1 /* ssl/ssltest.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly 144 on Linux and GNU platforms. */ 145 #include <sys/types.h> 146 #include <sys/param.h> 147 #include <sys/socket.h> 148 149 #include <netinet/in.h> 150 151 #include <assert.h> 152 #include <errno.h> 153 #include <limits.h> 154 #include <netdb.h> 155 #include <stdio.h> 156 #include <stdlib.h> 157 #include <string.h> 158 #include <time.h> 159 #include <unistd.h> 160 161 #include <ctype.h> 162 163 #include <openssl/opensslconf.h> 164 #include <openssl/e_os2.h> 165 #include <openssl/bio.h> 166 #include <openssl/crypto.h> 167 #include <openssl/evp.h> 168 #include <openssl/x509.h> 169 #include <openssl/x509v3.h> 170 #include <openssl/ssl.h> 171 #ifndef OPENSSL_NO_ENGINE 172 #include <openssl/engine.h> 173 #endif 174 #include <openssl/err.h> 175 #include <openssl/rand.h> 176 #include <openssl/rsa.h> 177 #include <openssl/dsa.h> 178 #include <openssl/dh.h> 179 #include <openssl/bn.h> 180 181 #define TEST_SERVER_CERT "../apps/server.pem" 182 #define TEST_CLIENT_CERT "../apps/client.pem" 183 184 static int verify_callback(int ok, X509_STORE_CTX *ctx); 185 static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); 186 static void free_tmp_rsa(void); 187 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 188 #define APP_CALLBACK_STRING "Test Callback Argument" 189 struct app_verify_arg { 190 char *string; 191 int app_verify; 192 int allow_proxy_certs; 193 char *proxy_auth; 194 char *proxy_cond; 195 }; 196 197 static DH *get_dh512(void); 198 static DH *get_dh1024(void); 199 static DH *get_dh1024dsa(void); 200 201 static BIO *bio_err = NULL; 202 static BIO *bio_stdout = NULL; 203 204 /* Note that this code assumes that this is only a one element list: */ 205 static const char NEXT_PROTO_STRING[] = "\x09testproto"; 206 int npn_client = 0; 207 int npn_server = 0; 208 int npn_server_reject = 0; 209 210 static int 211 cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, 212 const unsigned char *in, unsigned int inlen, void *arg) 213 { 214 /* 215 * This callback only returns the protocol string, rather than a length 216 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list 217 * and remove the first byte to chop off the length prefix. 218 */ 219 *out = (unsigned char *)NEXT_PROTO_STRING + 1; 220 *outlen = sizeof(NEXT_PROTO_STRING) - 2; 221 return (SSL_TLSEXT_ERR_OK); 222 } 223 224 static int 225 cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 226 { 227 *data = (const unsigned char *)NEXT_PROTO_STRING; 228 *len = sizeof(NEXT_PROTO_STRING) - 1; 229 return (SSL_TLSEXT_ERR_OK); 230 } 231 232 static int 233 cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, 234 void *arg) 235 { 236 return (SSL_TLSEXT_ERR_NOACK); 237 } 238 239 static int 240 verify_npn(SSL *client, SSL *server) 241 { 242 const unsigned char *client_s; 243 unsigned int client_len; 244 const unsigned char *server_s; 245 unsigned int server_len; 246 247 SSL_get0_next_proto_negotiated(client, &client_s, &client_len); 248 SSL_get0_next_proto_negotiated(server, &server_s, &server_len); 249 250 if (client_len) { 251 BIO_printf(bio_stdout, "Client NPN: "); 252 BIO_write(bio_stdout, client_s, client_len); 253 BIO_printf(bio_stdout, "\n"); 254 } 255 256 if (server_len) { 257 BIO_printf(bio_stdout, "Server NPN: "); 258 BIO_write(bio_stdout, server_s, server_len); 259 BIO_printf(bio_stdout, "\n"); 260 } 261 262 /* 263 * If an NPN string was returned, it must be the protocol that we 264 * expected to negotiate. 265 */ 266 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 || 267 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len))) 268 return (-1); 269 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 || 270 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len))) 271 return (-1); 272 273 if (!npn_client && client_len) 274 return (-1); 275 if (!npn_server && server_len) 276 return (-1); 277 if (npn_server_reject && server_len) 278 return (-1); 279 if (npn_client && npn_server && (!client_len || !server_len)) 280 return (-1); 281 282 return (0); 283 } 284 285 static const char *alpn_client; 286 static const char *alpn_server; 287 static const char *alpn_expected; 288 static unsigned char *alpn_selected; 289 290 /* 291 * next_protos_parse parses a comma separated list of strings into a string 292 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 293 * outlen: (output) set to the length of the resulting buffer on success. 294 * err: (maybe NULL) on failure, an error message line is written to this BIO. 295 * in: a NUL terminated string like "abc,def,ghi" 296 * 297 * returns: a malloced buffer or NULL on failure. 298 */ 299 static unsigned char * 300 next_protos_parse(unsigned short *outlen, const char *in) 301 { 302 size_t i, len, start = 0; 303 unsigned char *out; 304 305 len = strlen(in); 306 if (len >= 65535) 307 return (NULL); 308 309 if ((out = malloc(strlen(in) + 1)) == NULL) 310 return (NULL); 311 312 for (i = 0; i <= len; ++i) { 313 if (i == len || in[i] == ',') { 314 if (i - start > 255) { 315 free(out); 316 return (NULL); 317 } 318 out[start] = i - start; 319 start = i + 1; 320 } else 321 out[i+1] = in[i]; 322 } 323 *outlen = len + 1; 324 return (out); 325 } 326 327 static int 328 cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, 329 const unsigned char *in, unsigned int inlen, void *arg) 330 { 331 unsigned char *protos; 332 unsigned short protos_len; 333 334 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) { 335 fprintf(stderr, 336 "failed to parser ALPN server protocol string: %s\n", 337 alpn_server); 338 abort(); 339 } 340 341 if (SSL_select_next_proto((unsigned char **)out, outlen, protos, 342 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) { 343 free(protos); 344 return (SSL_TLSEXT_ERR_NOACK); 345 } 346 347 /* 348 * Make a copy of the selected protocol which will be freed in 349 * verify_alpn. 350 */ 351 if ((alpn_selected = malloc(*outlen)) == NULL) { 352 fprintf(stderr, "malloc failed\n"); 353 abort(); 354 } 355 memcpy(alpn_selected, *out, *outlen); 356 *out = alpn_selected; 357 free(protos); 358 359 return (SSL_TLSEXT_ERR_OK); 360 } 361 362 static int 363 verify_alpn(SSL *client, SSL *server) 364 { 365 const unsigned char *client_proto, *server_proto; 366 unsigned int client_proto_len = 0, server_proto_len = 0; 367 368 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 369 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 370 371 free(alpn_selected); 372 alpn_selected = NULL; 373 374 if (client_proto_len != server_proto_len || 375 memcmp(client_proto, server_proto, client_proto_len) != 0) { 376 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 377 goto err; 378 } 379 380 if (client_proto_len > 0 && alpn_expected == NULL) { 381 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 382 goto err; 383 } 384 385 if (alpn_expected != NULL && 386 (client_proto_len != strlen(alpn_expected) || 387 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 388 BIO_printf(bio_stdout, "ALPN selected protocols not equal to " 389 "expected protocol: %s\n", alpn_expected); 390 goto err; 391 } 392 393 return (0); 394 395 err: 396 BIO_printf(bio_stdout, "ALPN results: client: '"); 397 BIO_write(bio_stdout, client_proto, client_proto_len); 398 BIO_printf(bio_stdout, "', server: '"); 399 BIO_write(bio_stdout, server_proto, server_proto_len); 400 BIO_printf(bio_stdout, "'\n"); 401 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", 402 alpn_client, alpn_server); 403 404 return (-1); 405 } 406 407 static char *cipher = NULL; 408 static int verbose = 0; 409 static int debug = 0; 410 411 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 412 clock_t *c_time); 413 int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 414 static int do_test_cipherlist(void); 415 416 static void 417 sv_usage(void) 418 { 419 fprintf(stderr, "usage: ssltest [args ...]\n"); 420 fprintf(stderr, "\n"); 421 fprintf(stderr, " -server_auth - check server certificate\n"); 422 fprintf(stderr, " -client_auth - do client authentication\n"); 423 fprintf(stderr, " -proxy - allow proxy certificates\n"); 424 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 425 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n"); 426 fprintf(stderr, " -v - more output\n"); 427 fprintf(stderr, " -d - debug output\n"); 428 fprintf(stderr, " -reuse - use session-id reuse\n"); 429 fprintf(stderr, " -num <val> - number of connections to perform\n"); 430 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n"); 431 fprintf(stderr, " -dhe1024 - use 1024 bit key (safe prime) for DHE\n"); 432 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 433 fprintf(stderr, " -no_dhe - disable DHE\n"); 434 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 435 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 436 fprintf(stderr, " -ssl3 - use SSLv3\n"); 437 fprintf(stderr, " -tls1 - use TLSv1\n"); 438 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 439 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 440 fprintf(stderr, " -cert arg - Server certificate file\n"); 441 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); 442 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 443 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); 444 fprintf(stderr, " -cipher arg - The cipher list\n"); 445 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 446 fprintf(stderr, " -f - Test even cases that can't work\n"); 447 fprintf(stderr, " -time - measure processor time used by client and server\n"); 448 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 449 " Use \"openssl ecparam -list_curves\" for all names\n" \ 450 " (default is sect163r2).\n"); 451 fprintf(stderr, " -test_cipherlist - verifies the order of the ssl cipher lists\n"); 452 fprintf(stderr, " -npn_client - have client side offer NPN\n"); 453 fprintf(stderr, " -npn_server - have server side offer NPN\n"); 454 fprintf(stderr, " -npn_server_reject - have server reject NPN\n"); 455 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 456 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 457 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 458 } 459 460 static void 461 print_details(SSL *c_ssl, const char *prefix) 462 { 463 const SSL_CIPHER *ciph; 464 X509 *cert; 465 466 ciph = SSL_get_current_cipher(c_ssl); 467 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 468 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), 469 SSL_CIPHER_get_name(ciph)); 470 cert = SSL_get_peer_certificate(c_ssl); 471 if (cert != NULL) { 472 EVP_PKEY *pkey = X509_get_pubkey(cert); 473 if (pkey != NULL) { 474 if (pkey->type == EVP_PKEY_RSA && 475 pkey->pkey.rsa != NULL && 476 pkey->pkey.rsa->n != NULL) { 477 BIO_printf(bio_stdout, ", %d bit RSA", 478 BN_num_bits(pkey->pkey.rsa->n)); 479 } else if (pkey->type == EVP_PKEY_DSA && 480 pkey->pkey.dsa != NULL && 481 pkey->pkey.dsa->p != NULL) { 482 BIO_printf(bio_stdout, ", %d bit DSA", 483 BN_num_bits(pkey->pkey.dsa->p)); 484 } 485 EVP_PKEY_free(pkey); 486 } 487 X509_free(cert); 488 } 489 /* The SSL API does not allow us to look at temporary RSA/DH keys, 490 * otherwise we should print their lengths too */ 491 BIO_printf(bio_stdout, "\n"); 492 } 493 494 static void 495 lock_dbg_cb(int mode, int type, const char *file, int line) 496 { 497 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ 498 const char *errstr = NULL; 499 int rw; 500 501 rw = mode & (CRYPTO_READ|CRYPTO_WRITE); 502 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) { 503 errstr = "invalid mode"; 504 goto err; 505 } 506 507 if (type < 0 || type >= CRYPTO_NUM_LOCKS) { 508 errstr = "type out of bounds"; 509 goto err; 510 } 511 512 if (mode & CRYPTO_LOCK) { 513 if (modes[type]) { 514 errstr = "already locked"; 515 /* must not happen in a single-threaded program 516 * (would deadlock) */ 517 goto err; 518 } 519 520 modes[type] = rw; 521 } else if (mode & CRYPTO_UNLOCK) { 522 if (!modes[type]) { 523 errstr = "not locked"; 524 goto err; 525 } 526 527 if (modes[type] != rw) { 528 errstr = (rw == CRYPTO_READ) ? 529 "CRYPTO_r_unlock on write lock" : 530 "CRYPTO_w_unlock on read lock"; 531 } 532 533 modes[type] = 0; 534 } else { 535 errstr = "invalid mode"; 536 goto err; 537 } 538 539 err: 540 if (errstr) { 541 /* we cannot use bio_err here */ 542 fprintf(stderr, 543 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n", 544 errstr, mode, type, file, line); 545 } 546 } 547 548 int 549 main(int argc, char *argv[]) 550 { 551 char *CApath = NULL, *CAfile = NULL; 552 int badop = 0; 553 int bio_pair = 0; 554 int force = 0; 555 int tls1 = 0, ssl3 = 0, dtls1 = 0, ret = 1; 556 int client_auth = 0; 557 int server_auth = 0, i; 558 struct app_verify_arg app_verify_arg = 559 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 560 char *server_cert = TEST_SERVER_CERT; 561 char *server_key = NULL; 562 char *client_cert = TEST_CLIENT_CERT; 563 char *client_key = NULL; 564 char *named_curve = NULL; 565 SSL_CTX *s_ctx = NULL; 566 SSL_CTX *c_ctx = NULL; 567 const SSL_METHOD *meth = NULL; 568 SSL *c_ssl, *s_ssl; 569 int number = 1, reuse = 0; 570 long bytes = 256L; 571 DH *dh; 572 int dhe1024 = 0, dhe1024dsa = 0; 573 EC_KEY *ecdh = NULL; 574 int no_dhe = 0; 575 int no_ecdhe = 0; 576 int print_time = 0; 577 clock_t s_time = 0, c_time = 0; 578 int test_cipherlist = 0; 579 580 verbose = 0; 581 debug = 0; 582 cipher = 0; 583 584 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); 585 586 CRYPTO_set_locking_callback(lock_dbg_cb); 587 588 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); 589 590 argc--; 591 argv++; 592 593 while (argc >= 1) { 594 if (!strcmp(*argv, "-F")) { 595 fprintf(stderr, "not compiled with FIPS support, so exitting without running.\n"); 596 exit(0); 597 } else if (strcmp(*argv, "-server_auth") == 0) 598 server_auth = 1; 599 else if (strcmp(*argv, "-client_auth") == 0) 600 client_auth = 1; 601 else if (strcmp(*argv, "-proxy_auth") == 0) { 602 if (--argc < 1) 603 goto bad; 604 app_verify_arg.proxy_auth= *(++argv); 605 } else if (strcmp(*argv, "-proxy_cond") == 0) { 606 if (--argc < 1) 607 goto bad; 608 app_verify_arg.proxy_cond= *(++argv); 609 } else if (strcmp(*argv, "-v") == 0) 610 verbose = 1; 611 else if (strcmp(*argv, "-d") == 0) 612 debug = 1; 613 else if (strcmp(*argv, "-reuse") == 0) 614 reuse = 1; 615 else if (strcmp(*argv, "-dhe1024") == 0) { 616 dhe1024 = 1; 617 } else if (strcmp(*argv, "-dhe1024dsa") == 0) { 618 dhe1024dsa = 1; 619 } else if (strcmp(*argv, "-no_dhe") == 0) 620 no_dhe = 1; 621 else if (strcmp(*argv, "-no_ecdhe") == 0) 622 no_ecdhe = 1; 623 else if (strcmp(*argv, "-dtls1") == 0) 624 dtls1 = 1; 625 else if (strcmp(*argv, "-ssl3") == 0) 626 ssl3 = 1; 627 else if (strcmp(*argv, "-tls1") == 0) 628 tls1 = 1; 629 else if (strncmp(*argv, "-num", 4) == 0) { 630 if (--argc < 1) 631 goto bad; 632 number = atoi(*(++argv)); 633 if (number == 0) 634 number = 1; 635 } else if (strcmp(*argv, "-bytes") == 0) { 636 if (--argc < 1) 637 goto bad; 638 bytes = atol(*(++argv)); 639 if (bytes == 0L) 640 bytes = 1L; 641 i = strlen(argv[0]); 642 if (argv[0][i - 1] == 'k') 643 bytes*=1024L; 644 if (argv[0][i - 1] == 'm') 645 bytes*=1024L*1024L; 646 } else if (strcmp(*argv, "-cert") == 0) { 647 if (--argc < 1) 648 goto bad; 649 server_cert= *(++argv); 650 } else if (strcmp(*argv, "-s_cert") == 0) { 651 if (--argc < 1) 652 goto bad; 653 server_cert= *(++argv); 654 } else if (strcmp(*argv, "-key") == 0) { 655 if (--argc < 1) 656 goto bad; 657 server_key= *(++argv); 658 } else if (strcmp(*argv, "-s_key") == 0) { 659 if (--argc < 1) 660 goto bad; 661 server_key= *(++argv); 662 } else if (strcmp(*argv, "-c_cert") == 0) { 663 if (--argc < 1) 664 goto bad; 665 client_cert= *(++argv); 666 } else if (strcmp(*argv, "-c_key") == 0) { 667 if (--argc < 1) 668 goto bad; 669 client_key= *(++argv); 670 } else if (strcmp(*argv, "-cipher") == 0) { 671 if (--argc < 1) 672 goto bad; 673 cipher= *(++argv); 674 } else if (strcmp(*argv, "-CApath") == 0) { 675 if (--argc < 1) 676 goto bad; 677 CApath= *(++argv); 678 } else if (strcmp(*argv, "-CAfile") == 0) { 679 if (--argc < 1) 680 goto bad; 681 CAfile= *(++argv); 682 } else if (strcmp(*argv, "-bio_pair") == 0) { 683 bio_pair = 1; 684 } else if (strcmp(*argv, "-f") == 0) { 685 force = 1; 686 } else if (strcmp(*argv, "-time") == 0) { 687 print_time = 1; 688 } else if (strcmp(*argv, "-named_curve") == 0) { 689 if (--argc < 1) 690 goto bad; 691 named_curve = *(++argv); 692 } else if (strcmp(*argv, "-app_verify") == 0) { 693 app_verify_arg.app_verify = 1; 694 } else if (strcmp(*argv, "-proxy") == 0) { 695 app_verify_arg.allow_proxy_certs = 1; 696 } else if (strcmp(*argv, "-test_cipherlist") == 0) { 697 test_cipherlist = 1; 698 } 699 else if (strcmp(*argv, "-npn_client") == 0) { 700 npn_client = 1; 701 } else if (strcmp(*argv, "-npn_server") == 0) { 702 npn_server = 1; 703 } else if (strcmp(*argv, "-npn_server_reject") == 0) { 704 npn_server_reject = 1; 705 } 706 else if (strcmp(*argv, "-alpn_client") == 0) { 707 if (--argc < 1) 708 goto bad; 709 alpn_client = *(++argv); 710 } else if (strcmp(*argv, "-alpn_server") == 0) { 711 if (--argc < 1) 712 goto bad; 713 alpn_server = *(++argv); 714 } else if (strcmp(*argv, "-alpn_expected") == 0) { 715 if (--argc < 1) 716 goto bad; 717 alpn_expected = *(++argv); 718 } else { 719 fprintf(stderr, "unknown option %s\n", *argv); 720 badop = 1; 721 break; 722 } 723 argc--; 724 argv++; 725 } 726 if (badop) { 727 bad: 728 sv_usage(); 729 goto end; 730 } 731 732 if (test_cipherlist == 1) { 733 /* ensure that the cipher list are correctly sorted and exit */ 734 if (do_test_cipherlist() == 0) 735 exit(1); 736 ret = 0; 737 goto end; 738 } 739 740 if (!dtls1 && !ssl3 && !tls1 && 741 number > 1 && !reuse && !force) { 742 fprintf(stderr, 743 "This case cannot work. Use -f to perform " 744 "the test anyway (and\n-d to see what happens), " 745 "or add one of -dtls1, -ssl3, -tls1, -reuse\n" 746 "to avoid protocol mismatch.\n"); 747 exit(1); 748 } 749 750 if (print_time) { 751 if (!bio_pair) { 752 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 753 bio_pair = 1; 754 } 755 if (number < 50 && !force) 756 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 757 } 758 759 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 760 761 SSL_library_init(); 762 SSL_load_error_strings(); 763 764 if (dtls1) 765 meth = DTLSv1_method(); 766 else if (tls1) 767 meth = TLSv1_method(); 768 else if (ssl3) 769 meth = SSLv3_method(); 770 else 771 meth = SSLv23_method(); 772 773 c_ctx = SSL_CTX_new(meth); 774 s_ctx = SSL_CTX_new(meth); 775 if ((c_ctx == NULL) || (s_ctx == NULL)) { 776 ERR_print_errors(bio_err); 777 goto end; 778 } 779 780 if (cipher != NULL) { 781 SSL_CTX_set_cipher_list(c_ctx, cipher); 782 SSL_CTX_set_cipher_list(s_ctx, cipher); 783 } 784 785 if (!no_dhe) { 786 if (dhe1024dsa) { 787 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ 788 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 789 dh = get_dh1024dsa(); 790 } else if (dhe1024) 791 dh = get_dh1024(); 792 else 793 dh = get_dh512(); 794 SSL_CTX_set_tmp_dh(s_ctx, dh); 795 DH_free(dh); 796 } 797 798 if (!no_ecdhe) { 799 int nid; 800 801 if (named_curve != NULL) { 802 nid = OBJ_sn2nid(named_curve); 803 if (nid == 0) { 804 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 805 goto end; 806 } 807 } else 808 #ifdef OPENSSL_NO_EC2M 809 nid = NID_X9_62_prime256v1; 810 #else 811 nid = NID_sect163r2; 812 #endif 813 814 ecdh = EC_KEY_new_by_curve_name(nid); 815 if (ecdh == NULL) { 816 BIO_printf(bio_err, "unable to create curve\n"); 817 goto end; 818 } 819 820 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 821 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 822 EC_KEY_free(ecdh); 823 } 824 825 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); 826 827 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, 828 SSL_FILETYPE_PEM)) { 829 ERR_print_errors(bio_err); 830 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 831 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { 832 ERR_print_errors(bio_err); 833 goto end; 834 } 835 836 if (client_auth) { 837 SSL_CTX_use_certificate_file(c_ctx, client_cert, 838 SSL_FILETYPE_PEM); 839 SSL_CTX_use_PrivateKey_file(c_ctx, 840 (client_key ? client_key : client_cert), 841 SSL_FILETYPE_PEM); 842 } 843 844 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 845 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 846 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 847 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 848 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 849 ERR_print_errors(bio_err); 850 /* goto end; */ 851 } 852 853 if (client_auth) { 854 BIO_printf(bio_err, "client authentication\n"); 855 SSL_CTX_set_verify(s_ctx, 856 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 857 verify_callback); 858 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 859 &app_verify_arg); 860 } 861 if (server_auth) { 862 BIO_printf(bio_err, "server authentication\n"); 863 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, 864 verify_callback); 865 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 866 &app_verify_arg); 867 } 868 869 { 870 int session_id_context = 0; 871 SSL_CTX_set_session_id_context(s_ctx, 872 (void *)&session_id_context, sizeof(session_id_context)); 873 } 874 875 if (npn_client) 876 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL); 877 if (npn_server) { 878 if (npn_server_reject) { 879 BIO_printf(bio_err, "Can't have both -npn_server and " 880 "-npn_server_reject\n"); 881 goto end; 882 } 883 SSL_CTX_set_next_protos_advertised_cb(s_ctx, 884 cb_server_npn, NULL); 885 } 886 if (npn_server_reject) { 887 SSL_CTX_set_next_protos_advertised_cb(s_ctx, 888 cb_server_rejects_npn, NULL); 889 } 890 891 if (alpn_server != NULL) 892 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL); 893 894 if (alpn_client != NULL) { 895 unsigned short alpn_len; 896 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 897 898 if (alpn == NULL) { 899 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 900 goto end; 901 } 902 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); 903 free(alpn); 904 } 905 906 c_ssl = SSL_new(c_ctx); 907 s_ssl = SSL_new(s_ctx); 908 909 for (i = 0; i < number; i++) { 910 if (!reuse) 911 SSL_set_session(c_ssl, NULL); 912 if (bio_pair) 913 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, 914 &c_time); 915 else 916 ret = doit(s_ssl, c_ssl, bytes); 917 } 918 919 if (!verbose) { 920 print_details(c_ssl, ""); 921 } 922 if ((number > 1) || (bytes > 1L)) 923 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", 924 number, bytes); 925 if (print_time) { 926 #ifdef CLOCKS_PER_SEC 927 /* "To determine the time in seconds, the value returned 928 * by the clock function should be divided by the value 929 * of the macro CLOCKS_PER_SEC." 930 * -- ISO/IEC 9899 */ 931 BIO_printf(bio_stdout, 932 "Approximate total server time: %6.2f s\n" 933 "Approximate total client time: %6.2f s\n", 934 (double)s_time/CLOCKS_PER_SEC, 935 (double)c_time/CLOCKS_PER_SEC); 936 #else 937 /* "`CLOCKS_PER_SEC' undeclared (first use this function)" 938 * -- cc on NeXTstep/OpenStep */ 939 BIO_printf(bio_stdout, 940 "Approximate total server time: %6.2f units\n" 941 "Approximate total client time: %6.2f units\n", 942 (double)s_time, 943 (double)c_time); 944 #endif 945 } 946 947 SSL_free(s_ssl); 948 SSL_free(c_ssl); 949 950 end: 951 SSL_CTX_free(s_ctx); 952 SSL_CTX_free(c_ctx); 953 BIO_free(bio_stdout); 954 955 free_tmp_rsa(); 956 #ifndef OPENSSL_NO_ENGINE 957 ENGINE_cleanup(); 958 #endif 959 CRYPTO_cleanup_all_ex_data(); 960 ERR_free_strings(); 961 ERR_remove_thread_state(NULL); 962 EVP_cleanup(); 963 CRYPTO_mem_leaks(bio_err); 964 BIO_free(bio_err); 965 966 exit(ret); 967 return ret; 968 } 969 970 int 971 doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, 972 clock_t *c_time) 973 { 974 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 975 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 976 BIO *server = NULL, *server_io = NULL; 977 BIO *client = NULL, *client_io = NULL; 978 int ret = 1; 979 980 size_t bufsiz = 256; /* small buffer for testing */ 981 982 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 983 goto err; 984 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 985 goto err; 986 987 s_ssl_bio = BIO_new(BIO_f_ssl()); 988 if (!s_ssl_bio) 989 goto err; 990 991 c_ssl_bio = BIO_new(BIO_f_ssl()); 992 if (!c_ssl_bio) 993 goto err; 994 995 SSL_set_connect_state(c_ssl); 996 SSL_set_bio(c_ssl, client, client); 997 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 998 999 SSL_set_accept_state(s_ssl); 1000 SSL_set_bio(s_ssl, server, server); 1001 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 1002 1003 do { 1004 /* c_ssl_bio: SSL filter BIO 1005 * 1006 * client: pseudo-I/O for SSL library 1007 * 1008 * client_io: client's SSL communication; usually to be 1009 * relayed over some I/O facility, but in this 1010 * test program, we're the server, too: 1011 * 1012 * server_io: server's SSL communication 1013 * 1014 * server: pseudo-I/O for SSL library 1015 * 1016 * s_ssl_bio: SSL filter BIO 1017 * 1018 * The client and the server each employ a "BIO pair": 1019 * client + client_io, server + server_io. 1020 * BIO pairs are symmetric. A BIO pair behaves similar 1021 * to a non-blocking socketpair (but both endpoints must 1022 * be handled by the same thread). 1023 * [Here we could connect client and server to the ends 1024 * of a single BIO pair, but then this code would be less 1025 * suitable as an example for BIO pairs in general.] 1026 * 1027 * Useful functions for querying the state of BIO pair endpoints: 1028 * 1029 * BIO_ctrl_pending(bio) number of bytes we can read now 1030 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 1031 * other side's read attempt 1032 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 1033 * 1034 * ..._read_request is never more than ..._write_guarantee; 1035 * it depends on the application which one you should use. 1036 */ 1037 1038 /* We have non-blocking behaviour throughout this test program, but 1039 * can be sure that there is *some* progress in each iteration; so 1040 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE 1041 * -- we just try everything in each iteration 1042 */ 1043 1044 { 1045 /* CLIENT */ 1046 1047 char cbuf[1024*8]; 1048 int i, r; 1049 clock_t c_clock = clock(); 1050 1051 memset(cbuf, 0, sizeof(cbuf)); 1052 1053 if (debug) 1054 if (SSL_in_init(c_ssl)) 1055 printf("client waiting in SSL_connect - %s\n", 1056 SSL_state_string_long(c_ssl)); 1057 1058 if (cw_num > 0) { 1059 /* Write to server. */ 1060 1061 if (cw_num > (long)sizeof cbuf) 1062 i = sizeof cbuf; 1063 else 1064 i = (int)cw_num; 1065 r = BIO_write(c_ssl_bio, cbuf, i); 1066 if (r < 0) { 1067 if (!BIO_should_retry(c_ssl_bio)) { 1068 fprintf(stderr, "ERROR in CLIENT\n"); 1069 goto err; 1070 } 1071 /* BIO_should_retry(...) can just be ignored here. 1072 * The library expects us to call BIO_write with 1073 * the same arguments again, and that's what we will 1074 * do in the next iteration. */ 1075 } else if (r == 0) { 1076 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1077 goto err; 1078 } else { 1079 if (debug) 1080 printf("client wrote %d\n", r); 1081 cw_num -= r; 1082 1083 } 1084 } 1085 1086 if (cr_num > 0) { 1087 /* Read from server. */ 1088 1089 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 1090 if (r < 0) { 1091 if (!BIO_should_retry(c_ssl_bio)) { 1092 fprintf(stderr, "ERROR in CLIENT\n"); 1093 goto err; 1094 } 1095 /* Again, "BIO_should_retry" can be ignored. */ 1096 } else if (r == 0) { 1097 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1098 goto err; 1099 } else { 1100 if (debug) 1101 printf("client read %d\n", r); 1102 cr_num -= r; 1103 } 1104 } 1105 1106 /* c_time and s_time increments will typically be very small 1107 * (depending on machine speed and clock tick intervals), 1108 * but sampling over a large number of connections should 1109 * result in fairly accurate figures. We cannot guarantee 1110 * a lot, however -- if each connection lasts for exactly 1111 * one clock tick, it will be counted only for the client 1112 * or only for the server or even not at all. 1113 */ 1114 *c_time += (clock() - c_clock); 1115 } 1116 1117 { 1118 /* SERVER */ 1119 1120 char sbuf[1024*8]; 1121 int i, r; 1122 clock_t s_clock = clock(); 1123 1124 memset(sbuf, 0, sizeof(sbuf)); 1125 1126 if (debug) 1127 if (SSL_in_init(s_ssl)) 1128 printf("server waiting in SSL_accept - %s\n", 1129 SSL_state_string_long(s_ssl)); 1130 1131 if (sw_num > 0) { 1132 /* Write to client. */ 1133 1134 if (sw_num > (long)sizeof sbuf) 1135 i = sizeof sbuf; 1136 else 1137 i = (int)sw_num; 1138 r = BIO_write(s_ssl_bio, sbuf, i); 1139 if (r < 0) { 1140 if (!BIO_should_retry(s_ssl_bio)) { 1141 fprintf(stderr, "ERROR in SERVER\n"); 1142 goto err; 1143 } 1144 /* Ignore "BIO_should_retry". */ 1145 } else if (r == 0) { 1146 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1147 goto err; 1148 } else { 1149 if (debug) 1150 printf("server wrote %d\n", r); 1151 sw_num -= r; 1152 1153 } 1154 } 1155 1156 if (sr_num > 0) { 1157 /* Read from client. */ 1158 1159 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 1160 if (r < 0) { 1161 if (!BIO_should_retry(s_ssl_bio)) { 1162 fprintf(stderr, "ERROR in SERVER\n"); 1163 goto err; 1164 } 1165 /* blah, blah */ 1166 } else if (r == 0) { 1167 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1168 goto err; 1169 } else { 1170 if (debug) 1171 printf("server read %d\n", r); 1172 sr_num -= r; 1173 } 1174 } 1175 1176 *s_time += (clock() - s_clock); 1177 } 1178 1179 { 1180 /* "I/O" BETWEEN CLIENT AND SERVER. */ 1181 1182 size_t r1, r2; 1183 BIO *io1 = server_io, *io2 = client_io; 1184 /* we use the non-copying interface for io1 1185 * and the standard BIO_write/BIO_read interface for io2 1186 */ 1187 1188 static int prev_progress = 1; 1189 int progress = 0; 1190 1191 /* io1 to io2 */ 1192 do { 1193 size_t num; 1194 int r; 1195 1196 r1 = BIO_ctrl_pending(io1); 1197 r2 = BIO_ctrl_get_write_guarantee(io2); 1198 1199 num = r1; 1200 if (r2 < num) 1201 num = r2; 1202 if (num) { 1203 char *dataptr; 1204 1205 if (INT_MAX < num) /* yeah, right */ 1206 num = INT_MAX; 1207 1208 r = BIO_nread(io1, &dataptr, (int)num); 1209 assert(r > 0); 1210 assert(r <= (int)num); 1211 /* possibly r < num (non-contiguous data) */ 1212 num = r; 1213 r = BIO_write(io2, dataptr, (int)num); 1214 if (r != (int)num) /* can't happen */ 1215 { 1216 fprintf(stderr, "ERROR: BIO_write could not write " 1217 "BIO_ctrl_get_write_guarantee() bytes"); 1218 goto err; 1219 } 1220 progress = 1; 1221 1222 if (debug) 1223 printf((io1 == client_io) ? 1224 "C->S relaying: %d bytes\n" : 1225 "S->C relaying: %d bytes\n", 1226 (int)num); 1227 } 1228 } while (r1 && r2); 1229 1230 /* io2 to io1 */ 1231 { 1232 size_t num; 1233 int r; 1234 1235 r1 = BIO_ctrl_pending(io2); 1236 r2 = BIO_ctrl_get_read_request(io1); 1237 /* here we could use ..._get_write_guarantee instead of 1238 * ..._get_read_request, but by using the latter 1239 * we test restartability of the SSL implementation 1240 * more thoroughly */ 1241 num = r1; 1242 if (r2 < num) 1243 num = r2; 1244 if (num) { 1245 char *dataptr; 1246 1247 if (INT_MAX < num) 1248 num = INT_MAX; 1249 1250 if (num > 1) 1251 --num; /* test restartability even more thoroughly */ 1252 1253 r = BIO_nwrite0(io1, &dataptr); 1254 assert(r > 0); 1255 if (r < (int)num) 1256 num = r; 1257 r = BIO_read(io2, dataptr, (int)num); 1258 if (r != (int)num) /* can't happen */ 1259 { 1260 fprintf(stderr, "ERROR: BIO_read could not read " 1261 "BIO_ctrl_pending() bytes"); 1262 goto err; 1263 } 1264 progress = 1; 1265 r = BIO_nwrite(io1, &dataptr, (int)num); 1266 if (r != (int)num) /* can't happen */ 1267 { 1268 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1269 "BIO_nwrite0() bytes"); 1270 goto err; 1271 } 1272 1273 if (debug) 1274 printf((io2 == client_io) ? 1275 "C->S relaying: %d bytes\n" : 1276 "S->C relaying: %d bytes\n", 1277 (int)num); 1278 } 1279 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ 1280 1281 if (!progress && !prev_progress) 1282 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1283 fprintf(stderr, "ERROR: got stuck\n"); 1284 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) { 1285 fprintf(stderr, "This can happen for SSL2 because " 1286 "CLIENT-FINISHED and SERVER-VERIFY are written \n" 1287 "concurrently ..."); 1288 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 && 1289 strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) { 1290 fprintf(stderr, " ok.\n"); 1291 goto end; 1292 } 1293 } 1294 fprintf(stderr, " ERROR.\n"); 1295 goto err; 1296 } 1297 prev_progress = progress; 1298 } 1299 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1300 1301 if (verbose) 1302 print_details(c_ssl, "DONE via BIO pair: "); 1303 1304 if (verify_npn(c_ssl, s_ssl) < 0) { 1305 ret = 1; 1306 goto err; 1307 } 1308 if (verify_alpn(c_ssl, s_ssl) < 0) { 1309 ret = 1; 1310 goto err; 1311 } 1312 1313 end: 1314 ret = 0; 1315 1316 err: 1317 ERR_print_errors(bio_err); 1318 1319 BIO_free(server); 1320 BIO_free(server_io); 1321 BIO_free(client); 1322 BIO_free(client_io); 1323 BIO_free(s_ssl_bio); 1324 BIO_free(c_ssl_bio); 1325 1326 return ret; 1327 } 1328 1329 1330 #define W_READ 1 1331 #define W_WRITE 2 1332 #define C_DONE 1 1333 #define S_DONE 2 1334 1335 int 1336 doit(SSL *s_ssl, SSL *c_ssl, long count) 1337 { 1338 char cbuf[1024*8], sbuf[1024*8]; 1339 long cw_num = count, cr_num = count; 1340 long sw_num = count, sr_num = count; 1341 int ret = 1; 1342 BIO *c_to_s = NULL; 1343 BIO *s_to_c = NULL; 1344 BIO *c_bio = NULL; 1345 BIO *s_bio = NULL; 1346 int c_r, c_w, s_r, s_w; 1347 int i, j; 1348 int done = 0; 1349 int c_write, s_write; 1350 int do_server = 0, do_client = 0; 1351 1352 memset(cbuf, 0, sizeof(cbuf)); 1353 memset(sbuf, 0, sizeof(sbuf)); 1354 1355 c_to_s = BIO_new(BIO_s_mem()); 1356 s_to_c = BIO_new(BIO_s_mem()); 1357 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1358 ERR_print_errors(bio_err); 1359 goto err; 1360 } 1361 1362 c_bio = BIO_new(BIO_f_ssl()); 1363 s_bio = BIO_new(BIO_f_ssl()); 1364 if ((c_bio == NULL) || (s_bio == NULL)) { 1365 ERR_print_errors(bio_err); 1366 goto err; 1367 } 1368 1369 SSL_set_connect_state(c_ssl); 1370 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1371 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1372 1373 SSL_set_accept_state(s_ssl); 1374 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1375 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1376 1377 c_r = 0; 1378 s_r = 1; 1379 c_w = 1; 1380 s_w = 0; 1381 c_write = 1, s_write = 0; 1382 1383 /* We can always do writes */ 1384 for (;;) { 1385 do_server = 0; 1386 do_client = 0; 1387 1388 i = (int)BIO_pending(s_bio); 1389 if ((i && s_r) || s_w) 1390 do_server = 1; 1391 1392 i = (int)BIO_pending(c_bio); 1393 if ((i && c_r) || c_w) 1394 do_client = 1; 1395 1396 if (do_server && debug) { 1397 if (SSL_in_init(s_ssl)) 1398 printf("server waiting in SSL_accept - %s\n", 1399 SSL_state_string_long(s_ssl)); 1400 /* else if (s_write) 1401 printf("server:SSL_write()\n"); 1402 else 1403 printf("server:SSL_read()\n"); */ 1404 } 1405 1406 if (do_client && debug) { 1407 if (SSL_in_init(c_ssl)) 1408 printf("client waiting in SSL_connect - %s\n", 1409 SSL_state_string_long(c_ssl)); 1410 /* else if (c_write) 1411 printf("client:SSL_write()\n"); 1412 else 1413 printf("client:SSL_read()\n"); */ 1414 } 1415 1416 if (!do_client && !do_server) { 1417 fprintf(stdout, "ERROR IN STARTUP\n"); 1418 ERR_print_errors(bio_err); 1419 break; 1420 } 1421 if (do_client && !(done & C_DONE)) { 1422 if (c_write) { 1423 j = (cw_num > (long)sizeof(cbuf)) ? 1424 (int)sizeof(cbuf) : (int)cw_num; 1425 i = BIO_write(c_bio, cbuf, j); 1426 if (i < 0) { 1427 c_r = 0; 1428 c_w = 0; 1429 if (BIO_should_retry(c_bio)) { 1430 if (BIO_should_read(c_bio)) 1431 c_r = 1; 1432 if (BIO_should_write(c_bio)) 1433 c_w = 1; 1434 } else { 1435 fprintf(stderr, "ERROR in CLIENT\n"); 1436 ERR_print_errors(bio_err); 1437 goto err; 1438 } 1439 } else if (i == 0) { 1440 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1441 goto err; 1442 } else { 1443 if (debug) 1444 printf("client wrote %d\n", i); 1445 /* ok */ 1446 s_r = 1; 1447 c_write = 0; 1448 cw_num -= i; 1449 } 1450 } else { 1451 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1452 if (i < 0) { 1453 c_r = 0; 1454 c_w = 0; 1455 if (BIO_should_retry(c_bio)) { 1456 if (BIO_should_read(c_bio)) 1457 c_r = 1; 1458 if (BIO_should_write(c_bio)) 1459 c_w = 1; 1460 } else { 1461 fprintf(stderr, "ERROR in CLIENT\n"); 1462 ERR_print_errors(bio_err); 1463 goto err; 1464 } 1465 } else if (i == 0) { 1466 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1467 goto err; 1468 } else { 1469 if (debug) 1470 printf("client read %d\n", i); 1471 cr_num -= i; 1472 if (sw_num > 0) { 1473 s_write = 1; 1474 s_w = 1; 1475 } 1476 if (cr_num <= 0) { 1477 s_write = 1; 1478 s_w = 1; 1479 done = S_DONE|C_DONE; 1480 } 1481 } 1482 } 1483 } 1484 1485 if (do_server && !(done & S_DONE)) { 1486 if (!s_write) { 1487 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1488 if (i < 0) { 1489 s_r = 0; 1490 s_w = 0; 1491 if (BIO_should_retry(s_bio)) { 1492 if (BIO_should_read(s_bio)) 1493 s_r = 1; 1494 if (BIO_should_write(s_bio)) 1495 s_w = 1; 1496 } else { 1497 fprintf(stderr, "ERROR in SERVER\n"); 1498 ERR_print_errors(bio_err); 1499 goto err; 1500 } 1501 } else if (i == 0) { 1502 ERR_print_errors(bio_err); 1503 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); 1504 goto err; 1505 } else { 1506 if (debug) 1507 printf("server read %d\n", i); 1508 sr_num -= i; 1509 if (cw_num > 0) { 1510 c_write = 1; 1511 c_w = 1; 1512 } 1513 if (sr_num <= 0) { 1514 s_write = 1; 1515 s_w = 1; 1516 c_write = 0; 1517 } 1518 } 1519 } else { 1520 j = (sw_num > (long)sizeof(sbuf)) ? 1521 (int)sizeof(sbuf) : (int)sw_num; 1522 i = BIO_write(s_bio, sbuf, j); 1523 if (i < 0) { 1524 s_r = 0; 1525 s_w = 0; 1526 if (BIO_should_retry(s_bio)) { 1527 if (BIO_should_read(s_bio)) 1528 s_r = 1; 1529 if (BIO_should_write(s_bio)) 1530 s_w = 1; 1531 } else { 1532 fprintf(stderr, "ERROR in SERVER\n"); 1533 ERR_print_errors(bio_err); 1534 goto err; 1535 } 1536 } else if (i == 0) { 1537 ERR_print_errors(bio_err); 1538 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); 1539 goto err; 1540 } else { 1541 if (debug) 1542 printf("server wrote %d\n", i); 1543 sw_num -= i; 1544 s_write = 0; 1545 c_r = 1; 1546 if (sw_num <= 0) 1547 done |= S_DONE; 1548 } 1549 } 1550 } 1551 1552 if ((done & S_DONE) && (done & C_DONE)) 1553 break; 1554 } 1555 1556 if (verbose) 1557 print_details(c_ssl, "DONE: "); 1558 1559 if (verify_npn(c_ssl, s_ssl) < 0) { 1560 ret = 1; 1561 goto err; 1562 } 1563 if (verify_alpn(c_ssl, s_ssl) < 0) { 1564 ret = 1; 1565 goto err; 1566 } 1567 1568 ret = 0; 1569 err: 1570 /* We have to set the BIO's to NULL otherwise they will be 1571 * free()ed twice. Once when th s_ssl is SSL_free()ed and 1572 * again when c_ssl is SSL_free()ed. 1573 * This is a hack required because s_ssl and c_ssl are sharing the same 1574 * BIO structure and SSL_set_bio() and SSL_free() automatically 1575 * BIO_free non NULL entries. 1576 * You should not normally do this or be required to do this */ 1577 if (s_ssl != NULL) { 1578 s_ssl->rbio = NULL; 1579 s_ssl->wbio = NULL; 1580 } 1581 if (c_ssl != NULL) { 1582 c_ssl->rbio = NULL; 1583 c_ssl->wbio = NULL; 1584 } 1585 1586 BIO_free(c_to_s); 1587 BIO_free(s_to_c); 1588 BIO_free_all(c_bio); 1589 BIO_free_all(s_bio); 1590 1591 return (ret); 1592 } 1593 1594 static int 1595 get_proxy_auth_ex_data_idx(void) 1596 { 1597 static volatile int idx = -1; 1598 if (idx < 0) { 1599 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1600 if (idx < 0) { 1601 idx = X509_STORE_CTX_get_ex_new_index(0, 1602 "SSLtest for verify callback", NULL, NULL, NULL); 1603 } 1604 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1605 } 1606 return idx; 1607 } 1608 1609 static int 1610 verify_callback(int ok, X509_STORE_CTX *ctx) 1611 { 1612 char *s, buf[256]; 1613 1614 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 1615 sizeof buf); 1616 if (s != NULL) { 1617 if (ok) 1618 fprintf(stderr, "depth=%d %s\n", 1619 ctx->error_depth, buf); 1620 else { 1621 fprintf(stderr, "depth=%d error=%d %s\n", 1622 ctx->error_depth, ctx->error, buf); 1623 } 1624 } 1625 1626 if (ok == 0) { 1627 fprintf(stderr, "Error string: %s\n", 1628 X509_verify_cert_error_string(ctx->error)); 1629 switch (ctx->error) { 1630 case X509_V_ERR_CERT_NOT_YET_VALID: 1631 case X509_V_ERR_CERT_HAS_EXPIRED: 1632 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1633 fprintf(stderr, " ... ignored.\n"); 1634 ok = 1; 1635 } 1636 } 1637 1638 if (ok == 1) { 1639 X509 *xs = ctx->current_cert; 1640 #if 0 1641 X509 *xi = ctx->current_issuer; 1642 #endif 1643 1644 if (xs->ex_flags & EXFLAG_PROXY) { 1645 unsigned int *letters = 1646 X509_STORE_CTX_get_ex_data(ctx, 1647 get_proxy_auth_ex_data_idx()); 1648 1649 if (letters) { 1650 int found_any = 0; 1651 int i; 1652 PROXY_CERT_INFO_EXTENSION *pci = 1653 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1654 NULL, NULL); 1655 1656 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1657 case NID_Independent: 1658 /* Completely meaningless in this 1659 program, as there's no way to 1660 grant explicit rights to a 1661 specific PrC. Basically, using 1662 id-ppl-Independent is the perfect 1663 way to grant no rights at all. */ 1664 fprintf(stderr, " Independent proxy certificate"); 1665 for (i = 0; i < 26; i++) 1666 letters[i] = 0; 1667 break; 1668 case NID_id_ppl_inheritAll: 1669 /* This is basically a NOP, we 1670 simply let the current rights 1671 stand as they are. */ 1672 fprintf(stderr, " Proxy certificate inherits all"); 1673 break; 1674 default: 1675 s = (char *) 1676 pci->proxyPolicy->policy->data; 1677 i = pci->proxyPolicy->policy->length; 1678 1679 /* The algorithm works as follows: 1680 it is assumed that previous 1681 iterations or the initial granted 1682 rights has already set some elements 1683 of `letters'. What we need to do is 1684 to clear those that weren't granted 1685 by the current PrC as well. The 1686 easiest way to do this is to add 1 1687 to all the elements whose letters 1688 are given with the current policy. 1689 That way, all elements that are set 1690 by the current policy and were 1691 already set by earlier policies and 1692 through the original grant of rights 1693 will get the value 2 or higher. 1694 The last thing to do is to sweep 1695 through `letters' and keep the 1696 elements having the value 2 as set, 1697 and clear all the others. */ 1698 1699 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); 1700 while (i-- > 0) { 1701 int c = *s++; 1702 if (isascii(c) && isalpha(c)) { 1703 if (islower(c)) 1704 c = toupper(c); 1705 letters[c - 'A']++; 1706 } 1707 } 1708 for (i = 0; i < 26; i++) 1709 if (letters[i] < 2) 1710 letters[i] = 0; 1711 else 1712 letters[i] = 1; 1713 } 1714 1715 found_any = 0; 1716 fprintf(stderr, ", resulting proxy rights = "); 1717 for (i = 0; i < 26; i++) 1718 if (letters[i]) { 1719 fprintf(stderr, "%c", i + 'A'); 1720 found_any = 1; 1721 } 1722 if (!found_any) 1723 fprintf(stderr, "none"); 1724 fprintf(stderr, "\n"); 1725 1726 PROXY_CERT_INFO_EXTENSION_free(pci); 1727 } 1728 } 1729 } 1730 1731 return (ok); 1732 } 1733 1734 static void 1735 process_proxy_debug(int indent, const char *format, ...) 1736 { 1737 static const char indentation[] = 1738 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1739 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ 1740 char my_format[256]; 1741 va_list args; 1742 1743 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", 1744 indent, indent, indentation, format); 1745 1746 va_start(args, format); 1747 vfprintf(stderr, my_format, args); 1748 va_end(args); 1749 } 1750 /* Priority levels: 1751 0 [!]var, () 1752 1 & ^ 1753 2 | 1754 */ 1755 static int process_proxy_cond_adders(unsigned int letters[26], 1756 const char *cond, const char **cond_end, int *pos, int indent); 1757 1758 static int 1759 process_proxy_cond_val(unsigned int letters[26], const char *cond, 1760 const char **cond_end, int *pos, int indent) 1761 { 1762 int c; 1763 int ok = 1; 1764 int negate = 0; 1765 1766 while (isspace((int)*cond)) { 1767 cond++; 1768 (*pos)++; 1769 } 1770 c = *cond; 1771 1772 if (debug) 1773 process_proxy_debug(indent, 1774 "Start process_proxy_cond_val at position %d: %s\n", 1775 *pos, cond); 1776 1777 while (c == '!') { 1778 negate = !negate; 1779 cond++; 1780 (*pos)++; 1781 while (isspace((int)*cond)) { 1782 cond++; 1783 (*pos)++; 1784 } 1785 c = *cond; 1786 } 1787 1788 if (c == '(') { 1789 cond++; 1790 (*pos)++; 1791 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1792 indent + 1); 1793 cond = *cond_end; 1794 if (ok < 0) 1795 goto end; 1796 while (isspace((int)*cond)) { 1797 cond++; 1798 (*pos)++; 1799 } 1800 c = *cond; 1801 if (c != ')') { 1802 fprintf(stderr, 1803 "Weird condition character in position %d: " 1804 "%c\n", *pos, c); 1805 ok = -1; 1806 goto end; 1807 } 1808 cond++; 1809 (*pos)++; 1810 } else if (isascii(c) && isalpha(c)) { 1811 if (islower(c)) 1812 c = toupper(c); 1813 ok = letters[c - 'A']; 1814 cond++; 1815 (*pos)++; 1816 } else { 1817 fprintf(stderr, 1818 "Weird condition character in position %d: " 1819 "%c\n", *pos, c); 1820 ok = -1; 1821 goto end; 1822 } 1823 end: 1824 *cond_end = cond; 1825 if (ok >= 0 && negate) 1826 ok = !ok; 1827 1828 if (debug) 1829 process_proxy_debug(indent, 1830 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1831 *pos, cond, ok); 1832 1833 return ok; 1834 } 1835 1836 static int 1837 process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, 1838 const char **cond_end, int *pos, int indent) 1839 { 1840 int ok; 1841 char c; 1842 1843 if (debug) 1844 process_proxy_debug(indent, 1845 "Start process_proxy_cond_multipliers at position %d: %s\n", 1846 *pos, cond); 1847 1848 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 1849 cond = *cond_end; 1850 if (ok < 0) 1851 goto end; 1852 1853 while (ok >= 0) { 1854 while (isspace((int)*cond)) { 1855 cond++; 1856 (*pos)++; 1857 } 1858 c = *cond; 1859 1860 switch (c) { 1861 case '&': 1862 case '^': 1863 { 1864 int save_ok = ok; 1865 1866 cond++; 1867 (*pos)++; 1868 ok = process_proxy_cond_val(letters, 1869 cond, cond_end, pos, indent + 1); 1870 cond = *cond_end; 1871 if (ok < 0) 1872 break; 1873 1874 switch (c) { 1875 case '&': 1876 ok &= save_ok; 1877 break; 1878 case '^': 1879 ok ^= save_ok; 1880 break; 1881 default: 1882 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1883 " STOPPING\n"); 1884 exit(1); 1885 } 1886 } 1887 break; 1888 default: 1889 goto end; 1890 } 1891 } 1892 end: 1893 if (debug) 1894 process_proxy_debug(indent, 1895 "End process_proxy_cond_multipliers at position %d: %s, " 1896 "returning %d\n", 1897 *pos, cond, ok); 1898 1899 *cond_end = cond; 1900 return ok; 1901 } 1902 1903 static int 1904 process_proxy_cond_adders(unsigned int letters[26], const char *cond, 1905 const char **cond_end, int *pos, int indent) 1906 { 1907 int ok; 1908 char c; 1909 1910 if (debug) 1911 process_proxy_debug(indent, 1912 "Start process_proxy_cond_adders at position %d: %s\n", 1913 *pos, cond); 1914 1915 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 1916 indent + 1); 1917 cond = *cond_end; 1918 if (ok < 0) 1919 goto end; 1920 1921 while (ok >= 0) { 1922 while (isspace((int)*cond)) { 1923 cond++; 1924 (*pos)++; 1925 } 1926 c = *cond; 1927 1928 switch (c) { 1929 case '|': 1930 { 1931 int save_ok = ok; 1932 1933 cond++; 1934 (*pos)++; 1935 ok = process_proxy_cond_multipliers(letters, 1936 cond, cond_end, pos, indent + 1); 1937 cond = *cond_end; 1938 if (ok < 0) 1939 break; 1940 1941 switch (c) { 1942 case '|': 1943 ok |= save_ok; 1944 break; 1945 default: 1946 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1947 " STOPPING\n"); 1948 exit(1); 1949 } 1950 } 1951 break; 1952 default: 1953 goto end; 1954 } 1955 } 1956 end: 1957 if (debug) 1958 process_proxy_debug(indent, 1959 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 1960 *pos, cond, ok); 1961 1962 *cond_end = cond; 1963 return ok; 1964 } 1965 1966 static int 1967 process_proxy_cond(unsigned int letters[26], const char *cond, 1968 const char **cond_end) 1969 { 1970 int pos = 1; 1971 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 1972 } 1973 1974 static int 1975 app_verify_callback(X509_STORE_CTX *ctx, void *arg) 1976 { 1977 int ok = 1; 1978 struct app_verify_arg *cb_arg = arg; 1979 unsigned int letters[26]; /* only used with proxy_auth */ 1980 1981 if (cb_arg->app_verify) { 1982 char *s = NULL, buf[256]; 1983 1984 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1985 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1986 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 1987 (void *)ctx, (void *)ctx->cert); 1988 if (ctx->cert) 1989 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 1990 if (s != NULL) { 1991 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 1992 } 1993 return (1); 1994 } 1995 if (cb_arg->proxy_auth) { 1996 int found_any = 0, i; 1997 char *sp; 1998 1999 for (i = 0; i < 26; i++) 2000 letters[i] = 0; 2001 for (sp = cb_arg->proxy_auth; *sp; sp++) { 2002 int c = *sp; 2003 if (isascii(c) && isalpha(c)) { 2004 if (islower(c)) 2005 c = toupper(c); 2006 letters[c - 'A'] = 1; 2007 } 2008 } 2009 2010 fprintf(stderr, " Initial proxy rights = "); 2011 for (i = 0; i < 26; i++) 2012 if (letters[i]) { 2013 fprintf(stderr, "%c", i + 'A'); 2014 found_any = 1; 2015 } 2016 if (!found_any) 2017 fprintf(stderr, "none"); 2018 fprintf(stderr, "\n"); 2019 2020 X509_STORE_CTX_set_ex_data(ctx, 2021 get_proxy_auth_ex_data_idx(), letters); 2022 } 2023 if (cb_arg->allow_proxy_certs) { 2024 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 2025 } 2026 2027 ok = X509_verify_cert(ctx); 2028 2029 if (cb_arg->proxy_auth) { 2030 if (ok > 0) { 2031 const char *cond_end = NULL; 2032 2033 ok = process_proxy_cond(letters, 2034 cb_arg->proxy_cond, &cond_end); 2035 2036 if (ok < 0) 2037 exit(3); 2038 if (*cond_end) { 2039 fprintf(stderr, "Stopped processing condition before it's end.\n"); 2040 ok = 0; 2041 } 2042 if (!ok) 2043 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", 2044 cb_arg->proxy_cond); 2045 else 2046 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", 2047 cb_arg->proxy_cond); 2048 } 2049 } 2050 return (ok); 2051 } 2052 2053 static RSA *rsa_tmp = NULL; 2054 2055 static RSA * 2056 tmp_rsa_cb(SSL *s, int is_export, int keylength) 2057 { 2058 BIGNUM *bn = NULL; 2059 if (rsa_tmp == NULL) { 2060 bn = BN_new(); 2061 rsa_tmp = RSA_new(); 2062 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { 2063 BIO_printf(bio_err, "Memory error..."); 2064 goto end; 2065 } 2066 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); 2067 (void)BIO_flush(bio_err); 2068 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 2069 BIO_printf(bio_err, "Error generating key."); 2070 RSA_free(rsa_tmp); 2071 rsa_tmp = NULL; 2072 } 2073 end: 2074 BIO_printf(bio_err, "\n"); 2075 (void)BIO_flush(bio_err); 2076 } 2077 if (bn) 2078 BN_free(bn); 2079 return (rsa_tmp); 2080 } 2081 2082 static void 2083 free_tmp_rsa(void) 2084 { 2085 if (rsa_tmp != NULL) { 2086 RSA_free(rsa_tmp); 2087 rsa_tmp = NULL; 2088 } 2089 } 2090 2091 /* These DH parameters have been generated as follows: 2092 * $ openssl dhparam -C -noout 512 2093 * $ openssl dhparam -C -noout 1024 2094 * $ openssl dhparam -C -noout -dsaparam 1024 2095 * (The third function has been renamed to avoid name conflicts.) 2096 */ 2097 static DH * 2098 get_dh512() 2099 { 2100 static unsigned char dh512_p[] = { 2101 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 0xC6, 2102 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 0xB0, 2103 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 0x5F, 2104 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 0xB8, 2105 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 0x33, 2106 0x02, 0xC5, 0xAE, 0x23, 2107 }; 2108 static unsigned char dh512_g[] = { 2109 0x02, 2110 }; 2111 DH *dh; 2112 2113 if ((dh = DH_new()) == NULL) 2114 return (NULL); 2115 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 2116 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 2117 if ((dh->p == NULL) || (dh->g == NULL)) { 2118 DH_free(dh); 2119 return (NULL); 2120 } 2121 return (dh); 2122 } 2123 2124 static DH * 2125 get_dh1024() 2126 { 2127 static unsigned char dh1024_p[] = { 2128 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, 2129 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, 2130 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, 2131 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, 2132 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, 2133 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, 2134 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, 2135 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, 2136 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, 2137 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, 2138 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 2139 }; 2140 static unsigned char dh1024_g[] = { 2141 0x02, 2142 }; 2143 DH *dh; 2144 2145 if ((dh = DH_new()) == NULL) 2146 return (NULL); 2147 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2148 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2149 if ((dh->p == NULL) || (dh->g == NULL)) { 2150 DH_free(dh); 2151 return (NULL); 2152 } 2153 return (dh); 2154 } 2155 2156 static DH * 2157 get_dh1024dsa() 2158 { 2159 static unsigned char dh1024_p[] = { 2160 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, 2161 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, 2162 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, 2163 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, 2164 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, 2165 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, 2166 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, 2167 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, 2168 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, 2169 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, 2170 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 2171 }; 2172 static unsigned char dh1024_g[] = { 2173 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, 2174 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, 2175 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, 2176 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, 2177 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, 2178 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, 2179 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, 2180 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, 2181 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, 2182 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, 2183 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 2184 }; 2185 DH *dh; 2186 2187 if ((dh = DH_new()) == NULL) 2188 return (NULL); 2189 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2190 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2191 if ((dh->p == NULL) || (dh->g == NULL)) { 2192 DH_free(dh); 2193 return (NULL); 2194 } 2195 dh->length = 160; 2196 return (dh); 2197 } 2198 2199 static int 2200 do_test_cipherlist(void) 2201 { 2202 int i = 0; 2203 const SSL_METHOD *meth; 2204 const SSL_CIPHER *ci, *tci = NULL; 2205 2206 fprintf(stderr, "testing SSLv3 cipher list order: "); 2207 meth = SSLv3_method(); 2208 tci = NULL; 2209 while ((ci = meth->get_cipher(i++)) != NULL) { 2210 if (tci != NULL) { 2211 if (ci->id >= tci->id) { 2212 fprintf(stderr, 2213 "failed %lx vs. %lx\n", ci->id, tci->id); 2214 return 0; 2215 } 2216 } 2217 tci = ci; 2218 } 2219 fprintf(stderr, "ok\n"); 2220 fprintf(stderr, "testing TLSv1 cipher list order: "); 2221 meth = TLSv1_method(); 2222 tci = NULL; 2223 while ((ci = meth->get_cipher(i++)) != NULL) { 2224 if (tci != NULL) { 2225 if (ci->id >= tci->id) { 2226 fprintf(stderr, 2227 "failed %lx vs. %lx\n", ci->id, tci->id); 2228 return 0; 2229 } 2230 } 2231 tci = ci; 2232 } 2233 fprintf(stderr, "ok\n"); 2234 2235 return 1; 2236 } 2237