1 /* $OpenBSD: server.c,v 1.12 2023/02/01 14:39:09 tb Exp $ */
2 /*
3 * Copyright (c) 2018-2019 Alexander Bluhm <bluhm@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18 #include <sys/types.h>
19 #include <sys/socket.h>
20
21 #include <err.h>
22 #include <netdb.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <unistd.h>
27
28 #include <openssl/err.h>
29 #include <openssl/ssl.h>
30
31 #include "util.h"
32
33 void __dead usage(void);
34
35 void __dead
usage(void)36 usage(void)
37 {
38 fprintf(stderr, "usage: server [-Lsvv] [-C CA] [-c crt -k key] "
39 "[-l ciphers] [-p dhparam] [-V version] [host port]\n");
40 exit(2);
41 }
42
43 int
main(int argc,char * argv[])44 main(int argc, char *argv[])
45 {
46 const SSL_METHOD *method;
47 SSL_CTX *ctx;
48 SSL *ssl;
49 BIO *abio, *cbio;
50 SSL_SESSION *session;
51 int ch, error, listciphers = 0, sessionreuse = 0, verify = 0;
52 int version = 0;
53 char buf[256], *dhparam = NULL;
54 char *ca = NULL, *crt = NULL, *key = NULL, *ciphers = NULL;
55 char *host_port, *host = "127.0.0.1", *port = "0";
56
57 while ((ch = getopt(argc, argv, "C:c:k:Ll:p:sV:v")) != -1) {
58 switch (ch) {
59 case 'C':
60 ca = optarg;
61 break;
62 case 'c':
63 crt = optarg;
64 break;
65 case 'k':
66 key = optarg;
67 break;
68 case 'L':
69 listciphers = 1;
70 break;
71 case 'l':
72 ciphers = optarg;
73 break;
74 case 'p':
75 dhparam = optarg;
76 break;
77 case 's':
78 /* multiple reueses are possible */
79 sessionreuse++;
80 break;
81 case 'V':
82 if (strcmp(optarg, "TLS1") == 0) {
83 version = TLS1_VERSION;
84 } else if (strcmp(optarg, "TLS1_1") == 0) {
85 version = TLS1_1_VERSION;
86 } else if (strcmp(optarg, "TLS1_2") == 0) {
87 version = TLS1_2_VERSION;
88 } else if (strcmp(optarg, "TLS1_3") == 0) {
89 version = TLS1_3_VERSION;
90 } else {
91 errx(1, "unknown protocol version: %s", optarg);
92 }
93 break;
94 case 'v':
95 /* use twice to force client cert */
96 verify++;
97 break;
98 default:
99 usage();
100 }
101 }
102 argc -= optind;
103 argv += optind;
104 if (argc == 2) {
105 host = argv[0];
106 port = argv[1];
107 } else if (argc != 0 && !listciphers) {
108 usage();
109 }
110 if (asprintf(&host_port, strchr(host, ':') ? "[%s]:%s" : "%s:%s",
111 host, port) == -1)
112 err(1, "asprintf host port");
113 if ((crt == NULL && key != NULL) || (crt != NULL && key == NULL))
114 errx(1, "certificate and private key must be used together");
115 if (crt == NULL && asprintf(&crt, "%s.crt", host) == -1)
116 err(1, "asprintf crt");
117 if (key == NULL && asprintf(&key, "%s.key", host) == -1)
118 err(1, "asprintf key");
119
120 SSL_library_init();
121 SSL_load_error_strings();
122 print_version();
123
124 /* setup method and context */
125 #if OPENSSL_VERSION_NUMBER >= 0x1010000f
126 method = TLS_server_method();
127 if (method == NULL)
128 err_ssl(1, "TLS_server_method");
129 #else
130 switch (version) {
131 case TLS1_VERSION:
132 method = TLSv1_server_method();
133 break;
134 case TLS1_1_VERSION:
135 method = TLSv1_1_server_method();
136 break;
137 case TLS1_2_VERSION:
138 method = TLSv1_2_server_method();
139 break;
140 #ifdef TLS1_3_VERSION
141 case TLS1_3_VERSION:
142 err(1, "TLS1_3 not supported");
143 #endif
144 default:
145 method = SSLv23_server_method();
146 break;
147 }
148 if (method == NULL)
149 err_ssl(1, "SSLv23_server_method");
150 #endif
151 ctx = SSL_CTX_new(method);
152 if (ctx == NULL)
153 err_ssl(1, "SSL_CTX_new");
154
155 #if OPENSSL_VERSION_NUMBER >= 0x1010000f
156 if (version) {
157 if (SSL_CTX_set_min_proto_version(ctx, version) != 1)
158 err_ssl(1, "SSL_CTX_set_min_proto_version");
159 if (SSL_CTX_set_max_proto_version(ctx, version) != 1)
160 err_ssl(1, "SSL_CTX_set_max_proto_version");
161 }
162 #endif
163
164 #if OPENSSL_VERSION_NUMBER >= 0x10100000
165 /* needed to use DHE cipher with libressl */
166 if (SSL_CTX_set_dh_auto(ctx, 1) <= 0)
167 err_ssl(1, "SSL_CTX_set_dh_auto");
168 #endif
169 /* needed to use ADH, EDH, DHE cipher with openssl */
170 if (dhparam != NULL) {
171 DH *dh;
172 FILE *file;
173
174 file = fopen(dhparam, "r");
175 if (file == NULL)
176 err(1, "fopen %s", dhparam);
177 dh = PEM_read_DHparams(file, NULL, NULL, NULL);
178 if (dh == NULL)
179 err_ssl(1, "PEM_read_DHparams");
180 if (SSL_CTX_set_tmp_dh(ctx, dh) <= 0)
181 err_ssl(1, "SSL_CTX_set_tmp_dh");
182 fclose(file);
183 }
184
185 /* load server certificate */
186 if (SSL_CTX_use_certificate_file(ctx, crt, SSL_FILETYPE_PEM) <= 0)
187 err_ssl(1, "SSL_CTX_use_certificate_file");
188 if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) <= 0)
189 err_ssl(1, "SSL_CTX_use_PrivateKey_file");
190 if (SSL_CTX_check_private_key(ctx) <= 0)
191 err_ssl(1, "SSL_CTX_check_private_key");
192
193 /* request client certificate and verify it */
194 if (ca != NULL) {
195 STACK_OF(X509_NAME) *x509stack;
196
197 x509stack = SSL_load_client_CA_file(ca);
198 if (x509stack == NULL)
199 err_ssl(1, "SSL_load_client_CA_file");
200 SSL_CTX_set_client_CA_list(ctx, x509stack);
201 if (SSL_CTX_load_verify_locations(ctx, ca, NULL) <= 0)
202 err_ssl(1, "SSL_CTX_load_verify_locations");
203 }
204 SSL_CTX_set_verify(ctx,
205 verify == 0 ? SSL_VERIFY_NONE :
206 verify == 1 ? SSL_VERIFY_PEER :
207 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
208 verify_callback);
209
210 if (sessionreuse) {
211 uint32_t context;
212
213 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER);
214 context = arc4random();
215 if (SSL_CTX_set_session_id_context(ctx,
216 (unsigned char *)&context, sizeof(context)) <= 0)
217 err_ssl(1, "SSL_CTX_set_session_id_context");
218 }
219
220 if (ciphers) {
221 if (SSL_CTX_set_cipher_list(ctx, ciphers) <= 0)
222 err_ssl(1, "SSL_CTX_set_cipher_list");
223 }
224
225 if (listciphers) {
226 STACK_OF(SSL_CIPHER) *supported_ciphers;
227
228 ssl = SSL_new(ctx);
229 if (ssl == NULL)
230 err_ssl(1, "SSL_new");
231 supported_ciphers = SSL_get1_supported_ciphers(ssl);
232 if (supported_ciphers == NULL)
233 err_ssl(1, "SSL_get1_supported_ciphers");
234 print_ciphers(supported_ciphers);
235
236 sk_SSL_CIPHER_free(supported_ciphers);
237 return 0;
238 }
239
240 /* setup bio for socket operations */
241 abio = BIO_new_accept(host_port);
242 if (abio == NULL)
243 err_ssl(1, "BIO_new_accept");
244
245 /* bind, listen */
246 if (BIO_do_accept(abio) <= 0)
247 err_ssl(1, "BIO_do_accept setup");
248 printf("listen ");
249 print_sockname(abio);
250
251 /* fork to background and set timeout */
252 if (daemon(1, 1) == -1)
253 err(1, "daemon");
254 alarm(10);
255
256 do {
257 /* accept connection */
258 if (BIO_do_accept(abio) <= 0)
259 err_ssl(1, "BIO_do_accept wait");
260 cbio = BIO_pop(abio);
261 printf("accept ");
262 print_sockname(cbio);
263 printf("accept ");
264 print_peername(cbio);
265
266 /* do ssl server handshake */
267 ssl = SSL_new(ctx);
268 if (ssl == NULL)
269 err_ssl(1, "SSL_new");
270 SSL_set_bio(ssl, cbio, cbio);
271 if ((error = SSL_accept(ssl)) <= 0)
272 err_ssl(1, "SSL_accept %d", error);
273 printf("session %d: %s\n", sessionreuse,
274 SSL_session_reused(ssl) ? "reuse" : "new");
275 if (fflush(stdout) != 0)
276 err(1, "fflush stdout");
277
278
279 /* print session statistics */
280 session = SSL_get_session(ssl);
281 if (session == NULL)
282 err_ssl(1, "SSL_get_session");
283 if (SSL_SESSION_print_fp(stdout, session) <= 0)
284 err_ssl(1, "SSL_SESSION_print_fp");
285
286 /* write server greeting and read client hello over TLS */
287 strlcpy(buf, "greeting\n", sizeof(buf));
288 printf(">>> %s", buf);
289 if (fflush(stdout) != 0)
290 err(1, "fflush stdout");
291 if ((error = SSL_write(ssl, buf, 9)) <= 0)
292 err_ssl(1, "SSL_write %d", error);
293 if (error != 9)
294 errx(1, "write not 9 bytes greeting: %d", error);
295 if ((error = SSL_read(ssl, buf, 6)) <= 0)
296 err_ssl(1, "SSL_read %d", error);
297 if (error != 6)
298 errx(1, "read not 6 bytes hello: %d", error);
299 buf[6] = '\0';
300 printf("<<< %s", buf);
301 if (fflush(stdout) != 0)
302 err(1, "fflush stdout");
303
304 /* shutdown connection */
305 if ((error = SSL_shutdown(ssl)) < 0)
306 err_ssl(1, "SSL_shutdown unidirectional %d", error);
307 if (error <= 0) {
308 if ((error = SSL_shutdown(ssl)) <= 0)
309 err_ssl(1, "SSL_shutdown bidirectional %d",
310 error);
311 }
312
313 SSL_free(ssl);
314 } while (sessionreuse--);
315
316 SSL_CTX_free(ctx);
317
318 printf("success\n");
319
320 return 0;
321 }
322