1 /* $OpenBSD: ssltest.c,v 1.31 2021/10/31 16:56:17 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 #define _BSD_SOURCE 1 /* Or gethostname won't be declared properly 144 on Linux and GNU platforms. */ 145 #include <sys/types.h> 146 #include <sys/socket.h> 147 148 #include <netinet/in.h> 149 150 #include <assert.h> 151 #include <errno.h> 152 #include <limits.h> 153 #include <netdb.h> 154 #include <stdio.h> 155 #include <stdlib.h> 156 #include <string.h> 157 #include <time.h> 158 #include <unistd.h> 159 160 #include <ctype.h> 161 162 #include <openssl/opensslconf.h> 163 #include <openssl/bio.h> 164 #include <openssl/crypto.h> 165 #include <openssl/evp.h> 166 #include <openssl/x509.h> 167 #include <openssl/x509v3.h> 168 #include <openssl/ssl.h> 169 #ifndef OPENSSL_NO_ENGINE 170 #include <openssl/engine.h> 171 #endif 172 #include <openssl/err.h> 173 #include <openssl/rand.h> 174 #include <openssl/rsa.h> 175 #include <openssl/dsa.h> 176 #include <openssl/dh.h> 177 #include <openssl/bn.h> 178 179 #include "ssl_locl.h" 180 181 #define TEST_SERVER_CERT "../apps/server.pem" 182 #define TEST_CLIENT_CERT "../apps/client.pem" 183 184 static int verify_callback(int ok, X509_STORE_CTX *ctx); 185 static int app_verify_callback(X509_STORE_CTX *ctx, void *arg); 186 #define APP_CALLBACK_STRING "Test Callback Argument" 187 struct app_verify_arg { 188 char *string; 189 int app_verify; 190 int allow_proxy_certs; 191 char *proxy_auth; 192 char *proxy_cond; 193 }; 194 195 static DH *get_dh1024(void); 196 static DH *get_dh1024dsa(void); 197 198 static BIO *bio_err = NULL; 199 static BIO *bio_stdout = NULL; 200 201 static const char *alpn_client; 202 static const char *alpn_server; 203 static const char *alpn_expected; 204 static unsigned char *alpn_selected; 205 206 /* 207 * next_protos_parse parses a comma separated list of strings into a string 208 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. 209 * outlen: (output) set to the length of the resulting buffer on success. 210 * err: (maybe NULL) on failure, an error message line is written to this BIO. 211 * in: a NUL terminated string like "abc,def,ghi" 212 * 213 * returns: a malloced buffer or NULL on failure. 214 */ 215 static unsigned char * 216 next_protos_parse(unsigned short *outlen, const char *in) 217 { 218 size_t i, len, start = 0; 219 unsigned char *out; 220 221 len = strlen(in); 222 if (len >= 65535) 223 return (NULL); 224 225 if ((out = malloc(strlen(in) + 1)) == NULL) 226 return (NULL); 227 228 for (i = 0; i <= len; ++i) { 229 if (i == len || in[i] == ',') { 230 if (i - start > 255) { 231 free(out); 232 return (NULL); 233 } 234 out[start] = i - start; 235 start = i + 1; 236 } else 237 out[i+1] = in[i]; 238 } 239 *outlen = len + 1; 240 return (out); 241 } 242 243 static int 244 cb_server_alpn(SSL *s, const unsigned char **out, unsigned char *outlen, 245 const unsigned char *in, unsigned int inlen, void *arg) 246 { 247 unsigned char *protos; 248 unsigned short protos_len; 249 250 if ((protos = next_protos_parse(&protos_len, alpn_server)) == NULL) { 251 fprintf(stderr, 252 "failed to parser ALPN server protocol string: %s\n", 253 alpn_server); 254 abort(); 255 } 256 257 if (SSL_select_next_proto((unsigned char **)out, outlen, protos, 258 protos_len, in, inlen) != OPENSSL_NPN_NEGOTIATED) { 259 free(protos); 260 return (SSL_TLSEXT_ERR_NOACK); 261 } 262 263 /* 264 * Make a copy of the selected protocol which will be freed in 265 * verify_alpn. 266 */ 267 if ((alpn_selected = malloc(*outlen)) == NULL) { 268 fprintf(stderr, "malloc failed\n"); 269 abort(); 270 } 271 memcpy(alpn_selected, *out, *outlen); 272 *out = alpn_selected; 273 free(protos); 274 275 return (SSL_TLSEXT_ERR_OK); 276 } 277 278 static int 279 verify_alpn(SSL *client, SSL *server) 280 { 281 const unsigned char *client_proto, *server_proto; 282 unsigned int client_proto_len = 0, server_proto_len = 0; 283 284 SSL_get0_alpn_selected(client, &client_proto, &client_proto_len); 285 SSL_get0_alpn_selected(server, &server_proto, &server_proto_len); 286 287 free(alpn_selected); 288 alpn_selected = NULL; 289 290 if (client_proto_len != server_proto_len || 291 memcmp(client_proto, server_proto, client_proto_len) != 0) { 292 BIO_printf(bio_stdout, "ALPN selected protocols differ!\n"); 293 goto err; 294 } 295 296 if (client_proto_len > 0 && alpn_expected == NULL) { 297 BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n"); 298 goto err; 299 } 300 301 if (alpn_expected != NULL && 302 (client_proto_len != strlen(alpn_expected) || 303 memcmp(client_proto, alpn_expected, client_proto_len) != 0)) { 304 BIO_printf(bio_stdout, "ALPN selected protocols not equal to " 305 "expected protocol: %s\n", alpn_expected); 306 goto err; 307 } 308 309 return (0); 310 311 err: 312 BIO_printf(bio_stdout, "ALPN results: client: '"); 313 BIO_write(bio_stdout, client_proto, client_proto_len); 314 BIO_printf(bio_stdout, "', server: '"); 315 BIO_write(bio_stdout, server_proto, server_proto_len); 316 BIO_printf(bio_stdout, "'\n"); 317 BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n", 318 alpn_client, alpn_server); 319 320 return (-1); 321 } 322 323 static char *cipher = NULL; 324 static int verbose = 0; 325 static int debug = 0; 326 327 int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, 328 clock_t *c_time); 329 int doit(SSL *s_ssl, SSL *c_ssl, long bytes); 330 331 static void 332 sv_usage(void) 333 { 334 fprintf(stderr, "usage: ssltest [args ...]\n"); 335 fprintf(stderr, "\n"); 336 fprintf(stderr, " -server_auth - check server certificate\n"); 337 fprintf(stderr, " -client_auth - do client authentication\n"); 338 fprintf(stderr, " -proxy - allow proxy certificates\n"); 339 fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n"); 340 fprintf(stderr, " -proxy_cond <val> - experssion to test proxy policy rights\n"); 341 fprintf(stderr, " -v - more output\n"); 342 fprintf(stderr, " -d - debug output\n"); 343 fprintf(stderr, " -reuse - use session-id reuse\n"); 344 fprintf(stderr, " -num <val> - number of connections to perform\n"); 345 fprintf(stderr, " -bytes <val> - number of bytes to swap between client/server\n"); 346 fprintf(stderr, " -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n"); 347 fprintf(stderr, " -no_dhe - disable DHE\n"); 348 fprintf(stderr, " -no_ecdhe - disable ECDHE\n"); 349 fprintf(stderr, " -dtls1 - use DTLSv1\n"); 350 fprintf(stderr, " -tls1 - use TLSv1\n"); 351 fprintf(stderr, " -tls1_2 - use TLSv1.2\n"); 352 fprintf(stderr, " -CApath arg - PEM format directory of CA's\n"); 353 fprintf(stderr, " -CAfile arg - PEM format file of CA's\n"); 354 fprintf(stderr, " -cert arg - Server certificate file\n"); 355 fprintf(stderr, " -key arg - Server key file (default: same as -cert)\n"); 356 fprintf(stderr, " -c_cert arg - Client certificate file\n"); 357 fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); 358 fprintf(stderr, " -cipher arg - The cipher list\n"); 359 fprintf(stderr, " -bio_pair - Use BIO pairs\n"); 360 fprintf(stderr, " -f - Test even cases that can't work\n"); 361 fprintf(stderr, " -time - measure processor time used by client and server\n"); 362 fprintf(stderr, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 363 " Use \"openssl ecparam -list_curves\" for all names\n" \ 364 " (default is sect163r2).\n"); 365 fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n"); 366 fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n"); 367 fprintf(stderr, " -alpn_expected <string> - the ALPN protocol that should be negotiated\n"); 368 } 369 370 static void 371 print_details(SSL *c_ssl, const char *prefix) 372 { 373 const SSL_CIPHER *ciph; 374 X509 *cert; 375 376 ciph = SSL_get_current_cipher(c_ssl); 377 BIO_printf(bio_stdout, "%s%s, cipher %s %s", 378 prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph), 379 SSL_CIPHER_get_name(ciph)); 380 cert = SSL_get_peer_certificate(c_ssl); 381 if (cert != NULL) { 382 EVP_PKEY *pkey = X509_get_pubkey(cert); 383 if (pkey != NULL) { 384 if (pkey->type == EVP_PKEY_RSA && 385 pkey->pkey.rsa != NULL && 386 pkey->pkey.rsa->n != NULL) { 387 BIO_printf(bio_stdout, ", %d bit RSA", 388 BN_num_bits(pkey->pkey.rsa->n)); 389 } else if (pkey->type == EVP_PKEY_DSA && 390 pkey->pkey.dsa != NULL && 391 pkey->pkey.dsa->p != NULL) { 392 BIO_printf(bio_stdout, ", %d bit DSA", 393 BN_num_bits(pkey->pkey.dsa->p)); 394 } 395 EVP_PKEY_free(pkey); 396 } 397 X509_free(cert); 398 } 399 /* The SSL API does not allow us to look at temporary RSA/DH keys, 400 * otherwise we should print their lengths too */ 401 BIO_printf(bio_stdout, "\n"); 402 } 403 404 int 405 main(int argc, char *argv[]) 406 { 407 char *CApath = NULL, *CAfile = NULL; 408 int badop = 0; 409 int bio_pair = 0; 410 int force = 0; 411 int tls1 = 0, tls1_2 = 0, dtls1 = 0, ret = 1; 412 int client_auth = 0; 413 int server_auth = 0, i; 414 struct app_verify_arg app_verify_arg = 415 { APP_CALLBACK_STRING, 0, 0, NULL, NULL }; 416 char *server_cert = TEST_SERVER_CERT; 417 char *server_key = NULL; 418 char *client_cert = TEST_CLIENT_CERT; 419 char *client_key = NULL; 420 char *named_curve = NULL; 421 SSL_CTX *s_ctx = NULL; 422 SSL_CTX *c_ctx = NULL; 423 const SSL_METHOD *meth = NULL; 424 SSL *c_ssl, *s_ssl; 425 int number = 1, reuse = 0; 426 long bytes = 256L; 427 DH *dh; 428 int dhe1024dsa = 0; 429 EC_KEY *ecdh = NULL; 430 int no_dhe = 0; 431 int no_ecdhe = 0; 432 int print_time = 0; 433 clock_t s_time = 0, c_time = 0; 434 435 verbose = 0; 436 debug = 0; 437 cipher = 0; 438 439 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); 440 441 bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); 442 443 argc--; 444 argv++; 445 446 while (argc >= 1) { 447 if (!strcmp(*argv, "-F")) { 448 fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n"); 449 exit(0); 450 } else if (strcmp(*argv, "-server_auth") == 0) 451 server_auth = 1; 452 else if (strcmp(*argv, "-client_auth") == 0) 453 client_auth = 1; 454 else if (strcmp(*argv, "-proxy_auth") == 0) { 455 if (--argc < 1) 456 goto bad; 457 app_verify_arg.proxy_auth= *(++argv); 458 } else if (strcmp(*argv, "-proxy_cond") == 0) { 459 if (--argc < 1) 460 goto bad; 461 app_verify_arg.proxy_cond= *(++argv); 462 } else if (strcmp(*argv, "-v") == 0) 463 verbose = 1; 464 else if (strcmp(*argv, "-d") == 0) 465 debug = 1; 466 else if (strcmp(*argv, "-reuse") == 0) 467 reuse = 1; 468 else if (strcmp(*argv, "-dhe1024dsa") == 0) { 469 dhe1024dsa = 1; 470 } else if (strcmp(*argv, "-no_dhe") == 0) 471 no_dhe = 1; 472 else if (strcmp(*argv, "-no_ecdhe") == 0) 473 no_ecdhe = 1; 474 else if (strcmp(*argv, "-dtls1") == 0) 475 dtls1 = 1; 476 else if (strcmp(*argv, "-tls1") == 0) 477 tls1 = 1; 478 else if (strcmp(*argv, "-tls1_2") == 0) 479 tls1_2 = 1; 480 else if (strncmp(*argv, "-num", 4) == 0) { 481 if (--argc < 1) 482 goto bad; 483 number = atoi(*(++argv)); 484 if (number == 0) 485 number = 1; 486 } else if (strcmp(*argv, "-bytes") == 0) { 487 if (--argc < 1) 488 goto bad; 489 bytes = atol(*(++argv)); 490 if (bytes == 0L) 491 bytes = 1L; 492 i = strlen(argv[0]); 493 if (argv[0][i - 1] == 'k') 494 bytes*=1024L; 495 if (argv[0][i - 1] == 'm') 496 bytes*=1024L*1024L; 497 } else if (strcmp(*argv, "-cert") == 0) { 498 if (--argc < 1) 499 goto bad; 500 server_cert= *(++argv); 501 } else if (strcmp(*argv, "-s_cert") == 0) { 502 if (--argc < 1) 503 goto bad; 504 server_cert= *(++argv); 505 } else if (strcmp(*argv, "-key") == 0) { 506 if (--argc < 1) 507 goto bad; 508 server_key= *(++argv); 509 } else if (strcmp(*argv, "-s_key") == 0) { 510 if (--argc < 1) 511 goto bad; 512 server_key= *(++argv); 513 } else if (strcmp(*argv, "-c_cert") == 0) { 514 if (--argc < 1) 515 goto bad; 516 client_cert= *(++argv); 517 } else if (strcmp(*argv, "-c_key") == 0) { 518 if (--argc < 1) 519 goto bad; 520 client_key= *(++argv); 521 } else if (strcmp(*argv, "-cipher") == 0) { 522 if (--argc < 1) 523 goto bad; 524 cipher= *(++argv); 525 } else if (strcmp(*argv, "-CApath") == 0) { 526 if (--argc < 1) 527 goto bad; 528 CApath= *(++argv); 529 } else if (strcmp(*argv, "-CAfile") == 0) { 530 if (--argc < 1) 531 goto bad; 532 CAfile= *(++argv); 533 } else if (strcmp(*argv, "-bio_pair") == 0) { 534 bio_pair = 1; 535 } else if (strcmp(*argv, "-f") == 0) { 536 force = 1; 537 } else if (strcmp(*argv, "-time") == 0) { 538 print_time = 1; 539 } else if (strcmp(*argv, "-named_curve") == 0) { 540 if (--argc < 1) 541 goto bad; 542 named_curve = *(++argv); 543 } else if (strcmp(*argv, "-app_verify") == 0) { 544 app_verify_arg.app_verify = 1; 545 } else if (strcmp(*argv, "-proxy") == 0) { 546 app_verify_arg.allow_proxy_certs = 1; 547 } else if (strcmp(*argv, "-alpn_client") == 0) { 548 if (--argc < 1) 549 goto bad; 550 alpn_client = *(++argv); 551 } else if (strcmp(*argv, "-alpn_server") == 0) { 552 if (--argc < 1) 553 goto bad; 554 alpn_server = *(++argv); 555 } else if (strcmp(*argv, "-alpn_expected") == 0) { 556 if (--argc < 1) 557 goto bad; 558 alpn_expected = *(++argv); 559 } else { 560 fprintf(stderr, "unknown option %s\n", *argv); 561 badop = 1; 562 break; 563 } 564 argc--; 565 argv++; 566 } 567 if (badop) { 568 bad: 569 sv_usage(); 570 goto end; 571 } 572 573 if (!dtls1 && !tls1 && !tls1_2 && number > 1 && !reuse && !force) { 574 fprintf(stderr, 575 "This case cannot work. Use -f to perform " 576 "the test anyway (and\n-d to see what happens), " 577 "or add one of -dtls1, -tls1, -tls1_2, -reuse\n" 578 "to avoid protocol mismatch.\n"); 579 exit(1); 580 } 581 582 if (print_time) { 583 if (!bio_pair) { 584 fprintf(stderr, "Using BIO pair (-bio_pair)\n"); 585 bio_pair = 1; 586 } 587 if (number < 50 && !force) 588 fprintf(stderr, "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); 589 } 590 591 /* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ 592 593 SSL_library_init(); 594 SSL_load_error_strings(); 595 596 if (dtls1) 597 meth = DTLSv1_method(); 598 else if (tls1) 599 meth = TLSv1_method(); 600 else if (tls1_2) 601 meth = TLSv1_2_method(); 602 else 603 meth = TLS_method(); 604 605 c_ctx = SSL_CTX_new(meth); 606 s_ctx = SSL_CTX_new(meth); 607 if ((c_ctx == NULL) || (s_ctx == NULL)) { 608 ERR_print_errors(bio_err); 609 goto end; 610 } 611 612 if (cipher != NULL) { 613 SSL_CTX_set_cipher_list(c_ctx, cipher); 614 SSL_CTX_set_cipher_list(s_ctx, cipher); 615 } 616 617 if (!no_dhe) { 618 if (dhe1024dsa) { 619 /* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks */ 620 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE); 621 dh = get_dh1024dsa(); 622 } else 623 dh = get_dh1024(); 624 SSL_CTX_set_tmp_dh(s_ctx, dh); 625 DH_free(dh); 626 } 627 628 if (!no_ecdhe) { 629 int nid; 630 631 if (named_curve != NULL) { 632 nid = OBJ_sn2nid(named_curve); 633 if (nid == 0) { 634 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 635 goto end; 636 } 637 } else 638 nid = NID_X9_62_prime256v1; 639 640 ecdh = EC_KEY_new_by_curve_name(nid); 641 if (ecdh == NULL) { 642 BIO_printf(bio_err, "unable to create curve\n"); 643 goto end; 644 } 645 646 SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); 647 SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); 648 EC_KEY_free(ecdh); 649 } 650 651 if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, 652 SSL_FILETYPE_PEM)) { 653 ERR_print_errors(bio_err); 654 } else if (!SSL_CTX_use_PrivateKey_file(s_ctx, 655 (server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) { 656 ERR_print_errors(bio_err); 657 goto end; 658 } 659 660 if (client_auth) { 661 SSL_CTX_use_certificate_file(c_ctx, client_cert, 662 SSL_FILETYPE_PEM); 663 SSL_CTX_use_PrivateKey_file(c_ctx, 664 (client_key ? client_key : client_cert), 665 SSL_FILETYPE_PEM); 666 } 667 668 if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) || 669 (!SSL_CTX_set_default_verify_paths(s_ctx)) || 670 (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || 671 (!SSL_CTX_set_default_verify_paths(c_ctx))) { 672 /* fprintf(stderr,"SSL_load_verify_locations\n"); */ 673 ERR_print_errors(bio_err); 674 /* goto end; */ 675 } 676 677 if (client_auth) { 678 BIO_printf(bio_err, "client authentication\n"); 679 SSL_CTX_set_verify(s_ctx, 680 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 681 verify_callback); 682 SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, 683 &app_verify_arg); 684 } 685 if (server_auth) { 686 BIO_printf(bio_err, "server authentication\n"); 687 SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, 688 verify_callback); 689 SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, 690 &app_verify_arg); 691 } 692 693 { 694 int session_id_context = 0; 695 SSL_CTX_set_session_id_context(s_ctx, 696 (void *)&session_id_context, sizeof(session_id_context)); 697 } 698 699 if (alpn_server != NULL) 700 SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL); 701 702 if (alpn_client != NULL) { 703 unsigned short alpn_len; 704 unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client); 705 706 if (alpn == NULL) { 707 BIO_printf(bio_err, "Error parsing -alpn_client argument\n"); 708 goto end; 709 } 710 SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len); 711 free(alpn); 712 } 713 714 c_ssl = SSL_new(c_ctx); 715 s_ssl = SSL_new(s_ctx); 716 717 for (i = 0; i < number; i++) { 718 if (!reuse) 719 SSL_set_session(c_ssl, NULL); 720 if (bio_pair) 721 ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, 722 &c_time); 723 else 724 ret = doit(s_ssl, c_ssl, bytes); 725 } 726 727 if (!verbose) { 728 print_details(c_ssl, ""); 729 } 730 if ((number > 1) || (bytes > 1L)) 731 BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", 732 number, bytes); 733 if (print_time) { 734 #ifdef CLOCKS_PER_SEC 735 /* "To determine the time in seconds, the value returned 736 * by the clock function should be divided by the value 737 * of the macro CLOCKS_PER_SEC." 738 * -- ISO/IEC 9899 */ 739 BIO_printf(bio_stdout, 740 "Approximate total server time: %6.2f s\n" 741 "Approximate total client time: %6.2f s\n", 742 (double)s_time/CLOCKS_PER_SEC, 743 (double)c_time/CLOCKS_PER_SEC); 744 #else 745 /* "`CLOCKS_PER_SEC' undeclared (first use this function)" 746 * -- cc on NeXTstep/OpenStep */ 747 BIO_printf(bio_stdout, 748 "Approximate total server time: %6.2f units\n" 749 "Approximate total client time: %6.2f units\n", 750 (double)s_time, 751 (double)c_time); 752 #endif 753 } 754 755 SSL_free(s_ssl); 756 SSL_free(c_ssl); 757 758 end: 759 SSL_CTX_free(s_ctx); 760 SSL_CTX_free(c_ctx); 761 BIO_free(bio_stdout); 762 763 #ifndef OPENSSL_NO_ENGINE 764 ENGINE_cleanup(); 765 #endif 766 CRYPTO_cleanup_all_ex_data(); 767 ERR_free_strings(); 768 ERR_remove_thread_state(NULL); 769 EVP_cleanup(); 770 CRYPTO_mem_leaks(bio_err); 771 BIO_free(bio_err); 772 773 exit(ret); 774 return ret; 775 } 776 777 int 778 doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, clock_t *s_time, 779 clock_t *c_time) 780 { 781 long cw_num = count, cr_num = count, sw_num = count, sr_num = count; 782 BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; 783 BIO *server = NULL, *server_io = NULL; 784 BIO *client = NULL, *client_io = NULL; 785 int ret = 1; 786 787 size_t bufsiz = 256; /* small buffer for testing */ 788 789 if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz)) 790 goto err; 791 if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz)) 792 goto err; 793 794 s_ssl_bio = BIO_new(BIO_f_ssl()); 795 if (!s_ssl_bio) 796 goto err; 797 798 c_ssl_bio = BIO_new(BIO_f_ssl()); 799 if (!c_ssl_bio) 800 goto err; 801 802 SSL_set_connect_state(c_ssl); 803 SSL_set_bio(c_ssl, client, client); 804 (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE); 805 806 SSL_set_accept_state(s_ssl); 807 SSL_set_bio(s_ssl, server, server); 808 (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE); 809 810 do { 811 /* c_ssl_bio: SSL filter BIO 812 * 813 * client: pseudo-I/O for SSL library 814 * 815 * client_io: client's SSL communication; usually to be 816 * relayed over some I/O facility, but in this 817 * test program, we're the server, too: 818 * 819 * server_io: server's SSL communication 820 * 821 * server: pseudo-I/O for SSL library 822 * 823 * s_ssl_bio: SSL filter BIO 824 * 825 * The client and the server each employ a "BIO pair": 826 * client + client_io, server + server_io. 827 * BIO pairs are symmetric. A BIO pair behaves similar 828 * to a non-blocking socketpair (but both endpoints must 829 * be handled by the same thread). 830 * [Here we could connect client and server to the ends 831 * of a single BIO pair, but then this code would be less 832 * suitable as an example for BIO pairs in general.] 833 * 834 * Useful functions for querying the state of BIO pair endpoints: 835 * 836 * BIO_ctrl_pending(bio) number of bytes we can read now 837 * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil 838 * other side's read attempt 839 * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now 840 * 841 * ..._read_request is never more than ..._write_guarantee; 842 * it depends on the application which one you should use. 843 */ 844 845 /* We have non-blocking behaviour throughout this test program, but 846 * can be sure that there is *some* progress in each iteration; so 847 * we don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE 848 * -- we just try everything in each iteration 849 */ 850 851 { 852 /* CLIENT */ 853 854 char cbuf[1024*8]; 855 int i, r; 856 clock_t c_clock = clock(); 857 858 memset(cbuf, 0, sizeof(cbuf)); 859 860 if (debug) 861 if (SSL_in_init(c_ssl)) 862 printf("client waiting in SSL_connect - %s\n", 863 SSL_state_string_long(c_ssl)); 864 865 if (cw_num > 0) { 866 /* Write to server. */ 867 868 if (cw_num > (long)sizeof cbuf) 869 i = sizeof cbuf; 870 else 871 i = (int)cw_num; 872 r = BIO_write(c_ssl_bio, cbuf, i); 873 if (r < 0) { 874 if (!BIO_should_retry(c_ssl_bio)) { 875 fprintf(stderr, "ERROR in CLIENT\n"); 876 goto err; 877 } 878 /* BIO_should_retry(...) can just be ignored here. 879 * The library expects us to call BIO_write with 880 * the same arguments again, and that's what we will 881 * do in the next iteration. */ 882 } else if (r == 0) { 883 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 884 goto err; 885 } else { 886 if (debug) 887 printf("client wrote %d\n", r); 888 cw_num -= r; 889 890 } 891 } 892 893 if (cr_num > 0) { 894 /* Read from server. */ 895 896 r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf)); 897 if (r < 0) { 898 if (!BIO_should_retry(c_ssl_bio)) { 899 fprintf(stderr, "ERROR in CLIENT\n"); 900 goto err; 901 } 902 /* Again, "BIO_should_retry" can be ignored. */ 903 } else if (r == 0) { 904 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 905 goto err; 906 } else { 907 if (debug) 908 printf("client read %d\n", r); 909 cr_num -= r; 910 } 911 } 912 913 /* c_time and s_time increments will typically be very small 914 * (depending on machine speed and clock tick intervals), 915 * but sampling over a large number of connections should 916 * result in fairly accurate figures. We cannot guarantee 917 * a lot, however -- if each connection lasts for exactly 918 * one clock tick, it will be counted only for the client 919 * or only for the server or even not at all. 920 */ 921 *c_time += (clock() - c_clock); 922 } 923 924 { 925 /* SERVER */ 926 927 char sbuf[1024*8]; 928 int i, r; 929 clock_t s_clock = clock(); 930 931 memset(sbuf, 0, sizeof(sbuf)); 932 933 if (debug) 934 if (SSL_in_init(s_ssl)) 935 printf("server waiting in SSL_accept - %s\n", 936 SSL_state_string_long(s_ssl)); 937 938 if (sw_num > 0) { 939 /* Write to client. */ 940 941 if (sw_num > (long)sizeof sbuf) 942 i = sizeof sbuf; 943 else 944 i = (int)sw_num; 945 r = BIO_write(s_ssl_bio, sbuf, i); 946 if (r < 0) { 947 if (!BIO_should_retry(s_ssl_bio)) { 948 fprintf(stderr, "ERROR in SERVER\n"); 949 goto err; 950 } 951 /* Ignore "BIO_should_retry". */ 952 } else if (r == 0) { 953 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 954 goto err; 955 } else { 956 if (debug) 957 printf("server wrote %d\n", r); 958 sw_num -= r; 959 960 } 961 } 962 963 if (sr_num > 0) { 964 /* Read from client. */ 965 966 r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf)); 967 if (r < 0) { 968 if (!BIO_should_retry(s_ssl_bio)) { 969 fprintf(stderr, "ERROR in SERVER\n"); 970 goto err; 971 } 972 /* blah, blah */ 973 } else if (r == 0) { 974 fprintf(stderr, "SSL SERVER STARTUP FAILED\n"); 975 goto err; 976 } else { 977 if (debug) 978 printf("server read %d\n", r); 979 sr_num -= r; 980 } 981 } 982 983 *s_time += (clock() - s_clock); 984 } 985 986 { 987 /* "I/O" BETWEEN CLIENT AND SERVER. */ 988 989 size_t r1, r2; 990 BIO *io1 = server_io, *io2 = client_io; 991 /* we use the non-copying interface for io1 992 * and the standard BIO_write/BIO_read interface for io2 993 */ 994 995 static int prev_progress = 1; 996 int progress = 0; 997 998 /* io1 to io2 */ 999 do { 1000 size_t num; 1001 int r; 1002 1003 r1 = BIO_ctrl_pending(io1); 1004 r2 = BIO_ctrl_get_write_guarantee(io2); 1005 1006 num = r1; 1007 if (r2 < num) 1008 num = r2; 1009 if (num) { 1010 char *dataptr; 1011 1012 if (INT_MAX < num) /* yeah, right */ 1013 num = INT_MAX; 1014 1015 r = BIO_nread(io1, &dataptr, (int)num); 1016 assert(r > 0); 1017 assert(r <= (int)num); 1018 /* possibly r < num (non-contiguous data) */ 1019 num = r; 1020 r = BIO_write(io2, dataptr, (int)num); 1021 if (r != (int)num) /* can't happen */ 1022 { 1023 fprintf(stderr, "ERROR: BIO_write could not write " 1024 "BIO_ctrl_get_write_guarantee() bytes"); 1025 goto err; 1026 } 1027 progress = 1; 1028 1029 if (debug) 1030 printf((io1 == client_io) ? 1031 "C->S relaying: %d bytes\n" : 1032 "S->C relaying: %d bytes\n", 1033 (int)num); 1034 } 1035 } while (r1 && r2); 1036 1037 /* io2 to io1 */ 1038 { 1039 size_t num; 1040 int r; 1041 1042 r1 = BIO_ctrl_pending(io2); 1043 r2 = BIO_ctrl_get_read_request(io1); 1044 /* here we could use ..._get_write_guarantee instead of 1045 * ..._get_read_request, but by using the latter 1046 * we test restartability of the SSL implementation 1047 * more thoroughly */ 1048 num = r1; 1049 if (r2 < num) 1050 num = r2; 1051 if (num) { 1052 char *dataptr; 1053 1054 if (INT_MAX < num) 1055 num = INT_MAX; 1056 1057 if (num > 1) 1058 --num; /* test restartability even more thoroughly */ 1059 1060 r = BIO_nwrite0(io1, &dataptr); 1061 assert(r > 0); 1062 if (r < (int)num) 1063 num = r; 1064 r = BIO_read(io2, dataptr, (int)num); 1065 if (r != (int)num) /* can't happen */ 1066 { 1067 fprintf(stderr, "ERROR: BIO_read could not read " 1068 "BIO_ctrl_pending() bytes"); 1069 goto err; 1070 } 1071 progress = 1; 1072 r = BIO_nwrite(io1, &dataptr, (int)num); 1073 if (r != (int)num) /* can't happen */ 1074 { 1075 fprintf(stderr, "ERROR: BIO_nwrite() did not accept " 1076 "BIO_nwrite0() bytes"); 1077 goto err; 1078 } 1079 1080 if (debug) 1081 printf((io2 == client_io) ? 1082 "C->S relaying: %d bytes\n" : 1083 "S->C relaying: %d bytes\n", 1084 (int)num); 1085 } 1086 } /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */ 1087 1088 if (!progress && !prev_progress) { 1089 if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) { 1090 fprintf(stderr, "ERROR: got stuck\n"); 1091 goto err; 1092 } 1093 } 1094 prev_progress = progress; 1095 } 1096 } while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0); 1097 1098 if (verbose) 1099 print_details(c_ssl, "DONE via BIO pair: "); 1100 1101 if (verify_alpn(c_ssl, s_ssl) < 0) { 1102 ret = 1; 1103 goto err; 1104 } 1105 1106 ret = 0; 1107 1108 err: 1109 ERR_print_errors(bio_err); 1110 1111 BIO_free(server); 1112 BIO_free(server_io); 1113 BIO_free(client); 1114 BIO_free(client_io); 1115 BIO_free(s_ssl_bio); 1116 BIO_free(c_ssl_bio); 1117 1118 return ret; 1119 } 1120 1121 1122 #define W_READ 1 1123 #define W_WRITE 2 1124 #define C_DONE 1 1125 #define S_DONE 2 1126 1127 int 1128 doit(SSL *s_ssl, SSL *c_ssl, long count) 1129 { 1130 char cbuf[1024*8], sbuf[1024*8]; 1131 long cw_num = count, cr_num = count; 1132 long sw_num = count, sr_num = count; 1133 int ret = 1; 1134 BIO *c_to_s = NULL; 1135 BIO *s_to_c = NULL; 1136 BIO *c_bio = NULL; 1137 BIO *s_bio = NULL; 1138 int c_r, c_w, s_r, s_w; 1139 int i, j; 1140 int done = 0; 1141 int c_write, s_write; 1142 int do_server = 0, do_client = 0; 1143 1144 memset(cbuf, 0, sizeof(cbuf)); 1145 memset(sbuf, 0, sizeof(sbuf)); 1146 1147 c_to_s = BIO_new(BIO_s_mem()); 1148 s_to_c = BIO_new(BIO_s_mem()); 1149 if ((s_to_c == NULL) || (c_to_s == NULL)) { 1150 ERR_print_errors(bio_err); 1151 goto err; 1152 } 1153 1154 c_bio = BIO_new(BIO_f_ssl()); 1155 s_bio = BIO_new(BIO_f_ssl()); 1156 if ((c_bio == NULL) || (s_bio == NULL)) { 1157 ERR_print_errors(bio_err); 1158 goto err; 1159 } 1160 1161 SSL_set_connect_state(c_ssl); 1162 SSL_set_bio(c_ssl, s_to_c, c_to_s); 1163 BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE); 1164 1165 SSL_set_accept_state(s_ssl); 1166 SSL_set_bio(s_ssl, c_to_s, s_to_c); 1167 BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE); 1168 1169 c_r = 0; 1170 s_r = 1; 1171 c_w = 1; 1172 s_w = 0; 1173 c_write = 1, s_write = 0; 1174 1175 /* We can always do writes */ 1176 for (;;) { 1177 do_server = 0; 1178 do_client = 0; 1179 1180 i = (int)BIO_pending(s_bio); 1181 if ((i && s_r) || s_w) 1182 do_server = 1; 1183 1184 i = (int)BIO_pending(c_bio); 1185 if ((i && c_r) || c_w) 1186 do_client = 1; 1187 1188 if (do_server && debug) { 1189 if (SSL_in_init(s_ssl)) 1190 printf("server waiting in SSL_accept - %s\n", 1191 SSL_state_string_long(s_ssl)); 1192 } 1193 1194 if (do_client && debug) { 1195 if (SSL_in_init(c_ssl)) 1196 printf("client waiting in SSL_connect - %s\n", 1197 SSL_state_string_long(c_ssl)); 1198 } 1199 1200 if (!do_client && !do_server) { 1201 fprintf(stdout, "ERROR in STARTUP\n"); 1202 ERR_print_errors(bio_err); 1203 goto err; 1204 } 1205 1206 if (do_client && !(done & C_DONE)) { 1207 if (c_write) { 1208 j = (cw_num > (long)sizeof(cbuf)) ? 1209 (int)sizeof(cbuf) : (int)cw_num; 1210 i = BIO_write(c_bio, cbuf, j); 1211 if (i < 0) { 1212 c_r = 0; 1213 c_w = 0; 1214 if (BIO_should_retry(c_bio)) { 1215 if (BIO_should_read(c_bio)) 1216 c_r = 1; 1217 if (BIO_should_write(c_bio)) 1218 c_w = 1; 1219 } else { 1220 fprintf(stderr, "ERROR in CLIENT\n"); 1221 ERR_print_errors(bio_err); 1222 goto err; 1223 } 1224 } else if (i == 0) { 1225 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1226 goto err; 1227 } else { 1228 if (debug) 1229 printf("client wrote %d\n", i); 1230 /* ok */ 1231 s_r = 1; 1232 c_write = 0; 1233 cw_num -= i; 1234 } 1235 } else { 1236 i = BIO_read(c_bio, cbuf, sizeof(cbuf)); 1237 if (i < 0) { 1238 c_r = 0; 1239 c_w = 0; 1240 if (BIO_should_retry(c_bio)) { 1241 if (BIO_should_read(c_bio)) 1242 c_r = 1; 1243 if (BIO_should_write(c_bio)) 1244 c_w = 1; 1245 } else { 1246 fprintf(stderr, "ERROR in CLIENT\n"); 1247 ERR_print_errors(bio_err); 1248 goto err; 1249 } 1250 } else if (i == 0) { 1251 fprintf(stderr, "SSL CLIENT STARTUP FAILED\n"); 1252 goto err; 1253 } else { 1254 if (debug) 1255 printf("client read %d\n", i); 1256 cr_num -= i; 1257 if (sw_num > 0) { 1258 s_write = 1; 1259 s_w = 1; 1260 } 1261 if (cr_num <= 0) { 1262 s_write = 1; 1263 s_w = 1; 1264 done = S_DONE|C_DONE; 1265 } 1266 } 1267 } 1268 } 1269 1270 if (do_server && !(done & S_DONE)) { 1271 if (!s_write) { 1272 i = BIO_read(s_bio, sbuf, sizeof(cbuf)); 1273 if (i < 0) { 1274 s_r = 0; 1275 s_w = 0; 1276 if (BIO_should_retry(s_bio)) { 1277 if (BIO_should_read(s_bio)) 1278 s_r = 1; 1279 if (BIO_should_write(s_bio)) 1280 s_w = 1; 1281 } else { 1282 fprintf(stderr, "ERROR in SERVER\n"); 1283 ERR_print_errors(bio_err); 1284 goto err; 1285 } 1286 } else if (i == 0) { 1287 ERR_print_errors(bio_err); 1288 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_read\n"); 1289 goto err; 1290 } else { 1291 if (debug) 1292 printf("server read %d\n", i); 1293 sr_num -= i; 1294 if (cw_num > 0) { 1295 c_write = 1; 1296 c_w = 1; 1297 } 1298 if (sr_num <= 0) { 1299 s_write = 1; 1300 s_w = 1; 1301 c_write = 0; 1302 } 1303 } 1304 } else { 1305 j = (sw_num > (long)sizeof(sbuf)) ? 1306 (int)sizeof(sbuf) : (int)sw_num; 1307 i = BIO_write(s_bio, sbuf, j); 1308 if (i < 0) { 1309 s_r = 0; 1310 s_w = 0; 1311 if (BIO_should_retry(s_bio)) { 1312 if (BIO_should_read(s_bio)) 1313 s_r = 1; 1314 if (BIO_should_write(s_bio)) 1315 s_w = 1; 1316 } else { 1317 fprintf(stderr, "ERROR in SERVER\n"); 1318 ERR_print_errors(bio_err); 1319 goto err; 1320 } 1321 } else if (i == 0) { 1322 ERR_print_errors(bio_err); 1323 fprintf(stderr, "SSL SERVER STARTUP FAILED in SSL_write\n"); 1324 goto err; 1325 } else { 1326 if (debug) 1327 printf("server wrote %d\n", i); 1328 sw_num -= i; 1329 s_write = 0; 1330 c_r = 1; 1331 if (sw_num <= 0) 1332 done |= S_DONE; 1333 } 1334 } 1335 } 1336 1337 if ((done & S_DONE) && (done & C_DONE)) 1338 break; 1339 } 1340 1341 if (verbose) 1342 print_details(c_ssl, "DONE: "); 1343 1344 if (verify_alpn(c_ssl, s_ssl) < 0) { 1345 ret = 1; 1346 goto err; 1347 } 1348 1349 ret = 0; 1350 err: 1351 /* We have to set the BIO's to NULL otherwise they will be 1352 * free()ed twice. Once when th s_ssl is SSL_free()ed and 1353 * again when c_ssl is SSL_free()ed. 1354 * This is a hack required because s_ssl and c_ssl are sharing the same 1355 * BIO structure and SSL_set_bio() and SSL_free() automatically 1356 * BIO_free non NULL entries. 1357 * You should not normally do this or be required to do this */ 1358 if (s_ssl != NULL) { 1359 s_ssl->rbio = NULL; 1360 s_ssl->wbio = NULL; 1361 } 1362 if (c_ssl != NULL) { 1363 c_ssl->rbio = NULL; 1364 c_ssl->wbio = NULL; 1365 } 1366 1367 BIO_free(c_to_s); 1368 BIO_free(s_to_c); 1369 BIO_free_all(c_bio); 1370 BIO_free_all(s_bio); 1371 1372 return (ret); 1373 } 1374 1375 static int 1376 get_proxy_auth_ex_data_idx(void) 1377 { 1378 static volatile int idx = -1; 1379 if (idx < 0) { 1380 CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); 1381 if (idx < 0) { 1382 idx = X509_STORE_CTX_get_ex_new_index(0, 1383 "SSLtest for verify callback", NULL, NULL, NULL); 1384 } 1385 CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); 1386 } 1387 return idx; 1388 } 1389 1390 static int 1391 verify_callback(int ok, X509_STORE_CTX *ctx) 1392 { 1393 X509 *xs; 1394 char *s, buf[256]; 1395 int error, error_depth; 1396 1397 xs = X509_STORE_CTX_get_current_cert(ctx); 1398 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, sizeof buf); 1399 error = X509_STORE_CTX_get_error(ctx); 1400 error_depth = X509_STORE_CTX_get_error_depth(ctx); 1401 if (s != NULL) { 1402 if (ok) 1403 fprintf(stderr, "depth=%d %s\n", error_depth, buf); 1404 else { 1405 fprintf(stderr, "depth=%d error=%d %s\n", error_depth, 1406 error, buf); 1407 } 1408 } 1409 1410 if (ok == 0) { 1411 fprintf(stderr, "Error string: %s\n", 1412 X509_verify_cert_error_string(error)); 1413 switch (error) { 1414 case X509_V_ERR_CERT_NOT_YET_VALID: 1415 case X509_V_ERR_CERT_HAS_EXPIRED: 1416 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 1417 fprintf(stderr, " ... ignored.\n"); 1418 ok = 1; 1419 } 1420 } 1421 1422 if (ok == 1) { 1423 if (X509_get_extension_flags(xs) & EXFLAG_PROXY) { 1424 unsigned int *letters = 1425 X509_STORE_CTX_get_ex_data(ctx, 1426 get_proxy_auth_ex_data_idx()); 1427 1428 if (letters) { 1429 int found_any = 0; 1430 int i; 1431 PROXY_CERT_INFO_EXTENSION *pci = 1432 X509_get_ext_d2i(xs, NID_proxyCertInfo, 1433 NULL, NULL); 1434 1435 switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) { 1436 case NID_Independent: 1437 /* Completely meaningless in this 1438 program, as there's no way to 1439 grant explicit rights to a 1440 specific PrC. Basically, using 1441 id-ppl-Independent is the perfect 1442 way to grant no rights at all. */ 1443 fprintf(stderr, " Independent proxy certificate"); 1444 for (i = 0; i < 26; i++) 1445 letters[i] = 0; 1446 break; 1447 case NID_id_ppl_inheritAll: 1448 /* This is basically a NOP, we 1449 simply let the current rights 1450 stand as they are. */ 1451 fprintf(stderr, " Proxy certificate inherits all"); 1452 break; 1453 default: 1454 s = (char *) 1455 pci->proxyPolicy->policy->data; 1456 i = pci->proxyPolicy->policy->length; 1457 1458 /* The algorithm works as follows: 1459 it is assumed that previous 1460 iterations or the initial granted 1461 rights has already set some elements 1462 of `letters'. What we need to do is 1463 to clear those that weren't granted 1464 by the current PrC as well. The 1465 easiest way to do this is to add 1 1466 to all the elements whose letters 1467 are given with the current policy. 1468 That way, all elements that are set 1469 by the current policy and were 1470 already set by earlier policies and 1471 through the original grant of rights 1472 will get the value 2 or higher. 1473 The last thing to do is to sweep 1474 through `letters' and keep the 1475 elements having the value 2 as set, 1476 and clear all the others. */ 1477 1478 fprintf(stderr, " Certificate proxy rights = %*.*s", i, i, s); 1479 while (i-- > 0) { 1480 int c = *s++; 1481 if (isascii(c) && isalpha(c)) { 1482 if (islower(c)) 1483 c = toupper(c); 1484 letters[c - 'A']++; 1485 } 1486 } 1487 for (i = 0; i < 26; i++) 1488 if (letters[i] < 2) 1489 letters[i] = 0; 1490 else 1491 letters[i] = 1; 1492 } 1493 1494 found_any = 0; 1495 fprintf(stderr, ", resulting proxy rights = "); 1496 for (i = 0; i < 26; i++) 1497 if (letters[i]) { 1498 fprintf(stderr, "%c", i + 'A'); 1499 found_any = 1; 1500 } 1501 if (!found_any) 1502 fprintf(stderr, "none"); 1503 fprintf(stderr, "\n"); 1504 1505 PROXY_CERT_INFO_EXTENSION_free(pci); 1506 } 1507 } 1508 } 1509 1510 return (ok); 1511 } 1512 1513 static void 1514 process_proxy_debug(int indent, const char *format, ...) 1515 { 1516 static const char indentation[] = 1517 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" 1518 ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ 1519 char my_format[256]; 1520 va_list args; 1521 1522 (void) snprintf(my_format, sizeof(my_format), "%*.*s %s", 1523 indent, indent, indentation, format); 1524 1525 va_start(args, format); 1526 vfprintf(stderr, my_format, args); 1527 va_end(args); 1528 } 1529 /* Priority levels: 1530 0 [!]var, () 1531 1 & ^ 1532 2 | 1533 */ 1534 static int process_proxy_cond_adders(unsigned int letters[26], 1535 const char *cond, const char **cond_end, int *pos, int indent); 1536 1537 static int 1538 process_proxy_cond_val(unsigned int letters[26], const char *cond, 1539 const char **cond_end, int *pos, int indent) 1540 { 1541 int c; 1542 int ok = 1; 1543 int negate = 0; 1544 1545 while (isspace((int)*cond)) { 1546 cond++; 1547 (*pos)++; 1548 } 1549 c = *cond; 1550 1551 if (debug) 1552 process_proxy_debug(indent, 1553 "Start process_proxy_cond_val at position %d: %s\n", 1554 *pos, cond); 1555 1556 while (c == '!') { 1557 negate = !negate; 1558 cond++; 1559 (*pos)++; 1560 while (isspace((int)*cond)) { 1561 cond++; 1562 (*pos)++; 1563 } 1564 c = *cond; 1565 } 1566 1567 if (c == '(') { 1568 cond++; 1569 (*pos)++; 1570 ok = process_proxy_cond_adders(letters, cond, cond_end, pos, 1571 indent + 1); 1572 cond = *cond_end; 1573 if (ok < 0) 1574 goto end; 1575 while (isspace((int)*cond)) { 1576 cond++; 1577 (*pos)++; 1578 } 1579 c = *cond; 1580 if (c != ')') { 1581 fprintf(stderr, 1582 "Weird condition character in position %d: " 1583 "%c\n", *pos, c); 1584 ok = -1; 1585 goto end; 1586 } 1587 cond++; 1588 (*pos)++; 1589 } else if (isascii(c) && isalpha(c)) { 1590 if (islower(c)) 1591 c = toupper(c); 1592 ok = letters[c - 'A']; 1593 cond++; 1594 (*pos)++; 1595 } else { 1596 fprintf(stderr, 1597 "Weird condition character in position %d: " 1598 "%c\n", *pos, c); 1599 ok = -1; 1600 goto end; 1601 } 1602 end: 1603 *cond_end = cond; 1604 if (ok >= 0 && negate) 1605 ok = !ok; 1606 1607 if (debug) 1608 process_proxy_debug(indent, 1609 "End process_proxy_cond_val at position %d: %s, returning %d\n", 1610 *pos, cond, ok); 1611 1612 return ok; 1613 } 1614 1615 static int 1616 process_proxy_cond_multipliers(unsigned int letters[26], const char *cond, 1617 const char **cond_end, int *pos, int indent) 1618 { 1619 int ok; 1620 char c; 1621 1622 if (debug) 1623 process_proxy_debug(indent, 1624 "Start process_proxy_cond_multipliers at position %d: %s\n", 1625 *pos, cond); 1626 1627 ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1); 1628 cond = *cond_end; 1629 if (ok < 0) 1630 goto end; 1631 1632 while (ok >= 0) { 1633 while (isspace((int)*cond)) { 1634 cond++; 1635 (*pos)++; 1636 } 1637 c = *cond; 1638 1639 switch (c) { 1640 case '&': 1641 case '^': 1642 { 1643 int save_ok = ok; 1644 1645 cond++; 1646 (*pos)++; 1647 ok = process_proxy_cond_val(letters, 1648 cond, cond_end, pos, indent + 1); 1649 cond = *cond_end; 1650 if (ok < 0) 1651 break; 1652 1653 switch (c) { 1654 case '&': 1655 ok &= save_ok; 1656 break; 1657 case '^': 1658 ok ^= save_ok; 1659 break; 1660 default: 1661 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1662 " STOPPING\n"); 1663 exit(1); 1664 } 1665 } 1666 break; 1667 default: 1668 goto end; 1669 } 1670 } 1671 end: 1672 if (debug) 1673 process_proxy_debug(indent, 1674 "End process_proxy_cond_multipliers at position %d: %s, " 1675 "returning %d\n", 1676 *pos, cond, ok); 1677 1678 *cond_end = cond; 1679 return ok; 1680 } 1681 1682 static int 1683 process_proxy_cond_adders(unsigned int letters[26], const char *cond, 1684 const char **cond_end, int *pos, int indent) 1685 { 1686 int ok; 1687 char c; 1688 1689 if (debug) 1690 process_proxy_debug(indent, 1691 "Start process_proxy_cond_adders at position %d: %s\n", 1692 *pos, cond); 1693 1694 ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos, 1695 indent + 1); 1696 cond = *cond_end; 1697 if (ok < 0) 1698 goto end; 1699 1700 while (ok >= 0) { 1701 while (isspace((int)*cond)) { 1702 cond++; 1703 (*pos)++; 1704 } 1705 c = *cond; 1706 1707 switch (c) { 1708 case '|': 1709 { 1710 int save_ok = ok; 1711 1712 cond++; 1713 (*pos)++; 1714 ok = process_proxy_cond_multipliers(letters, 1715 cond, cond_end, pos, indent + 1); 1716 cond = *cond_end; 1717 if (ok < 0) 1718 break; 1719 1720 switch (c) { 1721 case '|': 1722 ok |= save_ok; 1723 break; 1724 default: 1725 fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!" 1726 " STOPPING\n"); 1727 exit(1); 1728 } 1729 } 1730 break; 1731 default: 1732 goto end; 1733 } 1734 } 1735 end: 1736 if (debug) 1737 process_proxy_debug(indent, 1738 "End process_proxy_cond_adders at position %d: %s, returning %d\n", 1739 *pos, cond, ok); 1740 1741 *cond_end = cond; 1742 return ok; 1743 } 1744 1745 static int 1746 process_proxy_cond(unsigned int letters[26], const char *cond, 1747 const char **cond_end) 1748 { 1749 int pos = 1; 1750 return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1); 1751 } 1752 1753 static int 1754 app_verify_callback(X509_STORE_CTX *ctx, void *arg) 1755 { 1756 int ok = 1; 1757 struct app_verify_arg *cb_arg = arg; 1758 unsigned int letters[26]; /* only used with proxy_auth */ 1759 1760 if (cb_arg->app_verify) { 1761 X509 *xs; 1762 char *s = NULL, buf[256]; 1763 1764 xs = X509_STORE_CTX_get0_cert(ctx); 1765 fprintf(stderr, "In app_verify_callback, allowing cert. "); 1766 fprintf(stderr, "Arg is: %s\n", cb_arg->string); 1767 fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n", 1768 (void *)ctx, (void *)xs); 1769 if (xs) 1770 s = X509_NAME_oneline(X509_get_subject_name(xs), buf, 256); 1771 if (s != NULL) { 1772 fprintf(stderr, "cert depth=%d %s\n", 1773 X509_STORE_CTX_get_error_depth(ctx), buf); 1774 } 1775 return (1); 1776 } 1777 if (cb_arg->proxy_auth) { 1778 int found_any = 0, i; 1779 char *sp; 1780 1781 for (i = 0; i < 26; i++) 1782 letters[i] = 0; 1783 for (sp = cb_arg->proxy_auth; *sp; sp++) { 1784 int c = *sp; 1785 if (isascii(c) && isalpha(c)) { 1786 if (islower(c)) 1787 c = toupper(c); 1788 letters[c - 'A'] = 1; 1789 } 1790 } 1791 1792 fprintf(stderr, " Initial proxy rights = "); 1793 for (i = 0; i < 26; i++) 1794 if (letters[i]) { 1795 fprintf(stderr, "%c", i + 'A'); 1796 found_any = 1; 1797 } 1798 if (!found_any) 1799 fprintf(stderr, "none"); 1800 fprintf(stderr, "\n"); 1801 1802 X509_STORE_CTX_set_ex_data(ctx, 1803 get_proxy_auth_ex_data_idx(), letters); 1804 } 1805 if (cb_arg->allow_proxy_certs) { 1806 X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); 1807 } 1808 1809 ok = X509_verify_cert(ctx); 1810 1811 if (cb_arg->proxy_auth) { 1812 if (ok > 0) { 1813 const char *cond_end = NULL; 1814 1815 ok = process_proxy_cond(letters, 1816 cb_arg->proxy_cond, &cond_end); 1817 1818 if (ok < 0) 1819 exit(3); 1820 if (*cond_end) { 1821 fprintf(stderr, "Stopped processing condition before it's end.\n"); 1822 ok = 0; 1823 } 1824 if (!ok) 1825 fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n", 1826 cb_arg->proxy_cond); 1827 else 1828 fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n", 1829 cb_arg->proxy_cond); 1830 } 1831 } 1832 return (ok); 1833 } 1834 1835 /* These DH parameters have been generated as follows: 1836 * $ openssl dhparam -C -noout 1024 1837 * $ openssl dhparam -C -noout -dsaparam 1024 1838 * (The second function has been renamed to avoid name conflicts.) 1839 */ 1840 static DH * 1841 get_dh1024() 1842 { 1843 static unsigned char dh1024_p[] = { 1844 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, 0x3A, 1845 0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56, 0xA2, 1846 0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F, 0xB0, 1847 0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87, 0xC2, 1848 0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0, 0x8C, 1849 0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F, 0xB8, 1850 0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D, 0x52, 1851 0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC, 0xC1, 1852 0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB, 0xB1, 1853 0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89, 0xAB, 1854 0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53, 1855 }; 1856 static unsigned char dh1024_g[] = { 1857 0x02, 1858 }; 1859 DH *dh; 1860 1861 if ((dh = DH_new()) == NULL) 1862 return (NULL); 1863 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 1864 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 1865 if ((dh->p == NULL) || (dh->g == NULL)) { 1866 DH_free(dh); 1867 return (NULL); 1868 } 1869 return (dh); 1870 } 1871 1872 static DH * 1873 get_dh1024dsa() 1874 { 1875 static unsigned char dh1024_p[] = { 1876 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00, 1877 0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19, 1878 0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2, 1879 0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55, 1880 0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC, 1881 0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97, 1882 0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D, 1883 0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB, 1884 0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6, 1885 0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E, 1886 0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39, 1887 }; 1888 static unsigned char dh1024_g[] = { 1889 0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05, 1890 0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3, 1891 0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9, 1892 0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C, 1893 0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65, 1894 0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60, 1895 0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6, 1896 0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7, 1897 0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1, 1898 0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60, 1899 0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2, 1900 }; 1901 DH *dh; 1902 1903 if ((dh = DH_new()) == NULL) 1904 return (NULL); 1905 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); 1906 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); 1907 if ((dh->p == NULL) || (dh->g == NULL)) { 1908 DH_free(dh); 1909 return (NULL); 1910 } 1911 dh->length = 160; 1912 return (dh); 1913 } 1914