Reorganise supported signature algorithm extension processing.
[openssl.git] / apps / s_client.c
1 /* apps/s_client.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2005 Nokia. All rights reserved.
113  *
114  * The portions of the attached software ("Contribution") is developed by
115  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
116  * license.
117  *
118  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
119  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
120  * support (see RFC 4279) to OpenSSL.
121  *
122  * No patent licenses or other rights except those expressly stated in
123  * the OpenSSL open source license shall be deemed granted or received
124  * expressly, by implication, estoppel, or otherwise.
125  *
126  * No assurances are provided by Nokia that the Contribution does not
127  * infringe the patent or other intellectual property rights of any third
128  * party or that the license provides you with all the necessary rights
129  * to make use of the Contribution.
130  *
131  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
132  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
133  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
134  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
135  * OTHERWISE.
136  */
137
138 #include <assert.h>
139 #include <ctype.h>
140 #include <stdio.h>
141 #include <stdlib.h>
142 #include <string.h>
143 #include <openssl/e_os2.h>
144 #ifdef OPENSSL_NO_STDIO
145 #define APPS_WIN16
146 #endif
147
148 /* With IPv6, it looks like Digital has mixed up the proper order of
149    recursive header file inclusion, resulting in the compiler complaining
150    that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
151    is needed to have fileno() declared correctly...  So let's define u_int */
152 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
153 #define __U_INT
154 typedef unsigned int u_int;
155 #endif
156
157 #define USE_SOCKETS
158 #include "apps.h"
159 #include <openssl/x509.h>
160 #include <openssl/ssl.h>
161 #include <openssl/err.h>
162 #include <openssl/pem.h>
163 #include <openssl/rand.h>
164 #include <openssl/ocsp.h>
165 #include <openssl/bn.h>
166 #ifndef OPENSSL_NO_SRP
167 #include <openssl/srp.h>
168 #endif
169 #include "s_apps.h"
170 #include "timeouts.h"
171
172 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
173 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
174 #undef FIONBIO
175 #endif
176
177 #if defined(OPENSSL_SYS_BEOS_R5)
178 #include <fcntl.h>
179 #endif
180
181 #undef PROG
182 #define PROG    s_client_main
183
184 /*#define SSL_HOST_NAME "www.netscape.com" */
185 /*#define SSL_HOST_NAME "193.118.187.102" */
186 #define SSL_HOST_NAME   "localhost"
187
188 /*#define TEST_CERT "client.pem" */ /* no default cert. */
189
190 #undef BUFSIZZ
191 #define BUFSIZZ 1024*8
192
193 extern int verify_depth;
194 extern int verify_error;
195 extern int verify_return_error;
196
197 #ifdef FIONBIO
198 static int c_nbio=0;
199 #endif
200 static int c_Pause=0;
201 static int c_debug=0;
202 #ifndef OPENSSL_NO_TLSEXT
203 static int c_tlsextdebug=0;
204 static int c_status_req=0;
205 static int c_proof_debug=0;
206 #endif
207 static int c_msg=0;
208 static int c_showcerts=0;
209
210 static char *keymatexportlabel=NULL;
211 static int keymatexportlen=20;
212
213 static void sc_usage(void);
214 static void print_stuff(BIO *berr,SSL *con,int full);
215 #ifndef OPENSSL_NO_TLSEXT
216 static int ocsp_resp_cb(SSL *s, void *arg);
217 static int audit_proof_cb(SSL *s, void *arg);
218 #endif
219 static BIO *bio_c_out=NULL;
220 static BIO *bio_c_msg=NULL;
221 static int c_quiet=0;
222 static int c_ign_eof=0;
223
224 #ifndef OPENSSL_NO_PSK
225 /* Default PSK identity and key */
226 static char *psk_identity="Client_identity";
227 /*char *psk_key=NULL;  by default PSK is not used */
228
229 static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
230         unsigned int max_identity_len, unsigned char *psk,
231         unsigned int max_psk_len)
232         {
233         unsigned int psk_len = 0;
234         int ret;
235         BIGNUM *bn=NULL;
236
237         if (c_debug)
238                 BIO_printf(bio_c_out, "psk_client_cb\n");
239         if (!hint)
240                 {
241                 /* no ServerKeyExchange message*/
242                 if (c_debug)
243                         BIO_printf(bio_c_out,"NULL received PSK identity hint, continuing anyway\n");
244                 }
245         else if (c_debug)
246                 BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint);
247
248         /* lookup PSK identity and PSK key based on the given identity hint here */
249         ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity);
250         if (ret < 0 || (unsigned int)ret > max_identity_len)
251                 goto out_err;
252         if (c_debug)
253                 BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity, ret);
254         ret=BN_hex2bn(&bn, psk_key);
255         if (!ret)
256                 {
257                 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key);
258                 if (bn)
259                         BN_free(bn);
260                 return 0;
261                 }
262
263         if ((unsigned int)BN_num_bytes(bn) > max_psk_len)
264                 {
265                 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
266                         max_psk_len, BN_num_bytes(bn));
267                 BN_free(bn);
268                 return 0;
269                 }
270
271         psk_len=BN_bn2bin(bn, psk);
272         BN_free(bn);
273         if (psk_len == 0)
274                 goto out_err;
275
276         if (c_debug)
277                 BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len);
278
279         return psk_len;
280  out_err:
281         if (c_debug)
282                 BIO_printf(bio_err, "Error in PSK client callback\n");
283         return 0;
284         }
285 #endif
286
287 static void sc_usage(void)
288         {
289         BIO_printf(bio_err,"usage: s_client args\n");
290         BIO_printf(bio_err,"\n");
291         BIO_printf(bio_err," -host host     - use -connect instead\n");
292         BIO_printf(bio_err," -port port     - use -connect instead\n");
293         BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
294
295         BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
296         BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
297         BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
298         BIO_printf(bio_err," -key arg      - Private key file to use, in cert file if\n");
299         BIO_printf(bio_err,"                 not specified but cert file is.\n");
300         BIO_printf(bio_err," -keyform arg  - key format (PEM or DER) PEM default\n");
301         BIO_printf(bio_err," -pass arg     - private key file pass phrase source\n");
302         BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
303         BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
304         BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
305         BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
306         BIO_printf(bio_err," -showcerts    - show all certificates in the chain\n");
307         BIO_printf(bio_err," -debug        - extra output\n");
308 #ifdef WATT32
309         BIO_printf(bio_err," -wdebug       - WATT-32 tcp debugging\n");
310 #endif
311         BIO_printf(bio_err," -msg          - Show protocol messages\n");
312         BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
313         BIO_printf(bio_err," -state        - print the 'ssl' states\n");
314 #ifdef FIONBIO
315         BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
316 #endif
317         BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
318         BIO_printf(bio_err," -quiet        - no s_client output\n");
319         BIO_printf(bio_err," -ign_eof      - ignore input eof (default when -quiet)\n");
320         BIO_printf(bio_err," -no_ign_eof   - don't ignore input eof\n");
321 #ifndef OPENSSL_NO_PSK
322         BIO_printf(bio_err," -psk_identity arg - PSK identity\n");
323         BIO_printf(bio_err," -psk arg      - PSK in hex (without 0x)\n");
324 # ifndef OPENSSL_NO_JPAKE
325         BIO_printf(bio_err," -jpake arg    - JPAKE secret to use\n");
326 # endif
327 #endif
328 #ifndef OPENSSL_NO_SRP
329         BIO_printf(bio_err," -srpuser user     - SRP authentification for 'user'\n");
330         BIO_printf(bio_err," -srppass arg      - password for 'user'\n");
331         BIO_printf(bio_err," -srp_lateuser     - SRP username into second ClientHello message\n");
332         BIO_printf(bio_err," -srp_moregroups   - Tolerate other than the known g N values.\n");
333         BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N);
334 #endif
335         BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
336         BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
337         BIO_printf(bio_err," -tls1_2       - just use TLSv1.2\n");
338         BIO_printf(bio_err," -tls1_1       - just use TLSv1.1\n");
339         BIO_printf(bio_err," -tls1         - just use TLSv1\n");
340         BIO_printf(bio_err," -dtls1        - just use DTLSv1\n");    
341         BIO_printf(bio_err," -mtu          - set the link layer MTU\n");
342         BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
343         BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
344         BIO_printf(bio_err," -serverpref   - Use server's cipher preferences (only SSLv2)\n");
345         BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
346         BIO_printf(bio_err,"                 command to see what is available\n");
347         BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
348         BIO_printf(bio_err,"                 for those protocols that support it, where\n");
349         BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
350         BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
351         BIO_printf(bio_err,"                 are supported.\n");
352 #ifndef OPENSSL_NO_ENGINE
353         BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
354 #endif
355         BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
356         BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n");
357         BIO_printf(bio_err," -sess_in arg  - file to read SSL session from\n");
358 #ifndef OPENSSL_NO_TLSEXT
359         BIO_printf(bio_err," -servername host  - Set TLS extension servername in ClientHello\n");
360         BIO_printf(bio_err," -tlsextdebug      - hex dump of all TLS extensions received\n");
361         BIO_printf(bio_err," -status           - request certificate status from server\n");
362         BIO_printf(bio_err," -no_ticket        - disable use of RFC4507bis session tickets\n");
363         BIO_printf(bio_err," -proof_debug      - request an audit proof and print its hex dump\n");
364 # ifndef OPENSSL_NO_NEXTPROTONEG
365         BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
366 # endif
367 #endif
368         BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
369         BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
370         BIO_printf(bio_err," -keymatexport label   - Export keying material using label\n");
371         BIO_printf(bio_err," -keymatexportlen len  - Export len bytes of keying material (default 20)\n");
372         }
373
374 #ifndef OPENSSL_NO_TLSEXT
375
376 /* This is a context that we pass to callbacks */
377 typedef struct tlsextctx_st {
378    BIO * biodebug;
379    int ack;
380 } tlsextctx;
381
382
383 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
384         {
385         tlsextctx * p = (tlsextctx *) arg;
386         const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
387         if (SSL_get_servername_type(s) != -1) 
388                 p->ack = !SSL_session_reused(s) && hn != NULL;
389         else 
390                 BIO_printf(bio_err,"Can't use SSL_get_servername\n");
391         
392         return SSL_TLSEXT_ERR_OK;
393         }
394
395 #ifndef OPENSSL_NO_SRP
396
397 /* This is a context that we pass to all callbacks */
398 typedef struct srp_arg_st
399         {
400         char *srppassin;
401         char *srplogin;
402         int msg;   /* copy from c_msg */
403         int debug; /* copy from c_debug */
404         int amp;   /* allow more groups */
405         int strength /* minimal size for N */ ;
406         } SRP_ARG;
407
408 #define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
409
410 static int srp_Verify_N_and_g(const BIGNUM *N, const BIGNUM *g)
411         {
412         BN_CTX *bn_ctx = BN_CTX_new();
413         BIGNUM *p = BN_new();
414         BIGNUM *r = BN_new();
415         int ret =
416                 g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) &&
417                 BN_is_prime_ex(N, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
418                 p != NULL && BN_rshift1(p, N) &&
419
420                 /* p = (N-1)/2 */
421                 BN_is_prime_ex(p, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
422                 r != NULL &&
423
424                 /* verify g^((N-1)/2) == -1 (mod N) */
425                 BN_mod_exp(r, g, p, N, bn_ctx) &&
426                 BN_add_word(r, 1) &&
427                 BN_cmp(r, N) == 0;
428
429         if(r)
430                 BN_free(r);
431         if(p)
432                 BN_free(p);
433         if(bn_ctx)
434                 BN_CTX_free(bn_ctx);
435         return ret;
436         }
437
438 /* This callback is used here for two purposes:
439    - extended debugging
440    - making some primality tests for unknown groups
441    The callback is only called for a non default group.
442
443    An application does not need the call back at all if
444    only the stanard groups are used.  In real life situations, 
445    client and server already share well known groups, 
446    thus there is no need to verify them. 
447    Furthermore, in case that a server actually proposes a group that
448    is not one of those defined in RFC 5054, it is more appropriate 
449    to add the group to a static list and then compare since 
450    primality tests are rather cpu consuming.
451 */
452
453 static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
454         {
455         SRP_ARG *srp_arg = (SRP_ARG *)arg;
456         BIGNUM *N = NULL, *g = NULL;
457         if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s)))
458                 return 0;
459         if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1)
460                 {
461                 BIO_printf(bio_err, "SRP parameters:\n"); 
462                 BIO_printf(bio_err,"\tN="); BN_print(bio_err,N);
463                 BIO_printf(bio_err,"\n\tg="); BN_print(bio_err,g);
464                 BIO_printf(bio_err,"\n");
465                 }
466
467         if (SRP_check_known_gN_param(g,N))
468                 return 1;
469
470         if (srp_arg->amp == 1)
471                 {
472                 if (srp_arg->debug)
473                         BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n");
474
475 /* The srp_moregroups is a real debugging feature.
476    Implementors should rather add the value to the known ones.
477    The minimal size has already been tested.
478 */
479                 if (BN_num_bits(g) <= BN_BITS && srp_Verify_N_and_g(N,g))
480                         return 1;
481                 }       
482         BIO_printf(bio_err, "SRP param N and g rejected.\n");
483         return 0;
484         }
485
486 #define PWD_STRLEN 1024
487
488 static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
489         {
490         SRP_ARG *srp_arg = (SRP_ARG *)arg;
491         char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1);
492         PW_CB_DATA cb_tmp;
493         int l;
494
495         cb_tmp.password = (char *)srp_arg->srppassin;
496         cb_tmp.prompt_info = "SRP user";
497         if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp))<0)
498                 {
499                 BIO_printf (bio_err, "Can't read Password\n");
500                 OPENSSL_free(pass);
501                 return NULL;
502                 }
503         *(pass+l)= '\0';
504
505         return pass;
506         }
507
508 #endif
509         char *srtp_profiles = NULL;
510
511 # ifndef OPENSSL_NO_NEXTPROTONEG
512 /* This the context that we pass to next_proto_cb */
513 typedef struct tlsextnextprotoctx_st {
514         unsigned char *data;
515         unsigned short len;
516         int status;
517 } tlsextnextprotoctx;
518
519 static tlsextnextprotoctx next_proto;
520
521 static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
522         {
523         tlsextnextprotoctx *ctx = arg;
524
525         if (!c_quiet)
526                 {
527                 /* We can assume that |in| is syntactically valid. */
528                 unsigned i;
529                 BIO_printf(bio_c_out, "Protocols advertised by server: ");
530                 for (i = 0; i < inlen; )
531                         {
532                         if (i)
533                                 BIO_write(bio_c_out, ", ", 2);
534                         BIO_write(bio_c_out, &in[i + 1], in[i]);
535                         i += in[i] + 1;
536                         }
537                 BIO_write(bio_c_out, "\n", 1);
538                 }
539
540         ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
541         return SSL_TLSEXT_ERR_OK;
542         }
543 # endif  /* ndef OPENSSL_NO_NEXTPROTONEG */
544 #endif
545
546 enum
547 {
548         PROTO_OFF       = 0,
549         PROTO_SMTP,
550         PROTO_POP3,
551         PROTO_IMAP,
552         PROTO_FTP,
553         PROTO_XMPP
554 };
555
556 int MAIN(int, char **);
557
558 int MAIN(int argc, char **argv)
559         {
560         unsigned int off=0, clr=0;
561         SSL *con=NULL;
562 #ifndef OPENSSL_NO_KRB5
563         KSSL_CTX *kctx;
564 #endif
565         int s,k,width,state=0;
566         char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
567         int cbuf_len,cbuf_off;
568         int sbuf_len,sbuf_off;
569         fd_set readfds,writefds;
570         short port=PORT;
571         int full_log=1;
572         char *host=SSL_HOST_NAME;
573         char *cert_file=NULL,*key_file=NULL;
574         int cert_format = FORMAT_PEM, key_format = FORMAT_PEM;
575         char *passarg = NULL, *pass = NULL;
576         X509 *cert = NULL;
577         EVP_PKEY *key = NULL;
578         char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
579         int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
580         int crlf=0;
581         int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
582         SSL_CTX *ctx=NULL;
583         int ret=1,in_init=1,i,nbio_test=0;
584         int starttls_proto = PROTO_OFF;
585         int prexit = 0;
586         X509_VERIFY_PARAM *vpm = NULL;
587         int badarg = 0;
588         const SSL_METHOD *meth=NULL;
589         int socket_type=SOCK_STREAM;
590         BIO *sbio;
591         char *inrand=NULL;
592         int mbuf_len=0;
593         struct timeval timeout, *timeoutp;
594 #ifndef OPENSSL_NO_ENGINE
595         char *engine_id=NULL;
596         char *ssl_client_engine_id=NULL;
597         ENGINE *ssl_client_engine=NULL;
598 #endif
599         ENGINE *e=NULL;
600 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
601         struct timeval tv;
602 #if defined(OPENSSL_SYS_BEOS_R5)
603         int stdin_set = 0;
604 #endif
605 #endif
606 #ifndef OPENSSL_NO_TLSEXT
607         char *servername = NULL; 
608         char *curves=NULL;
609         char *sigalgs=NULL;
610         tlsextctx tlsextcbp = 
611         {NULL,0};
612 # ifndef OPENSSL_NO_NEXTPROTONEG
613         const char *next_proto_neg_in = NULL;
614 # endif
615 #endif
616         char *sess_in = NULL;
617         char *sess_out = NULL;
618         struct sockaddr peer;
619         int peerlen = sizeof(peer);
620         int enable_timeouts = 0 ;
621         long socket_mtu = 0;
622 #ifndef OPENSSL_NO_JPAKE
623         char *jpake_secret = NULL;
624 #endif
625 #ifndef OPENSSL_NO_SRP
626         char * srppass = NULL;
627         int srp_lateuser = 0;
628         SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024};
629 #endif
630
631         meth=SSLv23_client_method();
632
633         apps_startup();
634         c_Pause=0;
635         c_quiet=0;
636         c_ign_eof=0;
637         c_debug=0;
638         c_msg=0;
639         c_showcerts=0;
640
641         if (bio_err == NULL)
642                 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
643
644         if (!load_config(bio_err, NULL))
645                 goto end;
646
647         if (    ((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
648                 ((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
649                 ((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL))
650                 {
651                 BIO_printf(bio_err,"out of memory\n");
652                 goto end;
653                 }
654
655         verify_depth=0;
656         verify_error=X509_V_OK;
657 #ifdef FIONBIO
658         c_nbio=0;
659 #endif
660
661         argc--;
662         argv++;
663         while (argc >= 1)
664                 {
665                 if      (strcmp(*argv,"-host") == 0)
666                         {
667                         if (--argc < 1) goto bad;
668                         host= *(++argv);
669                         }
670                 else if (strcmp(*argv,"-port") == 0)
671                         {
672                         if (--argc < 1) goto bad;
673                         port=atoi(*(++argv));
674                         if (port == 0) goto bad;
675                         }
676                 else if (strcmp(*argv,"-connect") == 0)
677                         {
678                         if (--argc < 1) goto bad;
679                         if (!extract_host_port(*(++argv),&host,NULL,&port))
680                                 goto bad;
681                         }
682                 else if (strcmp(*argv,"-verify") == 0)
683                         {
684                         verify=SSL_VERIFY_PEER;
685                         if (--argc < 1) goto bad;
686                         verify_depth=atoi(*(++argv));
687                         BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
688                         }
689                 else if (strcmp(*argv,"-cert") == 0)
690                         {
691                         if (--argc < 1) goto bad;
692                         cert_file= *(++argv);
693                         }
694                 else if (strcmp(*argv,"-sess_out") == 0)
695                         {
696                         if (--argc < 1) goto bad;
697                         sess_out = *(++argv);
698                         }
699                 else if (strcmp(*argv,"-sess_in") == 0)
700                         {
701                         if (--argc < 1) goto bad;
702                         sess_in = *(++argv);
703                         }
704                 else if (strcmp(*argv,"-certform") == 0)
705                         {
706                         if (--argc < 1) goto bad;
707                         cert_format = str2fmt(*(++argv));
708                         }
709                 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm))
710                         {
711                         if (badarg)
712                                 goto bad;
713                         continue;
714                         }
715                 else if (strcmp(*argv,"-verify_return_error") == 0)
716                         verify_return_error = 1;
717                 else if (strcmp(*argv,"-prexit") == 0)
718                         prexit=1;
719                 else if (strcmp(*argv,"-crlf") == 0)
720                         crlf=1;
721                 else if (strcmp(*argv,"-quiet") == 0)
722                         {
723                         c_quiet=1;
724                         c_ign_eof=1;
725                         }
726                 else if (strcmp(*argv,"-ign_eof") == 0)
727                         c_ign_eof=1;
728                 else if (strcmp(*argv,"-no_ign_eof") == 0)
729                         c_ign_eof=0;
730                 else if (strcmp(*argv,"-pause") == 0)
731                         c_Pause=1;
732                 else if (strcmp(*argv,"-debug") == 0)
733                         c_debug=1;
734 #ifndef OPENSSL_NO_TLSEXT
735                 else if (strcmp(*argv,"-tlsextdebug") == 0)
736                         c_tlsextdebug=1;
737                 else if (strcmp(*argv,"-status") == 0)
738                         c_status_req=1;
739                 else if (strcmp(*argv,"-proof_debug") == 0)
740                         c_proof_debug=1;
741 #endif
742 #ifdef WATT32
743                 else if (strcmp(*argv,"-wdebug") == 0)
744                         dbug_init();
745 #endif
746                 else if (strcmp(*argv,"-msg") == 0)
747                         c_msg=1;
748                 else if (strcmp(*argv,"-msgfile") == 0)
749                         {
750                         if (--argc < 1) goto bad;
751                         bio_c_msg = BIO_new_file(*(++argv), "w");
752                         }
753 #ifndef OPENSSL_NO_SSL_TRACE
754                 else if (strcmp(*argv,"-trace") == 0)
755                         c_msg=2;
756 #endif
757                 else if (strcmp(*argv,"-showcerts") == 0)
758                         c_showcerts=1;
759                 else if (strcmp(*argv,"-nbio_test") == 0)
760                         nbio_test=1;
761                 else if (strcmp(*argv,"-state") == 0)
762                         state=1;
763 #ifndef OPENSSL_NO_PSK
764                 else if (strcmp(*argv,"-psk_identity") == 0)
765                         {
766                         if (--argc < 1) goto bad;
767                         psk_identity=*(++argv);
768                         }
769                 else if (strcmp(*argv,"-psk") == 0)
770                         {
771                         size_t j;
772
773                         if (--argc < 1) goto bad;
774                         psk_key=*(++argv);
775                         for (j = 0; j < strlen(psk_key); j++)
776                                 {
777                                 if (isxdigit((unsigned char)psk_key[j]))
778                                         continue;
779                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
780                                 goto bad;
781                                 }
782                         }
783 #endif
784 #ifndef OPENSSL_NO_SRP
785                 else if (strcmp(*argv,"-srpuser") == 0)
786                         {
787                         if (--argc < 1) goto bad;
788                         srp_arg.srplogin= *(++argv);
789                         meth=TLSv1_client_method();
790                         }
791                 else if (strcmp(*argv,"-srppass") == 0)
792                         {
793                         if (--argc < 1) goto bad;
794                         srppass= *(++argv);
795                         meth=TLSv1_client_method();
796                         }
797                 else if (strcmp(*argv,"-srp_strength") == 0)
798                         {
799                         if (--argc < 1) goto bad;
800                         srp_arg.strength=atoi(*(++argv));
801                         BIO_printf(bio_err,"SRP minimal length for N is %d\n",srp_arg.strength);
802                         meth=TLSv1_client_method();
803                         }
804                 else if (strcmp(*argv,"-srp_lateuser") == 0)
805                         {
806                         srp_lateuser= 1;
807                         meth=TLSv1_client_method();
808                         }
809                 else if (strcmp(*argv,"-srp_moregroups") == 0)
810                         {
811                         srp_arg.amp=1;
812                         meth=TLSv1_client_method();
813                         }
814 #endif
815 #ifndef OPENSSL_NO_SSL2
816                 else if (strcmp(*argv,"-ssl2") == 0)
817                         meth=SSLv2_client_method();
818 #endif
819 #ifndef OPENSSL_NO_SSL3
820                 else if (strcmp(*argv,"-ssl3") == 0)
821                         meth=SSLv3_client_method();
822 #endif
823 #ifndef OPENSSL_NO_TLS1
824                 else if (strcmp(*argv,"-tls1_2") == 0)
825                         meth=TLSv1_2_client_method();
826                 else if (strcmp(*argv,"-tls1_1") == 0)
827                         meth=TLSv1_1_client_method();
828                 else if (strcmp(*argv,"-tls1") == 0)
829                         meth=TLSv1_client_method();
830 #endif
831 #ifndef OPENSSL_NO_DTLS1
832                 else if (strcmp(*argv,"-dtls1") == 0)
833                         {
834                         meth=DTLSv1_client_method();
835                         socket_type=SOCK_DGRAM;
836                         }
837                 else if (strcmp(*argv,"-timeout") == 0)
838                         enable_timeouts=1;
839                 else if (strcmp(*argv,"-mtu") == 0)
840                         {
841                         if (--argc < 1) goto bad;
842                         socket_mtu = atol(*(++argv));
843                         }
844 #endif
845                 else if (strcmp(*argv,"-bugs") == 0)
846                         bugs=1;
847                 else if (strcmp(*argv,"-keyform") == 0)
848                         {
849                         if (--argc < 1) goto bad;
850                         key_format = str2fmt(*(++argv));
851                         }
852                 else if (strcmp(*argv,"-pass") == 0)
853                         {
854                         if (--argc < 1) goto bad;
855                         passarg = *(++argv);
856                         }
857                 else if (strcmp(*argv,"-key") == 0)
858                         {
859                         if (--argc < 1) goto bad;
860                         key_file= *(++argv);
861                         }
862                 else if (strcmp(*argv,"-reconnect") == 0)
863                         {
864                         reconnect=5;
865                         }
866                 else if (strcmp(*argv,"-CApath") == 0)
867                         {
868                         if (--argc < 1) goto bad;
869                         CApath= *(++argv);
870                         }
871                 else if (strcmp(*argv,"-CAfile") == 0)
872                         {
873                         if (--argc < 1) goto bad;
874                         CAfile= *(++argv);
875                         }
876                 else if (strcmp(*argv,"-no_tls1_2") == 0)
877                         off|=SSL_OP_NO_TLSv1_2;
878                 else if (strcmp(*argv,"-no_tls1_1") == 0)
879                         off|=SSL_OP_NO_TLSv1_1;
880                 else if (strcmp(*argv,"-no_tls1") == 0)
881                         off|=SSL_OP_NO_TLSv1;
882                 else if (strcmp(*argv,"-no_ssl3") == 0)
883                         off|=SSL_OP_NO_SSLv3;
884                 else if (strcmp(*argv,"-no_ssl2") == 0)
885                         off|=SSL_OP_NO_SSLv2;
886                 else if (strcmp(*argv,"-no_comp") == 0)
887                         { off|=SSL_OP_NO_COMPRESSION; }
888 #ifndef OPENSSL_NO_TLSEXT
889                 else if (strcmp(*argv,"-no_ticket") == 0)
890                         { off|=SSL_OP_NO_TICKET; }
891 # ifndef OPENSSL_NO_NEXTPROTONEG
892                 else if (strcmp(*argv,"-nextprotoneg") == 0)
893                         {
894                         if (--argc < 1) goto bad;
895                         next_proto_neg_in = *(++argv);
896                         }
897 # endif
898 #endif
899                 else if (strcmp(*argv,"-serverpref") == 0)
900                         off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
901                 else if (strcmp(*argv,"-legacy_renegotiation") == 0)
902                         off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
903                 else if (strcmp(*argv,"-legacy_server_connect") == 0)
904                         { off|=SSL_OP_LEGACY_SERVER_CONNECT; }
905                 else if (strcmp(*argv,"-no_legacy_server_connect") == 0)
906                         { clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
907                 else if (strcmp(*argv,"-cipher") == 0)
908                         {
909                         if (--argc < 1) goto bad;
910                         cipher= *(++argv);
911                         }
912 #ifdef FIONBIO
913                 else if (strcmp(*argv,"-nbio") == 0)
914                         { c_nbio=1; }
915 #endif
916                 else if (strcmp(*argv,"-starttls") == 0)
917                         {
918                         if (--argc < 1) goto bad;
919                         ++argv;
920                         if (strcmp(*argv,"smtp") == 0)
921                                 starttls_proto = PROTO_SMTP;
922                         else if (strcmp(*argv,"pop3") == 0)
923                                 starttls_proto = PROTO_POP3;
924                         else if (strcmp(*argv,"imap") == 0)
925                                 starttls_proto = PROTO_IMAP;
926                         else if (strcmp(*argv,"ftp") == 0)
927                                 starttls_proto = PROTO_FTP;
928                         else if (strcmp(*argv, "xmpp") == 0)
929                                 starttls_proto = PROTO_XMPP;
930                         else
931                                 goto bad;
932                         }
933 #ifndef OPENSSL_NO_ENGINE
934                 else if (strcmp(*argv,"-engine") == 0)
935                         {
936                         if (--argc < 1) goto bad;
937                         engine_id = *(++argv);
938                         }
939                 else if (strcmp(*argv,"-ssl_client_engine") == 0)
940                         {
941                         if (--argc < 1) goto bad;
942                         ssl_client_engine_id = *(++argv);
943                         }
944 #endif
945                 else if (strcmp(*argv,"-rand") == 0)
946                         {
947                         if (--argc < 1) goto bad;
948                         inrand= *(++argv);
949                         }
950 #ifndef OPENSSL_NO_TLSEXT
951                 else if (strcmp(*argv,"-servername") == 0)
952                         {
953                         if (--argc < 1) goto bad;
954                         servername= *(++argv);
955                         /* meth=TLSv1_client_method(); */
956                         }
957                 else if (strcmp(*argv,"-curves") == 0)
958                         {
959                         if (--argc < 1) goto bad;
960                         curves= *(++argv);
961                         }
962                 else if (strcmp(*argv,"-sigalgs") == 0)
963                         {
964                         if (--argc < 1) goto bad;
965                         sigalgs= *(++argv);
966                         }
967 #endif
968 #ifndef OPENSSL_NO_JPAKE
969                 else if (strcmp(*argv,"-jpake") == 0)
970                         {
971                         if (--argc < 1) goto bad;
972                         jpake_secret = *++argv;
973                         }
974 #endif
975                 else if (strcmp(*argv,"-use_srtp") == 0)
976                         {
977                         if (--argc < 1) goto bad;
978                         srtp_profiles = *(++argv);
979                         }
980                 else if (strcmp(*argv,"-keymatexport") == 0)
981                         {
982                         if (--argc < 1) goto bad;
983                         keymatexportlabel= *(++argv);
984                         }
985                 else if (strcmp(*argv,"-keymatexportlen") == 0)
986                         {
987                         if (--argc < 1) goto bad;
988                         keymatexportlen=atoi(*(++argv));
989                         if (keymatexportlen == 0) goto bad;
990                         }
991                 else
992                         {
993                         BIO_printf(bio_err,"unknown option %s\n",*argv);
994                         badop=1;
995                         break;
996                         }
997                 argc--;
998                 argv++;
999                 }
1000         if (badop)
1001                 {
1002 bad:
1003                 sc_usage();
1004                 goto end;
1005                 }
1006
1007 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1008         if (jpake_secret)
1009                 {
1010                 if (psk_key)
1011                         {
1012                         BIO_printf(bio_err,
1013                                    "Can't use JPAKE and PSK together\n");
1014                         goto end;
1015                         }
1016                 psk_identity = "JPAKE";
1017                 }
1018
1019         if (cipher)
1020                 {
1021                 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
1022                 goto end;
1023                 }
1024         cipher = "PSK";
1025 #endif
1026
1027         OpenSSL_add_ssl_algorithms();
1028         SSL_load_error_strings();
1029
1030 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
1031         next_proto.status = -1;
1032         if (next_proto_neg_in)
1033                 {
1034                 next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in);
1035                 if (next_proto.data == NULL)
1036                         {
1037                         BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n");
1038                         goto end;
1039                         }
1040                 }
1041         else
1042                 next_proto.data = NULL;
1043 #endif
1044
1045 #ifndef OPENSSL_NO_ENGINE
1046         e = setup_engine(bio_err, engine_id, 1);
1047         if (ssl_client_engine_id)
1048                 {
1049                 ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
1050                 if (!ssl_client_engine)
1051                         {
1052                         BIO_printf(bio_err,
1053                                         "Error getting client auth engine\n");
1054                         goto end;
1055                         }
1056                 }
1057
1058 #endif
1059         if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
1060                 {
1061                 BIO_printf(bio_err, "Error getting password\n");
1062                 goto end;
1063                 }
1064
1065         if (key_file == NULL)
1066                 key_file = cert_file;
1067
1068
1069         if (key_file)
1070
1071                 {
1072
1073                 key = load_key(bio_err, key_file, key_format, 0, pass, e,
1074                                "client certificate private key file");
1075                 if (!key)
1076                         {
1077                         ERR_print_errors(bio_err);
1078                         goto end;
1079                         }
1080
1081                 }
1082
1083         if (cert_file)
1084
1085                 {
1086                 cert = load_cert(bio_err,cert_file,cert_format,
1087                                 NULL, e, "client certificate file");
1088
1089                 if (!cert)
1090                         {
1091                         ERR_print_errors(bio_err);
1092                         goto end;
1093                         }
1094                 }
1095
1096         if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
1097                 && !RAND_status())
1098                 {
1099                 BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
1100                 }
1101         if (inrand != NULL)
1102                 BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
1103                         app_RAND_load_files(inrand));
1104
1105         if (bio_c_out == NULL)
1106                 {
1107                 if (c_quiet && !c_debug && !c_msg)
1108                         {
1109                         bio_c_out=BIO_new(BIO_s_null());
1110                         }
1111                 else
1112                         {
1113                         if (bio_c_out == NULL)
1114                                 bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
1115                         }
1116                 }
1117
1118 #ifndef OPENSSL_NO_SRP
1119         if(!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL))
1120                 {
1121                 BIO_printf(bio_err, "Error getting password\n");
1122                 goto end;
1123                 }
1124 #endif
1125
1126         ctx=SSL_CTX_new(meth);
1127         if (ctx == NULL)
1128                 {
1129                 ERR_print_errors(bio_err);
1130                 goto end;
1131                 }
1132
1133         if (vpm)
1134                 SSL_CTX_set1_param(ctx, vpm);
1135
1136 #ifndef OPENSSL_NO_ENGINE
1137         if (ssl_client_engine)
1138                 {
1139                 if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine))
1140                         {
1141                         BIO_puts(bio_err, "Error setting client auth engine\n");
1142                         ERR_print_errors(bio_err);
1143                         ENGINE_free(ssl_client_engine);
1144                         goto end;
1145                         }
1146                 ENGINE_free(ssl_client_engine);
1147                 }
1148 #endif
1149
1150 #ifndef OPENSSL_NO_PSK
1151 #ifdef OPENSSL_NO_JPAKE
1152         if (psk_key != NULL)
1153 #else
1154         if (psk_key != NULL || jpake_secret)
1155 #endif
1156                 {
1157                 if (c_debug)
1158                         BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n");
1159                 SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
1160                 }
1161         if (srtp_profiles != NULL)
1162                 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
1163 #endif
1164         if (bugs)
1165                 SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
1166         else
1167                 SSL_CTX_set_options(ctx,off);
1168
1169         if (clr)
1170                 SSL_CTX_clear_options(ctx, clr);
1171         /* DTLS: partial reads end up discarding unread UDP bytes :-( 
1172          * Setting read ahead solves this problem.
1173          */
1174         if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
1175
1176 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
1177         if (next_proto.data)
1178                 SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
1179 #endif
1180
1181         if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
1182         if (cipher != NULL)
1183                 if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
1184                 BIO_printf(bio_err,"error setting cipher list\n");
1185                 ERR_print_errors(bio_err);
1186                 goto end;
1187         }
1188 #if 0
1189         else
1190                 SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
1191 #endif
1192
1193         SSL_CTX_set_verify(ctx,verify,verify_callback);
1194         if (!set_cert_key_stuff(ctx,cert,key, NULL))
1195                 goto end;
1196
1197         if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
1198                 (!SSL_CTX_set_default_verify_paths(ctx)))
1199                 {
1200                 /* BIO_printf(bio_err,"error setting default verify locations\n"); */
1201                 ERR_print_errors(bio_err);
1202                 /* goto end; */
1203                 }
1204
1205 #ifndef OPENSSL_NO_TLSEXT
1206         if (curves != NULL)
1207                 if(!SSL_CTX_set1_curves_list(ctx,curves)) {
1208                 BIO_printf(bio_err,"error setting curve list\n");
1209                 ERR_print_errors(bio_err);
1210                 goto end;
1211         }
1212         if (sigalgs != NULL)
1213                 if(!SSL_CTX_set1_sigalgs_list(ctx,sigalgs)) {
1214                 BIO_printf(bio_err,"error setting signature algorithms list\n");
1215                 ERR_print_errors(bio_err);
1216                 goto end;
1217         }
1218         if (servername != NULL)
1219                 {
1220                 tlsextcbp.biodebug = bio_err;
1221                 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1222                 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
1223                 }
1224 #ifndef OPENSSL_NO_SRP
1225         if (srp_arg.srplogin)
1226                 {
1227                 if (!srp_lateuser && !SSL_CTX_set_srp_username(ctx, srp_arg.srplogin))
1228                         {
1229                         BIO_printf(bio_err,"Unable to set SRP username\n");
1230                         goto end;
1231                         }
1232                 srp_arg.msg = c_msg;
1233                 srp_arg.debug = c_debug ;
1234                 SSL_CTX_set_srp_cb_arg(ctx,&srp_arg);
1235                 SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb);
1236                 SSL_CTX_set_srp_strength(ctx, srp_arg.strength);
1237                 if (c_msg || c_debug || srp_arg.amp == 0)
1238                         SSL_CTX_set_srp_verify_param_callback(ctx, ssl_srp_verify_param_cb);
1239                 }
1240
1241 #endif
1242         if (c_proof_debug)
1243                 SSL_CTX_set_tlsext_authz_server_audit_proof_cb(ctx,
1244                                                                audit_proof_cb);
1245 #endif
1246
1247         con=SSL_new(ctx);
1248         if (sess_in)
1249                 {
1250                 SSL_SESSION *sess;
1251                 BIO *stmp = BIO_new_file(sess_in, "r");
1252                 if (!stmp)
1253                         {
1254                         BIO_printf(bio_err, "Can't open session file %s\n",
1255                                                 sess_in);
1256                         ERR_print_errors(bio_err);
1257                         goto end;
1258                         }
1259                 sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL);
1260                 BIO_free(stmp);
1261                 if (!sess)
1262                         {
1263                         BIO_printf(bio_err, "Can't open session file %s\n",
1264                                                 sess_in);
1265                         ERR_print_errors(bio_err);
1266                         goto end;
1267                         }
1268                 SSL_set_session(con, sess);
1269                 SSL_SESSION_free(sess);
1270                 }
1271 #ifndef OPENSSL_NO_TLSEXT
1272         if (servername != NULL)
1273                 {
1274                 if (!SSL_set_tlsext_host_name(con,servername))
1275                         {
1276                         BIO_printf(bio_err,"Unable to set TLS servername extension.\n");
1277                         ERR_print_errors(bio_err);
1278                         goto end;
1279                         }
1280                 }
1281 #endif
1282 #ifndef OPENSSL_NO_KRB5
1283         if (con  &&  (kctx = kssl_ctx_new()) != NULL)
1284                 {
1285                 SSL_set0_kssl_ctx(con, kctx);
1286                 kssl_ctx_setstring(kctx, KSSL_SERVER, host);
1287                 }
1288 #endif  /* OPENSSL_NO_KRB5  */
1289 /*      SSL_set_cipher_list(con,"RC4-MD5"); */
1290 #if 0
1291 #ifdef TLSEXT_TYPE_opaque_prf_input
1292         SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
1293 #endif
1294 #endif
1295
1296 re_start:
1297
1298         if (init_client(&s,host,port,socket_type) == 0)
1299                 {
1300                 BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
1301                 SHUTDOWN(s);
1302                 goto end;
1303                 }
1304         BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
1305
1306 #ifdef FIONBIO
1307         if (c_nbio)
1308                 {
1309                 unsigned long l=1;
1310                 BIO_printf(bio_c_out,"turning on non blocking io\n");
1311                 if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
1312                         {
1313                         ERR_print_errors(bio_err);
1314                         goto end;
1315                         }
1316                 }
1317 #endif                                              
1318         if (c_Pause & 0x01) SSL_set_debug(con, 1);
1319
1320         if ( SSL_version(con) == DTLS1_VERSION)
1321                 {
1322
1323                 sbio=BIO_new_dgram(s,BIO_NOCLOSE);
1324                 if (getsockname(s, &peer, (void *)&peerlen) < 0)
1325                         {
1326                         BIO_printf(bio_err, "getsockname:errno=%d\n",
1327                                 get_last_socket_error());
1328                         SHUTDOWN(s);
1329                         goto end;
1330                         }
1331
1332                 (void)BIO_ctrl_set_connected(sbio, 1, &peer);
1333
1334                 if (enable_timeouts)
1335                         {
1336                         timeout.tv_sec = 0;
1337                         timeout.tv_usec = DGRAM_RCV_TIMEOUT;
1338                         BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
1339                         
1340                         timeout.tv_sec = 0;
1341                         timeout.tv_usec = DGRAM_SND_TIMEOUT;
1342                         BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
1343                         }
1344
1345                 if (socket_mtu > 28)
1346                         {
1347                         SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
1348                         SSL_set_mtu(con, socket_mtu - 28);
1349                         }
1350                 else
1351                         /* want to do MTU discovery */
1352                         BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
1353                 }
1354         else
1355                 sbio=BIO_new_socket(s,BIO_NOCLOSE);
1356
1357         if (nbio_test)
1358                 {
1359                 BIO *test;
1360
1361                 test=BIO_new(BIO_f_nbio_test());
1362                 sbio=BIO_push(test,sbio);
1363                 }
1364
1365         if (c_debug)
1366                 {
1367                 SSL_set_debug(con, 1);
1368                 BIO_set_callback(sbio,bio_dump_callback);
1369                 BIO_set_callback_arg(sbio,(char *)bio_c_out);
1370                 }
1371         if (c_msg)
1372                 {
1373 #ifndef OPENSSL_NO_SSL_TRACE
1374                 if (c_msg == 2)
1375                         SSL_set_msg_callback(con, SSL_trace);
1376                 else
1377 #endif
1378                         SSL_set_msg_callback(con, msg_cb);
1379                 SSL_set_msg_callback_arg(con, bio_c_msg ? bio_c_msg : bio_c_out);
1380                 }
1381 #ifndef OPENSSL_NO_TLSEXT
1382         if (c_tlsextdebug)
1383                 {
1384                 SSL_set_tlsext_debug_callback(con, tlsext_cb);
1385                 SSL_set_tlsext_debug_arg(con, bio_c_out);
1386                 }
1387         if (c_status_req)
1388                 {
1389                 SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
1390                 SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
1391                 SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
1392 #if 0
1393 {
1394 STACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null();
1395 OCSP_RESPID *id = OCSP_RESPID_new();
1396 id->value.byKey = ASN1_OCTET_STRING_new();
1397 id->type = V_OCSP_RESPID_KEY;
1398 ASN1_STRING_set(id->value.byKey, "Hello World", -1);
1399 sk_OCSP_RESPID_push(ids, id);
1400 SSL_set_tlsext_status_ids(con, ids);
1401 }
1402 #endif
1403                 }
1404 #endif
1405 #ifndef OPENSSL_NO_JPAKE
1406         if (jpake_secret)
1407                 jpake_client_auth(bio_c_out, sbio, jpake_secret);
1408 #endif
1409
1410         SSL_set_bio(con,sbio,sbio);
1411         SSL_set_connect_state(con);
1412
1413         /* ok, lets connect */
1414         width=SSL_get_fd(con)+1;
1415
1416         read_tty=1;
1417         write_tty=0;
1418         tty_on=0;
1419         read_ssl=1;
1420         write_ssl=1;
1421         
1422         cbuf_len=0;
1423         cbuf_off=0;
1424         sbuf_len=0;
1425         sbuf_off=0;
1426
1427         /* This is an ugly hack that does a lot of assumptions */
1428         /* We do have to handle multi-line responses which may come
1429            in a single packet or not. We therefore have to use
1430            BIO_gets() which does need a buffering BIO. So during
1431            the initial chitchat we do push a buffering BIO into the
1432            chain that is removed again later on to not disturb the
1433            rest of the s_client operation. */
1434         if (starttls_proto == PROTO_SMTP)
1435                 {
1436                 int foundit=0;
1437                 BIO *fbio = BIO_new(BIO_f_buffer());
1438                 BIO_push(fbio, sbio);
1439                 /* wait for multi-line response to end from SMTP */
1440                 do
1441                         {
1442                         mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
1443                         }
1444                 while (mbuf_len>3 && mbuf[3]=='-');
1445                 /* STARTTLS command requires EHLO... */
1446                 BIO_printf(fbio,"EHLO openssl.client.net\r\n");
1447                 (void)BIO_flush(fbio);
1448                 /* wait for multi-line response to end EHLO SMTP response */
1449                 do
1450                         {
1451                         mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
1452                         if (strstr(mbuf,"STARTTLS"))
1453                                 foundit=1;
1454                         }
1455                 while (mbuf_len>3 && mbuf[3]=='-');
1456                 (void)BIO_flush(fbio);
1457                 BIO_pop(fbio);
1458                 BIO_free(fbio);
1459                 if (!foundit)
1460                         BIO_printf(bio_err,
1461                                    "didn't found starttls in server response,"
1462                                    " try anyway...\n");
1463                 BIO_printf(sbio,"STARTTLS\r\n");
1464                 BIO_read(sbio,sbuf,BUFSIZZ);
1465                 }
1466         else if (starttls_proto == PROTO_POP3)
1467                 {
1468                 BIO_read(sbio,mbuf,BUFSIZZ);
1469                 BIO_printf(sbio,"STLS\r\n");
1470                 BIO_read(sbio,sbuf,BUFSIZZ);
1471                 }
1472         else if (starttls_proto == PROTO_IMAP)
1473                 {
1474                 int foundit=0;
1475                 BIO *fbio = BIO_new(BIO_f_buffer());
1476                 BIO_push(fbio, sbio);
1477                 BIO_gets(fbio,mbuf,BUFSIZZ);
1478                 /* STARTTLS command requires CAPABILITY... */
1479                 BIO_printf(fbio,". CAPABILITY\r\n");
1480                 (void)BIO_flush(fbio);
1481                 /* wait for multi-line CAPABILITY response */
1482                 do
1483                         {
1484                         mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
1485                         if (strstr(mbuf,"STARTTLS"))
1486                                 foundit=1;
1487                         }
1488                 while (mbuf_len>3 && mbuf[0]!='.');
1489                 (void)BIO_flush(fbio);
1490                 BIO_pop(fbio);
1491                 BIO_free(fbio);
1492                 if (!foundit)
1493                         BIO_printf(bio_err,
1494                                    "didn't found STARTTLS in server response,"
1495                                    " try anyway...\n");
1496                 BIO_printf(sbio,". STARTTLS\r\n");
1497                 BIO_read(sbio,sbuf,BUFSIZZ);
1498                 }
1499         else if (starttls_proto == PROTO_FTP)
1500                 {
1501                 BIO *fbio = BIO_new(BIO_f_buffer());
1502                 BIO_push(fbio, sbio);
1503                 /* wait for multi-line response to end from FTP */
1504                 do
1505                         {
1506                         mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
1507                         }
1508                 while (mbuf_len>3 && mbuf[3]=='-');
1509                 (void)BIO_flush(fbio);
1510                 BIO_pop(fbio);
1511                 BIO_free(fbio);
1512                 BIO_printf(sbio,"AUTH TLS\r\n");
1513                 BIO_read(sbio,sbuf,BUFSIZZ);
1514                 }
1515         if (starttls_proto == PROTO_XMPP)
1516                 {
1517                 int seen = 0;
1518                 BIO_printf(sbio,"<stream:stream "
1519                     "xmlns:stream='http://etherx.jabber.org/streams' "
1520                     "xmlns='jabber:client' to='%s' version='1.0'>", host);
1521                 seen = BIO_read(sbio,mbuf,BUFSIZZ);
1522                 mbuf[seen] = 0;
1523                 while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'"))
1524                         {
1525                         if (strstr(mbuf, "/stream:features>"))
1526                                 goto shut;
1527                         seen = BIO_read(sbio,mbuf,BUFSIZZ);
1528                         mbuf[seen] = 0;
1529                         }
1530                 BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
1531                 seen = BIO_read(sbio,sbuf,BUFSIZZ);
1532                 sbuf[seen] = 0;
1533                 if (!strstr(sbuf, "<proceed"))
1534                         goto shut;
1535                 mbuf[0] = 0;
1536                 }
1537
1538         for (;;)
1539                 {
1540                 FD_ZERO(&readfds);
1541                 FD_ZERO(&writefds);
1542
1543                 if ((SSL_version(con) == DTLS1_VERSION) &&
1544                         DTLSv1_get_timeout(con, &timeout))
1545                         timeoutp = &timeout;
1546                 else
1547                         timeoutp = NULL;
1548
1549                 if (SSL_in_init(con) && !SSL_total_renegotiations(con))
1550                         {
1551                         in_init=1;
1552                         tty_on=0;
1553                         }
1554                 else
1555                         {
1556                         tty_on=1;
1557                         if (in_init)
1558                                 {
1559                                 in_init=0;
1560 #if 0 /* This test doesn't really work as intended (needs to be fixed) */
1561 #ifndef OPENSSL_NO_TLSEXT
1562                                 if (servername != NULL && !SSL_session_reused(con))
1563                                         {
1564                                         BIO_printf(bio_c_out,"Server did %sacknowledge servername extension.\n",tlsextcbp.ack?"":"not ");
1565                                         }
1566 #endif
1567 #endif
1568                                 if (sess_out)
1569                                         {
1570                                         BIO *stmp = BIO_new_file(sess_out, "w");
1571                                         if (stmp)
1572                                                 {
1573                                                 PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con));
1574                                                 BIO_free(stmp);
1575                                                 }
1576                                         else 
1577                                                 BIO_printf(bio_err, "Error writing session file %s\n", sess_out);
1578                                         }
1579                                 print_stuff(bio_c_out,con,full_log);
1580                                 if (full_log > 0) full_log--;
1581
1582                                 if (starttls_proto)
1583                                         {
1584                                         BIO_printf(bio_err,"%s",mbuf);
1585                                         /* We don't need to know any more */
1586                                         starttls_proto = PROTO_OFF;
1587                                         }
1588
1589                                 if (reconnect)
1590                                         {
1591                                         reconnect--;
1592                                         BIO_printf(bio_c_out,"drop connection and then reconnect\n");
1593                                         SSL_shutdown(con);
1594                                         SSL_set_connect_state(con);
1595                                         SHUTDOWN(SSL_get_fd(con));
1596                                         goto re_start;
1597                                         }
1598                                 }
1599                         }
1600
1601                 ssl_pending = read_ssl && SSL_pending(con);
1602
1603                 if (!ssl_pending)
1604                         {
1605 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
1606                         if (tty_on)
1607                                 {
1608                                 if (read_tty)  openssl_fdset(fileno(stdin),&readfds);
1609                                 if (write_tty) openssl_fdset(fileno(stdout),&writefds);
1610                                 }
1611                         if (read_ssl)
1612                                 openssl_fdset(SSL_get_fd(con),&readfds);
1613                         if (write_ssl)
1614                                 openssl_fdset(SSL_get_fd(con),&writefds);
1615 #else
1616                         if(!tty_on || !write_tty) {
1617                                 if (read_ssl)
1618                                         openssl_fdset(SSL_get_fd(con),&readfds);
1619                                 if (write_ssl)
1620                                         openssl_fdset(SSL_get_fd(con),&writefds);
1621                         }
1622 #endif
1623 /*                      printf("mode tty(%d %d%d) ssl(%d%d)\n",
1624                                 tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
1625
1626                         /* Note: under VMS with SOCKETSHR the second parameter
1627                          * is currently of type (int *) whereas under other
1628                          * systems it is (void *) if you don't have a cast it
1629                          * will choke the compiler: if you do have a cast then
1630                          * you can either go for (int *) or (void *).
1631                          */
1632 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
1633                         /* Under Windows/DOS we make the assumption that we can
1634                          * always write to the tty: therefore if we need to
1635                          * write to the tty we just fall through. Otherwise
1636                          * we timeout the select every second and see if there
1637                          * are any keypresses. Note: this is a hack, in a proper
1638                          * Windows application we wouldn't do this.
1639                          */
1640                         i=0;
1641                         if(!write_tty) {
1642                                 if(read_tty) {
1643                                         tv.tv_sec = 1;
1644                                         tv.tv_usec = 0;
1645                                         i=select(width,(void *)&readfds,(void *)&writefds,
1646                                                  NULL,&tv);
1647 #if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
1648                                         if(!i && (!_kbhit() || !read_tty) ) continue;
1649 #else
1650                                         if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
1651 #endif
1652                                 } else  i=select(width,(void *)&readfds,(void *)&writefds,
1653                                          NULL,timeoutp);
1654                         }
1655 #elif defined(OPENSSL_SYS_NETWARE)
1656                         if(!write_tty) {
1657                                 if(read_tty) {
1658                                         tv.tv_sec = 1;
1659                                         tv.tv_usec = 0;
1660                                         i=select(width,(void *)&readfds,(void *)&writefds,
1661                                                 NULL,&tv);
1662                                 } else  i=select(width,(void *)&readfds,(void *)&writefds,
1663                                         NULL,timeoutp);
1664                         }
1665 #elif defined(OPENSSL_SYS_BEOS_R5)
1666                         /* Under BeOS-R5 the situation is similar to DOS */
1667                         i=0;
1668                         stdin_set = 0;
1669                         (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
1670                         if(!write_tty) {
1671                                 if(read_tty) {
1672                                         tv.tv_sec = 1;
1673                                         tv.tv_usec = 0;
1674                                         i=select(width,(void *)&readfds,(void *)&writefds,
1675                                                  NULL,&tv);
1676                                         if (read(fileno(stdin), sbuf, 0) >= 0)
1677                                                 stdin_set = 1;
1678                                         if (!i && (stdin_set != 1 || !read_tty))
1679                                                 continue;
1680                                 } else  i=select(width,(void *)&readfds,(void *)&writefds,
1681                                          NULL,timeoutp);
1682                         }
1683                         (void)fcntl(fileno(stdin), F_SETFL, 0);
1684 #else
1685                         i=select(width,(void *)&readfds,(void *)&writefds,
1686                                  NULL,timeoutp);
1687 #endif
1688                         if ( i < 0)
1689                                 {
1690                                 BIO_printf(bio_err,"bad select %d\n",
1691                                 get_last_socket_error());
1692                                 goto shut;
1693                                 /* goto end; */
1694                                 }
1695                         }
1696
1697                 if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
1698                         {
1699                         BIO_printf(bio_err,"TIMEOUT occured\n");
1700                         }
1701
1702                 if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds))
1703                         {
1704                         k=SSL_write(con,&(cbuf[cbuf_off]),
1705                                 (unsigned int)cbuf_len);
1706                         switch (SSL_get_error(con,k))
1707                                 {
1708                         case SSL_ERROR_NONE:
1709                                 cbuf_off+=k;
1710                                 cbuf_len-=k;
1711                                 if (k <= 0) goto end;
1712                                 /* we have done a  write(con,NULL,0); */
1713                                 if (cbuf_len <= 0)
1714                                         {
1715                                         read_tty=1;
1716                                         write_ssl=0;
1717                                         }
1718                                 else /* if (cbuf_len > 0) */
1719                                         {
1720                                         read_tty=0;
1721                                         write_ssl=1;
1722                                         }
1723                                 break;
1724                         case SSL_ERROR_WANT_WRITE:
1725                                 BIO_printf(bio_c_out,"write W BLOCK\n");
1726                                 write_ssl=1;
1727                                 read_tty=0;
1728                                 break;
1729                         case SSL_ERROR_WANT_READ:
1730                                 BIO_printf(bio_c_out,"write R BLOCK\n");
1731                                 write_tty=0;
1732                                 read_ssl=1;
1733                                 write_ssl=0;
1734                                 break;
1735                         case SSL_ERROR_WANT_X509_LOOKUP:
1736                                 BIO_printf(bio_c_out,"write X BLOCK\n");
1737                                 break;
1738                         case SSL_ERROR_ZERO_RETURN:
1739                                 if (cbuf_len != 0)
1740                                         {
1741                                         BIO_printf(bio_c_out,"shutdown\n");
1742                                         ret = 0;
1743                                         goto shut;
1744                                         }
1745                                 else
1746                                         {
1747                                         read_tty=1;
1748                                         write_ssl=0;
1749                                         break;
1750                                         }
1751                                 
1752                         case SSL_ERROR_SYSCALL:
1753                                 if ((k != 0) || (cbuf_len != 0))
1754                                         {
1755                                         BIO_printf(bio_err,"write:errno=%d\n",
1756                                                 get_last_socket_error());
1757                                         goto shut;
1758                                         }
1759                                 else
1760                                         {
1761                                         read_tty=1;
1762                                         write_ssl=0;
1763                                         }
1764                                 break;
1765                         case SSL_ERROR_SSL:
1766                                 ERR_print_errors(bio_err);
1767                                 goto shut;
1768                                 }
1769                         }
1770 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
1771                 /* Assume Windows/DOS/BeOS can always write */
1772                 else if (!ssl_pending && write_tty)
1773 #else
1774                 else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds))
1775 #endif
1776                         {
1777 #ifdef CHARSET_EBCDIC
1778                         ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len);
1779 #endif
1780                         i=raw_write_stdout(&(sbuf[sbuf_off]),sbuf_len);
1781
1782                         if (i <= 0)
1783                                 {
1784                                 BIO_printf(bio_c_out,"DONE\n");
1785                                 ret = 0;
1786                                 goto shut;
1787                                 /* goto end; */
1788                                 }
1789
1790                         sbuf_len-=i;;
1791                         sbuf_off+=i;
1792                         if (sbuf_len <= 0)
1793                                 {
1794                                 read_ssl=1;
1795                                 write_tty=0;
1796                                 }
1797                         }
1798                 else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds))
1799                         {
1800 #ifdef RENEG
1801 { static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
1802 #endif
1803 #if 1
1804                         k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
1805 #else
1806 /* Demo for pending and peek :-) */
1807                         k=SSL_read(con,sbuf,16);
1808 { char zbuf[10240]; 
1809 printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
1810 }
1811 #endif
1812
1813                         switch (SSL_get_error(con,k))
1814                                 {
1815                         case SSL_ERROR_NONE:
1816                                 if (k <= 0)
1817                                         goto end;
1818                                 sbuf_off=0;
1819                                 sbuf_len=k;
1820
1821                                 read_ssl=0;
1822                                 write_tty=1;
1823                                 break;
1824                         case SSL_ERROR_WANT_WRITE:
1825                                 BIO_printf(bio_c_out,"read W BLOCK\n");
1826                                 write_ssl=1;
1827                                 read_tty=0;
1828                                 break;
1829                         case SSL_ERROR_WANT_READ:
1830                                 BIO_printf(bio_c_out,"read R BLOCK\n");
1831                                 write_tty=0;
1832                                 read_ssl=1;
1833                                 if ((read_tty == 0) && (write_ssl == 0))
1834                                         write_ssl=1;
1835                                 break;
1836                         case SSL_ERROR_WANT_X509_LOOKUP:
1837                                 BIO_printf(bio_c_out,"read X BLOCK\n");
1838                                 break;
1839                         case SSL_ERROR_SYSCALL:
1840                                 ret=get_last_socket_error();
1841                                 BIO_printf(bio_err,"read:errno=%d\n",ret);
1842                                 goto shut;
1843                         case SSL_ERROR_ZERO_RETURN:
1844                                 BIO_printf(bio_c_out,"closed\n");
1845                                 ret=0;
1846                                 goto shut;
1847                         case SSL_ERROR_SSL:
1848                                 ERR_print_errors(bio_err);
1849                                 goto shut;
1850                                 /* break; */
1851                                 }
1852                         }
1853
1854 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
1855 #if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
1856                 else if (_kbhit())
1857 #else
1858                 else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
1859 #endif
1860 #elif defined (OPENSSL_SYS_NETWARE)
1861                 else if (_kbhit())
1862 #elif defined(OPENSSL_SYS_BEOS_R5)
1863                 else if (stdin_set)
1864 #else
1865                 else if (FD_ISSET(fileno(stdin),&readfds))
1866 #endif
1867                         {
1868                         if (crlf)
1869                                 {
1870                                 int j, lf_num;
1871
1872                                 i=raw_read_stdin(cbuf,BUFSIZZ/2);
1873                                 lf_num = 0;
1874                                 /* both loops are skipped when i <= 0 */
1875                                 for (j = 0; j < i; j++)
1876                                         if (cbuf[j] == '\n')
1877                                                 lf_num++;
1878                                 for (j = i-1; j >= 0; j--)
1879                                         {
1880                                         cbuf[j+lf_num] = cbuf[j];
1881                                         if (cbuf[j] == '\n')
1882                                                 {
1883                                                 lf_num--;
1884                                                 i++;
1885                                                 cbuf[j+lf_num] = '\r';
1886                                                 }
1887                                         }
1888                                 assert(lf_num == 0);
1889                                 }
1890                         else
1891                                 i=raw_read_stdin(cbuf,BUFSIZZ);
1892
1893                         if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
1894                                 {
1895                                 BIO_printf(bio_err,"DONE\n");
1896                                 ret=0;
1897                                 goto shut;
1898                                 }
1899
1900                         if ((!c_ign_eof) && (cbuf[0] == 'R'))
1901                                 {
1902                                 BIO_printf(bio_err,"RENEGOTIATING\n");
1903                                 SSL_renegotiate(con);
1904                                 cbuf_len=0;
1905                                 }
1906 #ifndef OPENSSL_NO_HEARTBEATS
1907                         else if ((!c_ign_eof) && (cbuf[0] == 'B'))
1908                                 {
1909                                 BIO_printf(bio_err,"HEARTBEATING\n");
1910                                 SSL_heartbeat(con);
1911                                 cbuf_len=0;
1912                                 }
1913 #endif
1914                         else
1915                                 {
1916                                 cbuf_len=i;
1917                                 cbuf_off=0;
1918 #ifdef CHARSET_EBCDIC
1919                                 ebcdic2ascii(cbuf, cbuf, i);
1920 #endif
1921                                 }
1922
1923                         write_ssl=1;
1924                         read_tty=0;
1925                         }
1926                 }
1927
1928         ret=0;
1929 shut:
1930         if (in_init)
1931                 print_stuff(bio_c_out,con,full_log);
1932         SSL_shutdown(con);
1933         SHUTDOWN(SSL_get_fd(con));
1934 end:
1935         if (con != NULL)
1936                 {
1937                 if (prexit != 0)
1938                         print_stuff(bio_c_out,con,1);
1939                 SSL_free(con);
1940                 }
1941         if (ctx != NULL) SSL_CTX_free(ctx);
1942         if (cert)
1943                 X509_free(cert);
1944         if (key)
1945                 EVP_PKEY_free(key);
1946         if (pass)
1947                 OPENSSL_free(pass);
1948         if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
1949         if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
1950         if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }
1951         if (bio_c_out != NULL)
1952                 {
1953                 BIO_free(bio_c_out);
1954                 bio_c_out=NULL;
1955                 }
1956         if (bio_c_msg != NULL)
1957                 {
1958                 BIO_free(bio_c_msg);
1959                 bio_c_msg=NULL;
1960                 }
1961         apps_shutdown();
1962         OPENSSL_EXIT(ret);
1963         }
1964
1965
1966 static void print_stuff(BIO *bio, SSL *s, int full)
1967         {
1968         X509 *peer=NULL;
1969         char *p;
1970         static const char *space="                ";
1971         char buf[BUFSIZ];
1972         STACK_OF(X509) *sk;
1973         STACK_OF(X509_NAME) *sk2;
1974         const SSL_CIPHER *c;
1975         X509_NAME *xn;
1976         int j,i;
1977 #ifndef OPENSSL_NO_COMP
1978         const COMP_METHOD *comp, *expansion;
1979 #endif
1980         unsigned char *exportedkeymat;
1981
1982         if (full)
1983                 {
1984                 int got_a_chain = 0;
1985
1986                 sk=SSL_get_peer_cert_chain(s);
1987                 if (sk != NULL)
1988                         {
1989                         got_a_chain = 1; /* we don't have it for SSL2 (yet) */
1990
1991                         BIO_printf(bio,"---\nCertificate chain\n");
1992                         for (i=0; i<sk_X509_num(sk); i++)
1993                                 {
1994                                 X509_NAME_oneline(X509_get_subject_name(
1995                                         sk_X509_value(sk,i)),buf,sizeof buf);
1996                                 BIO_printf(bio,"%2d s:%s\n",i,buf);
1997                                 X509_NAME_oneline(X509_get_issuer_name(
1998                                         sk_X509_value(sk,i)),buf,sizeof buf);
1999                                 BIO_printf(bio,"   i:%s\n",buf);
2000                                 if (c_showcerts)
2001                                         PEM_write_bio_X509(bio,sk_X509_value(sk,i));
2002                                 }
2003                         }
2004
2005                 BIO_printf(bio,"---\n");
2006                 peer=SSL_get_peer_certificate(s);
2007                 if (peer != NULL)
2008                         {
2009                         BIO_printf(bio,"Server certificate\n");
2010                         if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
2011                                 PEM_write_bio_X509(bio,peer);
2012                         X509_NAME_oneline(X509_get_subject_name(peer),
2013                                 buf,sizeof buf);
2014                         BIO_printf(bio,"subject=%s\n",buf);
2015                         X509_NAME_oneline(X509_get_issuer_name(peer),
2016                                 buf,sizeof buf);
2017                         BIO_printf(bio,"issuer=%s\n",buf);
2018                         }
2019                 else
2020                         BIO_printf(bio,"no peer certificate available\n");
2021
2022                 sk2=SSL_get_client_CA_list(s);
2023                 if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0))
2024                         {
2025                         BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
2026                         for (i=0; i<sk_X509_NAME_num(sk2); i++)
2027                                 {
2028                                 xn=sk_X509_NAME_value(sk2,i);
2029                                 X509_NAME_oneline(xn,buf,sizeof(buf));
2030                                 BIO_write(bio,buf,strlen(buf));
2031                                 BIO_write(bio,"\n",1);
2032                                 }
2033                         }
2034                 else
2035                         {
2036                         BIO_printf(bio,"---\nNo client certificate CA names sent\n");
2037                         }
2038                 p=SSL_get_shared_ciphers(s,buf,sizeof buf);
2039                 if (p != NULL)
2040                         {
2041                         /* This works only for SSL 2.  In later protocol
2042                          * versions, the client does not know what other
2043                          * ciphers (in addition to the one to be used
2044                          * in the current connection) the server supports. */
2045
2046                         BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
2047                         j=i=0;
2048                         while (*p)
2049                                 {
2050                                 if (*p == ':')
2051                                         {
2052                                         BIO_write(bio,space,15-j%25);
2053                                         i++;
2054                                         j=0;
2055                                         BIO_write(bio,((i%3)?" ":"\n"),1);
2056                                         }
2057                                 else
2058                                         {
2059                                         BIO_write(bio,p,1);
2060                                         j++;
2061                                         }
2062                                 p++;
2063                                 }
2064                         BIO_write(bio,"\n",1);
2065                         }
2066
2067                 ssl_print_sigalgs(bio, s, 1);
2068
2069                 BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
2070                         BIO_number_read(SSL_get_rbio(s)),
2071                         BIO_number_written(SSL_get_wbio(s)));
2072                 }
2073         BIO_printf(bio,(SSL_cache_hit(s)?"---\nReused, ":"---\nNew, "));
2074         c=SSL_get_current_cipher(s);
2075         BIO_printf(bio,"%s, Cipher is %s\n",
2076                 SSL_CIPHER_get_version(c),
2077                 SSL_CIPHER_get_name(c));
2078         if (peer != NULL) {
2079                 EVP_PKEY *pktmp;
2080                 pktmp = X509_get_pubkey(peer);
2081                 BIO_printf(bio,"Server public key is %d bit\n",
2082                                                          EVP_PKEY_bits(pktmp));
2083                 EVP_PKEY_free(pktmp);
2084         }
2085         BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
2086                         SSL_get_secure_renegotiation_support(s) ? "" : " NOT");
2087 #ifndef OPENSSL_NO_COMP
2088         comp=SSL_get_current_compression(s);
2089         expansion=SSL_get_current_expansion(s);
2090         BIO_printf(bio,"Compression: %s\n",
2091                 comp ? SSL_COMP_get_name(comp) : "NONE");
2092         BIO_printf(bio,"Expansion: %s\n",
2093                 expansion ? SSL_COMP_get_name(expansion) : "NONE");
2094 #endif
2095  
2096 #ifdef SSL_DEBUG
2097         {
2098         /* Print out local port of connection: useful for debugging */
2099         int sock;
2100         struct sockaddr_in ladd;
2101         socklen_t ladd_size = sizeof(ladd);
2102         sock = SSL_get_fd(s);
2103         getsockname(sock, (struct sockaddr *)&ladd, &ladd_size);
2104         BIO_printf(bio_c_out, "LOCAL PORT is %u\n", ntohs(ladd.sin_port));
2105         }
2106 #endif
2107
2108 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2109         if (next_proto.status != -1) {
2110                 const unsigned char *proto;
2111                 unsigned int proto_len;
2112                 SSL_get0_next_proto_negotiated(s, &proto, &proto_len);
2113                 BIO_printf(bio, "Next protocol: (%d) ", next_proto.status);
2114                 BIO_write(bio, proto, proto_len);
2115                 BIO_write(bio, "\n", 1);
2116         }
2117 #endif
2118
2119         {
2120         SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s);
2121  
2122         if(srtp_profile)
2123                 BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n",
2124                            srtp_profile->name);
2125         }
2126  
2127         SSL_SESSION_print(bio,SSL_get_session(s));
2128         if (keymatexportlabel != NULL)
2129                 {
2130                 BIO_printf(bio, "Keying material exporter:\n");
2131                 BIO_printf(bio, "    Label: '%s'\n", keymatexportlabel);
2132                 BIO_printf(bio, "    Length: %i bytes\n", keymatexportlen);
2133                 exportedkeymat = OPENSSL_malloc(keymatexportlen);
2134                 if (exportedkeymat != NULL)
2135                         {
2136                         if (!SSL_export_keying_material(s, exportedkeymat,
2137                                                         keymatexportlen,
2138                                                         keymatexportlabel,
2139                                                         strlen(keymatexportlabel),
2140                                                         NULL, 0, 0))
2141                                 {
2142                                 BIO_printf(bio, "    Error\n");
2143                                 }
2144                         else
2145                                 {
2146                                 BIO_printf(bio, "    Keying material: ");
2147                                 for (i=0; i<keymatexportlen; i++)
2148                                         BIO_printf(bio, "%02X",
2149                                                    exportedkeymat[i]);
2150                                 BIO_printf(bio, "\n");
2151                                 }
2152                         OPENSSL_free(exportedkeymat);
2153                         }
2154                 }
2155         BIO_printf(bio,"---\n");
2156         if (peer != NULL)
2157                 X509_free(peer);
2158         /* flush, or debugging output gets mixed with http response */
2159         (void)BIO_flush(bio);
2160         }
2161
2162 #ifndef OPENSSL_NO_TLSEXT
2163
2164 static int ocsp_resp_cb(SSL *s, void *arg)
2165         {
2166         const unsigned char *p;
2167         int len;
2168         OCSP_RESPONSE *rsp;
2169         len = SSL_get_tlsext_status_ocsp_resp(s, &p);
2170         BIO_puts(arg, "OCSP response: ");
2171         if (!p)
2172                 {
2173                 BIO_puts(arg, "no response sent\n");
2174                 return 1;
2175                 }
2176         rsp = d2i_OCSP_RESPONSE(NULL, &p, len);
2177         if (!rsp)
2178                 {
2179                 BIO_puts(arg, "response parse error\n");
2180                 BIO_dump_indent(arg, (char *)p, len, 4);
2181                 return 0;
2182                 }
2183         BIO_puts(arg, "\n======================================\n");
2184         OCSP_RESPONSE_print(arg, rsp, 0);
2185         BIO_puts(arg, "======================================\n");
2186         OCSP_RESPONSE_free(rsp);
2187         return 1;
2188         }
2189
2190 static int audit_proof_cb(SSL *s, void *arg)
2191         {
2192         const unsigned char *proof;
2193         size_t proof_len;
2194         size_t i;
2195         SSL_SESSION *sess = SSL_get_session(s);
2196
2197         proof = SSL_SESSION_get_tlsext_authz_server_audit_proof(sess,
2198                                                                 &proof_len);
2199         if (proof != NULL)
2200                 {
2201                 BIO_printf(bio_c_out, "Audit proof: ");
2202                 for (i = 0; i < proof_len; ++i)
2203                         BIO_printf(bio_c_out, "%02X", proof[i]);
2204                 BIO_printf(bio_c_out, "\n");
2205                 }
2206         else
2207                 {
2208                 BIO_printf(bio_c_out, "No audit proof found.\n");
2209                 }
2210         return 1;
2211         }
2212 #endif