Retry callback only after ClientHello received.
[openssl.git] / ssl / ssltest.c
1 /* ssl/ssltest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer. 
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  * ECC cipher suite support in OpenSSL originally developed by 
114  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115  */
116 /* ====================================================================
117  * Copyright 2005 Nokia. All rights reserved.
118  *
119  * The portions of the attached software ("Contribution") is developed by
120  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121  * license.
122  *
123  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125  * support (see RFC 4279) to OpenSSL.
126  *
127  * No patent licenses or other rights except those expressly stated in
128  * the OpenSSL open source license shall be deemed granted or received
129  * expressly, by implication, estoppel, or otherwise.
130  *
131  * No assurances are provided by Nokia that the Contribution does not
132  * infringe the patent or other intellectual property rights of any third
133  * party or that the license provides you with all the necessary rights
134  * to make use of the Contribution.
135  *
136  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140  * OTHERWISE.
141  */
142
143 #define _BSD_SOURCE 1           /* Or gethostname won't be declared properly
144                                    on Linux and GNU platforms. */
145
146 #include <assert.h>
147 #include <errno.h>
148 #include <limits.h>
149 #include <stdio.h>
150 #include <stdlib.h>
151 #include <string.h>
152 #include <time.h>
153
154 #define USE_SOCKETS
155 #include "e_os.h"
156
157 #ifdef OPENSSL_SYS_VMS
158 #define _XOPEN_SOURCE 500       /* Or isascii won't be declared properly on
159                                    VMS (at least with DECompHP C).  */
160 #endif
161
162 #include <ctype.h>
163
164 #include <openssl/bio.h>
165 #include <openssl/crypto.h>
166 #include <openssl/evp.h>
167 #include <openssl/x509.h>
168 #include <openssl/x509v3.h>
169 #include <openssl/ssl.h>
170 #ifndef OPENSSL_NO_ENGINE
171 #include <openssl/engine.h>
172 #endif
173 #include <openssl/err.h>
174 #include <openssl/rand.h>
175 #ifndef OPENSSL_NO_RSA
176 #include <openssl/rsa.h>
177 #endif
178 #ifndef OPENSSL_NO_DSA
179 #include <openssl/dsa.h>
180 #endif
181 #ifndef OPENSSL_NO_DH
182 #include <openssl/dh.h>
183 #endif
184 #ifndef OPENSSL_NO_SRP
185 #include <openssl/srp.h>
186 #endif
187 #include <openssl/bn.h>
188
189 #define _XOPEN_SOURCE_EXTENDED  1 /* Or gethostname won't be declared properly
190                                      on Compaq platforms (at least with DEC C).
191                                      Do not try to put it earlier, or IPv6 includes
192                                      get screwed...
193                                   */
194
195 #ifdef OPENSSL_SYS_WINDOWS
196 #include <winsock.h>
197 #else
198 #include OPENSSL_UNISTD
199 #endif
200
201 #ifdef OPENSSL_SYS_VMS
202 #  define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
203 #  define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
204 #elif defined(OPENSSL_SYS_WINCE)
205 #  define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
206 #  define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
207 #elif defined(OPENSSL_SYS_NETWARE)
208 #  define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
209 #  define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
210 #else
211 #  define TEST_SERVER_CERT "../apps/server.pem"
212 #  define TEST_CLIENT_CERT "../apps/client.pem"
213 #endif
214
215 /* There is really no standard for this, so let's assign some tentative
216    numbers.  In any case, these numbers are only for this test */
217 #define COMP_RLE        255
218 #define COMP_ZLIB       1
219
220 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
221 #ifndef OPENSSL_NO_RSA
222 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export,int keylength);
223 static void free_tmp_rsa(void);
224 #endif
225 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
226 #define APP_CALLBACK_STRING "Test Callback Argument"
227 struct app_verify_arg
228         {
229         char *string;
230         int app_verify;
231         int allow_proxy_certs;
232         char *proxy_auth;
233         char *proxy_cond;
234         };
235
236 #ifndef OPENSSL_NO_DH
237 static DH *get_dh512(void);
238 static DH *get_dh1024(void);
239 static DH *get_dh1024dsa(void);
240 #endif
241
242
243 static char *psk_key=NULL; /* by default PSK is not used */
244 #ifndef OPENSSL_NO_PSK
245 static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identity,
246         unsigned int max_identity_len, unsigned char *psk,
247         unsigned int max_psk_len);
248 static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned char *psk,
249         unsigned int max_psk_len);
250 #endif
251
252 #ifndef OPENSSL_NO_SRP
253 /* SRP client */
254 /* This is a context that we pass to all callbacks */
255 typedef struct srp_client_arg_st
256         {
257         char *srppassin;
258         char *srplogin;
259         } SRP_CLIENT_ARG;
260
261 #define PWD_STRLEN 1024
262
263 static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
264         {
265         SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
266         return BUF_strdup((char *)srp_client_arg->srppassin);
267         }
268
269 /* SRP server */
270 /* This is a context that we pass to SRP server callbacks */
271 typedef struct srp_server_arg_st
272         {
273         char *expected_user;
274         char *pass;
275         } SRP_SERVER_ARG;
276
277 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
278         {
279         SRP_SERVER_ARG * p = (SRP_SERVER_ARG *) arg;
280
281         if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0)
282                 {
283                 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
284                 return SSL3_AL_FATAL;
285                 }
286         if (SSL_set_srp_server_param_pw(s,p->expected_user,p->pass,"1024")<0)
287                 {
288                 *ad = SSL_AD_INTERNAL_ERROR;
289                 return SSL3_AL_FATAL;
290                 }
291         return SSL_ERROR_NONE;
292         }
293 #endif
294
295 static BIO *bio_err=NULL;
296 static BIO *bio_stdout=NULL;
297
298 #ifndef OPENSSL_NO_NEXTPROTONEG
299 /* Note that this code assumes that this is only a one element list: */
300 static const char NEXT_PROTO_STRING[] = "\x09testproto";
301 int npn_client = 0;
302 int npn_server = 0;
303 int npn_server_reject = 0;
304
305 static int cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
306         {
307         /* This callback only returns the protocol string, rather than a length
308            prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
309            remove the first byte to chop off the length prefix. */
310         *out = (unsigned char*) NEXT_PROTO_STRING + 1;
311         *outlen = sizeof(NEXT_PROTO_STRING) - 2;
312         return SSL_TLSEXT_ERR_OK;
313         }
314
315 static int cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
316         {
317         *data = (const unsigned char *) NEXT_PROTO_STRING;
318         *len = sizeof(NEXT_PROTO_STRING) - 1;
319         return SSL_TLSEXT_ERR_OK;
320         }
321
322 static int cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
323         {
324         return SSL_TLSEXT_ERR_NOACK;
325         }
326
327 static int verify_npn(SSL *client, SSL *server)
328         {
329         const unsigned char *client_s;
330         unsigned client_len;
331         const unsigned char *server_s;
332         unsigned server_len;
333
334         SSL_get0_next_proto_negotiated(client, &client_s, &client_len);
335         SSL_get0_next_proto_negotiated(server, &server_s, &server_len);
336
337         if (client_len)
338                 {
339                 BIO_printf(bio_stdout, "Client NPN: ");
340                 BIO_write(bio_stdout, client_s, client_len);
341                 BIO_printf(bio_stdout, "\n");
342                 }
343
344         if (server_len)
345                 {
346                 BIO_printf(bio_stdout, "Server NPN: ");
347                 BIO_write(bio_stdout, server_s, server_len);
348                 BIO_printf(bio_stdout, "\n");
349                 }
350
351         /* If an NPN string was returned, it must be the protocol that we
352          * expected to negotiate. */
353         if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 ||
354                            memcmp(client_s, NEXT_PROTO_STRING + 1, client_len)))
355                 return -1;
356         if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 ||
357                            memcmp(server_s, NEXT_PROTO_STRING + 1, server_len)))
358                 return -1;
359
360         if (!npn_client && client_len)
361                 return -1;
362         if (!npn_server && server_len)
363                 return -1;
364         if (npn_server_reject && server_len)
365                 return -1;
366         if (npn_client && npn_server && (!client_len || !server_len))
367                 return -1;
368
369         return 0;
370         }
371 #endif
372
373 static const char *alpn_client;
374 static const char *alpn_server;
375 static const char *alpn_expected;
376 static unsigned char *alpn_selected;
377
378 /* next_protos_parse parses a comma separated list of strings into a string
379  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
380  *   outlen: (output) set to the length of the resulting buffer on success.
381  *   err: (maybe NULL) on failure, an error message line is written to this BIO.
382  *   in: a NUL termianted string like "abc,def,ghi"
383  *
384  *   returns: a malloced buffer or NULL on failure.
385  */
386 static unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
387         {
388         size_t len;
389         unsigned char *out;
390         size_t i, start = 0;
391
392         len = strlen(in);
393         if (len >= 65535)
394                 return NULL;
395
396         out = OPENSSL_malloc(strlen(in) + 1);
397         if (!out)
398                 return NULL;
399
400         for (i = 0; i <= len; ++i)
401                 {
402                 if (i == len || in[i] == ',')
403                         {
404                         if (i - start > 255)
405                                 {
406                                 OPENSSL_free(out);
407                                 return NULL;
408                                 }
409                         out[start] = i - start;
410                         start = i + 1;
411                         }
412                 else
413                         out[i+1] = in[i];
414                 }
415
416         *outlen = len + 1;
417         return out;
418         }
419
420 static int cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
421         {
422         unsigned char *protos;
423         unsigned short protos_len;
424
425         protos = next_protos_parse(&protos_len, alpn_server);
426         if (protos == NULL)
427                 {
428                 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n", alpn_server);
429                 abort();
430                 }
431
432         if (SSL_select_next_proto((unsigned char**) out, outlen, protos, protos_len, in, inlen) !=
433             OPENSSL_NPN_NEGOTIATED)
434                 {
435                 OPENSSL_free(protos);
436                 return SSL_TLSEXT_ERR_NOACK;
437                 }
438
439         /* Make a copy of the selected protocol which will be freed in verify_alpn. */
440         alpn_selected = OPENSSL_malloc(*outlen);
441         memcpy(alpn_selected, *out, *outlen);
442         *out = alpn_selected;
443
444         OPENSSL_free(protos);
445         return SSL_TLSEXT_ERR_OK;
446         }
447
448 static int verify_alpn(SSL *client, SSL *server)
449         {
450         const unsigned char *client_proto, *server_proto;
451         unsigned int client_proto_len = 0, server_proto_len = 0;
452         SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
453         SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
454
455         if (alpn_selected != NULL)
456                 {
457                 OPENSSL_free(alpn_selected);
458                 alpn_selected = NULL;
459                 }
460
461         if (client_proto_len != server_proto_len ||
462             memcmp(client_proto, server_proto, client_proto_len) != 0)
463                 {
464                 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
465                 goto err;
466                 }
467
468         if (client_proto_len > 0 && alpn_expected == NULL)
469                 {
470                 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
471                 goto err;
472                 }
473
474         if (alpn_expected != NULL &&
475             (client_proto_len != strlen(alpn_expected) ||
476              memcmp(client_proto, alpn_expected, client_proto_len) != 0))
477                 {
478                 BIO_printf(bio_stdout, "ALPN selected protocols not equal to expected protocol: %s\n", alpn_expected);
479                 goto err;
480                 }
481
482         return 0;
483
484 err:
485         BIO_printf(bio_stdout, "ALPN results: client: '");
486         BIO_write(bio_stdout, client_proto, client_proto_len);
487         BIO_printf(bio_stdout, "', server: '");
488         BIO_write(bio_stdout, server_proto, server_proto_len);
489         BIO_printf(bio_stdout, "'\n");
490         BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", alpn_client, alpn_server);
491         return -1;
492         }
493
494 #define SCT_EXT_TYPE 18
495
496 /* WARNING : below extension types are *NOT* IETF assigned, and 
497    could conflict if these types are reassigned and handled 
498    specially by OpenSSL in the future */
499 #define TACK_EXT_TYPE 62208
500 #define CUSTOM_EXT_TYPE_0 1000
501 #define CUSTOM_EXT_TYPE_1 1001
502 #define CUSTOM_EXT_TYPE_2 1002
503 #define CUSTOM_EXT_TYPE_3 1003
504
505 const char custom_ext_cli_string[] = "abc";
506 const char custom_ext_srv_string[] = "defg";
507
508 /* These set from cmdline */
509 char* serverinfo_file = NULL;
510 int serverinfo_sct = 0;
511 int serverinfo_tack = 0;
512
513 /* These set based on extension callbacks */
514 int serverinfo_sct_seen = 0;
515 int serverinfo_tack_seen = 0;
516 int serverinfo_other_seen = 0;
517
518 /* This set from cmdline */
519 int custom_ext = 0;
520
521 /* This set based on extension callbacks */
522 int custom_ext_error = 0;
523
524 /* Not IETF assigned supplemental data types */
525 #define CUSTOM_SUPP_DATA_TYPE_0 100
526 #define CUSTOM_SUPP_DATA_TYPE_1 101
527 #define CUSTOM_SUPP_DATA_TYPE_2 102
528
529 const char supp_data_0_string[] = "00000";
530
531 int suppdata = 0;
532 int suppdata_error = 0;
533
534 static int serverinfo_cli_cb(SSL* s, unsigned short ext_type,
535                              const unsigned char* in, unsigned short inlen, 
536                              int* al, void* arg)
537         {
538         if (ext_type == SCT_EXT_TYPE)
539                 serverinfo_sct_seen++;
540         else if (ext_type == TACK_EXT_TYPE)
541                 serverinfo_tack_seen++;
542         else
543                 serverinfo_other_seen++;
544         return 1;
545         }
546
547 static int verify_serverinfo()
548         {
549         if (serverinfo_sct != serverinfo_sct_seen)
550                 return -1;
551         if (serverinfo_tack != serverinfo_tack_seen)
552                 return -1;
553         if (serverinfo_other_seen)
554                 return -1;
555         return 0;
556         }
557
558 /* Four test cases for custom extensions:
559  * 0 - no ClientHello extension or ServerHello response
560  * 1 - ClientHello with "abc", no response
561  * 2 - ClientHello with "abc", empty response
562  * 3 - ClientHello with "abc", "defg" response
563  */
564
565 static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type,
566                                      const unsigned char **out,
567                                      unsigned short *outlen, int *al, void *arg)
568         {
569         if (ext_type != CUSTOM_EXT_TYPE_0)
570                 custom_ext_error = 1;
571         return -1;  /* Don't send an extension */
572         }
573
574 static int custom_ext_0_cli_second_cb(SSL *s, unsigned short ext_type,
575                                       const unsigned char *in,
576                                       unsigned short inlen, int *al,
577                                       void *arg)
578         {
579         return 1;
580         }
581
582 static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type,
583                                      const unsigned char **out,
584                                      unsigned short *outlen, int *al, void *arg)
585         {
586         if (ext_type != CUSTOM_EXT_TYPE_1)
587                 custom_ext_error = 1;
588         *out = (const unsigned char*)custom_ext_cli_string;
589         *outlen = strlen(custom_ext_cli_string);
590         return 1; /* Send "abc" */
591         }
592
593 static int custom_ext_1_cli_second_cb(SSL *s, unsigned short ext_type,
594                                       const unsigned char *in,
595                                       unsigned short inlen, int *al,
596                                       void *arg)
597         {
598         return 1;
599         }
600
601 static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type,
602                                      const unsigned char **out,
603                                      unsigned short *outlen, int *al, void *arg)
604         {
605         if (ext_type != CUSTOM_EXT_TYPE_2)
606                 custom_ext_error = 1;
607         *out = (const unsigned char*)custom_ext_cli_string;
608         *outlen = strlen(custom_ext_cli_string);
609         return 1; /* Send "abc" */
610         }
611
612 static int custom_ext_2_cli_second_cb(SSL *s, unsigned short ext_type,
613                                       const unsigned char *in,
614                                       unsigned short inlen, int *al,
615                                       void *arg)
616         {
617         if (ext_type != CUSTOM_EXT_TYPE_2)
618                 custom_ext_error = 1;
619         if (inlen != 0)
620                 custom_ext_error = 1; /* Should be empty response */
621         return 1;
622         }
623
624 static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type,
625                                      const unsigned char **out,
626                                      unsigned short *outlen, int *al, void *arg)
627         {
628         if (ext_type != CUSTOM_EXT_TYPE_3)
629                 custom_ext_error = 1;
630         *out = (const unsigned char*)custom_ext_cli_string;
631         *outlen = strlen(custom_ext_cli_string);
632         return 1; /* Send "abc" */
633         }
634
635 static int custom_ext_3_cli_second_cb(SSL *s, unsigned short ext_type,
636                                       const unsigned char *in,
637                                       unsigned short inlen, int *al,
638                                       void *arg)
639         {
640         if (ext_type != CUSTOM_EXT_TYPE_3)
641                 custom_ext_error = 1;
642         if (inlen != strlen(custom_ext_srv_string))
643                 custom_ext_error = 1;
644         if (memcmp(custom_ext_srv_string, in, inlen) != 0)
645                 custom_ext_error = 1; /* Check for "defg" */
646         return 1;
647         }
648
649 /* custom_ext_0_cli_first_cb returns -1 - the server won't receive a callback for this extension */
650 static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type,
651                                      const unsigned char *in,
652                                      unsigned short inlen, int *al,
653                                      void *arg)
654         {
655         return 1;
656         }
657
658 /* 'generate' callbacks are always called, even if the 'receive' callback isn't called */
659 static int custom_ext_0_srv_second_cb(SSL *s, unsigned short ext_type,
660                                       const unsigned char **out,
661                                       unsigned short *outlen, int *al, void *arg)
662         {
663         return -1; /* Don't send an extension */
664         }
665
666 static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
667                                 const unsigned char *in,
668                                 unsigned short inlen, int *al,
669                                 void *arg)
670         {
671         if (ext_type != CUSTOM_EXT_TYPE_1)
672                 custom_ext_error = 1;           
673          /* Check for "abc" */
674         if (inlen != strlen(custom_ext_cli_string))
675                 custom_ext_error = 1;
676         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
677                 custom_ext_error = 1;
678         return 1;
679         }
680
681 static int custom_ext_1_srv_second_cb(SSL *s, unsigned short ext_type,
682                                       const unsigned char **out,
683                                       unsigned short *outlen, int *al, void *arg)
684         {
685         return -1; /* Don't send an extension */
686         }
687
688 static int custom_ext_2_srv_first_cb(SSL *s, unsigned short ext_type,
689                                      const unsigned char *in,
690                                      unsigned short inlen, int *al,
691                                      void *arg)
692         {
693         if (ext_type != CUSTOM_EXT_TYPE_2)
694                 custom_ext_error = 1;           
695          /* Check for "abc" */
696         if (inlen != strlen(custom_ext_cli_string))
697                 custom_ext_error = 1;
698         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
699                 custom_ext_error = 1;
700         return 1;
701         }
702
703 static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type,
704                                       const unsigned char **out,
705                                       unsigned short *outlen, int *al, void *arg)
706         {
707         *out = NULL;
708         *outlen = 0;
709         return 1; /* Send empty extension */
710         }
711
712 static int custom_ext_3_srv_first_cb(SSL *s, unsigned short ext_type,
713                                      const unsigned char *in,
714                                      unsigned short inlen, int *al,
715                                      void *arg)
716         {
717         if (ext_type != CUSTOM_EXT_TYPE_3)
718                 custom_ext_error = 1;           
719          /* Check for "abc" */  
720         if (inlen != strlen(custom_ext_cli_string))
721                 custom_ext_error = 1;
722         if (memcmp(in, custom_ext_cli_string, inlen) != 0)
723                 custom_ext_error = 1;
724         return 1;
725         }
726
727 static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
728                                       const unsigned char **out,
729                                       unsigned short *outlen, int *al, void *arg)
730         {
731         *out = (const unsigned char*)custom_ext_srv_string;
732         *outlen = strlen(custom_ext_srv_string);
733         return 1; /* Send "defg" */
734         }
735
736 static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type,
737                                     const unsigned char **out,
738                                     unsigned short *outlen, int *al, void *arg)
739         {
740         *out = (const unsigned char*)supp_data_0_string;
741         *outlen = strlen(supp_data_0_string);
742         if (arg != s)
743                 suppdata_error = 1;
744         return 1;
745         }
746
747 static int supp_data_0_srv_second_cb(SSL *s, unsigned short supp_data_type,
748                                      const unsigned char *in,
749                                      unsigned short inlen, int *al,
750                                      void *arg)
751         {
752         if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0)
753                 suppdata_error = 1;
754         if (inlen != strlen(supp_data_0_string))
755                 suppdata_error = 1;
756         if (memcmp(in, supp_data_0_string, inlen) != 0)
757                 suppdata_error = 1;
758         if (arg != s)
759                 suppdata_error = 1;
760         return 1;
761         }
762
763 static int supp_data_1_srv_first_cb(SSL *s, unsigned short supp_data_type,
764                                     const unsigned char **out,
765                                     unsigned short *outlen, int *al, void *arg)
766         {
767         return -1;
768         }
769
770 static int supp_data_1_srv_second_cb(SSL *s, unsigned short supp_data_type,
771                                      const unsigned char *in,
772                                      unsigned short inlen, int *al,
773                                      void *arg)
774         {
775         suppdata_error = 1;
776         return 1;
777         }
778
779 static int supp_data_2_srv_second_cb(SSL *s, unsigned short supp_data_type,
780                                 const unsigned char *in,
781                                 unsigned short inlen, int *al,
782                                 void *arg)
783         {
784         suppdata_error = 1;
785         return 1;
786         }
787
788 static int supp_data_0_cli_first_cb(SSL *s, unsigned short supp_data_type,
789                                     const unsigned char *in,
790                                     unsigned short inlen, int *al,
791                                     void *arg)
792         {
793         if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0)
794                 suppdata_error = 1;
795         if (inlen != strlen(supp_data_0_string))
796                 suppdata_error = 1;
797         if (memcmp(in, supp_data_0_string, inlen) != 0)
798                 suppdata_error = 1;
799         if (arg != s)
800                 suppdata_error = 1;
801         return 1;
802         }
803
804 static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type,
805                                      const unsigned char **out,
806                                      unsigned short *outlen, int *al, void *arg)
807         {
808         *out = (const unsigned char*)supp_data_0_string;
809         *outlen = strlen(supp_data_0_string);
810         if (arg != s)
811                 suppdata_error = 1;
812         return 1;
813         }
814
815 static int supp_data_1_cli_first_cb(SSL *s, unsigned short supp_data_type,
816                                     const unsigned char *in,
817                                     unsigned short inlen, int *al,
818                                     void *arg)
819         {
820         suppdata_error = 1;
821         return 1;
822         }
823
824 static int supp_data_1_cli_second_cb(SSL *s, unsigned short supp_data_type,
825                                      const unsigned char **out,
826                                      unsigned short *outlen, int *al, void *arg)
827         {
828         return -1;
829         }
830
831 static int supp_data_2_cli_first_cb(SSL *s, unsigned short supp_data_type,
832                                     const unsigned char *in,
833                                     unsigned short inlen, int *al,
834                                     void *arg)
835         {
836         suppdata_error = 1;
837         return 1;
838         }
839
840 static char *cipher=NULL;
841 static int verbose=0;
842 static int debug=0;
843 #if 0
844 /* Not used yet. */
845 #ifdef FIONBIO
846 static int s_nbio=0;
847 #endif
848 #endif
849
850 static const char rnd_seed[] = "string to make the random number generator think it has entropy";
851
852 int doit_biopair(SSL *s_ssl,SSL *c_ssl,long bytes,clock_t *s_time,clock_t *c_time);
853 int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
854 static int do_test_cipherlist(void);
855 static void sv_usage(void)
856         {
857         fprintf(stderr,"usage: ssltest [args ...]\n");
858         fprintf(stderr,"\n");
859 #ifdef OPENSSL_FIPS
860         fprintf(stderr,"-F             - run test in FIPS mode\n");
861 #endif
862         fprintf(stderr," -server_auth  - check server certificate\n");
863         fprintf(stderr," -client_auth  - do client authentication\n");
864         fprintf(stderr," -proxy        - allow proxy certificates\n");
865         fprintf(stderr," -proxy_auth <val> - set proxy policy rights\n");
866         fprintf(stderr," -proxy_cond <val> - experssion to test proxy policy rights\n");
867         fprintf(stderr," -v            - more output\n");
868         fprintf(stderr," -d            - debug output\n");
869         fprintf(stderr," -reuse        - use session-id reuse\n");
870         fprintf(stderr," -num <val>    - number of connections to perform\n");
871         fprintf(stderr," -bytes <val>  - number of bytes to swap between client/server\n");
872 #ifndef OPENSSL_NO_DH
873         fprintf(stderr," -dhe1024      - use 1024 bit key (safe prime) for DHE\n");
874         fprintf(stderr," -dhe1024dsa   - use 1024 bit key (with 160-bit subprime) for DHE\n");
875         fprintf(stderr," -no_dhe       - disable DHE\n");
876 #endif
877 #ifndef OPENSSL_NO_ECDH
878         fprintf(stderr," -no_ecdhe     - disable ECDHE\n");
879 #endif
880 #ifndef OPENSSL_NO_PSK
881         fprintf(stderr," -psk arg      - PSK in hex (without 0x)\n");
882 #endif
883 #ifndef OPENSSL_NO_SRP
884         fprintf(stderr," -srpuser user  - SRP username to use\n");
885         fprintf(stderr," -srppass arg   - password for 'user'\n");
886 #endif
887 #ifndef OPENSSL_NO_SSL2
888         fprintf(stderr," -ssl2         - use SSLv2\n");
889 #endif
890 #ifndef OPENSSL_NO_SSL3
891         fprintf(stderr," -ssl3         - use SSLv3\n");
892 #endif
893 #ifndef OPENSSL_NO_TLS1
894         fprintf(stderr," -tls1         - use TLSv1\n");
895 #endif
896         fprintf(stderr," -CApath arg   - PEM format directory of CA's\n");
897         fprintf(stderr," -CAfile arg   - PEM format file of CA's\n");
898         fprintf(stderr," -cert arg     - Server certificate file\n");
899         fprintf(stderr," -key arg      - Server key file (default: same as -cert)\n");
900         fprintf(stderr," -c_cert arg   - Client certificate file\n");
901         fprintf(stderr," -c_key arg    - Client key file (default: same as -c_cert)\n");
902         fprintf(stderr," -cipher arg   - The cipher list\n");
903         fprintf(stderr," -bio_pair     - Use BIO pairs\n");
904         fprintf(stderr," -f            - Test even cases that can't work\n");
905         fprintf(stderr," -time         - measure processor time used by client and server\n");
906         fprintf(stderr," -zlib         - use zlib compression\n");
907         fprintf(stderr," -rle          - use rle compression\n");
908 #ifndef OPENSSL_NO_ECDH
909         fprintf(stderr," -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n" \
910                        "                 Use \"openssl ecparam -list_curves\" for all names\n"  \
911                        "                 (default is sect163r2).\n");
912 #endif
913         fprintf(stderr," -test_cipherlist - verifies the order of the ssl cipher lists\n");
914 #ifndef OPENSSL_NO_NEXTPROTONEG
915         fprintf(stderr," -npn_client - have client side offer NPN\n");
916         fprintf(stderr," -npn_server - have server side offer NPN\n");
917         fprintf(stderr," -npn_server_reject - have server reject NPN\n");
918 #endif
919         fprintf(stderr," -serverinfo_file file - have server use this file\n");
920         fprintf(stderr," -serverinfo_sct  - have client offer and expect SCT\n");
921         fprintf(stderr," -serverinfo_tack - have client offer and expect TACK\n");
922         fprintf(stderr," -custom_ext - try various custom extension callbacks\n");
923         fprintf(stderr," -alpn_client <string> - have client side offer ALPN\n");
924         fprintf(stderr," -alpn_server <string> - have server side offer ALPN\n");
925         fprintf(stderr," -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
926         fprintf(stderr, "-suppdata - exercise supplemental data callbacks\n");
927         }
928
929 static void print_details(SSL *c_ssl, const char *prefix)
930         {
931         const SSL_CIPHER *ciph;
932         X509 *cert;
933                 
934         ciph=SSL_get_current_cipher(c_ssl);
935         BIO_printf(bio_stdout,"%s%s, cipher %s %s",
936                 prefix,
937                 SSL_get_version(c_ssl),
938                 SSL_CIPHER_get_version(ciph),
939                 SSL_CIPHER_get_name(ciph));
940         cert=SSL_get_peer_certificate(c_ssl);
941         if (cert != NULL)
942                 {
943                 EVP_PKEY *pkey = X509_get_pubkey(cert);
944                 if (pkey != NULL)
945                         {
946                         if (0) 
947                                 ;
948 #ifndef OPENSSL_NO_RSA
949                         else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
950                                 && pkey->pkey.rsa->n != NULL)
951                                 {
952                                 BIO_printf(bio_stdout, ", %d bit RSA",
953                                         BN_num_bits(pkey->pkey.rsa->n));
954                                 }
955 #endif
956 #ifndef OPENSSL_NO_DSA
957                         else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
958                                 && pkey->pkey.dsa->p != NULL)
959                                 {
960                                 BIO_printf(bio_stdout, ", %d bit DSA",
961                                         BN_num_bits(pkey->pkey.dsa->p));
962                                 }
963 #endif
964                         EVP_PKEY_free(pkey);
965                         }
966                 X509_free(cert);
967                 }
968         /* The SSL API does not allow us to look at temporary RSA/DH keys,
969          * otherwise we should print their lengths too */
970         BIO_printf(bio_stdout,"\n");
971         }
972
973 static void lock_dbg_cb(int mode, int type, const char *file, int line)
974         {
975         static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
976         const char *errstr = NULL;
977         int rw;
978         
979         rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
980         if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
981                 {
982                 errstr = "invalid mode";
983                 goto err;
984                 }
985
986         if (type < 0 || type >= CRYPTO_NUM_LOCKS)
987                 {
988                 errstr = "type out of bounds";
989                 goto err;
990                 }
991
992         if (mode & CRYPTO_LOCK)
993                 {
994                 if (modes[type])
995                         {
996                         errstr = "already locked";
997                         /* must not happen in a single-threaded program
998                          * (would deadlock) */
999                         goto err;
1000                         }
1001
1002                 modes[type] = rw;
1003                 }
1004         else if (mode & CRYPTO_UNLOCK)
1005                 {
1006                 if (!modes[type])
1007                         {
1008                         errstr = "not locked";
1009                         goto err;
1010                         }
1011                 
1012                 if (modes[type] != rw)
1013                         {
1014                         errstr = (rw == CRYPTO_READ) ?
1015                                 "CRYPTO_r_unlock on write lock" :
1016                                 "CRYPTO_w_unlock on read lock";
1017                         }
1018
1019                 modes[type] = 0;
1020                 }
1021         else
1022                 {
1023                 errstr = "invalid mode";
1024                 goto err;
1025                 }
1026
1027  err:
1028         if (errstr)
1029                 {
1030                 /* we cannot use bio_err here */
1031                 fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
1032                         errstr, mode, type, file, line);
1033                 }
1034         }
1035
1036 #ifdef TLSEXT_TYPE_opaque_prf_input
1037 struct cb_info_st { void *input; size_t len; int ret; };
1038 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
1039 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
1040 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
1041 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
1042
1043 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
1044         {
1045         struct cb_info_st *arg = arg_;
1046
1047         if (arg == NULL)
1048                 return 1;
1049         
1050         if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
1051                 return 0;
1052         return arg->ret;
1053         }
1054 #endif
1055
1056 int main(int argc, char *argv[])
1057         {
1058         char *CApath=NULL,*CAfile=NULL;
1059         int badop=0;
1060         int bio_pair=0;
1061         int force=0;
1062         int tls1=0,ssl2=0,ssl3=0,ret=1;
1063         int client_auth=0;
1064         int server_auth=0,i;
1065         struct app_verify_arg app_verify_arg =
1066                 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
1067         char *server_cert=TEST_SERVER_CERT;
1068         char *server_key=NULL;
1069         char *client_cert=TEST_CLIENT_CERT;
1070         char *client_key=NULL;
1071 #ifndef OPENSSL_NO_ECDH
1072         char *named_curve = NULL;
1073 #endif
1074         SSL_CTX *s_ctx=NULL;
1075         SSL_CTX *c_ctx=NULL;
1076         const SSL_METHOD *meth=NULL;
1077         SSL *c_ssl,*s_ssl;
1078         int number=1,reuse=0;
1079         long bytes=256L;
1080 #ifndef OPENSSL_NO_DH
1081         DH *dh;
1082         int dhe1024 = 0, dhe1024dsa = 0;
1083 #endif
1084 #ifndef OPENSSL_NO_ECDH
1085         EC_KEY *ecdh = NULL;
1086 #endif
1087 #ifndef OPENSSL_NO_SRP
1088         /* client */
1089         SRP_CLIENT_ARG srp_client_arg = {NULL,NULL};
1090         /* server */
1091         SRP_SERVER_ARG srp_server_arg = {NULL,NULL};
1092 #endif
1093         int no_dhe = 0;
1094         int no_ecdhe = 0;
1095         int no_psk = 0;
1096         int print_time = 0;
1097         clock_t s_time = 0, c_time = 0;
1098 #ifndef OPENSSL_NO_COMP
1099         int comp = 0;
1100         COMP_METHOD *cm = NULL;
1101         STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
1102 #endif
1103         int test_cipherlist = 0;
1104 #ifdef OPENSSL_FIPS
1105         int fips_mode=0;
1106 #endif
1107
1108         verbose = 0;
1109         debug = 0;
1110         cipher = 0;
1111
1112         bio_err=BIO_new_fp(stderr,BIO_NOCLOSE|BIO_FP_TEXT);     
1113
1114         CRYPTO_set_locking_callback(lock_dbg_cb);
1115
1116         /* enable memory leak checking unless explicitly disabled */
1117         if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
1118                 {
1119                 CRYPTO_malloc_debug_init();
1120                 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
1121                 }
1122         else
1123                 {
1124                 /* OPENSSL_DEBUG_MEMORY=off */
1125                 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
1126                 }
1127         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
1128
1129         RAND_seed(rnd_seed, sizeof rnd_seed);
1130
1131         bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE|BIO_FP_TEXT);
1132
1133         argc--;
1134         argv++;
1135
1136         while (argc >= 1)
1137                 {
1138                 if(!strcmp(*argv,"-F"))
1139                         {
1140 #ifdef OPENSSL_FIPS
1141                         fips_mode=1;
1142 #else
1143                         fprintf(stderr,"not compiled with FIPS support, so exitting without running.\n");
1144                         EXIT(0);
1145 #endif
1146                         }
1147                 else if (strcmp(*argv,"-server_auth") == 0)
1148                         server_auth=1;
1149                 else if (strcmp(*argv,"-client_auth") == 0)
1150                         client_auth=1;
1151                 else if (strcmp(*argv,"-proxy_auth") == 0)
1152                         {
1153                         if (--argc < 1) goto bad;
1154                         app_verify_arg.proxy_auth= *(++argv);
1155                         }
1156                 else if (strcmp(*argv,"-proxy_cond") == 0)
1157                         {
1158                         if (--argc < 1) goto bad;
1159                         app_verify_arg.proxy_cond= *(++argv);
1160                         }
1161                 else if (strcmp(*argv,"-v") == 0)
1162                         verbose=1;
1163                 else if (strcmp(*argv,"-d") == 0)
1164                         debug=1;
1165                 else if (strcmp(*argv,"-reuse") == 0)
1166                         reuse=1;
1167                 else if (strcmp(*argv,"-dhe1024") == 0)
1168                         {
1169 #ifndef OPENSSL_NO_DH
1170                         dhe1024=1;
1171 #else
1172                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1173 #endif
1174                         }
1175                 else if (strcmp(*argv,"-dhe1024dsa") == 0)
1176                         {
1177 #ifndef OPENSSL_NO_DH
1178                         dhe1024dsa=1;
1179 #else
1180                         fprintf(stderr,"ignoring -dhe1024, since I'm compiled without DH\n");
1181 #endif
1182                         }
1183                 else if (strcmp(*argv,"-no_dhe") == 0)
1184                         no_dhe=1;
1185                 else if (strcmp(*argv,"-no_ecdhe") == 0)
1186                         no_ecdhe=1;
1187                 else if (strcmp(*argv,"-psk") == 0)
1188                         {
1189                         if (--argc < 1) goto bad;
1190                         psk_key=*(++argv);
1191 #ifndef OPENSSL_NO_PSK
1192                         if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key))
1193                                 {
1194                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1195                                 goto bad;
1196                                 }
1197 #else
1198                         no_psk=1;
1199 #endif
1200                         }
1201 #ifndef OPENSSL_NO_SRP
1202                 else if (strcmp(*argv,"-srpuser") == 0)
1203                         {
1204                         if (--argc < 1) goto bad;
1205                         srp_server_arg.expected_user = srp_client_arg.srplogin= *(++argv);
1206                         tls1=1;
1207                         }
1208                 else if (strcmp(*argv,"-srppass") == 0)
1209                         {
1210                         if (--argc < 1) goto bad;
1211                         srp_server_arg.pass = srp_client_arg.srppassin= *(++argv);
1212                         tls1=1;
1213                         }
1214 #endif
1215                 else if (strcmp(*argv,"-ssl2") == 0)
1216                         ssl2=1;
1217                 else if (strcmp(*argv,"-tls1") == 0)
1218                         tls1=1;
1219                 else if (strcmp(*argv,"-ssl3") == 0)
1220                         ssl3=1;
1221                 else if (strncmp(*argv,"-num",4) == 0)
1222                         {
1223                         if (--argc < 1) goto bad;
1224                         number= atoi(*(++argv));
1225                         if (number == 0) number=1;
1226                         }
1227                 else if (strcmp(*argv,"-bytes") == 0)
1228                         {
1229                         if (--argc < 1) goto bad;
1230                         bytes= atol(*(++argv));
1231                         if (bytes == 0L) bytes=1L;
1232                         i=strlen(argv[0]);
1233                         if (argv[0][i-1] == 'k') bytes*=1024L;
1234                         if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
1235                         }
1236                 else if (strcmp(*argv,"-cert") == 0)
1237                         {
1238                         if (--argc < 1) goto bad;
1239                         server_cert= *(++argv);
1240                         }
1241                 else if (strcmp(*argv,"-s_cert") == 0)
1242                         {
1243                         if (--argc < 1) goto bad;
1244                         server_cert= *(++argv);
1245                         }
1246                 else if (strcmp(*argv,"-key") == 0)
1247                         {
1248                         if (--argc < 1) goto bad;
1249                         server_key= *(++argv);
1250                         }
1251                 else if (strcmp(*argv,"-s_key") == 0)
1252                         {
1253                         if (--argc < 1) goto bad;
1254                         server_key= *(++argv);
1255                         }
1256                 else if (strcmp(*argv,"-c_cert") == 0)
1257                         {
1258                         if (--argc < 1) goto bad;
1259                         client_cert= *(++argv);
1260                         }
1261                 else if (strcmp(*argv,"-c_key") == 0)
1262                         {
1263                         if (--argc < 1) goto bad;
1264                         client_key= *(++argv);
1265                         }
1266                 else if (strcmp(*argv,"-cipher") == 0)
1267                         {
1268                         if (--argc < 1) goto bad;
1269                         cipher= *(++argv);
1270                         }
1271                 else if (strcmp(*argv,"-CApath") == 0)
1272                         {
1273                         if (--argc < 1) goto bad;
1274                         CApath= *(++argv);
1275                         }
1276                 else if (strcmp(*argv,"-CAfile") == 0)
1277                         {
1278                         if (--argc < 1) goto bad;
1279                         CAfile= *(++argv);
1280                         }
1281                 else if (strcmp(*argv,"-bio_pair") == 0)
1282                         {
1283                         bio_pair = 1;
1284                         }
1285                 else if (strcmp(*argv,"-f") == 0)
1286                         {
1287                         force = 1;
1288                         }
1289                 else if (strcmp(*argv,"-time") == 0)
1290                         {
1291                         print_time = 1;
1292                         }
1293 #ifndef OPENSSL_NO_COMP
1294                 else if (strcmp(*argv,"-zlib") == 0)
1295                         {
1296                         comp = COMP_ZLIB;
1297                         }
1298                 else if (strcmp(*argv,"-rle") == 0)
1299                         {
1300                         comp = COMP_RLE;
1301                         }
1302 #endif
1303                 else if (strcmp(*argv,"-named_curve") == 0)
1304                         {
1305                         if (--argc < 1) goto bad;
1306 #ifndef OPENSSL_NO_ECDH         
1307                         named_curve = *(++argv);
1308 #else
1309                         fprintf(stderr,"ignoring -named_curve, since I'm compiled without ECDH\n");
1310                         ++argv;
1311 #endif
1312                         }
1313                 else if (strcmp(*argv,"-app_verify") == 0)
1314                         {
1315                         app_verify_arg.app_verify = 1;
1316                         }
1317                 else if (strcmp(*argv,"-proxy") == 0)
1318                         {
1319                         app_verify_arg.allow_proxy_certs = 1;
1320                         }
1321                 else if (strcmp(*argv,"-test_cipherlist") == 0)
1322                         {
1323                         test_cipherlist = 1;
1324                         }
1325 #ifndef OPENSSL_NO_NEXTPROTONEG
1326                 else if (strcmp(*argv,"-npn_client") == 0)
1327                         {
1328                         npn_client = 1;
1329                         }
1330                 else if (strcmp(*argv,"-npn_server") == 0)
1331                         {
1332                         npn_server = 1;
1333                         }
1334                 else if (strcmp(*argv,"-npn_server_reject") == 0)
1335                         {
1336                         npn_server_reject = 1;
1337                         }
1338 #endif
1339                 else if (strcmp(*argv,"-serverinfo_sct") == 0)
1340                         {
1341                         serverinfo_sct = 1;
1342                         }
1343                 else if (strcmp(*argv,"-serverinfo_tack") == 0)
1344                         {
1345                         serverinfo_tack = 1;
1346                         }
1347                 else if (strcmp(*argv,"-serverinfo_file") == 0)
1348                         {
1349                         if (--argc < 1) goto bad;
1350                         serverinfo_file = *(++argv);
1351                         }
1352                 else if (strcmp(*argv,"-custom_ext") == 0)
1353                         {
1354                         custom_ext = 1;
1355                         }
1356                 else if (strcmp(*argv,"-alpn_client") == 0)
1357                         {
1358                         if (--argc < 1) goto bad;
1359                         alpn_client = *(++argv);
1360                         }
1361                 else if (strcmp(*argv,"-alpn_server") == 0)
1362                         {
1363                         if (--argc < 1) goto bad;
1364                         alpn_server = *(++argv);
1365                         }
1366                 else if (strcmp(*argv,"-alpn_expected") == 0)
1367                         {
1368                         if (--argc < 1) goto bad;
1369                         alpn_expected = *(++argv);
1370                         }
1371                 else if (strcmp(*argv,"-suppdata") == 0)
1372                         {
1373                         suppdata = 1;
1374                         }
1375                 else
1376                         {
1377                         fprintf(stderr,"unknown option %s\n",*argv);
1378                         badop=1;
1379                         break;
1380                         }
1381                 argc--;
1382                 argv++;
1383                 }
1384         if (badop)
1385                 {
1386 bad:
1387                 sv_usage();
1388                 goto end;
1389                 }
1390
1391         if (test_cipherlist == 1)
1392                 {
1393                 /* ensure that the cipher list are correctly sorted and exit */
1394                 if (do_test_cipherlist() == 0)
1395                         EXIT(1);
1396                 ret = 0;
1397                 goto end;
1398                 }
1399
1400         if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force)
1401                 {
1402                 fprintf(stderr, "This case cannot work.  Use -f to perform "
1403                         "the test anyway (and\n-d to see what happens), "
1404                         "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
1405                         "to avoid protocol mismatch.\n");
1406                 EXIT(1);
1407                 }
1408
1409 #ifdef OPENSSL_FIPS
1410         if(fips_mode)
1411                 {
1412                 if(!FIPS_mode_set(1))
1413                         {
1414                         ERR_load_crypto_strings();
1415                         ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
1416                         EXIT(1);
1417                         }
1418                 else
1419                         fprintf(stderr,"*** IN FIPS MODE ***\n");
1420                 }
1421 #endif
1422
1423         if (print_time)
1424                 {
1425                 if (!bio_pair)
1426                         {
1427                         fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1428                         bio_pair = 1;
1429                         }
1430                 if (number < 50 && !force)
1431                         fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1432                 }
1433
1434 /*      if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1435
1436         SSL_library_init();
1437         SSL_load_error_strings();
1438
1439 #ifndef OPENSSL_NO_COMP
1440         if (comp == COMP_ZLIB) cm = COMP_zlib();
1441         if (comp == COMP_RLE) cm = COMP_rle();
1442         if (cm != NULL)
1443                 {
1444                 if (cm->type != NID_undef)
1445                         {
1446                         if (SSL_COMP_add_compression_method(comp, cm) != 0)
1447                                 {
1448                                 fprintf(stderr,
1449                                         "Failed to add compression method\n");
1450                                 ERR_print_errors_fp(stderr);
1451                                 }
1452                         }
1453                 else
1454                         {
1455                         fprintf(stderr,
1456                                 "Warning: %s compression not supported\n",
1457                                 (comp == COMP_RLE ? "rle" :
1458                                         (comp == COMP_ZLIB ? "zlib" :
1459                                                 "unknown")));
1460                         ERR_print_errors_fp(stderr);
1461                         }
1462                 }
1463         ssl_comp_methods = SSL_COMP_get_compression_methods();
1464         fprintf(stderr, "Available compression methods:\n");
1465         {
1466         int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1467         if (n == 0)
1468                 fprintf(stderr, "  NONE\n");
1469         else
1470                 for (j = 0; j < n; j++)
1471                         {
1472                         SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1473                         fprintf(stderr, "  %d: %s\n", c->id, c->name);
1474                         }
1475         }
1476 #endif
1477
1478 #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
1479         if (ssl2)
1480                 meth=SSLv2_method();
1481         else 
1482         if (tls1)
1483                 meth=TLSv1_method();
1484         else
1485         if (ssl3)
1486                 meth=SSLv3_method();
1487         else
1488                 meth=SSLv23_method();
1489 #else
1490 #ifdef OPENSSL_NO_SSL2
1491         if (tls1)
1492                 meth=TLSv1_method();
1493         else
1494         if (ssl3)
1495                 meth=SSLv3_method();
1496         else
1497                 meth=SSLv23_method();
1498 #else
1499         meth=SSLv2_method();
1500 #endif
1501 #endif
1502
1503         c_ctx=SSL_CTX_new(meth);
1504         s_ctx=SSL_CTX_new(meth);
1505         if ((c_ctx == NULL) || (s_ctx == NULL))
1506                 {
1507                 ERR_print_errors(bio_err);
1508                 goto end;
1509                 }
1510
1511         if (cipher != NULL)
1512                 {
1513                 SSL_CTX_set_cipher_list(c_ctx,cipher);
1514                 SSL_CTX_set_cipher_list(s_ctx,cipher);
1515                 }
1516
1517 #ifndef OPENSSL_NO_DH
1518         if (!no_dhe)
1519                 {
1520                 if (dhe1024dsa)
1521                         {
1522                         /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */
1523                         SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1524                         dh=get_dh1024dsa();
1525                         }
1526                 else if (dhe1024)
1527                         dh=get_dh1024();
1528                 else
1529                         dh=get_dh512();
1530                 SSL_CTX_set_tmp_dh(s_ctx,dh);
1531                 DH_free(dh);
1532                 }
1533 #else
1534         (void)no_dhe;
1535 #endif
1536
1537 #ifndef OPENSSL_NO_ECDH
1538         if (!no_ecdhe)
1539                 {
1540                 int nid;
1541
1542                 if (named_curve != NULL)
1543                         {
1544                         nid = OBJ_sn2nid(named_curve);
1545                         if (nid == 0)
1546                         {
1547                                 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1548                                 goto end;
1549                                 }
1550                         }
1551                 else
1552 #ifdef OPENSSL_NO_EC2M
1553                         nid = NID_X9_62_prime256v1;
1554 #else
1555                         nid = NID_sect163r2;
1556 #endif
1557
1558                 ecdh = EC_KEY_new_by_curve_name(nid);
1559                 if (ecdh == NULL)
1560                         {
1561                         BIO_printf(bio_err, "unable to create curve\n");
1562                         goto end;
1563                         }
1564
1565                 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1566                 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1567                 EC_KEY_free(ecdh);
1568                 }
1569 #else
1570         (void)no_ecdhe;
1571 #endif
1572
1573 #ifndef OPENSSL_NO_RSA
1574         SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
1575 #endif
1576
1577 #ifdef TLSEXT_TYPE_opaque_prf_input
1578         SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1579         SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1580         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1); /* or &co2 or NULL */
1581         SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1); /* or &so2 or NULL */
1582 #endif
1583
1584         if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
1585                 {
1586                 ERR_print_errors(bio_err);
1587                 }
1588         else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1589                 (server_key?server_key:server_cert), SSL_FILETYPE_PEM))
1590                 {
1591                 ERR_print_errors(bio_err);
1592                 goto end;
1593                 }
1594
1595         if (client_auth)
1596                 {
1597                 SSL_CTX_use_certificate_file(c_ctx,client_cert,
1598                         SSL_FILETYPE_PEM);
1599                 SSL_CTX_use_PrivateKey_file(c_ctx,
1600                         (client_key?client_key:client_cert),
1601                         SSL_FILETYPE_PEM);
1602                 }
1603
1604         if (    (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
1605                 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1606                 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
1607                 (!SSL_CTX_set_default_verify_paths(c_ctx)))
1608                 {
1609                 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1610                 ERR_print_errors(bio_err);
1611                 /* goto end; */
1612                 }
1613
1614         if (client_auth)
1615                 {
1616                 BIO_printf(bio_err,"client authentication\n");
1617                 SSL_CTX_set_verify(s_ctx,
1618                         SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1619                         verify_callback);
1620                 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
1621                 }
1622         if (server_auth)
1623                 {
1624                 BIO_printf(bio_err,"server authentication\n");
1625                 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
1626                         verify_callback);
1627                 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
1628                 }
1629         
1630         {
1631                 int session_id_context = 0;
1632                 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
1633         }
1634
1635         /* Use PSK only if PSK key is given */
1636         if (psk_key != NULL)
1637                 {
1638                 /* no_psk is used to avoid putting psk command to openssl tool */
1639                 if (no_psk)
1640                         {
1641                         /* if PSK is not compiled in and psk key is
1642                          * given, do nothing and exit successfully */
1643                         ret=0;
1644                         goto end;
1645                         }
1646 #ifndef OPENSSL_NO_PSK
1647                 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1648                 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1649                 if (debug)
1650                         BIO_printf(bio_err,"setting PSK identity hint to s_ctx\n");
1651                 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint"))
1652                         {
1653                         BIO_printf(bio_err,"error setting PSK identity hint to s_ctx\n");
1654                         ERR_print_errors(bio_err);
1655                         goto end;
1656                         }
1657 #endif
1658                 }
1659 #ifndef OPENSSL_NO_SRP
1660         if (srp_client_arg.srplogin)
1661                 {
1662                 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin))
1663                         {
1664                         BIO_printf(bio_err,"Unable to set SRP username\n");
1665                         goto end;
1666                         }
1667                 SSL_CTX_set_srp_cb_arg(c_ctx,&srp_client_arg);
1668                 SSL_CTX_set_srp_client_pwd_callback(c_ctx, ssl_give_srp_client_pwd_cb);
1669                 /*SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);*/
1670                 }
1671
1672         if (srp_server_arg.expected_user != NULL)
1673                 {
1674                 SSL_CTX_set_verify(s_ctx,SSL_VERIFY_NONE,verify_callback);
1675                 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1676                 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1677                 }
1678 #endif
1679
1680 #ifndef OPENSSL_NO_NEXTPROTONEG
1681         if (npn_client)
1682                 {
1683                 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL);
1684                 }
1685         if (npn_server)
1686                 {
1687                 if (npn_server_reject)
1688                         {
1689                         BIO_printf(bio_err, "Can't have both -npn_server and -npn_server_reject\n");
1690                         goto end;
1691                         }
1692                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL);
1693                 }
1694         if (npn_server_reject)
1695                 {
1696                 SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, NULL);
1697                 }
1698 #endif
1699
1700         if (serverinfo_sct)
1701                 SSL_CTX_set_custom_cli_ext(c_ctx, SCT_EXT_TYPE, NULL, 
1702                                            serverinfo_cli_cb, NULL);
1703         if (serverinfo_tack)
1704                 SSL_CTX_set_custom_cli_ext(c_ctx, TACK_EXT_TYPE, NULL,
1705                                            serverinfo_cli_cb, NULL);
1706
1707         if (serverinfo_file)
1708                 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file))
1709                         {
1710                         BIO_printf(bio_err, "missing serverinfo file\n");
1711                         goto end;
1712                         }
1713
1714         if (custom_ext)
1715                 {
1716                 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_0, 
1717                                            custom_ext_0_cli_first_cb, 
1718                                            custom_ext_0_cli_second_cb, NULL);
1719                 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_1, 
1720                                            custom_ext_1_cli_first_cb, 
1721                                            custom_ext_1_cli_second_cb, NULL);
1722                 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_2, 
1723                                            custom_ext_2_cli_first_cb, 
1724                                            custom_ext_2_cli_second_cb, NULL);
1725                 SSL_CTX_set_custom_cli_ext(c_ctx, CUSTOM_EXT_TYPE_3, 
1726                                            custom_ext_3_cli_first_cb, 
1727                                            custom_ext_3_cli_second_cb, NULL);
1728
1729
1730                 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_0, 
1731                                            custom_ext_0_srv_first_cb, 
1732                                            custom_ext_0_srv_second_cb, NULL);
1733                 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_1, 
1734                                            custom_ext_1_srv_first_cb, 
1735                                            custom_ext_1_srv_second_cb, NULL);
1736                 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_2, 
1737                                            custom_ext_2_srv_first_cb, 
1738                                            custom_ext_2_srv_second_cb, NULL);
1739                 SSL_CTX_set_custom_srv_ext(s_ctx, CUSTOM_EXT_TYPE_3, 
1740                                            custom_ext_3_srv_first_cb, 
1741                                            custom_ext_3_srv_second_cb, NULL);
1742                 }
1743
1744         if (alpn_server)
1745                 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1746
1747         if (alpn_client)
1748                 {
1749                 unsigned short alpn_len;
1750                 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1751
1752                 if (alpn == NULL)
1753                         {
1754                         BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1755                         goto end;
1756                         }
1757                 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1758                 OPENSSL_free(alpn);
1759                 }
1760
1761         c_ssl=SSL_new(c_ctx);
1762         s_ssl=SSL_new(s_ctx);
1763
1764         if (suppdata)
1765                 {
1766                 /* TEST CASES */
1767                 /* client and server both send and receive, verify
1768                  * additional arg passed back */
1769                 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0,
1770                                           supp_data_0_srv_first_cb,
1771                                           supp_data_0_srv_second_cb, s_ssl);
1772                 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0,
1773                                           supp_data_0_cli_first_cb,
1774                                           supp_data_0_cli_second_cb, c_ssl);
1775
1776                 /* -1 response from sending server/client doesn't
1777                  * receive, -1 response from sending client/server
1778                  * doesn't receive */
1779                 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1,
1780                                           supp_data_1_srv_first_cb,
1781                                           supp_data_1_srv_second_cb, NULL);
1782                 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1,
1783                                           supp_data_1_cli_first_cb,
1784                                           supp_data_1_cli_second_cb, NULL);
1785
1786                 /* null sending server/client doesn't receive, null
1787                    sending client/server doesn't receive */
1788                 SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2,
1789                                           /*supp_data_2_srv_first_cb*/NULL,
1790                                           supp_data_2_srv_second_cb, NULL);
1791                 SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2,
1792                                           supp_data_2_cli_first_cb,
1793                                           /*supp_data_2_cli_second_cb*/NULL,
1794                                           NULL);
1795
1796                 /* alerts set to non-zero and zero return values not tested */
1797                 }
1798 #ifndef OPENSSL_NO_KRB5
1799         if (c_ssl  &&  c_ssl->kssl_ctx)
1800                 {
1801                 char    localhost[MAXHOSTNAMELEN+2];
1802
1803                 if (gethostname(localhost, sizeof localhost-1) == 0)
1804                         {
1805                         localhost[sizeof localhost-1]='\0';
1806                         if(strlen(localhost) == sizeof localhost-1)
1807                                 {
1808                                 BIO_printf(bio_err,"localhost name too long\n");
1809                                 goto end;
1810                                 }
1811                         kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER,
1812                                 localhost);
1813                         }
1814                 }
1815 #endif    /* OPENSSL_NO_KRB5  */
1816
1817         for (i=0; i<number; i++)
1818                 {
1819                 if (!reuse) SSL_set_session(c_ssl,NULL);
1820                 if (bio_pair)
1821                         ret=doit_biopair(s_ssl,c_ssl,bytes,&s_time,&c_time);
1822                 else
1823                         ret=doit(s_ssl,c_ssl,bytes);
1824                 }
1825
1826         if (!verbose)
1827                 {
1828                 print_details(c_ssl, "");
1829                 }
1830         if ((number > 1) || (bytes > 1L))
1831                 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",number,bytes);
1832         if (print_time)
1833                 {
1834 #ifdef CLOCKS_PER_SEC
1835                 /* "To determine the time in seconds, the value returned
1836                  * by the clock function should be divided by the value
1837                  * of the macro CLOCKS_PER_SEC."
1838                  *                                       -- ISO/IEC 9899 */
1839                 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1840                         "Approximate total client time: %6.2f s\n",
1841                         (double)s_time/CLOCKS_PER_SEC,
1842                         (double)c_time/CLOCKS_PER_SEC);
1843 #else
1844                 /* "`CLOCKS_PER_SEC' undeclared (first use this function)"
1845                  *                            -- cc on NeXTstep/OpenStep */
1846                 BIO_printf(bio_stdout,
1847                         "Approximate total server time: %6.2f units\n"
1848                         "Approximate total client time: %6.2f units\n",
1849                         (double)s_time,
1850                         (double)c_time);
1851 #endif
1852                 }
1853
1854         SSL_free(s_ssl);
1855         SSL_free(c_ssl);
1856
1857 end:
1858         if (s_ctx != NULL) SSL_CTX_free(s_ctx);
1859         if (c_ctx != NULL) SSL_CTX_free(c_ctx);
1860
1861         if (bio_stdout != NULL) BIO_free(bio_stdout);
1862
1863 #ifndef OPENSSL_NO_RSA
1864         free_tmp_rsa();
1865 #endif
1866 #ifndef OPENSSL_NO_ENGINE
1867         ENGINE_cleanup();
1868 #endif
1869         CRYPTO_cleanup_all_ex_data();
1870         ERR_free_strings();
1871         ERR_remove_thread_state(NULL);
1872         EVP_cleanup();
1873         CRYPTO_mem_leaks(bio_err);
1874         if (bio_err != NULL) BIO_free(bio_err);
1875         EXIT(ret);
1876         return ret;
1877         }
1878
1879 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1880         clock_t *s_time, clock_t *c_time)
1881         {
1882         long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1883         BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1884         BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1885         int ret = 1;
1886         
1887         size_t bufsiz = 256; /* small buffer for testing */
1888
1889         if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1890                 goto err;
1891         if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1892                 goto err;
1893         
1894         s_ssl_bio = BIO_new(BIO_f_ssl());
1895         if (!s_ssl_bio)
1896                 goto err;
1897
1898         c_ssl_bio = BIO_new(BIO_f_ssl());
1899         if (!c_ssl_bio)
1900                 goto err;
1901
1902         SSL_set_connect_state(c_ssl);
1903         SSL_set_bio(c_ssl, client, client);
1904         (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1905
1906         SSL_set_accept_state(s_ssl);
1907         SSL_set_bio(s_ssl, server, server);
1908         (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1909
1910         do
1911                 {
1912                 /* c_ssl_bio:          SSL filter BIO
1913                  *
1914                  * client:             pseudo-I/O for SSL library
1915                  *
1916                  * client_io:          client's SSL communication; usually to be
1917                  *                     relayed over some I/O facility, but in this
1918                  *                     test program, we're the server, too:
1919                  *
1920                  * server_io:          server's SSL communication
1921                  *
1922                  * server:             pseudo-I/O for SSL library
1923                  *
1924                  * s_ssl_bio:          SSL filter BIO
1925                  *
1926                  * The client and the server each employ a "BIO pair":
1927                  * client + client_io, server + server_io.
1928                  * BIO pairs are symmetric.  A BIO pair behaves similar
1929                  * to a non-blocking socketpair (but both endpoints must
1930                  * be handled by the same thread).
1931                  * [Here we could connect client and server to the ends
1932                  * of a single BIO pair, but then this code would be less
1933                  * suitable as an example for BIO pairs in general.]
1934                  *
1935                  * Useful functions for querying the state of BIO pair endpoints:
1936                  *
1937                  * BIO_ctrl_pending(bio)              number of bytes we can read now
1938                  * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
1939                  *                                      other side's read attempt
1940                  * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
1941                  *
1942                  * ..._read_request is never more than ..._write_guarantee;
1943                  * it depends on the application which one you should use.
1944                  */
1945
1946                 /* We have non-blocking behaviour throughout this test program, but
1947                  * can be sure that there is *some* progress in each iteration; so
1948                  * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE
1949                  * -- we just try everything in each iteration
1950                  */
1951
1952                         {
1953                         /* CLIENT */
1954                 
1955                         MS_STATIC char cbuf[1024*8];
1956                         int i, r;
1957                         clock_t c_clock = clock();
1958
1959                         memset(cbuf, 0, sizeof(cbuf));
1960
1961                         if (debug)
1962                                 if (SSL_in_init(c_ssl))
1963                                         printf("client waiting in SSL_connect - %s\n",
1964                                                 SSL_state_string_long(c_ssl));
1965
1966                         if (cw_num > 0)
1967                                 {
1968                                 /* Write to server. */
1969                                 
1970                                 if (cw_num > (long)sizeof cbuf)
1971                                         i = sizeof cbuf;
1972                                 else
1973                                         i = (int)cw_num;
1974                                 r = BIO_write(c_ssl_bio, cbuf, i);
1975                                 if (r < 0)
1976                                         {
1977                                         if (!BIO_should_retry(c_ssl_bio))
1978                                                 {
1979                                                 fprintf(stderr,"ERROR in CLIENT\n");
1980                                                 goto err;
1981                                                 }
1982                                         /* BIO_should_retry(...) can just be ignored here.
1983                                          * The library expects us to call BIO_write with
1984                                          * the same arguments again, and that's what we will
1985                                          * do in the next iteration. */
1986                                         }
1987                                 else if (r == 0)
1988                                         {
1989                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
1990                                         goto err;
1991                                         }
1992                                 else
1993                                         {
1994                                         if (debug)
1995                                                 printf("client wrote %d\n", r);
1996                                         cw_num -= r;                            
1997                                         }
1998                                 }
1999
2000                         if (cr_num > 0)
2001                                 {
2002                                 /* Read from server. */
2003
2004                                 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
2005                                 if (r < 0)
2006                                         {
2007                                         if (!BIO_should_retry(c_ssl_bio))
2008                                                 {
2009                                                 fprintf(stderr,"ERROR in CLIENT\n");
2010                                                 goto err;
2011                                                 }
2012                                         /* Again, "BIO_should_retry" can be ignored. */
2013                                         }
2014                                 else if (r == 0)
2015                                         {
2016                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2017                                         goto err;
2018                                         }
2019                                 else
2020                                         {
2021                                         if (debug)
2022                                                 printf("client read %d\n", r);
2023                                         cr_num -= r;
2024                                         }
2025                                 }
2026
2027                         /* c_time and s_time increments will typically be very small
2028                          * (depending on machine speed and clock tick intervals),
2029                          * but sampling over a large number of connections should
2030                          * result in fairly accurate figures.  We cannot guarantee
2031                          * a lot, however -- if each connection lasts for exactly
2032                          * one clock tick, it will be counted only for the client
2033                          * or only for the server or even not at all.
2034                          */
2035                         *c_time += (clock() - c_clock);
2036                         }
2037
2038                         {
2039                         /* SERVER */
2040                 
2041                         MS_STATIC char sbuf[1024*8];
2042                         int i, r;
2043                         clock_t s_clock = clock();
2044
2045                         memset(sbuf, 0, sizeof(sbuf));
2046
2047                         if (debug)
2048                                 if (SSL_in_init(s_ssl))
2049                                         printf("server waiting in SSL_accept - %s\n",
2050                                                 SSL_state_string_long(s_ssl));
2051
2052                         if (sw_num > 0)
2053                                 {
2054                                 /* Write to client. */
2055                                 
2056                                 if (sw_num > (long)sizeof sbuf)
2057                                         i = sizeof sbuf;
2058                                 else
2059                                         i = (int)sw_num;
2060                                 r = BIO_write(s_ssl_bio, sbuf, i);
2061                                 if (r < 0)
2062                                         {
2063                                         if (!BIO_should_retry(s_ssl_bio))
2064                                                 {
2065                                                 fprintf(stderr,"ERROR in SERVER\n");
2066                                                 goto err;
2067                                                 }
2068                                         /* Ignore "BIO_should_retry". */
2069                                         }
2070                                 else if (r == 0)
2071                                         {
2072                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2073                                         goto err;
2074                                         }
2075                                 else
2076                                         {
2077                                         if (debug)
2078                                                 printf("server wrote %d\n", r);
2079                                         sw_num -= r;                            
2080                                         }
2081                                 }
2082
2083                         if (sr_num > 0)
2084                                 {
2085                                 /* Read from client. */
2086
2087                                 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
2088                                 if (r < 0)
2089                                         {
2090                                         if (!BIO_should_retry(s_ssl_bio))
2091                                                 {
2092                                                 fprintf(stderr,"ERROR in SERVER\n");
2093                                                 goto err;
2094                                                 }
2095                                         /* blah, blah */
2096                                         }
2097                                 else if (r == 0)
2098                                         {
2099                                         fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
2100                                         goto err;
2101                                         }
2102                                 else
2103                                         {
2104                                         if (debug)
2105                                                 printf("server read %d\n", r);
2106                                         sr_num -= r;
2107                                         }
2108                                 }
2109
2110                         *s_time += (clock() - s_clock);
2111                         }
2112                         
2113                         {
2114                         /* "I/O" BETWEEN CLIENT AND SERVER. */
2115
2116                         size_t r1, r2;
2117                         BIO *io1 = server_io, *io2 = client_io;
2118                         /* we use the non-copying interface for io1
2119                          * and the standard BIO_write/BIO_read interface for io2
2120                          */
2121                         
2122                         static int prev_progress = 1;
2123                         int progress = 0;
2124                         
2125                         /* io1 to io2 */
2126                         do
2127                                 {
2128                                 size_t num;
2129                                 int r;
2130
2131                                 r1 = BIO_ctrl_pending(io1);
2132                                 r2 = BIO_ctrl_get_write_guarantee(io2);
2133
2134                                 num = r1;
2135                                 if (r2 < num)
2136                                         num = r2;
2137                                 if (num)
2138                                         {
2139                                         char *dataptr;
2140
2141                                         if (INT_MAX < num) /* yeah, right */
2142                                                 num = INT_MAX;
2143                                         
2144                                         r = BIO_nread(io1, &dataptr, (int)num);
2145                                         assert(r > 0);
2146                                         assert(r <= (int)num);
2147                                         /* possibly r < num (non-contiguous data) */
2148                                         num = r;
2149                                         r = BIO_write(io2, dataptr, (int)num);
2150                                         if (r != (int)num) /* can't happen */
2151                                                 {
2152                                                 fprintf(stderr, "ERROR: BIO_write could not write "
2153                                                         "BIO_ctrl_get_write_guarantee() bytes");
2154                                                 goto err;
2155                                                 }
2156                                         progress = 1;
2157
2158                                         if (debug)
2159                                                 printf((io1 == client_io) ?
2160                                                         "C->S relaying: %d bytes\n" :
2161                                                         "S->C relaying: %d bytes\n",
2162                                                         (int)num);
2163                                         }
2164                                 }
2165                         while (r1 && r2);
2166
2167                         /* io2 to io1 */
2168                         {
2169                                 size_t num;
2170                                 int r;
2171
2172                                 r1 = BIO_ctrl_pending(io2);
2173                                 r2 = BIO_ctrl_get_read_request(io1);
2174                                 /* here we could use ..._get_write_guarantee instead of
2175                                  * ..._get_read_request, but by using the latter
2176                                  * we test restartability of the SSL implementation
2177                                  * more thoroughly */
2178                                 num = r1;
2179                                 if (r2 < num)
2180                                         num = r2;
2181                                 if (num)
2182                                         {
2183                                         char *dataptr;
2184                                         
2185                                         if (INT_MAX < num)
2186                                                 num = INT_MAX;
2187
2188                                         if (num > 1)
2189                                                 --num; /* test restartability even more thoroughly */
2190                                         
2191                                         r = BIO_nwrite0(io1, &dataptr);
2192                                         assert(r > 0);
2193                                         if (r < (int)num)
2194                                                 num = r;
2195                                         r = BIO_read(io2, dataptr, (int)num);
2196                                         if (r != (int)num) /* can't happen */
2197                                                 {
2198                                                 fprintf(stderr, "ERROR: BIO_read could not read "
2199                                                         "BIO_ctrl_pending() bytes");
2200                                                 goto err;
2201                                                 }
2202                                         progress = 1;
2203                                         r = BIO_nwrite(io1, &dataptr, (int)num);
2204                                         if (r != (int)num) /* can't happen */
2205                                                 {
2206                                                 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
2207                                                         "BIO_nwrite0() bytes");
2208                                                 goto err;
2209                                                 }
2210                                         
2211                                         if (debug)
2212                                                 printf((io2 == client_io) ?
2213                                                         "C->S relaying: %d bytes\n" :
2214                                                         "S->C relaying: %d bytes\n",
2215                                                         (int)num);
2216                                         }
2217                         } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
2218
2219                         if (!progress && !prev_progress)
2220                                 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0)
2221                                         {
2222                                         fprintf(stderr, "ERROR: got stuck\n");
2223                                         if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0)
2224                                                 {
2225                                                 fprintf(stderr, "This can happen for SSL2 because "
2226                                                         "CLIENT-FINISHED and SERVER-VERIFY are written \n"
2227                                                         "concurrently ...");
2228                                                 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
2229                                                         && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0)
2230                                                         {
2231                                                         fprintf(stderr, " ok.\n");
2232                                                         goto end;
2233                                                         }
2234                                                 }
2235                                         fprintf(stderr, " ERROR.\n");
2236                                         goto err;
2237                                         }
2238                         prev_progress = progress;
2239                         }
2240                 }
2241         while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
2242
2243         if (verbose)
2244                 print_details(c_ssl, "DONE via BIO pair: ");
2245 #ifndef OPENSSL_NO_NEXTPROTONEG
2246         if (verify_npn(c_ssl, s_ssl) < 0)
2247                 {
2248                 ret = 1;
2249                 goto end;
2250                 }
2251 #endif
2252         if (verify_serverinfo() < 0)
2253                 {
2254                 ret = 1;
2255                 goto err;
2256                 }
2257         if (verify_alpn(c_ssl, s_ssl) < 0)
2258                 {
2259                 ret = 1;
2260                 goto err;
2261                 }
2262
2263         if (custom_ext_error)
2264                 {
2265                 ret = 1;
2266                 goto err;
2267                 }
2268
2269 end:
2270         ret = 0;
2271
2272  err:
2273         ERR_print_errors(bio_err);
2274         
2275         if (server)
2276                 BIO_free(server);
2277         if (server_io)
2278                 BIO_free(server_io);
2279         if (client)
2280                 BIO_free(client);
2281         if (client_io)
2282                 BIO_free(client_io);
2283         if (s_ssl_bio)
2284                 BIO_free(s_ssl_bio);
2285         if (c_ssl_bio)
2286                 BIO_free(c_ssl_bio);
2287
2288         return ret;
2289         }
2290
2291
2292 #define W_READ  1
2293 #define W_WRITE 2
2294 #define C_DONE  1
2295 #define S_DONE  2
2296
2297 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2298         {
2299         MS_STATIC char cbuf[1024*8],sbuf[1024*8];
2300         long cw_num=count,cr_num=count;
2301         long sw_num=count,sr_num=count;
2302         int ret=1;
2303         BIO *c_to_s=NULL;
2304         BIO *s_to_c=NULL;
2305         BIO *c_bio=NULL;
2306         BIO *s_bio=NULL;
2307         int c_r,c_w,s_r,s_w;
2308         int i,j;
2309         int done=0;
2310         int c_write,s_write;
2311         int do_server=0,do_client=0;
2312
2313         memset(cbuf,0,sizeof(cbuf));
2314         memset(sbuf,0,sizeof(sbuf));
2315
2316         c_to_s=BIO_new(BIO_s_mem());
2317         s_to_c=BIO_new(BIO_s_mem());
2318         if ((s_to_c == NULL) || (c_to_s == NULL))
2319                 {
2320                 ERR_print_errors(bio_err);
2321                 goto err;
2322                 }
2323
2324         c_bio=BIO_new(BIO_f_ssl());
2325         s_bio=BIO_new(BIO_f_ssl());
2326         if ((c_bio == NULL) || (s_bio == NULL))
2327                 {
2328                 ERR_print_errors(bio_err);
2329                 goto err;
2330                 }
2331
2332         SSL_set_connect_state(c_ssl);
2333         SSL_set_bio(c_ssl,s_to_c,c_to_s);
2334         BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
2335
2336         SSL_set_accept_state(s_ssl);
2337         SSL_set_bio(s_ssl,c_to_s,s_to_c);
2338         BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
2339
2340         c_r=0; s_r=1;
2341         c_w=1; s_w=0;
2342         c_write=1,s_write=0;
2343
2344         /* We can always do writes */
2345         for (;;)
2346                 {
2347                 do_server=0;
2348                 do_client=0;
2349
2350                 i=(int)BIO_pending(s_bio);
2351                 if ((i && s_r) || s_w) do_server=1;
2352
2353                 i=(int)BIO_pending(c_bio);
2354                 if ((i && c_r) || c_w) do_client=1;
2355
2356                 if (do_server && debug)
2357                         {
2358                         if (SSL_in_init(s_ssl))
2359                                 printf("server waiting in SSL_accept - %s\n",
2360                                         SSL_state_string_long(s_ssl));
2361 /*                      else if (s_write)
2362                                 printf("server:SSL_write()\n");
2363                         else
2364                                 printf("server:SSL_read()\n"); */
2365                         }
2366
2367                 if (do_client && debug)
2368                         {
2369                         if (SSL_in_init(c_ssl))
2370                                 printf("client waiting in SSL_connect - %s\n",
2371                                         SSL_state_string_long(c_ssl));
2372 /*                      else if (c_write)
2373                                 printf("client:SSL_write()\n");
2374                         else
2375                                 printf("client:SSL_read()\n"); */
2376                         }
2377
2378                 if (!do_client && !do_server)
2379                         {
2380                         fprintf(stdout,"ERROR IN STARTUP\n");
2381                         ERR_print_errors(bio_err);
2382                         break;
2383                         }
2384                 if (do_client && !(done & C_DONE))
2385                         {
2386                         if (c_write)
2387                                 {
2388                                 j = (cw_num > (long)sizeof(cbuf)) ?
2389                                         (int)sizeof(cbuf) : (int)cw_num;
2390                                 i=BIO_write(c_bio,cbuf,j);
2391                                 if (i < 0)
2392                                         {
2393                                         c_r=0;
2394                                         c_w=0;
2395                                         if (BIO_should_retry(c_bio))
2396                                                 {
2397                                                 if (BIO_should_read(c_bio))
2398                                                         c_r=1;
2399                                                 if (BIO_should_write(c_bio))
2400                                                         c_w=1;
2401                                                 }
2402                                         else
2403                                                 {
2404                                                 fprintf(stderr,"ERROR in CLIENT\n");
2405                                                 ERR_print_errors(bio_err);
2406                                                 goto err;
2407                                                 }
2408                                         }
2409                                 else if (i == 0)
2410                                         {
2411                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2412                                         goto err;
2413                                         }
2414                                 else
2415                                         {
2416                                         if (debug)
2417                                                 printf("client wrote %d\n",i);
2418                                         /* ok */
2419                                         s_r=1;
2420                                         c_write=0;
2421                                         cw_num-=i;
2422                                         }
2423                                 }
2424                         else
2425                                 {
2426                                 i=BIO_read(c_bio,cbuf,sizeof(cbuf));
2427                                 if (i < 0)
2428                                         {
2429                                         c_r=0;
2430                                         c_w=0;
2431                                         if (BIO_should_retry(c_bio))
2432                                                 {
2433                                                 if (BIO_should_read(c_bio))
2434                                                         c_r=1;
2435                                                 if (BIO_should_write(c_bio))
2436                                                         c_w=1;
2437                                                 }
2438                                         else
2439                                                 {
2440                                                 fprintf(stderr,"ERROR in CLIENT\n");
2441                                                 ERR_print_errors(bio_err);
2442                                                 goto err;
2443                                                 }
2444                                         }
2445                                 else if (i == 0)
2446                                         {
2447                                         fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
2448                                         goto err;
2449                                         }
2450                                 else
2451                                         {
2452                                         if (debug)
2453                                                 printf("client read %d\n",i);
2454                                         cr_num-=i;
2455                                         if (sw_num > 0)
2456                                                 {
2457                                                 s_write=1;
2458                                                 s_w=1;
2459                                                 }
2460                                         if (cr_num <= 0)
2461                                                 {
2462                                                 s_write=1;
2463                                                 s_w=1;
2464                                                 done=S_DONE|C_DONE;
2465                                                 }
2466                                         }
2467                                 }
2468                         }
2469
2470                 if (do_server && !(done & S_DONE))
2471                         {
2472                         if (!s_write)
2473                                 {
2474                                 i=BIO_read(s_bio,sbuf,sizeof(cbuf));
2475                                 if (i < 0)
2476                                         {
2477                                         s_r=0;
2478                                         s_w=0;
2479                                         if (BIO_should_retry(s_bio))
2480                                                 {
2481                                                 if (BIO_should_read(s_bio))
2482                                                         s_r=1;
2483                                                 if (BIO_should_write(s_bio))
2484                                                         s_w=1;
2485                                                 }
2486                                         else
2487                                                 {
2488                                                 fprintf(stderr,"ERROR in SERVER\n");
2489                                                 ERR_print_errors(bio_err);
2490                                                 goto err;
2491                                                 }
2492                                         }
2493                                 else if (i == 0)
2494                                         {
2495                                         ERR_print_errors(bio_err);
2496                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
2497                                         goto err;
2498                                         }
2499                                 else
2500                                         {
2501                                         if (debug)
2502                                                 printf("server read %d\n",i);
2503                                         sr_num-=i;
2504                                         if (cw_num > 0)
2505                                                 {
2506                                                 c_write=1;
2507                                                 c_w=1;
2508                                                 }
2509                                         if (sr_num <= 0)
2510                                                 {
2511                                                 s_write=1;
2512                                                 s_w=1;
2513                                                 c_write=0;
2514                                                 }
2515                                         }
2516                                 }
2517                         else
2518                                 {
2519                                 j = (sw_num > (long)sizeof(sbuf)) ?
2520                                         (int)sizeof(sbuf) : (int)sw_num;
2521                                 i=BIO_write(s_bio,sbuf,j);
2522                                 if (i < 0)
2523                                         {
2524                                         s_r=0;
2525                                         s_w=0;
2526                                         if (BIO_should_retry(s_bio))
2527                                                 {
2528                                                 if (BIO_should_read(s_bio))
2529                                                         s_r=1;
2530                                                 if (BIO_should_write(s_bio))
2531                                                         s_w=1;
2532                                                 }
2533                                         else
2534                                                 {
2535                                                 fprintf(stderr,"ERROR in SERVER\n");
2536                                                 ERR_print_errors(bio_err);
2537                                                 goto err;
2538                                                 }
2539                                         }
2540                                 else if (i == 0)
2541                                         {
2542                                         ERR_print_errors(bio_err);
2543                                         fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
2544                                         goto err;
2545                                         }
2546                                 else
2547                                         {
2548                                         if (debug)
2549                                                 printf("server wrote %d\n",i);
2550                                         sw_num-=i;
2551                                         s_write=0;
2552                                         c_r=1;
2553                                         if (sw_num <= 0)
2554                                                 done|=S_DONE;
2555                                         }
2556                                 }
2557                         }
2558
2559                 if ((done & S_DONE) && (done & C_DONE)) break;
2560                 }
2561
2562         if (verbose)
2563                 print_details(c_ssl, "DONE: ");
2564 #ifndef OPENSSL_NO_NEXTPROTONEG
2565         if (verify_npn(c_ssl, s_ssl) < 0)
2566                 {
2567                 ret = 1;
2568                 goto err;
2569                 }
2570 #endif
2571         if (suppdata_error < 0)
2572                 {
2573                 ret = 1;
2574                 goto err;
2575                 }
2576         if (verify_serverinfo() < 0)
2577                 {
2578                 ret = 1;
2579                 goto err;
2580                 }
2581         if (custom_ext_error)
2582                 {
2583                 ret = 1;
2584                 goto err;
2585                 }
2586         ret=0;
2587 err:
2588         /* We have to set the BIO's to NULL otherwise they will be
2589          * OPENSSL_free()ed twice.  Once when th s_ssl is SSL_free()ed and
2590          * again when c_ssl is SSL_free()ed.
2591          * This is a hack required because s_ssl and c_ssl are sharing the same
2592          * BIO structure and SSL_set_bio() and SSL_free() automatically
2593          * BIO_free non NULL entries.
2594          * You should not normally do this or be required to do this */
2595         if (s_ssl != NULL)
2596                 {
2597                 s_ssl->rbio=NULL;
2598                 s_ssl->wbio=NULL;
2599                 }
2600         if (c_ssl != NULL)
2601                 {
2602                 c_ssl->rbio=NULL;
2603                 c_ssl->wbio=NULL;
2604                 }
2605
2606         if (c_to_s != NULL) BIO_free(c_to_s);
2607         if (s_to_c != NULL) BIO_free(s_to_c);
2608         if (c_bio != NULL) BIO_free_all(c_bio);
2609         if (s_bio != NULL) BIO_free_all(s_bio);
2610         return(ret);
2611         }
2612
2613 static int get_proxy_auth_ex_data_idx(void)
2614         {
2615         static volatile int idx = -1;
2616         if (idx < 0)
2617                 {
2618                 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2619                 if (idx < 0)
2620                         {
2621                         idx = X509_STORE_CTX_get_ex_new_index(0,
2622                                 "SSLtest for verify callback", NULL,NULL,NULL);
2623                         }
2624                 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2625                 }
2626         return idx;
2627         }
2628
2629 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2630         {
2631         char *s,buf[256];
2632
2633         s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,
2634                             sizeof buf);
2635         if (s != NULL)
2636                 {
2637                 if (ok)
2638                         fprintf(stderr,"depth=%d %s\n",
2639                                 ctx->error_depth,buf);
2640                 else
2641                         {
2642                         fprintf(stderr,"depth=%d error=%d %s\n",
2643                                 ctx->error_depth,ctx->error,buf);
2644                         }
2645                 }
2646
2647         if (ok == 0)
2648                 {
2649                 fprintf(stderr,"Error string: %s\n",
2650                         X509_verify_cert_error_string(ctx->error));
2651                 switch (ctx->error)
2652                         {
2653                 case X509_V_ERR_CERT_NOT_YET_VALID:
2654                 case X509_V_ERR_CERT_HAS_EXPIRED:
2655                 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2656                         fprintf(stderr,"  ... ignored.\n");
2657                         ok=1;
2658                         }
2659                 }
2660
2661         if (ok == 1)
2662                 {
2663                 X509 *xs = ctx->current_cert;
2664 #if 0
2665                 X509 *xi = ctx->current_issuer;
2666 #endif
2667
2668                 if (xs->ex_flags & EXFLAG_PROXY)
2669                         {
2670                         unsigned int *letters =
2671                                 X509_STORE_CTX_get_ex_data(ctx,
2672                                         get_proxy_auth_ex_data_idx());
2673
2674                         if (letters)
2675                                 {
2676                                 int found_any = 0;
2677                                 int i;
2678                                 PROXY_CERT_INFO_EXTENSION *pci =
2679                                         X509_get_ext_d2i(xs, NID_proxyCertInfo,
2680                                                 NULL, NULL);
2681
2682                                 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
2683                                         {
2684                                 case NID_Independent:
2685                                         /* Completely meaningless in this
2686                                            program, as there's no way to
2687                                            grant explicit rights to a
2688                                            specific PrC.  Basically, using
2689                                            id-ppl-Independent is the perfect
2690                                            way to grant no rights at all. */
2691                                         fprintf(stderr, "  Independent proxy certificate");
2692                                         for (i = 0; i < 26; i++)
2693                                                 letters[i] = 0;
2694                                         break;
2695                                 case NID_id_ppl_inheritAll:
2696                                         /* This is basically a NOP, we
2697                                            simply let the current rights
2698                                            stand as they are. */
2699                                         fprintf(stderr, "  Proxy certificate inherits all");
2700                                         break;
2701                                 default:
2702                                         s = (char *)
2703                                                 pci->proxyPolicy->policy->data;
2704                                         i = pci->proxyPolicy->policy->length;
2705
2706                                         /* The algorithm works as follows:
2707                                            it is assumed that previous
2708                                            iterations or the initial granted
2709                                            rights has already set some elements
2710                                            of `letters'.  What we need to do is
2711                                            to clear those that weren't granted
2712                                            by the current PrC as well.  The
2713                                            easiest way to do this is to add 1
2714                                            to all the elements whose letters
2715                                            are given with the current policy.
2716                                            That way, all elements that are set
2717                                            by the current policy and were
2718                                            already set by earlier policies and
2719                                            through the original grant of rights
2720                                            will get the value 2 or higher.
2721                                            The last thing to do is to sweep
2722                                            through `letters' and keep the
2723                                            elements having the value 2 as set,
2724                                            and clear all the others. */
2725
2726                                         fprintf(stderr, "  Certificate proxy rights = %*.*s", i, i, s);
2727                                         while(i-- > 0)
2728                                                 {
2729                                                 int c = *s++;
2730                                                 if (isascii(c) && isalpha(c))
2731                                                         {
2732                                                         if (islower(c))
2733                                                                 c = toupper(c);
2734                                                         letters[c - 'A']++;
2735                                                         }
2736                                                 }
2737                                         for (i = 0; i < 26; i++)
2738                                                 if (letters[i] < 2)
2739                                                         letters[i] = 0;
2740                                                 else
2741                                                         letters[i] = 1;
2742                                         }
2743
2744                                 found_any = 0;
2745                                 fprintf(stderr,
2746                                         ", resulting proxy rights = ");
2747                                 for(i = 0; i < 26; i++)
2748                                         if (letters[i])
2749                                                 {
2750                                                 fprintf(stderr, "%c", i + 'A');
2751                                                 found_any = 1;
2752                                                 }
2753                                 if (!found_any)
2754                                         fprintf(stderr, "none");
2755                                 fprintf(stderr, "\n");
2756
2757                                 PROXY_CERT_INFO_EXTENSION_free(pci);
2758                                 }
2759                         }
2760                 }
2761
2762         return(ok);
2763         }
2764
2765 static void process_proxy_debug(int indent, const char *format, ...)
2766         {
2767         static const char indentation[] =
2768                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2769                 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
2770         char my_format[256];
2771         va_list args;
2772
2773         BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2774                 indent, indent, indentation, format);
2775
2776         va_start(args, format);
2777         vfprintf(stderr, my_format, args);
2778         va_end(args);
2779         }
2780 /* Priority levels:
2781    0    [!]var, ()
2782    1    & ^
2783    2    |
2784 */
2785 static int process_proxy_cond_adders(unsigned int letters[26],
2786         const char *cond, const char **cond_end, int *pos, int indent);
2787 static int process_proxy_cond_val(unsigned int letters[26],
2788         const char *cond, const char **cond_end, int *pos, int indent)
2789         {
2790         int c;
2791         int ok = 1;
2792         int negate = 0;
2793
2794         while(isspace((int)*cond))
2795                 {
2796                 cond++; (*pos)++;
2797                 }
2798         c = *cond;
2799
2800         if (debug)
2801                 process_proxy_debug(indent,
2802                         "Start process_proxy_cond_val at position %d: %s\n",
2803                         *pos, cond);
2804
2805         while(c == '!')
2806                 {
2807                 negate = !negate;
2808                 cond++; (*pos)++;
2809                 while(isspace((int)*cond))
2810                         {
2811                         cond++; (*pos)++;
2812                         }
2813                 c = *cond;
2814                 }
2815
2816         if (c == '(')
2817                 {
2818                 cond++; (*pos)++;
2819                 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2820                         indent + 1);
2821                 cond = *cond_end;
2822                 if (ok < 0)
2823                         goto end;
2824                 while(isspace((int)*cond))
2825                         {
2826                         cond++; (*pos)++;
2827                         }
2828                 c = *cond;
2829                 if (c != ')')
2830                         {
2831                         fprintf(stderr,
2832                                 "Weird condition character in position %d: "
2833                                 "%c\n", *pos, c);
2834                         ok = -1;
2835                         goto end;
2836                         }
2837                 cond++; (*pos)++;
2838                 }
2839         else if (isascii(c) && isalpha(c))
2840                 {
2841                 if (islower(c))
2842                         c = toupper(c);
2843                 ok = letters[c - 'A'];
2844                 cond++; (*pos)++;
2845                 }
2846         else
2847                 {
2848                 fprintf(stderr,
2849                         "Weird condition character in position %d: "
2850                         "%c\n", *pos, c);
2851                 ok = -1;
2852                 goto end;
2853                 }
2854  end:
2855         *cond_end = cond;
2856         if (ok >= 0 && negate)
2857                 ok = !ok;
2858
2859         if (debug)
2860                 process_proxy_debug(indent,
2861                         "End process_proxy_cond_val at position %d: %s, returning %d\n",
2862                         *pos, cond, ok);
2863
2864         return ok;
2865         }
2866 static int process_proxy_cond_multipliers(unsigned int letters[26],
2867         const char *cond, const char **cond_end, int *pos, int indent)
2868         {
2869         int ok;
2870         char c;
2871
2872         if (debug)
2873                 process_proxy_debug(indent,
2874                         "Start process_proxy_cond_multipliers at position %d: %s\n",
2875                         *pos, cond);
2876
2877         ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2878         cond = *cond_end;
2879         if (ok < 0)
2880                 goto end;
2881
2882         while(ok >= 0)
2883                 {
2884                 while(isspace((int)*cond))
2885                         {
2886                         cond++; (*pos)++;
2887                         }
2888                 c = *cond;
2889
2890                 switch(c)
2891                         {
2892                 case '&':
2893                 case '^':
2894                         {
2895                         int save_ok = ok;
2896
2897                         cond++; (*pos)++;
2898                         ok = process_proxy_cond_val(letters,
2899                                 cond, cond_end, pos, indent + 1);
2900                         cond = *cond_end;
2901                         if (ok < 0)
2902                                 break;
2903
2904                         switch(c)
2905                                 {
2906                         case '&':
2907                                 ok &= save_ok;
2908                                 break;
2909                         case '^':
2910                                 ok ^= save_ok;
2911                                 break;
2912                         default:
2913                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2914                                         " STOPPING\n");
2915                                 EXIT(1);
2916                                 }
2917                         }
2918                         break;
2919                 default:
2920                         goto end;
2921                         }
2922                 }
2923  end:
2924         if (debug)
2925                 process_proxy_debug(indent,
2926                         "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2927                         *pos, cond, ok);
2928
2929         *cond_end = cond;
2930         return ok;
2931         }
2932 static int process_proxy_cond_adders(unsigned int letters[26],
2933         const char *cond, const char **cond_end, int *pos, int indent)
2934         {
2935         int ok;
2936         char c;
2937
2938         if (debug)
2939                 process_proxy_debug(indent,
2940                         "Start process_proxy_cond_adders at position %d: %s\n",
2941                         *pos, cond);
2942
2943         ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2944                 indent + 1);
2945         cond = *cond_end;
2946         if (ok < 0)
2947                 goto end;
2948
2949         while(ok >= 0)
2950                 {
2951                 while(isspace((int)*cond))
2952                         {
2953                         cond++; (*pos)++;
2954                         }
2955                 c = *cond;
2956
2957                 switch(c)
2958                         {
2959                 case '|':
2960                         {
2961                         int save_ok = ok;
2962
2963                         cond++; (*pos)++;
2964                         ok = process_proxy_cond_multipliers(letters,
2965                                 cond, cond_end, pos, indent + 1);
2966                         cond = *cond_end;
2967                         if (ok < 0)
2968                                 break;
2969
2970                         switch(c)
2971                                 {
2972                         case '|':
2973                                 ok |= save_ok;
2974                                 break;
2975                         default:
2976                                 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2977                                         " STOPPING\n");
2978                                 EXIT(1);
2979                                 }
2980                         }
2981                         break;
2982                 default:
2983                         goto end;
2984                         }
2985                 }
2986  end:
2987         if (debug)
2988                 process_proxy_debug(indent,
2989                         "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2990                         *pos, cond, ok);
2991
2992         *cond_end = cond;
2993         return ok;
2994         }
2995
2996 static int process_proxy_cond(unsigned int letters[26],
2997         const char *cond, const char **cond_end)
2998         {
2999         int pos = 1;
3000         return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
3001         }
3002
3003 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
3004         {
3005         int ok=1;
3006         struct app_verify_arg *cb_arg = arg;
3007         unsigned int letters[26]; /* only used with proxy_auth */
3008
3009         if (cb_arg->app_verify)
3010                 {
3011                 char *s = NULL,buf[256];
3012
3013                 fprintf(stderr, "In app_verify_callback, allowing cert. ");
3014                 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
3015                 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
3016                         (void *)ctx, (void *)ctx->cert);
3017                 if (ctx->cert)
3018                         s=X509_NAME_oneline(X509_get_subject_name(ctx->cert),buf,256);
3019                 if (s != NULL)
3020                         {
3021                         fprintf(stderr,"cert depth=%d %s\n",ctx->error_depth,buf);
3022                         }
3023                 return(1);
3024                 }
3025         if (cb_arg->proxy_auth)
3026                 {
3027                 int found_any = 0, i;
3028                 char *sp;
3029
3030                 for(i = 0; i < 26; i++)
3031                         letters[i] = 0;
3032                 for(sp = cb_arg->proxy_auth; *sp; sp++)
3033                         {
3034                         int c = *sp;
3035                         if (isascii(c) && isalpha(c))
3036                                 {
3037                                 if (islower(c))
3038                                         c = toupper(c);
3039                                 letters[c - 'A'] = 1;