Support retries in certificate callback
[openssl.git] / ssl / ssltest.c
1 /* ssl/ssltest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  * ECC cipher suite support in OpenSSL originally developed by 
114  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115  */
116 /* ====================================================================
117  * Copyright 2005 Nokia. All rights reserved.
118  *
119  * The portions of the attached software ("Contribution") is developed by
120  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121  * license.
122  *
123  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125  * support (see RFC 4279) to OpenSSL.
126  *
127  * No patent licenses or other rights except those expressly stated in
128  * the OpenSSL open source license shall be deemed granted or received
129  * expressly, by implication, estoppel, or otherwise.
130  *
131  * No assurances are provided by Nokia that the Contribution does not
132  * infringe the patent or other intellectual property rights of any third
133  * party or that the license provides you with all the necessary rights
134  * to make use of the Contribution.
135  *
136  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140  * OTHERWISE.
141  */
142
143 #define _BSD_SOURCE 1           /* Or gethostname won't be declared properly
144                                    on Linux and GNU platforms. */
145
146 #include <assert.h>
147 #include <errno.h>
148 #include <limits.h>
149 #include <stdio.h>
150 #include <stdlib.h>
151 #include <string.h>
152 #include <time.h>
153
154 #define USE_SOCKETS
155 #include "e_os.h"
156
157 #ifdef OPENSSL_SYS_VMS
158 #define _XOPEN_SOURCE 500       /* Or isascii won't be declared properly on
159                                    VMS (at least with DECompHP C).  */
160 #endif
161
162 #include <ctype.h>
163
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
172 #endif
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
177 #endif
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
180 #endif
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
183 #endif
184 #ifndef OPENSSL_NO_SRP
185 #include <openssl/srp.h>
186 #endif
187 #include <openssl/bn.h>
188
189 #define _XOPEN_SOURCE_EXTENDED  1 /* Or gethostname won't be declared properly
190                                      on Compaq platforms (at least with DEC C).
191                                      Do not try to put it earlier, or IPv6 includes
192                                      get screwed...
193                                   */
194
195 #ifdef OPENSSL_SYS_WINDOWS
196 #include <winsock.h>
197 #else
198 #include OPENSSL_UNISTD
199 #endif
200
201 #ifdef OPENSSL_SYS_VMS
202 #  define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
203 #  define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
204 #elif defined(OPENSSL_SYS_WINCE)
205 #  define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
206 #  define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
207 #elif defined(OPENSSL_SYS_NETWARE)
208 #  define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
209 #  define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
210 #else
211 #  define TEST_SERVER_CERT "../apps/server.pem"
212 #  define TEST_CLIENT_CERT "../apps/client.pem"
213 #endif
214
215 /* There is really no standard for this, so let's assign some tentative
216    numbers.  In any case, these numbers are only for this test */
217 #define COMP_RLE        255
218 #define COMP_ZLIB       1
219
220 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
221 #ifndef OPENSSL_NO_RSA
222 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
223 static void free_tmp_rsa(void);
224 #endif
225 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
226 #define APP_CALLBACK_STRING "Test Callback Argument"
227 struct app_verify_arg
228         {
229         char *string;
230         int app_verify;
231         int allow_proxy_certs;
232         char *proxy_auth;
233         char *proxy_cond;
234         };
235
236 #ifndef OPENSSL_NO_DH
237 static DH *get_dh512(void);
238 static DH *get_dh1024(void);
239 static DH *get_dh1024dsa(void);
240 #endif
241
242
243 static char *psk_key=NULL; /* by default PSK is not used */
244 #ifndef OPENSSL_NO_PSK
245 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
246         unsigned int max_identity_len, unsigned char *psk,
247         unsigned int max_psk_len);
248 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
249         unsigned int max_psk_len);
250 #endif
251
252 #ifndef OPENSSL_NO_SRP
253 /* SRP client */
254 /* This is a context that we pass to all callbacks */
255 typedef struct srp_client_arg_st
256         {
257         char *srppassin;
258         char *srplogin;
259         } SRP_CLIENT_ARG;
260
261 #define PWD_STRLEN 1024
262
263 static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
264         {
265         SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
266         return BUF_strdup((char *)srp_client_arg->srppassin);
267         }
268
269 /* SRP server */
270 /* This is a context that we pass to SRP server callbacks */
271 typedef struct srp_server_arg_st
272         {
273         char *expected_user;
274         char *pass;
275         } SRP_SERVER_ARG;
276
277 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
278         {
279         SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
280
281         if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
282                 {
283                 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
284                 return SSL3_AL_FATAL;
285                 }
286         if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
287                 {
288                 *ad = SSL_AD_INTERNAL_ERROR;
289                 return SSL3_AL_FATAL;
290                 }
291         return SSL_ERROR_NONE;
292         }
293 #endif
294
295 static BIO *bio_err=NULL;
296 static BIO *bio_stdout=NULL;
297
298 #ifndef OPENSSL_NO_NEXTPROTONEG
299 /* Note that this code assumes that this is only a one element list: */
300 static const char NEXT_PROTO_STRING[] = "\x09testproto";
301 int npn_client = 0;
302 int npn_server = 0;
303 int npn_server_reject = 0;
304
305 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
306         {
307         /* This callback only returns the protocol string, rather than a length
308            prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
309            remove the first byte to chop off the length prefix. */
310         *out = (unsigned char*) NEXT_PROTO_STRING + 1;
311         *outlen = sizeof(NEXT_PROTO_STRING) - 2;
312         return SSL_TLSEXT_ERR_OK;
313         }
314
315 static int cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
316         {
317         *data = (const unsigned char *) NEXT_PROTO_STRING;
318         *len = sizeof(NEXT_PROTO_STRING) - 1;
319         return SSL_TLSEXT_ERR_OK;
320         }
321
322 static int cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
323         {
324         return SSL_TLSEXT_ERR_NOACK;
325         }
326
327 static int verify_npn(SSL *client, SSL *server)
328         {
329         const unsigned char *client_s;
330         unsigned client_len;
331         const unsigned char *server_s;
332         unsigned server_len;
333
334         SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
335         SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
336
337         if (client_len)
338                 {
339                 BIO_printf(bio_stdout, "Client NPN: ");
340                 BIO_write(bio_stdout, client_s, client_len);
341                 BIO_printf(bio_stdout, "\n");
342                 }
343
344         if (server_len)
345                 {
346                 BIO_printf(bio_stdout, "Server NPN: ");
347                 BIO_write(bio_stdout, server_s, server_len);
348                 BIO_printf(bio_stdout, "\n");
349                 }
350
351         /* If an NPN string was returned, it must be the protocol that we
352          * expected to negotiate. */
353         if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
354                            memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
355                 return -1;
356         if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
357                            memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
358                 return -1;
359
360         if (!npn_client && client_len)
361                 return -1;
362         if (!npn_server && server_len)
363                 return -1;
364         if (npn_server_reject && server_len)
365                 return -1;
366         if (npn_client && npn_server && (!client_len || !server_len))
367                 return -1;
368
369         return 0;
370         }
371 #endif
372
373 static const char *alpn_client;
374 static const char *alpn_server;
375 static const char *alpn_expected;
376 static unsigned char *alpn_selected;
377
378 /* next_protos_parse parses a comma separated list of strings into a string
379  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
380  *   outlen: (output) set to the length of the resulting buffer on success.
381  *   err: (maybe NULL) on failure, an error message line is written to this BIO.
382  *   in: a NUL termianted string like "abc,def,ghi"
383  *
384  *   returns: a malloced buffer or NULL on failure.
385  */
386 static unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
387         {
388         size_t len;
389         unsigned char *out;
390         size_t i, start = 0;
391
392         len = strlen(in);
393         if (len >= 65535)
394                 return NULL;
395
396         out = OPENSSL_malloc(strlen(in) + 1);
397         if (!out)
398                 return NULL;
399
400         for (i = 0; i <= len; ++i)
401                 {
402                 if (i == len || in[i] == ',')
403                         {
404                         if (i - start > 255)
405                                 {
406                                 OPENSSL_free(out);
407                                 return NULL;
408                                 }
409                         out[start] = i - start;
410                         start = i + 1;
411                         }
412                 else
413                         out[i+1] = in[i];
414                 }
415
416         *outlen = len + 1;
417         return out;
418         }
419
420 static int cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
421         {
422         unsigned char *protos;
423         unsigned short protos_len;
424
425         protos = next_protos_parse(&protos_len, alpn_server);
426         if (protos == NULL)
427                 {
428                 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", alpn_server);
429                 abort();
430                 }
431
432         if (SSL_select_next_proto((unsigned char**) out, outlen, protos, protos_len, in, inlen) !=
433             OPENSSL_NPN_NEGOTIATED)
434                 {
435                 OPENSSL_free(protos);
436                 return SSL_TLSEXT_ERR_NOACK;
437                 }
438
439         /* Make a copy of the selected protocol which will be freed in verify_alpn. */
440         alpn_selected = OPENSSL_malloc(*outlen);
441         memcpy(alpn_selected, *out, *outlen);
442         *out = alpn_selected;
443
444         OPENSSL_free(protos);
445         return SSL_TLSEXT_ERR_OK;
446         }
447
448 static int verify_alpn(SSL *client, SSL *server)
449         {
450         const unsigned char *client_proto, *server_proto;
451         unsigned int client_proto_len = 0, server_proto_len = 0;
452         SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
453         SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
454
455         if (alpn_selected != NULL)
456                 {
457                 OPENSSL_free(alpn_selected);
458                 alpn_selected = NULL;
459                 }
460
461         if (client_proto_len != server_proto_len ||
462             memcmp(client_proto, server_proto, client_proto_len) != 0)
463                 {
464                 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
465                 goto err;
466                 }
467
468         if (client_proto_len > 0 && alpn_expected == NULL)
469                 {
470                 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
471                 goto err;
472                 }
473
474         if (alpn_expected != NULL &&
475             (client_proto_len != strlen(alpn_expected) ||
476              memcmp(client_proto, alpn_expected, client_proto_len) != 0))
477                 {
478                 BIO_printf(bio_stdout, "ALPN selected protocols not equal to expected protocol: %s\n", alpn_expected);
479                 goto err;
480                 }
481
482         return 0;
483
484 err:
485         BIO_printf(bio_stdout, "ALPN results: client: '");
486         BIO_write(bio_stdout, client_proto, client_proto_len);
487         BIO_printf(bio_stdout, "', server: '");
488         BIO_write(bio_stdout, server_proto, server_proto_len);
489         BIO_printf(bio_stdout, "'\n");
490         BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", alpn_client, alpn_server);
491         return -1;
492         }
493
494 #define SCT_EXT_TYPE 18
495
496 /* WARNING : below extension types are *NOT* IETF assigned, and 
497    could conflict if these types are reassigned and handled 
498    specially by OpenSSL in the future */
499 #define TACK_EXT_TYPE 62208
500 #define CUSTOM_EXT_TYPE_0 1000
501 #define CUSTOM_EXT_TYPE_1 1001
502 #define CUSTOM_EXT_TYPE_2 1002
503 #define CUSTOM_EXT_TYPE_3 1003
504
505 const char custom_ext_cli_string[] = "abc";
506 const char custom_ext_srv_string[] = "defg";
507
508 /* These set from cmdline */
509 char* serverinfo_file = NULL;
510 int serverinfo_sct = 0;
511 int serverinfo_tack = 0;
512
513 /* These set based on extension callbacks */
514 int serverinfo_sct_seen = 0;
515 int serverinfo_tack_seen = 0;
516 int serverinfo_other_seen = 0;
517
518 /* This set from cmdline */
519 int custom_ext = 0;
520
521 /* This set based on extension callbacks */
522 int custom_ext_error = 0;
523
524 /* Not IETF assigned supplemental data types */
525 #define CUSTOM_SUPP_DATA_TYPE_0 100
526 #define CUSTOM_SUPP_DATA_TYPE_1 101
527 #define CUSTOM_SUPP_DATA_TYPE_2 102
528
529 const char supp_data_0_string[] = "00000";
530
531 int suppdata = 0;
532 int suppdata_error = 0;
533
534 static int serverinfo_cli_cb(SSL* s, unsigned short ext_type,
535                              const unsigned char* in, unsigned short inlen, 
536                              int* al, void* arg)
537         {
538         if (ext_type == SCT_EXT_TYPE)
539                 serverinfo_sct_seen++;
540         else if (ext_type == TACK_EXT_TYPE)
541                 serverinfo_tack_seen++;
542         else
543                 serverinfo_other_seen++;
544         return 1;
545         }
546
547 static int verify_serverinfo()
548         {
549         if (serverinfo_sct != serverinfo_sct_seen)
550                 return -1;
551         if (serverinfo_tack != serverinfo_tack_seen)
552                 return -1;
553         if (serverinfo_other_seen)
554                 return -1;
555         return 0;
556         }
557
558 /* Four test cases for custom extensions:
559  * 0 - no ClientHello extension or ServerHello response
560  * 1 - ClientHello with "abc", no response
561  * 2 - ClientHello with "abc", empty response
562  * 3 - ClientHello with "abc", "defg" response
563  */
564
565 static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type,
566                                      const unsigned char **out,
567                                      unsigned short *outlen, void *arg)
568         {
569         if (ext_type != CUSTOM_EXT_TYPE_0)
570                 custom_ext_error = 1;
571         return -1;  /* Don't send an extension */
572         }
573
574 static int custom_ext_0_cli_second_cb(SSL *s, unsigned short ext_type,
575                                       const unsigned char *in,
576                                       unsigned short inlen, int *al,
577                                       void *arg)
578         {
579         custom_ext_error = 1; /* Shouldn't be called */
580         return 0;
581         }
582
583 static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type,
584                                      const unsigned char **out,
585                                      unsigned short *outlen, void *arg)
586         {
587         if (ext_type != CUSTOM_EXT_TYPE_1)
588                 custom_ext_error = 1;
589         *out = (const unsigned char*)custom_ext_cli_string;
590         *outlen = strlen(custom_ext_cli_string);
591         return 1; /* Send "abc" */
592         }
593
594 static int custom_ext_1_cli_second_cb(SSL *s, unsigned short ext_type,
595                                       const unsigned char *in,
596                                       unsigned short inlen, int *al,
597                                       void *arg)
598         {
599         custom_ext_error = 1; /* Shouldn't be called */
600         return 0;
601         }
602
603 static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type,
604                                      const unsigned char **out,
605                                      unsigned short *outlen, void *arg)
606         {
607         if (ext_type != CUSTOM_EXT_TYPE_2)
608                 custom_ext_error = 1;
609         *out = (const unsigned char*)custom_ext_cli_string;
610         *outlen = strlen(custom_ext_cli_string);
611         return 1; /* Send "abc" */
612         }
613
614 static int custom_ext_2_cli_second_cb(SSL *s, unsigned short ext_type,
615                                       const unsigned char *in,
616                                       unsigned short inlen, int *al,
617                                       void *arg)
618         {
619         if (ext_type != CUSTOM_EXT_TYPE_2)
620                 custom_ext_error = 1;
621         if (inlen != 0)
622                 custom_ext_error = 1; /* Should be empty response */
623         return 1;
624         }
625
626 static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type,
627                                      const unsigned char **out,
628                                      unsigned short *outlen, void *arg)
629         {
630         if (ext_type != CUSTOM_EXT_TYPE_3)
631                 custom_ext_error = 1;
632         *out = (const unsigned char*)custom_ext_cli_string;
633         *outlen = strlen(custom_ext_cli_string);
634         return 1; /* Send "abc" */
635         }
636
637 static int custom_ext_3_cli_second_cb(SSL *s, unsigned short ext_type,
638                                       const unsigned char *in,
639                                       unsigned short inlen, int *al,
640                                       void *arg)
641         {
642         if (ext_type != CUSTOM_EXT_TYPE_3)
643                 custom_ext_error = 1;
644         if (inlen != strlen(custom_ext_srv_string))
645                 custom_ext_error = 1;
646         if (memcmp(custom_ext_srv_string, in, inlen) != 0)
647                 custom_ext_error = 1; /* Check for "defg" */
648         return 1;
649         }
650
651
652 static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type,
653                                      const unsigned char *in,
654                                      unsigned short inlen, int *al,
655                                      void *arg)
656         {
657         custom_ext_error = 1;
658         return 0; /* Shouldn't be called */
659         }
660
661 static int custom_ext_0_srv_second_cb(SSL *s, unsigned short ext_type,
662                                       const unsigned char **out,
663                                       unsigned short *outlen, void *arg)
664         {
665         custom_ext_error = 1;
666         return 0; /* Shouldn't be called */
667         }
668
669 static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
670                                      const unsigned char *in,
671                                      unsigned short inlen, int *al,
672                                      void *arg)
673         {
674         if (ext_type != CUSTOM_EXT_TYPE_1)
675                 custom_ext_error = 1;           
676          /* Check for "abc" */
677         if (inlen != strlen(custom_ext_cli_string))
678                 custom_ext_error = 1;
679         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
680                 custom_ext_error = 1;
681         return 1;
682         }
683
684 static int custom_ext_1_srv_second_cb(SSL *s, unsigned short ext_type,
685                                       const unsigned char **out,
686                                       unsigned short *outlen, void *arg)
687         {
688         return -1; /* Don't send an extension */
689         }
690
691 static int custom_ext_2_srv_first_cb(SSL *s, unsigned short ext_type,
692                                      const unsigned char *in,
693                                      unsigned short inlen, int *al,
694                                      void *arg)
695         {
696         if (ext_type != CUSTOM_EXT_TYPE_2)
697                 custom_ext_error = 1;           
698          /* Check for "abc" */
699         if (inlen != strlen(custom_ext_cli_string))
700                 custom_ext_error = 1;
701         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
702                 custom_ext_error = 1;
703         return 1;
704         }
705
706 static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type,
707                                       const unsigned char **out,
708                                       unsigned short *outlen, void *arg)
709         {
710         *out = NULL;
711         *outlen = 0;
712         return 1; /* Send empty extension */
713         }
714
715 static int custom_ext_3_srv_first_cb(SSL *s, unsigned short ext_type,
716                                      const unsigned char *in,
717                                      unsigned short inlen, int *al,
718                                      void *arg)
719         {
720         if (ext_type != CUSTOM_EXT_TYPE_3)
721                 custom_ext_error = 1;           
722          /* Check for "abc" */  
723         if (inlen != strlen(custom_ext_cli_string))
724                 custom_ext_error = 1;
725         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
726                 custom_ext_error = 1;
727         return 1;
728         }
729
730 static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
731                                       const unsigned char **out,
732                                       unsigned short *outlen, void *arg)
733         {
734         *out = (const unsigned char*)custom_ext_srv_string;
735         *outlen = strlen(custom_ext_srv_string);
736         return 1; /* Send "defg" */
737         }
738
739 static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type,
740                                     const unsigned char **out,
741                                     unsigned short *outlen, void *arg)
742         {
743         *out = (const unsigned char*)supp_data_0_string;
744         *outlen = strlen(supp_data_0_string);
745         if (arg != s)
746                 suppdata_error = 1;
747         return 1;
748         }
749
750 static int supp_data_0_srv_second_cb(SSL *s, unsigned short supp_data_type,
751                                      const unsigned char *in,
752                                      unsigned short inlen, int *al,
753                                      void *arg)
754         {
755         if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0)
756                 suppdata_error = 1;
757         if (inlen != strlen(supp_data_0_string))
758                 suppdata_error = 1;
759         if (memcmp(in, supp_data_0_string, inlen) != 0)
760                 suppdata_error = 1;
761         if (arg != s)
762                 suppdata_error = 1;
763         return 1;
764         }
765
766 static int supp_data_1_srv_first_cb(SSL *s, unsigned short supp_data_type,
767                                     const unsigned char **out,
768                                     unsigned short *outlen, void *arg)
769         {
770         return -1;
771         }
772
773 static int supp_data_1_srv_second_cb(SSL *s, unsigned short supp_data_type,
774                                      const unsigned char *in,
775                                      unsigned short inlen, int *al,
776                                      void *arg)
777         {
778         suppdata_error = 1;
779         return 1;
780         }
781
782 static int supp_data_2_srv_second_cb(SSL *s, unsigned short supp_data_type,
783                                      const unsigned char *in,
784                                      unsigned short inlen, int *al,
785                                      void *arg)
786         {
787         suppdata_error = 1;
788         return 1;
789         }
790
791 static int supp_data_0_cli_first_cb(SSL *s, unsigned short supp_data_type,
792                                     const unsigned char *in,
793                                     unsigned short inlen, int *al,
794                                     void *arg)
795         {
796         if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0)
797                 suppdata_error = 1;
798         if (inlen != strlen(supp_data_0_string))
799                 suppdata_error = 1;
800         if (memcmp(in, supp_data_0_string, inlen) != 0)
801                 suppdata_error = 1;
802         if (arg != s)
803                 suppdata_error = 1;
804         return 1;
805         }
806
807 static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type,
808                                      const unsigned char **out,
809                                      unsigned short *outlen, void *arg)
810         {
811         *out = (const unsigned char*)supp_data_0_string;
812         *outlen = strlen(supp_data_0_string);
813         if (arg != s)
814                 suppdata_error = 1;
815         return 1;
816         }
817
818 static int supp_data_1_cli_first_cb(SSL *s, unsigned short supp_data_type,
819                                     const unsigned char *in,
820                                     unsigned short inlen, int *al,
821                                     void *arg)
822         {
823         suppdata_error = 1;
824         return 1;
825         }
826
827 static int supp_data_1_cli_second_cb(SSL *s, unsigned short supp_data_type,
828                                      const unsigned char **out,
829                                      unsigned short *outlen, void *arg)
830         {
831         return -1;
832         }
833
834 static int supp_data_2_cli_first_cb(SSL *s, unsigned short supp_data_type,
835                                     const unsigned char *in,
836                                     unsigned short inlen, int *al,
837                                     void *arg)
838         {
839         suppdata_error = 1;
840         return 1;
841         }
842
843 static char *cipher=NULL;
844 static int verbose=0;
845 static int debug=0;
846 #if 0
847 /* Not used yet. */
848 #ifdef FIONBIO
849 static int s_nbio=0;
850 #endif
851 #endif
852
853 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
854
855 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
856 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
857 static int do_test_cipherlist(void);
858 static void sv_usage(void)
859         {
860         fprintf(stderr,"usage: ssltest [args ...]\n");
861         fprintf(stderr,"\n");
862 #ifdef OPENSSL_FIPS
863         fprintf(stderr,"-F             - run test in FIPS mode\n");
864 #endif
865         fprintf(stderr," -server_auth  - check server certificate\n");
866         fprintf(stderr," -client_auth  - do client authentication\n");
867         fprintf(stderr," -proxy        - allow proxy certificates\n");
868         fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
869         fprintf(stderr," -proxy_cond <val> - experssion to test proxy policy rights\n");
870         fprintf(stderr," -v            - more output\n");
871         fprintf(stderr," -d            - debug output\n");
872         fprintf(stderr," -reuse        - use session-id reuse\n");
873         fprintf(stderr," -num <val>    - number of connections to perform\n");
874         fprintf(stderr," -bytes <val>  - number of bytes to swap between client/server\n");
875 #ifndef OPENSSL_NO_DH
876         fprintf(stderr," -dhe1024      - use 1024 bit key (safe prime) for DHE\n");
877         fprintf(stderr," -dhe1024dsa   - use 1024 bit key (with 160-bit subprime) for DHE\n");
878         fprintf(stderr," -no_dhe       - disable DHE\n");
879 #endif
880 #ifndef OPENSSL_NO_ECDH
881         fprintf(stderr," -no_ecdhe     - disable ECDHE\n");
882 #endif
883 #ifndef OPENSSL_NO_PSK
884         fprintf(stderr," -psk arg      - PSK in hex (without 0x)\n");
885 #endif
886 #ifndef OPENSSL_NO_SRP
887         fprintf(stderr," -srpuser user  - SRP username to use\n");
888         fprintf(stderr," -srppass arg   - password for 'user'\n");
889 #endif
890 #ifndef OPENSSL_NO_SSL2
891         fprintf(stderr," -ssl2         - use SSLv2\n");
892 #endif
893 #ifndef OPENSSL_NO_SSL3
894         fprintf(stderr," -ssl3         - use SSLv3\n");
895 #endif
896 #ifndef OPENSSL_NO_TLS1
897         fprintf(stderr," -tls1         - use TLSv1\n");
898 #endif
899         fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
900         fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
901         fprintf(stderr," -cert arg     - Server certificate file\n");
902         fprintf(stderr," -key arg      - Server key file (default: same as -cert)\n");
903         fprintf(stderr," -c_cert arg   - Client certificate file\n");
904         fprintf(stderr," -c_key arg    - Client key file (default: same as -c_cert)\n");
905         fprintf(stderr," -cipher arg   - The cipher list\n");
906         fprintf(stderr," -bio_pair     - Use BIO pairs\n");
907         fprintf(stderr," -f            - Test even cases that can't work\n");
908         fprintf(stderr," -time         - measure processor time used by client and server\n");
909         fprintf(stderr," -zlib         - use zlib compression\n");
910         fprintf(stderr," -rle          - use rle compression\n");
911 #ifndef OPENSSL_NO_ECDH
912         fprintf(stderr," -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n" \
913                        "                 Use \"openssl ecparam -list_curves\" for all names\n"  \
914                        "                 (default is sect163r2).\n");
915 #endif
916         fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
917 #ifndef OPENSSL_NO_NEXTPROTONEG
918         fprintf(stderr," -npn_client - have client side offer NPN\n");
919         fprintf(stderr," -npn_server - have server side offer NPN\n");
920         fprintf(stderr," -npn_server_reject - have server reject NPN\n");
921 #endif
922         fprintf(stderr," -serverinfo_file file - have server use this file\n");
923         fprintf(stderr," -serverinfo_sct  - have client offer and expect SCT\n");
924         fprintf(stderr," -serverinfo_tack - have client offer and expect TACK\n");
925         fprintf(stderr," -custom_ext - try various custom extension callbacks\n");
926         fprintf(stderr," -alpn_client <string> - have client side offer ALPN\n");
927         fprintf(stderr," -alpn_server <string> - have server side offer ALPN\n");
928         fprintf(stderr," -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
929         fprintf(stderr, "-suppdata - exercise supplemental data callbacks\n");
930         }
931
932 static void print_details(SSL *c_ssl, const char *prefix)
933         {
934         const SSL_CIPHER *ciph;
935         X509 *cert;
936                 
937         ciph=SSL_get_current_cipher(c_ssl);
938         BIO_printf(bio_stdout,"%s%s, cipher %s %s",
939                 prefix,
940                 SSL_get_version(c_ssl),
941                 SSL_CIPHER_get_version(ciph),
942                 SSL_CIPHER_get_name(ciph));
943         cert=SSL_get_peer_certificate(c_ssl);
944         if (cert != NULL)
945                 {
946                 EVP_PKEY *pkey = X509_get_pubkey(cert);
947                 if (pkey != NULL)
948                         {
949                         if (0) 
950                                 ;
951 #ifndef OPENSSL_NO_RSA
952                         else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
953                                 && pkey->pkey.rsa->n != NULL)
954                                 {
955                                 BIO_printf(bio_stdout, ", %d bit RSA",
956                                         BN_num_bits(pkey->pkey.rsa->n));
957                                 }
958 #endif
959 #ifndef OPENSSL_NO_DSA
960                         else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
961                                 && pkey->pkey.dsa->p != NULL)
962                                 {
963                                 BIO_printf(bio_stdout, ", %d bit DSA",
964                                         BN_num_bits(pkey->pkey.dsa->p));
965                                 }
966 #endif
967                         EVP_PKEY_free(pkey);
968                         }
969                 X509_free(cert);
970                 }
971         /* The SSL API does not allow us to look at temporary RSA/DH keys,
972          * otherwise we should print their lengths too */
973         BIO_printf(bio_stdout,"\n");
974         }
975
976 static void lock_dbg_cb(int mode, int type, const char *file, int line)
977         {
978         static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
979         const char *errstr = NULL;
980         int rw;
981         
982         rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
983         if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
984                 {
985                 errstr = "invalid mode";
986                 goto err;
987                 }
988
989         if (type < 0 || type >= CRYPTO_NUM_LOCKS)
990                 {
991                 errstr = "type out of bounds";
992                 goto err;
993                 }
994
995         if (mode & CRYPTO_LOCK)
996                 {
997                 if (modes[type])
998                         {
999                         errstr = "already locked";
1000                         /* must not happen in a single-threaded program
1001                          * (would deadlock) */
1002                         goto err;
1003                         }
1004
1005                 modes[type] = rw;
1006                 }
1007         else if (mode & CRYPTO_UNLOCK)
1008                 {
1009                 if (!modes[type])
1010                         {
1011                         errstr = "not locked";
1012                         goto err;
1013                         }
1014                 
1015                 if (modes[type] != rw)
1016                         {
1017                         errstr = (rw == CRYPTO_READ) ?
1018                                 "CRYPTO_r_unlock on write lock" :
1019                                 "CRYPTO_w_unlock on read lock";
1020                         }
1021
1022                 modes[type] = 0;
1023                 }
1024         else
1025                 {
1026                 errstr = "invalid mode";
1027                 goto err;
1028                 }
1029
1030  err:
1031         if (errstr)
1032                 {
1033                 /* we cannot use bio_err here */
1034                 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
1035                         errstr, mode, type, file, line);
1036                 }
1037         }
1038
1039 #ifdef TLSEXT_TYPE_opaque_prf_input
1040 struct cb_info_st { void *input; size_t len; int ret; };
1041 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
1042 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
1043 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
1044 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
1045
1046 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
1047         {
1048         struct cb_info_st *arg = arg_;
1049
1050         if (arg == NULL)
1051                 return 1;
1052         
1053         if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
1054                 return 0;
1055         return arg->ret;
1056         }
1057 #endif
1058
1059 int main(int argc, char *argv[])
1060         {
1061         char *CApath=NULL,*CAfile=NULL;
1062         int badop=0;
1063         int bio_pair=0;
1064         int force=0;
1065         int tls1=0,ssl2=0,ssl3=0,ret=1;
1066         int client_auth=0;
1067         int server_auth=0,i;
1068         struct app_verify_arg app_verify_arg =
1069                 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
1070         char *server_cert=TEST_SERVER_CERT;
1071         char *server_key=NULL;
1072         char *client_cert=TEST_CLIENT_CERT;
1073         char *client_key=NULL;
1074 #ifndef OPENSSL_NO_ECDH
1075         char *named_curve = NULL;
1076 #endif
1077         SSL_CTX *s_ctx=NULL;
1078         SSL_CTX *c_ctx=NULL;
1079         const SSL_METHOD *meth=NULL;
1080         SSL *c_ssl,*s_ssl;
1081         int number=1,reuse=0;
1082         long bytes=256L;
1083 #ifndef OPENSSL_NO_DH
1084         DH *dh;
1085         int dhe1024 = 0, dhe1024dsa = 0;
1086 #endif
1087 #ifndef OPENSSL_NO_ECDH
1088         EC_KEY *ecdh = NULL;
1089 #endif
1090 #ifndef OPENSSL_NO_SRP
1091         /* client */
1092         SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
1093         /* server */
1094         SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
1095 #endif
1096         int no_dhe = 0;
1097         int no_ecdhe = 0;
1098         int no_psk = 0;
1099         int print_time = 0;
1100         clock_t s_time = 0, c_time = 0;
1101 #ifndef OPENSSL_NO_COMP
1102         int comp = 0;
1103         COMP_METHOD *cm = NULL;
1104         STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1105 #endif
1106         int test_cipherlist = 0;
1107 #ifdef OPENSSL_FIPS
1108         int fips_mode=0;
1109 #endif
1110
1111         verbose = 0;
1112         debug = 0;
1113         cipher = 0;
1114
1115         bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);     
1116
1117         CRYPTO_set_locking_callback(lock_dbg_cb);
1118
1119         /* enable memory leak checking unless explicitly disabled */
1120         if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
1121                 {
1122                 CRYPTO_malloc_debug_init();
1123                 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1124                 }
1125         else
1126                 {
1127                 /* OPENSSL_DEBUG_MEMORY=off */
1128                 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1129                 }
1130         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1131
1132         RAND_seed(rnd_seed, sizeof rnd_seed);
1133
1134         bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
1135
1136         argc--;
1137         argv++;
1138
1139         while (argc >= 1)
1140                 {
1141                 if(!strcmp(*argv,"-F"))
1142                         {
1143 #ifdef OPENSSL_FIPS
1144                         fips_mode=1;
1145 #else
1146                         fprintf(stderr,"not compiled with FIPS support, so exitting without running.\n");
1147                         EXIT(0);
1148 #endif
1149                         }
1150                 else if (strcmp(*argv,"-server_auth") == 0)
1151                         server_auth=1;
1152                 else if (strcmp(*argv,"-client_auth") == 0)
1153                         client_auth=1;
1154                 else if (strcmp(*argv,"-proxy_auth") == 0)
1155                         {
1156                         if (--argc < 1) goto bad;
1157                         app_verify_arg.proxy_auth= *(++argv);
1158                         }
1159                 else if (strcmp(*argv,"-proxy_cond") == 0)
1160                         {
1161                         if (--argc < 1) goto bad;
1162                         app_verify_arg.proxy_cond= *(++argv);
1163                         }
1164                 else if (strcmp(*argv,"-v") == 0)
1165                         verbose=1;
1166                 else if (strcmp(*argv,"-d") == 0)
1167                         debug=1;
1168                 else if (strcmp(*argv,"-reuse") == 0)
1169                         reuse=1;
1170                 else if (strcmp(*argv,"-dhe1024") == 0)
1171                         {
1172 #ifndef OPENSSL_NO_DH
1173                         dhe1024=1;
1174 #else
1175                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1176 #endif
1177                         }
1178                 else if (strcmp(*argv,"-dhe1024dsa") == 0)
1179                         {
1180 #ifndef OPENSSL_NO_DH
1181                         dhe1024dsa=1;
1182 #else
1183                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1184 #endif
1185                         }
1186                 else if (strcmp(*argv,"-no_dhe") == 0)
1187                         no_dhe=1;
1188                 else if (strcmp(*argv,"-no_ecdhe") == 0)
1189                         no_ecdhe=1;
1190                 else if (strcmp(*argv,"-psk") == 0)
1191                         {
1192                         if (--argc < 1) goto bad;
1193                         psk_key=*(++argv);
1194 #ifndef OPENSSL_NO_PSK
1195                         if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
1196                                 {
1197                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1198                                 goto bad;
1199                                 }
1200 #else
1201                         no_psk=1;
1202 #endif
1203                         }
1204 #ifndef OPENSSL_NO_SRP
1205                 else if (strcmp(*argv,"-srpuser") == 0)
1206                         {
1207                         if (--argc < 1) goto bad;
1208                         srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
1209                         tls1=1;
1210                         }
1211                 else if (strcmp(*argv,"-srppass") == 0)
1212                         {
1213                         if (--argc < 1) goto bad;
1214                         srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
1215                         tls1=1;
1216                         }
1217 #endif
1218                 else if (strcmp(*argv,"-ssl2") == 0)
1219                         ssl2=1;
1220                 else if (strcmp(*argv,"-tls1") == 0)
1221                         tls1=1;
1222                 else if (strcmp(*argv,"-ssl3") == 0)
1223                         ssl3=1;
1224                 else if (strncmp(*argv,"-num",4) == 0)
1225                         {
1226                         if (--argc < 1) goto bad;
1227                         number= atoi(*(++argv));
1228                         if (number == 0) number=1;
1229                         }
1230                 else if (strcmp(*argv,"-bytes") == 0)
1231                         {
1232                         if (--argc < 1) goto bad;
1233                         bytes= atol(*(++argv));
1234                         if (bytes == 0L) bytes=1L;
1235                         i=strlen(argv[0]);
1236                         if (argv[0][i-1] == 'k') bytes*=1024L;
1237                         if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
1238                         }
1239                 else if (strcmp(*argv,"-cert") == 0)
1240                         {
1241                         if (--argc < 1) goto bad;
1242                         server_cert= *(++argv);
1243                         }
1244                 else if (strcmp(*argv,"-s_cert") == 0)
1245                         {
1246                         if (--argc < 1) goto bad;
1247                         server_cert= *(++argv);
1248                         }
1249                 else if (strcmp(*argv,"-key") == 0)
1250                         {
1251                         if (--argc < 1) goto bad;
1252                         server_key= *(++argv);
1253                         }
1254                 else if (strcmp(*argv,"-s_key") == 0)
1255                         {
1256                         if (--argc < 1) goto bad;
1257                         server_key= *(++argv);
1258                         }
1259                 else if (strcmp(*argv,"-c_cert") == 0)
1260                         {
1261                         if (--argc < 1) goto bad;
1262                         client_cert= *(++argv);
1263                         }
1264                 else if (strcmp(*argv,"-c_key") == 0)
1265                         {
1266                         if (--argc < 1) goto bad;
1267                         client_key= *(++argv);
1268                         }
1269                 else if (strcmp(*argv,"-cipher") == 0)
1270                         {
1271                         if (--argc < 1) goto bad;
1272                         cipher= *(++argv);
1273                         }
1274                 else if (strcmp(*argv,"-CApath") == 0)
1275                         {
1276                         if (--argc < 1) goto bad;
1277                         CApath= *(++argv);
1278                         }
1279                 else if (strcmp(*argv,"-CAfile") == 0)
1280                         {
1281                         if (--argc < 1) goto bad;
1282                         CAfile= *(++argv);
1283                         }
1284                 else if (strcmp(*argv,"-bio_pair") == 0)
1285                         {
1286                         bio_pair = 1;
1287                         }
1288                 else if (strcmp(*argv,"-f") == 0)
1289                         {
1290                         force = 1;
1291                         }
1292                 else if (strcmp(*argv,"-time") == 0)
1293                         {
1294                         print_time = 1;
1295                         }
1296 #ifndef OPENSSL_NO_COMP
1297                 else if (strcmp(*argv,"-zlib") == 0)
1298                         {
1299                         comp = COMP_ZLIB;
1300                         }
1301                 else if (strcmp(*argv,"-rle") == 0)
1302                         {
1303                         comp = COMP_RLE;
1304                         }
1305 #endif
1306                 else if (strcmp(*argv,"-named_curve") == 0)
1307                         {
1308                         if (--argc < 1) goto bad;
1309 #ifndef OPENSSL_NO_ECDH         
1310                         named_curve = *(++argv);
1311 #else
1312                         fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
1313                         ++argv;
1314 #endif
1315                         }
1316                 else if (strcmp(*argv,"-app_verify") == 0)
1317                         {
1318                         app_verify_arg.app_verify = 1;
1319                         }
1320                 else if (strcmp(*argv,"-proxy") == 0)
1321                         {
1322                         app_verify_arg.allow_proxy_certs = 1;
1323                         }
1324                 else if (strcmp(*argv,"-test_cipherlist") == 0)
1325                         {
1326                         test_cipherlist = 1;
1327                         }
1328 #ifndef OPENSSL_NO_NEXTPROTONEG
1329                 else if (strcmp(*argv,"-npn_client") == 0)
1330                         {
1331                         npn_client = 1;
1332                         }
1333                 else if (strcmp(*argv,"-npn_server") == 0)
1334                         {
1335                         npn_server = 1;
1336                         }
1337                 else if (strcmp(*argv,"-npn_server_reject") == 0)
1338                         {
1339                         npn_server_reject = 1;
1340                         }
1341 #endif
1342                 else if (strcmp(*argv,"-serverinfo_sct") == 0)
1343                         {
1344                         serverinfo_sct = 1;
1345                         }
1346                 else if (strcmp(*argv,"-serverinfo_tack") == 0)
1347                         {
1348                         serverinfo_tack = 1;
1349                         }
1350                 else if (strcmp(*argv,"-serverinfo_file") == 0)
1351                         {
1352                         if (--argc < 1) goto bad;
1353                         serverinfo_file = *(++argv);
1354                         }
1355                 else if (strcmp(*argv,"-custom_ext") == 0)
1356                         {
1357                         custom_ext = 1;
1358                         }
1359                 else if (strcmp(*argv,"-alpn_client") == 0)
1360                         {
1361                         if (--argc < 1) goto bad;
1362                         alpn_client = *(++argv);
1363                         }
1364                 else if (strcmp(*argv,"-alpn_server") == 0)
1365                         {
1366                         if (--argc < 1) goto bad;
1367                         alpn_server = *(++argv);
1368                         }
1369                 else if (strcmp(*argv,"-alpn_expected") == 0)
1370                         {
1371                         if (--argc < 1) goto bad;
1372                         alpn_expected = *(++argv);
1373                         }
1374                 else if (strcmp(*argv,"-suppdata") == 0)
1375                         {
1376                         suppdata = 1;
1377                         }
1378                 else
1379                         {
1380                         fprintf(stderr,"unknown option %s\n",*argv);
1381                         badop=1;
1382                         break;
1383                         }
1384                 argc--;
1385                 argv++;
1386                 }
1387         if (badop)
1388                 {
1389 bad:
1390                 sv_usage();
1391                 goto end;
1392                 }
1393
1394         if (test_cipherlist == 1)
1395                 {
1396                 /* ensure that the cipher list are correctly sorted and exit */
1397                 if (do_test_cipherlist() == 0)
1398                         EXIT(1);
1399                 ret = 0;
1400                 goto end;
1401                 }
1402
1403         if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
1404                 {
1405                 fprintf(stderr, "This case cannot work.  Use -f to perform "
1406                         "the test anyway (and\n-d to see what happens), "
1407                         "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
1408                         "to avoid protocol mismatch.\n");
1409                 EXIT(1);
1410                 }
1411
1412 #ifdef OPENSSL_FIPS
1413         if(fips_mode)
1414                 {
1415                 if(!FIPS_mode_set(1))
1416                         {
1417                         ERR_load_crypto_strings();
1418                         ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
1419                         EXIT(1);
1420                         }
1421                 else
1422                         fprintf(stderr,"*** IN FIPS MODE ***\n");
1423                 }
1424 #endif
1425
1426         if (print_time)
1427                 {
1428                 if (!bio_pair)
1429                         {
1430                         fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1431                         bio_pair = 1;
1432                         }
1433                 if (number < 50 && !force)
1434                         fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1435                 }
1436
1437 /*      if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1438
1439         SSL_library_init();
1440         SSL_load_error_strings();
1441
1442 #ifndef OPENSSL_NO_COMP
1443         if (comp == COMP_ZLIB) cm = COMP_zlib();
1444         if (comp == COMP_RLE) cm = COMP_rle();
1445         if (cm != NULL)
1446                 {
1447                 if (cm->type != NID_undef)
1448                         {
1449                         if (SSL_COMP_add_compression_method(comp, cm) != 0)
1450                                 {
1451                                 fprintf(stderr,
1452                                         "Failed to add compression method\n");
1453                                 ERR_print_errors_fp(stderr);
1454                                 }
1455                         }
1456                 else
1457                         {
1458                         fprintf(stderr,
1459                                 "Warning: %s compression not supported\n",
1460                                 (comp == COMP_RLE ? "rle" :
1461                                         (comp == COMP_ZLIB ? "zlib" :
1462                                                 "unknown")));
1463                         ERR_print_errors_fp(stderr);
1464                         }
1465                 }
1466         ssl_comp_methods = SSL_COMP_get_compression_methods();
1467         fprintf(stderr, "Available compression methods:\n");
1468         {
1469         int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1470         if (n == 0)
1471                 fprintf(stderr, "  NONE\n");
1472         else
1473                 for (j = 0; j < n; j++)
1474                         {
1475                         SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1476                         fprintf(stderr, "  %d: %s\n", c->id, c->name);
1477                         }
1478         }
1479 #endif
1480
1481 #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
1482         if (ssl2)
1483                 meth=SSLv2_method();
1484         else 
1485         if (tls1)
1486                 meth=TLSv1_method();
1487         else
1488         if (ssl3)
1489                 meth=SSLv3_method();
1490         else
1491                 meth=SSLv23_method();
1492 #else
1493 #ifdef OPENSSL_NO_SSL2
1494         if (tls1)
1495                 meth=TLSv1_method();
1496         else
1497         if (ssl3)
1498                 meth=SSLv3_method();
1499         else
1500                 meth=SSLv23_method();
1501 #else
1502         meth=SSLv2_method();
1503 #endif
1504 #endif
1505
1506         c_ctx=SSL_CTX_new(meth);
1507         s_ctx=SSL_CTX_new(meth);
1508         if ((c_ctx == NULL) || (s_ctx == NULL))
1509                 {
1510                 ERR_print_errors(bio_err);
1511                 goto end;
1512                 }
1513
1514         if (cipher != NULL)
1515                 {
1516                 SSL_CTX_set_cipher_list(c_ctx,cipher);
1517                 SSL_CTX_set_cipher_list(s_ctx,cipher);
1518                 }
1519
1520 #ifndef OPENSSL_NO_DH
1521         if (!no_dhe)
1522                 {
1523                 if (dhe1024dsa)
1524                         {
1525                         /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
1526                         SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1527                         dh=get_dh1024dsa();
1528                         }
1529                 else if (dhe1024)
1530                         dh=get_dh1024();
1531                 else
1532                         dh=get_dh512();
1533                 SSL_CTX_set_tmp_dh(s_ctx,dh);
1534                 DH_free(dh);
1535                 }
1536 #else
1537         (void)no_dhe;
1538 #endif
1539
1540 #ifndef OPENSSL_NO_ECDH
1541         if (!no_ecdhe)
1542                 {
1543                 int nid;
1544
1545                 if (named_curve != NULL)
1546                         {
1547                         nid = OBJ_sn2nid(named_curve);
1548                         if (nid == 0)
1549                         {
1550                                 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1551                                 goto end;
1552                                 }
1553                         }
1554                 else
1555 #ifdef OPENSSL_NO_EC2M
1556                         nid = NID_X9_62_prime256v1;
1557 #else
1558                         nid = NID_sect163r2;
1559 #endif
1560
1561                 ecdh = EC_KEY_new_by_curve_name(nid);
1562                 if (ecdh == NULL)
1563                         {
1564                         BIO_printf(bio_err, "unable to create curve\n");
1565                         goto end;
1566                         }
1567
1568                 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1569                 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1570                 EC_KEY_free(ecdh);
1571                 }
1572 #else
1573         (void)no_ecdhe;
1574 #endif
1575
1576 #ifndef OPENSSL_NO_RSA
1577         SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
1578 #endif
1579
1580 #ifdef TLSEXT_TYPE_opaque_prf_input
1581         SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1582         SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1583         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
1584         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
1585 #endif
1586
1587         if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
1588                 {
1589                 ERR_print_errors(bio_err);
1590                 }
1591         else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1592                 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
1593                 {
1594                 ERR_print_errors(bio_err);
1595                 goto end;
1596                 }
1597
1598         if (client_auth)
1599                 {
1600                 SSL_CTX_use_certificate_file(c_ctx,client_cert,
1601                         SSL_FILETYPE_PEM);
1602                 SSL_CTX_use_PrivateKey_file(c_ctx,
1603                         (client_key?client_key:client_cert),
1604                         SSL_FILETYPE_PEM);
1605                 }
1606
1607         if (    (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
1608                 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1609                 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
1610                 (!SSL_CTX_set_default_verify_paths(c_ctx)))
1611                 {
1612                 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1613                 ERR_print_errors(bio_err);
1614                 /* goto end; */
1615                 }
1616
1617         if (client_auth)
1618                 {
1619                 BIO_printf(bio_err,"client authentication\n");
1620                 SSL_CTX_set_verify(s_ctx,
1621                         SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1622                         verify_callback);
1623                 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1624                 }
1625         if (server_auth)
1626                 {
1627                 BIO_printf(bio_err,"server authentication\n");
1628                 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1629                         verify_callback);
1630                 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1631                 }
1632         
1633         {
1634                 int session_id_context = 0;
1635                 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1636         }
1637
1638         /* Use PSK only if PSK key is given */
1639         if (psk_key != NULL)
1640                 {
1641                 /* no_psk is used to avoid putting psk command to openssl tool */
1642                 if (no_psk)
1643                         {
1644                         /* if PSK is not compiled in and psk key is
1645                          * given, do nothing and exit successfully */
1646                         ret=0;
1647                         goto end;
1648                         }
1649 #ifndef OPENSSL_NO_PSK
1650                 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1651                 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1652                 if (debug)
1653                         BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1654                 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1655                         {
1656                         BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1657                         ERR_print_errors(bio_err);
1658                         goto end;
1659                         }
1660 #endif
1661                 }
1662 #ifndef OPENSSL_NO_SRP
1663         if (srp_client_arg.srplogin)
1664                 {
1665                 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
1666                         {
1667                         BIO_printf(bio_err,"Unable to set SRP username\n");
1668                         goto end;
1669                         }
1670                 SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
1671                 SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
1672                 /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
1673                 }
1674
1675         if (srp_server_arg.expected_user != NULL)
1676                 {
1677                 SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
1678                 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1679                 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1680                 }
1681 #endif
1682
1683 #ifndef OPENSSL_NO_NEXTPROTONEG
1684         if (npn_client)
1685                 {
1686                 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1687                 }
1688         if (npn_server)
1689                 {
1690                 if (npn_server_reject)
1691                         {
1692                         BIO_printf(bio_err, "Can't have both -npn_server and -npn_server_reject\n");
1693                         goto end;
1694                         }
1695                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1696                 }
1697         if (npn_server_reject)
1698                 {
1699                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1700                 }
1701 #endif
1702
1703         if (serverinfo_sct)
1704                 SSL_CTX_set_custom_cli_ext(c_ctx, SCT_EXT_TYPE, NULL, 
1705                                            serverinfo_cli_cb, NULL);
1706         if (serverinfo_tack)
1707                 SSL_CTX_set_custom_cli_ext(c_ctx, TACK_EXT_TYPE, NULL,
1708                                            serverinfo_cli_cb, NULL);
1709
1710         if (serverinfo_file)
1711                 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file))
1712                         {
1713                         BIO_printf(bio_err, "missing serverinfo file\n");
1714                         goto end;
1715                         }
1716
1717         if (custom_ext)
1718                 {
1719                 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_0, 
1720                                            custom_ext_0_cli_first_cb, 
1721                                            custom_ext_0_cli_second_cb, NULL);
1722                 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_1, 
1723                                            custom_ext_1_cli_first_cb, 
1724                                            custom_ext_1_cli_second_cb, NULL);
1725                 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_2, 
1726                                            custom_ext_2_cli_first_cb, 
1727                                            custom_ext_2_cli_second_cb, NULL);
1728                 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_3, 
1729                                            custom_ext_3_cli_first_cb, 
1730                                            custom_ext_3_cli_second_cb, NULL);
1731
1732
1733                 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_0, 
1734                                            custom_ext_0_srv_first_cb, 
1735                                            custom_ext_0_srv_second_cb, NULL);
1736                 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_1, 
1737                                            custom_ext_1_srv_first_cb, 
1738                                            custom_ext_1_srv_second_cb, NULL);
1739                 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_2, 
1740                                            custom_ext_2_srv_first_cb, 
1741                                            custom_ext_2_srv_second_cb, NULL);
1742                 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_3, 
1743                                            custom_ext_3_srv_first_cb, 
1744                                            custom_ext_3_srv_second_cb, NULL);
1745                 }
1746
1747         if (alpn_server)
1748                 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1749
1750         if (alpn_client)
1751                 {
1752                 unsigned short alpn_len;
1753                 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1754
1755                 if (alpn == NULL)
1756                         {
1757                         BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1758                         goto end;
1759                         }
1760                 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1761                 OPENSSL_free(alpn);
1762                 }
1763
1764         c_ssl=SSL_new(c_ctx);
1765         s_ssl=SSL_new(s_ctx);
1766
1767         if (suppdata)
1768                 {
1769                 /* TEST CASES */
1770                 /* client and server both send and receive, verify
1771                  * additional arg passed back */
1772                 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0,
1773                                           supp_data_0_srv_first_cb,
1774                                           supp_data_0_srv_second_cb, s_ssl);
1775                 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0,
1776                                           supp_data_0_cli_first_cb,
1777                                           supp_data_0_cli_second_cb, c_ssl);
1778
1779                 /* -1 response from sending server/client doesn't
1780                  * receive, -1 response from sending client/server
1781                  * doesn't receive */
1782                 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1,
1783                                           supp_data_1_srv_first_cb,
1784                                           supp_data_1_srv_second_cb, NULL);
1785                 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1,
1786                                           supp_data_1_cli_first_cb,
1787                                           supp_data_1_cli_second_cb, NULL);
1788
1789                 /* null sending server/client doesn't receive, null
1790                    sending client/server doesn't receive */
1791                 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2,
1792                                           /*supp_data_2_srv_first_cb*/NULL,
1793                                           supp_data_2_srv_second_cb, NULL);
1794                 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2,
1795                                           supp_data_2_cli_first_cb,
1796                                           /*supp_data_2_cli_second_cb*/NULL,
1797                                           NULL);
1798
1799                 /* alerts set to non-zero and zero return values not tested */
1800                 }
1801 #ifndef OPENSSL_NO_KRB5
1802         if (c_ssl  &&  c_ssl->kssl_ctx)
1803                 {
1804                 char    localhost[MAXHOSTNAMELEN+2];
1805
1806                 if (gethostname(localhost, sizeof localhost-1) == 0)
1807                         {
1808                         localhost[sizeof localhost-1]='\0';
1809                         if(strlen(localhost) == sizeof localhost-1)
1810                                 {
1811                                 BIO_printf(bio_err,"localhost name too long\n");
1812                                 goto end;
1813                                 }
1814                         kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1815                                 localhost);
1816                         }
1817                 }
1818 #endif    /* OPENSSL_NO_KRB5  */
1819
1820         for (i=0; i<number; i++)
1821                 {
1822                 if (!reuse) SSL_set_session(c_ssl,NULL);
1823                 if (bio_pair)
1824                         ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1825                 else
1826                         ret=doit(s_ssl,c_ssl,bytes);
1827                 }
1828
1829         if (!verbose)
1830                 {
1831                 print_details(c_ssl, "");
1832                 }
1833         if ((number > 1) || (bytes > 1L))
1834                 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1835         if (print_time)
1836                 {
1837 #ifdef CLOCKS_PER_SEC
1838                 /* "To determine the time in seconds, the value returned
1839                  * by the clock function should be divided by the value
1840                  * of the macro CLOCKS_PER_SEC."
1841                  *                                       -- ISO/IEC 9899 */
1842                 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1843                         "Approximate total client time: %6.2f s\n",
1844                         (double)s_time/CLOCKS_PER_SEC,
1845                         (double)c_time/CLOCKS_PER_SEC);
1846 #else
1847                 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
1848                  *                            -- cc on NeXTstep/OpenStep */
1849                 BIO_printf(bio_stdout,
1850                         "Approximate total server time: %6.2f units\n"
1851                         "Approximate total client time: %6.2f units\n",
1852                         (double)s_time,
1853                         (double)c_time);
1854 #endif
1855                 }
1856
1857         SSL_free(s_ssl);
1858         SSL_free(c_ssl);
1859
1860 end:
1861         if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1862         if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1863
1864         if (bio_stdout != NULL) BIO_free(bio_stdout);
1865
1866 #ifndef OPENSSL_NO_RSA
1867         free_tmp_rsa();
1868 #endif
1869 #ifndef OPENSSL_NO_ENGINE
1870         ENGINE_cleanup();
1871 #endif
1872         CRYPTO_cleanup_all_ex_data();
1873         ERR_free_strings();
1874         ERR_remove_thread_state(NULL);
1875         EVP_cleanup();
1876         CRYPTO_mem_leaks(bio_err);
1877         if (bio_err != NULL) BIO_free(bio_err);
1878         EXIT(ret);
1879         return ret;
1880         }
1881
1882 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1883         clock_t *s_time, clock_t *c_time)
1884         {
1885         long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1886         BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1887         BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1888         int ret = 1;
1889         
1890         size_t bufsiz = 256; /* small buffer for testing */
1891
1892         if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1893                 goto err;
1894         if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1895                 goto err;
1896         
1897         s_ssl_bio = BIO_new(BIO_f_ssl());
1898         if (!s_ssl_bio)
1899                 goto err;
1900
1901         c_ssl_bio = BIO_new(BIO_f_ssl());
1902         if (!c_ssl_bio)
1903                 goto err;
1904
1905         SSL_set_connect_state(c_ssl);
1906         SSL_set_bio(c_ssl, client, client);
1907         (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1908
1909         SSL_set_accept_state(s_ssl);
1910         SSL_set_bio(s_ssl, server, server);
1911         (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1912
1913         do
1914                 {
1915                 /* c_ssl_bio:          SSL filter BIO
1916                  *
1917                  * client:             pseudo-I/O for SSL library
1918                  *
1919                  * client_io:          client's SSL communication; usually to be
1920                  *                     relayed over some I/O facility, but in this
1921                  *                     test program, we're the server, too:
1922                  *
1923                  * server_io:          server's SSL communication
1924                  *
1925                  * server:             pseudo-I/O for SSL library
1926                  *
1927                  * s_ssl_bio:          SSL filter BIO
1928                  *
1929                  * The client and the server each employ a "BIO pair":
1930                  * client + client_io, server + server_io.
1931                  * BIO pairs are symmetric.  A BIO pair behaves similar
1932                  * to a non-blocking socketpair (but both endpoints must
1933                  * be handled by the same thread).
1934                  * [Here we could connect client and server to the ends
1935                  * of a single BIO pair, but then this code would be less
1936                  * suitable as an example for BIO pairs in general.]
1937                  *
1938                  * Useful functions for querying the state of BIO pair endpoints:
1939                  *
1940                  * BIO_ctrl_pending(bio)              number of bytes we can read now
1941                  * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
1942                  *                                      other side's read attempt
1943                  * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
1944                  *
1945                  * ..._read_request is never more than ..._write_guarantee;
1946                  * it depends on the application which one you should use.
1947                  */
1948
1949                 /* We have non-blocking behaviour throughout this test program, but
1950                  * can be sure that there is *some* progress in each iteration; so
1951                  * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1952                  * -- we just try everything in each iteration
1953                  */
1954
1955                         {
1956                         /* CLIENT */
1957                 
1958                         MS_STATIC char cbuf[1024*8];
1959                         int i, r;
1960                         clock_t c_clock = clock();
1961
1962                         memset(cbuf, 0, sizeof(cbuf));
1963
1964                         if (debug)
1965                                 if (SSL_in_init(c_ssl))
1966                                         printf("client waiting in SSL_connect - %s\n",
1967                                                 SSL_state_string_long(c_ssl));
1968
1969                         if (cw_num > 0)
1970                                 {
1971                                 /* Write to server. */
1972                                 
1973                                 if (cw_num > (long)sizeof cbuf)
1974                                         i = sizeof cbuf;
1975                                 else
1976                                         i = (int)cw_num;
1977                                 r = BIO_write(c_ssl_bio, cbuf, i);
1978                                 if (r < 0)
1979                                         {
1980                                         if (!BIO_should_retry(c_ssl_bio))
1981                                                 {
1982                                                 fprintf(stderr,"ERROR in CLIENT\n");
1983                                                 goto err;
1984                                                 }
1985                                         /* BIO_should_retry(...) can just be ignored here.
1986                                          * The library expects us to call BIO_write with
1987                                          * the same arguments again, and that's what we will
1988                                          * do in the next iteration. */
1989                                         }
1990                                 else if (r == 0)
1991                                         {
1992                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1993                                         goto err;
1994                                         }
1995                                 else
1996                                         {
1997                                         if (debug)
1998                                                 printf("client wrote %d\n", r);
1999                                         cw_num -= r;                            
2000                                         }
2001                                 }
2002
2003                         if (cr_num > 0)
2004                                 {
2005                                 /* Read from server. */
2006
2007                                 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2008                                 if (r < 0)
2009                                         {
2010                                         if (!BIO_should_retry(c_ssl_bio))
2011                                                 {
2012                                                 fprintf(stderr,"ERROR in CLIENT\n");
2013                                                 goto err;
2014                                                 }
2015                                         /* Again, "BIO_should_retry" can be ignored. */
2016                                         }
2017                                 else if (r == 0)
2018                                         {
2019                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2020                                         goto err;
2021                                         }
2022                                 else
2023                                         {
2024                                         if (debug)
2025                                                 printf("client read %d\n", r);
2026                                         cr_num -= r;
2027                                         }
2028                                 }
2029
2030                         /* c_time and s_time increments will typically be very small
2031                          * (depending on machine speed and clock tick intervals),
2032                          * but sampling over a large number of connections should
2033                          * result in fairly accurate figures.  We cannot guarantee
2034                          * a lot, however -- if each connection lasts for exactly
2035                          * one clock tick, it will be counted only for the client
2036                          * or only for the server or even not at all.
2037                          */
2038                         *c_time += (clock() - c_clock);
2039                         }
2040
2041                         {
2042                         /* SERVER */
2043                 
2044                         MS_STATIC char sbuf[1024*8];
2045                         int i, r;
2046                         clock_t s_clock = clock();
2047
2048                         memset(sbuf, 0, sizeof(sbuf));
2049
2050                         if (debug)
2051                                 if (SSL_in_init(s_ssl))
2052                                         printf("server waiting in SSL_accept - %s\n",
2053                                                 SSL_state_string_long(s_ssl));
2054
2055                         if (sw_num > 0)
2056                                 {
2057                                 /* Write to client. */
2058                                 
2059                                 if (sw_num > (long)sizeof sbuf)
2060                                         i = sizeof sbuf;
2061                                 else
2062                                         i = (int)sw_num;
2063                                 r = BIO_write(s_ssl_bio, sbuf, i);
2064                                 if (r < 0)
2065                                         {
2066                                         if (!BIO_should_retry(s_ssl_bio))
2067                                                 {
2068                                                 fprintf(stderr,"ERROR in SERVER\n");
2069                                                 goto err;
2070                                                 }
2071                                         /* Ignore "BIO_should_retry". */
2072                                         }
2073                                 else if (r == 0)
2074                                         {
2075                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2076                                         goto err;
2077                                         }
2078                                 else
2079                                         {
2080                                         if (debug)
2081                                                 printf("server wrote %d\n", r);
2082                                         sw_num -= r;                            
2083                                         }
2084                                 }
2085
2086                         if (sr_num > 0)
2087                                 {
2088                                 /* Read from client. */
2089
2090                                 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2091                                 if (r < 0)
2092                                         {
2093                                         if (!BIO_should_retry(s_ssl_bio))
2094                                                 {
2095                                                 fprintf(stderr,"ERROR in SERVER\n");
2096                                                 goto err;
2097                                                 }
2098                                         /* blah, blah */
2099                                         }
2100                                 else if (r == 0)
2101                                         {
2102                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2103                                         goto err;
2104                                         }
2105                                 else
2106                                         {
2107                                         if (debug)
2108                                                 printf("server read %d\n", r);
2109                                         sr_num -= r;
2110                                         }
2111                                 }
2112
2113                         *s_time += (clock() - s_clock);
2114                         }
2115                         
2116                         {
2117                         /* "I/O" BETWEEN CLIENT AND SERVER. */
2118
2119                         size_t r1, r2;
2120                         BIO *io1 = server_io, *io2 = client_io;
2121                         /* we use the non-copying interface for io1
2122                          * and the standard BIO_write/BIO_read interface for io2
2123                          */
2124                         
2125                         static int prev_progress = 1;
2126                         int progress = 0;
2127                         
2128                         /* io1 to io2 */
2129                         do
2130                                 {
2131                                 size_t num;
2132                                 int r;
2133
2134                                 r1 = BIO_ctrl_pending(io1);
2135                                 r2 = BIO_ctrl_get_write_guarantee(io2);
2136
2137                                 num = r1;
2138                                 if (r2 < num)
2139                                         num = r2;
2140                                 if (num)
2141                                         {
2142                                         char *dataptr;
2143
2144                                         if (INT_MAX < num) /* yeah, right */
2145                                                 num = INT_MAX;
2146                                         
2147                                         r = BIO_nread(io1, &dataptr, (int)num);
2148                                         assert(r > 0);
2149                                         assert(r <= (int)num);
2150                                         /* possibly r < num (non-contiguous data) */
2151                                         num = r;
2152                                         r = BIO_write(io2, dataptr, (int)num);
2153                                         if (r != (int)num) /* can't happen */
2154                                                 {
2155                                                 fprintf(stderr, "ERROR: BIO_write could not write "
2156                                                         "BIO_ctrl_get_write_guarantee() bytes");
2157                                                 goto err;
2158                                                 }
2159                                         progress = 1;
2160
2161                                         if (debug)
2162                                                 printf((io1 == client_io) ?
2163                                                         "C->S relaying: %d bytes\n" :
2164                                                         "S->C relaying: %d bytes\n",
2165                                                         (int)num);
2166                                         }
2167                                 }
2168                         while (r1 && r2);
2169
2170                         /* io2 to io1 */
2171                         {
2172                                 size_t num;
2173                                 int r;
2174
2175                                 r1 = BIO_ctrl_pending(io2);
2176                                 r2 = BIO_ctrl_get_read_request(io1);
2177                                 /* here we could use ..._get_write_guarantee instead of
2178                                  * ..._get_read_request, but by using the latter
2179                                  * we test restartability of the SSL implementation
2180                                  * more thoroughly */
2181                                 num = r1;
2182                                 if (r2 < num)
2183                                         num = r2;
2184                                 if (num)
2185                                         {
2186                                         char *dataptr;
2187                                         
2188                                         if (INT_MAX < num)
2189                                                 num = INT_MAX;
2190
2191                                         if (num > 1)
2192                                                 --num; /* test restartability even more thoroughly */
2193                                         
2194                                         r = BIO_nwrite0(io1, &dataptr);
2195                                         assert(r > 0);
2196                                         if (r < (int)num)
2197                                                 num = r;
2198                                         r = BIO_read(io2, dataptr, (int)num);
2199                                         if (r != (int)num) /* can't happen */
2200                                                 {
2201                                                 fprintf(stderr, "ERROR: BIO_read could not read "
2202                                                         "BIO_ctrl_pending() bytes");
2203                                                 goto err;
2204                                                 }
2205                                         progress = 1;
2206                                         r = BIO_nwrite(io1, &dataptr, (int)num);
2207                                         if (r != (int)num) /* can't happen */
2208                                                 {
2209                                                 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2210                                                         "BIO_nwrite0() bytes");
2211                                                 goto err;
2212                                                 }
2213                                         
2214                                         if (debug)
2215                                                 printf((io2 == client_io) ?
2216                                                         "C->S relaying: %d bytes\n" :
2217                                                         "S->C relaying: %d bytes\n",
2218                                                         (int)num);
2219                                         }
2220                         } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
2221
2222                         if (!progress && !prev_progress)
2223                                 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
2224                                         {
2225                                         fprintf(stderr, "ERROR: got stuck\n");
2226                                         if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
2227                                                 {
2228                                                 fprintf(stderr, "This can happen for SSL2 because "
2229                                                         "CLIENT-FINISHED and SERVER-VERIFY are written \n"
2230                                                         "concurrently ...");
2231                                                 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
2232                                                         && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
2233                                                         {
2234                                                         fprintf(stderr, " ok.\n");
2235                                                         goto end;
2236                                                         }
2237                                                 }
2238                                         fprintf(stderr, " ERROR.\n");
2239                                         goto err;
2240                                         }
2241                         prev_progress = progress;
2242                         }
2243                 }
2244         while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2245
2246         if (verbose)
2247                 print_details(c_ssl, "DONE via BIO pair: ");
2248 #ifndef OPENSSL_NO_NEXTPROTONEG
2249         if (verify_npn(c_ssl, s_ssl) < 0)
2250                 {
2251                 ret = 1;
2252                 goto end;
2253                 }
2254 #endif
2255         if (verify_serverinfo() < 0)
2256                 {
2257                 ret = 1;
2258                 goto err;
2259                 }
2260         if (verify_alpn(c_ssl, s_ssl) < 0)
2261                 {
2262                 ret = 1;
2263                 goto err;
2264                 }
2265
2266         if (custom_ext_error)
2267                 {
2268                 ret = 1;
2269                 goto err;
2270                 }
2271
2272 end:
2273         ret = 0;
2274
2275  err:
2276         ERR_print_errors(bio_err);
2277         
2278         if (server)
2279                 BIO_free(server);
2280         if (server_io)
2281                 BIO_free(server_io);
2282         if (client)
2283                 BIO_free(client);
2284         if (client_io)
2285                 BIO_free(client_io);
2286         if (s_ssl_bio)
2287                 BIO_free(s_ssl_bio);
2288         if (c_ssl_bio)
2289                 BIO_free(c_ssl_bio);
2290
2291         return ret;
2292         }
2293
2294
2295 #define W_READ  1
2296 #define W_WRITE 2
2297 #define C_DONE  1
2298 #define S_DONE  2
2299
2300 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2301         {
2302         MS_STATIC char cbuf[1024*8],sbuf[1024*8];
2303         long cw_num=count,cr_num=count;
2304         long sw_num=count,sr_num=count;
2305         int ret=1;
2306         BIO *c_to_s=NULL;
2307         BIO *s_to_c=NULL;
2308         BIO *c_bio=NULL;
2309         BIO *s_bio=NULL;
2310         int c_r,c_w,s_r,s_w;
2311         int i,j;
2312         int done=0;
2313         int c_write,s_write;
2314         int do_server=0,do_client=0;
2315
2316         memset(cbuf,0,sizeof(cbuf));
2317         memset(sbuf,0,sizeof(sbuf));
2318
2319         c_to_s=BIO_new(BIO_s_mem());
2320         s_to_c=BIO_new(BIO_s_mem());
2321         if ((s_to_c == NULL) || (c_to_s == NULL))
2322                 {
2323                 ERR_print_errors(bio_err);
2324                 goto err;
2325                 }
2326
2327         c_bio=BIO_new(BIO_f_ssl());
2328         s_bio=BIO_new(BIO_f_ssl());
2329         if ((c_bio == NULL) || (s_bio == NULL))
2330                 {
2331                 ERR_print_errors(bio_err);
2332                 goto err;
2333                 }
2334
2335         SSL_set_connect_state(c_ssl);
2336         SSL_set_bio(c_ssl,s_to_c,c_to_s);
2337         BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
2338
2339         SSL_set_accept_state(s_ssl);
2340         SSL_set_bio(s_ssl,c_to_s,s_to_c);
2341         BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
2342
2343         c_r=0; s_r=1;
2344         c_w=1; s_w=0;
2345         c_write=1,s_write=0;
2346
2347         /* We can always do writes */
2348         for (;;)
2349                 {
2350                 do_server=0;
2351                 do_client=0;
2352
2353                 i=(int)BIO_pending(s_bio);
2354                 if ((i && s_r) || s_w) do_server=1;
2355
2356                 i=(int)BIO_pending(c_bio);
2357                 if ((i && c_r) || c_w) do_client=1;
2358
2359                 if (do_server && debug)
2360                         {
2361                         if (SSL_in_init(s_ssl))
2362                                 printf("server waiting in SSL_accept - %s\n",
2363                                         SSL_state_string_long(s_ssl));
2364 /*                      else if (s_write)
2365                                 printf("server:SSL_write()\n");
2366                         else
2367                                 printf("server:SSL_read()\n"); */
2368                         }
2369
2370                 if (do_client && debug)
2371                         {
2372                         if (SSL_in_init(c_ssl))
2373                                 printf("client waiting in SSL_connect - %s\n",
2374                                         SSL_state_string_long(c_ssl));
2375 /*                      else if (c_write)
2376                                 printf("client:SSL_write()\n");
2377                         else
2378                                 printf("client:SSL_read()\n"); */
2379                         }
2380
2381                 if (!do_client && !do_server)
2382                         {
2383                         fprintf(stdout,"ERROR IN STARTUP\n");
2384                         ERR_print_errors(bio_err);
2385                         break;
2386                         }
2387                 if (do_client && !(done & C_DONE))
2388                         {
2389                         if (c_write)
2390                                 {
2391                                 j = (cw_num > (long)sizeof(cbuf)) ?
2392                                         (int)sizeof(cbuf) : (int)cw_num;
2393                                 i=BIO_write(c_bio,cbuf,j);
2394                                 if (i < 0)
2395                                         {
2396                                         c_r=0;
2397                                         c_w=0;
2398                                         if (BIO_should_retry(c_bio))
2399                                                 {
2400                                                 if (BIO_should_read(c_bio))
2401                                                         c_r=1;
2402                                                 if (BIO_should_write(c_bio))
2403                                                         c_w=1;
2404                                                 }
2405                                         else
2406                                                 {
2407                                                 fprintf(stderr,"ERROR in CLIENT\n");
2408                                                 ERR_print_errors(bio_err);
2409                                                 goto err;
2410                                                 }
2411                                         }
2412                                 else if (i == 0)
2413                                         {
2414                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2415                                         goto err;
2416                                         }
2417                                 else
2418                                         {
2419                                         if (debug)
2420                                                 printf("client wrote %d\n",i);
2421                                         /* ok */
2422                                         s_r=1;
2423                                         c_write=0;
2424                                         cw_num-=i;
2425                                         }
2426                                 }
2427                         else
2428                                 {
2429                                 i=BIO_read(c_bio,cbuf,sizeof(cbuf));
2430                                 if (i < 0)
2431                                         {
2432                                         c_r=0;
2433                                         c_w=0;
2434                                         if (BIO_should_retry(c_bio))
2435                                                 {
2436                                                 if (BIO_should_read(c_bio))
2437                                                         c_r=1;
2438                                                 if (BIO_should_write(c_bio))
2439                                                         c_w=1;
2440                                                 }
2441                                         else
2442                                                 {
2443                                                 fprintf(stderr,"ERROR in CLIENT\n");
2444                                                 ERR_print_errors(bio_err);
2445                                                 goto err;
2446                                                 }
2447                                         }
2448                                 else if (i == 0)
2449                                         {
2450                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2451                                         goto err;
2452                                         }
2453                                 else
2454                                         {
2455                                         if (debug)
2456                                                 printf("client read %d\n",i);
2457                                         cr_num-=i;
2458                                         if (sw_num > 0)
2459                                                 {
2460                                                 s_write=1;
2461                                                 s_w=1;
2462                                                 }
2463                                         if (cr_num <= 0)
2464                                                 {
2465                                                 s_write=1;
2466                                                 s_w=1;
2467                                                 done=S_DONE|C_DONE;
2468                                                 }
2469                                         }
2470                                 }
2471                         }
2472
2473                 if (do_server && !(done & S_DONE))
2474                         {
2475                         if (!s_write)
2476                                 {
2477                                 i=BIO_read(s_bio,sbuf,sizeof(cbuf));
2478                                 if (i < 0)
2479                                         {
2480                                         s_r=0;
2481                                         s_w=0;
2482                                         if (BIO_should_retry(s_bio))
2483                                                 {
2484                                                 if (BIO_should_read(s_bio))
2485                                                         s_r=1;
2486                                                 if (BIO_should_write(s_bio))
2487                                                         s_w=1;
2488                                                 }
2489                                         else
2490                                                 {
2491                                                 fprintf(stderr,"ERROR in SERVER\n");
2492                                                 ERR_print_errors(bio_err);
2493                                                 goto err;
2494                                                 }
2495                                         }
2496                                 else if (i == 0)
2497                                         {
2498                                         ERR_print_errors(bio_err);
2499                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
2500                                         goto err;
2501                                         }
2502                                 else
2503                                         {
2504                                         if (debug)
2505                                                 printf("server read %d\n",i);
2506                                         sr_num-=i;
2507                                         if (cw_num > 0)
2508                                                 {
2509                                                 c_write=1;
2510                                                 c_w=1;
2511                                                 }
2512                                         if (sr_num <= 0)
2513                                                 {
2514                                                 s_write=1;
2515                                                 s_w=1;
2516                                                 c_write=0;
2517                                                 }
2518                                         }
2519                                 }
2520                         else
2521                                 {
2522                                 j = (sw_num > (long)sizeof(sbuf)) ?
2523                                         (int)sizeof(sbuf) : (int)sw_num;
2524                                 i=BIO_write(s_bio,sbuf,j);
2525                                 if (i < 0)
2526                                         {
2527                                         s_r=0;
2528                                         s_w=0;
2529                                         if (BIO_should_retry(s_bio))
2530                                                 {
2531                                                 if (BIO_should_read(s_bio))
2532                                                         s_r=1;
2533                                                 if (BIO_should_write(s_bio))
2534                                                         s_w=1;
2535                                                 }
2536                                         else
2537                                                 {
2538                                                 fprintf(stderr,"ERROR in SERVER\n");
2539                                                 ERR_print_errors(bio_err);
2540                                                 goto err;
2541                                                 }
2542                                         }
2543                                 else if (i == 0)
2544                                         {
2545                                         ERR_print_errors(bio_err);
2546                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
2547                                         goto err;
2548                                         }
2549                                 else
2550                                         {
2551                                         if (debug)
2552                                                 printf("server wrote %d\n",i);
2553                                         sw_num-=i;
2554                                         s_write=0;
2555                                         c_r=1;
2556                                         if (sw_num <= 0)
2557                                                 done|=S_DONE;
2558                                         }
2559                                 }
2560                         }
2561
2562                 if ((done & S_DONE) && (done & C_DONE)) break;
2563                 }
2564
2565         if (verbose)
2566                 print_details(c_ssl, "DONE: ");
2567 #ifndef OPENSSL_NO_NEXTPROTONEG
2568         if (verify_npn(c_ssl, s_ssl) < 0)
2569                 {
2570                 ret = 1;
2571                 goto err;
2572                 }
2573 #endif
2574         if (suppdata_error < 0)
2575                 {
2576                 ret = 1;
2577                 goto err;
2578                 }
2579         if (verify_serverinfo() < 0)
2580                 {
2581                 ret = 1;
2582                 goto err;
2583                 }
2584         if (custom_ext_error)
2585                 {
2586                 ret = 1;
2587                 goto err;
2588                 }
2589         ret=0;
2590 err:
2591         /* We have to set the BIO's to NULL otherwise they will be
2592          * OPENSSL_free()ed twice.  Once when th s_ssl is SSL_free()ed and
2593          * again when c_ssl is SSL_free()ed.
2594          * This is a hack required because s_ssl and c_ssl are sharing the same
2595          * BIO structure and SSL_set_bio() and SSL_free() automatically
2596          * BIO_free non NULL entries.
2597          * You should not normally do this or be required to do this */
2598         if (s_ssl != NULL)
2599                 {
2600                 s_ssl->rbio=NULL;
2601                 s_ssl->wbio=NULL;
2602                 }
2603         if (c_ssl != NULL)
2604                 {
2605                 c_ssl->rbio=NULL;
2606                 c_ssl->wbio=NULL;
2607                 }
2608
2609         if (c_to_s != NULL) BIO_free(c_to_s);
2610         if (s_to_c != NULL) BIO_free(s_to_c);
2611         if (c_bio != NULL) BIO_free_all(c_bio);
2612         if (s_bio != NULL) BIO_free_all(s_bio);
2613         return(ret);
2614         }
2615
2616 static int get_proxy_auth_ex_data_idx(void)
2617         {
2618         static volatile int idx = -1;
2619         if (idx < 0)
2620                 {
2621                 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2622                 if (idx < 0)
2623                         {
2624                         idx = X509_STORE_CTX_get_ex_new_index(0,
2625                                 "SSLtest for verify callback", NULL,NULL,NULL);
2626                         }
2627                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2628                 }
2629         return idx;
2630         }
2631
2632 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2633         {
2634         char *s,buf[256];
2635
2636         s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
2637                             sizeof buf);
2638         if (s != NULL)
2639                 {
2640                 if (ok)
2641                         fprintf(stderr,"depth=%d %s\n",
2642                                 ctx->error_depth,buf);
2643                 else
2644                         {
2645                         fprintf(stderr,"depth=%d error=%d %s\n",
2646                                 ctx->error_depth,ctx->error,buf);
2647                         }
2648                 }
2649
2650         if (ok == 0)
2651                 {
2652                 fprintf(stderr,"Error string: %s\n",
2653                         X509_verify_cert_error_string(ctx->error));
2654                 switch (ctx->error)
2655                         {
2656                 case X509_V_ERR_CERT_NOT_YET_VALID:
2657                 case X509_V_ERR_CERT_HAS_EXPIRED:
2658                 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2659                         fprintf(stderr,"  ... ignored.\n");
2660                         ok=1;
2661                         }
2662                 }
2663
2664         if (ok == 1)
2665                 {
2666                 X509 *xs = ctx->current_cert;
2667 #if 0
2668                 X509 *xi = ctx->current_issuer;
2669 #endif
2670
2671                 if (xs->ex_flags & EXFLAG_PROXY)
2672                         {
2673                         unsigned int *letters =
2674                                 X509_STORE_CTX_get_ex_data(ctx,
2675                                         get_proxy_auth_ex_data_idx());
2676
2677                         if (letters)
2678                                 {
2679                                 int found_any = 0;
2680                                 int i;
2681                                 PROXY_CERT_INFO_EXTENSION *pci =
2682                                         X509_get_ext_d2i(xs, NID_proxyCertInfo,
2683                                                 NULL, NULL);
2684
2685                                 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
2686                                         {
2687                                 case NID_Independent:
2688                                         /* Completely meaningless in this
2689                                            program, as there's no way to
2690                                            grant explicit rights to a
2691                                            specific PrC.  Basically, using
2692                                            id-ppl-Independent is the perfect
2693                                            way to grant no rights at all. */
2694                                         fprintf(stderr, "  Independent proxy certificate");
2695                                         for (i = 0; i < 26; i++)
2696                                                 letters[i] = 0;
2697                                         break;
2698                                 case NID_id_ppl_inheritAll:
2699                                         /* This is basically a NOP, we
2700                                            simply let the current rights
2701                                            stand as they are. */
2702                                         fprintf(stderr, "  Proxy certificate inherits all");
2703                                         break;
2704                                 default:
2705                                         s = (char *)
2706                                                 pci->proxyPolicy->policy->data;
2707                                         i = pci->proxyPolicy->policy->length;
2708
2709                                         /* The algorithm works as follows:
2710                                            it is assumed that previous
2711                                            iterations or the initial granted
2712                                            rights has already set some elements
2713                                            of `letters'.  What we need to do is
2714                                            to clear those that weren't granted
2715                                            by the current PrC as well.  The
2716                                            easiest way to do this is to add 1
2717                                            to all the elements whose letters
2718                                            are given with the current policy.
2719                                            That way, all elements that are set
2720                                            by the current policy and were
2721                                            already set by earlier policies and
2722                                            through the original grant of rights
2723                                            will get the value 2 or higher.
2724                                            The last thing to do is to sweep
2725                                            through `letters' and keep the
2726                                            elements having the value 2 as set,
2727                                            and clear all the others. */
2728
2729                                         fprintf(stderr, "  Certificate proxy rights = %*.*s", i, i, s);
2730                                         while(i-- > 0)
2731                                                 {
2732                                                 int c = *s++;
2733                                                 if (isascii(c) && isalpha(c))
2734                                                         {
2735                                                         if (islower(c))
2736                                                                 c = toupper(c);
2737                                                         letters[c - 'A']++;
2738                                                         }
2739                                                 }
2740                                         for (i = 0; i < 26; i++)
2741                                                 if (letters[i] < 2)
2742                                                         letters[i] = 0;
2743                                                 else
2744                                                         letters[i] = 1;
2745                                         }
2746
2747                                 found_any = 0;
2748                                 fprintf(stderr,
2749                                         ", resulting proxy rights = ");
2750                                 for(i = 0; i < 26; i++)
2751                                         if (letters[i])
2752                                                 {
2753                                                 fprintf(stderr, "%c", i + 'A');
2754                                                 found_any = 1;
2755                                                 }
2756                                 if (!found_any)
2757                                         fprintf(stderr, "none");
2758                                 fprintf(stderr, "\n");
2759
2760                                 PROXY_CERT_INFO_EXTENSION_free(pci);
2761                                 }
2762                         }
2763                 }
2764
2765         return(ok);
2766         }
2767
2768 static void process_proxy_debug(int indent, const char *format, ...)
2769         {
2770         static const char indentation[] =
2771                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2772                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
2773         char my_format[256];
2774         va_list args;
2775
2776         BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2777                 indent, indent, indentation, format);
2778
2779         va_start(args, format);
2780         vfprintf(stderr, my_format, args);
2781         va_end(args);
2782         }
2783 /* Priority levels:
2784    0    [!]var, ()
2785    1    & ^
2786    2    |
2787 */
2788 static int process_proxy_cond_adders(unsigned int letters[26],
2789         const char *cond, const char **cond_end, int *pos, int indent);
2790 static int process_proxy_cond_val(unsigned int letters[26],
2791         const char *cond, const char **cond_end, int *pos, int indent)
2792         {
2793         int c;
2794         int ok = 1;
2795         int negate = 0;
2796
2797         while(isspace((int)*cond))
2798                 {
2799                 cond++; (*pos)++;
2800                 }
2801         c = *cond;
2802
2803         if (debug)
2804                 process_proxy_debug(indent,
2805                         "Start process_proxy_cond_val at position %d: %s\n",
2806                         *pos, cond);
2807
2808         while(c == '!')
2809                 {
2810                 negate = !negate;
2811                 cond++; (*pos)++;
2812                 while(isspace((int)*cond))
2813                         {
2814                         cond++; (*pos)++;
2815                         }
2816                 c = *cond;
2817                 }
2818
2819         if (c == '(')
2820                 {
2821                 cond++; (*pos)++;
2822                 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2823                         indent + 1);
2824                 cond = *cond_end;
2825                 if (ok < 0)
2826                         goto end;
2827                 while(isspace((int)*cond))
2828                         {
2829                         cond++; (*pos)++;
2830                         }
2831                 c = *cond;
2832                 if (c != ')')
2833                         {
2834                         fprintf(stderr,
2835                                 "Weird condition character in position %d: "
2836                                 "%c\n", *pos, c);
2837                         ok = -1;
2838                         goto end;
2839                         }
2840                 cond++; (*pos)++;
2841                 }
2842         else if (isascii(c) && isalpha(c))
2843                 {
2844                 if (islower(c))
2845                         c = toupper(c);
2846                 ok = letters[c - 'A'];
2847                 cond++; (*pos)++;
2848                 }
2849         else
2850                 {
2851                 fprintf(stderr,
2852                         "Weird condition character in position %d: "
2853                         "%c\n", *pos, c);
2854                 ok = -1;
2855                 goto end;
2856                 }
2857  end:
2858         *cond_end = cond;
2859         if (ok >= 0 && negate)
2860                 ok = !ok;
2861
2862         if (debug)
2863                 process_proxy_debug(indent,
2864                         "End process_proxy_cond_val at position %d: %s, returning %d\n",
2865                         *pos, cond, ok);
2866
2867         return ok;
2868         }
2869 static int process_proxy_cond_multipliers(unsigned int letters[26],
2870         const char *cond, const char **cond_end, int *pos, int indent)
2871         {
2872         int ok;
2873         char c;
2874
2875         if (debug)
2876                 process_proxy_debug(indent,
2877                         "Start process_proxy_cond_multipliers at position %d: %s\n",
2878                         *pos, cond);
2879
2880         ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2881         cond = *cond_end;
2882         if (ok < 0)
2883                 goto end;
2884
2885         while(ok >= 0)
2886                 {
2887                 while(isspace((int)*cond))
2888                         {
2889                         cond++; (*pos)++;
2890                         }
2891                 c = *cond;
2892
2893                 switch(c)
2894                         {
2895                 case '&':
2896                 case '^':
2897                         {
2898                         int save_ok = ok;
2899
2900                         cond++; (*pos)++;
2901                         ok = process_proxy_cond_val(letters,
2902                                 cond, cond_end, pos, indent + 1);
2903                         cond = *cond_end;
2904                         if (ok < 0)
2905                                 break;
2906
2907                         switch(c)
2908                                 {
2909                         case '&':
2910                                 ok &= save_ok;
2911                                 break;
2912                         case '^':
2913                                 ok ^= save_ok;
2914                                 break;
2915                         default:
2916                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2917                                         " STOPPING\n");
2918                                 EXIT(1);
2919                                 }
2920                         }
2921                         break;
2922                 default:
2923                         goto end;
2924                         }
2925                 }
2926  end:
2927         if (debug)
2928                 process_proxy_debug(indent,
2929                         "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2930                         *pos, cond, ok);
2931
2932         *cond_end = cond;
2933         return ok;
2934         }
2935 static int process_proxy_cond_adders(unsigned int letters[26],
2936         const char *cond, const char **cond_end, int *pos, int indent)
2937         {
2938         int ok;
2939         char c;
2940
2941         if (debug)
2942                 process_proxy_debug(indent,
2943                         "Start process_proxy_cond_adders at position %d: %s\n",
2944                         *pos, cond);
2945
2946         ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2947                 indent + 1);
2948         cond = *cond_end;
2949         if (ok < 0)
2950                 goto end;
2951
2952         while(ok >= 0)
2953                 {
2954                 while(isspace((int)*cond))
2955                         {
2956                         cond++; (*pos)++;
2957                         }
2958                 c = *cond;
2959
2960                 switch(c)
2961                         {
2962                 case '|':
2963                         {
2964                         int save_ok = ok;
2965
2966                         cond++; (*pos)++;
2967                         ok = process_proxy_cond_multipliers(letters,
2968                                 cond, cond_end, pos, indent + 1);
2969                         cond = *cond_end;
2970                         if (ok < 0)
2971                                 break;
2972
2973                         switch(c)
2974                                 {
2975                         case '|':
2976                                 ok |= save_ok;
2977                                 break;
2978                         default:
2979                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2980                                         " STOPPING\n");
2981                                 EXIT(1);
2982                                 }
2983                         }
2984                         break;
2985                 default:
2986                         goto end;
2987                         }
2988                 }
2989  end:
2990         if (debug)
2991                 process_proxy_debug(indent,
2992                         "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2993                         *pos, cond, ok);
2994
2995         *cond_end = cond;
2996         return ok;
2997         }
2998
2999 static int process_proxy_cond(unsigned int letters[26],
3000         const char *cond, const char **cond_end)
3001         {
3002         int pos = 1;
3003         return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3004         }
3005
3006 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
3007         {
3008         int ok=1;
3009         struct app_verify_arg *cb_arg = arg;
3010         unsigned int letters[26]; /* only used with proxy_auth */
3011
3012         if (cb_arg->app_verify)
3013                 {
3014                 char *s = NULL,buf[256];
3015
3016                 fprintf(stderr, "In app_verify_callback, allowing cert. ");
3017                 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
3018                 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
3019                         (void *)ctx, (void *)ctx->cert);
3020                 if (ctx->cert)
3021                         s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
3022                 if (s != NULL)
3023                         {
3024                         fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
3025                         }
3026                 return(1);
3027                 }
3028         if (cb_arg->proxy_auth)
3029                 {
3030                 int found_any = 0, i;
3031                 char *sp;
3032
3033                 for(i = 0; i < 26; i++)
3034                         letters[i] = 0;
3035                 for(sp = cb_arg->proxy_auth; *sp; sp++)
3036                         {
3037                         int c = *sp;
3038                         if (isascii(c) && isalpha(c))
3039                                 {
3040                                 if (islower(c))
3041