1 /* ssl/ssltest.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly 144 on Linux and GNU platforms. */ 145 #include <sys/types.h> 146 #include <sys/param.h> 147 #include <sys/socket.h> 148 149 #include <netinet/in.h> 150 151 #include <assert.h> 152 #include <errno.h> 153 #include <limits.h> 154 #include <netdb.h> 155 #include <stdio.h> 156 #include <stdlib.h> 157 #include <string.h> 158 #include <time.h> 159 #include <unistd.h> 160 161 #include <ctype.h> 162 163 #include <openssl/opensslconf.h> 164 #include <openssl/e_os2.h> 165 #include <openssl/bio.h> 166 #include <openssl/crypto.h> 167 #include <openssl/evp.h> 168 #include <openssl/x509.h> 169 #include <openssl/x509v3.h> 170 #include <openssl/ssl.h> 171 #ifndef OPENSSL_NO_ENGINE 172 #include <openssl/engine.h> 173 #endif 174 #include <openssl/err.h> 175 #include <openssl/rand.h> 176 #include <openssl/rsa.h> 177 #include <openssl/dsa.h> 178 #include <openssl/dh.h> 179 #include <openssl/bn.h> 180 181 #define _XOPEN_SOURCE_EXTENDED 1 182 /* Or gethostname won't be declared properly 183 on Compaq platforms (at least with DEC C). 184 Do not try to put it earlier, or IPv6 includes 185 get screwed... */ 186 187 188 # define TEST_SERVER_CERT "../apps/server.pem" 189 # define TEST_CLIENT_CERT "../apps/client.pem" 190 191 static int verify_callback(int ok, X509_STORE_CTX *ctx); 192 static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); 193 static void free_tmp_rsa(void); 194 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 195 #define APP_CALLBACK_STRING "Test Callback Argument" 196 struct app_verify_arg { 197 char *string; 198 int app_verify; 199 int allow_proxy_certs; 200 char *proxy_auth; 201 char *proxy_cond; 202 }; 203 204 static DH *get_dh512(void); 205 static DH *get_dh1024(void); 206 static DH *get_dh1024dsa(void); 207 208 static BIO *bio_err = NULL; 209 static BIO *bio_stdout = NULL; 210 211 #ifndef OPENSSL_NO_NEXTPROTONEG 212 /* Note that this code assumes that this is only a one element list: */ 213 static const char NEXT_PROTO_STRING[] = "\x09testproto"; 214 int npn_client = 0; 215 int npn_server = 0; 216 int npn_server_reject = 0; 217 218 static int 219 cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, 220 const unsigned char *in, unsigned int inlen, void *arg) 221 { 222 /* 223 * This callback only returns the protocol string, rather than a length 224 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list 225 * and remove the first byte to chop off the length prefix. 226 */ 227 *out = (unsigned char *)NEXT_PROTO_STRING + 1; 228 *outlen = sizeof(NEXT_PROTO_STRING) - 2; 229 return (SSL_TLSEXT_ERR_OK); 230 } 231 232 static int 233 cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 234 { 235 *data = (const unsigned char *)NEXT_PROTO_STRING; 236 *len = sizeof(NEXT_PROTO_STRING) - 1; 237 return (SSL_TLSEXT_ERR_OK); 238 } 239 240 static int 241 cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, 242 void *arg) 243 { 244 return (SSL_TLSEXT_ERR_NOACK); 245 } 246 247 static int 248 verify_npn(SSL *client, SSL *server) 249 { 250 const unsigned char *client_s; 251 unsigned int client_len; 252 const unsigned char *server_s; 253 unsigned int server_len; 254 255 SSL_get0_next_proto_negotiated(client, &client_s, &client_len); 256 SSL_get0_next_proto_negotiated(server, &server_s, &server_len); 257 258 if (client_len) { 259 BIO_printf(bio_stdout, "Client NPN: "); 260 BIO_write(bio_stdout, client_s, client_len); 261 BIO_printf(bio_stdout, "\n"); 262 } 263 264 if (server_len) { 265 BIO_printf(bio_stdout, "Server NPN: "); 266 BIO_write(bio_stdout, server_s, server_len); 267 BIO_printf(bio_stdout, "\n"); 268 } 269 270 /* 271 * If an NPN string was returned, it must be the protocol that we 272 * expected to negotiate. 273 */ 274 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 || 275 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len))) 276 return (-1); 277 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 || 278 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len))) 279 return (-1); 280 281 if (!npn_client && client_len) 282 return (-1); 283 if (!npn_server && server_len) 284 return (-1); 285 if (npn_server_reject && server_len) 286 return (-1); 287 if (npn_client && npn_server && (!client_len || !server_len)) 288 return (-1); 289 290 return (0); 291 } 292 #endif 293 294 static char *cipher = NULL; 295 static int verbose = 0; 296 static int debug = 0; 297 298 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 299 clock_t *c_time); 300 int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 301 static int do_test_cipherlist(void); 302 303 static void 304 sv_usage(void) 305 { 306 fprintf(stderr, "usage: ssltest [args ...]\n"); 307 fprintf(stderr, "\n"); 308 fprintf(stderr, " -server_auth - check server certificate\n"); 309 fprintf(stderr, " -client_auth - do client authentication\n"); 310 fprintf(stderr, " -proxy - allow proxy certificates\n"); 311 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 312 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n"); 313 fprintf(stderr, " -v - more output\n"); 314 fprintf(stderr, " -d - debug output\n"); 315 fprintf(stderr, " -reuse - use session-id reuse\n"); 316 fprintf(stderr, " -num <val> - number of connections to perform\n"); 317 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n"); 318 fprintf(stderr, " -dhe1024 - use 1024 bit key (safe prime) for DHE\n"); 319 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 320 fprintf(stderr, " -no_dhe - disable DHE\n"); 321 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 322 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 323 fprintf(stderr, " -ssl3 - use SSLv3\n"); 324 fprintf(stderr, " -tls1 - use TLSv1\n"); 325 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 326 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 327 fprintf(stderr, " -cert arg - Server certificate file\n"); 328 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); 329 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 330 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); 331 fprintf(stderr, " -cipher arg - The cipher list\n"); 332 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 333 fprintf(stderr, " -f - Test even cases that can't work\n"); 334 fprintf(stderr, " -time - measure processor time used by client and server\n"); 335 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 336 " Use \"openssl ecparam -list_curves\" for all names\n" \ 337 " (default is sect163r2).\n"); 338 fprintf(stderr, " -test_cipherlist - verifies the order of the ssl cipher lists\n"); 339 #ifndef OPENSSL_NO_NEXTPROTONEG 340 fprintf(stderr, " -npn_client - have client side offer NPN\n"); 341 fprintf(stderr, " -npn_server - have server side offer NPN\n"); 342 fprintf(stderr, " -npn_server_reject - have server reject NPN\n"); 343 #endif 344 } 345 346 static void 347 print_details(SSL *c_ssl, const char *prefix) 348 { 349 const SSL_CIPHER *ciph; 350 X509 *cert; 351 352 ciph = SSL_get_current_cipher(c_ssl); 353 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 354 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), 355 SSL_CIPHER_get_name(ciph)); 356 cert = SSL_get_peer_certificate(c_ssl); 357 if (cert != NULL) { 358 EVP_PKEY *pkey = X509_get_pubkey(cert); 359 if (pkey != NULL) { 360 if (pkey->type == EVP_PKEY_RSA && 361 pkey->pkey.rsa != NULL && 362 pkey->pkey.rsa->n != NULL) { 363 BIO_printf(bio_stdout, ", %d bit RSA", 364 BN_num_bits(pkey->pkey.rsa->n)); 365 } else if (pkey->type == EVP_PKEY_DSA && 366 pkey->pkey.dsa != NULL && 367 pkey->pkey.dsa->p != NULL) { 368 BIO_printf(bio_stdout, ", %d bit DSA", 369 BN_num_bits(pkey->pkey.dsa->p)); 370 } 371 EVP_PKEY_free(pkey); 372 } 373 X509_free(cert); 374 } 375 /* The SSL API does not allow us to look at temporary RSA/DH keys, 376 * otherwise we should print their lengths too */ 377 BIO_printf(bio_stdout, "\n"); 378 } 379 380 static void 381 lock_dbg_cb(int mode, int type, const char *file, int line) 382 { 383 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ 384 const char *errstr = NULL; 385 int rw; 386 387 rw = mode & (CRYPTO_READ|CRYPTO_WRITE); 388 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) { 389 errstr = "invalid mode"; 390 goto err; 391 } 392 393 if (type < 0 || type >= CRYPTO_NUM_LOCKS) { 394 errstr = "type out of bounds"; 395 goto err; 396 } 397 398 if (mode & CRYPTO_LOCK) { 399 if (modes[type]) { 400 errstr = "already locked"; 401 /* must not happen in a single-threaded program 402 * (would deadlock) */ 403 goto err; 404 } 405 406 modes[type] = rw; 407 } else if (mode & CRYPTO_UNLOCK) { 408 if (!modes[type]) { 409 errstr = "not locked"; 410 goto err; 411 } 412 413 if (modes[type] != rw) { 414 errstr = (rw == CRYPTO_READ) ? 415 "CRYPTO_r_unlock on write lock" : 416 "CRYPTO_w_unlock on read lock"; 417 } 418 419 modes[type] = 0; 420 } else { 421 errstr = "invalid mode"; 422 goto err; 423 } 424 425 err: 426 if (errstr) { 427 /* we cannot use bio_err here */ 428 fprintf(stderr, 429 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n", 430 errstr, mode, type, file, line); 431 } 432 } 433 434 int 435 main(int argc, char *argv[]) 436 { 437 char *CApath = NULL, *CAfile = NULL; 438 int badop = 0; 439 int bio_pair = 0; 440 int force = 0; 441 int tls1 = 0, ssl2 = 0, ssl3 = 0, dtls1 = 0, ret = 1; 442 int client_auth = 0; 443 int server_auth = 0, i; 444 struct app_verify_arg app_verify_arg = 445 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 446 char *server_cert = TEST_SERVER_CERT; 447 char *server_key = NULL; 448 char *client_cert = TEST_CLIENT_CERT; 449 char *client_key = NULL; 450 char *named_curve = NULL; 451 SSL_CTX *s_ctx = NULL; 452 SSL_CTX *c_ctx = NULL; 453 const SSL_METHOD *meth = NULL; 454 SSL *c_ssl, *s_ssl; 455 int number = 1, reuse = 0; 456 long bytes = 256L; 457 DH *dh; 458 int dhe1024 = 0, dhe1024dsa = 0; 459 EC_KEY *ecdh = NULL; 460 int no_dhe = 0; 461 int no_ecdhe = 0; 462 int print_time = 0; 463 clock_t s_time = 0, c_time = 0; 464 int test_cipherlist = 0; 465 466 verbose = 0; 467 debug = 0; 468 cipher = 0; 469 470 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); 471 472 CRYPTO_set_locking_callback(lock_dbg_cb); 473 474 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); 475 476 argc--; 477 argv++; 478 479 while (argc >= 1) { 480 if (!strcmp(*argv, "-F")) { 481 fprintf(stderr, "not compiled with FIPS support, so exitting without running.\n"); 482 exit(0); 483 } else if (strcmp(*argv, "-server_auth") == 0) 484 server_auth = 1; 485 else if (strcmp(*argv, "-client_auth") == 0) 486 client_auth = 1; 487 else if (strcmp(*argv, "-proxy_auth") == 0) { 488 if (--argc < 1) 489 goto bad; 490 app_verify_arg.proxy_auth= *(++argv); 491 } else if (strcmp(*argv, "-proxy_cond") == 0) { 492 if (--argc < 1) 493 goto bad; 494 app_verify_arg.proxy_cond= *(++argv); 495 } else if (strcmp(*argv, "-v") == 0) 496 verbose = 1; 497 else if (strcmp(*argv, "-d") == 0) 498 debug = 1; 499 else if (strcmp(*argv, "-reuse") == 0) 500 reuse = 1; 501 else if (strcmp(*argv, "-dhe1024") == 0) { 502 dhe1024 = 1; 503 } else if (strcmp(*argv, "-dhe1024dsa") == 0) { 504 dhe1024dsa = 1; 505 } else if (strcmp(*argv, "-no_dhe") == 0) 506 no_dhe = 1; 507 else if (strcmp(*argv, "-no_ecdhe") == 0) 508 no_ecdhe = 1; 509 else if (strcmp(*argv, "-dtls1") == 0) 510 dtls1 = 1; 511 else if (strcmp(*argv, "-ssl2") == 0) 512 ssl2 = 1; 513 else if (strcmp(*argv, "-ssl3") == 0) 514 ssl3 = 1; 515 else if (strcmp(*argv, "-tls1") == 0) 516 tls1 = 1; 517 else if (strncmp(*argv, "-num", 4) == 0) { 518 if (--argc < 1) 519 goto bad; 520 number = atoi(*(++argv)); 521 if (number == 0) 522 number = 1; 523 } else if (strcmp(*argv, "-bytes") == 0) { 524 if (--argc < 1) 525 goto bad; 526 bytes = atol(*(++argv)); 527 if (bytes == 0L) 528 bytes = 1L; 529 i = strlen(argv[0]); 530 if (argv[0][i - 1] == 'k') 531 bytes*=1024L; 532 if (argv[0][i - 1] == 'm') 533 bytes*=1024L*1024L; 534 } else if (strcmp(*argv, "-cert") == 0) { 535 if (--argc < 1) 536 goto bad; 537 server_cert= *(++argv); 538 } else if (strcmp(*argv, "-s_cert") == 0) { 539 if (--argc < 1) 540 goto bad; 541 server_cert= *(++argv); 542 } else if (strcmp(*argv, "-key") == 0) { 543 if (--argc < 1) 544 goto bad; 545 server_key= *(++argv); 546 } else if (strcmp(*argv, "-s_key") == 0) { 547 if (--argc < 1) 548 goto bad; 549 server_key= *(++argv); 550 } else if (strcmp(*argv, "-c_cert") == 0) { 551 if (--argc < 1) 552 goto bad; 553 client_cert= *(++argv); 554 } else if (strcmp(*argv, "-c_key") == 0) { 555 if (--argc < 1) 556 goto bad; 557 client_key= *(++argv); 558 } else if (strcmp(*argv, "-cipher") == 0) { 559 if (--argc < 1) 560 goto bad; 561 cipher= *(++argv); 562 } else if (strcmp(*argv, "-CApath") == 0) { 563 if (--argc < 1) 564 goto bad; 565 CApath= *(++argv); 566 } else if (strcmp(*argv, "-CAfile") == 0) { 567 if (--argc < 1) 568 goto bad; 569 CAfile= *(++argv); 570 } else if (strcmp(*argv, "-bio_pair") == 0) { 571 bio_pair = 1; 572 } else if (strcmp(*argv, "-f") == 0) { 573 force = 1; 574 } else if (strcmp(*argv, "-time") == 0) { 575 print_time = 1; 576 } else if (strcmp(*argv, "-named_curve") == 0) { 577 if (--argc < 1) 578 goto bad; 579 named_curve = *(++argv); 580 } else if (strcmp(*argv, "-app_verify") == 0) { 581 app_verify_arg.app_verify = 1; 582 } else if (strcmp(*argv, "-proxy") == 0) { 583 app_verify_arg.allow_proxy_certs = 1; 584 } else if (strcmp(*argv, "-test_cipherlist") == 0) { 585 test_cipherlist = 1; 586 } 587 #ifndef OPENSSL_NO_NEXTPROTONEG 588 else if (strcmp(*argv, "-npn_client") == 0) { 589 npn_client = 1; 590 } else if (strcmp(*argv, "-npn_server") == 0) { 591 npn_server = 1; 592 } else if (strcmp(*argv, "-npn_server_reject") == 0) { 593 npn_server_reject = 1; 594 } 595 #endif 596 else { 597 fprintf(stderr, "unknown option %s\n", *argv); 598 badop = 1; 599 break; 600 } 601 argc--; 602 argv++; 603 } 604 if (badop) { 605 bad: 606 sv_usage(); 607 goto end; 608 } 609 610 if (test_cipherlist == 1) { 611 /* ensure that the cipher list are correctly sorted and exit */ 612 if (do_test_cipherlist() == 0) 613 exit(1); 614 ret = 0; 615 goto end; 616 } 617 618 if (!dtls1 && !ssl2 && !ssl3 && !tls1 && 619 number > 1 && !reuse && !force) { 620 fprintf(stderr, 621 "This case cannot work. Use -f to perform " 622 "the test anyway (and\n-d to see what happens), " 623 "or add one of -dtls1, -ssl2, -ssl3, -tls1, -reuse\n" 624 "to avoid protocol mismatch.\n"); 625 exit(1); 626 } 627 628 if (print_time) { 629 if (!bio_pair) { 630 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 631 bio_pair = 1; 632 } 633 if (number < 50 && !force) 634 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 635 } 636 637 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 638 639 SSL_library_init(); 640 SSL_load_error_strings(); 641 642 if (dtls1) 643 meth = DTLSv1_method(); 644 else if (tls1) 645 meth = TLSv1_method(); 646 else if (ssl3) 647 meth = SSLv3_method(); 648 else 649 meth = SSLv23_method(); 650 651 c_ctx = SSL_CTX_new(meth); 652 s_ctx = SSL_CTX_new(meth); 653 if ((c_ctx == NULL) || (s_ctx == NULL)) { 654 ERR_print_errors(bio_err); 655 goto end; 656 } 657 658 if (cipher != NULL) { 659 SSL_CTX_set_cipher_list(c_ctx, cipher); 660 SSL_CTX_set_cipher_list(s_ctx, cipher); 661 } 662 663 if (!no_dhe) { 664 if (dhe1024dsa) { 665 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ 666 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 667 dh = get_dh1024dsa(); 668 } else if (dhe1024) 669 dh = get_dh1024(); 670 else 671 dh = get_dh512(); 672 SSL_CTX_set_tmp_dh(s_ctx, dh); 673 DH_free(dh); 674 } 675 676 if (!no_ecdhe) { 677 int nid; 678 679 if (named_curve != NULL) { 680 nid = OBJ_sn2nid(named_curve); 681 if (nid == 0) { 682 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 683 goto end; 684 } 685 } else 686 #ifdef OPENSSL_NO_EC2M 687 nid = NID_X9_62_prime256v1; 688 #else 689 nid = NID_sect163r2; 690 #endif 691 692 ecdh = EC_KEY_new_by_curve_name(nid); 693 if (ecdh == NULL) { 694 BIO_printf(bio_err, "unable to create curve\n"); 695 goto end; 696 } 697 698 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 699 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 700 EC_KEY_free(ecdh); 701 } 702 703 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); 704 705 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, 706 SSL_FILETYPE_PEM)) { 707 ERR_print_errors(bio_err); 708 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 709 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { 710 ERR_print_errors(bio_err); 711 goto end; 712 } 713 714 if (client_auth) { 715 SSL_CTX_use_certificate_file(c_ctx, client_cert, 716 SSL_FILETYPE_PEM); 717 SSL_CTX_use_PrivateKey_file(c_ctx, 718 (client_key ? client_key : client_cert), 719 SSL_FILETYPE_PEM); 720 } 721 722 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 723 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 724 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 725 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 726 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 727 ERR_print_errors(bio_err); 728 /* goto end; */ 729 } 730 731 if (client_auth) { 732 BIO_printf(bio_err, "client authentication\n"); 733 SSL_CTX_set_verify(s_ctx, 734 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 735 verify_callback); 736 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 737 &app_verify_arg); 738 } 739 if (server_auth) { 740 BIO_printf(bio_err, "server authentication\n"); 741 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, 742 verify_callback); 743 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 744 &app_verify_arg); 745 } 746 747 { 748 int session_id_context = 0; 749 SSL_CTX_set_session_id_context(s_ctx, 750 (void *)&session_id_context, sizeof(session_id_context)); 751 } 752 753 #ifndef OPENSSL_NO_NEXTPROTONEG 754 if (npn_client) 755 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL); 756 if (npn_server) { 757 if (npn_server_reject) { 758 BIO_printf(bio_err, "Can't have both -npn_server and " 759 "-npn_server_reject\n"); 760 goto end; 761 } 762 SSL_CTX_set_next_protos_advertised_cb(s_ctx, 763 cb_server_npn, NULL); 764 } 765 if (npn_server_reject) { 766 SSL_CTX_set_next_protos_advertised_cb(s_ctx, 767 cb_server_rejects_npn, NULL); 768 } 769 #endif 770 771 c_ssl = SSL_new(c_ctx); 772 s_ssl = SSL_new(s_ctx); 773 774 for (i = 0; i < number; i++) { 775 if (!reuse) 776 SSL_set_session(c_ssl, NULL); 777 if (bio_pair) 778 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, 779 &c_time); 780 else 781 ret = doit(s_ssl, c_ssl, bytes); 782 } 783 784 if (!verbose) { 785 print_details(c_ssl, ""); 786 } 787 if ((number > 1) || (bytes > 1L)) 788 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", 789 number, bytes); 790 if (print_time) { 791 #ifdef CLOCKS_PER_SEC 792 /* "To determine the time in seconds, the value returned 793 * by the clock function should be divided by the value 794 * of the macro CLOCKS_PER_SEC." 795 * -- ISO/IEC 9899 */ 796 BIO_printf(bio_stdout, 797 "Approximate total server time: %6.2f s\n" 798 "Approximate total client time: %6.2f s\n", 799 (double)s_time/CLOCKS_PER_SEC, 800 (double)c_time/CLOCKS_PER_SEC); 801 #else 802 /* "`CLOCKS_PER_SEC' undeclared (first use this function)" 803 * -- cc on NeXTstep/OpenStep */ 804 BIO_printf(bio_stdout, 805 "Approximate total server time: %6.2f units\n" 806 "Approximate total client time: %6.2f units\n", 807 (double)s_time, 808 (double)c_time); 809 #endif 810 } 811 812 SSL_free(s_ssl); 813 SSL_free(c_ssl); 814 815 end: 816 if (s_ctx != NULL) 817 SSL_CTX_free(s_ctx); 818 if (c_ctx != NULL) 819 SSL_CTX_free(c_ctx); 820 821 if (bio_stdout != NULL) 822 BIO_free(bio_stdout); 823 824 free_tmp_rsa(); 825 #ifndef OPENSSL_NO_ENGINE 826 ENGINE_cleanup(); 827 #endif 828 CRYPTO_cleanup_all_ex_data(); 829 ERR_free_strings(); 830 ERR_remove_thread_state(NULL); 831 EVP_cleanup(); 832 CRYPTO_mem_leaks(bio_err); 833 if (bio_err != NULL) 834 BIO_free(bio_err); 835 exit(ret); 836 return ret; 837 } 838 839 int 840 doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, 841 clock_t *c_time) 842 { 843 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 844 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 845 BIO *server = NULL, *server_io = NULL; 846 BIO *client = NULL, *client_io = NULL; 847 int ret = 1; 848 849 size_t bufsiz = 256; /* small buffer for testing */ 850 851 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 852 goto err; 853 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 854 goto err; 855 856 s_ssl_bio = BIO_new(BIO_f_ssl()); 857 if (!s_ssl_bio) 858 goto err; 859 860 c_ssl_bio = BIO_new(BIO_f_ssl()); 861 if (!c_ssl_bio) 862 goto err; 863 864 SSL_set_connect_state(c_ssl); 865 SSL_set_bio(c_ssl, client, client); 866 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 867 868 SSL_set_accept_state(s_ssl); 869 SSL_set_bio(s_ssl, server, server); 870 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 871 872 do { 873 /* c_ssl_bio: SSL filter BIO 874 * 875 * client: pseudo-I/O for SSL library 876 * 877 * client_io: client's SSL communication; usually to be 878 * relayed over some I/O facility, but in this 879 * test program, we're the server, too: 880 * 881 * server_io: server's SSL communication 882 * 883 * server: pseudo-I/O for SSL library 884 * 885 * s_ssl_bio: SSL filter BIO 886 * 887 * The client and the server each employ a "BIO pair": 888 * client + client_io, server + server_io. 889 * BIO pairs are symmetric. A BIO pair behaves similar 890 * to a non-blocking socketpair (but both endpoints must 891 * be handled by the same thread). 892 * [Here we could connect client and server to the ends 893 * of a single BIO pair, but then this code would be less 894 * suitable as an example for BIO pairs in general.] 895 * 896 * Useful functions for querying the state of BIO pair endpoints: 897 * 898 * BIO_ctrl_pending(bio) number of bytes we can read now 899 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 900 * other side's read attempt 901 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 902 * 903 * ..._read_request is never more than ..._write_guarantee; 904 * it depends on the application which one you should use. 905 */ 906 907 /* We have non-blocking behaviour throughout this test program, but 908 * can be sure that there is *some* progress in each iteration; so 909 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE 910 * -- we just try everything in each iteration 911 */ 912 913 { 914 /* CLIENT */ 915 916 char cbuf[1024*8]; 917 int i, r; 918 clock_t c_clock = clock(); 919 920 memset(cbuf, 0, sizeof(cbuf)); 921 922 if (debug) 923 if (SSL_in_init(c_ssl)) 924 printf("client waiting in SSL_connect - %s\n", 925 SSL_state_string_long(c_ssl)); 926 927 if (cw_num > 0) { 928 /* Write to server. */ 929 930 if (cw_num > (long)sizeof cbuf) 931 i = sizeof cbuf; 932 else 933 i = (int)cw_num; 934 r = BIO_write(c_ssl_bio, cbuf, i); 935 if (r < 0) { 936 if (!BIO_should_retry(c_ssl_bio)) { 937 fprintf(stderr, "ERROR in CLIENT\n"); 938 goto err; 939 } 940 /* BIO_should_retry(...) can just be ignored here. 941 * The library expects us to call BIO_write with 942 * the same arguments again, and that's what we will 943 * do in the next iteration. */ 944 } else if (r == 0) { 945 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 946 goto err; 947 } else { 948 if (debug) 949 printf("client wrote %d\n", r); 950 cw_num -= r; 951 952 } 953 } 954 955 if (cr_num > 0) { 956 /* Read from server. */ 957 958 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 959 if (r < 0) { 960 if (!BIO_should_retry(c_ssl_bio)) { 961 fprintf(stderr, "ERROR in CLIENT\n"); 962 goto err; 963 } 964 /* Again, "BIO_should_retry" can be ignored. */ 965 } else if (r == 0) { 966 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 967 goto err; 968 } else { 969 if (debug) 970 printf("client read %d\n", r); 971 cr_num -= r; 972 } 973 } 974 975 /* c_time and s_time increments will typically be very small 976 * (depending on machine speed and clock tick intervals), 977 * but sampling over a large number of connections should 978 * result in fairly accurate figures. We cannot guarantee 979 * a lot, however -- if each connection lasts for exactly 980 * one clock tick, it will be counted only for the client 981 * or only for the server or even not at all. 982 */ 983 *c_time += (clock() - c_clock); 984 } 985 986 { 987 /* SERVER */ 988 989 char sbuf[1024*8]; 990 int i, r; 991 clock_t s_clock = clock(); 992 993 memset(sbuf, 0, sizeof(sbuf)); 994 995 if (debug) 996 if (SSL_in_init(s_ssl)) 997 printf("server waiting in SSL_accept - %s\n", 998 SSL_state_string_long(s_ssl)); 999 1000 if (sw_num > 0) { 1001 /* Write to client. */ 1002 1003 if (sw_num > (long)sizeof sbuf) 1004 i = sizeof sbuf; 1005 else 1006 i = (int)sw_num; 1007 r = BIO_write(s_ssl_bio, sbuf, i); 1008 if (r < 0) { 1009 if (!BIO_should_retry(s_ssl_bio)) { 1010 fprintf(stderr, "ERROR in SERVER\n"); 1011 goto err; 1012 } 1013 /* Ignore "BIO_should_retry". */ 1014 } else if (r == 0) { 1015 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1016 goto err; 1017 } else { 1018 if (debug) 1019 printf("server wrote %d\n", r); 1020 sw_num -= r; 1021 1022 } 1023 } 1024 1025 if (sr_num > 0) { 1026 /* Read from client. */ 1027 1028 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 1029 if (r < 0) { 1030 if (!BIO_should_retry(s_ssl_bio)) { 1031 fprintf(stderr, "ERROR in SERVER\n"); 1032 goto err; 1033 } 1034 /* blah, blah */ 1035 } else if (r == 0) { 1036 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1037 goto err; 1038 } else { 1039 if (debug) 1040 printf("server read %d\n", r); 1041 sr_num -= r; 1042 } 1043 } 1044 1045 *s_time += (clock() - s_clock); 1046 } 1047 1048 { 1049 /* "I/O" BETWEEN CLIENT AND SERVER. */ 1050 1051 size_t r1, r2; 1052 BIO *io1 = server_io, *io2 = client_io; 1053 /* we use the non-copying interface for io1 1054 * and the standard BIO_write/BIO_read interface for io2 1055 */ 1056 1057 static int prev_progress = 1; 1058 int progress = 0; 1059 1060 /* io1 to io2 */ 1061 do { 1062 size_t num; 1063 int r; 1064 1065 r1 = BIO_ctrl_pending(io1); 1066 r2 = BIO_ctrl_get_write_guarantee(io2); 1067 1068 num = r1; 1069 if (r2 < num) 1070 num = r2; 1071 if (num) { 1072 char *dataptr; 1073 1074 if (INT_MAX < num) /* yeah, right */ 1075 num = INT_MAX; 1076 1077 r = BIO_nread(io1, &dataptr, (int)num); 1078 assert(r > 0); 1079 assert(r <= (int)num); 1080 /* possibly r < num (non-contiguous data) */ 1081 num = r; 1082 r = BIO_write(io2, dataptr, (int)num); 1083 if (r != (int)num) /* can't happen */ 1084 { 1085 fprintf(stderr, "ERROR: BIO_write could not write " 1086 "BIO_ctrl_get_write_guarantee() bytes"); 1087 goto err; 1088 } 1089 progress = 1; 1090 1091 if (debug) 1092 printf((io1 == client_io) ? 1093 "C->S relaying: %d bytes\n" : 1094 "S->C relaying: %d bytes\n", 1095 (int)num); 1096 } 1097 } while (r1 && r2); 1098 1099 /* io2 to io1 */ 1100 { 1101 size_t num; 1102 int r; 1103 1104 r1 = BIO_ctrl_pending(io2); 1105 r2 = BIO_ctrl_get_read_request(io1); 1106 /* here we could use ..._get_write_guarantee instead of 1107 * ..._get_read_request, but by using the latter 1108 * we test restartability of the SSL implementation 1109 * more thoroughly */ 1110 num = r1; 1111 if (r2 < num) 1112 num = r2; 1113 if (num) { 1114 char *dataptr; 1115 1116 if (INT_MAX < num) 1117 num = INT_MAX; 1118 1119 if (num > 1) 1120 --num; /* test restartability even more thoroughly */ 1121 1122 r = BIO_nwrite0(io1, &dataptr); 1123 assert(r > 0); 1124 if (r < (int)num) 1125 num = r; 1126 r = BIO_read(io2, dataptr, (int)num); 1127 if (r != (int)num) /* can't happen */ 1128 { 1129 fprintf(stderr, "ERROR: BIO_read could not read " 1130 "BIO_ctrl_pending() bytes"); 1131 goto err; 1132 } 1133 progress = 1; 1134 r = BIO_nwrite(io1, &dataptr, (int)num); 1135 if (r != (int)num) /* can't happen */ 1136 { 1137 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1138 "BIO_nwrite0() bytes"); 1139 goto err; 1140 } 1141 1142 if (debug) 1143 printf((io2 == client_io) ? 1144 "C->S relaying: %d bytes\n" : 1145 "S->C relaying: %d bytes\n", 1146 (int)num); 1147 } 1148 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ 1149 1150 if (!progress && !prev_progress) 1151 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1152 fprintf(stderr, "ERROR: got stuck\n"); 1153 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) { 1154 fprintf(stderr, "This can happen for SSL2 because " 1155 "CLIENT-FINISHED and SERVER-VERIFY are written \n" 1156 "concurrently ..."); 1157 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 && 1158 strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) { 1159 fprintf(stderr, " ok.\n"); 1160 goto end; 1161 } 1162 } 1163 fprintf(stderr, " ERROR.\n"); 1164 goto err; 1165 } 1166 prev_progress = progress; 1167 } 1168 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1169 1170 if (verbose) 1171 print_details(c_ssl, "DONE via BIO pair: "); 1172 1173 #ifndef OPENSSL_NO_NEXTPROTONEG 1174 if (verify_npn(c_ssl, s_ssl) < 0) { 1175 ret = 1; 1176 goto err; 1177 } 1178 #endif 1179 1180 end: 1181 ret = 0; 1182 1183 err: 1184 ERR_print_errors(bio_err); 1185 1186 if (server) 1187 BIO_free(server); 1188 if (server_io) 1189 BIO_free(server_io); 1190 if (client) 1191 BIO_free(client); 1192 if (client_io) 1193 BIO_free(client_io); 1194 if (s_ssl_bio) 1195 BIO_free(s_ssl_bio); 1196 if (c_ssl_bio) 1197 BIO_free(c_ssl_bio); 1198 1199 return ret; 1200 } 1201 1202 1203 #define W_READ 1 1204 #define W_WRITE 2 1205 #define C_DONE 1 1206 #define S_DONE 2 1207 1208 int 1209 doit(SSL *s_ssl, SSL *c_ssl, long count) 1210 { 1211 char cbuf[1024*8], sbuf[1024*8]; 1212 long cw_num = count, cr_num = count; 1213 long sw_num = count, sr_num = count; 1214 int ret = 1; 1215 BIO *c_to_s = NULL; 1216 BIO *s_to_c = NULL; 1217 BIO *c_bio = NULL; 1218 BIO *s_bio = NULL; 1219 int c_r, c_w, s_r, s_w; 1220 int i, j; 1221 int done = 0; 1222 int c_write, s_write; 1223 int do_server = 0, do_client = 0; 1224 1225 memset(cbuf, 0, sizeof(cbuf)); 1226 memset(sbuf, 0, sizeof(sbuf)); 1227 1228 c_to_s = BIO_new(BIO_s_mem()); 1229 s_to_c = BIO_new(BIO_s_mem()); 1230 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1231 ERR_print_errors(bio_err); 1232 goto err; 1233 } 1234 1235 c_bio = BIO_new(BIO_f_ssl()); 1236 s_bio = BIO_new(BIO_f_ssl()); 1237 if ((c_bio == NULL) || (s_bio == NULL)) { 1238 ERR_print_errors(bio_err); 1239 goto err; 1240 } 1241 1242 SSL_set_connect_state(c_ssl); 1243 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1244 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1245 1246 SSL_set_accept_state(s_ssl); 1247 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1248 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1249 1250 c_r = 0; 1251 s_r = 1; 1252 c_w = 1; 1253 s_w = 0; 1254 c_write = 1, s_write = 0; 1255 1256 /* We can always do writes */ 1257 for (;;) { 1258 do_server = 0; 1259 do_client = 0; 1260 1261 i = (int)BIO_pending(s_bio); 1262 if ((i && s_r) || s_w) 1263 do_server = 1; 1264 1265 i = (int)BIO_pending(c_bio); 1266 if ((i && c_r) || c_w) 1267 do_client = 1; 1268 1269 if (do_server && debug) { 1270 if (SSL_in_init(s_ssl)) 1271 printf("server waiting in SSL_accept - %s\n", 1272 SSL_state_string_long(s_ssl)); 1273 /* else if (s_write) 1274 printf("server:SSL_write()\n"); 1275 else 1276 printf("server:SSL_read()\n"); */ 1277 } 1278 1279 if (do_client && debug) { 1280 if (SSL_in_init(c_ssl)) 1281 printf("client waiting in SSL_connect - %s\n", 1282 SSL_state_string_long(c_ssl)); 1283 /* else if (c_write) 1284 printf("client:SSL_write()\n"); 1285 else 1286 printf("client:SSL_read()\n"); */ 1287 } 1288 1289 if (!do_client && !do_server) { 1290 fprintf(stdout, "ERROR IN STARTUP\n"); 1291 ERR_print_errors(bio_err); 1292 break; 1293 } 1294 if (do_client && !(done & C_DONE)) { 1295 if (c_write) { 1296 j = (cw_num > (long)sizeof(cbuf)) ? 1297 (int)sizeof(cbuf) : (int)cw_num; 1298 i = BIO_write(c_bio, cbuf, j); 1299 if (i < 0) { 1300 c_r = 0; 1301 c_w = 0; 1302 if (BIO_should_retry(c_bio)) { 1303 if (BIO_should_read(c_bio)) 1304 c_r = 1; 1305 if (BIO_should_write(c_bio)) 1306 c_w = 1; 1307 } else { 1308 fprintf(stderr, "ERROR in CLIENT\n"); 1309 ERR_print_errors(bio_err); 1310 goto err; 1311 } 1312 } else if (i == 0) { 1313 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1314 goto err; 1315 } else { 1316 if (debug) 1317 printf("client wrote %d\n", i); 1318 /* ok */ 1319 s_r = 1; 1320 c_write = 0; 1321 cw_num -= i; 1322 } 1323 } else { 1324 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1325 if (i < 0) { 1326 c_r = 0; 1327 c_w = 0; 1328 if (BIO_should_retry(c_bio)) { 1329 if (BIO_should_read(c_bio)) 1330 c_r = 1; 1331 if (BIO_should_write(c_bio)) 1332 c_w = 1; 1333 } else { 1334 fprintf(stderr, "ERROR in CLIENT\n"); 1335 ERR_print_errors(bio_err); 1336 goto err; 1337 } 1338 } else if (i == 0) { 1339 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1340 goto err; 1341 } else { 1342 if (debug) 1343 printf("client read %d\n", i); 1344 cr_num -= i; 1345 if (sw_num > 0) { 1346 s_write = 1; 1347 s_w = 1; 1348 } 1349 if (cr_num <= 0) { 1350 s_write = 1; 1351 s_w = 1; 1352 done = S_DONE|C_DONE; 1353 } 1354 } 1355 } 1356 } 1357 1358 if (do_server && !(done & S_DONE)) { 1359 if (!s_write) { 1360 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1361 if (i < 0) { 1362 s_r = 0; 1363 s_w = 0; 1364 if (BIO_should_retry(s_bio)) { 1365 if (BIO_should_read(s_bio)) 1366 s_r = 1; 1367 if (BIO_should_write(s_bio)) 1368 s_w = 1; 1369 } else { 1370 fprintf(stderr, "ERROR in SERVER\n"); 1371 ERR_print_errors(bio_err); 1372 goto err; 1373 } 1374 } else if (i == 0) { 1375 ERR_print_errors(bio_err); 1376 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); 1377 goto err; 1378 } else { 1379 if (debug) 1380 printf("server read %d\n", i); 1381 sr_num -= i; 1382 if (cw_num > 0) { 1383 c_write = 1; 1384 c_w = 1; 1385 } 1386 if (sr_num <= 0) { 1387 s_write = 1; 1388 s_w = 1; 1389 c_write = 0; 1390 } 1391 } 1392 } else { 1393 j = (sw_num > (long)sizeof(sbuf)) ? 1394 (int)sizeof(sbuf) : (int)sw_num; 1395 i = BIO_write(s_bio, sbuf, j); 1396 if (i < 0) { 1397 s_r = 0; 1398 s_w = 0; 1399 if (BIO_should_retry(s_bio)) { 1400 if (BIO_should_read(s_bio)) 1401 s_r = 1; 1402 if (BIO_should_write(s_bio)) 1403 s_w = 1; 1404 } else { 1405 fprintf(stderr, "ERROR in SERVER\n"); 1406 ERR_print_errors(bio_err); 1407 goto err; 1408 } 1409 } else if (i == 0) { 1410 ERR_print_errors(bio_err); 1411 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); 1412 goto err; 1413 } else { 1414 if (debug) 1415 printf("server wrote %d\n", i); 1416 sw_num -= i; 1417 s_write = 0; 1418 c_r = 1; 1419 if (sw_num <= 0) 1420 done |= S_DONE; 1421 } 1422 } 1423 } 1424 1425 if ((done & S_DONE) && (done & C_DONE)) 1426 break; 1427 } 1428 1429 if (verbose) 1430 print_details(c_ssl, "DONE: "); 1431 1432 #ifndef OPENSSL_NO_NEXTPROTONEG 1433 if (verify_npn(c_ssl, s_ssl) < 0) { 1434 ret = 1; 1435 goto err; 1436 } 1437 #endif 1438 1439 ret = 0; 1440 err: 1441 /* We have to set the BIO's to NULL otherwise they will be 1442 * free()ed twice. Once when th s_ssl is SSL_free()ed and 1443 * again when c_ssl is SSL_free()ed. 1444 * This is a hack required because s_ssl and c_ssl are sharing the same 1445 * BIO structure and SSL_set_bio() and SSL_free() automatically 1446 * BIO_free non NULL entries. 1447 * You should not normally do this or be required to do this */ 1448 if (s_ssl != NULL) { 1449 s_ssl->rbio = NULL; 1450 s_ssl->wbio = NULL; 1451 } 1452 if (c_ssl != NULL) { 1453 c_ssl->rbio = NULL; 1454 c_ssl->wbio = NULL; 1455 } 1456 1457 if (c_to_s != NULL) 1458 BIO_free(c_to_s); 1459 if (s_to_c != NULL) 1460 BIO_free(s_to_c); 1461 if (c_bio != NULL) 1462 BIO_free_all(c_bio); 1463 if (s_bio != NULL) 1464 BIO_free_all(s_bio); 1465 return (ret); 1466 } 1467 1468 static int 1469 get_proxy_auth_ex_data_idx(void) 1470 { 1471 static volatile int idx = -1; 1472 if (idx < 0) { 1473 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1474 if (idx < 0) { 1475 idx = X509_STORE_CTX_get_ex_new_index(0, 1476 "SSLtest for verify callback", NULL, NULL, NULL); 1477 } 1478 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1479 } 1480 return idx; 1481 } 1482 1483 static int 1484 verify_callback(int ok, X509_STORE_CTX *ctx) 1485 { 1486 char *s, buf[256]; 1487 1488 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 1489 sizeof buf); 1490 if (s != NULL) { 1491 if (ok) 1492 fprintf(stderr, "depth=%d %s\n", 1493 ctx->error_depth, buf); 1494 else { 1495 fprintf(stderr, "depth=%d error=%d %s\n", 1496 ctx->error_depth, ctx->error, buf); 1497 } 1498 } 1499 1500 if (ok == 0) { 1501 fprintf(stderr, "Error string: %s\n", 1502 X509_verify_cert_error_string(ctx->error)); 1503 switch (ctx->error) { 1504 case X509_V_ERR_CERT_NOT_YET_VALID: 1505 case X509_V_ERR_CERT_HAS_EXPIRED: 1506 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1507 fprintf(stderr, " ... ignored.\n"); 1508 ok = 1; 1509 } 1510 } 1511 1512 if (ok == 1) { 1513 X509 *xs = ctx->current_cert; 1514 #if 0 1515 X509 *xi = ctx->current_issuer; 1516 #endif 1517 1518 if (xs->ex_flags & EXFLAG_PROXY) { 1519 unsigned int *letters = 1520 X509_STORE_CTX_get_ex_data(ctx, 1521 get_proxy_auth_ex_data_idx()); 1522 1523 if (letters) { 1524 int found_any = 0; 1525 int i; 1526 PROXY_CERT_INFO_EXTENSION *pci = 1527 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1528 NULL, NULL); 1529 1530 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1531 case NID_Independent: 1532 /* Completely meaningless in this 1533 program, as there's no way to 1534 grant explicit rights to a 1535 specific PrC. Basically, using 1536 id-ppl-Independent is the perfect 1537 way to grant no rights at all. */ 1538 fprintf(stderr, " Independent proxy certificate"); 1539 for (i = 0; i < 26; i++) 1540 letters[i] = 0; 1541 break; 1542 case NID_id_ppl_inheritAll: 1543 /* This is basically a NOP, we 1544 simply let the current rights 1545 stand as they are. */ 1546 fprintf(stderr, " Proxy certificate inherits all"); 1547 break; 1548 default: 1549 s = (char *) 1550 pci->proxyPolicy->policy->data; 1551 i = pci->proxyPolicy->policy->length; 1552 1553 /* The algorithm works as follows: 1554 it is assumed that previous 1555 iterations or the initial granted 1556 rights has already set some elements 1557 of `letters'. What we need to do is 1558 to clear those that weren't granted 1559 by the current PrC as well. The 1560 easiest way to do this is to add 1 1561 to all the elements whose letters 1562 are given with the current policy. 1563 That way, all elements that are set 1564 by the current policy and were 1565 already set by earlier policies and 1566 through the original grant of rights 1567 will get the value 2 or higher. 1568 The last thing to do is to sweep 1569 through `letters' and keep the 1570 elements having the value 2 as set, 1571 and clear all the others. */ 1572 1573 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); 1574 while (i-- > 0) { 1575 int c = *s++; 1576 if (isascii(c) && isalpha(c)) { 1577 if (islower(c)) 1578 c = toupper(c); 1579 letters[c - 'A']++; 1580 } 1581 } 1582 for (i = 0; i < 26; i++) 1583 if (letters[i] < 2) 1584 letters[i] = 0; 1585 else 1586 letters[i] = 1; 1587 } 1588 1589 found_any = 0; 1590 fprintf(stderr, ", resulting proxy rights = "); 1591 for (i = 0; i < 26; i++) 1592 if (letters[i]) { 1593 fprintf(stderr, "%c", i + 'A'); 1594 found_any = 1; 1595 } 1596 if (!found_any) 1597 fprintf(stderr, "none"); 1598 fprintf(stderr, "\n"); 1599 1600 PROXY_CERT_INFO_EXTENSION_free(pci); 1601 } 1602 } 1603 } 1604 1605 return (ok); 1606 } 1607 1608 static void 1609 process_proxy_debug(int indent, const char *format, ...) 1610 { 1611 static const char indentation[] = 1612 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1613 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ 1614 char my_format[256]; 1615 va_list args; 1616 1617 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", 1618 indent, indent, indentation, format); 1619 1620 va_start(args, format); 1621 vfprintf(stderr, my_format, args); 1622 va_end(args); 1623 } 1624 /* Priority levels: 1625 0 [!]var, () 1626 1 & ^ 1627 2 | 1628 */ 1629 static int process_proxy_cond_adders(unsigned int letters[26], 1630 const char *cond, const char **cond_end, int *pos, int indent); 1631 1632 static int 1633 process_proxy_cond_val(unsigned int letters[26], const char *cond, 1634 const char **cond_end, int *pos, int indent) 1635 { 1636 int c; 1637 int ok = 1; 1638 int negate = 0; 1639 1640 while (isspace((int)*cond)) { 1641 cond++; 1642 (*pos)++; 1643 } 1644 c = *cond; 1645 1646 if (debug) 1647 process_proxy_debug(indent, 1648 "Start process_proxy_cond_val at position %d: %s\n", 1649 *pos, cond); 1650 1651 while (c == '!') { 1652 negate = !negate; 1653 cond++; 1654 (*pos)++; 1655 while (isspace((int)*cond)) { 1656 cond++; 1657 (*pos)++; 1658 } 1659 c = *cond; 1660 } 1661 1662 if (c == '(') { 1663 cond++; 1664 (*pos)++; 1665 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1666 indent + 1); 1667 cond = *cond_end; 1668 if (ok < 0) 1669 goto end; 1670 while (isspace((int)*cond)) { 1671 cond++; 1672 (*pos)++; 1673 } 1674 c = *cond; 1675 if (c != ')') { 1676 fprintf(stderr, 1677 "Weird condition character in position %d: " 1678 "%c\n", *pos, c); 1679 ok = -1; 1680 goto end; 1681 } 1682 cond++; 1683 (*pos)++; 1684 } else if (isascii(c) && isalpha(c)) { 1685 if (islower(c)) 1686 c = toupper(c); 1687 ok = letters[c - 'A']; 1688 cond++; 1689 (*pos)++; 1690 } else { 1691 fprintf(stderr, 1692 "Weird condition character in position %d: " 1693 "%c\n", *pos, c); 1694 ok = -1; 1695 goto end; 1696 } 1697 end: 1698 *cond_end = cond; 1699 if (ok >= 0 && negate) 1700 ok = !ok; 1701 1702 if (debug) 1703 process_proxy_debug(indent, 1704 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1705 *pos, cond, ok); 1706 1707 return ok; 1708 } 1709 1710 static int 1711 process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, 1712 const char **cond_end, int *pos, int indent) 1713 { 1714 int ok; 1715 char c; 1716 1717 if (debug) 1718 process_proxy_debug(indent, 1719 "Start process_proxy_cond_multipliers at position %d: %s\n", 1720 *pos, cond); 1721 1722 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 1723 cond = *cond_end; 1724 if (ok < 0) 1725 goto end; 1726 1727 while (ok >= 0) { 1728 while (isspace((int)*cond)) { 1729 cond++; 1730 (*pos)++; 1731 } 1732 c = *cond; 1733 1734 switch (c) { 1735 case '&': 1736 case '^': 1737 { 1738 int save_ok = ok; 1739 1740 cond++; 1741 (*pos)++; 1742 ok = process_proxy_cond_val(letters, 1743 cond, cond_end, pos, indent + 1); 1744 cond = *cond_end; 1745 if (ok < 0) 1746 break; 1747 1748 switch (c) { 1749 case '&': 1750 ok &= save_ok; 1751 break; 1752 case '^': 1753 ok ^= save_ok; 1754 break; 1755 default: 1756 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1757 " STOPPING\n"); 1758 exit(1); 1759 } 1760 } 1761 break; 1762 default: 1763 goto end; 1764 } 1765 } 1766 end: 1767 if (debug) 1768 process_proxy_debug(indent, 1769 "End process_proxy_cond_multipliers at position %d: %s, " 1770 "returning %d\n", 1771 *pos, cond, ok); 1772 1773 *cond_end = cond; 1774 return ok; 1775 } 1776 1777 static int 1778 process_proxy_cond_adders(unsigned int letters[26], const char *cond, 1779 const char **cond_end, int *pos, int indent) 1780 { 1781 int ok; 1782 char c; 1783 1784 if (debug) 1785 process_proxy_debug(indent, 1786 "Start process_proxy_cond_adders at position %d: %s\n", 1787 *pos, cond); 1788 1789 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 1790 indent + 1); 1791 cond = *cond_end; 1792 if (ok < 0) 1793 goto end; 1794 1795 while (ok >= 0) { 1796 while (isspace((int)*cond)) { 1797 cond++; 1798 (*pos)++; 1799 } 1800 c = *cond; 1801 1802 switch (c) { 1803 case '|': 1804 { 1805 int save_ok = ok; 1806 1807 cond++; 1808 (*pos)++; 1809 ok = process_proxy_cond_multipliers(letters, 1810 cond, cond_end, pos, indent + 1); 1811 cond = *cond_end; 1812 if (ok < 0) 1813 break; 1814 1815 switch (c) { 1816 case '|': 1817 ok |= save_ok; 1818 break; 1819 default: 1820 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1821 " STOPPING\n"); 1822 exit(1); 1823 } 1824 } 1825 break; 1826 default: 1827 goto end; 1828 } 1829 } 1830 end: 1831 if (debug) 1832 process_proxy_debug(indent, 1833 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 1834 *pos, cond, ok); 1835 1836 *cond_end = cond; 1837 return ok; 1838 } 1839 1840 static int 1841 process_proxy_cond(unsigned int letters[26], const char *cond, 1842 const char **cond_end) 1843 { 1844 int pos = 1; 1845 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 1846 } 1847 1848 static int 1849 app_verify_callback(X509_STORE_CTX *ctx, void *arg) 1850 { 1851 int ok = 1; 1852 struct app_verify_arg *cb_arg = arg; 1853 unsigned int letters[26]; /* only used with proxy_auth */ 1854 1855 if (cb_arg->app_verify) { 1856 char *s = NULL, buf[256]; 1857 1858 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1859 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1860 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 1861 (void *)ctx, (void *)ctx->cert); 1862 if (ctx->cert) 1863 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 1864 if (s != NULL) { 1865 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 1866 } 1867 return (1); 1868 } 1869 if (cb_arg->proxy_auth) { 1870 int found_any = 0, i; 1871 char *sp; 1872 1873 for (i = 0; i < 26; i++) 1874 letters[i] = 0; 1875 for (sp = cb_arg->proxy_auth; *sp; sp++) { 1876 int c = *sp; 1877 if (isascii(c) && isalpha(c)) { 1878 if (islower(c)) 1879 c = toupper(c); 1880 letters[c - 'A'] = 1; 1881 } 1882 } 1883 1884 fprintf(stderr, " Initial proxy rights = "); 1885 for (i = 0; i < 26; i++) 1886 if (letters[i]) { 1887 fprintf(stderr, "%c", i + 'A'); 1888 found_any = 1; 1889 } 1890 if (!found_any) 1891 fprintf(stderr, "none"); 1892 fprintf(stderr, "\n"); 1893 1894 X509_STORE_CTX_set_ex_data(ctx, 1895 get_proxy_auth_ex_data_idx(), letters); 1896 } 1897 if (cb_arg->allow_proxy_certs) { 1898 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 1899 } 1900 1901 ok = X509_verify_cert(ctx); 1902 1903 if (cb_arg->proxy_auth) { 1904 if (ok > 0) { 1905 const char *cond_end = NULL; 1906 1907 ok = process_proxy_cond(letters, 1908 cb_arg->proxy_cond, &cond_end); 1909 1910 if (ok < 0) 1911 exit(3); 1912 if (*cond_end) { 1913 fprintf(stderr, "Stopped processing condition before it's end.\n"); 1914 ok = 0; 1915 } 1916 if (!ok) 1917 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", 1918 cb_arg->proxy_cond); 1919 else 1920 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", 1921 cb_arg->proxy_cond); 1922 } 1923 } 1924 return (ok); 1925 } 1926 1927 static RSA *rsa_tmp = NULL; 1928 1929 static RSA * 1930 tmp_rsa_cb(SSL *s, int is_export, int keylength) 1931 { 1932 BIGNUM *bn = NULL; 1933 if (rsa_tmp == NULL) { 1934 bn = BN_new(); 1935 rsa_tmp = RSA_new(); 1936 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { 1937 BIO_printf(bio_err, "Memory error..."); 1938 goto end; 1939 } 1940 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); 1941 (void)BIO_flush(bio_err); 1942 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 1943 BIO_printf(bio_err, "Error generating key."); 1944 RSA_free(rsa_tmp); 1945 rsa_tmp = NULL; 1946 } 1947 end: 1948 BIO_printf(bio_err, "\n"); 1949 (void)BIO_flush(bio_err); 1950 } 1951 if (bn) 1952 BN_free(bn); 1953 return (rsa_tmp); 1954 } 1955 1956 static void 1957 free_tmp_rsa(void) 1958 { 1959 if (rsa_tmp != NULL) { 1960 RSA_free(rsa_tmp); 1961 rsa_tmp = NULL; 1962 } 1963 } 1964 1965 /* These DH parameters have been generated as follows: 1966 * $ openssl dhparam -C -noout 512 1967 * $ openssl dhparam -C -noout 1024 1968 * $ openssl dhparam -C -noout -dsaparam 1024 1969 * (The third function has been renamed to avoid name conflicts.) 1970 */ 1971 static DH * 1972 get_dh512() 1973 { 1974 static unsigned char dh512_p[] = { 1975 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 0xC6, 1976 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 0xB0, 1977 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 0x5F, 1978 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 0xB8, 1979 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 0x33, 1980 0x02, 0xC5, 0xAE, 0x23, 1981 }; 1982 static unsigned char dh512_g[] = { 1983 0x02, 1984 }; 1985 DH *dh; 1986 1987 if ((dh = DH_new()) == NULL) 1988 return (NULL); 1989 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 1990 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 1991 if ((dh->p == NULL) || (dh->g == NULL)) { 1992 DH_free(dh); 1993 return (NULL); 1994 } 1995 return (dh); 1996 } 1997 1998 static DH * 1999 get_dh1024() 2000 { 2001 static unsigned char dh1024_p[] = { 2002 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, 2003 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, 2004 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, 2005 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, 2006 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, 2007 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, 2008 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, 2009 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, 2010 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, 2011 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, 2012 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 2013 }; 2014 static unsigned char dh1024_g[] = { 2015 0x02, 2016 }; 2017 DH *dh; 2018 2019 if ((dh = DH_new()) == NULL) 2020 return (NULL); 2021 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2022 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2023 if ((dh->p == NULL) || (dh->g == NULL)) { 2024 DH_free(dh); 2025 return (NULL); 2026 } 2027 return (dh); 2028 } 2029 2030 static DH * 2031 get_dh1024dsa() 2032 { 2033 static unsigned char dh1024_p[] = { 2034 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, 2035 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, 2036 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, 2037 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, 2038 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, 2039 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, 2040 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, 2041 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, 2042 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, 2043 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, 2044 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 2045 }; 2046 static unsigned char dh1024_g[] = { 2047 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, 2048 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, 2049 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, 2050 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, 2051 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, 2052 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, 2053 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, 2054 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, 2055 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, 2056 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, 2057 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 2058 }; 2059 DH *dh; 2060 2061 if ((dh = DH_new()) == NULL) 2062 return (NULL); 2063 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2064 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2065 if ((dh->p == NULL) || (dh->g == NULL)) { 2066 DH_free(dh); 2067 return (NULL); 2068 } 2069 dh->length = 160; 2070 return (dh); 2071 } 2072 2073 static int 2074 do_test_cipherlist(void) 2075 { 2076 int i = 0; 2077 const SSL_METHOD *meth; 2078 const SSL_CIPHER *ci, *tci = NULL; 2079 2080 fprintf(stderr, "testing SSLv3 cipher list order: "); 2081 meth = SSLv3_method(); 2082 tci = NULL; 2083 while ((ci = meth->get_cipher(i++)) != NULL) { 2084 if (tci != NULL) { 2085 if (ci->id >= tci->id) { 2086 fprintf(stderr, 2087 "failed %lx vs. %lx\n", ci->id, tci->id); 2088 return 0; 2089 } 2090 } 2091 tci = ci; 2092 } 2093 fprintf(stderr, "ok\n"); 2094 fprintf(stderr, "testing TLSv1 cipher list order: "); 2095 meth = TLSv1_method(); 2096 tci = NULL; 2097 while ((ci = meth->get_cipher(i++)) != NULL) { 2098 if (tci != NULL) { 2099 if (ci->id >= tci->id) { 2100 fprintf(stderr, 2101 "failed %lx vs. %lx\n", ci->id, tci->id); 2102 return 0; 2103 } 2104 } 2105 tci = ci; 2106 } 2107 fprintf(stderr, "ok\n"); 2108 2109 return 1; 2110 } 2111