1 /* $OpenBSD: s_client.c,v 1.67 2025/01/02 16:07:41 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2005 Nokia. All rights reserved. 113 * 114 * The portions of the attached software ("Contribution") is developed by 115 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 116 * license. 117 * 118 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 119 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 120 * support (see RFC 4279) to OpenSSL. 121 * 122 * No patent licenses or other rights except those expressly stated in 123 * the OpenSSL open source license shall be deemed granted or received 124 * expressly, by implication, estoppel, or otherwise. 125 * 126 * No assurances are provided by Nokia that the Contribution does not 127 * infringe the patent or other intellectual property rights of any third 128 * party or that the license provides you with all the necessary rights 129 * to make use of the Contribution. 130 * 131 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 132 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 133 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 134 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 135 * OTHERWISE. 136 */ 137 138 #include <sys/types.h> 139 #include <sys/socket.h> 140 141 #include <netinet/in.h> 142 143 #include <assert.h> 144 #include <ctype.h> 145 #include <limits.h> 146 #include <netdb.h> 147 #include <stdio.h> 148 #include <stdlib.h> 149 #include <string.h> 150 #include <unistd.h> 151 #include <poll.h> 152 153 #include "apps.h" 154 155 #include <openssl/bn.h> 156 #include <openssl/err.h> 157 #include <openssl/ocsp.h> 158 #include <openssl/pem.h> 159 #include <openssl/ssl.h> 160 #include <openssl/x509.h> 161 162 #define SSL_HOST_NAME "localhost" 163 164 #define BUFSIZZ 1024*8 165 166 static void sc_usage(void); 167 static void print_stuff(BIO *berr, SSL *con, int full); 168 static int ocsp_resp_cb(SSL *s, void *arg); 169 static int ssl_servername_cb(SSL *s, int *ad, void *arg); 170 171 enum { 172 PROTO_OFF = 0, 173 PROTO_SMTP, 174 PROTO_LMTP, 175 PROTO_POP3, 176 PROTO_IMAP, 177 PROTO_FTP, 178 PROTO_XMPP, 179 }; 180 181 /* This is a context that we pass to callbacks */ 182 typedef struct tlsextctx_st { 183 BIO *biodebug; 184 int ack; 185 } tlsextctx; 186 187 static struct { 188 int af; 189 char *alpn_in; 190 int bugs; 191 char *CAfile; 192 char *CApath; 193 char *cert_file; 194 int cert_format; 195 char *cipher; 196 unsigned int clr; 197 char *connect; 198 int crlf; 199 int debug; 200 int enable_timeouts; 201 const char *errstr; 202 char *groups_in; 203 char *host; 204 int ign_eof; 205 char *key_file; 206 int key_format; 207 char *keymatexportlabel; 208 int keymatexportlen; 209 uint16_t max_version; 210 uint16_t min_version; 211 const SSL_METHOD *meth; 212 int msg; 213 int nbio; 214 int nbio_test; 215 int no_servername; 216 char *npn_in; 217 unsigned int off; 218 char *passarg; 219 int peekaboo; 220 char *port; 221 int prexit; 222 char *proxy; 223 int quiet; 224 int reconnect; 225 char *servername; 226 char *sess_in; 227 char *sess_out; 228 int showcerts; 229 int socket_type; 230 long socket_mtu; 231 #ifndef OPENSSL_NO_SRTP 232 char *srtp_profiles; 233 #endif 234 int starttls_proto; 235 int state; 236 int status_req; 237 int tlsextdebug; 238 int verify; 239 X509_VERIFY_PARAM *vpm; 240 char *xmpphost; 241 } cfg; 242 243 static int 244 s_client_opt_keymatexportlen(char *arg) 245 { 246 cfg.keymatexportlen = strtonum(arg, 1, INT_MAX, 247 &cfg.errstr); 248 if (cfg.errstr != NULL) { 249 BIO_printf(bio_err, "invalid argument %s: %s\n", 250 arg, cfg.errstr); 251 return (1); 252 } 253 return (0); 254 } 255 256 #ifndef OPENSSL_NO_DTLS 257 static int 258 s_client_opt_mtu(char *arg) 259 { 260 cfg.socket_mtu = strtonum(arg, 0, LONG_MAX, 261 &cfg.errstr); 262 if (cfg.errstr != NULL) { 263 BIO_printf(bio_err, "invalid argument %s: %s\n", 264 arg, cfg.errstr); 265 return (1); 266 } 267 return (0); 268 } 269 #endif 270 271 static int 272 s_client_opt_port(char *arg) 273 { 274 if (*arg == '\0') 275 return (1); 276 277 cfg.port = arg; 278 return (0); 279 } 280 281 #ifndef OPENSSL_NO_DTLS 282 static int 283 s_client_opt_protocol_version_dtls(void) 284 { 285 cfg.meth = DTLS_client_method(); 286 cfg.socket_type = SOCK_DGRAM; 287 return (0); 288 } 289 #endif 290 291 #ifndef OPENSSL_NO_DTLS1_2 292 static int 293 s_client_opt_protocol_version_dtls1_2(void) 294 { 295 cfg.meth = DTLS_client_method(); 296 cfg.min_version = DTLS1_2_VERSION; 297 cfg.max_version = DTLS1_2_VERSION; 298 cfg.socket_type = SOCK_DGRAM; 299 return (0); 300 } 301 #endif 302 303 static int 304 s_client_opt_protocol_version_tls1_2(void) 305 { 306 cfg.min_version = TLS1_2_VERSION; 307 cfg.max_version = TLS1_2_VERSION; 308 return (0); 309 } 310 311 static int 312 s_client_opt_protocol_version_tls1_3(void) 313 { 314 cfg.min_version = TLS1_3_VERSION; 315 cfg.max_version = TLS1_3_VERSION; 316 return (0); 317 } 318 319 static int 320 s_client_opt_quiet(void) 321 { 322 cfg.quiet = 1; 323 cfg.ign_eof = 1; 324 return (0); 325 } 326 327 static int 328 s_client_opt_starttls(char *arg) 329 { 330 if (strcmp(arg, "smtp") == 0) 331 cfg.starttls_proto = PROTO_SMTP; 332 else if (strcmp(arg, "lmtp") == 0) 333 cfg.starttls_proto = PROTO_LMTP; 334 else if (strcmp(arg, "pop3") == 0) 335 cfg.starttls_proto = PROTO_POP3; 336 else if (strcmp(arg, "imap") == 0) 337 cfg.starttls_proto = PROTO_IMAP; 338 else if (strcmp(arg, "ftp") == 0) 339 cfg.starttls_proto = PROTO_FTP; 340 else if (strcmp(arg, "xmpp") == 0) 341 cfg.starttls_proto = PROTO_XMPP; 342 else 343 return (1); 344 return (0); 345 } 346 347 static int 348 s_client_opt_verify(char *arg) 349 { 350 cfg.verify = SSL_VERIFY_PEER; 351 352 verify_depth = strtonum(arg, 0, INT_MAX, &cfg.errstr); 353 if (cfg.errstr != NULL) { 354 BIO_printf(bio_err, "invalid argument %s: %s\n", 355 arg, cfg.errstr); 356 return (1); 357 } 358 BIO_printf(bio_err, "verify depth is %d\n", verify_depth); 359 return (0); 360 } 361 362 static int 363 s_client_opt_verify_param(int argc, char **argv, int *argsused) 364 { 365 char **pargs = argv; 366 int pargc = argc; 367 int badarg = 0; 368 369 if (!args_verify(&pargs, &pargc, &badarg, bio_err, 370 &cfg.vpm)) { 371 BIO_printf(bio_err, "unknown option %s\n", *argv); 372 return (1); 373 } 374 if (badarg) 375 return (1); 376 377 *argsused = argc - pargc; 378 return (0); 379 } 380 381 static const struct option s_client_options[] = { 382 { 383 .name = "4", 384 .desc = "Use IPv4 only", 385 .type = OPTION_VALUE, 386 .opt.value = &cfg.af, 387 .value = AF_INET, 388 }, 389 { 390 .name = "6", 391 .desc = "Use IPv6 only", 392 .type = OPTION_VALUE, 393 .opt.value = &cfg.af, 394 .value = AF_INET6, 395 }, 396 { 397 .name = "alpn", 398 .argname = "protocols", 399 .desc = "Set the advertised protocols for ALPN" 400 " (comma-separated list)", 401 .type = OPTION_ARG, 402 .opt.arg = &cfg.alpn_in, 403 }, 404 { 405 .name = "bugs", 406 .desc = "Enable various workarounds for buggy implementations", 407 .type = OPTION_FLAG, 408 .opt.flag = &cfg.bugs, 409 }, 410 { 411 .name = "CAfile", 412 .argname = "file", 413 .desc = "PEM format file of CA certificates", 414 .type = OPTION_ARG, 415 .opt.arg = &cfg.CAfile, 416 }, 417 { 418 .name = "CApath", 419 .argname = "directory", 420 .desc = "PEM format directory of CA certificates", 421 .type = OPTION_ARG, 422 .opt.arg = &cfg.CApath, 423 }, 424 { 425 .name = "cert", 426 .argname = "file", 427 .desc = "Certificate file to use, PEM format assumed", 428 .type = OPTION_ARG, 429 .opt.arg = &cfg.cert_file, 430 }, 431 { 432 .name = "certform", 433 .argname = "fmt", 434 .desc = "Certificate format (PEM or DER) PEM default", 435 .type = OPTION_ARG_FORMAT, 436 .opt.value = &cfg.cert_format, 437 }, 438 { 439 .name = "cipher", 440 .argname = "cipherlist", 441 .desc = "Preferred cipher to use (see 'openssl ciphers')", 442 .type = OPTION_ARG, 443 .opt.arg = &cfg.cipher, 444 }, 445 { 446 .name = "connect", 447 .argname = "host:port", 448 .desc = "Who to connect to (default is localhost:4433)", 449 .type = OPTION_ARG, 450 .opt.arg = &cfg.connect, 451 }, 452 { 453 .name = "crlf", 454 .desc = "Convert LF from terminal into CRLF", 455 .type = OPTION_FLAG, 456 .opt.flag = &cfg.crlf, 457 }, 458 { 459 .name = "debug", 460 .desc = "Print extensive debugging information", 461 .type = OPTION_FLAG, 462 .opt.flag = &cfg.debug, 463 }, 464 #ifndef OPENSSL_NO_DTLS 465 { 466 .name = "dtls", 467 .desc = "Use any version of DTLS", 468 .type = OPTION_FUNC, 469 .opt.func = s_client_opt_protocol_version_dtls, 470 }, 471 #endif 472 #ifndef OPENSSL_NO_DTLS1_2 473 { 474 .name = "dtls1_2", 475 .desc = "Just use DTLSv1.2", 476 .type = OPTION_FUNC, 477 .opt.func = s_client_opt_protocol_version_dtls1_2, 478 }, 479 #endif 480 { 481 .name = "groups", 482 .argname = "list", 483 .desc = "Specify EC groups (colon-separated list)", 484 .type = OPTION_ARG, 485 .opt.arg = &cfg.groups_in, 486 }, 487 { 488 .name = "host", 489 .argname = "host", 490 .desc = "Use -connect instead", 491 .type = OPTION_ARG, 492 .opt.arg = &cfg.host, 493 }, 494 { 495 .name = "ign_eof", 496 .desc = "Ignore input EOF (default when -quiet)", 497 .type = OPTION_VALUE, 498 .opt.value = &cfg.ign_eof, 499 .value = 1, 500 }, 501 { 502 .name = "key", 503 .argname = "file", 504 .desc = "Private key file to use, if not, -cert file is used", 505 .type = OPTION_ARG, 506 .opt.arg = &cfg.key_file, 507 }, 508 { 509 .name = "keyform", 510 .argname = "fmt", 511 .desc = "Key format (PEM or DER) PEM default", 512 .type = OPTION_ARG_FORMAT, 513 .opt.value = &cfg.key_format, 514 }, 515 { 516 .name = "keymatexport", 517 .argname = "label", 518 .desc = "Export keying material using label", 519 .type = OPTION_ARG, 520 .opt.arg = &cfg.keymatexportlabel, 521 }, 522 { 523 .name = "keymatexportlen", 524 .argname = "len", 525 .desc = "Export len bytes of keying material (default 20)", 526 .type = OPTION_ARG_FUNC, 527 .opt.argfunc = s_client_opt_keymatexportlen, 528 }, 529 { 530 .name = "legacy_renegotiation", 531 .type = OPTION_DISCARD, 532 }, 533 { 534 .name = "legacy_server_connect", 535 .desc = "Allow initial connection to servers that don't support RI", 536 .type = OPTION_VALUE_OR, 537 .opt.value = &cfg.off, 538 .value = SSL_OP_LEGACY_SERVER_CONNECT, 539 }, 540 { 541 .name = "msg", 542 .desc = "Show all protocol messages with hex dump", 543 .type = OPTION_FLAG, 544 .opt.flag = &cfg.msg, 545 }, 546 #ifndef OPENSSL_NO_DTLS 547 { 548 .name = "mtu", 549 .argname = "mtu", 550 .desc = "Set the link layer MTU on DTLS connections", 551 .type = OPTION_ARG_FUNC, 552 .opt.argfunc = s_client_opt_mtu, 553 }, 554 #endif 555 { 556 .name = "nbio", 557 .desc = "Turn on non-blocking I/O", 558 .type = OPTION_FLAG, 559 .opt.flag = &cfg.nbio, 560 }, 561 { 562 .name = "nbio_test", 563 .desc = "Test non-blocking I/O", 564 .type = OPTION_FLAG, 565 .opt.flag = &cfg.nbio_test, 566 }, 567 { 568 .name = "nextprotoneg", 569 .argname = "protocols", 570 .type = OPTION_ARG, 571 .opt.arg = &cfg.npn_in, /* Ignored. */ 572 }, 573 { 574 .name = "no_comp", 575 .type = OPTION_VALUE_OR, 576 .opt.value = &cfg.off, 577 .value = SSL_OP_NO_COMPRESSION, 578 }, 579 { 580 .name = "no_ign_eof", 581 .desc = "Don't ignore input EOF", 582 .type = OPTION_VALUE, 583 .opt.value = &cfg.ign_eof, 584 .value = 0, 585 }, 586 { 587 .name = "no_legacy_server_connect", 588 .desc = "Disallow initial connection to servers that don't support RI", 589 .type = OPTION_VALUE_OR, 590 .opt.value = &cfg.clr, 591 .value = SSL_OP_LEGACY_SERVER_CONNECT, 592 }, 593 { 594 .name = "no_servername", 595 .desc = "Do not send a Server Name Indication (SNI) extension", 596 .type = OPTION_FLAG, 597 .opt.value = &cfg.no_servername, 598 }, 599 { 600 .name = "no_ssl2", 601 .type = OPTION_VALUE_OR, 602 .opt.value = &cfg.off, 603 .value = SSL_OP_NO_SSLv2, 604 }, 605 { 606 .name = "no_ssl3", 607 .type = OPTION_VALUE_OR, 608 .opt.value = &cfg.off, 609 .value = SSL_OP_NO_SSLv3, 610 }, 611 { 612 .name = "no_ticket", 613 .desc = "Disable use of RFC4507 session ticket support", 614 .type = OPTION_VALUE_OR, 615 .opt.value = &cfg.off, 616 .value = SSL_OP_NO_TICKET, 617 }, 618 { 619 .name = "no_tls1", 620 .type = OPTION_DISCARD, 621 }, 622 { 623 .name = "no_tls1_1", 624 .type = OPTION_DISCARD, 625 }, 626 { 627 .name = "no_tls1_2", 628 .desc = "Disable the use of TLSv1.2", 629 .type = OPTION_VALUE_OR, 630 .opt.value = &cfg.off, 631 .value = SSL_OP_NO_TLSv1_2, 632 }, 633 { 634 .name = "no_tls1_3", 635 .desc = "Disable the use of TLSv1.3", 636 .type = OPTION_VALUE_OR, 637 .opt.value = &cfg.off, 638 .value = SSL_OP_NO_TLSv1_3, 639 }, 640 { 641 .name = "noservername", 642 .type = OPTION_FLAG, 643 .opt.value = &cfg.no_servername, 644 }, 645 { 646 .name = "pass", 647 .argname = "arg", 648 .desc = "Private key file pass phrase source", 649 .type = OPTION_ARG, 650 .opt.arg = &cfg.passarg, 651 }, 652 { 653 .name = "pause", 654 .type = OPTION_DISCARD, 655 }, 656 { 657 .name = "peekaboo", 658 .type = OPTION_FLAG, 659 .opt.flag = &cfg.peekaboo, 660 }, 661 { 662 .name = "port", 663 .argname = "port", 664 .desc = "Use -connect instead", 665 .type = OPTION_ARG_FUNC, 666 .opt.argfunc = s_client_opt_port, 667 }, 668 { 669 .name = "prexit", 670 .desc = "Print session information when the program exits", 671 .type = OPTION_FLAG, 672 .opt.flag = &cfg.prexit, 673 }, 674 { 675 .name = "proxy", 676 .argname = "host:port", 677 .desc = "Connect to http proxy", 678 .type = OPTION_ARG, 679 .opt.arg = &cfg.proxy, 680 }, 681 { 682 .name = "quiet", 683 .desc = "Inhibit printing of session and certificate info", 684 .type = OPTION_FUNC, 685 .opt.func = s_client_opt_quiet, 686 }, 687 { 688 .name = "reconnect", 689 .desc = "Drop and re-make the connection with the same Session-ID", 690 .type = OPTION_VALUE, 691 .opt.value = &cfg.reconnect, 692 .value = 5, 693 }, 694 { 695 .name = "servername", 696 .argname = "name", 697 .desc = "Set TLS extension servername in ClientHello (SNI)", 698 .type = OPTION_ARG, 699 .opt.arg = &cfg.servername, 700 }, 701 { 702 .name = "serverpref", 703 .desc = "Use server's cipher preferences", 704 .type = OPTION_VALUE_OR, 705 .opt.value = &cfg.off, 706 .value = SSL_OP_CIPHER_SERVER_PREFERENCE, 707 }, 708 { 709 .name = "sess_in", 710 .argname = "file", 711 .desc = "File to read TLS session from", 712 .type = OPTION_ARG, 713 .opt.arg = &cfg.sess_in, 714 }, 715 { 716 .name = "sess_out", 717 .argname = "file", 718 .desc = "File to write TLS session to", 719 .type = OPTION_ARG, 720 .opt.arg = &cfg.sess_out, 721 }, 722 { 723 .name = "showcerts", 724 .desc = "Show all server certificates in the chain", 725 .type = OPTION_FLAG, 726 .opt.flag = &cfg.showcerts, 727 }, 728 { 729 .name = "starttls", 730 .argname = "protocol", 731 .desc = "Use the STARTTLS command before starting TLS,\n" 732 "smtp, lmtp, pop3, imap, ftp and xmpp are supported.", 733 .type = OPTION_ARG_FUNC, 734 .opt.argfunc = s_client_opt_starttls, 735 }, 736 { 737 .name = "state", 738 .desc = "Print the TLS session states", 739 .type = OPTION_FLAG, 740 .opt.flag = &cfg.state, 741 }, 742 { 743 .name = "status", 744 .desc = "Send a certificate status request to the server (OCSP)", 745 .type = OPTION_FLAG, 746 .opt.flag = &cfg.status_req, 747 }, 748 #ifndef OPENSSL_NO_DTLS 749 { 750 .name = "timeout", 751 .desc = "Enable send/receive timeout on DTLS connections", 752 .type = OPTION_FLAG, 753 .opt.flag = &cfg.enable_timeouts, 754 }, 755 #endif 756 { 757 .name = "tls1_2", 758 .desc = "Just use TLSv1.2", 759 .type = OPTION_FUNC, 760 .opt.func = s_client_opt_protocol_version_tls1_2, 761 }, 762 { 763 .name = "tls1_3", 764 .desc = "Just use TLSv1.3", 765 .type = OPTION_FUNC, 766 .opt.func = s_client_opt_protocol_version_tls1_3, 767 }, 768 { 769 .name = "tlsextdebug", 770 .desc = "Hex dump of all TLS extensions received", 771 .type = OPTION_FLAG, 772 .opt.flag = &cfg.tlsextdebug, 773 }, 774 #ifndef OPENSSL_NO_SRTP 775 { 776 .name = "use_srtp", 777 .argname = "profiles", 778 .desc = "Offer SRTP key management with a colon-separated profiles", 779 .type = OPTION_ARG, 780 .opt.arg = &cfg.srtp_profiles, 781 }, 782 #endif 783 { 784 .name = "verify", 785 .argname = "depth", 786 .desc = "Turn on peer certificate verification, with a max of depth", 787 .type = OPTION_ARG_FUNC, 788 .opt.argfunc = s_client_opt_verify, 789 }, 790 { 791 .name = "verify_return_error", 792 .desc = "Return verification error", 793 .type = OPTION_FLAG, 794 .opt.flag = &verify_return_error, 795 }, 796 { 797 .name = "xmpphost", 798 .argname = "host", 799 .desc = "Connect to this virtual host on the xmpp server", 800 .type = OPTION_ARG, 801 .opt.arg = &cfg.xmpphost, 802 }, 803 { 804 .name = NULL, 805 .desc = "", 806 .type = OPTION_ARGV_FUNC, 807 .opt.argvfunc = s_client_opt_verify_param, 808 }, 809 { NULL }, 810 }; 811 812 static void 813 sc_usage(void) 814 { 815 fprintf(stderr, "usage: s_client " 816 "[-4 | -6] [-alpn protocols] [-bugs] [-CAfile file]\n" 817 " [-CApath directory] [-cert file] [-certform der | pem] [-check_ss_sig]\n" 818 " [-cipher cipherlist] [-connect host[:port]] [-crl_check]\n" 819 " [-crl_check_all] [-crlf] [-debug] [-dtls] [-dtls1_2] [-extended_crl]\n" 820 " [-groups list] [-host host] [-ign_eof] [-ignore_critical]\n" 821 " [-issuer_checks] [-key keyfile] [-keyform der | pem]\n" 822 " [-keymatexport label] [-keymatexportlen len] [-legacy_server_connect]\n" 823 " [-msg] [-mtu mtu] [-nbio] [-nbio_test] [-no_comp] [-no_ign_eof]\n" 824 " [-no_legacy_server_connect] [-no_ticket] \n" 825 " [-no_tls1_2] [-no_tls1_3] [-pass arg] [-policy_check]\n" 826 " [-port port] [-prexit] [-proxy host:port] [-quiet] [-reconnect]\n" 827 " [-servername name] [-serverpref] [-sess_in file] [-sess_out file]\n" 828 " [-showcerts] [-starttls protocol] [-state] [-status] [-timeout]\n" 829 " [-tls1_2] [-tls1_3] [-tlsextdebug]\n" 830 " [-use_srtp profiles] [-verify depth] [-verify_return_error]\n" 831 " [-x509_strict] [-xmpphost host]\n"); 832 fprintf(stderr, "\n"); 833 options_usage(s_client_options); 834 fprintf(stderr, "\n"); 835 } 836 837 int 838 s_client_main(int argc, char **argv) 839 { 840 SSL *con = NULL; 841 int s, k, p = 0, pending = 0; 842 char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL, *pbuf = NULL; 843 int cbuf_len, cbuf_off; 844 int sbuf_len, sbuf_off; 845 int full_log = 1; 846 const char *servername; 847 char *pass = NULL; 848 X509 *cert = NULL; 849 EVP_PKEY *key = NULL; 850 int badop = 0; 851 int write_tty, read_tty, write_ssl, read_ssl, tty_on, ssl_pending; 852 SSL_CTX *ctx = NULL; 853 int ret = 1, in_init = 1, i; 854 BIO *bio_c_out = NULL; 855 BIO *sbio; 856 int mbuf_len = 0; 857 struct timeval timeout; 858 tlsextctx tlsextcbp = {NULL, 0}; 859 struct sockaddr_storage peer; 860 int peerlen = sizeof(peer); 861 862 if (pledge("stdio cpath wpath rpath inet dns tty", NULL) == -1) { 863 perror("pledge"); 864 exit(1); 865 } 866 867 memset(&cfg, 0, sizeof(cfg)); 868 cfg.af = AF_UNSPEC; 869 cfg.cert_format = FORMAT_PEM; 870 cfg.host = SSL_HOST_NAME; 871 cfg.key_format = FORMAT_PEM; 872 cfg.keymatexportlen = 20; 873 cfg.meth = TLS_client_method(); 874 cfg.port = PORT_STR; 875 cfg.socket_type = SOCK_STREAM; 876 cfg.starttls_proto = PROTO_OFF; 877 cfg.verify = SSL_VERIFY_NONE; 878 879 if (((cbuf = malloc(BUFSIZZ)) == NULL) || 880 ((sbuf = malloc(BUFSIZZ)) == NULL) || 881 ((pbuf = malloc(BUFSIZZ)) == NULL) || 882 ((mbuf = malloc(BUFSIZZ + 1)) == NULL)) { /* NUL byte */ 883 BIO_printf(bio_err, "out of memory\n"); 884 goto end; 885 } 886 verify_depth = 0; 887 888 if (options_parse(argc, argv, s_client_options, NULL, NULL) != 0) { 889 badop = 1; 890 goto bad; 891 } 892 if (cfg.proxy != NULL) { 893 if (!extract_host_port(cfg.proxy, 894 &cfg.host, NULL, &cfg.port)) 895 goto bad; 896 if (cfg.connect == NULL) 897 cfg.connect = SSL_HOST_NAME; 898 } else if (cfg.connect != NULL) { 899 if (!extract_host_port(cfg.connect, 900 &cfg.host, NULL, &cfg.port)) 901 goto bad; 902 } 903 if (badop) { 904 bad: 905 if (cfg.errstr == NULL) 906 sc_usage(); 907 goto end; 908 } 909 910 if (!app_passwd(bio_err, cfg.passarg, NULL, &pass, NULL)) { 911 BIO_printf(bio_err, "Error getting password\n"); 912 goto end; 913 } 914 if (cfg.key_file == NULL) 915 cfg.key_file = cfg.cert_file; 916 917 918 if (cfg.key_file) { 919 920 key = load_key(bio_err, cfg.key_file, 921 cfg.key_format, 0, pass, 922 "client certificate private key file"); 923 if (!key) { 924 ERR_print_errors(bio_err); 925 goto end; 926 } 927 } 928 if (cfg.cert_file) { 929 cert = load_cert(bio_err, cfg.cert_file, 930 cfg.cert_format, 931 NULL, "client certificate file"); 932 933 if (!cert) { 934 ERR_print_errors(bio_err); 935 goto end; 936 } 937 } 938 if (cfg.quiet && !cfg.debug && 939 !cfg.msg) { 940 if ((bio_c_out = BIO_new(BIO_s_null())) == NULL) 941 goto end; 942 } else { 943 if ((bio_c_out = BIO_new_fp(stdout, BIO_NOCLOSE)) == NULL) 944 goto end; 945 } 946 947 ctx = SSL_CTX_new(cfg.meth); 948 if (ctx == NULL) { 949 ERR_print_errors(bio_err); 950 goto end; 951 } 952 953 SSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY); 954 955 if (cfg.vpm) 956 SSL_CTX_set1_param(ctx, cfg.vpm); 957 958 if (!SSL_CTX_set_min_proto_version(ctx, cfg.min_version)) 959 goto end; 960 if (!SSL_CTX_set_max_proto_version(ctx, cfg.max_version)) 961 goto end; 962 963 #ifndef OPENSSL_NO_SRTP 964 if (cfg.srtp_profiles != NULL) 965 SSL_CTX_set_tlsext_use_srtp(ctx, cfg.srtp_profiles); 966 #endif 967 if (cfg.bugs) 968 SSL_CTX_set_options(ctx, SSL_OP_ALL | cfg.off); 969 else 970 SSL_CTX_set_options(ctx, cfg.off); 971 972 if (cfg.clr) 973 SSL_CTX_clear_options(ctx, cfg.clr); 974 975 if (cfg.alpn_in) { 976 unsigned short alpn_len; 977 unsigned char *alpn; 978 979 alpn = next_protos_parse(&alpn_len, cfg.alpn_in); 980 if (alpn == NULL) { 981 BIO_printf(bio_err, "Error parsing -alpn argument\n"); 982 goto end; 983 } 984 SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); 985 free(alpn); 986 } 987 if (cfg.groups_in != NULL) { 988 if (SSL_CTX_set1_groups_list(ctx, cfg.groups_in) != 1) { 989 BIO_printf(bio_err, "Failed to set groups '%s'\n", 990 cfg.groups_in); 991 goto end; 992 } 993 } 994 995 if (cfg.state) 996 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback); 997 if (cfg.cipher != NULL) 998 if (!SSL_CTX_set_cipher_list(ctx, cfg.cipher)) { 999 BIO_printf(bio_err, "error setting cipher list\n"); 1000 ERR_print_errors(bio_err); 1001 goto end; 1002 } 1003 1004 SSL_CTX_set_verify(ctx, cfg.verify, verify_callback); 1005 if (!set_cert_key_stuff(ctx, cert, key)) 1006 goto end; 1007 1008 if ((cfg.CAfile || cfg.CApath) 1009 && !SSL_CTX_load_verify_locations(ctx, cfg.CAfile, 1010 cfg.CApath)) 1011 ERR_print_errors(bio_err); 1012 1013 if (!SSL_CTX_set_default_verify_paths(ctx)) 1014 ERR_print_errors(bio_err); 1015 1016 con = SSL_new(ctx); 1017 if (cfg.sess_in) { 1018 SSL_SESSION *sess; 1019 BIO *stmp = BIO_new_file(cfg.sess_in, "r"); 1020 if (!stmp) { 1021 BIO_printf(bio_err, "Can't open session file %s\n", 1022 cfg.sess_in); 1023 ERR_print_errors(bio_err); 1024 goto end; 1025 } 1026 sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL); 1027 BIO_free(stmp); 1028 if (!sess) { 1029 BIO_printf(bio_err, "Can't open session file %s\n", 1030 cfg.sess_in); 1031 ERR_print_errors(bio_err); 1032 goto end; 1033 } 1034 SSL_set_session(con, sess); 1035 SSL_SESSION_free(sess); 1036 } 1037 1038 /* Attempt to opportunistically use the host name for SNI. */ 1039 servername = cfg.servername; 1040 if (servername == NULL) 1041 servername = cfg.host; 1042 1043 if (!cfg.no_servername && servername != NULL && 1044 !SSL_set_tlsext_host_name(con, servername)) { 1045 long ssl_err = ERR_peek_error(); 1046 1047 if (cfg.servername != NULL || 1048 ERR_GET_LIB(ssl_err) != ERR_LIB_SSL || 1049 ERR_GET_REASON(ssl_err) != SSL_R_SSL3_EXT_INVALID_SERVERNAME) { 1050 BIO_printf(bio_err, 1051 "Unable to set TLS servername extension.\n"); 1052 ERR_print_errors(bio_err); 1053 goto end; 1054 } 1055 servername = NULL; 1056 ERR_clear_error(); 1057 } 1058 if (!cfg.no_servername && servername != NULL) { 1059 tlsextcbp.biodebug = bio_err; 1060 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1061 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1062 } 1063 1064 re_start: 1065 1066 if (init_client(&s, cfg.host, cfg.port, 1067 cfg.socket_type, cfg.af) == 0) { 1068 BIO_printf(bio_err, "connect:errno=%d\n", errno); 1069 goto end; 1070 } 1071 BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s); 1072 1073 if (cfg.nbio) { 1074 if (!cfg.quiet) 1075 BIO_printf(bio_c_out, "turning on non blocking io\n"); 1076 if (!BIO_socket_nbio(s, 1)) { 1077 ERR_print_errors(bio_err); 1078 goto end; 1079 } 1080 } 1081 1082 if (SSL_is_dtls(con)) { 1083 sbio = BIO_new_dgram(s, BIO_NOCLOSE); 1084 if (getsockname(s, (struct sockaddr *)&peer, 1085 (void *)&peerlen) == -1) { 1086 BIO_printf(bio_err, "getsockname:errno=%d\n", 1087 errno); 1088 shutdown(s, SHUT_RD); 1089 close(s); 1090 goto end; 1091 } 1092 (void) BIO_ctrl_set_connected(sbio, 1, &peer); 1093 1094 if (cfg.enable_timeouts) { 1095 timeout.tv_sec = 0; 1096 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1097 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, 1098 &timeout); 1099 1100 timeout.tv_sec = 0; 1101 timeout.tv_usec = DGRAM_SND_TIMEOUT; 1102 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, 1103 &timeout); 1104 } 1105 if (cfg.socket_mtu > 28) { 1106 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 1107 SSL_set_mtu(con, cfg.socket_mtu - 28); 1108 } else 1109 /* want to do MTU discovery */ 1110 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 1111 } else 1112 sbio = BIO_new_socket(s, BIO_NOCLOSE); 1113 1114 if (cfg.nbio_test) { 1115 BIO *test; 1116 1117 test = BIO_new(BIO_f_nbio_test()); 1118 sbio = BIO_push(test, sbio); 1119 } 1120 if (cfg.debug) { 1121 BIO_set_callback(sbio, bio_dump_callback); 1122 BIO_set_callback_arg(sbio, (char *) bio_c_out); 1123 } 1124 if (cfg.msg) { 1125 SSL_set_msg_callback(con, msg_cb); 1126 SSL_set_msg_callback_arg(con, bio_c_out); 1127 } 1128 if (cfg.tlsextdebug) { 1129 SSL_set_tlsext_debug_callback(con, tlsext_cb); 1130 SSL_set_tlsext_debug_arg(con, bio_c_out); 1131 } 1132 if (cfg.status_req) { 1133 SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); 1134 SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); 1135 SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); 1136 } 1137 1138 SSL_set_bio(con, sbio, sbio); 1139 SSL_set_connect_state(con); 1140 1141 /* ok, lets connect */ 1142 read_tty = 1; 1143 write_tty = 0; 1144 tty_on = 0; 1145 read_ssl = 1; 1146 write_ssl = 1; 1147 1148 cbuf_len = 0; 1149 cbuf_off = 0; 1150 sbuf_len = 0; 1151 sbuf_off = 0; 1152 1153 /* This is an ugly hack that does a lot of assumptions */ 1154 /* 1155 * We do have to handle multi-line responses which may come in a 1156 * single packet or not. We therefore have to use BIO_gets() which 1157 * does need a buffering BIO. So during the initial chitchat we do 1158 * push a buffering BIO into the chain that is removed again later on 1159 * to not disturb the rest of the s_client operation. 1160 */ 1161 if (cfg.starttls_proto == PROTO_SMTP || 1162 cfg.starttls_proto == PROTO_LMTP) { 1163 int foundit = 0; 1164 BIO *fbio = BIO_new(BIO_f_buffer()); 1165 BIO_push(fbio, sbio); 1166 /* wait for multi-line response to end from SMTP */ 1167 do { 1168 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1169 } 1170 while (mbuf_len > 3 && mbuf[3] == '-'); 1171 /* STARTTLS command requires EHLO... */ 1172 BIO_printf(fbio, "%cHLO openssl.client.net\r\n", 1173 cfg.starttls_proto == PROTO_SMTP ? 'E' : 'L'); 1174 (void) BIO_flush(fbio); 1175 /* wait for multi-line response to end EHLO SMTP response */ 1176 do { 1177 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1178 if (strstr(mbuf, "STARTTLS")) 1179 foundit = 1; 1180 } 1181 while (mbuf_len > 3 && mbuf[3] == '-'); 1182 (void) BIO_flush(fbio); 1183 BIO_pop(fbio); 1184 BIO_free(fbio); 1185 if (!foundit) 1186 BIO_printf(bio_err, 1187 "didn't find starttls in server response," 1188 " try anyway...\n"); 1189 BIO_printf(sbio, "STARTTLS\r\n"); 1190 BIO_read(sbio, sbuf, BUFSIZZ); 1191 } else if (cfg.starttls_proto == PROTO_POP3) { 1192 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); 1193 if (mbuf_len == -1) { 1194 BIO_printf(bio_err, "BIO_read failed\n"); 1195 goto end; 1196 } 1197 BIO_printf(sbio, "STLS\r\n"); 1198 BIO_read(sbio, sbuf, BUFSIZZ); 1199 } else if (cfg.starttls_proto == PROTO_IMAP) { 1200 int foundit = 0; 1201 BIO *fbio = BIO_new(BIO_f_buffer()); 1202 BIO_push(fbio, sbio); 1203 BIO_gets(fbio, mbuf, BUFSIZZ); 1204 /* STARTTLS command requires CAPABILITY... */ 1205 BIO_printf(fbio, ". CAPABILITY\r\n"); 1206 (void) BIO_flush(fbio); 1207 /* wait for multi-line CAPABILITY response */ 1208 do { 1209 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1210 if (strstr(mbuf, "STARTTLS")) 1211 foundit = 1; 1212 } 1213 while (mbuf_len > 3 && mbuf[0] != '.'); 1214 (void) BIO_flush(fbio); 1215 BIO_pop(fbio); 1216 BIO_free(fbio); 1217 if (!foundit) 1218 BIO_printf(bio_err, 1219 "didn't find STARTTLS in server response," 1220 " try anyway...\n"); 1221 BIO_printf(sbio, ". STARTTLS\r\n"); 1222 BIO_read(sbio, sbuf, BUFSIZZ); 1223 } else if (cfg.starttls_proto == PROTO_FTP) { 1224 BIO *fbio = BIO_new(BIO_f_buffer()); 1225 BIO_push(fbio, sbio); 1226 /* wait for multi-line response to end from FTP */ 1227 do { 1228 mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ); 1229 } 1230 while (mbuf_len > 3 && mbuf[3] == '-'); 1231 (void) BIO_flush(fbio); 1232 BIO_pop(fbio); 1233 BIO_free(fbio); 1234 BIO_printf(sbio, "AUTH TLS\r\n"); 1235 BIO_read(sbio, sbuf, BUFSIZZ); 1236 } else if (cfg.starttls_proto == PROTO_XMPP) { 1237 int seen = 0; 1238 BIO_printf(sbio, "<stream:stream " 1239 "xmlns:stream='http://etherx.jabber.org/streams' " 1240 "xmlns='jabber:client' to='%s' version='1.0'>", 1241 cfg.xmpphost ? 1242 cfg.xmpphost : cfg.host); 1243 seen = BIO_read(sbio, mbuf, BUFSIZZ); 1244 1245 if (seen <= 0) 1246 goto shut; 1247 1248 mbuf[seen] = 0; 1249 while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'") && 1250 !strstr(mbuf, "<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"")) { 1251 seen = BIO_read(sbio, mbuf, BUFSIZZ); 1252 1253 if (seen <= 0) 1254 goto shut; 1255 1256 mbuf[seen] = 0; 1257 } 1258 BIO_printf(sbio, 1259 "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); 1260 seen = BIO_read(sbio, sbuf, BUFSIZZ); 1261 sbuf[seen] = 0; 1262 if (!strstr(sbuf, "<proceed")) 1263 goto shut; 1264 mbuf[0] = 0; 1265 } else if (cfg.proxy != NULL) { 1266 BIO_printf(sbio, "CONNECT %s HTTP/1.0\r\n\r\n", 1267 cfg.connect); 1268 mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ); 1269 if (mbuf_len == -1) { 1270 BIO_printf(bio_err, "BIO_read failed\n"); 1271 goto end; 1272 } 1273 } 1274 for (;;) { 1275 struct pollfd pfd[3]; /* stdin, stdout, socket */ 1276 int ptimeout = -1; 1277 1278 if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, &timeout)) 1279 ptimeout = timeout.tv_sec * 1000 + 1280 timeout.tv_usec / 1000; 1281 1282 if (SSL_in_init(con) && !SSL_total_renegotiations(con)) { 1283 in_init = 1; 1284 tty_on = 0; 1285 } else { 1286 tty_on = 1; 1287 if (in_init) { 1288 in_init = 0; 1289 if (cfg.sess_out) { 1290 BIO *stmp = BIO_new_file( 1291 cfg.sess_out, "w"); 1292 if (stmp) { 1293 PEM_write_bio_SSL_SESSION(stmp, 1294 SSL_get_session(con)); 1295 BIO_free(stmp); 1296 } else 1297 BIO_printf(bio_err, 1298 "Error writing session file %s\n", 1299 cfg.sess_out); 1300 } 1301 print_stuff(bio_c_out, con, full_log); 1302 if (full_log > 0) 1303 full_log--; 1304 1305 if (cfg.starttls_proto) { 1306 BIO_write(bio_err, mbuf, mbuf_len); 1307 /* We don't need to know any more */ 1308 cfg.starttls_proto = PROTO_OFF; 1309 } 1310 if (cfg.reconnect) { 1311 cfg.reconnect--; 1312 BIO_printf(bio_c_out, 1313 "drop connection and then reconnect\n"); 1314 SSL_shutdown(con); 1315 SSL_set_connect_state(con); 1316 shutdown(SSL_get_fd(con), SHUT_RD); 1317 close(SSL_get_fd(con)); 1318 goto re_start; 1319 } 1320 } 1321 } 1322 1323 ssl_pending = read_ssl && SSL_pending(con); 1324 1325 pfd[0].fd = -1; 1326 pfd[1].fd = -1; 1327 if (!ssl_pending) { 1328 if (tty_on) { 1329 if (read_tty) { 1330 pfd[0].fd = fileno(stdin); 1331 pfd[0].events = POLLIN; 1332 } 1333 if (write_tty) { 1334 pfd[1].fd = fileno(stdout); 1335 pfd[1].events = POLLOUT; 1336 } 1337 } 1338 1339 pfd[2].fd = SSL_get_fd(con); 1340 pfd[2].events = 0; 1341 if (read_ssl) 1342 pfd[2].events |= POLLIN; 1343 if (write_ssl) 1344 pfd[2].events |= POLLOUT; 1345 1346 /* printf("mode tty(%d %d%d) ssl(%d%d)\n", 1347 tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ 1348 1349 i = poll(pfd, 3, ptimeout); 1350 if (i == -1) { 1351 BIO_printf(bio_err, "bad select %d\n", 1352 errno); 1353 goto shut; 1354 /* goto end; */ 1355 } 1356 } 1357 if (SSL_is_dtls(con) && 1358 DTLSv1_handle_timeout(con) > 0) 1359 BIO_printf(bio_err, "TIMEOUT occured\n"); 1360 if (!ssl_pending && 1361 (pfd[2].revents & (POLLOUT|POLLERR|POLLNVAL))) { 1362 if (pfd[2].revents & (POLLERR|POLLNVAL)) { 1363 BIO_printf(bio_err, "poll error"); 1364 goto shut; 1365 } 1366 k = SSL_write(con, &(cbuf[cbuf_off]), 1367 (unsigned int) cbuf_len); 1368 switch (SSL_get_error(con, k)) { 1369 case SSL_ERROR_NONE: 1370 cbuf_off += k; 1371 cbuf_len -= k; 1372 if (k <= 0) 1373 goto end; 1374 /* we have done a write(con,NULL,0); */ 1375 if (cbuf_len <= 0) { 1376 read_tty = 1; 1377 write_ssl = 0; 1378 } else { /* if (cbuf_len > 0) */ 1379 read_tty = 0; 1380 write_ssl = 1; 1381 } 1382 break; 1383 case SSL_ERROR_WANT_WRITE: 1384 BIO_printf(bio_c_out, "write W BLOCK\n"); 1385 write_ssl = 1; 1386 read_tty = 0; 1387 break; 1388 case SSL_ERROR_WANT_READ: 1389 BIO_printf(bio_c_out, "write R BLOCK\n"); 1390 write_tty = 0; 1391 read_ssl = 1; 1392 write_ssl = 0; 1393 break; 1394 case SSL_ERROR_WANT_X509_LOOKUP: 1395 BIO_printf(bio_c_out, "write X BLOCK\n"); 1396 break; 1397 case SSL_ERROR_ZERO_RETURN: 1398 if (cbuf_len != 0) { 1399 BIO_printf(bio_c_out, "shutdown\n"); 1400 ret = 0; 1401 goto shut; 1402 } else { 1403 read_tty = 1; 1404 write_ssl = 0; 1405 break; 1406 } 1407 1408 case SSL_ERROR_SYSCALL: 1409 if ((k != 0) || (cbuf_len != 0)) { 1410 BIO_printf(bio_err, "write:errno=%d\n", 1411 errno); 1412 goto shut; 1413 } else { 1414 read_tty = 1; 1415 write_ssl = 0; 1416 } 1417 break; 1418 case SSL_ERROR_SSL: 1419 ERR_print_errors(bio_err); 1420 goto shut; 1421 } 1422 } else if (!ssl_pending && 1423 (pfd[1].revents & (POLLOUT|POLLERR|POLLNVAL))) { 1424 if (pfd[1].revents & (POLLERR|POLLNVAL)) { 1425 BIO_printf(bio_err, "poll error"); 1426 goto shut; 1427 } 1428 i = write(fileno(stdout), &(sbuf[sbuf_off]), sbuf_len); 1429 1430 if (i <= 0) { 1431 BIO_printf(bio_c_out, "DONE\n"); 1432 ret = 0; 1433 goto shut; 1434 /* goto end; */ 1435 } 1436 sbuf_len -= i; 1437 sbuf_off += i; 1438 if (sbuf_len <= 0) { 1439 read_ssl = 1; 1440 write_tty = 0; 1441 } 1442 } else if (ssl_pending || (pfd[2].revents & (POLLIN|POLLHUP))) { 1443 #ifdef RENEG 1444 { 1445 static int iiii; 1446 if (++iiii == 52) { 1447 SSL_renegotiate(con); 1448 iiii = 0; 1449 } 1450 } 1451 #endif 1452 if (cfg.peekaboo) { 1453 k = p = SSL_peek(con, pbuf, 1024 /* BUFSIZZ */ ); 1454 pending = SSL_pending(con); 1455 if (SSL_get_error(con, p) == SSL_ERROR_NONE) { 1456 if (p <= 0) 1457 goto end; 1458 1459 k = SSL_read(con, sbuf, p); 1460 } 1461 } else { 1462 k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ ); 1463 } 1464 1465 switch (SSL_get_error(con, k)) { 1466 case SSL_ERROR_NONE: 1467 if (k <= 0) 1468 goto end; 1469 sbuf_off = 0; 1470 sbuf_len = k; 1471 if (cfg.peekaboo) { 1472 if (p != pending) { 1473 ret = -1; 1474 BIO_printf(bio_err, 1475 "peeked %d but pending %d!\n", 1476 p, pending); 1477 goto shut; 1478 } 1479 if (k < p) { 1480 ret = -1; 1481 BIO_printf(bio_err, 1482 "read less than peek!\n"); 1483 goto shut; 1484 } 1485 if (p > 0 && 1486 (memcmp(sbuf, pbuf, p) != 0)) { 1487 ret = -1; 1488 BIO_printf(bio_err, 1489 "peek of %d different from read of %d!\n", 1490 p, k); 1491 goto shut; 1492 } 1493 } 1494 read_ssl = 0; 1495 write_tty = 1; 1496 break; 1497 case SSL_ERROR_WANT_WRITE: 1498 BIO_printf(bio_c_out, "read W BLOCK\n"); 1499 write_ssl = 1; 1500 read_tty = 0; 1501 break; 1502 case SSL_ERROR_WANT_READ: 1503 BIO_printf(bio_c_out, "read R BLOCK\n"); 1504 write_tty = 0; 1505 read_ssl = 1; 1506 if ((read_tty == 0) && (write_ssl == 0)) 1507 write_ssl = 1; 1508 break; 1509 case SSL_ERROR_WANT_X509_LOOKUP: 1510 BIO_printf(bio_c_out, "read X BLOCK\n"); 1511 break; 1512 case SSL_ERROR_SYSCALL: 1513 ret = errno; 1514 BIO_printf(bio_err, "read:errno=%d\n", ret); 1515 goto shut; 1516 case SSL_ERROR_ZERO_RETURN: 1517 BIO_printf(bio_c_out, "closed\n"); 1518 ret = 0; 1519 goto shut; 1520 case SSL_ERROR_SSL: 1521 ERR_print_errors(bio_err); 1522 goto shut; 1523 /* break; */ 1524 } 1525 } else if (pfd[0].revents) { 1526 if (pfd[0].revents & (POLLERR|POLLNVAL)) { 1527 BIO_printf(bio_err, "poll error"); 1528 goto shut; 1529 } 1530 if (cfg.crlf) { 1531 int j, lf_num; 1532 1533 i = read(fileno(stdin), cbuf, BUFSIZZ / 2); 1534 lf_num = 0; 1535 /* both loops are skipped when i <= 0 */ 1536 for (j = 0; j < i; j++) 1537 if (cbuf[j] == '\n') 1538 lf_num++; 1539 for (j = i - 1; j >= 0; j--) { 1540 cbuf[j + lf_num] = cbuf[j]; 1541 if (cbuf[j] == '\n') { 1542 lf_num--; 1543 i++; 1544 cbuf[j + lf_num] = '\r'; 1545 } 1546 } 1547 assert(lf_num == 0); 1548 } else 1549 i = read(fileno(stdin), cbuf, BUFSIZZ); 1550 1551 if ((!cfg.ign_eof) && 1552 ((i <= 0) || (cbuf[0] == 'Q'))) { 1553 BIO_printf(bio_err, "DONE\n"); 1554 ret = 0; 1555 goto shut; 1556 } 1557 if ((!cfg.ign_eof) && (cbuf[0] == 'R')) { 1558 BIO_printf(bio_err, "RENEGOTIATING\n"); 1559 SSL_renegotiate(con); 1560 cbuf_len = 0; 1561 } else { 1562 cbuf_len = i; 1563 cbuf_off = 0; 1564 } 1565 1566 write_ssl = 1; 1567 read_tty = 0; 1568 } 1569 } 1570 1571 ret = 0; 1572 shut: 1573 if (in_init) 1574 print_stuff(bio_c_out, con, full_log); 1575 SSL_shutdown(con); 1576 shutdown(SSL_get_fd(con), SHUT_RD); 1577 close(SSL_get_fd(con)); 1578 end: 1579 if (con != NULL) { 1580 if (cfg.prexit != 0) 1581 print_stuff(bio_c_out, con, 1); 1582 SSL_free(con); 1583 } 1584 SSL_CTX_free(ctx); 1585 X509_free(cert); 1586 EVP_PKEY_free(key); 1587 free(pass); 1588 X509_VERIFY_PARAM_free(cfg.vpm); 1589 freezero(cbuf, BUFSIZZ); 1590 freezero(sbuf, BUFSIZZ); 1591 freezero(pbuf, BUFSIZZ); 1592 freezero(mbuf, BUFSIZZ); 1593 BIO_free(bio_c_out); 1594 1595 return (ret); 1596 } 1597 1598 static void 1599 print_stuff(BIO *bio, SSL *s, int full) 1600 { 1601 X509 *peer = NULL; 1602 char *p; 1603 static const char *space = " "; 1604 char buf[BUFSIZ]; 1605 STACK_OF(X509) *sk; 1606 STACK_OF(X509_NAME) *sk2; 1607 const SSL_CIPHER *c; 1608 X509_NAME *xn; 1609 int j, i; 1610 unsigned char *exportedkeymat; 1611 1612 if (full) { 1613 int got_a_chain = 0; 1614 1615 sk = SSL_get_peer_cert_chain(s); 1616 if (sk != NULL) { 1617 got_a_chain = 1; /* we don't have it for SSL2 1618 * (yet) */ 1619 1620 BIO_printf(bio, "---\nCertificate chain\n"); 1621 for (i = 0; i < sk_X509_num(sk); i++) { 1622 X509_NAME_oneline(X509_get_subject_name( 1623 sk_X509_value(sk, i)), buf, sizeof buf); 1624 BIO_printf(bio, "%2d s:%s\n", i, buf); 1625 X509_NAME_oneline(X509_get_issuer_name( 1626 sk_X509_value(sk, i)), buf, sizeof buf); 1627 BIO_printf(bio, " i:%s\n", buf); 1628 if (cfg.showcerts) 1629 PEM_write_bio_X509(bio, 1630 sk_X509_value(sk, i)); 1631 } 1632 } 1633 BIO_printf(bio, "---\n"); 1634 peer = SSL_get_peer_certificate(s); 1635 if (peer != NULL) { 1636 BIO_printf(bio, "Server certificate\n"); 1637 if (!(cfg.showcerts && got_a_chain)) { 1638 /* Redundant if we showed the whole chain */ 1639 PEM_write_bio_X509(bio, peer); 1640 } 1641 X509_NAME_oneline(X509_get_subject_name(peer), 1642 buf, sizeof buf); 1643 BIO_printf(bio, "subject=%s\n", buf); 1644 X509_NAME_oneline(X509_get_issuer_name(peer), 1645 buf, sizeof buf); 1646 BIO_printf(bio, "issuer=%s\n", buf); 1647 } else 1648 BIO_printf(bio, "no peer certificate available\n"); 1649 1650 sk2 = SSL_get_client_CA_list(s); 1651 if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) { 1652 BIO_printf(bio, 1653 "---\nAcceptable client certificate CA names\n"); 1654 for (i = 0; i < sk_X509_NAME_num(sk2); i++) { 1655 xn = sk_X509_NAME_value(sk2, i); 1656 X509_NAME_oneline(xn, buf, sizeof(buf)); 1657 BIO_write(bio, buf, strlen(buf)); 1658 BIO_write(bio, "\n", 1); 1659 } 1660 } else { 1661 BIO_printf(bio, 1662 "---\nNo client certificate CA names sent\n"); 1663 } 1664 p = SSL_get_shared_ciphers(s, buf, sizeof buf); 1665 if (p != NULL) { 1666 /* 1667 * This works only for SSL 2. In later protocol 1668 * versions, the client does not know what other 1669 * ciphers (in addition to the one to be used in the 1670 * current connection) the server supports. 1671 */ 1672 1673 BIO_printf(bio, 1674 "---\nCiphers common between both SSL endpoints:\n"); 1675 j = i = 0; 1676 while (*p) { 1677 if (*p == ':') { 1678 BIO_write(bio, space, 15 - j % 25); 1679 i++; 1680 j = 0; 1681 BIO_write(bio, 1682 ((i % 3) ? " " : "\n"), 1); 1683 } else { 1684 BIO_write(bio, p, 1); 1685 j++; 1686 } 1687 p++; 1688 } 1689 BIO_write(bio, "\n", 1); 1690 } 1691 1692 ssl_print_tmp_key(bio, s); 1693 1694 BIO_printf(bio, 1695 "---\nSSL handshake has read %ld bytes and written %ld bytes\n", 1696 BIO_number_read(SSL_get_rbio(s)), 1697 BIO_number_written(SSL_get_wbio(s))); 1698 } 1699 BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, ")); 1700 c = SSL_get_current_cipher(s); 1701 BIO_printf(bio, "%s, Cipher is %s\n", 1702 SSL_CIPHER_get_version(c), 1703 SSL_CIPHER_get_name(c)); 1704 if (peer != NULL) { 1705 EVP_PKEY *pktmp; 1706 1707 pktmp = X509_get0_pubkey(peer); 1708 BIO_printf(bio, "Server public key is %d bit\n", 1709 EVP_PKEY_bits(pktmp)); 1710 } 1711 BIO_printf(bio, "Secure Renegotiation IS%s supported\n", 1712 SSL_get_secure_renegotiation_support(s) ? "" : " NOT"); 1713 1714 /* Compression is not supported and will always be none. */ 1715 BIO_printf(bio, "Compression: NONE\n"); 1716 BIO_printf(bio, "Expansion: NONE\n"); 1717 1718 #ifdef SSL_DEBUG 1719 { 1720 /* Print out local port of connection: useful for debugging */ 1721 int sock; 1722 struct sockaddr_in ladd; 1723 socklen_t ladd_size = sizeof(ladd); 1724 sock = SSL_get_fd(s); 1725 getsockname(sock, (struct sockaddr *) & ladd, &ladd_size); 1726 BIO_printf(bio, "LOCAL PORT is %u\n", 1727 ntohs(ladd.sin_port)); 1728 } 1729 #endif 1730 1731 { 1732 const unsigned char *proto; 1733 unsigned int proto_len; 1734 SSL_get0_alpn_selected(s, &proto, &proto_len); 1735 if (proto_len > 0) { 1736 BIO_printf(bio, "ALPN protocol: "); 1737 BIO_write(bio, proto, proto_len); 1738 BIO_write(bio, "\n", 1); 1739 } else 1740 BIO_printf(bio, "No ALPN negotiated\n"); 1741 } 1742 1743 #ifndef OPENSSL_NO_SRTP 1744 { 1745 SRTP_PROTECTION_PROFILE *srtp_profile; 1746 1747 srtp_profile = SSL_get_selected_srtp_profile(s); 1748 if (srtp_profile) 1749 BIO_printf(bio, 1750 "SRTP Extension negotiated, profile=%s\n", 1751 srtp_profile->name); 1752 } 1753 #endif 1754 1755 SSL_SESSION_print(bio, SSL_get_session(s)); 1756 if (cfg.keymatexportlabel != NULL) { 1757 BIO_printf(bio, "Keying material exporter:\n"); 1758 BIO_printf(bio, " Label: '%s'\n", 1759 cfg.keymatexportlabel); 1760 BIO_printf(bio, " Length: %i bytes\n", 1761 cfg.keymatexportlen); 1762 exportedkeymat = malloc(cfg.keymatexportlen); 1763 if (exportedkeymat != NULL) { 1764 if (!SSL_export_keying_material(s, exportedkeymat, 1765 cfg.keymatexportlen, 1766 cfg.keymatexportlabel, 1767 strlen(cfg.keymatexportlabel), 1768 NULL, 0, 0)) { 1769 BIO_printf(bio, " Error\n"); 1770 } else { 1771 BIO_printf(bio, " Keying material: "); 1772 for (i = 0; i < cfg.keymatexportlen; i++) 1773 BIO_printf(bio, "%02X", 1774 exportedkeymat[i]); 1775 BIO_printf(bio, "\n"); 1776 } 1777 free(exportedkeymat); 1778 } 1779 } 1780 BIO_printf(bio, "---\n"); 1781 X509_free(peer); 1782 /* flush, or debugging output gets mixed with http response */ 1783 (void) BIO_flush(bio); 1784 } 1785 1786 static int 1787 ocsp_resp_cb(SSL *s, void *arg) 1788 { 1789 const unsigned char *p; 1790 int len; 1791 OCSP_RESPONSE *rsp; 1792 len = SSL_get_tlsext_status_ocsp_resp(s, &p); 1793 BIO_puts(arg, "OCSP response: "); 1794 if (!p) { 1795 BIO_puts(arg, "no response sent\n"); 1796 return 1; 1797 } 1798 rsp = d2i_OCSP_RESPONSE(NULL, &p, len); 1799 if (!rsp) { 1800 BIO_puts(arg, "response parse error\n"); 1801 BIO_dump_indent(arg, (char *) p, len, 4); 1802 return 0; 1803 } 1804 BIO_puts(arg, "\n======================================\n"); 1805 OCSP_RESPONSE_print(arg, rsp, 0); 1806 BIO_puts(arg, "======================================\n"); 1807 OCSP_RESPONSE_free(rsp); 1808 return 1; 1809 } 1810 1811 static int 1812 ssl_servername_cb(SSL *s, int *ad, void *arg) 1813 { 1814 tlsextctx *p = (tlsextctx *) arg; 1815 const char *hn = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 1816 if (SSL_get_servername_type(s) != -1) 1817 p->ack = !SSL_session_reused(s) && hn != NULL; 1818 else 1819 BIO_printf(bio_err, "Can't use SSL_get_servername\n"); 1820 1821 return SSL_TLSEXT_ERR_OK; 1822 } 1823 1824