1 /* ssl/ssltest.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly 144 on Linux and GNU platforms. */ 145 #include <sys/types.h> 146 #include <sys/param.h> 147 #include <sys/socket.h> 148 149 #include <netinet/in.h> 150 151 #include <assert.h> 152 #include <errno.h> 153 #include <limits.h> 154 #include <netdb.h> 155 #include <stdio.h> 156 #include <stdlib.h> 157 #include <string.h> 158 #include <time.h> 159 #include <unistd.h> 160 161 #include <ctype.h> 162 163 #include <openssl/opensslconf.h> 164 #include <openssl/bio.h> 165 #include <openssl/crypto.h> 166 #include <openssl/evp.h> 167 #include <openssl/x509.h> 168 #include <openssl/x509v3.h> 169 #include <openssl/ssl.h> 170 #ifndef OPENSSL_NO_ENGINE 171 #include <openssl/engine.h> 172 #endif 173 #include <openssl/err.h> 174 #include <openssl/rand.h> 175 #include <openssl/rsa.h> 176 #include <openssl/dsa.h> 177 #include <openssl/dh.h> 178 #include <openssl/bn.h> 179 180 #define TEST_SERVER_CERT "../apps/server.pem" 181 #define TEST_CLIENT_CERT "../apps/client.pem" 182 183 static int verify_callback(int ok, X509_STORE_CTX *ctx); 184 static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); 185 static void free_tmp_rsa(void); 186 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 187 #define APP_CALLBACK_STRING "Test Callback Argument" 188 struct app_verify_arg { 189 char *string; 190 int app_verify; 191 int allow_proxy_certs; 192 char *proxy_auth; 193 char *proxy_cond; 194 }; 195 196 static DH *get_dh1024(void); 197 static DH *get_dh1024dsa(void); 198 199 static BIO *bio_err = NULL; 200 static BIO *bio_stdout = NULL; 201 202 /* Note that this code assumes that this is only a one element list: */ 203 static const char NEXT_PROTO_STRING[] = "\x09testproto"; 204 int npn_client = 0; 205 int npn_server = 0; 206 int npn_server_reject = 0; 207 208 static int 209 cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, 210 const unsigned char *in, unsigned int inlen, void *arg) 211 { 212 /* 213 * This callback only returns the protocol string, rather than a length 214 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list 215 * and remove the first byte to chop off the length prefix. 216 */ 217 *out = (unsigned char *)NEXT_PROTO_STRING + 1; 218 *outlen = sizeof(NEXT_PROTO_STRING) - 2; 219 return (SSL_TLSEXT_ERR_OK); 220 } 221 222 static int 223 cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 224 { 225 *data = (const unsigned char *)NEXT_PROTO_STRING; 226 *len = sizeof(NEXT_PROTO_STRING) - 1; 227 return (SSL_TLSEXT_ERR_OK); 228 } 229 230 static int 231 cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, 232 void *arg) 233 { 234 return (SSL_TLSEXT_ERR_NOACK); 235 } 236 237 static int 238 verify_npn(SSL *client, SSL *server) 239 { 240 const unsigned char *client_s; 241 unsigned int client_len; 242 const unsigned char *server_s; 243 unsigned int server_len; 244 245 SSL_get0_next_proto_negotiated(client, &client_s, &client_len); 246 SSL_get0_next_proto_negotiated(server, &server_s, &server_len); 247 248 if (client_len) { 249 BIO_printf(bio_stdout, "Client NPN: "); 250 BIO_write(bio_stdout, client_s, client_len); 251 BIO_printf(bio_stdout, "\n"); 252 } 253 254 if (server_len) { 255 BIO_printf(bio_stdout, "Server NPN: "); 256 BIO_write(bio_stdout, server_s, server_len); 257 BIO_printf(bio_stdout, "\n"); 258 } 259 260 /* 261 * If an NPN string was returned, it must be the protocol that we 262 * expected to negotiate. 263 */ 264 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 || 265 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len))) 266 return (-1); 267 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 || 268 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len))) 269 return (-1); 270 271 if (!npn_client && client_len) 272 return (-1); 273 if (!npn_server && server_len) 274 return (-1); 275 if (npn_server_reject && server_len) 276 return (-1); 277 if (npn_client && npn_server && (!client_len || !server_len)) 278 return (-1); 279 280 return (0); 281 } 282 283 static const char *alpn_client; 284 static const char *alpn_server; 285 static const char *alpn_expected; 286 static unsigned char *alpn_selected; 287 288 /* 289 * next_protos_parse parses a comma separated list of strings into a string 290 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 291 * outlen: (output) set to the length of the resulting buffer on success. 292 * err: (maybe NULL) on failure, an error message line is written to this BIO. 293 * in: a NUL terminated string like "abc,def,ghi" 294 * 295 * returns: a malloced buffer or NULL on failure. 296 */ 297 static unsigned char * 298 next_protos_parse(unsigned short *outlen, const char *in) 299 { 300 size_t i, len, start = 0; 301 unsigned char *out; 302 303 len = strlen(in); 304 if (len >= 65535) 305 return (NULL); 306 307 if ((out = malloc(strlen(in) + 1)) == NULL) 308 return (NULL); 309 310 for (i = 0; i <= len; ++i) { 311 if (i == len || in[i] == ',') { 312 if (i - start > 255) { 313 free(out); 314 return (NULL); 315 } 316 out[start] = i - start; 317 start = i + 1; 318 } else 319 out[i+1] = in[i]; 320 } 321 *outlen = len + 1; 322 return (out); 323 } 324 325 static int 326 cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, 327 const unsigned char *in, unsigned int inlen, void *arg) 328 { 329 unsigned char *protos; 330 unsigned short protos_len; 331 332 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) { 333 fprintf(stderr, 334 "failed to parser ALPN server protocol string: %s\n", 335 alpn_server); 336 abort(); 337 } 338 339 if (SSL_select_next_proto((unsigned char **)out, outlen, protos, 340 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) { 341 free(protos); 342 return (SSL_TLSEXT_ERR_NOACK); 343 } 344 345 /* 346 * Make a copy of the selected protocol which will be freed in 347 * verify_alpn. 348 */ 349 if ((alpn_selected = malloc(*outlen)) == NULL) { 350 fprintf(stderr, "malloc failed\n"); 351 abort(); 352 } 353 memcpy(alpn_selected, *out, *outlen); 354 *out = alpn_selected; 355 free(protos); 356 357 return (SSL_TLSEXT_ERR_OK); 358 } 359 360 static int 361 verify_alpn(SSL *client, SSL *server) 362 { 363 const unsigned char *client_proto, *server_proto; 364 unsigned int client_proto_len = 0, server_proto_len = 0; 365 366 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 367 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 368 369 free(alpn_selected); 370 alpn_selected = NULL; 371 372 if (client_proto_len != server_proto_len || 373 memcmp(client_proto, server_proto, client_proto_len) != 0) { 374 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 375 goto err; 376 } 377 378 if (client_proto_len > 0 && alpn_expected == NULL) { 379 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 380 goto err; 381 } 382 383 if (alpn_expected != NULL && 384 (client_proto_len != strlen(alpn_expected) || 385 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 386 BIO_printf(bio_stdout, "ALPN selected protocols not equal to " 387 "expected protocol: %s\n", alpn_expected); 388 goto err; 389 } 390 391 return (0); 392 393 err: 394 BIO_printf(bio_stdout, "ALPN results: client: '"); 395 BIO_write(bio_stdout, client_proto, client_proto_len); 396 BIO_printf(bio_stdout, "', server: '"); 397 BIO_write(bio_stdout, server_proto, server_proto_len); 398 BIO_printf(bio_stdout, "'\n"); 399 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", 400 alpn_client, alpn_server); 401 402 return (-1); 403 } 404 405 static char *cipher = NULL; 406 static int verbose = 0; 407 static int debug = 0; 408 409 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 410 clock_t *c_time); 411 int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 412 static int do_test_cipherlist(void); 413 414 static void 415 sv_usage(void) 416 { 417 fprintf(stderr, "usage: ssltest [args ...]\n"); 418 fprintf(stderr, "\n"); 419 fprintf(stderr, " -server_auth - check server certificate\n"); 420 fprintf(stderr, " -client_auth - do client authentication\n"); 421 fprintf(stderr, " -proxy - allow proxy certificates\n"); 422 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 423 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n"); 424 fprintf(stderr, " -v - more output\n"); 425 fprintf(stderr, " -d - debug output\n"); 426 fprintf(stderr, " -reuse - use session-id reuse\n"); 427 fprintf(stderr, " -num <val> - number of connections to perform\n"); 428 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n"); 429 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 430 fprintf(stderr, " -no_dhe - disable DHE\n"); 431 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 432 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 433 fprintf(stderr, " -tls1 - use TLSv1\n"); 434 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 435 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 436 fprintf(stderr, " -cert arg - Server certificate file\n"); 437 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); 438 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 439 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); 440 fprintf(stderr, " -cipher arg - The cipher list\n"); 441 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 442 fprintf(stderr, " -f - Test even cases that can't work\n"); 443 fprintf(stderr, " -time - measure processor time used by client and server\n"); 444 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 445 " Use \"openssl ecparam -list_curves\" for all names\n" \ 446 " (default is sect163r2).\n"); 447 fprintf(stderr, " -test_cipherlist - verifies the order of the ssl cipher lists\n"); 448 fprintf(stderr, " -npn_client - have client side offer NPN\n"); 449 fprintf(stderr, " -npn_server - have server side offer NPN\n"); 450 fprintf(stderr, " -npn_server_reject - have server reject NPN\n"); 451 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 452 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 453 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 454 } 455 456 static void 457 print_details(SSL *c_ssl, const char *prefix) 458 { 459 const SSL_CIPHER *ciph; 460 X509 *cert; 461 462 ciph = SSL_get_current_cipher(c_ssl); 463 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 464 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), 465 SSL_CIPHER_get_name(ciph)); 466 cert = SSL_get_peer_certificate(c_ssl); 467 if (cert != NULL) { 468 EVP_PKEY *pkey = X509_get_pubkey(cert); 469 if (pkey != NULL) { 470 if (pkey->type == EVP_PKEY_RSA && 471 pkey->pkey.rsa != NULL && 472 pkey->pkey.rsa->n != NULL) { 473 BIO_printf(bio_stdout, ", %d bit RSA", 474 BN_num_bits(pkey->pkey.rsa->n)); 475 } else if (pkey->type == EVP_PKEY_DSA && 476 pkey->pkey.dsa != NULL && 477 pkey->pkey.dsa->p != NULL) { 478 BIO_printf(bio_stdout, ", %d bit DSA", 479 BN_num_bits(pkey->pkey.dsa->p)); 480 } 481 EVP_PKEY_free(pkey); 482 } 483 X509_free(cert); 484 } 485 /* The SSL API does not allow us to look at temporary RSA/DH keys, 486 * otherwise we should print their lengths too */ 487 BIO_printf(bio_stdout, "\n"); 488 } 489 490 static void 491 lock_dbg_cb(int mode, int type, const char *file, int line) 492 { 493 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ 494 const char *errstr = NULL; 495 int rw; 496 497 rw = mode & (CRYPTO_READ|CRYPTO_WRITE); 498 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) { 499 errstr = "invalid mode"; 500 goto err; 501 } 502 503 if (type < 0 || type >= CRYPTO_NUM_LOCKS) { 504 errstr = "type out of bounds"; 505 goto err; 506 } 507 508 if (mode & CRYPTO_LOCK) { 509 if (modes[type]) { 510 errstr = "already locked"; 511 /* must not happen in a single-threaded program 512 * (would deadlock) */ 513 goto err; 514 } 515 516 modes[type] = rw; 517 } else if (mode & CRYPTO_UNLOCK) { 518 if (!modes[type]) { 519 errstr = "not locked"; 520 goto err; 521 } 522 523 if (modes[type] != rw) { 524 errstr = (rw == CRYPTO_READ) ? 525 "CRYPTO_r_unlock on write lock" : 526 "CRYPTO_w_unlock on read lock"; 527 } 528 529 modes[type] = 0; 530 } else { 531 errstr = "invalid mode"; 532 goto err; 533 } 534 535 err: 536 if (errstr) { 537 /* we cannot use bio_err here */ 538 fprintf(stderr, 539 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n", 540 errstr, mode, type, file, line); 541 } 542 } 543 544 int 545 main(int argc, char *argv[]) 546 { 547 char *CApath = NULL, *CAfile = NULL; 548 int badop = 0; 549 int bio_pair = 0; 550 int force = 0; 551 int tls1 = 0, dtls1 = 0, ret = 1; 552 int client_auth = 0; 553 int server_auth = 0, i; 554 struct app_verify_arg app_verify_arg = 555 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 556 char *server_cert = TEST_SERVER_CERT; 557 char *server_key = NULL; 558 char *client_cert = TEST_CLIENT_CERT; 559 char *client_key = NULL; 560 char *named_curve = NULL; 561 SSL_CTX *s_ctx = NULL; 562 SSL_CTX *c_ctx = NULL; 563 const SSL_METHOD *meth = NULL; 564 SSL *c_ssl, *s_ssl; 565 int number = 1, reuse = 0; 566 long bytes = 256L; 567 DH *dh; 568 int dhe1024dsa = 0; 569 EC_KEY *ecdh = NULL; 570 int no_dhe = 0; 571 int no_ecdhe = 0; 572 int print_time = 0; 573 clock_t s_time = 0, c_time = 0; 574 int test_cipherlist = 0; 575 576 verbose = 0; 577 debug = 0; 578 cipher = 0; 579 580 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); 581 582 CRYPTO_set_locking_callback(lock_dbg_cb); 583 584 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); 585 586 argc--; 587 argv++; 588 589 while (argc >= 1) { 590 if (!strcmp(*argv, "-F")) { 591 fprintf(stderr, "not compiled with FIPS support, so exitting without running.\n"); 592 exit(0); 593 } else if (strcmp(*argv, "-server_auth") == 0) 594 server_auth = 1; 595 else if (strcmp(*argv, "-client_auth") == 0) 596 client_auth = 1; 597 else if (strcmp(*argv, "-proxy_auth") == 0) { 598 if (--argc < 1) 599 goto bad; 600 app_verify_arg.proxy_auth= *(++argv); 601 } else if (strcmp(*argv, "-proxy_cond") == 0) { 602 if (--argc < 1) 603 goto bad; 604 app_verify_arg.proxy_cond= *(++argv); 605 } else if (strcmp(*argv, "-v") == 0) 606 verbose = 1; 607 else if (strcmp(*argv, "-d") == 0) 608 debug = 1; 609 else if (strcmp(*argv, "-reuse") == 0) 610 reuse = 1; 611 else if (strcmp(*argv, "-dhe1024dsa") == 0) { 612 dhe1024dsa = 1; 613 } else if (strcmp(*argv, "-no_dhe") == 0) 614 no_dhe = 1; 615 else if (strcmp(*argv, "-no_ecdhe") == 0) 616 no_ecdhe = 1; 617 else if (strcmp(*argv, "-dtls1") == 0) 618 dtls1 = 1; 619 else if (strcmp(*argv, "-tls1") == 0) 620 tls1 = 1; 621 else if (strncmp(*argv, "-num", 4) == 0) { 622 if (--argc < 1) 623 goto bad; 624 number = atoi(*(++argv)); 625 if (number == 0) 626 number = 1; 627 } else if (strcmp(*argv, "-bytes") == 0) { 628 if (--argc < 1) 629 goto bad; 630 bytes = atol(*(++argv)); 631 if (bytes == 0L) 632 bytes = 1L; 633 i = strlen(argv[0]); 634 if (argv[0][i - 1] == 'k') 635 bytes*=1024L; 636 if (argv[0][i - 1] == 'm') 637 bytes*=1024L*1024L; 638 } else if (strcmp(*argv, "-cert") == 0) { 639 if (--argc < 1) 640 goto bad; 641 server_cert= *(++argv); 642 } else if (strcmp(*argv, "-s_cert") == 0) { 643 if (--argc < 1) 644 goto bad; 645 server_cert= *(++argv); 646 } else if (strcmp(*argv, "-key") == 0) { 647 if (--argc < 1) 648 goto bad; 649 server_key= *(++argv); 650 } else if (strcmp(*argv, "-s_key") == 0) { 651 if (--argc < 1) 652 goto bad; 653 server_key= *(++argv); 654 } else if (strcmp(*argv, "-c_cert") == 0) { 655 if (--argc < 1) 656 goto bad; 657 client_cert= *(++argv); 658 } else if (strcmp(*argv, "-c_key") == 0) { 659 if (--argc < 1) 660 goto bad; 661 client_key= *(++argv); 662 } else if (strcmp(*argv, "-cipher") == 0) { 663 if (--argc < 1) 664 goto bad; 665 cipher= *(++argv); 666 } else if (strcmp(*argv, "-CApath") == 0) { 667 if (--argc < 1) 668 goto bad; 669 CApath= *(++argv); 670 } else if (strcmp(*argv, "-CAfile") == 0) { 671 if (--argc < 1) 672 goto bad; 673 CAfile= *(++argv); 674 } else if (strcmp(*argv, "-bio_pair") == 0) { 675 bio_pair = 1; 676 } else if (strcmp(*argv, "-f") == 0) { 677 force = 1; 678 } else if (strcmp(*argv, "-time") == 0) { 679 print_time = 1; 680 } else if (strcmp(*argv, "-named_curve") == 0) { 681 if (--argc < 1) 682 goto bad; 683 named_curve = *(++argv); 684 } else if (strcmp(*argv, "-app_verify") == 0) { 685 app_verify_arg.app_verify = 1; 686 } else if (strcmp(*argv, "-proxy") == 0) { 687 app_verify_arg.allow_proxy_certs = 1; 688 } else if (strcmp(*argv, "-test_cipherlist") == 0) { 689 test_cipherlist = 1; 690 } 691 else if (strcmp(*argv, "-npn_client") == 0) { 692 npn_client = 1; 693 } else if (strcmp(*argv, "-npn_server") == 0) { 694 npn_server = 1; 695 } else if (strcmp(*argv, "-npn_server_reject") == 0) { 696 npn_server_reject = 1; 697 } 698 else if (strcmp(*argv, "-alpn_client") == 0) { 699 if (--argc < 1) 700 goto bad; 701 alpn_client = *(++argv); 702 } else if (strcmp(*argv, "-alpn_server") == 0) { 703 if (--argc < 1) 704 goto bad; 705 alpn_server = *(++argv); 706 } else if (strcmp(*argv, "-alpn_expected") == 0) { 707 if (--argc < 1) 708 goto bad; 709 alpn_expected = *(++argv); 710 } else { 711 fprintf(stderr, "unknown option %s\n", *argv); 712 badop = 1; 713 break; 714 } 715 argc--; 716 argv++; 717 } 718 if (badop) { 719 bad: 720 sv_usage(); 721 goto end; 722 } 723 724 if (test_cipherlist == 1) { 725 /* ensure that the cipher list are correctly sorted and exit */ 726 if (do_test_cipherlist() == 0) 727 exit(1); 728 ret = 0; 729 goto end; 730 } 731 732 if (!dtls1 && !tls1 && 733 number > 1 && !reuse && !force) { 734 fprintf(stderr, 735 "This case cannot work. Use -f to perform " 736 "the test anyway (and\n-d to see what happens), " 737 "or add one of -dtls1, -tls1, -reuse\n" 738 "to avoid protocol mismatch.\n"); 739 exit(1); 740 } 741 742 if (print_time) { 743 if (!bio_pair) { 744 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 745 bio_pair = 1; 746 } 747 if (number < 50 && !force) 748 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 749 } 750 751 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 752 753 SSL_library_init(); 754 SSL_load_error_strings(); 755 756 if (dtls1) 757 meth = DTLSv1_method(); 758 else if (tls1) 759 meth = TLSv1_method(); 760 else 761 meth = SSLv23_method(); 762 763 c_ctx = SSL_CTX_new(meth); 764 s_ctx = SSL_CTX_new(meth); 765 if ((c_ctx == NULL) || (s_ctx == NULL)) { 766 ERR_print_errors(bio_err); 767 goto end; 768 } 769 770 if (cipher != NULL) { 771 SSL_CTX_set_cipher_list(c_ctx, cipher); 772 SSL_CTX_set_cipher_list(s_ctx, cipher); 773 } 774 775 if (!no_dhe) { 776 if (dhe1024dsa) { 777 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ 778 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 779 dh = get_dh1024dsa(); 780 } else 781 dh = get_dh1024(); 782 SSL_CTX_set_tmp_dh(s_ctx, dh); 783 DH_free(dh); 784 } 785 786 if (!no_ecdhe) { 787 int nid; 788 789 if (named_curve != NULL) { 790 nid = OBJ_sn2nid(named_curve); 791 if (nid == 0) { 792 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 793 goto end; 794 } 795 } else 796 #ifdef OPENSSL_NO_EC2M 797 nid = NID_X9_62_prime256v1; 798 #else 799 nid = NID_sect163r2; 800 #endif 801 802 ecdh = EC_KEY_new_by_curve_name(nid); 803 if (ecdh == NULL) { 804 BIO_printf(bio_err, "unable to create curve\n"); 805 goto end; 806 } 807 808 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 809 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 810 EC_KEY_free(ecdh); 811 } 812 813 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); 814 815 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, 816 SSL_FILETYPE_PEM)) { 817 ERR_print_errors(bio_err); 818 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 819 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { 820 ERR_print_errors(bio_err); 821 goto end; 822 } 823 824 if (client_auth) { 825 SSL_CTX_use_certificate_file(c_ctx, client_cert, 826 SSL_FILETYPE_PEM); 827 SSL_CTX_use_PrivateKey_file(c_ctx, 828 (client_key ? client_key : client_cert), 829 SSL_FILETYPE_PEM); 830 } 831 832 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 833 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 834 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 835 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 836 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 837 ERR_print_errors(bio_err); 838 /* goto end; */ 839 } 840 841 if (client_auth) { 842 BIO_printf(bio_err, "client authentication\n"); 843 SSL_CTX_set_verify(s_ctx, 844 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 845 verify_callback); 846 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 847 &app_verify_arg); 848 } 849 if (server_auth) { 850 BIO_printf(bio_err, "server authentication\n"); 851 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, 852 verify_callback); 853 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 854 &app_verify_arg); 855 } 856 857 { 858 int session_id_context = 0; 859 SSL_CTX_set_session_id_context(s_ctx, 860 (void *)&session_id_context, sizeof(session_id_context)); 861 } 862 863 if (npn_client) 864 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL); 865 if (npn_server) { 866 if (npn_server_reject) { 867 BIO_printf(bio_err, "Can't have both -npn_server and " 868 "-npn_server_reject\n"); 869 goto end; 870 } 871 SSL_CTX_set_next_protos_advertised_cb(s_ctx, 872 cb_server_npn, NULL); 873 } 874 if (npn_server_reject) { 875 SSL_CTX_set_next_protos_advertised_cb(s_ctx, 876 cb_server_rejects_npn, NULL); 877 } 878 879 if (alpn_server != NULL) 880 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL); 881 882 if (alpn_client != NULL) { 883 unsigned short alpn_len; 884 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 885 886 if (alpn == NULL) { 887 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 888 goto end; 889 } 890 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); 891 free(alpn); 892 } 893 894 c_ssl = SSL_new(c_ctx); 895 s_ssl = SSL_new(s_ctx); 896 897 for (i = 0; i < number; i++) { 898 if (!reuse) 899 SSL_set_session(c_ssl, NULL); 900 if (bio_pair) 901 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, 902 &c_time); 903 else 904 ret = doit(s_ssl, c_ssl, bytes); 905 } 906 907 if (!verbose) { 908 print_details(c_ssl, ""); 909 } 910 if ((number > 1) || (bytes > 1L)) 911 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", 912 number, bytes); 913 if (print_time) { 914 #ifdef CLOCKS_PER_SEC 915 /* "To determine the time in seconds, the value returned 916 * by the clock function should be divided by the value 917 * of the macro CLOCKS_PER_SEC." 918 * -- ISO/IEC 9899 */ 919 BIO_printf(bio_stdout, 920 "Approximate total server time: %6.2f s\n" 921 "Approximate total client time: %6.2f s\n", 922 (double)s_time/CLOCKS_PER_SEC, 923 (double)c_time/CLOCKS_PER_SEC); 924 #else 925 /* "`CLOCKS_PER_SEC' undeclared (first use this function)" 926 * -- cc on NeXTstep/OpenStep */ 927 BIO_printf(bio_stdout, 928 "Approximate total server time: %6.2f units\n" 929 "Approximate total client time: %6.2f units\n", 930 (double)s_time, 931 (double)c_time); 932 #endif 933 } 934 935 SSL_free(s_ssl); 936 SSL_free(c_ssl); 937 938 end: 939 SSL_CTX_free(s_ctx); 940 SSL_CTX_free(c_ctx); 941 BIO_free(bio_stdout); 942 943 free_tmp_rsa(); 944 #ifndef OPENSSL_NO_ENGINE 945 ENGINE_cleanup(); 946 #endif 947 CRYPTO_cleanup_all_ex_data(); 948 ERR_free_strings(); 949 ERR_remove_thread_state(NULL); 950 EVP_cleanup(); 951 CRYPTO_mem_leaks(bio_err); 952 BIO_free(bio_err); 953 954 exit(ret); 955 return ret; 956 } 957 958 int 959 doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, 960 clock_t *c_time) 961 { 962 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 963 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 964 BIO *server = NULL, *server_io = NULL; 965 BIO *client = NULL, *client_io = NULL; 966 int ret = 1; 967 968 size_t bufsiz = 256; /* small buffer for testing */ 969 970 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 971 goto err; 972 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 973 goto err; 974 975 s_ssl_bio = BIO_new(BIO_f_ssl()); 976 if (!s_ssl_bio) 977 goto err; 978 979 c_ssl_bio = BIO_new(BIO_f_ssl()); 980 if (!c_ssl_bio) 981 goto err; 982 983 SSL_set_connect_state(c_ssl); 984 SSL_set_bio(c_ssl, client, client); 985 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 986 987 SSL_set_accept_state(s_ssl); 988 SSL_set_bio(s_ssl, server, server); 989 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 990 991 do { 992 /* c_ssl_bio: SSL filter BIO 993 * 994 * client: pseudo-I/O for SSL library 995 * 996 * client_io: client's SSL communication; usually to be 997 * relayed over some I/O facility, but in this 998 * test program, we're the server, too: 999 * 1000 * server_io: server's SSL communication 1001 * 1002 * server: pseudo-I/O for SSL library 1003 * 1004 * s_ssl_bio: SSL filter BIO 1005 * 1006 * The client and the server each employ a "BIO pair": 1007 * client + client_io, server + server_io. 1008 * BIO pairs are symmetric. A BIO pair behaves similar 1009 * to a non-blocking socketpair (but both endpoints must 1010 * be handled by the same thread). 1011 * [Here we could connect client and server to the ends 1012 * of a single BIO pair, but then this code would be less 1013 * suitable as an example for BIO pairs in general.] 1014 * 1015 * Useful functions for querying the state of BIO pair endpoints: 1016 * 1017 * BIO_ctrl_pending(bio) number of bytes we can read now 1018 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 1019 * other side's read attempt 1020 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 1021 * 1022 * ..._read_request is never more than ..._write_guarantee; 1023 * it depends on the application which one you should use. 1024 */ 1025 1026 /* We have non-blocking behaviour throughout this test program, but 1027 * can be sure that there is *some* progress in each iteration; so 1028 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE 1029 * -- we just try everything in each iteration 1030 */ 1031 1032 { 1033 /* CLIENT */ 1034 1035 char cbuf[1024*8]; 1036 int i, r; 1037 clock_t c_clock = clock(); 1038 1039 memset(cbuf, 0, sizeof(cbuf)); 1040 1041 if (debug) 1042 if (SSL_in_init(c_ssl)) 1043 printf("client waiting in SSL_connect - %s\n", 1044 SSL_state_string_long(c_ssl)); 1045 1046 if (cw_num > 0) { 1047 /* Write to server. */ 1048 1049 if (cw_num > (long)sizeof cbuf) 1050 i = sizeof cbuf; 1051 else 1052 i = (int)cw_num; 1053 r = BIO_write(c_ssl_bio, cbuf, i); 1054 if (r < 0) { 1055 if (!BIO_should_retry(c_ssl_bio)) { 1056 fprintf(stderr, "ERROR in CLIENT\n"); 1057 goto err; 1058 } 1059 /* BIO_should_retry(...) can just be ignored here. 1060 * The library expects us to call BIO_write with 1061 * the same arguments again, and that's what we will 1062 * do in the next iteration. */ 1063 } else if (r == 0) { 1064 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1065 goto err; 1066 } else { 1067 if (debug) 1068 printf("client wrote %d\n", r); 1069 cw_num -= r; 1070 1071 } 1072 } 1073 1074 if (cr_num > 0) { 1075 /* Read from server. */ 1076 1077 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 1078 if (r < 0) { 1079 if (!BIO_should_retry(c_ssl_bio)) { 1080 fprintf(stderr, "ERROR in CLIENT\n"); 1081 goto err; 1082 } 1083 /* Again, "BIO_should_retry" can be ignored. */ 1084 } else if (r == 0) { 1085 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1086 goto err; 1087 } else { 1088 if (debug) 1089 printf("client read %d\n", r); 1090 cr_num -= r; 1091 } 1092 } 1093 1094 /* c_time and s_time increments will typically be very small 1095 * (depending on machine speed and clock tick intervals), 1096 * but sampling over a large number of connections should 1097 * result in fairly accurate figures. We cannot guarantee 1098 * a lot, however -- if each connection lasts for exactly 1099 * one clock tick, it will be counted only for the client 1100 * or only for the server or even not at all. 1101 */ 1102 *c_time += (clock() - c_clock); 1103 } 1104 1105 { 1106 /* SERVER */ 1107 1108 char sbuf[1024*8]; 1109 int i, r; 1110 clock_t s_clock = clock(); 1111 1112 memset(sbuf, 0, sizeof(sbuf)); 1113 1114 if (debug) 1115 if (SSL_in_init(s_ssl)) 1116 printf("server waiting in SSL_accept - %s\n", 1117 SSL_state_string_long(s_ssl)); 1118 1119 if (sw_num > 0) { 1120 /* Write to client. */ 1121 1122 if (sw_num > (long)sizeof sbuf) 1123 i = sizeof sbuf; 1124 else 1125 i = (int)sw_num; 1126 r = BIO_write(s_ssl_bio, sbuf, i); 1127 if (r < 0) { 1128 if (!BIO_should_retry(s_ssl_bio)) { 1129 fprintf(stderr, "ERROR in SERVER\n"); 1130 goto err; 1131 } 1132 /* Ignore "BIO_should_retry". */ 1133 } else if (r == 0) { 1134 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1135 goto err; 1136 } else { 1137 if (debug) 1138 printf("server wrote %d\n", r); 1139 sw_num -= r; 1140 1141 } 1142 } 1143 1144 if (sr_num > 0) { 1145 /* Read from client. */ 1146 1147 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 1148 if (r < 0) { 1149 if (!BIO_should_retry(s_ssl_bio)) { 1150 fprintf(stderr, "ERROR in SERVER\n"); 1151 goto err; 1152 } 1153 /* blah, blah */ 1154 } else if (r == 0) { 1155 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1156 goto err; 1157 } else { 1158 if (debug) 1159 printf("server read %d\n", r); 1160 sr_num -= r; 1161 } 1162 } 1163 1164 *s_time += (clock() - s_clock); 1165 } 1166 1167 { 1168 /* "I/O" BETWEEN CLIENT AND SERVER. */ 1169 1170 size_t r1, r2; 1171 BIO *io1 = server_io, *io2 = client_io; 1172 /* we use the non-copying interface for io1 1173 * and the standard BIO_write/BIO_read interface for io2 1174 */ 1175 1176 static int prev_progress = 1; 1177 int progress = 0; 1178 1179 /* io1 to io2 */ 1180 do { 1181 size_t num; 1182 int r; 1183 1184 r1 = BIO_ctrl_pending(io1); 1185 r2 = BIO_ctrl_get_write_guarantee(io2); 1186 1187 num = r1; 1188 if (r2 < num) 1189 num = r2; 1190 if (num) { 1191 char *dataptr; 1192 1193 if (INT_MAX < num) /* yeah, right */ 1194 num = INT_MAX; 1195 1196 r = BIO_nread(io1, &dataptr, (int)num); 1197 assert(r > 0); 1198 assert(r <= (int)num); 1199 /* possibly r < num (non-contiguous data) */ 1200 num = r; 1201 r = BIO_write(io2, dataptr, (int)num); 1202 if (r != (int)num) /* can't happen */ 1203 { 1204 fprintf(stderr, "ERROR: BIO_write could not write " 1205 "BIO_ctrl_get_write_guarantee() bytes"); 1206 goto err; 1207 } 1208 progress = 1; 1209 1210 if (debug) 1211 printf((io1 == client_io) ? 1212 "C->S relaying: %d bytes\n" : 1213 "S->C relaying: %d bytes\n", 1214 (int)num); 1215 } 1216 } while (r1 && r2); 1217 1218 /* io2 to io1 */ 1219 { 1220 size_t num; 1221 int r; 1222 1223 r1 = BIO_ctrl_pending(io2); 1224 r2 = BIO_ctrl_get_read_request(io1); 1225 /* here we could use ..._get_write_guarantee instead of 1226 * ..._get_read_request, but by using the latter 1227 * we test restartability of the SSL implementation 1228 * more thoroughly */ 1229 num = r1; 1230 if (r2 < num) 1231 num = r2; 1232 if (num) { 1233 char *dataptr; 1234 1235 if (INT_MAX < num) 1236 num = INT_MAX; 1237 1238 if (num > 1) 1239 --num; /* test restartability even more thoroughly */ 1240 1241 r = BIO_nwrite0(io1, &dataptr); 1242 assert(r > 0); 1243 if (r < (int)num) 1244 num = r; 1245 r = BIO_read(io2, dataptr, (int)num); 1246 if (r != (int)num) /* can't happen */ 1247 { 1248 fprintf(stderr, "ERROR: BIO_read could not read " 1249 "BIO_ctrl_pending() bytes"); 1250 goto err; 1251 } 1252 progress = 1; 1253 r = BIO_nwrite(io1, &dataptr, (int)num); 1254 if (r != (int)num) /* can't happen */ 1255 { 1256 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1257 "BIO_nwrite0() bytes"); 1258 goto err; 1259 } 1260 1261 if (debug) 1262 printf((io2 == client_io) ? 1263 "C->S relaying: %d bytes\n" : 1264 "S->C relaying: %d bytes\n", 1265 (int)num); 1266 } 1267 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ 1268 1269 if (!progress && !prev_progress) 1270 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1271 fprintf(stderr, "ERROR: got stuck\n"); 1272 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) { 1273 fprintf(stderr, "This can happen for SSL2 because " 1274 "CLIENT-FINISHED and SERVER-VERIFY are written \n" 1275 "concurrently ..."); 1276 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 && 1277 strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) { 1278 fprintf(stderr, " ok.\n"); 1279 goto end; 1280 } 1281 } 1282 fprintf(stderr, " ERROR.\n"); 1283 goto err; 1284 } 1285 prev_progress = progress; 1286 } 1287 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1288 1289 if (verbose) 1290 print_details(c_ssl, "DONE via BIO pair: "); 1291 1292 if (verify_npn(c_ssl, s_ssl) < 0) { 1293 ret = 1; 1294 goto err; 1295 } 1296 if (verify_alpn(c_ssl, s_ssl) < 0) { 1297 ret = 1; 1298 goto err; 1299 } 1300 1301 end: 1302 ret = 0; 1303 1304 err: 1305 ERR_print_errors(bio_err); 1306 1307 BIO_free(server); 1308 BIO_free(server_io); 1309 BIO_free(client); 1310 BIO_free(client_io); 1311 BIO_free(s_ssl_bio); 1312 BIO_free(c_ssl_bio); 1313 1314 return ret; 1315 } 1316 1317 1318 #define W_READ 1 1319 #define W_WRITE 2 1320 #define C_DONE 1 1321 #define S_DONE 2 1322 1323 int 1324 doit(SSL *s_ssl, SSL *c_ssl, long count) 1325 { 1326 char cbuf[1024*8], sbuf[1024*8]; 1327 long cw_num = count, cr_num = count; 1328 long sw_num = count, sr_num = count; 1329 int ret = 1; 1330 BIO *c_to_s = NULL; 1331 BIO *s_to_c = NULL; 1332 BIO *c_bio = NULL; 1333 BIO *s_bio = NULL; 1334 int c_r, c_w, s_r, s_w; 1335 int i, j; 1336 int done = 0; 1337 int c_write, s_write; 1338 int do_server = 0, do_client = 0; 1339 1340 memset(cbuf, 0, sizeof(cbuf)); 1341 memset(sbuf, 0, sizeof(sbuf)); 1342 1343 c_to_s = BIO_new(BIO_s_mem()); 1344 s_to_c = BIO_new(BIO_s_mem()); 1345 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1346 ERR_print_errors(bio_err); 1347 goto err; 1348 } 1349 1350 c_bio = BIO_new(BIO_f_ssl()); 1351 s_bio = BIO_new(BIO_f_ssl()); 1352 if ((c_bio == NULL) || (s_bio == NULL)) { 1353 ERR_print_errors(bio_err); 1354 goto err; 1355 } 1356 1357 SSL_set_connect_state(c_ssl); 1358 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1359 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1360 1361 SSL_set_accept_state(s_ssl); 1362 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1363 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1364 1365 c_r = 0; 1366 s_r = 1; 1367 c_w = 1; 1368 s_w = 0; 1369 c_write = 1, s_write = 0; 1370 1371 /* We can always do writes */ 1372 for (;;) { 1373 do_server = 0; 1374 do_client = 0; 1375 1376 i = (int)BIO_pending(s_bio); 1377 if ((i && s_r) || s_w) 1378 do_server = 1; 1379 1380 i = (int)BIO_pending(c_bio); 1381 if ((i && c_r) || c_w) 1382 do_client = 1; 1383 1384 if (do_server && debug) { 1385 if (SSL_in_init(s_ssl)) 1386 printf("server waiting in SSL_accept - %s\n", 1387 SSL_state_string_long(s_ssl)); 1388 /* else if (s_write) 1389 printf("server:SSL_write()\n"); 1390 else 1391 printf("server:SSL_read()\n"); */ 1392 } 1393 1394 if (do_client && debug) { 1395 if (SSL_in_init(c_ssl)) 1396 printf("client waiting in SSL_connect - %s\n", 1397 SSL_state_string_long(c_ssl)); 1398 /* else if (c_write) 1399 printf("client:SSL_write()\n"); 1400 else 1401 printf("client:SSL_read()\n"); */ 1402 } 1403 1404 if (!do_client && !do_server) { 1405 fprintf(stdout, "ERROR IN STARTUP\n"); 1406 ERR_print_errors(bio_err); 1407 break; 1408 } 1409 if (do_client && !(done & C_DONE)) { 1410 if (c_write) { 1411 j = (cw_num > (long)sizeof(cbuf)) ? 1412 (int)sizeof(cbuf) : (int)cw_num; 1413 i = BIO_write(c_bio, cbuf, j); 1414 if (i < 0) { 1415 c_r = 0; 1416 c_w = 0; 1417 if (BIO_should_retry(c_bio)) { 1418 if (BIO_should_read(c_bio)) 1419 c_r = 1; 1420 if (BIO_should_write(c_bio)) 1421 c_w = 1; 1422 } else { 1423 fprintf(stderr, "ERROR in CLIENT\n"); 1424 ERR_print_errors(bio_err); 1425 goto err; 1426 } 1427 } else if (i == 0) { 1428 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1429 goto err; 1430 } else { 1431 if (debug) 1432 printf("client wrote %d\n", i); 1433 /* ok */ 1434 s_r = 1; 1435 c_write = 0; 1436 cw_num -= i; 1437 } 1438 } else { 1439 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1440 if (i < 0) { 1441 c_r = 0; 1442 c_w = 0; 1443 if (BIO_should_retry(c_bio)) { 1444 if (BIO_should_read(c_bio)) 1445 c_r = 1; 1446 if (BIO_should_write(c_bio)) 1447 c_w = 1; 1448 } else { 1449 fprintf(stderr, "ERROR in CLIENT\n"); 1450 ERR_print_errors(bio_err); 1451 goto err; 1452 } 1453 } else if (i == 0) { 1454 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1455 goto err; 1456 } else { 1457 if (debug) 1458 printf("client read %d\n", i); 1459 cr_num -= i; 1460 if (sw_num > 0) { 1461 s_write = 1; 1462 s_w = 1; 1463 } 1464 if (cr_num <= 0) { 1465 s_write = 1; 1466 s_w = 1; 1467 done = S_DONE|C_DONE; 1468 } 1469 } 1470 } 1471 } 1472 1473 if (do_server && !(done & S_DONE)) { 1474 if (!s_write) { 1475 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1476 if (i < 0) { 1477 s_r = 0; 1478 s_w = 0; 1479 if (BIO_should_retry(s_bio)) { 1480 if (BIO_should_read(s_bio)) 1481 s_r = 1; 1482 if (BIO_should_write(s_bio)) 1483 s_w = 1; 1484 } else { 1485 fprintf(stderr, "ERROR in SERVER\n"); 1486 ERR_print_errors(bio_err); 1487 goto err; 1488 } 1489 } else if (i == 0) { 1490 ERR_print_errors(bio_err); 1491 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); 1492 goto err; 1493 } else { 1494 if (debug) 1495 printf("server read %d\n", i); 1496 sr_num -= i; 1497 if (cw_num > 0) { 1498 c_write = 1; 1499 c_w = 1; 1500 } 1501 if (sr_num <= 0) { 1502 s_write = 1; 1503 s_w = 1; 1504 c_write = 0; 1505 } 1506 } 1507 } else { 1508 j = (sw_num > (long)sizeof(sbuf)) ? 1509 (int)sizeof(sbuf) : (int)sw_num; 1510 i = BIO_write(s_bio, sbuf, j); 1511 if (i < 0) { 1512 s_r = 0; 1513 s_w = 0; 1514 if (BIO_should_retry(s_bio)) { 1515 if (BIO_should_read(s_bio)) 1516 s_r = 1; 1517 if (BIO_should_write(s_bio)) 1518 s_w = 1; 1519 } else { 1520 fprintf(stderr, "ERROR in SERVER\n"); 1521 ERR_print_errors(bio_err); 1522 goto err; 1523 } 1524 } else if (i == 0) { 1525 ERR_print_errors(bio_err); 1526 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); 1527 goto err; 1528 } else { 1529 if (debug) 1530 printf("server wrote %d\n", i); 1531 sw_num -= i; 1532 s_write = 0; 1533 c_r = 1; 1534 if (sw_num <= 0) 1535 done |= S_DONE; 1536 } 1537 } 1538 } 1539 1540 if ((done & S_DONE) && (done & C_DONE)) 1541 break; 1542 } 1543 1544 if (verbose) 1545 print_details(c_ssl, "DONE: "); 1546 1547 if (verify_npn(c_ssl, s_ssl) < 0) { 1548 ret = 1; 1549 goto err; 1550 } 1551 if (verify_alpn(c_ssl, s_ssl) < 0) { 1552 ret = 1; 1553 goto err; 1554 } 1555 1556 ret = 0; 1557 err: 1558 /* We have to set the BIO's to NULL otherwise they will be 1559 * free()ed twice. Once when th s_ssl is SSL_free()ed and 1560 * again when c_ssl is SSL_free()ed. 1561 * This is a hack required because s_ssl and c_ssl are sharing the same 1562 * BIO structure and SSL_set_bio() and SSL_free() automatically 1563 * BIO_free non NULL entries. 1564 * You should not normally do this or be required to do this */ 1565 if (s_ssl != NULL) { 1566 s_ssl->rbio = NULL; 1567 s_ssl->wbio = NULL; 1568 } 1569 if (c_ssl != NULL) { 1570 c_ssl->rbio = NULL; 1571 c_ssl->wbio = NULL; 1572 } 1573 1574 BIO_free(c_to_s); 1575 BIO_free(s_to_c); 1576 BIO_free_all(c_bio); 1577 BIO_free_all(s_bio); 1578 1579 return (ret); 1580 } 1581 1582 static int 1583 get_proxy_auth_ex_data_idx(void) 1584 { 1585 static volatile int idx = -1; 1586 if (idx < 0) { 1587 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1588 if (idx < 0) { 1589 idx = X509_STORE_CTX_get_ex_new_index(0, 1590 "SSLtest for verify callback", NULL, NULL, NULL); 1591 } 1592 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1593 } 1594 return idx; 1595 } 1596 1597 static int 1598 verify_callback(int ok, X509_STORE_CTX *ctx) 1599 { 1600 char *s, buf[256]; 1601 1602 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 1603 sizeof buf); 1604 if (s != NULL) { 1605 if (ok) 1606 fprintf(stderr, "depth=%d %s\n", 1607 ctx->error_depth, buf); 1608 else { 1609 fprintf(stderr, "depth=%d error=%d %s\n", 1610 ctx->error_depth, ctx->error, buf); 1611 } 1612 } 1613 1614 if (ok == 0) { 1615 fprintf(stderr, "Error string: %s\n", 1616 X509_verify_cert_error_string(ctx->error)); 1617 switch (ctx->error) { 1618 case X509_V_ERR_CERT_NOT_YET_VALID: 1619 case X509_V_ERR_CERT_HAS_EXPIRED: 1620 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1621 fprintf(stderr, " ... ignored.\n"); 1622 ok = 1; 1623 } 1624 } 1625 1626 if (ok == 1) { 1627 X509 *xs = ctx->current_cert; 1628 #if 0 1629 X509 *xi = ctx->current_issuer; 1630 #endif 1631 1632 if (xs->ex_flags & EXFLAG_PROXY) { 1633 unsigned int *letters = 1634 X509_STORE_CTX_get_ex_data(ctx, 1635 get_proxy_auth_ex_data_idx()); 1636 1637 if (letters) { 1638 int found_any = 0; 1639 int i; 1640 PROXY_CERT_INFO_EXTENSION *pci = 1641 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1642 NULL, NULL); 1643 1644 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1645 case NID_Independent: 1646 /* Completely meaningless in this 1647 program, as there's no way to 1648 grant explicit rights to a 1649 specific PrC. Basically, using 1650 id-ppl-Independent is the perfect 1651 way to grant no rights at all. */ 1652 fprintf(stderr, " Independent proxy certificate"); 1653 for (i = 0; i < 26; i++) 1654 letters[i] = 0; 1655 break; 1656 case NID_id_ppl_inheritAll: 1657 /* This is basically a NOP, we 1658 simply let the current rights 1659 stand as they are. */ 1660 fprintf(stderr, " Proxy certificate inherits all"); 1661 break; 1662 default: 1663 s = (char *) 1664 pci->proxyPolicy->policy->data; 1665 i = pci->proxyPolicy->policy->length; 1666 1667 /* The algorithm works as follows: 1668 it is assumed that previous 1669 iterations or the initial granted 1670 rights has already set some elements 1671 of `letters'. What we need to do is 1672 to clear those that weren't granted 1673 by the current PrC as well. The 1674 easiest way to do this is to add 1 1675 to all the elements whose letters 1676 are given with the current policy. 1677 That way, all elements that are set 1678 by the current policy and were 1679 already set by earlier policies and 1680 through the original grant of rights 1681 will get the value 2 or higher. 1682 The last thing to do is to sweep 1683 through `letters' and keep the 1684 elements having the value 2 as set, 1685 and clear all the others. */ 1686 1687 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); 1688 while (i-- > 0) { 1689 int c = *s++; 1690 if (isascii(c) && isalpha(c)) { 1691 if (islower(c)) 1692 c = toupper(c); 1693 letters[c - 'A']++; 1694 } 1695 } 1696 for (i = 0; i < 26; i++) 1697 if (letters[i] < 2) 1698 letters[i] = 0; 1699 else 1700 letters[i] = 1; 1701 } 1702 1703 found_any = 0; 1704 fprintf(stderr, ", resulting proxy rights = "); 1705 for (i = 0; i < 26; i++) 1706 if (letters[i]) { 1707 fprintf(stderr, "%c", i + 'A'); 1708 found_any = 1; 1709 } 1710 if (!found_any) 1711 fprintf(stderr, "none"); 1712 fprintf(stderr, "\n"); 1713 1714 PROXY_CERT_INFO_EXTENSION_free(pci); 1715 } 1716 } 1717 } 1718 1719 return (ok); 1720 } 1721 1722 static void 1723 process_proxy_debug(int indent, const char *format, ...) 1724 { 1725 static const char indentation[] = 1726 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1727 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ 1728 char my_format[256]; 1729 va_list args; 1730 1731 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", 1732 indent, indent, indentation, format); 1733 1734 va_start(args, format); 1735 vfprintf(stderr, my_format, args); 1736 va_end(args); 1737 } 1738 /* Priority levels: 1739 0 [!]var, () 1740 1 & ^ 1741 2 | 1742 */ 1743 static int process_proxy_cond_adders(unsigned int letters[26], 1744 const char *cond, const char **cond_end, int *pos, int indent); 1745 1746 static int 1747 process_proxy_cond_val(unsigned int letters[26], const char *cond, 1748 const char **cond_end, int *pos, int indent) 1749 { 1750 int c; 1751 int ok = 1; 1752 int negate = 0; 1753 1754 while (isspace((int)*cond)) { 1755 cond++; 1756 (*pos)++; 1757 } 1758 c = *cond; 1759 1760 if (debug) 1761 process_proxy_debug(indent, 1762 "Start process_proxy_cond_val at position %d: %s\n", 1763 *pos, cond); 1764 1765 while (c == '!') { 1766 negate = !negate; 1767 cond++; 1768 (*pos)++; 1769 while (isspace((int)*cond)) { 1770 cond++; 1771 (*pos)++; 1772 } 1773 c = *cond; 1774 } 1775 1776 if (c == '(') { 1777 cond++; 1778 (*pos)++; 1779 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1780 indent + 1); 1781 cond = *cond_end; 1782 if (ok < 0) 1783 goto end; 1784 while (isspace((int)*cond)) { 1785 cond++; 1786 (*pos)++; 1787 } 1788 c = *cond; 1789 if (c != ')') { 1790 fprintf(stderr, 1791 "Weird condition character in position %d: " 1792 "%c\n", *pos, c); 1793 ok = -1; 1794 goto end; 1795 } 1796 cond++; 1797 (*pos)++; 1798 } else if (isascii(c) && isalpha(c)) { 1799 if (islower(c)) 1800 c = toupper(c); 1801 ok = letters[c - 'A']; 1802 cond++; 1803 (*pos)++; 1804 } else { 1805 fprintf(stderr, 1806 "Weird condition character in position %d: " 1807 "%c\n", *pos, c); 1808 ok = -1; 1809 goto end; 1810 } 1811 end: 1812 *cond_end = cond; 1813 if (ok >= 0 && negate) 1814 ok = !ok; 1815 1816 if (debug) 1817 process_proxy_debug(indent, 1818 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1819 *pos, cond, ok); 1820 1821 return ok; 1822 } 1823 1824 static int 1825 process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, 1826 const char **cond_end, int *pos, int indent) 1827 { 1828 int ok; 1829 char c; 1830 1831 if (debug) 1832 process_proxy_debug(indent, 1833 "Start process_proxy_cond_multipliers at position %d: %s\n", 1834 *pos, cond); 1835 1836 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 1837 cond = *cond_end; 1838 if (ok < 0) 1839 goto end; 1840 1841 while (ok >= 0) { 1842 while (isspace((int)*cond)) { 1843 cond++; 1844 (*pos)++; 1845 } 1846 c = *cond; 1847 1848 switch (c) { 1849 case '&': 1850 case '^': 1851 { 1852 int save_ok = ok; 1853 1854 cond++; 1855 (*pos)++; 1856 ok = process_proxy_cond_val(letters, 1857 cond, cond_end, pos, indent + 1); 1858 cond = *cond_end; 1859 if (ok < 0) 1860 break; 1861 1862 switch (c) { 1863 case '&': 1864 ok &= save_ok; 1865 break; 1866 case '^': 1867 ok ^= save_ok; 1868 break; 1869 default: 1870 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1871 " STOPPING\n"); 1872 exit(1); 1873 } 1874 } 1875 break; 1876 default: 1877 goto end; 1878 } 1879 } 1880 end: 1881 if (debug) 1882 process_proxy_debug(indent, 1883 "End process_proxy_cond_multipliers at position %d: %s, " 1884 "returning %d\n", 1885 *pos, cond, ok); 1886 1887 *cond_end = cond; 1888 return ok; 1889 } 1890 1891 static int 1892 process_proxy_cond_adders(unsigned int letters[26], const char *cond, 1893 const char **cond_end, int *pos, int indent) 1894 { 1895 int ok; 1896 char c; 1897 1898 if (debug) 1899 process_proxy_debug(indent, 1900 "Start process_proxy_cond_adders at position %d: %s\n", 1901 *pos, cond); 1902 1903 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 1904 indent + 1); 1905 cond = *cond_end; 1906 if (ok < 0) 1907 goto end; 1908 1909 while (ok >= 0) { 1910 while (isspace((int)*cond)) { 1911 cond++; 1912 (*pos)++; 1913 } 1914 c = *cond; 1915 1916 switch (c) { 1917 case '|': 1918 { 1919 int save_ok = ok; 1920 1921 cond++; 1922 (*pos)++; 1923 ok = process_proxy_cond_multipliers(letters, 1924 cond, cond_end, pos, indent + 1); 1925 cond = *cond_end; 1926 if (ok < 0) 1927 break; 1928 1929 switch (c) { 1930 case '|': 1931 ok |= save_ok; 1932 break; 1933 default: 1934 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1935 " STOPPING\n"); 1936 exit(1); 1937 } 1938 } 1939 break; 1940 default: 1941 goto end; 1942 } 1943 } 1944 end: 1945 if (debug) 1946 process_proxy_debug(indent, 1947 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 1948 *pos, cond, ok); 1949 1950 *cond_end = cond; 1951 return ok; 1952 } 1953 1954 static int 1955 process_proxy_cond(unsigned int letters[26], const char *cond, 1956 const char **cond_end) 1957 { 1958 int pos = 1; 1959 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 1960 } 1961 1962 static int 1963 app_verify_callback(X509_STORE_CTX *ctx, void *arg) 1964 { 1965 int ok = 1; 1966 struct app_verify_arg *cb_arg = arg; 1967 unsigned int letters[26]; /* only used with proxy_auth */ 1968 1969 if (cb_arg->app_verify) { 1970 char *s = NULL, buf[256]; 1971 1972 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1973 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1974 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 1975 (void *)ctx, (void *)ctx->cert); 1976 if (ctx->cert) 1977 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 1978 if (s != NULL) { 1979 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 1980 } 1981 return (1); 1982 } 1983 if (cb_arg->proxy_auth) { 1984 int found_any = 0, i; 1985 char *sp; 1986 1987 for (i = 0; i < 26; i++) 1988 letters[i] = 0; 1989 for (sp = cb_arg->proxy_auth; *sp; sp++) { 1990 int c = *sp; 1991 if (isascii(c) && isalpha(c)) { 1992 if (islower(c)) 1993 c = toupper(c); 1994 letters[c - 'A'] = 1; 1995 } 1996 } 1997 1998 fprintf(stderr, " Initial proxy rights = "); 1999 for (i = 0; i < 26; i++) 2000 if (letters[i]) { 2001 fprintf(stderr, "%c", i + 'A'); 2002 found_any = 1; 2003 } 2004 if (!found_any) 2005 fprintf(stderr, "none"); 2006 fprintf(stderr, "\n"); 2007 2008 X509_STORE_CTX_set_ex_data(ctx, 2009 get_proxy_auth_ex_data_idx(), letters); 2010 } 2011 if (cb_arg->allow_proxy_certs) { 2012 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 2013 } 2014 2015 ok = X509_verify_cert(ctx); 2016 2017 if (cb_arg->proxy_auth) { 2018 if (ok > 0) { 2019 const char *cond_end = NULL; 2020 2021 ok = process_proxy_cond(letters, 2022 cb_arg->proxy_cond, &cond_end); 2023 2024 if (ok < 0) 2025 exit(3); 2026 if (*cond_end) { 2027 fprintf(stderr, "Stopped processing condition before it's end.\n"); 2028 ok = 0; 2029 } 2030 if (!ok) 2031 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", 2032 cb_arg->proxy_cond); 2033 else 2034 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", 2035 cb_arg->proxy_cond); 2036 } 2037 } 2038 return (ok); 2039 } 2040 2041 static RSA *rsa_tmp = NULL; 2042 2043 static RSA * 2044 tmp_rsa_cb(SSL *s, int is_export, int keylength) 2045 { 2046 BIGNUM *bn = NULL; 2047 if (rsa_tmp == NULL) { 2048 bn = BN_new(); 2049 rsa_tmp = RSA_new(); 2050 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { 2051 BIO_printf(bio_err, "Memory error..."); 2052 goto end; 2053 } 2054 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); 2055 (void)BIO_flush(bio_err); 2056 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 2057 BIO_printf(bio_err, "Error generating key."); 2058 RSA_free(rsa_tmp); 2059 rsa_tmp = NULL; 2060 } 2061 end: 2062 BIO_printf(bio_err, "\n"); 2063 (void)BIO_flush(bio_err); 2064 } 2065 if (bn) 2066 BN_free(bn); 2067 return (rsa_tmp); 2068 } 2069 2070 static void 2071 free_tmp_rsa(void) 2072 { 2073 if (rsa_tmp != NULL) { 2074 RSA_free(rsa_tmp); 2075 rsa_tmp = NULL; 2076 } 2077 } 2078 2079 /* These DH parameters have been generated as follows: 2080 * $ openssl dhparam -C -noout 1024 2081 * $ openssl dhparam -C -noout -dsaparam 1024 2082 * (The second function has been renamed to avoid name conflicts.) 2083 */ 2084 static DH * 2085 get_dh1024() 2086 { 2087 static unsigned char dh1024_p[] = { 2088 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, 2089 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, 2090 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, 2091 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, 2092 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, 2093 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, 2094 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, 2095 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, 2096 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, 2097 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, 2098 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 2099 }; 2100 static unsigned char dh1024_g[] = { 2101 0x02, 2102 }; 2103 DH *dh; 2104 2105 if ((dh = DH_new()) == NULL) 2106 return (NULL); 2107 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2108 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2109 if ((dh->p == NULL) || (dh->g == NULL)) { 2110 DH_free(dh); 2111 return (NULL); 2112 } 2113 return (dh); 2114 } 2115 2116 static DH * 2117 get_dh1024dsa() 2118 { 2119 static unsigned char dh1024_p[] = { 2120 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, 2121 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, 2122 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, 2123 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, 2124 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, 2125 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, 2126 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, 2127 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, 2128 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, 2129 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, 2130 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 2131 }; 2132 static unsigned char dh1024_g[] = { 2133 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, 2134 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, 2135 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, 2136 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, 2137 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, 2138 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, 2139 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, 2140 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, 2141 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, 2142 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, 2143 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 2144 }; 2145 DH *dh; 2146 2147 if ((dh = DH_new()) == NULL) 2148 return (NULL); 2149 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2150 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2151 if ((dh->p == NULL) || (dh->g == NULL)) { 2152 DH_free(dh); 2153 return (NULL); 2154 } 2155 dh->length = 160; 2156 return (dh); 2157 } 2158 2159 static int 2160 do_test_cipherlist(void) 2161 { 2162 int i = 0; 2163 const SSL_METHOD *meth; 2164 const SSL_CIPHER *ci, *tci = NULL; 2165 2166 fprintf(stderr, "testing TLSv1 cipher list order: "); 2167 meth = TLSv1_method(); 2168 tci = NULL; 2169 while ((ci = meth->get_cipher(i++)) != NULL) { 2170 if (tci != NULL) { 2171 if (ci->id >= tci->id) { 2172 fprintf(stderr, 2173 "failed %lx vs. %lx\n", ci->id, tci->id); 2174 return 0; 2175 } 2176 } 2177 tci = ci; 2178 } 2179 fprintf(stderr, "ok\n"); 2180 2181 return 1; 2182 } 2183