1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* apps/s_client.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * All rights reserved. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This package is an SSL implementation written 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * by Eric Young (eay@cryptsoft.com). 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The implementation was written so as to conform with Netscapes SSL. 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This library is free for commercial and non-commercial use as long as 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the following conditions are aheared to. The following conditions 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * apply to all code found in this distribution, be it the RC4, RSA, 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * included with this distribution is covered by the same copyright terms 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright remains Eric Young's, and as such any Copyright notices in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the code are not to be removed. 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If this package is used in a product, Eric Young should be given attribution 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as the author of the parts of the library used. 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This can be in the form of a textual message at program startup or 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in documentation (online or textual) provided with the package. 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the copyright 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in the 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * documentation and/or other materials provided with the distribution. 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this software 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * must display the following acknowledgement: 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes cryptographic software written by 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Eric Young (eay@cryptsoft.com)" 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The word 'cryptographic' can be left out if the rouines from the library 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * being used are not cryptographic related :-). 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. If you include any Windows specific code (or a derivative thereof) from 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the apps directory (application code) you must include an acknowledgement: 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUCH DAMAGE. 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The licence and distribution terms for any publically available version or 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * derivative of this code cannot be changed. i.e. this code cannot simply be 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * copied and put under another distribution licence 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * [including the GNU Public Licence.] 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 59674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * openssl-core@openssl.org. 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 111674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom/* ==================================================================== 112674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * Copyright 2005 Nokia. All rights reserved. 113674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 114674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * The portions of the attached software ("Contribution") is developed by 115674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * Nokia Corporation and is licensed pursuant to the OpenSSL open source 116674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * license. 117674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 118674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * The Contribution, originally written by Mika Kousa and Pasi Eronen of 119674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 120674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * support (see RFC 4279) to OpenSSL. 121674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 122674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * No patent licenses or other rights except those expressly stated in 123674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * the OpenSSL open source license shall be deemed granted or received 124674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * expressly, by implication, estoppel, or otherwise. 125674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 126674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * No assurances are provided by Nokia that the Contribution does not 127674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * infringe the patent or other intellectual property rights of any third 128674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * party or that the license provides you with all the necessary rights 129674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * to make use of the Contribution. 130674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * 131674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 132674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 133674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 134674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 135674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom * OTHERWISE. 136674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom */ 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <assert.h> 139674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#include <ctype.h> 140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdlib.h> 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <string.h> 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/e_os2.h> 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_STDIO 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define APPS_WIN16 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* With IPv6, it looks like Digital has mixed up the proper order of 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project recursive header file inclusion, resulting in the compiler complaining 150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project is needed to have fileno() declared correctly... So let's define u_int */ 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define __U_INT 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef unsigned int u_int; 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define USE_SOCKETS 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "apps.h" 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509.h> 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ssl.h> 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/pem.h> 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rand.h> 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ocsp.h> 165674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#include <openssl/bn.h> 166392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 167392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/srp.h> 168392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "s_apps.h" 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "timeouts.h" 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef FIONBIO 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 177674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if defined(OPENSSL_SYS_BEOS_R5) 178674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#include <fcntl.h> 179674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 180674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef PROG 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define PROG s_client_main 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/*#define SSL_HOST_NAME "www.netscape.com" */ 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/*#define SSL_HOST_NAME "193.118.187.102" */ 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define SSL_HOST_NAME "localhost" 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/*#define TEST_CERT "client.pem" */ /* no default cert. */ 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef BUFSIZZ 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define BUFSIZZ 1024*8 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectextern int verify_depth; 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectextern int verify_error; 195674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstromextern int verify_return_error; 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_nbio=0; 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_Pause=0; 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_debug=0; 202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_tlsextdebug=0; 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_status_req=0; 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_msg=0; 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_showcerts=0; 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 209392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char *keymatexportlabel=NULL; 210392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int keymatexportlen=20; 211392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void sc_usage(void); 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_stuff(BIO *berr,SSL *con,int full); 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ocsp_resp_cb(SSL *s, void *arg); 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic BIO *bio_c_out=NULL; 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_quiet=0; 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int c_ign_eof=0; 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 221674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_PSK 222674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom/* Default PSK identity and key */ 223674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstromstatic char *psk_identity="Client_identity"; 224674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom/*char *psk_key=NULL; by default PSK is not used */ 225674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 226674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstromstatic unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity, 227674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom unsigned int max_identity_len, unsigned char *psk, 228674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom unsigned int max_psk_len) 229674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 230674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom unsigned int psk_len = 0; 231674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int ret; 232674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIGNUM *bn=NULL; 233674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 234674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 235674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "psk_client_cb\n"); 236674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (!hint) 237674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 238674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom /* no ServerKeyExchange message*/ 239674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 240674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out,"NULL received PSK identity hint, continuing anyway\n"); 241674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 242674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (c_debug) 243674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint); 244674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 245674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom /* lookup PSK identity and PSK key based on the given identity hint here */ 246674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity); 247674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (ret < 0 || (unsigned int)ret > max_identity_len) 248674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto out_err; 249674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 250674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity, ret); 251674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=BN_hex2bn(&bn, psk_key); 252674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (!ret) 253674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 254674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key); 255674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (bn) 256674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BN_free(bn); 257674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom return 0; 258674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 259674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 260674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if ((unsigned int)BN_num_bytes(bn) > max_psk_len) 261674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 262674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n", 263674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom max_psk_len, BN_num_bytes(bn)); 264674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BN_free(bn); 265674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom return 0; 266674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 267674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 268674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom psk_len=BN_bn2bin(bn, psk); 269674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BN_free(bn); 270674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (psk_len == 0) 271674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto out_err; 272674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 273674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 274674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len); 275674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 276674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom return psk_len; 277674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom out_err: 278674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 279674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err, "Error in PSK client callback\n"); 280674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom return 0; 281674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 282674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 283674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void sc_usage(void) 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"usage: s_client args\n"); 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"\n"); 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -host host - use -connect instead\n"); 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -port port - use -connect instead\n"); 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 292674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); 293c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root BIO_printf(bio_err," -verify_return_error - return verification errors\n"); 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," not specified but cert file is.\n"); 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -keyform arg - key format (PEM or DER) PEM default\n"); 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); 304c64f6fe2be99cb3fa8e491b5bede9a217de87a4cKenny Root BIO_printf(bio_err," -prexit - print session information even on connection failure\n"); 305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); 306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -debug - extra output\n"); 307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef WATT32 308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -wdebug - WATT-32 tcp debugging\n"); 309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -msg - Show protocol messages\n"); 311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n"); 312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -state - print the 'ssl' states\n"); 313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -quiet - no s_client output\n"); 318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); 319e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(bio_err," -no_ign_eof - don't ignore input eof\n"); 320674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_PSK 321674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err," -psk_identity arg - PSK identity\n"); 322674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); 323674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom# ifndef OPENSSL_NO_JPAKE 324674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); 325674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom# endif 326674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 327392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 328392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srpuser user - SRP authentification for 'user'\n"); 329392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srppass arg - password for 'user'\n"); 330392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n"); 331392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); 332392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); 333392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); 335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); 336392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); 337392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); 338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -tls1 - just use TLSv1\n"); 339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); 3409a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n"); 34198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err," -mtu - set the link layer MTU\n"); 342392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); 343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); 344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); 345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); 346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," command to see what is available\n"); 347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); 348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," for those protocols that support it, where\n"); 349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); 350e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); 351e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(bio_err," are supported.\n"); 352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n"); 357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -sess_in arg - file to read SSL session from\n"); 358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n"); 360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); 361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -status - request certificate status from server\n"); 362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); 36304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom# ifndef OPENSSL_NO_NEXTPROTONEG 364bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); 365ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n"); 366bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 368f04b7b0cd950a9bf3c07edcbafb48afe63d4fed3Brian Carlstrom BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n"); 369e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley BIO_printf(bio_err," -no_record_splitting - disable 1/n-1 record splitting in CBC mode\n"); 37098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 371eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 372392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 373eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 374392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); 375392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* This is a context that we pass to callbacks */ 381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct tlsextctx_st { 382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO * biodebug; 383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ack; 384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} tlsextctx; 385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextctx * p = (tlsextctx *) arg; 390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_get_servername_type(s) != -1) 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p->ack = !SSL_session_reused(s) && hn != NULL; 393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Can't use SSL_get_servername\n"); 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return SSL_TLSEXT_ERR_OK; 397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 398bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 399392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 400392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 401392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* This is a context that we pass to all callbacks */ 402392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromtypedef struct srp_arg_st 403392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 404392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srppassin; 405392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srplogin; 406392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int msg; /* copy from c_msg */ 407392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int debug; /* copy from c_debug */ 408392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int amp; /* allow more groups */ 409392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int strength /* minimal size for N */ ; 410392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } SRP_ARG; 411392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 412392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define SRP_NUMBER_ITERATIONS_FOR_PRIME 64 413392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 414392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g) 415392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 416392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_CTX *bn_ctx = BN_CTX_new(); 417392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIGNUM *p = BN_new(); 418392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIGNUM *r = BN_new(); 419392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int ret = 420392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) && 421392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_is_prime_ex(N, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) && 422392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom p != NULL && BN_rshift1(p, N) && 423392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 424392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* p = (N-1)/2 */ 425392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_is_prime_ex(p, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) && 426392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom r != NULL && 427392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 428392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* verify g^((N-1)/2) == -1 (mod N) */ 429392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_mod_exp(r, g, p, N, bn_ctx) && 430392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_add_word(r, 1) && 431392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_cmp(r, N) == 0; 432392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 433392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(r) 434392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_free(r); 435392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(p) 436392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_free(p); 437392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(bn_ctx) 438392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BN_CTX_free(bn_ctx); 439392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return ret; 440392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 441392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 442392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* This callback is used here for two purposes: 443392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom - extended debugging 444392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom - making some primality tests for unknown groups 445392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom The callback is only called for a non default group. 446392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 447392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom An application does not need the call back at all if 448392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom only the stanard groups are used. In real life situations, 449392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom client and server already share well known groups, 450392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom thus there is no need to verify them. 451392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom Furthermore, in case that a server actually proposes a group that 452392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom is not one of those defined in RFC 5054, it is more appropriate 453392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom to add the group to a static list and then compare since 454392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom primality tests are rather cpu consuming. 455392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom*/ 456392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 457392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg) 458392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 459392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRP_ARG *srp_arg = (SRP_ARG *)arg; 460392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIGNUM *N = NULL, *g = NULL; 461392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s))) 462392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 463392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1) 464392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 465392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "SRP parameters:\n"); 466392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"\tN="); BN_print(bio_err,N); 467392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"\n\tg="); BN_print(bio_err,g); 468392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"\n"); 469392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 470392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 471392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (SRP_check_known_gN_param(g,N)) 472392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 473392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 474392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_arg->amp == 1) 475392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 476392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_arg->debug) 477392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "SRP param N and g are not known params, going to check deeper.\n"); 478392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 479392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* The srp_moregroups is a real debugging feature. 480392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom Implementors should rather add the value to the known ones. 481392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom The minimal size has already been tested. 482392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom*/ 483392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (BN_num_bits(g) <= BN_BITS && srp_Verify_N_and_g(N,g)) 484392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 485392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 486392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "SRP param N and g rejected.\n"); 487392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 488392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 489392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 490392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define PWD_STRLEN 1024 491392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 492392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) 493392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 494392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRP_ARG *srp_arg = (SRP_ARG *)arg; 495392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1); 496392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom PW_CB_DATA cb_tmp; 497392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int l; 498392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 499392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cb_tmp.password = (char *)srp_arg->srppassin; 500392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cb_tmp.prompt_info = "SRP user"; 501392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp))<0) 502392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 503392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf (bio_err, "Can't read Password\n"); 504392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(pass); 505392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return NULL; 506392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 507392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom *(pass+l)= '\0'; 508392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 509392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return pass; 510392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 511392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 512392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 513eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 514392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srtp_profiles = NULL; 515eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 516392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 517bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 518bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen/* This the context that we pass to next_proto_cb */ 519bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsentypedef struct tlsextnextprotoctx_st { 520bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned char *data; 521bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned short len; 522bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen int status; 523bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen} tlsextnextprotoctx; 524bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 525bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsenstatic tlsextnextprotoctx next_proto; 526bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 527bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsenstatic int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) 528bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 529bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen tlsextnextprotoctx *ctx = arg; 530bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 531bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (!c_quiet) 532bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 533bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen /* We can assume that |in| is syntactically valid. */ 534bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned i; 535bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_c_out, "Protocols advertised by server: "); 536bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen for (i = 0; i < inlen; ) 537bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 538bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (i) 539bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio_c_out, ", ", 2); 540bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio_c_out, &in[i + 1], in[i]); 541bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen i += in[i] + 1; 542bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 543bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio_c_out, "\n", 1); 544bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 545bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 546bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); 547bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen return SSL_TLSEXT_ERR_OK; 548bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 54904ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 551674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectenum 553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PROTO_OFF = 0, 555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PROTO_SMTP, 556656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PROTO_POP3, 557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PROTO_IMAP, 558e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu PROTO_FTP, 559e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu PROTO_XMPP 560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project}; 561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int, char **); 563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int argc, char **argv) 565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 566674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom unsigned int off=0, clr=0; 567674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL *con=NULL; 568392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_KRB5 569392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom KSSL_CTX *kctx; 570392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int s,k,width,state=0; 572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL; 573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int cbuf_len,cbuf_off; 574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int sbuf_len,sbuf_off; 575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fd_set readfds,writefds; 576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project short port=PORT; 577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int full_log=1; 578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *host=SSL_HOST_NAME; 579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *cert_file=NULL,*key_file=NULL; 580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int cert_format = FORMAT_PEM, key_format = FORMAT_PEM; 581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *passarg = NULL, *pass = NULL; 582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *cert = NULL; 583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *key = NULL; 584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *CApath=NULL,*CAfile=NULL,*cipher=NULL; 585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; 586e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley int cutthrough=0, no_record_splitting=0; 587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int crlf=0; 588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; 589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX *ctx=NULL; 590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=1,in_init=1,i,nbio_test=0; 591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int starttls_proto = PROTO_OFF; 592674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int prexit = 0; 593674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom X509_VERIFY_PARAM *vpm = NULL; 594674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int badarg = 0; 595674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom const SSL_METHOD *meth=NULL; 596674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int socket_type=SOCK_STREAM; 597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *sbio; 598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *inrand=NULL; 599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int mbuf_len=0; 60098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom struct timeval timeout, *timeoutp; 601e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley int ssl_mode; 602e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_ENGINE 603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *engine_id=NULL; 604e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu char *ssl_client_engine_id=NULL; 605e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ENGINE *ssl_client_engine=NULL; 606e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ENGINE *e=NULL; 608674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project struct timeval tv; 610674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if defined(OPENSSL_SYS_BEOS_R5) 611674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom int stdin_set = 0; 612674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *servername = NULL; 616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextctx tlsextcbp = 617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project {NULL,0}; 618bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 619bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen const char *next_proto_neg_in = NULL; 620ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root const char *alpn_in = NULL; 621bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *sess_in = NULL; 624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *sess_out = NULL; 625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project struct sockaddr peer; 626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int peerlen = sizeof(peer); 6279a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller int fallback_scsv = 0; 628656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int enable_timeouts = 0 ; 62998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom long socket_mtu = 0; 630e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 631e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu char *jpake_secret = NULL; 632e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 633392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 634392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char * srppass = NULL; 635392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int srp_lateuser = 0; 636392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRP_ARG srp_arg = {NULL,NULL,0,0,0,1024}; 637392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv23_client_method(); 640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_startup(); 642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_Pause=0; 643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_quiet=0; 644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_ign_eof=0; 645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_debug=0; 646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_msg=0; 647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_showcerts=0; 648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_err == NULL) 650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!load_config(bio_err, NULL)) 653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( ((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || 656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) || 657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL)) 658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"out of memory\n"); 660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=0; 664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_error=X509_V_OK; 665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_nbio=0; 667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (argc >= 1) 672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strcmp(*argv,"-host") == 0) 674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 675656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project host= *(++argv); 677656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 678656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-port") == 0) 679656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 680656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 681656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project port=atoi(*(++argv)); 682656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (port == 0) goto bad; 683656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 684656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-connect") == 0) 685656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 686656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 687656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!extract_host_port(*(++argv),&host,NULL,&port)) 688656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 689656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 690656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-verify") == 0) 691656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 692656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify=SSL_VERIFY_PEER; 693656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=atoi(*(++argv)); 695656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify depth is %d\n",verify_depth); 696656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cert") == 0) 698656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cert_file= *(++argv); 701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-sess_out") == 0) 703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess_out = *(++argv); 706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-sess_in") == 0) 708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess_in = *(++argv); 711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-certform") == 0) 713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cert_format = str2fmt(*(++argv)); 716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 717674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) 718674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 719674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (badarg) 720674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto bad; 721674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom continue; 722674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 723674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (strcmp(*argv,"-verify_return_error") == 0) 724674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom verify_return_error = 1; 725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-prexit") == 0) 726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project prexit=1; 727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-crlf") == 0) 728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project crlf=1; 729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-quiet") == 0) 730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_quiet=1; 732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_ign_eof=1; 733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ign_eof") == 0) 735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_ign_eof=1; 736e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv,"-no_ign_eof") == 0) 737e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu c_ign_eof=0; 738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-pause") == 0) 739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_Pause=1; 740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-debug") == 0) 741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_debug=1; 742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-tlsextdebug") == 0) 744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_tlsextdebug=1; 745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-status") == 0) 746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_status_req=1; 747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef WATT32 749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-wdebug") == 0) 750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dbug_init(); 751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-msg") == 0) 753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_msg=1; 754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-showcerts") == 0) 755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c_showcerts=1; 756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nbio_test") == 0) 757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project nbio_test=1; 758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-state") == 0) 759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state=1; 760674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_PSK 761674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (strcmp(*argv,"-psk_identity") == 0) 762674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 763674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (--argc < 1) goto bad; 764674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom psk_identity=*(++argv); 765674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 766674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (strcmp(*argv,"-psk") == 0) 767674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 768674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom size_t j; 769674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 770674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (--argc < 1) goto bad; 771674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom psk_key=*(++argv); 772674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom for (j = 0; j < strlen(psk_key); j++) 773674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 7747d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom if (isxdigit((unsigned char)psk_key[j])) 775674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom continue; 776674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); 777674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto bad; 778674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 779674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 780674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 781392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 782392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srpuser") == 0) 783392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 784392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 785392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.srplogin= *(++argv); 786392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 787392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 788392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srppass") == 0) 789392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 790392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 791392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srppass= *(++argv); 792392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 793392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 794392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srp_strength") == 0) 795392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 796392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 797392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.strength=atoi(*(++argv)); 798392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"SRP minimal length for N is %d\n",srp_arg.strength); 799392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 800392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 801392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srp_lateuser") == 0) 802392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 803392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_lateuser= 1; 804392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 805392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 806392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srp_moregroups") == 0) 807392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 808392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.amp=1; 809392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_client_method(); 810392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 811392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_SSL2 813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ssl2") == 0) 814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv2_client_method(); 815656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_SSL3 817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ssl3") == 0) 818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv3_client_method(); 819656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 820656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLS1 821392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-tls1_2") == 0) 822392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_2_client_method(); 823392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-tls1_1") == 0) 824392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom meth=TLSv1_1_client_method(); 825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-tls1") == 0) 826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=TLSv1_client_method(); 827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DTLS1 829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dtls1") == 0) 830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=DTLSv1_client_method(); 832674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom socket_type=SOCK_DGRAM; 833656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 8349a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller else if (strcmp(*argv,"-fallback_scsv") == 0) 8359a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller { 8369a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller fallback_scsv = 1; 8379a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller } 838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-timeout") == 0) 839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project enable_timeouts=1; 840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-mtu") == 0) 841656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 84398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom socket_mtu = atol(*(++argv)); 844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-bugs") == 0) 847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bugs=1; 848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-keyform") == 0) 849656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 850656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 851656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project key_format = str2fmt(*(++argv)); 852656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 853656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-pass") == 0) 854656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 855656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 856656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project passarg = *(++argv); 857656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-key") == 0) 859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 860656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 861656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project key_file= *(++argv); 862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-reconnect") == 0) 864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project reconnect=5; 866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-CApath") == 0) 868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 869656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 870656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CApath= *(++argv); 871656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 872656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-CAfile") == 0) 873656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 874656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 875656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CAfile= *(++argv); 876656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 877392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-no_tls1_2") == 0) 878392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom off|=SSL_OP_NO_TLSv1_2; 879392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-no_tls1_1") == 0) 880392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom off|=SSL_OP_NO_TLSv1_1; 881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_tls1") == 0) 882656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project off|=SSL_OP_NO_TLSv1; 883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ssl3") == 0) 884656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project off|=SSL_OP_NO_SSLv3; 885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ssl2") == 0) 886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project off|=SSL_OP_NO_SSLv2; 887674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (strcmp(*argv,"-no_comp") == 0) 888674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { off|=SSL_OP_NO_COMPRESSION; } 889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ticket") == 0) 891656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_TICKET; } 892bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 893bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen else if (strcmp(*argv,"-nextprotoneg") == 0) 894bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 895bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (--argc < 1) goto bad; 896bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto_neg_in = *(++argv); 897bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 898ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root else if (strcmp(*argv,"-alpn") == 0) 899ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 900ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root if (--argc < 1) goto bad; 901ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root alpn_in = *(++argv); 902ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 903bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 904656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 905248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu else if (strcmp(*argv,"-cutthrough") == 0) 906248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu cutthrough=1; 907e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley else if (strcmp(*argv,"-no_record_splitting") == 0) 908e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley no_record_splitting=1; 909656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-serverpref") == 0) 910656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project off|=SSL_OP_CIPHER_SERVER_PREFERENCE; 91198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-legacy_renegotiation") == 0) 91298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 91398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-legacy_server_connect") == 0) 91498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom { off|=SSL_OP_LEGACY_SERVER_CONNECT; } 91598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-no_legacy_server_connect") == 0) 91698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom { clr|=SSL_OP_LEGACY_SERVER_CONNECT; } 917656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cipher") == 0) 918656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 919656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 920656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cipher= *(++argv); 921656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 922656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 923656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nbio") == 0) 924656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { c_nbio=1; } 925656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-starttls") == 0) 927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ++argv; 930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strcmp(*argv,"smtp") == 0) 931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_SMTP; 932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"pop3") == 0) 933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_POP3; 934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"imap") == 0) 935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_IMAP; 936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"ftp") == 0) 937656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_FTP; 938e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv, "xmpp") == 0) 939e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu starttls_proto = PROTO_XMPP; 940656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-engine") == 0) 945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 947656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project engine_id = *(++argv); 948656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 949e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv,"-ssl_client_engine") == 0) 950e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 951e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (--argc < 1) goto bad; 952e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ssl_client_engine_id = *(++argv); 953e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 954656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-rand") == 0) 956656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inrand= *(++argv); 959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-servername") == 0) 962656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 963656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 964656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project servername= *(++argv); 965656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* meth=TLSv1_client_method(); */ 966656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 967656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 968e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 969e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv,"-jpake") == 0) 970e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 971e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (--argc < 1) goto bad; 972e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu jpake_secret = *++argv; 973e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 974e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 975eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 976392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-use_srtp") == 0) 977392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 978392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 979392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srtp_profiles = *(++argv); 980392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 981eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 982392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-keymatexport") == 0) 983392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 984392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 985392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlabel= *(++argv); 986392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 987392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-keymatexportlen") == 0) 988392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 989392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 990392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlen=atoi(*(++argv)); 991392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (keymatexportlen == 0) goto bad; 992392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 993392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unknown option %s\n",*argv); 996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project badop=1; 997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 1000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 1001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (badop) 1003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectbad: 1005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sc_usage(); 1006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1007656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1008656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1009674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1010674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (jpake_secret) 1011674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1012674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (psk_key) 1013674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1014674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err, 1015674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom "Can't use JPAKE and PSK together\n"); 1016674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom goto end; 1017674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1018674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom psk_identity = "JPAKE"; 1019392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (cipher) 1020392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1021392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1022392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto end; 1023392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1024392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cipher = "PSK"; 1025674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1026674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1027674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 1028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OpenSSL_add_ssl_algorithms(); 1029656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_load_error_strings(); 1030656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1031bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 1032bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.status = -1; 1033bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto_neg_in) 1034bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 1035bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in); 1036bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto.data == NULL) 1037bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 1038bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n"); 1039bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen goto end; 1040bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 1041bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 1042bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen else 1043bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.data = NULL; 1044bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#endif 1045bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 1046656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 1047656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project e = setup_engine(bio_err, engine_id, 1); 1048e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (ssl_client_engine_id) 1049e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1050e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ssl_client_engine = ENGINE_by_id(ssl_client_engine_id); 1051e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (!ssl_client_engine) 1052e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1053e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(bio_err, 1054e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu "Error getting client auth engine\n"); 1055e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto end; 1056e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1057e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1058674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 1059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1060656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) 1061656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1062656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error getting password\n"); 1063656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1064656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (key_file == NULL) 1067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project key_file = cert_file; 1068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (key_file) 1071656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project key = load_key(bio_err, key_file, key_format, 0, pass, e, 1075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "client certificate private key file"); 1076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!key) 1077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1082656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1084656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cert_file) 1085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cert = load_cert(bio_err,cert_file,cert_format, 1088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, e, "client certificate file"); 1089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!cert) 1091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1093656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1094656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1095656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1096656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1097656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1098656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project && !RAND_status()) 1099656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 1101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inrand != NULL) 1103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 1104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project app_RAND_load_files(inrand)); 1105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_c_out == NULL) 1107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_quiet && !c_debug && !c_msg) 1109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_c_out=BIO_new(BIO_s_null()); 1111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_c_out == NULL) 1115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE); 1116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1119392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 1120392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL)) 1121392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1122392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "Error getting password\n"); 1123392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto end; 1124392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1125392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1126392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx=SSL_CTX_new(meth); 1128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx == NULL) 1129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1134674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (vpm) 1135674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL_CTX_set1_param(ctx, vpm); 1136674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 1137e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_ENGINE 1138e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (ssl_client_engine) 1139e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1140e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) 1141e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1142e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_puts(bio_err, "Error setting client auth engine\n"); 1143e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ERR_print_errors(bio_err); 1144e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ENGINE_free(ssl_client_engine); 1145e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto end; 1146e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1147e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu ENGINE_free(ssl_client_engine); 1148e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1149e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 1150e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 1151674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_PSK 1152674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifdef OPENSSL_NO_JPAKE 1153674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (psk_key != NULL) 1154674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#else 1155674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (psk_key != NULL || jpake_secret) 1156674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1157674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1158674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (c_debug) 1159674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n"); 1160674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL_CTX_set_psk_client_callback(ctx, psk_client_cb); 1161674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1162eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 1163eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 1164392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srtp_profiles != NULL) 1165392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1166674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bugs) 1168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_options(ctx,SSL_OP_ALL|off); 1169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_options(ctx,off); 117198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 117298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (clr) 117398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_clear_options(ctx, clr); 1174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* DTLS: partial reads end up discarding unread UDP bytes :-( 1175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Setting read ahead solves this problem. 1176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1177674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); 1178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1179ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root#if !defined(OPENSSL_NO_TLSEXT) 1180ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root# if !defined(OPENSSL_NO_NEXTPROTONEG) 1181392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (next_proto.data) 1182392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); 1183ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root# endif 1184ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root if (alpn_in) 1185ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 1186ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root unsigned short alpn_len; 1187ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root unsigned char *alpn = next_protos_parse(&alpn_len, alpn_in); 1188ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root 1189ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root if (alpn == NULL) 1190ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 1191ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_printf(bio_err, "Error parsing -alpn argument\n"); 1192ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root goto end; 1193ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 1194ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len); 1195ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 1196392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1197392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1198e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley ssl_mode = SSL_CTX_get_mode(ctx); 1199e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley if (!no_record_splitting) 1200e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley ssl_mode |= SSL_MODE_CBC_RECORD_SPLITTING; 1201248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu if (cutthrough) 1202248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu { 1203e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley /* Enable handshake cutthrough for client connections using 1204e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley * strong ciphers. */ 1205248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH; 1206248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu } 1207e6443cd9084e98ea362375c3f177a0eab7aa8fdcAdam Langley SSL_CTX_set_mode(ctx, ssl_mode); 1208248a4c78a25b81a72352125142f3fc04493f428bHuahui Wu 1209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); 1210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cipher != NULL) 1211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!SSL_CTX_set_cipher_list(ctx,cipher)) { 1212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error setting cipher list\n"); 1213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 1217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER")); 1219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_verify(ctx,verify,verify_callback); 1222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!set_cert_key_stuff(ctx,cert,key)) 1223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || 1226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (!SSL_CTX_set_default_verify_paths(ctx))) 1227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* BIO_printf(bio_err,"error setting default verify locations\n"); */ 1229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* goto end; */ 1231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (servername != NULL) 1235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextcbp.biodebug = bio_err; 1237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1240392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 1241392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (srp_arg.srplogin) 1242392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1243392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!srp_lateuser && !SSL_CTX_set_srp_username(ctx, srp_arg.srplogin)) 1244392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1245392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"Unable to set SRP username\n"); 1246392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto end; 1247392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1248392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.msg = c_msg; 1249392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srp_arg.debug = c_debug ; 1250392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_cb_arg(ctx,&srp_arg); 1251392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb); 1252392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_strength(ctx, srp_arg.strength); 1253392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (c_msg || c_debug || srp_arg.amp == 0) 1254392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_CTX_set_srp_verify_param_callback(ctx, ssl_srp_verify_param_cb); 1255392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1256392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 1257392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project con=SSL_new(ctx); 1261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sess_in) 1262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_SESSION *sess; 1264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *stmp = BIO_new_file(sess_in, "r"); 1265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!stmp) 1266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Can't open session file %s\n", 1268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess_in); 1269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL); 1273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(stmp); 1274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!sess) 1275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Can't open session file %s\n", 1277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sess_in); 1278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_session(con, sess); 1282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_SESSION_free(sess); 1283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 12849a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller 12859a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller if (fallback_scsv) 12869a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV); 12879a68a8fb86e7440763286e3ea8578099abd598e7Bodo Moeller 1288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (servername != NULL) 1290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!SSL_set_tlsext_host_name(con,servername)) 1292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Unable to set TLS servername extension.\n"); 1294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_KRB5 1300392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (con && (kctx = kssl_ctx_new()) != NULL) 1301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1302392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_set0_kssl_ctx(con, kctx); 1303392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom kssl_ctx_setstring(kctx, KSSL_SERVER, host); 1304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif /* OPENSSL_NO_KRB5 */ 1306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* SSL_set_cipher_list(con,"RC4-MD5"); */ 1307674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if 0 1308674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifdef TLSEXT_TYPE_opaque_prf_input 1309674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL_set_tlsext_opaque_prf_input(con, "Test client", 11); 1310674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1311674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectre_start: 1314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1315674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (init_client(&s,host,port,socket_type) == 0) 1316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); 1318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(s); 1319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s); 1322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 1324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_nbio) 1325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long l=1; 1327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"turning on non blocking io\n"); 1328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_socket_ioctl(s,FIONBIO,&l) < 0) 1329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1335392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (c_Pause & 0x01) SSL_set_debug(con, 1); 1336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( SSL_version(con) == DTLS1_VERSION) 1338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_dgram(s,BIO_NOCLOSE); 1341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (getsockname(s, &peer, (void *)&peerlen) < 0) 1342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "getsockname:errno=%d\n", 1344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project get_last_socket_error()); 1345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(s); 1346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_ctrl_set_connected(sbio, 1, &peer); 1350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1351674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (enable_timeouts) 1352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_sec = 0; 1354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 1356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_sec = 0; 1358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_usec = DGRAM_SND_TIMEOUT; 1359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 1360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 136298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (socket_mtu > 28) 1363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 136598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_set_mtu(con, socket_mtu - 28); 1366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* want to do MTU discovery */ 1369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 1370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_socket(s,BIO_NOCLOSE); 1373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nbio_test) 1375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *test; 1377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project test=BIO_new(BIO_f_nbio_test()); 1379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_push(test,sbio); 1380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_debug) 1383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1384392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_set_debug(con, 1); 1385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback(sbio,bio_dump_callback); 1386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback_arg(sbio,(char *)bio_c_out); 1387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_msg) 1389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback(con, msg_cb); 1391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback_arg(con, bio_c_out); 1392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_tlsextdebug) 1395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_callback(con, tlsext_cb); 1397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_arg(con, bio_c_out); 1398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_status_req) 1400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); 1402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); 1403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); 1404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 1405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 1406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectSTACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null(); 1407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectOCSP_RESPID *id = OCSP_RESPID_new(); 1408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectid->value.byKey = ASN1_OCTET_STRING_new(); 1409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectid->type = V_OCSP_RESPID_KEY; 1410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_STRING_set(id->value.byKey, "Hello World", -1); 1411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectsk_OCSP_RESPID_push(ids, id); 1412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectSSL_set_tlsext_status_ids(con, ids); 1413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 1414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1417e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 1418e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (jpake_secret) 1419e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu jpake_client_auth(bio_c_out, sbio, jpake_secret); 1420e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 1421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_bio(con,sbio,sbio); 1423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_connect_state(con); 1424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* ok, lets connect */ 1426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project width=SSL_get_fd(con)+1; 1427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=1; 1429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=0; 1430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tty_on=0; 1431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=1; 1432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_len=0; 1435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_off=0; 1436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_len=0; 1437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_off=0; 1438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* This is an ugly hack that does a lot of assumptions */ 1440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* We do have to handle multi-line responses which may come 1441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in a single packet or not. We therefore have to use 1442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_gets() which does need a buffering BIO. So during 1443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project the initial chitchat we do push a buffering BIO into the 1444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project chain that is removed again later on to not disturb the 1445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rest of the s_client operation. */ 1446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (starttls_proto == PROTO_SMTP) 1447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int foundit=0; 1449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *fbio = BIO_new(BIO_f_buffer()); 1450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_push(fbio, sbio); 1451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wait for multi-line response to end from SMTP */ 1452656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do 1453656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1454656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1455656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1456656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (mbuf_len>3 && mbuf[3]=='-'); 1457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* STARTTLS command requires EHLO... */ 1458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(fbio,"EHLO openssl.client.net\r\n"); 1459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wait for multi-line response to end EHLO SMTP response */ 1461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do 1462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strstr(mbuf,"STARTTLS")) 1465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project foundit=1; 1466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (mbuf_len>3 && mbuf[3]=='-'); 1468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_pop(fbio); 1470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(fbio); 1471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!foundit) 1472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "didn't found starttls in server response," 1474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " try anyway...\n"); 1475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(sbio,"STARTTLS\r\n"); 1476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,sbuf,BUFSIZZ); 1477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (starttls_proto == PROTO_POP3) 1479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,mbuf,BUFSIZZ); 1481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(sbio,"STLS\r\n"); 1482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,sbuf,BUFSIZZ); 1483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (starttls_proto == PROTO_IMAP) 1485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int foundit=0; 1487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *fbio = BIO_new(BIO_f_buffer()); 1488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_push(fbio, sbio); 1489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_gets(fbio,mbuf,BUFSIZZ); 1490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* STARTTLS command requires CAPABILITY... */ 1491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(fbio,". CAPABILITY\r\n"); 1492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wait for multi-line CAPABILITY response */ 1494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do 1495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strstr(mbuf,"STARTTLS")) 1498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project foundit=1; 1499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (mbuf_len>3 && mbuf[0]!='.'); 1501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_pop(fbio); 1503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(fbio); 1504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!foundit) 1505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "didn't found STARTTLS in server response," 1507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " try anyway...\n"); 1508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(sbio,". STARTTLS\r\n"); 1509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,sbuf,BUFSIZZ); 1510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (starttls_proto == PROTO_FTP) 1512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *fbio = BIO_new(BIO_f_buffer()); 1514656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_push(fbio, sbio); 1515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wait for multi-line response to end from FTP */ 1516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do 1517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ); 1519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (mbuf_len>3 && mbuf[3]=='-'); 1521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(fbio); 1522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_pop(fbio); 1523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(fbio); 1524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(sbio,"AUTH TLS\r\n"); 1525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_read(sbio,sbuf,BUFSIZZ); 1526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1527e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (starttls_proto == PROTO_XMPP) 1528e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1529e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu int seen = 0; 1530e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(sbio,"<stream:stream " 1531e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu "xmlns:stream='http://etherx.jabber.org/streams' " 1532e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu "xmlns='jabber:client' to='%s' version='1.0'>", host); 1533e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu seen = BIO_read(sbio,mbuf,BUFSIZZ); 1534e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu mbuf[seen] = 0; 1535e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")) 1536e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1537e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (strstr(mbuf, "/stream:features>")) 1538e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto shut; 1539e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu seen = BIO_read(sbio,mbuf,BUFSIZZ); 1540e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu mbuf[seen] = 0; 1541e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1542e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); 1543e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu seen = BIO_read(sbio,sbuf,BUFSIZZ); 1544e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu sbuf[seen] = 0; 1545e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (!strstr(sbuf, "<proceed")) 1546e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto shut; 1547e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu mbuf[0] = 0; 1548e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 1551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project FD_ZERO(&readfds); 1553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project FD_ZERO(&writefds); 1554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 155598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if ((SSL_version(con) == DTLS1_VERSION) && 155698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom DTLSv1_get_timeout(con, &timeout)) 155798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom timeoutp = &timeout; 155898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else 155998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom timeoutp = NULL; 156098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 1561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_in_init(con) && !SSL_total_renegotiations(con)) 1562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in_init=1; 1564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tty_on=0; 1565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tty_on=1; 1569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (in_init) 1570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project in_init=0; 1572674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if 0 /* This test doesn't really work as intended (needs to be fixed) */ 1573674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#ifndef OPENSSL_NO_TLSEXT 1574674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (servername != NULL && !SSL_session_reused(con)) 1575674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1576674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_c_out,"Server did %sacknowledge servername extension.\n",tlsextcbp.ack?"":"not "); 1577674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1578674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1579674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 1580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sess_out) 1581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *stmp = BIO_new_file(sess_out, "w"); 1583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (stmp) 1584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con)); 1586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(stmp); 1587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error writing session file %s\n", sess_out); 1590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_stuff(bio_c_out,con,full_log); 1592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (full_log > 0) full_log--; 1593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (starttls_proto) 1595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%s",mbuf); 1597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* We don't need to know any more */ 1598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project starttls_proto = PROTO_OFF; 1599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (reconnect) 1602656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project reconnect--; 1604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"drop connection and then reconnect\n"); 1605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_shutdown(con); 1606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_connect_state(con); 1607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(SSL_get_fd(con)); 1608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto re_start; 1609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssl_pending = read_ssl && SSL_pending(con); 1614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ssl_pending) 1616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1617674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5) 1618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tty_on) 1619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1620674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (read_tty) openssl_fdset(fileno(stdin),&readfds); 1621674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (write_tty) openssl_fdset(fileno(stdout),&writefds); 1622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (read_ssl) 1624674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom openssl_fdset(SSL_get_fd(con),&readfds); 1625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (write_ssl) 1626674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom openssl_fdset(SSL_get_fd(con),&writefds); 1627656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1628656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!tty_on || !write_tty) { 1629656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (read_ssl) 1630674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom openssl_fdset(SSL_get_fd(con),&readfds); 1631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (write_ssl) 1632674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom openssl_fdset(SSL_get_fd(con),&writefds); 1633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* printf("mode tty(%d %d%d) ssl(%d%d)\n", 1636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ 1637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Note: under VMS with SOCKETSHR the second parameter 1639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * is currently of type (int *) whereas under other 1640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * systems it is (void *) if you don't have a cast it 1641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * will choke the compiler: if you do have a cast then 1642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * you can either go for (int *) or (void *). 1643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) 1645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Under Windows/DOS we make the assumption that we can 1646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * always write to the tty: therefore if we need to 1647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * write to the tty we just fall through. Otherwise 1648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * we timeout the select every second and see if there 1649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are any keypresses. Note: this is a hack, in a proper 1650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Windows application we wouldn't do this. 1651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=0; 1653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!write_tty) { 1654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(read_tty) { 1655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_sec = 1; 1656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_usec = 0; 1657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=select(width,(void *)&readfds,(void *)&writefds, 1658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL,&tv); 1659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS) 1660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!i && (!_kbhit() || !read_tty) ) continue; 1661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue; 1663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else i=select(width,(void *)&readfds,(void *)&writefds, 166598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom NULL,timeoutp); 1666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#elif defined(OPENSSL_SYS_NETWARE) 1668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!write_tty) { 1669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(read_tty) { 1670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_sec = 1; 1671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_usec = 0; 1672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=select(width,(void *)&readfds,(void *)&writefds, 1673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL,&tv); 1674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else i=select(width,(void *)&readfds,(void *)&writefds, 167598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom NULL,timeoutp); 1676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1677674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#elif defined(OPENSSL_SYS_BEOS_R5) 1678674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom /* Under BeOS-R5 the situation is similar to DOS */ 1679674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=0; 1680674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom stdin_set = 0; 1681674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 1682674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if(!write_tty) { 1683674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if(read_tty) { 1684674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom tv.tv_sec = 1; 1685674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom tv.tv_usec = 0; 1686674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=select(width,(void *)&readfds,(void *)&writefds, 1687674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom NULL,&tv); 1688674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (read(fileno(stdin), sbuf, 0) >= 0) 1689674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom stdin_set = 1; 1690674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (!i && (stdin_set != 1 || !read_tty)) 1691674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom continue; 1692674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } else i=select(width,(void *)&readfds,(void *)&writefds, 1693674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom NULL,timeoutp); 1694674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 1695674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom (void)fcntl(fileno(stdin), F_SETFL, 0); 1696656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=select(width,(void *)&readfds,(void *)&writefds, 169898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom NULL,timeoutp); 1699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( i < 0) 1701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"bad select %d\n", 1703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project get_last_socket_error()); 1704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* goto end; */ 1706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 170998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) 171098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom { 171198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err,"TIMEOUT occured\n"); 171298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom } 171398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 1714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds)) 1715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=SSL_write(con,&(cbuf[cbuf_off]), 1717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned int)cbuf_len); 1718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,k)) 1719656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1720656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 1721656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_off+=k; 1722656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_len-=k; 1723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (k <= 0) goto end; 1724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* we have done a write(con,NULL,0); */ 1725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf_len <= 0) 1726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=1; 1728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=0; 1729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else /* if (cbuf_len > 0) */ 1731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=0; 1733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 1737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"write W BLOCK\n"); 1738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=0; 1740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 1742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"write R BLOCK\n"); 1743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=0; 1744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=1; 1745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=0; 1746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 1748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"write X BLOCK\n"); 1749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 1751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf_len != 0) 1752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"shutdown\n"); 1754674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret = 0; 1755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=1; 1760656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=0; 1761656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1762656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1763656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1764656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 1765656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((k != 0) || (cbuf_len != 0)) 1766656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1767656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"write:errno=%d\n", 1768656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project get_last_socket_error()); 1769656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1770656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1771656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1772656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1773656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=1; 1774656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=0; 1775656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1776656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1777656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 1778656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1779656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1780656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1781656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1782674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1783674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom /* Assume Windows/DOS/BeOS can always write */ 1784656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!ssl_pending && write_tty) 1785656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1786656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds)) 1787656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1788656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1789656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 1790656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len); 1791656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1792674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=raw_write_stdout(&(sbuf[sbuf_off]),sbuf_len); 1793656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1794656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) 1795656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1796656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"DONE\n"); 1797674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret = 0; 1798656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1799656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* goto end; */ 1800656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1801656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1802656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_len-=i;; 1803656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_off+=i; 1804656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sbuf_len <= 0) 1805656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1806656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=1; 1807656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=0; 1808656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1809656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1810656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds)) 1811656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef RENEG 1813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } } 1814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1815656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 1 1816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ ); 1817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Demo for pending and peek :-) */ 1819656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=SSL_read(con,sbuf,16); 1820656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ char zbuf[10240]; 1821656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectprintf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240)); 1822656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 1823656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,k)) 1826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 1828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (k <= 0) 1829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_off=0; 1831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbuf_len=k; 1832656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1833656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=0; 1834656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=1; 1835656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1836656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 1837656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"read W BLOCK\n"); 1838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=0; 1840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1841656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 1842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"read R BLOCK\n"); 1843656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_tty=0; 1844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_ssl=1; 1845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((read_tty == 0) && (write_ssl == 0)) 1846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 1849656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"read X BLOCK\n"); 1850656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1851656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 1852674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=get_last_socket_error(); 1853674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom BIO_printf(bio_err,"read:errno=%d\n",ret); 1854656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1855656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 1856656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_c_out,"closed\n"); 1857674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=0; 1858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 1860656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1861656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* break; */ 1863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) 1867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS) 1868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (_kbhit()) 1869656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1870656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) 1871656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1872656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#elif defined (OPENSSL_SYS_NETWARE) 1873674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (_kbhit()) 1874674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#elif defined(OPENSSL_SYS_BEOS_R5) 1875674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom else if (stdin_set) 1876656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1877656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (FD_ISSET(fileno(stdin),&readfds)) 1878656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1880656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (crlf) 1881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1882656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int j, lf_num; 1883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1884674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=raw_read_stdin(cbuf,BUFSIZZ/2); 1885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num = 0; 1886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* both loops are skipped when i <= 0 */ 1887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j = 0; j < i; j++) 1888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf[j] == '\n') 1889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num++; 1890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j = i-1; j >= 0; j--) 1891656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1892656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf[j+lf_num] = cbuf[j]; 1893656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf[j] == '\n') 1894656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1895656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num--; 1896656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 1897656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf[j+lf_num] = '\r'; 1898656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1899656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1900656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project assert(lf_num == 0); 1901656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1902656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1903674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom i=raw_read_stdin(cbuf,BUFSIZZ); 1904656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1905656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) 1906656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1907656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"DONE\n"); 1908674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=0; 1909656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto shut; 1910656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1911656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1912656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!c_ign_eof) && (cbuf[0] == 'R')) 1913656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1914656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"RENEGOTIATING\n"); 1915656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 1916656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_len=0; 1917656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1918392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_HEARTBEATS 1919392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if ((!c_ign_eof) && (cbuf[0] == 'B')) 1920392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 1921392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"HEARTBEATING\n"); 1922392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SSL_heartbeat(con); 1923392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cbuf_len=0; 1924392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 1925392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 1926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_len=i; 1929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cbuf_off=0; 1930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 1931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic2ascii(cbuf, cbuf, i); 1932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project write_ssl=1; 1936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_tty=0; 1937656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1938656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1939674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 1940674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom ret=0; 1941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectshut: 1942674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (in_init) 1943674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom print_stuff(bio_c_out,con,full_log); 1944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_shutdown(con); 1945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(SSL_get_fd(con)); 1946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectend: 1947674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (con != NULL) 1948674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom { 1949674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom if (prexit != 0) 1950674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom print_stuff(bio_c_out,con,1); 1951674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom SSL_free(con); 1952674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom } 195304ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 195404ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (next_proto.data) 195504ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom OPENSSL_free(next_proto.data); 195604ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom#endif 1957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx != NULL) SSL_CTX_free(ctx); 1958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cert) 1959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(cert); 1960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (key) 1961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(key); 1962656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pass) 1963656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(pass); 196404ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (vpm) 196504ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom X509_VERIFY_PARAM_free(vpm); 1966656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } 1967656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } 1968656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } 1969656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_c_out != NULL) 1970656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1971656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(bio_c_out); 1972656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_c_out=NULL; 1973656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1974656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_shutdown(); 1975656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_EXIT(ret); 1976656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1977656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1978656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1979656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_stuff(BIO *bio, SSL *s, int full) 1980656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1981656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *peer=NULL; 1982656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p; 1983656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static const char *space=" "; 1984656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char buf[BUFSIZ]; 1985656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(X509) *sk; 1986656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(X509_NAME) *sk2; 1987674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom const SSL_CIPHER *c; 1988656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME *xn; 1989656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int j,i; 1990656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_COMP 1991656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const COMP_METHOD *comp, *expansion; 1992656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1993392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char *exportedkeymat; 1994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (full) 1996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int got_a_chain = 0; 1998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk=SSL_get_peer_cert_chain(s); 2000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (sk != NULL) 2001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project got_a_chain = 1; /* we don't have it for SSL2 (yet) */ 2003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nCertificate chain\n"); 2005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<sk_X509_num(sk); i++) 2006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2007656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_subject_name( 2008656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_X509_value(sk,i)),buf,sizeof buf); 2009656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%2d s:%s\n",i,buf); 2010656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_issuer_name( 2011656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_X509_value(sk,i)),buf,sizeof buf); 2012656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio," i:%s\n",buf); 2013656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (c_showcerts) 2014656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(bio,sk_X509_value(sk,i)); 2015656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2016656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2017656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2018656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\n"); 2019656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project peer=SSL_get_peer_certificate(s); 2020656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) 2021656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2022656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"Server certificate\n"); 2023656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */ 2024656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(bio,peer); 2025656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_subject_name(peer), 2026656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf,sizeof buf); 2027656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"subject=%s\n",buf); 2028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_issuer_name(peer), 2029656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf,sizeof buf); 2030656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"issuer=%s\n",buf); 2031656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2032656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2033656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"no peer certificate available\n"); 2034656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2035656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk2=SSL_get_client_CA_list(s); 2036656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) 2037656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2038656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nAcceptable client certificate CA names\n"); 2039656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<sk_X509_NAME_num(sk2); i++) 2040656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2041656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project xn=sk_X509_NAME_value(sk2,i); 2042656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(xn,buf,sizeof(buf)); 2043656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,buf,strlen(buf)); 2044656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,"\n",1); 2045656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2046656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2047656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2048656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2049656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nNo client certificate CA names sent\n"); 2050656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2051656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=SSL_get_shared_ciphers(s,buf,sizeof buf); 2052656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p != NULL) 2053656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2054656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* This works only for SSL 2. In later protocol 2055656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * versions, the client does not know what other 2056656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ciphers (in addition to the one to be used 2057656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in the current connection) the server supports. */ 2058656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n"); 2060656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=i=0; 2061656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (*p) 2062656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2063656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*p == ':') 2064656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,space,15-j%25); 2066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 2067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=0; 2068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,((i%3)?" ":"\n"),1); 2069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2071656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,p,1); 2073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j++; 2074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p++; 2076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(bio,"\n",1); 2078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n", 2081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_number_read(SSL_get_rbio(s)), 2082656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_number_written(SSL_get_wbio(s))); 2083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2084392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio,(SSL_cache_hit(s)?"---\nReused, ":"---\nNew, ")); 2085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c=SSL_get_current_cipher(s); 2086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%s, Cipher is %s\n", 2087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_version(c), 2088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_name(c)); 2089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) { 2090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *pktmp; 2091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pktmp = X509_get_pubkey(peer); 2092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"Server public key is %d bit\n", 2093656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_bits(pktmp)); 2094656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(pktmp); 2095656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 209698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio, "Secure Renegotiation IS%s supported\n", 209798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_get_secure_renegotiation_support(s) ? "" : " NOT"); 2098656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_COMP 2099656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project comp=SSL_get_current_compression(s); 2100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project expansion=SSL_get_current_expansion(s); 2101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"Compression: %s\n", 2102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project comp ? SSL_COMP_get_name(comp) : "NONE"); 2103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"Expansion: %s\n", 2104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project expansion ? SSL_COMP_get_name(expansion) : "NONE"); 2105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2106392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2107392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef SSL_DEBUG 2108392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2109392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Print out local port of connection: useful for debugging */ 2110392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int sock; 2111392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom struct sockaddr_in ladd; 2112392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom socklen_t ladd_size = sizeof(ladd); 2113392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sock = SSL_get_fd(s); 2114392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom getsockname(sock, (struct sockaddr *)&ladd, &ladd_size); 2115392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_c_out, "LOCAL PORT is %u\n", ntohs(ladd.sin_port)); 2116392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2117392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 2118bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 2119ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root#if !defined(OPENSSL_NO_TLSEXT) 2120ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root# if !defined(OPENSSL_NO_NEXTPROTONEG) 2121bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto.status != -1) { 2122bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen const unsigned char *proto; 2123bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned int proto_len; 2124bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen SSL_get0_next_proto_negotiated(s, &proto, &proto_len); 2125bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio, "Next protocol: (%d) ", next_proto.status); 2126bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio, proto, proto_len); 2127bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio, "\n", 1); 2128bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 2129ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 2130ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root const unsigned char *proto; 2131ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root unsigned int proto_len; 2132ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root SSL_get0_alpn_selected(s, &proto, &proto_len); 2133ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root if (proto_len > 0) 2134ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root { 2135ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_printf(bio, "ALPN protocol: "); 2136ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_write(bio, proto, proto_len); 2137ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_write(bio, "\n", 1); 2138ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 2139ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root else 2140ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root BIO_printf(bio, "No ALPN negotiated\n"); 2141ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root } 2142ee53ab1212ec75db6e1704a6909c45c93dd411c3Kenny Root# endif 2143bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#endif 2144bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 2145eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#ifndef OPENSSL_NO_SRTP 2146392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2147392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s); 2148392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2149392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(srtp_profile) 2150392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n", 2151392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom srtp_profile->name); 2152392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2153eeffacea337ec6a275e4c496acd12ca67a244533Brian Carlstrom#endif 2154392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 2155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_SESSION_print(bio,SSL_get_session(s)); 2156392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (keymatexportlabel != NULL) 2157392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2158392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "Keying material exporter:\n"); 2159392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, " Label: '%s'\n", keymatexportlabel); 2160392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, " Length: %i bytes\n", keymatexportlen); 2161392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom exportedkeymat = OPENSSL_malloc(keymatexportlen); 2162392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (exportedkeymat != NULL) 2163392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2164392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!SSL_export_keying_material(s, exportedkeymat, 2165392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlen, 2166392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom keymatexportlabel, 2167392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom strlen(keymatexportlabel), 2168392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NULL, 0, 0)) 2169392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2170392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, " Error\n"); 2171392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2172392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 2173392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 2174392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, " Keying material: "); 2175392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i=0; i<keymatexportlen; i++) 2176392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "%02X", 2177392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom exportedkeymat[i]); 2178392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "\n"); 2179392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2180392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(exportedkeymat); 2181392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2182392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 2183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"---\n"); 2184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) 2185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(peer); 2186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* flush, or debugging output gets mixed with http response */ 2187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio); 2188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 2191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ocsp_resp_cb(SSL *s, void *arg) 2193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const unsigned char *p; 2195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int len; 2196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE *rsp; 2197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project len = SSL_get_tlsext_status_ocsp_resp(s, &p); 2198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "OCSP response: "); 2199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!p) 2200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "no response sent\n"); 2202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 2203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rsp = d2i_OCSP_RESPONSE(NULL, &p, len); 2205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!rsp) 2206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "response parse error\n"); 2208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_dump_indent(arg, (char *)p, len, 4); 2209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 2210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "\n======================================\n"); 2212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE_print(arg, rsp, 0); 2213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(arg, "======================================\n"); 2214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE_free(rsp); 2215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 2216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2217674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom 2218674ff29eb647c577ba1ef822c373ead69dc386cfBrian Carlstrom#endif 2219