1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* apps/s_server.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * All rights reserved. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This package is an SSL implementation written 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * by Eric Young (eay@cryptsoft.com). 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The implementation was written so as to conform with Netscapes SSL. 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This library is free for commercial and non-commercial use as long as 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the following conditions are aheared to. The following conditions 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * apply to all code found in this distribution, be it the RC4, RSA, 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * included with this distribution is covered by the same copyright terms 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright remains Eric Young's, and as such any Copyright notices in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the code are not to be removed. 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If this package is used in a product, Eric Young should be given attribution 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as the author of the parts of the library used. 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This can be in the form of a textual message at program startup or 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in documentation (online or textual) provided with the package. 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the copyright 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in the 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * documentation and/or other materials provided with the distribution. 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this software 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * must display the following acknowledgement: 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes cryptographic software written by 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Eric Young (eay@cryptsoft.com)" 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The word 'cryptographic' can be left out if the rouines from the library 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * being used are not cryptographic related :-). 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. If you include any Windows specific code (or a derivative thereof) from 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the apps directory (application code) you must include an acknowledgement: 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUCH DAMAGE. 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The licence and distribution terms for any publically available version or 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * derivative of this code cannot be changed. i.e. this code cannot simply be 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * copied and put under another distribution licence 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * [including the GNU Public Licence.] 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 59221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * openssl-core@openssl.org. 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ECC cipher suite support in OpenSSL originally developed by 114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 116221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom/* ==================================================================== 117221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Copyright 2005 Nokia. All rights reserved. 118221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 119221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * The portions of the attached software ("Contribution") is developed by 120221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * license. 122221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 123221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * support (see RFC 4279) to OpenSSL. 126221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 127221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * No patent licenses or other rights except those expressly stated in 128221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * the OpenSSL open source license shall be deemed granted or received 129221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * expressly, by implication, estoppel, or otherwise. 130221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 131221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * No assurances are provided by Nokia that the Contribution does not 132221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * infringe the patent or other intellectual property rights of any third 133221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * party or that the license provides you with all the necessary rights 134221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * to make use of the Contribution. 135221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 136221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * OTHERWISE. 141221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom */ 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Until the key-gen callbacks are modified to use newer prototypes, we allow 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * deprecated functions for openssl-internal code */ 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_DEPRECATED 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef OPENSSL_NO_DEPRECATED 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <assert.h> 150221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#include <ctype.h> 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdlib.h> 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <string.h> 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/e_os2.h> 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_STDIO 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define APPS_WIN16 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */ 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <sys/types.h> 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* With IPv6, it looks like Digital has mixed up the proper order of 165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project recursive header file inclusion, resulting in the compiler complaining 166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which 167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project is needed to have fileno() declared correctly... So let's define u_int */ 168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define __U_INT 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef unsigned int u_int; 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/lhash.h> 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/bn.h> 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define USE_SOCKETS 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "apps.h" 177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/pem.h> 179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509.h> 180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ssl.h> 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rand.h> 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ocsp.h> 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/dh.h> 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rsa.h> 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 189392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 190392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/srp.h> 191392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "s_apps.h" 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "timeouts.h" 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef FIONBIO 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 200221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if defined(OPENSSL_SYS_BEOS_R5) 201221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#include <fcntl.h> 202221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 203221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int sv_body(char *hostname, int s, unsigned char *context); 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int www_body(char *hostname, int s, unsigned char *context); 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void close_accept_socket(void ); 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void sv_usage(void); 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int init_ssl_connection(SSL *s); 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_stats(BIO *bp,SSL_CTX *ctx); 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int generate_session_id(const SSL *ssl, unsigned char *id, 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int *id_len); 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic DH *load_dh_param(const char *dhfile); 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic DH *get_dh512(void); 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef MONOLITH 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void s_server_init(void); 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic unsigned char dh512_p[]={ 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, 229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, 230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, 231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0x47,0x74,0xE8,0x33, 232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }; 233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic unsigned char dh512_g[]={ 234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0x02, 235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }; 236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic DH *get_dh512(void) 238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH *dh=NULL; 240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((dh=DH_new()) == NULL) return(NULL); 242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); 243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); 244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((dh->p == NULL) || (dh->g == NULL)) 245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(NULL); 246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(dh); 247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* static int load_CA(SSL_CTX *ctx, char *file);*/ 252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef BUFSIZZ 254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define BUFSIZZ 16*1024 255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int bufsize=BUFSIZZ; 256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int accept_socket= -1; 257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define TEST_CERT "server.pem" 259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define TEST_CERT2 "server2.pem" 261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef PROG 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define PROG s_server_main 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 265221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromextern int verify_depth, verify_return_error; 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char *cipher=NULL; 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_server_verify=SSL_VERIFY_NONE; 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_server_session_id_context = 1; /* anything will do */ 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const char *s_cert_file=TEST_CERT,*s_key_file=NULL; 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL; 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char *s_dcert_file=NULL,*s_dkey_file=NULL; 275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_nbio=0; 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_nbio_test=0; 279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint s_crlf=0; 280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic SSL_CTX *ctx=NULL; 281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic SSL_CTX *ctx2=NULL; 283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int www=0; 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic BIO *bio_s_out=NULL; 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_debug=0; 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_tlsextdebug=0; 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_tlsextstatus=0; 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int cert_status_cb(SSL *s, void *arg); 292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_msg=0; 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_quiet=0; 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 296392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char *keymatexportlabel=NULL; 297392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int keymatexportlen=20; 298392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int hack=0; 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char *engine_id=NULL; 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const char *session_id_prefix=NULL; 304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int enable_timeouts = 0; 30698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromstatic long socket_mtu; 30798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#ifndef OPENSSL_NO_DTLS1 308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int cert_chain = 0; 30998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#endif 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 311392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 312221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 313221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic char *psk_identity="Client_identity"; 314221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromchar *psk_key=NULL; /* by default PSK is not used */ 315221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 316221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic unsigned int psk_server_cb(SSL *ssl, const char *identity, 317221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom unsigned char *psk, unsigned int max_psk_len) 318221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 319221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom unsigned int psk_len = 0; 320221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int ret; 321221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIGNUM *bn = NULL; 322221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 323221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 324221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out,"psk_server_cb\n"); 325221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!identity) 326221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 327221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"Error: client did not send PSK identity\n"); 328221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto out_err; 329221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 330221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 331221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out,"identity_len=%d identity=%s\n", 332221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom identity ? (int)strlen(identity) : 0, identity); 333221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 334221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* here we could lookup the given identity e.g. from a database */ 335221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (strcmp(identity, psk_identity) != 0) 336221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 337221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out, "PSK error: client identity not found" 338221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom " (got '%s' expected '%s')\n", identity, 339221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_identity); 340221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto out_err; 341221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 342221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 343221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out, "PSK client identity found\n"); 344221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 345221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* convert the PSK key to binary */ 346221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = BN_hex2bn(&bn, psk_key); 347221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!ret) 348221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 349221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key); 350221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (bn) 351221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BN_free(bn); 352221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 353221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 354221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (BN_num_bytes(bn) > (int)max_psk_len) 355221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 356221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n", 357221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom max_psk_len, BN_num_bytes(bn)); 358221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BN_free(bn); 359221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 360221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 361221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 362221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = BN_bn2bin(bn, psk); 363221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BN_free(bn); 364221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 365221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ret < 0) 366221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto out_err; 367221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_len = (unsigned int)ret; 368221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 369221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 370221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len); 371221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return psk_len; 372221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom out_err: 373221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 374221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, "Error in PSK server callback\n"); 375221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 376221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 377221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 379392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 380392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* This is a context that we pass to callbacks */ 381392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromtypedef struct srpsrvparm_st 382392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 383392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *login; 384392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRP_VBASE *vb; 385392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRP_user_pwd *user; 386392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } srpsrvparm; 387392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 388392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* This callback pretends to require some asynchronous logic in order to obtain 389392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom a verifier. When the callback is called for a new connection we return 390392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom with a negative value. This will provoke the accept etc to return with 391392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom an LOOKUP_X509. The main logic of the reinvokes the suspended call 392392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom (which would normally occur after a worker has finished) and we 393392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom set the user parameters. 394392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom*/ 395392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 396392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 397392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srpsrvparm *p = (srpsrvparm *)arg; 398392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (p->login == NULL && p->user == NULL ) 399392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 400392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom p->login = SSL_get_srp_username(s); 401392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login); 402392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return (-1) ; 403392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 404392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 405392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (p->user == NULL) 406392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 407392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "User %s doesn't exist\n", p->login); 408392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return SSL3_AL_FATAL; 409392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 410392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (SSL_set_srp_server_param(s, p->user->N, p->user->g, p->user->s, p->user->v, 411392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom p->user->info) < 0) 412392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 413392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom *ad = SSL_AD_INTERNAL_ERROR; 414392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return SSL3_AL_FATAL; 415392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 416392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "SRP parameters set: username = \"%s\" info=\"%s\" \n", p->login,p->user->info); 417392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* need to check whether there are memory leaks */ 418392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom p->user = NULL; 419392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom p->login = NULL; 420392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return SSL_ERROR_NONE; 421392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 422392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 423392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 424392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef MONOLITH 426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void s_server_init(void) 427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project accept_socket=-1; 429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cipher=NULL; 430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_server_verify=SSL_VERIFY_NONE; 431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert_file=NULL; 432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_file=NULL; 433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file=TEST_CERT; 434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file=NULL; 435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file2=TEST_CERT2; 437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file2=NULL; 438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx2=NULL; 439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio=0; 442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio_test=0; 444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx=NULL; 445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project www=0; 446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_s_out=NULL; 448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_debug=0; 449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_msg=0; 450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_quiet=0; 451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project hack=0; 452656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 453656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project engine_id=NULL; 454656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 455656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 456656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void sv_usage(void) 459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"usage: s_server [args ...]\n"); 461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"\n"); 462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -accept arg - port to accept on (default is %d)\n",PORT); 463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -context arg - set session ID context\n"); 464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); 465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); 466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cert arg - certificate file to use\n"); 467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," (default is %s)\n",TEST_CERT); 468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \ 469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " The CRL(s) are appended to the certificate file\n"); 470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \ 471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " or any other CRL in the CA chain. CRL(s) are appened to the\n" \ 472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " the certificate file.\n"); 473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n"); 475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT); 476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); 477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n"); 479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n"); 480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n"); 481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); 482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n"); 483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n"); 484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," or a default set of parameters is used\n"); 485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " Use \"openssl ecparam -list_curves\" for all names\n" \ 488221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom " (default is nistp256).\n"); 489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n"); 494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -debug - Print more output\n"); 496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -msg - Show protocol messages\n"); 497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -state - Print the SSL states\n"); 498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); 501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); 502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); 503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -quiet - No server output\n"); 504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); 505221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 506221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n"); 507221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); 508221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom# ifndef OPENSSL_NO_JPAKE 509221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); 510221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom# endif 511221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 512392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 513392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n"); 514392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n"); 515392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); 517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); 518392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n"); 519392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n"); 520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); 521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); 522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -timeout - Enable timeouts\n"); 52398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err," -mtu - Set link layer MTU\n"); 524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -chain - Read a certificate chain\n"); 525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); 526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); 527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); 528392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -no_tls1_1 - Just disable TLSv1.1\n"); 529392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -no_tls1_2 - Just disable TLSv1.2\n"); 530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); 532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n"); 535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); 537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); 538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); 541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); 545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n"); 548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); 549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n"); 550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); 551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); 552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); 553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); 554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); 55598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 556bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 557bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); 558bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 559eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom# ifndef OPENSSL_NO_SRTP 560392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 561eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom# endif 562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 563392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); 564392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int local_argc=0; 568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char **local_argv; 569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_new(BIO *bi); 572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_free(BIO *a); 573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_read(BIO *b, char *out, int outl); 574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_write(BIO *b, const char *in, int inl); 575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr); 576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_gets(BIO *bp, char *buf, int size); 577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_puts(BIO *bp, const char *str); 578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define BIO_TYPE_EBCDIC_FILTER (18|0x0200) 580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic BIO_METHOD methods_ebcdic= 581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_TYPE_EBCDIC_FILTER, 583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "EBCDIC/ASCII filter", 584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_write, 585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_read, 586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_puts, 587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_gets, 588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_ctrl, 589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_new, 590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_free, 591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }; 592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct 594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project size_t alloced; 596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char buff[1]; 597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} EBCDIC_OUTBUFF; 598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectBIO_METHOD *BIO_f_ebcdic_filter() 600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(&methods_ebcdic); 602656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_new(BIO *bi) 605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EBCDIC_OUTBUFF *wbuf; 607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); 609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf->alloced = 1024; 610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf->buff[0] = '\0'; 611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bi->ptr=(char *)wbuf; 613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bi->init=1; 614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bi->flags=0; 615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_free(BIO *a) 619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (a == NULL) return(0); 621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (a->ptr != NULL) 622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(a->ptr); 623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project a->ptr=NULL; 624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project a->init=0; 625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project a->flags=0; 626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 627656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 628656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 629656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_read(BIO *b, char *out, int outl) 630656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=0; 632656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (out == NULL || outl == 0) return(0); 634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b->next_bio == NULL) return(0); 635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=BIO_read(b->next_bio,out,outl); 637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret > 0) 638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ascii2ebcdic(out,out,ret); 639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_write(BIO *b, const char *in, int inl) 643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EBCDIC_OUTBUFF *wbuf; 645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=0; 646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int num; 647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char n; 648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((in == NULL) || (inl <= 0)) return(0); 650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b->next_bio == NULL) return(0); 651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf=(EBCDIC_OUTBUFF *)b->ptr; 653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inl > (num = wbuf->alloced)) 655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project num = num + num; /* double the size */ 657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (num < inl) 658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project num = inl; 659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(wbuf); 660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); 661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf->alloced = num; 663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf->buff[0] = '\0'; 664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project b->ptr=(char *)wbuf; 666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic2ascii(wbuf->buff, in, inl); 669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=BIO_write(b->next_bio, wbuf->buff, inl); 671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 675656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr) 676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 677656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long ret; 678656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 679656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b->next_bio == NULL) return(0); 680656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (cmd) 681656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 682656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case BIO_CTRL_DUP: 683656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=0L; 684656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 685656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project default: 686656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 687656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 688656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 689656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 690656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 691656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 692656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_gets(BIO *bp, char *buf, int size) 693656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i, ret=0; 695656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bp->next_bio == NULL) return(0); 696656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* return(BIO_gets(bp->next_bio,buf,size));*/ 697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<size-1; ++i) 698656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = ebcdic_read(bp,&buf[i],1); 700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret <= 0) 701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (buf[i] == '\n') 703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ++i; 705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i < size) 709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[i] = '\0'; 710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return (ret < 0 && i == 0) ? ret : i; 711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_puts(BIO *bp, const char *str) 714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bp->next_bio == NULL) return(0); 716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ebcdic_write(bp, str, strlen(str)); 717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 719656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 720656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 721656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 722656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* This is a context that we pass to callbacks */ 723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct tlsextctx_st { 724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char * servername; 725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO * biodebug; 726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int extension_error; 727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} tlsextctx; 728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextctx * p = (tlsextctx *) arg; 733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (servername && p->biodebug) 735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername); 736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!p->servername) 738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return SSL_TLSEXT_ERR_NOACK; 739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (servername) 741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strcmp(servername,p->servername)) 743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return p->extension_error; 744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 746221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(p->biodebug,"Switching server context.\n"); 747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_SSL_CTX(s,ctx2); 748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return SSL_TLSEXT_ERR_OK; 751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Structure passed to cert status callback */ 754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct tlsextstatusctx_st { 756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Default responder to use */ 757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *host, *path, *port; 758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int use_ssl; 759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int timeout; 760656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *err; 761656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int verbose; 762656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} tlsextstatusctx; 763656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 764656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0}; 765656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 766656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Certificate Status callback. This is called when a client includes a 767656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * certificate status request extension. 768656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 769656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This is a simplified version. It examines certificates each time and 770656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * makes one OCSP responder query for each request. 771656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 772656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * A full version would store details such as the OCSP certificate IDs and 773656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * minimise the number of OCSP responses by caching them until they were 774656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * considered "expired". 775656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 776656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 777656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int cert_status_cb(SSL *s, void *arg) 778656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 779656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextstatusctx *srctx = arg; 780656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *err = srctx->err; 781656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *host, *port, *path; 782656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int use_ssl; 783656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char *rspder = NULL; 784656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int rspderlen; 785221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(OPENSSL_STRING) *aia = NULL; 786656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *x = NULL; 787656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_STORE_CTX inctx; 788656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_OBJECT obj; 789656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_REQUEST *req = NULL; 790656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE *resp = NULL; 791656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_CERTID *id = NULL; 792656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(X509_EXTENSION) *exts; 793656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret = SSL_TLSEXT_ERR_NOACK; 794656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 795656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 796656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectSTACK_OF(OCSP_RESPID) *ids; 797656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectSSL_get_tlsext_status_ids(s, &ids); 798656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectBIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); 799656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 800656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (srctx->verbose) 801656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: callback called\n"); 802656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Build up OCSP query from server certificate */ 803656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project x = SSL_get_certificate(s); 804656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project aia = X509_get1_ocsp(x); 805656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (aia) 806656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 807221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), 808656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &host, &port, &path, &use_ssl)) 809656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 810656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: can't parse AIA URL\n"); 811656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (srctx->verbose) 814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(err, "cert_status: AIA URL: %s\n", 815221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sk_OPENSSL_STRING_value(aia, 0)); 816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 819656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!srctx->host) 820656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 821656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n"); 822656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto done; 823656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project host = srctx->host; 825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project path = srctx->path; 826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project port = srctx->port; 827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project use_ssl = srctx->use_ssl; 828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_STORE_CTX_init(&inctx, 831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), 832656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, NULL)) 833656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 834656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (X509_STORE_get_by_subject(&inctx,X509_LU_X509, 835656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_get_issuer_name(x),&obj) <= 0) 836656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 837656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); 838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_STORE_CTX_cleanup(&inctx); 839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto done; 840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 841656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req = OCSP_REQUEST_new(); 842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!req) 843656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project id = OCSP_cert_to_id(NULL, x, obj.data.x509); 845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(obj.data.x509); 846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_STORE_CTX_cleanup(&inctx); 847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!id) 848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 849656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!OCSP_request_add0_id(req, id)) 850656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 851656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project id = NULL; 852656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Add any extensions to the request */ 853656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_get_tlsext_status_exts(s, &exts); 854656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) 855656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 856656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); 857656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!OCSP_REQUEST_add_ext(req, ext, -1)) 858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 860221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom resp = process_responder(err, req, host, path, port, use_ssl, NULL, 861656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project srctx->timeout); 862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!resp) 863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: error querying responder\n"); 865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto done; 866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); 868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (rspderlen <= 0) 869656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 870656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); 871656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (srctx->verbose) 872656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 873656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: ocsp response sent:\n"); 874656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE_print(err, resp, 2); 875656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 876656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = SSL_TLSEXT_ERR_OK; 877656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project done: 878656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret != SSL_TLSEXT_ERR_OK) 879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(err); 880656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (aia) 881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 882656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(host); 883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(path); 884656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(port); 885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_email_free(aia); 886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (id) 888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_CERTID_free(id); 889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (req) 890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_REQUEST_free(req); 891656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (resp) 892656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE_free(resp); 893656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 894656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project err: 895656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = SSL_TLSEXT_ERR_ALERT_FATAL; 896656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto done; 897656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 898bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 899bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 900bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen/* This is the context that we pass to next_proto_cb */ 901bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsentypedef struct tlsextnextprotoctx_st { 902bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned char *data; 903bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned int len; 904bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen} tlsextnextprotoctx; 905bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 906bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsenstatic int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 907bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 908bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen tlsextnextprotoctx *next_proto = arg; 909bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 910bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen *data = next_proto->data; 911bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen *len = next_proto->len; 912bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 913bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen return SSL_TLSEXT_ERR_OK; 914bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 915392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 916392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 917392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 918656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 919221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 920656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int, char **); 921656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 922e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 923e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugustatic char *jpake_secret = NULL; 924e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 925392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 926392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom static srpsrvparm srp_callback_parm; 927392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 928eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 929392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char *srtp_profiles = NULL; 930eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 931e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int argc, char *argv[]) 933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 934221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_VERIFY_PARAM *vpm = NULL; 935221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int badarg = 0; 936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project short port=PORT; 937656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *CApath=NULL,*CAfile=NULL; 938656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char *context = NULL; 939656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *dhfile = NULL; 940656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *named_curve = NULL; 942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int badop=0,bugs=0; 944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=1; 945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int off=0; 946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0; 947656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int state=0; 948221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const SSL_METHOD *meth=NULL; 949221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int socket_type=SOCK_STREAM; 950656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ENGINE *e=NULL; 951656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *inrand=NULL; 952656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; 953656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *passarg = NULL, *pass = NULL; 954656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *dpassarg = NULL, *dpass = NULL; 955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; 956656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *s_cert = NULL, *s_dcert = NULL; 957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *s_key = NULL, *s_dkey = NULL; 95898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom int no_cache = 0; 959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *s_key2 = NULL; 961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *s_cert2 = NULL; 962656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; 963bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 964bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen const char *next_proto_neg_in = NULL; 965bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen tlsextnextprotoctx next_proto; 966bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 967656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 968221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 969221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* by default do not send a PSK identity hint */ 970221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom static char *psk_identity_hint=NULL; 971221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 972392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 973392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srpuserseed = NULL; 974392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srp_verifier_file = NULL; 975392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 976656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv23_server_method(); 977656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 978656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project local_argc=argc; 979656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project local_argv=argv; 980656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 981656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_startup(); 982656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef MONOLITH 983656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_server_init(); 984656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 985656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 986656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_err == NULL) 987656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 988656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 989656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!load_config(bio_err, NULL)) 990656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 991656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 992656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=0; 993656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio=0; 995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio_test=0; 997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 1000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (argc >= 1) 1002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((strcmp(*argv,"-port") == 0) || 1004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (strcmp(*argv,"-accept") == 0)) 1005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1007656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!extract_port(*(++argv),&port)) 1008656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 1009656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1010656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-verify") == 0) 1011656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1012656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE; 1013656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1014656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=atoi(*(++argv)); 1015656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify depth is %d\n",verify_depth); 1016656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1017656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-Verify") == 0) 1018656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1019656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT| 1020656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_VERIFY_CLIENT_ONCE; 1021656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1022656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=atoi(*(++argv)); 1023656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth); 1024656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1025656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-context") == 0) 1026656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1027656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project context= (unsigned char *)*(++argv); 1029656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1030656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cert") == 0) 1031656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1032656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1033656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file= *(++argv); 1034656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1035656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-certform") == 0) 1036656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1037656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1038656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_format = str2fmt(*(++argv)); 1039656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1040656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-key") == 0) 1041656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1042656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1043656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file= *(++argv); 1044656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1045656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-keyform") == 0) 1046656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1047656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1048656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_format = str2fmt(*(++argv)); 1049656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1050656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-pass") == 0) 1051656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1052656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1053656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project passarg = *(++argv); 1054656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1055656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dhparam") == 0) 1056656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1057656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1058656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dhfile = *(++argv); 1059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1060656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 1061656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-named_curve") == 0) 1062656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1063656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1064656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project named_curve = *(++argv); 1065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dcertform") == 0) 1068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert_format = str2fmt(*(++argv)); 1071656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dcert") == 0) 1073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert_file= *(++argv); 1076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dkeyform") == 0) 1078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_format = str2fmt(*(++argv)); 1081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1082656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dpass") == 0) 1083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1084656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dpassarg = *(++argv); 1086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dkey") == 0) 1088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_file= *(++argv); 1091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nocert") == 0) 1093656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1094656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project nocert=1; 1095656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1096656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-CApath") == 0) 1097656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1098656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1099656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CApath= *(++argv); 1100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 110198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-no_cache") == 0) 110298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom no_cache = 1; 1103221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) 1104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1105221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (badarg) 1106221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto bad; 1107221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom continue; 1108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1109221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-verify_return_error") == 0) 1110221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom verify_return_error = 1; 1111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-serverpref") == 0) 1112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } 111398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-legacy_renegotiation") == 0) 111498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 1115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cipher") == 0) 1116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cipher= *(++argv); 1119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-CAfile") == 0) 1121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CAfile= *(++argv); 1124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 1126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nbio") == 0) 1127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_nbio=1; } 1128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nbio_test") == 0) 1130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 1132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio=1; 1133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio_test=1; 1135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-debug") == 0) 1137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_debug=1; } 1138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-tlsextdebug") == 0) 1140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextdebug=1; 1141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-status") == 0) 1142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextstatus=1; 1143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-status_verbose") == 0) 1144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextstatus=1; 1146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlscstatp.verbose = 1; 1147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!strcmp(*argv, "-status_timeout")) 1149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextstatus=1; 1151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlscstatp.timeout = atoi(*(++argv)); 1153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!strcmp(*argv, "-status_url")) 1155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextstatus=1; 1157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!OCSP_parse_url(*(++argv), 1159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &tlscstatp.host, 1160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &tlscstatp.port, 1161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &tlscstatp.path, 1162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &tlscstatp.use_ssl)) 1163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error parsing URL\n"); 1165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 1166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-msg") == 0) 1170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_msg=1; } 1171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-hack") == 0) 1172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { hack=1; } 1173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-state") == 0) 1174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { state=1; } 1175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-crlf") == 0) 1176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_crlf=1; } 1177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-quiet") == 0) 1178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_quiet=1; } 1179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-bugs") == 0) 1180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { bugs=1; } 1181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_tmp_rsa") == 0) 1182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { no_tmp_rsa=1; } 1183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_dhe") == 0) 1184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { no_dhe=1; } 1185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ecdhe") == 0) 1186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { no_ecdhe=1; } 1187221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 1188221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-psk_hint") == 0) 1189221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1190221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (--argc < 1) goto bad; 1191221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_identity_hint= *(++argv); 1192221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1193221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-psk") == 0) 1194221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1195221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom size_t i; 1196221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1197221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (--argc < 1) goto bad; 1198221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_key=*(++argv); 1199221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for (i=0; i<strlen(psk_key); i++) 1200221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 12017d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom if (isxdigit((unsigned char)psk_key[i])) 1202221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom continue; 1203221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); 1204221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto bad; 1205221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1206221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1207221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1208392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 1209392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv, "-srpvfile") == 0) 1210392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1211392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 1212392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_verifier_file = *(++argv); 121304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom meth = TLSv1_server_method(); 1214392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1215392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv, "-srpuserseed") == 0) 1216392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1217392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 1218392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srpuserseed = *(++argv); 121904ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom meth = TLSv1_server_method(); 1220392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1221392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-www") == 0) 1223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { www=1; } 1224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-WWW") == 0) 1225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { www=2; } 1226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-HTTP") == 0) 1227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { www=3; } 1228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ssl2") == 0) 1229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_SSLv2; } 1230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ssl3") == 0) 1231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_SSLv3; } 1232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_tls1") == 0) 1233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_TLSv1; } 1234392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-no_tls1_1") == 0) 1235392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { off|=SSL_OP_NO_TLSv1_1; } 1236392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-no_tls1_2") == 0) 1237392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { off|=SSL_OP_NO_TLSv1_2; } 1238221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-no_comp") == 0) 1239221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { off|=SSL_OP_NO_COMPRESSION; } 1240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ticket") == 0) 1242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_TICKET; } 1243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_SSL2 1245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ssl2") == 0) 1246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { meth=SSLv2_server_method(); } 1247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_SSL3 1249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ssl3") == 0) 1250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { meth=SSLv3_server_method(); } 1251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLS1 1253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-tls1") == 0) 1254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { meth=TLSv1_server_method(); } 1255392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-tls1_1") == 0) 1256392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { meth=TLSv1_1_server_method(); } 1257392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-tls1_2") == 0) 1258392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { meth=TLSv1_2_server_method(); } 1259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DTLS1 1261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dtls1") == 0) 1262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=DTLSv1_server_method(); 1264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project socket_type = SOCK_DGRAM; 1265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-timeout") == 0) 1267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project enable_timeouts = 1; 1268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-mtu") == 0) 1269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 127198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom socket_mtu = atol(*(++argv)); 1272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv, "-chain") == 0) 1274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cert_chain = 1; 1275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv, "-id_prefix") == 0) 1277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project session_id_prefix = *(++argv); 1280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 1282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-engine") == 0) 1283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project engine_id= *(++argv); 1286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-rand") == 0) 1289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inrand= *(++argv); 1292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-servername") == 0) 1295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextcbp.servername= *(++argv); 1298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-servername_fatal") == 0) 1300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; } 1301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cert2") == 0) 1302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file2= *(++argv); 1305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-key2") == 0) 1307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file2= *(++argv); 1310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1311bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 1312bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen else if (strcmp(*argv,"-nextprotoneg") == 0) 1313bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 1314bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (--argc < 1) goto bad; 1315bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto_neg_in = *(++argv); 1316bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 1317bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 1318e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 1319221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1320e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv,"-jpake") == 0) 1321e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1322e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (--argc < 1) goto bad; 1323e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu jpake_secret = *(++argv); 1324e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1326eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 1327392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-use_srtp") == 0) 1328392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1329392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 1330392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srtp_profiles = *(++argv); 1331392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1332eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 1333392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-keymatexport") == 0) 1334392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1335392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 1336392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlabel= *(++argv); 1337392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1338392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-keymatexportlen") == 0) 1339392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1340392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 1341392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlen=atoi(*(++argv)); 1342392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (keymatexportlen == 0) goto bad; 1343392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unknown option %s\n",*argv); 1347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project badop=1; 1348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 1351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 1352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (badop) 1354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectbad: 1356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sv_usage(); 1357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1360221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1361221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (jpake_secret) 1362221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1363221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (psk_key) 1364221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1365221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, 1366221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom "Can't use JPAKE and PSK together\n"); 1367221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 1368221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1369221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_identity = "JPAKE"; 1370221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (cipher) 1371221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1372221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1373221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 1374221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1375221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom cipher = "PSK"; 1376221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1377221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1378221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1379221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_load_error_strings(); 1381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OpenSSL_add_ssl_algorithms(); 1382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 1384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project e = setup_engine(bio_err, engine_id, 1); 1385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) 1388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error getting password\n"); 1390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_key_file == NULL) 1395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file = s_cert_file; 1396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_key_file2 == NULL) 1398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file2 = s_cert_file2; 1399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nocert == 0) 1402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, 1404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "server certificate private key file"); 1405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_key) 1406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert = load_cert(bio_err,s_cert_file,s_cert_format, 1412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, e, "server certificate file"); 1413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_cert) 1415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tlsextcbp.servername) 1422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, 1424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "second server certificate private key file"); 1425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_key2) 1426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert2 = load_cert(bio_err,s_cert_file2,s_cert_format, 1432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, e, "second server certificate file"); 1433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_cert2) 1435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1442221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 144304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 144404ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (next_proto_neg_in) 144504ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom { 144604ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom unsigned short len; 144704ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom next_proto.data = next_protos_parse(&len, next_proto_neg_in); 144804ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (next_proto.data == NULL) 144904ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom goto end; 145004ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom next_proto.len = len; 145104ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom } 145204ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom else 145304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom { 145404ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom next_proto.data = NULL; 145504ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom } 145604ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom#endif 145704ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom 1458221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dcert_file) 1460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dkey_file == NULL) 1463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_file = s_dcert_file; 1464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, 1466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, dpass, e, 1467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "second certificate private key file"); 1468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_dkey) 1469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert = load_cert(bio_err,s_dcert_file,s_dcert_format, 1475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, e, "second server certificate file"); 1476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_dcert) 1478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project && !RAND_status()) 1487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 1489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inrand != NULL) 1491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 1492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project app_RAND_load_files(inrand)); 1493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_s_out == NULL) 1495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_quiet && !s_debug && !s_msg) 1497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_s_out=BIO_new(BIO_s_null()); 1499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_s_out == NULL) 1503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE); 1504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) 1508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nocert) 1509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file=NULL; 1512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file=NULL; 1513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert_file=NULL; 1514656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_file=NULL; 1515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file2=NULL; 1517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file2=NULL; 1518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx=SSL_CTX_new(meth); 1522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx == NULL) 1523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (session_id_prefix) 1528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(strlen(session_id_prefix) >= 32) 1530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project"warning: id_prefix is too long, only one new session will be possible\n"); 1532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if(strlen(session_id_prefix) >= 16) 1533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project"warning: id_prefix is too long if you use SSLv2\n"); 1535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) 1536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_quiet_shutdown(ctx,1); 1544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); 1545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_options(ctx,off); 1547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* DTLS: partial reads end up discarding unread UDP bytes :-( 1548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Setting read ahead solves this problem. 1549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); 1551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); 155398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (no_cache) 155498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); 155598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else 155698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_sess_set_cache_size(ctx,128); 1557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1558eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 1559392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srtp_profiles != NULL) 1560392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1561eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 1562392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 1564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cipher == NULL) cipher=getenv("SSL_CIPHER"); 1565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 1568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_cert_file == NULL) 1569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"You must specify a certificate file for the server to use\n"); 1571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || 1576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (!SSL_CTX_set_default_verify_paths(ctx))) 1577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ 1579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* goto end; */ 1581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1582221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (vpm) 1583221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_CTX_set1_param(ctx, vpm); 1584221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_cert2) 1587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx2=SSL_CTX_new(meth); 1589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2 == NULL) 1590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Setting secondary ctx parameters\n"); 1599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (session_id_prefix) 1601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1602656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(strlen(session_id_prefix) >= 32) 1603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "warning: id_prefix is too long, only one new session will be possible\n"); 1605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if(strlen(session_id_prefix) >= 16) 1606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "warning: id_prefix is too long if you use SSLv2\n"); 1608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) 1609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_quiet_shutdown(ctx2,1); 1617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL); 1618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_options(ctx2,off); 1620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* DTLS: partial reads end up discarding unread UDP bytes :-( 1621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Setting read ahead solves this problem. 1622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1); 1624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback); 1626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 162798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (no_cache) 162898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_set_session_cache_mode(ctx2,SSL_SESS_CACHE_OFF); 162998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else 163098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_sess_set_cache_size(ctx2,128); 1631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1632656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) || 1633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (!SSL_CTX_set_default_verify_paths(ctx2))) 1634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1637221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (vpm) 1638221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_CTX_set1_param(ctx2, vpm); 1639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1640bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 1641bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 1642bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto.data) 1643bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); 1644bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 1645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 1648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!no_dhe) 1649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH *dh=NULL; 1651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dhfile) 1653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh = load_dh_param(dhfile); 1654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (s_cert_file) 1655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh = load_dh_param(s_cert_file); 1656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dh != NULL) 1658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Using default temp DH parameters\n"); 1664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh=get_dh512(); 1665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_s_out); 1667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_dh(ctx,dh); 1669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!dhfile) 1673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH *dh2=load_dh_param(s_cert_file2); 1675656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dh2 != NULL) 1676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1677656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1678656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_s_out); 1679656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1680656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH_free(dh); 1681656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh = dh2; 1682656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1683656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1684656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_dh(ctx2,dh); 1685656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1686656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1687656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH_free(dh); 1688656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1689656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1690656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1691656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 1692656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!no_ecdhe) 1693656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY *ecdh=NULL; 1695656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1696656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (named_curve) 1697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1698656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int nid = OBJ_sn2nid(named_curve); 1699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nid == 0) 1701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "unknown curve name (%s)\n", 1703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project named_curve); 1704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ecdh = EC_KEY_new_by_curve_name(nid); 1707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ecdh == NULL) 1708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "unable to create curve (%s)\n", 1710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project named_curve); 1711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ecdh != NULL) 1716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Setting temp ECDH parameters\n"); 1718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1719656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1720656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1721656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Using default temp ECDH parameters\n"); 1722221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); 1723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ecdh == NULL) 1724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1725221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, "unable to create curve (nistp256)\n"); 1726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_s_out); 1730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_ecdh(ctx,ecdh); 1732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_ecdh(ctx2,ecdh); 1735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY_free(ecdh); 1737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 174004ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (!set_cert_key_stuff(ctx, s_cert, s_key)) 1741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2)) 1744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dcert != NULL) 1747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 174804ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (!set_cert_key_stuff(ctx, s_dcert, s_dkey)) 1749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 1753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 1 1754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!no_tmp_rsa) 1755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); 1757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb); 1760221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1761656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1762656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1763656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) 1764656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1765656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RSA *rsa; 1766656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1767656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key..."); 1768656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_flush(bio_s_out); 1769656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1770656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rsa=RSA_generate_key(512,RSA_F4,NULL); 1771656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1772656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!SSL_CTX_set_tmp_rsa(ctx,rsa)) 1773656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1774656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1775656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1776656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1777656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1778656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1779656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1780656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!SSL_CTX_set_tmp_rsa(ctx2,rsa)) 1781656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1782656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1783656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1784656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1785656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1786656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1787656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RSA_free(rsa); 1788656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"\n"); 1789656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1790656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1791656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1792656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1793221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 1794221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifdef OPENSSL_NO_JPAKE 1795221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (psk_key != NULL) 1796221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#else 1797221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (psk_key != NULL || jpake_secret) 1798221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1799221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1800221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 1801221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n"); 1802221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); 1803221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1804221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1805221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) 1806221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1807221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"error setting PSK identity hint to context\n"); 1808656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1809656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1810221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1811221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1812221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1813221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (cipher != NULL) 1814221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1815221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!SSL_CTX_set_cipher_list(ctx,cipher)) 1816221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1817221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"error setting cipher list\n"); 1818221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_print_errors(bio_err); 1819221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 1820221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1821656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1822656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher)) 1823656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error setting cipher list\n"); 1825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1829221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_verify(ctx,s_server_verify,verify_callback); 1831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context, 1832656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sizeof s_server_session_id_context); 1833656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 183498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom /* Set DTLS cookie generation and verification callbacks */ 183598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); 183698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); 183798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 1838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1841656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback); 1842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context, 1843656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sizeof s_server_session_id_context); 1844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextcbp.biodebug = bio_s_out; 1846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); 1847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); 1848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1849656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1850656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1851656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1852221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1853392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 1854392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_verifier_file != NULL) 1855392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1856392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_callback_parm.vb = SRP_VBASE_new(srpuserseed); 1857392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_callback_parm.user = NULL; 1858392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_callback_parm.login = NULL; 1859392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((ret = SRP_VBASE_init(srp_callback_parm.vb, srp_verifier_file)) != SRP_NO_ERROR) 1860392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1861392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, 1862392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom "Cannot initialize SRP verifier file \"%s\":ret=%d\n", 1863392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_verifier_file, ret); 1864392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto end; 1865392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1866392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE,verify_callback); 1867392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm); 1868392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb); 1869392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1870392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 1871392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1872656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (CAfile != NULL) 1873656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1874656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); 1875656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1876656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1877656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile)); 1878656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1880221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ACCEPT\n"); 1882221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (void)BIO_flush(bio_s_out); 1883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (www) 1884656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do_server(port,socket_type,&accept_socket,www_body, context); 1885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do_server(port,socket_type,&accept_socket,sv_body, context); 1887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_stats(bio_s_out,ctx); 1888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=0; 1889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectend: 1890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx != NULL) SSL_CTX_free(ctx); 1891656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_cert) 1892656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(s_cert); 1893656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dcert) 1894656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(s_dcert); 1895656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_key) 1896656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(s_key); 1897656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dkey) 1898656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(s_dkey); 1899656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pass) 1900656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(pass); 1901656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dpass) 1902656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(dpass); 190304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (vpm) 190404ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom X509_VERIFY_PARAM_free(vpm); 1905656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 190604ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (tlscstatp.host) 190704ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom OPENSSL_free(tlscstatp.host); 190804ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (tlscstatp.port) 190904ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom OPENSSL_free(tlscstatp.port); 191004ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (tlscstatp.path) 191104ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom OPENSSL_free(tlscstatp.path); 1912656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2 != NULL) SSL_CTX_free(ctx2); 1913656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_cert2) 1914656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(s_cert2); 1915656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_key2) 1916656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(s_key2); 1917656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1918656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_s_out != NULL) 1919656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1920656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(bio_s_out); 1921656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_s_out=NULL; 1922656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1923656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_shutdown(); 1924656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_EXIT(ret); 1925656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_stats(BIO *bio, SSL_CTX *ssl_ctx) 1928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld items in the session cache\n", 1930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_number(ssl_ctx)); 1931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld client connects (SSL_connect())\n", 1932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_connect(ssl_ctx)); 1933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld client renegotiates (SSL_connect())\n", 1934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_connect_renegotiate(ssl_ctx)); 1935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld client connects that finished\n", 1936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_connect_good(ssl_ctx)); 1937656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld server accepts (SSL_accept())\n", 1938656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_accept(ssl_ctx)); 1939656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld server renegotiates (SSL_accept())\n", 1940656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_accept_renegotiate(ssl_ctx)); 1941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld server accepts that finished\n", 1942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_accept_good(ssl_ctx)); 1943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld session cache hits\n",SSL_CTX_sess_hits(ssl_ctx)); 1944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld session cache misses\n",SSL_CTX_sess_misses(ssl_ctx)); 1945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx)); 1946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx)); 1947656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld cache full overflows (%ld allowed)\n", 1948656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_cache_full(ssl_ctx), 1949656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_get_cache_size(ssl_ctx)); 1950656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1951656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1952656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int sv_body(char *hostname, int s, unsigned char *context) 1953656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1954656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *buf=NULL; 1955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fd_set readfds; 1956656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=1,width; 1957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int k,i; 1958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long l; 1959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL *con=NULL; 1960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *sbio; 1961392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_KRB5 1962392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom KSSL_CTX *kctx; 1963392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 196498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom struct timeval timeout; 1965221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1966656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project struct timeval tv; 196798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#else 196898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom struct timeval *timeoutp; 1969656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1970656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1971656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((buf=OPENSSL_malloc(bufsize)) == NULL) 1972656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1973656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"out of memory\n"); 1974656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 1975656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1976656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 1977656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_nbio) 1978656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1979656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long sl=1; 1980656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1981656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 1982656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"turning on non blocking io\n"); 1983656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 1984656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1985656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1986656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1987656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1988656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (con == NULL) { 1989656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project con=SSL_new(ctx); 1990656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1991656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_tlsextdebug) 1992656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1993656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_callback(con, tlsext_cb); 1994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_arg(con, bio_s_out); 1995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_tlsextstatus) 1997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); 1999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlscstatp.err = bio_err; 2000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); 2001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_KRB5 2004392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((kctx = kssl_ctx_new()) != NULL) 2005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2006392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_set0_kssl_ctx(con, kctx); 2007392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2008392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2009656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2010656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif /* OPENSSL_NO_KRB5 */ 2011656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(context) 2012656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_session_id_context(con, context, 2013656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen((char *)context)); 2014656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2015656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_clear(con); 2016221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if 0 2017221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifdef TLSEXT_TYPE_opaque_prf_input 2018221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_set_tlsext_opaque_prf_input(con, "Test server", 11); 2019221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 2020221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 2021656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2022656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_version(con) == DTLS1_VERSION) 2023656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2024656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2025656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_dgram(s,BIO_NOCLOSE); 2026656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2027221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (enable_timeouts) 2028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2029656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_sec = 0; 2030656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_usec = DGRAM_RCV_TIMEOUT; 2031656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 2032656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2033656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_sec = 0; 2034656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_usec = DGRAM_SND_TIMEOUT; 2035656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 2036656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2037656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 203898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (socket_mtu > 28) 2039656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2040656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 204198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_set_mtu(con, socket_mtu - 28); 2042656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2043656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2044656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* want to do MTU discovery */ 2045656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 2046656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2047656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* turn on cookie exchange */ 2048656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); 2049656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2050656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2051656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_socket(s,BIO_NOCLOSE); 2052656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2053656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_nbio_test) 2054656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2055656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *test; 2056656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2057656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project test=BIO_new(BIO_f_nbio_test()); 2058656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_push(test,sbio); 2059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2060e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 2061e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if(jpake_secret) 2062e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu jpake_server_auth(bio_s_out, sbio, jpake_secret); 2063e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 2064e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 2065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_bio(con,sbio,sbio); 2066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_accept_state(con); 2067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* SSL_set_fd(con,s); */ 2068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_debug) 2070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2071392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_set_debug(con, 1); 2072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_msg) 2076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback(con, msg_cb); 2078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback_arg(con, bio_s_out); 2079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 2081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_tlsextdebug) 2082656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_callback(con, tlsext_cb); 2084656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_arg(con, bio_s_out); 2085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project width=s+1; 2089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int read_from_terminal; 2092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int read_from_sslcon; 2093656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2094656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_terminal = 0; 2095656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_sslcon = SSL_pending(con); 2096656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2097656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!read_from_sslcon) 2098656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2099656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project FD_ZERO(&readfds); 2100221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5) 2101221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom openssl_fdset(fileno(stdin),&readfds); 2102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2103221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom openssl_fdset(s,&readfds); 2104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Note: under VMS with SOCKETSHR the second parameter is 2105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * currently of type (int *) whereas under other systems 2106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * it is (void *) if you don't have a cast it will choke 2107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the compiler: if you do have a cast then you can either 2108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * go for (int *) or (void *). 2109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 2110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) 2111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Under DOS (non-djgpp) and Windows we can't select on stdin: only 2112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * on sockets. As a workaround we timeout the select every 2113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * second and check for any keypress. In a proper Windows 2114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * application we wouldn't do this because it is inefficient. 2115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 2116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_sec = 1; 2117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_usec = 0; 2118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=select(width,(void *)&readfds,NULL,NULL,&tv); 2119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if((i < 0) || (!i && !_kbhit() ) )continue; 2120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(_kbhit()) 2121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_terminal = 1; 2122221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#elif defined(OPENSSL_SYS_BEOS_R5) 2123221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Under BeOS-R5 the situation is similar to DOS */ 2124221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom tv.tv_sec = 1; 2125221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom tv.tv_usec = 0; 2126221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 2127221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i=select(width,(void *)&readfds,NULL,NULL,&tv); 2128221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0)) 2129221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom continue; 2130221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (read(fileno(stdin), buf, 0) >= 0) 2131221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom read_from_terminal = 1; 2132221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (void)fcntl(fileno(stdin), F_SETFL, 0); 2133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 213498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if ((SSL_version(con) == DTLS1_VERSION) && 213598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom DTLSv1_get_timeout(con, &timeout)) 213698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom timeoutp = &timeout; 213798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else 213898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom timeoutp = NULL; 213998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 214098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom i=select(width,(void *)&readfds,NULL,NULL,timeoutp); 214198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 214298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) 214398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom { 214498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err,"TIMEOUT occured\n"); 214598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom } 214698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 2147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) continue; 2148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (FD_ISSET(fileno(stdin),&readfds)) 2149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_terminal = 1; 2150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (FD_ISSET(s,&readfds)) 2152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_sslcon = 1; 2153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (read_from_terminal) 2155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_crlf) 2157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int j, lf_num; 2159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2160221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i=raw_read_stdin(buf, bufsize/2); 2161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num = 0; 2162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* both loops are skipped when i <= 0 */ 2163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j = 0; j < i; j++) 2164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[j] == '\n') 2165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num++; 2166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j = i-1; j >= 0; j--) 2167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[j+lf_num] = buf[j]; 2169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[j] == '\n') 2170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num--; 2172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 2173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[j+lf_num] = '\r'; 2174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project assert(lf_num == 0); 2177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2179221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i=raw_read_stdin(buf,bufsize); 2180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((i <= 0) || (buf[0] == 'Q')) 2183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DONE\n"); 2185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(s); 2186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project close_accept_socket(); 2187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret= -11; 2188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((i <= 0) || (buf[0] == 'q')) 2191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DONE\n"); 2193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_version(con) != DTLS1_VERSION) 2194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(s); 2195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* close_accept_socket(); 2196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret= -11;*/ 2197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2199221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 2200392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_HEARTBEATS 2201392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((buf[0] == 'B') && 2202392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ((buf[1] == '\n') || (buf[1] == '\r'))) 2203392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2204392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"HEARTBEATING\n"); 2205392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_heartbeat(con); 2206392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom i=0; 2207392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom continue; 2208392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2209392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((buf[0] == 'r') && 2211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((buf[1] == '\n') || (buf[1] == '\r'))) 2212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 2214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=SSL_do_handshake(con); 2215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project printf("SSL_do_handshake -> %d\n",i); 2216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=0; /*13; */ 2217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 2218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* strcpy(buf,"server side RE-NEGOTIATE\n"); */ 2219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((buf[0] == 'R') && 2221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((buf[1] == '\n') || (buf[1] == '\r'))) 2222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_verify(con, 2224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL); 2225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 2226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=SSL_do_handshake(con); 2227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project printf("SSL_do_handshake -> %d\n",i); 2228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=0; /* 13; */ 2229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 2230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */ 2231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[0] == 'P') 2233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static const char *str="Lets print some clear text\n"; 2235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(SSL_get_wbio(con),str,strlen(str)); 2236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[0] == 'S') 2238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_stats(bio_s_out,SSL_get_SSL_CTX(con)); 2240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 2243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic2ascii(buf,buf,i); 2244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l=k=0; 2246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* should do a select for the write */ 2249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef RENEG 2250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } } 2251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=SSL_write(con,&(buf[l]),(unsigned int)i); 2253392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 2254392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom while (SSL_get_error(con,k) == SSL_ERROR_WANT_X509_LOOKUP) 2255392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2256392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP renego during write\n"); 2257392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2258392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_callback_parm.user) 2259392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2260392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 2261392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2262392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom k=SSL_write(con,&(buf[l]),(unsigned int)i); 2263392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2264392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,k)) 2266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 2268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 2270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 2271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 2272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Write BLOCK\n"); 2273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 2275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 2276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ERROR\n"); 2277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* break; */ 2281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 2282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DONE\n"); 2283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l+=k; 2287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i-=k; 2288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) break; 2289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (read_from_sslcon) 2292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!SSL_is_init_finished(con)) 2294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=init_ssl_connection(con); 2296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i < 0) 2298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=0; 2300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (i == 0) 2303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectagain: 2311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=SSL_read(con,(char *)buf,bufsize); 2312392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 2313392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom while (SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2314392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2315392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP renego during read\n"); 2316392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2317392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_callback_parm.user) 2318392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2319392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 2320392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2321392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom i=SSL_read(con,(char *)buf,bufsize); 2322392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2323392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,i)) 2325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 2327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 2328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ascii2ebcdic(buf,buf,i); 2329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2330221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom raw_write_stdout(buf, 2331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned int)i); 2332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_pending(con)) goto again; 2333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 2335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 2336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Read BLOCK\n"); 2337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 2339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 2340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ERROR\n"); 2341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 2345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DONE\n"); 2346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 2353221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (con != NULL) 2354221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 2355221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out,"shutting down SSL\n"); 2356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 1 2357221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 2359221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_shutdown(con); 2360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2361221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_free(con); 2362221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 2363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); 2364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf != NULL) 2365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_cleanse(buf,bufsize); 2367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(buf); 2368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret >= 0) 2370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ACCEPT\n"); 2371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 2372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void close_accept_socket(void) 2375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"shutdown accept socket\n"); 2377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (accept_socket >= 0) 2378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN2(accept_socket); 2380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int init_ssl_connection(SSL *con) 2384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 2386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char *str; 2387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *peer; 2388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long verify_error; 2389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MS_STATIC char buf[BUFSIZ]; 2390392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_KRB5 2391392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *client_princ; 2392392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2393bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2394bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen const unsigned char *next_proto_neg; 2395bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned next_proto_neg_len; 2396bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#endif 2397392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char *exportedkeymat; 2398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2399392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2400392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom i=SSL_accept(con); 2401392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 2402392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2403392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2404392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login); 2405392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2406392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_callback_parm.user) 2407392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2408392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 2409392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2410392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom i=SSL_accept(con); 2411392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2412392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2413392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (i <= 0) 2414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_sock_should_retry(i)) 2416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DELAY\n"); 2418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 2419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"ERROR\n"); 2422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_error=SSL_get_verify_result(con); 2423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (verify_error != X509_V_OK) 2424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify error:%s\n", 2426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_verify_cert_error_string(verify_error)); 2427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 2431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con)); 2434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project peer=SSL_get_peer_certificate(con); 2436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) 2437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Client certificate\n"); 2439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(bio_s_out,peer); 2440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf); 2441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"subject=%s\n",buf); 2442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf); 2443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"issuer=%s\n",buf); 2444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(peer); 2445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL) 2448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); 2449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); 2450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); 245104ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom 2452bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2453bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); 2454bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto_neg) 2455bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 2456bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_s_out,"NEXTPROTO is "); 2457bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); 2458bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_s_out, "\n"); 2459bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 2460bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#endif 2461eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 2462392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2463392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRTP_PROTECTION_PROFILE *srtp_profile 2464392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom = SSL_get_selected_srtp_profile(con); 2465392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2466392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(srtp_profile) 2467392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"SRTP Extension negotiated, profile=%s\n", 2468392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srtp_profile->name); 2469392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2470eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 2471392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n"); 2472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & 2473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project TLS1_FLAGS_TLS_PADDING_BUG) 2474392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out, 2475392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom "Peer has incorrect TLSv1 block padding\n"); 2476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_KRB5 2477392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con)); 2478392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (client_princ != NULL) 2479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Kerberos peer principal is %s\n", 2481392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom client_princ); 2482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif /* OPENSSL_NO_KRB5 */ 248498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", 248598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); 2486392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (keymatexportlabel != NULL) 2487392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2488392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out, "Keying material exporter:\n"); 2489392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel); 2490392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out, " Length: %i bytes\n", 2491392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlen); 2492392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom exportedkeymat = OPENSSL_malloc(keymatexportlen); 2493392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (exportedkeymat != NULL) 2494392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2495392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!SSL_export_keying_material(con, exportedkeymat, 2496392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlen, 2497392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlabel, 2498392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom strlen(keymatexportlabel), 2499392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NULL, 0, 0)) 2500392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2501392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out, " Error\n"); 2502392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2503392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 2504392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2505392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out, " Keying material: "); 2506392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i=0; i<keymatexportlen; i++) 2507392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out, "%02X", 2508392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom exportedkeymat[i]); 2509392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out, "\n"); 2510392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2511392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(exportedkeymat); 2512392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2513392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2514392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 2516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 2519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic DH *load_dh_param(const char *dhfile) 2520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH *ret=NULL; 2522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *bio; 2523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((bio=BIO_new_file(dhfile,"r")) == NULL) 2525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL); 2527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 2528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio != NULL) BIO_free(bio); 2529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 2530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2532392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_KRB5 2533392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *client_princ; 2534392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 2537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int load_CA(SSL_CTX *ctx, char *file) 2538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project FILE *in; 2540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *x=NULL; 2541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((in=fopen(file,"r")) == NULL) 2543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 2544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (PEM_read_X509(in,&x,NULL) == NULL) 2548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_add_client_CA(ctx,x); 2550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (x != NULL) X509_free(x); 2552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fclose(in); 2553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 2554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2556656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int www_body(char *hostname, int s, unsigned char *context) 2558656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *buf=NULL; 2560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=1; 256143c12e3d4f9bbbbd4a8ba7b149686437514bc6b6Brian Carlstrom int i,j,k,dot; 2562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL *con; 2563221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const SSL_CIPHER *c; 2564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *io,*ssl_bio,*sbio; 2565392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_KRB5 2566392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom KSSL_CTX *kctx; 2567392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf=OPENSSL_malloc(bufsize); 2570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf == NULL) return(0); 2571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project io=BIO_new(BIO_f_buffer()); 2572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssl_bio=BIO_new(BIO_f_ssl()); 2573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((io == NULL) || (ssl_bio == NULL)) goto err; 2574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 2576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_nbio) 2577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long sl=1; 2579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"turning on non blocking io\n"); 2582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 2583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* lets make the output buffer a reasonable size */ 2588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BIO_set_write_buffer_size(io,bufsize)) goto err; 2589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((con=SSL_new(ctx)) == NULL) goto err; 2591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 2592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_tlsextdebug) 2593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_callback(con, tlsext_cb); 2595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_arg(con, bio_s_out); 2596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_KRB5 2599392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((kctx = kssl_ctx_new()) != NULL) 2600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2601392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2602392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif /* OPENSSL_NO_KRB5 */ 2605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(context) SSL_set_session_id_context(con, context, 2606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen((char *)context)); 2607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_socket(s,BIO_NOCLOSE); 2609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_nbio_test) 2610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *test; 2612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project test=BIO_new(BIO_f_nbio_test()); 2614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_push(test,sbio); 2615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_bio(con,sbio,sbio); 2617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_accept_state(con); 2618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* SSL_set_fd(con,s); */ 2620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_ssl(ssl_bio,con,BIO_CLOSE); 2621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_push(io,ssl_bio); 2622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 2623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io); 2624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_debug) 2627656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2628392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_set_debug(con, 1); 2629656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2630656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2632656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_msg) 2633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback(con, msg_cb); 2635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback_arg(con, bio_s_out); 2636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (hack) 2641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=SSL_accept(con); 2643392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 2644392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2645392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2646392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login); 2647392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2648392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_callback_parm.user) 2649392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2650392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 2651392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2652392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom i=SSL_accept(con); 2653392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2654392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,i)) 2656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 2658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 2660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 2661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 2662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 2663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 2664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 2665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 2666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* break; */ 2669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 2672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_write(con,NULL,0); 2673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2675656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=BIO_gets(io,buf,bufsize-1); 2676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i < 0) /* error */ 2677656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2678656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BIO_should_retry(io)) 2679656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2680656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2681656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2682656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2683656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2684656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2685656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2686656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"read R BLOCK\n"); 2687656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_NETWARE) 2688656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project delay(1000); 2689656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) 2690656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sleep(1); 2691656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2692656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 2693656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2695656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (i == 0) /* end of input */ 2696656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2698656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 2699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* else we have data */ 2702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) || 2703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((www == 2) && (strncmp("GET /stats ",buf,10) == 0))) 2704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p; 2706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *peer; 2707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(SSL_CIPHER) *sk; 2708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static const char *space=" "; 2709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n"); 2712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"<pre>\n"); 2713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ 2714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<local_argc; i++) 2716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,local_argv[i]); 2718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(io," ",1); 2719656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2720656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2721656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 272204ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom BIO_printf(io, 272304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom "Secure Renegotiation IS%s supported\n", 272404ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom SSL_get_secure_renegotiation_support(con) ? 272504ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom "" : " NOT"); 272604ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom 2727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* The following is evil and should not really 2728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * be done */ 2729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"Ciphers supported in s_server binary\n"); 2730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk=SSL_get_ciphers(con); 2731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=sk_SSL_CIPHER_num(sk); 2732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<j; i++) 2733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c=sk_SSL_CIPHER_value(sk,i); 2735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"%-11s:%-25s", 2736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_version(c), 2737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_name(c)); 2738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((((i+1)%2) == 0) && (i+1 != j)) 2739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=SSL_get_shared_ciphers(con,buf,bufsize); 2743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p != NULL) 2744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"---\nCiphers common between both SSL end points:\n"); 2746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=i=0; 2747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (*p) 2748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*p == ':') 2750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(io,space,26-j); 2752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 2753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=0; 2754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(io,((i%3)?" ":"\n"),1); 2755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(io,p,1); 2759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j++; 2760656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2761656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p++; 2762656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2763656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2764656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2765392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(io,(SSL_cache_hit(con) 2766656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ?"---\nReused, " 2767656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project :"---\nNew, ")); 2768656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c=SSL_get_current_cipher(con); 2769656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"%s, Cipher is %s\n", 2770656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_version(c), 2771656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_name(c)); 2772656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_SESSION_print(io,SSL_get_session(con)); 2773656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"---\n"); 2774656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_stats(io,SSL_get_SSL_CTX(con)); 2775656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"---\n"); 2776656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project peer=SSL_get_peer_certificate(con); 2777656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) 2778656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2779656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"Client certificate\n"); 2780656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_print(io,peer); 2781656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(io,peer); 2782656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2783656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2784656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"no client certificate available\n"); 2785656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"</BODY></HTML>\r\n\r\n"); 2786656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2787656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2788656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if ((www == 2 || www == 3) 2789656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project && (strncmp("GET /",buf,5) == 0)) 2790656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2791656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *file; 2792656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p,*e; 2793656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; 2794656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2795656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* skip the '/' */ 2796656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p= &(buf[5]); 2797656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2798656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = 1; 2799656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (e=p; *e != '\0'; e++) 2800656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2801656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (e[0] == ' ') 2802656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2803656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2804656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (dot) 2805656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2806656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case 1: 2807656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (e[0] == '.') ? 2 : 0; 2808656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2809656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case 2: 2810656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (e[0] == '.') ? 3 : 0; 2811656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case 3: 2813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (e[0] == '/') ? -1 : 0; 2814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2815656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dot == 0) 2817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (e[0] == '/') ? 1 : 0; 2818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2819656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (dot == 3) || (dot == -1); /* filename contains ".." component */ 2820656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2821656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*e == '\0') 2822656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2823656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"'%s' is an invalid file name\r\n",p); 2825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *e='\0'; 2828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dot) 2830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2832656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"'%s' contains '..' reference\r\n",p); 2833656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2834656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2835656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2836656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*p == '/') 2837656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"'%s' is an invalid path\r\n",p); 2840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2841656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2843656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 2844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* append if a directory lookup */ 2845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (e[-1] == '/') 2846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strcat(p,"index.html"); 2847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2849656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* if a directory, do the index thang */ 2850221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (app_isdir(p)>0) 2851656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2852656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 /* must check buffer size */ 2853656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strcat(p,"/index.html"); 2854656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 2855656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2856656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"'%s' is a directory\r\n",p); 2857656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2860656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2861656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((file=BIO_new_file(p,"r")) == NULL) 2862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"Error opening '%s'\r\n",p); 2865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(io); 2866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2869656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2870656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"FILE:%s\n",p); 2871656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2872656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (www == 2) 2873656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2874656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=strlen(p); 2875656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) || 2876656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) || 2877656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0))) 2878656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2880656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); 2881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2882656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* send the file */ 2883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2884656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=BIO_read(file,buf,bufsize); 2886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) break; 2887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef RENEG 2889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project total_bytes+=i; 2890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fprintf(stderr,"%d\n",i); 2891656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (total_bytes > 3*1024) 2892656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2893656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project total_bytes=0; 2894656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fprintf(stderr,"RENEGOTIATE\n"); 2895656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 2896656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2897656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2898656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2899656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j=0; j<i; ) 2900656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2901656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef RENEG 2902656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ static count=0; if (++count == 13) { SSL_renegotiate(con); } } 2903656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2904656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=BIO_write(io,&(buf[j]),i-j); 2905656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (k <= 0) 2906656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2907656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BIO_should_retry(io)) 2908656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto write_error; 2909656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2910656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2911656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"rwrite W BLOCK\n"); 2912656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2913656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2914656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2915656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2916656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j+=k; 2917656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2918656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2919656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2920656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectwrite_error: 2921656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(file); 2922656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2923656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2924656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2925656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=(int)BIO_flush(io); 2929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) 2930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BIO_should_retry(io)) 2932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2937656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectend: 2938656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 1 2939656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* make sure we re-use sessions */ 2940656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 2942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* This kills performance */ 2943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* SSL_shutdown(con); A shutdown gets sent in the 2944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * BIO_free_all(io) procession */ 2945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2947656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 2948656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2949656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret >= 0) 2950656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ACCEPT\n"); 2951656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2952656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf != NULL) OPENSSL_free(buf); 2953656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (io != NULL) BIO_free_all(io); 2954656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ 2955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 2956656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 2959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIGNUM *bn = NULL; 2962656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static RSA *rsa_tmp=NULL; 2963656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2964656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!rsa_tmp && ((bn = BN_new()) == NULL)) 2965656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Allocation error in generating RSA key\n"); 2966656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!rsa_tmp && bn) 2967656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2968656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2969656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2970656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); 2971656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_err); 2972656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2973656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || 2974656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) 2975656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2976656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(rsa_tmp) RSA_free(rsa_tmp); 2977656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rsa_tmp = NULL; 2978656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2979656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2980656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2981656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"\n"); 2982656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_err); 2983656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2984656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BN_free(bn); 2985656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2986656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(rsa_tmp); 2987656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2988656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2989656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2990656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define MAX_SESSION_ID_ATTEMPTS 10 2991656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int generate_session_id(const SSL *ssl, unsigned char *id, 2992656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int *id_len) 2993656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int count = 0; 2995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do { 2996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RAND_pseudo_bytes(id, *id_len); 2997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Prefix the session_id with the required prefix. NB: If our 2998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prefix is too long, clip it - but there will be worse effects 2999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * anyway, eg. the server could only possibly create 1 session 3000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ID (ie. the prefix!) so all future session negotiations will 3001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * fail due to conflicts. */ 3002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(id, session_id_prefix, 3003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (strlen(session_id_prefix) < *id_len) ? 3004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen(session_id_prefix) : *id_len); 3005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 3006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while(SSL_has_matching_session_id(ssl, id, *id_len) && 3007656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (++count < MAX_SESSION_ID_ATTEMPTS)); 3008656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(count >= MAX_SESSION_ID_ATTEMPTS) 3009656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 3010656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 3011656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 3012