s_server.c revision 279264
1/* apps/s_server.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116/* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143/* Until the key-gen callbacks are modified to use newer prototypes, we allow 144 * deprecated functions for openssl-internal code */ 145#ifdef OPENSSL_NO_DEPRECATED 146#undef OPENSSL_NO_DEPRECATED 147#endif 148 149#include <assert.h> 150#include <ctype.h> 151#include <stdio.h> 152#include <stdlib.h> 153#include <string.h> 154 155#include <openssl/e_os2.h> 156#ifdef OPENSSL_NO_STDIO 157#define APPS_WIN16 158#endif 159 160#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */ 161#include <sys/types.h> 162#endif 163 164/* With IPv6, it looks like Digital has mixed up the proper order of 165 recursive header file inclusion, resulting in the compiler complaining 166 that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which 167 is needed to have fileno() declared correctly... So let's define u_int */ 168#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 169#define __U_INT 170typedef unsigned int u_int; 171#endif 172 173#include <openssl/lhash.h> 174#include <openssl/bn.h> 175#define USE_SOCKETS 176#include "apps.h" 177#include <openssl/err.h> 178#include <openssl/pem.h> 179#include <openssl/x509.h> 180#include <openssl/ssl.h> 181#include <openssl/rand.h> 182#include <openssl/ocsp.h> 183#ifndef OPENSSL_NO_DH 184#include <openssl/dh.h> 185#endif 186#ifndef OPENSSL_NO_RSA 187#include <openssl/rsa.h> 188#endif 189#ifndef OPENSSL_NO_SRP 190#include <openssl/srp.h> 191#endif 192#include "s_apps.h" 193#include "timeouts.h" 194 195#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 196/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 197#undef FIONBIO 198#endif 199 200#if defined(OPENSSL_SYS_BEOS_R5) 201#include <fcntl.h> 202#endif 203 204#ifndef OPENSSL_NO_RSA 205static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 206#endif 207static int sv_body(char *hostname, int s, unsigned char *context); 208static int www_body(char *hostname, int s, unsigned char *context); 209static void close_accept_socket(void ); 210static void sv_usage(void); 211static int init_ssl_connection(SSL *s); 212static void print_stats(BIO *bp,SSL_CTX *ctx); 213static int generate_session_id(const SSL *ssl, unsigned char *id, 214 unsigned int *id_len); 215#ifndef OPENSSL_NO_DH 216static DH *load_dh_param(const char *dhfile); 217static DH *get_dh512(void); 218#endif 219 220#ifdef MONOLITH 221static void s_server_init(void); 222#endif 223 224#ifndef OPENSSL_NO_DH 225static unsigned char dh512_p[]={ 226 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, 227 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, 228 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, 229 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, 230 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, 231 0x47,0x74,0xE8,0x33, 232 }; 233static unsigned char dh512_g[]={ 234 0x02, 235 }; 236 237static DH *get_dh512(void) 238 { 239 DH *dh=NULL; 240 241 if ((dh=DH_new()) == NULL) return(NULL); 242 dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); 243 dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); 244 if ((dh->p == NULL) || (dh->g == NULL)) 245 return(NULL); 246 return(dh); 247 } 248#endif 249 250 251/* static int load_CA(SSL_CTX *ctx, char *file);*/ 252 253#undef BUFSIZZ 254#define BUFSIZZ 16*1024 255static int bufsize=BUFSIZZ; 256static int accept_socket= -1; 257 258#define TEST_CERT "server.pem" 259#ifndef OPENSSL_NO_TLSEXT 260#define TEST_CERT2 "server2.pem" 261#endif 262#undef PROG 263#define PROG s_server_main 264 265extern int verify_depth, verify_return_error; 266 267static char *cipher=NULL; 268static int s_server_verify=SSL_VERIFY_NONE; 269static int s_server_session_id_context = 1; /* anything will do */ 270static const char *s_cert_file=TEST_CERT,*s_key_file=NULL; 271#ifndef OPENSSL_NO_TLSEXT 272static const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL; 273#endif 274static char *s_dcert_file=NULL,*s_dkey_file=NULL; 275#ifdef FIONBIO 276static int s_nbio=0; 277#endif 278static int s_nbio_test=0; 279int s_crlf=0; 280static SSL_CTX *ctx=NULL; 281#ifndef OPENSSL_NO_TLSEXT 282static SSL_CTX *ctx2=NULL; 283#endif 284static int www=0; 285 286static BIO *bio_s_out=NULL; 287static int s_debug=0; 288#ifndef OPENSSL_NO_TLSEXT 289static int s_tlsextdebug=0; 290static int s_tlsextstatus=0; 291static int cert_status_cb(SSL *s, void *arg); 292#endif 293static int s_msg=0; 294static int s_quiet=0; 295 296static char *keymatexportlabel=NULL; 297static int keymatexportlen=20; 298 299static int hack=0; 300#ifndef OPENSSL_NO_ENGINE 301static char *engine_id=NULL; 302#endif 303static const char *session_id_prefix=NULL; 304 305static int enable_timeouts = 0; 306static long socket_mtu; 307#ifndef OPENSSL_NO_DTLS1 308static int cert_chain = 0; 309#endif 310 311 312#ifndef OPENSSL_NO_PSK 313static char *psk_identity="Client_identity"; 314char *psk_key=NULL; /* by default PSK is not used */ 315 316static unsigned int psk_server_cb(SSL *ssl, const char *identity, 317 unsigned char *psk, unsigned int max_psk_len) 318 { 319 unsigned int psk_len = 0; 320 int ret; 321 BIGNUM *bn = NULL; 322 323 if (s_debug) 324 BIO_printf(bio_s_out,"psk_server_cb\n"); 325 if (!identity) 326 { 327 BIO_printf(bio_err,"Error: client did not send PSK identity\n"); 328 goto out_err; 329 } 330 if (s_debug) 331 BIO_printf(bio_s_out,"identity_len=%d identity=%s\n", 332 identity ? (int)strlen(identity) : 0, identity); 333 334 /* here we could lookup the given identity e.g. from a database */ 335 if (strcmp(identity, psk_identity) != 0) 336 { 337 BIO_printf(bio_s_out, "PSK error: client identity not found" 338 " (got '%s' expected '%s')\n", identity, 339 psk_identity); 340 goto out_err; 341 } 342 if (s_debug) 343 BIO_printf(bio_s_out, "PSK client identity found\n"); 344 345 /* convert the PSK key to binary */ 346 ret = BN_hex2bn(&bn, psk_key); 347 if (!ret) 348 { 349 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key); 350 if (bn) 351 BN_free(bn); 352 return 0; 353 } 354 if (BN_num_bytes(bn) > (int)max_psk_len) 355 { 356 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n", 357 max_psk_len, BN_num_bytes(bn)); 358 BN_free(bn); 359 return 0; 360 } 361 362 ret = BN_bn2bin(bn, psk); 363 BN_free(bn); 364 365 if (ret < 0) 366 goto out_err; 367 psk_len = (unsigned int)ret; 368 369 if (s_debug) 370 BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len); 371 return psk_len; 372 out_err: 373 if (s_debug) 374 BIO_printf(bio_err, "Error in PSK server callback\n"); 375 return 0; 376 } 377#endif 378 379#ifndef OPENSSL_NO_SRP 380/* This is a context that we pass to callbacks */ 381typedef struct srpsrvparm_st 382 { 383 char *login; 384 SRP_VBASE *vb; 385 SRP_user_pwd *user; 386 } srpsrvparm; 387 388/* This callback pretends to require some asynchronous logic in order to obtain 389 a verifier. When the callback is called for a new connection we return 390 with a negative value. This will provoke the accept etc to return with 391 an LOOKUP_X509. The main logic of the reinvokes the suspended call 392 (which would normally occur after a worker has finished) and we 393 set the user parameters. 394*/ 395static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 396 { 397 srpsrvparm *p = (srpsrvparm *)arg; 398 if (p->login == NULL && p->user == NULL ) 399 { 400 p->login = SSL_get_srp_username(s); 401 BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login); 402 return (-1) ; 403 } 404 405 if (p->user == NULL) 406 { 407 BIO_printf(bio_err, "User %s doesn't exist\n", p->login); 408 return SSL3_AL_FATAL; 409 } 410 if (SSL_set_srp_server_param(s, p->user->N, p->user->g, p->user->s, p->user->v, 411 p->user->info) < 0) 412 { 413 *ad = SSL_AD_INTERNAL_ERROR; 414 return SSL3_AL_FATAL; 415 } 416 BIO_printf(bio_err, "SRP parameters set: username = \"%s\" info=\"%s\" \n", p->login,p->user->info); 417 /* need to check whether there are memory leaks */ 418 p->user = NULL; 419 p->login = NULL; 420 return SSL_ERROR_NONE; 421 } 422 423#endif 424 425#ifdef MONOLITH 426static void s_server_init(void) 427 { 428 accept_socket=-1; 429 cipher=NULL; 430 s_server_verify=SSL_VERIFY_NONE; 431 s_dcert_file=NULL; 432 s_dkey_file=NULL; 433 s_cert_file=TEST_CERT; 434 s_key_file=NULL; 435#ifndef OPENSSL_NO_TLSEXT 436 s_cert_file2=TEST_CERT2; 437 s_key_file2=NULL; 438 ctx2=NULL; 439#endif 440#ifdef FIONBIO 441 s_nbio=0; 442#endif 443 s_nbio_test=0; 444 ctx=NULL; 445 www=0; 446 447 bio_s_out=NULL; 448 s_debug=0; 449 s_msg=0; 450 s_quiet=0; 451 hack=0; 452#ifndef OPENSSL_NO_ENGINE 453 engine_id=NULL; 454#endif 455 } 456#endif 457 458static void sv_usage(void) 459 { 460 BIO_printf(bio_err,"usage: s_server [args ...]\n"); 461 BIO_printf(bio_err,"\n"); 462 BIO_printf(bio_err," -accept arg - port to accept on (default is %d)\n",PORT); 463 BIO_printf(bio_err," -context arg - set session ID context\n"); 464 BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); 465 BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); 466 BIO_printf(bio_err," -verify_return_error - return verification errors\n"); 467 BIO_printf(bio_err," -cert arg - certificate file to use\n"); 468 BIO_printf(bio_err," (default is %s)\n",TEST_CERT); 469 BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \ 470 " The CRL(s) are appended to the certificate file\n"); 471 BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \ 472 " or any other CRL in the CA chain. CRL(s) are appened to the\n" \ 473 " the certificate file.\n"); 474 BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 475 BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n"); 476 BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT); 477 BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); 478 BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 479 BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n"); 480 BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n"); 481 BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n"); 482 BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); 483 BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n"); 484 BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n"); 485 BIO_printf(bio_err," or a default set of parameters is used\n"); 486#ifndef OPENSSL_NO_ECDH 487 BIO_printf(bio_err," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 488 " Use \"openssl ecparam -list_curves\" for all names\n" \ 489 " (default is nistp256).\n"); 490#endif 491#ifdef FIONBIO 492 BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 493#endif 494 BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n"); 495 BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 496 BIO_printf(bio_err," -debug - Print more output\n"); 497 BIO_printf(bio_err," -msg - Show protocol messages\n"); 498 BIO_printf(bio_err," -state - Print the SSL states\n"); 499 BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 500 BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 501 BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); 502 BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); 503 BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); 504 BIO_printf(bio_err," -quiet - No server output\n"); 505 BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); 506#ifndef OPENSSL_NO_PSK 507 BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n"); 508 BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); 509# ifndef OPENSSL_NO_JPAKE 510 BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); 511# endif 512#endif 513#ifndef OPENSSL_NO_SRP 514 BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n"); 515 BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n"); 516#endif 517 BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); 518#ifndef OPENSSL_NO_SSL3_METHOD 519 BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); 520#endif 521 BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n"); 522 BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n"); 523 BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); 524 BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); 525 BIO_printf(bio_err," -timeout - Enable timeouts\n"); 526 BIO_printf(bio_err," -mtu - Set link layer MTU\n"); 527 BIO_printf(bio_err," -chain - Read a certificate chain\n"); 528 BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); 529 BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); 530 BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); 531 BIO_printf(bio_err," -no_tls1_1 - Just disable TLSv1.1\n"); 532 BIO_printf(bio_err," -no_tls1_2 - Just disable TLSv1.2\n"); 533#ifndef OPENSSL_NO_DH 534 BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); 535#endif 536#ifndef OPENSSL_NO_ECDH 537 BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n"); 538#endif 539 BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); 540 BIO_printf(bio_err," -hack - workaround for early Netscape code\n"); 541 BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); 542 BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 543 BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 544 BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); 545#ifndef OPENSSL_NO_ENGINE 546 BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 547#endif 548 BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); 549 BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 550#ifndef OPENSSL_NO_TLSEXT 551 BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n"); 552 BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); 553 BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n"); 554 BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); 555 BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); 556 BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); 557 BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); 558 BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); 559 BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 560# ifndef OPENSSL_NO_NEXTPROTONEG 561 BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); 562# endif 563# ifndef OPENSSL_NO_SRTP 564 BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 565# endif 566#endif 567 BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); 568 BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 569 BIO_printf(bio_err," -status - respond to certificate status requests\n"); 570 BIO_printf(bio_err," -status_verbose - enable status request verbose printout\n"); 571 BIO_printf(bio_err," -status_timeout n - status request responder timeout\n"); 572 BIO_printf(bio_err," -status_url URL - status request fallback URL\n"); 573 } 574 575static int local_argc=0; 576static char **local_argv; 577 578#ifdef CHARSET_EBCDIC 579static int ebcdic_new(BIO *bi); 580static int ebcdic_free(BIO *a); 581static int ebcdic_read(BIO *b, char *out, int outl); 582static int ebcdic_write(BIO *b, const char *in, int inl); 583static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr); 584static int ebcdic_gets(BIO *bp, char *buf, int size); 585static int ebcdic_puts(BIO *bp, const char *str); 586 587#define BIO_TYPE_EBCDIC_FILTER (18|0x0200) 588static BIO_METHOD methods_ebcdic= 589 { 590 BIO_TYPE_EBCDIC_FILTER, 591 "EBCDIC/ASCII filter", 592 ebcdic_write, 593 ebcdic_read, 594 ebcdic_puts, 595 ebcdic_gets, 596 ebcdic_ctrl, 597 ebcdic_new, 598 ebcdic_free, 599 }; 600 601typedef struct 602{ 603 size_t alloced; 604 char buff[1]; 605} EBCDIC_OUTBUFF; 606 607BIO_METHOD *BIO_f_ebcdic_filter() 608{ 609 return(&methods_ebcdic); 610} 611 612static int ebcdic_new(BIO *bi) 613{ 614 EBCDIC_OUTBUFF *wbuf; 615 616 wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); 617 wbuf->alloced = 1024; 618 wbuf->buff[0] = '\0'; 619 620 bi->ptr=(char *)wbuf; 621 bi->init=1; 622 bi->flags=0; 623 return(1); 624} 625 626static int ebcdic_free(BIO *a) 627{ 628 if (a == NULL) return(0); 629 if (a->ptr != NULL) 630 OPENSSL_free(a->ptr); 631 a->ptr=NULL; 632 a->init=0; 633 a->flags=0; 634 return(1); 635} 636 637static int ebcdic_read(BIO *b, char *out, int outl) 638{ 639 int ret=0; 640 641 if (out == NULL || outl == 0) return(0); 642 if (b->next_bio == NULL) return(0); 643 644 ret=BIO_read(b->next_bio,out,outl); 645 if (ret > 0) 646 ascii2ebcdic(out,out,ret); 647 return(ret); 648} 649 650static int ebcdic_write(BIO *b, const char *in, int inl) 651{ 652 EBCDIC_OUTBUFF *wbuf; 653 int ret=0; 654 int num; 655 unsigned char n; 656 657 if ((in == NULL) || (inl <= 0)) return(0); 658 if (b->next_bio == NULL) return(0); 659 660 wbuf=(EBCDIC_OUTBUFF *)b->ptr; 661 662 if (inl > (num = wbuf->alloced)) 663 { 664 num = num + num; /* double the size */ 665 if (num < inl) 666 num = inl; 667 OPENSSL_free(wbuf); 668 wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); 669 670 wbuf->alloced = num; 671 wbuf->buff[0] = '\0'; 672 673 b->ptr=(char *)wbuf; 674 } 675 676 ebcdic2ascii(wbuf->buff, in, inl); 677 678 ret=BIO_write(b->next_bio, wbuf->buff, inl); 679 680 return(ret); 681} 682 683static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr) 684{ 685 long ret; 686 687 if (b->next_bio == NULL) return(0); 688 switch (cmd) 689 { 690 case BIO_CTRL_DUP: 691 ret=0L; 692 break; 693 default: 694 ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 695 break; 696 } 697 return(ret); 698} 699 700static int ebcdic_gets(BIO *bp, char *buf, int size) 701{ 702 int i, ret=0; 703 if (bp->next_bio == NULL) return(0); 704/* return(BIO_gets(bp->next_bio,buf,size));*/ 705 for (i=0; i<size-1; ++i) 706 { 707 ret = ebcdic_read(bp,&buf[i],1); 708 if (ret <= 0) 709 break; 710 else if (buf[i] == '\n') 711 { 712 ++i; 713 break; 714 } 715 } 716 if (i < size) 717 buf[i] = '\0'; 718 return (ret < 0 && i == 0) ? ret : i; 719} 720 721static int ebcdic_puts(BIO *bp, const char *str) 722{ 723 if (bp->next_bio == NULL) return(0); 724 return ebcdic_write(bp, str, strlen(str)); 725} 726#endif 727 728#ifndef OPENSSL_NO_TLSEXT 729 730/* This is a context that we pass to callbacks */ 731typedef struct tlsextctx_st { 732 char * servername; 733 BIO * biodebug; 734 int extension_error; 735} tlsextctx; 736 737 738static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 739 { 740 tlsextctx * p = (tlsextctx *) arg; 741 const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 742 if (servername && p->biodebug) 743 BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername); 744 745 if (!p->servername) 746 return SSL_TLSEXT_ERR_NOACK; 747 748 if (servername) 749 { 750 if (strcasecmp(servername,p->servername)) 751 return p->extension_error; 752 if (ctx2) 753 { 754 BIO_printf(p->biodebug,"Switching server context.\n"); 755 SSL_set_SSL_CTX(s,ctx2); 756 } 757 } 758 return SSL_TLSEXT_ERR_OK; 759} 760 761/* Structure passed to cert status callback */ 762 763typedef struct tlsextstatusctx_st { 764 /* Default responder to use */ 765 char *host, *path, *port; 766 int use_ssl; 767 int timeout; 768 BIO *err; 769 int verbose; 770} tlsextstatusctx; 771 772static tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0}; 773 774/* Certificate Status callback. This is called when a client includes a 775 * certificate status request extension. 776 * 777 * This is a simplified version. It examines certificates each time and 778 * makes one OCSP responder query for each request. 779 * 780 * A full version would store details such as the OCSP certificate IDs and 781 * minimise the number of OCSP responses by caching them until they were 782 * considered "expired". 783 */ 784 785static int cert_status_cb(SSL *s, void *arg) 786 { 787 tlsextstatusctx *srctx = arg; 788 BIO *err = srctx->err; 789 char *host, *port, *path; 790 int use_ssl; 791 unsigned char *rspder = NULL; 792 int rspderlen; 793 STACK_OF(OPENSSL_STRING) *aia = NULL; 794 X509 *x = NULL; 795 X509_STORE_CTX inctx; 796 X509_OBJECT obj; 797 OCSP_REQUEST *req = NULL; 798 OCSP_RESPONSE *resp = NULL; 799 OCSP_CERTID *id = NULL; 800 STACK_OF(X509_EXTENSION) *exts; 801 int ret = SSL_TLSEXT_ERR_NOACK; 802 int i; 803#if 0 804STACK_OF(OCSP_RESPID) *ids; 805SSL_get_tlsext_status_ids(s, &ids); 806BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); 807#endif 808 if (srctx->verbose) 809 BIO_puts(err, "cert_status: callback called\n"); 810 /* Build up OCSP query from server certificate */ 811 x = SSL_get_certificate(s); 812 aia = X509_get1_ocsp(x); 813 if (aia) 814 { 815 if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), 816 &host, &port, &path, &use_ssl)) 817 { 818 BIO_puts(err, "cert_status: can't parse AIA URL\n"); 819 goto err; 820 } 821 if (srctx->verbose) 822 BIO_printf(err, "cert_status: AIA URL: %s\n", 823 sk_OPENSSL_STRING_value(aia, 0)); 824 } 825 else 826 { 827 if (!srctx->host) 828 { 829 BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n"); 830 goto done; 831 } 832 host = srctx->host; 833 path = srctx->path; 834 port = srctx->port; 835 use_ssl = srctx->use_ssl; 836 } 837 838 if (!X509_STORE_CTX_init(&inctx, 839 SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), 840 NULL, NULL)) 841 goto err; 842 if (X509_STORE_get_by_subject(&inctx,X509_LU_X509, 843 X509_get_issuer_name(x),&obj) <= 0) 844 { 845 BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); 846 X509_STORE_CTX_cleanup(&inctx); 847 goto done; 848 } 849 req = OCSP_REQUEST_new(); 850 if (!req) 851 goto err; 852 id = OCSP_cert_to_id(NULL, x, obj.data.x509); 853 X509_free(obj.data.x509); 854 X509_STORE_CTX_cleanup(&inctx); 855 if (!id) 856 goto err; 857 if (!OCSP_request_add0_id(req, id)) 858 goto err; 859 id = NULL; 860 /* Add any extensions to the request */ 861 SSL_get_tlsext_status_exts(s, &exts); 862 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) 863 { 864 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); 865 if (!OCSP_REQUEST_add_ext(req, ext, -1)) 866 goto err; 867 } 868 resp = process_responder(err, req, host, path, port, use_ssl, NULL, 869 srctx->timeout); 870 if (!resp) 871 { 872 BIO_puts(err, "cert_status: error querying responder\n"); 873 goto done; 874 } 875 rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); 876 if (rspderlen <= 0) 877 goto err; 878 SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); 879 if (srctx->verbose) 880 { 881 BIO_puts(err, "cert_status: ocsp response sent:\n"); 882 OCSP_RESPONSE_print(err, resp, 2); 883 } 884 ret = SSL_TLSEXT_ERR_OK; 885 done: 886 if (ret != SSL_TLSEXT_ERR_OK) 887 ERR_print_errors(err); 888 if (aia) 889 { 890 OPENSSL_free(host); 891 OPENSSL_free(path); 892 OPENSSL_free(port); 893 X509_email_free(aia); 894 } 895 if (id) 896 OCSP_CERTID_free(id); 897 if (req) 898 OCSP_REQUEST_free(req); 899 if (resp) 900 OCSP_RESPONSE_free(resp); 901 return ret; 902 err: 903 ret = SSL_TLSEXT_ERR_ALERT_FATAL; 904 goto done; 905 } 906 907# ifndef OPENSSL_NO_NEXTPROTONEG 908/* This is the context that we pass to next_proto_cb */ 909typedef struct tlsextnextprotoctx_st { 910 unsigned char *data; 911 unsigned int len; 912} tlsextnextprotoctx; 913 914static int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 915 { 916 tlsextnextprotoctx *next_proto = arg; 917 918 *data = next_proto->data; 919 *len = next_proto->len; 920 921 return SSL_TLSEXT_ERR_OK; 922 } 923# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 924 925 926#endif 927 928int MAIN(int, char **); 929 930#ifndef OPENSSL_NO_JPAKE 931static char *jpake_secret = NULL; 932#endif 933#ifndef OPENSSL_NO_SRP 934 static srpsrvparm srp_callback_parm; 935#endif 936#ifndef OPENSSL_NO_SRTP 937static char *srtp_profiles = NULL; 938#endif 939 940int MAIN(int argc, char *argv[]) 941 { 942 X509_VERIFY_PARAM *vpm = NULL; 943 int badarg = 0; 944 short port=PORT; 945 char *CApath=NULL,*CAfile=NULL; 946 unsigned char *context = NULL; 947 char *dhfile = NULL; 948#ifndef OPENSSL_NO_ECDH 949 char *named_curve = NULL; 950#endif 951 int badop=0,bugs=0; 952 int ret=1; 953 int off=0; 954 int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0; 955 int state=0; 956 const SSL_METHOD *meth=NULL; 957 int socket_type=SOCK_STREAM; 958 ENGINE *e=NULL; 959 char *inrand=NULL; 960 int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; 961 char *passarg = NULL, *pass = NULL; 962 char *dpassarg = NULL, *dpass = NULL; 963 int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; 964 X509 *s_cert = NULL, *s_dcert = NULL; 965 EVP_PKEY *s_key = NULL, *s_dkey = NULL; 966 int no_cache = 0; 967#ifndef OPENSSL_NO_TLSEXT 968 EVP_PKEY *s_key2 = NULL; 969 X509 *s_cert2 = NULL; 970 tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; 971# ifndef OPENSSL_NO_NEXTPROTONEG 972 const char *next_proto_neg_in = NULL; 973 tlsextnextprotoctx next_proto; 974# endif 975#endif 976#ifndef OPENSSL_NO_PSK 977 /* by default do not send a PSK identity hint */ 978 static char *psk_identity_hint=NULL; 979#endif 980#ifndef OPENSSL_NO_SRP 981 char *srpuserseed = NULL; 982 char *srp_verifier_file = NULL; 983#endif 984 meth=SSLv23_server_method(); 985 986 local_argc=argc; 987 local_argv=argv; 988 989 apps_startup(); 990#ifdef MONOLITH 991 s_server_init(); 992#endif 993 994 if (bio_err == NULL) 995 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 996 997 if (!load_config(bio_err, NULL)) 998 goto end; 999 1000 verify_depth=0; 1001#ifdef FIONBIO 1002 s_nbio=0; 1003#endif 1004 s_nbio_test=0; 1005 1006 argc--; 1007 argv++; 1008 1009 while (argc >= 1) 1010 { 1011 if ((strcmp(*argv,"-port") == 0) || 1012 (strcmp(*argv,"-accept") == 0)) 1013 { 1014 if (--argc < 1) goto bad; 1015 if (!extract_port(*(++argv),&port)) 1016 goto bad; 1017 } 1018 else if (strcmp(*argv,"-verify") == 0) 1019 { 1020 s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE; 1021 if (--argc < 1) goto bad; 1022 verify_depth=atoi(*(++argv)); 1023 BIO_printf(bio_err,"verify depth is %d\n",verify_depth); 1024 } 1025 else if (strcmp(*argv,"-Verify") == 0) 1026 { 1027 s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT| 1028 SSL_VERIFY_CLIENT_ONCE; 1029 if (--argc < 1) goto bad; 1030 verify_depth=atoi(*(++argv)); 1031 BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth); 1032 } 1033 else if (strcmp(*argv,"-context") == 0) 1034 { 1035 if (--argc < 1) goto bad; 1036 context= (unsigned char *)*(++argv); 1037 } 1038 else if (strcmp(*argv,"-cert") == 0) 1039 { 1040 if (--argc < 1) goto bad; 1041 s_cert_file= *(++argv); 1042 } 1043 else if (strcmp(*argv,"-certform") == 0) 1044 { 1045 if (--argc < 1) goto bad; 1046 s_cert_format = str2fmt(*(++argv)); 1047 } 1048 else if (strcmp(*argv,"-key") == 0) 1049 { 1050 if (--argc < 1) goto bad; 1051 s_key_file= *(++argv); 1052 } 1053 else if (strcmp(*argv,"-keyform") == 0) 1054 { 1055 if (--argc < 1) goto bad; 1056 s_key_format = str2fmt(*(++argv)); 1057 } 1058 else if (strcmp(*argv,"-pass") == 0) 1059 { 1060 if (--argc < 1) goto bad; 1061 passarg = *(++argv); 1062 } 1063 else if (strcmp(*argv,"-dhparam") == 0) 1064 { 1065 if (--argc < 1) goto bad; 1066 dhfile = *(++argv); 1067 } 1068#ifndef OPENSSL_NO_ECDH 1069 else if (strcmp(*argv,"-named_curve") == 0) 1070 { 1071 if (--argc < 1) goto bad; 1072 named_curve = *(++argv); 1073 } 1074#endif 1075 else if (strcmp(*argv,"-dcertform") == 0) 1076 { 1077 if (--argc < 1) goto bad; 1078 s_dcert_format = str2fmt(*(++argv)); 1079 } 1080 else if (strcmp(*argv,"-dcert") == 0) 1081 { 1082 if (--argc < 1) goto bad; 1083 s_dcert_file= *(++argv); 1084 } 1085 else if (strcmp(*argv,"-dkeyform") == 0) 1086 { 1087 if (--argc < 1) goto bad; 1088 s_dkey_format = str2fmt(*(++argv)); 1089 } 1090 else if (strcmp(*argv,"-dpass") == 0) 1091 { 1092 if (--argc < 1) goto bad; 1093 dpassarg = *(++argv); 1094 } 1095 else if (strcmp(*argv,"-dkey") == 0) 1096 { 1097 if (--argc < 1) goto bad; 1098 s_dkey_file= *(++argv); 1099 } 1100 else if (strcmp(*argv,"-nocert") == 0) 1101 { 1102 nocert=1; 1103 } 1104 else if (strcmp(*argv,"-CApath") == 0) 1105 { 1106 if (--argc < 1) goto bad; 1107 CApath= *(++argv); 1108 } 1109 else if (strcmp(*argv,"-no_cache") == 0) 1110 no_cache = 1; 1111 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) 1112 { 1113 if (badarg) 1114 goto bad; 1115 continue; 1116 } 1117 else if (strcmp(*argv,"-verify_return_error") == 0) 1118 verify_return_error = 1; 1119 else if (strcmp(*argv,"-serverpref") == 0) 1120 { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } 1121 else if (strcmp(*argv,"-legacy_renegotiation") == 0) 1122 off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 1123 else if (strcmp(*argv,"-cipher") == 0) 1124 { 1125 if (--argc < 1) goto bad; 1126 cipher= *(++argv); 1127 } 1128 else if (strcmp(*argv,"-CAfile") == 0) 1129 { 1130 if (--argc < 1) goto bad; 1131 CAfile= *(++argv); 1132 } 1133#ifdef FIONBIO 1134 else if (strcmp(*argv,"-nbio") == 0) 1135 { s_nbio=1; } 1136#endif 1137 else if (strcmp(*argv,"-nbio_test") == 0) 1138 { 1139#ifdef FIONBIO 1140 s_nbio=1; 1141#endif 1142 s_nbio_test=1; 1143 } 1144 else if (strcmp(*argv,"-debug") == 0) 1145 { s_debug=1; } 1146#ifndef OPENSSL_NO_TLSEXT 1147 else if (strcmp(*argv,"-tlsextdebug") == 0) 1148 s_tlsextdebug=1; 1149 else if (strcmp(*argv,"-status") == 0) 1150 s_tlsextstatus=1; 1151 else if (strcmp(*argv,"-status_verbose") == 0) 1152 { 1153 s_tlsextstatus=1; 1154 tlscstatp.verbose = 1; 1155 } 1156 else if (!strcmp(*argv, "-status_timeout")) 1157 { 1158 s_tlsextstatus=1; 1159 if (--argc < 1) goto bad; 1160 tlscstatp.timeout = atoi(*(++argv)); 1161 } 1162 else if (!strcmp(*argv, "-status_url")) 1163 { 1164 s_tlsextstatus=1; 1165 if (--argc < 1) goto bad; 1166 if (!OCSP_parse_url(*(++argv), 1167 &tlscstatp.host, 1168 &tlscstatp.port, 1169 &tlscstatp.path, 1170 &tlscstatp.use_ssl)) 1171 { 1172 BIO_printf(bio_err, "Error parsing URL\n"); 1173 goto bad; 1174 } 1175 } 1176#endif 1177 else if (strcmp(*argv,"-msg") == 0) 1178 { s_msg=1; } 1179 else if (strcmp(*argv,"-hack") == 0) 1180 { hack=1; } 1181 else if (strcmp(*argv,"-state") == 0) 1182 { state=1; } 1183 else if (strcmp(*argv,"-crlf") == 0) 1184 { s_crlf=1; } 1185 else if (strcmp(*argv,"-quiet") == 0) 1186 { s_quiet=1; } 1187 else if (strcmp(*argv,"-bugs") == 0) 1188 { bugs=1; } 1189 else if (strcmp(*argv,"-no_tmp_rsa") == 0) 1190 { no_tmp_rsa=1; } 1191 else if (strcmp(*argv,"-no_dhe") == 0) 1192 { no_dhe=1; } 1193 else if (strcmp(*argv,"-no_ecdhe") == 0) 1194 { no_ecdhe=1; } 1195#ifndef OPENSSL_NO_PSK 1196 else if (strcmp(*argv,"-psk_hint") == 0) 1197 { 1198 if (--argc < 1) goto bad; 1199 psk_identity_hint= *(++argv); 1200 } 1201 else if (strcmp(*argv,"-psk") == 0) 1202 { 1203 size_t i; 1204 1205 if (--argc < 1) goto bad; 1206 psk_key=*(++argv); 1207 for (i=0; i<strlen(psk_key); i++) 1208 { 1209 if (isxdigit((unsigned char)psk_key[i])) 1210 continue; 1211 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); 1212 goto bad; 1213 } 1214 } 1215#endif 1216#ifndef OPENSSL_NO_SRP 1217 else if (strcmp(*argv, "-srpvfile") == 0) 1218 { 1219 if (--argc < 1) goto bad; 1220 srp_verifier_file = *(++argv); 1221 meth = TLSv1_server_method(); 1222 } 1223 else if (strcmp(*argv, "-srpuserseed") == 0) 1224 { 1225 if (--argc < 1) goto bad; 1226 srpuserseed = *(++argv); 1227 meth = TLSv1_server_method(); 1228 } 1229#endif 1230 else if (strcmp(*argv,"-www") == 0) 1231 { www=1; } 1232 else if (strcmp(*argv,"-WWW") == 0) 1233 { www=2; } 1234 else if (strcmp(*argv,"-HTTP") == 0) 1235 { www=3; } 1236 else if (strcmp(*argv,"-no_ssl2") == 0) 1237 { off|=SSL_OP_NO_SSLv2; } 1238 else if (strcmp(*argv,"-no_ssl3") == 0) 1239 { off|=SSL_OP_NO_SSLv3; } 1240 else if (strcmp(*argv,"-no_tls1") == 0) 1241 { off|=SSL_OP_NO_TLSv1; } 1242 else if (strcmp(*argv,"-no_tls1_1") == 0) 1243 { off|=SSL_OP_NO_TLSv1_1; } 1244 else if (strcmp(*argv,"-no_tls1_2") == 0) 1245 { off|=SSL_OP_NO_TLSv1_2; } 1246 else if (strcmp(*argv,"-no_comp") == 0) 1247 { off|=SSL_OP_NO_COMPRESSION; } 1248#ifndef OPENSSL_NO_TLSEXT 1249 else if (strcmp(*argv,"-no_ticket") == 0) 1250 { off|=SSL_OP_NO_TICKET; } 1251#endif 1252#ifndef OPENSSL_NO_SSL2 1253 else if (strcmp(*argv,"-ssl2") == 0) 1254 { meth=SSLv2_server_method(); } 1255#endif 1256#ifndef OPENSSL_NO_SSL3_METHOD 1257 else if (strcmp(*argv,"-ssl3") == 0) 1258 { meth=SSLv3_server_method(); } 1259#endif 1260#ifndef OPENSSL_NO_TLS1 1261 else if (strcmp(*argv,"-tls1") == 0) 1262 { meth=TLSv1_server_method(); } 1263 else if (strcmp(*argv,"-tls1_1") == 0) 1264 { meth=TLSv1_1_server_method(); } 1265 else if (strcmp(*argv,"-tls1_2") == 0) 1266 { meth=TLSv1_2_server_method(); } 1267#endif 1268#ifndef OPENSSL_NO_DTLS1 1269 else if (strcmp(*argv,"-dtls1") == 0) 1270 { 1271 meth=DTLSv1_server_method(); 1272 socket_type = SOCK_DGRAM; 1273 } 1274 else if (strcmp(*argv,"-timeout") == 0) 1275 enable_timeouts = 1; 1276 else if (strcmp(*argv,"-mtu") == 0) 1277 { 1278 if (--argc < 1) goto bad; 1279 socket_mtu = atol(*(++argv)); 1280 } 1281 else if (strcmp(*argv, "-chain") == 0) 1282 cert_chain = 1; 1283#endif 1284 else if (strcmp(*argv, "-id_prefix") == 0) 1285 { 1286 if (--argc < 1) goto bad; 1287 session_id_prefix = *(++argv); 1288 } 1289#ifndef OPENSSL_NO_ENGINE 1290 else if (strcmp(*argv,"-engine") == 0) 1291 { 1292 if (--argc < 1) goto bad; 1293 engine_id= *(++argv); 1294 } 1295#endif 1296 else if (strcmp(*argv,"-rand") == 0) 1297 { 1298 if (--argc < 1) goto bad; 1299 inrand= *(++argv); 1300 } 1301#ifndef OPENSSL_NO_TLSEXT 1302 else if (strcmp(*argv,"-servername") == 0) 1303 { 1304 if (--argc < 1) goto bad; 1305 tlsextcbp.servername= *(++argv); 1306 } 1307 else if (strcmp(*argv,"-servername_fatal") == 0) 1308 { tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; } 1309 else if (strcmp(*argv,"-cert2") == 0) 1310 { 1311 if (--argc < 1) goto bad; 1312 s_cert_file2= *(++argv); 1313 } 1314 else if (strcmp(*argv,"-key2") == 0) 1315 { 1316 if (--argc < 1) goto bad; 1317 s_key_file2= *(++argv); 1318 } 1319# ifndef OPENSSL_NO_NEXTPROTONEG 1320 else if (strcmp(*argv,"-nextprotoneg") == 0) 1321 { 1322 if (--argc < 1) goto bad; 1323 next_proto_neg_in = *(++argv); 1324 } 1325# endif 1326#endif 1327#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1328 else if (strcmp(*argv,"-jpake") == 0) 1329 { 1330 if (--argc < 1) goto bad; 1331 jpake_secret = *(++argv); 1332 } 1333#endif 1334#ifndef OPENSSL_NO_SRTP 1335 else if (strcmp(*argv,"-use_srtp") == 0) 1336 { 1337 if (--argc < 1) goto bad; 1338 srtp_profiles = *(++argv); 1339 } 1340#endif 1341 else if (strcmp(*argv,"-keymatexport") == 0) 1342 { 1343 if (--argc < 1) goto bad; 1344 keymatexportlabel= *(++argv); 1345 } 1346 else if (strcmp(*argv,"-keymatexportlen") == 0) 1347 { 1348 if (--argc < 1) goto bad; 1349 keymatexportlen=atoi(*(++argv)); 1350 if (keymatexportlen == 0) goto bad; 1351 } 1352 else 1353 { 1354 BIO_printf(bio_err,"unknown option %s\n",*argv); 1355 badop=1; 1356 break; 1357 } 1358 argc--; 1359 argv++; 1360 } 1361 if (badop) 1362 { 1363bad: 1364 sv_usage(); 1365 goto end; 1366 } 1367#ifndef OPENSSL_NO_DTLS1 1368 if (www && socket_type == SOCK_DGRAM) 1369 { 1370 BIO_printf(bio_err, 1371 "Can't use -HTTP, -www or -WWW with DTLS\n"); 1372 goto end; 1373 } 1374#endif 1375 1376#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1377 if (jpake_secret) 1378 { 1379 if (psk_key) 1380 { 1381 BIO_printf(bio_err, 1382 "Can't use JPAKE and PSK together\n"); 1383 goto end; 1384 } 1385 psk_identity = "JPAKE"; 1386 if (cipher) 1387 { 1388 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1389 goto end; 1390 } 1391 cipher = "PSK"; 1392 } 1393 1394#endif 1395 1396 SSL_load_error_strings(); 1397 OpenSSL_add_ssl_algorithms(); 1398 1399#ifndef OPENSSL_NO_ENGINE 1400 e = setup_engine(bio_err, engine_id, 1); 1401#endif 1402 1403 if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) 1404 { 1405 BIO_printf(bio_err, "Error getting password\n"); 1406 goto end; 1407 } 1408 1409 1410 if (s_key_file == NULL) 1411 s_key_file = s_cert_file; 1412#ifndef OPENSSL_NO_TLSEXT 1413 if (s_key_file2 == NULL) 1414 s_key_file2 = s_cert_file2; 1415#endif 1416 1417 if (nocert == 0) 1418 { 1419 s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, 1420 "server certificate private key file"); 1421 if (!s_key) 1422 { 1423 ERR_print_errors(bio_err); 1424 goto end; 1425 } 1426 1427 s_cert = load_cert(bio_err,s_cert_file,s_cert_format, 1428 NULL, e, "server certificate file"); 1429 1430 if (!s_cert) 1431 { 1432 ERR_print_errors(bio_err); 1433 goto end; 1434 } 1435 1436#ifndef OPENSSL_NO_TLSEXT 1437 if (tlsextcbp.servername) 1438 { 1439 s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, 1440 "second server certificate private key file"); 1441 if (!s_key2) 1442 { 1443 ERR_print_errors(bio_err); 1444 goto end; 1445 } 1446 1447 s_cert2 = load_cert(bio_err,s_cert_file2,s_cert_format, 1448 NULL, e, "second server certificate file"); 1449 1450 if (!s_cert2) 1451 { 1452 ERR_print_errors(bio_err); 1453 goto end; 1454 } 1455 } 1456#endif 1457 } 1458 1459#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 1460 if (next_proto_neg_in) 1461 { 1462 unsigned short len; 1463 next_proto.data = next_protos_parse(&len, next_proto_neg_in); 1464 if (next_proto.data == NULL) 1465 goto end; 1466 next_proto.len = len; 1467 } 1468 else 1469 { 1470 next_proto.data = NULL; 1471 } 1472#endif 1473 1474 1475 if (s_dcert_file) 1476 { 1477 1478 if (s_dkey_file == NULL) 1479 s_dkey_file = s_dcert_file; 1480 1481 s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, 1482 0, dpass, e, 1483 "second certificate private key file"); 1484 if (!s_dkey) 1485 { 1486 ERR_print_errors(bio_err); 1487 goto end; 1488 } 1489 1490 s_dcert = load_cert(bio_err,s_dcert_file,s_dcert_format, 1491 NULL, e, "second server certificate file"); 1492 1493 if (!s_dcert) 1494 { 1495 ERR_print_errors(bio_err); 1496 goto end; 1497 } 1498 1499 } 1500 1501 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1502 && !RAND_status()) 1503 { 1504 BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 1505 } 1506 if (inrand != NULL) 1507 BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 1508 app_RAND_load_files(inrand)); 1509 1510 if (bio_s_out == NULL) 1511 { 1512 if (s_quiet && !s_debug && !s_msg) 1513 { 1514 bio_s_out=BIO_new(BIO_s_null()); 1515 } 1516 else 1517 { 1518 if (bio_s_out == NULL) 1519 bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE); 1520 } 1521 } 1522 1523#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) 1524 if (nocert) 1525#endif 1526 { 1527 s_cert_file=NULL; 1528 s_key_file=NULL; 1529 s_dcert_file=NULL; 1530 s_dkey_file=NULL; 1531#ifndef OPENSSL_NO_TLSEXT 1532 s_cert_file2=NULL; 1533 s_key_file2=NULL; 1534#endif 1535 } 1536 1537 ctx=SSL_CTX_new(meth); 1538 if (ctx == NULL) 1539 { 1540 ERR_print_errors(bio_err); 1541 goto end; 1542 } 1543 if (session_id_prefix) 1544 { 1545 if(strlen(session_id_prefix) >= 32) 1546 BIO_printf(bio_err, 1547"warning: id_prefix is too long, only one new session will be possible\n"); 1548 else if(strlen(session_id_prefix) >= 16) 1549 BIO_printf(bio_err, 1550"warning: id_prefix is too long if you use SSLv2\n"); 1551 if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) 1552 { 1553 BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1554 ERR_print_errors(bio_err); 1555 goto end; 1556 } 1557 BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1558 } 1559 SSL_CTX_set_quiet_shutdown(ctx,1); 1560 if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); 1561 if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1562 SSL_CTX_set_options(ctx,off); 1563 /* DTLS: partial reads end up discarding unread UDP bytes :-( 1564 * Setting read ahead solves this problem. 1565 */ 1566 if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); 1567 1568 if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); 1569 if (no_cache) 1570 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); 1571 else 1572 SSL_CTX_sess_set_cache_size(ctx,128); 1573 1574#ifndef OPENSSL_NO_SRTP 1575 if (srtp_profiles != NULL) 1576 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1577#endif 1578 1579#if 0 1580 if (cipher == NULL) cipher=getenv("SSL_CIPHER"); 1581#endif 1582 1583#if 0 1584 if (s_cert_file == NULL) 1585 { 1586 BIO_printf(bio_err,"You must specify a certificate file for the server to use\n"); 1587 goto end; 1588 } 1589#endif 1590 1591 if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || 1592 (!SSL_CTX_set_default_verify_paths(ctx))) 1593 { 1594 /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ 1595 ERR_print_errors(bio_err); 1596 /* goto end; */ 1597 } 1598 if (vpm) 1599 SSL_CTX_set1_param(ctx, vpm); 1600 1601#ifndef OPENSSL_NO_TLSEXT 1602 if (s_cert2) 1603 { 1604 ctx2=SSL_CTX_new(meth); 1605 if (ctx2 == NULL) 1606 { 1607 ERR_print_errors(bio_err); 1608 goto end; 1609 } 1610 } 1611 1612 if (ctx2) 1613 { 1614 BIO_printf(bio_s_out,"Setting secondary ctx parameters\n"); 1615 1616 if (session_id_prefix) 1617 { 1618 if(strlen(session_id_prefix) >= 32) 1619 BIO_printf(bio_err, 1620 "warning: id_prefix is too long, only one new session will be possible\n"); 1621 else if(strlen(session_id_prefix) >= 16) 1622 BIO_printf(bio_err, 1623 "warning: id_prefix is too long if you use SSLv2\n"); 1624 if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) 1625 { 1626 BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1627 ERR_print_errors(bio_err); 1628 goto end; 1629 } 1630 BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1631 } 1632 SSL_CTX_set_quiet_shutdown(ctx2,1); 1633 if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL); 1634 if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1635 SSL_CTX_set_options(ctx2,off); 1636 /* DTLS: partial reads end up discarding unread UDP bytes :-( 1637 * Setting read ahead solves this problem. 1638 */ 1639 if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1); 1640 1641 if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback); 1642 1643 if (no_cache) 1644 SSL_CTX_set_session_cache_mode(ctx2,SSL_SESS_CACHE_OFF); 1645 else 1646 SSL_CTX_sess_set_cache_size(ctx2,128); 1647 1648 if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) || 1649 (!SSL_CTX_set_default_verify_paths(ctx2))) 1650 { 1651 ERR_print_errors(bio_err); 1652 } 1653 if (vpm) 1654 SSL_CTX_set1_param(ctx2, vpm); 1655 } 1656 1657# ifndef OPENSSL_NO_NEXTPROTONEG 1658 if (next_proto.data) 1659 SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); 1660# endif 1661#endif 1662 1663#ifndef OPENSSL_NO_DH 1664 if (!no_dhe) 1665 { 1666 DH *dh=NULL; 1667 1668 if (dhfile) 1669 dh = load_dh_param(dhfile); 1670 else if (s_cert_file) 1671 dh = load_dh_param(s_cert_file); 1672 1673 if (dh != NULL) 1674 { 1675 BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1676 } 1677 else 1678 { 1679 BIO_printf(bio_s_out,"Using default temp DH parameters\n"); 1680 dh=get_dh512(); 1681 } 1682 (void)BIO_flush(bio_s_out); 1683 1684 SSL_CTX_set_tmp_dh(ctx,dh); 1685#ifndef OPENSSL_NO_TLSEXT 1686 if (ctx2) 1687 { 1688 if (!dhfile) 1689 { 1690 DH *dh2=load_dh_param(s_cert_file2); 1691 if (dh2 != NULL) 1692 { 1693 BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1694 (void)BIO_flush(bio_s_out); 1695 1696 DH_free(dh); 1697 dh = dh2; 1698 } 1699 } 1700 SSL_CTX_set_tmp_dh(ctx2,dh); 1701 } 1702#endif 1703 DH_free(dh); 1704 } 1705#endif 1706 1707#ifndef OPENSSL_NO_ECDH 1708 if (!no_ecdhe) 1709 { 1710 EC_KEY *ecdh=NULL; 1711 1712 if (named_curve) 1713 { 1714 int nid = OBJ_sn2nid(named_curve); 1715 1716 if (nid == 0) 1717 { 1718 BIO_printf(bio_err, "unknown curve name (%s)\n", 1719 named_curve); 1720 goto end; 1721 } 1722 ecdh = EC_KEY_new_by_curve_name(nid); 1723 if (ecdh == NULL) 1724 { 1725 BIO_printf(bio_err, "unable to create curve (%s)\n", 1726 named_curve); 1727 goto end; 1728 } 1729 } 1730 1731 if (ecdh != NULL) 1732 { 1733 BIO_printf(bio_s_out,"Setting temp ECDH parameters\n"); 1734 } 1735 else 1736 { 1737 BIO_printf(bio_s_out,"Using default temp ECDH parameters\n"); 1738 ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); 1739 if (ecdh == NULL) 1740 { 1741 BIO_printf(bio_err, "unable to create curve (nistp256)\n"); 1742 goto end; 1743 } 1744 } 1745 (void)BIO_flush(bio_s_out); 1746 1747 SSL_CTX_set_tmp_ecdh(ctx,ecdh); 1748#ifndef OPENSSL_NO_TLSEXT 1749 if (ctx2) 1750 SSL_CTX_set_tmp_ecdh(ctx2,ecdh); 1751#endif 1752 EC_KEY_free(ecdh); 1753 } 1754#endif 1755 1756 if (!set_cert_key_stuff(ctx, s_cert, s_key)) 1757 goto end; 1758#ifndef OPENSSL_NO_TLSEXT 1759 if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2)) 1760 goto end; 1761#endif 1762 if (s_dcert != NULL) 1763 { 1764 if (!set_cert_key_stuff(ctx, s_dcert, s_dkey)) 1765 goto end; 1766 } 1767 1768#ifndef OPENSSL_NO_RSA 1769#if 1 1770 if (!no_tmp_rsa) 1771 { 1772 SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); 1773#ifndef OPENSSL_NO_TLSEXT 1774 if (ctx2) 1775 SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb); 1776#endif 1777 } 1778#else 1779 if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) 1780 { 1781 RSA *rsa; 1782 1783 BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key..."); 1784 BIO_flush(bio_s_out); 1785 1786 rsa=RSA_generate_key(512,RSA_F4,NULL); 1787 1788 if (!SSL_CTX_set_tmp_rsa(ctx,rsa)) 1789 { 1790 ERR_print_errors(bio_err); 1791 goto end; 1792 } 1793#ifndef OPENSSL_NO_TLSEXT 1794 if (ctx2) 1795 { 1796 if (!SSL_CTX_set_tmp_rsa(ctx2,rsa)) 1797 { 1798 ERR_print_errors(bio_err); 1799 goto end; 1800 } 1801 } 1802#endif 1803 RSA_free(rsa); 1804 BIO_printf(bio_s_out,"\n"); 1805 } 1806#endif 1807#endif 1808 1809#ifndef OPENSSL_NO_PSK 1810#ifdef OPENSSL_NO_JPAKE 1811 if (psk_key != NULL) 1812#else 1813 if (psk_key != NULL || jpake_secret) 1814#endif 1815 { 1816 if (s_debug) 1817 BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n"); 1818 SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); 1819 } 1820 1821 if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) 1822 { 1823 BIO_printf(bio_err,"error setting PSK identity hint to context\n"); 1824 ERR_print_errors(bio_err); 1825 goto end; 1826 } 1827#endif 1828 1829 if (cipher != NULL) 1830 { 1831 if(!SSL_CTX_set_cipher_list(ctx,cipher)) 1832 { 1833 BIO_printf(bio_err,"error setting cipher list\n"); 1834 ERR_print_errors(bio_err); 1835 goto end; 1836 } 1837#ifndef OPENSSL_NO_TLSEXT 1838 if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher)) 1839 { 1840 BIO_printf(bio_err,"error setting cipher list\n"); 1841 ERR_print_errors(bio_err); 1842 goto end; 1843 } 1844#endif 1845 } 1846 SSL_CTX_set_verify(ctx,s_server_verify,verify_callback); 1847 SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context, 1848 sizeof s_server_session_id_context); 1849 1850 /* Set DTLS cookie generation and verification callbacks */ 1851 SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); 1852 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); 1853 1854#ifndef OPENSSL_NO_TLSEXT 1855 if (ctx2) 1856 { 1857 SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback); 1858 SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context, 1859 sizeof s_server_session_id_context); 1860 1861 tlsextcbp.biodebug = bio_s_out; 1862 SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); 1863 SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); 1864 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1865 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1866 } 1867#endif 1868 1869#ifndef OPENSSL_NO_SRP 1870 if (srp_verifier_file != NULL) 1871 { 1872 srp_callback_parm.vb = SRP_VBASE_new(srpuserseed); 1873 srp_callback_parm.user = NULL; 1874 srp_callback_parm.login = NULL; 1875 if ((ret = SRP_VBASE_init(srp_callback_parm.vb, srp_verifier_file)) != SRP_NO_ERROR) 1876 { 1877 BIO_printf(bio_err, 1878 "Cannot initialize SRP verifier file \"%s\":ret=%d\n", 1879 srp_verifier_file, ret); 1880 goto end; 1881 } 1882 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE,verify_callback); 1883 SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm); 1884 SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb); 1885 } 1886 else 1887#endif 1888 if (CAfile != NULL) 1889 { 1890 SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); 1891#ifndef OPENSSL_NO_TLSEXT 1892 if (ctx2) 1893 SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile)); 1894#endif 1895 } 1896 1897 BIO_printf(bio_s_out,"ACCEPT\n"); 1898 (void)BIO_flush(bio_s_out); 1899 if (www) 1900 do_server(port,socket_type,&accept_socket,www_body, context); 1901 else 1902 do_server(port,socket_type,&accept_socket,sv_body, context); 1903 print_stats(bio_s_out,ctx); 1904 ret=0; 1905end: 1906 if (ctx != NULL) SSL_CTX_free(ctx); 1907 if (s_cert) 1908 X509_free(s_cert); 1909 if (s_dcert) 1910 X509_free(s_dcert); 1911 if (s_key) 1912 EVP_PKEY_free(s_key); 1913 if (s_dkey) 1914 EVP_PKEY_free(s_dkey); 1915 if (pass) 1916 OPENSSL_free(pass); 1917 if (dpass) 1918 OPENSSL_free(dpass); 1919 if (vpm) 1920 X509_VERIFY_PARAM_free(vpm); 1921#ifndef OPENSSL_NO_TLSEXT 1922 if (tlscstatp.host) 1923 OPENSSL_free(tlscstatp.host); 1924 if (tlscstatp.port) 1925 OPENSSL_free(tlscstatp.port); 1926 if (tlscstatp.path) 1927 OPENSSL_free(tlscstatp.path); 1928 if (ctx2 != NULL) SSL_CTX_free(ctx2); 1929 if (s_cert2) 1930 X509_free(s_cert2); 1931 if (s_key2) 1932 EVP_PKEY_free(s_key2); 1933#endif 1934 if (bio_s_out != NULL) 1935 { 1936 BIO_free(bio_s_out); 1937 bio_s_out=NULL; 1938 } 1939 apps_shutdown(); 1940 OPENSSL_EXIT(ret); 1941 } 1942 1943static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) 1944 { 1945 BIO_printf(bio,"%4ld items in the session cache\n", 1946 SSL_CTX_sess_number(ssl_ctx)); 1947 BIO_printf(bio,"%4ld client connects (SSL_connect())\n", 1948 SSL_CTX_sess_connect(ssl_ctx)); 1949 BIO_printf(bio,"%4ld client renegotiates (SSL_connect())\n", 1950 SSL_CTX_sess_connect_renegotiate(ssl_ctx)); 1951 BIO_printf(bio,"%4ld client connects that finished\n", 1952 SSL_CTX_sess_connect_good(ssl_ctx)); 1953 BIO_printf(bio,"%4ld server accepts (SSL_accept())\n", 1954 SSL_CTX_sess_accept(ssl_ctx)); 1955 BIO_printf(bio,"%4ld server renegotiates (SSL_accept())\n", 1956 SSL_CTX_sess_accept_renegotiate(ssl_ctx)); 1957 BIO_printf(bio,"%4ld server accepts that finished\n", 1958 SSL_CTX_sess_accept_good(ssl_ctx)); 1959 BIO_printf(bio,"%4ld session cache hits\n",SSL_CTX_sess_hits(ssl_ctx)); 1960 BIO_printf(bio,"%4ld session cache misses\n",SSL_CTX_sess_misses(ssl_ctx)); 1961 BIO_printf(bio,"%4ld session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx)); 1962 BIO_printf(bio,"%4ld callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx)); 1963 BIO_printf(bio,"%4ld cache full overflows (%ld allowed)\n", 1964 SSL_CTX_sess_cache_full(ssl_ctx), 1965 SSL_CTX_sess_get_cache_size(ssl_ctx)); 1966 } 1967 1968static int sv_body(char *hostname, int s, unsigned char *context) 1969 { 1970 char *buf=NULL; 1971 fd_set readfds; 1972 int ret=1,width; 1973 int k,i; 1974 unsigned long l; 1975 SSL *con=NULL; 1976 BIO *sbio; 1977#ifndef OPENSSL_NO_KRB5 1978 KSSL_CTX *kctx; 1979#endif 1980 struct timeval timeout; 1981#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1982 struct timeval tv; 1983#else 1984 struct timeval *timeoutp; 1985#endif 1986 1987 if ((buf=OPENSSL_malloc(bufsize)) == NULL) 1988 { 1989 BIO_printf(bio_err,"out of memory\n"); 1990 goto err; 1991 } 1992#ifdef FIONBIO 1993 if (s_nbio) 1994 { 1995 unsigned long sl=1; 1996 1997 if (!s_quiet) 1998 BIO_printf(bio_err,"turning on non blocking io\n"); 1999 if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 2000 ERR_print_errors(bio_err); 2001 } 2002#endif 2003 2004 if (con == NULL) { 2005 con=SSL_new(ctx); 2006#ifndef OPENSSL_NO_TLSEXT 2007 if (s_tlsextdebug) 2008 { 2009 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2010 SSL_set_tlsext_debug_arg(con, bio_s_out); 2011 } 2012 if (s_tlsextstatus) 2013 { 2014 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); 2015 tlscstatp.err = bio_err; 2016 SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); 2017 } 2018#endif 2019#ifndef OPENSSL_NO_KRB5 2020 if ((kctx = kssl_ctx_new()) != NULL) 2021 { 2022 SSL_set0_kssl_ctx(con, kctx); 2023 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2024 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2025 } 2026#endif /* OPENSSL_NO_KRB5 */ 2027 if(context) 2028 SSL_set_session_id_context(con, context, 2029 strlen((char *)context)); 2030 } 2031 SSL_clear(con); 2032#if 0 2033#ifdef TLSEXT_TYPE_opaque_prf_input 2034 SSL_set_tlsext_opaque_prf_input(con, "Test server", 11); 2035#endif 2036#endif 2037 2038 if (SSL_version(con) == DTLS1_VERSION) 2039 { 2040 2041 sbio=BIO_new_dgram(s,BIO_NOCLOSE); 2042 2043 if (enable_timeouts) 2044 { 2045 timeout.tv_sec = 0; 2046 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 2047 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 2048 2049 timeout.tv_sec = 0; 2050 timeout.tv_usec = DGRAM_SND_TIMEOUT; 2051 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 2052 } 2053 2054 if (socket_mtu) 2055 { 2056 if(socket_mtu < DTLS_get_link_min_mtu(con)) 2057 { 2058 BIO_printf(bio_err,"MTU too small. Must be at least %ld\n", 2059 DTLS_get_link_min_mtu(con)); 2060 ret = -1; 2061 BIO_free(sbio); 2062 goto err; 2063 } 2064 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 2065 if(!DTLS_set_link_mtu(con, socket_mtu)) 2066 { 2067 BIO_printf(bio_err, "Failed to set MTU\n"); 2068 ret = -1; 2069 BIO_free(sbio); 2070 goto err; 2071 } 2072 } 2073 else 2074 /* want to do MTU discovery */ 2075 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 2076 2077 /* turn on cookie exchange */ 2078 SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); 2079 } 2080 else 2081 sbio=BIO_new_socket(s,BIO_NOCLOSE); 2082 2083 if (s_nbio_test) 2084 { 2085 BIO *test; 2086 2087 test=BIO_new(BIO_f_nbio_test()); 2088 sbio=BIO_push(test,sbio); 2089 } 2090#ifndef OPENSSL_NO_JPAKE 2091 if(jpake_secret) 2092 jpake_server_auth(bio_s_out, sbio, jpake_secret); 2093#endif 2094 2095 SSL_set_bio(con,sbio,sbio); 2096 SSL_set_accept_state(con); 2097 /* SSL_set_fd(con,s); */ 2098 2099 if (s_debug) 2100 { 2101 SSL_set_debug(con, 1); 2102 BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2103 BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2104 } 2105 if (s_msg) 2106 { 2107 SSL_set_msg_callback(con, msg_cb); 2108 SSL_set_msg_callback_arg(con, bio_s_out); 2109 } 2110#ifndef OPENSSL_NO_TLSEXT 2111 if (s_tlsextdebug) 2112 { 2113 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2114 SSL_set_tlsext_debug_arg(con, bio_s_out); 2115 } 2116#endif 2117 2118 width=s+1; 2119 for (;;) 2120 { 2121 int read_from_terminal; 2122 int read_from_sslcon; 2123 2124 read_from_terminal = 0; 2125 read_from_sslcon = SSL_pending(con); 2126 2127 if (!read_from_sslcon) 2128 { 2129 FD_ZERO(&readfds); 2130#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5) 2131 openssl_fdset(fileno(stdin),&readfds); 2132#endif 2133 openssl_fdset(s,&readfds); 2134 /* Note: under VMS with SOCKETSHR the second parameter is 2135 * currently of type (int *) whereas under other systems 2136 * it is (void *) if you don't have a cast it will choke 2137 * the compiler: if you do have a cast then you can either 2138 * go for (int *) or (void *). 2139 */ 2140#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) 2141 /* Under DOS (non-djgpp) and Windows we can't select on stdin: only 2142 * on sockets. As a workaround we timeout the select every 2143 * second and check for any keypress. In a proper Windows 2144 * application we wouldn't do this because it is inefficient. 2145 */ 2146 tv.tv_sec = 1; 2147 tv.tv_usec = 0; 2148 i=select(width,(void *)&readfds,NULL,NULL,&tv); 2149 if((i < 0) || (!i && !_kbhit() ) )continue; 2150 if(_kbhit()) 2151 read_from_terminal = 1; 2152#elif defined(OPENSSL_SYS_BEOS_R5) 2153 /* Under BeOS-R5 the situation is similar to DOS */ 2154 tv.tv_sec = 1; 2155 tv.tv_usec = 0; 2156 (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 2157 i=select(width,(void *)&readfds,NULL,NULL,&tv); 2158 if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0)) 2159 continue; 2160 if (read(fileno(stdin), buf, 0) >= 0) 2161 read_from_terminal = 1; 2162 (void)fcntl(fileno(stdin), F_SETFL, 0); 2163#else 2164 if ((SSL_version(con) == DTLS1_VERSION) && 2165 DTLSv1_get_timeout(con, &timeout)) 2166 timeoutp = &timeout; 2167 else 2168 timeoutp = NULL; 2169 2170 i=select(width,(void *)&readfds,NULL,NULL,timeoutp); 2171 2172 if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) 2173 { 2174 BIO_printf(bio_err,"TIMEOUT occured\n"); 2175 } 2176 2177 if (i <= 0) continue; 2178 if (FD_ISSET(fileno(stdin),&readfds)) 2179 read_from_terminal = 1; 2180#endif 2181 if (FD_ISSET(s,&readfds)) 2182 read_from_sslcon = 1; 2183 } 2184 if (read_from_terminal) 2185 { 2186 if (s_crlf) 2187 { 2188 int j, lf_num; 2189 2190 i=raw_read_stdin(buf, bufsize/2); 2191 lf_num = 0; 2192 /* both loops are skipped when i <= 0 */ 2193 for (j = 0; j < i; j++) 2194 if (buf[j] == '\n') 2195 lf_num++; 2196 for (j = i-1; j >= 0; j--) 2197 { 2198 buf[j+lf_num] = buf[j]; 2199 if (buf[j] == '\n') 2200 { 2201 lf_num--; 2202 i++; 2203 buf[j+lf_num] = '\r'; 2204 } 2205 } 2206 assert(lf_num == 0); 2207 } 2208 else 2209 i=raw_read_stdin(buf,bufsize); 2210 if (!s_quiet) 2211 { 2212 if ((i <= 0) || (buf[0] == 'Q')) 2213 { 2214 BIO_printf(bio_s_out,"DONE\n"); 2215 SHUTDOWN(s); 2216 close_accept_socket(); 2217 ret= -11; 2218 goto err; 2219 } 2220 if ((i <= 0) || (buf[0] == 'q')) 2221 { 2222 BIO_printf(bio_s_out,"DONE\n"); 2223 if (SSL_version(con) != DTLS1_VERSION) 2224 SHUTDOWN(s); 2225 /* close_accept_socket(); 2226 ret= -11;*/ 2227 goto err; 2228 } 2229 2230#ifndef OPENSSL_NO_HEARTBEATS 2231 if ((buf[0] == 'B') && 2232 ((buf[1] == '\n') || (buf[1] == '\r'))) 2233 { 2234 BIO_printf(bio_err,"HEARTBEATING\n"); 2235 SSL_heartbeat(con); 2236 i=0; 2237 continue; 2238 } 2239#endif 2240 if ((buf[0] == 'r') && 2241 ((buf[1] == '\n') || (buf[1] == '\r'))) 2242 { 2243 SSL_renegotiate(con); 2244 i=SSL_do_handshake(con); 2245 printf("SSL_do_handshake -> %d\n",i); 2246 i=0; /*13; */ 2247 continue; 2248 /* strcpy(buf,"server side RE-NEGOTIATE\n"); */ 2249 } 2250 if ((buf[0] == 'R') && 2251 ((buf[1] == '\n') || (buf[1] == '\r'))) 2252 { 2253 SSL_set_verify(con, 2254 SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL); 2255 SSL_renegotiate(con); 2256 i=SSL_do_handshake(con); 2257 printf("SSL_do_handshake -> %d\n",i); 2258 i=0; /* 13; */ 2259 continue; 2260 /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */ 2261 } 2262 if (buf[0] == 'P') 2263 { 2264 static const char *str="Lets print some clear text\n"; 2265 BIO_write(SSL_get_wbio(con),str,strlen(str)); 2266 } 2267 if (buf[0] == 'S') 2268 { 2269 print_stats(bio_s_out,SSL_get_SSL_CTX(con)); 2270 } 2271 } 2272#ifdef CHARSET_EBCDIC 2273 ebcdic2ascii(buf,buf,i); 2274#endif 2275 l=k=0; 2276 for (;;) 2277 { 2278 /* should do a select for the write */ 2279#ifdef RENEG 2280{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } } 2281#endif 2282 k=SSL_write(con,&(buf[l]),(unsigned int)i); 2283#ifndef OPENSSL_NO_SRP 2284 while (SSL_get_error(con,k) == SSL_ERROR_WANT_X509_LOOKUP) 2285 { 2286 BIO_printf(bio_s_out,"LOOKUP renego during write\n"); 2287 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2288 if (srp_callback_parm.user) 2289 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2290 else 2291 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2292 k=SSL_write(con,&(buf[l]),(unsigned int)i); 2293 } 2294#endif 2295 switch (SSL_get_error(con,k)) 2296 { 2297 case SSL_ERROR_NONE: 2298 break; 2299 case SSL_ERROR_WANT_WRITE: 2300 case SSL_ERROR_WANT_READ: 2301 case SSL_ERROR_WANT_X509_LOOKUP: 2302 BIO_printf(bio_s_out,"Write BLOCK\n"); 2303 break; 2304 case SSL_ERROR_SYSCALL: 2305 case SSL_ERROR_SSL: 2306 BIO_printf(bio_s_out,"ERROR\n"); 2307 ERR_print_errors(bio_err); 2308 ret=1; 2309 goto err; 2310 /* break; */ 2311 case SSL_ERROR_ZERO_RETURN: 2312 BIO_printf(bio_s_out,"DONE\n"); 2313 ret=1; 2314 goto err; 2315 } 2316 l+=k; 2317 i-=k; 2318 if (i <= 0) break; 2319 } 2320 } 2321 if (read_from_sslcon) 2322 { 2323 if (!SSL_is_init_finished(con)) 2324 { 2325 i=init_ssl_connection(con); 2326 2327 if (i < 0) 2328 { 2329 ret=0; 2330 goto err; 2331 } 2332 else if (i == 0) 2333 { 2334 ret=1; 2335 goto err; 2336 } 2337 } 2338 else 2339 { 2340again: 2341 i=SSL_read(con,(char *)buf,bufsize); 2342#ifndef OPENSSL_NO_SRP 2343 while (SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2344 { 2345 BIO_printf(bio_s_out,"LOOKUP renego during read\n"); 2346 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2347 if (srp_callback_parm.user) 2348 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2349 else 2350 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2351 i=SSL_read(con,(char *)buf,bufsize); 2352 } 2353#endif 2354 switch (SSL_get_error(con,i)) 2355 { 2356 case SSL_ERROR_NONE: 2357#ifdef CHARSET_EBCDIC 2358 ascii2ebcdic(buf,buf,i); 2359#endif 2360 raw_write_stdout(buf, 2361 (unsigned int)i); 2362 if (SSL_pending(con)) goto again; 2363 break; 2364 case SSL_ERROR_WANT_WRITE: 2365 case SSL_ERROR_WANT_READ: 2366 BIO_printf(bio_s_out,"Read BLOCK\n"); 2367 break; 2368 case SSL_ERROR_SYSCALL: 2369 case SSL_ERROR_SSL: 2370 BIO_printf(bio_s_out,"ERROR\n"); 2371 ERR_print_errors(bio_err); 2372 ret=1; 2373 goto err; 2374 case SSL_ERROR_ZERO_RETURN: 2375 BIO_printf(bio_s_out,"DONE\n"); 2376 ret=1; 2377 goto err; 2378 } 2379 } 2380 } 2381 } 2382err: 2383 if (con != NULL) 2384 { 2385 BIO_printf(bio_s_out,"shutting down SSL\n"); 2386#if 1 2387 SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2388#else 2389 SSL_shutdown(con); 2390#endif 2391 SSL_free(con); 2392 } 2393 BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); 2394 if (buf != NULL) 2395 { 2396 OPENSSL_cleanse(buf,bufsize); 2397 OPENSSL_free(buf); 2398 } 2399 if (ret >= 0) 2400 BIO_printf(bio_s_out,"ACCEPT\n"); 2401 return(ret); 2402 } 2403 2404static void close_accept_socket(void) 2405 { 2406 BIO_printf(bio_err,"shutdown accept socket\n"); 2407 if (accept_socket >= 0) 2408 { 2409 SHUTDOWN2(accept_socket); 2410 } 2411 } 2412 2413static int init_ssl_connection(SSL *con) 2414 { 2415 int i; 2416 const char *str; 2417 X509 *peer; 2418 long verify_error; 2419 MS_STATIC char buf[BUFSIZ]; 2420#ifndef OPENSSL_NO_KRB5 2421 char *client_princ; 2422#endif 2423#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2424 const unsigned char *next_proto_neg; 2425 unsigned next_proto_neg_len; 2426#endif 2427 unsigned char *exportedkeymat; 2428 2429 2430 i=SSL_accept(con); 2431#ifndef OPENSSL_NO_SRP 2432 while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2433 { 2434 BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login); 2435 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2436 if (srp_callback_parm.user) 2437 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2438 else 2439 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2440 i=SSL_accept(con); 2441 } 2442#endif 2443 if (i <= 0) 2444 { 2445 if (BIO_sock_should_retry(i)) 2446 { 2447 BIO_printf(bio_s_out,"DELAY\n"); 2448 return(1); 2449 } 2450 2451 BIO_printf(bio_err,"ERROR\n"); 2452 verify_error=SSL_get_verify_result(con); 2453 if (verify_error != X509_V_OK) 2454 { 2455 BIO_printf(bio_err,"verify error:%s\n", 2456 X509_verify_cert_error_string(verify_error)); 2457 } 2458 else 2459 ERR_print_errors(bio_err); 2460 return(0); 2461 } 2462 2463 PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con)); 2464 2465 peer=SSL_get_peer_certificate(con); 2466 if (peer != NULL) 2467 { 2468 BIO_printf(bio_s_out,"Client certificate\n"); 2469 PEM_write_bio_X509(bio_s_out,peer); 2470 X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf); 2471 BIO_printf(bio_s_out,"subject=%s\n",buf); 2472 X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf); 2473 BIO_printf(bio_s_out,"issuer=%s\n",buf); 2474 X509_free(peer); 2475 } 2476 2477 if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL) 2478 BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); 2479 str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); 2480 BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); 2481 2482#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2483 SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); 2484 if (next_proto_neg) 2485 { 2486 BIO_printf(bio_s_out,"NEXTPROTO is "); 2487 BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); 2488 BIO_printf(bio_s_out, "\n"); 2489 } 2490#endif 2491#ifndef OPENSSL_NO_SRTP 2492 { 2493 SRTP_PROTECTION_PROFILE *srtp_profile 2494 = SSL_get_selected_srtp_profile(con); 2495 2496 if(srtp_profile) 2497 BIO_printf(bio_s_out,"SRTP Extension negotiated, profile=%s\n", 2498 srtp_profile->name); 2499 } 2500#endif 2501 if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n"); 2502 if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & 2503 TLS1_FLAGS_TLS_PADDING_BUG) 2504 BIO_printf(bio_s_out, 2505 "Peer has incorrect TLSv1 block padding\n"); 2506#ifndef OPENSSL_NO_KRB5 2507 client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con)); 2508 if (client_princ != NULL) 2509 { 2510 BIO_printf(bio_s_out,"Kerberos peer principal is %s\n", 2511 client_princ); 2512 } 2513#endif /* OPENSSL_NO_KRB5 */ 2514 BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", 2515 SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); 2516 if (keymatexportlabel != NULL) 2517 { 2518 BIO_printf(bio_s_out, "Keying material exporter:\n"); 2519 BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel); 2520 BIO_printf(bio_s_out, " Length: %i bytes\n", 2521 keymatexportlen); 2522 exportedkeymat = OPENSSL_malloc(keymatexportlen); 2523 if (exportedkeymat != NULL) 2524 { 2525 if (!SSL_export_keying_material(con, exportedkeymat, 2526 keymatexportlen, 2527 keymatexportlabel, 2528 strlen(keymatexportlabel), 2529 NULL, 0, 0)) 2530 { 2531 BIO_printf(bio_s_out, " Error\n"); 2532 } 2533 else 2534 { 2535 BIO_printf(bio_s_out, " Keying material: "); 2536 for (i=0; i<keymatexportlen; i++) 2537 BIO_printf(bio_s_out, "%02X", 2538 exportedkeymat[i]); 2539 BIO_printf(bio_s_out, "\n"); 2540 } 2541 OPENSSL_free(exportedkeymat); 2542 } 2543 } 2544 2545 return(1); 2546 } 2547 2548#ifndef OPENSSL_NO_DH 2549static DH *load_dh_param(const char *dhfile) 2550 { 2551 DH *ret=NULL; 2552 BIO *bio; 2553 2554 if ((bio=BIO_new_file(dhfile,"r")) == NULL) 2555 goto err; 2556 ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL); 2557err: 2558 if (bio != NULL) BIO_free(bio); 2559 return(ret); 2560 } 2561#endif 2562#ifndef OPENSSL_NO_KRB5 2563 char *client_princ; 2564#endif 2565 2566#if 0 2567static int load_CA(SSL_CTX *ctx, char *file) 2568 { 2569 FILE *in; 2570 X509 *x=NULL; 2571 2572 if ((in=fopen(file,"r")) == NULL) 2573 return(0); 2574 2575 for (;;) 2576 { 2577 if (PEM_read_X509(in,&x,NULL) == NULL) 2578 break; 2579 SSL_CTX_add_client_CA(ctx,x); 2580 } 2581 if (x != NULL) X509_free(x); 2582 fclose(in); 2583 return(1); 2584 } 2585#endif 2586 2587static int www_body(char *hostname, int s, unsigned char *context) 2588 { 2589 char *buf=NULL; 2590 int ret=1; 2591 int i,j,k,dot; 2592 SSL *con; 2593 const SSL_CIPHER *c; 2594 BIO *io,*ssl_bio,*sbio; 2595#ifndef OPENSSL_NO_KRB5 2596 KSSL_CTX *kctx; 2597#endif 2598 2599 buf=OPENSSL_malloc(bufsize); 2600 if (buf == NULL) return(0); 2601 io=BIO_new(BIO_f_buffer()); 2602 ssl_bio=BIO_new(BIO_f_ssl()); 2603 if ((io == NULL) || (ssl_bio == NULL)) goto err; 2604 2605#ifdef FIONBIO 2606 if (s_nbio) 2607 { 2608 unsigned long sl=1; 2609 2610 if (!s_quiet) 2611 BIO_printf(bio_err,"turning on non blocking io\n"); 2612 if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 2613 ERR_print_errors(bio_err); 2614 } 2615#endif 2616 2617 /* lets make the output buffer a reasonable size */ 2618 if (!BIO_set_write_buffer_size(io,bufsize)) goto err; 2619 2620 if ((con=SSL_new(ctx)) == NULL) goto err; 2621#ifndef OPENSSL_NO_TLSEXT 2622 if (s_tlsextdebug) 2623 { 2624 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2625 SSL_set_tlsext_debug_arg(con, bio_s_out); 2626 } 2627#endif 2628#ifndef OPENSSL_NO_KRB5 2629 if ((kctx = kssl_ctx_new()) != NULL) 2630 { 2631 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2632 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2633 } 2634#endif /* OPENSSL_NO_KRB5 */ 2635 if(context) SSL_set_session_id_context(con, context, 2636 strlen((char *)context)); 2637 2638 sbio=BIO_new_socket(s,BIO_NOCLOSE); 2639 if (s_nbio_test) 2640 { 2641 BIO *test; 2642 2643 test=BIO_new(BIO_f_nbio_test()); 2644 sbio=BIO_push(test,sbio); 2645 } 2646 SSL_set_bio(con,sbio,sbio); 2647 SSL_set_accept_state(con); 2648 2649 /* SSL_set_fd(con,s); */ 2650 BIO_set_ssl(ssl_bio,con,BIO_CLOSE); 2651 BIO_push(io,ssl_bio); 2652#ifdef CHARSET_EBCDIC 2653 io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io); 2654#endif 2655 2656 if (s_debug) 2657 { 2658 SSL_set_debug(con, 1); 2659 BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2660 BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2661 } 2662 if (s_msg) 2663 { 2664 SSL_set_msg_callback(con, msg_cb); 2665 SSL_set_msg_callback_arg(con, bio_s_out); 2666 } 2667 2668 for (;;) 2669 { 2670 if (hack) 2671 { 2672 i=SSL_accept(con); 2673#ifndef OPENSSL_NO_SRP 2674 while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2675 { 2676 BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login); 2677 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2678 if (srp_callback_parm.user) 2679 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2680 else 2681 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2682 i=SSL_accept(con); 2683 } 2684#endif 2685 switch (SSL_get_error(con,i)) 2686 { 2687 case SSL_ERROR_NONE: 2688 break; 2689 case SSL_ERROR_WANT_WRITE: 2690 case SSL_ERROR_WANT_READ: 2691 case SSL_ERROR_WANT_X509_LOOKUP: 2692 continue; 2693 case SSL_ERROR_SYSCALL: 2694 case SSL_ERROR_SSL: 2695 case SSL_ERROR_ZERO_RETURN: 2696 ret=1; 2697 goto err; 2698 /* break; */ 2699 } 2700 2701 SSL_renegotiate(con); 2702 SSL_write(con,NULL,0); 2703 } 2704 2705 i=BIO_gets(io,buf,bufsize-1); 2706 if (i < 0) /* error */ 2707 { 2708 if (!BIO_should_retry(io)) 2709 { 2710 if (!s_quiet) 2711 ERR_print_errors(bio_err); 2712 goto err; 2713 } 2714 else 2715 { 2716 BIO_printf(bio_s_out,"read R BLOCK\n"); 2717#if defined(OPENSSL_SYS_NETWARE) 2718 delay(1000); 2719#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) 2720 sleep(1); 2721#endif 2722 continue; 2723 } 2724 } 2725 else if (i == 0) /* end of input */ 2726 { 2727 ret=1; 2728 goto end; 2729 } 2730 2731 /* else we have data */ 2732 if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) || 2733 ((www == 2) && (strncmp("GET /stats ",buf,10) == 0))) 2734 { 2735 char *p; 2736 X509 *peer; 2737 STACK_OF(SSL_CIPHER) *sk; 2738 static const char *space=" "; 2739 2740 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2741 BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n"); 2742 BIO_puts(io,"<pre>\n"); 2743/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ 2744 BIO_puts(io,"\n"); 2745 for (i=0; i<local_argc; i++) 2746 { 2747 BIO_puts(io,local_argv[i]); 2748 BIO_write(io," ",1); 2749 } 2750 BIO_puts(io,"\n"); 2751 2752 BIO_printf(io, 2753 "Secure Renegotiation IS%s supported\n", 2754 SSL_get_secure_renegotiation_support(con) ? 2755 "" : " NOT"); 2756 2757 /* The following is evil and should not really 2758 * be done */ 2759 BIO_printf(io,"Ciphers supported in s_server binary\n"); 2760 sk=SSL_get_ciphers(con); 2761 j=sk_SSL_CIPHER_num(sk); 2762 for (i=0; i<j; i++) 2763 { 2764 c=sk_SSL_CIPHER_value(sk,i); 2765 BIO_printf(io,"%-11s:%-25s", 2766 SSL_CIPHER_get_version(c), 2767 SSL_CIPHER_get_name(c)); 2768 if ((((i+1)%2) == 0) && (i+1 != j)) 2769 BIO_puts(io,"\n"); 2770 } 2771 BIO_puts(io,"\n"); 2772 p=SSL_get_shared_ciphers(con,buf,bufsize); 2773 if (p != NULL) 2774 { 2775 BIO_printf(io,"---\nCiphers common between both SSL end points:\n"); 2776 j=i=0; 2777 while (*p) 2778 { 2779 if (*p == ':') 2780 { 2781 BIO_write(io,space,26-j); 2782 i++; 2783 j=0; 2784 BIO_write(io,((i%3)?" ":"\n"),1); 2785 } 2786 else 2787 { 2788 BIO_write(io,p,1); 2789 j++; 2790 } 2791 p++; 2792 } 2793 BIO_puts(io,"\n"); 2794 } 2795 BIO_printf(io,(SSL_cache_hit(con) 2796 ?"---\nReused, " 2797 :"---\nNew, ")); 2798 c=SSL_get_current_cipher(con); 2799 BIO_printf(io,"%s, Cipher is %s\n", 2800 SSL_CIPHER_get_version(c), 2801 SSL_CIPHER_get_name(c)); 2802 SSL_SESSION_print(io,SSL_get_session(con)); 2803 BIO_printf(io,"---\n"); 2804 print_stats(io,SSL_get_SSL_CTX(con)); 2805 BIO_printf(io,"---\n"); 2806 peer=SSL_get_peer_certificate(con); 2807 if (peer != NULL) 2808 { 2809 BIO_printf(io,"Client certificate\n"); 2810 X509_print(io,peer); 2811 PEM_write_bio_X509(io,peer); 2812 } 2813 else 2814 BIO_puts(io,"no client certificate available\n"); 2815 BIO_puts(io,"</BODY></HTML>\r\n\r\n"); 2816 break; 2817 } 2818 else if ((www == 2 || www == 3) 2819 && (strncmp("GET /",buf,5) == 0)) 2820 { 2821 BIO *file; 2822 char *p,*e; 2823 static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; 2824 2825 /* skip the '/' */ 2826 p= &(buf[5]); 2827 2828 dot = 1; 2829 for (e=p; *e != '\0'; e++) 2830 { 2831 if (e[0] == ' ') 2832 break; 2833 2834 switch (dot) 2835 { 2836 case 1: 2837 dot = (e[0] == '.') ? 2 : 0; 2838 break; 2839 case 2: 2840 dot = (e[0] == '.') ? 3 : 0; 2841 break; 2842 case 3: 2843 dot = (e[0] == '/') ? -1 : 0; 2844 break; 2845 } 2846 if (dot == 0) 2847 dot = (e[0] == '/') ? 1 : 0; 2848 } 2849 dot = (dot == 3) || (dot == -1); /* filename contains ".." component */ 2850 2851 if (*e == '\0') 2852 { 2853 BIO_puts(io,text); 2854 BIO_printf(io,"'%s' is an invalid file name\r\n",p); 2855 break; 2856 } 2857 *e='\0'; 2858 2859 if (dot) 2860 { 2861 BIO_puts(io,text); 2862 BIO_printf(io,"'%s' contains '..' reference\r\n",p); 2863 break; 2864 } 2865 2866 if (*p == '/') 2867 { 2868 BIO_puts(io,text); 2869 BIO_printf(io,"'%s' is an invalid path\r\n",p); 2870 break; 2871 } 2872 2873#if 0 2874 /* append if a directory lookup */ 2875 if (e[-1] == '/') 2876 strcat(p,"index.html"); 2877#endif 2878 2879 /* if a directory, do the index thang */ 2880 if (app_isdir(p)>0) 2881 { 2882#if 0 /* must check buffer size */ 2883 strcat(p,"/index.html"); 2884#else 2885 BIO_puts(io,text); 2886 BIO_printf(io,"'%s' is a directory\r\n",p); 2887 break; 2888#endif 2889 } 2890 2891 if ((file=BIO_new_file(p,"r")) == NULL) 2892 { 2893 BIO_puts(io,text); 2894 BIO_printf(io,"Error opening '%s'\r\n",p); 2895 ERR_print_errors(io); 2896 break; 2897 } 2898 2899 if (!s_quiet) 2900 BIO_printf(bio_err,"FILE:%s\n",p); 2901 2902 if (www == 2) 2903 { 2904 i=strlen(p); 2905 if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) || 2906 ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) || 2907 ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0))) 2908 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2909 else 2910 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); 2911 } 2912 /* send the file */ 2913 for (;;) 2914 { 2915 i=BIO_read(file,buf,bufsize); 2916 if (i <= 0) break; 2917 2918#ifdef RENEG 2919 total_bytes+=i; 2920 fprintf(stderr,"%d\n",i); 2921 if (total_bytes > 3*1024) 2922 { 2923 total_bytes=0; 2924 fprintf(stderr,"RENEGOTIATE\n"); 2925 SSL_renegotiate(con); 2926 } 2927#endif 2928 2929 for (j=0; j<i; ) 2930 { 2931#ifdef RENEG 2932{ static count=0; if (++count == 13) { SSL_renegotiate(con); } } 2933#endif 2934 k=BIO_write(io,&(buf[j]),i-j); 2935 if (k <= 0) 2936 { 2937 if (!BIO_should_retry(io)) 2938 goto write_error; 2939 else 2940 { 2941 BIO_printf(bio_s_out,"rwrite W BLOCK\n"); 2942 } 2943 } 2944 else 2945 { 2946 j+=k; 2947 } 2948 } 2949 } 2950write_error: 2951 BIO_free(file); 2952 break; 2953 } 2954 } 2955 2956 for (;;) 2957 { 2958 i=(int)BIO_flush(io); 2959 if (i <= 0) 2960 { 2961 if (!BIO_should_retry(io)) 2962 break; 2963 } 2964 else 2965 break; 2966 } 2967end: 2968#if 1 2969 /* make sure we re-use sessions */ 2970 SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2971#else 2972 /* This kills performance */ 2973/* SSL_shutdown(con); A shutdown gets sent in the 2974 * BIO_free_all(io) procession */ 2975#endif 2976 2977err: 2978 2979 if (ret >= 0) 2980 BIO_printf(bio_s_out,"ACCEPT\n"); 2981 2982 if (buf != NULL) OPENSSL_free(buf); 2983 if (io != NULL) BIO_free_all(io); 2984/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ 2985 return(ret); 2986 } 2987 2988#ifndef OPENSSL_NO_RSA 2989static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2990 { 2991 BIGNUM *bn = NULL; 2992 static RSA *rsa_tmp=NULL; 2993 2994 if (!rsa_tmp && ((bn = BN_new()) == NULL)) 2995 BIO_printf(bio_err,"Allocation error in generating RSA key\n"); 2996 if (!rsa_tmp && bn) 2997 { 2998 if (!s_quiet) 2999 { 3000 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); 3001 (void)BIO_flush(bio_err); 3002 } 3003 if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || 3004 !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) 3005 { 3006 if(rsa_tmp) RSA_free(rsa_tmp); 3007 rsa_tmp = NULL; 3008 } 3009 if (!s_quiet) 3010 { 3011 BIO_printf(bio_err,"\n"); 3012 (void)BIO_flush(bio_err); 3013 } 3014 BN_free(bn); 3015 } 3016 return(rsa_tmp); 3017 } 3018#endif 3019 3020#define MAX_SESSION_ID_ATTEMPTS 10 3021static int generate_session_id(const SSL *ssl, unsigned char *id, 3022 unsigned int *id_len) 3023 { 3024 unsigned int count = 0; 3025 do { 3026 RAND_pseudo_bytes(id, *id_len); 3027 /* Prefix the session_id with the required prefix. NB: If our 3028 * prefix is too long, clip it - but there will be worse effects 3029 * anyway, eg. the server could only possibly create 1 session 3030 * ID (ie. the prefix!) so all future session negotiations will 3031 * fail due to conflicts. */ 3032 memcpy(id, session_id_prefix, 3033 (strlen(session_id_prefix) < *id_len) ? 3034 strlen(session_id_prefix) : *id_len); 3035 } 3036 while(SSL_has_matching_session_id(ssl, id, *id_len) && 3037 (++count < MAX_SESSION_ID_ATTEMPTS)); 3038 if(count >= MAX_SESSION_ID_ATTEMPTS) 3039 return 0; 3040 return 1; 3041 } 3042