1 /* ssl/ssltest.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly 144 on Linux and GNU platforms. */ 145 #include <sys/types.h> 146 #include <sys/socket.h> 147 148 #include <netinet/in.h> 149 150 #include <assert.h> 151 #include <errno.h> 152 #include <limits.h> 153 #include <netdb.h> 154 #include <stdio.h> 155 #include <stdlib.h> 156 #include <string.h> 157 #include <time.h> 158 #include <unistd.h> 159 160 #include <ctype.h> 161 162 #include <openssl/opensslconf.h> 163 #include <openssl/bio.h> 164 #include <openssl/crypto.h> 165 #include <openssl/evp.h> 166 #include <openssl/x509.h> 167 #include <openssl/x509v3.h> 168 #include <openssl/ssl.h> 169 #ifndef OPENSSL_NO_ENGINE 170 #include <openssl/engine.h> 171 #endif 172 #include <openssl/err.h> 173 #include <openssl/rand.h> 174 #include <openssl/rsa.h> 175 #include <openssl/dsa.h> 176 #include <openssl/dh.h> 177 #include <openssl/bn.h> 178 179 #include "ssl_locl.h" 180 181 #define TEST_SERVER_CERT "../apps/server.pem" 182 #define TEST_CLIENT_CERT "../apps/client.pem" 183 184 static int verify_callback(int ok, X509_STORE_CTX *ctx); 185 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 186 #define APP_CALLBACK_STRING "Test Callback Argument" 187 struct app_verify_arg { 188 char *string; 189 int app_verify; 190 int allow_proxy_certs; 191 char *proxy_auth; 192 char *proxy_cond; 193 }; 194 195 static DH *get_dh1024(void); 196 static DH *get_dh1024dsa(void); 197 198 static BIO *bio_err = NULL; 199 static BIO *bio_stdout = NULL; 200 201 static const char *alpn_client; 202 static const char *alpn_server; 203 static const char *alpn_expected; 204 static unsigned char *alpn_selected; 205 206 /* 207 * next_protos_parse parses a comma separated list of strings into a string 208 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 209 * outlen: (output) set to the length of the resulting buffer on success. 210 * err: (maybe NULL) on failure, an error message line is written to this BIO. 211 * in: a NUL terminated string like "abc,def,ghi" 212 * 213 * returns: a malloced buffer or NULL on failure. 214 */ 215 static unsigned char * 216 next_protos_parse(unsigned short *outlen, const char *in) 217 { 218 size_t i, len, start = 0; 219 unsigned char *out; 220 221 len = strlen(in); 222 if (len >= 65535) 223 return (NULL); 224 225 if ((out = malloc(strlen(in) + 1)) == NULL) 226 return (NULL); 227 228 for (i = 0; i <= len; ++i) { 229 if (i == len || in[i] == ',') { 230 if (i - start > 255) { 231 free(out); 232 return (NULL); 233 } 234 out[start] = i - start; 235 start = i + 1; 236 } else 237 out[i+1] = in[i]; 238 } 239 *outlen = len + 1; 240 return (out); 241 } 242 243 static int 244 cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, 245 const unsigned char *in, unsigned int inlen, void *arg) 246 { 247 unsigned char *protos; 248 unsigned short protos_len; 249 250 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) { 251 fprintf(stderr, 252 "failed to parser ALPN server protocol string: %s\n", 253 alpn_server); 254 abort(); 255 } 256 257 if (SSL_select_next_proto((unsigned char **)out, outlen, protos, 258 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) { 259 free(protos); 260 return (SSL_TLSEXT_ERR_NOACK); 261 } 262 263 /* 264 * Make a copy of the selected protocol which will be freed in 265 * verify_alpn. 266 */ 267 if ((alpn_selected = malloc(*outlen)) == NULL) { 268 fprintf(stderr, "malloc failed\n"); 269 abort(); 270 } 271 memcpy(alpn_selected, *out, *outlen); 272 *out = alpn_selected; 273 free(protos); 274 275 return (SSL_TLSEXT_ERR_OK); 276 } 277 278 static int 279 verify_alpn(SSL *client, SSL *server) 280 { 281 const unsigned char *client_proto, *server_proto; 282 unsigned int client_proto_len = 0, server_proto_len = 0; 283 284 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 285 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 286 287 free(alpn_selected); 288 alpn_selected = NULL; 289 290 if (client_proto_len != server_proto_len || 291 memcmp(client_proto, server_proto, client_proto_len) != 0) { 292 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 293 goto err; 294 } 295 296 if (client_proto_len > 0 && alpn_expected == NULL) { 297 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 298 goto err; 299 } 300 301 if (alpn_expected != NULL && 302 (client_proto_len != strlen(alpn_expected) || 303 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 304 BIO_printf(bio_stdout, "ALPN selected protocols not equal to " 305 "expected protocol: %s\n", alpn_expected); 306 goto err; 307 } 308 309 return (0); 310 311 err: 312 BIO_printf(bio_stdout, "ALPN results: client: '"); 313 BIO_write(bio_stdout, client_proto, client_proto_len); 314 BIO_printf(bio_stdout, "', server: '"); 315 BIO_write(bio_stdout, server_proto, server_proto_len); 316 BIO_printf(bio_stdout, "'\n"); 317 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", 318 alpn_client, alpn_server); 319 320 return (-1); 321 } 322 323 static char *cipher = NULL; 324 static int verbose = 0; 325 static int debug = 0; 326 327 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 328 clock_t *c_time); 329 int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 330 331 static void 332 sv_usage(void) 333 { 334 fprintf(stderr, "usage: ssltest [args ...]\n"); 335 fprintf(stderr, "\n"); 336 fprintf(stderr, " -server_auth - check server certificate\n"); 337 fprintf(stderr, " -client_auth - do client authentication\n"); 338 fprintf(stderr, " -proxy - allow proxy certificates\n"); 339 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 340 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n"); 341 fprintf(stderr, " -v - more output\n"); 342 fprintf(stderr, " -d - debug output\n"); 343 fprintf(stderr, " -reuse - use session-id reuse\n"); 344 fprintf(stderr, " -num <val> - number of connections to perform\n"); 345 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n"); 346 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 347 fprintf(stderr, " -no_dhe - disable DHE\n"); 348 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 349 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 350 fprintf(stderr, " -tls1 - use TLSv1\n"); 351 fprintf(stderr, " -tls1_2 - use TLSv1.2\n"); 352 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 353 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 354 fprintf(stderr, " -cert arg - Server certificate file\n"); 355 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); 356 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 357 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); 358 fprintf(stderr, " -cipher arg - The cipher list\n"); 359 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 360 fprintf(stderr, " -f - Test even cases that can't work\n"); 361 fprintf(stderr, " -time - measure processor time used by client and server\n"); 362 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 363 " Use \"openssl ecparam -list_curves\" for all names\n" \ 364 " (default is sect163r2).\n"); 365 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 366 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 367 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 368 } 369 370 static void 371 print_details(SSL *c_ssl, const char *prefix) 372 { 373 const SSL_CIPHER *ciph; 374 X509 *cert; 375 376 ciph = SSL_get_current_cipher(c_ssl); 377 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 378 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), 379 SSL_CIPHER_get_name(ciph)); 380 cert = SSL_get_peer_certificate(c_ssl); 381 if (cert != NULL) { 382 EVP_PKEY *pkey = X509_get_pubkey(cert); 383 if (pkey != NULL) { 384 if (pkey->type == EVP_PKEY_RSA && 385 pkey->pkey.rsa != NULL && 386 pkey->pkey.rsa->n != NULL) { 387 BIO_printf(bio_stdout, ", %d bit RSA", 388 BN_num_bits(pkey->pkey.rsa->n)); 389 } else if (pkey->type == EVP_PKEY_DSA && 390 pkey->pkey.dsa != NULL && 391 pkey->pkey.dsa->p != NULL) { 392 BIO_printf(bio_stdout, ", %d bit DSA", 393 BN_num_bits(pkey->pkey.dsa->p)); 394 } 395 EVP_PKEY_free(pkey); 396 } 397 X509_free(cert); 398 } 399 /* The SSL API does not allow us to look at temporary RSA/DH keys, 400 * otherwise we should print their lengths too */ 401 BIO_printf(bio_stdout, "\n"); 402 } 403 404 int 405 main(int argc, char *argv[]) 406 { 407 char *CApath = NULL, *CAfile = NULL; 408 int badop = 0; 409 int bio_pair = 0; 410 int force = 0; 411 int tls1 = 0, tls1_2 = 0, dtls1 = 0, ret = 1; 412 int client_auth = 0; 413 int server_auth = 0, i; 414 struct app_verify_arg app_verify_arg = 415 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 416 char *server_cert = TEST_SERVER_CERT; 417 char *server_key = NULL; 418 char *client_cert = TEST_CLIENT_CERT; 419 char *client_key = NULL; 420 char *named_curve = NULL; 421 SSL_CTX *s_ctx = NULL; 422 SSL_CTX *c_ctx = NULL; 423 const SSL_METHOD *meth = NULL; 424 SSL *c_ssl, *s_ssl; 425 int number = 1, reuse = 0; 426 long bytes = 256L; 427 DH *dh; 428 int dhe1024dsa = 0; 429 EC_KEY *ecdh = NULL; 430 int no_dhe = 0; 431 int no_ecdhe = 0; 432 int print_time = 0; 433 clock_t s_time = 0, c_time = 0; 434 435 verbose = 0; 436 debug = 0; 437 cipher = 0; 438 439 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); 440 441 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); 442 443 argc--; 444 argv++; 445 446 while (argc >= 1) { 447 if (!strcmp(*argv, "-F")) { 448 fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n"); 449 exit(0); 450 } else if (strcmp(*argv, "-server_auth") == 0) 451 server_auth = 1; 452 else if (strcmp(*argv, "-client_auth") == 0) 453 client_auth = 1; 454 else if (strcmp(*argv, "-proxy_auth") == 0) { 455 if (--argc < 1) 456 goto bad; 457 app_verify_arg.proxy_auth= *(++argv); 458 } else if (strcmp(*argv, "-proxy_cond") == 0) { 459 if (--argc < 1) 460 goto bad; 461 app_verify_arg.proxy_cond= *(++argv); 462 } else if (strcmp(*argv, "-v") == 0) 463 verbose = 1; 464 else if (strcmp(*argv, "-d") == 0) 465 debug = 1; 466 else if (strcmp(*argv, "-reuse") == 0) 467 reuse = 1; 468 else if (strcmp(*argv, "-dhe1024dsa") == 0) { 469 dhe1024dsa = 1; 470 } else if (strcmp(*argv, "-no_dhe") == 0) 471 no_dhe = 1; 472 else if (strcmp(*argv, "-no_ecdhe") == 0) 473 no_ecdhe = 1; 474 else if (strcmp(*argv, "-dtls1") == 0) 475 dtls1 = 1; 476 else if (strcmp(*argv, "-tls1") == 0) 477 tls1 = 1; 478 else if (strcmp(*argv, "-tls1_2") == 0) 479 tls1_2 = 1; 480 else if (strncmp(*argv, "-num", 4) == 0) { 481 if (--argc < 1) 482 goto bad; 483 number = atoi(*(++argv)); 484 if (number == 0) 485 number = 1; 486 } else if (strcmp(*argv, "-bytes") == 0) { 487 if (--argc < 1) 488 goto bad; 489 bytes = atol(*(++argv)); 490 if (bytes == 0L) 491 bytes = 1L; 492 i = strlen(argv[0]); 493 if (argv[0][i - 1] == 'k') 494 bytes*=1024L; 495 if (argv[0][i - 1] == 'm') 496 bytes*=1024L*1024L; 497 } else if (strcmp(*argv, "-cert") == 0) { 498 if (--argc < 1) 499 goto bad; 500 server_cert= *(++argv); 501 } else if (strcmp(*argv, "-s_cert") == 0) { 502 if (--argc < 1) 503 goto bad; 504 server_cert= *(++argv); 505 } else if (strcmp(*argv, "-key") == 0) { 506 if (--argc < 1) 507 goto bad; 508 server_key= *(++argv); 509 } else if (strcmp(*argv, "-s_key") == 0) { 510 if (--argc < 1) 511 goto bad; 512 server_key= *(++argv); 513 } else if (strcmp(*argv, "-c_cert") == 0) { 514 if (--argc < 1) 515 goto bad; 516 client_cert= *(++argv); 517 } else if (strcmp(*argv, "-c_key") == 0) { 518 if (--argc < 1) 519 goto bad; 520 client_key= *(++argv); 521 } else if (strcmp(*argv, "-cipher") == 0) { 522 if (--argc < 1) 523 goto bad; 524 cipher= *(++argv); 525 } else if (strcmp(*argv, "-CApath") == 0) { 526 if (--argc < 1) 527 goto bad; 528 CApath= *(++argv); 529 } else if (strcmp(*argv, "-CAfile") == 0) { 530 if (--argc < 1) 531 goto bad; 532 CAfile= *(++argv); 533 } else if (strcmp(*argv, "-bio_pair") == 0) { 534 bio_pair = 1; 535 } else if (strcmp(*argv, "-f") == 0) { 536 force = 1; 537 } else if (strcmp(*argv, "-time") == 0) { 538 print_time = 1; 539 } else if (strcmp(*argv, "-named_curve") == 0) { 540 if (--argc < 1) 541 goto bad; 542 named_curve = *(++argv); 543 } else if (strcmp(*argv, "-app_verify") == 0) { 544 app_verify_arg.app_verify = 1; 545 } else if (strcmp(*argv, "-proxy") == 0) { 546 app_verify_arg.allow_proxy_certs = 1; 547 } else if (strcmp(*argv, "-alpn_client") == 0) { 548 if (--argc < 1) 549 goto bad; 550 alpn_client = *(++argv); 551 } else if (strcmp(*argv, "-alpn_server") == 0) { 552 if (--argc < 1) 553 goto bad; 554 alpn_server = *(++argv); 555 } else if (strcmp(*argv, "-alpn_expected") == 0) { 556 if (--argc < 1) 557 goto bad; 558 alpn_expected = *(++argv); 559 } else { 560 fprintf(stderr, "unknown option %s\n", *argv); 561 badop = 1; 562 break; 563 } 564 argc--; 565 argv++; 566 } 567 if (badop) { 568 bad: 569 sv_usage(); 570 goto end; 571 } 572 573 if (!dtls1 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) { 574 fprintf(stderr, 575 "This case cannot work. Use -f to perform " 576 "the test anyway (and\n-d to see what happens), " 577 "or add one of -dtls1, -tls1, -tls1_2, -reuse\n" 578 "to avoid protocol mismatch.\n"); 579 exit(1); 580 } 581 582 if (print_time) { 583 if (!bio_pair) { 584 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 585 bio_pair = 1; 586 } 587 if (number < 50 && !force) 588 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 589 } 590 591 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 592 593 SSL_library_init(); 594 SSL_load_error_strings(); 595 596 if (dtls1) 597 meth = DTLSv1_method(); 598 else if (tls1) 599 meth = TLSv1_method(); 600 else if (tls1_2) 601 meth = TLSv1_2_method(); 602 else 603 meth = TLS_method(); 604 605 c_ctx = SSL_CTX_new(meth); 606 s_ctx = SSL_CTX_new(meth); 607 if ((c_ctx == NULL) || (s_ctx == NULL)) { 608 ERR_print_errors(bio_err); 609 goto end; 610 } 611 612 if (cipher != NULL) { 613 SSL_CTX_set_cipher_list(c_ctx, cipher); 614 SSL_CTX_set_cipher_list(s_ctx, cipher); 615 } 616 617 if (!no_dhe) { 618 if (dhe1024dsa) { 619 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ 620 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 621 dh = get_dh1024dsa(); 622 } else 623 dh = get_dh1024(); 624 SSL_CTX_set_tmp_dh(s_ctx, dh); 625 DH_free(dh); 626 } 627 628 if (!no_ecdhe) { 629 int nid; 630 631 if (named_curve != NULL) { 632 nid = OBJ_sn2nid(named_curve); 633 if (nid == 0) { 634 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 635 goto end; 636 } 637 } else 638 nid = NID_X9_62_prime256v1; 639 640 ecdh = EC_KEY_new_by_curve_name(nid); 641 if (ecdh == NULL) { 642 BIO_printf(bio_err, "unable to create curve\n"); 643 goto end; 644 } 645 646 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 647 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 648 EC_KEY_free(ecdh); 649 } 650 651 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, 652 SSL_FILETYPE_PEM)) { 653 ERR_print_errors(bio_err); 654 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 655 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { 656 ERR_print_errors(bio_err); 657 goto end; 658 } 659 660 if (client_auth) { 661 SSL_CTX_use_certificate_file(c_ctx, client_cert, 662 SSL_FILETYPE_PEM); 663 SSL_CTX_use_PrivateKey_file(c_ctx, 664 (client_key ? client_key : client_cert), 665 SSL_FILETYPE_PEM); 666 } 667 668 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 669 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 670 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 671 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 672 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 673 ERR_print_errors(bio_err); 674 /* goto end; */ 675 } 676 677 if (client_auth) { 678 BIO_printf(bio_err, "client authentication\n"); 679 SSL_CTX_set_verify(s_ctx, 680 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 681 verify_callback); 682 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 683 &app_verify_arg); 684 } 685 if (server_auth) { 686 BIO_printf(bio_err, "server authentication\n"); 687 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, 688 verify_callback); 689 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 690 &app_verify_arg); 691 } 692 693 { 694 int session_id_context = 0; 695 SSL_CTX_set_session_id_context(s_ctx, 696 (void *)&session_id_context, sizeof(session_id_context)); 697 } 698 699 if (alpn_server != NULL) 700 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL); 701 702 if (alpn_client != NULL) { 703 unsigned short alpn_len; 704 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 705 706 if (alpn == NULL) { 707 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 708 goto end; 709 } 710 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); 711 free(alpn); 712 } 713 714 c_ssl = SSL_new(c_ctx); 715 s_ssl = SSL_new(s_ctx); 716 717 for (i = 0; i < number; i++) { 718 if (!reuse) 719 SSL_set_session(c_ssl, NULL); 720 if (bio_pair) 721 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, 722 &c_time); 723 else 724 ret = doit(s_ssl, c_ssl, bytes); 725 } 726 727 if (!verbose) { 728 print_details(c_ssl, ""); 729 } 730 if ((number > 1) || (bytes > 1L)) 731 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", 732 number, bytes); 733 if (print_time) { 734 #ifdef CLOCKS_PER_SEC 735 /* "To determine the time in seconds, the value returned 736 * by the clock function should be divided by the value 737 * of the macro CLOCKS_PER_SEC." 738 * -- ISO/IEC 9899 */ 739 BIO_printf(bio_stdout, 740 "Approximate total server time: %6.2f s\n" 741 "Approximate total client time: %6.2f s\n", 742 (double)s_time/CLOCKS_PER_SEC, 743 (double)c_time/CLOCKS_PER_SEC); 744 #else 745 /* "`CLOCKS_PER_SEC' undeclared (first use this function)" 746 * -- cc on NeXTstep/OpenStep */ 747 BIO_printf(bio_stdout, 748 "Approximate total server time: %6.2f units\n" 749 "Approximate total client time: %6.2f units\n", 750 (double)s_time, 751 (double)c_time); 752 #endif 753 } 754 755 SSL_free(s_ssl); 756 SSL_free(c_ssl); 757 758 end: 759 SSL_CTX_free(s_ctx); 760 SSL_CTX_free(c_ctx); 761 BIO_free(bio_stdout); 762 763 #ifndef OPENSSL_NO_ENGINE 764 ENGINE_cleanup(); 765 #endif 766 CRYPTO_cleanup_all_ex_data(); 767 ERR_free_strings(); 768 ERR_remove_thread_state(NULL); 769 EVP_cleanup(); 770 CRYPTO_mem_leaks(bio_err); 771 BIO_free(bio_err); 772 773 exit(ret); 774 return ret; 775 } 776 777 int 778 doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, 779 clock_t *c_time) 780 { 781 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 782 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 783 BIO *server = NULL, *server_io = NULL; 784 BIO *client = NULL, *client_io = NULL; 785 int ret = 1; 786 787 size_t bufsiz = 256; /* small buffer for testing */ 788 789 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 790 goto err; 791 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 792 goto err; 793 794 s_ssl_bio = BIO_new(BIO_f_ssl()); 795 if (!s_ssl_bio) 796 goto err; 797 798 c_ssl_bio = BIO_new(BIO_f_ssl()); 799 if (!c_ssl_bio) 800 goto err; 801 802 SSL_set_connect_state(c_ssl); 803 SSL_set_bio(c_ssl, client, client); 804 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 805 806 SSL_set_accept_state(s_ssl); 807 SSL_set_bio(s_ssl, server, server); 808 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 809 810 do { 811 /* c_ssl_bio: SSL filter BIO 812 * 813 * client: pseudo-I/O for SSL library 814 * 815 * client_io: client's SSL communication; usually to be 816 * relayed over some I/O facility, but in this 817 * test program, we're the server, too: 818 * 819 * server_io: server's SSL communication 820 * 821 * server: pseudo-I/O for SSL library 822 * 823 * s_ssl_bio: SSL filter BIO 824 * 825 * The client and the server each employ a "BIO pair": 826 * client + client_io, server + server_io. 827 * BIO pairs are symmetric. A BIO pair behaves similar 828 * to a non-blocking socketpair (but both endpoints must 829 * be handled by the same thread). 830 * [Here we could connect client and server to the ends 831 * of a single BIO pair, but then this code would be less 832 * suitable as an example for BIO pairs in general.] 833 * 834 * Useful functions for querying the state of BIO pair endpoints: 835 * 836 * BIO_ctrl_pending(bio) number of bytes we can read now 837 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 838 * other side's read attempt 839 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 840 * 841 * ..._read_request is never more than ..._write_guarantee; 842 * it depends on the application which one you should use. 843 */ 844 845 /* We have non-blocking behaviour throughout this test program, but 846 * can be sure that there is *some* progress in each iteration; so 847 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE 848 * -- we just try everything in each iteration 849 */ 850 851 { 852 /* CLIENT */ 853 854 char cbuf[1024*8]; 855 int i, r; 856 clock_t c_clock = clock(); 857 858 memset(cbuf, 0, sizeof(cbuf)); 859 860 if (debug) 861 if (SSL_in_init(c_ssl)) 862 printf("client waiting in SSL_connect - %s\n", 863 SSL_state_string_long(c_ssl)); 864 865 if (cw_num > 0) { 866 /* Write to server. */ 867 868 if (cw_num > (long)sizeof cbuf) 869 i = sizeof cbuf; 870 else 871 i = (int)cw_num; 872 r = BIO_write(c_ssl_bio, cbuf, i); 873 if (r < 0) { 874 if (!BIO_should_retry(c_ssl_bio)) { 875 fprintf(stderr, "ERROR in CLIENT\n"); 876 goto err; 877 } 878 /* BIO_should_retry(...) can just be ignored here. 879 * The library expects us to call BIO_write with 880 * the same arguments again, and that's what we will 881 * do in the next iteration. */ 882 } else if (r == 0) { 883 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 884 goto err; 885 } else { 886 if (debug) 887 printf("client wrote %d\n", r); 888 cw_num -= r; 889 890 } 891 } 892 893 if (cr_num > 0) { 894 /* Read from server. */ 895 896 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 897 if (r < 0) { 898 if (!BIO_should_retry(c_ssl_bio)) { 899 fprintf(stderr, "ERROR in CLIENT\n"); 900 goto err; 901 } 902 /* Again, "BIO_should_retry" can be ignored. */ 903 } else if (r == 0) { 904 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 905 goto err; 906 } else { 907 if (debug) 908 printf("client read %d\n", r); 909 cr_num -= r; 910 } 911 } 912 913 /* c_time and s_time increments will typically be very small 914 * (depending on machine speed and clock tick intervals), 915 * but sampling over a large number of connections should 916 * result in fairly accurate figures. We cannot guarantee 917 * a lot, however -- if each connection lasts for exactly 918 * one clock tick, it will be counted only for the client 919 * or only for the server or even not at all. 920 */ 921 *c_time += (clock() - c_clock); 922 } 923 924 { 925 /* SERVER */ 926 927 char sbuf[1024*8]; 928 int i, r; 929 clock_t s_clock = clock(); 930 931 memset(sbuf, 0, sizeof(sbuf)); 932 933 if (debug) 934 if (SSL_in_init(s_ssl)) 935 printf("server waiting in SSL_accept - %s\n", 936 SSL_state_string_long(s_ssl)); 937 938 if (sw_num > 0) { 939 /* Write to client. */ 940 941 if (sw_num > (long)sizeof sbuf) 942 i = sizeof sbuf; 943 else 944 i = (int)sw_num; 945 r = BIO_write(s_ssl_bio, sbuf, i); 946 if (r < 0) { 947 if (!BIO_should_retry(s_ssl_bio)) { 948 fprintf(stderr, "ERROR in SERVER\n"); 949 goto err; 950 } 951 /* Ignore "BIO_should_retry". */ 952 } else if (r == 0) { 953 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 954 goto err; 955 } else { 956 if (debug) 957 printf("server wrote %d\n", r); 958 sw_num -= r; 959 960 } 961 } 962 963 if (sr_num > 0) { 964 /* Read from client. */ 965 966 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 967 if (r < 0) { 968 if (!BIO_should_retry(s_ssl_bio)) { 969 fprintf(stderr, "ERROR in SERVER\n"); 970 goto err; 971 } 972 /* blah, blah */ 973 } else if (r == 0) { 974 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 975 goto err; 976 } else { 977 if (debug) 978 printf("server read %d\n", r); 979 sr_num -= r; 980 } 981 } 982 983 *s_time += (clock() - s_clock); 984 } 985 986 { 987 /* "I/O" BETWEEN CLIENT AND SERVER. */ 988 989 size_t r1, r2; 990 BIO *io1 = server_io, *io2 = client_io; 991 /* we use the non-copying interface for io1 992 * and the standard BIO_write/BIO_read interface for io2 993 */ 994 995 static int prev_progress = 1; 996 int progress = 0; 997 998 /* io1 to io2 */ 999 do { 1000 size_t num; 1001 int r; 1002 1003 r1 = BIO_ctrl_pending(io1); 1004 r2 = BIO_ctrl_get_write_guarantee(io2); 1005 1006 num = r1; 1007 if (r2 < num) 1008 num = r2; 1009 if (num) { 1010 char *dataptr; 1011 1012 if (INT_MAX < num) /* yeah, right */ 1013 num = INT_MAX; 1014 1015 r = BIO_nread(io1, &dataptr, (int)num); 1016 assert(r > 0); 1017 assert(r <= (int)num); 1018 /* possibly r < num (non-contiguous data) */ 1019 num = r; 1020 r = BIO_write(io2, dataptr, (int)num); 1021 if (r != (int)num) /* can't happen */ 1022 { 1023 fprintf(stderr, "ERROR: BIO_write could not write " 1024 "BIO_ctrl_get_write_guarantee() bytes"); 1025 goto err; 1026 } 1027 progress = 1; 1028 1029 if (debug) 1030 printf((io1 == client_io) ? 1031 "C->S relaying: %d bytes\n" : 1032 "S->C relaying: %d bytes\n", 1033 (int)num); 1034 } 1035 } while (r1 && r2); 1036 1037 /* io2 to io1 */ 1038 { 1039 size_t num; 1040 int r; 1041 1042 r1 = BIO_ctrl_pending(io2); 1043 r2 = BIO_ctrl_get_read_request(io1); 1044 /* here we could use ..._get_write_guarantee instead of 1045 * ..._get_read_request, but by using the latter 1046 * we test restartability of the SSL implementation 1047 * more thoroughly */ 1048 num = r1; 1049 if (r2 < num) 1050 num = r2; 1051 if (num) { 1052 char *dataptr; 1053 1054 if (INT_MAX < num) 1055 num = INT_MAX; 1056 1057 if (num > 1) 1058 --num; /* test restartability even more thoroughly */ 1059 1060 r = BIO_nwrite0(io1, &dataptr); 1061 assert(r > 0); 1062 if (r < (int)num) 1063 num = r; 1064 r = BIO_read(io2, dataptr, (int)num); 1065 if (r != (int)num) /* can't happen */ 1066 { 1067 fprintf(stderr, "ERROR: BIO_read could not read " 1068 "BIO_ctrl_pending() bytes"); 1069 goto err; 1070 } 1071 progress = 1; 1072 r = BIO_nwrite(io1, &dataptr, (int)num); 1073 if (r != (int)num) /* can't happen */ 1074 { 1075 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1076 "BIO_nwrite0() bytes"); 1077 goto err; 1078 } 1079 1080 if (debug) 1081 printf((io2 == client_io) ? 1082 "C->S relaying: %d bytes\n" : 1083 "S->C relaying: %d bytes\n", 1084 (int)num); 1085 } 1086 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ 1087 1088 if (!progress && !prev_progress) { 1089 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1090 fprintf(stderr, "ERROR: got stuck\n"); 1091 goto err; 1092 } 1093 } 1094 prev_progress = progress; 1095 } 1096 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1097 1098 if (verbose) 1099 print_details(c_ssl, "DONE via BIO pair: "); 1100 1101 if (verify_alpn(c_ssl, s_ssl) < 0) { 1102 ret = 1; 1103 goto err; 1104 } 1105 1106 ret = 0; 1107 1108 err: 1109 ERR_print_errors(bio_err); 1110 1111 BIO_free(server); 1112 BIO_free(server_io); 1113 BIO_free(client); 1114 BIO_free(client_io); 1115 BIO_free(s_ssl_bio); 1116 BIO_free(c_ssl_bio); 1117 1118 return ret; 1119 } 1120 1121 1122 #define W_READ 1 1123 #define W_WRITE 2 1124 #define C_DONE 1 1125 #define S_DONE 2 1126 1127 int 1128 doit(SSL *s_ssl, SSL *c_ssl, long count) 1129 { 1130 char cbuf[1024*8], sbuf[1024*8]; 1131 long cw_num = count, cr_num = count; 1132 long sw_num = count, sr_num = count; 1133 int ret = 1; 1134 BIO *c_to_s = NULL; 1135 BIO *s_to_c = NULL; 1136 BIO *c_bio = NULL; 1137 BIO *s_bio = NULL; 1138 int c_r, c_w, s_r, s_w; 1139 int i, j; 1140 int done = 0; 1141 int c_write, s_write; 1142 int do_server = 0, do_client = 0; 1143 1144 memset(cbuf, 0, sizeof(cbuf)); 1145 memset(sbuf, 0, sizeof(sbuf)); 1146 1147 c_to_s = BIO_new(BIO_s_mem()); 1148 s_to_c = BIO_new(BIO_s_mem()); 1149 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1150 ERR_print_errors(bio_err); 1151 goto err; 1152 } 1153 1154 c_bio = BIO_new(BIO_f_ssl()); 1155 s_bio = BIO_new(BIO_f_ssl()); 1156 if ((c_bio == NULL) || (s_bio == NULL)) { 1157 ERR_print_errors(bio_err); 1158 goto err; 1159 } 1160 1161 SSL_set_connect_state(c_ssl); 1162 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1163 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1164 1165 SSL_set_accept_state(s_ssl); 1166 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1167 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1168 1169 c_r = 0; 1170 s_r = 1; 1171 c_w = 1; 1172 s_w = 0; 1173 c_write = 1, s_write = 0; 1174 1175 /* We can always do writes */ 1176 for (;;) { 1177 do_server = 0; 1178 do_client = 0; 1179 1180 i = (int)BIO_pending(s_bio); 1181 if ((i && s_r) || s_w) 1182 do_server = 1; 1183 1184 i = (int)BIO_pending(c_bio); 1185 if ((i && c_r) || c_w) 1186 do_client = 1; 1187 1188 if (do_server && debug) { 1189 if (SSL_in_init(s_ssl)) 1190 printf("server waiting in SSL_accept - %s\n", 1191 SSL_state_string_long(s_ssl)); 1192 } 1193 1194 if (do_client && debug) { 1195 if (SSL_in_init(c_ssl)) 1196 printf("client waiting in SSL_connect - %s\n", 1197 SSL_state_string_long(c_ssl)); 1198 } 1199 1200 if (!do_client && !do_server) { 1201 fprintf(stdout, "ERROR in STARTUP\n"); 1202 ERR_print_errors(bio_err); 1203 goto err; 1204 } 1205 1206 if (do_client && !(done & C_DONE)) { 1207 if (c_write) { 1208 j = (cw_num > (long)sizeof(cbuf)) ? 1209 (int)sizeof(cbuf) : (int)cw_num; 1210 i = BIO_write(c_bio, cbuf, j); 1211 if (i < 0) { 1212 c_r = 0; 1213 c_w = 0; 1214 if (BIO_should_retry(c_bio)) { 1215 if (BIO_should_read(c_bio)) 1216 c_r = 1; 1217 if (BIO_should_write(c_bio)) 1218 c_w = 1; 1219 } else { 1220 fprintf(stderr, "ERROR in CLIENT\n"); 1221 ERR_print_errors(bio_err); 1222 goto err; 1223 } 1224 } else if (i == 0) { 1225 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1226 goto err; 1227 } else { 1228 if (debug) 1229 printf("client wrote %d\n", i); 1230 /* ok */ 1231 s_r = 1; 1232 c_write = 0; 1233 cw_num -= i; 1234 } 1235 } else { 1236 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1237 if (i < 0) { 1238 c_r = 0; 1239 c_w = 0; 1240 if (BIO_should_retry(c_bio)) { 1241 if (BIO_should_read(c_bio)) 1242 c_r = 1; 1243 if (BIO_should_write(c_bio)) 1244 c_w = 1; 1245 } else { 1246 fprintf(stderr, "ERROR in CLIENT\n"); 1247 ERR_print_errors(bio_err); 1248 goto err; 1249 } 1250 } else if (i == 0) { 1251 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1252 goto err; 1253 } else { 1254 if (debug) 1255 printf("client read %d\n", i); 1256 cr_num -= i; 1257 if (sw_num > 0) { 1258 s_write = 1; 1259 s_w = 1; 1260 } 1261 if (cr_num <= 0) { 1262 s_write = 1; 1263 s_w = 1; 1264 done = S_DONE|C_DONE; 1265 } 1266 } 1267 } 1268 } 1269 1270 if (do_server && !(done & S_DONE)) { 1271 if (!s_write) { 1272 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1273 if (i < 0) { 1274 s_r = 0; 1275 s_w = 0; 1276 if (BIO_should_retry(s_bio)) { 1277 if (BIO_should_read(s_bio)) 1278 s_r = 1; 1279 if (BIO_should_write(s_bio)) 1280 s_w = 1; 1281 } else { 1282 fprintf(stderr, "ERROR in SERVER\n"); 1283 ERR_print_errors(bio_err); 1284 goto err; 1285 } 1286 } else if (i == 0) { 1287 ERR_print_errors(bio_err); 1288 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); 1289 goto err; 1290 } else { 1291 if (debug) 1292 printf("server read %d\n", i); 1293 sr_num -= i; 1294 if (cw_num > 0) { 1295 c_write = 1; 1296 c_w = 1; 1297 } 1298 if (sr_num <= 0) { 1299 s_write = 1; 1300 s_w = 1; 1301 c_write = 0; 1302 } 1303 } 1304 } else { 1305 j = (sw_num > (long)sizeof(sbuf)) ? 1306 (int)sizeof(sbuf) : (int)sw_num; 1307 i = BIO_write(s_bio, sbuf, j); 1308 if (i < 0) { 1309 s_r = 0; 1310 s_w = 0; 1311 if (BIO_should_retry(s_bio)) { 1312 if (BIO_should_read(s_bio)) 1313 s_r = 1; 1314 if (BIO_should_write(s_bio)) 1315 s_w = 1; 1316 } else { 1317 fprintf(stderr, "ERROR in SERVER\n"); 1318 ERR_print_errors(bio_err); 1319 goto err; 1320 } 1321 } else if (i == 0) { 1322 ERR_print_errors(bio_err); 1323 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); 1324 goto err; 1325 } else { 1326 if (debug) 1327 printf("server wrote %d\n", i); 1328 sw_num -= i; 1329 s_write = 0; 1330 c_r = 1; 1331 if (sw_num <= 0) 1332 done |= S_DONE; 1333 } 1334 } 1335 } 1336 1337 if ((done & S_DONE) && (done & C_DONE)) 1338 break; 1339 } 1340 1341 if (verbose) 1342 print_details(c_ssl, "DONE: "); 1343 1344 if (verify_alpn(c_ssl, s_ssl) < 0) { 1345 ret = 1; 1346 goto err; 1347 } 1348 1349 ret = 0; 1350 err: 1351 /* We have to set the BIO's to NULL otherwise they will be 1352 * free()ed twice. Once when th s_ssl is SSL_free()ed and 1353 * again when c_ssl is SSL_free()ed. 1354 * This is a hack required because s_ssl and c_ssl are sharing the same 1355 * BIO structure and SSL_set_bio() and SSL_free() automatically 1356 * BIO_free non NULL entries. 1357 * You should not normally do this or be required to do this */ 1358 if (s_ssl != NULL) { 1359 s_ssl->rbio = NULL; 1360 s_ssl->wbio = NULL; 1361 } 1362 if (c_ssl != NULL) { 1363 c_ssl->rbio = NULL; 1364 c_ssl->wbio = NULL; 1365 } 1366 1367 BIO_free(c_to_s); 1368 BIO_free(s_to_c); 1369 BIO_free_all(c_bio); 1370 BIO_free_all(s_bio); 1371 1372 return (ret); 1373 } 1374 1375 static int 1376 get_proxy_auth_ex_data_idx(void) 1377 { 1378 static volatile int idx = -1; 1379 if (idx < 0) { 1380 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1381 if (idx < 0) { 1382 idx = X509_STORE_CTX_get_ex_new_index(0, 1383 "SSLtest for verify callback", NULL, NULL, NULL); 1384 } 1385 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1386 } 1387 return idx; 1388 } 1389 1390 static int 1391 verify_callback(int ok, X509_STORE_CTX *ctx) 1392 { 1393 char *s, buf[256]; 1394 1395 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 1396 sizeof buf); 1397 if (s != NULL) { 1398 if (ok) 1399 fprintf(stderr, "depth=%d %s\n", 1400 ctx->error_depth, buf); 1401 else { 1402 fprintf(stderr, "depth=%d error=%d %s\n", 1403 ctx->error_depth, ctx->error, buf); 1404 } 1405 } 1406 1407 if (ok == 0) { 1408 fprintf(stderr, "Error string: %s\n", 1409 X509_verify_cert_error_string(ctx->error)); 1410 switch (ctx->error) { 1411 case X509_V_ERR_CERT_NOT_YET_VALID: 1412 case X509_V_ERR_CERT_HAS_EXPIRED: 1413 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1414 fprintf(stderr, " ... ignored.\n"); 1415 ok = 1; 1416 } 1417 } 1418 1419 if (ok == 1) { 1420 X509 *xs = ctx->current_cert; 1421 #if 0 1422 X509 *xi = ctx->current_issuer; 1423 #endif 1424 1425 if (xs->ex_flags & EXFLAG_PROXY) { 1426 unsigned int *letters = 1427 X509_STORE_CTX_get_ex_data(ctx, 1428 get_proxy_auth_ex_data_idx()); 1429 1430 if (letters) { 1431 int found_any = 0; 1432 int i; 1433 PROXY_CERT_INFO_EXTENSION *pci = 1434 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1435 NULL, NULL); 1436 1437 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1438 case NID_Independent: 1439 /* Completely meaningless in this 1440 program, as there's no way to 1441 grant explicit rights to a 1442 specific PrC. Basically, using 1443 id-ppl-Independent is the perfect 1444 way to grant no rights at all. */ 1445 fprintf(stderr, " Independent proxy certificate"); 1446 for (i = 0; i < 26; i++) 1447 letters[i] = 0; 1448 break; 1449 case NID_id_ppl_inheritAll: 1450 /* This is basically a NOP, we 1451 simply let the current rights 1452 stand as they are. */ 1453 fprintf(stderr, " Proxy certificate inherits all"); 1454 break; 1455 default: 1456 s = (char *) 1457 pci->proxyPolicy->policy->data; 1458 i = pci->proxyPolicy->policy->length; 1459 1460 /* The algorithm works as follows: 1461 it is assumed that previous 1462 iterations or the initial granted 1463 rights has already set some elements 1464 of `letters'. What we need to do is 1465 to clear those that weren't granted 1466 by the current PrC as well. The 1467 easiest way to do this is to add 1 1468 to all the elements whose letters 1469 are given with the current policy. 1470 That way, all elements that are set 1471 by the current policy and were 1472 already set by earlier policies and 1473 through the original grant of rights 1474 will get the value 2 or higher. 1475 The last thing to do is to sweep 1476 through `letters' and keep the 1477 elements having the value 2 as set, 1478 and clear all the others. */ 1479 1480 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); 1481 while (i-- > 0) { 1482 int c = *s++; 1483 if (isascii(c) && isalpha(c)) { 1484 if (islower(c)) 1485 c = toupper(c); 1486 letters[c - 'A']++; 1487 } 1488 } 1489 for (i = 0; i < 26; i++) 1490 if (letters[i] < 2) 1491 letters[i] = 0; 1492 else 1493 letters[i] = 1; 1494 } 1495 1496 found_any = 0; 1497 fprintf(stderr, ", resulting proxy rights = "); 1498 for (i = 0; i < 26; i++) 1499 if (letters[i]) { 1500 fprintf(stderr, "%c", i + 'A'); 1501 found_any = 1; 1502 } 1503 if (!found_any) 1504 fprintf(stderr, "none"); 1505 fprintf(stderr, "\n"); 1506 1507 PROXY_CERT_INFO_EXTENSION_free(pci); 1508 } 1509 } 1510 } 1511 1512 return (ok); 1513 } 1514 1515 static void 1516 process_proxy_debug(int indent, const char *format, ...) 1517 { 1518 static const char indentation[] = 1519 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1520 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ 1521 char my_format[256]; 1522 va_list args; 1523 1524 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", 1525 indent, indent, indentation, format); 1526 1527 va_start(args, format); 1528 vfprintf(stderr, my_format, args); 1529 va_end(args); 1530 } 1531 /* Priority levels: 1532 0 [!]var, () 1533 1 & ^ 1534 2 | 1535 */ 1536 static int process_proxy_cond_adders(unsigned int letters[26], 1537 const char *cond, const char **cond_end, int *pos, int indent); 1538 1539 static int 1540 process_proxy_cond_val(unsigned int letters[26], const char *cond, 1541 const char **cond_end, int *pos, int indent) 1542 { 1543 int c; 1544 int ok = 1; 1545 int negate = 0; 1546 1547 while (isspace((int)*cond)) { 1548 cond++; 1549 (*pos)++; 1550 } 1551 c = *cond; 1552 1553 if (debug) 1554 process_proxy_debug(indent, 1555 "Start process_proxy_cond_val at position %d: %s\n", 1556 *pos, cond); 1557 1558 while (c == '!') { 1559 negate = !negate; 1560 cond++; 1561 (*pos)++; 1562 while (isspace((int)*cond)) { 1563 cond++; 1564 (*pos)++; 1565 } 1566 c = *cond; 1567 } 1568 1569 if (c == '(') { 1570 cond++; 1571 (*pos)++; 1572 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1573 indent + 1); 1574 cond = *cond_end; 1575 if (ok < 0) 1576 goto end; 1577 while (isspace((int)*cond)) { 1578 cond++; 1579 (*pos)++; 1580 } 1581 c = *cond; 1582 if (c != ')') { 1583 fprintf(stderr, 1584 "Weird condition character in position %d: " 1585 "%c\n", *pos, c); 1586 ok = -1; 1587 goto end; 1588 } 1589 cond++; 1590 (*pos)++; 1591 } else if (isascii(c) && isalpha(c)) { 1592 if (islower(c)) 1593 c = toupper(c); 1594 ok = letters[c - 'A']; 1595 cond++; 1596 (*pos)++; 1597 } else { 1598 fprintf(stderr, 1599 "Weird condition character in position %d: " 1600 "%c\n", *pos, c); 1601 ok = -1; 1602 goto end; 1603 } 1604 end: 1605 *cond_end = cond; 1606 if (ok >= 0 && negate) 1607 ok = !ok; 1608 1609 if (debug) 1610 process_proxy_debug(indent, 1611 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1612 *pos, cond, ok); 1613 1614 return ok; 1615 } 1616 1617 static int 1618 process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, 1619 const char **cond_end, int *pos, int indent) 1620 { 1621 int ok; 1622 char c; 1623 1624 if (debug) 1625 process_proxy_debug(indent, 1626 "Start process_proxy_cond_multipliers at position %d: %s\n", 1627 *pos, cond); 1628 1629 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 1630 cond = *cond_end; 1631 if (ok < 0) 1632 goto end; 1633 1634 while (ok >= 0) { 1635 while (isspace((int)*cond)) { 1636 cond++; 1637 (*pos)++; 1638 } 1639 c = *cond; 1640 1641 switch (c) { 1642 case '&': 1643 case '^': 1644 { 1645 int save_ok = ok; 1646 1647 cond++; 1648 (*pos)++; 1649 ok = process_proxy_cond_val(letters, 1650 cond, cond_end, pos, indent + 1); 1651 cond = *cond_end; 1652 if (ok < 0) 1653 break; 1654 1655 switch (c) { 1656 case '&': 1657 ok &= save_ok; 1658 break; 1659 case '^': 1660 ok ^= save_ok; 1661 break; 1662 default: 1663 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1664 " STOPPING\n"); 1665 exit(1); 1666 } 1667 } 1668 break; 1669 default: 1670 goto end; 1671 } 1672 } 1673 end: 1674 if (debug) 1675 process_proxy_debug(indent, 1676 "End process_proxy_cond_multipliers at position %d: %s, " 1677 "returning %d\n", 1678 *pos, cond, ok); 1679 1680 *cond_end = cond; 1681 return ok; 1682 } 1683 1684 static int 1685 process_proxy_cond_adders(unsigned int letters[26], const char *cond, 1686 const char **cond_end, int *pos, int indent) 1687 { 1688 int ok; 1689 char c; 1690 1691 if (debug) 1692 process_proxy_debug(indent, 1693 "Start process_proxy_cond_adders at position %d: %s\n", 1694 *pos, cond); 1695 1696 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 1697 indent + 1); 1698 cond = *cond_end; 1699 if (ok < 0) 1700 goto end; 1701 1702 while (ok >= 0) { 1703 while (isspace((int)*cond)) { 1704 cond++; 1705 (*pos)++; 1706 } 1707 c = *cond; 1708 1709 switch (c) { 1710 case '|': 1711 { 1712 int save_ok = ok; 1713 1714 cond++; 1715 (*pos)++; 1716 ok = process_proxy_cond_multipliers(letters, 1717 cond, cond_end, pos, indent + 1); 1718 cond = *cond_end; 1719 if (ok < 0) 1720 break; 1721 1722 switch (c) { 1723 case '|': 1724 ok |= save_ok; 1725 break; 1726 default: 1727 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1728 " STOPPING\n"); 1729 exit(1); 1730 } 1731 } 1732 break; 1733 default: 1734 goto end; 1735 } 1736 } 1737 end: 1738 if (debug) 1739 process_proxy_debug(indent, 1740 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 1741 *pos, cond, ok); 1742 1743 *cond_end = cond; 1744 return ok; 1745 } 1746 1747 static int 1748 process_proxy_cond(unsigned int letters[26], const char *cond, 1749 const char **cond_end) 1750 { 1751 int pos = 1; 1752 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 1753 } 1754 1755 static int 1756 app_verify_callback(X509_STORE_CTX *ctx, void *arg) 1757 { 1758 int ok = 1; 1759 struct app_verify_arg *cb_arg = arg; 1760 unsigned int letters[26]; /* only used with proxy_auth */ 1761 1762 if (cb_arg->app_verify) { 1763 char *s = NULL, buf[256]; 1764 1765 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1766 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1767 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 1768 (void *)ctx, (void *)ctx->cert); 1769 if (ctx->cert) 1770 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 1771 if (s != NULL) { 1772 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 1773 } 1774 return (1); 1775 } 1776 if (cb_arg->proxy_auth) { 1777 int found_any = 0, i; 1778 char *sp; 1779 1780 for (i = 0; i < 26; i++) 1781 letters[i] = 0; 1782 for (sp = cb_arg->proxy_auth; *sp; sp++) { 1783 int c = *sp; 1784 if (isascii(c) && isalpha(c)) { 1785 if (islower(c)) 1786 c = toupper(c); 1787 letters[c - 'A'] = 1; 1788 } 1789 } 1790 1791 fprintf(stderr, " Initial proxy rights = "); 1792 for (i = 0; i < 26; i++) 1793 if (letters[i]) { 1794 fprintf(stderr, "%c", i + 'A'); 1795 found_any = 1; 1796 } 1797 if (!found_any) 1798 fprintf(stderr, "none"); 1799 fprintf(stderr, "\n"); 1800 1801 X509_STORE_CTX_set_ex_data(ctx, 1802 get_proxy_auth_ex_data_idx(), letters); 1803 } 1804 if (cb_arg->allow_proxy_certs) { 1805 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 1806 } 1807 1808 ok = X509_verify_cert(ctx); 1809 1810 if (cb_arg->proxy_auth) { 1811 if (ok > 0) { 1812 const char *cond_end = NULL; 1813 1814 ok = process_proxy_cond(letters, 1815 cb_arg->proxy_cond, &cond_end); 1816 1817 if (ok < 0) 1818 exit(3); 1819 if (*cond_end) { 1820 fprintf(stderr, "Stopped processing condition before it's end.\n"); 1821 ok = 0; 1822 } 1823 if (!ok) 1824 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", 1825 cb_arg->proxy_cond); 1826 else 1827 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", 1828 cb_arg->proxy_cond); 1829 } 1830 } 1831 return (ok); 1832 } 1833 1834 /* These DH parameters have been generated as follows: 1835 * $ openssl dhparam -C -noout 1024 1836 * $ openssl dhparam -C -noout -dsaparam 1024 1837 * (The second function has been renamed to avoid name conflicts.) 1838 */ 1839 static DH * 1840 get_dh1024() 1841 { 1842 static unsigned char dh1024_p[] = { 1843 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, 1844 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, 1845 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, 1846 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, 1847 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, 1848 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, 1849 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, 1850 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, 1851 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, 1852 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, 1853 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 1854 }; 1855 static unsigned char dh1024_g[] = { 1856 0x02, 1857 }; 1858 DH *dh; 1859 1860 if ((dh = DH_new()) == NULL) 1861 return (NULL); 1862 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 1863 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 1864 if ((dh->p == NULL) || (dh->g == NULL)) { 1865 DH_free(dh); 1866 return (NULL); 1867 } 1868 return (dh); 1869 } 1870 1871 static DH * 1872 get_dh1024dsa() 1873 { 1874 static unsigned char dh1024_p[] = { 1875 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, 1876 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, 1877 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, 1878 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, 1879 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, 1880 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, 1881 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, 1882 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, 1883 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, 1884 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, 1885 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 1886 }; 1887 static unsigned char dh1024_g[] = { 1888 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, 1889 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, 1890 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, 1891 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, 1892 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, 1893 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, 1894 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, 1895 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, 1896 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, 1897 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, 1898 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 1899 }; 1900 DH *dh; 1901 1902 if ((dh = DH_new()) == NULL) 1903 return (NULL); 1904 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 1905 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 1906 if ((dh->p == NULL) || (dh->g == NULL)) { 1907 DH_free(dh); 1908 return (NULL); 1909 } 1910 dh->length = 160; 1911 return (dh); 1912 } 1913