[PR3597] Advance to the next state variant when reusing messages.
[openssl.git] / ssl / ssltest.c
1 /* ssl/ssltest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  * ECC cipher suite support in OpenSSL originally developed by 
114  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115  */
116 /* ====================================================================
117  * Copyright 2005 Nokia. All rights reserved.
118  *
119  * The portions of the attached software ("Contribution") is developed by
120  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121  * license.
122  *
123  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125  * support (see RFC 4279) to OpenSSL.
126  *
127  * No patent licenses or other rights except those expressly stated in
128  * the OpenSSL open source license shall be deemed granted or received
129  * expressly, by implication, estoppel, or otherwise.
130  *
131  * No assurances are provided by Nokia that the Contribution does not
132  * infringe the patent or other intellectual property rights of any third
133  * party or that the license provides you with all the necessary rights
134  * to make use of the Contribution.
135  *
136  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140  * OTHERWISE.
141  */
142
143 #define _BSD_SOURCE 1           /* Or gethostname won't be declared properly
144                                    on Linux and GNU platforms. */
145
146 #include <assert.h>
147 #include <errno.h>
148 #include <limits.h>
149 #include <stdio.h>
150 #include <stdlib.h>
151 #include <string.h>
152 #include <time.h>
153
154 #define USE_SOCKETS
155 #include "e_os.h"
156
157 #ifdef OPENSSL_SYS_VMS
158 #define _XOPEN_SOURCE 500       /* Or isascii won't be declared properly on
159                                    VMS (at least with DECompHP C).  */
160 #endif
161
162 #include <ctype.h>
163
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
172 #endif
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
177 #endif
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
180 #endif
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
183 #endif
184 #ifndef OPENSSL_NO_SRP
185 #include <openssl/srp.h>
186 #endif
187 #include <openssl/bn.h>
188
189 #define _XOPEN_SOURCE_EXTENDED  1 /* Or gethostname won't be declared properly
190                                      on Compaq platforms (at least with DEC C).
191                                      Do not try to put it earlier, or IPv6 includes
192                                      get screwed...
193                                   */
194
195 #ifdef OPENSSL_SYS_WINDOWS
196 #include <winsock.h>
197 #else
198 #include OPENSSL_UNISTD
199 #endif
200
201 #ifdef OPENSSL_SYS_VMS
202 #  define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
203 #  define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
204 #elif defined(OPENSSL_SYS_WINCE)
205 #  define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
206 #  define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
207 #elif defined(OPENSSL_SYS_NETWARE)
208 #  define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
209 #  define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
210 #else
211 #  define TEST_SERVER_CERT "../apps/server.pem"
212 #  define TEST_CLIENT_CERT "../apps/client.pem"
213 #endif
214
215 /* There is really no standard for this, so let's assign some tentative
216    numbers.  In any case, these numbers are only for this test */
217 #define COMP_RLE        255
218 #define COMP_ZLIB       1
219
220 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
221 #ifndef OPENSSL_NO_RSA
222 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
223 static void free_tmp_rsa(void);
224 #endif
225 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
226 #define APP_CALLBACK_STRING "Test Callback Argument"
227 struct app_verify_arg
228         {
229         char *string;
230         int app_verify;
231         int allow_proxy_certs;
232         char *proxy_auth;
233         char *proxy_cond;
234         };
235
236 #ifndef OPENSSL_NO_DH
237 static DH *get_dh512(void);
238 static DH *get_dh1024(void);
239 static DH *get_dh1024dsa(void);
240 #endif
241
242
243 static char *psk_key=NULL; /* by default PSK is not used */
244 #ifndef OPENSSL_NO_PSK
245 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
246         unsigned int max_identity_len, unsigned char *psk,
247         unsigned int max_psk_len);
248 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
249         unsigned int max_psk_len);
250 #endif
251
252 #ifndef OPENSSL_NO_SRP
253 /* SRP client */
254 /* This is a context that we pass to all callbacks */
255 typedef struct srp_client_arg_st
256         {
257         char *srppassin;
258         char *srplogin;
259         } SRP_CLIENT_ARG;
260
261 #define PWD_STRLEN 1024
262
263 static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
264         {
265         SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
266         return BUF_strdup((char *)srp_client_arg->srppassin);
267         }
268
269 /* SRP server */
270 /* This is a context that we pass to SRP server callbacks */
271 typedef struct srp_server_arg_st
272         {
273         char *expected_user;
274         char *pass;
275         } SRP_SERVER_ARG;
276
277 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
278         {
279         SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
280
281         if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
282                 {
283                 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
284                 return SSL3_AL_FATAL;
285                 }
286         if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
287                 {
288                 *ad = SSL_AD_INTERNAL_ERROR;
289                 return SSL3_AL_FATAL;
290                 }
291         return SSL_ERROR_NONE;
292         }
293 #endif
294
295 static BIO *bio_err=NULL;
296 static BIO *bio_stdout=NULL;
297
298 #ifndef OPENSSL_NO_NEXTPROTONEG
299 /* Note that this code assumes that this is only a one element list: */
300 static const char NEXT_PROTO_STRING[] = "\x09testproto";
301 int npn_client = 0;
302 int npn_server = 0;
303 int npn_server_reject = 0;
304
305 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
306         {
307         /* This callback only returns the protocol string, rather than a length
308            prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
309            remove the first byte to chop off the length prefix. */
310         *out = (unsigned char*) NEXT_PROTO_STRING + 1;
311         *outlen = sizeof(NEXT_PROTO_STRING) - 2;
312         return SSL_TLSEXT_ERR_OK;
313         }
314
315 static int cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
316         {
317         *data = (const unsigned char *) NEXT_PROTO_STRING;
318         *len = sizeof(NEXT_PROTO_STRING) - 1;
319         return SSL_TLSEXT_ERR_OK;
320         }
321
322 static int cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
323         {
324         return SSL_TLSEXT_ERR_NOACK;
325         }
326
327 static int verify_npn(SSL *client, SSL *server)
328         {
329         const unsigned char *client_s;
330         unsigned client_len;
331         const unsigned char *server_s;
332         unsigned server_len;
333
334         SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
335         SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
336
337         if (client_len)
338                 {
339                 BIO_printf(bio_stdout, "Client NPN: ");
340                 BIO_write(bio_stdout, client_s, client_len);
341                 BIO_printf(bio_stdout, "\n");
342                 }
343
344         if (server_len)
345                 {
346                 BIO_printf(bio_stdout, "Server NPN: ");
347                 BIO_write(bio_stdout, server_s, server_len);
348                 BIO_printf(bio_stdout, "\n");
349                 }
350
351         /* If an NPN string was returned, it must be the protocol that we
352          * expected to negotiate. */
353         if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
354                            memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
355                 return -1;
356         if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
357                            memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
358                 return -1;
359
360         if (!npn_client && client_len)
361                 return -1;
362         if (!npn_server && server_len)
363                 return -1;
364         if (npn_server_reject && server_len)
365                 return -1;
366         if (npn_client && npn_server && (!client_len || !server_len))
367                 return -1;
368
369         return 0;
370         }
371 #endif
372
373 static const char *alpn_client;
374 static const char *alpn_server;
375 static const char *alpn_expected;
376 static unsigned char *alpn_selected;
377
378 /* next_protos_parse parses a comma separated list of strings into a string
379  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
380  *   outlen: (output) set to the length of the resulting buffer on success.
381  *   err: (maybe NULL) on failure, an error message line is written to this BIO.
382  *   in: a NUL terminated string like "abc,def,ghi"
383  *
384  *   returns: a malloced buffer or NULL on failure.
385  */
386 static unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
387         {
388         size_t len;
389         unsigned char *out;
390         size_t i, start = 0;
391
392         len = strlen(in);
393         if (len >= 65535)
394                 return NULL;
395
396         out = OPENSSL_malloc(strlen(in) + 1);
397         if (!out)
398                 return NULL;
399
400         for (i = 0; i <= len; ++i)
401                 {
402                 if (i == len || in[i] == ',')
403                         {
404                         if (i - start > 255)
405                                 {
406                                 OPENSSL_free(out);
407                                 return NULL;
408                                 }
409                         out[start] = i - start;
410                         start = i + 1;
411                         }
412                 else
413                         out[i+1] = in[i];
414                 }
415
416         *outlen = len + 1;
417         return out;
418         }
419
420 static int cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
421         {
422         unsigned char *protos;
423         unsigned short protos_len;
424
425         protos = next_protos_parse(&protos_len, alpn_server);
426         if (protos == NULL)
427                 {
428                 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", alpn_server);
429                 abort();
430                 }
431
432         if (SSL_select_next_proto((unsigned char**) out, outlen, protos, protos_len, in, inlen) !=
433             OPENSSL_NPN_NEGOTIATED)
434                 {
435                 OPENSSL_free(protos);
436                 return SSL_TLSEXT_ERR_NOACK;
437                 }
438
439         /* Make a copy of the selected protocol which will be freed in verify_alpn. */
440         alpn_selected = OPENSSL_malloc(*outlen);
441         memcpy(alpn_selected, *out, *outlen);
442         *out = alpn_selected;
443
444         OPENSSL_free(protos);
445         return SSL_TLSEXT_ERR_OK;
446         }
447
448 static int verify_alpn(SSL *client, SSL *server)
449         {
450         const unsigned char *client_proto, *server_proto;
451         unsigned int client_proto_len = 0, server_proto_len = 0;
452         SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
453         SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
454
455         if (alpn_selected != NULL)
456                 {
457                 OPENSSL_free(alpn_selected);
458                 alpn_selected = NULL;
459                 }
460
461         if (client_proto_len != server_proto_len ||
462             memcmp(client_proto, server_proto, client_proto_len) != 0)
463                 {
464                 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
465                 goto err;
466                 }
467
468         if (client_proto_len > 0 && alpn_expected == NULL)
469                 {
470                 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
471                 goto err;
472                 }
473
474         if (alpn_expected != NULL &&
475             (client_proto_len != strlen(alpn_expected) ||
476              memcmp(client_proto, alpn_expected, client_proto_len) != 0))
477                 {
478                 BIO_printf(bio_stdout, "ALPN selected protocols not equal to expected protocol: %s\n", alpn_expected);
479                 goto err;
480                 }
481
482         return 0;
483
484 err:
485         BIO_printf(bio_stdout, "ALPN results: client: '");
486         BIO_write(bio_stdout, client_proto, client_proto_len);
487         BIO_printf(bio_stdout, "', server: '");
488         BIO_write(bio_stdout, server_proto, server_proto_len);
489         BIO_printf(bio_stdout, "'\n");
490         BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", alpn_client, alpn_server);
491         return -1;
492         }
493
494 #define SCT_EXT_TYPE 18
495
496 /* WARNING : below extension types are *NOT* IETF assigned, and 
497    could conflict if these types are reassigned and handled 
498    specially by OpenSSL in the future */
499 #define TACK_EXT_TYPE 62208
500 #define CUSTOM_EXT_TYPE_0 1000
501 #define CUSTOM_EXT_TYPE_1 1001
502 #define CUSTOM_EXT_TYPE_2 1002
503 #define CUSTOM_EXT_TYPE_3 1003
504
505 const char custom_ext_cli_string[] = "abc";
506 const char custom_ext_srv_string[] = "defg";
507
508 /* These set from cmdline */
509 char* serverinfo_file = NULL;
510 int serverinfo_sct = 0;
511 int serverinfo_tack = 0;
512
513 /* These set based on extension callbacks */
514 int serverinfo_sct_seen = 0;
515 int serverinfo_tack_seen = 0;
516 int serverinfo_other_seen = 0;
517
518 /* This set from cmdline */
519 int custom_ext = 0;
520
521 /* This set based on extension callbacks */
522 int custom_ext_error = 0;
523
524 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
525                                    const unsigned char *in, size_t inlen, 
526                                    int *al, void *arg)
527         {
528         if (ext_type == SCT_EXT_TYPE)
529                 serverinfo_sct_seen++;
530         else if (ext_type == TACK_EXT_TYPE)
531                 serverinfo_tack_seen++;
532         else
533                 serverinfo_other_seen++;
534         return 1;
535         }
536
537 static int verify_serverinfo()
538         {
539         if (serverinfo_sct != serverinfo_sct_seen)
540                 return -1;
541         if (serverinfo_tack != serverinfo_tack_seen)
542                 return -1;
543         if (serverinfo_other_seen)
544                 return -1;
545         return 0;
546         }
547
548 /* Four test cases for custom extensions:
549  * 0 - no ClientHello extension or ServerHello response
550  * 1 - ClientHello with "abc", no response
551  * 2 - ClientHello with "abc", empty response
552  * 3 - ClientHello with "abc", "defg" response
553  */
554
555 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
556                                      const unsigned char **out,
557                                      size_t *outlen, int *al, void *arg)
558         {
559         if (ext_type != CUSTOM_EXT_TYPE_0)
560                 custom_ext_error = 1;
561         return 0;  /* Don't send an extension */
562         }
563
564 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
565                                       const unsigned char *in,
566                                       size_t inlen, int *al,
567                                       void *arg)
568         {
569         return 1;
570         }
571
572 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
573                                      const unsigned char **out,
574                                      size_t *outlen, int *al, void *arg)
575         {
576         if (ext_type != CUSTOM_EXT_TYPE_1)
577                 custom_ext_error = 1;
578         *out = (const unsigned char*)custom_ext_cli_string;
579         *outlen = strlen(custom_ext_cli_string);
580         return 1; /* Send "abc" */
581         }
582
583 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
584                                       const unsigned char *in,
585                                       size_t inlen, int *al,
586                                       void *arg)
587         {
588         return 1;
589         }
590
591 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
592                                      const unsigned char **out,
593                                      size_t *outlen, int *al, void *arg)
594         {
595         if (ext_type != CUSTOM_EXT_TYPE_2)
596                 custom_ext_error = 1;
597         *out = (const unsigned char*)custom_ext_cli_string;
598         *outlen = strlen(custom_ext_cli_string);
599         return 1; /* Send "abc" */
600         }
601
602 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
603                                       const unsigned char *in,
604                                       size_t inlen, int *al,
605                                       void *arg)
606         {
607         if (ext_type != CUSTOM_EXT_TYPE_2)
608                 custom_ext_error = 1;
609         if (inlen != 0)
610                 custom_ext_error = 1; /* Should be empty response */
611         return 1;
612         }
613
614 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
615                                      const unsigned char **out,
616                                      size_t *outlen, int *al, void *arg)
617         {
618         if (ext_type != CUSTOM_EXT_TYPE_3)
619                 custom_ext_error = 1;
620         *out = (const unsigned char*)custom_ext_cli_string;
621         *outlen = strlen(custom_ext_cli_string);
622         return 1; /* Send "abc" */
623         }
624
625 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
626                                       const unsigned char *in,
627                                       size_t inlen, int *al,
628                                       void *arg)
629         {
630         if (ext_type != CUSTOM_EXT_TYPE_3)
631                 custom_ext_error = 1;
632         if (inlen != strlen(custom_ext_srv_string))
633                 custom_ext_error = 1;
634         if (memcmp(custom_ext_srv_string, in, inlen) != 0)
635                 custom_ext_error = 1; /* Check for "defg" */
636         return 1;
637         }
638
639 /* custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback for this extension */
640 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
641                                      const unsigned char *in,
642                                      size_t inlen, int *al,
643                                      void *arg)
644         {
645         custom_ext_error = 1;
646         return 1;
647         }
648
649 /* 'add' callbacks are only called if the 'parse' callback is called */
650 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
651                                       const unsigned char **out,
652                                       size_t *outlen, int *al, void *arg)
653         {
654         /* Error: should not have been called */
655         custom_ext_error = 1;
656         return 0; /* Don't send an extension */
657         }
658
659 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
660                                 const unsigned char *in,
661                                 size_t inlen, int *al,
662                                 void *arg)
663         {
664         if (ext_type != CUSTOM_EXT_TYPE_1)
665                 custom_ext_error = 1;           
666          /* Check for "abc" */
667         if (inlen != strlen(custom_ext_cli_string))
668                 custom_ext_error = 1;
669         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
670                 custom_ext_error = 1;
671         return 1;
672         }
673
674 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
675                                       const unsigned char **out,
676                                       size_t *outlen, int *al, void *arg)
677         {
678         return 0; /* Don't send an extension */
679         }
680
681 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
682                                      const unsigned char *in,
683                                      size_t inlen, int *al,
684                                      void *arg)
685         {
686         if (ext_type != CUSTOM_EXT_TYPE_2)
687                 custom_ext_error = 1;           
688          /* Check for "abc" */
689         if (inlen != strlen(custom_ext_cli_string))
690                 custom_ext_error = 1;
691         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
692                 custom_ext_error = 1;
693         return 1;
694         }
695
696 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
697                                       const unsigned char **out,
698                                       size_t *outlen, int *al, void *arg)
699         {
700         *out = NULL;
701         *outlen = 0;
702         return 1; /* Send empty extension */
703         }
704
705 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
706                                      const unsigned char *in,
707                                      size_t inlen, int *al,
708                                      void *arg)
709         {
710         if (ext_type != CUSTOM_EXT_TYPE_3)
711                 custom_ext_error = 1;           
712          /* Check for "abc" */  
713         if (inlen != strlen(custom_ext_cli_string))
714                 custom_ext_error = 1;
715         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
716                 custom_ext_error = 1;
717         return 1;
718         }
719
720 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
721                                       const unsigned char **out,
722                                       size_t *outlen, int *al, void *arg)
723         {
724         *out = (const unsigned char*)custom_ext_srv_string;
725         *outlen = strlen(custom_ext_srv_string);
726         return 1; /* Send "defg" */
727         }
728
729 static char *cipher=NULL;
730 static int verbose=0;
731 static int debug=0;
732 #if 0
733 /* Not used yet. */
734 #ifdef FIONBIO
735 static int s_nbio=0;
736 #endif
737 #endif
738
739 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
740
741 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
742 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
743 static int do_test_cipherlist(void);
744 static void sv_usage(void)
745         {
746         fprintf(stderr,"usage: ssltest [args ...]\n");
747         fprintf(stderr,"\n");
748 #ifdef OPENSSL_FIPS
749         fprintf(stderr,"-F             - run test in FIPS mode\n");
750 #endif
751         fprintf(stderr," -server_auth  - check server certificate\n");
752         fprintf(stderr," -client_auth  - do client authentication\n");
753         fprintf(stderr," -proxy        - allow proxy certificates\n");
754         fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
755         fprintf(stderr," -proxy_cond <val> - expression to test proxy policy rights\n");
756         fprintf(stderr," -v            - more output\n");
757         fprintf(stderr," -d            - debug output\n");
758         fprintf(stderr," -reuse        - use session-id reuse\n");
759         fprintf(stderr," -num <val>    - number of connections to perform\n");
760         fprintf(stderr," -bytes <val>  - number of bytes to swap between client/server\n");
761 #ifndef OPENSSL_NO_DH
762         fprintf(stderr," -dhe1024      - use 1024 bit key (safe prime) for DHE\n");
763         fprintf(stderr," -dhe1024dsa   - use 1024 bit key (with 160-bit subprime) for DHE\n");
764         fprintf(stderr," -no_dhe       - disable DHE\n");
765 #endif
766 #ifndef OPENSSL_NO_ECDH
767         fprintf(stderr," -no_ecdhe     - disable ECDHE\n");
768 #endif
769 #ifndef OPENSSL_NO_PSK
770         fprintf(stderr," -psk arg      - PSK in hex (without 0x)\n");
771 #endif
772 #ifndef OPENSSL_NO_SRP
773         fprintf(stderr," -srpuser user  - SRP username to use\n");
774         fprintf(stderr," -srppass arg   - password for 'user'\n");
775 #endif
776 #ifndef OPENSSL_NO_SSL2
777         fprintf(stderr," -ssl2         - use SSLv2\n");
778 #endif
779 #ifndef OPENSSL_NO_SSL3_METHOD
780         fprintf(stderr," -ssl3         - use SSLv3\n");
781 #endif
782 #ifndef OPENSSL_NO_TLS1
783         fprintf(stderr," -tls1         - use TLSv1\n");
784 #endif
785         fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
786         fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
787         fprintf(stderr," -cert arg     - Server certificate file\n");
788         fprintf(stderr," -key arg      - Server key file (default: same as -cert)\n");
789         fprintf(stderr," -c_cert arg   - Client certificate file\n");
790         fprintf(stderr," -c_key arg    - Client key file (default: same as -c_cert)\n");
791         fprintf(stderr," -cipher arg   - The cipher list\n");
792         fprintf(stderr," -bio_pair     - Use BIO pairs\n");
793         fprintf(stderr," -f            - Test even cases that can't work\n");
794         fprintf(stderr," -time         - measure processor time used by client and server\n");
795         fprintf(stderr," -zlib         - use zlib compression\n");
796         fprintf(stderr," -rle          - use rle compression\n");
797 #ifndef OPENSSL_NO_ECDH
798         fprintf(stderr," -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n" \
799                        "                 Use \"openssl ecparam -list_curves\" for all names\n"  \
800                        "                 (default is sect163r2).\n");
801 #endif
802         fprintf(stderr," -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
803                        "                    When this option is requested, the cipherlist\n"
804                        "                    tests are run instead of handshake tests.\n");
805 #ifndef OPENSSL_NO_NEXTPROTONEG
806         fprintf(stderr," -npn_client - have client side offer NPN\n");
807         fprintf(stderr," -npn_server - have server side offer NPN\n");
808         fprintf(stderr," -npn_server_reject - have server reject NPN\n");
809 #endif
810         fprintf(stderr," -serverinfo_file file - have server use this file\n");
811         fprintf(stderr," -serverinfo_sct  - have client offer and expect SCT\n");
812         fprintf(stderr," -serverinfo_tack - have client offer and expect TACK\n");
813         fprintf(stderr," -custom_ext - try various custom extension callbacks\n");
814         fprintf(stderr," -alpn_client <string> - have client side offer ALPN\n");
815         fprintf(stderr," -alpn_server <string> - have server side offer ALPN\n");
816         fprintf(stderr," -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
817         }
818
819 static void print_key_details(BIO *out, EVP_PKEY *key)
820         {
821         int keyid = EVP_PKEY_id(key);
822 #ifndef OPENSSL_NO_EC
823         if (keyid == EVP_PKEY_EC)
824                 {
825                 EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
826                 int nid;
827                 const char *cname;
828                 nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
829                 EC_KEY_free(ec);
830                 cname = EC_curve_nid2nist(nid);
831                 if (!cname)
832                         cname = OBJ_nid2sn(nid);
833                 BIO_printf(out, "%d bits EC (%s)",
834                                                 EVP_PKEY_bits(key), cname);
835                 }
836         else
837 #endif
838                 {
839                 const char *algname;
840                 switch (keyid)
841                         {
842                 case EVP_PKEY_RSA:
843                         algname = "RSA";
844                         break;
845                 case EVP_PKEY_DSA:
846                         algname = "DSA";
847                         break;
848                 case EVP_PKEY_DH:
849                         algname = "DH";
850                         break;
851                 default:
852                         algname = OBJ_nid2sn(keyid);
853                         break;
854                         }
855                 BIO_printf(out, "%d bits %s", EVP_PKEY_bits(key), algname);
856                 }
857         }
858
859 static void print_details(SSL *c_ssl, const char *prefix)
860         {
861         const SSL_CIPHER *ciph;
862         int mdnid;
863         X509 *cert;
864         EVP_PKEY *pkey;
865                 
866         ciph=SSL_get_current_cipher(c_ssl);
867         BIO_printf(bio_stdout,"%s%s, cipher %s %s",
868                 prefix,
869                 SSL_get_version(c_ssl),
870                 SSL_CIPHER_get_version(ciph),
871                 SSL_CIPHER_get_name(ciph));
872         cert=SSL_get_peer_certificate(c_ssl);
873         if (cert != NULL)
874                 {
875                 pkey = X509_get_pubkey(cert);
876                 if (pkey != NULL)
877                         {
878                         BIO_puts(bio_stdout, ", ");
879                         print_key_details(bio_stdout, pkey);
880                         EVP_PKEY_free(pkey);
881                         }
882                 X509_free(cert);
883                 }
884         if (SSL_get_server_tmp_key(c_ssl, &pkey))
885                 {
886                 BIO_puts(bio_stdout, ", temp key: ");
887                 print_key_details(bio_stdout, pkey);
888                 EVP_PKEY_free(pkey);
889                 }
890         if (SSL_get_peer_signature_nid(c_ssl, &mdnid))
891                 BIO_printf(bio_stdout, ", digest=%s", OBJ_nid2sn(mdnid));
892         BIO_printf(bio_stdout,"\n");
893         }
894
895 static void lock_dbg_cb(int mode, int type, const char *file, int line)
896         {
897         static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
898         const char *errstr = NULL;
899         int rw;
900         
901         rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
902         if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
903                 {
904                 errstr = "invalid mode";
905                 goto err;
906                 }
907
908         if (type < 0 || type >= CRYPTO_NUM_LOCKS)
909                 {
910                 errstr = "type out of bounds";
911                 goto err;
912                 }
913
914         if (mode & CRYPTO_LOCK)
915                 {
916                 if (modes[type])
917                         {
918                         errstr = "already locked";
919                         /* must not happen in a single-threaded program
920                          * (would deadlock) */
921                         goto err;
922                         }
923
924                 modes[type] = rw;
925                 }
926         else if (mode & CRYPTO_UNLOCK)
927                 {
928                 if (!modes[type])
929                         {
930                         errstr = "not locked";
931                         goto err;
932                         }
933                 
934                 if (modes[type] != rw)
935                         {
936                         errstr = (rw == CRYPTO_READ) ?
937                                 "CRYPTO_r_unlock on write lock" :
938                                 "CRYPTO_w_unlock on read lock";
939                         }
940
941                 modes[type] = 0;
942                 }
943         else
944                 {
945                 errstr = "invalid mode";
946                 goto err;
947                 }
948
949  err:
950         if (errstr)
951                 {
952                 /* we cannot use bio_err here */
953                 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
954                         errstr, mode, type, file, line);
955                 }
956         }
957
958 #ifdef TLSEXT_TYPE_opaque_prf_input
959 struct cb_info_st { void *input; size_t len; int ret; };
960 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
961 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
962 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
963 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
964
965 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
966         {
967         struct cb_info_st *arg = arg_;
968
969         if (arg == NULL)
970                 return 1;
971         
972         if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
973                 return 0;
974         return arg->ret;
975         }
976 #endif
977
978 int main(int argc, char *argv[])
979         {
980         char *CApath=NULL,*CAfile=NULL;
981         int badop=0;
982         int bio_pair=0;
983         int force=0;
984         int tls1=0,ssl2=0,ssl3=0,ret=1;
985         int client_auth=0;
986         int server_auth=0,i;
987         struct app_verify_arg app_verify_arg =
988                 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
989         char *server_cert=TEST_SERVER_CERT;
990         char *server_key=NULL;
991         char *client_cert=TEST_CLIENT_CERT;
992         char *client_key=NULL;
993 #ifndef OPENSSL_NO_ECDH
994         char *named_curve = NULL;
995 #endif
996         SSL_CTX *s_ctx=NULL;
997         SSL_CTX *c_ctx=NULL;
998         const SSL_METHOD *meth=NULL;
999         SSL *c_ssl,*s_ssl;
1000         int number=1,reuse=0;
1001         long bytes=256L;
1002 #ifndef OPENSSL_NO_DH
1003         DH *dh;
1004         int dhe1024 = 0, dhe1024dsa = 0;
1005 #endif
1006 #ifndef OPENSSL_NO_ECDH
1007         EC_KEY *ecdh = NULL;
1008 #endif
1009 #ifndef OPENSSL_NO_SRP
1010         /* client */
1011         SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
1012         /* server */
1013         SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
1014 #endif
1015         int no_dhe = 0;
1016         int no_ecdhe = 0;
1017         int no_psk = 0;
1018         int print_time = 0;
1019         clock_t s_time = 0, c_time = 0;
1020 #ifndef OPENSSL_NO_COMP
1021         int comp = 0;
1022         COMP_METHOD *cm = NULL;
1023         STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1024 #endif
1025         int test_cipherlist = 0;
1026 #ifdef OPENSSL_FIPS
1027         int fips_mode=0;
1028 #endif
1029         int no_protocol = 0;
1030
1031         SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
1032         STACK_OF(OPENSSL_STRING) *conf_args = NULL;
1033         const char *arg = NULL, *argn = NULL;
1034
1035         verbose = 0;
1036         debug = 0;
1037         cipher = 0;
1038
1039         bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);     
1040
1041         CRYPTO_set_locking_callback(lock_dbg_cb);
1042
1043         /* enable memory leak checking unless explicitly disabled */
1044         if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
1045                 {
1046                 CRYPTO_malloc_debug_init();
1047                 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1048                 }
1049         else
1050                 {
1051                 /* OPENSSL_DEBUG_MEMORY=off */
1052                 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1053                 }
1054         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1055
1056         RAND_seed(rnd_seed, sizeof rnd_seed);
1057
1058         bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
1059
1060         s_cctx = SSL_CONF_CTX_new();
1061         c_cctx = SSL_CONF_CTX_new();
1062
1063         if (!s_cctx || !c_cctx)
1064                 {
1065                 ERR_print_errors(bio_err);
1066                 goto end;
1067                 }
1068
1069         SSL_CONF_CTX_set_flags(s_cctx,
1070                                SSL_CONF_FLAG_CMDLINE|SSL_CONF_FLAG_SERVER);
1071         if (!SSL_CONF_CTX_set1_prefix(s_cctx, "-s_"))
1072                 {
1073                 ERR_print_errors(bio_err);
1074                 goto end;
1075                 }
1076
1077         SSL_CONF_CTX_set_flags(c_cctx,
1078                                SSL_CONF_FLAG_CMDLINE|SSL_CONF_FLAG_CLIENT);
1079         if (!SSL_CONF_CTX_set1_prefix(c_cctx, "-c_"))
1080                 {
1081                 ERR_print_errors(bio_err);
1082                 goto end;
1083                 }
1084
1085         argc--;
1086         argv++;
1087
1088         while (argc >= 1)
1089                 {
1090                 if(!strcmp(*argv,"-F"))
1091                         {
1092 #ifdef OPENSSL_FIPS
1093                         fips_mode=1;
1094 #else
1095                         fprintf(stderr,"not compiled with FIPS support, so exiting without running.\n");
1096                         EXIT(0);
1097 #endif
1098                         }
1099                 else if (strcmp(*argv,"-server_auth") == 0)
1100                         server_auth=1;
1101                 else if (strcmp(*argv,"-client_auth") == 0)
1102                         client_auth=1;
1103                 else if (strcmp(*argv,"-proxy_auth") == 0)
1104                         {
1105                         if (--argc < 1) goto bad;
1106                         app_verify_arg.proxy_auth= *(++argv);
1107                         }
1108                 else if (strcmp(*argv,"-proxy_cond") == 0)
1109                         {
1110                         if (--argc < 1) goto bad;
1111                         app_verify_arg.proxy_cond= *(++argv);
1112                         }
1113                 else if (strcmp(*argv,"-v") == 0)
1114                         verbose=1;
1115                 else if (strcmp(*argv,"-d") == 0)
1116                         debug=1;
1117                 else if (strcmp(*argv,"-reuse") == 0)
1118                         reuse=1;
1119                 else if (strcmp(*argv,"-dhe1024") == 0)
1120                         {
1121 #ifndef OPENSSL_NO_DH
1122                         dhe1024=1;
1123 #else
1124                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1125 #endif
1126                         }
1127                 else if (strcmp(*argv,"-dhe1024dsa") == 0)
1128                         {
1129 #ifndef OPENSSL_NO_DH
1130                         dhe1024dsa=1;
1131 #else
1132                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1133 #endif
1134                         }
1135                 else if (strcmp(*argv,"-no_dhe") == 0)
1136                         no_dhe=1;
1137                 else if (strcmp(*argv,"-no_ecdhe") == 0)
1138                         no_ecdhe=1;
1139                 else if (strcmp(*argv,"-psk") == 0)
1140                         {
1141                         if (--argc < 1) goto bad;
1142                         psk_key=*(++argv);
1143 #ifndef OPENSSL_NO_PSK
1144                         if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
1145                                 {
1146                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1147                                 goto bad;
1148                                 }
1149 #else
1150                         no_psk=1;
1151 #endif
1152                         }
1153 #ifndef OPENSSL_NO_SRP
1154                 else if (strcmp(*argv,"-srpuser") == 0)
1155                         {
1156                         if (--argc < 1) goto bad;
1157                         srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
1158                         tls1=1;
1159                         }
1160                 else if (strcmp(*argv,"-srppass") == 0)
1161                         {
1162                         if (--argc < 1) goto bad;
1163                         srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
1164                         tls1=1;
1165                         }
1166 #endif
1167                 else if (strcmp(*argv,"-ssl2") == 0)
1168                         {
1169 #ifdef OPENSSL_NO_SSL2
1170                         no_protocol = 1;
1171 #endif
1172                         ssl2 = 1;
1173                         }
1174                 else if (strcmp(*argv,"-tls1") == 0)
1175                         {
1176 #ifdef OPENSSL_NO_TLS1
1177                         no_protocol = 1;
1178 #endif
1179                         tls1 = 1;
1180                         }
1181                 else if (strcmp(*argv,"-ssl3") == 0)
1182                         {
1183 #ifdef OPENSSL_NO_SSL3_METHOD
1184                         no_protocol = 1;
1185 #endif
1186                         ssl3 = 1;
1187                         }
1188                 else if (strncmp(*argv,"-num",4) == 0)
1189                         {
1190                         if (--argc < 1) goto bad;
1191                         number= atoi(*(++argv));
1192                         if (number == 0) number=1;
1193                         }
1194                 else if (strcmp(*argv,"-bytes") == 0)
1195                         {
1196                         if (--argc < 1) goto bad;
1197                         bytes= atol(*(++argv));
1198                         if (bytes == 0L) bytes=1L;
1199                         i=strlen(argv[0]);
1200                         if (argv[0][i-1] == 'k') bytes*=1024L;
1201                         if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
1202                         }
1203                 else if (strcmp(*argv,"-cert") == 0)
1204                         {
1205                         if (--argc < 1) goto bad;
1206                         server_cert= *(++argv);
1207                         }
1208                 else if (strcmp(*argv,"-s_cert") == 0)
1209                         {
1210                         if (--argc < 1) goto bad;
1211                         server_cert= *(++argv);
1212                         }
1213                 else if (strcmp(*argv,"-key") == 0)
1214                         {
1215                         if (--argc < 1) goto bad;
1216                         server_key= *(++argv);
1217                         }
1218                 else if (strcmp(*argv,"-s_key") == 0)
1219                         {
1220                         if (--argc < 1) goto bad;
1221                         server_key= *(++argv);
1222                         }
1223                 else if (strcmp(*argv,"-c_cert") == 0)
1224                         {
1225                         if (--argc < 1) goto bad;
1226                         client_cert= *(++argv);
1227                         }
1228                 else if (strcmp(*argv,"-c_key") == 0)
1229                         {
1230                         if (--argc < 1) goto bad;
1231                         client_key= *(++argv);
1232                         }
1233                 else if (strcmp(*argv,"-cipher") == 0)
1234                         {
1235                         if (--argc < 1) goto bad;
1236                         cipher= *(++argv);
1237                         }
1238                 else if (strcmp(*argv,"-CApath") == 0)
1239                         {
1240                         if (--argc < 1) goto bad;
1241                         CApath= *(++argv);
1242                         }
1243                 else if (strcmp(*argv,"-CAfile") == 0)
1244                         {
1245                         if (--argc < 1) goto bad;
1246                         CAfile= *(++argv);
1247                         }
1248                 else if (strcmp(*argv,"-bio_pair") == 0)
1249                         {
1250                         bio_pair = 1;
1251                         }
1252                 else if (strcmp(*argv,"-f") == 0)
1253                         {
1254                         force = 1;
1255                         }
1256                 else if (strcmp(*argv,"-time") == 0)
1257                         {
1258                         print_time = 1;
1259                         }
1260 #ifndef OPENSSL_NO_COMP
1261                 else if (strcmp(*argv,"-zlib") == 0)
1262                         {
1263                         comp = COMP_ZLIB;
1264                         }
1265                 else if (strcmp(*argv,"-rle") == 0)
1266                         {
1267                         comp = COMP_RLE;
1268                         }
1269 #endif
1270                 else if (strcmp(*argv,"-named_curve") == 0)
1271                         {
1272                         if (--argc < 1) goto bad;
1273 #ifndef OPENSSL_NO_ECDH         
1274                         named_curve = *(++argv);
1275 #else
1276                         fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
1277                         ++argv;
1278 #endif
1279                         }
1280                 else if (strcmp(*argv,"-app_verify") == 0)
1281                         {
1282                         app_verify_arg.app_verify = 1;
1283                         }
1284                 else if (strcmp(*argv,"-proxy") == 0)
1285                         {
1286                         app_verify_arg.allow_proxy_certs = 1;
1287                         }
1288                 else if (strcmp(*argv,"-test_cipherlist") == 0)
1289                         {
1290                         test_cipherlist = 1;
1291                         }
1292 #ifndef OPENSSL_NO_NEXTPROTONEG
1293                 else if (strcmp(*argv,"-npn_client") == 0)
1294                         {
1295                         npn_client = 1;
1296                         }
1297                 else if (strcmp(*argv,"-npn_server") == 0)
1298                         {
1299                         npn_server = 1;
1300                         }
1301                 else if (strcmp(*argv,"-npn_server_reject") == 0)
1302                         {
1303                         npn_server_reject = 1;
1304                         }
1305 #endif
1306                 else if (strcmp(*argv,"-serverinfo_sct") == 0)
1307                         {
1308                         serverinfo_sct = 1;
1309                         }
1310                 else if (strcmp(*argv,"-serverinfo_tack") == 0)
1311                         {
1312                         serverinfo_tack = 1;
1313                         }
1314                 else if (strcmp(*argv,"-serverinfo_file") == 0)
1315                         {
1316                         if (--argc < 1) goto bad;
1317                         serverinfo_file = *(++argv);
1318                         }
1319                 else if (strcmp(*argv,"-custom_ext") == 0)
1320                         {
1321                         custom_ext = 1;
1322                         }
1323                 else if (strcmp(*argv,"-alpn_client") == 0)
1324                         {
1325                         if (--argc < 1) goto bad;
1326                         alpn_client = *(++argv);
1327                         }
1328                 else if (strcmp(*argv,"-alpn_server") == 0)
1329                         {
1330                         if (--argc < 1) goto bad;
1331                         alpn_server = *(++argv);
1332                         }
1333                 else if (strcmp(*argv,"-alpn_expected") == 0)
1334                         {
1335                         if (--argc < 1) goto bad;
1336                         alpn_expected = *(++argv);
1337                         }
1338                 else
1339                         {
1340                         int rv;
1341                         arg = argv[0];
1342                         argn = argv[1];
1343                         /* Try to process command using SSL_CONF */
1344                         rv = SSL_CONF_cmd_argv(c_cctx, &argc, &argv);
1345                         /* If not processed try server */
1346                         if (rv == 0)
1347                                 rv = SSL_CONF_cmd_argv(s_cctx, &argc, &argv);
1348                         /* Recognised: store it for later use */
1349                         if (rv > 0)
1350                                 {
1351                                 if (rv == 1)
1352                                         argn = NULL;
1353                                 if (!conf_args)
1354                                         {
1355                                         conf_args = sk_OPENSSL_STRING_new_null();
1356                                         if (!conf_args)
1357                                                 goto end;
1358                                         }
1359                                 if (!sk_OPENSSL_STRING_push(conf_args, arg))
1360                                         goto end;
1361                                 if (!sk_OPENSSL_STRING_push(conf_args, argn))
1362                                         goto end;
1363                                 continue;
1364                                 }
1365                         if (rv == -3)
1366                                 BIO_printf(bio_err, "Missing argument for %s\n",
1367                                                                         arg);
1368                         else if (rv < 0)
1369                                 BIO_printf(bio_err, "Error with command %s\n",
1370                                                                         arg);
1371                         else if (rv == 0)
1372                                 BIO_printf(bio_err,"unknown option %s\n", arg);
1373                         badop = 1;
1374                         break;
1375                         }
1376                 argc--;
1377                 argv++;
1378                 }
1379         if (badop)
1380                 {
1381 bad:
1382                 sv_usage();
1383                 goto end;
1384                 }
1385
1386         /*
1387          * test_cipherlist prevails over protocol switch: we test the cipherlist
1388          * for all enabled protocols.
1389          */
1390         if (test_cipherlist == 1)
1391                 {
1392                 /* ensure that the cipher list are correctly sorted and exit */
1393                 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1394                         "other options.\n");
1395                 if (do_test_cipherlist() == 0)
1396                         EXIT(1);
1397                 ret = 0;
1398                 goto end;
1399                 }
1400
1401         if (ssl2 + ssl3 + tls1 > 1)
1402                 {
1403                 fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should "
1404                         "be requested.\n");
1405                 EXIT(1);
1406                 }
1407
1408         /*
1409          * Testing was requested for a compiled-out protocol (e.g. SSLv2).
1410          * Ideally, we would error out, but the generic test wrapper can't know
1411          * when to expect failure. So we do nothing and return success.
1412          */
1413         if (no_protocol)
1414                 {
1415                 fprintf(stderr, "Testing was requested for a disabled protocol. "
1416                         "Skipping tests.\n");
1417                 ret = 0;
1418                 goto end;
1419                 }
1420
1421         if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
1422                 {
1423                 fprintf(stderr, "This case cannot work.  Use -f to perform "
1424                         "the test anyway (and\n-d to see what happens), "
1425                         "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
1426                         "to avoid protocol mismatch.\n");
1427                 EXIT(1);
1428                 }
1429
1430 #ifdef OPENSSL_FIPS
1431         if(fips_mode)
1432                 {
1433                 if(!FIPS_mode_set(1))
1434                         {
1435                         ERR_load_crypto_strings();
1436                         ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
1437                         EXIT(1);
1438                         }
1439                 else
1440                         fprintf(stderr,"*** IN FIPS MODE ***\n");
1441                 }
1442 #endif
1443
1444         if (print_time)
1445                 {
1446                 if (!bio_pair)
1447                         {
1448                         fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1449                         bio_pair = 1;
1450                         }
1451                 if (number < 50 && !force)
1452                         fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1453                 }
1454
1455 /*      if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1456
1457         SSL_library_init();
1458         SSL_load_error_strings();
1459
1460 #ifndef OPENSSL_NO_COMP
1461         if (comp == COMP_ZLIB) cm = COMP_zlib();
1462         if (comp == COMP_RLE) cm = COMP_rle();
1463         if (cm != NULL)
1464                 {
1465                 if (cm->type != NID_undef)
1466                         {
1467                         if (SSL_COMP_add_compression_method(comp, cm) != 0)
1468                                 {
1469                                 fprintf(stderr,
1470                                         "Failed to add compression method\n");
1471                                 ERR_print_errors_fp(stderr);
1472                                 }
1473                         }
1474                 else
1475                         {
1476                         fprintf(stderr,
1477                                 "Warning: %s compression not supported\n",
1478                                 (comp == COMP_RLE ? "rle" :
1479                                         (comp == COMP_ZLIB ? "zlib" :
1480                                                 "unknown")));
1481                         ERR_print_errors_fp(stderr);
1482                         }
1483                 }
1484         ssl_comp_methods = SSL_COMP_get_compression_methods();
1485         fprintf(stderr, "Available compression methods:\n");
1486         {
1487         int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1488         if (n == 0)
1489                 fprintf(stderr, "  NONE\n");
1490         else
1491                 for (j = 0; j < n; j++)
1492                         {
1493                         SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1494                         fprintf(stderr, "  %d: %s\n", c->id, c->name);
1495                         }
1496         }
1497 #endif
1498
1499 /* At this point, ssl2/ssl3/tls1 is only set if the protocol is available.
1500  * (Otherwise we exit early.)
1501  * However the compiler doesn't know this, so we ifdef. */
1502 #ifndef OPENSSL_NO_SSL2
1503         if (ssl2)
1504                 meth=SSLv2_method();
1505         else
1506 #endif
1507 #ifndef OPENSSL_NO_SSL3
1508         if (ssl3)
1509                 meth=SSLv3_method();
1510         else
1511 #endif
1512 #ifndef OPENSSL_NO_TLS1
1513         if (tls1)
1514                 meth=TLSv1_method();
1515         else
1516 #endif
1517         meth=SSLv23_method();
1518
1519         c_ctx=SSL_CTX_new(meth);
1520         s_ctx=SSL_CTX_new(meth);
1521         if ((c_ctx == NULL) || (s_ctx == NULL))
1522                 {
1523                 ERR_print_errors(bio_err);
1524                 goto end;
1525                 }
1526         /* Since we will use low security ciphersuites and keys for
1527          * testing set security level to zero.
1528          */
1529         SSL_CTX_set_security_level(c_ctx, 0);
1530         SSL_CTX_set_security_level(s_ctx, 0);
1531
1532         if (cipher != NULL)
1533                 {
1534                 SSL_CTX_set_cipher_list(c_ctx,cipher);
1535                 SSL_CTX_set_cipher_list(s_ctx,cipher);
1536                 }
1537
1538         /* Process SSL_CONF arguments */
1539         SSL_CONF_CTX_set_ssl_ctx(c_cctx, c_ctx);
1540         SSL_CONF_CTX_set_ssl_ctx(s_cctx, s_ctx);
1541
1542         for (i = 0; i < sk_OPENSSL_STRING_num(conf_args); i += 2)
1543                 {
1544                 int rv;
1545                 arg = sk_OPENSSL_STRING_value(conf_args, i);
1546                 argn = sk_OPENSSL_STRING_value(conf_args, i + 1);
1547                 rv = SSL_CONF_cmd(c_cctx, arg, argn);
1548                 /* If not recognised use server context */
1549                 if (rv == -2)
1550                         rv = SSL_CONF_cmd(s_cctx, arg, argn);
1551                 if (rv <= 0)
1552                         {
1553                         BIO_printf(bio_err, "Error processing %s %s\n",
1554                                                 arg, argn ? argn : "");
1555                         ERR_print_errors(bio_err);
1556                         goto end;
1557                         }
1558                 }
1559
1560         if (!SSL_CONF_CTX_finish(s_cctx) || !SSL_CONF_CTX_finish(c_cctx))
1561                 {
1562                 BIO_puts(bio_err, "Error finishing context\n");
1563                 ERR_print_errors(bio_err);
1564                 goto end;
1565                 }
1566
1567 #ifndef OPENSSL_NO_DH
1568         if (!no_dhe)
1569                 {
1570                 if (dhe1024dsa)
1571                         {
1572                         /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
1573                         SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1574                         dh=get_dh1024dsa();
1575                         }
1576                 else if (dhe1024)
1577                         dh=get_dh1024();
1578                 else
1579                         dh=get_dh512();
1580                 SSL_CTX_set_tmp_dh(s_ctx,dh);
1581                 DH_free(dh);
1582                 }
1583 #else
1584         (void)no_dhe;
1585 #endif
1586
1587 #ifndef OPENSSL_NO_ECDH
1588         if (!no_ecdhe)
1589                 {
1590                 int nid;
1591
1592                 if (named_curve != NULL)
1593                         {
1594                         nid = OBJ_sn2nid(named_curve);
1595                         if (nid == 0)
1596                         {
1597                                 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1598                                 goto end;
1599                                 }
1600                         }
1601                 else
1602 #ifdef OPENSSL_NO_EC2M
1603                         nid = NID_X9_62_prime256v1;
1604 #else
1605                         nid = NID_sect163r2;
1606 #endif
1607
1608                 ecdh = EC_KEY_new_by_curve_name(nid);
1609                 if (ecdh == NULL)
1610                         {
1611                         BIO_printf(bio_err, "unable to create curve\n");
1612                         goto end;
1613                         }
1614
1615                 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1616                 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1617                 EC_KEY_free(ecdh);
1618                 }
1619 #else
1620         (void)no_ecdhe;
1621 #endif
1622
1623 #ifndef OPENSSL_NO_RSA
1624         SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
1625 #endif
1626
1627 #ifdef TLSEXT_TYPE_opaque_prf_input
1628         SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1629         SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1630         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
1631         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
1632 #endif
1633
1634         if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
1635                 {
1636                 ERR_print_errors(bio_err);
1637                 }
1638         else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1639                 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
1640                 {
1641                 ERR_print_errors(bio_err);
1642                 goto end;
1643                 }
1644
1645         if (client_auth)
1646                 {
1647                 SSL_CTX_use_certificate_file(c_ctx,client_cert,
1648                         SSL_FILETYPE_PEM);
1649                 SSL_CTX_use_PrivateKey_file(c_ctx,
1650                         (client_key?client_key:client_cert),
1651                         SSL_FILETYPE_PEM);
1652                 }
1653
1654         if (    (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
1655                 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1656                 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
1657                 (!SSL_CTX_set_default_verify_paths(c_ctx)))
1658                 {
1659                 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1660                 ERR_print_errors(bio_err);
1661                 /* goto end; */
1662                 }
1663
1664         if (client_auth)
1665                 {
1666                 BIO_printf(bio_err,"client authentication\n");
1667                 SSL_CTX_set_verify(s_ctx,
1668                         SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1669                         verify_callback);
1670                 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1671                 }
1672         if (server_auth)
1673                 {
1674                 BIO_printf(bio_err,"server authentication\n");
1675                 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1676                         verify_callback);
1677                 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1678                 }
1679         
1680         {
1681                 int session_id_context = 0;
1682                 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1683         }
1684
1685         /* Use PSK only if PSK key is given */
1686         if (psk_key != NULL)
1687                 {
1688                 /* no_psk is used to avoid putting psk command to openssl tool */
1689                 if (no_psk)
1690                         {
1691                         /* if PSK is not compiled in and psk key is
1692                          * given, do nothing and exit successfully */
1693                         ret=0;
1694                         goto end;
1695                         }
1696 #ifndef OPENSSL_NO_PSK
1697                 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1698                 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1699                 if (debug)
1700                         BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1701                 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1702                         {
1703                         BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1704                         ERR_print_errors(bio_err);
1705                         goto end;
1706                         }
1707 #endif
1708                 }
1709 #ifndef OPENSSL_NO_SRP
1710         if (srp_client_arg.srplogin)
1711                 {
1712                 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
1713                         {
1714                         BIO_printf(bio_err,"Unable to set SRP username\n");
1715                         goto end;
1716                         }
1717                 SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
1718                 SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
1719                 /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
1720                 }
1721
1722         if (srp_server_arg.expected_user != NULL)
1723                 {
1724                 SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
1725                 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1726                 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1727                 }
1728 #endif
1729
1730 #ifndef OPENSSL_NO_NEXTPROTONEG
1731         if (npn_client)
1732                 {
1733                 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1734                 }
1735         if (npn_server)
1736                 {
1737                 if (npn_server_reject)
1738                         {
1739                         BIO_printf(bio_err, "Can't have both -npn_server and -npn_server_reject\n");
1740                         goto end;
1741                         }
1742                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1743                 }
1744         if (npn_server_reject)
1745                 {
1746                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1747                 }
1748 #endif
1749
1750         if (serverinfo_sct)
1751                 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1752                                               NULL, NULL, NULL,
1753                                               serverinfo_cli_parse_cb, NULL);
1754         if (serverinfo_tack)
1755                 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1756                                               NULL, NULL, NULL,
1757                                               serverinfo_cli_parse_cb, NULL);
1758
1759         if (serverinfo_file)
1760                 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file))
1761                         {
1762                         BIO_printf(bio_err, "missing serverinfo file\n");
1763                         goto end;
1764                         }
1765
1766         if (custom_ext)
1767                 {
1768                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0, 
1769                                               custom_ext_0_cli_add_cb,
1770                                               NULL, NULL,
1771                                               custom_ext_0_cli_parse_cb, NULL);
1772                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1, 
1773                                               custom_ext_1_cli_add_cb,
1774                                               NULL, NULL,
1775                                               custom_ext_1_cli_parse_cb, NULL);
1776                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2, 
1777                                               custom_ext_2_cli_add_cb,
1778                                               NULL, NULL,
1779                                               custom_ext_2_cli_parse_cb, NULL);
1780                 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3, 
1781                                               custom_ext_3_cli_add_cb,
1782                                               NULL, NULL,
1783                                               custom_ext_3_cli_parse_cb, NULL);
1784
1785
1786                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0, 
1787                                               custom_ext_0_srv_add_cb,
1788                                               NULL, NULL,
1789                                               custom_ext_0_srv_parse_cb, NULL);
1790                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1, 
1791                                               custom_ext_1_srv_add_cb,
1792                                               NULL, NULL,
1793                                               custom_ext_1_srv_parse_cb, NULL);
1794                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2, 
1795                                               custom_ext_2_srv_add_cb,
1796                                               NULL, NULL,
1797                                               custom_ext_2_srv_parse_cb, NULL);
1798                 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3, 
1799                                               custom_ext_3_srv_add_cb,
1800                                               NULL, NULL,
1801                                               custom_ext_3_srv_parse_cb, NULL);
1802                 }
1803
1804         if (alpn_server)
1805                 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1806
1807         if (alpn_client)
1808                 {
1809                 unsigned short alpn_len;
1810                 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1811
1812                 if (alpn == NULL)
1813                         {
1814                         BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1815                         goto end;
1816                         }
1817                 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1818                 OPENSSL_free(alpn);
1819                 }
1820
1821         c_ssl=SSL_new(c_ctx);
1822         s_ssl=SSL_new(s_ctx);
1823
1824 #ifndef OPENSSL_NO_KRB5
1825         if (c_ssl  &&  c_ssl->kssl_ctx)
1826                 {
1827                 char    localhost[MAXHOSTNAMELEN+2];
1828
1829                 if (gethostname(localhost, sizeof localhost-1) == 0)
1830                         {
1831                         localhost[sizeof localhost-1]='\0';
1832                         if(strlen(localhost) == sizeof localhost-1)
1833                                 {
1834                                 BIO_printf(bio_err,"localhost name too long\n");
1835                                 goto end;
1836                                 }
1837                         kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1838                                 localhost);
1839                         }
1840                 }
1841 #endif    /* OPENSSL_NO_KRB5  */
1842
1843         for (i=0; i<number; i++)
1844                 {
1845                 if (!reuse) SSL_set_session(c_ssl,NULL);
1846                 if (bio_pair)
1847                         ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1848                 else
1849                         ret=doit(s_ssl,c_ssl,bytes);
1850                 }
1851
1852         if (!verbose)
1853                 {
1854                 print_details(c_ssl, "");
1855                 }
1856         if ((number > 1) || (bytes > 1L))
1857                 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1858         if (print_time)
1859                 {
1860 #ifdef CLOCKS_PER_SEC
1861                 /* "To determine the time in seconds, the value returned
1862                  * by the clock function should be divided by the value
1863                  * of the macro CLOCKS_PER_SEC."
1864                  *                                       -- ISO/IEC 9899 */
1865                 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1866                         "Approximate total client time: %6.2f s\n",
1867                         (double)s_time/CLOCKS_PER_SEC,
1868                         (double)c_time/CLOCKS_PER_SEC);
1869 #else
1870                 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
1871                  *                            -- cc on NeXTstep/OpenStep */
1872                 BIO_printf(bio_stdout,
1873                         "Approximate total server time: %6.2f units\n"
1874                         "Approximate total client time: %6.2f units\n",
1875                         (double)s_time,
1876                         (double)c_time);
1877 #endif
1878                 }
1879
1880         SSL_free(s_ssl);
1881         SSL_free(c_ssl);
1882
1883 end:
1884         if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1885         if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1886
1887         if (s_cctx)
1888                 SSL_CONF_CTX_free(s_cctx);
1889         if (c_cctx)
1890                 SSL_CONF_CTX_free(c_cctx);
1891         sk_OPENSSL_STRING_free(conf_args);
1892
1893         if (bio_stdout != NULL) BIO_free(bio_stdout);
1894
1895 #ifndef OPENSSL_NO_RSA
1896         free_tmp_rsa();
1897 #endif
1898 #ifndef OPENSSL_NO_ENGINE
1899         ENGINE_cleanup();
1900 #endif
1901         CRYPTO_cleanup_all_ex_data();
1902         ERR_free_strings();
1903         ERR_remove_thread_state(NULL);
1904         EVP_cleanup();
1905         CRYPTO_mem_leaks(bio_err);
1906         if (bio_err != NULL) BIO_free(bio_err);
1907         EXIT(ret);
1908         return ret;
1909         }
1910
1911 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1912         clock_t *s_time, clock_t *c_time)
1913         {
1914         long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1915         BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1916         BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1917         int ret = 1;
1918         
1919         size_t bufsiz = 256; /* small buffer for testing */
1920
1921         if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1922                 goto err;
1923         if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1924                 goto err;
1925         
1926         s_ssl_bio = BIO_new(BIO_f_ssl());
1927         if (!s_ssl_bio)
1928                 goto err;
1929
1930         c_ssl_bio = BIO_new(BIO_f_ssl());
1931         if (!c_ssl_bio)
1932                 goto err;
1933
1934         SSL_set_connect_state(c_ssl);
1935         SSL_set_bio(c_ssl, client, client);
1936         (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1937
1938         SSL_set_accept_state(s_ssl);
1939         SSL_set_bio(s_ssl, server, server);
1940         (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1941
1942         do
1943                 {
1944                 /* c_ssl_bio:          SSL filter BIO
1945                  *
1946                  * client:             pseudo-I/O for SSL library
1947                  *
1948                  * client_io:          client's SSL communication; usually to be
1949                  *                     relayed over some I/O facility, but in this
1950                  *                     test program, we're the server, too:
1951                  *
1952                  * server_io:          server's SSL communication
1953                  *
1954                  * server:             pseudo-I/O for SSL library
1955                  *
1956                  * s_ssl_bio:          SSL filter BIO
1957                  *
1958                  * The client and the server each employ a "BIO pair":
1959                  * client + client_io, server + server_io.
1960                  * BIO pairs are symmetric.  A BIO pair behaves similar
1961                  * to a non-blocking socketpair (but both endpoints must
1962                  * be handled by the same thread).
1963                  * [Here we could connect client and server to the ends
1964                  * of a single BIO pair, but then this code would be less
1965                  * suitable as an example for BIO pairs in general.]
1966                  *
1967                  * Useful functions for querying the state of BIO pair endpoints:
1968                  *
1969                  * BIO_ctrl_pending(bio)              number of bytes we can read now
1970                  * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
1971                  *                                      other side's read attempt
1972                  * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
1973                  *
1974                  * ..._read_request is never more than ..._write_guarantee;
1975                  * it depends on the application which one you should use.
1976                  */
1977
1978                 /* We have non-blocking behaviour throughout this test program, but
1979                  * can be sure that there is *some* progress in each iteration; so
1980                  * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1981                  * -- we just try everything in each iteration
1982                  */
1983
1984                         {
1985                         /* CLIENT */
1986                 
1987                         MS_STATIC char cbuf[1024*8];
1988                         int i, r;
1989                         clock_t c_clock = clock();
1990
1991                         memset(cbuf, 0, sizeof(cbuf));
1992
1993                         if (debug)
1994                                 if (SSL_in_init(c_ssl))
1995                                         printf("client waiting in SSL_connect - %s\n",
1996                                                 SSL_state_string_long(c_ssl));
1997
1998                         if (cw_num > 0)
1999                                 {
2000                                 /* Write to server. */
2001                                 
2002                                 if (cw_num > (long)sizeof cbuf)
2003                                         i = sizeof cbuf;
2004                                 else
2005                                         i = (int)cw_num;
2006                                 r = BIO_write(c_ssl_bio, cbuf, i);
2007                                 if (r < 0)
2008                                         {
2009                                         if (!BIO_should_retry(c_ssl_bio))
2010                                                 {
2011                                                 fprintf(stderr,"ERROR in CLIENT\n");
2012                                                 goto err;
2013                                                 }
2014                                         /* BIO_should_retry(...) can just be ignored here.
2015                                          * The library expects us to call BIO_write with
2016                                          * the same arguments again, and that's what we will
2017                                          * do in the next iteration. */
2018                                         }
2019                                 else if (r == 0)
2020                                         {
2021                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2022                                         goto err;
2023                                         }
2024                                 else
2025                                         {
2026                                         if (debug)
2027                                                 printf("client wrote %d\n", r);
2028                                         cw_num -= r;                            
2029                                         }
2030                                 }
2031
2032                         if (cr_num > 0)
2033                                 {
2034                                 /* Read from server. */
2035
2036                                 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2037                                 if (r < 0)
2038                                         {
2039                                         if (!BIO_should_retry(c_ssl_bio))
2040                                                 {
2041                                                 fprintf(stderr,"ERROR in CLIENT\n");
2042                                                 goto err;
2043                                                 }
2044                                         /* Again, "BIO_should_retry" can be ignored. */
2045                                         }
2046                                 else if (r == 0)
2047                                         {
2048                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2049                                         goto err;
2050                                         }
2051                                 else
2052                                         {
2053                                         if (debug)
2054                                                 printf("client read %d\n", r);
2055                                         cr_num -= r;
2056                                         }
2057                                 }
2058
2059                         /* c_time and s_time increments will typically be very small
2060                          * (depending on machine speed and clock tick intervals),
2061                          * but sampling over a large number of connections should
2062                          * result in fairly accurate figures.  We cannot guarantee
2063                          * a lot, however -- if each connection lasts for exactly
2064                          * one clock tick, it will be counted only for the client
2065                          * or only for the server or even not at all.
2066                          */
2067                         *c_time += (clock() - c_clock);
2068                         }
2069
2070                         {
2071                         /* SERVER */
2072                 
2073                         MS_STATIC char sbuf[1024*8];
2074                         int i, r;
2075                         clock_t s_clock = clock();
2076
2077                         memset(sbuf, 0, sizeof(sbuf));
2078
2079                         if (debug)
2080                                 if (SSL_in_init(s_ssl))
2081                                         printf("server waiting in SSL_accept - %s\n",
2082                                                 SSL_state_string_long(s_ssl));
2083
2084                         if (sw_num > 0)
2085                                 {
2086                                 /* Write to client. */
2087                                 
2088                                 if (sw_num > (long)sizeof sbuf)
2089                                         i = sizeof sbuf;
2090                                 else
2091                                         i = (int)sw_num;
2092                                 r = BIO_write(s_ssl_bio, sbuf, i);
2093                                 if (r < 0)
2094                                         {
2095                                         if (!BIO_should_retry(s_ssl_bio))
2096                                                 {
2097                                                 fprintf(stderr,"ERROR in SERVER\n");
2098                                                 goto err;
2099                                                 }
2100                                         /* Ignore "BIO_should_retry". */
2101                                         }
2102                                 else if (r == 0)
2103                                         {
2104                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2105                                         goto err;
2106                                         }
2107                                 else
2108                                         {
2109                                         if (debug)
2110                                                 printf("server wrote %d\n", r);
2111                                         sw_num -= r;                            
2112                                         }
2113                                 }
2114
2115                         if (sr_num > 0)
2116                                 {
2117                                 /* Read from client. */
2118
2119                                 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2120                                 if (r < 0)
2121                                         {
2122                                         if (!BIO_should_retry(s_ssl_bio))
2123                                                 {
2124                                                 fprintf(stderr,"ERROR in SERVER\n");
2125                                                 goto err;
2126                                                 }
2127                                         /* blah, blah */
2128                                         }
2129                                 else if (r == 0)
2130                                         {
2131                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2132                                         goto err;
2133                                         }
2134                                 else
2135                                         {
2136                                         if (debug)
2137                                                 printf("server read %d\n", r);
2138                                         sr_num -= r;
2139                                         }
2140                                 }
2141
2142                         *s_time += (clock() - s_clock);
2143                         }
2144                         
2145                         {
2146                         /* "I/O" BETWEEN CLIENT AND SERVER. */
2147
2148                         size_t r1, r2;
2149                         BIO *io1 = server_io, *io2 = client_io;
2150                         /* we use the non-copying interface for io1
2151                          * and the standard BIO_write/BIO_read interface for io2
2152                          */
2153                         
2154                         static int prev_progress = 1;
2155                         int progress = 0;
2156                         
2157                         /* io1 to io2 */
2158                         do
2159                                 {
2160                                 size_t num;
2161                                 int r;
2162
2163                                 r1 = BIO_ctrl_pending(io1);
2164                                 r2 = BIO_ctrl_get_write_guarantee(io2);
2165
2166                                 num = r1;
2167                                 if (r2 < num)
2168                                         num = r2;
2169                                 if (num)
2170                                         {
2171                                         char *dataptr;
2172
2173                                         if (INT_MAX < num) /* yeah, right */
2174                                                 num = INT_MAX;
2175                                         
2176                                         r = BIO_nread(io1, &dataptr, (int)num);
2177                                         assert(r > 0);
2178                                         assert(r <= (int)num);
2179                                         /* possibly r < num (non-contiguous data) */
2180                                         num = r;
2181                                         r = BIO_write(io2, dataptr, (int)num);
2182                                         if (r != (int)num) /* can't happen */
2183                                                 {
2184                                                 fprintf(stderr, "ERROR: BIO_write could not write "
2185                                                         "BIO_ctrl_get_write_guarantee() bytes");
2186                                                 goto err;
2187                                                 }
2188                                         progress = 1;
2189
2190                                         if (debug)
2191                                                 printf((io1 == client_io) ?
2192                                                         "C->S relaying: %d bytes\n" :
2193                                                         "S->C relaying: %d bytes\n",
2194                                                         (int)num);
2195                                         }
2196                                 }
2197                         while (r1 && r2);
2198
2199                         /* io2 to io1 */
2200                         {
2201                                 size_t num;
2202                                 int r;
2203
2204                                 r1 = BIO_ctrl_pending(io2);
2205                                 r2 = BIO_ctrl_get_read_request(io1);
2206                                 /* here we could use ..._get_write_guarantee instead of
2207                                  * ..._get_read_request, but by using the latter
2208                                  * we test restartability of the SSL implementation
2209                                  * more thoroughly */
2210                                 num = r1;
2211                                 if (r2 < num)
2212                                         num = r2;
2213                                 if (num)
2214                                         {
2215                                         char *dataptr;
2216                                         
2217                                         if (INT_MAX < num)
2218                                                 num = INT_MAX;
2219
2220                                         if (num > 1)
2221                                                 --num; /* test restartability even more thoroughly */
2222                                         
2223                                         r = BIO_nwrite0(io1, &dataptr);
2224                                         assert(r > 0);
2225                                         if (r < (int)num)
2226                                                 num = r;
2227                                         r = BIO_read(io2, dataptr, (int)num);
2228                                         if (r != (int)num) /* can't happen */
2229                                                 {
2230                                                 fprintf(stderr, "ERROR: BIO_read could not read "
2231                                                         "BIO_ctrl_pending() bytes");
2232                                                 goto err;
2233                                                 }
2234                                         progress = 1;
2235                                         r = BIO_nwrite(io1, &dataptr, (int)num);
2236                                         if (r != (int)num) /* can't happen */
2237                                                 {
2238                                                 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2239                                                         "BIO_nwrite0() bytes");
2240                                                 goto err;
2241                                                 }
2242                                         
2243                                         if (debug)
2244                                                 printf((io2 == client_io) ?
2245                                                         "C->S relaying: %d bytes\n" :
2246                                                         "S->C relaying: %d bytes\n",
2247                                                         (int)num);
2248                                         }
2249                         } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
2250
2251                         if (!progress && !prev_progress)
2252                                 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
2253                                         {
2254                                         fprintf(stderr, "ERROR: got stuck\n");
2255                                         if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
2256                                                 {
2257                                                 fprintf(stderr, "This can happen for SSL2 because "
2258                                                         "CLIENT-FINISHED and SERVER-VERIFY are written \n"
2259                                                         "concurrently ...");
2260                                                 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
2261                                                         && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
2262                                                         {
2263                                                         fprintf(stderr, " ok.\n");
2264                                                         goto end;
2265                                                         }
2266                                                 }
2267                                         fprintf(stderr, " ERROR.\n");
2268                                         goto err;
2269                                         }
2270                         prev_progress = progress;
2271                         }
2272                 }
2273         while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2274
2275         if (verbose)
2276                 print_details(c_ssl, "DONE via BIO pair: ");
2277 #ifndef OPENSSL_NO_NEXTPROTONEG
2278         if (verify_npn(c_ssl, s_ssl) < 0)
2279                 {
2280                 ret = 1;
2281                 goto end;
2282                 }
2283 #endif
2284         if (verify_serverinfo() < 0)
2285                 {
2286                 fprintf(stderr, "Server info verify error\n");
2287                 ret = 1;
2288                 goto err;
2289                 }
2290         if (verify_alpn(c_ssl, s_ssl) < 0)
2291                 {
2292                 ret = 1;
2293                 goto err;
2294                 }
2295
2296         if (custom_ext_error)
2297                 {
2298                 fprintf(stderr, "Custom extension error\n");
2299                 ret = 1;
2300                 goto err;
2301                 }
2302
2303 end:
2304         ret = 0;
2305
2306  err:
2307         ERR_print_errors(bio_err);
2308         
2309         if (server)
2310                 BIO_free(server);
2311         if (server_io)
2312                 BIO_free(server_io);
2313         if (client)
2314                 BIO_free(client);
2315         if (client_io)
2316                 BIO_free(client_io);
2317         if (s_ssl_bio)
2318                 BIO_free(s_ssl_bio);
2319         if (c_ssl_bio)
2320                 BIO_free(c_ssl_bio);
2321
2322         return ret;
2323         }
2324
2325
2326 #define W_READ  1
2327 #define W_WRITE 2
2328 #define C_DONE  1
2329 #define S_DONE  2
2330
2331 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2332         {
2333         char *cbuf=NULL,*sbuf=NULL;
2334         long bufsiz;
2335         long cw_num=count,cr_num=count;
2336         long sw_num=count,sr_num=count;
2337         int ret=1;
2338         BIO *c_to_s=NULL;
2339         BIO *s_to_c=NULL;
2340         BIO *c_bio=NULL;
2341         BIO *s_bio=NULL;
2342         int c_r,c_w,s_r,s_w;
2343         int i,j;
2344         int done=0;
2345         int c_write,s_write;
2346         int do_server=0,do_client=0;
2347         int max_frag = 5*1024;
2348
2349         bufsiz = count>40*1024 ? 40*1024 : count;
2350
2351         if ((cbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2352         if ((sbuf = OPENSSL_malloc(bufsiz))==NULL) goto err;
2353
2354         memset(cbuf,0,bufsiz);
2355         memset(sbuf,0,bufsiz);
2356
2357         c_to_s=BIO_new(BIO_s_mem());
2358         s_to_c=BIO_new(BIO_s_mem());
2359         if ((s_to_c == NULL) || (c_to_s == NULL))
2360                 {
2361                 ERR_print_errors(bio_err);
2362                 goto err;
2363                 }
2364
2365         c_bio=BIO_new(BIO_f_ssl());
2366         s_bio=BIO_new(BIO_f_ssl());
2367         if ((c_bio == NULL) || (s_bio == NULL))
2368                 {
2369                 ERR_print_errors(bio_err);
2370                 goto err;
2371                 }
2372
2373         SSL_set_connect_state(c_ssl);
2374         SSL_set_bio(c_ssl,s_to_c,c_to_s);
2375         SSL_set_max_send_fragment(c_ssl,max_frag);
2376         BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
2377
2378         SSL_set_accept_state(s_ssl);
2379         SSL_set_bio(s_ssl,c_to_s,s_to_c);
2380         SSL_set_max_send_fragment(s_ssl,max_frag);
2381         BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
2382
2383         c_r=0; s_r=1;
2384         c_w=1; s_w=0;
2385         c_write=1,s_write=0;
2386
2387         /* We can always do writes */
2388         for (;;)
2389                 {
2390                 do_server=0;
2391                 do_client=0;
2392
2393                 i=(int)BIO_pending(s_bio);
2394                 if ((i && s_r) || s_w) do_server=1;
2395
2396                 i=(int)BIO_pending(c_bio);
2397                 if ((i && c_r) || c_w) do_client=1;
2398
2399                 if (do_server && debug)
2400                         {
2401                         if (SSL_in_init(s_ssl))
2402                                 printf("server waiting in SSL_accept - %s\n",
2403                                         SSL_state_string_long(s_ssl));
2404 /*                      else if (s_write)
2405                                 printf("server:SSL_write()\n");
2406                         else
2407                                 printf("server:SSL_read()\n"); */
2408                         }
2409
2410                 if (do_client && debug)
2411                         {
2412                         if (SSL_in_init(c_ssl))
2413                                 printf("client waiting in SSL_connect - %s\n",
2414                                         SSL_state_string_long(c_ssl));
2415 /*                      else if (c_write)
2416                                 printf("client:SSL_write()\n");
2417                         else
2418                                 printf("client:SSL_read()\n"); */
2419                         }
2420
2421                 if (!do_client && !do_server)
2422                         {
2423                         fprintf(stdout,"ERROR IN STARTUP\n");
2424                         ERR_print_errors(bio_err);
2425                         break;
2426                         }
2427                 if (do_client && !(done & C_DONE))
2428                         {
2429                         if (c_write)
2430                                 {
2431                                 j = (cw_num > bufsiz) ?
2432                                         (int)bufsiz : (int)cw_num;
2433                                 i=BIO_write(c_bio,cbuf,j);
2434                                 if (i < 0)
2435                                         {
2436                                         c_r=0;
2437                                         c_w=0;
2438                                         if (BIO_should_retry(c_bio))
2439                                                 {
2440                                                 if (BIO_should_read(c_bio))
2441                                                         c_r=1;
2442                                                 if (BIO_should_write(c_bio))
2443                                                         c_w=1;
2444                                                 }
2445                                         else
2446                                                 {
2447                                                 fprintf(stderr,"ERROR in CLIENT\n");
2448                                                 ERR_print_errors(bio_err);
2449                                                 goto err;
2450                                                 }
2451                                         }
2452                                 else if (i == 0)
2453                                         {
2454                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2455                                         goto err;
2456                                         }
2457                                 else
2458                                         {
2459                                         if (debug)
2460                                                 printf("client wrote %d\n",i);
2461                                         /* ok */
2462                                         s_r=1;
2463                                         c_write=0;
2464                                         cw_num-=i;
2465                                         if (max_frag>1029)
2466                                                 SSL_set_max_send_fragment(c_ssl,max_frag-=5);
2467                                         }
2468                                 }
2469                         else
2470                                 {
2471                                 i=BIO_read(c_bio,cbuf,bufsiz);
2472                                 if (i < 0)
2473                                         {
2474                                         c_r=0;
2475                                         c_w=0;
2476                                         if (BIO_should_retry(c_bio))
2477                                                 {
2478                                                 if (BIO_should_read(c_bio))
2479                                                         c_r=1;
2480                                                 if (BIO_should_write(c_bio))
2481                                                         c_w=1;
2482                                                 }
2483                                         else
2484                                                 {
2485                                                 fprintf(stderr,"ERROR in CLIENT\n");
2486                                                 ERR_print_errors(bio_err);
2487                                                 goto err;
2488                                                 }
2489                                         }
2490                                 else if (i == 0)
2491                                         {
2492                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2493                                         goto err;
2494                                         }
2495                                 else
2496                                         {
2497                                         if (debug)
2498                                                 printf("client read %d\n",i);
2499                                         cr_num-=i;
2500                                         if (sw_num > 0)
2501                                                 {
2502                                                 s_write=1;
2503                                                 s_w=1;
2504                                                 }
2505                                         if (cr_num <= 0)
2506                                                 {
2507                                                 s_write=1;
2508                                                 s_w=1;
2509                                                 done=S_DONE|C_DONE;
2510                                                 }
2511                                         }
2512                                 }
2513                         }
2514
2515                 if (do_server && !(done & S_DONE))
2516                         {
2517                         if (!s_write)
2518                                 {
2519                                 i=BIO_read(s_bio,sbuf,bufsiz);
2520                                 if (i < 0)
2521                                         {
2522                                         s_r=0;
2523                                         s_w=0;
2524                                         if (BIO_should_retry(s_bio))
2525                                                 {
2526                                                 if (BIO_should_read(s_bio))
2527                                                         s_r=1;
2528                                                 if (BIO_should_write(s_bio))
2529                                                         s_w=1;
2530                                                 }
2531                                         else
2532                                                 {
2533                                                 fprintf(stderr,"ERROR in SERVER\n");
2534                                                 ERR_print_errors(bio_err);
2535                                                 goto err;
2536                                                 }
2537                                         }
2538                                 else if (i == 0)
2539                                         {
2540                                         ERR_print_errors(bio_err);
2541                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
2542                                         goto err;
2543                                         }
2544                                 else
2545                                         {
2546                                         if (debug)
2547                                                 printf("server read %d\n",i);
2548                                         sr_num-=i;
2549                                         if (cw_num > 0)
2550                                                 {
2551                                                 c_write=1;
2552                                                 c_w=1;
2553                                                 }
2554                                         if (sr_num <= 0)
2555                                                 {
2556                                                 s_write=1;
2557                                                 s_w=1;
2558                                                 c_write=0;
2559                                                 }
2560                                         }
2561                                 }
2562                         else
2563                                 {
2564                                 j = (sw_num > bufsiz) ?
2565                                         (int)bufsiz : (int)sw_num;
2566                                 i=BIO_write(s_bio,sbuf,j);
2567                                 if (i < 0)
2568                                         {
2569                                         s_r=0;
2570                                         s_w=0;
2571                                         if (BIO_should_retry(s_bio))
2572                                                 {
2573                                                 if (BIO_should_read(s_bio))
2574                                                         s_r=1;
2575                                                 if (BIO_should_write(s_bio))
2576                                                         s_w=1;
2577                                                 }
2578                                         else
2579                                                 {
2580                                                 fprintf(stderr,"ERROR in SERVER\n");
2581                                                 ERR_print_errors(bio_err);
2582                                                 goto err;
2583                                                 }
2584                                         }
2585                                 else if (i == 0)
2586                                         {
2587                                         ERR_print_errors(bio_err);
2588                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
2589                                         goto err;
2590                                         }
2591                                 else
2592                                         {
2593                                         if (debug)
2594                                                 printf("server wrote %d\n",i);
2595                                         sw_num-=i;
2596                                         s_write=0;
2597                                         c_r=1;
2598                                         if (sw_num <= 0)
2599                                                 done|=S_DONE;
2600                                         if (max_frag>1029)
2601                                                 SSL_set_max_send_fragment(s_ssl,max_frag-=5);
2602                                         }
2603                                 }
2604                         }
2605
2606                 if ((done & S_DONE) && (done & C_DONE)) break;
2607                 }
2608
2609         if (verbose)
2610                 print_details(c_ssl, "DONE: ");
2611 #ifndef OPENSSL_NO_NEXTPROTONEG
2612         if (verify_npn(c_ssl, s_ssl) < 0)
2613                 {
2614                 ret = 1;
2615                 goto err;
2616                 }
2617 #endif
2618         if (verify_serverinfo() < 0)
2619                 {
2620                 fprintf(stderr, "Server info verify error\n");
2621                 ret = 1;
2622                 goto err;
2623                 }
2624         if (custom_ext_error)
2625                 {
2626                 fprintf(stderr, "Custom extension error\n");
2627                 ret = 1;
2628                 goto err;
2629                 }
2630         ret=0;
2631 err:
2632         /* We have to set the BIO's to NULL otherwise they will be
2633          * OPENSSL_free()ed twice.  Once when th s_ssl is SSL_free()ed and
2634          * again when c_ssl is SSL_free()ed.
2635          * This is a hack required because s_ssl and c_ssl are sharing the same
2636          * BIO structure and SSL_set_bio() and SSL_free() automatically
2637          * BIO_free non NULL entries.
2638          * You should not normally do this or be required to do this */
2639         if (s_ssl != NULL)
2640                 {
2641                 s_ssl->rbio=NULL;
2642                 s_ssl->wbio=NULL;
2643                 }
2644         if (c_ssl != NULL)
2645                 {
2646                 c_ssl->rbio=NULL;
2647                 c_ssl->wbio=NULL;
2648                 }
2649
2650         if (c_to_s != NULL) BIO_free(c_to_s);
2651         if (s_to_c != NULL) BIO_free(s_to_c);
2652         if (c_bio != NULL) BIO_free_all(c_bio);
2653         if (s_bio != NULL) BIO_free_all(s_bio);
2654
2655         if (cbuf) OPENSSL_free(cbuf);
2656         if (sbuf) OPENSSL_free(sbuf);
2657
2658         return(ret);
2659         }
2660
2661 static int get_proxy_auth_ex_data_idx(void)
2662         {
2663         static volatile int idx = -1;
2664         if (idx < 0)
2665                 {
2666                 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2667                 if (idx < 0)
2668                         {
2669                         idx = X509_STORE_CTX_get_ex_new_index(0,
2670                                 "SSLtest for verify callback", NULL,NULL,NULL);
2671                         }
2672                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2673                 }
2674         return idx;
2675         }
2676
2677 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2678         {
2679         char *s,buf[256];
2680
2681         s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
2682                             sizeof buf);
2683         if (s != NULL)
2684                 {
2685                 if (ok)
2686                         fprintf(stderr,"depth=%d %s\n",
2687                                 ctx->error_depth,buf);
2688                 else
2689                         {
2690                         fprintf(stderr,"depth=%d error=%d %s\n",
2691                                 ctx->error_depth,ctx->error,buf);
2692                         }
2693                 }
2694
2695         if (ok == 0)
2696                 {
2697                 fprintf(stderr,"Error string: %s\n",
2698                         X509_verify_cert_error_string(ctx->error));
2699                 switch (ctx->error)
2700                         {
2701                 case X509_V_ERR_CERT_NOT_YET_VALID:
2702                 case X509_V_ERR_CERT_HAS_EXPIRED:
2703                 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2704                         fprintf(stderr,"  ... ignored.\n");
2705                         ok=1;
2706                         }
2707                 }
2708
2709         if (ok == 1)
2710                 {
2711                 X509 *xs = ctx->current_cert;
2712 #if 0
2713                 X509 *xi = ctx->current_issuer;
2714 #endif
2715
2716                 if (xs->ex_flags & EXFLAG_PROXY)
2717                         {
2718                         unsigned int *letters =
2719                                 X509_STORE_CTX_get_ex_data(ctx,
2720                                         get_proxy_auth_ex_data_idx());
2721
2722                         if (letters)
2723                                 {
2724                                 int found_any = 0;
2725                                 int i;
2726                                 PROXY_CERT_INFO_EXTENSION *pci =
2727                                         X509_get_ext_d2i(xs, NID_proxyCertInfo,
2728                                                 NULL, NULL);
2729
2730                                 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
2731                                         {
2732                                 case NID_Independent:
2733                                         /* Completely meaningless in this
2734                                            program, as there's no way to
2735                                            grant explicit rights to a
2736                                            specific PrC.  Basically, using
2737                                            id-ppl-Independent is the perfect
2738                                            way to grant no rights at all. */
2739                                         fprintf(stderr, "  Independent proxy certificate");
2740                                         for (i = 0; i < 26; i++)
2741                                                 letters[i] = 0;
2742                                         break;
2743                                 case NID_id_ppl_inheritAll:
2744                                         /* This is basically a NOP, we
2745                                            simply let the current rights
2746                                            stand as they are. */
2747                                         fprintf(stderr, "  Proxy certificate inherits all");
2748                                         break;
2749                                 default:
2750                                         s = (char *)
2751                                                 pci->proxyPolicy->policy->data;
2752                                         i = pci->proxyPolicy->policy->length;
2753
2754                                         /* The algorithm works as follows:
2755                                            it is assumed that previous
2756                                            iterations or the initial granted
2757                                            rights has already set some elements
2758                                            of `letters'.  What we need to do is
2759                                            to clear those that weren't granted
2760                                            by the current PrC as well.  The
2761                                            easiest way to do this is to add 1
2762                                            to all the elements whose letters
2763                                            are given with the current policy.
2764                                            That way, all elements that are set
2765                                            by the current policy and were
2766                                            already set by earlier policies and
2767                                            through the original grant of rights
2768                                            will get the value 2 or higher.
2769                                            The last thing to do is to sweep
2770                                            through `letters' and keep the
2771                                            elements having the value 2 as set,
2772                                            and clear all the others. */
2773
2774                                         fprintf(stderr, "  Certificate proxy rights = %*.*s", i, i, s);
2775                                         while(i-- > 0)
2776                                                 {
2777                                                 int c = *s++;
2778                                                 if (isascii(c) && isalpha(c))
2779                                                         {
2780                                                         if (islower(c))
2781                                                                 c = toupper(c);
2782                                                         letters[c - 'A']++;
2783                                                         }
2784                                                 }
2785                                         for (i = 0; i < 26; i++)
2786                                                 if (letters[i] < 2)
2787                                                         letters[i] = 0;
2788                                                 else
2789                                                         letters[i] = 1;
2790                                         }
2791
2792                                 found_any = 0;
2793                                 fprintf(stderr,
2794                                         ", resulting proxy rights = ");
2795                                 for(i = 0; i < 26; i++)
2796                                         if (letters[i])
2797                                                 {
2798                                                 fprintf(stderr, "%c", i + 'A');
2799                                                 found_any = 1;
2800                                                 }
2801                                 if (!found_any)
2802                                         fprintf(stderr, "none");
2803                                 fprintf(stderr, "\n");
2804
2805                                 PROXY_CERT_INFO_EXTENSION_free(pci);
2806                                 }
2807                         }
2808                 }
2809
2810         return(ok);
2811         }
2812
2813 static void process_proxy_debug(int indent, const char *format, ...)
2814         {
2815         static const char indentation[] =
2816                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2817                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
2818         char my_format[256];
2819         va_list args;
2820
2821         BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2822                 indent, indent, indentation, format);
2823
2824         va_start(args, format);
2825         vfprintf(stderr, my_format, args);
2826         va_end(args);
2827         }
2828 /* Priority levels:
2829    0    [!]var, ()
2830    1    & ^
2831    2    |
2832 */
2833 static int process_proxy_cond_adders(unsigned int letters[26],
2834         const char *cond, const char **cond_end, int *pos, int indent);
2835 static int process_proxy_cond_val(unsigned int letters[26],
2836         const char *cond, const char **cond_end, int *pos, int indent)
2837         {
2838         int c;
2839         int ok = 1;
2840         int negate = 0;
2841
2842         while(isspace((int)*cond))
2843                 {
2844                 cond++; (*pos)++;
2845                 }
2846         c = *cond;
2847
2848         if (debug)
2849                 process_proxy_debug(indent,
2850                         "Start process_proxy_cond_val at position %d: %s\n",
2851                         *pos, cond);
2852
2853         while(c == '!')
2854                 {
2855                 negate = !negate;
2856                 cond++; (*pos)++;
2857                 while(isspace((int)*cond))
2858                         {
2859                         cond++; (*pos)++;
2860                         }
2861                 c = *cond;
2862                 }
2863
2864         if (c == '(')
2865                 {
2866                 cond++; (*pos)++;
2867                 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2868                         indent + 1);
2869                 cond = *cond_end;
2870                 if (ok < 0)
2871                         goto end;
2872                 while(isspace((int)*cond))
2873                         {
2874                         cond++; (*pos)++;
2875                         }
2876                 c = *cond;
2877                 if (c != ')')
2878                         {
2879                         fprintf(stderr,
2880                                 "Weird condition character in position %d: "
2881                                 "%c\n", *pos, c);
2882                         ok = -1;
2883                         goto end;
2884                         }
2885                 cond++; (*pos)++;
2886                 }
2887         else if (isascii(c) && isalpha(c))
2888                 {
2889                 if (islower(c))
2890                         c = toupper(c);
2891                 ok = letters[c - 'A'];
2892                 cond++; (*pos)++;
2893                 }
2894         else
2895                 {
2896                 fprintf(stderr,
2897                         "Weird condition character in position %d: "
2898                         "%c\n", *pos, c);
2899                 ok = -1;
2900                 goto end;
2901                 }
2902  end:
2903         *cond_end = cond;
2904         if (ok >= 0 && negate)
2905                 ok = !ok;
2906
2907         if (debug)
2908                 process_proxy_debug(indent,
2909                         "End process_proxy_cond_val at position %d: %s, returning %d\n",
2910                         *pos, cond, ok);
2911
2912         return ok;
2913         }
2914 static int process_proxy_cond_multipliers(unsigned int letters[26],
2915         const char *cond, const char **cond_end, int *pos, int indent)
2916         {
2917         int ok;
2918         char c;
2919
2920         if (debug)
2921                 process_proxy_debug(indent,
2922                         "Start process_proxy_cond_multipliers at position %d: %s\n",
2923                         *pos, cond);
2924
2925         ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2926         cond = *cond_end;
2927         if (ok < 0)
2928                 goto end;
2929
2930         while(ok >= 0)
2931                 {
2932                 while(isspace((int)*cond))
2933                         {
2934                         cond++; (*pos)++;
2935                         }
2936                 c = *cond;
2937
2938                 switch(c)
2939                         {
2940                 case '&':
2941                 case '^':
2942                         {
2943                         int save_ok = ok;
2944
2945                         cond++; (*pos)++;
2946                         ok = process_proxy_cond_val(letters,
2947                                 cond, cond_end, pos, indent + 1);
2948                         cond = *cond_end;
2949                         if (ok < 0)
2950                                 break;
2951
2952                         switch(c)
2953                                 {
2954                         case '&':
2955                                 ok &= save_ok;
2956                                 break;
2957                         case '^':
2958                                 ok ^= save_ok;
2959                                 break;
2960                         default:
2961                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2962                                         " STOPPING\n");
2963                                 EXIT(1);
2964                                 }
2965                         }
2966                         break;
2967                 default:
2968                         goto end;
2969                         }
2970                 }
2971  end:
2972         if (debug)
2973                 process_proxy_debug(indent,
2974                         "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2975                         *pos, cond, ok);
2976
2977         *cond_end = cond;
2978         return ok;
2979         }
2980 static int process_proxy_cond_adders(unsigned int letters[26],
2981         const char *cond, const char **cond_end, int *pos, int indent)
2982         {
2983         int ok;
2984         char c;
2985
2986         if (debug)
2987                 process_proxy_debug(indent,
2988                         "Start process_proxy_cond_adders at position %d: %s\n",
2989                         *pos, cond);
2990
2991         ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2992                 indent + 1);
2993         cond = *cond_end;
2994         if (ok < 0)
2995                 goto end;
2996
2997         while(ok >= 0)
2998                 {
2999                 while(isspace((int)*cond))
3000                         {
3001                         cond++; (*pos)++;
3002                         }
3003                 c = *cond;
3004
3005                 switch(c)
3006                         {
3007                 case '|':
3008                         {
3009                         int save_ok = ok;
3010
3011                         cond++; (*pos)++;
3012                         ok = process_proxy_cond_multipliers(letters,
3013                                 cond, cond_end, pos, indent + 1);
3014                         cond = *cond_end;
3015                         if (ok < 0)
3016                                 break;
3017
3018                         switch(c)
3019                                 {
3020                         case '|':
3021                                 ok |= save_ok;
3022                                 break;
3023                         default:
3024                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
3025                                         " STOPPING\n");
3026                                 EXIT(1);
3027                                 }
3028                         }
3029                         break;
3030                 default:
3031