xref: /openbsd-src/usr.bin/openssl/s_client.c (revision 4e1ee0786f11cc571bd0be17d38e46f635c719fc)
1 /* $OpenBSD: s_client.c,v 1.55 2021/10/22 09:44:58 tb Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer.
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2005 Nokia. All rights reserved.
113  *
114  * The portions of the attached software ("Contribution") is developed by
115  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
116  * license.
117  *
118  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
119  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
120  * support (see RFC 4279) to OpenSSL.
121  *
122  * No patent licenses or other rights except those expressly stated in
123  * the OpenSSL open source license shall be deemed granted or received
124  * expressly, by implication, estoppel, or otherwise.
125  *
126  * No assurances are provided by Nokia that the Contribution does not
127  * infringe the patent or other intellectual property rights of any third
128  * party or that the license provides you with all the necessary rights
129  * to make use of the Contribution.
130  *
131  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
132  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
133  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
134  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
135  * OTHERWISE.
136  */
137 
138 #include <sys/types.h>
139 #include <sys/socket.h>
140 
141 #include <netinet/in.h>
142 
143 #include <assert.h>
144 #include <ctype.h>
145 #include <limits.h>
146 #include <netdb.h>
147 #include <stdio.h>
148 #include <stdlib.h>
149 #include <string.h>
150 #include <unistd.h>
151 #include <poll.h>
152 
153 #include "apps.h"
154 
155 #include <openssl/bn.h>
156 #include <openssl/err.h>
157 #include <openssl/ocsp.h>
158 #include <openssl/pem.h>
159 #include <openssl/ssl.h>
160 #include <openssl/x509.h>
161 
162 #include "s_apps.h"
163 #include "timeouts.h"
164 
165 /*#define SSL_HOST_NAME	"www.netscape.com" */
166 /*#define SSL_HOST_NAME	"193.118.187.102" */
167 #define SSL_HOST_NAME	"localhost"
168 
169  /*#define TEST_CERT "client.pem" *//* no default cert. */
170 
171 #define BUFSIZZ 1024*8
172 
173 static void sc_usage(void);
174 static void print_stuff(BIO *berr, SSL *con, int full);
175 static int ocsp_resp_cb(SSL *s, void *arg);
176 static int ssl_servername_cb(SSL *s, int *ad, void *arg);
177 
178 enum {
179 	PROTO_OFF = 0,
180 	PROTO_SMTP,
181 	PROTO_LMTP,
182 	PROTO_POP3,
183 	PROTO_IMAP,
184 	PROTO_FTP,
185 	PROTO_XMPP,
186 };
187 
188 /* This is a context that we pass to callbacks */
189 typedef struct tlsextctx_st {
190 	BIO *biodebug;
191 	int ack;
192 } tlsextctx;
193 
194 static struct {
195 	int af;
196 	char *alpn_in;
197 	int bugs;
198 	char *CAfile;
199 	char *CApath;
200 	char *cert_file;
201 	int cert_format;
202 	char *cipher;
203 	unsigned int clr;
204 	char *connect;
205 	int crlf;
206 	int debug;
207 	int enable_timeouts;
208 	const char *errstr;
209 	char *groups_in;
210 	char *host;
211 	int ign_eof;
212 	char *key_file;
213 	int key_format;
214 	char *keymatexportlabel;
215 	int keymatexportlen;
216 	uint16_t max_version;
217 	uint16_t min_version;
218 	const SSL_METHOD *meth;
219 	int msg;
220 	int nbio;
221 	int nbio_test;
222 	char *npn_in;
223 	unsigned int off;
224 	char *passarg;
225 	int pause;
226 	int peekaboo;
227 	char *port;
228 	int prexit;
229 	char *proxy;
230 	int quiet;
231 	int reconnect;
232 	char *servername;
233 	char *sess_in;
234 	char *sess_out;
235 	int showcerts;
236 	int socket_type;
237 	long socket_mtu;
238 #ifndef OPENSSL_NO_SRTP
239 	char *srtp_profiles;
240 #endif
241 	int starttls_proto;
242 	int state;
243 	int status_req;
244 	int tlsextdebug;
245 	int verify;
246 	X509_VERIFY_PARAM *vpm;
247 	char *xmpphost;
248 } s_client_config;
249 
250 static int
251 s_client_opt_keymatexportlen(char *arg)
252 {
253 	s_client_config.keymatexportlen = strtonum(arg, 1, INT_MAX,
254 	    &s_client_config.errstr);
255 	if (s_client_config.errstr != NULL) {
256 		BIO_printf(bio_err, "invalid argument %s: %s\n",
257 		    arg, s_client_config.errstr);
258 		return (1);
259 	}
260 	return (0);
261 }
262 
263 #ifndef OPENSSL_NO_DTLS
264 static int
265 s_client_opt_mtu(char *arg)
266 {
267 	s_client_config.socket_mtu = strtonum(arg, 0, LONG_MAX,
268 	    &s_client_config.errstr);
269 	if (s_client_config.errstr != NULL) {
270 		BIO_printf(bio_err, "invalid argument %s: %s\n",
271 		    arg, s_client_config.errstr);
272 		return (1);
273 	}
274 	return (0);
275 }
276 #endif
277 
278 static int
279 s_client_opt_port(char *arg)
280 {
281 	if (*arg == '\0')
282 		return (1);
283 
284 	s_client_config.port = arg;
285 	return (0);
286 }
287 
288 #ifndef OPENSSL_NO_DTLS
289 static int
290 s_client_opt_protocol_version_dtls(void)
291 {
292 	s_client_config.meth = DTLS_client_method();
293 	s_client_config.socket_type = SOCK_DGRAM;
294 	return (0);
295 }
296 #endif
297 
298 #ifndef OPENSSL_NO_DTLS1
299 static int
300 s_client_opt_protocol_version_dtls1(void)
301 {
302 	s_client_config.meth = DTLS_client_method();
303 	s_client_config.min_version = DTLS1_VERSION;
304 	s_client_config.max_version = DTLS1_VERSION;
305 	s_client_config.socket_type = SOCK_DGRAM;
306 	return (0);
307 }
308 #endif
309 
310 #ifndef OPENSSL_NO_DTLS1_2
311 static int
312 s_client_opt_protocol_version_dtls1_2(void)
313 {
314 	s_client_config.meth = DTLS_client_method();
315 	s_client_config.min_version = DTLS1_2_VERSION;
316 	s_client_config.max_version = DTLS1_2_VERSION;
317 	s_client_config.socket_type = SOCK_DGRAM;
318 	return (0);
319 }
320 #endif
321 
322 static int
323 s_client_opt_protocol_version_tls1(void)
324 {
325 	s_client_config.min_version = TLS1_VERSION;
326 	s_client_config.max_version = TLS1_VERSION;
327 	return (0);
328 }
329 
330 static int
331 s_client_opt_protocol_version_tls1_1(void)
332 {
333 	s_client_config.min_version = TLS1_1_VERSION;
334 	s_client_config.max_version = TLS1_1_VERSION;
335 	return (0);
336 }
337 
338 static int
339 s_client_opt_protocol_version_tls1_2(void)
340 {
341 	s_client_config.min_version = TLS1_2_VERSION;
342 	s_client_config.max_version = TLS1_2_VERSION;
343 	return (0);
344 }
345 
346 static int
347 s_client_opt_protocol_version_tls1_3(void)
348 {
349 	s_client_config.min_version = TLS1_3_VERSION;
350 	s_client_config.max_version = TLS1_3_VERSION;
351 	return (0);
352 }
353 
354 static int
355 s_client_opt_quiet(void)
356 {
357 	s_client_config.quiet = 1;
358 	s_client_config.ign_eof = 1;
359 	return (0);
360 }
361 
362 static int
363 s_client_opt_starttls(char *arg)
364 {
365 	if (strcmp(arg, "smtp") == 0)
366 		s_client_config.starttls_proto = PROTO_SMTP;
367 	else if (strcmp(arg, "lmtp") == 0)
368 		s_client_config.starttls_proto = PROTO_LMTP;
369 	else if (strcmp(arg, "pop3") == 0)
370 		s_client_config.starttls_proto = PROTO_POP3;
371 	else if (strcmp(arg, "imap") == 0)
372 		s_client_config.starttls_proto = PROTO_IMAP;
373 	else if (strcmp(arg, "ftp") == 0)
374 		s_client_config.starttls_proto = PROTO_FTP;
375 	else if (strcmp(arg, "xmpp") == 0)
376 		s_client_config.starttls_proto = PROTO_XMPP;
377 	else
378 		return (1);
379 	return (0);
380 }
381 
382 static int
383 s_client_opt_verify(char *arg)
384 {
385 	s_client_config.verify = SSL_VERIFY_PEER;
386 
387 	verify_depth = strtonum(arg, 0, INT_MAX, &s_client_config.errstr);
388 	if (s_client_config.errstr != NULL) {
389 		BIO_printf(bio_err, "invalid argument %s: %s\n",
390 		    arg, s_client_config.errstr);
391 		return (1);
392 	}
393 	BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
394 	return (0);
395 }
396 
397 static int
398 s_client_opt_verify_param(int argc, char **argv, int *argsused)
399 {
400 	char **pargs = argv;
401 	int pargc = argc;
402 	int badarg = 0;
403 
404 	if (!args_verify(&pargs, &pargc, &badarg, bio_err,
405 	    &s_client_config.vpm)) {
406 		BIO_printf(bio_err, "unknown option %s\n", *argv);
407 		return (1);
408 	}
409 	if (badarg)
410 		return (1);
411 
412 	*argsused = argc - pargc;
413 	return (0);
414 }
415 
416 static const struct option s_client_options[] = {
417 	{
418 		.name = "4",
419 		.desc = "Use IPv4 only",
420 		.type = OPTION_VALUE,
421 		.opt.value = &s_client_config.af,
422 		.value = AF_INET,
423 	},
424 	{
425 		.name = "6",
426 		.desc = "Use IPv6 only",
427 		.type = OPTION_VALUE,
428 		.opt.value = &s_client_config.af,
429 		.value = AF_INET6,
430 	},
431 	{
432 		.name = "alpn",
433 		.argname = "protocols",
434 		.desc = "Set the advertised protocols for ALPN"
435 			" (comma-separated list)",
436 		.type = OPTION_ARG,
437 		.opt.arg = &s_client_config.alpn_in,
438 	},
439 	{
440 		.name = "bugs",
441 		.desc = "Enable various workarounds for buggy implementations",
442 		.type = OPTION_FLAG,
443 		.opt.flag = &s_client_config.bugs,
444 	},
445 	{
446 		.name = "CAfile",
447 		.argname = "file",
448 		.desc = "PEM format file of CA certificates",
449 		.type = OPTION_ARG,
450 		.opt.arg = &s_client_config.CAfile,
451 	},
452 	{
453 		.name = "CApath",
454 		.argname = "directory",
455 		.desc = "PEM format directory of CA certificates",
456 		.type = OPTION_ARG,
457 		.opt.arg = &s_client_config.CApath,
458 	},
459 	{
460 		.name = "cert",
461 		.argname = "file",
462 		.desc = "Certificate file to use, PEM format assumed",
463 		.type = OPTION_ARG,
464 		.opt.arg = &s_client_config.cert_file,
465 	},
466 	{
467 		.name = "certform",
468 		.argname = "fmt",
469 		.desc = "Certificate format (PEM or DER) PEM default",
470 		.type = OPTION_ARG_FORMAT,
471 		.opt.value = &s_client_config.cert_format,
472 	},
473 	{
474 		.name = "cipher",
475 		.argname = "cipherlist",
476 		.desc = "Preferred cipher to use (see 'openssl ciphers')",
477 		.type = OPTION_ARG,
478 		.opt.arg = &s_client_config.cipher,
479 	},
480 	{
481 		.name = "connect",
482 		.argname = "host:port",
483 		.desc = "Who to connect to (default is localhost:4433)",
484 		.type = OPTION_ARG,
485 		.opt.arg = &s_client_config.connect,
486 	},
487 	{
488 		.name = "crlf",
489 		.desc = "Convert LF from terminal into CRLF",
490 		.type = OPTION_FLAG,
491 		.opt.flag = &s_client_config.crlf,
492 	},
493 	{
494 		.name = "debug",
495 		.desc = "Print extensive debugging information",
496 		.type = OPTION_FLAG,
497 		.opt.flag = &s_client_config.debug,
498 	},
499 #ifndef OPENSSL_NO_DTLS
500 	{
501 		.name = "dtls",
502 		.desc = "Use any version of DTLS",
503 		.type = OPTION_FUNC,
504 		.opt.func = s_client_opt_protocol_version_dtls,
505 	},
506 #endif
507 #ifndef OPENSSL_NO_DTLS1
508 	{
509 		.name = "dtls1",
510 		.desc = "Just use DTLSv1",
511 		.type = OPTION_FUNC,
512 		.opt.func = s_client_opt_protocol_version_dtls1,
513 	},
514 #endif
515 #ifndef OPENSSL_NO_DTLS1_2
516 	{
517 		.name = "dtls1_2",
518 		.desc = "Just use DTLSv1.2",
519 		.type = OPTION_FUNC,
520 		.opt.func = s_client_opt_protocol_version_dtls1_2,
521 	},
522 #endif
523 	{
524 		.name = "groups",
525 		.argname = "list",
526 		.desc = "Specify EC groups (colon-separated list)",
527 		.type = OPTION_ARG,
528 		.opt.arg = &s_client_config.groups_in,
529 	},
530 	{
531 		.name = "host",
532 		.argname = "host",
533 		.desc = "Use -connect instead",
534 		.type = OPTION_ARG,
535 		.opt.arg = &s_client_config.host,
536 	},
537 	{
538 		.name = "ign_eof",
539 		.desc = "Ignore input EOF (default when -quiet)",
540 		.type = OPTION_VALUE,
541 		.opt.value = &s_client_config.ign_eof,
542 		.value = 1,
543 	},
544 	{
545 		.name = "key",
546 		.argname = "file",
547 		.desc = "Private key file to use, if not, -cert file is used",
548 		.type = OPTION_ARG,
549 		.opt.arg = &s_client_config.key_file,
550 	},
551 	{
552 		.name = "keyform",
553 		.argname = "fmt",
554 		.desc = "Key format (PEM or DER) PEM default",
555 		.type = OPTION_ARG_FORMAT,
556 		.opt.value = &s_client_config.key_format,
557 	},
558 	{
559 		.name = "keymatexport",
560 		.argname = "label",
561 		.desc = "Export keying material using label",
562 		.type = OPTION_ARG,
563 		.opt.arg = &s_client_config.keymatexportlabel,
564 	},
565 	{
566 		.name = "keymatexportlen",
567 		.argname = "len",
568 		.desc = "Export len bytes of keying material (default 20)",
569 		.type = OPTION_ARG_FUNC,
570 		.opt.argfunc = s_client_opt_keymatexportlen,
571 	},
572 	{
573 		.name = "legacy_renegotiation",
574 		.type = OPTION_DISCARD,
575 	},
576 	{
577 		.name = "legacy_server_connect",
578 		.desc = "Allow initial connection to servers that don't support RI",
579 		.type = OPTION_VALUE_OR,
580 		.opt.value = &s_client_config.off,
581 		.value = SSL_OP_LEGACY_SERVER_CONNECT,
582 	},
583 	{
584 		.name = "msg",
585 		.desc = "Show all protocol messages with hex dump",
586 		.type = OPTION_FLAG,
587 		.opt.flag = &s_client_config.msg,
588 	},
589 #ifndef OPENSSL_NO_DTLS
590 	{
591 		.name = "mtu",
592 		.argname = "mtu",
593 		.desc = "Set the link layer MTU on DTLS connections",
594 		.type = OPTION_ARG_FUNC,
595 		.opt.argfunc = s_client_opt_mtu,
596 	},
597 #endif
598 	{
599 		.name = "nbio",
600 		.desc = "Turn on non-blocking I/O",
601 		.type = OPTION_FLAG,
602 		.opt.flag = &s_client_config.nbio,
603 	},
604 	{
605 		.name = "nbio_test",
606 		.desc = "Test non-blocking I/O",
607 		.type = OPTION_FLAG,
608 		.opt.flag = &s_client_config.nbio_test,
609 	},
610 	{
611 		.name = "nextprotoneg",
612 		.argname = "protocols",
613 		.type = OPTION_ARG,
614 		.opt.arg = &s_client_config.npn_in, /* Ignored. */
615 	},
616 	{
617 		.name = "no_comp",
618 		.type = OPTION_VALUE_OR,
619 		.opt.value = &s_client_config.off,
620 		.value = SSL_OP_NO_COMPRESSION,
621 	},
622 	{
623 		.name = "no_ign_eof",
624 		.desc = "Don't ignore input EOF",
625 		.type = OPTION_VALUE,
626 		.opt.value = &s_client_config.ign_eof,
627 		.value = 0,
628 	},
629 	{
630 		.name = "no_legacy_server_connect",
631 		.desc = "Disallow initial connection to servers that don't support RI",
632 		.type = OPTION_VALUE_OR,
633 		.opt.value = &s_client_config.clr,
634 		.value = SSL_OP_LEGACY_SERVER_CONNECT,
635 	},
636 	{
637 		.name = "no_ssl2",
638 		.type = OPTION_VALUE_OR,
639 		.opt.value = &s_client_config.off,
640 		.value = SSL_OP_NO_SSLv2,
641 	},
642 	{
643 		.name = "no_ssl3",
644 		.type = OPTION_VALUE_OR,
645 		.opt.value = &s_client_config.off,
646 		.value = SSL_OP_NO_SSLv3,
647 	},
648 	{
649 		.name = "no_ticket",
650 		.desc = "Disable use of RFC4507 session ticket support",
651 		.type = OPTION_VALUE_OR,
652 		.opt.value = &s_client_config.off,
653 		.value = SSL_OP_NO_TICKET,
654 	},
655 	{
656 		.name = "no_tls1",
657 		.desc = "Disable the use of TLSv1",
658 		.type = OPTION_VALUE_OR,
659 		.opt.value = &s_client_config.off,
660 		.value = SSL_OP_NO_TLSv1,
661 	},
662 	{
663 		.name = "no_tls1_1",
664 		.desc = "Disable the use of TLSv1.1",
665 		.type = OPTION_VALUE_OR,
666 		.opt.value = &s_client_config.off,
667 		.value = SSL_OP_NO_TLSv1_1,
668 	},
669 	{
670 		.name = "no_tls1_2",
671 		.desc = "Disable the use of TLSv1.2",
672 		.type = OPTION_VALUE_OR,
673 		.opt.value = &s_client_config.off,
674 		.value = SSL_OP_NO_TLSv1_2,
675 	},
676 	{
677 		.name = "no_tls1_3",
678 		.desc = "Disable the use of TLSv1.3",
679 		.type = OPTION_VALUE_OR,
680 		.opt.value = &s_client_config.off,
681 		.value = SSL_OP_NO_TLSv1_3,
682 	},
683 	{
684 		.name = "pass",
685 		.argname = "arg",
686 		.desc = "Private key file pass phrase source",
687 		.type = OPTION_ARG,
688 		.opt.arg = &s_client_config.passarg,
689 	},
690 	{
691 		.name = "pause",
692 		.desc = "Pause 1 second between each read and write call",
693 		.type = OPTION_FLAG,
694 		.opt.flag = &s_client_config.pause,
695 	},
696 	{
697 		.name = "peekaboo",
698 		.type = OPTION_FLAG,
699 		.opt.flag = &s_client_config.peekaboo,
700 	},
701 	{
702 		.name = "port",
703 		.argname = "port",
704 		.desc = "Use -connect instead",
705 		.type = OPTION_ARG_FUNC,
706 		.opt.argfunc = s_client_opt_port,
707 	},
708 	{
709 		.name = "prexit",
710 		.desc = "Print session information when the program exits",
711 		.type = OPTION_FLAG,
712 		.opt.flag = &s_client_config.prexit,
713 	},
714 	{
715 		.name = "proxy",
716 		.argname = "host:port",
717 		.desc = "Connect to http proxy",
718 		.type = OPTION_ARG,
719 		.opt.arg = &s_client_config.proxy,
720 	},
721 	{
722 		.name = "quiet",
723 		.desc = "Inhibit printing of session and certificate info",
724 		.type = OPTION_FUNC,
725 		.opt.func = s_client_opt_quiet,
726 	},
727 	{
728 		.name = "reconnect",
729 		.desc = "Drop and re-make the connection with the same Session-ID",
730 		.type = OPTION_VALUE,
731 		.opt.value = &s_client_config.reconnect,
732 		.value = 5,
733 	},
734 	{
735 		.name = "servername",
736 		.argname = "name",
737 		.desc = "Set TLS extension servername in ClientHello (SNI)",
738 		.type = OPTION_ARG,
739 		.opt.arg = &s_client_config.servername,
740 	},
741 	{
742 		.name = "serverpref",
743 		.desc = "Use server's cipher preferences",
744 		.type = OPTION_VALUE_OR,
745 		.opt.value = &s_client_config.off,
746 		.value = SSL_OP_CIPHER_SERVER_PREFERENCE,
747 	},
748 	{
749 		.name = "sess_in",
750 		.argname = "file",
751 		.desc = "File to read TLS session from",
752 		.type = OPTION_ARG,
753 		.opt.arg = &s_client_config.sess_in,
754 	},
755 	{
756 		.name = "sess_out",
757 		.argname = "file",
758 		.desc = "File to write TLS session to",
759 		.type = OPTION_ARG,
760 		.opt.arg = &s_client_config.sess_out,
761 	},
762 	{
763 		.name = "showcerts",
764 		.desc = "Show all server certificates in the chain",
765 		.type = OPTION_FLAG,
766 		.opt.flag = &s_client_config.showcerts,
767 	},
768 	{
769 		.name = "starttls",
770 		.argname = "protocol",
771 		.desc = "Use the STARTTLS command before starting TLS,\n"
772 		        "smtp, lmtp, pop3, imap, ftp and xmpp are supported.",
773 		.type = OPTION_ARG_FUNC,
774 		.opt.argfunc = s_client_opt_starttls,
775 	},
776 	{
777 		.name = "state",
778 		.desc = "Print the TLS session states",
779 		.type = OPTION_FLAG,
780 		.opt.flag = &s_client_config.state,
781 	},
782 	{
783 		.name = "status",
784 		.desc = "Send a certificate status request to the server (OCSP)",
785 		.type = OPTION_FLAG,
786 		.opt.flag = &s_client_config.status_req,
787 	},
788 #ifndef OPENSSL_NO_DTLS
789 	{
790 		.name = "timeout",
791 		.desc = "Enable send/receive timeout on DTLS connections",
792 		.type = OPTION_FLAG,
793 		.opt.flag = &s_client_config.enable_timeouts,
794 	},
795 #endif
796 	{
797 		.name = "tls1",
798 		.desc = "Just use TLSv1",
799 		.type = OPTION_FUNC,
800 		.opt.func = s_client_opt_protocol_version_tls1,
801 	},
802 	{
803 		.name = "tls1_1",
804 		.desc = "Just use TLSv1.1",
805 		.type = OPTION_FUNC,
806 		.opt.func = s_client_opt_protocol_version_tls1_1,
807 	},
808 	{
809 		.name = "tls1_2",
810 		.desc = "Just use TLSv1.2",
811 		.type = OPTION_FUNC,
812 		.opt.func = s_client_opt_protocol_version_tls1_2,
813 	},
814 	{
815 		.name = "tls1_3",
816 		.desc = "Just use TLSv1.3",
817 		.type = OPTION_FUNC,
818 		.opt.func = s_client_opt_protocol_version_tls1_3,
819 	},
820 	{
821 		.name = "tlsextdebug",
822 		.desc = "Hex dump of all TLS extensions received",
823 		.type = OPTION_FLAG,
824 		.opt.flag = &s_client_config.tlsextdebug,
825 	},
826 #ifndef OPENSSL_NO_SRTP
827 	{
828 		.name = "use_srtp",
829 		.argname = "profiles",
830 		.desc = "Offer SRTP key management with a colon-separated profiles",
831 		.type = OPTION_ARG,
832 		.opt.arg = &s_client_config.srtp_profiles,
833 	},
834 #endif
835 	{
836 		.name = "verify",
837 		.argname = "depth",
838 		.desc = "Turn on peer certificate verification, with a max of depth",
839 		.type = OPTION_ARG_FUNC,
840 		.opt.argfunc = s_client_opt_verify,
841 	},
842 	{
843 		.name = "verify_return_error",
844 		.desc = "Return verification error",
845 		.type = OPTION_FLAG,
846 		.opt.flag = &verify_return_error,
847 	},
848 	{
849 		.name = "xmpphost",
850 		.argname = "host",
851 		.desc = "Connect to this virtual host on the xmpp server",
852 		.type = OPTION_ARG,
853 		.opt.arg = &s_client_config.xmpphost,
854 	},
855 	{
856 		.name = NULL,
857 		.desc = "",
858 		.type = OPTION_ARGV_FUNC,
859 		.opt.argvfunc = s_client_opt_verify_param,
860 	},
861 	{ NULL },
862 };
863 
864 static void
865 sc_usage(void)
866 {
867 	fprintf(stderr, "usage: s_client "
868 	    "[-4 | -6] [-alpn protocols] [-bugs] [-CAfile file]\n"
869 	    "    [-CApath directory] [-cert file] [-certform der | pem] [-check_ss_sig]\n"
870 	    "    [-cipher cipherlist] [-connect host[:port]] [-crl_check]\n"
871 	    "    [-crl_check_all] [-crlf] [-debug] [-dtls] [-dtls1] [-dtls1_2] [-extended_crl]\n"
872 	    "    [-groups list] [-host host] [-ign_eof] [-ignore_critical]\n"
873 	    "    [-issuer_checks] [-key keyfile] [-keyform der | pem]\n"
874 	    "    [-keymatexport label] [-keymatexportlen len] [-legacy_server_connect]\n"
875 	    "    [-msg] [-mtu mtu] [-nbio] [-nbio_test] [-no_comp] [-no_ign_eof]\n"
876 	    "    [-no_legacy_server_connect] [-no_ticket] [-no_tls1] [-no_tls1_1]\n"
877 	    "    [-no_tls1_2] [-no_tls1_3] [-pass arg] [-pause] [-policy_check]\n"
878 	    "    [-port port] [-prexit] [-proxy host:port] [-quiet] [-reconnect]\n"
879 	    "    [-servername name] [-serverpref] [-sess_in file] [-sess_out file]\n"
880 	    "    [-showcerts] [-starttls protocol] [-state] [-status] [-timeout]\n"
881 	    "    [-tls1] [-tls1_1] [-tls1_2] [-tls1_3] [-tlsextdebug]\n"
882 	    "    [-use_srtp profiles] [-verify depth] [-verify_return_error]\n"
883 	    "    [-x509_strict] [-xmpphost host]\n");
884 	fprintf(stderr, "\n");
885 	options_usage(s_client_options);
886 	fprintf(stderr, "\n");
887 }
888 
889 int
890 s_client_main(int argc, char **argv)
891 {
892 	SSL *con = NULL;
893 	int s, k, p = 0, pending = 0;
894 	char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL, *pbuf = NULL;
895 	int cbuf_len, cbuf_off;
896 	int sbuf_len, sbuf_off;
897 	int pbuf_len;
898 	int full_log = 1;
899 	char *pass = NULL;
900 	X509 *cert = NULL;
901 	EVP_PKEY *key = NULL;
902 	int badop = 0;
903 	int write_tty, read_tty, write_ssl, read_ssl, tty_on, ssl_pending;
904 	SSL_CTX *ctx = NULL;
905 	int ret = 1, in_init = 1, i;
906 	BIO *bio_c_out = NULL;
907 	BIO *sbio;
908 	int mbuf_len = 0;
909 	struct timeval timeout;
910 	tlsextctx tlsextcbp = {NULL, 0};
911 	struct sockaddr_storage peer;
912 	int peerlen = sizeof(peer);
913 
914 	if (single_execution) {
915 		if (pledge("stdio cpath wpath rpath inet dns tty", NULL) == -1) {
916 			perror("pledge");
917 			exit(1);
918 		}
919 	}
920 
921 	memset(&s_client_config, 0, sizeof(s_client_config));
922 	s_client_config.af = AF_UNSPEC;
923 	s_client_config.cert_format = FORMAT_PEM;
924 	s_client_config.host = SSL_HOST_NAME;
925 	s_client_config.key_format = FORMAT_PEM;
926 	s_client_config.keymatexportlen = 20;
927 	s_client_config.meth = TLS_client_method();
928 	s_client_config.port = PORT_STR;
929 	s_client_config.socket_type = SOCK_STREAM;
930 	s_client_config.starttls_proto = PROTO_OFF;
931 	s_client_config.verify = SSL_VERIFY_NONE;
932 
933 	if (((cbuf = malloc(BUFSIZZ)) == NULL) ||
934 	    ((sbuf = malloc(BUFSIZZ)) == NULL) ||
935 	    ((pbuf = malloc(BUFSIZZ)) == NULL) ||
936 	    ((mbuf = malloc(BUFSIZZ + 1)) == NULL)) {	/* NUL byte */
937 		BIO_printf(bio_err, "out of memory\n");
938 		goto end;
939 	}
940 	verify_depth = 0;
941 
942 	if (options_parse(argc, argv, s_client_options, NULL, NULL) != 0) {
943 		badop = 1;
944 		goto bad;
945 	}
946 	if (s_client_config.proxy != NULL) {
947 		if (!extract_host_port(s_client_config.proxy,
948 		    &s_client_config.host, NULL, &s_client_config.port))
949 			goto bad;
950 		if (s_client_config.connect == NULL)
951 			s_client_config.connect = SSL_HOST_NAME;
952 	} else if (s_client_config.connect != NULL) {
953 		if (!extract_host_port(s_client_config.connect,
954 		    &s_client_config.host, NULL, &s_client_config.port))
955 			goto bad;
956 	}
957 	if (badop) {
958  bad:
959 		if (s_client_config.errstr == NULL)
960 			sc_usage();
961 		goto end;
962 	}
963 
964 	if (!app_passwd(bio_err, s_client_config.passarg, NULL, &pass, NULL)) {
965 		BIO_printf(bio_err, "Error getting password\n");
966 		goto end;
967 	}
968 	if (s_client_config.key_file == NULL)
969 		s_client_config.key_file = s_client_config.cert_file;
970 
971 
972 	if (s_client_config.key_file) {
973 
974 		key = load_key(bio_err, s_client_config.key_file,
975 		    s_client_config.key_format, 0, pass,
976 		    "client certificate private key file");
977 		if (!key) {
978 			ERR_print_errors(bio_err);
979 			goto end;
980 		}
981 	}
982 	if (s_client_config.cert_file) {
983 		cert = load_cert(bio_err, s_client_config.cert_file,
984 		    s_client_config.cert_format,
985 		    NULL, "client certificate file");
986 
987 		if (!cert) {
988 			ERR_print_errors(bio_err);
989 			goto end;
990 		}
991 	}
992 	if (s_client_config.quiet && !s_client_config.debug &&
993 	    !s_client_config.msg) {
994 		if ((bio_c_out = BIO_new(BIO_s_null())) == NULL)
995 			goto end;
996 	} else {
997 		if ((bio_c_out = BIO_new_fp(stdout, BIO_NOCLOSE)) == NULL)
998 			goto end;
999 	}
1000 
1001 	ctx = SSL_CTX_new(s_client_config.meth);
1002 	if (ctx == NULL) {
1003 		ERR_print_errors(bio_err);
1004 		goto end;
1005 	}
1006 
1007 	SSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY);
1008 
1009 	if (s_client_config.vpm)
1010 		SSL_CTX_set1_param(ctx, s_client_config.vpm);
1011 
1012 	if (!SSL_CTX_set_min_proto_version(ctx, s_client_config.min_version))
1013 		goto end;
1014 	if (!SSL_CTX_set_max_proto_version(ctx, s_client_config.max_version))
1015 		goto end;
1016 
1017 #ifndef OPENSSL_NO_SRTP
1018 	if (s_client_config.srtp_profiles != NULL)
1019 		SSL_CTX_set_tlsext_use_srtp(ctx, s_client_config.srtp_profiles);
1020 #endif
1021 	if (s_client_config.bugs)
1022 		SSL_CTX_set_options(ctx, SSL_OP_ALL | s_client_config.off);
1023 	else
1024 		SSL_CTX_set_options(ctx, s_client_config.off);
1025 
1026 	if (s_client_config.clr)
1027 		SSL_CTX_clear_options(ctx, s_client_config.clr);
1028 
1029 	if (s_client_config.alpn_in) {
1030 		unsigned short alpn_len;
1031 		unsigned char *alpn;
1032 
1033 		alpn = next_protos_parse(&alpn_len, s_client_config.alpn_in);
1034 		if (alpn == NULL) {
1035 			BIO_printf(bio_err, "Error parsing -alpn argument\n");
1036 			goto end;
1037 		}
1038 		SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len);
1039 		free(alpn);
1040 	}
1041 	if (s_client_config.groups_in != NULL) {
1042 		if (SSL_CTX_set1_groups_list(ctx, s_client_config.groups_in) != 1) {
1043 			BIO_printf(bio_err, "Failed to set groups '%s'\n",
1044 			    s_client_config.groups_in);
1045 			goto end;
1046 		}
1047 	}
1048 
1049 	if (s_client_config.state)
1050 		SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
1051 	if (s_client_config.cipher != NULL)
1052 		if (!SSL_CTX_set_cipher_list(ctx, s_client_config.cipher)) {
1053 			BIO_printf(bio_err, "error setting cipher list\n");
1054 			ERR_print_errors(bio_err);
1055 			goto end;
1056 		}
1057 
1058 	SSL_CTX_set_verify(ctx, s_client_config.verify, verify_callback);
1059 	if (!set_cert_key_stuff(ctx, cert, key))
1060 		goto end;
1061 
1062 	if ((s_client_config.CAfile || s_client_config.CApath)
1063 	    && !SSL_CTX_load_verify_locations(ctx, s_client_config.CAfile,
1064 	    s_client_config.CApath))
1065 		ERR_print_errors(bio_err);
1066 
1067 	if (!SSL_CTX_set_default_verify_paths(ctx))
1068 		ERR_print_errors(bio_err);
1069 
1070 	if (s_client_config.servername != NULL) {
1071 		tlsextcbp.biodebug = bio_err;
1072 		SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1073 		SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
1074 	}
1075 
1076 	con = SSL_new(ctx);
1077 	if (s_client_config.sess_in) {
1078 		SSL_SESSION *sess;
1079 		BIO *stmp = BIO_new_file(s_client_config.sess_in, "r");
1080 		if (!stmp) {
1081 			BIO_printf(bio_err, "Can't open session file %s\n",
1082 			    s_client_config.sess_in);
1083 			ERR_print_errors(bio_err);
1084 			goto end;
1085 		}
1086 		sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL);
1087 		BIO_free(stmp);
1088 		if (!sess) {
1089 			BIO_printf(bio_err, "Can't open session file %s\n",
1090 			    s_client_config.sess_in);
1091 			ERR_print_errors(bio_err);
1092 			goto end;
1093 		}
1094 		SSL_set_session(con, sess);
1095 		SSL_SESSION_free(sess);
1096 	}
1097 	if (s_client_config.servername != NULL) {
1098 		if (!SSL_set_tlsext_host_name(con, s_client_config.servername)) {
1099 			BIO_printf(bio_err,
1100 			    "Unable to set TLS servername extension.\n");
1101 			ERR_print_errors(bio_err);
1102 			goto end;
1103 		}
1104 	}
1105 /*	SSL_set_cipher_list(con,"RC4-MD5"); */
1106 
1107  re_start:
1108 
1109 	if (init_client(&s, s_client_config.host, s_client_config.port,
1110 	    s_client_config.socket_type, s_client_config.af) == 0) {
1111 		BIO_printf(bio_err, "connect:errno=%d\n", errno);
1112 		goto end;
1113 	}
1114 	BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s);
1115 
1116 	if (s_client_config.nbio) {
1117 		if (!s_client_config.quiet)
1118 			BIO_printf(bio_c_out, "turning on non blocking io\n");
1119 		if (!BIO_socket_nbio(s, 1)) {
1120 			ERR_print_errors(bio_err);
1121 			goto end;
1122 		}
1123 	}
1124 	if (s_client_config.pause & 0x01)
1125 		SSL_set_debug(con, 1);
1126 
1127 	if (SSL_is_dtls(con)) {
1128 		sbio = BIO_new_dgram(s, BIO_NOCLOSE);
1129 		if (getsockname(s, (struct sockaddr *)&peer,
1130 		    (void *)&peerlen) == -1) {
1131 			BIO_printf(bio_err, "getsockname:errno=%d\n",
1132 			    errno);
1133 			shutdown(s, SHUT_RD);
1134 			close(s);
1135 			goto end;
1136 		}
1137 		(void) BIO_ctrl_set_connected(sbio, 1, &peer);
1138 
1139 		if (s_client_config.enable_timeouts) {
1140 			timeout.tv_sec = 0;
1141 			timeout.tv_usec = DGRAM_RCV_TIMEOUT;
1142 			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0,
1143 			    &timeout);
1144 
1145 			timeout.tv_sec = 0;
1146 			timeout.tv_usec = DGRAM_SND_TIMEOUT;
1147 			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0,
1148 			    &timeout);
1149 		}
1150 		if (s_client_config.socket_mtu > 28) {
1151 			SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
1152 			SSL_set_mtu(con, s_client_config.socket_mtu - 28);
1153 		} else
1154 			/* want to do MTU discovery */
1155 			BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
1156 	} else
1157 		sbio = BIO_new_socket(s, BIO_NOCLOSE);
1158 
1159 	if (s_client_config.nbio_test) {
1160 		BIO *test;
1161 
1162 		test = BIO_new(BIO_f_nbio_test());
1163 		sbio = BIO_push(test, sbio);
1164 	}
1165 	if (s_client_config.debug) {
1166 		SSL_set_debug(con, 1);
1167 		BIO_set_callback(sbio, bio_dump_callback);
1168 		BIO_set_callback_arg(sbio, (char *) bio_c_out);
1169 	}
1170 	if (s_client_config.msg) {
1171 		SSL_set_msg_callback(con, msg_cb);
1172 		SSL_set_msg_callback_arg(con, bio_c_out);
1173 	}
1174 	if (s_client_config.tlsextdebug) {
1175 		SSL_set_tlsext_debug_callback(con, tlsext_cb);
1176 		SSL_set_tlsext_debug_arg(con, bio_c_out);
1177 	}
1178 	if (s_client_config.status_req) {
1179 		SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
1180 		SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
1181 		SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
1182 	}
1183 
1184 	SSL_set_bio(con, sbio, sbio);
1185 	SSL_set_connect_state(con);
1186 
1187 	/* ok, lets connect */
1188 	read_tty = 1;
1189 	write_tty = 0;
1190 	tty_on = 0;
1191 	read_ssl = 1;
1192 	write_ssl = 1;
1193 
1194 	cbuf_len = 0;
1195 	cbuf_off = 0;
1196 	sbuf_len = 0;
1197 	sbuf_off = 0;
1198 	pbuf_len = 0;
1199 
1200 	/* This is an ugly hack that does a lot of assumptions */
1201 	/*
1202 	 * We do have to handle multi-line responses which may come in a
1203 	 * single packet or not. We therefore have to use BIO_gets() which
1204 	 * does need a buffering BIO. So during the initial chitchat we do
1205 	 * push a buffering BIO into the chain that is removed again later on
1206 	 * to not disturb the rest of the s_client operation.
1207 	 */
1208 	if (s_client_config.starttls_proto == PROTO_SMTP ||
1209 	    s_client_config.starttls_proto == PROTO_LMTP) {
1210 		int foundit = 0;
1211 		BIO *fbio = BIO_new(BIO_f_buffer());
1212 		BIO_push(fbio, sbio);
1213 		/* wait for multi-line response to end from SMTP */
1214 		do {
1215 			mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
1216 		}
1217 		while (mbuf_len > 3 && mbuf[3] == '-');
1218 		/* STARTTLS command requires EHLO... */
1219 		BIO_printf(fbio, "%cHLO openssl.client.net\r\n",
1220 		    s_client_config.starttls_proto == PROTO_SMTP ? 'E' : 'L');
1221 		(void) BIO_flush(fbio);
1222 		/* wait for multi-line response to end EHLO SMTP response */
1223 		do {
1224 			mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
1225 			if (strstr(mbuf, "STARTTLS"))
1226 				foundit = 1;
1227 		}
1228 		while (mbuf_len > 3 && mbuf[3] == '-');
1229 		(void) BIO_flush(fbio);
1230 		BIO_pop(fbio);
1231 		BIO_free(fbio);
1232 		if (!foundit)
1233 			BIO_printf(bio_err,
1234 			    "didn't find starttls in server response,"
1235 			    " try anyway...\n");
1236 		BIO_printf(sbio, "STARTTLS\r\n");
1237 		BIO_read(sbio, sbuf, BUFSIZZ);
1238 	} else if (s_client_config.starttls_proto == PROTO_POP3) {
1239 		mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ);
1240 		if (mbuf_len == -1) {
1241 			BIO_printf(bio_err, "BIO_read failed\n");
1242 			goto end;
1243 		}
1244 		BIO_printf(sbio, "STLS\r\n");
1245 		BIO_read(sbio, sbuf, BUFSIZZ);
1246 	} else if (s_client_config.starttls_proto == PROTO_IMAP) {
1247 		int foundit = 0;
1248 		BIO *fbio = BIO_new(BIO_f_buffer());
1249 		BIO_push(fbio, sbio);
1250 		BIO_gets(fbio, mbuf, BUFSIZZ);
1251 		/* STARTTLS command requires CAPABILITY... */
1252 		BIO_printf(fbio, ". CAPABILITY\r\n");
1253 		(void) BIO_flush(fbio);
1254 		/* wait for multi-line CAPABILITY response */
1255 		do {
1256 			mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
1257 			if (strstr(mbuf, "STARTTLS"))
1258 				foundit = 1;
1259 		}
1260 		while (mbuf_len > 3 && mbuf[0] != '.');
1261 		(void) BIO_flush(fbio);
1262 		BIO_pop(fbio);
1263 		BIO_free(fbio);
1264 		if (!foundit)
1265 			BIO_printf(bio_err,
1266 			    "didn't find STARTTLS in server response,"
1267 			    " try anyway...\n");
1268 		BIO_printf(sbio, ". STARTTLS\r\n");
1269 		BIO_read(sbio, sbuf, BUFSIZZ);
1270 	} else if (s_client_config.starttls_proto == PROTO_FTP) {
1271 		BIO *fbio = BIO_new(BIO_f_buffer());
1272 		BIO_push(fbio, sbio);
1273 		/* wait for multi-line response to end from FTP */
1274 		do {
1275 			mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
1276 		}
1277 		while (mbuf_len > 3 && mbuf[3] == '-');
1278 		(void) BIO_flush(fbio);
1279 		BIO_pop(fbio);
1280 		BIO_free(fbio);
1281 		BIO_printf(sbio, "AUTH TLS\r\n");
1282 		BIO_read(sbio, sbuf, BUFSIZZ);
1283 	} else if (s_client_config.starttls_proto == PROTO_XMPP) {
1284 		int seen = 0;
1285 		BIO_printf(sbio, "<stream:stream "
1286 		    "xmlns:stream='http://etherx.jabber.org/streams' "
1287 		    "xmlns='jabber:client' to='%s' version='1.0'>",
1288 		    s_client_config.xmpphost ?
1289 		    s_client_config.xmpphost : s_client_config.host);
1290 		seen = BIO_read(sbio, mbuf, BUFSIZZ);
1291 
1292 		if (seen <= 0)
1293 			goto shut;
1294 
1295 		mbuf[seen] = 0;
1296 		while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'") &&
1297 		       !strstr(mbuf, "<starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"")) {
1298 			seen = BIO_read(sbio, mbuf, BUFSIZZ);
1299 
1300 			if (seen <= 0)
1301 				goto shut;
1302 
1303 			mbuf[seen] = 0;
1304 		}
1305 		BIO_printf(sbio,
1306 		    "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
1307 		seen = BIO_read(sbio, sbuf, BUFSIZZ);
1308 		sbuf[seen] = 0;
1309 		if (!strstr(sbuf, "<proceed"))
1310 			goto shut;
1311 		mbuf[0] = 0;
1312 	} else if (s_client_config.proxy != NULL) {
1313 		BIO_printf(sbio, "CONNECT %s HTTP/1.0\r\n\r\n",
1314 		    s_client_config.connect);
1315 		mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ);
1316 		if (mbuf_len == -1) {
1317 			BIO_printf(bio_err, "BIO_read failed\n");
1318 			goto end;
1319 		}
1320 	}
1321 	for (;;) {
1322 		struct pollfd pfd[3];	/* stdin, stdout, socket */
1323 		int ptimeout = -1;
1324 
1325 		if (SSL_is_dtls(con) && DTLSv1_get_timeout(con, &timeout))
1326 			ptimeout = timeout.tv_sec * 1000 +
1327 			    timeout.tv_usec / 1000;
1328 
1329 		if (SSL_in_init(con) && !SSL_total_renegotiations(con)) {
1330 			in_init = 1;
1331 			tty_on = 0;
1332 		} else {
1333 			tty_on = 1;
1334 			if (in_init) {
1335 				in_init = 0;
1336 				if (s_client_config.sess_out) {
1337 					BIO *stmp = BIO_new_file(
1338 					    s_client_config.sess_out, "w");
1339 					if (stmp) {
1340 						PEM_write_bio_SSL_SESSION(stmp,
1341 						    SSL_get_session(con));
1342 						BIO_free(stmp);
1343 					} else
1344 						BIO_printf(bio_err,
1345 						    "Error writing session file %s\n",
1346 						    s_client_config.sess_out);
1347 				}
1348 				print_stuff(bio_c_out, con, full_log);
1349 				if (full_log > 0)
1350 					full_log--;
1351 
1352 				if (s_client_config.starttls_proto) {
1353 					BIO_write(bio_err, mbuf, mbuf_len);
1354 					/* We don't need to know any more */
1355 					s_client_config.starttls_proto = PROTO_OFF;
1356 				}
1357 				if (s_client_config.reconnect) {
1358 					s_client_config.reconnect--;
1359 					BIO_printf(bio_c_out,
1360 					    "drop connection and then reconnect\n");
1361 					SSL_shutdown(con);
1362 					SSL_set_connect_state(con);
1363 					shutdown(SSL_get_fd(con), SHUT_RD);
1364 					close(SSL_get_fd(con));
1365 					goto re_start;
1366 				}
1367 			}
1368 		}
1369 
1370 		ssl_pending = read_ssl && SSL_pending(con);
1371 
1372 		pfd[0].fd = -1;
1373 		pfd[1].fd = -1;
1374 		if (!ssl_pending) {
1375 			if (tty_on) {
1376 				if (read_tty) {
1377 					pfd[0].fd = fileno(stdin);
1378 					pfd[0].events = POLLIN;
1379 				}
1380 				if (write_tty) {
1381 					pfd[1].fd = fileno(stdout);
1382 					pfd[1].events = POLLOUT;
1383 				}
1384 			}
1385 
1386 			pfd[2].fd = SSL_get_fd(con);
1387 			pfd[2].events = 0;
1388 			if (read_ssl)
1389 				pfd[2].events |= POLLIN;
1390 			if (write_ssl)
1391 				pfd[2].events |= POLLOUT;
1392 
1393 /*			printf("mode tty(%d %d%d) ssl(%d%d)\n",
1394 				tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
1395 
1396 			i = poll(pfd, 3, ptimeout);
1397 			if (i == -1) {
1398 				BIO_printf(bio_err, "bad select %d\n",
1399 				    errno);
1400 				goto shut;
1401 				/* goto end; */
1402 			}
1403 		}
1404 		if (SSL_is_dtls(con) &&
1405 		    DTLSv1_handle_timeout(con) > 0)
1406 			BIO_printf(bio_err, "TIMEOUT occured\n");
1407 		if (!ssl_pending &&
1408 		    (pfd[2].revents & (POLLOUT|POLLERR|POLLNVAL))) {
1409 			if (pfd[2].revents & (POLLERR|POLLNVAL)) {
1410 				BIO_printf(bio_err, "poll error");
1411 				goto shut;
1412 			}
1413 			k = SSL_write(con, &(cbuf[cbuf_off]),
1414 			    (unsigned int) cbuf_len);
1415 			switch (SSL_get_error(con, k)) {
1416 			case SSL_ERROR_NONE:
1417 				cbuf_off += k;
1418 				cbuf_len -= k;
1419 				if (k <= 0)
1420 					goto end;
1421 				/* we have done a  write(con,NULL,0); */
1422 				if (cbuf_len <= 0) {
1423 					read_tty = 1;
1424 					write_ssl = 0;
1425 				} else {	/* if (cbuf_len > 0) */
1426 					read_tty = 0;
1427 					write_ssl = 1;
1428 				}
1429 				break;
1430 			case SSL_ERROR_WANT_WRITE:
1431 				BIO_printf(bio_c_out, "write W BLOCK\n");
1432 				write_ssl = 1;
1433 				read_tty = 0;
1434 				break;
1435 			case SSL_ERROR_WANT_READ:
1436 				BIO_printf(bio_c_out, "write R BLOCK\n");
1437 				write_tty = 0;
1438 				read_ssl = 1;
1439 				write_ssl = 0;
1440 				break;
1441 			case SSL_ERROR_WANT_X509_LOOKUP:
1442 				BIO_printf(bio_c_out, "write X BLOCK\n");
1443 				break;
1444 			case SSL_ERROR_ZERO_RETURN:
1445 				if (cbuf_len != 0) {
1446 					BIO_printf(bio_c_out, "shutdown\n");
1447 					ret = 0;
1448 					goto shut;
1449 				} else {
1450 					read_tty = 1;
1451 					write_ssl = 0;
1452 					break;
1453 				}
1454 
1455 			case SSL_ERROR_SYSCALL:
1456 				if ((k != 0) || (cbuf_len != 0)) {
1457 					BIO_printf(bio_err, "write:errno=%d\n",
1458 					    errno);
1459 					goto shut;
1460 				} else {
1461 					read_tty = 1;
1462 					write_ssl = 0;
1463 				}
1464 				break;
1465 			case SSL_ERROR_SSL:
1466 				ERR_print_errors(bio_err);
1467 				goto shut;
1468 			}
1469 		} else if (!ssl_pending &&
1470 		    (pfd[1].revents & (POLLOUT|POLLERR|POLLNVAL))) {
1471 			if (pfd[1].revents & (POLLERR|POLLNVAL)) {
1472 				BIO_printf(bio_err, "poll error");
1473 				goto shut;
1474 			}
1475 			i = write(fileno(stdout), &(sbuf[sbuf_off]), sbuf_len);
1476 
1477 			if (i <= 0) {
1478 				BIO_printf(bio_c_out, "DONE\n");
1479 				ret = 0;
1480 				goto shut;
1481 				/* goto end; */
1482 			}
1483 			sbuf_len -= i;
1484 			sbuf_off += i;
1485 			if (sbuf_len <= 0) {
1486 				read_ssl = 1;
1487 				write_tty = 0;
1488 			}
1489 		} else if (ssl_pending || (pfd[2].revents & (POLLIN|POLLHUP))) {
1490 #ifdef RENEG
1491 			{
1492 				static int iiii;
1493 				if (++iiii == 52) {
1494 					SSL_renegotiate(con);
1495 					iiii = 0;
1496 				}
1497 			}
1498 #endif
1499 			if (s_client_config.peekaboo) {
1500 				k = p = SSL_peek(con, pbuf, 1024 /* BUFSIZZ */ );
1501 				pending = SSL_pending(con);
1502 				if (SSL_get_error(con, p) == SSL_ERROR_NONE) {
1503 					if (p <= 0)
1504 						goto end;
1505 					pbuf_len = p;
1506 
1507 					k = SSL_read(con, sbuf, p);
1508 				}
1509 			} else {
1510 				k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ );
1511 			}
1512 
1513 			switch (SSL_get_error(con, k)) {
1514 			case SSL_ERROR_NONE:
1515 				if (k <= 0)
1516 					goto end;
1517 				sbuf_off = 0;
1518 				sbuf_len = k;
1519 				if (s_client_config.peekaboo) {
1520 					if (p != pending) {
1521 						ret = -1;
1522 						BIO_printf(bio_err,
1523 						    "peeked %d but pending %d!\n",
1524 						    p, pending);
1525 						goto shut;
1526 					}
1527 					if (k < p) {
1528 						ret = -1;
1529 						BIO_printf(bio_err,
1530 						    "read less than peek!\n");
1531 						goto shut;
1532 					}
1533 					if (p > 0 &&
1534 					    (memcmp(sbuf, pbuf, p) != 0)) {
1535 						ret = -1;
1536 						BIO_printf(bio_err,
1537 						    "peek of %d different from read of %d!\n",
1538 						    p, k);
1539 						goto shut;
1540 					}
1541 				}
1542 				read_ssl = 0;
1543 				write_tty = 1;
1544 				break;
1545 			case SSL_ERROR_WANT_WRITE:
1546 				BIO_printf(bio_c_out, "read W BLOCK\n");
1547 				write_ssl = 1;
1548 				read_tty = 0;
1549 				break;
1550 			case SSL_ERROR_WANT_READ:
1551 				BIO_printf(bio_c_out, "read R BLOCK\n");
1552 				write_tty = 0;
1553 				read_ssl = 1;
1554 				if ((read_tty == 0) && (write_ssl == 0))
1555 					write_ssl = 1;
1556 				break;
1557 			case SSL_ERROR_WANT_X509_LOOKUP:
1558 				BIO_printf(bio_c_out, "read X BLOCK\n");
1559 				break;
1560 			case SSL_ERROR_SYSCALL:
1561 				ret = errno;
1562 				BIO_printf(bio_err, "read:errno=%d\n", ret);
1563 				goto shut;
1564 			case SSL_ERROR_ZERO_RETURN:
1565 				BIO_printf(bio_c_out, "closed\n");
1566 				ret = 0;
1567 				goto shut;
1568 			case SSL_ERROR_SSL:
1569 				ERR_print_errors(bio_err);
1570 				goto shut;
1571 				/* break; */
1572 			}
1573 		} else if (pfd[0].revents) {
1574 			if (pfd[0].revents & (POLLERR|POLLNVAL)) {
1575 				BIO_printf(bio_err, "poll error");
1576 				goto shut;
1577 			}
1578 			if (s_client_config.crlf) {
1579 				int j, lf_num;
1580 
1581 				i = read(fileno(stdin), cbuf, BUFSIZZ / 2);
1582 				lf_num = 0;
1583 				/* both loops are skipped when i <= 0 */
1584 				for (j = 0; j < i; j++)
1585 					if (cbuf[j] == '\n')
1586 						lf_num++;
1587 				for (j = i - 1; j >= 0; j--) {
1588 					cbuf[j + lf_num] = cbuf[j];
1589 					if (cbuf[j] == '\n') {
1590 						lf_num--;
1591 						i++;
1592 						cbuf[j + lf_num] = '\r';
1593 					}
1594 				}
1595 				assert(lf_num == 0);
1596 			} else
1597 				i = read(fileno(stdin), cbuf, BUFSIZZ);
1598 
1599 			if ((!s_client_config.ign_eof) &&
1600 			    ((i <= 0) || (cbuf[0] == 'Q'))) {
1601 				BIO_printf(bio_err, "DONE\n");
1602 				ret = 0;
1603 				goto shut;
1604 			}
1605 			if ((!s_client_config.ign_eof) && (cbuf[0] == 'R')) {
1606 				BIO_printf(bio_err, "RENEGOTIATING\n");
1607 				SSL_renegotiate(con);
1608 				cbuf_len = 0;
1609 			} else {
1610 				cbuf_len = i;
1611 				cbuf_off = 0;
1612 			}
1613 
1614 			write_ssl = 1;
1615 			read_tty = 0;
1616 		}
1617 	}
1618 
1619 	ret = 0;
1620  shut:
1621 	if (in_init)
1622 		print_stuff(bio_c_out, con, full_log);
1623 	SSL_shutdown(con);
1624 	shutdown(SSL_get_fd(con), SHUT_RD);
1625 	close(SSL_get_fd(con));
1626  end:
1627 	if (con != NULL) {
1628 		if (s_client_config.prexit != 0)
1629 			print_stuff(bio_c_out, con, 1);
1630 		SSL_free(con);
1631 	}
1632 	SSL_CTX_free(ctx);
1633 	X509_free(cert);
1634 	EVP_PKEY_free(key);
1635 	free(pass);
1636 	X509_VERIFY_PARAM_free(s_client_config.vpm);
1637 	freezero(cbuf, BUFSIZZ);
1638 	freezero(sbuf, BUFSIZZ);
1639 	freezero(pbuf, BUFSIZZ);
1640 	freezero(mbuf, BUFSIZZ);
1641 	BIO_free(bio_c_out);
1642 
1643 	return (ret);
1644 }
1645 
1646 static void
1647 print_stuff(BIO *bio, SSL *s, int full)
1648 {
1649 	X509 *peer = NULL;
1650 	char *p;
1651 	static const char *space = "                ";
1652 	char buf[BUFSIZ];
1653 	STACK_OF(X509) *sk;
1654 	STACK_OF(X509_NAME) *sk2;
1655 	const SSL_CIPHER *c;
1656 	X509_NAME *xn;
1657 	int j, i;
1658 	unsigned char *exportedkeymat;
1659 
1660 	if (full) {
1661 		int got_a_chain = 0;
1662 
1663 		sk = SSL_get_peer_cert_chain(s);
1664 		if (sk != NULL) {
1665 			got_a_chain = 1;	/* we don't have it for SSL2
1666 						 * (yet) */
1667 
1668 			BIO_printf(bio, "---\nCertificate chain\n");
1669 			for (i = 0; i < sk_X509_num(sk); i++) {
1670 				X509_NAME_oneline(X509_get_subject_name(
1671 					sk_X509_value(sk, i)), buf, sizeof buf);
1672 				BIO_printf(bio, "%2d s:%s\n", i, buf);
1673 				X509_NAME_oneline(X509_get_issuer_name(
1674 					sk_X509_value(sk, i)), buf, sizeof buf);
1675 				BIO_printf(bio, "   i:%s\n", buf);
1676 				if (s_client_config.showcerts)
1677 					PEM_write_bio_X509(bio,
1678 					    sk_X509_value(sk, i));
1679 			}
1680 		}
1681 		BIO_printf(bio, "---\n");
1682 		peer = SSL_get_peer_certificate(s);
1683 		if (peer != NULL) {
1684 			BIO_printf(bio, "Server certificate\n");
1685 			if (!(s_client_config.showcerts && got_a_chain)) {
1686 				/* Redundant if we showed the whole chain */
1687 				PEM_write_bio_X509(bio, peer);
1688 			}
1689 			X509_NAME_oneline(X509_get_subject_name(peer),
1690 			    buf, sizeof buf);
1691 			BIO_printf(bio, "subject=%s\n", buf);
1692 			X509_NAME_oneline(X509_get_issuer_name(peer),
1693 			    buf, sizeof buf);
1694 			BIO_printf(bio, "issuer=%s\n", buf);
1695 		} else
1696 			BIO_printf(bio, "no peer certificate available\n");
1697 
1698 		sk2 = SSL_get_client_CA_list(s);
1699 		if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) {
1700 			BIO_printf(bio,
1701 			    "---\nAcceptable client certificate CA names\n");
1702 			for (i = 0; i < sk_X509_NAME_num(sk2); i++) {
1703 				xn = sk_X509_NAME_value(sk2, i);
1704 				X509_NAME_oneline(xn, buf, sizeof(buf));
1705 				BIO_write(bio, buf, strlen(buf));
1706 				BIO_write(bio, "\n", 1);
1707 			}
1708 		} else {
1709 			BIO_printf(bio,
1710 			    "---\nNo client certificate CA names sent\n");
1711 		}
1712 		p = SSL_get_shared_ciphers(s, buf, sizeof buf);
1713 		if (p != NULL) {
1714 			/*
1715 			 * This works only for SSL 2.  In later protocol
1716 			 * versions, the client does not know what other
1717 			 * ciphers (in addition to the one to be used in the
1718 			 * current connection) the server supports.
1719 			 */
1720 
1721 			BIO_printf(bio,
1722 			    "---\nCiphers common between both SSL endpoints:\n");
1723 			j = i = 0;
1724 			while (*p) {
1725 				if (*p == ':') {
1726 					BIO_write(bio, space, 15 - j % 25);
1727 					i++;
1728 					j = 0;
1729 					BIO_write(bio,
1730 					    ((i % 3) ? " " : "\n"), 1);
1731 				} else {
1732 					BIO_write(bio, p, 1);
1733 					j++;
1734 				}
1735 				p++;
1736 			}
1737 			BIO_write(bio, "\n", 1);
1738 		}
1739 
1740 		ssl_print_tmp_key(bio, s);
1741 
1742 		BIO_printf(bio,
1743 		    "---\nSSL handshake has read %ld bytes and written %ld bytes\n",
1744 		    BIO_number_read(SSL_get_rbio(s)),
1745 		    BIO_number_written(SSL_get_wbio(s)));
1746 	}
1747 	BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, "));
1748 	c = SSL_get_current_cipher(s);
1749 	BIO_printf(bio, "%s, Cipher is %s\n",
1750 	    SSL_CIPHER_get_version(c),
1751 	    SSL_CIPHER_get_name(c));
1752 	if (peer != NULL) {
1753 		EVP_PKEY *pktmp;
1754 		pktmp = X509_get_pubkey(peer);
1755 		BIO_printf(bio, "Server public key is %d bit\n",
1756 		    EVP_PKEY_bits(pktmp));
1757 		EVP_PKEY_free(pktmp);
1758 	}
1759 	BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
1760 	    SSL_get_secure_renegotiation_support(s) ? "" : " NOT");
1761 
1762 	/* Compression is not supported and will always be none. */
1763 	BIO_printf(bio, "Compression: NONE\n");
1764 	BIO_printf(bio, "Expansion: NONE\n");
1765 
1766 #ifdef SSL_DEBUG
1767 	{
1768 		/* Print out local port of connection: useful for debugging */
1769 		int sock;
1770 		struct sockaddr_in ladd;
1771 		socklen_t ladd_size = sizeof(ladd);
1772 		sock = SSL_get_fd(s);
1773 		getsockname(sock, (struct sockaddr *) & ladd, &ladd_size);
1774 		BIO_printf(bio, "LOCAL PORT is %u\n",
1775 		    ntohs(ladd.sin_port));
1776 	}
1777 #endif
1778 
1779 	{
1780 		const unsigned char *proto;
1781 		unsigned int proto_len;
1782 		SSL_get0_alpn_selected(s, &proto, &proto_len);
1783 		if (proto_len > 0) {
1784 			BIO_printf(bio, "ALPN protocol: ");
1785 			BIO_write(bio, proto, proto_len);
1786 			BIO_write(bio, "\n", 1);
1787 		} else
1788 			BIO_printf(bio, "No ALPN negotiated\n");
1789 	}
1790 
1791 #ifndef OPENSSL_NO_SRTP
1792 	{
1793 		SRTP_PROTECTION_PROFILE *srtp_profile;
1794 
1795 		srtp_profile = SSL_get_selected_srtp_profile(s);
1796 		if (srtp_profile)
1797 			BIO_printf(bio,
1798 			    "SRTP Extension negotiated, profile=%s\n",
1799 			    srtp_profile->name);
1800 	}
1801 #endif
1802 
1803 	SSL_SESSION_print(bio, SSL_get_session(s));
1804 	if (s_client_config.keymatexportlabel != NULL) {
1805 		BIO_printf(bio, "Keying material exporter:\n");
1806 		BIO_printf(bio, "    Label: '%s'\n",
1807 		    s_client_config.keymatexportlabel);
1808 		BIO_printf(bio, "    Length: %i bytes\n",
1809 		    s_client_config.keymatexportlen);
1810 		exportedkeymat = malloc(s_client_config.keymatexportlen);
1811 		if (exportedkeymat != NULL) {
1812 			if (!SSL_export_keying_material(s, exportedkeymat,
1813 				s_client_config.keymatexportlen,
1814 				s_client_config.keymatexportlabel,
1815 				strlen(s_client_config.keymatexportlabel),
1816 				NULL, 0, 0)) {
1817 				BIO_printf(bio, "    Error\n");
1818 			} else {
1819 				BIO_printf(bio, "    Keying material: ");
1820 				for (i = 0; i < s_client_config.keymatexportlen; i++)
1821 					BIO_printf(bio, "%02X",
1822 					    exportedkeymat[i]);
1823 				BIO_printf(bio, "\n");
1824 			}
1825 			free(exportedkeymat);
1826 		}
1827 	}
1828 	BIO_printf(bio, "---\n");
1829 	X509_free(peer);
1830 	/* flush, or debugging output gets mixed with http response */
1831 	(void) BIO_flush(bio);
1832 }
1833 
1834 static int
1835 ocsp_resp_cb(SSL *s, void *arg)
1836 {
1837 	const unsigned char *p;
1838 	int len;
1839 	OCSP_RESPONSE *rsp;
1840 	len = SSL_get_tlsext_status_ocsp_resp(s, &p);
1841 	BIO_puts(arg, "OCSP response: ");
1842 	if (!p) {
1843 		BIO_puts(arg, "no response sent\n");
1844 		return 1;
1845 	}
1846 	rsp = d2i_OCSP_RESPONSE(NULL, &p, len);
1847 	if (!rsp) {
1848 		BIO_puts(arg, "response parse error\n");
1849 		BIO_dump_indent(arg, (char *) p, len, 4);
1850 		return 0;
1851 	}
1852 	BIO_puts(arg, "\n======================================\n");
1853 	OCSP_RESPONSE_print(arg, rsp, 0);
1854 	BIO_puts(arg, "======================================\n");
1855 	OCSP_RESPONSE_free(rsp);
1856 	return 1;
1857 }
1858 
1859 static int
1860 ssl_servername_cb(SSL *s, int *ad, void *arg)
1861 {
1862 	tlsextctx *p = (tlsextctx *) arg;
1863 	const char *hn = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
1864 	if (SSL_get_servername_type(s) != -1)
1865 		p->ack = !SSL_session_reused(s) && hn != NULL;
1866 	else
1867 		BIO_printf(bio_err, "Can't use SSL_get_servername\n");
1868 
1869 	return SSL_TLSEXT_ERR_OK;
1870 }
1871 
1872