1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* apps/s_client.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * All rights reserved. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This package is an SSL implementation written 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * by Eric Young (eay@cryptsoft.com). 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The implementation was written so as to conform with Netscapes SSL. 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This library is free for commercial and non-commercial use as long as 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the following conditions are aheared to. The following conditions 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * apply to all code found in this distribution, be it the RC4, RSA, 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * included with this distribution is covered by the same copyright terms 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright remains Eric Young's, and as such any Copyright notices in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the code are not to be removed. 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If this package is used in a product, Eric Young should be given attribution 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as the author of the parts of the library used. 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This can be in the form of a textual message at program startup or 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in documentation (online or textual) provided with the package. 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the copyright 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in the 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * documentation and/or other materials provided with the distribution. 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this software 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * must display the following acknowledgement: 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes cryptographic software written by 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Eric Young (eay@cryptsoft.com)" 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The word 'cryptographic' can be left out if the rouines from the library 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * being used are not cryptographic related :-). 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. If you include any Windows specific code (or a derivative thereof) from 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the apps directory (application code) you must include an acknowledgement: 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUCH DAMAGE. 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The licence and distribution terms for any publically available version or 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * derivative of this code cannot be changed. i.e. this code cannot simply be 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * copied and put under another distribution licence 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * [including the GNU Public Licence.] 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 59674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * openssl-core@openssl.org. 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 111674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom/* ==================================================================== 112674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * Copyright 2005 Nokia. All rights reserved. 113674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 114674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * The portions of the attached software ("Contribution") is developed by 115674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * Nokia Corporation and is licensed pursuant to the OpenSSL open source 116674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * license. 117674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 118674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * The Contribution, originally written by Mika Kousa and Pasi Eronen of 119674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 120674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * support (see RFC 4279) to OpenSSL. 121674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 122674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * No patent licenses or other rights except those expressly stated in 123674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * the OpenSSL open source license shall be deemed granted or received 124674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * expressly, by implication, estoppel, or otherwise. 125674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 126674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * No assurances are provided by Nokia that the Contribution does not 127674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * infringe the patent or other intellectual property rights of any third 128674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * party or that the license provides you with all the necessary rights 129674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * to make use of the Contribution. 130674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 131674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 132674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 133674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 134674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 135674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * OTHERWISE. 136674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom */ 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <assert.h> 139674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#include <ctype.h> 140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdlib.h> 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <string.h> 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/e_os2.h> 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_STDIO 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define APPS_WIN16 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* With IPv6, it looks like Digital has mixed up the proper order of 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project recursive header file inclusion, resulting in the compiler complaining 150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project is needed to have fileno() declared correctly... So let's define u_int */ 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define __U_INT 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef unsigned int u_int; 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define USE_SOCKETS 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "apps.h" 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509.h> 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ssl.h> 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/pem.h> 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rand.h> 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ocsp.h> 165674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#include <openssl/bn.h> 166392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 167392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/srp.h> 168392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "s_apps.h" 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "timeouts.h" 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef FIONBIO 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 177674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if defined(OPENSSL_SYS_BEOS_R5) 178674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#include <fcntl.h> 179674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 180674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef PROG 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define PROG s_client_main 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/*#define SSL_HOST_NAME "www.netscape.com" */ 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/*#define SSL_HOST_NAME "193.118.187.102" */ 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define SSL_HOST_NAME "localhost" 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/*#define TEST_CERT "client.pem" */ /* no default cert. */ 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef BUFSIZZ 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define BUFSIZZ 1024*8 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectextern int verify_depth; 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectextern int verify_error; 195674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstromextern int verify_return_error; 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_nbio=0; 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_Pause=0; 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_debug=0; 202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_tlsextdebug=0; 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_status_req=0; 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_msg=0; 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_showcerts=0; 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 209392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char *keymatexportlabel=NULL; 210392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int keymatexportlen=20; 211392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void sc_usage(void); 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_stuff(BIO *berr,SSL *con,int full); 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ocsp_resp_cb(SSL *s, void *arg); 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic BIO *bio_c_out=NULL; 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_quiet=0; 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_ign_eof=0; 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 221674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_PSK 222674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom/* Default PSK identity and key */ 223674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstromstatic char *psk_identity="Client_identity"; 224674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom/*char *psk_key=NULL; by default PSK is not used */ 225674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 226674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstromstatic unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity, 227674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom unsigned int max_identity_len, unsigned char *psk, 228674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom unsigned int max_psk_len) 229674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 230674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom unsigned int psk_len = 0; 231674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int ret; 232674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIGNUM *bn=NULL; 233674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 234674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 235674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "psk_client_cb\n"); 236674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (!hint) 237674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 238674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom /* no ServerKeyExchange message*/ 239674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 240674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out,"NULL received PSK identity hint, continuing anyway\n"); 241674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 242674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (c_debug) 243674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint); 244674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 245674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom /* lookup PSK identity and PSK key based on the given identity hint here */ 246674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity); 247674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (ret < 0 || (unsigned int)ret > max_identity_len) 248674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto out_err; 249674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 250674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity, ret); 251674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=BN_hex2bn(&bn, psk_key); 252674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (!ret) 253674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 254674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key); 255674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (bn) 256674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BN_free(bn); 257674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom return 0; 258674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 259674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 260674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if ((unsigned int)BN_num_bytes(bn) > max_psk_len) 261674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 262674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n", 263674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom max_psk_len, BN_num_bytes(bn)); 264674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BN_free(bn); 265674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom return 0; 266674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 267674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 268674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom psk_len=BN_bn2bin(bn, psk); 269674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BN_free(bn); 270674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (psk_len == 0) 271674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto out_err; 272674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 273674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 274674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len); 275674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 276674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom return psk_len; 277674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom out_err: 278674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 279674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err, "Error in PSK client callback\n"); 280674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom return 0; 281674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 282674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 283674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void sc_usage(void) 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"usage: s_client args\n"); 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"\n"); 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -host host - use -connect instead\n"); 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -port port - use -connect instead\n"); 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 292674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); 293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); 296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," not specified but cert file is.\n"); 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -keyform arg - key format (PEM or DER) PEM default\n"); 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); 304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -debug - extra output\n"); 305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef WATT32 306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -wdebug - WATT-32 tcp debugging\n"); 307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -msg - Show protocol messages\n"); 309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n"); 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -state - print the 'ssl' states\n"); 311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -quiet - no s_client output\n"); 316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); 317e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(bio_err," -no_ign_eof - don't ignore input eof\n"); 318674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_PSK 319674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err," -psk_identity arg - PSK identity\n"); 320674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); 321674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom# ifndef OPENSSL_NO_JPAKE 322674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); 323674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom# endif 324674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 325392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 326392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srpuser user - SRP authentification for 'user'\n"); 327392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srppass arg - password for 'user'\n"); 328392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n"); 329392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); 330392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); 331392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); 333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); 334392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); 335392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); 336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -tls1 - just use TLSv1\n"); 337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); 3389a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n"); 33998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err," -mtu - set the link layer MTU\n"); 340392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); 341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); 342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); 343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); 344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," command to see what is available\n"); 345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); 346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," for those protocols that support it, where\n"); 347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); 348e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); 349e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(bio_err," are supported.\n"); 350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n"); 355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -sess_in arg - file to read SSL session from\n"); 356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n"); 358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); 359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -status - request certificate status from server\n"); 360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); 36104ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom# ifndef OPENSSL_NO_NEXTPROTONEG 362bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); 363ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n"); 364bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 366f04b7b0cd950a9bf3c07edcbafb48afe63d4fed3Brian Carlstrom BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n"); 367e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley BIO_printf(bio_err," -no_record_splitting - disable 1/n-1 record splitting in CBC mode\n"); 36898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 369eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 370392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 371eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 372392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); 373392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* This is a context that we pass to callbacks */ 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct tlsextctx_st { 380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO * biodebug; 381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ack; 382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} tlsextctx; 383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextctx * p = (tlsextctx *) arg; 388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_get_servername_type(s) != -1) 390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p->ack = !SSL_session_reused(s) && hn != NULL; 391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Can't use SSL_get_servername\n"); 393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return SSL_TLSEXT_ERR_OK; 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 396bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 397392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 398392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 399392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* This is a context that we pass to all callbacks */ 400392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromtypedef struct srp_arg_st 401392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 402392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srppassin; 403392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srplogin; 404392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int msg; /* copy from c_msg */ 405392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int debug; /* copy from c_debug */ 406392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int amp; /* allow more groups */ 407392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int strength /* minimal size for N */ ; 408392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } SRP_ARG; 409392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 410392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define SRP_NUMBER_ITERATIONS_FOR_PRIME 64 411392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 412392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g) 413392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 414392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_CTX *bn_ctx = BN_CTX_new(); 415392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIGNUM *p = BN_new(); 416392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIGNUM *r = BN_new(); 417392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int ret = 418392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) && 419392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_is_prime_ex(N, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) && 420392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom p != NULL && BN_rshift1(p, N) && 421392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 422392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* p = (N-1)/2 */ 423392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_is_prime_ex(p, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) && 424392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom r != NULL && 425392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 426392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* verify g^((N-1)/2) == -1 (mod N) */ 427392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_mod_exp(r, g, p, N, bn_ctx) && 428392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_add_word(r, 1) && 429392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_cmp(r, N) == 0; 430392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 431392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(r) 432392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_free(r); 433392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(p) 434392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_free(p); 435392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(bn_ctx) 436392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_CTX_free(bn_ctx); 437392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return ret; 438392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 439392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 440392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* This callback is used here for two purposes: 441392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom - extended debugging 442392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom - making some primality tests for unknown groups 443392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom The callback is only called for a non default group. 444392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 445392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom An application does not need the call back at all if 446392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom only the stanard groups are used. In real life situations, 447392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom client and server already share well known groups, 448392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom thus there is no need to verify them. 449392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom Furthermore, in case that a server actually proposes a group that 450392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom is not one of those defined in RFC 5054, it is more appropriate 451392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom to add the group to a static list and then compare since 452392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom primality tests are rather cpu consuming. 453392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom*/ 454392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 455392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg) 456392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 457392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRP_ARG *srp_arg = (SRP_ARG *)arg; 458392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIGNUM *N = NULL, *g = NULL; 459392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s))) 460392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 461392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1) 462392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 463392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "SRP parameters:\n"); 464392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"\tN="); BN_print(bio_err,N); 465392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"\n\tg="); BN_print(bio_err,g); 466392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"\n"); 467392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 468392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 469392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (SRP_check_known_gN_param(g,N)) 470392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 471392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 472392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_arg->amp == 1) 473392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 474392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_arg->debug) 475392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n"); 476392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 477392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* The srp_moregroups is a real debugging feature. 478392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom Implementors should rather add the value to the known ones. 479392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom The minimal size has already been tested. 480392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom*/ 481392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (BN_num_bits(g) <= BN_BITS && srp_Verify_N_and_g(N,g)) 482392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 483392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 484392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "SRP param N and g rejected.\n"); 485392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 486392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 487392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 488392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define PWD_STRLEN 1024 489392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 490392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 491392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 492392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRP_ARG *srp_arg = (SRP_ARG *)arg; 493392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1); 494392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom PW_CB_DATA cb_tmp; 495392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int l; 496392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 497392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cb_tmp.password = (char *)srp_arg->srppassin; 498392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cb_tmp.prompt_info = "SRP user"; 499392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp))<0) 500392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 501392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf (bio_err, "Can't read Password\n"); 502392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(pass); 503392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return NULL; 504392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 505392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom *(pass+l)= '\0'; 506392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 507392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return pass; 508392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 509392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 510392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 511eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 512392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srtp_profiles = NULL; 513eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 514392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 515bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 516bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen/* This the context that we pass to next_proto_cb */ 517bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsentypedef struct tlsextnextprotoctx_st { 518bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned char *data; 519bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned short len; 520bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen int status; 521bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen} tlsextnextprotoctx; 522bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 523bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsenstatic tlsextnextprotoctx next_proto; 524bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 525bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsenstatic int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) 526bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 527bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen tlsextnextprotoctx *ctx = arg; 528bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 529bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (!c_quiet) 530bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 531bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen /* We can assume that |in| is syntactically valid. */ 532bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned i; 533bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_c_out, "Protocols advertised by server: "); 534bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen for (i = 0; i < inlen; ) 535bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 536bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (i) 537bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio_c_out, ", ", 2); 538bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio_c_out, &in[i + 1], in[i]); 539bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen i += in[i] + 1; 540bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 541bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio_c_out, "\n", 1); 542bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 543bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 544bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); 545bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen return SSL_TLSEXT_ERR_OK; 546bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 54704ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 549674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectenum 551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PROTO_OFF = 0, 553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PROTO_SMTP, 554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PROTO_POP3, 555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PROTO_IMAP, 556e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu PROTO_FTP, 557e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu PROTO_XMPP 558656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project}; 559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int, char **); 561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int argc, char **argv) 563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 564674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom unsigned int off=0, clr=0; 565674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL *con=NULL; 566392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_KRB5 567392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom KSSL_CTX *kctx; 568392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int s,k,width,state=0; 570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL; 571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int cbuf_len,cbuf_off; 572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int sbuf_len,sbuf_off; 573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fd_set readfds,writefds; 574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project short port=PORT; 575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int full_log=1; 576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *host=SSL_HOST_NAME; 577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *cert_file=NULL,*key_file=NULL; 578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int cert_format = FORMAT_PEM, key_format = FORMAT_PEM; 579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *passarg = NULL, *pass = NULL; 580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *cert = NULL; 581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *key = NULL; 582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *CApath=NULL,*CAfile=NULL,*cipher=NULL; 583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; 584e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley int cutthrough=0, no_record_splitting=0; 585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int crlf=0; 586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; 587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX *ctx=NULL; 588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=1,in_init=1,i,nbio_test=0; 589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int starttls_proto = PROTO_OFF; 590674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int prexit = 0; 591674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom X509_VERIFY_PARAM *vpm = NULL; 592674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int badarg = 0; 593674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom const SSL_METHOD *meth=NULL; 594674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int socket_type=SOCK_STREAM; 595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *sbio; 596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *inrand=NULL; 597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int mbuf_len=0; 59898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom struct timeval timeout, *timeoutp; 599e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley int ssl_mode; 600e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_ENGINE 601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *engine_id=NULL; 602e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu char *ssl_client_engine_id=NULL; 603e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ENGINE *ssl_client_engine=NULL; 604e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ENGINE *e=NULL; 606674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project struct timeval tv; 608674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if defined(OPENSSL_SYS_BEOS_R5) 609674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int stdin_set = 0; 610674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *servername = NULL; 614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextctx tlsextcbp = 615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project {NULL,0}; 616bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 617bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen const char *next_proto_neg_in = NULL; 618ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root const char *alpn_in = NULL; 619bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *sess_in = NULL; 622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *sess_out = NULL; 623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project struct sockaddr peer; 624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int peerlen = sizeof(peer); 6259a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller int fallback_scsv = 0; 626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int enable_timeouts = 0 ; 62798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom long socket_mtu = 0; 628e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 629e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu char *jpake_secret = NULL; 630e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 631392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 632392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char * srppass = NULL; 633392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int srp_lateuser = 0; 634392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024}; 635392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv23_client_method(); 638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_startup(); 640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_Pause=0; 641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_quiet=0; 642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_ign_eof=0; 643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_debug=0; 644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_msg=0; 645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_showcerts=0; 646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_err == NULL) 648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!load_config(bio_err, NULL)) 651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( ((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || 654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || 655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL)) 656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"out of memory\n"); 658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=0; 662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_error=X509_V_OK; 663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_nbio=0; 665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (argc >= 1) 670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strcmp(*argv,"-host") == 0) 672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project host= *(++argv); 675656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-port") == 0) 677656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 678656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 679656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project port=atoi(*(++argv)); 680656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (port == 0) goto bad; 681656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 682656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-connect") == 0) 683656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 684656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 685656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!extract_host_port(*(++argv),&host,NULL,&port)) 686656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 687656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 688656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-verify") == 0) 689656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 690656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify=SSL_VERIFY_PEER; 691656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 692656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=atoi(*(++argv)); 693656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify depth is %d\n",verify_depth); 694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 695656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cert") == 0) 696656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 698656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cert_file= *(++argv); 699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-sess_out") == 0) 701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess_out = *(++argv); 704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-sess_in") == 0) 706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess_in = *(++argv); 709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-certform") == 0) 711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cert_format = str2fmt(*(++argv)); 714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 715674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) 716674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 717674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (badarg) 718674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto bad; 719674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom continue; 720674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 721674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (strcmp(*argv,"-verify_return_error") == 0) 722674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom verify_return_error = 1; 723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-prexit") == 0) 724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project prexit=1; 725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-crlf") == 0) 726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project crlf=1; 727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-quiet") == 0) 728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_quiet=1; 730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_ign_eof=1; 731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ign_eof") == 0) 733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_ign_eof=1; 734e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv,"-no_ign_eof") == 0) 735e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu c_ign_eof=0; 736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-pause") == 0) 737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_Pause=1; 738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-debug") == 0) 739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_debug=1; 740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-tlsextdebug") == 0) 742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_tlsextdebug=1; 743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-status") == 0) 744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_status_req=1; 745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef WATT32 747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-wdebug") == 0) 748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dbug_init(); 749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-msg") == 0) 751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_msg=1; 752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-showcerts") == 0) 753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_showcerts=1; 754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nbio_test") == 0) 755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project nbio_test=1; 756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-state") == 0) 757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state=1; 758674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_PSK 759674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (strcmp(*argv,"-psk_identity") == 0) 760674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 761674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (--argc < 1) goto bad; 762674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom psk_identity=*(++argv); 763674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 764674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (strcmp(*argv,"-psk") == 0) 765674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 766674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom size_t j; 767674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 768674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (--argc < 1) goto bad; 769674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom psk_key=*(++argv); 770674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom for (j = 0; j < strlen(psk_key); j++) 771674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 7727d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom if (isxdigit((unsigned char)psk_key[j])) 773674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom continue; 774674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); 775674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto bad; 776674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 777674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 778674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 779392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 780392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srpuser") == 0) 781392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 782392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 783392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.srplogin= *(++argv); 784392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 785392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 786392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srppass") == 0) 787392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 788392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 789392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srppass= *(++argv); 790392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 791392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 792392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srp_strength") == 0) 793392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 794392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 795392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.strength=atoi(*(++argv)); 796392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"SRP minimal length for N is %d\n",srp_arg.strength); 797392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 798392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 799392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srp_lateuser") == 0) 800392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 801392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_lateuser= 1; 802392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 803392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 804392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srp_moregroups") == 0) 805392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 806392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.amp=1; 807392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 808392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 809392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 810656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_SSL2 811656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ssl2") == 0) 812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv2_client_method(); 813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_SSL3 815656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ssl3") == 0) 816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv3_client_method(); 817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLS1 819392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-tls1_2") == 0) 820392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_2_client_method(); 821392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-tls1_1") == 0) 822392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_1_client_method(); 823656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-tls1") == 0) 824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=TLSv1_client_method(); 825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DTLS1 827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dtls1") == 0) 828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=DTLSv1_client_method(); 830674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom socket_type=SOCK_DGRAM; 831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 8329a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller else if (strcmp(*argv,"-fallback_scsv") == 0) 8339a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller { 8349a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller fallback_scsv = 1; 8359a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller } 836656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-timeout") == 0) 837656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project enable_timeouts=1; 838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-mtu") == 0) 839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 84198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom socket_mtu = atol(*(++argv)); 842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 843656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-bugs") == 0) 845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bugs=1; 846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-keyform") == 0) 847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 849656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project key_format = str2fmt(*(++argv)); 850656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 851656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-pass") == 0) 852656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 853656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 854656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project passarg = *(++argv); 855656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 856656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-key") == 0) 857656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project key_file= *(++argv); 860656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 861656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-reconnect") == 0) 862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project reconnect=5; 864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-CApath") == 0) 866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CApath= *(++argv); 869656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 870656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-CAfile") == 0) 871656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 872656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 873656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CAfile= *(++argv); 874656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 875392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-no_tls1_2") == 0) 876392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom off|=SSL_OP_NO_TLSv1_2; 877392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-no_tls1_1") == 0) 878392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom off|=SSL_OP_NO_TLSv1_1; 879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_tls1") == 0) 880656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project off|=SSL_OP_NO_TLSv1; 881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ssl3") == 0) 882656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project off|=SSL_OP_NO_SSLv3; 883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ssl2") == 0) 884656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project off|=SSL_OP_NO_SSLv2; 885674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (strcmp(*argv,"-no_comp") == 0) 886674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { off|=SSL_OP_NO_COMPRESSION; } 887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ticket") == 0) 889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_TICKET; } 890bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 891bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen else if (strcmp(*argv,"-nextprotoneg") == 0) 892bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 893bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (--argc < 1) goto bad; 894bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto_neg_in = *(++argv); 895bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 896ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root else if (strcmp(*argv,"-alpn") == 0) 897ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 898ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root if (--argc < 1) goto bad; 899ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root alpn_in = *(++argv); 900ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 901bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 902656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 903248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu else if (strcmp(*argv,"-cutthrough") == 0) 904248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu cutthrough=1; 905e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley else if (strcmp(*argv,"-no_record_splitting") == 0) 906e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley no_record_splitting=1; 907656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-serverpref") == 0) 908656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project off|=SSL_OP_CIPHER_SERVER_PREFERENCE; 90998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-legacy_renegotiation") == 0) 91098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 91198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-legacy_server_connect") == 0) 91298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom { off|=SSL_OP_LEGACY_SERVER_CONNECT; } 91398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-no_legacy_server_connect") == 0) 91498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom { clr|=SSL_OP_LEGACY_SERVER_CONNECT; } 915656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cipher") == 0) 916656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 917656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 918656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cipher= *(++argv); 919656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 920656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 921656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nbio") == 0) 922656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { c_nbio=1; } 923656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 924656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-starttls") == 0) 925656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ++argv; 928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strcmp(*argv,"smtp") == 0) 929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_SMTP; 930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"pop3") == 0) 931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_POP3; 932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"imap") == 0) 933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_IMAP; 934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"ftp") == 0) 935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_FTP; 936e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv, "xmpp") == 0) 937e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu starttls_proto = PROTO_XMPP; 938656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 939656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 940656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-engine") == 0) 943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project engine_id = *(++argv); 946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 947e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv,"-ssl_client_engine") == 0) 948e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 949e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (--argc < 1) goto bad; 950e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ssl_client_engine_id = *(++argv); 951e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 952656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 953656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-rand") == 0) 954656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 956656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inrand= *(++argv); 957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-servername") == 0) 960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 962656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project servername= *(++argv); 963656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* meth=TLSv1_client_method(); */ 964656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 965656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 966e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 967e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv,"-jpake") == 0) 968e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 969e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (--argc < 1) goto bad; 970e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu jpake_secret = *++argv; 971e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 972e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 973eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 974392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-use_srtp") == 0) 975392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 976392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 977392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srtp_profiles = *(++argv); 978392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 979eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 980392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-keymatexport") == 0) 981392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 982392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 983392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlabel= *(++argv); 984392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 985392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-keymatexportlen") == 0) 986392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 987392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 988392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlen=atoi(*(++argv)); 989392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (keymatexportlen == 0) goto bad; 990392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 991392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 992656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 993656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unknown option %s\n",*argv); 994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project badop=1; 995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (badop) 1001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectbad: 1003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sc_usage(); 1004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1007674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1008674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (jpake_secret) 1009674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1010674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (psk_key) 1011674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1012674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err, 1013674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom "Can't use JPAKE and PSK together\n"); 1014674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto end; 1015674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1016674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom psk_identity = "JPAKE"; 1017392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (cipher) 1018392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1019392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1020392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto end; 1021392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1022392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cipher = "PSK"; 1023674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1024674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1025674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 1026656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OpenSSL_add_ssl_algorithms(); 1027656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_load_error_strings(); 1028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1029bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 1030bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.status = -1; 1031bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto_neg_in) 1032bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 1033bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in); 1034bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto.data == NULL) 1035bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 1036bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n"); 1037bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen goto end; 1038bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 1039bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 1040bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen else 1041bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.data = NULL; 1042bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#endif 1043bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 1044656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 1045656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project e = setup_engine(bio_err, engine_id, 1); 1046e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (ssl_client_engine_id) 1047e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1048e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ssl_client_engine = ENGINE_by_id(ssl_client_engine_id); 1049e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (!ssl_client_engine) 1050e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1051e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(bio_err, 1052e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu "Error getting client auth engine\n"); 1053e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto end; 1054e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1055e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1056674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 1057656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1058656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) 1059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1060656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error getting password\n"); 1061656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1062656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1063656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1064656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (key_file == NULL) 1065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project key_file = cert_file; 1066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (key_file) 1069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1071656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project key = load_key(bio_err, key_file, key_format, 0, pass, e, 1073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "client certificate private key file"); 1074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!key) 1075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1082656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cert_file) 1083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1084656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cert = load_cert(bio_err,cert_file,cert_format, 1086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, e, "client certificate file"); 1087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!cert) 1089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1093656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1094656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1095656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1096656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project && !RAND_status()) 1097656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1098656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 1099656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inrand != NULL) 1101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 1102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project app_RAND_load_files(inrand)); 1103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_c_out == NULL) 1105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_quiet && !c_debug && !c_msg) 1107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_c_out=BIO_new(BIO_s_null()); 1109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_c_out == NULL) 1113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE); 1114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1117392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 1118392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL)) 1119392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1120392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "Error getting password\n"); 1121392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto end; 1122392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1123392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1124392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx=SSL_CTX_new(meth); 1126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx == NULL) 1127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1132674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (vpm) 1133674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL_CTX_set1_param(ctx, vpm); 1134674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 1135e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_ENGINE 1136e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (ssl_client_engine) 1137e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1138e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) 1139e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1140e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_puts(bio_err, "Error setting client auth engine\n"); 1141e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ERR_print_errors(bio_err); 1142e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ENGINE_free(ssl_client_engine); 1143e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto end; 1144e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1145e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ENGINE_free(ssl_client_engine); 1146e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1147e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 1148e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 1149674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_PSK 1150674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifdef OPENSSL_NO_JPAKE 1151674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (psk_key != NULL) 1152674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#else 1153674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (psk_key != NULL || jpake_secret) 1154674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1155674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1156674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 1157674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n"); 1158674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL_CTX_set_psk_client_callback(ctx, psk_client_cb); 1159674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1160eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 1161eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 1162392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srtp_profiles != NULL) 1163392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1164674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bugs) 1166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_options(ctx,SSL_OP_ALL|off); 1167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_options(ctx,off); 116998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 117098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (clr) 117198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_clear_options(ctx, clr); 1172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* DTLS: partial reads end up discarding unread UDP bytes :-( 1173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Setting read ahead solves this problem. 1174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1175674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); 1176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1177ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root#if !defined(OPENSSL_NO_TLSEXT) 1178ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root# if !defined(OPENSSL_NO_NEXTPROTONEG) 1179392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (next_proto.data) 1180392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); 1181ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root# endif 1182ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root if (alpn_in) 1183ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 1184ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root unsigned short alpn_len; 1185ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root unsigned char *alpn = next_protos_parse(&alpn_len, alpn_in); 1186ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root 1187ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root if (alpn == NULL) 1188ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 1189ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_printf(bio_err, "Error parsing -alpn argument\n"); 1190ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root goto end; 1191ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 1192ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); 1193ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 1194392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1195392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1196e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley ssl_mode = SSL_CTX_get_mode(ctx); 1197e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley if (!no_record_splitting) 1198e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley ssl_mode |= SSL_MODE_CBC_RECORD_SPLITTING; 1199248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu if (cutthrough) 1200248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu { 1201e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley /* Enable handshake cutthrough for client connections using 1202e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley * strong ciphers. */ 1203248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH; 1204248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu } 1205e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley SSL_CTX_set_mode(ctx, ssl_mode); 1206248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu 1207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); 1208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cipher != NULL) 1209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!SSL_CTX_set_cipher_list(ctx,cipher)) { 1210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error setting cipher list\n"); 1211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 1215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER")); 1217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_verify(ctx,verify,verify_callback); 1220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!set_cert_key_stuff(ctx,cert,key)) 1221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || 1224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (!SSL_CTX_set_default_verify_paths(ctx))) 1225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* BIO_printf(bio_err,"error setting default verify locations\n"); */ 1227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* goto end; */ 1229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (servername != NULL) 1233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextcbp.biodebug = bio_err; 1235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1238392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 1239392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_arg.srplogin) 1240392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1241392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!srp_lateuser && !SSL_CTX_set_srp_username(ctx, srp_arg.srplogin)) 1242392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1243392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"Unable to set SRP username\n"); 1244392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto end; 1245392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1246392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.msg = c_msg; 1247392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.debug = c_debug ; 1248392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_cb_arg(ctx,&srp_arg); 1249392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb); 1250392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_strength(ctx, srp_arg.strength); 1251392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (c_msg || c_debug || srp_arg.amp == 0) 1252392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_verify_param_callback(ctx, ssl_srp_verify_param_cb); 1253392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1254392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1255392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project con=SSL_new(ctx); 1259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sess_in) 1260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_SESSION *sess; 1262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *stmp = BIO_new_file(sess_in, "r"); 1263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!stmp) 1264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Can't open session file %s\n", 1266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess_in); 1267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL); 1271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(stmp); 1272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!sess) 1273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Can't open session file %s\n", 1275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess_in); 1276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_session(con, sess); 1280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_SESSION_free(sess); 1281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 12829a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller 12839a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller if (fallback_scsv) 12849a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV); 12859a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller 1286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (servername != NULL) 1288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!SSL_set_tlsext_host_name(con,servername)) 1290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Unable to set TLS servername extension.\n"); 1292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_KRB5 1298392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (con && (kctx = kssl_ctx_new()) != NULL) 1299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1300392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_set0_kssl_ctx(con, kctx); 1301392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom kssl_ctx_setstring(kctx, KSSL_SERVER, host); 1302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif /* OPENSSL_NO_KRB5 */ 1304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* SSL_set_cipher_list(con,"RC4-MD5"); */ 1305674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if 0 1306674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifdef TLSEXT_TYPE_opaque_prf_input 1307674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL_set_tlsext_opaque_prf_input(con, "Test client", 11); 1308674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1309674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectre_start: 1312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1313674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (init_client(&s,host,port,socket_type) == 0) 1314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); 1316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(s); 1317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s); 1320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 1322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_nbio) 1323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long l=1; 1325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"turning on non blocking io\n"); 1326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_socket_ioctl(s,FIONBIO,&l) < 0) 1327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1333392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (c_Pause & 0x01) SSL_set_debug(con, 1); 1334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( SSL_version(con) == DTLS1_VERSION) 1336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_dgram(s,BIO_NOCLOSE); 1339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (getsockname(s, &peer, (void *)&peerlen) < 0) 1340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "getsockname:errno=%d\n", 1342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project get_last_socket_error()); 1343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(s); 1344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_ctrl_set_connected(sbio, 1, &peer); 1348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1349674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (enable_timeouts) 1350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_sec = 0; 1352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 1354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_sec = 0; 1356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_usec = DGRAM_SND_TIMEOUT; 1357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 1358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 136098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (socket_mtu > 28) 1361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 136398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_set_mtu(con, socket_mtu - 28); 1364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* want to do MTU discovery */ 1367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 1368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_socket(s,BIO_NOCLOSE); 1371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nbio_test) 1373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *test; 1375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project test=BIO_new(BIO_f_nbio_test()); 1377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_push(test,sbio); 1378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_debug) 1381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1382392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_set_debug(con, 1); 1383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback(sbio,bio_dump_callback); 1384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback_arg(sbio,(char *)bio_c_out); 1385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_msg) 1387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback(con, msg_cb); 1389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback_arg(con, bio_c_out); 1390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_tlsextdebug) 1393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_callback(con, tlsext_cb); 1395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_arg(con, bio_c_out); 1396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_status_req) 1398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); 1400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); 1401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); 1402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 1403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 1404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectSTACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null(); 1405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectOCSP_RESPID *id = OCSP_RESPID_new(); 1406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectid->value.byKey = ASN1_OCTET_STRING_new(); 1407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectid->type = V_OCSP_RESPID_KEY; 1408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_STRING_set(id->value.byKey, "Hello World", -1); 1409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectsk_OCSP_RESPID_push(ids, id); 1410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectSSL_set_tlsext_status_ids(con, ids); 1411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 1412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1415e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 1416e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (jpake_secret) 1417e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu jpake_client_auth(bio_c_out, sbio, jpake_secret); 1418e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 1419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_bio(con,sbio,sbio); 1421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_connect_state(con); 1422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* ok, lets connect */ 1424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project width=SSL_get_fd(con)+1; 1425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=1; 1427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=0; 1428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tty_on=0; 1429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=1; 1430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_len=0; 1433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_off=0; 1434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_len=0; 1435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_off=0; 1436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* This is an ugly hack that does a lot of assumptions */ 1438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* We do have to handle multi-line responses which may come 1439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in a single packet or not. We therefore have to use 1440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_gets() which does need a buffering BIO. So during 1441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project the initial chitchat we do push a buffering BIO into the 1442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project chain that is removed again later on to not disturb the 1443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rest of the s_client operation. */ 1444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (starttls_proto == PROTO_SMTP) 1445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int foundit=0; 1447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *fbio = BIO_new(BIO_f_buffer()); 1448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_push(fbio, sbio); 1449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wait for multi-line response to end from SMTP */ 1450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do 1451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1452656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1453656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1454656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (mbuf_len>3 && mbuf[3]=='-'); 1455656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* STARTTLS command requires EHLO... */ 1456656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(fbio,"EHLO openssl.client.net\r\n"); 1457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wait for multi-line response to end EHLO SMTP response */ 1459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do 1460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strstr(mbuf,"STARTTLS")) 1463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project foundit=1; 1464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (mbuf_len>3 && mbuf[3]=='-'); 1466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_pop(fbio); 1468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(fbio); 1469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!foundit) 1470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "didn't found starttls in server response," 1472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " try anyway...\n"); 1473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(sbio,"STARTTLS\r\n"); 1474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,sbuf,BUFSIZZ); 1475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (starttls_proto == PROTO_POP3) 1477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,mbuf,BUFSIZZ); 1479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(sbio,"STLS\r\n"); 1480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,sbuf,BUFSIZZ); 1481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (starttls_proto == PROTO_IMAP) 1483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int foundit=0; 1485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *fbio = BIO_new(BIO_f_buffer()); 1486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_push(fbio, sbio); 1487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_gets(fbio,mbuf,BUFSIZZ); 1488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* STARTTLS command requires CAPABILITY... */ 1489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(fbio,". CAPABILITY\r\n"); 1490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wait for multi-line CAPABILITY response */ 1492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do 1493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strstr(mbuf,"STARTTLS")) 1496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project foundit=1; 1497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (mbuf_len>3 && mbuf[0]!='.'); 1499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_pop(fbio); 1501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(fbio); 1502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!foundit) 1503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "didn't found STARTTLS in server response," 1505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " try anyway...\n"); 1506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(sbio,". STARTTLS\r\n"); 1507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,sbuf,BUFSIZZ); 1508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (starttls_proto == PROTO_FTP) 1510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *fbio = BIO_new(BIO_f_buffer()); 1512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_push(fbio, sbio); 1513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wait for multi-line response to end from FTP */ 1514656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do 1515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (mbuf_len>3 && mbuf[3]=='-'); 1519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_pop(fbio); 1521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(fbio); 1522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(sbio,"AUTH TLS\r\n"); 1523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,sbuf,BUFSIZZ); 1524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1525e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (starttls_proto == PROTO_XMPP) 1526e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1527e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu int seen = 0; 1528e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(sbio,"<stream:stream " 1529e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu "xmlns:stream='http://etherx.jabber.org/streams' " 1530e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu "xmlns='jabber:client' to='%s' version='1.0'>", host); 1531e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu seen = BIO_read(sbio,mbuf,BUFSIZZ); 1532e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu mbuf[seen] = 0; 1533e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")) 1534e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1535e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (strstr(mbuf, "/stream:features>")) 1536e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto shut; 1537e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu seen = BIO_read(sbio,mbuf,BUFSIZZ); 1538e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu mbuf[seen] = 0; 1539e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1540e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); 1541e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu seen = BIO_read(sbio,sbuf,BUFSIZZ); 1542e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu sbuf[seen] = 0; 1543e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (!strstr(sbuf, "<proceed")) 1544e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto shut; 1545e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu mbuf[0] = 0; 1546e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 1549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project FD_ZERO(&readfds); 1551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project FD_ZERO(&writefds); 1552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 155398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if ((SSL_version(con) == DTLS1_VERSION) && 155498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom DTLSv1_get_timeout(con, &timeout)) 155598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom timeoutp = &timeout; 155698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else 155798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom timeoutp = NULL; 155898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 1559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_in_init(con) && !SSL_total_renegotiations(con)) 1560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in_init=1; 1562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tty_on=0; 1563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tty_on=1; 1567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (in_init) 1568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in_init=0; 1570674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if 0 /* This test doesn't really work as intended (needs to be fixed) */ 1571674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_TLSEXT 1572674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (servername != NULL && !SSL_session_reused(con)) 1573674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1574674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out,"Server did %sacknowledge servername extension.\n",tlsextcbp.ack?"":"not "); 1575674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1576674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1577674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sess_out) 1579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *stmp = BIO_new_file(sess_out, "w"); 1581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (stmp) 1582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con)); 1584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(stmp); 1585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error writing session file %s\n", sess_out); 1588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_stuff(bio_c_out,con,full_log); 1590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (full_log > 0) full_log--; 1591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (starttls_proto) 1593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%s",mbuf); 1595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* We don't need to know any more */ 1596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_OFF; 1597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (reconnect) 1600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project reconnect--; 1602656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"drop connection and then reconnect\n"); 1603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_shutdown(con); 1604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_connect_state(con); 1605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(SSL_get_fd(con)); 1606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto re_start; 1607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssl_pending = read_ssl && SSL_pending(con); 1612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ssl_pending) 1614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1615674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5) 1616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tty_on) 1617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1618674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (read_tty) openssl_fdset(fileno(stdin),&readfds); 1619674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (write_tty) openssl_fdset(fileno(stdout),&writefds); 1620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (read_ssl) 1622674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom openssl_fdset(SSL_get_fd(con),&readfds); 1623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (write_ssl) 1624674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom openssl_fdset(SSL_get_fd(con),&writefds); 1625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!tty_on || !write_tty) { 1627656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (read_ssl) 1628674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom openssl_fdset(SSL_get_fd(con),&readfds); 1629656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (write_ssl) 1630674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom openssl_fdset(SSL_get_fd(con),&writefds); 1631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1632656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* printf("mode tty(%d %d%d) ssl(%d%d)\n", 1634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ 1635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Note: under VMS with SOCKETSHR the second parameter 1637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * is currently of type (int *) whereas under other 1638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * systems it is (void *) if you don't have a cast it 1639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * will choke the compiler: if you do have a cast then 1640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * you can either go for (int *) or (void *). 1641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) 1643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Under Windows/DOS we make the assumption that we can 1644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * always write to the tty: therefore if we need to 1645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * write to the tty we just fall through. Otherwise 1646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * we timeout the select every second and see if there 1647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are any keypresses. Note: this is a hack, in a proper 1648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Windows application we wouldn't do this. 1649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=0; 1651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!write_tty) { 1652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(read_tty) { 1653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_sec = 1; 1654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_usec = 0; 1655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=select(width,(void *)&readfds,(void *)&writefds, 1656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL,&tv); 1657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS) 1658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!i && (!_kbhit() || !read_tty) ) continue; 1659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue; 1661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else i=select(width,(void *)&readfds,(void *)&writefds, 166398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom NULL,timeoutp); 1664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#elif defined(OPENSSL_SYS_NETWARE) 1666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!write_tty) { 1667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(read_tty) { 1668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_sec = 1; 1669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_usec = 0; 1670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=select(width,(void *)&readfds,(void *)&writefds, 1671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL,&tv); 1672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else i=select(width,(void *)&readfds,(void *)&writefds, 167398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom NULL,timeoutp); 1674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1675674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#elif defined(OPENSSL_SYS_BEOS_R5) 1676674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom /* Under BeOS-R5 the situation is similar to DOS */ 1677674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=0; 1678674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom stdin_set = 0; 1679674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 1680674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if(!write_tty) { 1681674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if(read_tty) { 1682674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom tv.tv_sec = 1; 1683674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom tv.tv_usec = 0; 1684674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=select(width,(void *)&readfds,(void *)&writefds, 1685674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom NULL,&tv); 1686674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (read(fileno(stdin), sbuf, 0) >= 0) 1687674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom stdin_set = 1; 1688674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (!i && (stdin_set != 1 || !read_tty)) 1689674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom continue; 1690674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } else i=select(width,(void *)&readfds,(void *)&writefds, 1691674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom NULL,timeoutp); 1692674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1693674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom (void)fcntl(fileno(stdin), F_SETFL, 0); 1694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1695656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=select(width,(void *)&readfds,(void *)&writefds, 169698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom NULL,timeoutp); 1697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1698656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( i < 0) 1699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"bad select %d\n", 1701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project get_last_socket_error()); 1702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* goto end; */ 1704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 170798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) 170898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom { 170998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err,"TIMEOUT occured\n"); 171098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom } 171198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 1712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds)) 1713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=SSL_write(con,&(cbuf[cbuf_off]), 1715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned int)cbuf_len); 1716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,k)) 1717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 1719656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_off+=k; 1720656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_len-=k; 1721656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (k <= 0) goto end; 1722656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* we have done a write(con,NULL,0); */ 1723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf_len <= 0) 1724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=1; 1726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=0; 1727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else /* if (cbuf_len > 0) */ 1729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=0; 1731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 1735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"write W BLOCK\n"); 1736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=0; 1738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 1740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"write R BLOCK\n"); 1741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=0; 1742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=1; 1743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=0; 1744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 1746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"write X BLOCK\n"); 1747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 1749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf_len != 0) 1750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"shutdown\n"); 1752674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret = 0; 1753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=1; 1758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=0; 1759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1760656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1761656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1762656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 1763656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((k != 0) || (cbuf_len != 0)) 1764656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1765656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"write:errno=%d\n", 1766656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project get_last_socket_error()); 1767656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1768656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1769656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1770656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1771656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=1; 1772656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=0; 1773656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1774656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1775656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 1776656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1777656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1778656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1779656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1780674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1781674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom /* Assume Windows/DOS/BeOS can always write */ 1782656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!ssl_pending && write_tty) 1783656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1784656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds)) 1785656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1786656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1787656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 1788656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len); 1789656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1790674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=raw_write_stdout(&(sbuf[sbuf_off]),sbuf_len); 1791656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1792656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) 1793656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1794656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"DONE\n"); 1795674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret = 0; 1796656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1797656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* goto end; */ 1798656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1799656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1800656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_len-=i;; 1801656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_off+=i; 1802656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sbuf_len <= 0) 1803656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1804656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=1; 1805656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=0; 1806656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1807656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1808656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds)) 1809656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1810656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef RENEG 1811656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } } 1812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 1 1814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ ); 1815656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Demo for pending and peek :-) */ 1817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=SSL_read(con,sbuf,16); 1818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ char zbuf[10240]; 1819656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectprintf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240)); 1820656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 1821656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1822656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1823656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,k)) 1824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 1826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (k <= 0) 1827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_off=0; 1829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_len=k; 1830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=0; 1832656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=1; 1833656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1834656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 1835656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"read W BLOCK\n"); 1836656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1837656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=0; 1838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 1840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"read R BLOCK\n"); 1841656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=0; 1842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=1; 1843656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((read_tty == 0) && (write_ssl == 0)) 1844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 1847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"read X BLOCK\n"); 1848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1849656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 1850674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=get_last_socket_error(); 1851674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err,"read:errno=%d\n",ret); 1852656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1853656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 1854656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"closed\n"); 1855674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=0; 1856656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1857656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 1858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1860656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* break; */ 1861656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) 1865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS) 1866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (_kbhit()) 1867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) 1869656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1870656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#elif defined (OPENSSL_SYS_NETWARE) 1871674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (_kbhit()) 1872674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#elif defined(OPENSSL_SYS_BEOS_R5) 1873674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (stdin_set) 1874656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1875656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (FD_ISSET(fileno(stdin),&readfds)) 1876656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1877656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1878656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (crlf) 1879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1880656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int j, lf_num; 1881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1882674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=raw_read_stdin(cbuf,BUFSIZZ/2); 1883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num = 0; 1884656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* both loops are skipped when i <= 0 */ 1885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j = 0; j < i; j++) 1886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf[j] == '\n') 1887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num++; 1888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j = i-1; j >= 0; j--) 1889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf[j+lf_num] = cbuf[j]; 1891656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf[j] == '\n') 1892656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1893656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num--; 1894656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 1895656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf[j+lf_num] = '\r'; 1896656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1897656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1898656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project assert(lf_num == 0); 1899656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1900656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1901674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=raw_read_stdin(cbuf,BUFSIZZ); 1902656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1903656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) 1904656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1905656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"DONE\n"); 1906674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=0; 1907656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1908656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1909656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1910656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!c_ign_eof) && (cbuf[0] == 'R')) 1911656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1912656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"RENEGOTIATING\n"); 1913656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 1914656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_len=0; 1915656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1916392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_HEARTBEATS 1917392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if ((!c_ign_eof) && (cbuf[0] == 'B')) 1918392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1919392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"HEARTBEATING\n"); 1920392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_heartbeat(con); 1921392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cbuf_len=0; 1922392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1923392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1924656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1925656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_len=i; 1927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_off=0; 1928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 1929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic2ascii(cbuf, cbuf, i); 1930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=0; 1935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1937674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 1938674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=0; 1939656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectshut: 1940674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (in_init) 1941674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom print_stuff(bio_c_out,con,full_log); 1942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_shutdown(con); 1943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(SSL_get_fd(con)); 1944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectend: 1945674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (con != NULL) 1946674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1947674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (prexit != 0) 1948674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom print_stuff(bio_c_out,con,1); 1949674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL_free(con); 1950674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 195104ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 195204ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (next_proto.data) 195304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom OPENSSL_free(next_proto.data); 195404ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom#endif 1955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx != NULL) SSL_CTX_free(ctx); 1956656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cert) 1957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(cert); 1958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (key) 1959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(key); 1960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pass) 1961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(pass); 196204ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (vpm) 196304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom X509_VERIFY_PARAM_free(vpm); 1964656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } 1965656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } 1966656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } 1967656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_c_out != NULL) 1968656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1969656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(bio_c_out); 1970656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_c_out=NULL; 1971656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1972656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_shutdown(); 1973656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_EXIT(ret); 1974656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1975656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1976656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1977656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_stuff(BIO *bio, SSL *s, int full) 1978656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1979656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *peer=NULL; 1980656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p; 1981656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static const char *space=" "; 1982656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char buf[BUFSIZ]; 1983656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(X509) *sk; 1984656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(X509_NAME) *sk2; 1985674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom const SSL_CIPHER *c; 1986656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME *xn; 1987656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int j,i; 1988656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_COMP 1989656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const COMP_METHOD *comp, *expansion; 1990656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1991392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char *exportedkeymat; 1992656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1993656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (full) 1994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int got_a_chain = 0; 1996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk=SSL_get_peer_cert_chain(s); 1998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sk != NULL) 1999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project got_a_chain = 1; /* we don't have it for SSL2 (yet) */ 2001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nCertificate chain\n"); 2003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<sk_X509_num(sk); i++) 2004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_subject_name( 2006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_X509_value(sk,i)),buf,sizeof buf); 2007656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%2d s:%s\n",i,buf); 2008656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_issuer_name( 2009656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_X509_value(sk,i)),buf,sizeof buf); 2010656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio," i:%s\n",buf); 2011656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_showcerts) 2012656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(bio,sk_X509_value(sk,i)); 2013656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2014656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2015656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2016656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\n"); 2017656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project peer=SSL_get_peer_certificate(s); 2018656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) 2019656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2020656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"Server certificate\n"); 2021656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */ 2022656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(bio,peer); 2023656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_subject_name(peer), 2024656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf,sizeof buf); 2025656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"subject=%s\n",buf); 2026656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_issuer_name(peer), 2027656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf,sizeof buf); 2028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"issuer=%s\n",buf); 2029656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2030656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2031656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"no peer certificate available\n"); 2032656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2033656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk2=SSL_get_client_CA_list(s); 2034656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) 2035656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2036656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nAcceptable client certificate CA names\n"); 2037656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<sk_X509_NAME_num(sk2); i++) 2038656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2039656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project xn=sk_X509_NAME_value(sk2,i); 2040656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(xn,buf,sizeof(buf)); 2041656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,buf,strlen(buf)); 2042656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,"\n",1); 2043656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2044656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2045656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2046656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2047656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nNo client certificate CA names sent\n"); 2048656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2049656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=SSL_get_shared_ciphers(s,buf,sizeof buf); 2050656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p != NULL) 2051656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2052656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* This works only for SSL 2. In later protocol 2053656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * versions, the client does not know what other 2054656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ciphers (in addition to the one to be used 2055656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in the current connection) the server supports. */ 2056656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2057656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n"); 2058656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=i=0; 2059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (*p) 2060656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2061656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*p == ':') 2062656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2063656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,space,15-j%25); 2064656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 2065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=0; 2066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,((i%3)?" ":"\n"),1); 2067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,p,1); 2071656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j++; 2072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p++; 2074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,"\n",1); 2076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n", 2079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_number_read(SSL_get_rbio(s)), 2080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_number_written(SSL_get_wbio(s))); 2081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2082392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio,(SSL_cache_hit(s)?"---\nReused, ":"---\nNew, ")); 2083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c=SSL_get_current_cipher(s); 2084656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%s, Cipher is %s\n", 2085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_version(c), 2086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_name(c)); 2087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) { 2088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *pktmp; 2089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pktmp = X509_get_pubkey(peer); 2090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"Server public key is %d bit\n", 2091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_bits(pktmp)); 2092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(pktmp); 2093656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 209498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio, "Secure Renegotiation IS%s supported\n", 209598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_get_secure_renegotiation_support(s) ? "" : " NOT"); 2096656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_COMP 2097656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project comp=SSL_get_current_compression(s); 2098656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project expansion=SSL_get_current_expansion(s); 2099656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"Compression: %s\n", 2100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project comp ? SSL_COMP_get_name(comp) : "NONE"); 2101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"Expansion: %s\n", 2102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project expansion ? SSL_COMP_get_name(expansion) : "NONE"); 2103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2104392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2105392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef SSL_DEBUG 2106392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2107392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Print out local port of connection: useful for debugging */ 2108392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int sock; 2109392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom struct sockaddr_in ladd; 2110392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom socklen_t ladd_size = sizeof(ladd); 2111392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sock = SSL_get_fd(s); 2112392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom getsockname(sock, (struct sockaddr *)&ladd, &ladd_size); 2113392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_c_out, "LOCAL PORT is %u\n", ntohs(ladd.sin_port)); 2114392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2115392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2116bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 2117ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root#if !defined(OPENSSL_NO_TLSEXT) 2118ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root# if !defined(OPENSSL_NO_NEXTPROTONEG) 2119bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto.status != -1) { 2120bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen const unsigned char *proto; 2121bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned int proto_len; 2122bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen SSL_get0_next_proto_negotiated(s, &proto, &proto_len); 2123bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio, "Next protocol: (%d) ", next_proto.status); 2124bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio, proto, proto_len); 2125bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio, "\n", 1); 2126bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 2127ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 2128ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root const unsigned char *proto; 2129ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root unsigned int proto_len; 2130ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root SSL_get0_alpn_selected(s, &proto, &proto_len); 2131ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root if (proto_len > 0) 2132ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 2133ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_printf(bio, "ALPN protocol: "); 2134ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_write(bio, proto, proto_len); 2135ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_write(bio, "\n", 1); 2136ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 2137ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root else 2138ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_printf(bio, "No ALPN negotiated\n"); 2139ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 2140ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root# endif 2141bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#endif 2142bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 2143eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 2144392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2145392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s); 2146392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2147392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(srtp_profile) 2148392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n", 2149392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srtp_profile->name); 2150392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2151eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 2152392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_SESSION_print(bio,SSL_get_session(s)); 2154392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (keymatexportlabel != NULL) 2155392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2156392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "Keying material exporter:\n"); 2157392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, " Label: '%s'\n", keymatexportlabel); 2158392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, " Length: %i bytes\n", keymatexportlen); 2159392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom exportedkeymat = OPENSSL_malloc(keymatexportlen); 2160392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (exportedkeymat != NULL) 2161392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2162392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!SSL_export_keying_material(s, exportedkeymat, 2163392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlen, 2164392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlabel, 2165392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom strlen(keymatexportlabel), 2166392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NULL, 0, 0)) 2167392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2168392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, " Error\n"); 2169392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2170392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 2171392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2172392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, " Keying material: "); 2173392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i=0; i<keymatexportlen; i++) 2174392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "%02X", 2175392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom exportedkeymat[i]); 2176392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "\n"); 2177392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2178392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(exportedkeymat); 2179392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2180392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\n"); 2182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) 2183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(peer); 2184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* flush, or debugging output gets mixed with http response */ 2185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio); 2186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 2189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ocsp_resp_cb(SSL *s, void *arg) 2191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *p; 2193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int len; 2194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE *rsp; 2195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project len = SSL_get_tlsext_status_ocsp_resp(s, &p); 2196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "OCSP response: "); 2197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!p) 2198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "no response sent\n"); 2200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 2201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rsp = d2i_OCSP_RESPONSE(NULL, &p, len); 2203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!rsp) 2204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "response parse error\n"); 2206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_dump_indent(arg, (char *)p, len, 4); 2207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 2208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "\n======================================\n"); 2210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE_print(arg, rsp, 0); 2211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "======================================\n"); 2212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE_free(rsp); 2213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 2214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2215674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 2216674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 2217