarg = 1;
1442                         goto err;
1443                         }
1444                 exc->certform = str2fmt(argn);
1445                 }
1446         else if (strcmp(arg,"-xkeyform") == 0)
1447                 {
1448                 if (!argn)
1449                         {
1450                         *badarg = 1;
1451                         goto err;
1452                         }
1453                 exc->keyform = str2fmt(argn);
1454                 }
1455         else
1456                 return 0;
1457
1458         (*pargs) += narg;
1459
1460         if (pargc)
1461                 *pargc -= narg;
1462
1463         *pexc = exc;
1464
1465         return 1;
1466
1467         err:
1468         ERR_print_errors(err);
1469         ssl_excert_free(exc);
1470         *pexc = NULL;
1471         return 1;
1472         }
1473
1474 static void print_raw_cipherlist(BIO *bio, SSL *s)
1475         {
1476         const unsigned char *rlist;
1477         static const unsigned char scsv_id[] = {0, 0, 0xFF};
1478         size_t i, rlistlen, num;
1479         if (!SSL_is_server(s))
1480                 return;
1481         num = SSL_get0_raw_cipherlist(s, NULL);
1482         rlistlen = SSL_get0_raw_cipherlist(s, &rlist);
1483         BIO_puts(bio, "Client cipher list: ");
1484         for (i = 0; i < rlistlen; i += num, rlist += num)
1485                 {
1486                 const SSL_CIPHER *c = SSL_CIPHER_find(s, rlist);
1487                 if (i)
1488                         BIO_puts(bio, ":");
1489                 if (c)
1490                         BIO_puts(bio, SSL_CIPHER_get_name(c));
1491                 else if (!memcmp(rlist, scsv_id - num + 3, num))
1492                         BIO_puts(bio, "SCSV");
1493                 else
1494                         {
1495                         size_t j;
1496                         BIO_puts(bio, "0x");
1497                         for (j = 0; j < num; j++)
1498                                 BIO_printf(bio, "%02X", rlist[j]);
1499                         }
1500                 }
1501         BIO_puts(bio, "\n");
1502         }
1503         
1504
1505 void print_ssl_summary(BIO *bio, SSL *s)
1506         {
1507         const SSL_CIPHER *c;
1508         X509 *peer;
1509         /*const char *pnam = SSL_is_server(s) ? "client" : "server";*/
1510         BIO_printf(bio, "Protocol version: %s\n", SSL_get_version(s));
1511         print_raw_cipherlist(bio, s);
1512         c = SSL_get_current_cipher(s);
1513         BIO_printf(bio,"Ciphersuite: %s\n", SSL_CIPHER_get_name(c));
1514         do_print_sigalgs(bio, s, 0);
1515         peer = SSL_get_peer_certificate(s);
1516         if (peer)
1517                 {
1518                 int nid;
1519                 BIO_puts(bio, "Peer certificate: ");
1520                 X509_NAME_print_ex(bio, X509_get_subject_name(peer),
1521                                         0, XN_FLAG_ONELINE);
1522                 BIO_puts(bio, "\n");
1523                 if (SSL_get_peer_signature_nid(s, &nid))
1524                         BIO_printf(bio, "Hash used: %s\n", OBJ_nid2sn(nid));
1525                 }
1526         else
1527                 BIO_puts(bio, "No peer certificate\n");
1528         if (peer)
1529                 X509_free(peer);
1530         if (SSL_is_server(s))
1531                 ssl_print_curves(bio, s, 1);
1532         else
1533                 ssl_print_tmp_key(bio, s);
1534         }
1535