2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
87 * 6. Redistributions of any form whatsoever must retain the following
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
111 /* ====================================================================
112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113 * ECC cipher suite support in OpenSSL originally developed by
114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
116 /* ====================================================================
117 * Copyright 2005 Nokia. All rights reserved.
119 * The portions of the attached software ("Contribution") is developed by
120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125 * support (see RFC 4279) to OpenSSL.
127 * No patent licenses or other rights except those expressly stated in
128 * the OpenSSL open source license shall be deemed granted or received
129 * expressly, by implication, estoppel, or otherwise.
131 * No assurances are provided by Nokia that the Contribution does not
132 * infringe the patent or other intellectual property rights of any third
133 * party or that the license provides you with all the necessary rights
134 * to make use of the Contribution.
136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
144 * Until the key-gen callbacks are modified to use newer prototypes, we allow
145 * deprecated functions for openssl-internal code
147 #ifdef OPENSSL_NO_DEPRECATED
148 # undef OPENSSL_NO_DEPRECATED
157 #include <openssl/e_os2.h>
158 #ifdef OPENSSL_NO_STDIO
162 /* conflicts with winsock2 stuff on netware */
163 #if !defined(OPENSSL_SYS_NETWARE)
164 # include <sys/types.h>
168 * With IPv6, it looks like Digital has mixed up the proper order of
169 * recursive header file inclusion, resulting in the compiler complaining
170 * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
171 * needed to have fileno() declared correctly... So let's define u_int
173 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
175 typedef unsigned int u_int;
178 #include <openssl/lhash.h>
179 #include <openssl/bn.h>
182 #include <openssl/err.h>
183 #include <openssl/pem.h>
184 #include <openssl/x509.h>
185 #include <openssl/ssl.h>
186 #include <openssl/rand.h>
187 #include <openssl/ocsp.h>
188 #ifndef OPENSSL_NO_DH
189 # include <openssl/dh.h>
191 #ifndef OPENSSL_NO_RSA
192 # include <openssl/rsa.h>
194 #ifndef OPENSSL_NO_SRP
195 # include <openssl/srp.h>
198 #include "timeouts.h"
200 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
201 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
205 #if defined(OPENSSL_SYS_BEOS_R5)
209 #ifndef OPENSSL_NO_RSA
210 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
212 static int sv_body(char *hostname, int s, unsigned char *context);
213 static int www_body(char *hostname, int s, unsigned char *context);
214 static void close_accept_socket(void);
215 static void sv_usage(void);
216 static int init_ssl_connection(SSL *s);
217 static void print_stats(BIO *bp, SSL_CTX *ctx);
218 static int generate_session_id(const SSL *ssl, unsigned char *id,
219 unsigned int *id_len);
220 #ifndef OPENSSL_NO_DH
221 static DH *load_dh_param(const char *dhfile);
222 static DH *get_dh512(void);
226 static void s_server_init(void);
229 #ifndef OPENSSL_NO_DH
230 static unsigned char dh512_p[] = {
231 0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
232 0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
233 0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
234 0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
235 0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
236 0x47, 0x74, 0xE8, 0x33,
239 static unsigned char dh512_g[] = {
243 static DH *get_dh512(void)
247 if ((dh = DH_new()) == NULL)
249 dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
250 dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
251 if ((dh->p == NULL) || (dh->g == NULL))
257 /* static int load_CA(SSL_CTX *ctx, char *file);*/
260 #define BUFSIZZ 16*1024
261 static int bufsize = BUFSIZZ;
262 static int accept_socket = -1;
264 #define TEST_CERT "server.pem"
265 #ifndef OPENSSL_NO_TLSEXT
266 # define TEST_CERT2 "server2.pem"
269 #define PROG s_server_main
271 extern int verify_depth, verify_return_error;
273 static char *cipher = NULL;
274 static int s_server_verify = SSL_VERIFY_NONE;
275 static int s_server_session_id_context = 1; /* anything will do */
276 static const char *s_cert_file = TEST_CERT, *s_key_file = NULL;
277 #ifndef OPENSSL_NO_TLSEXT
278 static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
280 static char *s_dcert_file = NULL, *s_dkey_file = NULL;
282 static int s_nbio = 0;
284 static int s_nbio_test = 0;
286 static SSL_CTX *ctx = NULL;
287 #ifndef OPENSSL_NO_TLSEXT
288 static SSL_CTX *ctx2 = NULL;
292 static BIO *bio_s_out = NULL;
293 static int s_debug = 0;
294 #ifndef OPENSSL_NO_TLSEXT
295 static int s_tlsextdebug = 0;
296 static int s_tlsextstatus = 0;
297 static int cert_status_cb(SSL *s, void *arg);
299 static int s_msg = 0;
300 static int s_quiet = 0;
302 static char *keymatexportlabel = NULL;
303 static int keymatexportlen = 20;
306 #ifndef OPENSSL_NO_ENGINE
307 static char *engine_id = NULL;
309 static const char *session_id_prefix = NULL;
311 static int enable_timeouts = 0;
312 static long socket_mtu;
313 #ifndef OPENSSL_NO_DTLS1
314 static int cert_chain = 0;
317 #ifndef OPENSSL_NO_PSK
318 static char *psk_identity = "Client_identity";
319 char *psk_key = NULL; /* by default PSK is not used */
321 static unsigned int psk_server_cb(SSL *ssl, const char *identity,
323 unsigned int max_psk_len)
325 unsigned int psk_len = 0;
330 BIO_printf(bio_s_out, "psk_server_cb\n");
332 BIO_printf(bio_err, "Error: client did not send PSK identity\n");
336 BIO_printf(bio_s_out, "identity_len=%d identity=%s\n",
337 (int)strlen(identity), identity);
339 /* here we could lookup the given identity e.g. from a database */
340 if (strcmp(identity, psk_identity) != 0) {
341 BIO_printf(bio_s_out, "PSK error: client identity not found"
342 " (got '%s' expected '%s')\n", identity, psk_identity);
346 BIO_printf(bio_s_out, "PSK client identity found\n");
348 /* convert the PSK key to binary */
349 ret = BN_hex2bn(&bn, psk_key);
351 BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
357 if (BN_num_bytes(bn) > (int)max_psk_len) {
359 "psk buffer of callback is too small (%d) for key (%d)\n",
360 max_psk_len, BN_num_bytes(bn));
365 ret = BN_bn2bin(bn, psk);
370 psk_len = (unsigned int)ret;
373 BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
377 BIO_printf(bio_err, "Error in PSK server callback\n");
382 #ifndef OPENSSL_NO_SRP
383 /* This is a context that we pass to callbacks */
384 typedef struct srpsrvparm_st {
391 * This callback pretends to require some asynchronous logic in order to
392 * obtain a verifier. When the callback is called for a new connection we
393 * return with a negative value. This will provoke the accept etc to return
394 * with an LOOKUP_X509. The main logic of the reinvokes the suspended call
395 * (which would normally occur after a worker has finished) and we set the
398 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
400 srpsrvparm *p = (srpsrvparm *) arg;
401 if (p->login == NULL && p->user == NULL) {
402 p->login = SSL_get_srp_username(s);
403 BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
407 if (p->user == NULL) {
408 BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
409 return SSL3_AL_FATAL;
411 if (SSL_set_srp_server_param
412 (s, p->user->N, p->user->g, p->user->s, p->user->v,
413 p->user->info) < 0) {
414 *ad = SSL_AD_INTERNAL_ERROR;
415 return SSL3_AL_FATAL;
418 "SRP parameters set: username = \"%s\" info=\"%s\" \n",
419 p->login, p->user->info);
420 /* need to check whether there are memory leaks */
423 return SSL_ERROR_NONE;
429 static void s_server_init(void)
433 s_server_verify = SSL_VERIFY_NONE;
436 s_cert_file = TEST_CERT;
438 # ifndef OPENSSL_NO_TLSEXT
439 s_cert_file2 = TEST_CERT2;
455 # ifndef OPENSSL_NO_ENGINE
461 static void sv_usage(void)
463 BIO_printf(bio_err, "usage: s_server [args ...]\n");
464 BIO_printf(bio_err, "\n");
466 " -accept arg - port to accept on (default is %d)\n", PORT);
467 BIO_printf(bio_err, " -context arg - set session ID context\n");
469 " -verify arg - turn on peer certificate verification\n");
471 " -Verify arg - turn on peer certificate verification, must have a cert.\n");
473 " -verify_return_error - return verification errors\n");
474 BIO_printf(bio_err, " -cert arg - certificate file to use\n");
475 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT);
477 " -crl_check - check the peer certificate has not been revoked by its CA.\n"
478 " The CRL(s) are appended to the certificate file\n");
480 " -crl_check_all - check the peer certificate has not been revoked by its CA\n"
481 " or any other CRL in the CA chain. CRL(s) are appened to the\n"
482 " the certificate file.\n");
484 " -certform arg - certificate format (PEM or DER) PEM default\n");
486 " -key arg - Private Key file to use, in cert file if\n");
487 BIO_printf(bio_err, " not specified (default is %s)\n",
490 " -keyform arg - key format (PEM, DER or ENGINE) PEM default\n");
492 " -pass arg - private key file pass phrase source\n");
494 " -dcert arg - second certificate file to use (usually for DSA)\n");
496 " -dcertform x - second certificate format (PEM or DER) PEM default\n");
498 " -dkey arg - second private key file to use (usually for DSA)\n");
500 " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
502 " -dpass arg - second private key file pass phrase source\n");
504 " -dhparam arg - DH parameter file to use, in cert file if not specified\n");
506 " or a default set of parameters is used\n");
507 #ifndef OPENSSL_NO_ECDH
509 " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n"
510 " Use \"openssl ecparam -list_curves\" for all names\n"
511 " (default is nistp256).\n");
514 BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n");
517 " -nbio_test - test with the non-blocking test bio\n");
519 " -crlf - convert LF from terminal into CRLF\n");
520 BIO_printf(bio_err, " -debug - Print more output\n");
521 BIO_printf(bio_err, " -msg - Show protocol messages\n");
522 BIO_printf(bio_err, " -state - Print the SSL states\n");
523 BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n");
524 BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n");
526 " -nocert - Don't use any certificates (Anon-DH)\n");
528 " -cipher arg - play with 'openssl ciphers' to see what goes here\n");
529 BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n");
530 BIO_printf(bio_err, " -quiet - No server output\n");
531 BIO_printf(bio_err, " -no_tmp_rsa - Do not generate a tmp RSA key\n");
532 #ifndef OPENSSL_NO_PSK
533 BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n");
534 BIO_printf(bio_err, " -psk arg - PSK in hex (without 0x)\n");
535 # ifndef OPENSSL_NO_JPAKE
536 BIO_printf(bio_err, " -jpake arg - JPAKE secret to use\n");
539 #ifndef OPENSSL_NO_SRP
540 BIO_printf(bio_err, " -srpvfile file - The verifier file for SRP\n");
542 " -srpuserseed string - A seed string for a default user salt.\n");
544 BIO_printf(bio_err, " -ssl2 - Just talk SSLv2\n");
545 #ifndef OPENSSL_NO_SSL3_METHOD
546 BIO_printf(bio_err, " -ssl3 - Just talk SSLv3\n");
548 BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n");
549 BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n");
550 BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n");
551 BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n");
552 BIO_printf(bio_err, " -timeout - Enable timeouts\n");
553 BIO_printf(bio_err, " -mtu - Set link layer MTU\n");
554 BIO_printf(bio_err, " -chain - Read a certificate chain\n");
555 BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n");
556 BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n");
557 BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n");
558 BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n");
559 BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n");
560 #ifndef OPENSSL_NO_DH
561 BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n");
563 #ifndef OPENSSL_NO_ECDH
564 BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n");
566 BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n");
568 " -hack - workaround for early Netscape code\n");
570 " -www - Respond to a 'GET /' with a status page\n");
572 " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
574 " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
576 " with the assumption it contains a complete HTTP response.\n");
577 #ifndef OPENSSL_NO_ENGINE
579 " -engine id - Initialise and use the specified engine\n");
582 " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
583 BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
584 LIST_SEPARATOR_CHAR);
585 #ifndef OPENSSL_NO_TLSEXT
587 " -servername host - servername for HostName TLS extension\n");
589 " -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
591 " -cert2 arg - certificate file to use for servername\n");
592 BIO_printf(bio_err, " (default is %s)\n", TEST_CERT2);
594 " -key2 arg - Private Key file to use for servername, in cert file if\n");
595 BIO_printf(bio_err, " not specified (default is %s)\n",
598 " -tlsextdebug - hex dump of all TLS extensions received\n");
600 " -no_ticket - disable use of RFC4507bis session tickets\n");
602 " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
603 # ifndef OPENSSL_NO_NEXTPROTONEG
605 " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
607 # ifndef OPENSSL_NO_SRTP
609 " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
613 " -keymatexport label - Export keying material using label\n");
615 " -keymatexportlen len - Export len bytes of keying material (default 20)\n");
617 " -status - respond to certificate status requests\n");
619 " -status_verbose - enable status request verbose printout\n");
621 " -status_timeout n - status request responder timeout\n");
622 BIO_printf(bio_err, " -status_url URL - status request fallback URL\n");
625 static int local_argc = 0;
626 static char **local_argv;
628 #ifdef CHARSET_EBCDIC
629 static int ebcdic_new(BIO *bi);
630 static int ebcdic_free(BIO *a);
631 static int ebcdic_read(BIO *b, char *out, int outl);
632 static int ebcdic_write(BIO *b, const char *in, int inl);
633 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
634 static int ebcdic_gets(BIO *bp, char *buf, int size);
635 static int ebcdic_puts(BIO *bp, const char *str);
637 # define BIO_TYPE_EBCDIC_FILTER (18|0x0200)
638 static BIO_METHOD methods_ebcdic = {
639 BIO_TYPE_EBCDIC_FILTER,
640 "EBCDIC/ASCII filter",
655 BIO_METHOD *BIO_f_ebcdic_filter()
657 return (&methods_ebcdic);
660 static int ebcdic_new(BIO *bi)
662 EBCDIC_OUTBUFF *wbuf;
664 wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
667 wbuf->alloced = 1024;
668 wbuf->buff[0] = '\0';
670 bi->ptr = (char *)wbuf;
676 static int ebcdic_free(BIO *a)
681 OPENSSL_free(a->ptr);
688 static int ebcdic_read(BIO *b, char *out, int outl)
692 if (out == NULL || outl == 0)
694 if (b->next_bio == NULL)
697 ret = BIO_read(b->next_bio, out, outl);
699 ascii2ebcdic(out, out, ret);
703 static int ebcdic_write(BIO *b, const char *in, int inl)
705 EBCDIC_OUTBUFF *wbuf;
710 if ((in == NULL) || (inl <= 0))
712 if (b->next_bio == NULL)
715 wbuf = (EBCDIC_OUTBUFF *) b->ptr;
717 if (inl > (num = wbuf->alloced)) {
718 num = num + num; /* double the size */
722 (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
725 OPENSSL_free(b->ptr);
728 wbuf->buff[0] = '\0';
730 b->ptr = (char *)wbuf;
733 ebcdic2ascii(wbuf->buff, in, inl);
735 ret = BIO_write(b->next_bio, wbuf->buff, inl);
740 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
744 if (b->next_bio == NULL)
751 ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
757 static int ebcdic_gets(BIO *bp, char *buf, int size)
760 if (bp->next_bio == NULL)
762 /* return(BIO_gets(bp->next_bio,buf,size));*/
763 for (i = 0; i < size - 1; ++i) {
764 ret = ebcdic_read(bp, &buf[i], 1);
767 else if (buf[i] == '\n') {
774 return (ret < 0 && i == 0) ? ret : i;
777 static int ebcdic_puts(BIO *bp, const char *str)
779 if (bp->next_bio == NULL)
781 return ebcdic_write(bp, str, strlen(str));
785 #ifndef OPENSSL_NO_TLSEXT
787 /* This is a context that we pass to callbacks */
788 typedef struct tlsextctx_st {
794 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
796 tlsextctx *p = (tlsextctx *) arg;
797 const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
798 if (servername && p->biodebug)
799 BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n",
803 return SSL_TLSEXT_ERR_NOACK;
806 if (strcasecmp(servername, p->servername))
807 return p->extension_error;
809 BIO_printf(p->biodebug, "Switching server context.\n");
810 SSL_set_SSL_CTX(s, ctx2);
813 return SSL_TLSEXT_ERR_OK;
816 /* Structure passed to cert status callback */
818 typedef struct tlsextstatusctx_st {
819 /* Default responder to use */
820 char *host, *path, *port;
827 static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, NULL, 0 };
830 * Certificate Status callback. This is called when a client includes a
831 * certificate status request extension. This is a simplified version. It
832 * examines certificates each time and makes one OCSP responder query for
833 * each request. A full version would store details such as the OCSP
834 * certificate IDs and minimise the number of OCSP responses by caching them
835 * until they were considered "expired".
838 static int cert_status_cb(SSL *s, void *arg)
840 tlsextstatusctx *srctx = arg;
841 BIO *err = srctx->err;
842 char *host, *port, *path;
844 unsigned char *rspder = NULL;
846 STACK_OF(OPENSSL_STRING) *aia = NULL;
848 X509_STORE_CTX inctx;
850 OCSP_REQUEST *req = NULL;
851 OCSP_RESPONSE *resp = NULL;
852 OCSP_CERTID *id = NULL;
853 STACK_OF(X509_EXTENSION) *exts;
854 int ret = SSL_TLSEXT_ERR_NOACK;
857 STACK_OF(OCSP_RESPID) *ids;
858 SSL_get_tlsext_status_ids(s, &ids);
859 BIO_printf(err, "cert_status: received %d ids\n",
860 sk_OCSP_RESPID_num(ids));
863 BIO_puts(err, "cert_status: callback called\n");
864 /* Build up OCSP query from server certificate */
865 x = SSL_get_certificate(s);
866 aia = X509_get1_ocsp(x);
868 if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
869 &host, &port, &path, &use_ssl)) {
870 BIO_puts(err, "cert_status: can't parse AIA URL\n");
874 BIO_printf(err, "cert_status: AIA URL: %s\n",
875 sk_OPENSSL_STRING_value(aia, 0));
879 "cert_status: no AIA and no default responder URL\n");
885 use_ssl = srctx->use_ssl;
888 if (!X509_STORE_CTX_init(&inctx,
889 SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
892 if (X509_STORE_get_by_subject(&inctx, X509_LU_X509,
893 X509_get_issuer_name(x), &obj) <= 0) {
894 BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
895 X509_STORE_CTX_cleanup(&inctx);
898 req = OCSP_REQUEST_new();
901 id = OCSP_cert_to_id(NULL, x, obj.data.x509);
902 X509_free(obj.data.x509);
903 X509_STORE_CTX_cleanup(&inctx);
906 if (!OCSP_request_add0_id(req, id))
909 /* Add any extensions to the request */
910 SSL_get_tlsext_status_exts(s, &exts);
911 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
912 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
913 if (!OCSP_REQUEST_add_ext(req, ext, -1))
916 resp = process_responder(err, req, host, path, port, use_ssl, NULL,
919 BIO_puts(err, "cert_status: error querying responder\n");
922 rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
925 SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
926 if (srctx->verbose) {
927 BIO_puts(err, "cert_status: ocsp response sent:\n");
928 OCSP_RESPONSE_print(err, resp, 2);
930 ret = SSL_TLSEXT_ERR_OK;
932 if (ret != SSL_TLSEXT_ERR_OK)
933 ERR_print_errors(err);
938 X509_email_free(aia);
941 OCSP_CERTID_free(id);
943 OCSP_REQUEST_free(req);
945 OCSP_RESPONSE_free(resp);
948 ret = SSL_TLSEXT_ERR_ALERT_FATAL;
952 # ifndef OPENSSL_NO_NEXTPROTONEG
953 /* This is the context that we pass to next_proto_cb */
954 typedef struct tlsextnextprotoctx_st {
957 } tlsextnextprotoctx;
959 static int next_proto_cb(SSL *s, const unsigned char **data,
960 unsigned int *len, void *arg)
962 tlsextnextprotoctx *next_proto = arg;
964 *data = next_proto->data;
965 *len = next_proto->len;
967 return SSL_TLSEXT_ERR_OK;
969 # endif /* ndef OPENSSL_NO_NEXTPROTONEG */
973 int MAIN(int, char **);
975 #ifndef OPENSSL_NO_JPAKE
976 static char *jpake_secret = NULL;
978 #ifndef OPENSSL_NO_SRP
979 static srpsrvparm srp_callback_parm;
981 #ifndef OPENSSL_NO_SRTP
982 static char *srtp_profiles = NULL;
985 int MAIN(int argc, char *argv[])
987 X509_VERIFY_PARAM *vpm = NULL;
990 char *CApath = NULL, *CAfile = NULL;
991 unsigned char *context = NULL;
993 #ifndef OPENSSL_NO_ECDH
994 char *named_curve = NULL;
996 int badop = 0, bugs = 0;
999 int no_tmp_rsa = 0, no_dhe = 0, nocert = 0;
1000 #ifndef OPENSSL_NO_ECDH
1004 const SSL_METHOD *meth = NULL;
1005 int socket_type = SOCK_STREAM;
1007 char *inrand = NULL;
1008 int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
1009 char *passarg = NULL, *pass = NULL;
1010 char *dpassarg = NULL, *dpass = NULL;
1011 int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
1012 X509 *s_cert = NULL, *s_dcert = NULL;
1013 EVP_PKEY *s_key = NULL, *s_dkey = NULL;
1015 #ifndef OPENSSL_NO_TLSEXT
1016 EVP_PKEY *s_key2 = NULL;
1017 X509 *s_cert2 = NULL;
1018 tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
1019 # ifndef OPENSSL_NO_NEXTPROTONEG
1020 const char *next_proto_neg_in = NULL;
1021 tlsextnextprotoctx next_proto;
1024 #ifndef OPENSSL_NO_PSK
1025 /* by default do not send a PSK identity hint */
1026 static char *psk_identity_hint = NULL;
1028 #ifndef OPENSSL_NO_SRP
1029 char *srpuserseed = NULL;
1030 char *srp_verifier_file = NULL;
1032 meth = SSLv23_server_method();
1042 if (bio_err == NULL)
1043 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
1045 if (!load_config(bio_err, NULL))
1058 if ((strcmp(*argv, "-port") == 0) || (strcmp(*argv, "-accept") == 0)) {
1061 if (!extract_port(*(++argv), &port))
1063 } else if (strcmp(*argv, "-verify") == 0) {
1064 s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
1067 verify_depth = atoi(*(++argv));
1068 BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
1069 } else if (strcmp(*argv, "-Verify") == 0) {
1071 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
1072 SSL_VERIFY_CLIENT_ONCE;
1075 verify_depth = atoi(*(++argv));
1077 "verify depth is %d, must return a certificate\n",
1079 } else if (strcmp(*argv, "-context") == 0) {
1082 context = (unsigned char *)*(++argv);
1083 } else if (strcmp(*argv, "-cert") == 0) {
1086 s_cert_file = *(++argv);
1087 } else if (strcmp(*argv, "-certform") == 0) {
1090 s_cert_format = str2fmt(*(++argv));
1091 } else if (strcmp(*argv, "-key") == 0) {
1094 s_key_file = *(++argv);
1095 } else if (strcmp(*argv, "-keyform") == 0) {
1098 s_key_format = str2fmt(*(++argv));
1099 } else if (strcmp(*argv, "-pass") == 0) {
1102 passarg = *(++argv);
1103 } else if (strcmp(*argv, "-dhparam") == 0) {
1108 #ifndef OPENSSL_NO_ECDH
1109 else if (strcmp(*argv, "-named_curve") == 0) {
1112 named_curve = *(++argv);
1115 else if (strcmp(*argv, "-dcertform") == 0) {
1118 s_dcert_format = str2fmt(*(++argv));
1119 } else if (strcmp(*argv, "-dcert") == 0) {
1122 s_dcert_file = *(++argv);
1123 } else if (strcmp(*argv, "-dkeyform") == 0) {
1126 s_dkey_format = str2fmt(*(++argv));
1127 } else if (strcmp(*argv, "-dpass") == 0) {
1130 dpassarg = *(++argv);
1131 } else if (strcmp(*argv, "-dkey") == 0) {
1134 s_dkey_file = *(++argv);
1135 } else if (strcmp(*argv, "-nocert") == 0) {
1137 } else if (strcmp(*argv, "-CApath") == 0) {
1141 } else if (strcmp(*argv, "-no_cache") == 0)
1143 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
1147 } else if (strcmp(*argv, "-verify_return_error") == 0)
1148 verify_return_error = 1;
1149 else if (strcmp(*argv, "-serverpref") == 0) {
1150 off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
1151 } else if (strcmp(*argv, "-legacy_renegotiation") == 0)
1152 off |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
1153 else if (strcmp(*argv, "-cipher") == 0) {
1157 } else if (strcmp(*argv, "-CAfile") == 0) {
1163 else if (strcmp(*argv, "-nbio") == 0) {
1167 else if (strcmp(*argv, "-nbio_test") == 0) {
1172 } else if (strcmp(*argv, "-debug") == 0) {
1175 #ifndef OPENSSL_NO_TLSEXT
1176 else if (strcmp(*argv, "-tlsextdebug") == 0)
1178 else if (strcmp(*argv, "-status") == 0)
1180 else if (strcmp(*argv, "-status_verbose") == 0) {
1182 tlscstatp.verbose = 1;
1183 } else if (!strcmp(*argv, "-status_timeout")) {
1187 tlscstatp.timeout = atoi(*(++argv));
1188 } else if (!strcmp(*argv, "-status_url")) {
1192 if (!OCSP_parse_url(*(++argv),
1195 &tlscstatp.path, &tlscstatp.use_ssl)) {
1196 BIO_printf(bio_err, "Error parsing URL\n");
1201 else if (strcmp(*argv, "-msg") == 0) {
1203 } else if (strcmp(*argv, "-hack") == 0) {
1205 } else if (strcmp(*argv, "-state") == 0) {
1207 } else if (strcmp(*argv, "-crlf") == 0) {
1209 } else if (strcmp(*argv, "-quiet") == 0) {
1211 } else if (strcmp(*argv, "-bugs") == 0) {
1213 } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
1215 } else if (strcmp(*argv, "-no_dhe") == 0) {
1218 #ifndef OPENSSL_NO_ECDH
1219 else if (strcmp(*argv, "-no_ecdhe") == 0) {
1223 #ifndef OPENSSL_NO_PSK
1224 else if (strcmp(*argv, "-psk_hint") == 0) {
1227 psk_identity_hint = *(++argv);
1228 } else if (strcmp(*argv, "-psk") == 0) {
1233 psk_key = *(++argv);
1234 for (i = 0; i < strlen(psk_key); i++) {
1235 if (isxdigit((unsigned char)psk_key[i]))
1237 BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1242 #ifndef OPENSSL_NO_SRP
1243 else if (strcmp(*argv, "-srpvfile") == 0) {
1246 srp_verifier_file = *(++argv);
1247 meth = TLSv1_server_method();
1248 } else if (strcmp(*argv, "-srpuserseed") == 0) {
1251 srpuserseed = *(++argv);
1252 meth = TLSv1_server_method();
1255 else if (strcmp(*argv, "-www") == 0) {
1257 } else if (strcmp(*argv, "-WWW") == 0) {
1259 } else if (strcmp(*argv, "-HTTP") == 0) {
1261 } else if (strcmp(*argv, "-no_ssl2") == 0) {
1262 off |= SSL_OP_NO_SSLv2;
1263 } else if (strcmp(*argv, "-no_ssl3") == 0) {
1264 off |= SSL_OP_NO_SSLv3;
1265 } else if (strcmp(*argv, "-no_tls1") == 0) {
1266 off |= SSL_OP_NO_TLSv1;
1267 } else if (strcmp(*argv, "-no_tls1_1") == 0) {
1268 off |= SSL_OP_NO_TLSv1_1;
1269 } else if (strcmp(*argv, "-no_tls1_2") == 0) {
1270 off |= SSL_OP_NO_TLSv1_2;
1271 } else if (strcmp(*argv, "-no_comp") == 0) {
1272 off |= SSL_OP_NO_COMPRESSION;
1274 #ifndef OPENSSL_NO_TLSEXT
1275 else if (strcmp(*argv, "-no_ticket") == 0) {
1276 off |= SSL_OP_NO_TICKET;
1279 #ifndef OPENSSL_NO_SSL2
1280 else if (strcmp(*argv, "-ssl2") == 0) {
1281 meth = SSLv2_server_method();
1284 #ifndef OPENSSL_NO_SSL3_METHOD
1285 else if (strcmp(*argv, "-ssl3") == 0) {
1286 meth = SSLv3_server_method();
1289 #ifndef OPENSSL_NO_TLS1
1290 else if (strcmp(*argv, "-tls1") == 0) {
1291 meth = TLSv1_server_method();
1292 } else if (strcmp(*argv, "-tls1_1") == 0) {
1293 meth = TLSv1_1_server_method();
1294 } else if (strcmp(*argv, "-tls1_2") == 0) {
1295 meth = TLSv1_2_server_method();
1298 #ifndef OPENSSL_NO_DTLS1
1299 else if (strcmp(*argv, "-dtls1") == 0) {
1300 meth = DTLSv1_server_method();
1301 socket_type = SOCK_DGRAM;
1302 } else if (strcmp(*argv, "-timeout") == 0)
1303 enable_timeouts = 1;
1304 else if (strcmp(*argv, "-mtu") == 0) {
1307 socket_mtu = atol(*(++argv));
1308 } else if (strcmp(*argv, "-chain") == 0)
1311 else if (strcmp(*argv, "-id_prefix") == 0) {
1314 session_id_prefix = *(++argv);
1316 #ifndef OPENSSL_NO_ENGINE
1317 else if (strcmp(*argv, "-engine") == 0) {
1320 engine_id = *(++argv);
1323 else if (strcmp(*argv, "-rand") == 0) {
1328 #ifndef OPENSSL_NO_TLSEXT
1329 else if (strcmp(*argv, "-servername") == 0) {
1332 tlsextcbp.servername = *(++argv);
1333 } else if (strcmp(*argv, "-servername_fatal") == 0) {
1334 tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL;
1335 } else if (strcmp(*argv, "-cert2") == 0) {
1338 s_cert_file2 = *(++argv);
1339 } else if (strcmp(*argv, "-key2") == 0) {
1342 s_key_file2 = *(++argv);
1344 # ifndef OPENSSL_NO_NEXTPROTONEG
1345 else if (strcmp(*argv, "-nextprotoneg") == 0) {
1348 next_proto_neg_in = *(++argv);
1352 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1353 else if (strcmp(*argv, "-jpake") == 0) {
1356 jpake_secret = *(++argv);
1359 #ifndef OPENSSL_NO_SRTP
1360 else if (strcmp(*argv, "-use_srtp") == 0) {
1363 srtp_profiles = *(++argv);
1366 else if (strcmp(*argv, "-keymatexport") == 0) {
1369 keymatexportlabel = *(++argv);
1370 } else if (strcmp(*argv, "-keymatexportlen") == 0) {
1373 keymatexportlen = atoi(*(++argv));
1374 if (keymatexportlen == 0)
1377 BIO_printf(bio_err, "unknown option %s\n", *argv);
1389 #ifndef OPENSSL_NO_DTLS1
1390 if (www && socket_type == SOCK_DGRAM) {
1391 BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n");
1396 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1399 BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
1402 psk_identity = "JPAKE";
1404 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
1411 SSL_load_error_strings();
1412 OpenSSL_add_ssl_algorithms();
1414 #ifndef OPENSSL_NO_ENGINE
1415 e = setup_engine(bio_err, engine_id, 1);
1418 if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) {
1419 BIO_printf(bio_err, "Error getting password\n");
1423 if (s_key_file == NULL)
1424 s_key_file = s_cert_file;
1425 #ifndef OPENSSL_NO_TLSEXT
1426 if (s_key_file2 == NULL)
1427 s_key_file2 = s_cert_file2;
1431 s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
1432 "server certificate private key file");
1434 ERR_print_errors(bio_err);
1438 s_cert = load_cert(bio_err, s_cert_file, s_cert_format,
1439 NULL, e, "server certificate file");
1442 ERR_print_errors(bio_err);
1445 #ifndef OPENSSL_NO_TLSEXT
1446 if (tlsextcbp.servername) {
1447 s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
1448 "second server certificate private key file");
1450 ERR_print_errors(bio_err);
1454 s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format,
1455 NULL, e, "second server certificate file");
1458 ERR_print_errors(bio_err);
1464 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
1465 if (next_proto_neg_in) {
1467 next_proto.data = next_protos_parse(&len, next_proto_neg_in);
1468 if (next_proto.data == NULL)
1470 next_proto.len = len;
1472 next_proto.data = NULL;
1478 if (s_dkey_file == NULL)
1479 s_dkey_file = s_dcert_file;
1481 s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
1482 0, dpass, e, "second certificate private key file");
1484 ERR_print_errors(bio_err);
1488 s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format,
1489 NULL, e, "second server certificate file");
1492 ERR_print_errors(bio_err);
1498 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
1499 && !RAND_status()) {
1501 "warning, not much extra random data, consider using the -rand option\n");
1504 BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
1505 app_RAND_load_files(inrand));
1507 if (bio_s_out == NULL) {
1508 if (s_quiet && !s_debug && !s_msg) {
1509 bio_s_out = BIO_new(BIO_s_null());
1511 if (bio_s_out == NULL)
1512 bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE);
1515 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
1521 s_dcert_file = NULL;
1523 #ifndef OPENSSL_NO_TLSEXT
1524 s_cert_file2 = NULL;
1529 ctx = SSL_CTX_new(meth);
1531 ERR_print_errors(bio_err);
1534 if (session_id_prefix) {
1535 if (strlen(session_id_prefix) >= 32)
1537 "warning: id_prefix is too long, only one new session will be possible\n");
1538 else if (strlen(session_id_prefix) >= 16)
1540 "warning: id_prefix is too long if you use SSLv2\n");
1541 if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
1542 BIO_printf(bio_err, "error setting 'id_prefix'\n");
1543 ERR_print_errors(bio_err);
1546 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
1548 SSL_CTX_set_quiet_shutdown(ctx, 1);
1550 SSL_CTX_set_options(ctx, SSL_OP_ALL);
1552 SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
1553 SSL_CTX_set_options(ctx, off);
1556 SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
1558 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
1560 SSL_CTX_sess_set_cache_size(ctx, 128);
1562 #ifndef OPENSSL_NO_SRTP
1563 if (srtp_profiles != NULL)
1564 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
1569 cipher = getenv("SSL_CIPHER");
1573 if (s_cert_file == NULL) {
1575 "You must specify a certificate file for the server to use\n");
1580 if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
1581 (!SSL_CTX_set_default_verify_paths(ctx))) {
1582 /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
1583 ERR_print_errors(bio_err);
1587 SSL_CTX_set1_param(ctx, vpm);
1589 #ifndef OPENSSL_NO_TLSEXT
1591 ctx2 = SSL_CTX_new(meth);
1593 ERR_print_errors(bio_err);
1599 BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
1601 if (session_id_prefix) {
1602 if (strlen(session_id_prefix) >= 32)
1604 "warning: id_prefix is too long, only one new session will be possible\n");
1605 else if (strlen(session_id_prefix) >= 16)
1607 "warning: id_prefix is too long if you use SSLv2\n");
1608 if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) {
1609 BIO_printf(bio_err, "error setting 'id_prefix'\n");
1610 ERR_print_errors(bio_err);
1613 BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
1615 SSL_CTX_set_quiet_shutdown(ctx2, 1);
1617 SSL_CTX_set_options(ctx2, SSL_OP_ALL);
1619 SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
1620 SSL_CTX_set_options(ctx2, off);
1623 SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
1626 SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF);
1628 SSL_CTX_sess_set_cache_size(ctx2, 128);
1630 if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
1631 (!SSL_CTX_set_default_verify_paths(ctx2))) {
1632 ERR_print_errors(bio_err);
1635 SSL_CTX_set1_param(ctx2, vpm);
1637 # ifndef OPENSSL_NO_NEXTPROTONEG
1638 if (next_proto.data)
1639 SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb,
1644 #ifndef OPENSSL_NO_DH
1649 dh = load_dh_param(dhfile);
1650 else if (s_cert_file)
1651 dh = load_dh_param(s_cert_file);
1654 BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1656 BIO_printf(bio_s_out, "Using default temp DH parameters\n");
1659 (void)BIO_flush(bio_s_out);
1661 SSL_CTX_set_tmp_dh(ctx, dh);
1662 # ifndef OPENSSL_NO_TLSEXT
1665 DH *dh2 = load_dh_param(s_cert_file2);
1667 BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1668 (void)BIO_flush(bio_s_out);
1674 SSL_CTX_set_tmp_dh(ctx2, dh);
1681 #ifndef OPENSSL_NO_ECDH
1683 EC_KEY *ecdh = NULL;
1686 int nid = OBJ_sn2nid(named_curve);
1689 BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
1692 ecdh = EC_KEY_new_by_curve_name(nid);
1694 BIO_printf(bio_err, "unable to create curve (%s)\n",
1701 BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");
1703 BIO_printf(bio_s_out, "Using default temp ECDH parameters\n");
1704 ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
1706 BIO_printf(bio_err, "unable to create curve (nistp256)\n");
1710 (void)BIO_flush(bio_s_out);
1712 SSL_CTX_set_tmp_ecdh(ctx, ecdh);
1713 # ifndef OPENSSL_NO_TLSEXT
1715 SSL_CTX_set_tmp_ecdh(ctx2, ecdh);
1721 if (!set_cert_key_stuff(ctx, s_cert, s_key))
1723 #ifndef OPENSSL_NO_TLSEXT
1724 if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2))
1727 if (s_dcert != NULL) {
1728 if (!set_cert_key_stuff(ctx, s_dcert, s_dkey))
1731 #ifndef OPENSSL_NO_RSA
1734 SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
1735 # ifndef OPENSSL_NO_TLSEXT
1737 SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
1741 if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
1744 BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
1745 BIO_flush(bio_s_out);
1747 rsa = RSA_generate_key(512, RSA_F4, NULL);
1749 if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
1750 ERR_print_errors(bio_err);
1753 # ifndef OPENSSL_NO_TLSEXT
1755 if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
1756 ERR_print_errors(bio_err);
1762 BIO_printf(bio_s_out, "\n");
1767 #ifndef OPENSSL_NO_PSK
1768 # ifdef OPENSSL_NO_JPAKE
1769 if (psk_key != NULL)
1771 if (psk_key != NULL || jpake_secret)
1775 BIO_printf(bio_s_out,
1776 "PSK key given or JPAKE in use, setting server callback\n");
1777 SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
1780 if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) {
1781 BIO_printf(bio_err, "error setting PSK identity hint to context\n");
1782 ERR_print_errors(bio_err);
1787 if (cipher != NULL) {
1788 if (!SSL_CTX_set_cipher_list(ctx, cipher)) {
1789 BIO_printf(bio_err, "error setting cipher list\n");
1790 ERR_print_errors(bio_err);
1793 #ifndef OPENSSL_NO_TLSEXT
1794 if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) {
1795 BIO_printf(bio_err, "error setting cipher list\n");
1796 ERR_print_errors(bio_err);
1801 SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
1802 SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
1803 sizeof s_server_session_id_context);
1805 /* Set DTLS cookie generation and verification callbacks */
1806 SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
1807 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
1809 #ifndef OPENSSL_NO_TLSEXT
1811 SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
1812 SSL_CTX_set_session_id_context(ctx2,
1813 (void *)&s_server_session_id_context,
1814 sizeof s_server_session_id_context);
1816 tlsextcbp.biodebug = bio_s_out;
1817 SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
1818 SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
1819 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1820 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
1824 #ifndef OPENSSL_NO_SRP
1825 if (srp_verifier_file != NULL) {
1826 srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
1827 srp_callback_parm.user = NULL;
1828 srp_callback_parm.login = NULL;
1830 SRP_VBASE_init(srp_callback_parm.vb,
1831 srp_verifier_file)) != SRP_NO_ERROR) {
1833 "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
1834 srp_verifier_file, ret);
1837 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback);
1838 SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
1839 SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
1842 if (CAfile != NULL) {
1843 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
1844 #ifndef OPENSSL_NO_TLSEXT
1846 SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
1850 BIO_printf(bio_s_out, "ACCEPT\n");
1851 (void)BIO_flush(bio_s_out);
1853 do_server(port, socket_type, &accept_socket, www_body, context);
1855 do_server(port, socket_type, &accept_socket, sv_body, context);
1856 print_stats(bio_s_out, ctx);
1866 EVP_PKEY_free(s_key);
1868 EVP_PKEY_free(s_dkey);
1872 OPENSSL_free(dpass);
1874 X509_VERIFY_PARAM_free(vpm);
1875 #ifndef OPENSSL_NO_TLSEXT
1877 OPENSSL_free(tlscstatp.host);
1879 OPENSSL_free(tlscstatp.port);
1881 OPENSSL_free(tlscstatp.path);
1887 EVP_PKEY_free(s_key2);
1889 if (bio_s_out != NULL) {
1890 BIO_free(bio_s_out);
1897 static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
1899 BIO_printf(bio, "%4ld items in the session cache\n",
1900 SSL_CTX_sess_number(ssl_ctx));
1901 BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
1902 SSL_CTX_sess_connect(ssl_ctx));
1903 BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
1904 SSL_CTX_sess_connect_renegotiate(ssl_ctx));
1905 BIO_printf(bio, "%4ld client connects that finished\n",
1906 SSL_CTX_sess_connect_good(ssl_ctx));
1907 BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
1908 SSL_CTX_sess_accept(ssl_ctx));
1909 BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
1910 SSL_CTX_sess_accept_renegotiate(ssl_ctx));
1911 BIO_printf(bio, "%4ld server accepts that finished\n",
1912 SSL_CTX_sess_accept_good(ssl_ctx));
1913 BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx));
1914 BIO_printf(bio, "%4ld session cache misses\n",
1915 SSL_CTX_sess_misses(ssl_ctx));
1916 BIO_printf(bio, "%4ld session cache timeouts\n",
1917 SSL_CTX_sess_timeouts(ssl_ctx));
1918 BIO_printf(bio, "%4ld callback cache hits\n",
1919 SSL_CTX_sess_cb_hits(ssl_ctx));
1920 BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
1921 SSL_CTX_sess_cache_full(ssl_ctx),
1922 SSL_CTX_sess_get_cache_size(ssl_ctx));
1925 static int sv_body(char *hostname, int s, unsigned char *context)
1934 #ifndef OPENSSL_NO_KRB5
1937 struct timeval timeout;
1938 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
1941 struct timeval *timeoutp;
1944 if ((buf = OPENSSL_malloc(bufsize)) == NULL) {
1945 BIO_printf(bio_err, "out of memory\n");
1950 unsigned long sl = 1;
1953 BIO_printf(bio_err, "turning on non blocking io\n");
1954 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
1955 ERR_print_errors(bio_err);
1961 #ifndef OPENSSL_NO_TLSEXT
1962 if (s_tlsextdebug) {
1963 SSL_set_tlsext_debug_callback(con, tlsext_cb);
1964 SSL_set_tlsext_debug_arg(con, bio_s_out);
1966 if (s_tlsextstatus) {
1967 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
1968 tlscstatp.err = bio_err;
1969 SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
1972 #ifndef OPENSSL_NO_KRB5
1973 if ((kctx = kssl_ctx_new()) != NULL) {
1974 SSL_set0_kssl_ctx(con, kctx);
1975 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
1976 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
1978 #endif /* OPENSSL_NO_KRB5 */
1980 SSL_set_session_id_context(con, context, strlen((char *)context));
1984 # ifdef TLSEXT_TYPE_opaque_prf_input
1985 SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
1989 if (SSL_version(con) == DTLS1_VERSION) {
1991 sbio = BIO_new_dgram(s, BIO_NOCLOSE);
1993 if (enable_timeouts) {
1995 timeout.tv_usec = DGRAM_RCV_TIMEOUT;
1996 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
1999 timeout.tv_usec = DGRAM_SND_TIMEOUT;
2000 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
2004 if (socket_mtu < DTLS_get_link_min_mtu(con)) {
2005 BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
2006 DTLS_get_link_min_mtu(con));
2011 SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
2012 if (!DTLS_set_link_mtu(con, socket_mtu)) {
2013 BIO_printf(bio_err, "Failed to set MTU\n");
2019 /* want to do MTU discovery */
2020 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
2022 /* turn on cookie exchange */
2023 SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
2025 sbio = BIO_new_socket(s, BIO_NOCLOSE);
2030 test = BIO_new(BIO_f_nbio_test());
2031 sbio = BIO_push(test, sbio);
2033 #ifndef OPENSSL_NO_JPAKE
2035 jpake_server_auth(bio_s_out, sbio, jpake_secret);
2038 SSL_set_bio(con, sbio, sbio);
2039 SSL_set_accept_state(con);
2040 /* SSL_set_fd(con,s); */
2043 SSL_set_debug(con, 1);
2044 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
2045 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
2048 SSL_set_msg_callback(con, msg_cb);
2049 SSL_set_msg_callback_arg(con, bio_s_out);
2051 #ifndef OPENSSL_NO_TLSEXT
2052 if (s_tlsextdebug) {
2053 SSL_set_tlsext_debug_callback(con, tlsext_cb);
2054 SSL_set_tlsext_debug_arg(con, bio_s_out);
2060 int read_from_terminal;
2061 int read_from_sslcon;
2063 read_from_terminal = 0;
2064 read_from_sslcon = SSL_pending(con);
2066 if (!read_from_sslcon) {
2068 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
2069 openssl_fdset(fileno(stdin), &readfds);
2071 openssl_fdset(s, &readfds);
2073 * Note: under VMS with SOCKETSHR the second parameter is
2074 * currently of type (int *) whereas under other systems it is
2075 * (void *) if you don't have a cast it will choke the compiler:
2076 * if you do have a cast then you can either go for (int *) or
2079 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
2081 * Under DOS (non-djgpp) and Windows we can't select on stdin:
2082 * only on sockets. As a workaround we timeout the select every
2083 * second and check for any keypress. In a proper Windows
2084 * application we wouldn't do this because it is inefficient.
2088 i = select(width, (void *)&readfds, NULL, NULL, &tv);
2089 if ((i < 0) || (!i && !_kbhit()))
2092 read_from_terminal = 1;
2093 #elif defined(OPENSSL_SYS_BEOS_R5)
2094 /* Under BeOS-R5 the situation is similar to DOS */
2097 (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
2098 i = select(width, (void *)&readfds, NULL, NULL, &tv);
2099 if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
2101 if (read(fileno(stdin), buf, 0) >= 0)
2102 read_from_terminal = 1;
2103 (void)fcntl(fileno(stdin), F_SETFL, 0);
2105 if ((SSL_version(con) == DTLS1_VERSION) &&
2106 DTLSv1_get_timeout(con, &timeout))
2107 timeoutp = &timeout;
2111 i = select(width, (void *)&readfds, NULL, NULL, timeoutp);
2113 if ((SSL_version(con) == DTLS1_VERSION)
2114 && DTLSv1_handle_timeout(con) > 0) {
2115 BIO_printf(bio_err, "TIMEOUT occured\n");
2120 if (FD_ISSET(fileno(stdin), &readfds))
2121 read_from_terminal = 1;
2123 if (FD_ISSET(s, &readfds))
2124 read_from_sslcon = 1;
2126 if (read_from_terminal) {
2130 i = raw_read_stdin(buf, bufsize / 2);
2132 /* both loops are skipped when i <= 0 */
2133 for (j = 0; j < i; j++)
2136 for (j = i - 1; j >= 0; j--) {
2137 buf[j + lf_num] = buf[j];
2138 if (buf[j] == '\n') {
2141 buf[j + lf_num] = '\r';
2144 assert(lf_num == 0);
2146 i = raw_read_stdin(buf, bufsize);
2148 if ((i <= 0) || (buf[0] == 'Q')) {
2149 BIO_printf(bio_s_out, "DONE\n");
2151 close_accept_socket();
2155 if ((i <= 0) || (buf[0] == 'q')) {
2156 BIO_printf(bio_s_out, "DONE\n");
2157 if (SSL_version(con) != DTLS1_VERSION)
2160 * close_accept_socket(); ret= -11;
2164 #ifndef OPENSSL_NO_HEARTBEATS
2165 if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2166 BIO_printf(bio_err, "HEARTBEATING\n");
2172 if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2173 SSL_renegotiate(con);
2174 i = SSL_do_handshake(con);
2175 printf("SSL_do_handshake -> %d\n", i);
2179 * strcpy(buf,"server side RE-NEGOTIATE\n");
2182 if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
2184 SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
2186 SSL_renegotiate(con);
2187 i = SSL_do_handshake(con);
2188 printf("SSL_do_handshake -> %d\n", i);
2192 * strcpy(buf,"server side RE-NEGOTIATE asking for client
2196 if (buf[0] == 'P') {
2197 static const char *str = "Lets print some clear text\n";
2198 BIO_write(SSL_get_wbio(con), str, strlen(str));
2200 if (buf[0] == 'S') {
2201 print_stats(bio_s_out, SSL_get_SSL_CTX(con));
2204 #ifdef CHARSET_EBCDIC
2205 ebcdic2ascii(buf, buf, i);
2209 /* should do a select for the write */
2213 if (++count == 100) {
2215 SSL_renegotiate(con);
2219 k = SSL_write(con, &(buf[l]), (unsigned int)i);
2220 #ifndef OPENSSL_NO_SRP
2221 while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) {
2222 BIO_printf(bio_s_out, "LOOKUP renego during write\n");
2223 srp_callback_parm.user =
2224 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2225 srp_callback_parm.login);
2226 if (srp_callback_parm.user)
2227 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2228 srp_callback_parm.user->info);
2230 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2231 k = SSL_write(con, &(buf[l]), (unsigned int)i);
2234 switch (SSL_get_error(con, k)) {
2235 case SSL_ERROR_NONE:
2237 case SSL_ERROR_WANT_WRITE:
2238 case SSL_ERROR_WANT_READ:
2239 case SSL_ERROR_WANT_X509_LOOKUP:
2240 BIO_printf(bio_s_out, "Write BLOCK\n");
2242 case SSL_ERROR_SYSCALL:
2244 BIO_printf(bio_s_out, "ERROR\n");
2245 ERR_print_errors(bio_err);
2249 case SSL_ERROR_ZERO_RETURN:
2250 BIO_printf(bio_s_out, "DONE\n");
2260 if (read_from_sslcon) {
2261 if (!SSL_is_init_finished(con)) {
2262 i = init_ssl_connection(con);
2267 } else if (i == 0) {
2273 i = SSL_read(con, (char *)buf, bufsize);
2274 #ifndef OPENSSL_NO_SRP
2275 while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2276 BIO_printf(bio_s_out, "LOOKUP renego during read\n");
2277 srp_callback_parm.user =
2278 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2279 srp_callback_parm.login);
2280 if (srp_callback_parm.user)
2281 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2282 srp_callback_parm.user->info);
2284 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2285 i = SSL_read(con, (char *)buf, bufsize);
2288 switch (SSL_get_error(con, i)) {
2289 case SSL_ERROR_NONE:
2290 #ifdef CHARSET_EBCDIC
2291 ascii2ebcdic(buf, buf, i);
2293 raw_write_stdout(buf, (unsigned int)i);
2294 if (SSL_pending(con))
2297 case SSL_ERROR_WANT_WRITE:
2298 case SSL_ERROR_WANT_READ:
2299 BIO_printf(bio_s_out, "Read BLOCK\n");
2301 case SSL_ERROR_SYSCALL:
2303 BIO_printf(bio_s_out, "ERROR\n");
2304 ERR_print_errors(bio_err);
2307 case SSL_ERROR_ZERO_RETURN:
2308 BIO_printf(bio_s_out, "DONE\n");
2317 BIO_printf(bio_s_out, "shutting down SSL\n");
2319 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
2325 BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
2327 OPENSSL_cleanse(buf, bufsize);
2331 BIO_printf(bio_s_out, "ACCEPT\n");
2335 static void close_accept_socket(void)
2337 BIO_printf(bio_err, "shutdown accept socket\n");
2338 if (accept_socket >= 0) {
2339 SHUTDOWN2(accept_socket);
2343 static int init_ssl_connection(SSL *con)
2349 MS_STATIC char buf[BUFSIZ];
2350 #ifndef OPENSSL_NO_KRB5
2353 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2354 const unsigned char *next_proto_neg;
2355 unsigned next_proto_neg_len;
2357 unsigned char *exportedkeymat;
2359 i = SSL_accept(con);
2360 #ifndef OPENSSL_NO_SRP
2361 while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2362 BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
2363 srp_callback_parm.login);
2364 srp_callback_parm.user =
2365 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2366 srp_callback_parm.login);
2367 if (srp_callback_parm.user)
2368 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2369 srp_callback_parm.user->info);
2371 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2372 i = SSL_accept(con);
2376 if (BIO_sock_should_retry(i)) {
2377 BIO_printf(bio_s_out, "DELAY\n");
2381 BIO_printf(bio_err, "ERROR\n");
2382 verify_error = SSL_get_verify_result(con);
2383 if (verify_error != X509_V_OK) {
2384 BIO_printf(bio_err, "verify error:%s\n",
2385 X509_verify_cert_error_string(verify_error));
2387 ERR_print_errors(bio_err);
2391 PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));
2393 peer = SSL_get_peer_certificate(con);
2395 BIO_printf(bio_s_out, "Client certificate\n");
2396 PEM_write_bio_X509(bio_s_out, peer);
2397 X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
2398 BIO_printf(bio_s_out, "subject=%s\n", buf);
2399 X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
2400 BIO_printf(bio_s_out, "issuer=%s\n", buf);
2404 if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
2405 BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
2406 str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
2407 BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
2409 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2410 SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
2411 if (next_proto_neg) {
2412 BIO_printf(bio_s_out, "NEXTPROTO is ");
2413 BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
2414 BIO_printf(bio_s_out, "\n");
2417 #ifndef OPENSSL_NO_SRTP
2419 SRTP_PROTECTION_PROFILE *srtp_profile
2420 = SSL_get_selected_srtp_profile(con);
2423 BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
2424 srtp_profile->name);
2427 if (SSL_cache_hit(con))
2428 BIO_printf(bio_s_out, "Reused session-id\n");
2429 if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
2430 TLS1_FLAGS_TLS_PADDING_BUG)
2431 BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
2432 #ifndef OPENSSL_NO_KRB5
2433 client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
2434 if (client_princ != NULL) {
2435 BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
2438 #endif /* OPENSSL_NO_KRB5 */
2439 BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
2440 SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
2441 if (keymatexportlabel != NULL) {
2442 BIO_printf(bio_s_out, "Keying material exporter:\n");
2443 BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel);
2444 BIO_printf(bio_s_out, " Length: %i bytes\n", keymatexportlen);
2445 exportedkeymat = OPENSSL_malloc(keymatexportlen);
2446 if (exportedkeymat != NULL) {
2447 if (!SSL_export_keying_material(con, exportedkeymat,
2450 strlen(keymatexportlabel),
2452 BIO_printf(bio_s_out, " Error\n");
2454 BIO_printf(bio_s_out, " Keying material: ");
2455 for (i = 0; i < keymatexportlen; i++)
2456 BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
2457 BIO_printf(bio_s_out, "\n");
2459 OPENSSL_free(exportedkeymat);
2466 #ifndef OPENSSL_NO_DH
2467 static DH *load_dh_param(const char *dhfile)
2472 if ((bio = BIO_new_file(dhfile, "r")) == NULL)
2474 ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
2481 #ifndef OPENSSL_NO_KRB5
2486 static int load_CA(SSL_CTX *ctx, char *file)
2491 if ((in = fopen(file, "r")) == NULL)
2495 if (PEM_read_X509(in, &x, NULL) == NULL)
2497 SSL_CTX_add_client_CA(ctx, x);
2506 static int www_body(char *hostname, int s, unsigned char *context)
2512 const SSL_CIPHER *c;
2513 BIO *io, *ssl_bio, *sbio;
2514 #ifndef OPENSSL_NO_KRB5
2518 buf = OPENSSL_malloc(bufsize);
2521 io = BIO_new(BIO_f_buffer());
2522 ssl_bio = BIO_new(BIO_f_ssl());
2523 if ((io == NULL) || (ssl_bio == NULL))
2528 unsigned long sl = 1;
2531 BIO_printf(bio_err, "turning on non blocking io\n");
2532 if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
2533 ERR_print_errors(bio_err);
2537 /* lets make the output buffer a reasonable size */
2538 if (!BIO_set_write_buffer_size(io, bufsize))
2541 if ((con = SSL_new(ctx)) == NULL)
2543 #ifndef OPENSSL_NO_TLSEXT
2544 if (s_tlsextdebug) {
2545 SSL_set_tlsext_debug_callback(con, tlsext_cb);
2546 SSL_set_tlsext_debug_arg(con, bio_s_out);
2549 #ifndef OPENSSL_NO_KRB5
2550 if ((kctx = kssl_ctx_new()) != NULL) {
2551 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
2552 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
2554 #endif /* OPENSSL_NO_KRB5 */
2556 SSL_set_session_id_context(con, context, strlen((char *)context));
2558 sbio = BIO_new_socket(s, BIO_NOCLOSE);
2562 test = BIO_new(BIO_f_nbio_test());
2563 sbio = BIO_push(test, sbio);
2565 SSL_set_bio(con, sbio, sbio);
2566 SSL_set_accept_state(con);
2568 /* SSL_set_fd(con,s); */
2569 BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
2570 BIO_push(io, ssl_bio);
2571 #ifdef CHARSET_EBCDIC
2572 io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
2576 SSL_set_debug(con, 1);
2577 BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
2578 BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
2581 SSL_set_msg_callback(con, msg_cb);
2582 SSL_set_msg_callback_arg(con, bio_s_out);
2587 i = SSL_accept(con);
2588 #ifndef OPENSSL_NO_SRP
2590 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
2591 BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
2592 srp_callback_parm.login);
2593 srp_callback_parm.user =
2594 SRP_VBASE_get_by_user(srp_callback_parm.vb,
2595 srp_callback_parm.login);
2596 if (srp_callback_parm.user)
2597 BIO_printf(bio_s_out, "LOOKUP done %s\n",
2598 srp_callback_parm.user->info);
2600 BIO_printf(bio_s_out, "LOOKUP not successful\n");
2601 i = SSL_accept(con);
2604 switch (SSL_get_error(con, i)) {
2605 case SSL_ERROR_NONE:
2607 case SSL_ERROR_WANT_WRITE:
2608 case SSL_ERROR_WANT_READ:
2609 case SSL_ERROR_WANT_X509_LOOKUP:
2611 case SSL_ERROR_SYSCALL:
2613 case SSL_ERROR_ZERO_RETURN:
2619 SSL_renegotiate(con);
2620 SSL_write(con, NULL, 0);
2623 i = BIO_gets(io, buf, bufsize - 1);
2624 if (i < 0) { /* error */
2625 if (!BIO_should_retry(io)) {
2627 ERR_print_errors(bio_err);
2630 BIO_printf(bio_s_out, "read R BLOCK\n");
2631 #if defined(OPENSSL_SYS_NETWARE)
2633 #elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
2638 } else if (i == 0) { /* end of input */
2643 /* else we have data */
2644 if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
2645 ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
2648 STACK_OF(SSL_CIPHER) *sk;
2649 static const char *space = " ";
2652 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2653 BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
2654 BIO_puts(io, "<pre>\n");
2655 /* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
2657 for (i = 0; i < local_argc; i++) {
2658 BIO_puts(io, local_argv[i]);
2659 BIO_write(io, " ", 1);
2664 "Secure Renegotiation IS%s supported\n",
2665 SSL_get_secure_renegotiation_support(con) ?
2669 * The following is evil and should not really be done
2671 BIO_printf(io, "Ciphers supported in s_server binary\n");
2672 sk = SSL_get_ciphers(con);
2673 j = sk_SSL_CIPHER_num(sk);
2674 for (i = 0; i < j; i++) {
2675 c = sk_SSL_CIPHER_value(sk, i);
2676 BIO_printf(io, "%-11s:%-25s",
2677 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
2678 if ((((i + 1) % 2) == 0) && (i + 1 != j))
2682 p = SSL_get_shared_ciphers(con, buf, bufsize);
2685 "---\nCiphers common between both SSL end points:\n");
2689 BIO_write(io, space, 26 - j);
2692 BIO_write(io, ((i % 3) ? " " : "\n"), 1);
2694 BIO_write(io, p, 1);
2701 BIO_printf(io, (SSL_cache_hit(con)
2702 ? "---\nReused, " : "---\nNew, "));
2703 c = SSL_get_current_cipher(con);
2704 BIO_printf(io, "%s, Cipher is %s\n",
2705 SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
2706 SSL_SESSION_print(io, SSL_get_session(con));
2707 BIO_printf(io, "---\n");
2708 print_stats(io, SSL_get_SSL_CTX(con));
2709 BIO_printf(io, "---\n");
2710 peer = SSL_get_peer_certificate(con);
2712 BIO_printf(io, "Client certificate\n");
2713 X509_print(io, peer);
2714 PEM_write_bio_X509(io, peer);
2716 BIO_puts(io, "no client certificate available\n");
2717 BIO_puts(io, "</BODY></HTML>\r\n\r\n");
2719 } else if ((www == 2 || www == 3)
2720 && (strncmp("GET /", buf, 5) == 0)) {
2723 static const char *text =
2724 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
2730 for (e = p; *e != '\0'; e++) {
2736 dot = (e[0] == '.') ? 2 : 0;
2739 dot = (e[0] == '.') ? 3 : 0;
2742 dot = (e[0] == '/') ? -1 : 0;
2746 dot = (e[0] == '/') ? 1 : 0;
2748 dot = (dot == 3) || (dot == -1); /* filename contains ".."
2753 BIO_printf(io, "'%s' is an invalid file name\r\n", p);
2760 BIO_printf(io, "'%s' contains '..' reference\r\n", p);
2766 BIO_printf(io, "'%s' is an invalid path\r\n", p);
2770 /* append if a directory lookup */
2772 strcat(p, "index.html");
2775 /* if a directory, do the index thang */
2776 if (app_isdir(p) > 0) {
2777 #if 0 /* must check buffer size */
2778 strcat(p, "/index.html");
2781 BIO_printf(io, "'%s' is a directory\r\n", p);
2786 if ((file = BIO_new_file(p, "r")) == NULL) {
2788 BIO_printf(io, "Error opening '%s'\r\n", p);
2789 ERR_print_errors(io);
2794 BIO_printf(bio_err, "FILE:%s\n", p);
2798 if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) ||
2799 ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) ||
2800 ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
2802 "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2805 "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
2809 i = BIO_read(file, buf, bufsize);
2815 fprintf(stderr, "%d\n", i);
2816 if (total_bytes > 3 * 1024) {
2818 fprintf(stderr, "RENEGOTIATE\n");
2819 SSL_renegotiate(con);
2823 for (j = 0; j < i;) {
2827 if (++count == 13) {
2828 SSL_renegotiate(con);
2832 k = BIO_write(io, &(buf[j]), i - j);
2834 if (!BIO_should_retry(io))
2837 BIO_printf(bio_s_out, "rwrite W BLOCK\n");
2851 i = (int)BIO_flush(io);
2853 if (!BIO_should_retry(io))
2860 /* make sure we re-use sessions */
2861 SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
2863 /* This kills performance */
2865 * SSL_shutdown(con); A shutdown gets sent in the BIO_free_all(io)
2873 BIO_printf(bio_s_out, "ACCEPT\n");
2879 /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
2883 #ifndef OPENSSL_NO_RSA
2884 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2887 static RSA *rsa_tmp = NULL;
2889 if (!rsa_tmp && ((bn = BN_new()) == NULL))
2890 BIO_printf(bio_err, "Allocation error in generating RSA key\n");
2891 if (!rsa_tmp && bn) {
2893 BIO_printf(bio_err, "Generating temp (%d bit) RSA key...",
2895 (void)BIO_flush(bio_err);
2897 if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
2898 !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
2904 BIO_printf(bio_err, "\n");
2905 (void)BIO_flush(bio_err);
2913 #define MAX_SESSION_ID_ATTEMPTS 10
2914 static int generate_session_id(const SSL *ssl, unsigned char *id,
2915 unsigned int *id_len)
2917 unsigned int count = 0;
2919 RAND_pseudo_bytes(id, *id_len);
2921 * Prefix the session_id with the required prefix. NB: If our prefix
2922 * is too long, clip it - but there will be worse effects anyway, eg.
2923 * the server could only possibly create 1 session ID (ie. the
2924 * prefix!) so all future session negotiations will fail due to
2927 memcpy(id, session_id_prefix,
2928 (strlen(session_id_prefix) < *id_len) ?
2929 strlen(session_id_prefix) : *id_len);
2931 while (SSL_has_matching_session_id(ssl, id, *id_len) &&
2932 (++count < MAX_SESSION_ID_ATTEMPTS));
2933 if (count >= MAX_SESSION_ID_ATTEMPTS)