xref: /freebsd/crypto/openssl/apps/s_client.c (revision ec273ebf3b6aed5fba8c56b6ece5ad8693a48ea7)
1 /* apps/s_client.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer.
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2005 Nokia. All rights reserved.
113  *
114  * The portions of the attached software ("Contribution") is developed by
115  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
116  * license.
117  *
118  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
119  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
120  * support (see RFC 4279) to OpenSSL.
121  *
122  * No patent licenses or other rights except those expressly stated in
123  * the OpenSSL open source license shall be deemed granted or received
124  * expressly, by implication, estoppel, or otherwise.
125  *
126  * No assurances are provided by Nokia that the Contribution does not
127  * infringe the patent or other intellectual property rights of any third
128  * party or that the license provides you with all the necessary rights
129  * to make use of the Contribution.
130  *
131  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
132  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
133  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
134  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
135  * OTHERWISE.
136  */
137 
138 #include <assert.h>
139 #include <ctype.h>
140 #include <stdio.h>
141 #include <stdlib.h>
142 #include <string.h>
143 #include <openssl/e_os2.h>
144 #ifdef OPENSSL_NO_STDIO
145 #define APPS_WIN16
146 #endif
147 
148 /* With IPv6, it looks like Digital has mixed up the proper order of
149    recursive header file inclusion, resulting in the compiler complaining
150    that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
151    is needed to have fileno() declared correctly...  So let's define u_int */
152 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
153 #define __U_INT
154 typedef unsigned int u_int;
155 #endif
156 
157 #define USE_SOCKETS
158 #include "apps.h"
159 #include <openssl/x509.h>
160 #include <openssl/ssl.h>
161 #include <openssl/err.h>
162 #include <openssl/pem.h>
163 #include <openssl/rand.h>
164 #include <openssl/ocsp.h>
165 #include <openssl/bn.h>
166 #ifndef OPENSSL_NO_SRP
167 #include <openssl/srp.h>
168 #endif
169 #include "s_apps.h"
170 #include "timeouts.h"
171 
172 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
173 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
174 #undef FIONBIO
175 #endif
176 
177 #if defined(OPENSSL_SYS_BEOS_R5)
178 #include <fcntl.h>
179 #endif
180 
181 #undef PROG
182 #define PROG	s_client_main
183 
184 /*#define SSL_HOST_NAME	"www.netscape.com" */
185 /*#define SSL_HOST_NAME	"193.118.187.102" */
186 #define SSL_HOST_NAME	"localhost"
187 
188 /*#define TEST_CERT "client.pem" */ /* no default cert. */
189 
190 #undef BUFSIZZ
191 #define BUFSIZZ 1024*8
192 
193 extern int verify_depth;
194 extern int verify_error;
195 extern int verify_return_error;
196 
197 #ifdef FIONBIO
198 static int c_nbio=0;
199 #endif
200 static int c_Pause=0;
201 static int c_debug=0;
202 #ifndef OPENSSL_NO_TLSEXT
203 static int c_tlsextdebug=0;
204 static int c_status_req=0;
205 #endif
206 static int c_msg=0;
207 static int c_showcerts=0;
208 
209 static char *keymatexportlabel=NULL;
210 static int keymatexportlen=20;
211 
212 static void sc_usage(void);
213 static void print_stuff(BIO *berr,SSL *con,int full);
214 #ifndef OPENSSL_NO_TLSEXT
215 static int ocsp_resp_cb(SSL *s, void *arg);
216 #endif
217 static BIO *bio_c_out=NULL;
218 static int c_quiet=0;
219 static int c_ign_eof=0;
220 
221 #ifndef OPENSSL_NO_PSK
222 /* Default PSK identity and key */
223 static char *psk_identity="Client_identity";
224 /*char *psk_key=NULL;  by default PSK is not used */
225 
226 static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
227 	unsigned int max_identity_len, unsigned char *psk,
228 	unsigned int max_psk_len)
229 	{
230 	unsigned int psk_len = 0;
231 	int ret;
232         BIGNUM *bn=NULL;
233 
234 	if (c_debug)
235 		BIO_printf(bio_c_out, "psk_client_cb\n");
236 	if (!hint)
237                 {
238                 /* no ServerKeyExchange message*/
239 		if (c_debug)
240 			BIO_printf(bio_c_out,"NULL received PSK identity hint, continuing anyway\n");
241                 }
242         else if (c_debug)
243 		BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint);
244 
245 	/* lookup PSK identity and PSK key based on the given identity hint here */
246 	ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity);
247 	if (ret < 0 || (unsigned int)ret > max_identity_len)
248 		goto out_err;
249 	if (c_debug)
250 		BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity, ret);
251         ret=BN_hex2bn(&bn, psk_key);
252         if (!ret)
253                 {
254                 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key);
255                 if (bn)
256                         BN_free(bn);
257                 return 0;
258                 }
259 
260         if ((unsigned int)BN_num_bytes(bn) > max_psk_len)
261                 {
262                 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
263                         max_psk_len, BN_num_bytes(bn));
264                 BN_free(bn);
265                 return 0;
266                 }
267 
268         psk_len=BN_bn2bin(bn, psk);
269         BN_free(bn);
270         if (psk_len == 0)
271                 goto out_err;
272 
273 	if (c_debug)
274 		BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len);
275 
276         return psk_len;
277  out_err:
278 	if (c_debug)
279 		BIO_printf(bio_err, "Error in PSK client callback\n");
280         return 0;
281 	}
282 #endif
283 
284 static void sc_usage(void)
285 	{
286 	BIO_printf(bio_err,"usage: s_client args\n");
287 	BIO_printf(bio_err,"\n");
288 	BIO_printf(bio_err," -host host     - use -connect instead\n");
289 	BIO_printf(bio_err," -port port     - use -connect instead\n");
290 	BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
291 
292 	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");
293 	BIO_printf(bio_err," -verify_return_error - return verification errors\n");
294 	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");
295 	BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
296 	BIO_printf(bio_err," -key arg      - Private key file to use, in cert file if\n");
297 	BIO_printf(bio_err,"                 not specified but cert file is.\n");
298 	BIO_printf(bio_err," -keyform arg  - key format (PEM or DER) PEM default\n");
299 	BIO_printf(bio_err," -pass arg     - private key file pass phrase source\n");
300 	BIO_printf(bio_err," -CApath arg   - PEM format directory of CA's\n");
301 	BIO_printf(bio_err," -CAfile arg   - PEM format file of CA's\n");
302 	BIO_printf(bio_err," -reconnect    - Drop and re-make the connection with the same Session-ID\n");
303 	BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
304 	BIO_printf(bio_err," -prexit       - print session information even on connection failure\n");
305 	BIO_printf(bio_err," -showcerts    - show all certificates in the chain\n");
306 	BIO_printf(bio_err," -debug        - extra output\n");
307 #ifdef WATT32
308 	BIO_printf(bio_err," -wdebug       - WATT-32 tcp debugging\n");
309 #endif
310 	BIO_printf(bio_err," -msg          - Show protocol messages\n");
311 	BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
312 	BIO_printf(bio_err," -state        - print the 'ssl' states\n");
313 #ifdef FIONBIO
314 	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
315 #endif
316 	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
317 	BIO_printf(bio_err," -quiet        - no s_client output\n");
318 	BIO_printf(bio_err," -ign_eof      - ignore input eof (default when -quiet)\n");
319 	BIO_printf(bio_err," -no_ign_eof   - don't ignore input eof\n");
320 #ifndef OPENSSL_NO_PSK
321 	BIO_printf(bio_err," -psk_identity arg - PSK identity\n");
322 	BIO_printf(bio_err," -psk arg      - PSK in hex (without 0x)\n");
323 # ifndef OPENSSL_NO_JPAKE
324 	BIO_printf(bio_err," -jpake arg    - JPAKE secret to use\n");
325 # endif
326 #endif
327 #ifndef OPENSSL_NO_SRP
328 	BIO_printf(bio_err," -srpuser user     - SRP authentification for 'user'\n");
329 	BIO_printf(bio_err," -srppass arg      - password for 'user'\n");
330 	BIO_printf(bio_err," -srp_lateuser     - SRP username into second ClientHello message\n");
331 	BIO_printf(bio_err," -srp_moregroups   - Tolerate other than the known g N values.\n");
332 	BIO_printf(bio_err," -srp_strength int - minimal length in bits for N (default %d).\n",SRP_MINIMAL_N);
333 #endif
334 	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
335 #ifndef OPENSSL_NO_SSL3_METHOD
336 	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
337 #endif
338 	BIO_printf(bio_err," -tls1_2       - just use TLSv1.2\n");
339 	BIO_printf(bio_err," -tls1_1       - just use TLSv1.1\n");
340 	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
341 	BIO_printf(bio_err," -dtls1        - just use DTLSv1\n");
342 	BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n");
343 	BIO_printf(bio_err," -mtu          - set the link layer MTU\n");
344 	BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
345 	BIO_printf(bio_err," -bugs         - Switch on all SSL implementation bug workarounds\n");
346 	BIO_printf(bio_err," -serverpref   - Use server's cipher preferences (only SSLv2)\n");
347 	BIO_printf(bio_err," -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
348 	BIO_printf(bio_err,"                 command to see what is available\n");
349 	BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
350 	BIO_printf(bio_err,"                 for those protocols that support it, where\n");
351 	BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
352 	BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
353 	BIO_printf(bio_err,"                 are supported.\n");
354 #ifndef OPENSSL_NO_ENGINE
355 	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
356 #endif
357 	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
358 	BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n");
359 	BIO_printf(bio_err," -sess_in arg  - file to read SSL session from\n");
360 #ifndef OPENSSL_NO_TLSEXT
361 	BIO_printf(bio_err," -servername host  - Set TLS extension servername in ClientHello\n");
362 	BIO_printf(bio_err," -tlsextdebug      - hex dump of all TLS extensions received\n");
363 	BIO_printf(bio_err," -status           - request certificate status from server\n");
364 	BIO_printf(bio_err," -no_ticket        - disable use of RFC4507bis session tickets\n");
365 # ifndef OPENSSL_NO_NEXTPROTONEG
366 	BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
367 # endif
368 #endif
369 	BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
370 #ifndef OPENSSL_NO_SRTP
371 	BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
372 #endif
373  	BIO_printf(bio_err," -keymatexport label   - Export keying material using label\n");
374  	BIO_printf(bio_err," -keymatexportlen len  - Export len bytes of keying material (default 20)\n");
375 	}
376 
377 #ifndef OPENSSL_NO_TLSEXT
378 
379 /* This is a context that we pass to callbacks */
380 typedef struct tlsextctx_st {
381    BIO * biodebug;
382    int ack;
383 } tlsextctx;
384 
385 
386 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
387 	{
388 	tlsextctx * p = (tlsextctx *) arg;
389 	const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
390 	if (SSL_get_servername_type(s) != -1)
391  	        p->ack = !SSL_session_reused(s) && hn != NULL;
392 	else
393 		BIO_printf(bio_err,"Can't use SSL_get_servername\n");
394 
395 	return SSL_TLSEXT_ERR_OK;
396 	}
397 
398 #ifndef OPENSSL_NO_SRP
399 
400 /* This is a context that we pass to all callbacks */
401 typedef struct srp_arg_st
402 	{
403 	char *srppassin;
404 	char *srplogin;
405 	int msg;   /* copy from c_msg */
406 	int debug; /* copy from c_debug */
407 	int amp;   /* allow more groups */
408 	int strength /* minimal size for N */ ;
409 	} SRP_ARG;
410 
411 #define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
412 
413 static int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g)
414 	{
415 	BN_CTX *bn_ctx = BN_CTX_new();
416 	BIGNUM *p = BN_new();
417 	BIGNUM *r = BN_new();
418 	int ret =
419 		g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) &&
420 		BN_is_prime_ex(N, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
421 		p != NULL && BN_rshift1(p, N) &&
422 
423 		/* p = (N-1)/2 */
424 		BN_is_prime_ex(p, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
425 		r != NULL &&
426 
427 		/* verify g^((N-1)/2) == -1 (mod N) */
428 		BN_mod_exp(r, g, p, N, bn_ctx) &&
429 		BN_add_word(r, 1) &&
430 		BN_cmp(r, N) == 0;
431 
432 	if(r)
433 		BN_free(r);
434 	if(p)
435 		BN_free(p);
436 	if(bn_ctx)
437 		BN_CTX_free(bn_ctx);
438 	return ret;
439 	}
440 
441 /* This callback is used here for two purposes:
442    - extended debugging
443    - making some primality tests for unknown groups
444    The callback is only called for a non default group.
445 
446    An application does not need the call back at all if
447    only the stanard groups are used.  In real life situations,
448    client and server already share well known groups,
449    thus there is no need to verify them.
450    Furthermore, in case that a server actually proposes a group that
451    is not one of those defined in RFC 5054, it is more appropriate
452    to add the group to a static list and then compare since
453    primality tests are rather cpu consuming.
454 */
455 
456 static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
457 	{
458 	SRP_ARG *srp_arg = (SRP_ARG *)arg;
459 	BIGNUM *N = NULL, *g = NULL;
460 	if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s)))
461 		return 0;
462 	if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1)
463 		{
464     		BIO_printf(bio_err, "SRP parameters:\n");
465 		BIO_printf(bio_err,"\tN="); BN_print(bio_err,N);
466 		BIO_printf(bio_err,"\n\tg="); BN_print(bio_err,g);
467 		BIO_printf(bio_err,"\n");
468 		}
469 
470 	if (SRP_check_known_gN_param(g,N))
471 		return 1;
472 
473 	if (srp_arg->amp == 1)
474 		{
475 		if (srp_arg->debug)
476 			BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n");
477 
478 /* The srp_moregroups is a real debugging feature.
479    Implementors should rather add the value to the known ones.
480    The minimal size has already been tested.
481 */
482 		if (BN_num_bits(g) <= BN_BITS && srp_Verify_N_and_g(N,g))
483 			return 1;
484 		}
485 	BIO_printf(bio_err, "SRP param N and g rejected.\n");
486 	return 0;
487 	}
488 
489 #define PWD_STRLEN 1024
490 
491 static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
492 	{
493 	SRP_ARG *srp_arg = (SRP_ARG *)arg;
494 	char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1);
495 	PW_CB_DATA cb_tmp;
496 	int l;
497 
498 	cb_tmp.password = (char *)srp_arg->srppassin;
499 	cb_tmp.prompt_info = "SRP user";
500 	if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp))<0)
501 		{
502 		BIO_printf (bio_err, "Can't read Password\n");
503 		OPENSSL_free(pass);
504 		return NULL;
505 		}
506 	*(pass+l)= '\0';
507 
508 	return pass;
509 	}
510 
511 #endif
512 #ifndef OPENSSL_NO_SRTP
513 	char *srtp_profiles = NULL;
514 #endif
515 
516 # ifndef OPENSSL_NO_NEXTPROTONEG
517 /* This the context that we pass to next_proto_cb */
518 typedef struct tlsextnextprotoctx_st {
519 	unsigned char *data;
520 	unsigned short len;
521 	int status;
522 } tlsextnextprotoctx;
523 
524 static tlsextnextprotoctx next_proto;
525 
526 static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
527 	{
528 	tlsextnextprotoctx *ctx = arg;
529 
530 	if (!c_quiet)
531 		{
532 		/* We can assume that |in| is syntactically valid. */
533 		unsigned i;
534 		BIO_printf(bio_c_out, "Protocols advertised by server: ");
535 		for (i = 0; i < inlen; )
536 			{
537 			if (i)
538 				BIO_write(bio_c_out, ", ", 2);
539 			BIO_write(bio_c_out, &in[i + 1], in[i]);
540 			i += in[i] + 1;
541 			}
542 		BIO_write(bio_c_out, "\n", 1);
543 		}
544 
545 	ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
546 	return SSL_TLSEXT_ERR_OK;
547 	}
548 # endif  /* ndef OPENSSL_NO_NEXTPROTONEG */
549 #endif
550 
551 enum
552 {
553 	PROTO_OFF	= 0,
554 	PROTO_SMTP,
555 	PROTO_POP3,
556 	PROTO_IMAP,
557 	PROTO_FTP,
558 	PROTO_XMPP
559 };
560 
561 int MAIN(int, char **);
562 
563 int MAIN(int argc, char **argv)
564 	{
565 	unsigned int off=0, clr=0;
566 	SSL *con=NULL;
567 #ifndef OPENSSL_NO_KRB5
568 	KSSL_CTX *kctx;
569 #endif
570 	int s,k,width,state=0;
571 	char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
572 	int cbuf_len,cbuf_off;
573 	int sbuf_len,sbuf_off;
574 	fd_set readfds,writefds;
575 	short port=PORT;
576 	int full_log=1;
577 	char *host=SSL_HOST_NAME;
578 	char *cert_file=NULL,*key_file=NULL;
579 	int cert_format = FORMAT_PEM, key_format = FORMAT_PEM;
580 	char *passarg = NULL, *pass = NULL;
581 	X509 *cert = NULL;
582 	EVP_PKEY *key = NULL;
583 	char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
584 	int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
585 	int crlf=0;
586 	int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
587 	SSL_CTX *ctx=NULL;
588 	int ret=1,in_init=1,i,nbio_test=0;
589 	int starttls_proto = PROTO_OFF;
590 	int prexit = 0;
591 	X509_VERIFY_PARAM *vpm = NULL;
592 	int badarg = 0;
593 	const SSL_METHOD *meth=NULL;
594 	int socket_type=SOCK_STREAM;
595 	BIO *sbio;
596 	char *inrand=NULL;
597 	int mbuf_len=0;
598 	struct timeval timeout, *timeoutp;
599 #ifndef OPENSSL_NO_ENGINE
600 	char *engine_id=NULL;
601 	char *ssl_client_engine_id=NULL;
602 	ENGINE *ssl_client_engine=NULL;
603 #endif
604 	ENGINE *e=NULL;
605 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
606 	struct timeval tv;
607 #if defined(OPENSSL_SYS_BEOS_R5)
608 	int stdin_set = 0;
609 #endif
610 #endif
611 #ifndef OPENSSL_NO_TLSEXT
612 	char *servername = NULL;
613         tlsextctx tlsextcbp =
614         {NULL,0};
615 # ifndef OPENSSL_NO_NEXTPROTONEG
616 	const char *next_proto_neg_in = NULL;
617 # endif
618 #endif
619 	char *sess_in = NULL;
620 	char *sess_out = NULL;
621 	struct sockaddr peer;
622 	int peerlen = sizeof(peer);
623 	int fallback_scsv = 0;
624 	int enable_timeouts = 0 ;
625 	long socket_mtu = 0;
626 #ifndef OPENSSL_NO_JPAKE
627 	char *jpake_secret = NULL;
628 #endif
629 #ifndef OPENSSL_NO_SRP
630 	char * srppass = NULL;
631 	int srp_lateuser = 0;
632 	SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024};
633 #endif
634 
635 	meth=SSLv23_client_method();
636 
637 	apps_startup();
638 	c_Pause=0;
639 	c_quiet=0;
640 	c_ign_eof=0;
641 	c_debug=0;
642 	c_msg=0;
643 	c_showcerts=0;
644 
645 	if (bio_err == NULL)
646 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
647 
648 	if (!load_config(bio_err, NULL))
649 		goto end;
650 
651 	if (	((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
652 		((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
653 		((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL))
654 		{
655 		BIO_printf(bio_err,"out of memory\n");
656 		goto end;
657 		}
658 
659 	verify_depth=0;
660 	verify_error=X509_V_OK;
661 #ifdef FIONBIO
662 	c_nbio=0;
663 #endif
664 
665 	argc--;
666 	argv++;
667 	while (argc >= 1)
668 		{
669 		if	(strcmp(*argv,"-host") == 0)
670 			{
671 			if (--argc < 1) goto bad;
672 			host= *(++argv);
673 			}
674 		else if	(strcmp(*argv,"-port") == 0)
675 			{
676 			if (--argc < 1) goto bad;
677 			port=atoi(*(++argv));
678 			if (port == 0) goto bad;
679 			}
680 		else if (strcmp(*argv,"-connect") == 0)
681 			{
682 			if (--argc < 1) goto bad;
683 			if (!extract_host_port(*(++argv),&host,NULL,&port))
684 				goto bad;
685 			}
686 		else if	(strcmp(*argv,"-verify") == 0)
687 			{
688 			verify=SSL_VERIFY_PEER;
689 			if (--argc < 1) goto bad;
690 			verify_depth=atoi(*(++argv));
691 			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
692 			}
693 		else if	(strcmp(*argv,"-cert") == 0)
694 			{
695 			if (--argc < 1) goto bad;
696 			cert_file= *(++argv);
697 			}
698 		else if	(strcmp(*argv,"-sess_out") == 0)
699 			{
700 			if (--argc < 1) goto bad;
701 			sess_out = *(++argv);
702 			}
703 		else if	(strcmp(*argv,"-sess_in") == 0)
704 			{
705 			if (--argc < 1) goto bad;
706 			sess_in = *(++argv);
707 			}
708 		else if	(strcmp(*argv,"-certform") == 0)
709 			{
710 			if (--argc < 1) goto bad;
711 			cert_format = str2fmt(*(++argv));
712 			}
713 		else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm))
714 			{
715 			if (badarg)
716 				goto bad;
717 			continue;
718 			}
719 		else if (strcmp(*argv,"-verify_return_error") == 0)
720 			verify_return_error = 1;
721 		else if	(strcmp(*argv,"-prexit") == 0)
722 			prexit=1;
723 		else if	(strcmp(*argv,"-crlf") == 0)
724 			crlf=1;
725 		else if	(strcmp(*argv,"-quiet") == 0)
726 			{
727 			c_quiet=1;
728 			c_ign_eof=1;
729 			}
730 		else if	(strcmp(*argv,"-ign_eof") == 0)
731 			c_ign_eof=1;
732 		else if	(strcmp(*argv,"-no_ign_eof") == 0)
733 			c_ign_eof=0;
734 		else if	(strcmp(*argv,"-pause") == 0)
735 			c_Pause=1;
736 		else if	(strcmp(*argv,"-debug") == 0)
737 			c_debug=1;
738 #ifndef OPENSSL_NO_TLSEXT
739 		else if	(strcmp(*argv,"-tlsextdebug") == 0)
740 			c_tlsextdebug=1;
741 		else if	(strcmp(*argv,"-status") == 0)
742 			c_status_req=1;
743 #endif
744 #ifdef WATT32
745 		else if (strcmp(*argv,"-wdebug") == 0)
746 			dbug_init();
747 #endif
748 		else if	(strcmp(*argv,"-msg") == 0)
749 			c_msg=1;
750 		else if	(strcmp(*argv,"-showcerts") == 0)
751 			c_showcerts=1;
752 		else if	(strcmp(*argv,"-nbio_test") == 0)
753 			nbio_test=1;
754 		else if	(strcmp(*argv,"-state") == 0)
755 			state=1;
756 #ifndef OPENSSL_NO_PSK
757                 else if (strcmp(*argv,"-psk_identity") == 0)
758 			{
759 			if (--argc < 1) goto bad;
760 			psk_identity=*(++argv);
761 			}
762                 else if (strcmp(*argv,"-psk") == 0)
763 			{
764                         size_t j;
765 
766 			if (--argc < 1) goto bad;
767 			psk_key=*(++argv);
768 			for (j = 0; j < strlen(psk_key); j++)
769                                 {
770                                 if (isxdigit((unsigned char)psk_key[j]))
771                                         continue;
772                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
773                                 goto bad;
774                                 }
775 			}
776 #endif
777 #ifndef OPENSSL_NO_SRP
778 		else if (strcmp(*argv,"-srpuser") == 0)
779 			{
780 			if (--argc < 1) goto bad;
781 			srp_arg.srplogin= *(++argv);
782 			meth=TLSv1_client_method();
783 			}
784 		else if (strcmp(*argv,"-srppass") == 0)
785 			{
786 			if (--argc < 1) goto bad;
787 			srppass= *(++argv);
788 			meth=TLSv1_client_method();
789 			}
790 		else if (strcmp(*argv,"-srp_strength") == 0)
791 			{
792 			if (--argc < 1) goto bad;
793 			srp_arg.strength=atoi(*(++argv));
794 			BIO_printf(bio_err,"SRP minimal length for N is %d\n",srp_arg.strength);
795 			meth=TLSv1_client_method();
796 			}
797 		else if (strcmp(*argv,"-srp_lateuser") == 0)
798 			{
799 			srp_lateuser= 1;
800 			meth=TLSv1_client_method();
801 			}
802 		else if	(strcmp(*argv,"-srp_moregroups") == 0)
803 			{
804 			srp_arg.amp=1;
805 			meth=TLSv1_client_method();
806 			}
807 #endif
808 #ifndef OPENSSL_NO_SSL2
809 		else if	(strcmp(*argv,"-ssl2") == 0)
810 			meth=SSLv2_client_method();
811 #endif
812 #ifndef OPENSSL_NO_SSL3_METHOD
813 		else if	(strcmp(*argv,"-ssl3") == 0)
814 			meth=SSLv3_client_method();
815 #endif
816 #ifndef OPENSSL_NO_TLS1
817 		else if	(strcmp(*argv,"-tls1_2") == 0)
818 			meth=TLSv1_2_client_method();
819 		else if	(strcmp(*argv,"-tls1_1") == 0)
820 			meth=TLSv1_1_client_method();
821 		else if	(strcmp(*argv,"-tls1") == 0)
822 			meth=TLSv1_client_method();
823 #endif
824 #ifndef OPENSSL_NO_DTLS1
825 		else if	(strcmp(*argv,"-dtls1") == 0)
826 			{
827 			meth=DTLSv1_client_method();
828 			socket_type=SOCK_DGRAM;
829 			}
830 		else if (strcmp(*argv,"-fallback_scsv") == 0)
831 			{
832 			fallback_scsv = 1;
833 			}
834 		else if (strcmp(*argv,"-timeout") == 0)
835 			enable_timeouts=1;
836 		else if (strcmp(*argv,"-mtu") == 0)
837 			{
838 			if (--argc < 1) goto bad;
839 			socket_mtu = atol(*(++argv));
840 			}
841 #endif
842 		else if (strcmp(*argv,"-bugs") == 0)
843 			bugs=1;
844 		else if	(strcmp(*argv,"-keyform") == 0)
845 			{
846 			if (--argc < 1) goto bad;
847 			key_format = str2fmt(*(++argv));
848 			}
849 		else if	(strcmp(*argv,"-pass") == 0)
850 			{
851 			if (--argc < 1) goto bad;
852 			passarg = *(++argv);
853 			}
854 		else if	(strcmp(*argv,"-key") == 0)
855 			{
856 			if (--argc < 1) goto bad;
857 			key_file= *(++argv);
858 			}
859 		else if	(strcmp(*argv,"-reconnect") == 0)
860 			{
861 			reconnect=5;
862 			}
863 		else if	(strcmp(*argv,"-CApath") == 0)
864 			{
865 			if (--argc < 1) goto bad;
866 			CApath= *(++argv);
867 			}
868 		else if	(strcmp(*argv,"-CAfile") == 0)
869 			{
870 			if (--argc < 1) goto bad;
871 			CAfile= *(++argv);
872 			}
873 		else if (strcmp(*argv,"-no_tls1_2") == 0)
874 			off|=SSL_OP_NO_TLSv1_2;
875 		else if (strcmp(*argv,"-no_tls1_1") == 0)
876 			off|=SSL_OP_NO_TLSv1_1;
877 		else if (strcmp(*argv,"-no_tls1") == 0)
878 			off|=SSL_OP_NO_TLSv1;
879 		else if (strcmp(*argv,"-no_ssl3") == 0)
880 			off|=SSL_OP_NO_SSLv3;
881 		else if (strcmp(*argv,"-no_ssl2") == 0)
882 			off|=SSL_OP_NO_SSLv2;
883 		else if	(strcmp(*argv,"-no_comp") == 0)
884 			{ off|=SSL_OP_NO_COMPRESSION; }
885 #ifndef OPENSSL_NO_TLSEXT
886 		else if	(strcmp(*argv,"-no_ticket") == 0)
887 			{ off|=SSL_OP_NO_TICKET; }
888 # ifndef OPENSSL_NO_NEXTPROTONEG
889 		else if (strcmp(*argv,"-nextprotoneg") == 0)
890 			{
891 			if (--argc < 1) goto bad;
892 			next_proto_neg_in = *(++argv);
893 			}
894 # endif
895 #endif
896 		else if (strcmp(*argv,"-serverpref") == 0)
897 			off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
898 		else if (strcmp(*argv,"-legacy_renegotiation") == 0)
899 			off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
900 		else if	(strcmp(*argv,"-legacy_server_connect") == 0)
901 			{ off|=SSL_OP_LEGACY_SERVER_CONNECT; }
902 		else if	(strcmp(*argv,"-no_legacy_server_connect") == 0)
903 			{ clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
904 		else if	(strcmp(*argv,"-cipher") == 0)
905 			{
906 			if (--argc < 1) goto bad;
907 			cipher= *(++argv);
908 			}
909 #ifdef FIONBIO
910 		else if (strcmp(*argv,"-nbio") == 0)
911 			{ c_nbio=1; }
912 #endif
913 		else if	(strcmp(*argv,"-starttls") == 0)
914 			{
915 			if (--argc < 1) goto bad;
916 			++argv;
917 			if (strcmp(*argv,"smtp") == 0)
918 				starttls_proto = PROTO_SMTP;
919 			else if (strcmp(*argv,"pop3") == 0)
920 				starttls_proto = PROTO_POP3;
921 			else if (strcmp(*argv,"imap") == 0)
922 				starttls_proto = PROTO_IMAP;
923 			else if (strcmp(*argv,"ftp") == 0)
924 				starttls_proto = PROTO_FTP;
925 			else if (strcmp(*argv, "xmpp") == 0)
926 				starttls_proto = PROTO_XMPP;
927 			else
928 				goto bad;
929 			}
930 #ifndef OPENSSL_NO_ENGINE
931 		else if	(strcmp(*argv,"-engine") == 0)
932 			{
933 			if (--argc < 1) goto bad;
934 			engine_id = *(++argv);
935 			}
936 		else if	(strcmp(*argv,"-ssl_client_engine") == 0)
937 			{
938 			if (--argc < 1) goto bad;
939 			ssl_client_engine_id = *(++argv);
940 			}
941 #endif
942 		else if (strcmp(*argv,"-rand") == 0)
943 			{
944 			if (--argc < 1) goto bad;
945 			inrand= *(++argv);
946 			}
947 #ifndef OPENSSL_NO_TLSEXT
948 		else if (strcmp(*argv,"-servername") == 0)
949 			{
950 			if (--argc < 1) goto bad;
951 			servername= *(++argv);
952 			/* meth=TLSv1_client_method(); */
953 			}
954 #endif
955 #ifndef OPENSSL_NO_JPAKE
956 		else if (strcmp(*argv,"-jpake") == 0)
957 			{
958 			if (--argc < 1) goto bad;
959 			jpake_secret = *++argv;
960 			}
961 #endif
962 #ifndef OPENSSL_NO_SRTP
963 		else if (strcmp(*argv,"-use_srtp") == 0)
964 			{
965 			if (--argc < 1) goto bad;
966 			srtp_profiles = *(++argv);
967 			}
968 #endif
969 		else if (strcmp(*argv,"-keymatexport") == 0)
970 			{
971 			if (--argc < 1) goto bad;
972 			keymatexportlabel= *(++argv);
973 			}
974 		else if (strcmp(*argv,"-keymatexportlen") == 0)
975 			{
976 			if (--argc < 1) goto bad;
977 			keymatexportlen=atoi(*(++argv));
978 			if (keymatexportlen == 0) goto bad;
979 			}
980                 else
981 			{
982 			BIO_printf(bio_err,"unknown option %s\n",*argv);
983 			badop=1;
984 			break;
985 			}
986 		argc--;
987 		argv++;
988 		}
989 	if (badop)
990 		{
991 bad:
992 		sc_usage();
993 		goto end;
994 		}
995 
996 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
997 	if (jpake_secret)
998 		{
999 		if (psk_key)
1000 			{
1001 			BIO_printf(bio_err,
1002 				   "Can't use JPAKE and PSK together\n");
1003 			goto end;
1004 			}
1005 		psk_identity = "JPAKE";
1006 		if (cipher)
1007 			{
1008 			BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
1009 			goto end;
1010 			}
1011 		cipher = "PSK";
1012 		}
1013 #endif
1014 
1015 	OpenSSL_add_ssl_algorithms();
1016 	SSL_load_error_strings();
1017 
1018 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
1019 	next_proto.status = -1;
1020 	if (next_proto_neg_in)
1021 		{
1022 		next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in);
1023 		if (next_proto.data == NULL)
1024 			{
1025 			BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n");
1026 			goto end;
1027 			}
1028 		}
1029 	else
1030 		next_proto.data = NULL;
1031 #endif
1032 
1033 #ifndef OPENSSL_NO_ENGINE
1034         e = setup_engine(bio_err, engine_id, 1);
1035 	if (ssl_client_engine_id)
1036 		{
1037 		ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
1038 		if (!ssl_client_engine)
1039 			{
1040 			BIO_printf(bio_err,
1041 					"Error getting client auth engine\n");
1042 			goto end;
1043 			}
1044 		}
1045 
1046 #endif
1047 	if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
1048 		{
1049 		BIO_printf(bio_err, "Error getting password\n");
1050 		goto end;
1051 		}
1052 
1053 	if (key_file == NULL)
1054 		key_file = cert_file;
1055 
1056 
1057 	if (key_file)
1058 
1059 		{
1060 
1061 		key = load_key(bio_err, key_file, key_format, 0, pass, e,
1062 			       "client certificate private key file");
1063 		if (!key)
1064 			{
1065 			ERR_print_errors(bio_err);
1066 			goto end;
1067 			}
1068 
1069 		}
1070 
1071 	if (cert_file)
1072 
1073 		{
1074 		cert = load_cert(bio_err,cert_file,cert_format,
1075 				NULL, e, "client certificate file");
1076 
1077 		if (!cert)
1078 			{
1079 			ERR_print_errors(bio_err);
1080 			goto end;
1081 			}
1082 		}
1083 
1084 	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
1085 		&& !RAND_status())
1086 		{
1087 		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
1088 		}
1089 	if (inrand != NULL)
1090 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
1091 			app_RAND_load_files(inrand));
1092 
1093 	if (bio_c_out == NULL)
1094 		{
1095 		if (c_quiet && !c_debug && !c_msg)
1096 			{
1097 			bio_c_out=BIO_new(BIO_s_null());
1098 			}
1099 		else
1100 			{
1101 			if (bio_c_out == NULL)
1102 				bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
1103 			}
1104 		}
1105 
1106 #ifndef OPENSSL_NO_SRP
1107 	if(!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL))
1108 		{
1109 		BIO_printf(bio_err, "Error getting password\n");
1110 		goto end;
1111 		}
1112 #endif
1113 
1114 	ctx=SSL_CTX_new(meth);
1115 	if (ctx == NULL)
1116 		{
1117 		ERR_print_errors(bio_err);
1118 		goto end;
1119 		}
1120 
1121 	if (vpm)
1122 		SSL_CTX_set1_param(ctx, vpm);
1123 
1124 #ifndef OPENSSL_NO_ENGINE
1125 	if (ssl_client_engine)
1126 		{
1127 		if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine))
1128 			{
1129 			BIO_puts(bio_err, "Error setting client auth engine\n");
1130 			ERR_print_errors(bio_err);
1131 			ENGINE_free(ssl_client_engine);
1132 			goto end;
1133 			}
1134 		ENGINE_free(ssl_client_engine);
1135 		}
1136 #endif
1137 
1138 #ifndef OPENSSL_NO_PSK
1139 #ifdef OPENSSL_NO_JPAKE
1140 	if (psk_key != NULL)
1141 #else
1142 	if (psk_key != NULL || jpake_secret)
1143 #endif
1144 		{
1145 		if (c_debug)
1146 			BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n");
1147 		SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
1148 		}
1149 #endif
1150 #ifndef OPENSSL_NO_SRTP
1151 	if (srtp_profiles != NULL)
1152 		SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
1153 #endif
1154 	if (bugs)
1155 		SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
1156 	else
1157 		SSL_CTX_set_options(ctx,off);
1158 
1159 	if (clr)
1160 		SSL_CTX_clear_options(ctx, clr);
1161 	/* DTLS: partial reads end up discarding unread UDP bytes :-(
1162 	 * Setting read ahead solves this problem.
1163 	 */
1164 	if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
1165 
1166 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
1167 	if (next_proto.data)
1168 		SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
1169 #endif
1170 
1171 	if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
1172 	if (cipher != NULL)
1173 		if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
1174 		BIO_printf(bio_err,"error setting cipher list\n");
1175 		ERR_print_errors(bio_err);
1176 		goto end;
1177 	}
1178 #if 0
1179 	else
1180 		SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
1181 #endif
1182 
1183 	SSL_CTX_set_verify(ctx,verify,verify_callback);
1184 	if (!set_cert_key_stuff(ctx,cert,key))
1185 		goto end;
1186 
1187 	if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
1188 		(!SSL_CTX_set_default_verify_paths(ctx)))
1189 		{
1190 		/* BIO_printf(bio_err,"error setting default verify locations\n"); */
1191 		ERR_print_errors(bio_err);
1192 		/* goto end; */
1193 		}
1194 
1195 #ifndef OPENSSL_NO_TLSEXT
1196 	if (servername != NULL)
1197 		{
1198 		tlsextcbp.biodebug = bio_err;
1199 		SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1200 		SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
1201 		}
1202 #ifndef OPENSSL_NO_SRP
1203         if (srp_arg.srplogin)
1204 		{
1205 		if (!srp_lateuser && !SSL_CTX_set_srp_username(ctx, srp_arg.srplogin))
1206 			{
1207 			BIO_printf(bio_err,"Unable to set SRP username\n");
1208 			goto end;
1209 			}
1210 		srp_arg.msg = c_msg;
1211 		srp_arg.debug = c_debug ;
1212 		SSL_CTX_set_srp_cb_arg(ctx,&srp_arg);
1213 		SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb);
1214 		SSL_CTX_set_srp_strength(ctx, srp_arg.strength);
1215 		if (c_msg || c_debug || srp_arg.amp == 0)
1216 			SSL_CTX_set_srp_verify_param_callback(ctx, ssl_srp_verify_param_cb);
1217 		}
1218 
1219 #endif
1220 #endif
1221 
1222 	con=SSL_new(ctx);
1223 	if (sess_in)
1224 		{
1225 		SSL_SESSION *sess;
1226 		BIO *stmp = BIO_new_file(sess_in, "r");
1227 		if (!stmp)
1228 			{
1229 			BIO_printf(bio_err, "Can't open session file %s\n",
1230 						sess_in);
1231 			ERR_print_errors(bio_err);
1232 			goto end;
1233 			}
1234 		sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL);
1235 		BIO_free(stmp);
1236 		if (!sess)
1237 			{
1238 			BIO_printf(bio_err, "Can't open session file %s\n",
1239 						sess_in);
1240 			ERR_print_errors(bio_err);
1241 			goto end;
1242 			}
1243 		SSL_set_session(con, sess);
1244 		SSL_SESSION_free(sess);
1245 		}
1246 
1247 	if (fallback_scsv)
1248 		SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV);
1249 
1250 #ifndef OPENSSL_NO_TLSEXT
1251 	if (servername != NULL)
1252 		{
1253 		if (!SSL_set_tlsext_host_name(con,servername))
1254 			{
1255 			BIO_printf(bio_err,"Unable to set TLS servername extension.\n");
1256 			ERR_print_errors(bio_err);
1257 			goto end;
1258 			}
1259 		}
1260 #endif
1261 #ifndef OPENSSL_NO_KRB5
1262 	if (con  &&  (kctx = kssl_ctx_new()) != NULL)
1263                 {
1264 		SSL_set0_kssl_ctx(con, kctx);
1265                 kssl_ctx_setstring(kctx, KSSL_SERVER, host);
1266 		}
1267 #endif	/* OPENSSL_NO_KRB5  */
1268 /*	SSL_set_cipher_list(con,"RC4-MD5"); */
1269 #if 0
1270 #ifdef TLSEXT_TYPE_opaque_prf_input
1271 	SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
1272 #endif
1273 #endif
1274 
1275 re_start:
1276 
1277 	if (init_client(&s,host,port,socket_type) == 0)
1278 		{
1279 		BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
1280 		SHUTDOWN(s);
1281 		goto end;
1282 		}
1283 	BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
1284 
1285 #ifdef FIONBIO
1286 	if (c_nbio)
1287 		{
1288 		unsigned long l=1;
1289 		BIO_printf(bio_c_out,"turning on non blocking io\n");
1290 		if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
1291 			{
1292 			ERR_print_errors(bio_err);
1293 			goto end;
1294 			}
1295 		}
1296 #endif
1297 	if (c_Pause & 0x01) SSL_set_debug(con, 1);
1298 
1299 	if ( SSL_version(con) == DTLS1_VERSION)
1300 		{
1301 
1302 		sbio=BIO_new_dgram(s,BIO_NOCLOSE);
1303 		if (getsockname(s, &peer, (void *)&peerlen) < 0)
1304 			{
1305 			BIO_printf(bio_err, "getsockname:errno=%d\n",
1306 				get_last_socket_error());
1307 			SHUTDOWN(s);
1308 			goto end;
1309 			}
1310 
1311 		(void)BIO_ctrl_set_connected(sbio, 1, &peer);
1312 
1313 		if (enable_timeouts)
1314 			{
1315 			timeout.tv_sec = 0;
1316 			timeout.tv_usec = DGRAM_RCV_TIMEOUT;
1317 			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
1318 
1319 			timeout.tv_sec = 0;
1320 			timeout.tv_usec = DGRAM_SND_TIMEOUT;
1321 			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
1322 			}
1323 
1324 		if (socket_mtu)
1325 			{
1326 			if(socket_mtu < DTLS_get_link_min_mtu(con))
1327 				{
1328 				BIO_printf(bio_err,"MTU too small. Must be at least %ld\n",
1329 					DTLS_get_link_min_mtu(con));
1330 				BIO_free(sbio);
1331 				goto shut;
1332 				}
1333 			SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
1334 			if(!DTLS_set_link_mtu(con, socket_mtu))
1335 				{
1336 				BIO_printf(bio_err, "Failed to set MTU\n");
1337 				BIO_free(sbio);
1338 				goto shut;
1339 				}
1340 			}
1341 		else
1342 			/* want to do MTU discovery */
1343 			BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
1344 		}
1345 	else
1346 		sbio=BIO_new_socket(s,BIO_NOCLOSE);
1347 
1348 	if (nbio_test)
1349 		{
1350 		BIO *test;
1351 
1352 		test=BIO_new(BIO_f_nbio_test());
1353 		sbio=BIO_push(test,sbio);
1354 		}
1355 
1356 	if (c_debug)
1357 		{
1358 		SSL_set_debug(con, 1);
1359 		BIO_set_callback(sbio,bio_dump_callback);
1360 		BIO_set_callback_arg(sbio,(char *)bio_c_out);
1361 		}
1362 	if (c_msg)
1363 		{
1364 		SSL_set_msg_callback(con, msg_cb);
1365 		SSL_set_msg_callback_arg(con, bio_c_out);
1366 		}
1367 #ifndef OPENSSL_NO_TLSEXT
1368 	if (c_tlsextdebug)
1369 		{
1370 		SSL_set_tlsext_debug_callback(con, tlsext_cb);
1371 		SSL_set_tlsext_debug_arg(con, bio_c_out);
1372 		}
1373 	if (c_status_req)
1374 		{
1375 		SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
1376 		SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
1377 		SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
1378 #if 0
1379 {
1380 STACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null();
1381 OCSP_RESPID *id = OCSP_RESPID_new();
1382 id->value.byKey = ASN1_OCTET_STRING_new();
1383 id->type = V_OCSP_RESPID_KEY;
1384 ASN1_STRING_set(id->value.byKey, "Hello World", -1);
1385 sk_OCSP_RESPID_push(ids, id);
1386 SSL_set_tlsext_status_ids(con, ids);
1387 }
1388 #endif
1389 		}
1390 #endif
1391 #ifndef OPENSSL_NO_JPAKE
1392 	if (jpake_secret)
1393 		jpake_client_auth(bio_c_out, sbio, jpake_secret);
1394 #endif
1395 
1396 	SSL_set_bio(con,sbio,sbio);
1397 	SSL_set_connect_state(con);
1398 
1399 	/* ok, lets connect */
1400 	width=SSL_get_fd(con)+1;
1401 
1402 	read_tty=1;
1403 	write_tty=0;
1404 	tty_on=0;
1405 	read_ssl=1;
1406 	write_ssl=1;
1407 
1408 	cbuf_len=0;
1409 	cbuf_off=0;
1410 	sbuf_len=0;
1411 	sbuf_off=0;
1412 
1413 	/* This is an ugly hack that does a lot of assumptions */
1414 	/* We do have to handle multi-line responses which may come
1415  	   in a single packet or not. We therefore have to use
1416 	   BIO_gets() which does need a buffering BIO. So during
1417 	   the initial chitchat we do push a buffering BIO into the
1418 	   chain that is removed again later on to not disturb the
1419 	   rest of the s_client operation. */
1420 	if (starttls_proto == PROTO_SMTP)
1421 		{
1422 		int foundit=0;
1423 		BIO *fbio = BIO_new(BIO_f_buffer());
1424 		BIO_push(fbio, sbio);
1425 		/* wait for multi-line response to end from SMTP */
1426 		do
1427 			{
1428 			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
1429 			}
1430 		while (mbuf_len>3 && mbuf[3]=='-');
1431 		/* STARTTLS command requires EHLO... */
1432 		BIO_printf(fbio,"EHLO openssl.client.net\r\n");
1433 		(void)BIO_flush(fbio);
1434 		/* wait for multi-line response to end EHLO SMTP response */
1435 		do
1436 			{
1437 			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
1438 			if (strstr(mbuf,"STARTTLS"))
1439 				foundit=1;
1440 			}
1441 		while (mbuf_len>3 && mbuf[3]=='-');
1442 		(void)BIO_flush(fbio);
1443 		BIO_pop(fbio);
1444 		BIO_free(fbio);
1445 		if (!foundit)
1446 			BIO_printf(bio_err,
1447 				   "didn't found starttls in server response,"
1448 				   " try anyway...\n");
1449 		BIO_printf(sbio,"STARTTLS\r\n");
1450 		BIO_read(sbio,sbuf,BUFSIZZ);
1451 		}
1452 	else if (starttls_proto == PROTO_POP3)
1453 		{
1454 		BIO_read(sbio,mbuf,BUFSIZZ);
1455 		BIO_printf(sbio,"STLS\r\n");
1456 		BIO_read(sbio,sbuf,BUFSIZZ);
1457 		}
1458 	else if (starttls_proto == PROTO_IMAP)
1459 		{
1460 		int foundit=0;
1461 		BIO *fbio = BIO_new(BIO_f_buffer());
1462 		BIO_push(fbio, sbio);
1463 		BIO_gets(fbio,mbuf,BUFSIZZ);
1464 		/* STARTTLS command requires CAPABILITY... */
1465 		BIO_printf(fbio,". CAPABILITY\r\n");
1466 		(void)BIO_flush(fbio);
1467 		/* wait for multi-line CAPABILITY response */
1468 		do
1469 			{
1470 			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
1471 			if (strstr(mbuf,"STARTTLS"))
1472 				foundit=1;
1473 			}
1474 		while (mbuf_len>3 && mbuf[0]!='.');
1475 		(void)BIO_flush(fbio);
1476 		BIO_pop(fbio);
1477 		BIO_free(fbio);
1478 		if (!foundit)
1479 			BIO_printf(bio_err,
1480 				   "didn't found STARTTLS in server response,"
1481 				   " try anyway...\n");
1482 		BIO_printf(sbio,". STARTTLS\r\n");
1483 		BIO_read(sbio,sbuf,BUFSIZZ);
1484 		}
1485 	else if (starttls_proto == PROTO_FTP)
1486 		{
1487 		BIO *fbio = BIO_new(BIO_f_buffer());
1488 		BIO_push(fbio, sbio);
1489 		/* wait for multi-line response to end from FTP */
1490 		do
1491 			{
1492 			mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
1493 			}
1494 		while (mbuf_len>3 && mbuf[3]=='-');
1495 		(void)BIO_flush(fbio);
1496 		BIO_pop(fbio);
1497 		BIO_free(fbio);
1498 		BIO_printf(sbio,"AUTH TLS\r\n");
1499 		BIO_read(sbio,sbuf,BUFSIZZ);
1500 		}
1501 	if (starttls_proto == PROTO_XMPP)
1502 		{
1503 		int seen = 0;
1504 		BIO_printf(sbio,"<stream:stream "
1505 		    "xmlns:stream='http://etherx.jabber.org/streams' "
1506 		    "xmlns='jabber:client' to='%s' version='1.0'>", host);
1507 		seen = BIO_read(sbio,mbuf,BUFSIZZ);
1508 		mbuf[seen] = 0;
1509 		while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'"))
1510 			{
1511 			if (strstr(mbuf, "/stream:features>"))
1512 				goto shut;
1513 			seen = BIO_read(sbio,mbuf,BUFSIZZ);
1514 			mbuf[seen] = 0;
1515 			}
1516 		BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
1517 		seen = BIO_read(sbio,sbuf,BUFSIZZ);
1518 		sbuf[seen] = 0;
1519 		if (!strstr(sbuf, "<proceed"))
1520 			goto shut;
1521 		mbuf[0] = 0;
1522 		}
1523 
1524 	for (;;)
1525 		{
1526 		FD_ZERO(&readfds);
1527 		FD_ZERO(&writefds);
1528 
1529 		if ((SSL_version(con) == DTLS1_VERSION) &&
1530 			DTLSv1_get_timeout(con, &timeout))
1531 			timeoutp = &timeout;
1532 		else
1533 			timeoutp = NULL;
1534 
1535 		if (SSL_in_init(con) && !SSL_total_renegotiations(con))
1536 			{
1537 			in_init=1;
1538 			tty_on=0;
1539 			}
1540 		else
1541 			{
1542 			tty_on=1;
1543 			if (in_init)
1544 				{
1545 				in_init=0;
1546 #if 0 /* This test doesn't really work as intended (needs to be fixed) */
1547 #ifndef OPENSSL_NO_TLSEXT
1548 				if (servername != NULL && !SSL_session_reused(con))
1549 					{
1550 					BIO_printf(bio_c_out,"Server did %sacknowledge servername extension.\n",tlsextcbp.ack?"":"not ");
1551 					}
1552 #endif
1553 #endif
1554 				if (sess_out)
1555 					{
1556 					BIO *stmp = BIO_new_file(sess_out, "w");
1557 					if (stmp)
1558 						{
1559 						PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con));
1560 						BIO_free(stmp);
1561 						}
1562 					else
1563 						BIO_printf(bio_err, "Error writing session file %s\n", sess_out);
1564 					}
1565 				print_stuff(bio_c_out,con,full_log);
1566 				if (full_log > 0) full_log--;
1567 
1568 				if (starttls_proto)
1569 					{
1570 					BIO_printf(bio_err,"%s",mbuf);
1571 					/* We don't need to know any more */
1572 					starttls_proto = PROTO_OFF;
1573 					}
1574 
1575 				if (reconnect)
1576 					{
1577 					reconnect--;
1578 					BIO_printf(bio_c_out,"drop connection and then reconnect\n");
1579 					SSL_shutdown(con);
1580 					SSL_set_connect_state(con);
1581 					SHUTDOWN(SSL_get_fd(con));
1582 					goto re_start;
1583 					}
1584 				}
1585 			}
1586 
1587 		ssl_pending = read_ssl && SSL_pending(con);
1588 
1589 		if (!ssl_pending)
1590 			{
1591 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
1592 			if (tty_on)
1593 				{
1594 				if (read_tty)  openssl_fdset(fileno(stdin),&readfds);
1595 				if (write_tty) openssl_fdset(fileno(stdout),&writefds);
1596 				}
1597 			if (read_ssl)
1598 				openssl_fdset(SSL_get_fd(con),&readfds);
1599 			if (write_ssl)
1600 				openssl_fdset(SSL_get_fd(con),&writefds);
1601 #else
1602 			if(!tty_on || !write_tty) {
1603 				if (read_ssl)
1604 					openssl_fdset(SSL_get_fd(con),&readfds);
1605 				if (write_ssl)
1606 					openssl_fdset(SSL_get_fd(con),&writefds);
1607 			}
1608 #endif
1609 /*			printf("mode tty(%d %d%d) ssl(%d%d)\n",
1610 				tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
1611 
1612 			/* Note: under VMS with SOCKETSHR the second parameter
1613 			 * is currently of type (int *) whereas under other
1614 			 * systems it is (void *) if you don't have a cast it
1615 			 * will choke the compiler: if you do have a cast then
1616 			 * you can either go for (int *) or (void *).
1617 			 */
1618 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
1619                         /* Under Windows/DOS we make the assumption that we can
1620 			 * always write to the tty: therefore if we need to
1621 			 * write to the tty we just fall through. Otherwise
1622 			 * we timeout the select every second and see if there
1623 			 * are any keypresses. Note: this is a hack, in a proper
1624 			 * Windows application we wouldn't do this.
1625 			 */
1626 			i=0;
1627 			if(!write_tty) {
1628 				if(read_tty) {
1629 					tv.tv_sec = 1;
1630 					tv.tv_usec = 0;
1631 					i=select(width,(void *)&readfds,(void *)&writefds,
1632 						 NULL,&tv);
1633 #if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
1634 					if(!i && (!_kbhit() || !read_tty) ) continue;
1635 #else
1636 					if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
1637 #endif
1638 				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
1639 					 NULL,timeoutp);
1640 			}
1641 #elif defined(OPENSSL_SYS_NETWARE)
1642 			if(!write_tty) {
1643 				if(read_tty) {
1644 					tv.tv_sec = 1;
1645 					tv.tv_usec = 0;
1646 					i=select(width,(void *)&readfds,(void *)&writefds,
1647 						NULL,&tv);
1648 				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
1649 					NULL,timeoutp);
1650 			}
1651 #elif defined(OPENSSL_SYS_BEOS_R5)
1652 			/* Under BeOS-R5 the situation is similar to DOS */
1653 			i=0;
1654 			stdin_set = 0;
1655 			(void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
1656 			if(!write_tty) {
1657 				if(read_tty) {
1658 					tv.tv_sec = 1;
1659 					tv.tv_usec = 0;
1660 					i=select(width,(void *)&readfds,(void *)&writefds,
1661 						 NULL,&tv);
1662 					if (read(fileno(stdin), sbuf, 0) >= 0)
1663 						stdin_set = 1;
1664 					if (!i && (stdin_set != 1 || !read_tty))
1665 						continue;
1666 				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
1667 					 NULL,timeoutp);
1668 			}
1669 			(void)fcntl(fileno(stdin), F_SETFL, 0);
1670 #else
1671 			i=select(width,(void *)&readfds,(void *)&writefds,
1672 				 NULL,timeoutp);
1673 #endif
1674 			if ( i < 0)
1675 				{
1676 				BIO_printf(bio_err,"bad select %d\n",
1677 				get_last_socket_error());
1678 				goto shut;
1679 				/* goto end; */
1680 				}
1681 			}
1682 
1683 		if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
1684 			{
1685 			BIO_printf(bio_err,"TIMEOUT occured\n");
1686 			}
1687 
1688 		if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds))
1689 			{
1690 			k=SSL_write(con,&(cbuf[cbuf_off]),
1691 				(unsigned int)cbuf_len);
1692 			switch (SSL_get_error(con,k))
1693 				{
1694 			case SSL_ERROR_NONE:
1695 				cbuf_off+=k;
1696 				cbuf_len-=k;
1697 				if (k <= 0) goto end;
1698 				/* we have done a  write(con,NULL,0); */
1699 				if (cbuf_len <= 0)
1700 					{
1701 					read_tty=1;
1702 					write_ssl=0;
1703 					}
1704 				else /* if (cbuf_len > 0) */
1705 					{
1706 					read_tty=0;
1707 					write_ssl=1;
1708 					}
1709 				break;
1710 			case SSL_ERROR_WANT_WRITE:
1711 				BIO_printf(bio_c_out,"write W BLOCK\n");
1712 				write_ssl=1;
1713 				read_tty=0;
1714 				break;
1715 			case SSL_ERROR_WANT_READ:
1716 				BIO_printf(bio_c_out,"write R BLOCK\n");
1717 				write_tty=0;
1718 				read_ssl=1;
1719 				write_ssl=0;
1720 				break;
1721 			case SSL_ERROR_WANT_X509_LOOKUP:
1722 				BIO_printf(bio_c_out,"write X BLOCK\n");
1723 				break;
1724 			case SSL_ERROR_ZERO_RETURN:
1725 				if (cbuf_len != 0)
1726 					{
1727 					BIO_printf(bio_c_out,"shutdown\n");
1728 					ret = 0;
1729 					goto shut;
1730 					}
1731 				else
1732 					{
1733 					read_tty=1;
1734 					write_ssl=0;
1735 					break;
1736 					}
1737 
1738 			case SSL_ERROR_SYSCALL:
1739 				if ((k != 0) || (cbuf_len != 0))
1740 					{
1741 					BIO_printf(bio_err,"write:errno=%d\n",
1742 						get_last_socket_error());
1743 					goto shut;
1744 					}
1745 				else
1746 					{
1747 					read_tty=1;
1748 					write_ssl=0;
1749 					}
1750 				break;
1751 			case SSL_ERROR_SSL:
1752 				ERR_print_errors(bio_err);
1753 				goto shut;
1754 				}
1755 			}
1756 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
1757 		/* Assume Windows/DOS/BeOS can always write */
1758 		else if (!ssl_pending && write_tty)
1759 #else
1760 		else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds))
1761 #endif
1762 			{
1763 #ifdef CHARSET_EBCDIC
1764 			ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len);
1765 #endif
1766 			i=raw_write_stdout(&(sbuf[sbuf_off]),sbuf_len);
1767 
1768 			if (i <= 0)
1769 				{
1770 				BIO_printf(bio_c_out,"DONE\n");
1771 				ret = 0;
1772 				goto shut;
1773 				/* goto end; */
1774 				}
1775 
1776 			sbuf_len-=i;;
1777 			sbuf_off+=i;
1778 			if (sbuf_len <= 0)
1779 				{
1780 				read_ssl=1;
1781 				write_tty=0;
1782 				}
1783 			}
1784 		else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds))
1785 			{
1786 #ifdef RENEG
1787 { static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
1788 #endif
1789 #if 1
1790 			k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
1791 #else
1792 /* Demo for pending and peek :-) */
1793 			k=SSL_read(con,sbuf,16);
1794 { char zbuf[10240];
1795 printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
1796 }
1797 #endif
1798 
1799 			switch (SSL_get_error(con,k))
1800 				{
1801 			case SSL_ERROR_NONE:
1802 				if (k <= 0)
1803 					goto end;
1804 				sbuf_off=0;
1805 				sbuf_len=k;
1806 
1807 				read_ssl=0;
1808 				write_tty=1;
1809 				break;
1810 			case SSL_ERROR_WANT_WRITE:
1811 				BIO_printf(bio_c_out,"read W BLOCK\n");
1812 				write_ssl=1;
1813 				read_tty=0;
1814 				break;
1815 			case SSL_ERROR_WANT_READ:
1816 				BIO_printf(bio_c_out,"read R BLOCK\n");
1817 				write_tty=0;
1818 				read_ssl=1;
1819 				if ((read_tty == 0) && (write_ssl == 0))
1820 					write_ssl=1;
1821 				break;
1822 			case SSL_ERROR_WANT_X509_LOOKUP:
1823 				BIO_printf(bio_c_out,"read X BLOCK\n");
1824 				break;
1825 			case SSL_ERROR_SYSCALL:
1826 				ret=get_last_socket_error();
1827 				BIO_printf(bio_err,"read:errno=%d\n",ret);
1828 				goto shut;
1829 			case SSL_ERROR_ZERO_RETURN:
1830 				BIO_printf(bio_c_out,"closed\n");
1831 				ret=0;
1832 				goto shut;
1833 			case SSL_ERROR_SSL:
1834 				ERR_print_errors(bio_err);
1835 				goto shut;
1836 				/* break; */
1837 				}
1838 			}
1839 
1840 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
1841 #if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
1842 		else if (_kbhit())
1843 #else
1844 		else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
1845 #endif
1846 #elif defined (OPENSSL_SYS_NETWARE)
1847 		else if (_kbhit())
1848 #elif defined(OPENSSL_SYS_BEOS_R5)
1849 		else if (stdin_set)
1850 #else
1851 		else if (FD_ISSET(fileno(stdin),&readfds))
1852 #endif
1853 			{
1854 			if (crlf)
1855 				{
1856 				int j, lf_num;
1857 
1858 				i=raw_read_stdin(cbuf,BUFSIZZ/2);
1859 				lf_num = 0;
1860 				/* both loops are skipped when i <= 0 */
1861 				for (j = 0; j < i; j++)
1862 					if (cbuf[j] == '\n')
1863 						lf_num++;
1864 				for (j = i-1; j >= 0; j--)
1865 					{
1866 					cbuf[j+lf_num] = cbuf[j];
1867 					if (cbuf[j] == '\n')
1868 						{
1869 						lf_num--;
1870 						i++;
1871 						cbuf[j+lf_num] = '\r';
1872 						}
1873 					}
1874 				assert(lf_num == 0);
1875 				}
1876 			else
1877 				i=raw_read_stdin(cbuf,BUFSIZZ);
1878 
1879 			if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
1880 				{
1881 				BIO_printf(bio_err,"DONE\n");
1882 				ret=0;
1883 				goto shut;
1884 				}
1885 
1886 			if ((!c_ign_eof) && (cbuf[0] == 'R'))
1887 				{
1888 				BIO_printf(bio_err,"RENEGOTIATING\n");
1889 				SSL_renegotiate(con);
1890 				cbuf_len=0;
1891 				}
1892 #ifndef OPENSSL_NO_HEARTBEATS
1893 			else if ((!c_ign_eof) && (cbuf[0] == 'B'))
1894  				{
1895 				BIO_printf(bio_err,"HEARTBEATING\n");
1896 				SSL_heartbeat(con);
1897 				cbuf_len=0;
1898 				}
1899 #endif
1900 			else
1901 				{
1902 				cbuf_len=i;
1903 				cbuf_off=0;
1904 #ifdef CHARSET_EBCDIC
1905 				ebcdic2ascii(cbuf, cbuf, i);
1906 #endif
1907 				}
1908 
1909 			write_ssl=1;
1910 			read_tty=0;
1911 			}
1912 		}
1913 
1914 	ret=0;
1915 shut:
1916 	if (in_init)
1917 		print_stuff(bio_c_out,con,full_log);
1918 	SSL_shutdown(con);
1919 	SHUTDOWN(SSL_get_fd(con));
1920 end:
1921 	if (con != NULL)
1922 		{
1923 		if (prexit != 0)
1924 			print_stuff(bio_c_out,con,1);
1925 		SSL_free(con);
1926 		}
1927 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
1928 	if (next_proto.data)
1929 		OPENSSL_free(next_proto.data);
1930 #endif
1931 	if (ctx != NULL) SSL_CTX_free(ctx);
1932 	if (cert)
1933 		X509_free(cert);
1934 	if (key)
1935 		EVP_PKEY_free(key);
1936 	if (pass)
1937 		OPENSSL_free(pass);
1938 	if (vpm)
1939 		X509_VERIFY_PARAM_free(vpm);
1940 	if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
1941 	if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
1942 	if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }
1943 	if (bio_c_out != NULL)
1944 		{
1945 		BIO_free(bio_c_out);
1946 		bio_c_out=NULL;
1947 		}
1948 	apps_shutdown();
1949 	OPENSSL_EXIT(ret);
1950 	}
1951 
1952 
1953 static void print_stuff(BIO *bio, SSL *s, int full)
1954 	{
1955 	X509 *peer=NULL;
1956 	char *p;
1957 	static const char *space="                ";
1958 	char buf[BUFSIZ];
1959 	STACK_OF(X509) *sk;
1960 	STACK_OF(X509_NAME) *sk2;
1961 	const SSL_CIPHER *c;
1962 	X509_NAME *xn;
1963 	int j,i;
1964 #ifndef OPENSSL_NO_COMP
1965 	const COMP_METHOD *comp, *expansion;
1966 #endif
1967 	unsigned char *exportedkeymat;
1968 
1969 	if (full)
1970 		{
1971 		int got_a_chain = 0;
1972 
1973 		sk=SSL_get_peer_cert_chain(s);
1974 		if (sk != NULL)
1975 			{
1976 			got_a_chain = 1; /* we don't have it for SSL2 (yet) */
1977 
1978 			BIO_printf(bio,"---\nCertificate chain\n");
1979 			for (i=0; i<sk_X509_num(sk); i++)
1980 				{
1981 				X509_NAME_oneline(X509_get_subject_name(
1982 					sk_X509_value(sk,i)),buf,sizeof buf);
1983 				BIO_printf(bio,"%2d s:%s\n",i,buf);
1984 				X509_NAME_oneline(X509_get_issuer_name(
1985 					sk_X509_value(sk,i)),buf,sizeof buf);
1986 				BIO_printf(bio,"   i:%s\n",buf);
1987 				if (c_showcerts)
1988 					PEM_write_bio_X509(bio,sk_X509_value(sk,i));
1989 				}
1990 			}
1991 
1992 		BIO_printf(bio,"---\n");
1993 		peer=SSL_get_peer_certificate(s);
1994 		if (peer != NULL)
1995 			{
1996 			BIO_printf(bio,"Server certificate\n");
1997 			if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */
1998 				PEM_write_bio_X509(bio,peer);
1999 			X509_NAME_oneline(X509_get_subject_name(peer),
2000 				buf,sizeof buf);
2001 			BIO_printf(bio,"subject=%s\n",buf);
2002 			X509_NAME_oneline(X509_get_issuer_name(peer),
2003 				buf,sizeof buf);
2004 			BIO_printf(bio,"issuer=%s\n",buf);
2005 			}
2006 		else
2007 			BIO_printf(bio,"no peer certificate available\n");
2008 
2009 		sk2=SSL_get_client_CA_list(s);
2010 		if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0))
2011 			{
2012 			BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
2013 			for (i=0; i<sk_X509_NAME_num(sk2); i++)
2014 				{
2015 				xn=sk_X509_NAME_value(sk2,i);
2016 				X509_NAME_oneline(xn,buf,sizeof(buf));
2017 				BIO_write(bio,buf,strlen(buf));
2018 				BIO_write(bio,"\n",1);
2019 				}
2020 			}
2021 		else
2022 			{
2023 			BIO_printf(bio,"---\nNo client certificate CA names sent\n");
2024 			}
2025 		p=SSL_get_shared_ciphers(s,buf,sizeof buf);
2026 		if (p != NULL)
2027 			{
2028 			/* This works only for SSL 2.  In later protocol
2029 			 * versions, the client does not know what other
2030 			 * ciphers (in addition to the one to be used
2031 			 * in the current connection) the server supports. */
2032 
2033 			BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
2034 			j=i=0;
2035 			while (*p)
2036 				{
2037 				if (*p == ':')
2038 					{
2039 					BIO_write(bio,space,15-j%25);
2040 					i++;
2041 					j=0;
2042 					BIO_write(bio,((i%3)?" ":"\n"),1);
2043 					}
2044 				else
2045 					{
2046 					BIO_write(bio,p,1);
2047 					j++;
2048 					}
2049 				p++;
2050 				}
2051 			BIO_write(bio,"\n",1);
2052 			}
2053 
2054 		BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
2055 			BIO_number_read(SSL_get_rbio(s)),
2056 			BIO_number_written(SSL_get_wbio(s)));
2057 		}
2058 	BIO_printf(bio,(SSL_cache_hit(s)?"---\nReused, ":"---\nNew, "));
2059 	c=SSL_get_current_cipher(s);
2060 	BIO_printf(bio,"%s, Cipher is %s\n",
2061 		SSL_CIPHER_get_version(c),
2062 		SSL_CIPHER_get_name(c));
2063 	if (peer != NULL) {
2064 		EVP_PKEY *pktmp;
2065 		pktmp = X509_get_pubkey(peer);
2066 		BIO_printf(bio,"Server public key is %d bit\n",
2067 							 EVP_PKEY_bits(pktmp));
2068 		EVP_PKEY_free(pktmp);
2069 	}
2070 	BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
2071 			SSL_get_secure_renegotiation_support(s) ? "" : " NOT");
2072 #ifndef OPENSSL_NO_COMP
2073 	comp=SSL_get_current_compression(s);
2074 	expansion=SSL_get_current_expansion(s);
2075 	BIO_printf(bio,"Compression: %s\n",
2076 		comp ? SSL_COMP_get_name(comp) : "NONE");
2077 	BIO_printf(bio,"Expansion: %s\n",
2078 		expansion ? SSL_COMP_get_name(expansion) : "NONE");
2079 #endif
2080 
2081 #ifdef SSL_DEBUG
2082 	{
2083 	/* Print out local port of connection: useful for debugging */
2084 	int sock;
2085 	struct sockaddr_in ladd;
2086 	socklen_t ladd_size = sizeof(ladd);
2087 	sock = SSL_get_fd(s);
2088 	getsockname(sock, (struct sockaddr *)&ladd, &ladd_size);
2089 	BIO_printf(bio_c_out, "LOCAL PORT is %u\n", ntohs(ladd.sin_port));
2090 	}
2091 #endif
2092 
2093 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2094 	if (next_proto.status != -1) {
2095 		const unsigned char *proto;
2096 		unsigned int proto_len;
2097 		SSL_get0_next_proto_negotiated(s, &proto, &proto_len);
2098 		BIO_printf(bio, "Next protocol: (%d) ", next_proto.status);
2099 		BIO_write(bio, proto, proto_len);
2100 		BIO_write(bio, "\n", 1);
2101 	}
2102 #endif
2103 
2104 #ifndef OPENSSL_NO_SRTP
2105  	{
2106  	SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s);
2107 
2108 	if(srtp_profile)
2109 		BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n",
2110 			   srtp_profile->name);
2111 	}
2112 #endif
2113 
2114 	SSL_SESSION_print(bio,SSL_get_session(s));
2115 	if (keymatexportlabel != NULL)
2116 		{
2117 		BIO_printf(bio, "Keying material exporter:\n");
2118 		BIO_printf(bio, "    Label: '%s'\n", keymatexportlabel);
2119 		BIO_printf(bio, "    Length: %i bytes\n", keymatexportlen);
2120 		exportedkeymat = OPENSSL_malloc(keymatexportlen);
2121 		if (exportedkeymat != NULL)
2122 			{
2123 			if (!SSL_export_keying_material(s, exportedkeymat,
2124 						        keymatexportlen,
2125 						        keymatexportlabel,
2126 						        strlen(keymatexportlabel),
2127 						        NULL, 0, 0))
2128 				{
2129 				BIO_printf(bio, "    Error\n");
2130 				}
2131 			else
2132 				{
2133 				BIO_printf(bio, "    Keying material: ");
2134 				for (i=0; i<keymatexportlen; i++)
2135 					BIO_printf(bio, "%02X",
2136 						   exportedkeymat[i]);
2137 				BIO_printf(bio, "\n");
2138 				}
2139 			OPENSSL_free(exportedkeymat);
2140 			}
2141 		}
2142 	BIO_printf(bio,"---\n");
2143 	if (peer != NULL)
2144 		X509_free(peer);
2145 	/* flush, or debugging output gets mixed with http response */
2146 	(void)BIO_flush(bio);
2147 	}
2148 
2149 #ifndef OPENSSL_NO_TLSEXT
2150 
2151 static int ocsp_resp_cb(SSL *s, void *arg)
2152 	{
2153 	const unsigned char *p;
2154 	int len;
2155 	OCSP_RESPONSE *rsp;
2156 	len = SSL_get_tlsext_status_ocsp_resp(s, &p);
2157 	BIO_puts(arg, "OCSP response: ");
2158 	if (!p)
2159 		{
2160 		BIO_puts(arg, "no response sent\n");
2161 		return 1;
2162 		}
2163 	rsp = d2i_OCSP_RESPONSE(NULL, &p, len);
2164 	if (!rsp)
2165 		{
2166 		BIO_puts(arg, "response parse error\n");
2167 		BIO_dump_indent(arg, (char *)p, len, 4);
2168 		return 0;
2169 		}
2170 	BIO_puts(arg, "\n======================================\n");
2171 	OCSP_RESPONSE_print(arg, rsp, 0);
2172 	BIO_puts(arg, "======================================\n");
2173 	OCSP_RESPONSE_free(rsp);
2174 	return 1;
2175 	}
2176 
2177 #endif
2178