1 /* ssl/ssltest.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly 144 on Linux and GNU platforms. */ 145 #include <sys/types.h> 146 #include <sys/param.h> 147 #include <sys/socket.h> 148 149 #include <netinet/in.h> 150 151 #include <assert.h> 152 #include <errno.h> 153 #include <limits.h> 154 #include <netdb.h> 155 #include <stdio.h> 156 #include <stdlib.h> 157 #include <string.h> 158 #include <time.h> 159 #include <unistd.h> 160 161 #include <ctype.h> 162 163 #include <openssl/opensslconf.h> 164 #include <openssl/e_os2.h> 165 #include <openssl/bio.h> 166 #include <openssl/crypto.h> 167 #include <openssl/evp.h> 168 #include <openssl/x509.h> 169 #include <openssl/x509v3.h> 170 #include <openssl/ssl.h> 171 #ifndef OPENSSL_NO_ENGINE 172 #include <openssl/engine.h> 173 #endif 174 #include <openssl/err.h> 175 #include <openssl/rand.h> 176 #include <openssl/rsa.h> 177 #include <openssl/dsa.h> 178 #include <openssl/dh.h> 179 #include <openssl/bn.h> 180 181 #define TEST_SERVER_CERT "../apps/server.pem" 182 #define TEST_CLIENT_CERT "../apps/client.pem" 183 184 static int verify_callback(int ok, X509_STORE_CTX *ctx); 185 static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); 186 static void free_tmp_rsa(void); 187 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 188 #define APP_CALLBACK_STRING "Test Callback Argument" 189 struct app_verify_arg { 190 char *string; 191 int app_verify; 192 int allow_proxy_certs; 193 char *proxy_auth; 194 char *proxy_cond; 195 }; 196 197 static DH *get_dh512(void); 198 static DH *get_dh1024(void); 199 static DH *get_dh1024dsa(void); 200 201 static BIO *bio_err = NULL; 202 static BIO *bio_stdout = NULL; 203 204 #ifndef OPENSSL_NO_NEXTPROTONEG 205 /* Note that this code assumes that this is only a one element list: */ 206 static const char NEXT_PROTO_STRING[] = "\x09testproto"; 207 int npn_client = 0; 208 int npn_server = 0; 209 int npn_server_reject = 0; 210 211 static int 212 cb_client_npn(SSL *s, unsigned char **out, unsigned char *outlen, 213 const unsigned char *in, unsigned int inlen, void *arg) 214 { 215 /* 216 * This callback only returns the protocol string, rather than a length 217 * prefixed set. We assume that NEXT_PROTO_STRING is a one element list 218 * and remove the first byte to chop off the length prefix. 219 */ 220 *out = (unsigned char *)NEXT_PROTO_STRING + 1; 221 *outlen = sizeof(NEXT_PROTO_STRING) - 2; 222 return (SSL_TLSEXT_ERR_OK); 223 } 224 225 static int 226 cb_server_npn(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 227 { 228 *data = (const unsigned char *)NEXT_PROTO_STRING; 229 *len = sizeof(NEXT_PROTO_STRING) - 1; 230 return (SSL_TLSEXT_ERR_OK); 231 } 232 233 static int 234 cb_server_rejects_npn(SSL *s, const unsigned char **data, unsigned int *len, 235 void *arg) 236 { 237 return (SSL_TLSEXT_ERR_NOACK); 238 } 239 240 static int 241 verify_npn(SSL *client, SSL *server) 242 { 243 const unsigned char *client_s; 244 unsigned int client_len; 245 const unsigned char *server_s; 246 unsigned int server_len; 247 248 SSL_get0_next_proto_negotiated(client, &client_s, &client_len); 249 SSL_get0_next_proto_negotiated(server, &server_s, &server_len); 250 251 if (client_len) { 252 BIO_printf(bio_stdout, "Client NPN: "); 253 BIO_write(bio_stdout, client_s, client_len); 254 BIO_printf(bio_stdout, "\n"); 255 } 256 257 if (server_len) { 258 BIO_printf(bio_stdout, "Server NPN: "); 259 BIO_write(bio_stdout, server_s, server_len); 260 BIO_printf(bio_stdout, "\n"); 261 } 262 263 /* 264 * If an NPN string was returned, it must be the protocol that we 265 * expected to negotiate. 266 */ 267 if (client_len && (client_len != sizeof(NEXT_PROTO_STRING) - 2 || 268 memcmp(client_s, NEXT_PROTO_STRING + 1, client_len))) 269 return (-1); 270 if (server_len && (server_len != sizeof(NEXT_PROTO_STRING) - 2 || 271 memcmp(server_s, NEXT_PROTO_STRING + 1, server_len))) 272 return (-1); 273 274 if (!npn_client && client_len) 275 return (-1); 276 if (!npn_server && server_len) 277 return (-1); 278 if (npn_server_reject && server_len) 279 return (-1); 280 if (npn_client && npn_server && (!client_len || !server_len)) 281 return (-1); 282 283 return (0); 284 } 285 #endif 286 287 static char *cipher = NULL; 288 static int verbose = 0; 289 static int debug = 0; 290 291 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 292 clock_t *c_time); 293 int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 294 static int do_test_cipherlist(void); 295 296 static void 297 sv_usage(void) 298 { 299 fprintf(stderr, "usage: ssltest [args ...]\n"); 300 fprintf(stderr, "\n"); 301 fprintf(stderr, " -server_auth - check server certificate\n"); 302 fprintf(stderr, " -client_auth - do client authentication\n"); 303 fprintf(stderr, " -proxy - allow proxy certificates\n"); 304 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 305 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n"); 306 fprintf(stderr, " -v - more output\n"); 307 fprintf(stderr, " -d - debug output\n"); 308 fprintf(stderr, " -reuse - use session-id reuse\n"); 309 fprintf(stderr, " -num <val> - number of connections to perform\n"); 310 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n"); 311 fprintf(stderr, " -dhe1024 - use 1024 bit key (safe prime) for DHE\n"); 312 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 313 fprintf(stderr, " -no_dhe - disable DHE\n"); 314 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 315 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 316 fprintf(stderr, " -ssl3 - use SSLv3\n"); 317 fprintf(stderr, " -tls1 - use TLSv1\n"); 318 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 319 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 320 fprintf(stderr, " -cert arg - Server certificate file\n"); 321 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); 322 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 323 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); 324 fprintf(stderr, " -cipher arg - The cipher list\n"); 325 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 326 fprintf(stderr, " -f - Test even cases that can't work\n"); 327 fprintf(stderr, " -time - measure processor time used by client and server\n"); 328 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 329 " Use \"openssl ecparam -list_curves\" for all names\n" \ 330 " (default is sect163r2).\n"); 331 fprintf(stderr, " -test_cipherlist - verifies the order of the ssl cipher lists\n"); 332 #ifndef OPENSSL_NO_NEXTPROTONEG 333 fprintf(stderr, " -npn_client - have client side offer NPN\n"); 334 fprintf(stderr, " -npn_server - have server side offer NPN\n"); 335 fprintf(stderr, " -npn_server_reject - have server reject NPN\n"); 336 #endif 337 } 338 339 static void 340 print_details(SSL *c_ssl, const char *prefix) 341 { 342 const SSL_CIPHER *ciph; 343 X509 *cert; 344 345 ciph = SSL_get_current_cipher(c_ssl); 346 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 347 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), 348 SSL_CIPHER_get_name(ciph)); 349 cert = SSL_get_peer_certificate(c_ssl); 350 if (cert != NULL) { 351 EVP_PKEY *pkey = X509_get_pubkey(cert); 352 if (pkey != NULL) { 353 if (pkey->type == EVP_PKEY_RSA && 354 pkey->pkey.rsa != NULL && 355 pkey->pkey.rsa->n != NULL) { 356 BIO_printf(bio_stdout, ", %d bit RSA", 357 BN_num_bits(pkey->pkey.rsa->n)); 358 } else if (pkey->type == EVP_PKEY_DSA && 359 pkey->pkey.dsa != NULL && 360 pkey->pkey.dsa->p != NULL) { 361 BIO_printf(bio_stdout, ", %d bit DSA", 362 BN_num_bits(pkey->pkey.dsa->p)); 363 } 364 EVP_PKEY_free(pkey); 365 } 366 X509_free(cert); 367 } 368 /* The SSL API does not allow us to look at temporary RSA/DH keys, 369 * otherwise we should print their lengths too */ 370 BIO_printf(bio_stdout, "\n"); 371 } 372 373 static void 374 lock_dbg_cb(int mode, int type, const char *file, int line) 375 { 376 static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */ 377 const char *errstr = NULL; 378 int rw; 379 380 rw = mode & (CRYPTO_READ|CRYPTO_WRITE); 381 if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) { 382 errstr = "invalid mode"; 383 goto err; 384 } 385 386 if (type < 0 || type >= CRYPTO_NUM_LOCKS) { 387 errstr = "type out of bounds"; 388 goto err; 389 } 390 391 if (mode & CRYPTO_LOCK) { 392 if (modes[type]) { 393 errstr = "already locked"; 394 /* must not happen in a single-threaded program 395 * (would deadlock) */ 396 goto err; 397 } 398 399 modes[type] = rw; 400 } else if (mode & CRYPTO_UNLOCK) { 401 if (!modes[type]) { 402 errstr = "not locked"; 403 goto err; 404 } 405 406 if (modes[type] != rw) { 407 errstr = (rw == CRYPTO_READ) ? 408 "CRYPTO_r_unlock on write lock" : 409 "CRYPTO_w_unlock on read lock"; 410 } 411 412 modes[type] = 0; 413 } else { 414 errstr = "invalid mode"; 415 goto err; 416 } 417 418 err: 419 if (errstr) { 420 /* we cannot use bio_err here */ 421 fprintf(stderr, 422 "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n", 423 errstr, mode, type, file, line); 424 } 425 } 426 427 int 428 main(int argc, char *argv[]) 429 { 430 char *CApath = NULL, *CAfile = NULL; 431 int badop = 0; 432 int bio_pair = 0; 433 int force = 0; 434 int tls1 = 0, ssl2 = 0, ssl3 = 0, dtls1 = 0, ret = 1; 435 int client_auth = 0; 436 int server_auth = 0, i; 437 struct app_verify_arg app_verify_arg = 438 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 439 char *server_cert = TEST_SERVER_CERT; 440 char *server_key = NULL; 441 char *client_cert = TEST_CLIENT_CERT; 442 char *client_key = NULL; 443 char *named_curve = NULL; 444 SSL_CTX *s_ctx = NULL; 445 SSL_CTX *c_ctx = NULL; 446 const SSL_METHOD *meth = NULL; 447 SSL *c_ssl, *s_ssl; 448 int number = 1, reuse = 0; 449 long bytes = 256L; 450 DH *dh; 451 int dhe1024 = 0, dhe1024dsa = 0; 452 EC_KEY *ecdh = NULL; 453 int no_dhe = 0; 454 int no_ecdhe = 0; 455 int print_time = 0; 456 clock_t s_time = 0, c_time = 0; 457 int test_cipherlist = 0; 458 459 verbose = 0; 460 debug = 0; 461 cipher = 0; 462 463 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); 464 465 CRYPTO_set_locking_callback(lock_dbg_cb); 466 467 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); 468 469 argc--; 470 argv++; 471 472 while (argc >= 1) { 473 if (!strcmp(*argv, "-F")) { 474 fprintf(stderr, "not compiled with FIPS support, so exitting without running.\n"); 475 exit(0); 476 } else if (strcmp(*argv, "-server_auth") == 0) 477 server_auth = 1; 478 else if (strcmp(*argv, "-client_auth") == 0) 479 client_auth = 1; 480 else if (strcmp(*argv, "-proxy_auth") == 0) { 481 if (--argc < 1) 482 goto bad; 483 app_verify_arg.proxy_auth= *(++argv); 484 } else if (strcmp(*argv, "-proxy_cond") == 0) { 485 if (--argc < 1) 486 goto bad; 487 app_verify_arg.proxy_cond= *(++argv); 488 } else if (strcmp(*argv, "-v") == 0) 489 verbose = 1; 490 else if (strcmp(*argv, "-d") == 0) 491 debug = 1; 492 else if (strcmp(*argv, "-reuse") == 0) 493 reuse = 1; 494 else if (strcmp(*argv, "-dhe1024") == 0) { 495 dhe1024 = 1; 496 } else if (strcmp(*argv, "-dhe1024dsa") == 0) { 497 dhe1024dsa = 1; 498 } else if (strcmp(*argv, "-no_dhe") == 0) 499 no_dhe = 1; 500 else if (strcmp(*argv, "-no_ecdhe") == 0) 501 no_ecdhe = 1; 502 else if (strcmp(*argv, "-dtls1") == 0) 503 dtls1 = 1; 504 else if (strcmp(*argv, "-ssl2") == 0) 505 ssl2 = 1; 506 else if (strcmp(*argv, "-ssl3") == 0) 507 ssl3 = 1; 508 else if (strcmp(*argv, "-tls1") == 0) 509 tls1 = 1; 510 else if (strncmp(*argv, "-num", 4) == 0) { 511 if (--argc < 1) 512 goto bad; 513 number = atoi(*(++argv)); 514 if (number == 0) 515 number = 1; 516 } else if (strcmp(*argv, "-bytes") == 0) { 517 if (--argc < 1) 518 goto bad; 519 bytes = atol(*(++argv)); 520 if (bytes == 0L) 521 bytes = 1L; 522 i = strlen(argv[0]); 523 if (argv[0][i - 1] == 'k') 524 bytes*=1024L; 525 if (argv[0][i - 1] == 'm') 526 bytes*=1024L*1024L; 527 } else if (strcmp(*argv, "-cert") == 0) { 528 if (--argc < 1) 529 goto bad; 530 server_cert= *(++argv); 531 } else if (strcmp(*argv, "-s_cert") == 0) { 532 if (--argc < 1) 533 goto bad; 534 server_cert= *(++argv); 535 } else if (strcmp(*argv, "-key") == 0) { 536 if (--argc < 1) 537 goto bad; 538 server_key= *(++argv); 539 } else if (strcmp(*argv, "-s_key") == 0) { 540 if (--argc < 1) 541 goto bad; 542 server_key= *(++argv); 543 } else if (strcmp(*argv, "-c_cert") == 0) { 544 if (--argc < 1) 545 goto bad; 546 client_cert= *(++argv); 547 } else if (strcmp(*argv, "-c_key") == 0) { 548 if (--argc < 1) 549 goto bad; 550 client_key= *(++argv); 551 } else if (strcmp(*argv, "-cipher") == 0) { 552 if (--argc < 1) 553 goto bad; 554 cipher= *(++argv); 555 } else if (strcmp(*argv, "-CApath") == 0) { 556 if (--argc < 1) 557 goto bad; 558 CApath= *(++argv); 559 } else if (strcmp(*argv, "-CAfile") == 0) { 560 if (--argc < 1) 561 goto bad; 562 CAfile= *(++argv); 563 } else if (strcmp(*argv, "-bio_pair") == 0) { 564 bio_pair = 1; 565 } else if (strcmp(*argv, "-f") == 0) { 566 force = 1; 567 } else if (strcmp(*argv, "-time") == 0) { 568 print_time = 1; 569 } else if (strcmp(*argv, "-named_curve") == 0) { 570 if (--argc < 1) 571 goto bad; 572 named_curve = *(++argv); 573 } else if (strcmp(*argv, "-app_verify") == 0) { 574 app_verify_arg.app_verify = 1; 575 } else if (strcmp(*argv, "-proxy") == 0) { 576 app_verify_arg.allow_proxy_certs = 1; 577 } else if (strcmp(*argv, "-test_cipherlist") == 0) { 578 test_cipherlist = 1; 579 } 580 #ifndef OPENSSL_NO_NEXTPROTONEG 581 else if (strcmp(*argv, "-npn_client") == 0) { 582 npn_client = 1; 583 } else if (strcmp(*argv, "-npn_server") == 0) { 584 npn_server = 1; 585 } else if (strcmp(*argv, "-npn_server_reject") == 0) { 586 npn_server_reject = 1; 587 } 588 #endif 589 else { 590 fprintf(stderr, "unknown option %s\n", *argv); 591 badop = 1; 592 break; 593 } 594 argc--; 595 argv++; 596 } 597 if (badop) { 598 bad: 599 sv_usage(); 600 goto end; 601 } 602 603 if (test_cipherlist == 1) { 604 /* ensure that the cipher list are correctly sorted and exit */ 605 if (do_test_cipherlist() == 0) 606 exit(1); 607 ret = 0; 608 goto end; 609 } 610 611 if (!dtls1 && !ssl2 && !ssl3 && !tls1 && 612 number > 1 && !reuse && !force) { 613 fprintf(stderr, 614 "This case cannot work. Use -f to perform " 615 "the test anyway (and\n-d to see what happens), " 616 "or add one of -dtls1, -ssl2, -ssl3, -tls1, -reuse\n" 617 "to avoid protocol mismatch.\n"); 618 exit(1); 619 } 620 621 if (print_time) { 622 if (!bio_pair) { 623 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 624 bio_pair = 1; 625 } 626 if (number < 50 && !force) 627 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 628 } 629 630 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 631 632 SSL_library_init(); 633 SSL_load_error_strings(); 634 635 if (dtls1) 636 meth = DTLSv1_method(); 637 else if (tls1) 638 meth = TLSv1_method(); 639 else if (ssl3) 640 meth = SSLv3_method(); 641 else 642 meth = SSLv23_method(); 643 644 c_ctx = SSL_CTX_new(meth); 645 s_ctx = SSL_CTX_new(meth); 646 if ((c_ctx == NULL) || (s_ctx == NULL)) { 647 ERR_print_errors(bio_err); 648 goto end; 649 } 650 651 if (cipher != NULL) { 652 SSL_CTX_set_cipher_list(c_ctx, cipher); 653 SSL_CTX_set_cipher_list(s_ctx, cipher); 654 } 655 656 if (!no_dhe) { 657 if (dhe1024dsa) { 658 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ 659 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 660 dh = get_dh1024dsa(); 661 } else if (dhe1024) 662 dh = get_dh1024(); 663 else 664 dh = get_dh512(); 665 SSL_CTX_set_tmp_dh(s_ctx, dh); 666 DH_free(dh); 667 } 668 669 if (!no_ecdhe) { 670 int nid; 671 672 if (named_curve != NULL) { 673 nid = OBJ_sn2nid(named_curve); 674 if (nid == 0) { 675 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 676 goto end; 677 } 678 } else 679 #ifdef OPENSSL_NO_EC2M 680 nid = NID_X9_62_prime256v1; 681 #else 682 nid = NID_sect163r2; 683 #endif 684 685 ecdh = EC_KEY_new_by_curve_name(nid); 686 if (ecdh == NULL) { 687 BIO_printf(bio_err, "unable to create curve\n"); 688 goto end; 689 } 690 691 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 692 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 693 EC_KEY_free(ecdh); 694 } 695 696 SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); 697 698 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, 699 SSL_FILETYPE_PEM)) { 700 ERR_print_errors(bio_err); 701 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 702 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { 703 ERR_print_errors(bio_err); 704 goto end; 705 } 706 707 if (client_auth) { 708 SSL_CTX_use_certificate_file(c_ctx, client_cert, 709 SSL_FILETYPE_PEM); 710 SSL_CTX_use_PrivateKey_file(c_ctx, 711 (client_key ? client_key : client_cert), 712 SSL_FILETYPE_PEM); 713 } 714 715 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 716 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 717 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 718 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 719 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 720 ERR_print_errors(bio_err); 721 /* goto end; */ 722 } 723 724 if (client_auth) { 725 BIO_printf(bio_err, "client authentication\n"); 726 SSL_CTX_set_verify(s_ctx, 727 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 728 verify_callback); 729 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 730 &app_verify_arg); 731 } 732 if (server_auth) { 733 BIO_printf(bio_err, "server authentication\n"); 734 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, 735 verify_callback); 736 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 737 &app_verify_arg); 738 } 739 740 { 741 int session_id_context = 0; 742 SSL_CTX_set_session_id_context(s_ctx, 743 (void *)&session_id_context, sizeof(session_id_context)); 744 } 745 746 #ifndef OPENSSL_NO_NEXTPROTONEG 747 if (npn_client) 748 SSL_CTX_set_next_proto_select_cb(c_ctx, cb_client_npn, NULL); 749 if (npn_server) { 750 if (npn_server_reject) { 751 BIO_printf(bio_err, "Can't have both -npn_server and " 752 "-npn_server_reject\n"); 753 goto end; 754 } 755 SSL_CTX_set_next_protos_advertised_cb(s_ctx, 756 cb_server_npn, NULL); 757 } 758 if (npn_server_reject) { 759 SSL_CTX_set_next_protos_advertised_cb(s_ctx, 760 cb_server_rejects_npn, NULL); 761 } 762 #endif 763 764 c_ssl = SSL_new(c_ctx); 765 s_ssl = SSL_new(s_ctx); 766 767 for (i = 0; i < number; i++) { 768 if (!reuse) 769 SSL_set_session(c_ssl, NULL); 770 if (bio_pair) 771 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, 772 &c_time); 773 else 774 ret = doit(s_ssl, c_ssl, bytes); 775 } 776 777 if (!verbose) { 778 print_details(c_ssl, ""); 779 } 780 if ((number > 1) || (bytes > 1L)) 781 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", 782 number, bytes); 783 if (print_time) { 784 #ifdef CLOCKS_PER_SEC 785 /* "To determine the time in seconds, the value returned 786 * by the clock function should be divided by the value 787 * of the macro CLOCKS_PER_SEC." 788 * -- ISO/IEC 9899 */ 789 BIO_printf(bio_stdout, 790 "Approximate total server time: %6.2f s\n" 791 "Approximate total client time: %6.2f s\n", 792 (double)s_time/CLOCKS_PER_SEC, 793 (double)c_time/CLOCKS_PER_SEC); 794 #else 795 /* "`CLOCKS_PER_SEC' undeclared (first use this function)" 796 * -- cc on NeXTstep/OpenStep */ 797 BIO_printf(bio_stdout, 798 "Approximate total server time: %6.2f units\n" 799 "Approximate total client time: %6.2f units\n", 800 (double)s_time, 801 (double)c_time); 802 #endif 803 } 804 805 SSL_free(s_ssl); 806 SSL_free(c_ssl); 807 808 end: 809 SSL_CTX_free(s_ctx); 810 SSL_CTX_free(c_ctx); 811 BIO_free(bio_stdout); 812 813 free_tmp_rsa(); 814 #ifndef OPENSSL_NO_ENGINE 815 ENGINE_cleanup(); 816 #endif 817 CRYPTO_cleanup_all_ex_data(); 818 ERR_free_strings(); 819 ERR_remove_thread_state(NULL); 820 EVP_cleanup(); 821 CRYPTO_mem_leaks(bio_err); 822 BIO_free(bio_err); 823 824 exit(ret); 825 return ret; 826 } 827 828 int 829 doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, 830 clock_t *c_time) 831 { 832 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 833 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 834 BIO *server = NULL, *server_io = NULL; 835 BIO *client = NULL, *client_io = NULL; 836 int ret = 1; 837 838 size_t bufsiz = 256; /* small buffer for testing */ 839 840 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 841 goto err; 842 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 843 goto err; 844 845 s_ssl_bio = BIO_new(BIO_f_ssl()); 846 if (!s_ssl_bio) 847 goto err; 848 849 c_ssl_bio = BIO_new(BIO_f_ssl()); 850 if (!c_ssl_bio) 851 goto err; 852 853 SSL_set_connect_state(c_ssl); 854 SSL_set_bio(c_ssl, client, client); 855 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 856 857 SSL_set_accept_state(s_ssl); 858 SSL_set_bio(s_ssl, server, server); 859 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 860 861 do { 862 /* c_ssl_bio: SSL filter BIO 863 * 864 * client: pseudo-I/O for SSL library 865 * 866 * client_io: client's SSL communication; usually to be 867 * relayed over some I/O facility, but in this 868 * test program, we're the server, too: 869 * 870 * server_io: server's SSL communication 871 * 872 * server: pseudo-I/O for SSL library 873 * 874 * s_ssl_bio: SSL filter BIO 875 * 876 * The client and the server each employ a "BIO pair": 877 * client + client_io, server + server_io. 878 * BIO pairs are symmetric. A BIO pair behaves similar 879 * to a non-blocking socketpair (but both endpoints must 880 * be handled by the same thread). 881 * [Here we could connect client and server to the ends 882 * of a single BIO pair, but then this code would be less 883 * suitable as an example for BIO pairs in general.] 884 * 885 * Useful functions for querying the state of BIO pair endpoints: 886 * 887 * BIO_ctrl_pending(bio) number of bytes we can read now 888 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 889 * other side's read attempt 890 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 891 * 892 * ..._read_request is never more than ..._write_guarantee; 893 * it depends on the application which one you should use. 894 */ 895 896 /* We have non-blocking behaviour throughout this test program, but 897 * can be sure that there is *some* progress in each iteration; so 898 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE 899 * -- we just try everything in each iteration 900 */ 901 902 { 903 /* CLIENT */ 904 905 char cbuf[1024*8]; 906 int i, r; 907 clock_t c_clock = clock(); 908 909 memset(cbuf, 0, sizeof(cbuf)); 910 911 if (debug) 912 if (SSL_in_init(c_ssl)) 913 printf("client waiting in SSL_connect - %s\n", 914 SSL_state_string_long(c_ssl)); 915 916 if (cw_num > 0) { 917 /* Write to server. */ 918 919 if (cw_num > (long)sizeof cbuf) 920 i = sizeof cbuf; 921 else 922 i = (int)cw_num; 923 r = BIO_write(c_ssl_bio, cbuf, i); 924 if (r < 0) { 925 if (!BIO_should_retry(c_ssl_bio)) { 926 fprintf(stderr, "ERROR in CLIENT\n"); 927 goto err; 928 } 929 /* BIO_should_retry(...) can just be ignored here. 930 * The library expects us to call BIO_write with 931 * the same arguments again, and that's what we will 932 * do in the next iteration. */ 933 } else if (r == 0) { 934 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 935 goto err; 936 } else { 937 if (debug) 938 printf("client wrote %d\n", r); 939 cw_num -= r; 940 941 } 942 } 943 944 if (cr_num > 0) { 945 /* Read from server. */ 946 947 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 948 if (r < 0) { 949 if (!BIO_should_retry(c_ssl_bio)) { 950 fprintf(stderr, "ERROR in CLIENT\n"); 951 goto err; 952 } 953 /* Again, "BIO_should_retry" can be ignored. */ 954 } else if (r == 0) { 955 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 956 goto err; 957 } else { 958 if (debug) 959 printf("client read %d\n", r); 960 cr_num -= r; 961 } 962 } 963 964 /* c_time and s_time increments will typically be very small 965 * (depending on machine speed and clock tick intervals), 966 * but sampling over a large number of connections should 967 * result in fairly accurate figures. We cannot guarantee 968 * a lot, however -- if each connection lasts for exactly 969 * one clock tick, it will be counted only for the client 970 * or only for the server or even not at all. 971 */ 972 *c_time += (clock() - c_clock); 973 } 974 975 { 976 /* SERVER */ 977 978 char sbuf[1024*8]; 979 int i, r; 980 clock_t s_clock = clock(); 981 982 memset(sbuf, 0, sizeof(sbuf)); 983 984 if (debug) 985 if (SSL_in_init(s_ssl)) 986 printf("server waiting in SSL_accept - %s\n", 987 SSL_state_string_long(s_ssl)); 988 989 if (sw_num > 0) { 990 /* Write to client. */ 991 992 if (sw_num > (long)sizeof sbuf) 993 i = sizeof sbuf; 994 else 995 i = (int)sw_num; 996 r = BIO_write(s_ssl_bio, sbuf, i); 997 if (r < 0) { 998 if (!BIO_should_retry(s_ssl_bio)) { 999 fprintf(stderr, "ERROR in SERVER\n"); 1000 goto err; 1001 } 1002 /* Ignore "BIO_should_retry". */ 1003 } else if (r == 0) { 1004 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1005 goto err; 1006 } else { 1007 if (debug) 1008 printf("server wrote %d\n", r); 1009 sw_num -= r; 1010 1011 } 1012 } 1013 1014 if (sr_num > 0) { 1015 /* Read from client. */ 1016 1017 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 1018 if (r < 0) { 1019 if (!BIO_should_retry(s_ssl_bio)) { 1020 fprintf(stderr, "ERROR in SERVER\n"); 1021 goto err; 1022 } 1023 /* blah, blah */ 1024 } else if (r == 0) { 1025 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 1026 goto err; 1027 } else { 1028 if (debug) 1029 printf("server read %d\n", r); 1030 sr_num -= r; 1031 } 1032 } 1033 1034 *s_time += (clock() - s_clock); 1035 } 1036 1037 { 1038 /* "I/O" BETWEEN CLIENT AND SERVER. */ 1039 1040 size_t r1, r2; 1041 BIO *io1 = server_io, *io2 = client_io; 1042 /* we use the non-copying interface for io1 1043 * and the standard BIO_write/BIO_read interface for io2 1044 */ 1045 1046 static int prev_progress = 1; 1047 int progress = 0; 1048 1049 /* io1 to io2 */ 1050 do { 1051 size_t num; 1052 int r; 1053 1054 r1 = BIO_ctrl_pending(io1); 1055 r2 = BIO_ctrl_get_write_guarantee(io2); 1056 1057 num = r1; 1058 if (r2 < num) 1059 num = r2; 1060 if (num) { 1061 char *dataptr; 1062 1063 if (INT_MAX < num) /* yeah, right */ 1064 num = INT_MAX; 1065 1066 r = BIO_nread(io1, &dataptr, (int)num); 1067 assert(r > 0); 1068 assert(r <= (int)num); 1069 /* possibly r < num (non-contiguous data) */ 1070 num = r; 1071 r = BIO_write(io2, dataptr, (int)num); 1072 if (r != (int)num) /* can't happen */ 1073 { 1074 fprintf(stderr, "ERROR: BIO_write could not write " 1075 "BIO_ctrl_get_write_guarantee() bytes"); 1076 goto err; 1077 } 1078 progress = 1; 1079 1080 if (debug) 1081 printf((io1 == client_io) ? 1082 "C->S relaying: %d bytes\n" : 1083 "S->C relaying: %d bytes\n", 1084 (int)num); 1085 } 1086 } while (r1 && r2); 1087 1088 /* io2 to io1 */ 1089 { 1090 size_t num; 1091 int r; 1092 1093 r1 = BIO_ctrl_pending(io2); 1094 r2 = BIO_ctrl_get_read_request(io1); 1095 /* here we could use ..._get_write_guarantee instead of 1096 * ..._get_read_request, but by using the latter 1097 * we test restartability of the SSL implementation 1098 * more thoroughly */ 1099 num = r1; 1100 if (r2 < num) 1101 num = r2; 1102 if (num) { 1103 char *dataptr; 1104 1105 if (INT_MAX < num) 1106 num = INT_MAX; 1107 1108 if (num > 1) 1109 --num; /* test restartability even more thoroughly */ 1110 1111 r = BIO_nwrite0(io1, &dataptr); 1112 assert(r > 0); 1113 if (r < (int)num) 1114 num = r; 1115 r = BIO_read(io2, dataptr, (int)num); 1116 if (r != (int)num) /* can't happen */ 1117 { 1118 fprintf(stderr, "ERROR: BIO_read could not read " 1119 "BIO_ctrl_pending() bytes"); 1120 goto err; 1121 } 1122 progress = 1; 1123 r = BIO_nwrite(io1, &dataptr, (int)num); 1124 if (r != (int)num) /* can't happen */ 1125 { 1126 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1127 "BIO_nwrite0() bytes"); 1128 goto err; 1129 } 1130 1131 if (debug) 1132 printf((io2 == client_io) ? 1133 "C->S relaying: %d bytes\n" : 1134 "S->C relaying: %d bytes\n", 1135 (int)num); 1136 } 1137 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ 1138 1139 if (!progress && !prev_progress) 1140 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1141 fprintf(stderr, "ERROR: got stuck\n"); 1142 if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) { 1143 fprintf(stderr, "This can happen for SSL2 because " 1144 "CLIENT-FINISHED and SERVER-VERIFY are written \n" 1145 "concurrently ..."); 1146 if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 && 1147 strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) { 1148 fprintf(stderr, " ok.\n"); 1149 goto end; 1150 } 1151 } 1152 fprintf(stderr, " ERROR.\n"); 1153 goto err; 1154 } 1155 prev_progress = progress; 1156 } 1157 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1158 1159 if (verbose) 1160 print_details(c_ssl, "DONE via BIO pair: "); 1161 1162 #ifndef OPENSSL_NO_NEXTPROTONEG 1163 if (verify_npn(c_ssl, s_ssl) < 0) { 1164 ret = 1; 1165 goto err; 1166 } 1167 #endif 1168 1169 end: 1170 ret = 0; 1171 1172 err: 1173 ERR_print_errors(bio_err); 1174 1175 BIO_free(server); 1176 BIO_free(server_io); 1177 BIO_free(client); 1178 BIO_free(client_io); 1179 BIO_free(s_ssl_bio); 1180 BIO_free(c_ssl_bio); 1181 1182 return ret; 1183 } 1184 1185 1186 #define W_READ 1 1187 #define W_WRITE 2 1188 #define C_DONE 1 1189 #define S_DONE 2 1190 1191 int 1192 doit(SSL *s_ssl, SSL *c_ssl, long count) 1193 { 1194 char cbuf[1024*8], sbuf[1024*8]; 1195 long cw_num = count, cr_num = count; 1196 long sw_num = count, sr_num = count; 1197 int ret = 1; 1198 BIO *c_to_s = NULL; 1199 BIO *s_to_c = NULL; 1200 BIO *c_bio = NULL; 1201 BIO *s_bio = NULL; 1202 int c_r, c_w, s_r, s_w; 1203 int i, j; 1204 int done = 0; 1205 int c_write, s_write; 1206 int do_server = 0, do_client = 0; 1207 1208 memset(cbuf, 0, sizeof(cbuf)); 1209 memset(sbuf, 0, sizeof(sbuf)); 1210 1211 c_to_s = BIO_new(BIO_s_mem()); 1212 s_to_c = BIO_new(BIO_s_mem()); 1213 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1214 ERR_print_errors(bio_err); 1215 goto err; 1216 } 1217 1218 c_bio = BIO_new(BIO_f_ssl()); 1219 s_bio = BIO_new(BIO_f_ssl()); 1220 if ((c_bio == NULL) || (s_bio == NULL)) { 1221 ERR_print_errors(bio_err); 1222 goto err; 1223 } 1224 1225 SSL_set_connect_state(c_ssl); 1226 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1227 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1228 1229 SSL_set_accept_state(s_ssl); 1230 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1231 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1232 1233 c_r = 0; 1234 s_r = 1; 1235 c_w = 1; 1236 s_w = 0; 1237 c_write = 1, s_write = 0; 1238 1239 /* We can always do writes */ 1240 for (;;) { 1241 do_server = 0; 1242 do_client = 0; 1243 1244 i = (int)BIO_pending(s_bio); 1245 if ((i && s_r) || s_w) 1246 do_server = 1; 1247 1248 i = (int)BIO_pending(c_bio); 1249 if ((i && c_r) || c_w) 1250 do_client = 1; 1251 1252 if (do_server && debug) { 1253 if (SSL_in_init(s_ssl)) 1254 printf("server waiting in SSL_accept - %s\n", 1255 SSL_state_string_long(s_ssl)); 1256 /* else if (s_write) 1257 printf("server:SSL_write()\n"); 1258 else 1259 printf("server:SSL_read()\n"); */ 1260 } 1261 1262 if (do_client && debug) { 1263 if (SSL_in_init(c_ssl)) 1264 printf("client waiting in SSL_connect - %s\n", 1265 SSL_state_string_long(c_ssl)); 1266 /* else if (c_write) 1267 printf("client:SSL_write()\n"); 1268 else 1269 printf("client:SSL_read()\n"); */ 1270 } 1271 1272 if (!do_client && !do_server) { 1273 fprintf(stdout, "ERROR IN STARTUP\n"); 1274 ERR_print_errors(bio_err); 1275 break; 1276 } 1277 if (do_client && !(done & C_DONE)) { 1278 if (c_write) { 1279 j = (cw_num > (long)sizeof(cbuf)) ? 1280 (int)sizeof(cbuf) : (int)cw_num; 1281 i = BIO_write(c_bio, cbuf, j); 1282 if (i < 0) { 1283 c_r = 0; 1284 c_w = 0; 1285 if (BIO_should_retry(c_bio)) { 1286 if (BIO_should_read(c_bio)) 1287 c_r = 1; 1288 if (BIO_should_write(c_bio)) 1289 c_w = 1; 1290 } else { 1291 fprintf(stderr, "ERROR in CLIENT\n"); 1292 ERR_print_errors(bio_err); 1293 goto err; 1294 } 1295 } else if (i == 0) { 1296 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1297 goto err; 1298 } else { 1299 if (debug) 1300 printf("client wrote %d\n", i); 1301 /* ok */ 1302 s_r = 1; 1303 c_write = 0; 1304 cw_num -= i; 1305 } 1306 } else { 1307 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1308 if (i < 0) { 1309 c_r = 0; 1310 c_w = 0; 1311 if (BIO_should_retry(c_bio)) { 1312 if (BIO_should_read(c_bio)) 1313 c_r = 1; 1314 if (BIO_should_write(c_bio)) 1315 c_w = 1; 1316 } else { 1317 fprintf(stderr, "ERROR in CLIENT\n"); 1318 ERR_print_errors(bio_err); 1319 goto err; 1320 } 1321 } else if (i == 0) { 1322 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1323 goto err; 1324 } else { 1325 if (debug) 1326 printf("client read %d\n", i); 1327 cr_num -= i; 1328 if (sw_num > 0) { 1329 s_write = 1; 1330 s_w = 1; 1331 } 1332 if (cr_num <= 0) { 1333 s_write = 1; 1334 s_w = 1; 1335 done = S_DONE|C_DONE; 1336 } 1337 } 1338 } 1339 } 1340 1341 if (do_server && !(done & S_DONE)) { 1342 if (!s_write) { 1343 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1344 if (i < 0) { 1345 s_r = 0; 1346 s_w = 0; 1347 if (BIO_should_retry(s_bio)) { 1348 if (BIO_should_read(s_bio)) 1349 s_r = 1; 1350 if (BIO_should_write(s_bio)) 1351 s_w = 1; 1352 } else { 1353 fprintf(stderr, "ERROR in SERVER\n"); 1354 ERR_print_errors(bio_err); 1355 goto err; 1356 } 1357 } else if (i == 0) { 1358 ERR_print_errors(bio_err); 1359 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); 1360 goto err; 1361 } else { 1362 if (debug) 1363 printf("server read %d\n", i); 1364 sr_num -= i; 1365 if (cw_num > 0) { 1366 c_write = 1; 1367 c_w = 1; 1368 } 1369 if (sr_num <= 0) { 1370 s_write = 1; 1371 s_w = 1; 1372 c_write = 0; 1373 } 1374 } 1375 } else { 1376 j = (sw_num > (long)sizeof(sbuf)) ? 1377 (int)sizeof(sbuf) : (int)sw_num; 1378 i = BIO_write(s_bio, sbuf, j); 1379 if (i < 0) { 1380 s_r = 0; 1381 s_w = 0; 1382 if (BIO_should_retry(s_bio)) { 1383 if (BIO_should_read(s_bio)) 1384 s_r = 1; 1385 if (BIO_should_write(s_bio)) 1386 s_w = 1; 1387 } else { 1388 fprintf(stderr, "ERROR in SERVER\n"); 1389 ERR_print_errors(bio_err); 1390 goto err; 1391 } 1392 } else if (i == 0) { 1393 ERR_print_errors(bio_err); 1394 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); 1395 goto err; 1396 } else { 1397 if (debug) 1398 printf("server wrote %d\n", i); 1399 sw_num -= i; 1400 s_write = 0; 1401 c_r = 1; 1402 if (sw_num <= 0) 1403 done |= S_DONE; 1404 } 1405 } 1406 } 1407 1408 if ((done & S_DONE) && (done & C_DONE)) 1409 break; 1410 } 1411 1412 if (verbose) 1413 print_details(c_ssl, "DONE: "); 1414 1415 #ifndef OPENSSL_NO_NEXTPROTONEG 1416 if (verify_npn(c_ssl, s_ssl) < 0) { 1417 ret = 1; 1418 goto err; 1419 } 1420 #endif 1421 1422 ret = 0; 1423 err: 1424 /* We have to set the BIO's to NULL otherwise they will be 1425 * free()ed twice. Once when th s_ssl is SSL_free()ed and 1426 * again when c_ssl is SSL_free()ed. 1427 * This is a hack required because s_ssl and c_ssl are sharing the same 1428 * BIO structure and SSL_set_bio() and SSL_free() automatically 1429 * BIO_free non NULL entries. 1430 * You should not normally do this or be required to do this */ 1431 if (s_ssl != NULL) { 1432 s_ssl->rbio = NULL; 1433 s_ssl->wbio = NULL; 1434 } 1435 if (c_ssl != NULL) { 1436 c_ssl->rbio = NULL; 1437 c_ssl->wbio = NULL; 1438 } 1439 1440 BIO_free(c_to_s); 1441 BIO_free(s_to_c); 1442 BIO_free_all(c_bio); 1443 BIO_free_all(s_bio); 1444 1445 return (ret); 1446 } 1447 1448 static int 1449 get_proxy_auth_ex_data_idx(void) 1450 { 1451 static volatile int idx = -1; 1452 if (idx < 0) { 1453 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1454 if (idx < 0) { 1455 idx = X509_STORE_CTX_get_ex_new_index(0, 1456 "SSLtest for verify callback", NULL, NULL, NULL); 1457 } 1458 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1459 } 1460 return idx; 1461 } 1462 1463 static int 1464 verify_callback(int ok, X509_STORE_CTX *ctx) 1465 { 1466 char *s, buf[256]; 1467 1468 s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf, 1469 sizeof buf); 1470 if (s != NULL) { 1471 if (ok) 1472 fprintf(stderr, "depth=%d %s\n", 1473 ctx->error_depth, buf); 1474 else { 1475 fprintf(stderr, "depth=%d error=%d %s\n", 1476 ctx->error_depth, ctx->error, buf); 1477 } 1478 } 1479 1480 if (ok == 0) { 1481 fprintf(stderr, "Error string: %s\n", 1482 X509_verify_cert_error_string(ctx->error)); 1483 switch (ctx->error) { 1484 case X509_V_ERR_CERT_NOT_YET_VALID: 1485 case X509_V_ERR_CERT_HAS_EXPIRED: 1486 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1487 fprintf(stderr, " ... ignored.\n"); 1488 ok = 1; 1489 } 1490 } 1491 1492 if (ok == 1) { 1493 X509 *xs = ctx->current_cert; 1494 #if 0 1495 X509 *xi = ctx->current_issuer; 1496 #endif 1497 1498 if (xs->ex_flags & EXFLAG_PROXY) { 1499 unsigned int *letters = 1500 X509_STORE_CTX_get_ex_data(ctx, 1501 get_proxy_auth_ex_data_idx()); 1502 1503 if (letters) { 1504 int found_any = 0; 1505 int i; 1506 PROXY_CERT_INFO_EXTENSION *pci = 1507 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1508 NULL, NULL); 1509 1510 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1511 case NID_Independent: 1512 /* Completely meaningless in this 1513 program, as there's no way to 1514 grant explicit rights to a 1515 specific PrC. Basically, using 1516 id-ppl-Independent is the perfect 1517 way to grant no rights at all. */ 1518 fprintf(stderr, " Independent proxy certificate"); 1519 for (i = 0; i < 26; i++) 1520 letters[i] = 0; 1521 break; 1522 case NID_id_ppl_inheritAll: 1523 /* This is basically a NOP, we 1524 simply let the current rights 1525 stand as they are. */ 1526 fprintf(stderr, " Proxy certificate inherits all"); 1527 break; 1528 default: 1529 s = (char *) 1530 pci->proxyPolicy->policy->data; 1531 i = pci->proxyPolicy->policy->length; 1532 1533 /* The algorithm works as follows: 1534 it is assumed that previous 1535 iterations or the initial granted 1536 rights has already set some elements 1537 of `letters'. What we need to do is 1538 to clear those that weren't granted 1539 by the current PrC as well. The 1540 easiest way to do this is to add 1 1541 to all the elements whose letters 1542 are given with the current policy. 1543 That way, all elements that are set 1544 by the current policy and were 1545 already set by earlier policies and 1546 through the original grant of rights 1547 will get the value 2 or higher. 1548 The last thing to do is to sweep 1549 through `letters' and keep the 1550 elements having the value 2 as set, 1551 and clear all the others. */ 1552 1553 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); 1554 while (i-- > 0) { 1555 int c = *s++; 1556 if (isascii(c) && isalpha(c)) { 1557 if (islower(c)) 1558 c = toupper(c); 1559 letters[c - 'A']++; 1560 } 1561 } 1562 for (i = 0; i < 26; i++) 1563 if (letters[i] < 2) 1564 letters[i] = 0; 1565 else 1566 letters[i] = 1; 1567 } 1568 1569 found_any = 0; 1570 fprintf(stderr, ", resulting proxy rights = "); 1571 for (i = 0; i < 26; i++) 1572 if (letters[i]) { 1573 fprintf(stderr, "%c", i + 'A'); 1574 found_any = 1; 1575 } 1576 if (!found_any) 1577 fprintf(stderr, "none"); 1578 fprintf(stderr, "\n"); 1579 1580 PROXY_CERT_INFO_EXTENSION_free(pci); 1581 } 1582 } 1583 } 1584 1585 return (ok); 1586 } 1587 1588 static void 1589 process_proxy_debug(int indent, const char *format, ...) 1590 { 1591 static const char indentation[] = 1592 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1593 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ 1594 char my_format[256]; 1595 va_list args; 1596 1597 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", 1598 indent, indent, indentation, format); 1599 1600 va_start(args, format); 1601 vfprintf(stderr, my_format, args); 1602 va_end(args); 1603 } 1604 /* Priority levels: 1605 0 [!]var, () 1606 1 & ^ 1607 2 | 1608 */ 1609 static int process_proxy_cond_adders(unsigned int letters[26], 1610 const char *cond, const char **cond_end, int *pos, int indent); 1611 1612 static int 1613 process_proxy_cond_val(unsigned int letters[26], const char *cond, 1614 const char **cond_end, int *pos, int indent) 1615 { 1616 int c; 1617 int ok = 1; 1618 int negate = 0; 1619 1620 while (isspace((int)*cond)) { 1621 cond++; 1622 (*pos)++; 1623 } 1624 c = *cond; 1625 1626 if (debug) 1627 process_proxy_debug(indent, 1628 "Start process_proxy_cond_val at position %d: %s\n", 1629 *pos, cond); 1630 1631 while (c == '!') { 1632 negate = !negate; 1633 cond++; 1634 (*pos)++; 1635 while (isspace((int)*cond)) { 1636 cond++; 1637 (*pos)++; 1638 } 1639 c = *cond; 1640 } 1641 1642 if (c == '(') { 1643 cond++; 1644 (*pos)++; 1645 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1646 indent + 1); 1647 cond = *cond_end; 1648 if (ok < 0) 1649 goto end; 1650 while (isspace((int)*cond)) { 1651 cond++; 1652 (*pos)++; 1653 } 1654 c = *cond; 1655 if (c != ')') { 1656 fprintf(stderr, 1657 "Weird condition character in position %d: " 1658 "%c\n", *pos, c); 1659 ok = -1; 1660 goto end; 1661 } 1662 cond++; 1663 (*pos)++; 1664 } else if (isascii(c) && isalpha(c)) { 1665 if (islower(c)) 1666 c = toupper(c); 1667 ok = letters[c - 'A']; 1668 cond++; 1669 (*pos)++; 1670 } else { 1671 fprintf(stderr, 1672 "Weird condition character in position %d: " 1673 "%c\n", *pos, c); 1674 ok = -1; 1675 goto end; 1676 } 1677 end: 1678 *cond_end = cond; 1679 if (ok >= 0 && negate) 1680 ok = !ok; 1681 1682 if (debug) 1683 process_proxy_debug(indent, 1684 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1685 *pos, cond, ok); 1686 1687 return ok; 1688 } 1689 1690 static int 1691 process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, 1692 const char **cond_end, int *pos, int indent) 1693 { 1694 int ok; 1695 char c; 1696 1697 if (debug) 1698 process_proxy_debug(indent, 1699 "Start process_proxy_cond_multipliers at position %d: %s\n", 1700 *pos, cond); 1701 1702 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 1703 cond = *cond_end; 1704 if (ok < 0) 1705 goto end; 1706 1707 while (ok >= 0) { 1708 while (isspace((int)*cond)) { 1709 cond++; 1710 (*pos)++; 1711 } 1712 c = *cond; 1713 1714 switch (c) { 1715 case '&': 1716 case '^': 1717 { 1718 int save_ok = ok; 1719 1720 cond++; 1721 (*pos)++; 1722 ok = process_proxy_cond_val(letters, 1723 cond, cond_end, pos, indent + 1); 1724 cond = *cond_end; 1725 if (ok < 0) 1726 break; 1727 1728 switch (c) { 1729 case '&': 1730 ok &= save_ok; 1731 break; 1732 case '^': 1733 ok ^= save_ok; 1734 break; 1735 default: 1736 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1737 " STOPPING\n"); 1738 exit(1); 1739 } 1740 } 1741 break; 1742 default: 1743 goto end; 1744 } 1745 } 1746 end: 1747 if (debug) 1748 process_proxy_debug(indent, 1749 "End process_proxy_cond_multipliers at position %d: %s, " 1750 "returning %d\n", 1751 *pos, cond, ok); 1752 1753 *cond_end = cond; 1754 return ok; 1755 } 1756 1757 static int 1758 process_proxy_cond_adders(unsigned int letters[26], const char *cond, 1759 const char **cond_end, int *pos, int indent) 1760 { 1761 int ok; 1762 char c; 1763 1764 if (debug) 1765 process_proxy_debug(indent, 1766 "Start process_proxy_cond_adders at position %d: %s\n", 1767 *pos, cond); 1768 1769 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 1770 indent + 1); 1771 cond = *cond_end; 1772 if (ok < 0) 1773 goto end; 1774 1775 while (ok >= 0) { 1776 while (isspace((int)*cond)) { 1777 cond++; 1778 (*pos)++; 1779 } 1780 c = *cond; 1781 1782 switch (c) { 1783 case '|': 1784 { 1785 int save_ok = ok; 1786 1787 cond++; 1788 (*pos)++; 1789 ok = process_proxy_cond_multipliers(letters, 1790 cond, cond_end, pos, indent + 1); 1791 cond = *cond_end; 1792 if (ok < 0) 1793 break; 1794 1795 switch (c) { 1796 case '|': 1797 ok |= save_ok; 1798 break; 1799 default: 1800 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1801 " STOPPING\n"); 1802 exit(1); 1803 } 1804 } 1805 break; 1806 default: 1807 goto end; 1808 } 1809 } 1810 end: 1811 if (debug) 1812 process_proxy_debug(indent, 1813 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 1814 *pos, cond, ok); 1815 1816 *cond_end = cond; 1817 return ok; 1818 } 1819 1820 static int 1821 process_proxy_cond(unsigned int letters[26], const char *cond, 1822 const char **cond_end) 1823 { 1824 int pos = 1; 1825 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 1826 } 1827 1828 static int 1829 app_verify_callback(X509_STORE_CTX *ctx, void *arg) 1830 { 1831 int ok = 1; 1832 struct app_verify_arg *cb_arg = arg; 1833 unsigned int letters[26]; /* only used with proxy_auth */ 1834 1835 if (cb_arg->app_verify) { 1836 char *s = NULL, buf[256]; 1837 1838 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1839 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1840 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 1841 (void *)ctx, (void *)ctx->cert); 1842 if (ctx->cert) 1843 s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256); 1844 if (s != NULL) { 1845 fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf); 1846 } 1847 return (1); 1848 } 1849 if (cb_arg->proxy_auth) { 1850 int found_any = 0, i; 1851 char *sp; 1852 1853 for (i = 0; i < 26; i++) 1854 letters[i] = 0; 1855 for (sp = cb_arg->proxy_auth; *sp; sp++) { 1856 int c = *sp; 1857 if (isascii(c) && isalpha(c)) { 1858 if (islower(c)) 1859 c = toupper(c); 1860 letters[c - 'A'] = 1; 1861 } 1862 } 1863 1864 fprintf(stderr, " Initial proxy rights = "); 1865 for (i = 0; i < 26; i++) 1866 if (letters[i]) { 1867 fprintf(stderr, "%c", i + 'A'); 1868 found_any = 1; 1869 } 1870 if (!found_any) 1871 fprintf(stderr, "none"); 1872 fprintf(stderr, "\n"); 1873 1874 X509_STORE_CTX_set_ex_data(ctx, 1875 get_proxy_auth_ex_data_idx(), letters); 1876 } 1877 if (cb_arg->allow_proxy_certs) { 1878 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 1879 } 1880 1881 ok = X509_verify_cert(ctx); 1882 1883 if (cb_arg->proxy_auth) { 1884 if (ok > 0) { 1885 const char *cond_end = NULL; 1886 1887 ok = process_proxy_cond(letters, 1888 cb_arg->proxy_cond, &cond_end); 1889 1890 if (ok < 0) 1891 exit(3); 1892 if (*cond_end) { 1893 fprintf(stderr, "Stopped processing condition before it's end.\n"); 1894 ok = 0; 1895 } 1896 if (!ok) 1897 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", 1898 cb_arg->proxy_cond); 1899 else 1900 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", 1901 cb_arg->proxy_cond); 1902 } 1903 } 1904 return (ok); 1905 } 1906 1907 static RSA *rsa_tmp = NULL; 1908 1909 static RSA * 1910 tmp_rsa_cb(SSL *s, int is_export, int keylength) 1911 { 1912 BIGNUM *bn = NULL; 1913 if (rsa_tmp == NULL) { 1914 bn = BN_new(); 1915 rsa_tmp = RSA_new(); 1916 if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { 1917 BIO_printf(bio_err, "Memory error..."); 1918 goto end; 1919 } 1920 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength); 1921 (void)BIO_flush(bio_err); 1922 if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 1923 BIO_printf(bio_err, "Error generating key."); 1924 RSA_free(rsa_tmp); 1925 rsa_tmp = NULL; 1926 } 1927 end: 1928 BIO_printf(bio_err, "\n"); 1929 (void)BIO_flush(bio_err); 1930 } 1931 if (bn) 1932 BN_free(bn); 1933 return (rsa_tmp); 1934 } 1935 1936 static void 1937 free_tmp_rsa(void) 1938 { 1939 if (rsa_tmp != NULL) { 1940 RSA_free(rsa_tmp); 1941 rsa_tmp = NULL; 1942 } 1943 } 1944 1945 /* These DH parameters have been generated as follows: 1946 * $ openssl dhparam -C -noout 512 1947 * $ openssl dhparam -C -noout 1024 1948 * $ openssl dhparam -C -noout -dsaparam 1024 1949 * (The third function has been renamed to avoid name conflicts.) 1950 */ 1951 static DH * 1952 get_dh512() 1953 { 1954 static unsigned char dh512_p[] = { 1955 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 0xC6, 1956 0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 0xB0, 1957 0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 0x5F, 1958 0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 0xB8, 1959 0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 0x33, 1960 0x02, 0xC5, 0xAE, 0x23, 1961 }; 1962 static unsigned char dh512_g[] = { 1963 0x02, 1964 }; 1965 DH *dh; 1966 1967 if ((dh = DH_new()) == NULL) 1968 return (NULL); 1969 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 1970 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 1971 if ((dh->p == NULL) || (dh->g == NULL)) { 1972 DH_free(dh); 1973 return (NULL); 1974 } 1975 return (dh); 1976 } 1977 1978 static DH * 1979 get_dh1024() 1980 { 1981 static unsigned char dh1024_p[] = { 1982 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, 1983 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, 1984 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, 1985 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, 1986 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, 1987 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, 1988 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, 1989 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, 1990 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, 1991 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, 1992 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 1993 }; 1994 static unsigned char dh1024_g[] = { 1995 0x02, 1996 }; 1997 DH *dh; 1998 1999 if ((dh = DH_new()) == NULL) 2000 return (NULL); 2001 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2002 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2003 if ((dh->p == NULL) || (dh->g == NULL)) { 2004 DH_free(dh); 2005 return (NULL); 2006 } 2007 return (dh); 2008 } 2009 2010 static DH * 2011 get_dh1024dsa() 2012 { 2013 static unsigned char dh1024_p[] = { 2014 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, 2015 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, 2016 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, 2017 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, 2018 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, 2019 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, 2020 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, 2021 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, 2022 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, 2023 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, 2024 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 2025 }; 2026 static unsigned char dh1024_g[] = { 2027 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, 2028 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, 2029 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, 2030 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, 2031 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, 2032 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, 2033 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, 2034 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, 2035 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, 2036 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, 2037 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 2038 }; 2039 DH *dh; 2040 2041 if ((dh = DH_new()) == NULL) 2042 return (NULL); 2043 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 2044 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 2045 if ((dh->p == NULL) || (dh->g == NULL)) { 2046 DH_free(dh); 2047 return (NULL); 2048 } 2049 dh->length = 160; 2050 return (dh); 2051 } 2052 2053 static int 2054 do_test_cipherlist(void) 2055 { 2056 int i = 0; 2057 const SSL_METHOD *meth; 2058 const SSL_CIPHER *ci, *tci = NULL; 2059 2060 fprintf(stderr, "testing SSLv3 cipher list order: "); 2061 meth = SSLv3_method(); 2062 tci = NULL; 2063 while ((ci = meth->get_cipher(i++)) != NULL) { 2064 if (tci != NULL) { 2065 if (ci->id >= tci->id) { 2066 fprintf(stderr, 2067 "failed %lx vs. %lx\n", ci->id, tci->id); 2068 return 0; 2069 } 2070 } 2071 tci = ci; 2072 } 2073 fprintf(stderr, "ok\n"); 2074 fprintf(stderr, "testing TLSv1 cipher list order: "); 2075 meth = TLSv1_method(); 2076 tci = NULL; 2077 while ((ci = meth->get_cipher(i++)) != NULL) { 2078 if (tci != NULL) { 2079 if (ci->id >= tci->id) { 2080 fprintf(stderr, 2081 "failed %lx vs. %lx\n", ci->id, tci->id); 2082 return 0; 2083 } 2084 } 2085 tci = ci; 2086 } 2087 fprintf(stderr, "ok\n"); 2088 2089 return 1; 2090 } 2091