1c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* apps/s_client.c */ 2c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * All rights reserved. 4c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 5c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This package is an SSL implementation written 6c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * by Eric Young (eay@cryptsoft.com). 7c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The implementation was written so as to conform with Netscapes SSL. 8c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 9c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This library is free for commercial and non-commercial use as long as 10c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the following conditions are aheared to. The following conditions 11c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * apply to all code found in this distribution, be it the RC4, RSA, 12c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * included with this distribution is covered by the same copyright terms 14c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 16c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Copyright remains Eric Young's, and as such any Copyright notices in 17c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the code are not to be removed. 18c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * If this package is used in a product, Eric Young should be given attribution 19c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * as the author of the parts of the library used. 20c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This can be in the form of a textual message at program startup or 21c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * in documentation (online or textual) provided with the package. 22c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 23c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Redistribution and use in source and binary forms, with or without 24c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * modification, are permitted provided that the following conditions 25c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * are met: 26c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 1. Redistributions of source code must retain the copyright 27c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer. 28c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 2. Redistributions in binary form must reproduce the above copyright 29c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer in the 30c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * documentation and/or other materials provided with the distribution. 31c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 3. All advertising materials mentioning features or use of this software 32c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * must display the following acknowledgement: 33c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes cryptographic software written by 34c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Eric Young (eay@cryptsoft.com)" 35c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The word 'cryptographic' can be left out if the rouines from the library 36c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * being used are not cryptographic related :-). 37c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 4. If you include any Windows specific code (or a derivative thereof) from 38c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the apps directory (application code) you must include an acknowledgement: 39c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 41c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * SUCH DAMAGE. 52c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 53c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * The licence and distribution terms for any publically available version or 54c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * derivative of this code cannot be changed. i.e. this code cannot simply be 55c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * copied and put under another distribution licence 56c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * [including the GNU Public Licence.] 57c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 58c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* ==================================================================== 59480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 61c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Redistribution and use in source and binary forms, with or without 62c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * modification, are permitted provided that the following conditions 63c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * are met: 64c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 65c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 1. Redistributions of source code must retain the above copyright 66c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer. 67c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 68c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 2. Redistributions in binary form must reproduce the above copyright 69c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * notice, this list of conditions and the following disclaimer in 70c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * the documentation and/or other materials provided with the 71c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * distribution. 72c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 73c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 3. All advertising materials mentioning features or use of this 74c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * software must display the following acknowledgment: 75c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software developed by the OpenSSL Project 76c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 78c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * endorse or promote products derived from this software without 80c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * prior written permission. For written permission, please contact 81c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * openssl-core@openssl.org. 82c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 83c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 5. Products derived from this software may not be called "OpenSSL" 84c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * nor may "OpenSSL" appear in their names without prior written 85c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * permission of the OpenSSL Project. 86c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 87c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 6. Redistributions of any form whatsoever must retain the following 88c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * acknowledgment: 89c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * "This product includes software developed by the OpenSSL Project 90c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 92c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * OF THE POSSIBILITY OF SUCH DAMAGE. 104c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ==================================================================== 105c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 106c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * This product includes cryptographic software written by Eric Young 107c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * (eay@cryptsoft.com). This product includes software written by Tim 108c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Hudson (tjh@cryptsoft.com). 109c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * 110c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 111480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org/* ==================================================================== 112480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * Copyright 2005 Nokia. All rights reserved. 113480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * 114480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * The portions of the attached software ("Contribution") is developed by 115480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * Nokia Corporation and is licensed pursuant to the OpenSSL open source 116480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * license. 117480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * 118480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * The Contribution, originally written by Mika Kousa and Pasi Eronen of 119480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 120480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * support (see RFC 4279) to OpenSSL. 121480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * 122480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * No patent licenses or other rights except those expressly stated in 123480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * the OpenSSL open source license shall be deemed granted or received 124480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * expressly, by implication, estoppel, or otherwise. 125480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * 126480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * No assurances are provided by Nokia that the Contribution does not 127480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * infringe the patent or other intellectual property rights of any third 128480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * party or that the license provides you with all the necessary rights 129480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * to make use of the Contribution. 130480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * 131480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 132480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 133480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 134480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 135480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org * OTHERWISE. 136480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org */ 137c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 138c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <assert.h> 139480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#include <ctype.h> 140c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <stdio.h> 141c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <stdlib.h> 142c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <string.h> 143c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/e_os2.h> 144c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef OPENSSL_NO_STDIO 145c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define APPS_WIN16 146c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 147c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 148c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* With IPv6, it looks like Digital has mixed up the proper order of 149c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org recursive header file inclusion, resulting in the compiler complaining 150c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which 151c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org is needed to have fileno() declared correctly... So let's define u_int */ 152c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 153c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define __U_INT 154c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgtypedef unsigned int u_int; 155c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 156c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 157c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define USE_SOCKETS 158c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include "apps.h" 159c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/x509.h> 160c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/ssl.h> 161c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/err.h> 162c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/pem.h> 163c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/rand.h> 164c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include <openssl/ocsp.h> 165480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#include <openssl/bn.h> 1662c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_SRP 1672c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#include <openssl/srp.h> 1682c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 169c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include "s_apps.h" 170c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#include "timeouts.h" 171c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 172c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 173c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 174c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#undef FIONBIO 175c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 176c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 177480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if defined(OPENSSL_SYS_BEOS_R5) 178480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#include <fcntl.h> 179480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 180480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 181c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#undef PROG 182c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define PROG s_client_main 183c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 184c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/*#define SSL_HOST_NAME "www.netscape.com" */ 185c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/*#define SSL_HOST_NAME "193.118.187.102" */ 186c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define SSL_HOST_NAME "localhost" 187c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 188c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/*#define TEST_CERT "client.pem" */ /* no default cert. */ 189c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 190c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#undef BUFSIZZ 191c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#define BUFSIZZ 1024*8 192c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 193c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgextern int verify_depth; 194c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgextern int verify_error; 195480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.orgextern int verify_return_error; 196c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 197c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef FIONBIO 198c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_nbio=0; 199c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 200c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_Pause=0; 201c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_debug=0; 202c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 203c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_tlsextdebug=0; 204c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_status_req=0; 205c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 206c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_msg=0; 207c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_showcerts=0; 208c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 2092c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgstatic char *keymatexportlabel=NULL; 2102c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgstatic int keymatexportlen=20; 2112c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 212c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic void sc_usage(void); 213c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic void print_stuff(BIO *berr,SSL *con,int full); 214c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 215c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int ocsp_resp_cb(SSL *s, void *arg); 216c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 217c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic BIO *bio_c_out=NULL; 218c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_quiet=0; 219c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int c_ign_eof=0; 220c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 221480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_PSK 222480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org/* Default PSK identity and key */ 223480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.orgstatic char *psk_identity="Client_identity"; 224480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org/*char *psk_key=NULL; by default PSK is not used */ 225480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 226480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.orgstatic unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity, 227480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org unsigned int max_identity_len, unsigned char *psk, 228480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org unsigned int max_psk_len) 229480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 230480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org unsigned int psk_len = 0; 231480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int ret; 232480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIGNUM *bn=NULL; 233480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 234480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (c_debug) 235480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_c_out, "psk_client_cb\n"); 236480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!hint) 237480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 238480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* no ServerKeyExchange message*/ 239480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (c_debug) 240480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_c_out,"NULL received PSK identity hint, continuing anyway\n"); 241480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 242480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (c_debug) 243480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint); 244480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 245480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* lookup PSK identity and PSK key based on the given identity hint here */ 246480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity); 247480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (ret < 0 || (unsigned int)ret > max_identity_len) 248480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto out_err; 249480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (c_debug) 250480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity, ret); 251480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ret=BN_hex2bn(&bn, psk_key); 252480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!ret) 253480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 254480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key); 255480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (bn) 256480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BN_free(bn); 257480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return 0; 258480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 259480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 260480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if ((unsigned int)BN_num_bytes(bn) > max_psk_len) 261480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 262480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n", 263480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org max_psk_len, BN_num_bytes(bn)); 264480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BN_free(bn); 265480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return 0; 266480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 267480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 268480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org psk_len=BN_bn2bin(bn, psk); 269480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BN_free(bn); 270480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (psk_len == 0) 271480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto out_err; 272480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 273480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (c_debug) 274480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len); 275480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 276480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return psk_len; 277480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org out_err: 278480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (c_debug) 279480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err, "Error in PSK client callback\n"); 280480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org return 0; 281480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 282480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 283480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 284c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic void sc_usage(void) 285c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 286c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"usage: s_client args\n"); 287c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"\n"); 288c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -host host - use -connect instead\n"); 289c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -port port - use -connect instead\n"); 290c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); 291c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 292480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); 293c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); 294c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 295c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); 296c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," not specified but cert file is.\n"); 297c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -keyform arg - key format (PEM or DER) PEM default\n"); 298c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 299c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 300c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 301c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); 302c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); 303c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); 304c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -debug - extra output\n"); 305c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef WATT32 306c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -wdebug - WATT-32 tcp debugging\n"); 307c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 308c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -msg - Show protocol messages\n"); 309c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n"); 310c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -state - print the 'ssl' states\n"); 311c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef FIONBIO 312c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 313c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 314c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 315c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -quiet - no s_client output\n"); 316c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); 317c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -no_ign_eof - don't ignore input eof\n"); 318480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_PSK 319480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err," -psk_identity arg - PSK identity\n"); 320480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); 321480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org# ifndef OPENSSL_NO_JPAKE 322480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); 323480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org# endif 324480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 3252c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_SRP 3262c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -srpuser user - SRP authentification for 'user'\n"); 3272c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -srppass arg - password for 'user'\n"); 3282c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n"); 3292c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); 3302c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); 3312c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 332c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); 333c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); 3342c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); 3352c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); 336c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -tls1 - just use TLSv1\n"); 337c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); 338cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n"); 339c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -mtu - set the link layer MTU\n"); 3402c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); 341c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); 342c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); 343c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); 344c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," command to see what is available\n"); 345c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); 346c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," for those protocols that support it, where\n"); 347c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); 348c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); 349c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," are supported.\n"); 350c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 351c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 352c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 353c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 354c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n"); 355c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -sess_in arg - file to read SSL session from\n"); 356c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 357c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n"); 358c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); 359c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -status - request certificate status from server\n"); 360c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); 3617453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org# ifndef OPENSSL_NO_NEXTPROTONEG 362c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); 363480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org# endif 364c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 365e4dea707fa21299f1e0abf4c12827adfccb2eb85digit@chromium.org BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n"); 366c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 3677453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#ifndef OPENSSL_NO_SRTP 3682c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 3697453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#endif 3702c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); 3712c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 372c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 373c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 374c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 375c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 376c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* This is a context that we pass to callbacks */ 377c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgtypedef struct tlsextctx_st { 378c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO * biodebug; 379c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int ack; 380c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org} tlsextctx; 381c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 382c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 383c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 384c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 385c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tlsextctx * p = (tlsextctx *) arg; 386c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 387c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (SSL_get_servername_type(s) != -1) 388c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p->ack = !SSL_session_reused(s) && hn != NULL; 389c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 390c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"Can't use SSL_get_servername\n"); 391c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 392c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return SSL_TLSEXT_ERR_OK; 393c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 394c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 3952c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_SRP 3962c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 3972c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org/* This is a context that we pass to all callbacks */ 3982c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgtypedef struct srp_arg_st 3992c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 4002c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org char *srppassin; 4012c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org char *srplogin; 4022c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int msg; /* copy from c_msg */ 4032c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int debug; /* copy from c_debug */ 4042c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int amp; /* allow more groups */ 4052c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int strength /* minimal size for N */ ; 4062c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } SRP_ARG; 4072c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4082c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#define SRP_NUMBER_ITERATIONS_FOR_PRIME 64 4092c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4102c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgstatic int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g) 4112c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 4122c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_CTX *bn_ctx = BN_CTX_new(); 4132c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIGNUM *p = BN_new(); 4142c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIGNUM *r = BN_new(); 4152c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int ret = 4162c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) && 4172c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_is_prime_ex(N, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) && 4182c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org p != NULL && BN_rshift1(p, N) && 4192c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4202c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org /* p = (N-1)/2 */ 4212c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_is_prime_ex(p, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) && 4222c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org r != NULL && 4232c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4242c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org /* verify g^((N-1)/2) == -1 (mod N) */ 4252c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_mod_exp(r, g, p, N, bn_ctx) && 4262c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_add_word(r, 1) && 4272c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_cmp(r, N) == 0; 4282c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4292c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if(r) 4302c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_free(r); 4312c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if(p) 4322c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_free(p); 4332c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if(bn_ctx) 4342c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BN_CTX_free(bn_ctx); 4352c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return ret; 4362c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 4372c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4382c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org/* This callback is used here for two purposes: 4392c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org - extended debugging 4402c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org - making some primality tests for unknown groups 4412c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org The callback is only called for a non default group. 4422c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4432c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org An application does not need the call back at all if 4442c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org only the stanard groups are used. In real life situations, 4452c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org client and server already share well known groups, 4462c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org thus there is no need to verify them. 4472c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org Furthermore, in case that a server actually proposes a group that 4482c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org is not one of those defined in RFC 5054, it is more appropriate 4492c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org to add the group to a static list and then compare since 4502c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org primality tests are rather cpu consuming. 4512c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org*/ 4522c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4532c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgstatic int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg) 4542c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 4552c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SRP_ARG *srp_arg = (SRP_ARG *)arg; 4562c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIGNUM *N = NULL, *g = NULL; 4572c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s))) 4582c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return 0; 4592c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1) 4602c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 4612c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err, "SRP parameters:\n"); 4622c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err,"\tN="); BN_print(bio_err,N); 4632c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err,"\n\tg="); BN_print(bio_err,g); 4642c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err,"\n"); 4652c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 4662c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4672c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (SRP_check_known_gN_param(g,N)) 4682c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return 1; 4692c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4702c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (srp_arg->amp == 1) 4712c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 4722c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (srp_arg->debug) 4732c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n"); 4742c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4752c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org/* The srp_moregroups is a real debugging feature. 4762c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org Implementors should rather add the value to the known ones. 4772c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org The minimal size has already been tested. 4782c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org*/ 4792c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (BN_num_bits(g) <= BN_BITS && srp_Verify_N_and_g(N,g)) 4802c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return 1; 4812c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 4822c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err, "SRP param N and g rejected.\n"); 4832c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return 0; 4842c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 4852c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4862c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#define PWD_STRLEN 1024 4872c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4882c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.orgstatic char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 4892c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 4902c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SRP_ARG *srp_arg = (SRP_ARG *)arg; 4912c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1); 4922c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org PW_CB_DATA cb_tmp; 4932c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int l; 4942c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 4952c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org cb_tmp.password = (char *)srp_arg->srppassin; 4962c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org cb_tmp.prompt_info = "SRP user"; 4972c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp))<0) 4982c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 4992c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf (bio_err, "Can't read Password\n"); 5002c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org OPENSSL_free(pass); 5012c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return NULL; 5022c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 5032c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org *(pass+l)= '\0'; 5042c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 5052c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org return pass; 5062c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 5072c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 5082c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 5097453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#ifndef OPENSSL_NO_SRTP 5102c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org char *srtp_profiles = NULL; 5117453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#endif 5122c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 513480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org# ifndef OPENSSL_NO_NEXTPROTONEG 514c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* This the context that we pass to next_proto_cb */ 515c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgtypedef struct tlsextnextprotoctx_st { 516c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned char *data; 517c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned short len; 518c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int status; 519c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org} tlsextnextprotoctx; 520c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 521c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic tlsextnextprotoctx next_proto; 522c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 523c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) 524c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 525c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tlsextnextprotoctx *ctx = arg; 526c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 527c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!c_quiet) 528c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 529c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* We can assume that |in| is syntactically valid. */ 530c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned i; 531c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out, "Protocols advertised by server: "); 532c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (i = 0; i < inlen; ) 533c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 534c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (i) 535c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio_c_out, ", ", 2); 536c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio_c_out, &in[i + 1], in[i]); 537c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i += in[i] + 1; 538c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 539c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio_c_out, "\n", 1); 540c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 541c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 542c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); 543c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return SSL_TLSEXT_ERR_OK; 544c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 5457453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 546480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 547480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 548480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.orgenum 549480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org{ 550480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org PROTO_OFF = 0, 551480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org PROTO_SMTP, 552480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org PROTO_POP3, 553480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org PROTO_IMAP, 554480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org PROTO_FTP, 555480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org PROTO_XMPP 556480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org}; 557c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 558c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgint MAIN(int, char **); 559c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 560c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgint MAIN(int argc, char **argv) 561c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 562480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org unsigned int off=0, clr=0; 563480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org SSL *con=NULL; 5642c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_KRB5 5652c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org KSSL_CTX *kctx; 5662c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 567c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int s,k,width,state=0; 568c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL; 569c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int cbuf_len,cbuf_off; 570c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int sbuf_len,sbuf_off; 571c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org fd_set readfds,writefds; 572c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org short port=PORT; 573c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int full_log=1; 574c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *host=SSL_HOST_NAME; 575c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *cert_file=NULL,*key_file=NULL; 576c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int cert_format = FORMAT_PEM, key_format = FORMAT_PEM; 577c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *passarg = NULL, *pass = NULL; 578c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509 *cert = NULL; 579c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY *key = NULL; 580c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *CApath=NULL,*CAfile=NULL,*cipher=NULL; 581c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; 582c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int cutthrough=0; 583c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int crlf=0; 584c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; 585c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX *ctx=NULL; 586c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int ret=1,in_init=1,i,nbio_test=0; 587c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int starttls_proto = PROTO_OFF; 588480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int prexit = 0; 589480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org X509_VERIFY_PARAM *vpm = NULL; 590480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int badarg = 0; 591480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const SSL_METHOD *meth=NULL; 592480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int socket_type=SOCK_STREAM; 593c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *sbio; 594c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *inrand=NULL; 595c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int mbuf_len=0; 596c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org struct timeval timeout, *timeoutp; 597c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 598c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *engine_id=NULL; 599c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *ssl_client_engine_id=NULL; 600c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ENGINE *ssl_client_engine=NULL; 601c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 602c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ENGINE *e=NULL; 603480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 604c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org struct timeval tv; 605480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if defined(OPENSSL_SYS_BEOS_R5) 606480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org int stdin_set = 0; 607480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 608c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 609c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 610c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *servername = NULL; 611c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tlsextctx tlsextcbp = 612c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org {NULL,0}; 613480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org# ifndef OPENSSL_NO_NEXTPROTONEG 614c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const char *next_proto_neg_in = NULL; 615480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org# endif 616c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 617c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *sess_in = NULL; 618c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *sess_out = NULL; 619c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org struct sockaddr peer; 620c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int peerlen = sizeof(peer); 621cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch int fallback_scsv = 0; 622c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int enable_timeouts = 0 ; 623c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org long socket_mtu = 0; 624c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_JPAKE 625c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *jpake_secret = NULL; 626c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 6272c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_SRP 6282c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org char * srppass = NULL; 6292c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int srp_lateuser = 0; 6302c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024}; 6312c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 632c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 633c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org meth=SSLv23_client_method(); 634c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 635c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org apps_startup(); 636c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_Pause=0; 637c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_quiet=0; 638c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_ign_eof=0; 639c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_debug=0; 640c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_msg=0; 641c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_showcerts=0; 642c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 643c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (bio_err == NULL) 644c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 645c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 646c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!load_config(bio_err, NULL)) 647c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 648c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 649c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ( ((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || 650c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || 651c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL)) 652c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 653c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"out of memory\n"); 654c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 655c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 656c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 657c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org verify_depth=0; 658c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org verify_error=X509_V_OK; 659c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef FIONBIO 660c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_nbio=0; 661c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 662c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 663c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org argc--; 664c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org argv++; 665c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (argc >= 1) 666c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 667c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (strcmp(*argv,"-host") == 0) 668c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 669c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 670c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org host= *(++argv); 671c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 672c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-port") == 0) 673c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 674c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 675c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org port=atoi(*(++argv)); 676c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (port == 0) goto bad; 677c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 678c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-connect") == 0) 679c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 680c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 681c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!extract_host_port(*(++argv),&host,NULL,&port)) 682c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto bad; 683c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 684c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-verify") == 0) 685c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 686c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org verify=SSL_VERIFY_PEER; 687c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 688c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org verify_depth=atoi(*(++argv)); 689c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"verify depth is %d\n",verify_depth); 690c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 691c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-cert") == 0) 692c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 693c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 694c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cert_file= *(++argv); 695c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 696c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-sess_out") == 0) 697c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 698c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 699c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sess_out = *(++argv); 700c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 701c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-sess_in") == 0) 702c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 703c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 704c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sess_in = *(++argv); 705c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 706c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-certform") == 0) 707c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 708c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 709c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cert_format = str2fmt(*(++argv)); 710c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 711480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) 712480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 713480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (badarg) 714480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto bad; 715480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org continue; 716480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 717480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (strcmp(*argv,"-verify_return_error") == 0) 718480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org verify_return_error = 1; 719c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-prexit") == 0) 720c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org prexit=1; 721c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-crlf") == 0) 722c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org crlf=1; 723c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-quiet") == 0) 724c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 725c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_quiet=1; 726c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_ign_eof=1; 727c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 728c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-ign_eof") == 0) 729c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_ign_eof=1; 730c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-no_ign_eof") == 0) 731c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_ign_eof=0; 732c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-pause") == 0) 733c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_Pause=1; 734c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-debug") == 0) 735c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_debug=1; 736c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 737c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-tlsextdebug") == 0) 738c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_tlsextdebug=1; 739c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-status") == 0) 740c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_status_req=1; 741c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 742c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef WATT32 743c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-wdebug") == 0) 744c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org dbug_init(); 745c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 746c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-msg") == 0) 747c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_msg=1; 748c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-showcerts") == 0) 749c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c_showcerts=1; 750c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-nbio_test") == 0) 751c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org nbio_test=1; 752c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-state") == 0) 753c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org state=1; 754480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_PSK 755480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (strcmp(*argv,"-psk_identity") == 0) 756480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 757480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (--argc < 1) goto bad; 758480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org psk_identity=*(++argv); 759480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 760480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (strcmp(*argv,"-psk") == 0) 761480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 762480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org size_t j; 763480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 764480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (--argc < 1) goto bad; 765480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org psk_key=*(++argv); 766480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org for (j = 0; j < strlen(psk_key); j++) 767480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 7682c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (isxdigit((unsigned char)psk_key[j])) 769480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org continue; 770480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); 771480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto bad; 772480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 773480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 774480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 7752c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_SRP 7762c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-srpuser") == 0) 7772c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 7782c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (--argc < 1) goto bad; 7792c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srp_arg.srplogin= *(++argv); 7802c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org meth=TLSv1_client_method(); 7812c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 7822c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-srppass") == 0) 7832c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 7842c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (--argc < 1) goto bad; 7852c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srppass= *(++argv); 7862c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org meth=TLSv1_client_method(); 7872c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 7882c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-srp_strength") == 0) 7892c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 7902c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (--argc < 1) goto bad; 7912c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srp_arg.strength=atoi(*(++argv)); 7922c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err,"SRP minimal length for N is %d\n",srp_arg.strength); 7932c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org meth=TLSv1_client_method(); 7942c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 7952c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-srp_lateuser") == 0) 7962c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 7972c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srp_lateuser= 1; 7982c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org meth=TLSv1_client_method(); 7992c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 8002c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-srp_moregroups") == 0) 8012c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 8022c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srp_arg.amp=1; 8032c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org meth=TLSv1_client_method(); 8042c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 8052c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 806c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_SSL2 807c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-ssl2") == 0) 808c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org meth=SSLv2_client_method(); 809c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 810c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_SSL3 811c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-ssl3") == 0) 812c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org meth=SSLv3_client_method(); 813c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 814c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLS1 8152c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-tls1_2") == 0) 8162c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org meth=TLSv1_2_client_method(); 8172c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-tls1_1") == 0) 8182c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org meth=TLSv1_1_client_method(); 819c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-tls1") == 0) 820c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org meth=TLSv1_client_method(); 821c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 822c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_DTLS1 823c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-dtls1") == 0) 824c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 825c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org meth=DTLSv1_client_method(); 826480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org socket_type=SOCK_DGRAM; 827c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 828cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch else if (strcmp(*argv,"-fallback_scsv") == 0) 829cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch { 830cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch fallback_scsv = 1; 831cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch } 832c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-timeout") == 0) 833c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org enable_timeouts=1; 834c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-mtu") == 0) 835c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 836c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 837c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org socket_mtu = atol(*(++argv)); 838c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 839c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 840c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-bugs") == 0) 841c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org bugs=1; 842c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-keyform") == 0) 843c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 844c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 845c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org key_format = str2fmt(*(++argv)); 846c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 847c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-pass") == 0) 848c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 849c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 850c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org passarg = *(++argv); 851c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 852c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-key") == 0) 853c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 854c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 855c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org key_file= *(++argv); 856c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 857c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-reconnect") == 0) 858c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 859c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org reconnect=5; 860c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 861c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-CApath") == 0) 862c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 863c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 864c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org CApath= *(++argv); 865c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 866c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-CAfile") == 0) 867c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 868c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 869c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org CAfile= *(++argv); 870c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 8712c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-no_tls1_2") == 0) 8722c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org off|=SSL_OP_NO_TLSv1_2; 8732c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-no_tls1_1") == 0) 8742c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org off|=SSL_OP_NO_TLSv1_1; 875c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-no_tls1") == 0) 876c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org off|=SSL_OP_NO_TLSv1; 877c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-no_ssl3") == 0) 878c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org off|=SSL_OP_NO_SSLv3; 879c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-no_ssl2") == 0) 880c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org off|=SSL_OP_NO_SSLv2; 881480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (strcmp(*argv,"-no_comp") == 0) 882480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { off|=SSL_OP_NO_COMPRESSION; } 883c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 884c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-no_ticket") == 0) 885c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { off|=SSL_OP_NO_TICKET; } 886480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org# ifndef OPENSSL_NO_NEXTPROTONEG 887c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-nextprotoneg") == 0) 888c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 889c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 890c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org next_proto_neg_in = *(++argv); 891c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 892480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org# endif 893c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 894c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-cutthrough") == 0) 895c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cutthrough=1; 896c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-serverpref") == 0) 897c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org off|=SSL_OP_CIPHER_SERVER_PREFERENCE; 898c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-legacy_renegotiation") == 0) 899c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 900c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-legacy_server_connect") == 0) 901c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { off|=SSL_OP_LEGACY_SERVER_CONNECT; } 902c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-no_legacy_server_connect") == 0) 903c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { clr|=SSL_OP_LEGACY_SERVER_CONNECT; } 904c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-cipher") == 0) 905c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 906c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 907c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cipher= *(++argv); 908c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 909c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef FIONBIO 910c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-nbio") == 0) 911c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { c_nbio=1; } 912c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 913c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-starttls") == 0) 914c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 915c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 916c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ++argv; 917c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (strcmp(*argv,"smtp") == 0) 918c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org starttls_proto = PROTO_SMTP; 919c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"pop3") == 0) 920c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org starttls_proto = PROTO_POP3; 921c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"imap") == 0) 922c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org starttls_proto = PROTO_IMAP; 923c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"ftp") == 0) 924c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org starttls_proto = PROTO_FTP; 925c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv, "xmpp") == 0) 926c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org starttls_proto = PROTO_XMPP; 927c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 928c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto bad; 929c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 930c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 931c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-engine") == 0) 932c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 933c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 934c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org engine_id = *(++argv); 935c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 936c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-ssl_client_engine") == 0) 937c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 938c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 939c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ssl_client_engine_id = *(++argv); 940c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 941c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 942c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-rand") == 0) 943c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 944c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 945c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org inrand= *(++argv); 946c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 947c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 948c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-servername") == 0) 949c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 950c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 951c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org servername= *(++argv); 952c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* meth=TLSv1_client_method(); */ 953c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 954c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 955c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_JPAKE 956c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (strcmp(*argv,"-jpake") == 0) 957c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 958c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (--argc < 1) goto bad; 959c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org jpake_secret = *++argv; 960c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 961c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 9627453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#ifndef OPENSSL_NO_SRTP 9632c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-use_srtp") == 0) 9642c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 9652c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (--argc < 1) goto bad; 9662c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srtp_profiles = *(++argv); 9672c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 9687453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#endif 9692c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-keymatexport") == 0) 9702c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 9712c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (--argc < 1) goto bad; 9722c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org keymatexportlabel= *(++argv); 9732c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 9742c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if (strcmp(*argv,"-keymatexportlen") == 0) 9752c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 9762c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (--argc < 1) goto bad; 9772c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org keymatexportlen=atoi(*(++argv)); 9782c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (keymatexportlen == 0) goto bad; 9792c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 9802c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else 981c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 982c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"unknown option %s\n",*argv); 983c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org badop=1; 984c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 985c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 986c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org argc--; 987c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org argv++; 988c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 989c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (badop) 990c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 991c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgbad: 992c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sc_usage(); 993c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 994c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 995c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 996480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 997480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (jpake_secret) 998480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 999480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (psk_key) 1000480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1001480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err, 1002480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org "Can't use JPAKE and PSK together\n"); 1003480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org goto end; 1004480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1005480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org psk_identity = "JPAKE"; 10062c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (cipher) 10072c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 10082c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 10092c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org goto end; 10102c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 10112c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org cipher = "PSK"; 1012480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1013480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1014480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1015c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OpenSSL_add_ssl_algorithms(); 1016c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_load_error_strings(); 1017c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1018480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 1019c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org next_proto.status = -1; 1020c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (next_proto_neg_in) 1021c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1022c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in); 1023c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (next_proto.data == NULL) 1024c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1025c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n"); 1026c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1027c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1028c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1029c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1030c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org next_proto.data = NULL; 1031c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1032c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1033c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 1034c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org e = setup_engine(bio_err, engine_id, 1); 1035c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (ssl_client_engine_id) 1036c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1037c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ssl_client_engine = ENGINE_by_id(ssl_client_engine_id); 1038c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!ssl_client_engine) 1039c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1040c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, 1041c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "Error getting client auth engine\n"); 1042c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1043c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1044c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1045480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1046c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1047c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) 1048c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1049c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error getting password\n"); 1050c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1051c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1052c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1053c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (key_file == NULL) 1054c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org key_file = cert_file; 1055c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1056c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1057c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (key_file) 1058c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1059c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1060c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1061c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org key = load_key(bio_err, key_file, key_format, 0, pass, e, 1062c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "client certificate private key file"); 1063c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!key) 1064c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1065c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1066c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1067c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1068c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1069c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1070c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1071c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cert_file) 1072c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1073c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1074c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cert = load_cert(bio_err,cert_file,cert_format, 1075c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org NULL, e, "client certificate file"); 1076c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1077c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!cert) 1078c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1079c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1080c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1081c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1082c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1083c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1084c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1085c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org && !RAND_status()) 1086c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1087c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 1088c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1089c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (inrand != NULL) 1090c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 1091c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org app_RAND_load_files(inrand)); 1092c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1093c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (bio_c_out == NULL) 1094c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1095c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (c_quiet && !c_debug && !c_msg) 1096c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1097c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org bio_c_out=BIO_new(BIO_s_null()); 1098c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1099c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1100c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1101c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (bio_c_out == NULL) 1102c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE); 1103c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1104c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1105c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 11062c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_SRP 11072c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if(!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL)) 11082c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 11092c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err, "Error getting password\n"); 11102c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org goto end; 11112c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 11122c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 11132c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 1114c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ctx=SSL_CTX_new(meth); 1115c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (ctx == NULL) 1116c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1117c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1118c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1119c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1120c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1121480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (vpm) 1122480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org SSL_CTX_set1_param(ctx, vpm); 1123480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1124c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_ENGINE 1125c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (ssl_client_engine) 1126c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1127c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) 1128c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1129c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_puts(bio_err, "Error setting client auth engine\n"); 1130c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1131c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ENGINE_free(ssl_client_engine); 1132c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1133c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1134c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ENGINE_free(ssl_client_engine); 1135c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1136c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1137c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1138480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_PSK 1139480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifdef OPENSSL_NO_JPAKE 1140480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (psk_key != NULL) 1141480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#else 1142480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (psk_key != NULL || jpake_secret) 1143480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1144480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1145480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (c_debug) 1146480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n"); 1147480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org SSL_CTX_set_psk_client_callback(ctx, psk_client_cb); 1148480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 11497453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#endif 11507453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#ifndef OPENSSL_NO_SRTP 11512c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (srtp_profiles != NULL) 11522c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1153480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1154c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (bugs) 1155c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_options(ctx,SSL_OP_ALL|off); 1156c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1157c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_options(ctx,off); 1158c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1159c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (clr) 1160c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_clear_options(ctx, clr); 1161c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* DTLS: partial reads end up discarding unread UDP bytes :-( 1162c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Setting read ahead solves this problem. 1163c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 1164480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); 1165c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 11662c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 11672c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (next_proto.data) 11682c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); 11692c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 11702c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 1171c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Enable handshake cutthrough for client connections using 1172c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * strong ciphers. */ 1173c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cutthrough) 1174c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1175c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int ssl_mode = SSL_CTX_get_mode(ctx); 1176c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH; 1177c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_mode(ctx, ssl_mode); 1178c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1179c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1180c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); 1181c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cipher != NULL) 1182c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!SSL_CTX_set_cipher_list(ctx,cipher)) { 1183c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"error setting cipher list\n"); 1184c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1185c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1186c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1187c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if 0 1188c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1189c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER")); 1190c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1191c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1192c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_verify(ctx,verify,verify_callback); 1193c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!set_cert_key_stuff(ctx,cert,key)) 1194c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1195c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1196c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || 1197c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (!SSL_CTX_set_default_verify_paths(ctx))) 1198c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1199c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* BIO_printf(bio_err,"error setting default verify locations\n"); */ 1200c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1201c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* goto end; */ 1202c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1203c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1204c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 1205c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (servername != NULL) 1206c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1207c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tlsextcbp.biodebug = bio_err; 1208c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1209c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1210c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 12112c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_SRP 12122c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (srp_arg.srplogin) 12132c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 12142c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (!srp_lateuser && !SSL_CTX_set_srp_username(ctx, srp_arg.srplogin)) 12152c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 12162c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err,"Unable to set SRP username\n"); 12172c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org goto end; 12182c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 12192c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srp_arg.msg = c_msg; 12202c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srp_arg.debug = c_debug ; 12212c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_CTX_set_srp_cb_arg(ctx,&srp_arg); 12222c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb); 12232c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_CTX_set_srp_strength(ctx, srp_arg.strength); 12242c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (c_msg || c_debug || srp_arg.amp == 0) 12252c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_CTX_set_srp_verify_param_callback(ctx, ssl_srp_verify_param_cb); 12262c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 12272c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 12282c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 1229c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1230c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1231c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org con=SSL_new(ctx); 1232c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (sess_in) 1233c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1234c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_SESSION *sess; 1235c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *stmp = BIO_new_file(sess_in, "r"); 1236c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!stmp) 1237c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1238c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Can't open session file %s\n", 1239c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sess_in); 1240c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1241c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1242c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1243c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL); 1244c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(stmp); 1245c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!sess) 1246c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1247c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Can't open session file %s\n", 1248c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sess_in); 1249c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1250c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1251c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1252c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_session(con, sess); 1253c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_SESSION_free(sess); 1254c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1255cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch 1256cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch if (fallback_scsv) 1257cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV); 1258cc2cd4790cd85023341988efac0ec88b9f630f73Ben Murdoch 1259c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 1260c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (servername != NULL) 1261c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1262c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!SSL_set_tlsext_host_name(con,servername)) 1263c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1264c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"Unable to set TLS servername extension.\n"); 1265c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1266c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1267c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1268c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1269c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1270c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_KRB5 12712c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (con && (kctx = kssl_ctx_new()) != NULL) 1272c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 12732c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_set0_kssl_ctx(con, kctx); 12742c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org kssl_ctx_setstring(kctx, KSSL_SERVER, host); 1275c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1276c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif /* OPENSSL_NO_KRB5 */ 1277c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* SSL_set_cipher_list(con,"RC4-MD5"); */ 1278480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if 0 1279480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifdef TLSEXT_TYPE_opaque_prf_input 1280480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org SSL_set_tlsext_opaque_prf_input(con, "Test client", 11); 1281480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1282480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1283c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1284c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgre_start: 1285c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1286480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (init_client(&s,host,port,socket_type) == 0) 1287c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1288c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); 1289c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SHUTDOWN(s); 1290c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1291c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1292c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s); 1293c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1294c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef FIONBIO 1295c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (c_nbio) 1296c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1297c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org unsigned long l=1; 1298c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"turning on non blocking io\n"); 1299c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (BIO_socket_ioctl(s,FIONBIO,&l) < 0) 1300c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1301c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1302c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1303c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1304c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1305c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 13062c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (c_Pause & 0x01) SSL_set_debug(con, 1); 1307c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1308c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ( SSL_version(con) == DTLS1_VERSION) 1309c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1310c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1311c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbio=BIO_new_dgram(s,BIO_NOCLOSE); 1312c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (getsockname(s, &peer, (void *)&peerlen) < 0) 1313c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1314c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "getsockname:errno=%d\n", 1315c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org get_last_socket_error()); 1316c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SHUTDOWN(s); 1317c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1318c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1319c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1320c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_ctrl_set_connected(sbio, 1, &peer); 1321c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1322480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (enable_timeouts) 1323c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1324c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org timeout.tv_sec = 0; 1325c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1326c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 1327c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1328c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org timeout.tv_sec = 0; 1329c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org timeout.tv_usec = DGRAM_SND_TIMEOUT; 1330c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 1331c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1332c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1333c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (socket_mtu > 28) 1334c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1335c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 1336c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_mtu(con, socket_mtu - 28); 1337c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1338c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1339c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* want to do MTU discovery */ 1340c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 1341c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1342c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1343c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbio=BIO_new_socket(s,BIO_NOCLOSE); 1344c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1345c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (nbio_test) 1346c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1347c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *test; 1348c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1349c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org test=BIO_new(BIO_f_nbio_test()); 1350c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbio=BIO_push(test,sbio); 1351c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1352c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1353c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (c_debug) 1354c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 13552c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_set_debug(con, 1); 1356c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_set_callback(sbio,bio_dump_callback); 1357c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_set_callback_arg(sbio,(char *)bio_c_out); 1358c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1359c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (c_msg) 1360c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1361c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_msg_callback(con, msg_cb); 1362c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_msg_callback_arg(con, bio_c_out); 1363c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1364c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 1365c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (c_tlsextdebug) 1366c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1367c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_tlsext_debug_callback(con, tlsext_cb); 1368c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_tlsext_debug_arg(con, bio_c_out); 1369c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1370c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (c_status_req) 1371c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1372c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); 1373c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); 1374c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); 1375c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if 0 1376c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org{ 1377c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgSTACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null(); 1378c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgOCSP_RESPID *id = OCSP_RESPID_new(); 1379c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgid->value.byKey = ASN1_OCTET_STRING_new(); 1380c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgid->type = V_OCSP_RESPID_KEY; 1381c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgASN1_STRING_set(id->value.byKey, "Hello World", -1); 1382c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgsk_OCSP_RESPID_push(ids, id); 1383c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgSSL_set_tlsext_status_ids(con, ids); 1384c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org} 1385c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1386c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1387c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1388c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_JPAKE 1389c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (jpake_secret) 1390c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org jpake_client_auth(bio_c_out, sbio, jpake_secret); 1391c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1392c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1393c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_bio(con,sbio,sbio); 1394c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_connect_state(con); 1395c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1396c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* ok, lets connect */ 1397c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org width=SSL_get_fd(con)+1; 1398c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1399c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_tty=1; 1400c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_tty=0; 1401c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tty_on=0; 1402c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_ssl=1; 1403c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=1; 1404c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1405c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf_len=0; 1406c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf_off=0; 1407c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbuf_len=0; 1408c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbuf_off=0; 1409c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1410c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* This is an ugly hack that does a lot of assumptions */ 1411c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* We do have to handle multi-line responses which may come 1412c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org in a single packet or not. We therefore have to use 1413c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_gets() which does need a buffering BIO. So during 1414c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org the initial chitchat we do push a buffering BIO into the 1415c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org chain that is removed again later on to not disturb the 1416c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org rest of the s_client operation. */ 1417c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (starttls_proto == PROTO_SMTP) 1418c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1419c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int foundit=0; 1420c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *fbio = BIO_new(BIO_f_buffer()); 1421c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_push(fbio, sbio); 1422c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* wait for multi-line response to end from SMTP */ 1423c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org do 1424c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1425c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1426c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1427c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (mbuf_len>3 && mbuf[3]=='-'); 1428c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* STARTTLS command requires EHLO... */ 1429c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(fbio,"EHLO openssl.client.net\r\n"); 1430c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_flush(fbio); 1431c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* wait for multi-line response to end EHLO SMTP response */ 1432c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org do 1433c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1434c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1435c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (strstr(mbuf,"STARTTLS")) 1436c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org foundit=1; 1437c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1438c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (mbuf_len>3 && mbuf[3]=='-'); 1439c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_flush(fbio); 1440c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_pop(fbio); 1441c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(fbio); 1442c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!foundit) 1443c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, 1444c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "didn't found starttls in server response," 1445c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org " try anyway...\n"); 1446c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(sbio,"STARTTLS\r\n"); 1447c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_read(sbio,sbuf,BUFSIZZ); 1448c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1449c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (starttls_proto == PROTO_POP3) 1450c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1451c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_read(sbio,mbuf,BUFSIZZ); 1452c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(sbio,"STLS\r\n"); 1453c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_read(sbio,sbuf,BUFSIZZ); 1454c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1455c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (starttls_proto == PROTO_IMAP) 1456c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1457c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int foundit=0; 1458c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *fbio = BIO_new(BIO_f_buffer()); 1459c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_push(fbio, sbio); 1460c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_gets(fbio,mbuf,BUFSIZZ); 1461c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* STARTTLS command requires CAPABILITY... */ 1462c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(fbio,". CAPABILITY\r\n"); 1463c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_flush(fbio); 1464c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* wait for multi-line CAPABILITY response */ 1465c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org do 1466c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1467c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1468c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (strstr(mbuf,"STARTTLS")) 1469c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org foundit=1; 1470c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1471c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (mbuf_len>3 && mbuf[0]!='.'); 1472c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_flush(fbio); 1473c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_pop(fbio); 1474c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(fbio); 1475c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!foundit) 1476c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, 1477c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "didn't found STARTTLS in server response," 1478c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org " try anyway...\n"); 1479c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(sbio,". STARTTLS\r\n"); 1480c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_read(sbio,sbuf,BUFSIZZ); 1481c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1482c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (starttls_proto == PROTO_FTP) 1483c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1484c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *fbio = BIO_new(BIO_f_buffer()); 1485c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_push(fbio, sbio); 1486c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* wait for multi-line response to end from FTP */ 1487c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org do 1488c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1489c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1490c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1491c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (mbuf_len>3 && mbuf[3]=='-'); 1492c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_flush(fbio); 1493c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_pop(fbio); 1494c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(fbio); 1495c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(sbio,"AUTH TLS\r\n"); 1496c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_read(sbio,sbuf,BUFSIZZ); 1497c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1498c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (starttls_proto == PROTO_XMPP) 1499c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1500c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int seen = 0; 1501c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(sbio,"<stream:stream " 1502c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "xmlns:stream='http://etherx.jabber.org/streams' " 1503c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org "xmlns='jabber:client' to='%s' version='1.0'>", host); 1504c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org seen = BIO_read(sbio,mbuf,BUFSIZZ); 1505c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mbuf[seen] = 0; 1506c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")) 1507c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1508c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (strstr(mbuf, "/stream:features>")) 1509c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1510c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org seen = BIO_read(sbio,mbuf,BUFSIZZ); 1511c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mbuf[seen] = 0; 1512c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1513c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); 1514c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org seen = BIO_read(sbio,sbuf,BUFSIZZ); 1515c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbuf[seen] = 0; 1516c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!strstr(sbuf, "<proceed")) 1517c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1518c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org mbuf[0] = 0; 1519c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1520c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1521c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (;;) 1522c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1523c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org FD_ZERO(&readfds); 1524c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org FD_ZERO(&writefds); 1525c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1526c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((SSL_version(con) == DTLS1_VERSION) && 1527c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org DTLSv1_get_timeout(con, &timeout)) 1528c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org timeoutp = &timeout; 1529c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1530c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org timeoutp = NULL; 1531c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1532c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (SSL_in_init(con) && !SSL_total_renegotiations(con)) 1533c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1534c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org in_init=1; 1535c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tty_on=0; 1536c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1537c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1538c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1539c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tty_on=1; 1540c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (in_init) 1541c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1542c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org in_init=0; 1543480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if 0 /* This test doesn't really work as intended (needs to be fixed) */ 1544480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#ifndef OPENSSL_NO_TLSEXT 1545480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (servername != NULL && !SSL_session_reused(con)) 1546480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1547480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_c_out,"Server did %sacknowledge servername extension.\n",tlsextcbp.ack?"":"not "); 1548480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1549480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1550480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 1551c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (sess_out) 1552c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1553c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO *stmp = BIO_new_file(sess_out, "w"); 1554c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (stmp) 1555c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1556c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con)); 1557c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(stmp); 1558c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1559c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1560c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err, "Error writing session file %s\n", sess_out); 1561c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1562c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org print_stuff(bio_c_out,con,full_log); 1563c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (full_log > 0) full_log--; 1564c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1565c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (starttls_proto) 1566c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1567c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"%s",mbuf); 1568c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* We don't need to know any more */ 1569c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org starttls_proto = PROTO_OFF; 1570c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1571c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1572c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (reconnect) 1573c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1574c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org reconnect--; 1575c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"drop connection and then reconnect\n"); 1576c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_shutdown(con); 1577c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_set_connect_state(con); 1578c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SHUTDOWN(SSL_get_fd(con)); 1579c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto re_start; 1580c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1581c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1582c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1583c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1584c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ssl_pending = read_ssl && SSL_pending(con); 1585c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1586c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!ssl_pending) 1587c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1588480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5) 1589c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (tty_on) 1590c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1591480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (read_tty) openssl_fdset(fileno(stdin),&readfds); 1592480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (write_tty) openssl_fdset(fileno(stdout),&writefds); 1593c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1594c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (read_ssl) 1595480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org openssl_fdset(SSL_get_fd(con),&readfds); 1596c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (write_ssl) 1597480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org openssl_fdset(SSL_get_fd(con),&writefds); 1598c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1599c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!tty_on || !write_tty) { 1600c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (read_ssl) 1601480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org openssl_fdset(SSL_get_fd(con),&readfds); 1602c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (write_ssl) 1603480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org openssl_fdset(SSL_get_fd(con),&writefds); 1604c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1605c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1606c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* printf("mode tty(%d %d%d) ssl(%d%d)\n", 1607c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ 1608c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1609c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Note: under VMS with SOCKETSHR the second parameter 1610c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * is currently of type (int *) whereas under other 1611c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * systems it is (void *) if you don't have a cast it 1612c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * will choke the compiler: if you do have a cast then 1613c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * you can either go for (int *) or (void *). 1614c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 1615c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) 1616c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* Under Windows/DOS we make the assumption that we can 1617c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * always write to the tty: therefore if we need to 1618c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * write to the tty we just fall through. Otherwise 1619c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * we timeout the select every second and see if there 1620c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * are any keypresses. Note: this is a hack, in a proper 1621c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * Windows application we wouldn't do this. 1622c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org */ 1623c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=0; 1624c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!write_tty) { 1625c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(read_tty) { 1626c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tv.tv_sec = 1; 1627c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tv.tv_usec = 0; 1628c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=select(width,(void *)&readfds,(void *)&writefds, 1629c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org NULL,&tv); 1630c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS) 1631c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!i && (!_kbhit() || !read_tty) ) continue; 1632c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1633c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue; 1634c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1635c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } else i=select(width,(void *)&readfds,(void *)&writefds, 1636c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org NULL,timeoutp); 1637c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1638c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#elif defined(OPENSSL_SYS_NETWARE) 1639c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(!write_tty) { 1640c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if(read_tty) { 1641c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tv.tv_sec = 1; 1642c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org tv.tv_usec = 0; 1643c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=select(width,(void *)&readfds,(void *)&writefds, 1644c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org NULL,&tv); 1645c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } else i=select(width,(void *)&readfds,(void *)&writefds, 1646c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org NULL,timeoutp); 1647c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1648480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#elif defined(OPENSSL_SYS_BEOS_R5) 1649480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* Under BeOS-R5 the situation is similar to DOS */ 1650480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org i=0; 1651480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org stdin_set = 0; 1652480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 1653480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if(!write_tty) { 1654480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if(read_tty) { 1655480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org tv.tv_sec = 1; 1656480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org tv.tv_usec = 0; 1657480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org i=select(width,(void *)&readfds,(void *)&writefds, 1658480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org NULL,&tv); 1659480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (read(fileno(stdin), sbuf, 0) >= 0) 1660480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org stdin_set = 1; 1661480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (!i && (stdin_set != 1 || !read_tty)) 1662480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org continue; 1663480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } else i=select(width,(void *)&readfds,(void *)&writefds, 1664480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org NULL,timeoutp); 1665480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 1666480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org (void)fcntl(fileno(stdin), F_SETFL, 0); 1667c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1668c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i=select(width,(void *)&readfds,(void *)&writefds, 1669c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org NULL,timeoutp); 1670c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1671c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ( i < 0) 1672c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1673c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"bad select %d\n", 1674c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org get_last_socket_error()); 1675c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1676c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* goto end; */ 1677c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1678c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1679c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1680c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) 1681c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1682c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"TIMEOUT occured\n"); 1683c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1684c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1685c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds)) 1686c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1687c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org k=SSL_write(con,&(cbuf[cbuf_off]), 1688c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (unsigned int)cbuf_len); 1689c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org switch (SSL_get_error(con,k)) 1690c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1691c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_NONE: 1692c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf_off+=k; 1693c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf_len-=k; 1694c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (k <= 0) goto end; 1695c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* we have done a write(con,NULL,0); */ 1696c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cbuf_len <= 0) 1697c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1698c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_tty=1; 1699c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=0; 1700c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1701c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else /* if (cbuf_len > 0) */ 1702c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1703c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_tty=0; 1704c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=1; 1705c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1706c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1707c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_WANT_WRITE: 1708c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"write W BLOCK\n"); 1709c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=1; 1710c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_tty=0; 1711c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1712c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_WANT_READ: 1713c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"write R BLOCK\n"); 1714c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_tty=0; 1715c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_ssl=1; 1716c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=0; 1717c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1718c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_WANT_X509_LOOKUP: 1719c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"write X BLOCK\n"); 1720c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1721c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_ZERO_RETURN: 1722c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cbuf_len != 0) 1723c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1724c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"shutdown\n"); 1725480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ret = 0; 1726c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1727c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1728c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1729c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1730c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_tty=1; 1731c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=0; 1732c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1733c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1734c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1735c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_SYSCALL: 1736c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((k != 0) || (cbuf_len != 0)) 1737c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1738c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"write:errno=%d\n", 1739c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org get_last_socket_error()); 1740c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1741c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1742c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1743c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1744c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_tty=1; 1745c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=0; 1746c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1747c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1748c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_SSL: 1749c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1750c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1751c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1752c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1753480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1754480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org /* Assume Windows/DOS/BeOS can always write */ 1755c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!ssl_pending && write_tty) 1756c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1757c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds)) 1758c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1759c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1760c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef CHARSET_EBCDIC 1761c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len); 1762c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1763480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org i=raw_write_stdout(&(sbuf[sbuf_off]),sbuf_len); 1764c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1765c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (i <= 0) 1766c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1767c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"DONE\n"); 1768480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ret = 0; 1769c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1770c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* goto end; */ 1771c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1772c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1773c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbuf_len-=i;; 1774c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbuf_off+=i; 1775c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (sbuf_len <= 0) 1776c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1777c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_ssl=1; 1778c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_tty=0; 1779c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1780c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1781c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds)) 1782c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1783c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef RENEG 1784c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } } 1785c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1786c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if 1 1787c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ ); 1788c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1789c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org/* Demo for pending and peek :-) */ 1790c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org k=SSL_read(con,sbuf,16); 1791c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org{ char zbuf[10240]; 1792c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgprintf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240)); 1793c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org} 1794c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1795c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1796c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org switch (SSL_get_error(con,k)) 1797c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1798c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_NONE: 1799c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (k <= 0) 1800c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto end; 1801c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbuf_off=0; 1802c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sbuf_len=k; 1803c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1804c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_ssl=0; 1805c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_tty=1; 1806c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1807c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_WANT_WRITE: 1808c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"read W BLOCK\n"); 1809c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=1; 1810c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_tty=0; 1811c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1812c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_WANT_READ: 1813c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"read R BLOCK\n"); 1814c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_tty=0; 1815c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_ssl=1; 1816c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((read_tty == 0) && (write_ssl == 0)) 1817c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=1; 1818c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1819c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_WANT_X509_LOOKUP: 1820c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"read X BLOCK\n"); 1821c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org break; 1822c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_SYSCALL: 1823480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ret=get_last_socket_error(); 1824480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio_err,"read:errno=%d\n",ret); 1825c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1826c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_ZERO_RETURN: 1827c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_c_out,"closed\n"); 1828480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ret=0; 1829c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1830c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org case SSL_ERROR_SSL: 1831c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ERR_print_errors(bio_err); 1832c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1833c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* break; */ 1834c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1835c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1836c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1837c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) 1838c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS) 1839c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (_kbhit()) 1840c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1841c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) 1842c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1843c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#elif defined (OPENSSL_SYS_NETWARE) 1844480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (_kbhit()) 1845480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#elif defined(OPENSSL_SYS_BEOS_R5) 1846480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org else if (stdin_set) 1847c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#else 1848c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else if (FD_ISSET(fileno(stdin),&readfds)) 1849c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1850c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1851c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (crlf) 1852c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1853c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int j, lf_num; 1854c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1855480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org i=raw_read_stdin(cbuf,BUFSIZZ/2); 1856c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org lf_num = 0; 1857c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* both loops are skipped when i <= 0 */ 1858c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (j = 0; j < i; j++) 1859c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cbuf[j] == '\n') 1860c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org lf_num++; 1861c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (j = i-1; j >= 0; j--) 1862c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1863c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf[j+lf_num] = cbuf[j]; 1864c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cbuf[j] == '\n') 1865c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1866c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org lf_num--; 1867c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i++; 1868c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf[j+lf_num] = '\r'; 1869c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1870c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1871c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org assert(lf_num == 0); 1872c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1873c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1874480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org i=raw_read_stdin(cbuf,BUFSIZZ); 1875c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1876c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) 1877c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1878c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"DONE\n"); 1879480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ret=0; 1880c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org goto shut; 1881c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1882c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1883c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((!c_ign_eof) && (cbuf[0] == 'R')) 1884c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1885c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio_err,"RENEGOTIATING\n"); 1886c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_renegotiate(con); 1887c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf_len=0; 1888c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 18892c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifndef OPENSSL_NO_HEARTBEATS 18902c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else if ((!c_ign_eof) && (cbuf[0] == 'B')) 18912c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 18922c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_err,"HEARTBEATING\n"); 18932c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SSL_heartbeat(con); 18942c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org cbuf_len=0; 18952c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 18962c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 1897c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 1898c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1899c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf_len=i; 1900c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org cbuf_off=0; 1901c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifdef CHARSET_EBCDIC 1902c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org ebcdic2ascii(cbuf, cbuf, i); 1903c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 1904c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1905c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1906c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org write_ssl=1; 1907c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org read_tty=0; 1908c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1909c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1910480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 1911480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org ret=0; 1912c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgshut: 1913480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (in_init) 1914480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org print_stuff(bio_c_out,con,full_log); 1915c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_shutdown(con); 1916c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SHUTDOWN(SSL_get_fd(con)); 1917c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgend: 1918480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (con != NULL) 1919480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org { 1920480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (prexit != 0) 1921480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org print_stuff(bio_c_out,con,1); 1922480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org SSL_free(con); 1923480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org } 19247453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 19257453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org if (next_proto.data) 19267453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org OPENSSL_free(next_proto.data); 19277453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#endif 1928c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (ctx != NULL) SSL_CTX_free(ctx); 1929c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cert) 1930c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_free(cert); 1931c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (key) 1932c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_free(key); 1933c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (pass) 1934c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OPENSSL_free(pass); 19357453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org if (vpm) 19367453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org X509_VERIFY_PARAM_free(vpm); 1937c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } 1938c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } 1939c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } 1940c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (bio_c_out != NULL) 1941c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1942c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_free(bio_c_out); 1943c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org bio_c_out=NULL; 1944c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1945c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org apps_shutdown(); 1946c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OPENSSL_EXIT(ret); 1947c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1948c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1949c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1950c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic void print_stuff(BIO *bio, SSL *s, int full) 1951c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1952c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509 *peer=NULL; 1953c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char *p; 1954c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org static const char *space=" "; 1955c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org char buf[BUFSIZ]; 1956c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(X509) *sk; 1957c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org STACK_OF(X509_NAME) *sk2; 1958480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const SSL_CIPHER *c; 1959c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME *xn; 1960c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int j,i; 1961c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_COMP 1962c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const COMP_METHOD *comp, *expansion; 1963c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 19642c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org unsigned char *exportedkeymat; 1965c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1966c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (full) 1967c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1968c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int got_a_chain = 0; 1969c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1970c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk=SSL_get_peer_cert_chain(s); 1971c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (sk != NULL) 1972c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1973c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org got_a_chain = 1; /* we don't have it for SSL2 (yet) */ 1974c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1975c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"---\nCertificate chain\n"); 1976c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (i=0; i<sk_X509_num(sk); i++) 1977c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1978c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME_oneline(X509_get_subject_name( 1979c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk_X509_value(sk,i)),buf,sizeof buf); 1980c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"%2d s:%s\n",i,buf); 1981c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME_oneline(X509_get_issuer_name( 1982c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk_X509_value(sk,i)),buf,sizeof buf); 1983c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio," i:%s\n",buf); 1984c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (c_showcerts) 1985c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PEM_write_bio_X509(bio,sk_X509_value(sk,i)); 1986c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1987c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 1988c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 1989c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"---\n"); 1990c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org peer=SSL_get_peer_certificate(s); 1991c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (peer != NULL) 1992c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 1993c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"Server certificate\n"); 1994c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */ 1995c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org PEM_write_bio_X509(bio,peer); 1996c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME_oneline(X509_get_subject_name(peer), 1997c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf,sizeof buf); 1998c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"subject=%s\n",buf); 1999c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME_oneline(X509_get_issuer_name(peer), 2000c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org buf,sizeof buf); 2001c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"issuer=%s\n",buf); 2002c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2003c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 2004c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"no peer certificate available\n"); 2005c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 2006c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org sk2=SSL_get_client_CA_list(s); 2007c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) 2008c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2009c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"---\nAcceptable client certificate CA names\n"); 2010c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org for (i=0; i<sk_X509_NAME_num(sk2); i++) 2011c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2012c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org xn=sk_X509_NAME_value(sk2,i); 2013c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_NAME_oneline(xn,buf,sizeof(buf)); 2014c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio,buf,strlen(buf)); 2015c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio,"\n",1); 2016c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2017c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2018c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 2019c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2020c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"---\nNo client certificate CA names sent\n"); 2021c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2022c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p=SSL_get_shared_ciphers(s,buf,sizeof buf); 2023c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (p != NULL) 2024c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2025c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* This works only for SSL 2. In later protocol 2026c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * versions, the client does not know what other 2027c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * ciphers (in addition to the one to be used 2028c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org * in the current connection) the server supports. */ 2029c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 2030c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n"); 2031c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org j=i=0; 2032c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org while (*p) 2033c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2034c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (*p == ':') 2035c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2036c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio,space,15-j%25); 2037c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org i++; 2038c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org j=0; 2039c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio,((i%3)?" ":"\n"),1); 2040c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2041c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org else 2042c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2043c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio,p,1); 2044c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org j++; 2045c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2046c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org p++; 2047c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2048c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_write(bio,"\n",1); 2049c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2050c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 2051c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n", 2052c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_number_read(SSL_get_rbio(s)), 2053c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_number_written(SSL_get_wbio(s))); 2054c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 20552c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio,(SSL_cache_hit(s)?"---\nReused, ":"---\nNew, ")); 2056c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org c=SSL_get_current_cipher(s); 2057c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"%s, Cipher is %s\n", 2058c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CIPHER_get_version(c), 2059c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_CIPHER_get_name(c)); 2060c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (peer != NULL) { 2061c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY *pktmp; 2062c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org pktmp = X509_get_pubkey(peer); 2063c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"Server public key is %d bit\n", 2064c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_bits(pktmp)); 2065c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org EVP_PKEY_free(pktmp); 2066c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2067c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio, "Secure Renegotiation IS%s supported\n", 2068c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_get_secure_renegotiation_support(s) ? "" : " NOT"); 2069c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_COMP 2070c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org comp=SSL_get_current_compression(s); 2071c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org expansion=SSL_get_current_expansion(s); 2072c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"Compression: %s\n", 2073c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org comp ? SSL_COMP_get_name(comp) : "NONE"); 2074c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"Expansion: %s\n", 2075c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org expansion ? SSL_COMP_get_name(expansion) : "NONE"); 2076c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 20772c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 20782c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#ifdef SSL_DEBUG 20792c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 20802c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org /* Print out local port of connection: useful for debugging */ 20812c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org int sock; 20822c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org struct sockaddr_in ladd; 20832c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org socklen_t ladd_size = sizeof(ladd); 20842c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org sock = SSL_get_fd(s); 20852c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org getsockname(sock, (struct sockaddr *)&ladd, &ladd_size); 20862c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio_c_out, "LOCAL PORT is %u\n", ntohs(ladd.sin_port)); 20872c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 20882c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org#endif 2089c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 2090480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2091480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org if (next_proto.status != -1) { 2092480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org const unsigned char *proto; 2093480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org unsigned int proto_len; 2094480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org SSL_get0_next_proto_negotiated(s, &proto, &proto_len); 2095480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_printf(bio, "Next protocol: (%d) ", next_proto.status); 2096480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_write(bio, proto, proto_len); 2097480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org BIO_write(bio, "\n", 1); 2098c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2099c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#endif 2100c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 21017453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#ifndef OPENSSL_NO_SRTP 21022c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 21032c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s); 21042c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 21052c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if(srtp_profile) 21062c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n", 21072c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org srtp_profile->name); 21082c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 21097453c6c0666947e06d87565404f4397a4b387f91digit@chromium.org#endif 21102c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org 2111c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org SSL_SESSION_print(bio,SSL_get_session(s)); 21122c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (keymatexportlabel != NULL) 21132c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 21142c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio, "Keying material exporter:\n"); 21152c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio, " Label: '%s'\n", keymatexportlabel); 21162c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio, " Length: %i bytes\n", keymatexportlen); 21172c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org exportedkeymat = OPENSSL_malloc(keymatexportlen); 21182c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (exportedkeymat != NULL) 21192c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 21202c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org if (!SSL_export_keying_material(s, exportedkeymat, 21212c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org keymatexportlen, 21222c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org keymatexportlabel, 21232c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org strlen(keymatexportlabel), 21242c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org NULL, 0, 0)) 21252c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 21262c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio, " Error\n"); 21272c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 21282c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org else 21292c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org { 21302c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio, " Keying material: "); 21312c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org for (i=0; i<keymatexportlen; i++) 21322c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio, "%02X", 21332c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org exportedkeymat[i]); 21342c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org BIO_printf(bio, "\n"); 21352c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 21362c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org OPENSSL_free(exportedkeymat); 21372c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 21382c4508dfe2bc5b6296c01114ed11ddc64b7718c6digit@chromium.org } 2139c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_printf(bio,"---\n"); 2140c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (peer != NULL) 2141c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org X509_free(peer); 2142c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org /* flush, or debugging output gets mixed with http response */ 2143c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org (void)BIO_flush(bio); 2144c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2145c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 2146c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org#ifndef OPENSSL_NO_TLSEXT 2147c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org 2148c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.orgstatic int ocsp_resp_cb(SSL *s, void *arg) 2149c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2150c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org const unsigned char *p; 2151c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org int len; 2152c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OCSP_RESPONSE *rsp; 2153c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org len = SSL_get_tlsext_status_ocsp_resp(s, &p); 2154c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_puts(arg, "OCSP response: "); 2155c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!p) 2156c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2157c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_puts(arg, "no response sent\n"); 2158c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 1; 2159c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2160c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org rsp = d2i_OCSP_RESPONSE(NULL, &p, len); 2161c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org if (!rsp) 2162c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org { 2163c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_puts(arg, "response parse error\n"); 2164c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_dump_indent(arg, (char *)p, len, 4); 2165c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 0; 2166c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2167c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_puts(arg, "\n======================================\n"); 2168c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OCSP_RESPONSE_print(arg, rsp, 0); 2169c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org BIO_puts(arg, "======================================\n"); 2170c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org OCSP_RESPONSE_free(rsp); 2171c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org return 1; 2172c9490d33b98b7affb729b5f1db13cb0a348471aagl@chromium.org } 2173480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org 2174480da75abf485e7e2a6be5acc0f71842368792c0jnd@chromium.org#endif 2175