1 /* apps/s_server.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 /* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143 /* 144 * Until the key-gen callbacks are modified to use newer prototypes, we allow 145 * deprecated functions for openssl-internal code 146 */ 147 #ifdef OPENSSL_NO_DEPRECATED 148 # undef OPENSSL_NO_DEPRECATED 149 #endif 150 151 #include <assert.h> 152 #include <ctype.h> 153 #include <stdio.h> 154 #include <stdlib.h> 155 #include <string.h> 156 157 #include <openssl/e_os2.h> 158 #ifdef OPENSSL_NO_STDIO 159 # define APPS_WIN16 160 #endif 161 162 /* conflicts with winsock2 stuff on netware */ 163 #if !defined(OPENSSL_SYS_NETWARE) 164 # include <sys/types.h> 165 #endif 166 167 /* 168 * With IPv6, it looks like Digital has mixed up the proper order of 169 * recursive header file inclusion, resulting in the compiler complaining 170 * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is 171 * needed to have fileno() declared correctly... So let's define u_int 172 */ 173 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 174 # define __U_INT 175 typedef unsigned int u_int; 176 #endif 177 178 #include <openssl/lhash.h> 179 #include <openssl/bn.h> 180 #define USE_SOCKETS 181 #include "apps.h" 182 #include <openssl/err.h> 183 #include <openssl/pem.h> 184 #include <openssl/x509.h> 185 #include <openssl/ssl.h> 186 #include <openssl/rand.h> 187 #include <openssl/ocsp.h> 188 #ifndef OPENSSL_NO_DH 189 # include <openssl/dh.h> 190 #endif 191 #ifndef OPENSSL_NO_RSA 192 # include <openssl/rsa.h> 193 #endif 194 #ifndef OPENSSL_NO_SRP 195 # include <openssl/srp.h> 196 #endif 197 #include "s_apps.h" 198 #include "timeouts.h" 199 200 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 201 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 202 # undef FIONBIO 203 #endif 204 205 #if defined(OPENSSL_SYS_BEOS_R5) 206 # include <fcntl.h> 207 #endif 208 209 #ifndef OPENSSL_NO_RSA 210 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 211 #endif 212 static int sv_body(char *hostname, int s, unsigned char *context); 213 static int www_body(char *hostname, int s, unsigned char *context); 214 static void close_accept_socket(void); 215 static void sv_usage(void); 216 static int init_ssl_connection(SSL *s); 217 static void print_stats(BIO *bp, SSL_CTX *ctx); 218 static int generate_session_id(const SSL *ssl, unsigned char *id, 219 unsigned int *id_len); 220 #ifndef OPENSSL_NO_DH 221 static DH *load_dh_param(const char *dhfile); 222 static DH *get_dh512(void); 223 #endif 224 225 #ifdef MONOLITH 226 static void s_server_init(void); 227 #endif 228 229 #ifndef OPENSSL_NO_DH 230 static unsigned char dh512_p[] = { 231 0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75, 232 0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F, 233 0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3, 234 0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12, 235 0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C, 236 0x47, 0x74, 0xE8, 0x33, 237 }; 238 239 static unsigned char dh512_g[] = { 240 0x02, 241 }; 242 243 static DH *get_dh512(void) 244 { 245 DH *dh = NULL; 246 247 if ((dh = DH_new()) == NULL) 248 return (NULL); 249 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); 250 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); 251 if ((dh->p == NULL) || (dh->g == NULL)) 252 return (NULL); 253 return (dh); 254 } 255 #endif 256 257 /* static int load_CA(SSL_CTX *ctx, char *file);*/ 258 259 #undef BUFSIZZ 260 #define BUFSIZZ 16*1024 261 static int bufsize = BUFSIZZ; 262 static int accept_socket = -1; 263 264 #define TEST_CERT "server.pem" 265 #ifndef OPENSSL_NO_TLSEXT 266 # define TEST_CERT2 "server2.pem" 267 #endif 268 #undef PROG 269 #define PROG s_server_main 270 271 extern int verify_depth, verify_return_error; 272 273 static char *cipher = NULL; 274 static int s_server_verify = SSL_VERIFY_NONE; 275 static int s_server_session_id_context = 1; /* anything will do */ 276 static const char *s_cert_file = TEST_CERT, *s_key_file = NULL; 277 #ifndef OPENSSL_NO_TLSEXT 278 static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL; 279 #endif 280 static char *s_dcert_file = NULL, *s_dkey_file = NULL; 281 #ifdef FIONBIO 282 static int s_nbio = 0; 283 #endif 284 static int s_nbio_test = 0; 285 int s_crlf = 0; 286 static SSL_CTX *ctx = NULL; 287 #ifndef OPENSSL_NO_TLSEXT 288 static SSL_CTX *ctx2 = NULL; 289 #endif 290 static int www = 0; 291 292 static BIO *bio_s_out = NULL; 293 static int s_debug = 0; 294 #ifndef OPENSSL_NO_TLSEXT 295 static int s_tlsextdebug = 0; 296 static int s_tlsextstatus = 0; 297 static int cert_status_cb(SSL *s, void *arg); 298 #endif 299 static int s_msg = 0; 300 static int s_quiet = 0; 301 302 static char *keymatexportlabel = NULL; 303 static int keymatexportlen = 20; 304 305 static int hack = 0; 306 #ifndef OPENSSL_NO_ENGINE 307 static char *engine_id = NULL; 308 #endif 309 static const char *session_id_prefix = NULL; 310 311 static int enable_timeouts = 0; 312 static long socket_mtu; 313 #ifndef OPENSSL_NO_DTLS1 314 static int cert_chain = 0; 315 #endif 316 317 #ifndef OPENSSL_NO_PSK 318 static char *psk_identity = "Client_identity"; 319 char *psk_key = NULL; /* by default PSK is not used */ 320 321 static unsigned int psk_server_cb(SSL *ssl, const char *identity, 322 unsigned char *psk, 323 unsigned int max_psk_len) 324 { 325 unsigned int psk_len = 0; 326 int ret; 327 BIGNUM *bn = NULL; 328 329 if (s_debug) 330 BIO_printf(bio_s_out, "psk_server_cb\n"); 331 if (!identity) { 332 BIO_printf(bio_err, "Error: client did not send PSK identity\n"); 333 goto out_err; 334 } 335 if (s_debug) 336 BIO_printf(bio_s_out, "identity_len=%d identity=%s\n", 337 (int)strlen(identity), identity); 338 339 /* here we could lookup the given identity e.g. from a database */ 340 if (strcmp(identity, psk_identity) != 0) { 341 BIO_printf(bio_s_out, "PSK error: client identity not found" 342 " (got '%s' expected '%s')\n", identity, psk_identity); 343 goto out_err; 344 } 345 if (s_debug) 346 BIO_printf(bio_s_out, "PSK client identity found\n"); 347 348 /* convert the PSK key to binary */ 349 ret = BN_hex2bn(&bn, psk_key); 350 if (!ret) { 351 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", 352 psk_key); 353 if (bn) 354 BN_free(bn); 355 return 0; 356 } 357 if (BN_num_bytes(bn) > (int)max_psk_len) { 358 BIO_printf(bio_err, 359 "psk buffer of callback is too small (%d) for key (%d)\n", 360 max_psk_len, BN_num_bytes(bn)); 361 BN_free(bn); 362 return 0; 363 } 364 365 ret = BN_bn2bin(bn, psk); 366 BN_free(bn); 367 368 if (ret < 0) 369 goto out_err; 370 psk_len = (unsigned int)ret; 371 372 if (s_debug) 373 BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len); 374 return psk_len; 375 out_err: 376 if (s_debug) 377 BIO_printf(bio_err, "Error in PSK server callback\n"); 378 return 0; 379 } 380 #endif 381 382 #ifndef OPENSSL_NO_SRP 383 /* This is a context that we pass to callbacks */ 384 typedef struct srpsrvparm_st { 385 char *login; 386 SRP_VBASE *vb; 387 SRP_user_pwd *user; 388 } srpsrvparm; 389 390 /* 391 * This callback pretends to require some asynchronous logic in order to 392 * obtain a verifier. When the callback is called for a new connection we 393 * return with a negative value. This will provoke the accept etc to return 394 * with an LOOKUP_X509. The main logic of the reinvokes the suspended call 395 * (which would normally occur after a worker has finished) and we set the 396 * user parameters. 397 */ 398 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 399 { 400 srpsrvparm *p = (srpsrvparm *) arg; 401 if (p->login == NULL && p->user == NULL) { 402 p->login = SSL_get_srp_username(s); 403 BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login); 404 return (-1); 405 } 406 407 if (p->user == NULL) { 408 BIO_printf(bio_err, "User %s doesn't exist\n", p->login); 409 return SSL3_AL_FATAL; 410 } 411 if (SSL_set_srp_server_param 412 (s, p->user->N, p->user->g, p->user->s, p->user->v, 413 p->user->info) < 0) { 414 *ad = SSL_AD_INTERNAL_ERROR; 415 return SSL3_AL_FATAL; 416 } 417 BIO_printf(bio_err, 418 "SRP parameters set: username = \"%s\" info=\"%s\" \n", 419 p->login, p->user->info); 420 /* need to check whether there are memory leaks */ 421 p->user = NULL; 422 p->login = NULL; 423 return SSL_ERROR_NONE; 424 } 425 426 #endif 427 428 #ifdef MONOLITH 429 static void s_server_init(void) 430 { 431 accept_socket = -1; 432 cipher = NULL; 433 s_server_verify = SSL_VERIFY_NONE; 434 s_dcert_file = NULL; 435 s_dkey_file = NULL; 436 s_cert_file = TEST_CERT; 437 s_key_file = NULL; 438 # ifndef OPENSSL_NO_TLSEXT 439 s_cert_file2 = TEST_CERT2; 440 s_key_file2 = NULL; 441 ctx2 = NULL; 442 # endif 443 # ifdef FIONBIO 444 s_nbio = 0; 445 # endif 446 s_nbio_test = 0; 447 ctx = NULL; 448 www = 0; 449 450 bio_s_out = NULL; 451 s_debug = 0; 452 s_msg = 0; 453 s_quiet = 0; 454 hack = 0; 455 # ifndef OPENSSL_NO_ENGINE 456 engine_id = NULL; 457 # endif 458 } 459 #endif 460 461 static void sv_usage(void) 462 { 463 BIO_printf(bio_err, "usage: s_server [args ...]\n"); 464 BIO_printf(bio_err, "\n"); 465 BIO_printf(bio_err, 466 " -accept arg - port to accept on (default is %d)\n", PORT); 467 BIO_printf(bio_err, " -context arg - set session ID context\n"); 468 BIO_printf(bio_err, 469 " -verify arg - turn on peer certificate verification\n"); 470 BIO_printf(bio_err, 471 " -Verify arg - turn on peer certificate verification, must have a cert.\n"); 472 BIO_printf(bio_err, 473 " -verify_return_error - return verification errors\n"); 474 BIO_printf(bio_err, " -cert arg - certificate file to use\n"); 475 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT); 476 BIO_printf(bio_err, 477 " -crl_check - check the peer certificate has not been revoked by its CA.\n" 478 " The CRL(s) are appended to the certificate file\n"); 479 BIO_printf(bio_err, 480 " -crl_check_all - check the peer certificate has not been revoked by its CA\n" 481 " or any other CRL in the CA chain. CRL(s) are appened to the\n" 482 " the certificate file.\n"); 483 BIO_printf(bio_err, 484 " -certform arg - certificate format (PEM or DER) PEM default\n"); 485 BIO_printf(bio_err, 486 " -key arg - Private Key file to use, in cert file if\n"); 487 BIO_printf(bio_err, " not specified (default is %s)\n", 488 TEST_CERT); 489 BIO_printf(bio_err, 490 " -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); 491 BIO_printf(bio_err, 492 " -pass arg - private key file pass phrase source\n"); 493 BIO_printf(bio_err, 494 " -dcert arg - second certificate file to use (usually for DSA)\n"); 495 BIO_printf(bio_err, 496 " -dcertform x - second certificate format (PEM or DER) PEM default\n"); 497 BIO_printf(bio_err, 498 " -dkey arg - second private key file to use (usually for DSA)\n"); 499 BIO_printf(bio_err, 500 " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); 501 BIO_printf(bio_err, 502 " -dpass arg - second private key file pass phrase source\n"); 503 BIO_printf(bio_err, 504 " -dhparam arg - DH parameter file to use, in cert file if not specified\n"); 505 BIO_printf(bio_err, 506 " or a default set of parameters is used\n"); 507 #ifndef OPENSSL_NO_ECDH 508 BIO_printf(bio_err, 509 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" 510 " Use \"openssl ecparam -list_curves\" for all names\n" 511 " (default is nistp256).\n"); 512 #endif 513 #ifdef FIONBIO 514 BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n"); 515 #endif 516 BIO_printf(bio_err, 517 " -nbio_test - test with the non-blocking test bio\n"); 518 BIO_printf(bio_err, 519 " -crlf - convert LF from terminal into CRLF\n"); 520 BIO_printf(bio_err, " -debug - Print more output\n"); 521 BIO_printf(bio_err, " -msg - Show protocol messages\n"); 522 BIO_printf(bio_err, " -state - Print the SSL states\n"); 523 BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n"); 524 BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n"); 525 BIO_printf(bio_err, 526 " -nocert - Don't use any certificates (Anon-DH)\n"); 527 BIO_printf(bio_err, 528 " -cipher arg - play with 'openssl ciphers' to see what goes here\n"); 529 BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n"); 530 BIO_printf(bio_err, " -quiet - No server output\n"); 531 BIO_printf(bio_err, " -no_tmp_rsa - Do not generate a tmp RSA key\n"); 532 #ifndef OPENSSL_NO_PSK 533 BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n"); 534 BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n"); 535 # ifndef OPENSSL_NO_JPAKE 536 BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n"); 537 # endif 538 #endif 539 #ifndef OPENSSL_NO_SRP 540 BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n"); 541 BIO_printf(bio_err, 542 " -srpuserseed string - A seed string for a default user salt.\n"); 543 #endif 544 BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n"); 545 #ifndef OPENSSL_NO_SSL3_METHOD 546 BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n"); 547 #endif 548 BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n"); 549 BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n"); 550 BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n"); 551 BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n"); 552 BIO_printf(bio_err, " -timeout - Enable timeouts\n"); 553 BIO_printf(bio_err, " -mtu - Set link layer MTU\n"); 554 BIO_printf(bio_err, " -chain - Read a certificate chain\n"); 555 BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n"); 556 BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n"); 557 BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n"); 558 BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n"); 559 BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n"); 560 #ifndef OPENSSL_NO_DH 561 BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n"); 562 #endif 563 #ifndef OPENSSL_NO_ECDH 564 BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n"); 565 #endif 566 BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n"); 567 BIO_printf(bio_err, 568 " -hack - workaround for early Netscape code\n"); 569 BIO_printf(bio_err, 570 " -www - Respond to a 'GET /' with a status page\n"); 571 BIO_printf(bio_err, 572 " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 573 BIO_printf(bio_err, 574 " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 575 BIO_printf(bio_err, 576 " with the assumption it contains a complete HTTP response.\n"); 577 #ifndef OPENSSL_NO_ENGINE 578 BIO_printf(bio_err, 579 " -engine id - Initialise and use the specified engine\n"); 580 #endif 581 BIO_printf(bio_err, 582 " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); 583 BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, 584 LIST_SEPARATOR_CHAR); 585 #ifndef OPENSSL_NO_TLSEXT 586 BIO_printf(bio_err, 587 " -servername host - servername for HostName TLS extension\n"); 588 BIO_printf(bio_err, 589 " -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); 590 BIO_printf(bio_err, 591 " -cert2 arg - certificate file to use for servername\n"); 592 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT2); 593 BIO_printf(bio_err, 594 " -key2 arg - Private Key file to use for servername, in cert file if\n"); 595 BIO_printf(bio_err, " not specified (default is %s)\n", 596 TEST_CERT2); 597 BIO_printf(bio_err, 598 " -tlsextdebug - hex dump of all TLS extensions received\n"); 599 BIO_printf(bio_err, 600 " -no_ticket - disable use of RFC4507bis session tickets\n"); 601 BIO_printf(bio_err, 602 " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 603 # ifndef OPENSSL_NO_NEXTPROTONEG 604 BIO_printf(bio_err, 605 " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); 606 # endif 607 # ifndef OPENSSL_NO_SRTP 608 BIO_printf(bio_err, 609 " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 610 # endif 611 #endif 612 BIO_printf(bio_err, 613 " -keymatexport label - Export keying material using label\n"); 614 BIO_printf(bio_err, 615 " -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 616 BIO_printf(bio_err, 617 " -status - respond to certificate status requests\n"); 618 BIO_printf(bio_err, 619 " -status_verbose - enable status request verbose printout\n"); 620 BIO_printf(bio_err, 621 " -status_timeout n - status request responder timeout\n"); 622 BIO_printf(bio_err, " -status_url URL - status request fallback URL\n"); 623 } 624 625 static int local_argc = 0; 626 static char **local_argv; 627 628 #ifdef CHARSET_EBCDIC 629 static int ebcdic_new(BIO *bi); 630 static int ebcdic_free(BIO *a); 631 static int ebcdic_read(BIO *b, char *out, int outl); 632 static int ebcdic_write(BIO *b, const char *in, int inl); 633 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr); 634 static int ebcdic_gets(BIO *bp, char *buf, int size); 635 static int ebcdic_puts(BIO *bp, const char *str); 636 637 # define BIO_TYPE_EBCDIC_FILTER (18|0x0200) 638 static BIO_METHOD methods_ebcdic = { 639 BIO_TYPE_EBCDIC_FILTER, 640 "EBCDIC/ASCII filter", 641 ebcdic_write, 642 ebcdic_read, 643 ebcdic_puts, 644 ebcdic_gets, 645 ebcdic_ctrl, 646 ebcdic_new, 647 ebcdic_free, 648 }; 649 650 typedef struct { 651 size_t alloced; 652 char buff[1]; 653 } EBCDIC_OUTBUFF; 654 655 BIO_METHOD *BIO_f_ebcdic_filter() 656 { 657 return (&methods_ebcdic); 658 } 659 660 static int ebcdic_new(BIO *bi) 661 { 662 EBCDIC_OUTBUFF *wbuf; 663 664 wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); 665 if (!wbuf) 666 return 0; 667 wbuf->alloced = 1024; 668 wbuf->buff[0] = '\0'; 669 670 bi->ptr = (char *)wbuf; 671 bi->init = 1; 672 bi->flags = 0; 673 return (1); 674 } 675 676 static int ebcdic_free(BIO *a) 677 { 678 if (a == NULL) 679 return (0); 680 if (a->ptr != NULL) 681 OPENSSL_free(a->ptr); 682 a->ptr = NULL; 683 a->init = 0; 684 a->flags = 0; 685 return (1); 686 } 687 688 static int ebcdic_read(BIO *b, char *out, int outl) 689 { 690 int ret = 0; 691 692 if (out == NULL || outl == 0) 693 return (0); 694 if (b->next_bio == NULL) 695 return (0); 696 697 ret = BIO_read(b->next_bio, out, outl); 698 if (ret > 0) 699 ascii2ebcdic(out, out, ret); 700 return (ret); 701 } 702 703 static int ebcdic_write(BIO *b, const char *in, int inl) 704 { 705 EBCDIC_OUTBUFF *wbuf; 706 int ret = 0; 707 int num; 708 unsigned char n; 709 710 if ((in == NULL) || (inl <= 0)) 711 return (0); 712 if (b->next_bio == NULL) 713 return (0); 714 715 wbuf = (EBCDIC_OUTBUFF *) b->ptr; 716 717 if (inl > (num = wbuf->alloced)) { 718 num = num + num; /* double the size */ 719 if (num < inl) 720 num = inl; 721 wbuf = 722 (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); 723 if(!wbuf) 724 return 0; 725 OPENSSL_free(b->ptr); 726 727 wbuf->alloced = num; 728 wbuf->buff[0] = '\0'; 729 730 b->ptr = (char *)wbuf; 731 } 732 733 ebcdic2ascii(wbuf->buff, in, inl); 734 735 ret = BIO_write(b->next_bio, wbuf->buff, inl); 736 737 return (ret); 738 } 739 740 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr) 741 { 742 long ret; 743 744 if (b->next_bio == NULL) 745 return (0); 746 switch (cmd) { 747 case BIO_CTRL_DUP: 748 ret = 0L; 749 break; 750 default: 751 ret = BIO_ctrl(b->next_bio, cmd, num, ptr); 752 break; 753 } 754 return (ret); 755 } 756 757 static int ebcdic_gets(BIO *bp, char *buf, int size) 758 { 759 int i, ret = 0; 760 if (bp->next_bio == NULL) 761 return (0); 762 /* return(BIO_gets(bp->next_bio,buf,size));*/ 763 for (i = 0; i < size - 1; ++i) { 764 ret = ebcdic_read(bp, &buf[i], 1); 765 if (ret <= 0) 766 break; 767 else if (buf[i] == '\n') { 768 ++i; 769 break; 770 } 771 } 772 if (i < size) 773 buf[i] = '\0'; 774 return (ret < 0 && i == 0) ? ret : i; 775 } 776 777 static int ebcdic_puts(BIO *bp, const char *str) 778 { 779 if (bp->next_bio == NULL) 780 return (0); 781 return ebcdic_write(bp, str, strlen(str)); 782 } 783 #endif 784 785 #ifndef OPENSSL_NO_TLSEXT 786 787 /* This is a context that we pass to callbacks */ 788 typedef struct tlsextctx_st { 789 char *servername; 790 BIO *biodebug; 791 int extension_error; 792 } tlsextctx; 793 794 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 795 { 796 tlsextctx *p = (tlsextctx *) arg; 797 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 798 if (servername && p->biodebug) 799 BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n", 800 servername); 801 802 if (!p->servername) 803 return SSL_TLSEXT_ERR_NOACK; 804 805 if (servername) { 806 if (strcasecmp(servername, p->servername)) 807 return p->extension_error; 808 if (ctx2) { 809 BIO_printf(p->biodebug, "Switching server context.\n"); 810 SSL_set_SSL_CTX(s, ctx2); 811 } 812 } 813 return SSL_TLSEXT_ERR_OK; 814 } 815 816 /* Structure passed to cert status callback */ 817 818 typedef struct tlsextstatusctx_st { 819 /* Default responder to use */ 820 char *host, *path, *port; 821 int use_ssl; 822 int timeout; 823 BIO *err; 824 int verbose; 825 } tlsextstatusctx; 826 827 static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, NULL, 0 }; 828 829 /* 830 * Certificate Status callback. This is called when a client includes a 831 * certificate status request extension. This is a simplified version. It 832 * examines certificates each time and makes one OCSP responder query for 833 * each request. A full version would store details such as the OCSP 834 * certificate IDs and minimise the number of OCSP responses by caching them 835 * until they were considered "expired". 836 */ 837 838 static int cert_status_cb(SSL *s, void *arg) 839 { 840 tlsextstatusctx *srctx = arg; 841 BIO *err = srctx->err; 842 char *host, *port, *path; 843 int use_ssl; 844 unsigned char *rspder = NULL; 845 int rspderlen; 846 STACK_OF(OPENSSL_STRING) *aia = NULL; 847 X509 *x = NULL; 848 X509_STORE_CTX inctx; 849 X509_OBJECT obj; 850 OCSP_REQUEST *req = NULL; 851 OCSP_RESPONSE *resp = NULL; 852 OCSP_CERTID *id = NULL; 853 STACK_OF(X509_EXTENSION) *exts; 854 int ret = SSL_TLSEXT_ERR_NOACK; 855 int i; 856 # if 0 857 STACK_OF(OCSP_RESPID) *ids; 858 SSL_get_tlsext_status_ids(s, &ids); 859 BIO_printf(err, "cert_status: received %d ids\n", 860 sk_OCSP_RESPID_num(ids)); 861 # endif 862 if (srctx->verbose) 863 BIO_puts(err, "cert_status: callback called\n"); 864 /* Build up OCSP query from server certificate */ 865 x = SSL_get_certificate(s); 866 aia = X509_get1_ocsp(x); 867 if (aia) { 868 if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), 869 &host, &port, &path, &use_ssl)) { 870 BIO_puts(err, "cert_status: can't parse AIA URL\n"); 871 goto err; 872 } 873 if (srctx->verbose) 874 BIO_printf(err, "cert_status: AIA URL: %s\n", 875 sk_OPENSSL_STRING_value(aia, 0)); 876 } else { 877 if (!srctx->host) { 878 BIO_puts(srctx->err, 879 "cert_status: no AIA and no default responder URL\n"); 880 goto done; 881 } 882 host = srctx->host; 883 path = srctx->path; 884 port = srctx->port; 885 use_ssl = srctx->use_ssl; 886 } 887 888 if (!X509_STORE_CTX_init(&inctx, 889 SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), 890 NULL, NULL)) 891 goto err; 892 if (X509_STORE_get_by_subject(&inctx, X509_LU_X509, 893 X509_get_issuer_name(x), &obj) <= 0) { 894 BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); 895 X509_STORE_CTX_cleanup(&inctx); 896 goto done; 897 } 898 req = OCSP_REQUEST_new(); 899 if (!req) 900 goto err; 901 id = OCSP_cert_to_id(NULL, x, obj.data.x509); 902 X509_free(obj.data.x509); 903 X509_STORE_CTX_cleanup(&inctx); 904 if (!id) 905 goto err; 906 if (!OCSP_request_add0_id(req, id)) 907 goto err; 908 id = NULL; 909 /* Add any extensions to the request */ 910 SSL_get_tlsext_status_exts(s, &exts); 911 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { 912 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); 913 if (!OCSP_REQUEST_add_ext(req, ext, -1)) 914 goto err; 915 } 916 resp = process_responder(err, req, host, path, port, use_ssl, NULL, 917 srctx->timeout); 918 if (!resp) { 919 BIO_puts(err, "cert_status: error querying responder\n"); 920 goto done; 921 } 922 rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); 923 if (rspderlen <= 0) 924 goto err; 925 SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); 926 if (srctx->verbose) { 927 BIO_puts(err, "cert_status: ocsp response sent:\n"); 928 OCSP_RESPONSE_print(err, resp, 2); 929 } 930 ret = SSL_TLSEXT_ERR_OK; 931 done: 932 if (ret != SSL_TLSEXT_ERR_OK) 933 ERR_print_errors(err); 934 if (aia) { 935 OPENSSL_free(host); 936 OPENSSL_free(path); 937 OPENSSL_free(port); 938 X509_email_free(aia); 939 } 940 if (id) 941 OCSP_CERTID_free(id); 942 if (req) 943 OCSP_REQUEST_free(req); 944 if (resp) 945 OCSP_RESPONSE_free(resp); 946 return ret; 947 err: 948 ret = SSL_TLSEXT_ERR_ALERT_FATAL; 949 goto done; 950 } 951 952 # ifndef OPENSSL_NO_NEXTPROTONEG 953 /* This is the context that we pass to next_proto_cb */ 954 typedef struct tlsextnextprotoctx_st { 955 unsigned char *data; 956 unsigned int len; 957 } tlsextnextprotoctx; 958 959 static int next_proto_cb(SSL *s, const unsigned char **data, 960 unsigned int *len, void *arg) 961 { 962 tlsextnextprotoctx *next_proto = arg; 963 964 *data = next_proto->data; 965 *len = next_proto->len; 966 967 return SSL_TLSEXT_ERR_OK; 968 } 969 # endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 970 971 #endif 972 973 int MAIN(int, char **); 974 975 #ifndef OPENSSL_NO_JPAKE 976 static char *jpake_secret = NULL; 977 #endif 978 #ifndef OPENSSL_NO_SRP 979 static srpsrvparm srp_callback_parm; 980 #endif 981 #ifndef OPENSSL_NO_SRTP 982 static char *srtp_profiles = NULL; 983 #endif 984 985 int MAIN(int argc, char *argv[]) 986 { 987 X509_VERIFY_PARAM *vpm = NULL; 988 int badarg = 0; 989 short port = PORT; 990 char *CApath = NULL, *CAfile = NULL; 991 unsigned char *context = NULL; 992 char *dhfile = NULL; 993 #ifndef OPENSSL_NO_ECDH 994 char *named_curve = NULL; 995 #endif 996 int badop = 0, bugs = 0; 997 int ret = 1; 998 int off = 0; 999 int no_tmp_rsa = 0, no_dhe = 0, nocert = 0; 1000 #ifndef OPENSSL_NO_ECDH 1001 int no_ecdhe; 1002 #endif 1003 int state = 0; 1004 const SSL_METHOD *meth = NULL; 1005 int socket_type = SOCK_STREAM; 1006 ENGINE *e = NULL; 1007 char *inrand = NULL; 1008 int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; 1009 char *passarg = NULL, *pass = NULL; 1010 char *dpassarg = NULL, *dpass = NULL; 1011 int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; 1012 X509 *s_cert = NULL, *s_dcert = NULL; 1013 EVP_PKEY *s_key = NULL, *s_dkey = NULL; 1014 int no_cache = 0; 1015 #ifndef OPENSSL_NO_TLSEXT 1016 EVP_PKEY *s_key2 = NULL; 1017 X509 *s_cert2 = NULL; 1018 tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING }; 1019 # ifndef OPENSSL_NO_NEXTPROTONEG 1020 const char *next_proto_neg_in = NULL; 1021 tlsextnextprotoctx next_proto; 1022 # endif 1023 #endif 1024 #ifndef OPENSSL_NO_PSK 1025 /* by default do not send a PSK identity hint */ 1026 static char *psk_identity_hint = NULL; 1027 #endif 1028 #ifndef OPENSSL_NO_SRP 1029 char *srpuserseed = NULL; 1030 char *srp_verifier_file = NULL; 1031 #endif 1032 meth = SSLv23_server_method(); 1033 1034 local_argc = argc; 1035 local_argv = argv; 1036 1037 apps_startup(); 1038 #ifdef MONOLITH 1039 s_server_init(); 1040 #endif 1041 1042 if (bio_err == NULL) 1043 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); 1044 1045 if (!load_config(bio_err, NULL)) 1046 goto end; 1047 1048 verify_depth = 0; 1049 #ifdef FIONBIO 1050 s_nbio = 0; 1051 #endif 1052 s_nbio_test = 0; 1053 1054 argc--; 1055 argv++; 1056 1057 while (argc >= 1) { 1058 if ((strcmp(*argv, "-port") == 0) || (strcmp(*argv, "-accept") == 0)) { 1059 if (--argc < 1) 1060 goto bad; 1061 if (!extract_port(*(++argv), &port)) 1062 goto bad; 1063 } else if (strcmp(*argv, "-verify") == 0) { 1064 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; 1065 if (--argc < 1) 1066 goto bad; 1067 verify_depth = atoi(*(++argv)); 1068 BIO_printf(bio_err, "verify depth is %d\n", verify_depth); 1069 } else if (strcmp(*argv, "-Verify") == 0) { 1070 s_server_verify = 1071 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | 1072 SSL_VERIFY_CLIENT_ONCE; 1073 if (--argc < 1) 1074 goto bad; 1075 verify_depth = atoi(*(++argv)); 1076 BIO_printf(bio_err, 1077 "verify depth is %d, must return a certificate\n", 1078 verify_depth); 1079 } else if (strcmp(*argv, "-context") == 0) { 1080 if (--argc < 1) 1081 goto bad; 1082 context = (unsigned char *)*(++argv); 1083 } else if (strcmp(*argv, "-cert") == 0) { 1084 if (--argc < 1) 1085 goto bad; 1086 s_cert_file = *(++argv); 1087 } else if (strcmp(*argv, "-certform") == 0) { 1088 if (--argc < 1) 1089 goto bad; 1090 s_cert_format = str2fmt(*(++argv)); 1091 } else if (strcmp(*argv, "-key") == 0) { 1092 if (--argc < 1) 1093 goto bad; 1094 s_key_file = *(++argv); 1095 } else if (strcmp(*argv, "-keyform") == 0) { 1096 if (--argc < 1) 1097 goto bad; 1098 s_key_format = str2fmt(*(++argv)); 1099 } else if (strcmp(*argv, "-pass") == 0) { 1100 if (--argc < 1) 1101 goto bad; 1102 passarg = *(++argv); 1103 } else if (strcmp(*argv, "-dhparam") == 0) { 1104 if (--argc < 1) 1105 goto bad; 1106 dhfile = *(++argv); 1107 } 1108 #ifndef OPENSSL_NO_ECDH 1109 else if (strcmp(*argv, "-named_curve") == 0) { 1110 if (--argc < 1) 1111 goto bad; 1112 named_curve = *(++argv); 1113 } 1114 #endif 1115 else if (strcmp(*argv, "-dcertform") == 0) { 1116 if (--argc < 1) 1117 goto bad; 1118 s_dcert_format = str2fmt(*(++argv)); 1119 } else if (strcmp(*argv, "-dcert") == 0) { 1120 if (--argc < 1) 1121 goto bad; 1122 s_dcert_file = *(++argv); 1123 } else if (strcmp(*argv, "-dkeyform") == 0) { 1124 if (--argc < 1) 1125 goto bad; 1126 s_dkey_format = str2fmt(*(++argv)); 1127 } else if (strcmp(*argv, "-dpass") == 0) { 1128 if (--argc < 1) 1129 goto bad; 1130 dpassarg = *(++argv); 1131 } else if (strcmp(*argv, "-dkey") == 0) { 1132 if (--argc < 1) 1133 goto bad; 1134 s_dkey_file = *(++argv); 1135 } else if (strcmp(*argv, "-nocert") == 0) { 1136 nocert = 1; 1137 } else if (strcmp(*argv, "-CApath") == 0) { 1138 if (--argc < 1) 1139 goto bad; 1140 CApath = *(++argv); 1141 } else if (strcmp(*argv, "-no_cache") == 0) 1142 no_cache = 1; 1143 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) { 1144 if (badarg) 1145 goto bad; 1146 continue; 1147 } else if (strcmp(*argv, "-verify_return_error") == 0) 1148 verify_return_error = 1; 1149 else if (strcmp(*argv, "-serverpref") == 0) { 1150 off |= SSL_OP_CIPHER_SERVER_PREFERENCE; 1151 } else if (strcmp(*argv, "-legacy_renegotiation") == 0) 1152 off |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 1153 else if (strcmp(*argv, "-cipher") == 0) { 1154 if (--argc < 1) 1155 goto bad; 1156 cipher = *(++argv); 1157 } else if (strcmp(*argv, "-CAfile") == 0) { 1158 if (--argc < 1) 1159 goto bad; 1160 CAfile = *(++argv); 1161 } 1162 #ifdef FIONBIO 1163 else if (strcmp(*argv, "-nbio") == 0) { 1164 s_nbio = 1; 1165 } 1166 #endif 1167 else if (strcmp(*argv, "-nbio_test") == 0) { 1168 #ifdef FIONBIO 1169 s_nbio = 1; 1170 #endif 1171 s_nbio_test = 1; 1172 } else if (strcmp(*argv, "-debug") == 0) { 1173 s_debug = 1; 1174 } 1175 #ifndef OPENSSL_NO_TLSEXT 1176 else if (strcmp(*argv, "-tlsextdebug") == 0) 1177 s_tlsextdebug = 1; 1178 else if (strcmp(*argv, "-status") == 0) 1179 s_tlsextstatus = 1; 1180 else if (strcmp(*argv, "-status_verbose") == 0) { 1181 s_tlsextstatus = 1; 1182 tlscstatp.verbose = 1; 1183 } else if (!strcmp(*argv, "-status_timeout")) { 1184 s_tlsextstatus = 1; 1185 if (--argc < 1) 1186 goto bad; 1187 tlscstatp.timeout = atoi(*(++argv)); 1188 } else if (!strcmp(*argv, "-status_url")) { 1189 s_tlsextstatus = 1; 1190 if (--argc < 1) 1191 goto bad; 1192 if (!OCSP_parse_url(*(++argv), 1193 &tlscstatp.host, 1194 &tlscstatp.port, 1195 &tlscstatp.path, &tlscstatp.use_ssl)) { 1196 BIO_printf(bio_err, "Error parsing URL\n"); 1197 goto bad; 1198 } 1199 } 1200 #endif 1201 else if (strcmp(*argv, "-msg") == 0) { 1202 s_msg = 1; 1203 } else if (strcmp(*argv, "-hack") == 0) { 1204 hack = 1; 1205 } else if (strcmp(*argv, "-state") == 0) { 1206 state = 1; 1207 } else if (strcmp(*argv, "-crlf") == 0) { 1208 s_crlf = 1; 1209 } else if (strcmp(*argv, "-quiet") == 0) { 1210 s_quiet = 1; 1211 } else if (strcmp(*argv, "-bugs") == 0) { 1212 bugs = 1; 1213 } else if (strcmp(*argv, "-no_tmp_rsa") == 0) { 1214 no_tmp_rsa = 1; 1215 } else if (strcmp(*argv, "-no_dhe") == 0) { 1216 no_dhe = 1; 1217 } 1218 #ifndef OPENSSL_NO_ECDH 1219 else if (strcmp(*argv, "-no_ecdhe") == 0) { 1220 no_ecdhe = 1; 1221 } 1222 #endif 1223 #ifndef OPENSSL_NO_PSK 1224 else if (strcmp(*argv, "-psk_hint") == 0) { 1225 if (--argc < 1) 1226 goto bad; 1227 psk_identity_hint = *(++argv); 1228 } else if (strcmp(*argv, "-psk") == 0) { 1229 size_t i; 1230 1231 if (--argc < 1) 1232 goto bad; 1233 psk_key = *(++argv); 1234 for (i = 0; i < strlen(psk_key); i++) { 1235 if (isxdigit((unsigned char)psk_key[i])) 1236 continue; 1237 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv); 1238 goto bad; 1239 } 1240 } 1241 #endif 1242 #ifndef OPENSSL_NO_SRP 1243 else if (strcmp(*argv, "-srpvfile") == 0) { 1244 if (--argc < 1) 1245 goto bad; 1246 srp_verifier_file = *(++argv); 1247 meth = TLSv1_server_method(); 1248 } else if (strcmp(*argv, "-srpuserseed") == 0) { 1249 if (--argc < 1) 1250 goto bad; 1251 srpuserseed = *(++argv); 1252 meth = TLSv1_server_method(); 1253 } 1254 #endif 1255 else if (strcmp(*argv, "-www") == 0) { 1256 www = 1; 1257 } else if (strcmp(*argv, "-WWW") == 0) { 1258 www = 2; 1259 } else if (strcmp(*argv, "-HTTP") == 0) { 1260 www = 3; 1261 } else if (strcmp(*argv, "-no_ssl2") == 0) { 1262 off |= SSL_OP_NO_SSLv2; 1263 } else if (strcmp(*argv, "-no_ssl3") == 0) { 1264 off |= SSL_OP_NO_SSLv3; 1265 } else if (strcmp(*argv, "-no_tls1") == 0) { 1266 off |= SSL_OP_NO_TLSv1; 1267 } else if (strcmp(*argv, "-no_tls1_1") == 0) { 1268 off |= SSL_OP_NO_TLSv1_1; 1269 } else if (strcmp(*argv, "-no_tls1_2") == 0) { 1270 off |= SSL_OP_NO_TLSv1_2; 1271 } else if (strcmp(*argv, "-no_comp") == 0) { 1272 off |= SSL_OP_NO_COMPRESSION; 1273 } 1274 #ifndef OPENSSL_NO_TLSEXT 1275 else if (strcmp(*argv, "-no_ticket") == 0) { 1276 off |= SSL_OP_NO_TICKET; 1277 } 1278 #endif 1279 #ifndef OPENSSL_NO_SSL2 1280 else if (strcmp(*argv, "-ssl2") == 0) { 1281 meth = SSLv2_server_method(); 1282 } 1283 #endif 1284 #ifndef OPENSSL_NO_SSL3_METHOD 1285 else if (strcmp(*argv, "-ssl3") == 0) { 1286 meth = SSLv3_server_method(); 1287 } 1288 #endif 1289 #ifndef OPENSSL_NO_TLS1 1290 else if (strcmp(*argv, "-tls1") == 0) { 1291 meth = TLSv1_server_method(); 1292 } else if (strcmp(*argv, "-tls1_1") == 0) { 1293 meth = TLSv1_1_server_method(); 1294 } else if (strcmp(*argv, "-tls1_2") == 0) { 1295 meth = TLSv1_2_server_method(); 1296 } 1297 #endif 1298 #ifndef OPENSSL_NO_DTLS1 1299 else if (strcmp(*argv, "-dtls1") == 0) { 1300 meth = DTLSv1_server_method(); 1301 socket_type = SOCK_DGRAM; 1302 } else if (strcmp(*argv, "-timeout") == 0) 1303 enable_timeouts = 1; 1304 else if (strcmp(*argv, "-mtu") == 0) { 1305 if (--argc < 1) 1306 goto bad; 1307 socket_mtu = atol(*(++argv)); 1308 } else if (strcmp(*argv, "-chain") == 0) 1309 cert_chain = 1; 1310 #endif 1311 else if (strcmp(*argv, "-id_prefix") == 0) { 1312 if (--argc < 1) 1313 goto bad; 1314 session_id_prefix = *(++argv); 1315 } 1316 #ifndef OPENSSL_NO_ENGINE 1317 else if (strcmp(*argv, "-engine") == 0) { 1318 if (--argc < 1) 1319 goto bad; 1320 engine_id = *(++argv); 1321 } 1322 #endif 1323 else if (strcmp(*argv, "-rand") == 0) { 1324 if (--argc < 1) 1325 goto bad; 1326 inrand = *(++argv); 1327 } 1328 #ifndef OPENSSL_NO_TLSEXT 1329 else if (strcmp(*argv, "-servername") == 0) { 1330 if (--argc < 1) 1331 goto bad; 1332 tlsextcbp.servername = *(++argv); 1333 } else if (strcmp(*argv, "-servername_fatal") == 0) { 1334 tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; 1335 } else if (strcmp(*argv, "-cert2") == 0) { 1336 if (--argc < 1) 1337 goto bad; 1338 s_cert_file2 = *(++argv); 1339 } else if (strcmp(*argv, "-key2") == 0) { 1340 if (--argc < 1) 1341 goto bad; 1342 s_key_file2 = *(++argv); 1343 } 1344 # ifndef OPENSSL_NO_NEXTPROTONEG 1345 else if (strcmp(*argv, "-nextprotoneg") == 0) { 1346 if (--argc < 1) 1347 goto bad; 1348 next_proto_neg_in = *(++argv); 1349 } 1350 # endif 1351 #endif 1352 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1353 else if (strcmp(*argv, "-jpake") == 0) { 1354 if (--argc < 1) 1355 goto bad; 1356 jpake_secret = *(++argv); 1357 } 1358 #endif 1359 #ifndef OPENSSL_NO_SRTP 1360 else if (strcmp(*argv, "-use_srtp") == 0) { 1361 if (--argc < 1) 1362 goto bad; 1363 srtp_profiles = *(++argv); 1364 } 1365 #endif 1366 else if (strcmp(*argv, "-keymatexport") == 0) { 1367 if (--argc < 1) 1368 goto bad; 1369 keymatexportlabel = *(++argv); 1370 } else if (strcmp(*argv, "-keymatexportlen") == 0) { 1371 if (--argc < 1) 1372 goto bad; 1373 keymatexportlen = atoi(*(++argv)); 1374 if (keymatexportlen == 0) 1375 goto bad; 1376 } else { 1377 BIO_printf(bio_err, "unknown option %s\n", *argv); 1378 badop = 1; 1379 break; 1380 } 1381 argc--; 1382 argv++; 1383 } 1384 if (badop) { 1385 bad: 1386 sv_usage(); 1387 goto end; 1388 } 1389 #ifndef OPENSSL_NO_DTLS1 1390 if (www && socket_type == SOCK_DGRAM) { 1391 BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n"); 1392 goto end; 1393 } 1394 #endif 1395 1396 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1397 if (jpake_secret) { 1398 if (psk_key) { 1399 BIO_printf(bio_err, "Can't use JPAKE and PSK together\n"); 1400 goto end; 1401 } 1402 psk_identity = "JPAKE"; 1403 if (cipher) { 1404 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1405 goto end; 1406 } 1407 cipher = "PSK"; 1408 } 1409 #endif 1410 1411 SSL_load_error_strings(); 1412 OpenSSL_add_ssl_algorithms(); 1413 1414 #ifndef OPENSSL_NO_ENGINE 1415 e = setup_engine(bio_err, engine_id, 1); 1416 #endif 1417 1418 if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) { 1419 BIO_printf(bio_err, "Error getting password\n"); 1420 goto end; 1421 } 1422 1423 if (s_key_file == NULL) 1424 s_key_file = s_cert_file; 1425 #ifndef OPENSSL_NO_TLSEXT 1426 if (s_key_file2 == NULL) 1427 s_key_file2 = s_cert_file2; 1428 #endif 1429 1430 if (nocert == 0) { 1431 s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, 1432 "server certificate private key file"); 1433 if (!s_key) { 1434 ERR_print_errors(bio_err); 1435 goto end; 1436 } 1437 1438 s_cert = load_cert(bio_err, s_cert_file, s_cert_format, 1439 NULL, e, "server certificate file"); 1440 1441 if (!s_cert) { 1442 ERR_print_errors(bio_err); 1443 goto end; 1444 } 1445 #ifndef OPENSSL_NO_TLSEXT 1446 if (tlsextcbp.servername) { 1447 s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, 1448 "second server certificate private key file"); 1449 if (!s_key2) { 1450 ERR_print_errors(bio_err); 1451 goto end; 1452 } 1453 1454 s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format, 1455 NULL, e, "second server certificate file"); 1456 1457 if (!s_cert2) { 1458 ERR_print_errors(bio_err); 1459 goto end; 1460 } 1461 } 1462 #endif 1463 } 1464 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 1465 if (next_proto_neg_in) { 1466 unsigned short len; 1467 next_proto.data = next_protos_parse(&len, next_proto_neg_in); 1468 if (next_proto.data == NULL) 1469 goto end; 1470 next_proto.len = len; 1471 } else { 1472 next_proto.data = NULL; 1473 } 1474 #endif 1475 1476 if (s_dcert_file) { 1477 1478 if (s_dkey_file == NULL) 1479 s_dkey_file = s_dcert_file; 1480 1481 s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, 1482 0, dpass, e, "second certificate private key file"); 1483 if (!s_dkey) { 1484 ERR_print_errors(bio_err); 1485 goto end; 1486 } 1487 1488 s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format, 1489 NULL, e, "second server certificate file"); 1490 1491 if (!s_dcert) { 1492 ERR_print_errors(bio_err); 1493 goto end; 1494 } 1495 1496 } 1497 1498 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1499 && !RAND_status()) { 1500 BIO_printf(bio_err, 1501 "warning, not much extra random data, consider using the -rand option\n"); 1502 } 1503 if (inrand != NULL) 1504 BIO_printf(bio_err, "%ld semi-random bytes loaded\n", 1505 app_RAND_load_files(inrand)); 1506 1507 if (bio_s_out == NULL) { 1508 if (s_quiet && !s_debug && !s_msg) { 1509 bio_s_out = BIO_new(BIO_s_null()); 1510 } else { 1511 if (bio_s_out == NULL) 1512 bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE); 1513 } 1514 } 1515 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) 1516 if (nocert) 1517 #endif 1518 { 1519 s_cert_file = NULL; 1520 s_key_file = NULL; 1521 s_dcert_file = NULL; 1522 s_dkey_file = NULL; 1523 #ifndef OPENSSL_NO_TLSEXT 1524 s_cert_file2 = NULL; 1525 s_key_file2 = NULL; 1526 #endif 1527 } 1528 1529 ctx = SSL_CTX_new(meth); 1530 if (ctx == NULL) { 1531 ERR_print_errors(bio_err); 1532 goto end; 1533 } 1534 if (session_id_prefix) { 1535 if (strlen(session_id_prefix) >= 32) 1536 BIO_printf(bio_err, 1537 "warning: id_prefix is too long, only one new session will be possible\n"); 1538 else if (strlen(session_id_prefix) >= 16) 1539 BIO_printf(bio_err, 1540 "warning: id_prefix is too long if you use SSLv2\n"); 1541 if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) { 1542 BIO_printf(bio_err, "error setting 'id_prefix'\n"); 1543 ERR_print_errors(bio_err); 1544 goto end; 1545 } 1546 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix); 1547 } 1548 SSL_CTX_set_quiet_shutdown(ctx, 1); 1549 if (bugs) 1550 SSL_CTX_set_options(ctx, SSL_OP_ALL); 1551 if (hack) 1552 SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1553 SSL_CTX_set_options(ctx, off); 1554 1555 if (state) 1556 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback); 1557 if (no_cache) 1558 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); 1559 else 1560 SSL_CTX_sess_set_cache_size(ctx, 128); 1561 1562 #ifndef OPENSSL_NO_SRTP 1563 if (srtp_profiles != NULL) 1564 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1565 #endif 1566 1567 #if 0 1568 if (cipher == NULL) 1569 cipher = getenv("SSL_CIPHER"); 1570 #endif 1571 1572 #if 0 1573 if (s_cert_file == NULL) { 1574 BIO_printf(bio_err, 1575 "You must specify a certificate file for the server to use\n"); 1576 goto end; 1577 } 1578 #endif 1579 1580 if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) || 1581 (!SSL_CTX_set_default_verify_paths(ctx))) { 1582 /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ 1583 ERR_print_errors(bio_err); 1584 /* goto end; */ 1585 } 1586 if (vpm) 1587 SSL_CTX_set1_param(ctx, vpm); 1588 1589 #ifndef OPENSSL_NO_TLSEXT 1590 if (s_cert2) { 1591 ctx2 = SSL_CTX_new(meth); 1592 if (ctx2 == NULL) { 1593 ERR_print_errors(bio_err); 1594 goto end; 1595 } 1596 } 1597 1598 if (ctx2) { 1599 BIO_printf(bio_s_out, "Setting secondary ctx parameters\n"); 1600 1601 if (session_id_prefix) { 1602 if (strlen(session_id_prefix) >= 32) 1603 BIO_printf(bio_err, 1604 "warning: id_prefix is too long, only one new session will be possible\n"); 1605 else if (strlen(session_id_prefix) >= 16) 1606 BIO_printf(bio_err, 1607 "warning: id_prefix is too long if you use SSLv2\n"); 1608 if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) { 1609 BIO_printf(bio_err, "error setting 'id_prefix'\n"); 1610 ERR_print_errors(bio_err); 1611 goto end; 1612 } 1613 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix); 1614 } 1615 SSL_CTX_set_quiet_shutdown(ctx2, 1); 1616 if (bugs) 1617 SSL_CTX_set_options(ctx2, SSL_OP_ALL); 1618 if (hack) 1619 SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1620 SSL_CTX_set_options(ctx2, off); 1621 1622 if (state) 1623 SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback); 1624 1625 if (no_cache) 1626 SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF); 1627 else 1628 SSL_CTX_sess_set_cache_size(ctx2, 128); 1629 1630 if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) || 1631 (!SSL_CTX_set_default_verify_paths(ctx2))) { 1632 ERR_print_errors(bio_err); 1633 } 1634 if (vpm) 1635 SSL_CTX_set1_param(ctx2, vpm); 1636 } 1637 # ifndef OPENSSL_NO_NEXTPROTONEG 1638 if (next_proto.data) 1639 SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, 1640 &next_proto); 1641 # endif 1642 #endif 1643 1644 #ifndef OPENSSL_NO_DH 1645 if (!no_dhe) { 1646 DH *dh = NULL; 1647 1648 if (dhfile) 1649 dh = load_dh_param(dhfile); 1650 else if (s_cert_file) 1651 dh = load_dh_param(s_cert_file); 1652 1653 if (dh != NULL) { 1654 BIO_printf(bio_s_out, "Setting temp DH parameters\n"); 1655 } else { 1656 BIO_printf(bio_s_out, "Using default temp DH parameters\n"); 1657 dh = get_dh512(); 1658 } 1659 (void)BIO_flush(bio_s_out); 1660 1661 SSL_CTX_set_tmp_dh(ctx, dh); 1662 # ifndef OPENSSL_NO_TLSEXT 1663 if (ctx2) { 1664 if (!dhfile) { 1665 DH *dh2 = load_dh_param(s_cert_file2); 1666 if (dh2 != NULL) { 1667 BIO_printf(bio_s_out, "Setting temp DH parameters\n"); 1668 (void)BIO_flush(bio_s_out); 1669 1670 DH_free(dh); 1671 dh = dh2; 1672 } 1673 } 1674 SSL_CTX_set_tmp_dh(ctx2, dh); 1675 } 1676 # endif 1677 DH_free(dh); 1678 } 1679 #endif 1680 1681 #ifndef OPENSSL_NO_ECDH 1682 if (!no_ecdhe) { 1683 EC_KEY *ecdh = NULL; 1684 1685 if (named_curve) { 1686 int nid = OBJ_sn2nid(named_curve); 1687 1688 if (nid == 0) { 1689 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); 1690 goto end; 1691 } 1692 ecdh = EC_KEY_new_by_curve_name(nid); 1693 if (ecdh == NULL) { 1694 BIO_printf(bio_err, "unable to create curve (%s)\n", 1695 named_curve); 1696 goto end; 1697 } 1698 } 1699 1700 if (ecdh != NULL) { 1701 BIO_printf(bio_s_out, "Setting temp ECDH parameters\n"); 1702 } else { 1703 BIO_printf(bio_s_out, "Using default temp ECDH parameters\n"); 1704 ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); 1705 if (ecdh == NULL) { 1706 BIO_printf(bio_err, "unable to create curve (nistp256)\n"); 1707 goto end; 1708 } 1709 } 1710 (void)BIO_flush(bio_s_out); 1711 1712 SSL_CTX_set_tmp_ecdh(ctx, ecdh); 1713 # ifndef OPENSSL_NO_TLSEXT 1714 if (ctx2) 1715 SSL_CTX_set_tmp_ecdh(ctx2, ecdh); 1716 # endif 1717 EC_KEY_free(ecdh); 1718 } 1719 #endif 1720 1721 if (!set_cert_key_stuff(ctx, s_cert, s_key)) 1722 goto end; 1723 #ifndef OPENSSL_NO_TLSEXT 1724 if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2)) 1725 goto end; 1726 #endif 1727 if (s_dcert != NULL) { 1728 if (!set_cert_key_stuff(ctx, s_dcert, s_dkey)) 1729 goto end; 1730 } 1731 #ifndef OPENSSL_NO_RSA 1732 # if 1 1733 if (!no_tmp_rsa) { 1734 SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb); 1735 # ifndef OPENSSL_NO_TLSEXT 1736 if (ctx2) 1737 SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb); 1738 # endif 1739 } 1740 # else 1741 if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) { 1742 RSA *rsa; 1743 1744 BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key..."); 1745 BIO_flush(bio_s_out); 1746 1747 rsa = RSA_generate_key(512, RSA_F4, NULL); 1748 1749 if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) { 1750 ERR_print_errors(bio_err); 1751 goto end; 1752 } 1753 # ifndef OPENSSL_NO_TLSEXT 1754 if (ctx2) { 1755 if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) { 1756 ERR_print_errors(bio_err); 1757 goto end; 1758 } 1759 } 1760 # endif 1761 RSA_free(rsa); 1762 BIO_printf(bio_s_out, "\n"); 1763 } 1764 # endif 1765 #endif 1766 1767 #ifndef OPENSSL_NO_PSK 1768 # ifdef OPENSSL_NO_JPAKE 1769 if (psk_key != NULL) 1770 # else 1771 if (psk_key != NULL || jpake_secret) 1772 # endif 1773 { 1774 if (s_debug) 1775 BIO_printf(bio_s_out, 1776 "PSK key given or JPAKE in use, setting server callback\n"); 1777 SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); 1778 } 1779 1780 if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) { 1781 BIO_printf(bio_err, "error setting PSK identity hint to context\n"); 1782 ERR_print_errors(bio_err); 1783 goto end; 1784 } 1785 #endif 1786 1787 if (cipher != NULL) { 1788 if (!SSL_CTX_set_cipher_list(ctx, cipher)) { 1789 BIO_printf(bio_err, "error setting cipher list\n"); 1790 ERR_print_errors(bio_err); 1791 goto end; 1792 } 1793 #ifndef OPENSSL_NO_TLSEXT 1794 if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) { 1795 BIO_printf(bio_err, "error setting cipher list\n"); 1796 ERR_print_errors(bio_err); 1797 goto end; 1798 } 1799 #endif 1800 } 1801 SSL_CTX_set_verify(ctx, s_server_verify, verify_callback); 1802 SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context, 1803 sizeof s_server_session_id_context); 1804 1805 /* Set DTLS cookie generation and verification callbacks */ 1806 SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); 1807 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); 1808 1809 #ifndef OPENSSL_NO_TLSEXT 1810 if (ctx2) { 1811 SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback); 1812 SSL_CTX_set_session_id_context(ctx2, 1813 (void *)&s_server_session_id_context, 1814 sizeof s_server_session_id_context); 1815 1816 tlsextcbp.biodebug = bio_s_out; 1817 SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); 1818 SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); 1819 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1820 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1821 } 1822 #endif 1823 1824 #ifndef OPENSSL_NO_SRP 1825 if (srp_verifier_file != NULL) { 1826 srp_callback_parm.vb = SRP_VBASE_new(srpuserseed); 1827 srp_callback_parm.user = NULL; 1828 srp_callback_parm.login = NULL; 1829 if ((ret = 1830 SRP_VBASE_init(srp_callback_parm.vb, 1831 srp_verifier_file)) != SRP_NO_ERROR) { 1832 BIO_printf(bio_err, 1833 "Cannot initialize SRP verifier file \"%s\":ret=%d\n", 1834 srp_verifier_file, ret); 1835 goto end; 1836 } 1837 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback); 1838 SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm); 1839 SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb); 1840 } else 1841 #endif 1842 if (CAfile != NULL) { 1843 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile)); 1844 #ifndef OPENSSL_NO_TLSEXT 1845 if (ctx2) 1846 SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile)); 1847 #endif 1848 } 1849 1850 BIO_printf(bio_s_out, "ACCEPT\n"); 1851 (void)BIO_flush(bio_s_out); 1852 if (www) 1853 do_server(port, socket_type, &accept_socket, www_body, context); 1854 else 1855 do_server(port, socket_type, &accept_socket, sv_body, context); 1856 print_stats(bio_s_out, ctx); 1857 ret = 0; 1858 end: 1859 if (ctx != NULL) 1860 SSL_CTX_free(ctx); 1861 if (s_cert) 1862 X509_free(s_cert); 1863 if (s_dcert) 1864 X509_free(s_dcert); 1865 if (s_key) 1866 EVP_PKEY_free(s_key); 1867 if (s_dkey) 1868 EVP_PKEY_free(s_dkey); 1869 if (pass) 1870 OPENSSL_free(pass); 1871 if (dpass) 1872 OPENSSL_free(dpass); 1873 if (vpm) 1874 X509_VERIFY_PARAM_free(vpm); 1875 #ifndef OPENSSL_NO_TLSEXT 1876 if (tlscstatp.host) 1877 OPENSSL_free(tlscstatp.host); 1878 if (tlscstatp.port) 1879 OPENSSL_free(tlscstatp.port); 1880 if (tlscstatp.path) 1881 OPENSSL_free(tlscstatp.path); 1882 if (ctx2 != NULL) 1883 SSL_CTX_free(ctx2); 1884 if (s_cert2) 1885 X509_free(s_cert2); 1886 if (s_key2) 1887 EVP_PKEY_free(s_key2); 1888 #endif 1889 if (bio_s_out != NULL) { 1890 BIO_free(bio_s_out); 1891 bio_s_out = NULL; 1892 } 1893 apps_shutdown(); 1894 OPENSSL_EXIT(ret); 1895 } 1896 1897 static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) 1898 { 1899 BIO_printf(bio, "%4ld items in the session cache\n", 1900 SSL_CTX_sess_number(ssl_ctx)); 1901 BIO_printf(bio, "%4ld client connects (SSL_connect())\n", 1902 SSL_CTX_sess_connect(ssl_ctx)); 1903 BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n", 1904 SSL_CTX_sess_connect_renegotiate(ssl_ctx)); 1905 BIO_printf(bio, "%4ld client connects that finished\n", 1906 SSL_CTX_sess_connect_good(ssl_ctx)); 1907 BIO_printf(bio, "%4ld server accepts (SSL_accept())\n", 1908 SSL_CTX_sess_accept(ssl_ctx)); 1909 BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n", 1910 SSL_CTX_sess_accept_renegotiate(ssl_ctx)); 1911 BIO_printf(bio, "%4ld server accepts that finished\n", 1912 SSL_CTX_sess_accept_good(ssl_ctx)); 1913 BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx)); 1914 BIO_printf(bio, "%4ld session cache misses\n", 1915 SSL_CTX_sess_misses(ssl_ctx)); 1916 BIO_printf(bio, "%4ld session cache timeouts\n", 1917 SSL_CTX_sess_timeouts(ssl_ctx)); 1918 BIO_printf(bio, "%4ld callback cache hits\n", 1919 SSL_CTX_sess_cb_hits(ssl_ctx)); 1920 BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n", 1921 SSL_CTX_sess_cache_full(ssl_ctx), 1922 SSL_CTX_sess_get_cache_size(ssl_ctx)); 1923 } 1924 1925 static int sv_body(char *hostname, int s, unsigned char *context) 1926 { 1927 char *buf = NULL; 1928 fd_set readfds; 1929 int ret = 1, width; 1930 int k, i; 1931 unsigned long l; 1932 SSL *con = NULL; 1933 BIO *sbio; 1934 #ifndef OPENSSL_NO_KRB5 1935 KSSL_CTX *kctx; 1936 #endif 1937 struct timeval timeout; 1938 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1939 struct timeval tv; 1940 #else 1941 struct timeval *timeoutp; 1942 #endif 1943 1944 if ((buf = OPENSSL_malloc(bufsize)) == NULL) { 1945 BIO_printf(bio_err, "out of memory\n"); 1946 goto err; 1947 } 1948 #ifdef FIONBIO 1949 if (s_nbio) { 1950 unsigned long sl = 1; 1951 1952 if (!s_quiet) 1953 BIO_printf(bio_err, "turning on non blocking io\n"); 1954 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0) 1955 ERR_print_errors(bio_err); 1956 } 1957 #endif 1958 1959 if (con == NULL) { 1960 con = SSL_new(ctx); 1961 #ifndef OPENSSL_NO_TLSEXT 1962 if (s_tlsextdebug) { 1963 SSL_set_tlsext_debug_callback(con, tlsext_cb); 1964 SSL_set_tlsext_debug_arg(con, bio_s_out); 1965 } 1966 if (s_tlsextstatus) { 1967 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); 1968 tlscstatp.err = bio_err; 1969 SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); 1970 } 1971 #endif 1972 #ifndef OPENSSL_NO_KRB5 1973 if ((kctx = kssl_ctx_new()) != NULL) { 1974 SSL_set0_kssl_ctx(con, kctx); 1975 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 1976 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 1977 } 1978 #endif /* OPENSSL_NO_KRB5 */ 1979 if (context) 1980 SSL_set_session_id_context(con, context, strlen((char *)context)); 1981 } 1982 SSL_clear(con); 1983 #if 0 1984 # ifdef TLSEXT_TYPE_opaque_prf_input 1985 SSL_set_tlsext_opaque_prf_input(con, "Test server", 11); 1986 # endif 1987 #endif 1988 1989 if (SSL_version(con) == DTLS1_VERSION) { 1990 1991 sbio = BIO_new_dgram(s, BIO_NOCLOSE); 1992 1993 if (enable_timeouts) { 1994 timeout.tv_sec = 0; 1995 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1996 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 1997 1998 timeout.tv_sec = 0; 1999 timeout.tv_usec = DGRAM_SND_TIMEOUT; 2000 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 2001 } 2002 2003 if (socket_mtu) { 2004 if (socket_mtu < DTLS_get_link_min_mtu(con)) { 2005 BIO_printf(bio_err, "MTU too small. Must be at least %ld\n", 2006 DTLS_get_link_min_mtu(con)); 2007 ret = -1; 2008 BIO_free(sbio); 2009 goto err; 2010 } 2011 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 2012 if (!DTLS_set_link_mtu(con, socket_mtu)) { 2013 BIO_printf(bio_err, "Failed to set MTU\n"); 2014 ret = -1; 2015 BIO_free(sbio); 2016 goto err; 2017 } 2018 } else 2019 /* want to do MTU discovery */ 2020 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 2021 2022 /* turn on cookie exchange */ 2023 SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); 2024 } else 2025 sbio = BIO_new_socket(s, BIO_NOCLOSE); 2026 2027 if (s_nbio_test) { 2028 BIO *test; 2029 2030 test = BIO_new(BIO_f_nbio_test()); 2031 sbio = BIO_push(test, sbio); 2032 } 2033 #ifndef OPENSSL_NO_JPAKE 2034 if (jpake_secret) 2035 jpake_server_auth(bio_s_out, sbio, jpake_secret); 2036 #endif 2037 2038 SSL_set_bio(con, sbio, sbio); 2039 SSL_set_accept_state(con); 2040 /* SSL_set_fd(con,s); */ 2041 2042 if (s_debug) { 2043 SSL_set_debug(con, 1); 2044 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback); 2045 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out); 2046 } 2047 if (s_msg) { 2048 SSL_set_msg_callback(con, msg_cb); 2049 SSL_set_msg_callback_arg(con, bio_s_out); 2050 } 2051 #ifndef OPENSSL_NO_TLSEXT 2052 if (s_tlsextdebug) { 2053 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2054 SSL_set_tlsext_debug_arg(con, bio_s_out); 2055 } 2056 #endif 2057 2058 width = s + 1; 2059 for (;;) { 2060 int read_from_terminal; 2061 int read_from_sslcon; 2062 2063 read_from_terminal = 0; 2064 read_from_sslcon = SSL_pending(con); 2065 2066 if (!read_from_sslcon) { 2067 FD_ZERO(&readfds); 2068 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5) 2069 openssl_fdset(fileno(stdin), &readfds); 2070 #endif 2071 openssl_fdset(s, &readfds); 2072 /* 2073 * Note: under VMS with SOCKETSHR the second parameter is 2074 * currently of type (int *) whereas under other systems it is 2075 * (void *) if you don't have a cast it will choke the compiler: 2076 * if you do have a cast then you can either go for (int *) or 2077 * (void *). 2078 */ 2079 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) 2080 /* 2081 * Under DOS (non-djgpp) and Windows we can't select on stdin: 2082 * only on sockets. As a workaround we timeout the select every 2083 * second and check for any keypress. In a proper Windows 2084 * application we wouldn't do this because it is inefficient. 2085 */ 2086 tv.tv_sec = 1; 2087 tv.tv_usec = 0; 2088 i = select(width, (void *)&readfds, NULL, NULL, &tv); 2089 if ((i < 0) || (!i && !_kbhit())) 2090 continue; 2091 if (_kbhit()) 2092 read_from_terminal = 1; 2093 #elif defined(OPENSSL_SYS_BEOS_R5) 2094 /* Under BeOS-R5 the situation is similar to DOS */ 2095 tv.tv_sec = 1; 2096 tv.tv_usec = 0; 2097 (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 2098 i = select(width, (void *)&readfds, NULL, NULL, &tv); 2099 if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0)) 2100 continue; 2101 if (read(fileno(stdin), buf, 0) >= 0) 2102 read_from_terminal = 1; 2103 (void)fcntl(fileno(stdin), F_SETFL, 0); 2104 #else 2105 if ((SSL_version(con) == DTLS1_VERSION) && 2106 DTLSv1_get_timeout(con, &timeout)) 2107 timeoutp = &timeout; 2108 else 2109 timeoutp = NULL; 2110 2111 i = select(width, (void *)&readfds, NULL, NULL, timeoutp); 2112 2113 if ((SSL_version(con) == DTLS1_VERSION) 2114 && DTLSv1_handle_timeout(con) > 0) { 2115 BIO_printf(bio_err, "TIMEOUT occured\n"); 2116 } 2117 2118 if (i <= 0) 2119 continue; 2120 if (FD_ISSET(fileno(stdin), &readfds)) 2121 read_from_terminal = 1; 2122 #endif 2123 if (FD_ISSET(s, &readfds)) 2124 read_from_sslcon = 1; 2125 } 2126 if (read_from_terminal) { 2127 if (s_crlf) { 2128 int j, lf_num; 2129 2130 i = raw_read_stdin(buf, bufsize / 2); 2131 lf_num = 0; 2132 /* both loops are skipped when i <= 0 */ 2133 for (j = 0; j < i; j++) 2134 if (buf[j] == '\n') 2135 lf_num++; 2136 for (j = i - 1; j >= 0; j--) { 2137 buf[j + lf_num] = buf[j]; 2138 if (buf[j] == '\n') { 2139 lf_num--; 2140 i++; 2141 buf[j + lf_num] = '\r'; 2142 } 2143 } 2144 assert(lf_num == 0); 2145 } else 2146 i = raw_read_stdin(buf, bufsize); 2147 if (!s_quiet) { 2148 if ((i <= 0) || (buf[0] == 'Q')) { 2149 BIO_printf(bio_s_out, "DONE\n"); 2150 SHUTDOWN(s); 2151 close_accept_socket(); 2152 ret = -11; 2153 goto err; 2154 } 2155 if ((i <= 0) || (buf[0] == 'q')) { 2156 BIO_printf(bio_s_out, "DONE\n"); 2157 if (SSL_version(con) != DTLS1_VERSION) 2158 SHUTDOWN(s); 2159 /* 2160 * close_accept_socket(); ret= -11; 2161 */ 2162 goto err; 2163 } 2164 #ifndef OPENSSL_NO_HEARTBEATS 2165 if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) { 2166 BIO_printf(bio_err, "HEARTBEATING\n"); 2167 SSL_heartbeat(con); 2168 i = 0; 2169 continue; 2170 } 2171 #endif 2172 if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) { 2173 SSL_renegotiate(con); 2174 i = SSL_do_handshake(con); 2175 printf("SSL_do_handshake -> %d\n", i); 2176 i = 0; /* 13; */ 2177 continue; 2178 /* 2179 * strcpy(buf,"server side RE-NEGOTIATE\n"); 2180 */ 2181 } 2182 if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) { 2183 SSL_set_verify(con, 2184 SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, 2185 NULL); 2186 SSL_renegotiate(con); 2187 i = SSL_do_handshake(con); 2188 printf("SSL_do_handshake -> %d\n", i); 2189 i = 0; /* 13; */ 2190 continue; 2191 /* 2192 * strcpy(buf,"server side RE-NEGOTIATE asking for client 2193 * cert\n"); 2194 */ 2195 } 2196 if (buf[0] == 'P') { 2197 static const char *str = "Lets print some clear text\n"; 2198 BIO_write(SSL_get_wbio(con), str, strlen(str)); 2199 } 2200 if (buf[0] == 'S') { 2201 print_stats(bio_s_out, SSL_get_SSL_CTX(con)); 2202 } 2203 } 2204 #ifdef CHARSET_EBCDIC 2205 ebcdic2ascii(buf, buf, i); 2206 #endif 2207 l = k = 0; 2208 for (;;) { 2209 /* should do a select for the write */ 2210 #ifdef RENEG 2211 { 2212 static count = 0; 2213 if (++count == 100) { 2214 count = 0; 2215 SSL_renegotiate(con); 2216 } 2217 } 2218 #endif 2219 k = SSL_write(con, &(buf[l]), (unsigned int)i); 2220 #ifndef OPENSSL_NO_SRP 2221 while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) { 2222 BIO_printf(bio_s_out, "LOOKUP renego during write\n"); 2223 srp_callback_parm.user = 2224 SRP_VBASE_get_by_user(srp_callback_parm.vb, 2225 srp_callback_parm.login); 2226 if (srp_callback_parm.user) 2227 BIO_printf(bio_s_out, "LOOKUP done %s\n", 2228 srp_callback_parm.user->info); 2229 else 2230 BIO_printf(bio_s_out, "LOOKUP not successful\n"); 2231 k = SSL_write(con, &(buf[l]), (unsigned int)i); 2232 } 2233 #endif 2234 switch (SSL_get_error(con, k)) { 2235 case SSL_ERROR_NONE: 2236 break; 2237 case SSL_ERROR_WANT_WRITE: 2238 case SSL_ERROR_WANT_READ: 2239 case SSL_ERROR_WANT_X509_LOOKUP: 2240 BIO_printf(bio_s_out, "Write BLOCK\n"); 2241 break; 2242 case SSL_ERROR_SYSCALL: 2243 case SSL_ERROR_SSL: 2244 BIO_printf(bio_s_out, "ERROR\n"); 2245 ERR_print_errors(bio_err); 2246 ret = 1; 2247 goto err; 2248 /* break; */ 2249 case SSL_ERROR_ZERO_RETURN: 2250 BIO_printf(bio_s_out, "DONE\n"); 2251 ret = 1; 2252 goto err; 2253 } 2254 l += k; 2255 i -= k; 2256 if (i <= 0) 2257 break; 2258 } 2259 } 2260 if (read_from_sslcon) { 2261 if (!SSL_is_init_finished(con)) { 2262 i = init_ssl_connection(con); 2263 2264 if (i < 0) { 2265 ret = 0; 2266 goto err; 2267 } else if (i == 0) { 2268 ret = 1; 2269 goto err; 2270 } 2271 } else { 2272 again: 2273 i = SSL_read(con, (char *)buf, bufsize); 2274 #ifndef OPENSSL_NO_SRP 2275 while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { 2276 BIO_printf(bio_s_out, "LOOKUP renego during read\n"); 2277 srp_callback_parm.user = 2278 SRP_VBASE_get_by_user(srp_callback_parm.vb, 2279 srp_callback_parm.login); 2280 if (srp_callback_parm.user) 2281 BIO_printf(bio_s_out, "LOOKUP done %s\n", 2282 srp_callback_parm.user->info); 2283 else 2284 BIO_printf(bio_s_out, "LOOKUP not successful\n"); 2285 i = SSL_read(con, (char *)buf, bufsize); 2286 } 2287 #endif 2288 switch (SSL_get_error(con, i)) { 2289 case SSL_ERROR_NONE: 2290 #ifdef CHARSET_EBCDIC 2291 ascii2ebcdic(buf, buf, i); 2292 #endif 2293 raw_write_stdout(buf, (unsigned int)i); 2294 if (SSL_pending(con)) 2295 goto again; 2296 break; 2297 case SSL_ERROR_WANT_WRITE: 2298 case SSL_ERROR_WANT_READ: 2299 BIO_printf(bio_s_out, "Read BLOCK\n"); 2300 break; 2301 case SSL_ERROR_SYSCALL: 2302 case SSL_ERROR_SSL: 2303 BIO_printf(bio_s_out, "ERROR\n"); 2304 ERR_print_errors(bio_err); 2305 ret = 1; 2306 goto err; 2307 case SSL_ERROR_ZERO_RETURN: 2308 BIO_printf(bio_s_out, "DONE\n"); 2309 ret = 1; 2310 goto err; 2311 } 2312 } 2313 } 2314 } 2315 err: 2316 if (con != NULL) { 2317 BIO_printf(bio_s_out, "shutting down SSL\n"); 2318 #if 1 2319 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 2320 #else 2321 SSL_shutdown(con); 2322 #endif 2323 SSL_free(con); 2324 } 2325 BIO_printf(bio_s_out, "CONNECTION CLOSED\n"); 2326 if (buf != NULL) { 2327 OPENSSL_cleanse(buf, bufsize); 2328 OPENSSL_free(buf); 2329 } 2330 if (ret >= 0) 2331 BIO_printf(bio_s_out, "ACCEPT\n"); 2332 return (ret); 2333 } 2334 2335 static void close_accept_socket(void) 2336 { 2337 BIO_printf(bio_err, "shutdown accept socket\n"); 2338 if (accept_socket >= 0) { 2339 SHUTDOWN2(accept_socket); 2340 } 2341 } 2342 2343 static int init_ssl_connection(SSL *con) 2344 { 2345 int i; 2346 const char *str; 2347 X509 *peer; 2348 long verify_error; 2349 MS_STATIC char buf[BUFSIZ]; 2350 #ifndef OPENSSL_NO_KRB5 2351 char *client_princ; 2352 #endif 2353 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2354 const unsigned char *next_proto_neg; 2355 unsigned next_proto_neg_len; 2356 #endif 2357 unsigned char *exportedkeymat; 2358 2359 i = SSL_accept(con); 2360 #ifndef OPENSSL_NO_SRP 2361 while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { 2362 BIO_printf(bio_s_out, "LOOKUP during accept %s\n", 2363 srp_callback_parm.login); 2364 srp_callback_parm.user = 2365 SRP_VBASE_get_by_user(srp_callback_parm.vb, 2366 srp_callback_parm.login); 2367 if (srp_callback_parm.user) 2368 BIO_printf(bio_s_out, "LOOKUP done %s\n", 2369 srp_callback_parm.user->info); 2370 else 2371 BIO_printf(bio_s_out, "LOOKUP not successful\n"); 2372 i = SSL_accept(con); 2373 } 2374 #endif 2375 if (i <= 0) { 2376 if (BIO_sock_should_retry(i)) { 2377 BIO_printf(bio_s_out, "DELAY\n"); 2378 return (1); 2379 } 2380 2381 BIO_printf(bio_err, "ERROR\n"); 2382 verify_error = SSL_get_verify_result(con); 2383 if (verify_error != X509_V_OK) { 2384 BIO_printf(bio_err, "verify error:%s\n", 2385 X509_verify_cert_error_string(verify_error)); 2386 } else 2387 ERR_print_errors(bio_err); 2388 return (0); 2389 } 2390 2391 PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con)); 2392 2393 peer = SSL_get_peer_certificate(con); 2394 if (peer != NULL) { 2395 BIO_printf(bio_s_out, "Client certificate\n"); 2396 PEM_write_bio_X509(bio_s_out, peer); 2397 X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf); 2398 BIO_printf(bio_s_out, "subject=%s\n", buf); 2399 X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf); 2400 BIO_printf(bio_s_out, "issuer=%s\n", buf); 2401 X509_free(peer); 2402 } 2403 2404 if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL) 2405 BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf); 2406 str = SSL_CIPHER_get_name(SSL_get_current_cipher(con)); 2407 BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)"); 2408 2409 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2410 SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); 2411 if (next_proto_neg) { 2412 BIO_printf(bio_s_out, "NEXTPROTO is "); 2413 BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); 2414 BIO_printf(bio_s_out, "\n"); 2415 } 2416 #endif 2417 #ifndef OPENSSL_NO_SRTP 2418 { 2419 SRTP_PROTECTION_PROFILE *srtp_profile 2420 = SSL_get_selected_srtp_profile(con); 2421 2422 if (srtp_profile) 2423 BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n", 2424 srtp_profile->name); 2425 } 2426 #endif 2427 if (SSL_cache_hit(con)) 2428 BIO_printf(bio_s_out, "Reused session-id\n"); 2429 if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) & 2430 TLS1_FLAGS_TLS_PADDING_BUG) 2431 BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n"); 2432 #ifndef OPENSSL_NO_KRB5 2433 client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con)); 2434 if (client_princ != NULL) { 2435 BIO_printf(bio_s_out, "Kerberos peer principal is %s\n", 2436 client_princ); 2437 } 2438 #endif /* OPENSSL_NO_KRB5 */ 2439 BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", 2440 SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); 2441 if (keymatexportlabel != NULL) { 2442 BIO_printf(bio_s_out, "Keying material exporter:\n"); 2443 BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel); 2444 BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen); 2445 exportedkeymat = OPENSSL_malloc(keymatexportlen); 2446 if (exportedkeymat != NULL) { 2447 if (!SSL_export_keying_material(con, exportedkeymat, 2448 keymatexportlen, 2449 keymatexportlabel, 2450 strlen(keymatexportlabel), 2451 NULL, 0, 0)) { 2452 BIO_printf(bio_s_out, " Error\n"); 2453 } else { 2454 BIO_printf(bio_s_out, " Keying material: "); 2455 for (i = 0; i < keymatexportlen; i++) 2456 BIO_printf(bio_s_out, "%02X", exportedkeymat[i]); 2457 BIO_printf(bio_s_out, "\n"); 2458 } 2459 OPENSSL_free(exportedkeymat); 2460 } 2461 } 2462 2463 return (1); 2464 } 2465 2466 #ifndef OPENSSL_NO_DH 2467 static DH *load_dh_param(const char *dhfile) 2468 { 2469 DH *ret = NULL; 2470 BIO *bio; 2471 2472 if ((bio = BIO_new_file(dhfile, "r")) == NULL) 2473 goto err; 2474 ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); 2475 err: 2476 if (bio != NULL) 2477 BIO_free(bio); 2478 return (ret); 2479 } 2480 #endif 2481 #ifndef OPENSSL_NO_KRB5 2482 char *client_princ; 2483 #endif 2484 2485 #if 0 2486 static int load_CA(SSL_CTX *ctx, char *file) 2487 { 2488 FILE *in; 2489 X509 *x = NULL; 2490 2491 if ((in = fopen(file, "r")) == NULL) 2492 return (0); 2493 2494 for (;;) { 2495 if (PEM_read_X509(in, &x, NULL) == NULL) 2496 break; 2497 SSL_CTX_add_client_CA(ctx, x); 2498 } 2499 if (x != NULL) 2500 X509_free(x); 2501 fclose(in); 2502 return (1); 2503 } 2504 #endif 2505 2506 static int www_body(char *hostname, int s, unsigned char *context) 2507 { 2508 char *buf = NULL; 2509 int ret = 1; 2510 int i, j, k, dot; 2511 SSL *con; 2512 const SSL_CIPHER *c; 2513 BIO *io, *ssl_bio, *sbio; 2514 #ifndef OPENSSL_NO_KRB5 2515 KSSL_CTX *kctx; 2516 #endif 2517 2518 buf = OPENSSL_malloc(bufsize); 2519 if (buf == NULL) 2520 return (0); 2521 io = BIO_new(BIO_f_buffer()); 2522 ssl_bio = BIO_new(BIO_f_ssl()); 2523 if ((io == NULL) || (ssl_bio == NULL)) 2524 goto err; 2525 2526 #ifdef FIONBIO 2527 if (s_nbio) { 2528 unsigned long sl = 1; 2529 2530 if (!s_quiet) 2531 BIO_printf(bio_err, "turning on non blocking io\n"); 2532 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0) 2533 ERR_print_errors(bio_err); 2534 } 2535 #endif 2536 2537 /* lets make the output buffer a reasonable size */ 2538 if (!BIO_set_write_buffer_size(io, bufsize)) 2539 goto err; 2540 2541 if ((con = SSL_new(ctx)) == NULL) 2542 goto err; 2543 #ifndef OPENSSL_NO_TLSEXT 2544 if (s_tlsextdebug) { 2545 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2546 SSL_set_tlsext_debug_arg(con, bio_s_out); 2547 } 2548 #endif 2549 #ifndef OPENSSL_NO_KRB5 2550 if ((kctx = kssl_ctx_new()) != NULL) { 2551 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2552 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2553 } 2554 #endif /* OPENSSL_NO_KRB5 */ 2555 if (context) 2556 SSL_set_session_id_context(con, context, strlen((char *)context)); 2557 2558 sbio = BIO_new_socket(s, BIO_NOCLOSE); 2559 if (s_nbio_test) { 2560 BIO *test; 2561 2562 test = BIO_new(BIO_f_nbio_test()); 2563 sbio = BIO_push(test, sbio); 2564 } 2565 SSL_set_bio(con, sbio, sbio); 2566 SSL_set_accept_state(con); 2567 2568 /* SSL_set_fd(con,s); */ 2569 BIO_set_ssl(ssl_bio, con, BIO_CLOSE); 2570 BIO_push(io, ssl_bio); 2571 #ifdef CHARSET_EBCDIC 2572 io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io); 2573 #endif 2574 2575 if (s_debug) { 2576 SSL_set_debug(con, 1); 2577 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback); 2578 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out); 2579 } 2580 if (s_msg) { 2581 SSL_set_msg_callback(con, msg_cb); 2582 SSL_set_msg_callback_arg(con, bio_s_out); 2583 } 2584 2585 for (;;) { 2586 if (hack) { 2587 i = SSL_accept(con); 2588 #ifndef OPENSSL_NO_SRP 2589 while (i <= 0 2590 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) { 2591 BIO_printf(bio_s_out, "LOOKUP during accept %s\n", 2592 srp_callback_parm.login); 2593 srp_callback_parm.user = 2594 SRP_VBASE_get_by_user(srp_callback_parm.vb, 2595 srp_callback_parm.login); 2596 if (srp_callback_parm.user) 2597 BIO_printf(bio_s_out, "LOOKUP done %s\n", 2598 srp_callback_parm.user->info); 2599 else 2600 BIO_printf(bio_s_out, "LOOKUP not successful\n"); 2601 i = SSL_accept(con); 2602 } 2603 #endif 2604 switch (SSL_get_error(con, i)) { 2605 case SSL_ERROR_NONE: 2606 break; 2607 case SSL_ERROR_WANT_WRITE: 2608 case SSL_ERROR_WANT_READ: 2609 case SSL_ERROR_WANT_X509_LOOKUP: 2610 continue; 2611 case SSL_ERROR_SYSCALL: 2612 case SSL_ERROR_SSL: 2613 case SSL_ERROR_ZERO_RETURN: 2614 ret = 1; 2615 goto err; 2616 /* break; */ 2617 } 2618 2619 SSL_renegotiate(con); 2620 SSL_write(con, NULL, 0); 2621 } 2622 2623 i = BIO_gets(io, buf, bufsize - 1); 2624 if (i < 0) { /* error */ 2625 if (!BIO_should_retry(io)) { 2626 if (!s_quiet) 2627 ERR_print_errors(bio_err); 2628 goto err; 2629 } else { 2630 BIO_printf(bio_s_out, "read R BLOCK\n"); 2631 #if defined(OPENSSL_SYS_NETWARE) 2632 delay(1000); 2633 #elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) 2634 sleep(1); 2635 #endif 2636 continue; 2637 } 2638 } else if (i == 0) { /* end of input */ 2639 ret = 1; 2640 goto end; 2641 } 2642 2643 /* else we have data */ 2644 if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) || 2645 ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) { 2646 char *p; 2647 X509 *peer; 2648 STACK_OF(SSL_CIPHER) *sk; 2649 static const char *space = " "; 2650 2651 BIO_puts(io, 2652 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2653 BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n"); 2654 BIO_puts(io, "<pre>\n"); 2655 /* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ 2656 BIO_puts(io, "\n"); 2657 for (i = 0; i < local_argc; i++) { 2658 BIO_puts(io, local_argv[i]); 2659 BIO_write(io, " ", 1); 2660 } 2661 BIO_puts(io, "\n"); 2662 2663 BIO_printf(io, 2664 "Secure Renegotiation IS%s supported\n", 2665 SSL_get_secure_renegotiation_support(con) ? 2666 "" : " NOT"); 2667 2668 /* 2669 * The following is evil and should not really be done 2670 */ 2671 BIO_printf(io, "Ciphers supported in s_server binary\n"); 2672 sk = SSL_get_ciphers(con); 2673 j = sk_SSL_CIPHER_num(sk); 2674 for (i = 0; i < j; i++) { 2675 c = sk_SSL_CIPHER_value(sk, i); 2676 BIO_printf(io, "%-11s:%-25s", 2677 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); 2678 if ((((i + 1) % 2) == 0) && (i + 1 != j)) 2679 BIO_puts(io, "\n"); 2680 } 2681 BIO_puts(io, "\n"); 2682 p = SSL_get_shared_ciphers(con, buf, bufsize); 2683 if (p != NULL) { 2684 BIO_printf(io, 2685 "---\nCiphers common between both SSL end points:\n"); 2686 j = i = 0; 2687 while (*p) { 2688 if (*p == ':') { 2689 BIO_write(io, space, 26 - j); 2690 i++; 2691 j = 0; 2692 BIO_write(io, ((i % 3) ? " " : "\n"), 1); 2693 } else { 2694 BIO_write(io, p, 1); 2695 j++; 2696 } 2697 p++; 2698 } 2699 BIO_puts(io, "\n"); 2700 } 2701 BIO_printf(io, (SSL_cache_hit(con) 2702 ? "---\nReused, " : "---\nNew, ")); 2703 c = SSL_get_current_cipher(con); 2704 BIO_printf(io, "%s, Cipher is %s\n", 2705 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); 2706 SSL_SESSION_print(io, SSL_get_session(con)); 2707 BIO_printf(io, "---\n"); 2708 print_stats(io, SSL_get_SSL_CTX(con)); 2709 BIO_printf(io, "---\n"); 2710 peer = SSL_get_peer_certificate(con); 2711 if (peer != NULL) { 2712 BIO_printf(io, "Client certificate\n"); 2713 X509_print(io, peer); 2714 PEM_write_bio_X509(io, peer); 2715 } else 2716 BIO_puts(io, "no client certificate available\n"); 2717 BIO_puts(io, "</BODY></HTML>\r\n\r\n"); 2718 break; 2719 } else if ((www == 2 || www == 3) 2720 && (strncmp("GET /", buf, 5) == 0)) { 2721 BIO *file; 2722 char *p, *e; 2723 static const char *text = 2724 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; 2725 2726 /* skip the '/' */ 2727 p = &(buf[5]); 2728 2729 dot = 1; 2730 for (e = p; *e != '\0'; e++) { 2731 if (e[0] == ' ') 2732 break; 2733 2734 switch (dot) { 2735 case 1: 2736 dot = (e[0] == '.') ? 2 : 0; 2737 break; 2738 case 2: 2739 dot = (e[0] == '.') ? 3 : 0; 2740 break; 2741 case 3: 2742 dot = (e[0] == '/') ? -1 : 0; 2743 break; 2744 } 2745 if (dot == 0) 2746 dot = (e[0] == '/') ? 1 : 0; 2747 } 2748 dot = (dot == 3) || (dot == -1); /* filename contains ".." 2749 * component */ 2750 2751 if (*e == '\0') { 2752 BIO_puts(io, text); 2753 BIO_printf(io, "'%s' is an invalid file name\r\n", p); 2754 break; 2755 } 2756 *e = '\0'; 2757 2758 if (dot) { 2759 BIO_puts(io, text); 2760 BIO_printf(io, "'%s' contains '..' reference\r\n", p); 2761 break; 2762 } 2763 2764 if (*p == '/') { 2765 BIO_puts(io, text); 2766 BIO_printf(io, "'%s' is an invalid path\r\n", p); 2767 break; 2768 } 2769 #if 0 2770 /* append if a directory lookup */ 2771 if (e[-1] == '/') 2772 strcat(p, "index.html"); 2773 #endif 2774 2775 /* if a directory, do the index thang */ 2776 if (app_isdir(p) > 0) { 2777 #if 0 /* must check buffer size */ 2778 strcat(p, "/index.html"); 2779 #else 2780 BIO_puts(io, text); 2781 BIO_printf(io, "'%s' is a directory\r\n", p); 2782 break; 2783 #endif 2784 } 2785 2786 if ((file = BIO_new_file(p, "r")) == NULL) { 2787 BIO_puts(io, text); 2788 BIO_printf(io, "Error opening '%s'\r\n", p); 2789 ERR_print_errors(io); 2790 break; 2791 } 2792 2793 if (!s_quiet) 2794 BIO_printf(bio_err, "FILE:%s\n", p); 2795 2796 if (www == 2) { 2797 i = strlen(p); 2798 if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) || 2799 ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) || 2800 ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0))) 2801 BIO_puts(io, 2802 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2803 else 2804 BIO_puts(io, 2805 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); 2806 } 2807 /* send the file */ 2808 for (;;) { 2809 i = BIO_read(file, buf, bufsize); 2810 if (i <= 0) 2811 break; 2812 2813 #ifdef RENEG 2814 total_bytes += i; 2815 fprintf(stderr, "%d\n", i); 2816 if (total_bytes > 3 * 1024) { 2817 total_bytes = 0; 2818 fprintf(stderr, "RENEGOTIATE\n"); 2819 SSL_renegotiate(con); 2820 } 2821 #endif 2822 2823 for (j = 0; j < i;) { 2824 #ifdef RENEG 2825 { 2826 static count = 0; 2827 if (++count == 13) { 2828 SSL_renegotiate(con); 2829 } 2830 } 2831 #endif 2832 k = BIO_write(io, &(buf[j]), i - j); 2833 if (k <= 0) { 2834 if (!BIO_should_retry(io)) 2835 goto write_error; 2836 else { 2837 BIO_printf(bio_s_out, "rwrite W BLOCK\n"); 2838 } 2839 } else { 2840 j += k; 2841 } 2842 } 2843 } 2844 write_error: 2845 BIO_free(file); 2846 break; 2847 } 2848 } 2849 2850 for (;;) { 2851 i = (int)BIO_flush(io); 2852 if (i <= 0) { 2853 if (!BIO_should_retry(io)) 2854 break; 2855 } else 2856 break; 2857 } 2858 end: 2859 #if 1 2860 /* make sure we re-use sessions */ 2861 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); 2862 #else 2863 /* This kills performance */ 2864 /* 2865 * SSL_shutdown(con); A shutdown gets sent in the BIO_free_all(io) 2866 * procession 2867 */ 2868 #endif 2869 2870 err: 2871 2872 if (ret >= 0) 2873 BIO_printf(bio_s_out, "ACCEPT\n"); 2874 2875 if (buf != NULL) 2876 OPENSSL_free(buf); 2877 if (io != NULL) 2878 BIO_free_all(io); 2879 /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ 2880 return (ret); 2881 } 2882 2883 #ifndef OPENSSL_NO_RSA 2884 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2885 { 2886 BIGNUM *bn = NULL; 2887 static RSA *rsa_tmp = NULL; 2888 2889 if (!rsa_tmp && ((bn = BN_new()) == NULL)) 2890 BIO_printf(bio_err, "Allocation error in generating RSA key\n"); 2891 if (!rsa_tmp && bn) { 2892 if (!s_quiet) { 2893 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", 2894 keylength); 2895 (void)BIO_flush(bio_err); 2896 } 2897 if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || 2898 !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) { 2899 if (rsa_tmp) 2900 RSA_free(rsa_tmp); 2901 rsa_tmp = NULL; 2902 } 2903 if (!s_quiet) { 2904 BIO_printf(bio_err, "\n"); 2905 (void)BIO_flush(bio_err); 2906 } 2907 BN_free(bn); 2908 } 2909 return (rsa_tmp); 2910 } 2911 #endif 2912 2913 #define MAX_SESSION_ID_ATTEMPTS 10 2914 static int generate_session_id(const SSL *ssl, unsigned char *id, 2915 unsigned int *id_len) 2916 { 2917 unsigned int count = 0; 2918 do { 2919 RAND_pseudo_bytes(id, *id_len); 2920 /* 2921 * Prefix the session_id with the required prefix. NB: If our prefix 2922 * is too long, clip it - but there will be worse effects anyway, eg. 2923 * the server could only possibly create 1 session ID (ie. the 2924 * prefix!) so all future session negotiations will fail due to 2925 * conflicts. 2926 */ 2927 memcpy(id, session_id_prefix, 2928 (strlen(session_id_prefix) < *id_len) ? 2929 strlen(session_id_prefix) : *id_len); 2930 } 2931 while (SSL_has_matching_session_id(ssl, id, *id_len) && 2932 (++count < MAX_SESSION_ID_ATTEMPTS)); 2933 if (count >= MAX_SESSION_ID_ATTEMPTS) 2934 return 0; 2935 return 1; 2936 } 2937