45 #define INVALID_SOCKET     (-1)
68 	for (p = si; p != NULL; p = p->ai_next) {  in host_bind()
76 		sa = (struct sockaddr *)p->ai_addr;  in host_bind()
77 		if (sa->sa_family == AF_INET) {  in host_bind()
85 		} else if (sa->sa_family == AF_INET6) {  in host_bind()
95 			sa_len = p->ai_addrlen;  in host_bind()
101 				if (!inet_ntop(p->ai_family, addr,  in host_bind()
108 					(int)sa->sa_family);  in host_bind()
112 		fd = socket(p->ai_family, p->ai_socktype, p->ai_protocol);  in host_bind()
119 		opt = 1;  in host_bind()
188 		switch (((struct sockaddr *)&sa)->sa_family) {  in accept_client()
191 				&((struct sockaddr_in *)&sa)->sin_addr,  in accept_client()
196 				&((struct sockaddr_in6 *)&sa)->sin6_addr,  in accept_client()
202 				((struct sockaddr *)&sa)->sa_family);  in accept_client()
209 	 * We make the socket non-blocking, since we are going to use  in accept_client()
216 		arg = 1;  in accept_client()
233 "   -q              suppress verbose messages\n");  in usage_server()
235 "   -trace          activate extra debug messages (dump of all packets)\n");  in usage_server()
237 "   -b name         bind to a specific address or host name\n");  in usage_server()
239 "   -p port         bind to a specific port (default: 4433)\n");  in usage_server()
241 "   -mono           use monodirectional buffering\n");  in usage_server()
243 "   -buf length     set the I/O buffer length (in bytes)\n");  in usage_server()
245 "   -cache length   set the session cache storage length (in bytes)\n");  in usage_server()
247 "   -cert fname     read certificate chain from file 'fname'\n");  in usage_server()
249 "   -key fname      read private key from file 'fname'\n");  in usage_server()
251 "   -CA file        add trust anchors from 'file' (for client auth)\n");  in usage_server()
253 "   -anon_ok        request but do not require a client certificate\n");  in usage_server()
255 "   -list           list supported names (protocols, algorithms...)\n");  in usage_server()
257 "   -vmin name      set minimum supported version (default: TLS-1.0)\n");  in usage_server()
259 "   -vmax name      set maximum supported version (default: TLS-1.2)\n");  in usage_server()
261 "   -cs names       set list of supported cipher suites (comma-separated)\n");  in usage_server()
263 "   -hf names       add support for some hash functions (comma-separated)\n");  in usage_server()
265 "   -cbhash         test hashing in policy callback\n");  in usage_server()
267 "   -serverpref     enforce server's preferences for cipher suites\n");  in usage_server()
269 "   -noreneg        prohibit renegotiations\n");  in usage_server()
271 "   -alpn name      add protocol name to list of protocols (ALPN extension)\n");  in usage_server()
273 "   -strictalpn     fail on ALPN mismatch\n");  in usage_server()
293 		if ((chashes >> i) & 1) {  in print_hashes()
302 				z = 1;  in print_hashes()
315 	for (hash_id = 6; hash_id >= 2; hash_id --) {  in choose_hash()
316 		if (((chashes >> hash_id) & 1) != 0) {  in choose_hash()
339 	if (pc->verbose) {  in sp_choose()
342 		switch (cc->client_max_version) {  in sp_choose()
357 				(unsigned)cc->client_max_version);  in sp_choose()
383 		tt = st[u][1];  in sp_choose()
386 			if (pc->sk->key_type == BR_KEYTYPE_RSA) {  in sp_choose()
387 				choices->cipher_suite = st[u][0];  in sp_choose()
392 			if (pc->sk->key_type == BR_KEYTYPE_RSA) {  in sp_choose()
393 				choices->cipher_suite = st[u][0];  in sp_choose()
394 				if (br_ssl_engine_get_version(&cc->eng)  in sp_choose()
397 					if (pc->cbhash) {  in sp_choose()
398 						choices->algo_id = 0x0001;  in sp_choose()
400 						choices->algo_id = 0xFF00;  in sp_choose()
406 					if (pc->cbhash) {  in sp_choose()
407 						choices->algo_id =  in sp_choose()
410 						choices->algo_id = 0xFF00 + id;  in sp_choose()
417 			if (pc->sk->key_type == BR_KEYTYPE_EC) {  in sp_choose()
418 				choices->cipher_suite = st[u][0];  in sp_choose()
419 				if (br_ssl_engine_get_version(&cc->eng)  in sp_choose()
422 					if (pc->cbhash) {  in sp_choose()
423 						choices->algo_id = 0x0203;  in sp_choose()
425 						choices->algo_id =  in sp_choose()
432 					if (pc->cbhash) {  in sp_choose()
433 						choices->algo_id =  in sp_choose()
436 						choices->algo_id =  in sp_choose()
444 			if (pc->sk->key_type == BR_KEYTYPE_EC  in sp_choose()
445 				&& pc->cert_signer_algo == BR_KEYTYPE_RSA)  in sp_choose()
447 				choices->cipher_suite = st[u][0];  in sp_choose()
452 			if (pc->sk->key_type == BR_KEYTYPE_EC  in sp_choose()
453 				&& pc->cert_signer_algo == BR_KEYTYPE_EC)  in sp_choose()
455 				choices->cipher_suite = st[u][0];  in sp_choose()
464 	choices->chain = pc->chain;  in sp_choose()
465 	choices->chain_len = pc->chain_len;  in sp_choose()
466 	if (pc->verbose) {  in sp_choose()
469 		get_suite_name_ext(choices->cipher_suite, csn, sizeof csn);  in sp_choose()
472 	return 1;  in sp_choose()
484 	switch (pc->sk->key_type) {  in sp_do_keyx()
490 			&pc->sk->key.rsa, data, *len);  in sp_do_keyx()
493 		r = iec->mul(data, *len, pc->sk->key.ec.x,  in sp_do_keyx()
494 			pc->sk->key.ec.xlen, pc->sk->key.ec.curve);  in sp_do_keyx()
495 		xoff = iec->xoff(pc->sk->key.ec.curve, &xlen);  in sp_do_keyx()
501 			(int)pc->sk->key_type);  in sp_do_keyx()
521 		if (pc->verbose) {  in sp_do_sign()
529 			if (pc->verbose) {  in sp_do_sign()
536 		hc->init(&zc.vtable);  in sp_do_sign()
537 		hc->update(&zc.vtable, data, hv_len);  in sp_do_sign()
538 		hc->out(&zc.vtable, hv);  in sp_do_sign()
539 		hv_len = (hc->desc >> BR_HASHDESC_OUT_OFF)  in sp_do_sign()
542 	switch (pc->sk->key_type) {  in sp_do_sign()
551 			if (pc->verbose) {  in sp_do_sign()
552 				fprintf(stderr, "ERROR: cannot RSA-sign with"  in sp_do_sign()
558 		sig_len = (pc->sk->key.rsa.n_bitlen + 7) >> 3;  in sp_do_sign()
560 			if (pc->verbose) {  in sp_do_sign()
561 				fprintf(stderr, "ERROR: cannot RSA-sign,"  in sp_do_sign()
570 			hash_oid, hv, hv_len, &pc->sk->key.rsa, data);  in sp_do_sign()
572 			if (pc->verbose) {  in sp_do_sign()
573 				fprintf(stderr, "ERROR: RSA-sign failure\n");  in sp_do_sign()
582 			if (pc->verbose) {  in sp_do_sign()
583 				fprintf(stderr, "ERROR: cannot ECDSA-sign with"  in sp_do_sign()
590 			if (pc->verbose) {  in sp_do_sign()
591 				fprintf(stderr, "ERROR: cannot ECDSA-sign"  in sp_do_sign()
598 			br_ec_get_default(), hc, hv, &pc->sk->key.ec, data);  in sp_do_sign()
600 			if (pc->verbose) {  in sp_do_sign()
601 				fprintf(stderr, "ERROR: ECDSA-sign failure\n");  in sp_do_sign()
659 	verbose = 1;  in do_server()
663 	bidi = 1;  in do_server()
677 	cache_len = (size_t)-1;  in do_server()
685 		if (arg[0] != '-') {  in do_server()
689 		if (eqstr(arg, "-v") || eqstr(arg, "-verbose")) {  in do_server()
690 			verbose = 1;  in do_server()
691 		} else if (eqstr(arg, "-q") || eqstr(arg, "-quiet")) {  in do_server()
693 		} else if (eqstr(arg, "-trace")) {  in do_server()
694 			trace = 1;  in do_server()
695 		} else if (eqstr(arg, "-b")) {  in do_server()
698 					"ERROR: no argument for '-b'\n");  in do_server()
708 		} else if (eqstr(arg, "-p")) {  in do_server()
711 					"ERROR: no argument for '-p'\n");  in do_server()
721 		} else if (eqstr(arg, "-mono")) {  in do_server()
723 		} else if (eqstr(arg, "-buf")) {  in do_server()
726 					"ERROR: no argument for '-buf'\n");  in do_server()
738 			if (iobuf_len == (size_t)-1) {  in do_server()
742 		} else if (eqstr(arg, "-cache")) {  in do_server()
745 					"ERROR: no argument for '-cache'\n");  in do_server()
750 			if (cache_len != (size_t)-1) {  in do_server()
757 			if (cache_len == (size_t)-1) {  in do_server()
761 		} else if (eqstr(arg, "-cert")) {  in do_server()
764 					"ERROR: no argument for '-cert'\n");  in do_server()
779 		} else if (eqstr(arg, "-key")) {  in do_server()
782 					"ERROR: no argument for '-key'\n");  in do_server()
797 		} else if (eqstr(arg, "-CA")) {  in do_server()
800 					"ERROR: no argument for '-CA'\n");  in do_server()
809 		} else if (eqstr(arg, "-anon_ok")) {  in do_server()
811 		} else if (eqstr(arg, "-list")) {  in do_server()
814 		} else if (eqstr(arg, "-vmin")) {  in do_server()
817 					"ERROR: no argument for '-vmin'\n");  in do_server()
836 		} else if (eqstr(arg, "-vmax")) {  in do_server()
839 					"ERROR: no argument for '-vmax'\n");  in do_server()
858 		} else if (eqstr(arg, "-cs")) {  in do_server()
861 					"ERROR: no argument for '-cs'\n");  in do_server()
877 		} else if (eqstr(arg, "-hf")) {  in do_server()
882 					"ERROR: no argument for '-hf'\n");  in do_server()
893 		} else if (eqstr(arg, "-cbhash")) {  in do_server()
894 			cbhash = 1;  in do_server()
895 		} else if (eqstr(arg, "-serverpref")) {  in do_server()
897 		} else if (eqstr(arg, "-noreneg")) {  in do_server()
899 		} else if (eqstr(arg, "-alpn")) {  in do_server()
902 					"ERROR: no argument for '-alpn'\n");  in do_server()
907 		} else if (eqstr(arg, "-strictalpn")) {  in do_server()
951 		hfuns = (unsigned)-1;  in do_server()
961 	switch (sk->key_type) {  in do_server()
968 		curve = sk->key.ec.curve;  in do_server()
969 		supp = br_ec_get_default()->supported_curves;  in do_server()
970 		if (curve > 31 || !((supp >> curve) & 1)) {  in do_server()
978 			sk->key_type);  in do_server()
1006 	if (cache_len == (size_t)-1) {  in do_server()
1016 	br_ssl_engine_set_versions(&cc.eng, vmin, vmax);  in do_server()
1017 	br_ssl_engine_set_all_flags(&cc.eng, flags);  in do_server()
1019 		if (!(hfuns & (1 << br_md5_ID))) {  in do_server()
1023 		if (!(hfuns & (1 << br_sha1_ID))) {  in do_server()
1024 			fprintf(stderr, "ERROR: TLS 1.0 and 1.1 need SHA-1\n");  in do_server()
1039 		if ((req & REQ_SHA1) != 0 && !(hfuns & (1 << br_sha1_ID))) {  in do_server()
1041 				"ERROR: cipher suite %s requires SHA-1\n",  in do_server()
1045 		if ((req & REQ_SHA256) != 0 && !(hfuns & (1 << br_sha256_ID))) {  in do_server()
1047 				"ERROR: cipher suite %s requires SHA-256\n",  in do_server()
1051 		if ((req & REQ_SHA384) != 0 && !(hfuns & (1 << br_sha384_ID))) {  in do_server()
1053 				"ERROR: cipher suite %s requires SHA-384\n",  in do_server()
1059 			br_ssl_engine_set_default_aes_cbc(&cc.eng);  in do_server()
1062 			br_ssl_engine_set_default_aes_ccm(&cc.eng);  in do_server()
1065 			br_ssl_engine_set_default_aes_gcm(&cc.eng);  in do_server()
1068 			br_ssl_engine_set_default_chapol(&cc.eng);  in do_server()
1071 			br_ssl_engine_set_default_des_cbc(&cc.eng);  in do_server()
1074 			br_ssl_engine_set_default_ec(&cc.eng);  in do_server()
1077 	br_ssl_engine_set_suites(&cc.eng, suite_ids, num_suites);  in do_server()
1085 		id = (hc->desc >> BR_HASHDESC_ID_OFF) & BR_HASHDESC_ID_MASK;  in do_server()
1086 		if ((hfuns & ((unsigned)1 << id)) != 0) {  in do_server()
1088 			br_ssl_engine_set_hash(&cc.eng, id, hc);  in do_server()
1092 		br_ssl_engine_set_prf10(&cc.eng, &br_tls10_prf);  in do_server()
1095 		if ((hfuns & ((unsigned)1 << br_sha256_ID)) != 0) {  in do_server()
1096 			br_ssl_engine_set_prf_sha256(&cc.eng,  in do_server()
1099 		if ((hfuns & ((unsigned)1 << br_sha384_ID)) != 0) {  in do_server()
1100 			br_ssl_engine_set_prf_sha384(&cc.eng,  in do_server()
1109 		br_ssl_engine_set_protocol_names(&cc.eng,  in do_server()
1141 			id = (hc->desc >> BR_HASHDESC_ID_OFF)  in do_server()
1143 			if ((hfuns & ((unsigned)1 << id)) != 0) {  in do_server()
1147 		br_ssl_engine_set_default_rsavrfy(&cc.eng);  in do_server()
1148 		br_ssl_engine_set_default_ecdsa(&cc.eng);  in do_server()
1152 		br_ssl_engine_set_x509(&cc.eng, &xc.vtable);  in do_server()
1157 	br_ssl_engine_set_buffer(&cc.eng, iobuf, iobuf_len, bidi);  in do_server()
1185 		fd = accept_client(server_fd, verbose, 1);  in do_server()
1192 		x = run_ssl_engine(&cc.eng, fd, run_flags);  in do_server()
1199 		if (x < -1) {  in do_server()
1233 	retcode = -1;  in do_server()