1 /* apps/s_server.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 /* 144 * Until the key-gen callbacks are modified to use newer prototypes, we allow 145 * deprecated functions for openssl-internal code 146 */ 147 #ifdef OPENSSL_NO_DEPRECATED 148 # undef OPENSSL_NO_DEPRECATED 149 #endif 150 151 #include <assert.h> 152 #include <ctype.h> 153 #include <stdio.h> 154 #include <stdlib.h> 155 #include <string.h> 156 157 #include <openssl/e_os2.h> 158 #ifdef OPENSSL_NO_STDIO 159 # define APPS_WIN16 160 #endif 161 162 /* conflicts with winsock2 stuff on netware */ 163 #if !defined(OPENSSL_SYS_NETWARE) 164 # include <sys/types.h> 165 #endif 166 167 /* 168 * With IPv6, it looks like Digital has mixed up the proper order of 169 * recursive header file inclusion, resulting in the compiler complaining 170 * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is 171 * needed to have fileno() declared correctly... So let's define u_int 172 */ 173 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 174 # define __U_INT 175 typedef unsigned int u_int; 176 #endif 177 178 #include <openssl/lhash.h> 179 #include <openssl/bn.h> 180 #define USE_SOCKETS 181 #include "apps.h" 182 #include <openssl/err.h> 183 #include <openssl/pem.h> 184 #include <openssl/x509.h> 185 #include <openssl/ssl.h> 186 #include <openssl/rand.h> 187 #include <openssl/ocsp.h> 188 #ifndef OPENSSL_NO_DH 189 # include <openssl/dh.h> 190 #endif 191 #ifndef OPENSSL_NO_RSA 192 # include <openssl/rsa.h> 193 #endif 194 #ifndef OPENSSL_NO_SRP 195 # include <openssl/srp.h> 196 #endif 197 #include "s_apps.h" 198 #include "timeouts.h" 199 200 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 201 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 202 # undef FIONBIO 203 #endif 204 205 #if defined(OPENSSL_SYS_BEOS_R5) 206 # include <fcntl.h> 207 #endif 208 209 #ifndef OPENSSL_NO_RSA 210 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 211 #endif 212 static int sv_body(char *hostname, int s, unsigned char *context); 213 static int www_body(char *hostname, int s, unsigned char *context); 214 static void close_accept_socket(void); 215 static void sv_usage(void); 216 static int init_ssl_connection(SSL *s); 217 static void print_stats(BIO *bp, SSL_CTX *ctx); 218 static int generate_session_id(const SSL *ssl, unsigned char *id, 219 unsigned int *id_len); 220 #ifndef OPENSSL_NO_DH 221 static DH *load_dh_param(const char *dhfile); 222 static DH *get_dh512(void); 223 #endif 224 225 #ifdef MONOLITH 226 static void s_server_init(void); 227 #endif 228 229 #ifndef OPENSSL_NO_DH 230 static unsigned char dh512_p[] = { 231 0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75, 232 0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F, 233 0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3, 234 0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12, 235 0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C, 236 0x47, 0x74, 0xE8, 0x33, 237 }; 238 239 static unsigned char dh512_g[] = { 240 0x02, 241 }; 242 243 static DH *get_dh512(void) 244 { 245 DH *dh = NULL; 246 247 if ((dh = DH_new()) == NULL) 248 return (NULL); 249 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 250 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 251 if ((dh->p == NULL) || (dh->g == NULL)) 252 return (NULL); 253 return (dh); 254 } 255 #endif 256 257 /* static int load_CA(SSL_CTX *ctx, char *file);*/ 258 259 #undef BUFSIZZ 260 #define BUFSIZZ 16*1024 261 static int bufsize = BUFSIZZ; 262 static int accept_socket = -1; 263 264 #define TEST_CERT "server.pem" 265 #ifndef OPENSSL_NO_TLSEXT 266 # define TEST_CERT2 "server2.pem" 267 #endif 268 #undef PROG 269 #define PROG s_server_main 270 271 extern int verify_depth, verify_return_error; 272 273 static char *cipher = NULL; 274 static int s_server_verify = SSL_VERIFY_NONE; 275 static int s_server_session_id_context = 1; /* anything will do */ 276 static const char *s_cert_file = TEST_CERT, *s_key_file = NULL; 277 #ifndef OPENSSL_NO_TLSEXT 278 static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL; 279 #endif 280 static char *s_dcert_file = NULL, *s_dkey_file = NULL; 281 #ifdef FIONBIO 282 static int s_nbio = 0; 283 #endif 284 static int s_nbio_test = 0; 285 int s_crlf = 0; 286 static SSL_CTX *ctx = NULL; 287 #ifndef OPENSSL_NO_TLSEXT 288 static SSL_CTX *ctx2 = NULL; 289 #endif 290 static int www = 0; 291 292 static BIO *bio_s_out = NULL; 293 static int s_debug = 0; 294 #ifndef OPENSSL_NO_TLSEXT 295 static int s_tlsextdebug = 0; 296 static int s_tlsextstatus = 0; 297 static int cert_status_cb(SSL *s, void *arg); 298 #endif 299 static int s_msg = 0; 300 static int s_quiet = 0; 301 302 static char *keymatexportlabel = NULL; 303 static int keymatexportlen = 20; 304 305 static int hack = 0; 306 #ifndef OPENSSL_NO_ENGINE 307 static char *engine_id = NULL; 308 #endif 309 static const char *session_id_prefix = NULL; 310 311 static int enable_timeouts = 0; 312 static long socket_mtu; 313 #ifndef OPENSSL_NO_DTLS1 314 static int cert_chain = 0; 315 #endif 316 317 #ifndef OPENSSL_NO_PSK 318 static char *psk_identity = "Client_identity"; 319 char *psk_key = NULL; /* by default PSK is not used */ 320 321 static unsigned int psk_server_cb(SSL *ssl, const char *identity, 322 unsigned char *psk, 323 unsigned int max_psk_len) 324 { 325 unsigned int psk_len = 0; 326 int ret; 327 BIGNUM *bn = NULL; 328 329 if (s_debug) 330 BIO_printf(bio_s_out, "psk_server_cb\n"); 331 if (!identity) { 332 BIO_printf(bio_err, "Error: client did not send PSK identity\n"); 333 goto out_err; 334 } 335 if (s_debug) 336 BIO_printf(bio_s_out, "identity_len=%d identity=%s\n", 337 (int)strlen(identity), identity); 338 339 /* here we could lookup the given identity e.g. from a database */ 340 if (strcmp(identity, psk_identity) != 0) { 341 BIO_printf(bio_s_out, "PSK error: client identity not found" 342 " (got '%s' expected '%s')\n", identity, psk_identity); 343 goto out_err; 344 } 345 if (s_debug) 346 BIO_printf(bio_s_out, "PSK client identity found\n"); 347 348 /* convert the PSK key to binary */ 349 ret = BN_hex2bn(&bn, psk_key); 350 if (!ret) { 351 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", 352 psk_key); 353 if (bn) 354 BN_free(bn); 355 return 0; 356 } 357 if (BN_num_bytes(bn) > (int)max_psk_len) { 358 BIO_printf(bio_err, 359 "psk buffer of callback is too small (%d) for key (%d)\n", 360 max_psk_len, BN_num_bytes(bn)); 361 BN_free(bn); 362 return 0; 363 } 364 365 ret = BN_bn2bin(bn, psk); 366 BN_free(bn); 367 368 if (ret < 0) 369 goto out_err; 370 psk_len = (unsigned int)ret; 371 372 if (s_debug) 373 BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len); 374 return psk_len; 375 out_err: 376 if (s_debug) 377 BIO_printf(bio_err, "Error in PSK server callback\n"); 378 return 0; 379 } 380 #endif 381 382 #ifndef OPENSSL_NO_SRP 383 /* This is a context that we pass to callbacks */ 384 typedef struct srpsrvparm_st { 385 char *login; 386 SRP_VBASE *vb; 387 SRP_user_pwd *user; 388 } srpsrvparm; 389 390 /* 391 * This callback pretends to require some asynchronous logic in order to 392 * obtain a verifier. When the callback is called for a new connection we 393 * return with a negative value. This will provoke the accept etc to return 394 * with an LOOKUP_X509. The main logic of the reinvokes the suspended call 395 * (which would normally occur after a worker has finished) and we set the 396 * user parameters. 397 */ 398 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 399 { 400 srpsrvparm *p = (srpsrvparm *) arg; 401 if (p->login == NULL && p->user == NULL) { 402 p->login = SSL_get_srp_username(s); 403 BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login); 404 return (-1); 405 } 406 407 if (p->user == NULL) { 408 BIO_printf(bio_err, "User %s doesn't exist\n", p->login); 409 return SSL3_AL_FATAL; 410 } 411 if (SSL_set_srp_server_param 412 (s, p->user->N, p->user->g, p->user->s, p->user->v, 413 p->user->info) < 0) { 414 *ad = SSL_AD_INTERNAL_ERROR; 415 return SSL3_AL_FATAL; 416 } 417 BIO_printf(bio_err, 418 "SRP parameters set: username = \"%s\" info=\"%s\" \n", 419 p->login, p->user->info); 420 /* need to check whether there are memory leaks */ 421 p->user = NULL; 422 p->login = NULL; 423 return SSL_ERROR_NONE; 424 } 425 426 #endif 427 428 #ifdef MONOLITH 429 static void s_server_init(void) 430 { 431 accept_socket = -1; 432 cipher = NULL; 433 s_server_verify = SSL_VERIFY_NONE; 434 s_dcert_file = NULL; 435 s_dkey_file = NULL; 436 s_cert_file = TEST_CERT; 437 s_key_file = NULL; 438 # ifndef OPENSSL_NO_TLSEXT 439 s_cert_file2 = TEST_CERT2; 440 s_key_file2 = NULL; 441 ctx2 = NULL; 442 # endif 443 # ifdef FIONBIO 444 s_nbio = 0; 445 # endif 446 s_nbio_test = 0; 447 ctx = NULL; 448 www = 0; 449 450 bio_s_out = NULL; 451 s_debug = 0; 452 s_msg = 0; 453 s_quiet = 0; 454 hack = 0; 455 # ifndef OPENSSL_NO_ENGINE 456 engine_id = NULL; 457 # endif 458 } 459 #endif 460 461 static void sv_usage(void) 462 { 463 BIO_printf(bio_err, "usage: s_server [args ...]\n"); 464 BIO_printf(bio_err, "\n"); 465 BIO_printf(bio_err, 466 " -accept arg - port to accept on (default is %d)\n", PORT); 467 BIO_printf(bio_err, " -context arg - set session ID context\n"); 468 BIO_printf(bio_err, 469 " -verify arg - turn on peer certificate verification\n"); 470 BIO_printf(bio_err, 471 " -Verify arg - turn on peer certificate verification, must have a cert.\n"); 472 BIO_printf(bio_err, 473 " -verify_return_error - return verification errors\n"); 474 BIO_printf(bio_err, " -cert arg - certificate file to use\n"); 475 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT); 476 BIO_printf(bio_err, 477 " -crl_check - check the peer certificate has not been revoked by its CA.\n" 478 " The CRL(s) are appended to the certificate file\n"); 479 BIO_printf(bio_err, 480 " -crl_check_all - check the peer certificate has not been revoked by its CA\n" 481 " or any other CRL in the CA chain. CRL(s) are appened to the\n" 482 " the certificate file.\n"); 483 BIO_printf(bio_err, 484 " -certform arg - certificate format (PEM or DER) PEM default\n"); 485 BIO_printf(bio_err, 486 " -key arg - Private Key file to use, in cert file if\n"); 487 BIO_printf(bio_err, " not specified (default is %s)\n", 488 TEST_CERT); 489 BIO_printf(bio_err, 490 " -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); 491 BIO_printf(bio_err, 492 " -pass arg - private key file pass phrase source\n"); 493 BIO_printf(bio_err, 494 " -dcert arg - second certificate file to use (usually for DSA)\n"); 495 BIO_printf(bio_err, 496 " -dcertform x - second certificate format (PEM or DER) PEM default\n"); 497 BIO_printf(bio_err, 498 " -dkey arg - second private key file to use (usually for DSA)\n"); 499 BIO_printf(bio_err, 500 " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); 501 BIO_printf(bio_err, 502 " -dpass arg - second private key file pass phrase source\n"); 503 BIO_printf(bio_err, 504 " -dhparam arg - DH parameter file to use, in cert file if not specified\n"); 505 BIO_printf(bio_err, 506 " or a default set of parameters is used\n"); 507 #ifndef OPENSSL_NO_ECDH 508 BIO_printf(bio_err, 509 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" 510 " Use \"openssl ecparam -list_curves\" for all names\n" 511 " (default is nistp256).\n"); 512 #endif 513 #ifdef FIONBIO 514 BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n"); 515 #endif 516 BIO_printf(bio_err, 517 " -nbio_test - test with the non-blocking test bio\n"); 518 BIO_printf(bio_err, 519 " -crlf - convert LF from terminal into CRLF\n"); 520 BIO_printf(bio_err, " -debug - Print more output\n"); 521 BIO_printf(bio_err, " -msg - Show protocol messages\n"); 522 BIO_printf(bio_err, " -state - Print the SSL states\n"); 523 BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n"); 524 BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n"); 525 BIO_printf(bio_err, 526 " -nocert - Don't use any certificates (Anon-DH)\n"); 527 BIO_printf(bio_err, 528 " -cipher arg - play with 'openssl ciphers' to see what goes here\n"); 529 BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n"); 530 BIO_printf(bio_err, " -quiet - No server output\n"); 531 BIO_printf(bio_err, " -no_tmp_rsa - Do not generate a tmp RSA key\n"); 532 #ifndef OPENSSL_NO_PSK 533 BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n"); 534 BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n"); 535 # ifndef OPENSSL_NO_JPAKE 536 BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n"); 537 # endif 538 #endif 539 #ifndef OPENSSL_NO_SRP 540 BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n"); 541 BIO_printf(bio_err, 542 " -srpuserseed string - A seed string for a default user salt.\n"); 543 #endif 544 BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n"); 545 #ifndef OPENSSL_NO_SSL3_METHOD 546 BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n"); 547 #endif 548 BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n"); 549 BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n"); 550 BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n"); 551 BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n"); 552 BIO_printf(bio_err, " -timeout - Enable timeouts\n"); 553 BIO_printf(bio_err, " -mtu - Set link layer MTU\n"); 554 BIO_printf(bio_err, " -chain - Read a certificate chain\n"); 555 BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n"); 556 BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n"); 557 BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n"); 558 BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n"); 559 BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n"); 560 #ifndef OPENSSL_NO_DH 561 BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n"); 562 #endif 563 #ifndef OPENSSL_NO_ECDH 564 BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n"); 565 #endif 566 BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n"); 567 BIO_printf(bio_err, 568 " -hack - workaround for early Netscape code\n"); 569 BIO_printf(bio_err, 570 " -www - Respond to a 'GET /' with a status page\n"); 571 BIO_printf(bio_err, 572 " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 573 BIO_printf(bio_err, 574 " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 575 BIO_printf(bio_err, 576 " with the assumption it contains a complete HTTP response.\n"); 577 #ifndef OPENSSL_NO_ENGINE 578 BIO_printf(bio_err, 579 " -engine id - Initialise and use the specified engine\n"); 580 #endif 581 BIO_printf(bio_err, 582 " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); 583 BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, 584 LIST_SEPARATOR_CHAR); 585 #ifndef OPENSSL_NO_TLSEXT 586 BIO_printf(bio_err, 587 " -servername host - servername for HostName TLS extension\n"); 588 BIO_printf(bio_err, 589 " -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); 590 BIO_printf(bio_err, 591 " -cert2 arg - certificate file to use for servername\n"); 592 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT2); 593 BIO_printf(bio_err, 594 " -key2 arg - Private Key file to use for servername, in cert file if\n"); 595 BIO_printf(bio_err, " not specified (default is %s)\n", 596 TEST_CERT2); 597 BIO_printf(bio_err, 598 " -tlsextdebug - hex dump of all TLS extensions received\n"); 599 BIO_printf(bio_err, 600 " -no_ticket - disable use of RFC4507bis session tickets\n"); 601 BIO_printf(bio_err, 602 " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 603 # ifndef OPENSSL_NO_NEXTPROTONEG 604 BIO_printf(bio_err, 605 " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); 606 # endif 607 # ifndef OPENSSL_NO_SRTP 608 BIO_printf(bio_err, 609 " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 610 # endif 611 #endif 612 BIO_printf(bio_err, 613 " -keymatexport label - Export keying material using label\n"); 614 BIO_printf(bio_err, 615 " -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 616 BIO_printf(bio_err, 617 " -status - respond to certificate status requests\n"); 618 BIO_printf(bio_err, 619 " -status_verbose - enable status request verbose printout\n"); 620 BIO_printf(bio_err, 621 " -status_timeout n - status request responder timeout\n"); 622 BIO_printf(bio_err, " -status_url URL - status request fallback URL\n"); 623 } 624 625 static int local_argc = 0; 626 static char **local_argv; 627 628 #ifdef CHARSET_EBCDIC 629 static int ebcdic_new(BIO *bi); 630 static int ebcdic_free(BIO *a); 631 static int ebcdic_read(BIO *b, char *out, int outl); 632 static int ebcdic_write(BIO *b, const char *in, int inl); 633 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr); 634 static int ebcdic_gets(BIO *bp, char *buf, int size); 635 static int ebcdic_puts(BIO *bp, const char *str); 636 637 # define BIO_TYPE_EBCDIC_FILTER (18|0x0200) 638 static BIO_METHOD methods_ebcdic = { 639 BIO_TYPE_EBCDIC_FILTER, 640 "EBCDIC/ASCII filter", 641 ebcdic_write, 642 ebcdic_read, 643 ebcdic_puts, 644 ebcdic_gets, 645 ebcdic_ctrl, 646 ebcdic_new, 647 ebcdic_free, 648 }; 649 650 typedef struct { 651 size_t alloced; 652 char buff[1]; 653 } EBCDIC_OUTBUFF; 654 655 BIO_METHOD *BIO_f_ebcdic_filter() 656 { 657 return (&methods_ebcdic); 658 } 659 660 static int ebcdic_new(BIO *bi) 661 { 662 EBCDIC_OUTBUFF *wbuf; 663 664 wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); 665 if (!wbuf) 666 return 0; 667 wbuf->alloced = 1024; 668 wbuf->buff[0] = '\0'; 669 670 bi->ptr = (char *)wbuf; 671 bi->init = 1; 672 bi->flags = 0; 673 return (1); 674 } 675 676 static int ebcdic_free(BIO *a) 677 { 678 if (a == NULL) 679 return (0); 680 if (a->ptr != NULL) 681 OPENSSL_free(a->ptr); 682 a->ptr = NULL; 683 a->init = 0; 684 a->flags = 0; 685 return (1); 686 } 687 688 static int ebcdic_read(BIO *b, char *out, int outl) 689 { 690 int ret = 0; 691 692 if (out == NULL || outl == 0) 693 return (0); 694 if (b->next_bio == NULL) 695 return (0); 696 697 ret = BIO_read(b->next_bio, out, outl); 698 if (ret > 0) 699 ascii2ebcdic(out, out, ret); 700 return (ret); 701 } 702 703 static int ebcdic_write(BIO *b, const char *in, int inl) 704 { 705 EBCDIC_OUTBUFF *wbuf; 706 int ret = 0; 707 int num; 708 unsigned char n; 709 710 if ((in == NULL) || (inl <= 0)) 711 return (0); 712 if (b->next_bio == NULL) 713 return (0); 714 715 wbuf = (EBCDIC_OUTBUFF *) b->ptr; 716 717 if (inl > (num = wbuf->alloced)) { 718 num = num + num; /* double the size */ 719 if (num < inl) 720 num = inl; 721 wbuf = 722 (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); 723 if(!wbuf) 724 return 0; 725 OPENSSL_free(b->ptr); 726 727 wbuf->alloced = num; 728 wbuf->buff[0] = '\0'; 729 730 b->ptr = (char *)wbuf; 731 } 732 733 ebcdic2ascii(wbuf->buff, in, inl); 734 735 ret = BIO_write(b->next_bio, wbuf->buff, inl); 736 737 return (ret); 738 } 739 740 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr) 741 { 742 long ret; 743 744 if (b->next_bio == NULL) 745 return (0); 746 switch (cmd) { 747 case BIO_CTRL_DUP: 748 ret = 0L; 749 break; 750 default: 751 ret = BIO_ctrl(b->next_bio, cmd, num, ptr); 752 break; 753 } 754 return (ret); 755 } 756 757 static int ebcdic_gets(BIO *bp, char *buf, int size) 758 { 759 int i, ret = 0; 760 if (bp->next_bio == NULL) 761 return (0); 762 /* return(BIO_gets(bp->next_bio,buf,size));*/ 763 for (i = 0; i < size - 1; ++i) { 764 ret = ebcdic_read(bp, &buf[i], 1); 765 if (ret <= 0) 766 break; 767 else if (buf[i] == '\n') { 768 ++i; 769 break; 770 } 771 } 772 if (i < size) 773 buf[i] = '\0'; 774 return (ret < 0 && i == 0) ? ret : i; 775 } 776 777 static int ebcdic_puts(BIO *bp, const char *str) 778 { 779 if (bp->next_bio == NULL) 780 return (0); 781 return ebcdic_write(bp, str, strlen(str)); 782 } 783 #endif 784 785 #ifndef OPENSSL_NO_TLSEXT 786 787 /* This is a context that we pass to callbacks */ 788 typedef struct tlsextctx_st { 789 char *servername; 790 BIO *biodebug; 791 int extension_error; 792 } tlsextctx; 793 794 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 795 { 796 tlsextctx *p = (tlsextctx *) arg; 797 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 798 if (servername && p->biodebug) 799 BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n", 800 servername); 801 802 if (!p->servername) 803 return SSL_TLSEXT_ERR_NOACK; 804 805 if (servername) { 806 if (strcasecmp(servername, p->servername)) 807 return p->extension_error; 808 if (ctx2) { 809 BIO_printf(p->biodebug, "Switching server context.\n"); 810 SSL_set_SSL_CTX(s, ctx2); 811 } 812 } 813 return SSL_TLSEXT_ERR_OK; 814 } 815 816 /* Structure passed to cert status callback */ 817 818 typedef struct tlsextstatusctx_st { 819 /* Default responder to use */ 820 char *host, *path, *port; 821 int use_ssl; 822 int timeout; 823 BIO *err; 824 int verbose; 825 } tlsextstatusctx; 826 827 static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, NULL, 0 }; 828 829 /* 830 * Certificate Status callback. This is called when a client includes a 831 * certificate status request extension. This is a simplified version. It 832 * examines certificates each time and makes one OCSP responder query for 833 * each request. A full version would store details such as the OCSP 834 * certificate IDs and minimise the number of OCSP responses by caching them 835 * until they were considered "expired". 836 */ 837 838 static int cert_status_cb(SSL *s, void *arg) 839 { 840 tlsextstatusctx *srctx = arg; 841 BIO *err = srctx->err; 842 char *host, *port, *path; 843 int use_ssl; 844 unsigned char *rspder = NULL; 845 int rspderlen; 846 STACK_OF(OPENSSL_STRING) *aia = NULL; 847 X509 *x = NULL; 848 X509_STORE_CTX inctx; 849 X509_OBJECT obj; 850 OCSP_REQUEST *req = NULL; 851 OCSP_RESPONSE *resp = NULL; 852 OCSP_CERTID *id = NULL; 853 STACK_OF(X509_EXTENSION) *exts; 854 int ret = SSL_TLSEXT_ERR_NOACK; 855 int i; 856 # if 0 857 STACK_OF(OCSP_RESPID) *ids; 858 SSL_get_tlsext_status_ids(s, &ids); 859 BIO_printf(err, "cert_status: received %d ids\n", 860 sk_OCSP_RESPID_num(ids)); 861 # endif 862 if (srctx->verbose) 863 BIO_puts(err, "cert_status: callback called\n"); 864 /* Build up OCSP query from server certificate */ 865 x = SSL_get_certificate(s); 866 aia = X509_get1_ocsp(x); 867 if (aia) { 868 if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), 869 &host, &port, &path, &use_ssl)) { 870 BIO_puts(err, "cert_status: can't parse AIA URL\n"); 871 goto err; 872 } 873 if (srctx->verbose) 874 BIO_printf(err, "cert_status: AIA URL: %s\n", 875 sk_OPENSSL_STRING_value(aia, 0)); 876 } else { 877 if (!srctx->host) { 878 BIO_puts(srctx->err, 879 "cert_status: no AIA and no default responder URL\n"); 880 goto done; 881 } 882 host = srctx->host; 883 path = srctx->path; 884 port = srctx->port; 885 use_ssl = srctx->use_ssl; 886 } 887 888 if (!X509_STORE_CTX_init(&inctx, 889 SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), 890 NULL, NULL)) 891 goto err; 892 if (X509_STORE_get_by_subject(&inctx, X509_LU_X509, 893 X509_get_issuer_name(x), &obj) <= 0) { 894 BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); 895 X509_STORE_CTX_cleanup(&inctx); 896 goto done; 897 } 898 req = OCSP_REQUEST_new(); 899 if (!req) 900 goto err; 901 id = OCSP_cert_to_id(NULL, x, obj.data.x509); 902 X509_free(obj.data.x509); 903 X509_STORE_CTX_cleanup(&inctx); 904 if (!id) 905 goto err; 906 if (!OCSP_request_add0_id(req, id)) 907 goto err; 908 id = NULL; 909 /* Add any extensions to the request */ 910 SSL_get_tlsext_status_exts(s, &exts); 911 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { 912 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); 913 if (!OCSP_REQUEST_add_ext(req, ext, -1)) 914 goto err; 915 } 916 resp = process_responder(err, req, host, path, port, use_ssl, NULL, 917 srctx->timeout); 918 if (!resp) { 919 BIO_puts(err, "cert_status: error querying responder\n"); 920 goto done; 921 } 922 rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); 923 if (rspderlen <= 0) 924 goto err; 925 SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); 926 if (srctx->verbose) { 927 BIO_puts(err, "cert_status: ocsp response sent:\n"); 928 OCSP_RESPONSE_print(err, resp, 2); 929 } 930 ret = SSL_TLSEXT_ERR_OK; 931 done: 932 if (ret != SSL_TLSEXT_ERR_OK) 933 ERR_print_errors(err); 934 if (aia) { 935 OPENSSL_free(host); 936 OPENSSL_free(path); 937 OPENSSL_free(port); 938 X509_email_free(aia); 939 } 940 if (id) 941 OCSP_CERTID_free(id); 942 if (req) 943 OCSP_REQUEST_free(req); 944 if (resp) 945 OCSP_RESPONSE_free(resp); 946 return ret; 947 err: 948 ret = SSL_TLSEXT_ERR_ALERT_FATAL; 949 goto done; 950 } 951 952 # ifndef OPENSSL_NO_NEXTPROTONEG 953 /* This is the context that we pass to next_proto_cb */ 954 typedef struct tlsextnextprotoctx_st { 955 unsigned char *data; 956 unsigned int len; 957 } tlsextnextprotoctx; 958 959 static int next_proto_cb(SSL *s, const unsigned char **data, 960 unsigned int *len, void *arg) 961 { 962 tlsextnextprotoctx *next_proto = arg; 963 964 *data = next_proto->data; 965 *len = next_proto->len; 966 967 return SSL_TLSEXT_ERR_OK; 968 } 969 # endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 970 971 #endif 972 973 int MAIN(int, char **); 974 975 #ifndef OPENSSL_NO_JPAKE 976 static char *jpake_secret = NULL; 977 #endif 978 #ifndef OPENSSL_NO_SRP 979 static srpsrvparm srp_callback_parm; 980 #endif 981 #ifndef OPENSSL_NO_SRTP 982 static char *srtp_profiles = NULL; 983 #endif 984 985 int MAIN(int argc, char *argv[]) 986 { 987 X509_VERIFY_PARAM *vpm = NULL; 988 int badarg = 0; 989 short port = PORT; 990 char *CApath = NULL, *CAfile = NULL; 991 unsigned char *context = NULL; 992 char *dhfile = NULL; 993 #ifndef OPENSSL_NO_ECDH 994 char *named_curve = NULL; 995 #endif 996 int badop = 0, bugs = 0; 997 int ret = 1; 998 int off = 0; 999 int no_tmp_rsa = 0, no_dhe = 0, nocert = 0; 1000 #ifndef OPENSSL_NO_ECDH 1001 int no_ecdhe; 1002 #endif 1003 int state = 0; 1004 const SSL_METHOD *meth = NULL; 1005 int socket_type = SOCK_STREAM; 1006 ENGINE *e = NULL; 1007 char *inrand = NULL; 1008 int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; 1009 char *passarg = NULL, *pass = NULL; 1010 char *dpassarg = NULL, *dpass = NULL; 1011 int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; 1012 X509 *s_cert = NULL, *s_dcert = NULL; 1013 EVP_PKEY *s_key = NULL, *s_dkey = NULL; 1014 int no_cache = 0; 1015 #ifndef OPENSSL_NO_TLSEXT 1016 EVP_PKEY *s_key2 = NULL; 1017 X509 *s_cert2 = NULL; 1018 tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING }; 1019 # ifndef OPENSSL_NO_NEXTPROTONEG 1020 const char *next_proto_neg_in = NULL; 1021 tlsextnextprotoctx next_proto; 1022 # endif 1023 #endif 1024 #ifndef OPENSSL_NO_PSK 1025 /* by default do not send a PSK identity hint */ 1026 static char *psk_identity_hint = NULL; 1027 #endif 1028 #ifndef OPENSSL_NO_SRP 1029 char *srpuserseed = NULL; 1030 char *srp_verifier_file = NULL; 1031 #endif 1032 meth = SSLv23_server_method(); 1033 1034 local_argc = argc; 1035 local_argv = argv; 1036 1037 apps_startup(); 1038 #ifdef MONOLITH 1039 s_server_init(); 1040 #endif 1041 1042 if (bio_err == NULL) 1043 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); 1044 1045 if (!load_config(bio_err, NULL)) 1046 goto end; 1047 1048 verify_depth = 0; 1049 #ifdef FIONBIO 1050 s_nbio = 0; 1051 #endif 1052 s_nbio_test = 0; 1053 1054 argc--; 1055 argv++; 1056 1057 while (argc >= 1) { 1058 if ((strcmp(*argv, "-port") == 0) || (strcmp(*argv, "-accept") == 0)) { 1059 if (--argc < 1) 1060 goto bad; 1061 if (!extract_port(*(++argv), &port)) 1062 goto bad; 1063 } else if (strcmp(*argv, "-verify") == 0) { 1064 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; 1065 if (--argc < 1) 1066 goto bad; 1067 verify_depth = atoi(*(++argv)); 1068 BIO_printf(bio_err, "verify depth is %d\n", verify_depth); 1069 } else if (strcmp(*argv, "-Verify") == 0) { 1070 s_server_verify = 1071 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | 1072 SSL_VERIFY_CLIENT_ONCE; 1073 if (--argc < 1) 1074 goto bad; 1075 verify_depth = atoi(*(++argv)); 1076 BIO_printf(bio_err, 1077 "verify depth is %d, must return a certificate\n", 1078 verify_depth); 1079 } else if (strcmp(*argv, "-context") == 0) { 1080 if (--argc < 1) 1081 goto bad; 1082 context = (unsigned char *)*(++argv); 1083 } else if (strcmp(*argv, "-cert") == 0) { 1084 if (--argc < 1) 1085 goto bad; 1086 s_cert_file = *(++argv); 1087 } else if (strcmp(*argv, "-certform") == 0) { 1088 if (--argc < 1) 1089 goto bad; 1090 s_cert_format = str2fmt(*(++argv)); 1091 } else if (strcmp(*argv, "-key") == 0) { 1092 if (--argc < 1) 1093 goto bad; 1094 s_key_file = *(++argv); 1095 } else if (strcmp(*argv, "-keyform") == 0) { 1096 if (--argc < 1) 1097 goto bad; 1098 s_key_format = str2fmt(*(++argv)); 1099 } else if (strcmp(*argv, "-pass") == 0) { 1100 if (--argc < 1) 1101 goto bad; 1102 passarg = *(++argv); 1103 } else if (strcmp(*argv, "-dhparam") == 0) { 1104 if (--argc < 1) 1105 goto bad; 1106 dhfile = *(++argv); 1107 } 1108 #ifndef OPENSSL_NO_ECDH 1109 else if (strcmp(*argv, "-named_curve") == 0) { 1110 if (--argc < 1) 1111 goto bad; 1112 named_curve = *(++argv); 1113 } 1114 #endif 1115 else if (strcmp(*argv, "-dcertform") == 0) { 1116 if (--argc < 1) 1117 goto bad; 1118 s_dcert_format = str2fmt(*(++argv)); 1119 } else if (strcmp(*argv, "-dcert") == 0) { 1120 if (--argc < 1) 1121 goto bad; 1122 s_dcert_file = *(++argv); 1123 } else if (strcmp(*argv, "-dkeyform") == 0) { 1124 if (--argc < 1) 1125 goto bad; 1126 s_dkey_format = str2fmt(*(++argv)); 1127 } else if (strcmp(*argv, "-dpass") == 0) { 1128 if (--argc < 1) 1129 goto bad; 1130 dpassarg = *(++argv); 1131 } else if (strcmp(*argv, "-dkey") == 0) { 1132 if (--argc < 1) 1133 goto bad; 1134 s_dkey_file = *(++argv); 1135 } else if (strcmp(*argv, "-nocert") == 0) { 1136 nocert = 1; 1137 } else if (strcmp(*argv, "-CApath") == 0) { 1138 if (--argc < 1) 1139 goto bad; 1140 CApath = *(++argv); 1141 } else if (strcmp(*argv, "-no_cache") == 0) 1142 no_cache = 1; 1143 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) { 1144 if (badarg) 1145 goto bad; 1146 continue; 1147 } else if (strcmp(*argv, "-verify_return_error") == 0) 1148 verify_return_error = 1; 1149 else if (strcmp(*argv, "-serverpref") == 0) { 1150 off |= SSL_OP_CIPHER_SERVER_PREFERENCE; 1151 } else if (strcmp(*argv, "-legacy_renegotiation") == 0) 1152 off |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 1153 else if (strcmp(*argv, "-cipher") == 0) { 1154 if (--argc < 1) 1155 goto bad; 1156 cipher = *(++argv); 1157 } else if (strcmp(*argv, "-CAfile") == 0) { 1158 if (--argc < 1) 1159 goto bad; 1160 CAfile = *(++argv); 1161 } 1162 #ifdef FIONBIO 1163 else if (strcmp(*argv, "-nbio") == 0) { 1164 s_nbio = 1; 1165 } 1166 #endif 1167 else if (strcmp(*argv, "-nbio_test") == 0) { 1168 #ifdef FIONBIO 1169 s_nbio = 1; 1170 #endif 1171 s_nbio_test = 1; 1172 } else if (strcmp(*argv, "-debug") == 0) { 1173 s_debug = 1; 1174 } 1175 #ifndef OPENSSL_NO_TLSEXT 1176 else if (strcmp(*argv, "-tlsextdebug") == 0) 1177 s_tlsextdebug = 1; 1178 else if (strcmp(*argv, "-status") == 0) 1179 s_tlsextstatus = 1; 1180 else if (strcmp(*argv, "-status_verbose") == 0) { 1181 s_tlsextstatus = 1; 1182 tlscstatp.verbose = 1; 1183 } else if (!strcmp(*argv, "-status_timeout")) { 1184 s_tlsextstatus = 1; 1185 if (--argc < 1) 1186 goto bad; 1187 tlscstatp.timeout = atoi(*(++argv)); 1188 } else if (!strcmp(*argv, "-status_url")) { 1189 s_tlsextstatus = 1; 1190 if (--argc < 1) 1191 goto bad; 1192 if (!OCSP_parse_url(*(++argv), 1193 &tlscstatp.host, 1194 &tlscstatp.port, 1195 &tlscstatp.path, &tlscstatp.use_ssl)) { 1196 BIO_printf(bio_err, "Error parsing URL\n"); 1197 goto bad; 1198 } 1199 } 1200 #endif 1201 else if (strcmp(*argv, "-msg") == 0) { 1202 s_msg = 1; 1203 } else if (strcmp(*argv, "-hack") == 0) { 1204 hack = 1; 1205 } else if (strcmp(*argv, "-state") == 0) { 1206 state = 1; 1207 } else if (strcmp(*argv, "-crlf") == 0) { 1208 s_crlf = 1; 1209 } else if (strcmp(*argv, "-quiet") == 0) { 1210 s_quiet = 1; 1211 } else if (strcmp(*argv, "-bugs") == 0) { 1212 bugs = 1; 1213 } else if (strcmp(*argv, "-no_tmp_rsa") == 0) { 1214 no_tmp_rsa = 1; 1215 } else if (strcmp(*argv, "-no_dhe") == 0) { 1216 no_dhe = 1; 1217 } 1218 #ifndef OPENSSL_NO_ECDH 1219 else if (strcmp(*argv, "-no_ecdhe") == 0) { 1220 no_ecdhe = 1; 1221 } 1222 #endif 1223 #ifndef OPENSSL_NO_PSK 1224 else if (strcmp(*argv, "-psk_hint") == 0) { 1225 if (--argc < 1) 1226 goto bad; 1227 psk_identity_hint = *(++argv); 1228 } else if (strcmp(*argv, "-psk") == 0) { 1229 size_t i; 1230 1231 if (--argc < 1) 1232 goto bad; 1233 psk_key = *(++argv); 1234 for (i = 0; i < strlen(psk_key); i++) { 1235 if (isxdigit((unsigned char)psk_key[i])) 1236 continue; 1237 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv); 1238 goto bad; 1239 } 1240 } 1241 #endif 1242 #ifndef OPENSSL_NO_SRP 1243 else if (strcmp(*argv, "-srpvfile") == 0) { 1244 if (--argc < 1) 1245 goto bad; 1246 srp_verifier_file = *(++argv); 1247 meth = TLSv1_server_method(); 1248 } else if (strcmp(*argv, "-srpuserseed") == 0) { 1249 if (--argc < 1) 1250 goto bad; 1251 srpuserseed = *(++argv); 1252 meth = TLSv1_server_method(); 1253 } 1254 #endif 1255 else if (strcmp(*argv, "-www") == 0) { 1256 www = 1; 1257 } else if (strcmp(*argv, "-WWW") == 0) { 1258 www = 2; 1259 } else if (strcmp(*argv, "-HTTP") == 0) { 1260 www = 3; 1261 } else if (strcmp(*argv, "-no_ssl2") == 0) { 1262 off |= SSL_OP_NO_SSLv2; 1263 } else if (strcmp(*argv, "-no_ssl3") == 0) { 1264 off |= SSL_OP_NO_SSLv3; 1265 } else if (strcmp(*argv, "-no_tls1") == 0) { 1266 off |= SSL_OP_NO_TLSv1; 1267 } else if (strcmp(*argv, "-no_tls1_1") == 0) { 1268 off |= SSL_OP_NO_TLSv1_1; 1269 } else if (strcmp(*argv, "-no_tls1_2") == 0) { 1270 off |= SSL_OP_NO_TLSv1_2; 1271 } else if (strcmp(*argv, "-no_comp") == 0) { 1272 off |= SSL_OP_NO_COMPRESSION; 1273 } 1274 #ifndef OPENSSL_NO_TLSEXT 1275 else if (strcmp(*argv, "-no_ticket") == 0) { 1276 off |= SSL_OP_NO_TICKET; 1277 } 1278 #endif 1279 #ifndef OPENSSL_NO_SSL2 1280 else if (strcmp(*argv, "-ssl2") == 0) { 1281 meth = SSLv2_server_method(); 1282 } 1283 #endif 1284 #ifndef OPENSSL_NO_SSL3_METHOD 1285 else if (strcmp(*argv, "-ssl3") == 0) { 1286 meth = SSLv3_server_method(); 1287 } 1288 #endif 1289 #ifndef OPENSSL_NO_TLS1 1290 else if (strcmp(*argv, "-tls1") == 0) { 1291 meth = TLSv1_server_method(); 1292 } else if (strcmp(*argv, "-tls1_1") == 0) { 1293 meth = TLSv1_1_server_method(); 1294 } else if (strcmp(*argv, "-tls1_2") == 0) { 1295 meth = TLSv1_2_server_method(); 1296 } 1297 #endif 1298 #ifndef OPENSSL_NO_DTLS1 1299 else if (strcmp(*argv, "-dtls1") == 0) { 1300 meth = DTLSv1_server_method(); 1301 socket_type = SOCK_DGRAM; 1302 } else if (strcmp(*argv, "-timeout") == 0) 1303 enable_timeouts = 1; 1304 else if (strcmp(*argv, "-mtu") == 0) { 1305 if (--argc < 1) 1306 goto bad; 1307 socket_mtu = atol(*(++argv)); 1308 } else if (strcmp(*argv, "-chain") == 0) 1309 cert_chain = 1; 1310 #endif 1311 else if (strcmp(*argv, "-id_prefix") == 0) { 1312 if (--argc < 1) 1313 goto bad; 1314 session_id_prefix = *(++argv); 1315 } 1316 #ifndef OPENSSL_NO_ENGINE 1317 else if (strcmp(*argv, "-engine") == 0) { 1318 if (--argc < 1) 1319 goto bad; 1320 engine_id = *(++argv); 1321 } 1322 #endif 1323 else if (strcmp(*argv, "-rand") == 0) { 1324 if (--argc < 1) 1325 goto bad; 1326 inrand = *(++argv); 1327 } 1328 #ifndef OPENSSL_NO_TLSEXT 1329 else if (strcmp(*argv, "-servername") == 0) { 1330 if (--argc < 1) 1331 goto bad; 1332 tlsextcbp.servername = *(++argv); 1333 } else if (strcmp(*argv, "-servername_fatal") == 0) { 1334 tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; 1335 } else if (strcmp(*argv, "-cert2") == 0) { 1336 if (--argc < 1) 1337 goto bad; 1338 s_cert_file2 = *(++argv); 1339 } else if (strcmp(*argv, "-key2") == 0) { 1340 if (--argc < 1) 1341 goto bad; 1342 s_key_file2 = *(++argv); 1343 } 1344 # ifndef OPENSSL_NO_NEXTPROTONEG 1345 else if (strcmp(*argv, "-nextprotoneg") == 0) { 1346 if (--argc < 1) 1347 goto bad; 1348 next_proto_neg_in = *(++argv); 1349 } 1350 # endif 1351 #endif 1352 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1353 else if (strcmp(*argv, "-jpake") == 0) { 1354 if (--argc < 1) 1355 goto bad; 1356 jpake_secret = *(++argv); 1357 } 1358 #endif 1359 #ifndef OPENSSL_NO_SRTP 1360 else if (strcmp(*argv, "-use_srtp") == 0) { 1361 if (--argc < 1) 1362 goto bad; 1363 srtp_profiles = *(++argv); 1364 } 1365 #endif 1366 else if (strcmp(*argv, "-keymatexport") == 0) { 1367 if (--argc < 1) 1368 goto bad; 1369 keymatexportlabel = *(++argv); 1370 } else if (strcmp(*argv, "-keymatexportlen") == 0) { 1371 if (--argc < 1) 1372 goto bad; 1373 keymatexportlen = atoi(*(++argv)); 1374 if (keymatexportlen == 0) 1375 goto bad; 1376 } else { 1377 BIO_printf(bio_err, "unknown option %s\n", *argv); 1378 badop = 1; 1379 break; 1380 } 1381 argc--; 1382 argv++; 1383 } 1384 if (badop) { 1385 bad: 1386 sv_usage(); 1387 goto end; 1388 } 1389 #ifndef OPENSSL_NO_DTLS1 1390 if (www && socket_type == SOCK_DGRAM) { 1391 BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n"); 1392 goto end; 1393 } 1394 #endif 1395 1396 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1397 if (jpake_secret) { 1398 if (psk_key) { 1399 BIO_printf(bio_err, "Can't use JPAKE and PSK together\n"); 1400 goto end; 1401 } 1402 psk_identity = "JPAKE"; 1403 if (cipher) { 1404 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1405 goto end; 1406 } 1407 cipher = "PSK"; 1408 } 1409 #endif 1410 1411 SSL_load_error_strings(); 1412 OpenSSL_add_ssl_algorithms(); 1413 1414 #ifndef OPENSSL_NO_ENGINE 1415 e = setup_engine(bio_err, engine_id, 1); 1416 #endif 1417 1418 if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) { 1419 BIO_printf(bio_err, "Error getting password\n"); 1420 goto end; 1421 } 1422 1423 if (s_key_file == NULL) 1424 s_key_file = s_cert_file; 1425 #ifndef OPENSSL_NO_TLSEXT 1426 if (s_key_file2 == NULL) 1427 s_key_file2 = s_cert_file2; 1428 #endif 1429 1430 if (nocert == 0) { 1431 s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, 1432 "server certificate private key file"); 1433 if (!s_key) { 1434 ERR_print_errors(bio_err); 1435 goto end; 1436 } 1437 1438 s_cert = load_cert(bio_err, s_cert_file, s_cert_format, 1439 NULL, e, "server certificate file"); 1440 1441 if (!s_cert) { 1442 ERR_print_errors(bio_err); 1443 goto end; 1444 } 1445 #ifndef OPENSSL_NO_TLSEXT 1446 if (tlsextcbp.servername) { 1447 s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, 1448 "second server certificate private key file"); 1449 if (!s_key2) { 1450 ERR_print_errors(bio_err); 1451 goto end; 1452 } 1453 1454 s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format, 1455 NULL, e, "second server certificate file"); 1456 1457 if (!s_cert2) { 1458 ERR_print_errors(bio_err); 1459 goto end; 1460 } 1461 } 1462 #endif 1463 } 1464 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 1465 if (next_proto_neg_in) { 1466 unsigned short len; 1467 next_proto.data = next_protos_parse(&len, next_proto_neg_in); 1468 if (next_proto.data == NULL) 1469 goto end; 1470 next_proto.len = len; 1471 } else { 1472 next_proto.data = NULL; 1473 } 1474 #endif 1475 1476 if (s_dcert_file) { 1477 1478 if (s_dkey_file == NULL) 1479 s_dkey_file = s_dcert_file; 1480 1481 s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, 1482 0, dpass, e, "second certificate private key file"); 1483 if (!s_dkey) { 1484 ERR_print_errors(bio_err); 1485 goto end; 1486 } 1487 1488 s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format, 1489 NULL, e, "second server certificate file"); 1490 1491 if (!s_dcert) { 1492 ERR_print_errors(bio_err); 1493 goto end; 1494 } 1495 1496 } 1497 1498 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1499 && !RAND_status()) { 1500 BIO_printf(bio_err, 1501 "warning, not much extra random data, consider using the -rand option\n"); 1502 } 1503 if (inrand != NULL) 1504 BIO_printf(bio_err, "%ld semi-random bytes loaded\n", 1505 app_RAND_load_files(inrand)); 1506 1507 if (bio_s_out == NULL) { 1508 if (s_quiet && !s_debug && !s_msg) { 1509 bio_s_out = BIO_new(BIO_s_null()); 1510 } else { 1511 if (bio_s_out == NULL) 1512 bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE); 1513 } 1514 } 1515 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) 1516 if (nocert) 1517 #endif 1518 { 1519 s_cert_file = NULL; 1520 s_key_file = NULL; 1521 s_dcert_file = NULL; 1522 s_dkey_file = NULL; 1523 #ifndef OPENSSL_NO_TLSEXT 1524 s_cert_file2 = NULL; 1525 s_key_file2 = NULL; 1526 #endif 1527 } 1528 1529 ctx = SSL_CTX_new(meth); 1530 if (ctx == NULL) { 1531 ERR_print_errors(bio_err); 1532 goto end; 1533 } 1534 if (session_id_prefix) { 1535 if (strlen(session_id_prefix) >= 32) 1536 BIO_printf(bio_err, 1537 "warning: id_prefix is too long, only one new session will be possible\n"); 1538 else if (strlen(session_id_prefix) >= 16) 1539 BIO_printf(bio_err, 1540 "warning: id_prefix is too long if you use SSLv2\n"); 1541 if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) { 1542 BIO_printf(bio_err, "error setting 'id_prefix'\n"); 1543 ERR_print_errors(bio_err); 1544 goto end; 1545 } 1546 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix); 1547 } 1548 SSL_CTX_set_quiet_shutdown(ctx, 1); 1549 if (bugs) 1550 SSL_CTX_set_options(ctx, SSL_OP_ALL); 1551 if (hack) 1552 SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1553 SSL_CTX_set_options(ctx, off); 1554 1555 if (state) 1556 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback); 1557 if (no_cache) 1558 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); 1559 else 1560 SSL_CTX_sess_set_cache_size(ctx, 128); 1561 1562 #ifndef OPENSSL_NO_SRTP 1563 if (srtp_profiles != NULL) 1564 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1565 #endif 1566 1567 #if 0 1568 if (cipher == NULL) 1569 cipher = getenv("SSL_CIPHER"); 1570 #endif 1571 1572 #if 0 1573 if (s_cert_file == NULL) { 1574 BIO_printf(bio_err, 1575 "You must specify a certificate file for the server to use\n"); 1576 goto end; 1577 } 1578 #endif 1579 1580 if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) || 1581 (!SSL_CTX_set_default_verify_paths(ctx))) { 1582 /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ 1583 ERR_print_errors(bio_err); 1584 /* goto end; */ 1585 } 1586 if (vpm) 1587 SSL_CTX_set1_param(ctx, vpm); 1588 1589 #ifndef OPENSSL_NO_TLSEXT 1590 if (s_cert2) { 1591 ctx2 = SSL_CTX_new(meth); 1592 if (ctx2 == NULL) { 1593 ERR_print_errors(bio_err); 1594 goto end; 1595 } 1596 } 1597 1598 if (ctx2) { 1599 BIO_printf(bio_s_out, "Setting secondary ctx parameters\n"); 1600 1601 if (session_id_prefix) { 1602 if (strlen(session_id_prefix) >= 32) 1603 BIO_printf(bio_err, 1604 "warning: id_prefix is too long, only one new session will be possible\n"); 1605 else if (strlen(session_id_prefix) >= 16) 1606 BIO_printf(bio_err, 1607 "warning: id_prefix is too long if you use SSLv2\n"); 1608 if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) { 1609 BIO_printf(bio_err, "error setting 'id_prefix'\n"); 1610 ERR_print_errors(bio_err); 1611 goto end; 1612 } 1613 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix); 1614 } 1615 SSL_CTX_set_quiet_shutdown(ctx2, 1); 1616 if (bugs) 1617 SSL_CTX_set_options(ctx2, SSL_OP_ALL); 1618 if (hack) 1619 SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1620 SSL_CTX_set_options(ctx2, off); 1621 1622 if (state) 1623 SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback); 1624 1625 if (no_cache) 1626 SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF); 1627 else 1628 SSL_CTX_sess_set_cache_size(ctx2, 128); 1629 1630 if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) || 1631 (!SSL_CTX_set_default_verify_paths(ctx2))) { 1632 ERR_print_errors(bio_err); 1633 } 1634 if (vpm) 1635 SSL_CTX_set1_param(ctx2, vpm); 1636 } 1637 # ifndef OPENSSL_NO_NEXTPROTONEG 1638 if (next_proto.data) 1639 SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, 1640 &next_proto); 1641 # endif 1642 #endif 1643 1644 #ifndef OPENSSL_NO_DH 1645 if (!no_dhe) { 1646 DH *dh = NULL; 1647 1648 if (dhfile) 1649 dh = load_dh_param(dhfile); 1650 else if (s_cert_file) 1651 dh = load_dh_param(s_cert_file); 1652 1653 if (dh != NULL) { 1654 BIO_printf(bio_s_out, "Setting temp DH parameters\n"); 1655 } else { 1656 BIO_printf(bio_s_out, "Using default temp DH parameters\n"); 1657 dh = get_dh512(); 1658 } 1659 (void)BIO_flush(bio_s_out); 1660 1661 SSL_CTX_set_tmp_dh(ctx, dh); 1662 # ifndef OPENSSL_NO_TLSEXT 1663 if (ctx2) { 1664 if (!dhfile) { 1665 DH *dh2 = load_dh_param(s_cert_file2); 1666 if (dh2 != NULL) { 1667 BIO_printf(bio_s_out, "Setting temp DH parameters\n"); 1668 (void)BIO_flush(bio_s_out); 1669 1670 DH_free(dh); 1671 dh = dh2; 1672 } 1673 } 1674 SSL_CTX_set_tmp_dh(ctx2, dh); 1675 } 1676 # endif 1677 DH_free(dh); 1678 } 1679 #endif 1680 1681 #ifndef OPENSSL_NO_ECDH 1682 if (!no_ecdhe) { 1683 EC_KEY *ecdh = NULL; 1684 1685 if (named_curve) { 1686 int nid = OBJ_sn2nid(named_curve); 1687 1688 if (nid == 0) { 1689 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 1690 goto end; 1691 } 1692 ecdh = EC_KEY_new_by_curve_name(nid); 1693 if (ecdh == NULL) { 1694 BIO_printf(bio_err, "unable to create curve (%s)\n", 1695 named_curve); 1696 goto end; 1697 } 1698 } 1699 1700 if (ecdh != NULL) { 1701 BIO_printf(bio_s_out, "Setting temp ECDH parameters\n"); 1702 } else { 1703 BIO_printf(bio_s_out, "Using default temp ECDH parameters\n"); 1704 ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); 1705 if (ecdh == NULL) { 1706 BIO_printf(bio_err, "unable to create curve (nistp256)\n"); 1707 goto end; 1708 } 1709 } 1710 (void)BIO_flush(bio_s_out); 1711 1712 SSL_CTX_set_tmp_ecdh(ctx, ecdh); 1713 # ifndef OPENSSL_NO_TLSEXT 1714 if (ctx2) 1715 SSL_CTX_set_tmp_ecdh(ctx2, ecdh); 1716 # endif 1717 EC_KEY_free(ecdh); 1718 } 1719 #endif 1720 1721 if (!set_cert_key_stuff(ctx, s_cert, s_key)) 1722 goto end; 1723 #ifndef OPENSSL_NO_TLSEXT 1724 if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2)) 1725 goto end; 1726 #endif 1727 if (s_dcert != NULL) { 1728 if (!set_cert_key_stuff(ctx, s_dcert, s_dkey)) 1729 goto end; 1730 } 1731 #ifndef OPENSSL_NO_RSA 1732 # if 1 1733 if (!no_tmp_rsa) { 1734 SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb); 1735 # ifndef OPENSSL_NO_TLSEXT 1736 if (ctx2) 1737 SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb); 1738 # endif 1739 } 1740 # else 1741 if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) { 1742 RSA *rsa; 1743 1744 BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key..."); 1745 BIO_flush(bio_s_out); 1746 1747 rsa = RSA_generate_key(512, RSA_F4, NULL); 1748 1749 if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) { 1750 ERR_print_errors(bio_err); 1751 goto end; 1752 } 1753 # ifndef OPENSSL_NO_TLSEXT 1754 if (ctx2) { 1755 if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) { 1756 ERR_print_errors(bio_err); 1757 goto end; 1758 } 1759 } 1760 # endif 1761 RSA_free(rsa); 1762 BIO_printf(bio_s_out, "\n"); 1763 } 1764 # endif 1765 #endif 1766 1767 #ifndef OPENSSL_NO_PSK 1768 # ifdef OPENSSL_NO_JPAKE 1769 if (psk_key != NULL) 1770 # else 1771 if (psk_key != NULL || jpake_secret) 1772 # endif 1773 { 1774 if (s_debug) 1775 BIO_printf(bio_s_out, 1776 "PSK key given or JPAKE in use, setting server callback\n"); 1777 SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); 1778 } 1779 1780 if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) { 1781 BIO_printf(bio_err, "error setting PSK identity hint to context\n"); 1782 ERR_print_errors(bio_err); 1783 goto end; 1784 } 1785 #endif 1786 1787 if (cipher != NULL) { 1788 if (!SSL_CTX_set_cipher_list(ctx, cipher)) { 1789 BIO_printf(bio_err, "error setting cipher list\n"); 1790 ERR_print_errors(bio_err); 1791 goto end; 1792 } 1793 #ifndef OPENSSL_NO_TLSEXT 1794 if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) { 1795 BIO_printf(bio_err, "error setting cipher list\n"); 1796 ERR_print_errors(bio_err); 1797 goto end; 1798 } 1799 #endif 1800 } 1801 SSL_CTX_set_verify(ctx, s_server_verify, verify_callback); 1802 SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context, 1803 sizeof s_server_session_id_context); 1804 1805 /* Set DTLS cookie generation and verification callbacks */ 1806 SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); 1807 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); 1808 1809 #ifndef OPENSSL_NO_TLSEXT 1810 if (ctx2) { 1811 SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback); 1812 SSL_CTX_set_session_id_context(ctx2, 1813 (void *)&s_server_session_id_context, 1814 sizeof s_server_session_id_context); 1815 1816 tlsextcbp.biodebug = bio_s_out; 1817 SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); 1818 SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); 1819 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1820 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1821 } 1822 #endif 1823 1824 #ifndef OPENSSL_NO_SRP 1825 if (srp_verifier_file != NULL) { 1826 srp_callback_parm.vb = SRP_VBASE_new(srpuserseed); 1827 srp_callback_parm.user = NULL; 1828 srp_callback_parm.login = NULL; 1829 if ((ret = 1830 SRP_VBASE_init(srp_callback_parm.vb, 1831 srp_verifier_file)) != SRP_NO_ERROR) { 1832 BIO_printf(bio_err, 1833 "Cannot initialize SRP verifier file \"%s\":ret=%d\n", 1834 srp_verifier_file, ret); 1835 goto end; 1836 } 1837 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback); 1838 SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm); 1839 SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb); 1840 } else 1841 #endif 1842 if (CAfile != NULL) { 1843 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile)); 1844 #ifndef OPENSSL_NO_TLSEXT 1845 if (ctx2) 1846 SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile)); 1847 #endif 1848 } 1849 1850 BIO_printf(bio_s_out, "ACCEPT\n"); 1851 (void)BIO_flush(bio_s_out); 1852 if (www) 1853 do_server(port, socket_type, &accept_socket, www_body, context); 1854 else 1855 do_server(port, socket_type, &accept_socket, sv_body, context); 1856 print_stats(bio_s_out, ctx); 1857 ret = 0; 1858 end: 1859 if (ctx != NULL) 1860 SSL_CTX_free(ctx); 1861 if (s_cert) 1862 X509_free(s_cert); 1863 if (s_dcert) 1864 X509_free(s_dcert); 1865 if (s_key) 1866 EVP_PKEY_free(s_key); 1867 if (s_dkey) 1868 EVP_PKEY_free(s_dkey); 1869 if (pass) 1870 OPENSSL_free(pass); 1871 if (dpass) 1872 OPENSSL_free(dpass); 1873 if (vpm) 1874 X509_VERIFY_PARAM_free(vpm); 1875 #ifndef OPENSSL_NO_TLSEXT 1876 if (tlscstatp.host) 1877 OPENSSL_free(tlscstatp.host); 1878 if (tlscstatp.port) 1879 OPENSSL_free(tlscstatp.port); 1880 if (tlscstatp.path) 1881 OPENSSL_free(tlscstatp.path); 1882 if (ctx2 != NULL) 1883 SSL_CTX_free(ctx2); 1884 if (s_cert2) 1885 X509_free(s_cert2); 1886 if (s_key2) 1887 EVP_PKEY_free(s_key2); 1888 #endif 1889 if (bio_s_out != NULL) { 1890 BIO_free(bio_s_out); 1891 bio_s_out = NULL; 1892 } 1893 apps_shutdown(); 1894 OPENSSL_EXIT(ret); 1895 } 1896 1897 static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) 1898 { 1899 BIO_printf(bio, "%4ld items in the session cache\n", 1900 SSL_CTX_sess_number(ssl_ctx)); 1901 BIO_printf(bio, "%4ld client connects (SSL_connect())\n", 1902 SSL_CTX_sess_connect(ssl_ctx)); 1903 BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n", 1904 SSL_CTX_sess_connect_renegotiate(ssl_ctx)); 1905 BIO_printf(bio, "%4ld client connects that finished\n", 1906 SSL_CTX_sess_connect_good(ssl_ctx)); 1907 BIO_printf(bio, "%4ld server accepts (SSL_accept())\n", 1908 SSL_CTX_sess_accept(ssl_ctx)); 1909 BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n", 1910 SSL_CTX_sess_accept_renegotiate(ssl_ctx)); 1911 BIO_printf(bio, "%4ld server accepts that finished\n", 1912 SSL_CTX_sess_accept_good(ssl_ctx)); 1913 BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx)); 1914 BIO_printf(bio, "%4ld session cache misses\n", 1915 SSL_CTX_sess_misses(ssl_ctx)); 1916 BIO_printf(bio, "%4ld session cache timeouts\n", 1917 SSL_CTX_sess_timeouts(ssl_ctx)); 1918 BIO_printf(bio, "%4ld callback cache hits\n", 1919 SSL_CTX_sess_cb_hits(ssl_ctx)); 1920 BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n", 1921 SSL_CTX_sess_cache_full(ssl_ctx), 1922 SSL_CTX_sess_get_cache_size(ssl_ctx)); 1923 } 1924 1925 static int sv_body(char *hostname, int s, unsigned char *context) 1926 { 1927 char *buf = NULL; 1928 fd_set readfds; 1929 int ret = 1, width; 1930 int k, i, fdin; 1931 unsigned long l; 1932 SSL *con = NULL; 1933 BIO *sbio; 1934 #ifndef OPENSSL_NO_KRB5 1935 KSSL_CTX *kctx; 1936 #endif 1937 struct timeval timeout; 1938 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1939 struct timeval tv; 1940 #else 1941 struct timeval *timeoutp; 1942 #endif 1943 1944 if ((buf = OPENSSL_malloc(bufsize)) == NULL) { 1945 BIO_printf(bio_err, "out of memory\n"); 1946 goto err; 1947 } 1948 #ifdef FIONBIO 1949 if (s_nbio) { 1950 unsigned long sl = 1; 1951 1952 if (!s_quiet) 1953 BIO_printf(bio_err, "turning on non blocking io\n"); 1954 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0) 1955 ERR_print_errors(bio_err); 1956 } 1957 #endif 1958 1959 if (con == NULL) { 1960 con = SSL_new(ctx); 1961 #ifndef OPENSSL_NO_TLSEXT 1962 if (s_tlsextdebug) { 1963 SSL_set_tlsext_debug_callback(con, tlsext_cb); 1964 SSL_set_tlsext_debug_arg(con, bio_s_out); 1965 } 1966 if (s_tlsextstatus) { 1967 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); 1968 tlscstatp.err = bio_err; 1969 SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); 1970 } 1971 #endif 1972 #ifndef OPENSSL_NO_KRB5 1973 if ((kctx = kssl_ctx_new()) != NULL) { 1974 SSL_set0_kssl_ctx(con, kctx); 1975 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 1976 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 1977 } 1978 #endif /* OPENSSL_NO_KRB5 */ 1979 if (context) 1980 SSL_set_session_id_context(con, context, strlen((char *)context)); 1981 } 1982 SSL_clear(con); 1983 #if 0 1984 # ifdef TLSEXT_TYPE_opaque_prf_input 1985 SSL_set_tlsext_opaque_prf_input(con, "Test server", 11); 1986 # endif 1987 #endif 1988 1989 if (SSL_version(con) == DTLS1_VERSION) { 1990 1991 sbio = BIO_new_dgram(s, BIO_NOCLOSE); 1992 1993 if (enable_timeouts) { 1994 timeout.tv_sec = 0; 1995 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1996 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 1997 1998 timeout.tv_sec = 0; 1999 timeout.tv_usec = DGRAM_SND_TIMEOUT; 2000 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 2001 } 2002 2003 if (socket_mtu) { 2004 if (socket_mtu < DTLS_get_link_min_mtu(con)) { 2005 BIO_printf(bio_err, "MTU too small. Must be at least %ld\n", 2006 DTLS_get_link_min_mtu(con)); 2007 ret = -1; 2008 BIO_free(sbio); 2009 goto err; 2010 } 2011 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 2012 if (!DTLS_set_link_mtu(con, socket_mtu)) { 2013 BIO_printf(bio_err, "Failed to set MTU\n"); 2014 ret = -1; 2015 BIO_free(sbio); 2016 goto err; 2017 } 2018 } else 2019 /* want to do MTU discovery */ 2020 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 2021 2022 /* turn on cookie exchange */ 2023 SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); 2024 } else 2025 sbio = BIO_new_socket(s, BIO_NOCLOSE); 2026 2027 if (s_nbio_test) { 2028 BIO *test; 2029 2030 test = BIO_new(BIO_f_nbio_test()); 2031 sbio = BIO_push(test, sbio); 2032 } 2033 #ifndef OPENSSL_NO_JPAKE 2034 if (jpake_secret) 2035 jpake_server_auth(bio_s_out, sbio, jpake_secret); 2036 #endif 2037 2038 SSL_set_bio(con, sbio, sbio); 2039 SSL_set_accept_state(con); 2040 /* SSL_set_fd(con,s); */ 2041 2042 if (s_debug) { 2043 SSL_set_debug(con, 1); 2044 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback); 2045 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out); 2046 } 2047 if (s_msg) { 2048 SSL_set_msg_callback(con, msg_cb); 2049 SSL_set_msg_callback_arg(con, bio_s_out); 2050 } 2051 #ifndef OPENSSL_NO_TLSEXT 2052 if (s_tlsextdebug) { 2053 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2054 SSL_set_tlsext_debug_arg(con, bio_s_out); 2055 } 2056 #endif 2057 2058 width = s + 1; 2059 for (;;) { 2060 int read_from_terminal; 2061 int read_from_sslcon; 2062 2063 read_from_terminal = 0; 2064 read_from_sslcon = SSL_pending(con); 2065 2066 if (!read_from_sslcon) { 2067 fdin = fileno(stdin); 2068 if (fdin < 0) { 2069 BIO_printf(bio_err,"Bad fileno for stdin\n"); 2070 goto err; 2071 } 2072 FD_ZERO(&readfds); 2073 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5) 2074 openssl_fdset(fdin, &readfds); 2075 #endif 2076 openssl_fdset(s, &readfds); 2077 /* 2078 * Note: under VMS with SOCKETSHR the second parameter is 2079 * currently of type (int *) whereas under other systems it is 2080 * (void *) if you don't have a cast it will choke the compiler: 2081 * if you do have a cast then you can either go for (int *) or 2082 * (void *). 2083 */ 2084 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) 2085 /* 2086 * Under DOS (non-djgpp) and Windows we can't select on stdin: 2087 * only on sockets. As a workaround we timeout the select every 2088 * second and check for any keypress. In a proper Windows 2089 * application we wouldn't do this because it is inefficient. 2090 */ 2091 tv.tv_sec = 1; 2092 tv.tv_usec = 0; 2093 i = select(width, (void *)&readfds, NULL, NULL, &tv); 2094 if ((i < 0) || (!i && !_kbhit())) 2095 continue; 2096 if (_kbhit()) 2097 read_from_terminal = 1; 2098 #elif defined(OPENSSL_SYS_BEOS_R5) 2099 /* Under BeOS-R5 the situation is similar to DOS */ 2100 tv.tv_sec = 1; 2101 tv.tv_usec = 0; 2102 (void)fcntl(fdin, F_SETFL, O_NONBLOCK); 2103 i = select(width, (void *)&readfds, NULL, NULL, &tv); 2104 if ((i < 0) || (!i && read(fdin, buf, 0) < 0)) 2105 continue; 2106 if (read(fdin, buf, 0) >= 0) 2107 read_from_terminal = 1; 2108 (void)fcntl(fdin, F_SETFL, 0); 2109 #else 2110 if ((SSL_version(con) == DTLS1_VERSION) && 2111 DTLSv1_get_timeout(con, &timeout)) 2112 timeoutp = &timeout; 2113 else 2114 timeoutp = NULL; 2115 2116 i = select(width, (void *)&readfds, NULL, NULL, timeoutp); 2117 2118 if ((SSL_version(con) == DTLS1_VERSION) 2119 && DTLSv1_handle_timeout(con) > 0) { 2120 BIO_printf(bio_err, "TIMEOUT occured\n"); 2121 } 2122 2123 if (i <= 0) 2124 continue; 2125 if (FD_ISSET(fdin, &readfds)) 2126 read_from_terminal = 1; 2127 #endif 2128 if (FD_ISSET(s, &readfds)) 2129 read_from_sslcon = 1; 2130 } 2131 if (read_from_terminal) { 2132 if (s_crlf) { 2133 int j, lf_num; 2134 2135 i = raw_read_stdin(buf, bufsize / 2); 2136 lf_num = 0; 2137 /* both loops are skipped when i <= 0 */ 2138 for (j = 0; j < i; j++) 2139 if (buf[j] == '\n') 2140 lf_num++; 2141 for (j = i - 1; j >= 0; j--) { 2142 buf[j + lf_num] = buf[j]; 2143 if (buf[j] == '\n') { 2144 lf_num--; 2145 i++; 2146 buf[j + lf_num] = '\r'; 2147 } 2148 } 2149 assert(lf_num == 0); 2150 } else 2151 i = raw_read_stdin(buf, bufsize); 2152 if (!s_quiet) { 2153 if ((i <= 0) || (buf[0] == 'Q')) { 2154 BIO_printf(bio_s_out, "DONE\n"); 2155 SHUTDOWN(s); 2156 close_accept_socket(); 2157 ret = -11; 2158 goto err; 2159 } 2160 if ((i <= 0) || (buf[0] == 'q')) { 2161 BIO_printf(bio_s_out, "DONE\n"); 2162 if (SSL_version(con) != DTLS1_VERSION) 2163 SHUTDOWN(s); 2164 /* 2165 * close_accept_socket(); ret= -11; 2166 */ 2167 goto err; 2168 } 2169 #ifndef OPENSSL_NO_HEARTBEATS 2170 if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) { 2171 BIO_printf(bio_err, "HEARTBEATING\n"); 2172 SSL_heartbeat(con); 2173 i = 0; 2174 continue; 2175 } 2176 #endif 2177 if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) { 2178 SSL_renegotiate(con); 2179 i = SSL_do_handshake(con); 2180 printf("SSL_do_handshake -> %d\n", i); 2181 i = 0; /* 13; */ 2182 continue; 2183 /* 2184 * strcpy(buf,"server side RE-NEGOTIATE\n"); 2185 */ 2186 } 2187 if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) { 2188 SSL_set_verify(con, 2189 SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, 2190 NULL); 2191 SSL_renegotiate(con); 2192 i = SSL_do_handshake(con); 2193 printf("SSL_do_handshake -> %d\n", i); 2194 i = 0; /* 13; */ 2195 continue; 2196 /* 2197 * strcpy(buf,"server side RE-NEGOTIATE asking for client 2198 * cert\n"); 2199 */ 2200 } 2201 if (buf[0] == 'P') { 2202 static const char *str = "Lets print some clear text\n"; 2203 BIO_write(SSL_get_wbio(con), str, strlen(str)); 2204 } 2205 if (buf[0] == 'S') { 2206 print_stats(bio_s_out, SSL_get_SSL_CTX(con)); 2207 } 2208 } 2209 #ifdef CHARSET_EBCDIC 2210 ebcdic2ascii(buf, buf, i); 2211 #endif 2212 l = k = 0; 2213 for (;;) { 2214 /* should do a select for the write */ 2215 #ifdef RENEG 2216 { 2217 static count = 0; 2218 if (++count == 100) { 2219 count = 0; 2220 SSL_renegotiate(con); 2221 } 2222 } 2223 #endif 2224 k = SSL_write(con, &(buf[l]), (unsigned int)i); 2225 #ifndef OPENSSL_NO_SRP 2226 while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) { 2227 BIO_printf(bio_s_out, "LOOKUP renego during write\n"); 2228 srp_callback_parm.user = 2229 SRP_VBASE_get_by_user(srp_callback_parm.vb, 2230 srp_callback_parm.login); 2231 if (srp_callback_parm.user) 2232 BIO_printf(bio_s_out, "LOOKUP done %s\n", 2233 srp_callback_parm.user->info); 2234 else 2235 BIO_printf(bio_s_out, "LOOKUP not successful\n"); 2236 k = SSL_write(con, &(buf[l]), (unsigned int)i); 2237 } 2238 #endif 2239 switch (SSL_get_error(con, k)) { 2240 case SSL_ERROR_NONE: 2241 break; 2242 case SSL_ERROR_WANT_WRITE: 2243 case SSL_ERROR_WANT_READ: 2244 case SSL_ERROR_WANT_X509_LOOKUP: 2245 BIO_printf(bio_s_out, "Write BLOCK\n"); 2246 break; 2247 case SSL_ERROR_SYSCALL: 2248 case SSL_ERROR_SSL: 2249 BIO_printf(bio_s_out, "ERROR\n"); 2250 ERR_print_errors(bio_err); 2251 ret = 1; 2252 goto err; 2253 /* break; */ 2254 case SSL_ERROR_ZERO_RETURN: 2255 BIO_printf(bio_s_out, "DONE\n"); 2256 ret = 1; 2257 goto err; 2258 } 2259 l += k; 2260 i -= k; 2261 if (i <= 0) 2262 break; 2263 } 2264 } 2265 if (read_from_sslcon) { 2266 if (!SSL_is_init_finished(con)) { 2267 i = init_ssl_connection(con); 2268 2269 if (i < 0) { 2270 ret = 0; 2271 goto err; 2272 } else if (i == 0) { 2273 ret = 1; 2274 goto err; 2275 } 2276 } else { 2277 again: 2278 i = SSL_read(con, (char *)buf, bufsize); 2279 #ifndef OPENSSL_NO_SRP 2280 while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { 2281 BIO_printf(bio_s_out, "LOOKUP renego during read\n"); 2282 srp_callback_parm.user = 2283 SRP_VBASE_get_by_user(srp_callback_parm.vb, 2284 srp_callback_parm.login); 2285 if (srp_callback_parm.user) 2286 BIO_printf(bio_s_out, "LOOKUP done %s\n", 2287 srp_callback_parm.user->info); 2288 else 2289 BIO_printf(bio_s_out, "LOOKUP not successful\n"); 2290 i = SSL_read(con, (char *)buf, bufsize); 2291 } 2292 #endif 2293 switch (SSL_get_error(con, i)) { 2294 case SSL_ERROR_NONE: 2295 #ifdef CHARSET_EBCDIC 2296 ascii2ebcdic(buf, buf, i); 2297 #endif 2298 raw_write_stdout(buf, (unsigned int)i); 2299 if (SSL_pending(con)) 2300 goto again; 2301 break; 2302 case SSL_ERROR_WANT_WRITE: 2303 case SSL_ERROR_WANT_READ: 2304 BIO_printf(bio_s_out, "Read BLOCK\n"); 2305 break; 2306 case SSL_ERROR_SYSCALL: 2307 case SSL_ERROR_SSL: 2308 BIO_printf(bio_s_out, "ERROR\n"); 2309 ERR_print_errors(bio_err); 2310 ret = 1; 2311 goto err; 2312 case SSL_ERROR_ZERO_RETURN: 2313 BIO_printf(bio_s_out, "DONE\n"); 2314 ret = 1; 2315 goto err; 2316 } 2317 } 2318 } 2319 } 2320 err: 2321 if (con != NULL) { 2322 BIO_printf(bio_s_out, "shutting down SSL\n"); 2323 #if 1 2324 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 2325 #else 2326 SSL_shutdown(con); 2327 #endif 2328 SSL_free(con); 2329 } 2330 BIO_printf(bio_s_out, "CONNECTION CLOSED\n"); 2331 if (buf != NULL) { 2332 OPENSSL_cleanse(buf, bufsize); 2333 OPENSSL_free(buf); 2334 } 2335 if (ret >= 0) 2336 BIO_printf(bio_s_out, "ACCEPT\n"); 2337 return (ret); 2338 } 2339 2340 static void close_accept_socket(void) 2341 { 2342 BIO_printf(bio_err, "shutdown accept socket\n"); 2343 if (accept_socket >= 0) { 2344 SHUTDOWN2(accept_socket); 2345 } 2346 } 2347 2348 static int init_ssl_connection(SSL *con) 2349 { 2350 int i; 2351 const char *str; 2352 X509 *peer; 2353 long verify_error; 2354 MS_STATIC char buf[BUFSIZ]; 2355 #ifndef OPENSSL_NO_KRB5 2356 char *client_princ; 2357 #endif 2358 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2359 const unsigned char *next_proto_neg; 2360 unsigned next_proto_neg_len; 2361 #endif 2362 unsigned char *exportedkeymat; 2363 2364 i = SSL_accept(con); 2365 #ifndef OPENSSL_NO_SRP 2366 while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { 2367 BIO_printf(bio_s_out, "LOOKUP during accept %s\n", 2368 srp_callback_parm.login); 2369 srp_callback_parm.user = 2370 SRP_VBASE_get_by_user(srp_callback_parm.vb, 2371 srp_callback_parm.login); 2372 if (srp_callback_parm.user) 2373 BIO_printf(bio_s_out, "LOOKUP done %s\n", 2374 srp_callback_parm.user->info); 2375 else 2376 BIO_printf(bio_s_out, "LOOKUP not successful\n"); 2377 i = SSL_accept(con); 2378 } 2379 #endif 2380 if (i <= 0) { 2381 if (BIO_sock_should_retry(i)) { 2382 BIO_printf(bio_s_out, "DELAY\n"); 2383 return (1); 2384 } 2385 2386 BIO_printf(bio_err, "ERROR\n"); 2387 verify_error = SSL_get_verify_result(con); 2388 if (verify_error != X509_V_OK) { 2389 BIO_printf(bio_err, "verify error:%s\n", 2390 X509_verify_cert_error_string(verify_error)); 2391 } else 2392 ERR_print_errors(bio_err); 2393 return (0); 2394 } 2395 2396 PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con)); 2397 2398 peer = SSL_get_peer_certificate(con); 2399 if (peer != NULL) { 2400 BIO_printf(bio_s_out, "Client certificate\n"); 2401 PEM_write_bio_X509(bio_s_out, peer); 2402 X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf); 2403 BIO_printf(bio_s_out, "subject=%s\n", buf); 2404 X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf); 2405 BIO_printf(bio_s_out, "issuer=%s\n", buf); 2406 X509_free(peer); 2407 } 2408 2409 if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL) 2410 BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf); 2411 str = SSL_CIPHER_get_name(SSL_get_current_cipher(con)); 2412 BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)"); 2413 2414 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2415 SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); 2416 if (next_proto_neg) { 2417 BIO_printf(bio_s_out, "NEXTPROTO is "); 2418 BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); 2419 BIO_printf(bio_s_out, "\n"); 2420 } 2421 #endif 2422 #ifndef OPENSSL_NO_SRTP 2423 { 2424 SRTP_PROTECTION_PROFILE *srtp_profile 2425 = SSL_get_selected_srtp_profile(con); 2426 2427 if (srtp_profile) 2428 BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n", 2429 srtp_profile->name); 2430 } 2431 #endif 2432 if (SSL_cache_hit(con)) 2433 BIO_printf(bio_s_out, "Reused session-id\n"); 2434 if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) & 2435 TLS1_FLAGS_TLS_PADDING_BUG) 2436 BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n"); 2437 #ifndef OPENSSL_NO_KRB5 2438 client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con)); 2439 if (client_princ != NULL) { 2440 BIO_printf(bio_s_out, "Kerberos peer principal is %s\n", 2441 client_princ); 2442 } 2443 #endif /* OPENSSL_NO_KRB5 */ 2444 BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", 2445 SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); 2446 if (keymatexportlabel != NULL) { 2447 BIO_printf(bio_s_out, "Keying material exporter:\n"); 2448 BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel); 2449 BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen); 2450 exportedkeymat = OPENSSL_malloc(keymatexportlen); 2451 if (exportedkeymat != NULL) { 2452 if (!SSL_export_keying_material(con, exportedkeymat, 2453 keymatexportlen, 2454 keymatexportlabel, 2455 strlen(keymatexportlabel), 2456 NULL, 0, 0)) { 2457 BIO_printf(bio_s_out, " Error\n"); 2458 } else { 2459 BIO_printf(bio_s_out, " Keying material: "); 2460 for (i = 0; i < keymatexportlen; i++) 2461 BIO_printf(bio_s_out, "%02X", exportedkeymat[i]); 2462 BIO_printf(bio_s_out, "\n"); 2463 } 2464 OPENSSL_free(exportedkeymat); 2465 } 2466 } 2467 2468 return (1); 2469 } 2470 2471 #ifndef OPENSSL_NO_DH 2472 static DH *load_dh_param(const char *dhfile) 2473 { 2474 DH *ret = NULL; 2475 BIO *bio; 2476 2477 if ((bio = BIO_new_file(dhfile, "r")) == NULL) 2478 goto err; 2479 ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); 2480 err: 2481 if (bio != NULL) 2482 BIO_free(bio); 2483 return (ret); 2484 } 2485 #endif 2486 #ifndef OPENSSL_NO_KRB5 2487 char *client_princ; 2488 #endif 2489 2490 #if 0 2491 static int load_CA(SSL_CTX *ctx, char *file) 2492 { 2493 FILE *in; 2494 X509 *x = NULL; 2495 2496 if ((in = fopen(file, "r")) == NULL) 2497 return (0); 2498 2499 for (;;) { 2500 if (PEM_read_X509(in, &x, NULL) == NULL) 2501 break; 2502 SSL_CTX_add_client_CA(ctx, x); 2503 } 2504 if (x != NULL) 2505 X509_free(x); 2506 fclose(in); 2507 return (1); 2508 } 2509 #endif 2510 2511 static int www_body(char *hostname, int s, unsigned char *context) 2512 { 2513 char *buf = NULL; 2514 int ret = 1; 2515 int i, j, k, dot; 2516 SSL *con; 2517 const SSL_CIPHER *c; 2518 BIO *io, *ssl_bio, *sbio; 2519 #ifndef OPENSSL_NO_KRB5 2520 KSSL_CTX *kctx; 2521 #endif 2522 2523 buf = OPENSSL_malloc(bufsize); 2524 if (buf == NULL) 2525 return (0); 2526 io = BIO_new(BIO_f_buffer()); 2527 ssl_bio = BIO_new(BIO_f_ssl()); 2528 if ((io == NULL) || (ssl_bio == NULL)) 2529 goto err; 2530 2531 #ifdef FIONBIO 2532 if (s_nbio) { 2533 unsigned long sl = 1; 2534 2535 if (!s_quiet) 2536 BIO_printf(bio_err, "turning on non blocking io\n"); 2537 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0) 2538 ERR_print_errors(bio_err); 2539 } 2540 #endif 2541 2542 /* lets make the output buffer a reasonable size */ 2543 if (!BIO_set_write_buffer_size(io, bufsize)) 2544 goto err; 2545 2546 if ((con = SSL_new(ctx)) == NULL) 2547 goto err; 2548 #ifndef OPENSSL_NO_TLSEXT 2549 if (s_tlsextdebug) { 2550 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2551 SSL_set_tlsext_debug_arg(con, bio_s_out); 2552 } 2553 #endif 2554 #ifndef OPENSSL_NO_KRB5 2555 if ((kctx = kssl_ctx_new()) != NULL) { 2556 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2557 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2558 } 2559 #endif /* OPENSSL_NO_KRB5 */ 2560 if (context) 2561 SSL_set_session_id_context(con, context, strlen((char *)context)); 2562 2563 sbio = BIO_new_socket(s, BIO_NOCLOSE); 2564 if (s_nbio_test) { 2565 BIO *test; 2566 2567 test = BIO_new(BIO_f_nbio_test()); 2568 sbio = BIO_push(test, sbio); 2569 } 2570 SSL_set_bio(con, sbio, sbio); 2571 SSL_set_accept_state(con); 2572 2573 /* SSL_set_fd(con,s); */ 2574 BIO_set_ssl(ssl_bio, con, BIO_CLOSE); 2575 BIO_push(io, ssl_bio); 2576 #ifdef CHARSET_EBCDIC 2577 io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io); 2578 #endif 2579 2580 if (s_debug) { 2581 SSL_set_debug(con, 1); 2582 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback); 2583 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out); 2584 } 2585 if (s_msg) { 2586 SSL_set_msg_callback(con, msg_cb); 2587 SSL_set_msg_callback_arg(con, bio_s_out); 2588 } 2589 2590 for (;;) { 2591 if (hack) { 2592 i = SSL_accept(con); 2593 #ifndef OPENSSL_NO_SRP 2594 while (i <= 0 2595 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { 2596 BIO_printf(bio_s_out, "LOOKUP during accept %s\n", 2597 srp_callback_parm.login); 2598 srp_callback_parm.user = 2599 SRP_VBASE_get_by_user(srp_callback_parm.vb, 2600 srp_callback_parm.login); 2601 if (srp_callback_parm.user) 2602 BIO_printf(bio_s_out, "LOOKUP done %s\n", 2603 srp_callback_parm.user->info); 2604 else 2605 BIO_printf(bio_s_out, "LOOKUP not successful\n"); 2606 i = SSL_accept(con); 2607 } 2608 #endif 2609 switch (SSL_get_error(con, i)) { 2610 case SSL_ERROR_NONE: 2611 break; 2612 case SSL_ERROR_WANT_WRITE: 2613 case SSL_ERROR_WANT_READ: 2614 case SSL_ERROR_WANT_X509_LOOKUP: 2615 continue; 2616 case SSL_ERROR_SYSCALL: 2617 case SSL_ERROR_SSL: 2618 case SSL_ERROR_ZERO_RETURN: 2619 ret = 1; 2620 goto err; 2621 /* break; */ 2622 } 2623 2624 SSL_renegotiate(con); 2625 SSL_write(con, NULL, 0); 2626 } 2627 2628 i = BIO_gets(io, buf, bufsize - 1); 2629 if (i < 0) { /* error */ 2630 if (!BIO_should_retry(io)) { 2631 if (!s_quiet) 2632 ERR_print_errors(bio_err); 2633 goto err; 2634 } else { 2635 BIO_printf(bio_s_out, "read R BLOCK\n"); 2636 #if defined(OPENSSL_SYS_NETWARE) 2637 delay(1000); 2638 #elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) 2639 sleep(1); 2640 #endif 2641 continue; 2642 } 2643 } else if (i == 0) { /* end of input */ 2644 ret = 1; 2645 goto end; 2646 } 2647 2648 /* else we have data */ 2649 if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) || 2650 ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) { 2651 char *p; 2652 X509 *peer; 2653 STACK_OF(SSL_CIPHER) *sk; 2654 static const char *space = " "; 2655 2656 BIO_puts(io, 2657 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2658 BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n"); 2659 BIO_puts(io, "<pre>\n"); 2660 /* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ 2661 BIO_puts(io, "\n"); 2662 for (i = 0; i < local_argc; i++) { 2663 BIO_puts(io, local_argv[i]); 2664 BIO_write(io, " ", 1); 2665 } 2666 BIO_puts(io, "\n"); 2667 2668 BIO_printf(io, 2669 "Secure Renegotiation IS%s supported\n", 2670 SSL_get_secure_renegotiation_support(con) ? 2671 "" : " NOT"); 2672 2673 /* 2674 * The following is evil and should not really be done 2675 */ 2676 BIO_printf(io, "Ciphers supported in s_server binary\n"); 2677 sk = SSL_get_ciphers(con); 2678 j = sk_SSL_CIPHER_num(sk); 2679 for (i = 0; i < j; i++) { 2680 c = sk_SSL_CIPHER_value(sk, i); 2681 BIO_printf(io, "%-11s:%-25s", 2682 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); 2683 if ((((i + 1) % 2) == 0) && (i + 1 != j)) 2684 BIO_puts(io, "\n"); 2685 } 2686 BIO_puts(io, "\n"); 2687 p = SSL_get_shared_ciphers(con, buf, bufsize); 2688 if (p != NULL) { 2689 BIO_printf(io, 2690 "---\nCiphers common between both SSL end points:\n"); 2691 j = i = 0; 2692 while (*p) { 2693 if (*p == ':') { 2694 BIO_write(io, space, 26 - j); 2695 i++; 2696 j = 0; 2697 BIO_write(io, ((i % 3) ? " " : "\n"), 1); 2698 } else { 2699 BIO_write(io, p, 1); 2700 j++; 2701 } 2702 p++; 2703 } 2704 BIO_puts(io, "\n"); 2705 } 2706 BIO_printf(io, (SSL_cache_hit(con) 2707 ? "---\nReused, " : "---\nNew, ")); 2708 c = SSL_get_current_cipher(con); 2709 BIO_printf(io, "%s, Cipher is %s\n", 2710 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); 2711 SSL_SESSION_print(io, SSL_get_session(con)); 2712 BIO_printf(io, "---\n"); 2713 print_stats(io, SSL_get_SSL_CTX(con)); 2714 BIO_printf(io, "---\n"); 2715 peer = SSL_get_peer_certificate(con); 2716 if (peer != NULL) { 2717 BIO_printf(io, "Client certificate\n"); 2718 X509_print(io, peer); 2719 PEM_write_bio_X509(io, peer); 2720 } else 2721 BIO_puts(io, "no client certificate available\n"); 2722 BIO_puts(io, "</BODY></HTML>\r\n\r\n"); 2723 break; 2724 } else if ((www == 2 || www == 3) 2725 && (strncmp("GET /", buf, 5) == 0)) { 2726 BIO *file; 2727 char *p, *e; 2728 static const char *text = 2729 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; 2730 2731 /* skip the '/' */ 2732 p = &(buf[5]); 2733 2734 dot = 1; 2735 for (e = p; *e != '\0'; e++) { 2736 if (e[0] == ' ') 2737 break; 2738 2739 switch (dot) { 2740 case 1: 2741 dot = (e[0] == '.') ? 2 : 0; 2742 break; 2743 case 2: 2744 dot = (e[0] == '.') ? 3 : 0; 2745 break; 2746 case 3: 2747 dot = (e[0] == '/') ? -1 : 0; 2748 break; 2749 } 2750 if (dot == 0) 2751 dot = (e[0] == '/') ? 1 : 0; 2752 } 2753 dot = (dot == 3) || (dot == -1); /* filename contains ".." 2754 * component */ 2755 2756 if (*e == '\0') { 2757 BIO_puts(io, text); 2758 BIO_printf(io, "'%s' is an invalid file name\r\n", p); 2759 break; 2760 } 2761 *e = '\0'; 2762 2763 if (dot) { 2764 BIO_puts(io, text); 2765 BIO_printf(io, "'%s' contains '..' reference\r\n", p); 2766 break; 2767 } 2768 2769 if (*p == '/') { 2770 BIO_puts(io, text); 2771 BIO_printf(io, "'%s' is an invalid path\r\n", p); 2772 break; 2773 } 2774 #if 0 2775 /* append if a directory lookup */ 2776 if (e[-1] == '/') 2777 strcat(p, "index.html"); 2778 #endif 2779 2780 /* if a directory, do the index thang */ 2781 if (app_isdir(p) > 0) { 2782 #if 0 /* must check buffer size */ 2783 strcat(p, "/index.html"); 2784 #else 2785 BIO_puts(io, text); 2786 BIO_printf(io, "'%s' is a directory\r\n", p); 2787 break; 2788 #endif 2789 } 2790 2791 if ((file = BIO_new_file(p, "r")) == NULL) { 2792 BIO_puts(io, text); 2793 BIO_printf(io, "Error opening '%s'\r\n", p); 2794 ERR_print_errors(io); 2795 break; 2796 } 2797 2798 if (!s_quiet) 2799 BIO_printf(bio_err, "FILE:%s\n", p); 2800 2801 if (www == 2) { 2802 i = strlen(p); 2803 if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) || 2804 ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) || 2805 ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0))) 2806 BIO_puts(io, 2807 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2808 else 2809 BIO_puts(io, 2810 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); 2811 } 2812 /* send the file */ 2813 for (;;) { 2814 i = BIO_read(file, buf, bufsize); 2815 if (i <= 0) 2816 break; 2817 2818 #ifdef RENEG 2819 total_bytes += i; 2820 fprintf(stderr, "%d\n", i); 2821 if (total_bytes > 3 * 1024) { 2822 total_bytes = 0; 2823 fprintf(stderr, "RENEGOTIATE\n"); 2824 SSL_renegotiate(con); 2825 } 2826 #endif 2827 2828 for (j = 0; j < i;) { 2829 #ifdef RENEG 2830 { 2831 static count = 0; 2832 if (++count == 13) { 2833 SSL_renegotiate(con); 2834 } 2835 } 2836 #endif 2837 k = BIO_write(io, &(buf[j]), i - j); 2838 if (k <= 0) { 2839 if (!BIO_should_retry(io)) 2840 goto write_error; 2841 else { 2842 BIO_printf(bio_s_out, "rwrite W BLOCK\n"); 2843 } 2844 } else { 2845 j += k; 2846 } 2847 } 2848 } 2849 write_error: 2850 BIO_free(file); 2851 break; 2852 } 2853 } 2854 2855 for (;;) { 2856 i = (int)BIO_flush(io); 2857 if (i <= 0) { 2858 if (!BIO_should_retry(io)) 2859 break; 2860 } else 2861 break; 2862 } 2863 end: 2864 #if 1 2865 /* make sure we re-use sessions */ 2866 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 2867 #else 2868 /* This kills performance */ 2869 /* 2870 * SSL_shutdown(con); A shutdown gets sent in the BIO_free_all(io) 2871 * procession 2872 */ 2873 #endif 2874 2875 err: 2876 2877 if (ret >= 0) 2878 BIO_printf(bio_s_out, "ACCEPT\n"); 2879 2880 if (buf != NULL) 2881 OPENSSL_free(buf); 2882 if (io != NULL) 2883 BIO_free_all(io); 2884 /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ 2885 return (ret); 2886 } 2887 2888 #ifndef OPENSSL_NO_RSA 2889 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2890 { 2891 BIGNUM *bn = NULL; 2892 static RSA *rsa_tmp = NULL; 2893 2894 if (!rsa_tmp && ((bn = BN_new()) == NULL)) 2895 BIO_printf(bio_err, "Allocation error in generating RSA key\n"); 2896 if (!rsa_tmp && bn) { 2897 if (!s_quiet) { 2898 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", 2899 keylength); 2900 (void)BIO_flush(bio_err); 2901 } 2902 if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || 2903 !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 2904 if (rsa_tmp) 2905 RSA_free(rsa_tmp); 2906 rsa_tmp = NULL; 2907 } 2908 if (!s_quiet) { 2909 BIO_printf(bio_err, "\n"); 2910 (void)BIO_flush(bio_err); 2911 } 2912 BN_free(bn); 2913 } 2914 return (rsa_tmp); 2915 } 2916 #endif 2917 2918 #define MAX_SESSION_ID_ATTEMPTS 10 2919 static int generate_session_id(const SSL *ssl, unsigned char *id, 2920 unsigned int *id_len) 2921 { 2922 unsigned int count = 0; 2923 do { 2924 RAND_pseudo_bytes(id, *id_len); 2925 /* 2926 * Prefix the session_id with the required prefix. NB: If our prefix 2927 * is too long, clip it - but there will be worse effects anyway, eg. 2928 * the server could only possibly create 1 session ID (ie. the 2929 * prefix!) so all future session negotiations will fail due to 2930 * conflicts. 2931 */ 2932 memcpy(id, session_id_prefix, 2933 (strlen(session_id_prefix) < *id_len) ? 2934 strlen(session_id_prefix) : *id_len); 2935 } 2936 while (SSL_has_matching_session_id(ssl, id, *id_len) && 2937 (++count < MAX_SESSION_ID_ATTEMPTS)); 2938 if (count >= MAX_SESSION_ID_ATTEMPTS) 2939 return 0; 2940 return 1; 2941 } 2942