1 /* ssl/ssltest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115 */
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
118 *
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121 * license.
122 *
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
126 *
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
130 *
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
135 *
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140 * OTHERWISE.
141 */
142
143 /* Or gethostname won't be declared properly on Linux and GNU platforms. */
144 #define _BSD_SOURCE 1
145 #define _DEFAULT_SOURCE 1
146
147 #include <assert.h>
148 #include <errno.h>
149 #include <limits.h>
150 #include <stdio.h>
151 #include <stdlib.h>
152 #include <string.h>
153 #include <time.h>
154
155 #define USE_SOCKETS
156 #include "e_os.h"
157
158 #ifdef OPENSSL_SYS_VMS
159 /*
160 * Or isascii won't be declared properly on VMS (at least with DECompHP C).
161 */
162 # define _XOPEN_SOURCE 500
163 #endif
164
165 #include <ctype.h>
166
167 #include <openssl/bio.h>
168 #include <openssl/crypto.h>
169 #include <openssl/evp.h>
170 #include <openssl/x509.h>
171 #include <openssl/x509v3.h>
172 #include <openssl/ssl.h>
173 #ifndef OPENSSL_NO_ENGINE
174 # include <openssl/engine.h>
175 #endif
176 #include <openssl/err.h>
177 #include <openssl/rand.h>
178 #ifndef OPENSSL_NO_RSA
179 # include <openssl/rsa.h>
180 #endif
181 #ifndef OPENSSL_NO_DSA
182 # include <openssl/dsa.h>
183 #endif
184 #ifndef OPENSSL_NO_DH
185 # include <openssl/dh.h>
186 #endif
187 #ifndef OPENSSL_NO_SRP
188 # include <openssl/srp.h>
189 #endif
190 #include <openssl/bn.h>
191
192 /*
193 * Or gethostname won't be declared properly
194 * on Compaq platforms (at least with DEC C).
195 * Do not try to put it earlier, or IPv6 includes
196 * get screwed...
197 */
198 #define _XOPEN_SOURCE_EXTENDED 1
199
200 #ifdef OPENSSL_SYS_WINDOWS
201 # include <winsock.h>
202 #else
203 # include OPENSSL_UNISTD
204 #endif
205
206 #ifdef OPENSSL_SYS_VMS
207 # define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
208 # define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
209 #elif defined(OPENSSL_SYS_WINCE)
210 # define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
211 # define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
212 #elif defined(OPENSSL_SYS_NETWARE)
213 # define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
214 # define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
215 #else
216 # define TEST_SERVER_CERT "../apps/server.pem"
217 # define TEST_CLIENT_CERT "../apps/client.pem"
218 #endif
219
220 /*
221 * There is really no standard for this, so let's assign some tentative
222 * numbers. In any case, these numbers are only for this test
223 */
224 #define COMP_RLE 255
225 #define COMP_ZLIB 1
226
227 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
228 #ifndef OPENSSL_NO_RSA
229 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
230 static void free_tmp_rsa(void);
231 #endif
232 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
233 #define APP_CALLBACK_STRING "Test Callback Argument"
234 struct app_verify_arg {
235 char *string;
236 int app_verify;
237 int allow_proxy_certs;
238 char *proxy_auth;
239 char *proxy_cond;
240 };
241
242 #ifndef OPENSSL_NO_DH
243 static DH *get_dh512(void);
244 static DH *get_dh1024(void);
245 static DH *get_dh1024dsa(void);
246 #endif
247
248 static char *psk_key = NULL; /* by default PSK is not used */
249 #ifndef OPENSSL_NO_PSK
250 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
251 char *identity,
252 unsigned int max_identity_len,
253 unsigned char *psk,
254 unsigned int max_psk_len);
255 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
256 unsigned char *psk,
257 unsigned int max_psk_len);
258 #endif
259
260 #ifndef OPENSSL_NO_SRP
261 /* SRP client */
262 /* This is a context that we pass to all callbacks */
263 typedef struct srp_client_arg_st {
264 char *srppassin;
265 char *srplogin;
266 } SRP_CLIENT_ARG;
267
268 # define PWD_STRLEN 1024
269
ssl_give_srp_client_pwd_cb(SSL * s,void * arg)270 static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
271 {
272 SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
273 return BUF_strdup((char *)srp_client_arg->srppassin);
274 }
275
276 /* SRP server */
277 /* This is a context that we pass to SRP server callbacks */
278 typedef struct srp_server_arg_st {
279 char *expected_user;
280 char *pass;
281 } SRP_SERVER_ARG;
282
ssl_srp_server_param_cb(SSL * s,int * ad,void * arg)283 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
284 {
285 SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
286
287 if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
288 fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
289 return SSL3_AL_FATAL;
290 }
291 if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
292 *ad = SSL_AD_INTERNAL_ERROR;
293 return SSL3_AL_FATAL;
294 }
295 return SSL_ERROR_NONE;
296 }
297 #endif
298
299 static BIO *bio_err = NULL;
300 static BIO *bio_stdout = NULL;
301
302 static const char *alpn_client;
303 static const char *alpn_server;
304 static const char *alpn_expected;
305 static unsigned char *alpn_selected;
306
307 /*-
308 * next_protos_parse parses a comma separated list of strings into a string
309 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
310 * outlen: (output) set to the length of the resulting buffer on success.
311 * err: (maybe NULL) on failure, an error message line is written to this BIO.
312 * in: a NUL terminated string like "abc,def,ghi"
313 *
314 * returns: a malloced buffer or NULL on failure.
315 */
next_protos_parse(unsigned short * outlen,const char * in)316 static unsigned char *next_protos_parse(unsigned short *outlen,
317 const char *in)
318 {
319 size_t len;
320 unsigned char *out;
321 size_t i, start = 0;
322
323 len = strlen(in);
324 if (len >= 65535)
325 return NULL;
326
327 out = OPENSSL_malloc(strlen(in) + 1);
328 if (!out)
329 return NULL;
330
331 for (i = 0; i <= len; ++i) {
332 if (i == len || in[i] == ',') {
333 if (i - start > 255) {
334 OPENSSL_free(out);
335 return NULL;
336 }
337 out[start] = i - start;
338 start = i + 1;
339 } else
340 out[i + 1] = in[i];
341 }
342
343 *outlen = len + 1;
344 return out;
345 }
346
cb_server_alpn(SSL * s,const unsigned char ** out,unsigned char * outlen,const unsigned char * in,unsigned int inlen,void * arg)347 static int cb_server_alpn(SSL *s, const unsigned char **out,
348 unsigned char *outlen, const unsigned char *in,
349 unsigned int inlen, void *arg)
350 {
351 unsigned char *protos;
352 unsigned short protos_len;
353
354 protos = next_protos_parse(&protos_len, alpn_server);
355 if (protos == NULL) {
356 fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
357 alpn_server);
358 abort();
359 }
360
361 if (SSL_select_next_proto
362 ((unsigned char **)out, outlen, protos, protos_len, in,
363 inlen) != OPENSSL_NPN_NEGOTIATED) {
364 OPENSSL_free(protos);
365 return SSL_TLSEXT_ERR_NOACK;
366 }
367
368 /*
369 * Make a copy of the selected protocol which will be freed in
370 * verify_alpn.
371 */
372 alpn_selected = OPENSSL_malloc(*outlen);
373 memcpy(alpn_selected, *out, *outlen);
374 *out = alpn_selected;
375
376 OPENSSL_free(protos);
377 return SSL_TLSEXT_ERR_OK;
378 }
379
verify_alpn(SSL * client,SSL * server)380 static int verify_alpn(SSL *client, SSL *server)
381 {
382 const unsigned char *client_proto, *server_proto;
383 unsigned int client_proto_len = 0, server_proto_len = 0;
384 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
385 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
386
387 if (alpn_selected != NULL) {
388 OPENSSL_free(alpn_selected);
389 alpn_selected = NULL;
390 }
391
392 if (client_proto_len != server_proto_len ||
393 memcmp(client_proto, server_proto, client_proto_len) != 0) {
394 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
395 goto err;
396 }
397
398 if (client_proto_len > 0 && alpn_expected == NULL) {
399 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
400 goto err;
401 }
402
403 if (alpn_expected != NULL &&
404 (client_proto_len != strlen(alpn_expected) ||
405 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
406 BIO_printf(bio_stdout,
407 "ALPN selected protocols not equal to expected protocol: %s\n",
408 alpn_expected);
409 goto err;
410 }
411
412 return 0;
413
414 err:
415 BIO_printf(bio_stdout, "ALPN results: client: '");
416 BIO_write(bio_stdout, client_proto, client_proto_len);
417 BIO_printf(bio_stdout, "', server: '");
418 BIO_write(bio_stdout, server_proto, server_proto_len);
419 BIO_printf(bio_stdout, "'\n");
420 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
421 alpn_client, alpn_server);
422 return -1;
423 }
424
425 #define SCT_EXT_TYPE 18
426
427 /*
428 * WARNING : below extension types are *NOT* IETF assigned, and could
429 * conflict if these types are reassigned and handled specially by OpenSSL
430 * in the future
431 */
432 #define TACK_EXT_TYPE 62208
433 #define CUSTOM_EXT_TYPE_0 1000
434 #define CUSTOM_EXT_TYPE_1 1001
435 #define CUSTOM_EXT_TYPE_2 1002
436 #define CUSTOM_EXT_TYPE_3 1003
437
438 const char custom_ext_cli_string[] = "abc";
439 const char custom_ext_srv_string[] = "defg";
440
441 /* These set from cmdline */
442 char *serverinfo_file = NULL;
443 int serverinfo_sct = 0;
444 int serverinfo_tack = 0;
445
446 /* These set based on extension callbacks */
447 int serverinfo_sct_seen = 0;
448 int serverinfo_tack_seen = 0;
449 int serverinfo_other_seen = 0;
450
451 /* This set from cmdline */
452 int custom_ext = 0;
453
454 /* This set based on extension callbacks */
455 int custom_ext_error = 0;
456
serverinfo_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)457 static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
458 const unsigned char *in, size_t inlen,
459 int *al, void *arg)
460 {
461 if (ext_type == SCT_EXT_TYPE)
462 serverinfo_sct_seen++;
463 else if (ext_type == TACK_EXT_TYPE)
464 serverinfo_tack_seen++;
465 else
466 serverinfo_other_seen++;
467 return 1;
468 }
469
verify_serverinfo()470 static int verify_serverinfo()
471 {
472 if (serverinfo_sct != serverinfo_sct_seen)
473 return -1;
474 if (serverinfo_tack != serverinfo_tack_seen)
475 return -1;
476 if (serverinfo_other_seen)
477 return -1;
478 return 0;
479 }
480
481 /*-
482 * Four test cases for custom extensions:
483 * 0 - no ClientHello extension or ServerHello response
484 * 1 - ClientHello with "abc", no response
485 * 2 - ClientHello with "abc", empty response
486 * 3 - ClientHello with "abc", "defg" response
487 */
488
custom_ext_0_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)489 static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
490 const unsigned char **out,
491 size_t *outlen, int *al, void *arg)
492 {
493 if (ext_type != CUSTOM_EXT_TYPE_0)
494 custom_ext_error = 1;
495 return 0; /* Don't send an extension */
496 }
497
custom_ext_0_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)498 static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
499 const unsigned char *in,
500 size_t inlen, int *al, void *arg)
501 {
502 return 1;
503 }
504
custom_ext_1_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)505 static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
506 const unsigned char **out,
507 size_t *outlen, int *al, void *arg)
508 {
509 if (ext_type != CUSTOM_EXT_TYPE_1)
510 custom_ext_error = 1;
511 *out = (const unsigned char *)custom_ext_cli_string;
512 *outlen = strlen(custom_ext_cli_string);
513 return 1; /* Send "abc" */
514 }
515
custom_ext_1_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)516 static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
517 const unsigned char *in,
518 size_t inlen, int *al, void *arg)
519 {
520 return 1;
521 }
522
custom_ext_2_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)523 static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
524 const unsigned char **out,
525 size_t *outlen, int *al, void *arg)
526 {
527 if (ext_type != CUSTOM_EXT_TYPE_2)
528 custom_ext_error = 1;
529 *out = (const unsigned char *)custom_ext_cli_string;
530 *outlen = strlen(custom_ext_cli_string);
531 return 1; /* Send "abc" */
532 }
533
custom_ext_2_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)534 static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
535 const unsigned char *in,
536 size_t inlen, int *al, void *arg)
537 {
538 if (ext_type != CUSTOM_EXT_TYPE_2)
539 custom_ext_error = 1;
540 if (inlen != 0)
541 custom_ext_error = 1; /* Should be empty response */
542 return 1;
543 }
544
custom_ext_3_cli_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)545 static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
546 const unsigned char **out,
547 size_t *outlen, int *al, void *arg)
548 {
549 if (ext_type != CUSTOM_EXT_TYPE_3)
550 custom_ext_error = 1;
551 *out = (const unsigned char *)custom_ext_cli_string;
552 *outlen = strlen(custom_ext_cli_string);
553 return 1; /* Send "abc" */
554 }
555
custom_ext_3_cli_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)556 static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
557 const unsigned char *in,
558 size_t inlen, int *al, void *arg)
559 {
560 if (ext_type != CUSTOM_EXT_TYPE_3)
561 custom_ext_error = 1;
562 if (inlen != strlen(custom_ext_srv_string))
563 custom_ext_error = 1;
564 if (memcmp(custom_ext_srv_string, in, inlen) != 0)
565 custom_ext_error = 1; /* Check for "defg" */
566 return 1;
567 }
568
569 /*
570 * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
571 * for this extension
572 */
custom_ext_0_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)573 static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
574 const unsigned char *in,
575 size_t inlen, int *al, void *arg)
576 {
577 custom_ext_error = 1;
578 return 1;
579 }
580
581 /* 'add' callbacks are only called if the 'parse' callback is called */
custom_ext_0_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)582 static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
583 const unsigned char **out,
584 size_t *outlen, int *al, void *arg)
585 {
586 /* Error: should not have been called */
587 custom_ext_error = 1;
588 return 0; /* Don't send an extension */
589 }
590
custom_ext_1_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)591 static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
592 const unsigned char *in,
593 size_t inlen, int *al, void *arg)
594 {
595 if (ext_type != CUSTOM_EXT_TYPE_1)
596 custom_ext_error = 1;
597 /* Check for "abc" */
598 if (inlen != strlen(custom_ext_cli_string))
599 custom_ext_error = 1;
600 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
601 custom_ext_error = 1;
602 return 1;
603 }
604
custom_ext_1_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)605 static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
606 const unsigned char **out,
607 size_t *outlen, int *al, void *arg)
608 {
609 return 0; /* Don't send an extension */
610 }
611
custom_ext_2_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)612 static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
613 const unsigned char *in,
614 size_t inlen, int *al, void *arg)
615 {
616 if (ext_type != CUSTOM_EXT_TYPE_2)
617 custom_ext_error = 1;
618 /* Check for "abc" */
619 if (inlen != strlen(custom_ext_cli_string))
620 custom_ext_error = 1;
621 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
622 custom_ext_error = 1;
623 return 1;
624 }
625
custom_ext_2_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)626 static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
627 const unsigned char **out,
628 size_t *outlen, int *al, void *arg)
629 {
630 *out = NULL;
631 *outlen = 0;
632 return 1; /* Send empty extension */
633 }
634
custom_ext_3_srv_parse_cb(SSL * s,unsigned int ext_type,const unsigned char * in,size_t inlen,int * al,void * arg)635 static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
636 const unsigned char *in,
637 size_t inlen, int *al, void *arg)
638 {
639 if (ext_type != CUSTOM_EXT_TYPE_3)
640 custom_ext_error = 1;
641 /* Check for "abc" */
642 if (inlen != strlen(custom_ext_cli_string))
643 custom_ext_error = 1;
644 if (memcmp(in, custom_ext_cli_string, inlen) != 0)
645 custom_ext_error = 1;
646 return 1;
647 }
648
custom_ext_3_srv_add_cb(SSL * s,unsigned int ext_type,const unsigned char ** out,size_t * outlen,int * al,void * arg)649 static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
650 const unsigned char **out,
651 size_t *outlen, int *al, void *arg)
652 {
653 *out = (const unsigned char *)custom_ext_srv_string;
654 *outlen = strlen(custom_ext_srv_string);
655 return 1; /* Send "defg" */
656 }
657
658 static char *cipher = NULL;
659 static int verbose = 0;
660 static int debug = 0;
661 #if 0
662 /* Not used yet. */
663 # ifdef FIONBIO
664 static int s_nbio = 0;
665 # endif
666 #endif
667
668 static const char rnd_seed[] =
669 "string to make the random number generator think it has entropy";
670
671 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
672 clock_t *c_time);
673 int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
674 static int do_test_cipherlist(void);
sv_usage(void)675 static void sv_usage(void)
676 {
677 fprintf(stderr, "usage: ssltest [args ...]\n");
678 fprintf(stderr, "\n");
679 #ifdef OPENSSL_FIPS
680 fprintf(stderr, "-F - run test in FIPS mode\n");
681 #endif
682 fprintf(stderr, " -server_auth - check server certificate\n");
683 fprintf(stderr, " -client_auth - do client authentication\n");
684 fprintf(stderr, " -proxy - allow proxy certificates\n");
685 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
686 fprintf(stderr,
687 " -proxy_cond <val> - expression to test proxy policy rights\n");
688 fprintf(stderr, " -v - more output\n");
689 fprintf(stderr, " -d - debug output\n");
690 fprintf(stderr, " -reuse - use session-id reuse\n");
691 fprintf(stderr, " -num <val> - number of connections to perform\n");
692 fprintf(stderr,
693 " -bytes <val> - number of bytes to swap between client/server\n");
694 #ifndef OPENSSL_NO_DH
695 fprintf(stderr,
696 " -dhe512 - use 512 bit key for DHE (to test failure)\n");
697 fprintf(stderr,
698 " -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
699 fprintf(stderr,
700 " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
701 fprintf(stderr, " -no_dhe - disable DHE\n");
702 #endif
703 #ifndef OPENSSL_NO_ECDH
704 fprintf(stderr, " -no_ecdhe - disable ECDHE\n");
705 #endif
706 #ifndef OPENSSL_NO_PSK
707 fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n");
708 #endif
709 #ifndef OPENSSL_NO_SRP
710 fprintf(stderr, " -srpuser user - SRP username to use\n");
711 fprintf(stderr, " -srppass arg - password for 'user'\n");
712 #endif
713 #ifndef OPENSSL_NO_SSL2
714 fprintf(stderr, " -ssl2 - use SSLv2\n");
715 #endif
716 #ifndef OPENSSL_NO_SSL3_METHOD
717 fprintf(stderr, " -ssl3 - use SSLv3\n");
718 #endif
719 #ifndef OPENSSL_NO_TLS1
720 fprintf(stderr, " -tls1 - use TLSv1\n");
721 #endif
722 #ifndef OPENSSL_NO_DTLS
723 fprintf(stderr, " -dtls1 - use DTLSv1\n");
724 fprintf(stderr, " -dtls12 - use DTLSv1.2\n");
725 #endif
726 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
727 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
728 fprintf(stderr, " -cert arg - Server certificate file\n");
729 fprintf(stderr,
730 " -key arg - Server key file (default: same as -cert)\n");
731 fprintf(stderr, " -c_cert arg - Client certificate file\n");
732 fprintf(stderr,
733 " -c_key arg - Client key file (default: same as -c_cert)\n");
734 fprintf(stderr, " -cipher arg - The cipher list\n");
735 fprintf(stderr, " -bio_pair - Use BIO pairs\n");
736 fprintf(stderr, " -f - Test even cases that can't work\n");
737 fprintf(stderr,
738 " -time - measure processor time used by client and server\n");
739 fprintf(stderr, " -zlib - use zlib compression\n");
740 fprintf(stderr, " -rle - use rle compression\n");
741 #ifndef OPENSSL_NO_ECDH
742 fprintf(stderr,
743 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
744 " Use \"openssl ecparam -list_curves\" for all names\n"
745 " (default is sect163r2).\n");
746 #endif
747 fprintf(stderr,
748 " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
749 " When this option is requested, the cipherlist\n"
750 " tests are run instead of handshake tests.\n");
751 fprintf(stderr, " -serverinfo_file file - have server use this file\n");
752 fprintf(stderr, " -serverinfo_sct - have client offer and expect SCT\n");
753 fprintf(stderr,
754 " -serverinfo_tack - have client offer and expect TACK\n");
755 fprintf(stderr,
756 " -custom_ext - try various custom extension callbacks\n");
757 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
758 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
759 fprintf(stderr,
760 " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
761 }
762
print_details(SSL * c_ssl,const char * prefix)763 static void print_details(SSL *c_ssl, const char *prefix)
764 {
765 const SSL_CIPHER *ciph;
766 X509 *cert;
767
768 ciph = SSL_get_current_cipher(c_ssl);
769 BIO_printf(bio_stdout, "%s%s, cipher %s %s",
770 prefix,
771 SSL_get_version(c_ssl),
772 SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
773 cert = SSL_get_peer_certificate(c_ssl);
774 if (cert != NULL) {
775 EVP_PKEY *pkey = X509_get_pubkey(cert);
776 if (pkey != NULL) {
777 if (0) ;
778 #ifndef OPENSSL_NO_RSA
779 else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
780 && pkey->pkey.rsa->n != NULL) {
781 BIO_printf(bio_stdout, ", %d bit RSA",
782 BN_num_bits(pkey->pkey.rsa->n));
783 }
784 #endif
785 #ifndef OPENSSL_NO_DSA
786 else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
787 && pkey->pkey.dsa->p != NULL) {
788 BIO_printf(bio_stdout, ", %d bit DSA",
789 BN_num_bits(pkey->pkey.dsa->p));
790 }
791 #endif
792 EVP_PKEY_free(pkey);
793 }
794 X509_free(cert);
795 }
796 /*
797 * The SSL API does not allow us to look at temporary RSA/DH keys,
798 * otherwise we should print their lengths too
799 */
800 BIO_printf(bio_stdout, "\n");
801 }
802
lock_dbg_cb(int mode,int type,const char * file,int line)803 static void lock_dbg_cb(int mode, int type, const char *file, int line)
804 {
805 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
806 const char *errstr = NULL;
807 int rw;
808
809 rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
810 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
811 errstr = "invalid mode";
812 goto err;
813 }
814
815 if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
816 errstr = "type out of bounds";
817 goto err;
818 }
819
820 if (mode & CRYPTO_LOCK) {
821 if (modes[type]) {
822 errstr = "already locked";
823 /*
824 * must not happen in a single-threaded program (would deadlock)
825 */
826 goto err;
827 }
828
829 modes[type] = rw;
830 } else if (mode & CRYPTO_UNLOCK) {
831 if (!modes[type]) {
832 errstr = "not locked";
833 goto err;
834 }
835
836 if (modes[type] != rw) {
837 errstr = (rw == CRYPTO_READ) ?
838 "CRYPTO_r_unlock on write lock" :
839 "CRYPTO_w_unlock on read lock";
840 }
841
842 modes[type] = 0;
843 } else {
844 errstr = "invalid mode";
845 goto err;
846 }
847
848 err:
849 if (errstr) {
850 /* we cannot use bio_err here */
851 fprintf(stderr,
852 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
853 errstr, mode, type, file, line);
854 }
855 }
856
857 #ifdef TLSEXT_TYPE_opaque_prf_input
858 struct cb_info_st {
859 void *input;
860 size_t len;
861 int ret;
862 };
863 struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
864 struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
865 struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
866 struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
867
opaque_prf_input_cb(SSL * ssl,void * peerinput,size_t len,void * arg_)868 int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
869 {
870 struct cb_info_st *arg = arg_;
871
872 if (arg == NULL)
873 return 1;
874
875 if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
876 return 0;
877 return arg->ret;
878 }
879 #endif
880
main(int argc,char * argv[])881 int main(int argc, char *argv[])
882 {
883 char *CApath = NULL, *CAfile = NULL;
884 int badop = 0;
885 int bio_pair = 0;
886 int force = 0;
887 int dtls1 = 0, dtls12 = 0, tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1;
888 int client_auth = 0;
889 int server_auth = 0, i;
890 struct app_verify_arg app_verify_arg =
891 { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
892 char *server_cert = TEST_SERVER_CERT;
893 char *server_key = NULL;
894 char *client_cert = TEST_CLIENT_CERT;
895 char *client_key = NULL;
896 #ifndef OPENSSL_NO_ECDH
897 char *named_curve = NULL;
898 #endif
899 SSL_CTX *s_ctx = NULL;
900 SSL_CTX *c_ctx = NULL;
901 const SSL_METHOD *meth = NULL;
902 SSL *c_ssl, *s_ssl;
903 int number = 1, reuse = 0;
904 long bytes = 256L;
905 #ifndef OPENSSL_NO_DH
906 DH *dh;
907 int dhe512 = 0, dhe1024dsa = 0;
908 #endif
909 #ifndef OPENSSL_NO_ECDH
910 EC_KEY *ecdh = NULL;
911 #endif
912 #ifndef OPENSSL_NO_SRP
913 /* client */
914 SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
915 /* server */
916 SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
917 #endif
918 int no_dhe = 0;
919 int no_ecdhe = 0;
920 int no_psk = 0;
921 int print_time = 0;
922 clock_t s_time = 0, c_time = 0;
923 #ifndef OPENSSL_NO_COMP
924 int comp = 0;
925 COMP_METHOD *cm = NULL;
926 STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
927 #endif
928 int test_cipherlist = 0;
929 #ifdef OPENSSL_FIPS
930 int fips_mode = 0;
931 #endif
932 int no_protocol = 0;
933
934 verbose = 0;
935 debug = 0;
936 cipher = 0;
937
938 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
939
940 CRYPTO_set_locking_callback(lock_dbg_cb);
941
942 /* enable memory leak checking unless explicitly disabled */
943 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
944 && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
945 CRYPTO_malloc_debug_init();
946 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
947 } else {
948 /* OPENSSL_DEBUG_MEMORY=off */
949 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
950 }
951 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
952
953 RAND_seed(rnd_seed, sizeof rnd_seed);
954
955 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
956
957 argc--;
958 argv++;
959
960 while (argc >= 1) {
961 if (!strcmp(*argv, "-F")) {
962 #ifdef OPENSSL_FIPS
963 fips_mode = 1;
964 #else
965 fprintf(stderr,
966 "not compiled with FIPS support, so exiting without running.\n");
967 EXIT(0);
968 #endif
969 } else if (strcmp(*argv, "-server_auth") == 0)
970 server_auth = 1;
971 else if (strcmp(*argv, "-client_auth") == 0)
972 client_auth = 1;
973 else if (strcmp(*argv, "-proxy_auth") == 0) {
974 if (--argc < 1)
975 goto bad;
976 app_verify_arg.proxy_auth = *(++argv);
977 } else if (strcmp(*argv, "-proxy_cond") == 0) {
978 if (--argc < 1)
979 goto bad;
980 app_verify_arg.proxy_cond = *(++argv);
981 } else if (strcmp(*argv, "-v") == 0)
982 verbose = 1;
983 else if (strcmp(*argv, "-d") == 0)
984 debug = 1;
985 else if (strcmp(*argv, "-reuse") == 0)
986 reuse = 1;
987 else if (strcmp(*argv, "-dhe512") == 0) {
988 #ifndef OPENSSL_NO_DH
989 dhe512 = 1;
990 #else
991 fprintf(stderr,
992 "ignoring -dhe512, since I'm compiled without DH\n");
993 #endif
994 } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
995 #ifndef OPENSSL_NO_DH
996 dhe1024dsa = 1;
997 #else
998 fprintf(stderr,
999 "ignoring -dhe1024dsa, since I'm compiled without DH\n");
1000 #endif
1001 } else if (strcmp(*argv, "-no_dhe") == 0)
1002 no_dhe = 1;
1003 else if (strcmp(*argv, "-no_ecdhe") == 0)
1004 no_ecdhe = 1;
1005 else if (strcmp(*argv, "-psk") == 0) {
1006 if (--argc < 1)
1007 goto bad;
1008 psk_key = *(++argv);
1009 #ifndef OPENSSL_NO_PSK
1010 if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
1011 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1012 goto bad;
1013 }
1014 #else
1015 no_psk = 1;
1016 #endif
1017 }
1018 #ifndef OPENSSL_NO_SRP
1019 else if (strcmp(*argv, "-srpuser") == 0) {
1020 if (--argc < 1)
1021 goto bad;
1022 srp_server_arg.expected_user = srp_client_arg.srplogin =
1023 *(++argv);
1024 tls1 = 1;
1025 } else if (strcmp(*argv, "-srppass") == 0) {
1026 if (--argc < 1)
1027 goto bad;
1028 srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
1029 tls1 = 1;
1030 }
1031 #endif
1032 else if (strcmp(*argv, "-ssl2") == 0) {
1033 #ifdef OPENSSL_NO_SSL2
1034 no_protocol = 1;
1035 #endif
1036 ssl2 = 1;
1037 } else if (strcmp(*argv, "-tls1") == 0) {
1038 #ifdef OPENSSL_NO_TLS1
1039 no_protocol = 1;
1040 #endif
1041 tls1 = 1;
1042 } else if (strcmp(*argv, "-ssl3") == 0) {
1043 #ifdef OPENSSL_NO_SSL3_METHOD
1044 no_protocol = 1;
1045 #endif
1046 ssl3 = 1;
1047 } else if (strcmp(*argv, "-dtls1") == 0) {
1048 #ifdef OPENSSL_NO_DTLS
1049 no_protocol = 1;
1050 #endif
1051 dtls1 = 1;
1052 } else if (strcmp(*argv, "-dtls12") == 0) {
1053 #ifdef OPENSSL_NO_DTLS
1054 no_protocol = 1;
1055 #endif
1056 dtls12 = 1;
1057 } else if (strncmp(*argv, "-num", 4) == 0) {
1058 if (--argc < 1)
1059 goto bad;
1060 number = atoi(*(++argv));
1061 if (number == 0)
1062 number = 1;
1063 } else if (strcmp(*argv, "-bytes") == 0) {
1064 if (--argc < 1)
1065 goto bad;
1066 bytes = atol(*(++argv));
1067 if (bytes == 0L)
1068 bytes = 1L;
1069 i = strlen(argv[0]);
1070 if (argv[0][i - 1] == 'k')
1071 bytes *= 1024L;
1072 if (argv[0][i - 1] == 'm')
1073 bytes *= 1024L * 1024L;
1074 } else if (strcmp(*argv, "-cert") == 0) {
1075 if (--argc < 1)
1076 goto bad;
1077 server_cert = *(++argv);
1078 } else if (strcmp(*argv, "-s_cert") == 0) {
1079 if (--argc < 1)
1080 goto bad;
1081 server_cert = *(++argv);
1082 } else if (strcmp(*argv, "-key") == 0) {
1083 if (--argc < 1)
1084 goto bad;
1085 server_key = *(++argv);
1086 } else if (strcmp(*argv, "-s_key") == 0) {
1087 if (--argc < 1)
1088 goto bad;
1089 server_key = *(++argv);
1090 } else if (strcmp(*argv, "-c_cert") == 0) {
1091 if (--argc < 1)
1092 goto bad;
1093 client_cert = *(++argv);
1094 } else if (strcmp(*argv, "-c_key") == 0) {
1095 if (--argc < 1)
1096 goto bad;
1097 client_key = *(++argv);
1098 } else if (strcmp(*argv, "-cipher") == 0) {
1099 if (--argc < 1)
1100 goto bad;
1101 cipher = *(++argv);
1102 } else if (strcmp(*argv, "-CApath") == 0) {
1103 if (--argc < 1)
1104 goto bad;
1105 CApath = *(++argv);
1106 } else if (strcmp(*argv, "-CAfile") == 0) {
1107 if (--argc < 1)
1108 goto bad;
1109 CAfile = *(++argv);
1110 } else if (strcmp(*argv, "-bio_pair") == 0) {
1111 bio_pair = 1;
1112 } else if (strcmp(*argv, "-f") == 0) {
1113 force = 1;
1114 } else if (strcmp(*argv, "-time") == 0) {
1115 print_time = 1;
1116 }
1117 #ifndef OPENSSL_NO_COMP
1118 else if (strcmp(*argv, "-zlib") == 0) {
1119 comp = COMP_ZLIB;
1120 } else if (strcmp(*argv, "-rle") == 0) {
1121 comp = COMP_RLE;
1122 }
1123 #endif
1124 else if (strcmp(*argv, "-named_curve") == 0) {
1125 if (--argc < 1)
1126 goto bad;
1127 #ifndef OPENSSL_NO_ECDH
1128 named_curve = *(++argv);
1129 #else
1130 fprintf(stderr,
1131 "ignoring -named_curve, since I'm compiled without ECDH\n");
1132 ++argv;
1133 #endif
1134 } else if (strcmp(*argv, "-app_verify") == 0) {
1135 app_verify_arg.app_verify = 1;
1136 } else if (strcmp(*argv, "-proxy") == 0) {
1137 app_verify_arg.allow_proxy_certs = 1;
1138 } else if (strcmp(*argv, "-test_cipherlist") == 0) {
1139 test_cipherlist = 1;
1140 } else if (strcmp(*argv, "-serverinfo_sct") == 0) {
1141 serverinfo_sct = 1;
1142 } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
1143 serverinfo_tack = 1;
1144 } else if (strcmp(*argv, "-serverinfo_file") == 0) {
1145 if (--argc < 1)
1146 goto bad;
1147 serverinfo_file = *(++argv);
1148 } else if (strcmp(*argv, "-custom_ext") == 0) {
1149 custom_ext = 1;
1150 } else if (strcmp(*argv, "-alpn_client") == 0) {
1151 if (--argc < 1)
1152 goto bad;
1153 alpn_client = *(++argv);
1154 } else if (strcmp(*argv, "-alpn_server") == 0) {
1155 if (--argc < 1)
1156 goto bad;
1157 alpn_server = *(++argv);
1158 } else if (strcmp(*argv, "-alpn_expected") == 0) {
1159 if (--argc < 1)
1160 goto bad;
1161 alpn_expected = *(++argv);
1162 } else {
1163 fprintf(stderr, "unknown option %s\n", *argv);
1164 badop = 1;
1165 break;
1166 }
1167 argc--;
1168 argv++;
1169 }
1170 if (badop) {
1171 bad:
1172 sv_usage();
1173 goto end;
1174 }
1175
1176 /*
1177 * test_cipherlist prevails over protocol switch: we test the cipherlist
1178 * for all enabled protocols.
1179 */
1180 if (test_cipherlist == 1) {
1181 /*
1182 * ensure that the cipher list are correctly sorted and exit
1183 */
1184 fprintf(stdout, "Testing cipherlist order only. Ignoring all "
1185 "other options.\n");
1186 if (do_test_cipherlist() == 0)
1187 EXIT(1);
1188 ret = 0;
1189 goto end;
1190 }
1191
1192 if (ssl2 + ssl3 + tls1 + dtls1 + dtls12 > 1) {
1193 fprintf(stderr, "At most one of -ssl2, -ssl3, -tls1, -dtls1 or -dtls12 should "
1194 "be requested.\n");
1195 EXIT(1);
1196 }
1197
1198 /*
1199 * Testing was requested for a compiled-out protocol (e.g. SSLv2).
1200 * Ideally, we would error out, but the generic test wrapper can't know
1201 * when to expect failure. So we do nothing and return success.
1202 */
1203 if (no_protocol) {
1204 fprintf(stderr, "Testing was requested for a disabled protocol. "
1205 "Skipping tests.\n");
1206 ret = 0;
1207 goto end;
1208 }
1209
1210 if (!ssl2 && !ssl3 && !tls1 && !dtls1 && !dtls12 && number > 1 && !reuse && !force) {
1211 fprintf(stderr, "This case cannot work. Use -f to perform "
1212 "the test anyway (and\n-d to see what happens), "
1213 "or add one of ssl2, -ssl3, -tls1, -dtls1, -dtls12, -reuse\n"
1214 "to avoid protocol mismatch.\n");
1215 EXIT(1);
1216 }
1217 #ifdef OPENSSL_FIPS
1218 if (fips_mode) {
1219 if (!FIPS_mode_set(1)) {
1220 ERR_load_crypto_strings();
1221 ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
1222 EXIT(1);
1223 } else
1224 fprintf(stderr, "*** IN FIPS MODE ***\n");
1225 }
1226 #endif
1227
1228 if (print_time) {
1229 if (!bio_pair) {
1230 fprintf(stderr, "Using BIO pair (-bio_pair)\n");
1231 bio_pair = 1;
1232 }
1233 if (number < 50 && !force)
1234 fprintf(stderr,
1235 "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
1236 }
1237
1238 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
1239
1240 SSL_library_init();
1241 SSL_load_error_strings();
1242
1243 #ifndef OPENSSL_NO_COMP
1244 if (comp == COMP_ZLIB)
1245 cm = COMP_zlib();
1246 if (comp == COMP_RLE)
1247 cm = COMP_rle();
1248 if (cm != NULL) {
1249 if (cm->type != NID_undef) {
1250 if (SSL_COMP_add_compression_method(comp, cm) != 0) {
1251 fprintf(stderr, "Failed to add compression method\n");
1252 ERR_print_errors_fp(stderr);
1253 }
1254 } else {
1255 fprintf(stderr,
1256 "Warning: %s compression not supported\n",
1257 (comp == COMP_RLE ? "rle" :
1258 (comp == COMP_ZLIB ? "zlib" : "unknown")));
1259 ERR_print_errors_fp(stderr);
1260 }
1261 }
1262 ssl_comp_methods = SSL_COMP_get_compression_methods();
1263 fprintf(stderr, "Available compression methods:\n");
1264 {
1265 int j, n = sk_SSL_COMP_num(ssl_comp_methods);
1266 if (n == 0)
1267 fprintf(stderr, " NONE\n");
1268 else
1269 for (j = 0; j < n; j++) {
1270 SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
1271 fprintf(stderr, " %d: %s\n", c->id, c->name);
1272 }
1273 }
1274 #endif
1275
1276 /*
1277 * At this point, ssl2/ssl3/tls1 is only set if the protocol is
1278 * available. (Otherwise we exit early.) However the compiler doesn't
1279 * know this, so we ifdef.
1280 */
1281 #ifndef OPENSSL_NO_SSL2
1282 if (ssl2)
1283 meth = SSLv2_method();
1284 else
1285 #endif
1286 #ifndef OPENSSL_NO_SSL3
1287 if (ssl3)
1288 meth = SSLv3_method();
1289 else
1290 #endif
1291 #ifndef OPENSSL_NO_DTLS
1292 if (dtls1)
1293 meth = DTLSv1_method();
1294 else if (dtls12)
1295 meth = DTLSv1_2_method();
1296 else
1297 #endif
1298 #ifndef OPENSSL_NO_TLS1
1299 if (tls1)
1300 meth = TLSv1_method();
1301 else
1302 #endif
1303 meth = SSLv23_method();
1304
1305 c_ctx = SSL_CTX_new(meth);
1306 s_ctx = SSL_CTX_new(meth);
1307 if ((c_ctx == NULL) || (s_ctx == NULL)) {
1308 ERR_print_errors(bio_err);
1309 goto end;
1310 }
1311
1312 if (cipher != NULL) {
1313 SSL_CTX_set_cipher_list(c_ctx, cipher);
1314 SSL_CTX_set_cipher_list(s_ctx, cipher);
1315 }
1316 #ifndef OPENSSL_NO_DH
1317 if (!no_dhe) {
1318 if (dhe1024dsa) {
1319 /*
1320 * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
1321 */
1322 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
1323 dh = get_dh1024dsa();
1324 } else if (dhe512)
1325 dh = get_dh512();
1326 else
1327 dh = get_dh1024();
1328 SSL_CTX_set_tmp_dh(s_ctx, dh);
1329 DH_free(dh);
1330 }
1331 #else
1332 (void)no_dhe;
1333 #endif
1334
1335 #ifndef OPENSSL_NO_ECDH
1336 if (!no_ecdhe) {
1337 int nid;
1338
1339 if (named_curve != NULL) {
1340 nid = OBJ_sn2nid(named_curve);
1341 if (nid == 0) {
1342 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1343 goto end;
1344 }
1345 } else {
1346 nid = NID_X9_62_prime256v1;
1347 }
1348
1349 ecdh = EC_KEY_new_by_curve_name(nid);
1350 if (ecdh == NULL) {
1351 BIO_printf(bio_err, "unable to create curve\n");
1352 goto end;
1353 }
1354
1355 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
1356 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
1357 EC_KEY_free(ecdh);
1358 }
1359 #else
1360 (void)no_ecdhe;
1361 #endif
1362
1363 #ifndef OPENSSL_NO_RSA
1364 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
1365 #endif
1366
1367 #ifdef TLSEXT_TYPE_opaque_prf_input
1368 SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
1369 SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
1370 /* or &co2 or NULL */
1371 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
1372 /* or &so2 or NULL */
1373 SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
1374 #endif
1375
1376 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
1377 ERR_print_errors(bio_err);
1378 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
1379 (server_key ? server_key :
1380 server_cert),
1381 SSL_FILETYPE_PEM)) {
1382 ERR_print_errors(bio_err);
1383 goto end;
1384 }
1385
1386 if (client_auth) {
1387 SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM);
1388 SSL_CTX_use_PrivateKey_file(c_ctx,
1389 (client_key ? client_key : client_cert),
1390 SSL_FILETYPE_PEM);
1391 }
1392
1393 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
1394 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
1395 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
1396 (!SSL_CTX_set_default_verify_paths(c_ctx))) {
1397 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
1398 ERR_print_errors(bio_err);
1399 /* goto end; */
1400 }
1401
1402 if (client_auth) {
1403 BIO_printf(bio_err, "client authentication\n");
1404 SSL_CTX_set_verify(s_ctx,
1405 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
1406 verify_callback);
1407 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
1408 &app_verify_arg);
1409 }
1410 if (server_auth) {
1411 BIO_printf(bio_err, "server authentication\n");
1412 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
1413 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
1414 &app_verify_arg);
1415 }
1416
1417 {
1418 int session_id_context = 0;
1419 SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
1420 sizeof session_id_context);
1421 }
1422
1423 /* Use PSK only if PSK key is given */
1424 if (psk_key != NULL) {
1425 /*
1426 * no_psk is used to avoid putting psk command to openssl tool
1427 */
1428 if (no_psk) {
1429 /*
1430 * if PSK is not compiled in and psk key is given, do nothing and
1431 * exit successfully
1432 */
1433 ret = 0;
1434 goto end;
1435 }
1436 #ifndef OPENSSL_NO_PSK
1437 SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
1438 SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
1439 if (debug)
1440 BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
1441 if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
1442 BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
1443 ERR_print_errors(bio_err);
1444 goto end;
1445 }
1446 #endif
1447 }
1448 #ifndef OPENSSL_NO_SRP
1449 if (srp_client_arg.srplogin) {
1450 if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
1451 BIO_printf(bio_err, "Unable to set SRP username\n");
1452 goto end;
1453 }
1454 SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
1455 SSL_CTX_set_srp_client_pwd_callback(c_ctx,
1456 ssl_give_srp_client_pwd_cb);
1457 /*
1458 * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
1459 */
1460 }
1461
1462 if (srp_server_arg.expected_user != NULL) {
1463 SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
1464 SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
1465 SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
1466 }
1467 #endif
1468
1469 if (serverinfo_sct)
1470 SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
1471 NULL, NULL, NULL,
1472 serverinfo_cli_parse_cb, NULL);
1473 if (serverinfo_tack)
1474 SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
1475 NULL, NULL, NULL,
1476 serverinfo_cli_parse_cb, NULL);
1477
1478 if (serverinfo_file)
1479 if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
1480 BIO_printf(bio_err, "missing serverinfo file\n");
1481 goto end;
1482 }
1483
1484 if (custom_ext) {
1485 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
1486 custom_ext_0_cli_add_cb,
1487 NULL, NULL,
1488 custom_ext_0_cli_parse_cb, NULL);
1489 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
1490 custom_ext_1_cli_add_cb,
1491 NULL, NULL,
1492 custom_ext_1_cli_parse_cb, NULL);
1493 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
1494 custom_ext_2_cli_add_cb,
1495 NULL, NULL,
1496 custom_ext_2_cli_parse_cb, NULL);
1497 SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
1498 custom_ext_3_cli_add_cb,
1499 NULL, NULL,
1500 custom_ext_3_cli_parse_cb, NULL);
1501
1502 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
1503 custom_ext_0_srv_add_cb,
1504 NULL, NULL,
1505 custom_ext_0_srv_parse_cb, NULL);
1506 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
1507 custom_ext_1_srv_add_cb,
1508 NULL, NULL,
1509 custom_ext_1_srv_parse_cb, NULL);
1510 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
1511 custom_ext_2_srv_add_cb,
1512 NULL, NULL,
1513 custom_ext_2_srv_parse_cb, NULL);
1514 SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
1515 custom_ext_3_srv_add_cb,
1516 NULL, NULL,
1517 custom_ext_3_srv_parse_cb, NULL);
1518 }
1519
1520 if (alpn_server)
1521 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
1522
1523 if (alpn_client) {
1524 unsigned short alpn_len;
1525 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
1526
1527 if (alpn == NULL) {
1528 BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
1529 goto end;
1530 }
1531 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
1532 OPENSSL_free(alpn);
1533 }
1534
1535 c_ssl = SSL_new(c_ctx);
1536 s_ssl = SSL_new(s_ctx);
1537
1538 #ifndef OPENSSL_NO_KRB5
1539 if (c_ssl && c_ssl->kssl_ctx) {
1540 char localhost[MAXHOSTNAMELEN + 2];
1541
1542 if (gethostname(localhost, sizeof localhost - 1) == 0) {
1543 localhost[sizeof localhost - 1] = '\0';
1544 if (strlen(localhost) == sizeof localhost - 1) {
1545 BIO_printf(bio_err, "localhost name too long\n");
1546 goto end;
1547 }
1548 kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost);
1549 }
1550 }
1551 #endif /* OPENSSL_NO_KRB5 */
1552
1553 for (i = 0; i < number; i++) {
1554 if (!reuse)
1555 SSL_set_session(c_ssl, NULL);
1556 if (bio_pair)
1557 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
1558 else
1559 ret = doit(s_ssl, c_ssl, bytes);
1560 }
1561
1562 if (!verbose) {
1563 print_details(c_ssl, "");
1564 }
1565 if ((number > 1) || (bytes > 1L))
1566 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number,
1567 bytes);
1568 if (print_time) {
1569 #ifdef CLOCKS_PER_SEC
1570 /*
1571 * "To determine the time in seconds, the value returned by the clock
1572 * function should be divided by the value of the macro
1573 * CLOCKS_PER_SEC." -- ISO/IEC 9899
1574 */
1575 BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
1576 "Approximate total client time: %6.2f s\n",
1577 (double)s_time / CLOCKS_PER_SEC,
1578 (double)c_time / CLOCKS_PER_SEC);
1579 #else
1580 /*
1581 * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on
1582 * NeXTstep/OpenStep
1583 */
1584 BIO_printf(bio_stdout,
1585 "Approximate total server time: %6.2f units\n"
1586 "Approximate total client time: %6.2f units\n",
1587 (double)s_time, (double)c_time);
1588 #endif
1589 }
1590
1591 SSL_free(s_ssl);
1592 SSL_free(c_ssl);
1593
1594 end:
1595 if (s_ctx != NULL)
1596 SSL_CTX_free(s_ctx);
1597 if (c_ctx != NULL)
1598 SSL_CTX_free(c_ctx);
1599
1600 if (bio_stdout != NULL)
1601 BIO_free(bio_stdout);
1602
1603 #ifndef OPENSSL_NO_RSA
1604 free_tmp_rsa();
1605 #endif
1606 #ifndef OPENSSL_NO_ENGINE
1607 ENGINE_cleanup();
1608 #endif
1609 CRYPTO_cleanup_all_ex_data();
1610 ERR_free_strings();
1611 ERR_remove_thread_state(NULL);
1612 EVP_cleanup();
1613 CRYPTO_mem_leaks(bio_err);
1614 if (bio_err != NULL)
1615 BIO_free(bio_err);
1616 EXIT(ret);
1617 return ret;
1618 }
1619
doit_biopair(SSL * s_ssl,SSL * c_ssl,long count,clock_t * s_time,clock_t * c_time)1620 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
1621 clock_t *s_time, clock_t *c_time)
1622 {
1623 long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
1624 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
1625 BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
1626 int ret = 1;
1627
1628 size_t bufsiz = 256; /* small buffer for testing */
1629
1630 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
1631 goto err;
1632 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
1633 goto err;
1634
1635 s_ssl_bio = BIO_new(BIO_f_ssl());
1636 if (!s_ssl_bio)
1637 goto err;
1638
1639 c_ssl_bio = BIO_new(BIO_f_ssl());
1640 if (!c_ssl_bio)
1641 goto err;
1642
1643 SSL_set_connect_state(c_ssl);
1644 SSL_set_bio(c_ssl, client, client);
1645 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
1646
1647 SSL_set_accept_state(s_ssl);
1648 SSL_set_bio(s_ssl, server, server);
1649 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
1650
1651 do {
1652 /*-
1653 * c_ssl_bio: SSL filter BIO
1654 *
1655 * client: pseudo-I/O for SSL library
1656 *
1657 * client_io: client's SSL communication; usually to be
1658 * relayed over some I/O facility, but in this
1659 * test program, we're the server, too:
1660 *
1661 * server_io: server's SSL communication
1662 *
1663 * server: pseudo-I/O for SSL library
1664 *
1665 * s_ssl_bio: SSL filter BIO
1666 *
1667 * The client and the server each employ a "BIO pair":
1668 * client + client_io, server + server_io.
1669 * BIO pairs are symmetric. A BIO pair behaves similar
1670 * to a non-blocking socketpair (but both endpoints must
1671 * be handled by the same thread).
1672 * [Here we could connect client and server to the ends
1673 * of a single BIO pair, but then this code would be less
1674 * suitable as an example for BIO pairs in general.]
1675 *
1676 * Useful functions for querying the state of BIO pair endpoints:
1677 *
1678 * BIO_ctrl_pending(bio) number of bytes we can read now
1679 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil
1680 * other side's read attempt
1681 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now
1682 *
1683 * ..._read_request is never more than ..._write_guarantee;
1684 * it depends on the application which one you should use.
1685 */
1686
1687 /*
1688 * We have non-blocking behaviour throughout this test program, but
1689 * can be sure that there is *some* progress in each iteration; so we
1690 * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
1691 * we just try everything in each iteration
1692 */
1693
1694 {
1695 /* CLIENT */
1696
1697 MS_STATIC char cbuf[1024 * 8];
1698 int i, r;
1699 clock_t c_clock = clock();
1700
1701 memset(cbuf, 0, sizeof(cbuf));
1702
1703 if (debug)
1704 if (SSL_in_init(c_ssl))
1705 printf("client waiting in SSL_connect - %s\n",
1706 SSL_state_string_long(c_ssl));
1707
1708 if (cw_num > 0) {
1709 /* Write to server. */
1710
1711 if (cw_num > (long)sizeof cbuf)
1712 i = sizeof cbuf;
1713 else
1714 i = (int)cw_num;
1715 r = BIO_write(c_ssl_bio, cbuf, i);
1716 if (r < 0) {
1717 if (!BIO_should_retry(c_ssl_bio)) {
1718 fprintf(stderr, "ERROR in CLIENT\n");
1719 goto err;
1720 }
1721 /*
1722 * BIO_should_retry(...) can just be ignored here. The
1723 * library expects us to call BIO_write with the same
1724 * arguments again, and that's what we will do in the
1725 * next iteration.
1726 */
1727 } else if (r == 0) {
1728 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1729 goto err;
1730 } else {
1731 if (debug)
1732 printf("client wrote %d\n", r);
1733 cw_num -= r;
1734 }
1735 }
1736
1737 if (cr_num > 0) {
1738 /* Read from server. */
1739
1740 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
1741 if (r < 0) {
1742 if (!BIO_should_retry(c_ssl_bio)) {
1743 fprintf(stderr, "ERROR in CLIENT\n");
1744 goto err;
1745 }
1746 /*
1747 * Again, "BIO_should_retry" can be ignored.
1748 */
1749 } else if (r == 0) {
1750 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
1751 goto err;
1752 } else {
1753 if (debug)
1754 printf("client read %d\n", r);
1755 cr_num -= r;
1756 }
1757 }
1758
1759 /*
1760 * c_time and s_time increments will typically be very small
1761 * (depending on machine speed and clock tick intervals), but
1762 * sampling over a large number of connections should result in
1763 * fairly accurate figures. We cannot guarantee a lot, however
1764 * -- if each connection lasts for exactly one clock tick, it
1765 * will be counted only for the client or only for the server or
1766 * even not at all.
1767 */
1768 *c_time += (clock() - c_clock);
1769 }
1770
1771 {
1772 /* SERVER */
1773
1774 MS_STATIC char sbuf[1024 * 8];
1775 int i, r;
1776 clock_t s_clock = clock();
1777
1778 memset(sbuf, 0, sizeof(sbuf));
1779
1780 if (debug)
1781 if (SSL_in_init(s_ssl))
1782 printf("server waiting in SSL_accept - %s\n",
1783 SSL_state_string_long(s_ssl));
1784
1785 if (sw_num > 0) {
1786 /* Write to client. */
1787
1788 if (sw_num > (long)sizeof sbuf)
1789 i = sizeof sbuf;
1790 else
1791 i = (int)sw_num;
1792 r = BIO_write(s_ssl_bio, sbuf, i);
1793 if (r < 0) {
1794 if (!BIO_should_retry(s_ssl_bio)) {
1795 fprintf(stderr, "ERROR in SERVER\n");
1796 goto err;
1797 }
1798 /* Ignore "BIO_should_retry". */
1799 } else if (r == 0) {
1800 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1801 goto err;
1802 } else {
1803 if (debug)
1804 printf("server wrote %d\n", r);
1805 sw_num -= r;
1806 }
1807 }
1808
1809 if (sr_num > 0) {
1810 /* Read from client. */
1811
1812 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
1813 if (r < 0) {
1814 if (!BIO_should_retry(s_ssl_bio)) {
1815 fprintf(stderr, "ERROR in SERVER\n");
1816 goto err;
1817 }
1818 /* blah, blah */
1819 } else if (r == 0) {
1820 fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
1821 goto err;
1822 } else {
1823 if (debug)
1824 printf("server read %d\n", r);
1825 sr_num -= r;
1826 }
1827 }
1828
1829 *s_time += (clock() - s_clock);
1830 }
1831
1832 {
1833 /* "I/O" BETWEEN CLIENT AND SERVER. */
1834
1835 size_t r1, r2;
1836 BIO *io1 = server_io, *io2 = client_io;
1837 /*
1838 * we use the non-copying interface for io1 and the standard
1839 * BIO_write/BIO_read interface for io2
1840 */
1841
1842 static int prev_progress = 1;
1843 int progress = 0;
1844
1845 /* io1 to io2 */
1846 do {
1847 size_t num;
1848 int r;
1849
1850 r1 = BIO_ctrl_pending(io1);
1851 r2 = BIO_ctrl_get_write_guarantee(io2);
1852
1853 num = r1;
1854 if (r2 < num)
1855 num = r2;
1856 if (num) {
1857 char *dataptr;
1858
1859 if (INT_MAX < num) /* yeah, right */
1860 num = INT_MAX;
1861
1862 r = BIO_nread(io1, &dataptr, (int)num);
1863 assert(r > 0);
1864 assert(r <= (int)num);
1865 /*
1866 * possibly r < num (non-contiguous data)
1867 */
1868 num = r;
1869 r = BIO_write(io2, dataptr, (int)num);
1870 if (r != (int)num) { /* can't happen */
1871 fprintf(stderr, "ERROR: BIO_write could not write "
1872 "BIO_ctrl_get_write_guarantee() bytes");
1873 goto err;
1874 }
1875 progress = 1;
1876
1877 if (debug)
1878 printf((io1 == client_io) ?
1879 "C->S relaying: %d bytes\n" :
1880 "S->C relaying: %d bytes\n", (int)num);
1881 }
1882 }
1883 while (r1 && r2);
1884
1885 /* io2 to io1 */
1886 {
1887 size_t num;
1888 int r;
1889
1890 r1 = BIO_ctrl_pending(io2);
1891 r2 = BIO_ctrl_get_read_request(io1);
1892 /*
1893 * here we could use ..._get_write_guarantee instead of
1894 * ..._get_read_request, but by using the latter we test
1895 * restartability of the SSL implementation more thoroughly
1896 */
1897 num = r1;
1898 if (r2 < num)
1899 num = r2;
1900 if (num) {
1901 char *dataptr;
1902
1903 if (INT_MAX < num)
1904 num = INT_MAX;
1905
1906 if (num > 1)
1907 --num; /* test restartability even more thoroughly */
1908
1909 r = BIO_nwrite0(io1, &dataptr);
1910 assert(r > 0);
1911 if (r < (int)num)
1912 num = r;
1913 r = BIO_read(io2, dataptr, (int)num);
1914 if (r != (int)num) { /* can't happen */
1915 fprintf(stderr, "ERROR: BIO_read could not read "
1916 "BIO_ctrl_pending() bytes");
1917 goto err;
1918 }
1919 progress = 1;
1920 r = BIO_nwrite(io1, &dataptr, (int)num);
1921 if (r != (int)num) { /* can't happen */
1922 fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
1923 "BIO_nwrite0() bytes");
1924 goto err;
1925 }
1926
1927 if (debug)
1928 printf((io2 == client_io) ?
1929 "C->S relaying: %d bytes\n" :
1930 "S->C relaying: %d bytes\n", (int)num);
1931 }
1932 } /* no loop, BIO_ctrl_get_read_request now
1933 * returns 0 anyway */
1934
1935 if (!progress && !prev_progress)
1936 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
1937 fprintf(stderr, "ERROR: got stuck\n");
1938 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) {
1939 fprintf(stderr, "This can happen for SSL2 because "
1940 "CLIENT-FINISHED and SERVER-VERIFY are written \n"
1941 "concurrently ...");
1942 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
1943 && strncmp("2SSV", SSL_state_string(s_ssl),
1944 4) == 0) {
1945 fprintf(stderr, " ok.\n");
1946 goto end;
1947 }
1948 }
1949 fprintf(stderr, " ERROR.\n");
1950 goto err;
1951 }
1952 prev_progress = progress;
1953 }
1954 }
1955 while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
1956
1957 if (verbose)
1958 print_details(c_ssl, "DONE via BIO pair: ");
1959
1960 if (verify_serverinfo() < 0) {
1961 ret = 1;
1962 goto err;
1963 }
1964 if (verify_alpn(c_ssl, s_ssl) < 0) {
1965 ret = 1;
1966 goto err;
1967 }
1968
1969 if (custom_ext_error) {
1970 ret = 1;
1971 goto err;
1972 }
1973
1974 end:
1975 ret = 0;
1976
1977 err:
1978 ERR_print_errors(bio_err);
1979
1980 if (server)
1981 BIO_free(server);
1982 if (server_io)
1983 BIO_free(server_io);
1984 if (client)
1985 BIO_free(client);
1986 if (client_io)
1987 BIO_free(client_io);
1988 if (s_ssl_bio)
1989 BIO_free(s_ssl_bio);
1990 if (c_ssl_bio)
1991 BIO_free(c_ssl_bio);
1992
1993 return ret;
1994 }
1995
1996 #define W_READ 1
1997 #define W_WRITE 2
1998 #define C_DONE 1
1999 #define S_DONE 2
2000
doit(SSL * s_ssl,SSL * c_ssl,long count)2001 int doit(SSL *s_ssl, SSL *c_ssl, long count)
2002 {
2003 char *cbuf = NULL, *sbuf = NULL;
2004 long bufsiz;
2005 long cw_num = count, cr_num = count;
2006 long sw_num = count, sr_num = count;
2007 int ret = 1;
2008 BIO *c_to_s = NULL;
2009 BIO *s_to_c = NULL;
2010 BIO *c_bio = NULL;
2011 BIO *s_bio = NULL;
2012 int c_r, c_w, s_r, s_w;
2013 int i, j;
2014 int done = 0;
2015 int c_write, s_write;
2016 int do_server = 0, do_client = 0;
2017 int max_frag = 5 * 1024;
2018
2019 bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
2020
2021 if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
2022 goto err;
2023 if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
2024 goto err;
2025
2026 memset(cbuf, 0, bufsiz);
2027 memset(sbuf, 0, bufsiz);
2028
2029 c_to_s = BIO_new(BIO_s_mem());
2030 s_to_c = BIO_new(BIO_s_mem());
2031 if ((s_to_c == NULL) || (c_to_s == NULL)) {
2032 ERR_print_errors(bio_err);
2033 goto err;
2034 }
2035
2036 c_bio = BIO_new(BIO_f_ssl());
2037 s_bio = BIO_new(BIO_f_ssl());
2038 if ((c_bio == NULL) || (s_bio == NULL)) {
2039 ERR_print_errors(bio_err);
2040 goto err;
2041 }
2042
2043 SSL_set_connect_state(c_ssl);
2044 SSL_set_bio(c_ssl, s_to_c, c_to_s);
2045 SSL_set_max_send_fragment(c_ssl, max_frag);
2046 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
2047
2048 SSL_set_accept_state(s_ssl);
2049 SSL_set_bio(s_ssl, c_to_s, s_to_c);
2050 SSL_set_max_send_fragment(s_ssl, max_frag);
2051 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
2052
2053 c_r = 0;
2054 s_r = 1;
2055 c_w = 1;
2056 s_w = 0;
2057 c_write = 1, s_write = 0;
2058
2059 /* We can always do writes */
2060 for (;;) {
2061 do_server = 0;
2062 do_client = 0;
2063
2064 i = (int)BIO_pending(s_bio);
2065 if ((i && s_r) || s_w)
2066 do_server = 1;
2067
2068 i = (int)BIO_pending(c_bio);
2069 if ((i && c_r) || c_w)
2070 do_client = 1;
2071
2072 if (do_server && debug) {
2073 if (SSL_in_init(s_ssl))
2074 printf("server waiting in SSL_accept - %s\n",
2075 SSL_state_string_long(s_ssl));
2076 /*-
2077 else if (s_write)
2078 printf("server:SSL_write()\n");
2079 else
2080 printf("server:SSL_read()\n"); */
2081 }
2082
2083 if (do_client && debug) {
2084 if (SSL_in_init(c_ssl))
2085 printf("client waiting in SSL_connect - %s\n",
2086 SSL_state_string_long(c_ssl));
2087 /*-
2088 else if (c_write)
2089 printf("client:SSL_write()\n");
2090 else
2091 printf("client:SSL_read()\n"); */
2092 }
2093
2094 if (!do_client && !do_server) {
2095 fprintf(stdout, "ERROR IN STARTUP\n");
2096 ERR_print_errors(bio_err);
2097 goto err;
2098 }
2099 if (do_client && !(done & C_DONE)) {
2100 if (c_write) {
2101 j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
2102 i = BIO_write(c_bio, cbuf, j);
2103 if (i < 0) {
2104 c_r = 0;
2105 c_w = 0;
2106 if (BIO_should_retry(c_bio)) {
2107 if (BIO_should_read(c_bio))
2108 c_r = 1;
2109 if (BIO_should_write(c_bio))
2110 c_w = 1;
2111 } else {
2112 fprintf(stderr, "ERROR in CLIENT\n");
2113 ERR_print_errors(bio_err);
2114 goto err;
2115 }
2116 } else if (i == 0) {
2117 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2118 goto err;
2119 } else {
2120 if (debug)
2121 printf("client wrote %d\n", i);
2122 /* ok */
2123 s_r = 1;
2124 c_write = 0;
2125 cw_num -= i;
2126 if (max_frag > 1029)
2127 SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
2128 }
2129 } else {
2130 i = BIO_read(c_bio, cbuf, bufsiz);
2131 if (i < 0) {
2132 c_r = 0;
2133 c_w = 0;
2134 if (BIO_should_retry(c_bio)) {
2135 if (BIO_should_read(c_bio))
2136 c_r = 1;
2137 if (BIO_should_write(c_bio))
2138 c_w = 1;
2139 } else {
2140 fprintf(stderr, "ERROR in CLIENT\n");
2141 ERR_print_errors(bio_err);
2142 goto err;
2143 }
2144 } else if (i == 0) {
2145 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
2146 goto err;
2147 } else {
2148 if (debug)
2149 printf("client read %d\n", i);
2150 cr_num -= i;
2151 if (sw_num > 0) {
2152 s_write = 1;
2153 s_w = 1;
2154 }
2155 if (cr_num <= 0) {
2156 s_write = 1;
2157 s_w = 1;
2158 done = S_DONE | C_DONE;
2159 }
2160 }
2161 }
2162 }
2163
2164 if (do_server && !(done & S_DONE)) {
2165 if (!s_write) {
2166 i = BIO_read(s_bio, sbuf, bufsiz);
2167 if (i < 0) {
2168 s_r = 0;
2169 s_w = 0;
2170 if (BIO_should_retry(s_bio)) {
2171 if (BIO_should_read(s_bio))
2172 s_r = 1;
2173 if (BIO_should_write(s_bio))
2174 s_w = 1;
2175 } else {
2176 fprintf(stderr, "ERROR in SERVER\n");
2177 ERR_print_errors(bio_err);
2178 goto err;
2179 }
2180 } else if (i == 0) {
2181 ERR_print_errors(bio_err);
2182 fprintf(stderr,
2183 "SSL SERVER STARTUP FAILED in SSL_read\n");
2184 goto err;
2185 } else {
2186 if (debug)
2187 printf("server read %d\n", i);
2188 sr_num -= i;
2189 if (cw_num > 0) {
2190 c_write = 1;
2191 c_w = 1;
2192 }
2193 if (sr_num <= 0) {
2194 s_write = 1;
2195 s_w = 1;
2196 c_write = 0;
2197 }
2198 }
2199 } else {
2200 j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
2201 i = BIO_write(s_bio, sbuf, j);
2202 if (i < 0) {
2203 s_r = 0;
2204 s_w = 0;
2205 if (BIO_should_retry(s_bio)) {
2206 if (BIO_should_read(s_bio))
2207 s_r = 1;
2208 if (BIO_should_write(s_bio))
2209 s_w = 1;
2210 } else {
2211 fprintf(stderr, "ERROR in SERVER\n");
2212 ERR_print_errors(bio_err);
2213 goto err;
2214 }
2215 } else if (i == 0) {
2216 ERR_print_errors(bio_err);
2217 fprintf(stderr,
2218 "SSL SERVER STARTUP FAILED in SSL_write\n");
2219 goto err;
2220 } else {
2221 if (debug)
2222 printf("server wrote %d\n", i);
2223 sw_num -= i;
2224 s_write = 0;
2225 c_r = 1;
2226 if (sw_num <= 0)
2227 done |= S_DONE;
2228 if (max_frag > 1029)
2229 SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
2230 }
2231 }
2232 }
2233
2234 if ((done & S_DONE) && (done & C_DONE))
2235 break;
2236 }
2237
2238 if (verbose)
2239 print_details(c_ssl, "DONE: ");
2240 if (verify_serverinfo() < 0) {
2241 ret = 1;
2242 goto err;
2243 }
2244 if (custom_ext_error) {
2245 ret = 1;
2246 goto err;
2247 }
2248 ret = 0;
2249 err:
2250 /*
2251 * We have to set the BIO's to NULL otherwise they will be
2252 * OPENSSL_free()ed twice. Once when th s_ssl is SSL_free()ed and again
2253 * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
2254 * c_ssl are sharing the same BIO structure and SSL_set_bio() and
2255 * SSL_free() automatically BIO_free non NULL entries. You should not
2256 * normally do this or be required to do this
2257 */
2258 if (s_ssl != NULL) {
2259 s_ssl->rbio = NULL;
2260 s_ssl->wbio = NULL;
2261 }
2262 if (c_ssl != NULL) {
2263 c_ssl->rbio = NULL;
2264 c_ssl->wbio = NULL;
2265 }
2266
2267 if (c_to_s != NULL)
2268 BIO_free(c_to_s);
2269 if (s_to_c != NULL)
2270 BIO_free(s_to_c);
2271 if (c_bio != NULL)
2272 BIO_free_all(c_bio);
2273 if (s_bio != NULL)
2274 BIO_free_all(s_bio);
2275
2276 if (cbuf)
2277 OPENSSL_free(cbuf);
2278 if (sbuf)
2279 OPENSSL_free(sbuf);
2280
2281 return (ret);
2282 }
2283
get_proxy_auth_ex_data_idx(void)2284 static int get_proxy_auth_ex_data_idx(void)
2285 {
2286 static volatile int idx = -1;
2287 if (idx < 0) {
2288 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
2289 if (idx < 0) {
2290 idx = X509_STORE_CTX_get_ex_new_index(0,
2291 "SSLtest for verify callback",
2292 NULL, NULL, NULL);
2293 }
2294 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
2295 }
2296 return idx;
2297 }
2298
verify_callback(int ok,X509_STORE_CTX * ctx)2299 static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
2300 {
2301 char *s, buf[256];
2302
2303 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
2304 sizeof buf);
2305 if (s != NULL) {
2306 if (ok)
2307 fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
2308 else {
2309 fprintf(stderr, "depth=%d error=%d %s\n",
2310 ctx->error_depth, ctx->error, buf);
2311 }
2312 }
2313
2314 if (ok == 0) {
2315 fprintf(stderr, "Error string: %s\n",
2316 X509_verify_cert_error_string(ctx->error));
2317 switch (ctx->error) {
2318 case X509_V_ERR_CERT_NOT_YET_VALID:
2319 case X509_V_ERR_CERT_HAS_EXPIRED:
2320 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2321 fprintf(stderr, " ... ignored.\n");
2322 ok = 1;
2323 }
2324 }
2325
2326 if (ok == 1) {
2327 X509 *xs = ctx->current_cert;
2328 #if 0
2329 X509 *xi = ctx->current_issuer;
2330 #endif
2331
2332 if (xs->ex_flags & EXFLAG_PROXY) {
2333 unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
2334 get_proxy_auth_ex_data_idx
2335 ());
2336
2337 if (letters) {
2338 int found_any = 0;
2339 int i;
2340 PROXY_CERT_INFO_EXTENSION *pci =
2341 X509_get_ext_d2i(xs, NID_proxyCertInfo,
2342 NULL, NULL);
2343
2344 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
2345 case NID_Independent:
2346 /*
2347 * Completely meaningless in this program, as there's no
2348 * way to grant explicit rights to a specific PrC.
2349 * Basically, using id-ppl-Independent is the perfect way
2350 * to grant no rights at all.
2351 */
2352 fprintf(stderr, " Independent proxy certificate");
2353 for (i = 0; i < 26; i++)
2354 letters[i] = 0;
2355 break;
2356 case NID_id_ppl_inheritAll:
2357 /*
2358 * This is basically a NOP, we simply let the current
2359 * rights stand as they are.
2360 */
2361 fprintf(stderr, " Proxy certificate inherits all");
2362 break;
2363 default:
2364 s = (char *)
2365 pci->proxyPolicy->policy->data;
2366 i = pci->proxyPolicy->policy->length;
2367
2368 /*
2369 * The algorithm works as follows: it is assumed that
2370 * previous iterations or the initial granted rights has
2371 * already set some elements of `letters'. What we need
2372 * to do is to clear those that weren't granted by the
2373 * current PrC as well. The easiest way to do this is to
2374 * add 1 to all the elements whose letters are given with
2375 * the current policy. That way, all elements that are
2376 * set by the current policy and were already set by
2377 * earlier policies and through the original grant of
2378 * rights will get the value 2 or higher. The last thing
2379 * to do is to sweep through `letters' and keep the
2380 * elements having the value 2 as set, and clear all the
2381 * others.
2382 */
2383
2384 fprintf(stderr, " Certificate proxy rights = %*.*s", i,
2385 i, s);
2386 while (i-- > 0) {
2387 int c = *s++;
2388 if (isascii(c) && isalpha(c)) {
2389 if (islower(c))
2390 c = toupper(c);
2391 letters[c - 'A']++;
2392 }
2393 }
2394 for (i = 0; i < 26; i++)
2395 if (letters[i] < 2)
2396 letters[i] = 0;
2397 else
2398 letters[i] = 1;
2399 }
2400
2401 found_any = 0;
2402 fprintf(stderr, ", resulting proxy rights = ");
2403 for (i = 0; i < 26; i++)
2404 if (letters[i]) {
2405 fprintf(stderr, "%c", i + 'A');
2406 found_any = 1;
2407 }
2408 if (!found_any)
2409 fprintf(stderr, "none");
2410 fprintf(stderr, "\n");
2411
2412 PROXY_CERT_INFO_EXTENSION_free(pci);
2413 }
2414 }
2415 }
2416
2417 return (ok);
2418 }
2419
process_proxy_debug(int indent,const char * format,...)2420 static void process_proxy_debug(int indent, const char *format, ...)
2421 {
2422 /* That's 80 > */
2423 static const char indentation[] =
2424 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
2425 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
2426 char my_format[256];
2427 va_list args;
2428
2429 BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
2430 indent, indent, indentation, format);
2431
2432 va_start(args, format);
2433 vfprintf(stderr, my_format, args);
2434 va_end(args);
2435 }
2436
2437 /*-
2438 * Priority levels:
2439 * 0 [!]var, ()
2440 * 1 & ^
2441 * 2 |
2442 */
2443 static int process_proxy_cond_adders(unsigned int letters[26],
2444 const char *cond, const char **cond_end,
2445 int *pos, int indent);
process_proxy_cond_val(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)2446 static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
2447 const char **cond_end, int *pos, int indent)
2448 {
2449 int c;
2450 int ok = 1;
2451 int negate = 0;
2452
2453 while (isspace((int)*cond)) {
2454 cond++;
2455 (*pos)++;
2456 }
2457 c = *cond;
2458
2459 if (debug)
2460 process_proxy_debug(indent,
2461 "Start process_proxy_cond_val at position %d: %s\n",
2462 *pos, cond);
2463
2464 while (c == '!') {
2465 negate = !negate;
2466 cond++;
2467 (*pos)++;
2468 while (isspace((int)*cond)) {
2469 cond++;
2470 (*pos)++;
2471 }
2472 c = *cond;
2473 }
2474
2475 if (c == '(') {
2476 cond++;
2477 (*pos)++;
2478 ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
2479 indent + 1);
2480 cond = *cond_end;
2481 if (ok < 0)
2482 goto end;
2483 while (isspace((int)*cond)) {
2484 cond++;
2485 (*pos)++;
2486 }
2487 c = *cond;
2488 if (c != ')') {
2489 fprintf(stderr,
2490 "Weird condition character in position %d: "
2491 "%c\n", *pos, c);
2492 ok = -1;
2493 goto end;
2494 }
2495 cond++;
2496 (*pos)++;
2497 } else if (isascii(c) && isalpha(c)) {
2498 if (islower(c))
2499 c = toupper(c);
2500 ok = letters[c - 'A'];
2501 cond++;
2502 (*pos)++;
2503 } else {
2504 fprintf(stderr,
2505 "Weird condition character in position %d: " "%c\n", *pos, c);
2506 ok = -1;
2507 goto end;
2508 }
2509 end:
2510 *cond_end = cond;
2511 if (ok >= 0 && negate)
2512 ok = !ok;
2513
2514 if (debug)
2515 process_proxy_debug(indent,
2516 "End process_proxy_cond_val at position %d: %s, returning %d\n",
2517 *pos, cond, ok);
2518
2519 return ok;
2520 }
2521
process_proxy_cond_multipliers(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)2522 static int process_proxy_cond_multipliers(unsigned int letters[26],
2523 const char *cond,
2524 const char **cond_end, int *pos,
2525 int indent)
2526 {
2527 int ok;
2528 char c;
2529
2530 if (debug)
2531 process_proxy_debug(indent,
2532 "Start process_proxy_cond_multipliers at position %d: %s\n",
2533 *pos, cond);
2534
2535 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
2536 cond = *cond_end;
2537 if (ok < 0)
2538 goto end;
2539
2540 while (ok >= 0) {
2541 while (isspace((int)*cond)) {
2542 cond++;
2543 (*pos)++;
2544 }
2545 c = *cond;
2546
2547 switch (c) {
2548 case '&':
2549 case '^':
2550 {
2551 int save_ok = ok;
2552
2553 cond++;
2554 (*pos)++;
2555 ok = process_proxy_cond_val(letters,
2556 cond, cond_end, pos, indent + 1);
2557 cond = *cond_end;
2558 if (ok < 0)
2559 break;
2560
2561 switch (c) {
2562 case '&':
2563 ok &= save_ok;
2564 break;
2565 case '^':
2566 ok ^= save_ok;
2567 break;
2568 default:
2569 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2570 " STOPPING\n");
2571 EXIT(1);
2572 }
2573 }
2574 break;
2575 default:
2576 goto end;
2577 }
2578 }
2579 end:
2580 if (debug)
2581 process_proxy_debug(indent,
2582 "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
2583 *pos, cond, ok);
2584
2585 *cond_end = cond;
2586 return ok;
2587 }
2588
process_proxy_cond_adders(unsigned int letters[26],const char * cond,const char ** cond_end,int * pos,int indent)2589 static int process_proxy_cond_adders(unsigned int letters[26],
2590 const char *cond, const char **cond_end,
2591 int *pos, int indent)
2592 {
2593 int ok;
2594 char c;
2595
2596 if (debug)
2597 process_proxy_debug(indent,
2598 "Start process_proxy_cond_adders at position %d: %s\n",
2599 *pos, cond);
2600
2601 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
2602 indent + 1);
2603 cond = *cond_end;
2604 if (ok < 0)
2605 goto end;
2606
2607 while (ok >= 0) {
2608 while (isspace((int)*cond)) {
2609 cond++;
2610 (*pos)++;
2611 }
2612 c = *cond;
2613
2614 switch (c) {
2615 case '|':
2616 {
2617 int save_ok = ok;
2618
2619 cond++;
2620 (*pos)++;
2621 ok = process_proxy_cond_multipliers(letters,
2622 cond, cond_end, pos,
2623 indent + 1);
2624 cond = *cond_end;
2625 if (ok < 0)
2626 break;
2627
2628 switch (c) {
2629 case '|':
2630 ok |= save_ok;
2631 break;
2632 default:
2633 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
2634 " STOPPING\n");
2635 EXIT(1);
2636 }
2637 }
2638 break;
2639 default:
2640 goto end;
2641 }
2642 }
2643 end:
2644 if (debug)
2645 process_proxy_debug(indent,
2646 "End process_proxy_cond_adders at position %d: %s, returning %d\n",
2647 *pos, cond, ok);
2648
2649 *cond_end = cond;
2650 return ok;
2651 }
2652
process_proxy_cond(unsigned int letters[26],const char * cond,const char ** cond_end)2653 static int process_proxy_cond(unsigned int letters[26],
2654 const char *cond, const char **cond_end)
2655 {
2656 int pos = 1;
2657 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
2658 }
2659
app_verify_callback(X509_STORE_CTX * ctx,void * arg)2660 static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
2661 {
2662 int ok = 1;
2663 struct app_verify_arg *cb_arg = arg;
2664 unsigned int letters[26]; /* only used with proxy_auth */
2665
2666 if (cb_arg->app_verify) {
2667 char *s = NULL, buf[256];
2668
2669 fprintf(stderr, "In app_verify_callback, allowing cert. ");
2670 fprintf(stderr, "Arg is: %s\n", cb_arg->string);
2671 fprintf(stderr,
2672 "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
2673 (void *)ctx, (void *)ctx->cert);
2674 if (ctx->cert)
2675 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
2676 if (s != NULL) {
2677 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
2678 }
2679 return (1);
2680 }
2681 if (cb_arg->proxy_auth) {
2682 int found_any = 0, i;
2683 char *sp;
2684
2685 for (i = 0; i < 26; i++)
2686 letters[i] = 0;
2687 for (sp = cb_arg->proxy_auth; *sp; sp++) {
2688 int c = *sp;
2689 if (isascii(c) && isalpha(c)) {
2690 if (islower(c))
2691 c = toupper(c);
2692 letters[c - 'A'] = 1;
2693 }
2694 }
2695
2696 fprintf(stderr, " Initial proxy rights = ");
2697 for (i = 0; i < 26; i++)
2698 if (letters[i]) {
2699 fprintf(stderr, "%c", i + 'A');
2700 found_any = 1;
2701 }
2702 if (!found_any)
2703 fprintf(stderr, "none");
2704 fprintf(stderr, "\n");
2705
2706 X509_STORE_CTX_set_ex_data(ctx,
2707 get_proxy_auth_ex_data_idx(), letters);
2708 }
2709 if (cb_arg->allow_proxy_certs) {
2710 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
2711 }
2712 #ifndef OPENSSL_NO_X509_VERIFY
2713 ok = X509_verify_cert(ctx);
2714 #endif
2715
2716 if (cb_arg->proxy_auth) {
2717 if (ok > 0) {
2718 const char *cond_end = NULL;
2719
2720 ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
2721
2722 if (ok < 0)
2723 EXIT(3);
2724 if (*cond_end) {
2725 fprintf(stderr,
2726 "Stopped processing condition before it's end.\n");
2727 ok = 0;
2728 }
2729 if (!ok)
2730 fprintf(stderr,
2731 "Proxy rights check with condition '%s' proved invalid\n",
2732 cb_arg->proxy_cond);
2733 else
2734 fprintf(stderr,
2735 "Proxy rights check with condition '%s' proved valid\n",
2736 cb_arg->proxy_cond);
2737 }
2738 }
2739 return (ok);
2740 }
2741
2742 #ifndef OPENSSL_NO_RSA
2743 static RSA *rsa_tmp = NULL;
2744
tmp_rsa_cb(SSL * s,int is_export,int keylength)2745 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2746 {
2747 BIGNUM *bn = NULL;
2748 if (rsa_tmp == NULL) {
2749 bn = BN_new();
2750 rsa_tmp = RSA_new();
2751 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
2752 BIO_printf(bio_err, "Memory error...");
2753 goto end;
2754 }
2755 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength);
2756 (void)BIO_flush(bio_err);
2757 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2758 BIO_printf(bio_err, "Error generating key.");
2759 RSA_free(rsa_tmp);
2760 rsa_tmp = NULL;
2761 }
2762 end:
2763 BIO_printf(bio_err, "\n");
2764 (void)BIO_flush(bio_err);
2765 }
2766 if (bn)
2767 BN_free(bn);
2768 return (rsa_tmp);
2769 }
2770
free_tmp_rsa(void)2771 static void free_tmp_rsa(void)
2772 {
2773 if (rsa_tmp != NULL) {
2774 RSA_free(rsa_tmp);
2775 rsa_tmp = NULL;
2776 }
2777 }
2778 #endif
2779
2780 #ifndef OPENSSL_NO_DH
2781 /*-
2782 * These DH parameters have been generated as follows:
2783 * $ openssl dhparam -C -noout 512
2784 * $ openssl dhparam -C -noout 1024
2785 * $ openssl dhparam -C -noout -dsaparam 1024
2786 * (The third function has been renamed to avoid name conflicts.)
2787 */
get_dh512()2788 static DH *get_dh512()
2789 {
2790 static unsigned char dh512_p[] = {
2791 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
2792 0xC6,
2793 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
2794 0xB0,
2795 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
2796 0x5F,
2797 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
2798 0xB8,
2799 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
2800 0x33,
2801 0x02, 0xC5, 0xAE, 0x23,
2802 };
2803 static unsigned char dh512_g[] = {
2804 0x02,
2805 };
2806 DH *dh;
2807
2808 if ((dh = DH_new()) == NULL)
2809 return (NULL);
2810 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
2811 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
2812 if ((dh->p == NULL) || (dh->g == NULL)) {
2813 DH_free(dh);
2814 return (NULL);
2815 }
2816 return (dh);
2817 }
2818
get_dh1024()2819 static DH *get_dh1024()
2820 {
2821 static unsigned char dh1024_p[] = {
2822 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
2823 0x3A,
2824 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
2825 0xA2,
2826 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
2827 0xB0,
2828 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
2829 0xC2,
2830 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
2831 0x8C,
2832 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
2833 0xB8,
2834 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
2835 0x52,
2836 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
2837 0xC1,
2838 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
2839 0xB1,
2840 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
2841 0xAB,
2842 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
2843 };
2844 static unsigned char dh1024_g[] = {
2845 0x02,
2846 };
2847 DH *dh;
2848
2849 if ((dh = DH_new()) == NULL)
2850 return (NULL);
2851 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2852 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2853 if ((dh->p == NULL) || (dh->g == NULL)) {
2854 DH_free(dh);
2855 return (NULL);
2856 }
2857 return (dh);
2858 }
2859
get_dh1024dsa()2860 static DH *get_dh1024dsa()
2861 {
2862 static unsigned char dh1024_p[] = {
2863 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
2864 0x00,
2865 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
2866 0x19,
2867 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
2868 0xD2,
2869 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
2870 0x55,
2871 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
2872 0xFC,
2873 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
2874 0x97,
2875 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
2876 0x8D,
2877 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
2878 0xBB,
2879 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
2880 0xF6,
2881 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
2882 0x9E,
2883 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
2884 };
2885 static unsigned char dh1024_g[] = {
2886 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
2887 0x05,
2888 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
2889 0xF3,
2890 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
2891 0xE9,
2892 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
2893 0x3C,
2894 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
2895 0x65,
2896 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
2897 0x60,
2898 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
2899 0xF6,
2900 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
2901 0xA7,
2902 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
2903 0xA1,
2904 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
2905 0x60,
2906 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
2907 };
2908 DH *dh;
2909
2910 if ((dh = DH_new()) == NULL)
2911 return (NULL);
2912 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
2913 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
2914 if ((dh->p == NULL) || (dh->g == NULL)) {
2915 DH_free(dh);
2916 return (NULL);
2917 }
2918 dh->length = 160;
2919 return (dh);
2920 }
2921 #endif
2922
2923 #ifndef OPENSSL_NO_PSK
2924 /* convert the PSK key (psk_key) in ascii to binary (psk) */
psk_key2bn(const char * pskkey,unsigned char * psk,unsigned int max_psk_len)2925 static int psk_key2bn(const char *pskkey, unsigned char *psk,
2926 unsigned int max_psk_len)
2927 {
2928 int ret;
2929 BIGNUM *bn = NULL;
2930
2931 ret = BN_hex2bn(&bn, pskkey);
2932 if (!ret) {
2933 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
2934 pskkey);
2935 if (bn)
2936 BN_free(bn);
2937 return 0;
2938 }
2939 if (BN_num_bytes(bn) > (int)max_psk_len) {
2940 BIO_printf(bio_err,
2941 "psk buffer of callback is too small (%d) for key (%d)\n",
2942 max_psk_len, BN_num_bytes(bn));
2943 BN_free(bn);
2944 return 0;
2945 }
2946 ret = BN_bn2bin(bn, psk);
2947 BN_free(bn);
2948 return ret;
2949 }
2950
psk_client_callback(SSL * ssl,const char * hint,char * identity,unsigned int max_identity_len,unsigned char * psk,unsigned int max_psk_len)2951 static unsigned int psk_client_callback(SSL *ssl, const char *hint,
2952 char *identity,
2953 unsigned int max_identity_len,
2954 unsigned char *psk,
2955 unsigned int max_psk_len)
2956 {
2957 int ret;
2958 unsigned int psk_len = 0;
2959
2960 ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
2961 if (ret < 0)
2962 goto out_err;
2963 if (debug)
2964 fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
2965 ret);
2966 ret = psk_key2bn(psk_key, psk, max_psk_len);
2967 if (ret < 0)
2968 goto out_err;
2969 psk_len = ret;
2970 out_err:
2971 return psk_len;
2972 }
2973
psk_server_callback(SSL * ssl,const char * identity,unsigned char * psk,unsigned int max_psk_len)2974 static unsigned int psk_server_callback(SSL *ssl, const char *identity,
2975 unsigned char *psk,
2976 unsigned int max_psk_len)
2977 {
2978 unsigned int psk_len = 0;
2979
2980 if (strcmp(identity, "Client_identity") != 0) {
2981 BIO_printf(bio_err, "server: PSK error: client identity not found\n");
2982 return 0;
2983 }
2984 psk_len = psk_key2bn(psk_key, psk, max_psk_len);
2985 return psk_len;
2986 }
2987 #endif
2988
do_test_cipherlist(void)2989 static int do_test_cipherlist(void)
2990 {
2991 int i = 0;
2992 const SSL_METHOD *meth;
2993 const SSL_CIPHER *ci, *tci = NULL;
2994
2995 #ifndef OPENSSL_NO_SSL2
2996 fprintf(stderr, "testing SSLv2 cipher list order: ");
2997 meth = SSLv2_method();
2998 while ((ci = meth->get_cipher(i++)) != NULL) {
2999 if (tci != NULL)
3000 if (ci->id >= tci->id) {
3001 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3002 return 0;
3003 }
3004 tci = ci;
3005 }
3006 fprintf(stderr, "ok\n");
3007 #endif
3008 #ifndef OPENSSL_NO_SSL3
3009 fprintf(stderr, "testing SSLv3 cipher list order: ");
3010 meth = SSLv3_method();
3011 tci = NULL;
3012 while ((ci = meth->get_cipher(i++)) != NULL) {
3013 if (tci != NULL)
3014 if (ci->id >= tci->id) {
3015 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3016 return 0;
3017 }
3018 tci = ci;
3019 }
3020 fprintf(stderr, "ok\n");
3021 #endif
3022 #ifndef OPENSSL_NO_TLS1
3023 fprintf(stderr, "testing TLSv1 cipher list order: ");
3024 meth = TLSv1_method();
3025 tci = NULL;
3026 while ((ci = meth->get_cipher(i++)) != NULL) {
3027 if (tci != NULL)
3028 if (ci->id >= tci->id) {
3029 fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
3030 return 0;
3031 }
3032 tci = ci;
3033 }
3034 fprintf(stderr, "ok\n");
3035 #endif
3036
3037 return 1;
3038 }
3039