1/* apps/s_server.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58/* ==================================================================== 59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111/* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116/* ==================================================================== 117 * Copyright 2005 Nokia. All rights reserved. 118 * 119 * The portions of the attached software ("Contribution") is developed by 120 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121 * license. 122 * 123 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125 * support (see RFC 4279) to OpenSSL. 126 * 127 * No patent licenses or other rights except those expressly stated in 128 * the OpenSSL open source license shall be deemed granted or received 129 * expressly, by implication, estoppel, or otherwise. 130 * 131 * No assurances are provided by Nokia that the Contribution does not 132 * infringe the patent or other intellectual property rights of any third 133 * party or that the license provides you with all the necessary rights 134 * to make use of the Contribution. 135 * 136 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140 * OTHERWISE. 141 */ 142 143/* Until the key-gen callbacks are modified to use newer prototypes, we allow 144 * deprecated functions for openssl-internal code */ 145#ifdef OPENSSL_NO_DEPRECATED 146#undef OPENSSL_NO_DEPRECATED 147#endif 148 149#include <assert.h> 150#include <ctype.h> 151#include <stdio.h> 152#include <stdlib.h> 153#include <string.h> 154 155#include <openssl/e_os2.h> 156#ifdef OPENSSL_NO_STDIO 157#define APPS_WIN16 158#endif 159 160#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */ 161#include <sys/types.h> 162#endif 163 164/* With IPv6, it looks like Digital has mixed up the proper order of 165 recursive header file inclusion, resulting in the compiler complaining 166 that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which 167 is needed to have fileno() declared correctly... So let's define u_int */ 168#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 169#define __U_INT 170typedef unsigned int u_int; 171#endif 172 173#include <openssl/lhash.h> 174#include <openssl/bn.h> 175#define USE_SOCKETS 176#include "apps.h" 177#include <openssl/err.h> 178#include <openssl/pem.h> 179#include <openssl/x509.h> 180#include <openssl/ssl.h> 181#include <openssl/rand.h> 182#include <openssl/ocsp.h> 183#ifndef OPENSSL_NO_DH 184#include <openssl/dh.h> 185#endif 186#ifndef OPENSSL_NO_RSA 187#include <openssl/rsa.h> 188#endif 189#ifndef OPENSSL_NO_SRP 190#include <openssl/srp.h> 191#endif 192#include "s_apps.h" 193#include "timeouts.h" 194 195#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 196/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 197#undef FIONBIO 198#endif 199 200#if defined(OPENSSL_SYS_BEOS_R5) 201#include <fcntl.h> 202#endif 203 204#ifndef OPENSSL_NO_RSA 205static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 206#endif 207static int sv_body(char *hostname, int s, unsigned char *context); 208static int www_body(char *hostname, int s, unsigned char *context); 209static void close_accept_socket(void ); 210static void sv_usage(void); 211static int init_ssl_connection(SSL *s); 212static void print_stats(BIO *bp,SSL_CTX *ctx); 213static int generate_session_id(const SSL *ssl, unsigned char *id, 214 unsigned int *id_len); 215#ifndef OPENSSL_NO_DH 216static DH *load_dh_param(const char *dhfile); 217static DH *get_dh512(void); 218#endif 219 220#ifdef MONOLITH 221static void s_server_init(void); 222#endif 223 224#ifndef OPENSSL_NO_DH 225static unsigned char dh512_p[]={ 226 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, 227 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, 228 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, 229 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, 230 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, 231 0x47,0x74,0xE8,0x33, 232 }; 233static unsigned char dh512_g[]={ 234 0x02, 235 }; 236 237static DH *get_dh512(void) 238 { 239 DH *dh=NULL; 240 241 if ((dh=DH_new()) == NULL) return(NULL); 242 dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); 243 dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); 244 if ((dh->p == NULL) || (dh->g == NULL)) 245 return(NULL); 246 return(dh); 247 } 248#endif 249 250 251/* static int load_CA(SSL_CTX *ctx, char *file);*/ 252 253#undef BUFSIZZ 254#define BUFSIZZ 16*1024 255static int bufsize=BUFSIZZ; 256static int accept_socket= -1; 257 258#define TEST_CERT "server.pem" 259#ifndef OPENSSL_NO_TLSEXT 260#define TEST_CERT2 "server2.pem" 261#endif 262#undef PROG 263#define PROG s_server_main 264 265extern int verify_depth, verify_return_error; 266 267static char *cipher=NULL; 268static int s_server_verify=SSL_VERIFY_NONE; 269static int s_server_session_id_context = 1; /* anything will do */ 270static const char *s_cert_file=TEST_CERT,*s_key_file=NULL; 271#ifndef OPENSSL_NO_TLSEXT 272static const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL; 273#endif 274static char *s_dcert_file=NULL,*s_dkey_file=NULL; 275#ifdef FIONBIO 276static int s_nbio=0; 277#endif 278static int s_nbio_test=0; 279int s_crlf=0; 280static SSL_CTX *ctx=NULL; 281#ifndef OPENSSL_NO_TLSEXT 282static SSL_CTX *ctx2=NULL; 283#endif 284static int www=0; 285 286static BIO *bio_s_out=NULL; 287static int s_debug=0; 288#ifndef OPENSSL_NO_TLSEXT 289static int s_tlsextdebug=0; 290static int s_tlsextstatus=0; 291static int cert_status_cb(SSL *s, void *arg); 292#endif 293static int s_msg=0; 294static int s_quiet=0; 295 296static char *keymatexportlabel=NULL; 297static int keymatexportlen=20; 298 299static int hack=0; 300#ifndef OPENSSL_NO_ENGINE 301static char *engine_id=NULL; 302#endif 303static const char *session_id_prefix=NULL; 304 305static int enable_timeouts = 0; 306static long socket_mtu; 307#ifndef OPENSSL_NO_DTLS1 308static int cert_chain = 0; 309#endif 310 311 312#ifndef OPENSSL_NO_PSK 313static char *psk_identity="Client_identity"; 314char *psk_key=NULL; /* by default PSK is not used */ 315 316static unsigned int psk_server_cb(SSL *ssl, const char *identity, 317 unsigned char *psk, unsigned int max_psk_len) 318 { 319 unsigned int psk_len = 0; 320 int ret; 321 BIGNUM *bn = NULL; 322 323 if (s_debug) 324 BIO_printf(bio_s_out,"psk_server_cb\n"); 325 if (!identity) 326 { 327 BIO_printf(bio_err,"Error: client did not send PSK identity\n"); 328 goto out_err; 329 } 330 if (s_debug) 331 BIO_printf(bio_s_out,"identity_len=%d identity=%s\n", 332 identity ? (int)strlen(identity) : 0, identity); 333 334 /* here we could lookup the given identity e.g. from a database */ 335 if (strcmp(identity, psk_identity) != 0) 336 { 337 BIO_printf(bio_s_out, "PSK error: client identity not found" 338 " (got '%s' expected '%s')\n", identity, 339 psk_identity); 340 goto out_err; 341 } 342 if (s_debug) 343 BIO_printf(bio_s_out, "PSK client identity found\n"); 344 345 /* convert the PSK key to binary */ 346 ret = BN_hex2bn(&bn, psk_key); 347 if (!ret) 348 { 349 BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key); 350 if (bn) 351 BN_free(bn); 352 return 0; 353 } 354 if (BN_num_bytes(bn) > (int)max_psk_len) 355 { 356 BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n", 357 max_psk_len, BN_num_bytes(bn)); 358 BN_free(bn); 359 return 0; 360 } 361 362 ret = BN_bn2bin(bn, psk); 363 BN_free(bn); 364 365 if (ret < 0) 366 goto out_err; 367 psk_len = (unsigned int)ret; 368 369 if (s_debug) 370 BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len); 371 return psk_len; 372 out_err: 373 if (s_debug) 374 BIO_printf(bio_err, "Error in PSK server callback\n"); 375 return 0; 376 } 377#endif 378 379#ifndef OPENSSL_NO_SRP 380/* This is a context that we pass to callbacks */ 381typedef struct srpsrvparm_st 382 { 383 char *login; 384 SRP_VBASE *vb; 385 SRP_user_pwd *user; 386 } srpsrvparm; 387 388/* This callback pretends to require some asynchronous logic in order to obtain 389 a verifier. When the callback is called for a new connection we return 390 with a negative value. This will provoke the accept etc to return with 391 an LOOKUP_X509. The main logic of the reinvokes the suspended call 392 (which would normally occur after a worker has finished) and we 393 set the user parameters. 394*/ 395static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) 396 { 397 srpsrvparm *p = (srpsrvparm *)arg; 398 if (p->login == NULL && p->user == NULL ) 399 { 400 p->login = SSL_get_srp_username(s); 401 BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login); 402 return (-1) ; 403 } 404 405 if (p->user == NULL) 406 { 407 BIO_printf(bio_err, "User %s doesn't exist\n", p->login); 408 return SSL3_AL_FATAL; 409 } 410 if (SSL_set_srp_server_param(s, p->user->N, p->user->g, p->user->s, p->user->v, 411 p->user->info) < 0) 412 { 413 *ad = SSL_AD_INTERNAL_ERROR; 414 return SSL3_AL_FATAL; 415 } 416 BIO_printf(bio_err, "SRP parameters set: username = \"%s\" info=\"%s\" \n", p->login,p->user->info); 417 /* need to check whether there are memory leaks */ 418 p->user = NULL; 419 p->login = NULL; 420 return SSL_ERROR_NONE; 421 } 422 423#endif 424 425#ifdef MONOLITH 426static void s_server_init(void) 427 { 428 accept_socket=-1; 429 cipher=NULL; 430 s_server_verify=SSL_VERIFY_NONE; 431 s_dcert_file=NULL; 432 s_dkey_file=NULL; 433 s_cert_file=TEST_CERT; 434 s_key_file=NULL; 435#ifndef OPENSSL_NO_TLSEXT 436 s_cert_file2=TEST_CERT2; 437 s_key_file2=NULL; 438 ctx2=NULL; 439#endif 440#ifdef FIONBIO 441 s_nbio=0; 442#endif 443 s_nbio_test=0; 444 ctx=NULL; 445 www=0; 446 447 bio_s_out=NULL; 448 s_debug=0; 449 s_msg=0; 450 s_quiet=0; 451 hack=0; 452#ifndef OPENSSL_NO_ENGINE 453 engine_id=NULL; 454#endif 455 } 456#endif 457 458static void sv_usage(void) 459 { 460 BIO_printf(bio_err,"usage: s_server [args ...]\n"); 461 BIO_printf(bio_err,"\n"); 462 BIO_printf(bio_err," -accept arg - port to accept on (default is %d)\n",PORT); 463 BIO_printf(bio_err," -context arg - set session ID context\n"); 464 BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); 465 BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); 466 BIO_printf(bio_err," -verify_return_error - return verification errors\n"); 467 BIO_printf(bio_err," -cert arg - certificate file to use\n"); 468 BIO_printf(bio_err," (default is %s)\n",TEST_CERT); 469 BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \ 470 " The CRL(s) are appended to the certificate file\n"); 471 BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \ 472 " or any other CRL in the CA chain. CRL(s) are appened to the\n" \ 473 " the certificate file.\n"); 474 BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 475 BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n"); 476 BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT); 477 BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); 478 BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 479 BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n"); 480 BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n"); 481 BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n"); 482 BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); 483 BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n"); 484 BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n"); 485 BIO_printf(bio_err," or a default set of parameters is used\n"); 486#ifndef OPENSSL_NO_ECDH 487 BIO_printf(bio_err," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 488 " Use \"openssl ecparam -list_curves\" for all names\n" \ 489 " (default is nistp256).\n"); 490#endif 491#ifdef FIONBIO 492 BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 493#endif 494 BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n"); 495 BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 496 BIO_printf(bio_err," -debug - Print more output\n"); 497 BIO_printf(bio_err," -msg - Show protocol messages\n"); 498 BIO_printf(bio_err," -state - Print the SSL states\n"); 499 BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 500 BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 501 BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); 502 BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); 503 BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); 504 BIO_printf(bio_err," -quiet - No server output\n"); 505 BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); 506#ifndef OPENSSL_NO_PSK 507 BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n"); 508 BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); 509# ifndef OPENSSL_NO_JPAKE 510 BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); 511# endif 512#endif 513#ifndef OPENSSL_NO_SRP 514 BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n"); 515 BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n"); 516#endif 517 BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); 518 BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); 519 BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n"); 520 BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n"); 521 BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); 522 BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); 523 BIO_printf(bio_err," -timeout - Enable timeouts\n"); 524 BIO_printf(bio_err," -mtu - Set link layer MTU\n"); 525 BIO_printf(bio_err," -chain - Read a certificate chain\n"); 526 BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); 527 BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); 528 BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); 529 BIO_printf(bio_err," -no_tls1_1 - Just disable TLSv1.1\n"); 530 BIO_printf(bio_err," -no_tls1_2 - Just disable TLSv1.2\n"); 531#ifndef OPENSSL_NO_DH 532 BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); 533#endif 534#ifndef OPENSSL_NO_ECDH 535 BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n"); 536#endif 537 BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); 538 BIO_printf(bio_err," -hack - workaround for early Netscape code\n"); 539 BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); 540 BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 541 BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 542 BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); 543#ifndef OPENSSL_NO_ENGINE 544 BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 545#endif 546 BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); 547 BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 548#ifndef OPENSSL_NO_TLSEXT 549 BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n"); 550 BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); 551 BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n"); 552 BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); 553 BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); 554 BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); 555 BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); 556 BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); 557 BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 558# ifndef OPENSSL_NO_NEXTPROTONEG 559 BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); 560# endif 561# ifndef OPENSSL_NO_SRTP 562 BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); 563# endif 564#endif 565 BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); 566 BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); 567 BIO_printf(bio_err," -status - respond to certificate status requests\n"); 568 BIO_printf(bio_err," -status_verbose - enable status request verbose printout\n"); 569 BIO_printf(bio_err," -status_timeout n - status request responder timeout\n"); 570 BIO_printf(bio_err," -status_url URL - status request fallback URL\n"); 571 } 572 573static int local_argc=0; 574static char **local_argv; 575 576#ifdef CHARSET_EBCDIC 577static int ebcdic_new(BIO *bi); 578static int ebcdic_free(BIO *a); 579static int ebcdic_read(BIO *b, char *out, int outl); 580static int ebcdic_write(BIO *b, const char *in, int inl); 581static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr); 582static int ebcdic_gets(BIO *bp, char *buf, int size); 583static int ebcdic_puts(BIO *bp, const char *str); 584 585#define BIO_TYPE_EBCDIC_FILTER (18|0x0200) 586static BIO_METHOD methods_ebcdic= 587 { 588 BIO_TYPE_EBCDIC_FILTER, 589 "EBCDIC/ASCII filter", 590 ebcdic_write, 591 ebcdic_read, 592 ebcdic_puts, 593 ebcdic_gets, 594 ebcdic_ctrl, 595 ebcdic_new, 596 ebcdic_free, 597 }; 598 599typedef struct 600{ 601 size_t alloced; 602 char buff[1]; 603} EBCDIC_OUTBUFF; 604 605BIO_METHOD *BIO_f_ebcdic_filter() 606{ 607 return(&methods_ebcdic); 608} 609 610static int ebcdic_new(BIO *bi) 611{ 612 EBCDIC_OUTBUFF *wbuf; 613 614 wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); 615 wbuf->alloced = 1024; 616 wbuf->buff[0] = '\0'; 617 618 bi->ptr=(char *)wbuf; 619 bi->init=1; 620 bi->flags=0; 621 return(1); 622} 623 624static int ebcdic_free(BIO *a) 625{ 626 if (a == NULL) return(0); 627 if (a->ptr != NULL) 628 OPENSSL_free(a->ptr); 629 a->ptr=NULL; 630 a->init=0; 631 a->flags=0; 632 return(1); 633} 634 635static int ebcdic_read(BIO *b, char *out, int outl) 636{ 637 int ret=0; 638 639 if (out == NULL || outl == 0) return(0); 640 if (b->next_bio == NULL) return(0); 641 642 ret=BIO_read(b->next_bio,out,outl); 643 if (ret > 0) 644 ascii2ebcdic(out,out,ret); 645 return(ret); 646} 647 648static int ebcdic_write(BIO *b, const char *in, int inl) 649{ 650 EBCDIC_OUTBUFF *wbuf; 651 int ret=0; 652 int num; 653 unsigned char n; 654 655 if ((in == NULL) || (inl <= 0)) return(0); 656 if (b->next_bio == NULL) return(0); 657 658 wbuf=(EBCDIC_OUTBUFF *)b->ptr; 659 660 if (inl > (num = wbuf->alloced)) 661 { 662 num = num + num; /* double the size */ 663 if (num < inl) 664 num = inl; 665 OPENSSL_free(wbuf); 666 wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); 667 668 wbuf->alloced = num; 669 wbuf->buff[0] = '\0'; 670 671 b->ptr=(char *)wbuf; 672 } 673 674 ebcdic2ascii(wbuf->buff, in, inl); 675 676 ret=BIO_write(b->next_bio, wbuf->buff, inl); 677 678 return(ret); 679} 680 681static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr) 682{ 683 long ret; 684 685 if (b->next_bio == NULL) return(0); 686 switch (cmd) 687 { 688 case BIO_CTRL_DUP: 689 ret=0L; 690 break; 691 default: 692 ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 693 break; 694 } 695 return(ret); 696} 697 698static int ebcdic_gets(BIO *bp, char *buf, int size) 699{ 700 int i, ret=0; 701 if (bp->next_bio == NULL) return(0); 702/* return(BIO_gets(bp->next_bio,buf,size));*/ 703 for (i=0; i<size-1; ++i) 704 { 705 ret = ebcdic_read(bp,&buf[i],1); 706 if (ret <= 0) 707 break; 708 else if (buf[i] == '\n') 709 { 710 ++i; 711 break; 712 } 713 } 714 if (i < size) 715 buf[i] = '\0'; 716 return (ret < 0 && i == 0) ? ret : i; 717} 718 719static int ebcdic_puts(BIO *bp, const char *str) 720{ 721 if (bp->next_bio == NULL) return(0); 722 return ebcdic_write(bp, str, strlen(str)); 723} 724#endif 725 726#ifndef OPENSSL_NO_TLSEXT 727 728/* This is a context that we pass to callbacks */ 729typedef struct tlsextctx_st { 730 char * servername; 731 BIO * biodebug; 732 int extension_error; 733} tlsextctx; 734 735 736static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 737 { 738 tlsextctx * p = (tlsextctx *) arg; 739 const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 740 if (servername && p->biodebug) 741 BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername); 742 743 if (!p->servername) 744 return SSL_TLSEXT_ERR_NOACK; 745 746 if (servername) 747 { 748 if (strcasecmp(servername,p->servername)) 749 return p->extension_error; 750 if (ctx2) 751 { 752 BIO_printf(p->biodebug,"Switching server context.\n"); 753 SSL_set_SSL_CTX(s,ctx2); 754 } 755 } 756 return SSL_TLSEXT_ERR_OK; 757} 758 759/* Structure passed to cert status callback */ 760 761typedef struct tlsextstatusctx_st { 762 /* Default responder to use */ 763 char *host, *path, *port; 764 int use_ssl; 765 int timeout; 766 BIO *err; 767 int verbose; 768} tlsextstatusctx; 769 770static tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0}; 771 772/* Certificate Status callback. This is called when a client includes a 773 * certificate status request extension. 774 * 775 * This is a simplified version. It examines certificates each time and 776 * makes one OCSP responder query for each request. 777 * 778 * A full version would store details such as the OCSP certificate IDs and 779 * minimise the number of OCSP responses by caching them until they were 780 * considered "expired". 781 */ 782 783static int cert_status_cb(SSL *s, void *arg) 784 { 785 tlsextstatusctx *srctx = arg; 786 BIO *err = srctx->err; 787 char *host, *port, *path; 788 int use_ssl; 789 unsigned char *rspder = NULL; 790 int rspderlen; 791 STACK_OF(OPENSSL_STRING) *aia = NULL; 792 X509 *x = NULL; 793 X509_STORE_CTX inctx; 794 X509_OBJECT obj; 795 OCSP_REQUEST *req = NULL; 796 OCSP_RESPONSE *resp = NULL; 797 OCSP_CERTID *id = NULL; 798 STACK_OF(X509_EXTENSION) *exts; 799 int ret = SSL_TLSEXT_ERR_NOACK; 800 int i; 801#if 0 802STACK_OF(OCSP_RESPID) *ids; 803SSL_get_tlsext_status_ids(s, &ids); 804BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); 805#endif 806 if (srctx->verbose) 807 BIO_puts(err, "cert_status: callback called\n"); 808 /* Build up OCSP query from server certificate */ 809 x = SSL_get_certificate(s); 810 aia = X509_get1_ocsp(x); 811 if (aia) 812 { 813 if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), 814 &host, &port, &path, &use_ssl)) 815 { 816 BIO_puts(err, "cert_status: can't parse AIA URL\n"); 817 goto err; 818 } 819 if (srctx->verbose) 820 BIO_printf(err, "cert_status: AIA URL: %s\n", 821 sk_OPENSSL_STRING_value(aia, 0)); 822 } 823 else 824 { 825 if (!srctx->host) 826 { 827 BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n"); 828 goto done; 829 } 830 host = srctx->host; 831 path = srctx->path; 832 port = srctx->port; 833 use_ssl = srctx->use_ssl; 834 } 835 836 if (!X509_STORE_CTX_init(&inctx, 837 SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), 838 NULL, NULL)) 839 goto err; 840 if (X509_STORE_get_by_subject(&inctx,X509_LU_X509, 841 X509_get_issuer_name(x),&obj) <= 0) 842 { 843 BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); 844 X509_STORE_CTX_cleanup(&inctx); 845 goto done; 846 } 847 req = OCSP_REQUEST_new(); 848 if (!req) 849 goto err; 850 id = OCSP_cert_to_id(NULL, x, obj.data.x509); 851 X509_free(obj.data.x509); 852 X509_STORE_CTX_cleanup(&inctx); 853 if (!id) 854 goto err; 855 if (!OCSP_request_add0_id(req, id)) 856 goto err; 857 id = NULL; 858 /* Add any extensions to the request */ 859 SSL_get_tlsext_status_exts(s, &exts); 860 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) 861 { 862 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); 863 if (!OCSP_REQUEST_add_ext(req, ext, -1)) 864 goto err; 865 } 866 resp = process_responder(err, req, host, path, port, use_ssl, NULL, 867 srctx->timeout); 868 if (!resp) 869 { 870 BIO_puts(err, "cert_status: error querying responder\n"); 871 goto done; 872 } 873 rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); 874 if (rspderlen <= 0) 875 goto err; 876 SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); 877 if (srctx->verbose) 878 { 879 BIO_puts(err, "cert_status: ocsp response sent:\n"); 880 OCSP_RESPONSE_print(err, resp, 2); 881 } 882 ret = SSL_TLSEXT_ERR_OK; 883 done: 884 if (ret != SSL_TLSEXT_ERR_OK) 885 ERR_print_errors(err); 886 if (aia) 887 { 888 OPENSSL_free(host); 889 OPENSSL_free(path); 890 OPENSSL_free(port); 891 X509_email_free(aia); 892 } 893 if (id) 894 OCSP_CERTID_free(id); 895 if (req) 896 OCSP_REQUEST_free(req); 897 if (resp) 898 OCSP_RESPONSE_free(resp); 899 return ret; 900 err: 901 ret = SSL_TLSEXT_ERR_ALERT_FATAL; 902 goto done; 903 } 904 905# ifndef OPENSSL_NO_NEXTPROTONEG 906/* This is the context that we pass to next_proto_cb */ 907typedef struct tlsextnextprotoctx_st { 908 unsigned char *data; 909 unsigned int len; 910} tlsextnextprotoctx; 911 912static int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 913 { 914 tlsextnextprotoctx *next_proto = arg; 915 916 *data = next_proto->data; 917 *len = next_proto->len; 918 919 return SSL_TLSEXT_ERR_OK; 920 } 921# endif /* ndef OPENSSL_NO_NEXTPROTONEG */ 922 923 924#endif 925 926int MAIN(int, char **); 927 928#ifndef OPENSSL_NO_JPAKE 929static char *jpake_secret = NULL; 930#endif 931#ifndef OPENSSL_NO_SRP 932 static srpsrvparm srp_callback_parm; 933#endif 934#ifndef OPENSSL_NO_SRTP 935static char *srtp_profiles = NULL; 936#endif 937 938int MAIN(int argc, char *argv[]) 939 { 940 X509_VERIFY_PARAM *vpm = NULL; 941 int badarg = 0; 942 short port=PORT; 943 char *CApath=NULL,*CAfile=NULL; 944 unsigned char *context = NULL; 945 char *dhfile = NULL; 946#ifndef OPENSSL_NO_ECDH 947 char *named_curve = NULL; 948#endif 949 int badop=0,bugs=0; 950 int ret=1; 951 int off=0; 952 int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0; 953 int state=0; 954 const SSL_METHOD *meth=NULL; 955 int socket_type=SOCK_STREAM; 956 ENGINE *e=NULL; 957 char *inrand=NULL; 958 int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; 959 char *passarg = NULL, *pass = NULL; 960 char *dpassarg = NULL, *dpass = NULL; 961 int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; 962 X509 *s_cert = NULL, *s_dcert = NULL; 963 EVP_PKEY *s_key = NULL, *s_dkey = NULL; 964 int no_cache = 0; 965#ifndef OPENSSL_NO_TLSEXT 966 EVP_PKEY *s_key2 = NULL; 967 X509 *s_cert2 = NULL; 968 tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; 969# ifndef OPENSSL_NO_NEXTPROTONEG 970 const char *next_proto_neg_in = NULL; 971 tlsextnextprotoctx next_proto; 972# endif 973#endif 974#ifndef OPENSSL_NO_PSK 975 /* by default do not send a PSK identity hint */ 976 static char *psk_identity_hint=NULL; 977#endif 978#ifndef OPENSSL_NO_SRP 979 char *srpuserseed = NULL; 980 char *srp_verifier_file = NULL; 981#endif 982 meth=SSLv23_server_method(); 983 984 local_argc=argc; 985 local_argv=argv; 986 987 apps_startup(); 988#ifdef MONOLITH 989 s_server_init(); 990#endif 991 992 if (bio_err == NULL) 993 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 994 995 if (!load_config(bio_err, NULL)) 996 goto end; 997 998 verify_depth=0; 999#ifdef FIONBIO 1000 s_nbio=0; 1001#endif 1002 s_nbio_test=0; 1003 1004 argc--; 1005 argv++; 1006 1007 while (argc >= 1) 1008 { 1009 if ((strcmp(*argv,"-port") == 0) || 1010 (strcmp(*argv,"-accept") == 0)) 1011 { 1012 if (--argc < 1) goto bad; 1013 if (!extract_port(*(++argv),&port)) 1014 goto bad; 1015 } 1016 else if (strcmp(*argv,"-verify") == 0) 1017 { 1018 s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE; 1019 if (--argc < 1) goto bad; 1020 verify_depth=atoi(*(++argv)); 1021 BIO_printf(bio_err,"verify depth is %d\n",verify_depth); 1022 } 1023 else if (strcmp(*argv,"-Verify") == 0) 1024 { 1025 s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT| 1026 SSL_VERIFY_CLIENT_ONCE; 1027 if (--argc < 1) goto bad; 1028 verify_depth=atoi(*(++argv)); 1029 BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth); 1030 } 1031 else if (strcmp(*argv,"-context") == 0) 1032 { 1033 if (--argc < 1) goto bad; 1034 context= (unsigned char *)*(++argv); 1035 } 1036 else if (strcmp(*argv,"-cert") == 0) 1037 { 1038 if (--argc < 1) goto bad; 1039 s_cert_file= *(++argv); 1040 } 1041 else if (strcmp(*argv,"-certform") == 0) 1042 { 1043 if (--argc < 1) goto bad; 1044 s_cert_format = str2fmt(*(++argv)); 1045 } 1046 else if (strcmp(*argv,"-key") == 0) 1047 { 1048 if (--argc < 1) goto bad; 1049 s_key_file= *(++argv); 1050 } 1051 else if (strcmp(*argv,"-keyform") == 0) 1052 { 1053 if (--argc < 1) goto bad; 1054 s_key_format = str2fmt(*(++argv)); 1055 } 1056 else if (strcmp(*argv,"-pass") == 0) 1057 { 1058 if (--argc < 1) goto bad; 1059 passarg = *(++argv); 1060 } 1061 else if (strcmp(*argv,"-dhparam") == 0) 1062 { 1063 if (--argc < 1) goto bad; 1064 dhfile = *(++argv); 1065 } 1066#ifndef OPENSSL_NO_ECDH 1067 else if (strcmp(*argv,"-named_curve") == 0) 1068 { 1069 if (--argc < 1) goto bad; 1070 named_curve = *(++argv); 1071 } 1072#endif 1073 else if (strcmp(*argv,"-dcertform") == 0) 1074 { 1075 if (--argc < 1) goto bad; 1076 s_dcert_format = str2fmt(*(++argv)); 1077 } 1078 else if (strcmp(*argv,"-dcert") == 0) 1079 { 1080 if (--argc < 1) goto bad; 1081 s_dcert_file= *(++argv); 1082 } 1083 else if (strcmp(*argv,"-dkeyform") == 0) 1084 { 1085 if (--argc < 1) goto bad; 1086 s_dkey_format = str2fmt(*(++argv)); 1087 } 1088 else if (strcmp(*argv,"-dpass") == 0) 1089 { 1090 if (--argc < 1) goto bad; 1091 dpassarg = *(++argv); 1092 } 1093 else if (strcmp(*argv,"-dkey") == 0) 1094 { 1095 if (--argc < 1) goto bad; 1096 s_dkey_file= *(++argv); 1097 } 1098 else if (strcmp(*argv,"-nocert") == 0) 1099 { 1100 nocert=1; 1101 } 1102 else if (strcmp(*argv,"-CApath") == 0) 1103 { 1104 if (--argc < 1) goto bad; 1105 CApath= *(++argv); 1106 } 1107 else if (strcmp(*argv,"-no_cache") == 0) 1108 no_cache = 1; 1109 else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) 1110 { 1111 if (badarg) 1112 goto bad; 1113 continue; 1114 } 1115 else if (strcmp(*argv,"-verify_return_error") == 0) 1116 verify_return_error = 1; 1117 else if (strcmp(*argv,"-serverpref") == 0) 1118 { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } 1119 else if (strcmp(*argv,"-legacy_renegotiation") == 0) 1120 off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 1121 else if (strcmp(*argv,"-cipher") == 0) 1122 { 1123 if (--argc < 1) goto bad; 1124 cipher= *(++argv); 1125 } 1126 else if (strcmp(*argv,"-CAfile") == 0) 1127 { 1128 if (--argc < 1) goto bad; 1129 CAfile= *(++argv); 1130 } 1131#ifdef FIONBIO 1132 else if (strcmp(*argv,"-nbio") == 0) 1133 { s_nbio=1; } 1134#endif 1135 else if (strcmp(*argv,"-nbio_test") == 0) 1136 { 1137#ifdef FIONBIO 1138 s_nbio=1; 1139#endif 1140 s_nbio_test=1; 1141 } 1142 else if (strcmp(*argv,"-debug") == 0) 1143 { s_debug=1; } 1144#ifndef OPENSSL_NO_TLSEXT 1145 else if (strcmp(*argv,"-tlsextdebug") == 0) 1146 s_tlsextdebug=1; 1147 else if (strcmp(*argv,"-status") == 0) 1148 s_tlsextstatus=1; 1149 else if (strcmp(*argv,"-status_verbose") == 0) 1150 { 1151 s_tlsextstatus=1; 1152 tlscstatp.verbose = 1; 1153 } 1154 else if (!strcmp(*argv, "-status_timeout")) 1155 { 1156 s_tlsextstatus=1; 1157 if (--argc < 1) goto bad; 1158 tlscstatp.timeout = atoi(*(++argv)); 1159 } 1160 else if (!strcmp(*argv, "-status_url")) 1161 { 1162 s_tlsextstatus=1; 1163 if (--argc < 1) goto bad; 1164 if (!OCSP_parse_url(*(++argv), 1165 &tlscstatp.host, 1166 &tlscstatp.port, 1167 &tlscstatp.path, 1168 &tlscstatp.use_ssl)) 1169 { 1170 BIO_printf(bio_err, "Error parsing URL\n"); 1171 goto bad; 1172 } 1173 } 1174#endif 1175 else if (strcmp(*argv,"-msg") == 0) 1176 { s_msg=1; } 1177 else if (strcmp(*argv,"-hack") == 0) 1178 { hack=1; } 1179 else if (strcmp(*argv,"-state") == 0) 1180 { state=1; } 1181 else if (strcmp(*argv,"-crlf") == 0) 1182 { s_crlf=1; } 1183 else if (strcmp(*argv,"-quiet") == 0) 1184 { s_quiet=1; } 1185 else if (strcmp(*argv,"-bugs") == 0) 1186 { bugs=1; } 1187 else if (strcmp(*argv,"-no_tmp_rsa") == 0) 1188 { no_tmp_rsa=1; } 1189 else if (strcmp(*argv,"-no_dhe") == 0) 1190 { no_dhe=1; } 1191 else if (strcmp(*argv,"-no_ecdhe") == 0) 1192 { no_ecdhe=1; } 1193#ifndef OPENSSL_NO_PSK 1194 else if (strcmp(*argv,"-psk_hint") == 0) 1195 { 1196 if (--argc < 1) goto bad; 1197 psk_identity_hint= *(++argv); 1198 } 1199 else if (strcmp(*argv,"-psk") == 0) 1200 { 1201 size_t i; 1202 1203 if (--argc < 1) goto bad; 1204 psk_key=*(++argv); 1205 for (i=0; i<strlen(psk_key); i++) 1206 { 1207 if (isxdigit((unsigned char)psk_key[i])) 1208 continue; 1209 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); 1210 goto bad; 1211 } 1212 } 1213#endif 1214#ifndef OPENSSL_NO_SRP 1215 else if (strcmp(*argv, "-srpvfile") == 0) 1216 { 1217 if (--argc < 1) goto bad; 1218 srp_verifier_file = *(++argv); 1219 meth = TLSv1_server_method(); 1220 } 1221 else if (strcmp(*argv, "-srpuserseed") == 0) 1222 { 1223 if (--argc < 1) goto bad; 1224 srpuserseed = *(++argv); 1225 meth = TLSv1_server_method(); 1226 } 1227#endif 1228 else if (strcmp(*argv,"-www") == 0) 1229 { www=1; } 1230 else if (strcmp(*argv,"-WWW") == 0) 1231 { www=2; } 1232 else if (strcmp(*argv,"-HTTP") == 0) 1233 { www=3; } 1234 else if (strcmp(*argv,"-no_ssl2") == 0) 1235 { off|=SSL_OP_NO_SSLv2; } 1236 else if (strcmp(*argv,"-no_ssl3") == 0) 1237 { off|=SSL_OP_NO_SSLv3; } 1238 else if (strcmp(*argv,"-no_tls1") == 0) 1239 { off|=SSL_OP_NO_TLSv1; } 1240 else if (strcmp(*argv,"-no_tls1_1") == 0) 1241 { off|=SSL_OP_NO_TLSv1_1; } 1242 else if (strcmp(*argv,"-no_tls1_2") == 0) 1243 { off|=SSL_OP_NO_TLSv1_2; } 1244 else if (strcmp(*argv,"-no_comp") == 0) 1245 { off|=SSL_OP_NO_COMPRESSION; } 1246#ifndef OPENSSL_NO_TLSEXT 1247 else if (strcmp(*argv,"-no_ticket") == 0) 1248 { off|=SSL_OP_NO_TICKET; } 1249#endif 1250#ifndef OPENSSL_NO_SSL2 1251 else if (strcmp(*argv,"-ssl2") == 0) 1252 { meth=SSLv2_server_method(); } 1253#endif 1254#ifndef OPENSSL_NO_SSL3 1255 else if (strcmp(*argv,"-ssl3") == 0) 1256 { meth=SSLv3_server_method(); } 1257#endif 1258#ifndef OPENSSL_NO_TLS1 1259 else if (strcmp(*argv,"-tls1") == 0) 1260 { meth=TLSv1_server_method(); } 1261 else if (strcmp(*argv,"-tls1_1") == 0) 1262 { meth=TLSv1_1_server_method(); } 1263 else if (strcmp(*argv,"-tls1_2") == 0) 1264 { meth=TLSv1_2_server_method(); } 1265#endif 1266#ifndef OPENSSL_NO_DTLS1 1267 else if (strcmp(*argv,"-dtls1") == 0) 1268 { 1269 meth=DTLSv1_server_method(); 1270 socket_type = SOCK_DGRAM; 1271 } 1272 else if (strcmp(*argv,"-timeout") == 0) 1273 enable_timeouts = 1; 1274 else if (strcmp(*argv,"-mtu") == 0) 1275 { 1276 if (--argc < 1) goto bad; 1277 socket_mtu = atol(*(++argv)); 1278 } 1279 else if (strcmp(*argv, "-chain") == 0) 1280 cert_chain = 1; 1281#endif 1282 else if (strcmp(*argv, "-id_prefix") == 0) 1283 { 1284 if (--argc < 1) goto bad; 1285 session_id_prefix = *(++argv); 1286 } 1287#ifndef OPENSSL_NO_ENGINE 1288 else if (strcmp(*argv,"-engine") == 0) 1289 { 1290 if (--argc < 1) goto bad; 1291 engine_id= *(++argv); 1292 } 1293#endif 1294 else if (strcmp(*argv,"-rand") == 0) 1295 { 1296 if (--argc < 1) goto bad; 1297 inrand= *(++argv); 1298 } 1299#ifndef OPENSSL_NO_TLSEXT 1300 else if (strcmp(*argv,"-servername") == 0) 1301 { 1302 if (--argc < 1) goto bad; 1303 tlsextcbp.servername= *(++argv); 1304 } 1305 else if (strcmp(*argv,"-servername_fatal") == 0) 1306 { tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; } 1307 else if (strcmp(*argv,"-cert2") == 0) 1308 { 1309 if (--argc < 1) goto bad; 1310 s_cert_file2= *(++argv); 1311 } 1312 else if (strcmp(*argv,"-key2") == 0) 1313 { 1314 if (--argc < 1) goto bad; 1315 s_key_file2= *(++argv); 1316 } 1317# ifndef OPENSSL_NO_NEXTPROTONEG 1318 else if (strcmp(*argv,"-nextprotoneg") == 0) 1319 { 1320 if (--argc < 1) goto bad; 1321 next_proto_neg_in = *(++argv); 1322 } 1323# endif 1324#endif 1325#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1326 else if (strcmp(*argv,"-jpake") == 0) 1327 { 1328 if (--argc < 1) goto bad; 1329 jpake_secret = *(++argv); 1330 } 1331#endif 1332#ifndef OPENSSL_NO_SRTP 1333 else if (strcmp(*argv,"-use_srtp") == 0) 1334 { 1335 if (--argc < 1) goto bad; 1336 srtp_profiles = *(++argv); 1337 } 1338#endif 1339 else if (strcmp(*argv,"-keymatexport") == 0) 1340 { 1341 if (--argc < 1) goto bad; 1342 keymatexportlabel= *(++argv); 1343 } 1344 else if (strcmp(*argv,"-keymatexportlen") == 0) 1345 { 1346 if (--argc < 1) goto bad; 1347 keymatexportlen=atoi(*(++argv)); 1348 if (keymatexportlen == 0) goto bad; 1349 } 1350 else 1351 { 1352 BIO_printf(bio_err,"unknown option %s\n",*argv); 1353 badop=1; 1354 break; 1355 } 1356 argc--; 1357 argv++; 1358 } 1359 if (badop) 1360 { 1361bad: 1362 sv_usage(); 1363 goto end; 1364 } 1365#ifndef OPENSSL_NO_DTLS1 1366 if (www && socket_type == SOCK_DGRAM) 1367 { 1368 BIO_printf(bio_err, 1369 "Can't use -HTTP, -www or -WWW with DTLS\n"); 1370 goto end; 1371 } 1372#endif 1373 1374#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1375 if (jpake_secret) 1376 { 1377 if (psk_key) 1378 { 1379 BIO_printf(bio_err, 1380 "Can't use JPAKE and PSK together\n"); 1381 goto end; 1382 } 1383 psk_identity = "JPAKE"; 1384 if (cipher) 1385 { 1386 BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1387 goto end; 1388 } 1389 cipher = "PSK"; 1390 } 1391 1392#endif 1393 1394 SSL_load_error_strings(); 1395 OpenSSL_add_ssl_algorithms(); 1396 1397#ifndef OPENSSL_NO_ENGINE 1398 e = setup_engine(bio_err, engine_id, 1); 1399#endif 1400 1401 if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) 1402 { 1403 BIO_printf(bio_err, "Error getting password\n"); 1404 goto end; 1405 } 1406 1407 1408 if (s_key_file == NULL) 1409 s_key_file = s_cert_file; 1410#ifndef OPENSSL_NO_TLSEXT 1411 if (s_key_file2 == NULL) 1412 s_key_file2 = s_cert_file2; 1413#endif 1414 1415 if (nocert == 0) 1416 { 1417 s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, 1418 "server certificate private key file"); 1419 if (!s_key) 1420 { 1421 ERR_print_errors(bio_err); 1422 goto end; 1423 } 1424 1425 s_cert = load_cert(bio_err,s_cert_file,s_cert_format, 1426 NULL, e, "server certificate file"); 1427 1428 if (!s_cert) 1429 { 1430 ERR_print_errors(bio_err); 1431 goto end; 1432 } 1433 1434#ifndef OPENSSL_NO_TLSEXT 1435 if (tlsextcbp.servername) 1436 { 1437 s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, 1438 "second server certificate private key file"); 1439 if (!s_key2) 1440 { 1441 ERR_print_errors(bio_err); 1442 goto end; 1443 } 1444 1445 s_cert2 = load_cert(bio_err,s_cert_file2,s_cert_format, 1446 NULL, e, "second server certificate file"); 1447 1448 if (!s_cert2) 1449 { 1450 ERR_print_errors(bio_err); 1451 goto end; 1452 } 1453 } 1454#endif 1455 } 1456 1457#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 1458 if (next_proto_neg_in) 1459 { 1460 unsigned short len; 1461 next_proto.data = next_protos_parse(&len, next_proto_neg_in); 1462 if (next_proto.data == NULL) 1463 goto end; 1464 next_proto.len = len; 1465 } 1466 else 1467 { 1468 next_proto.data = NULL; 1469 } 1470#endif 1471 1472 1473 if (s_dcert_file) 1474 { 1475 1476 if (s_dkey_file == NULL) 1477 s_dkey_file = s_dcert_file; 1478 1479 s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, 1480 0, dpass, e, 1481 "second certificate private key file"); 1482 if (!s_dkey) 1483 { 1484 ERR_print_errors(bio_err); 1485 goto end; 1486 } 1487 1488 s_dcert = load_cert(bio_err,s_dcert_file,s_dcert_format, 1489 NULL, e, "second server certificate file"); 1490 1491 if (!s_dcert) 1492 { 1493 ERR_print_errors(bio_err); 1494 goto end; 1495 } 1496 1497 } 1498 1499 if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1500 && !RAND_status()) 1501 { 1502 BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 1503 } 1504 if (inrand != NULL) 1505 BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 1506 app_RAND_load_files(inrand)); 1507 1508 if (bio_s_out == NULL) 1509 { 1510 if (s_quiet && !s_debug && !s_msg) 1511 { 1512 bio_s_out=BIO_new(BIO_s_null()); 1513 } 1514 else 1515 { 1516 if (bio_s_out == NULL) 1517 bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE); 1518 } 1519 } 1520 1521#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) 1522 if (nocert) 1523#endif 1524 { 1525 s_cert_file=NULL; 1526 s_key_file=NULL; 1527 s_dcert_file=NULL; 1528 s_dkey_file=NULL; 1529#ifndef OPENSSL_NO_TLSEXT 1530 s_cert_file2=NULL; 1531 s_key_file2=NULL; 1532#endif 1533 } 1534 1535 ctx=SSL_CTX_new(meth); 1536 if (ctx == NULL) 1537 { 1538 ERR_print_errors(bio_err); 1539 goto end; 1540 } 1541 if (session_id_prefix) 1542 { 1543 if(strlen(session_id_prefix) >= 32) 1544 BIO_printf(bio_err, 1545"warning: id_prefix is too long, only one new session will be possible\n"); 1546 else if(strlen(session_id_prefix) >= 16) 1547 BIO_printf(bio_err, 1548"warning: id_prefix is too long if you use SSLv2\n"); 1549 if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) 1550 { 1551 BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1552 ERR_print_errors(bio_err); 1553 goto end; 1554 } 1555 BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1556 } 1557 SSL_CTX_set_quiet_shutdown(ctx,1); 1558 if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); 1559 if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1560 SSL_CTX_set_options(ctx,off); 1561 /* DTLS: partial reads end up discarding unread UDP bytes :-( 1562 * Setting read ahead solves this problem. 1563 */ 1564 if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); 1565 1566 if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); 1567 if (no_cache) 1568 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); 1569 else 1570 SSL_CTX_sess_set_cache_size(ctx,128); 1571 1572#ifndef OPENSSL_NO_SRTP 1573 if (srtp_profiles != NULL) 1574 SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); 1575#endif 1576 1577#if 0 1578 if (cipher == NULL) cipher=getenv("SSL_CIPHER"); 1579#endif 1580 1581#if 0 1582 if (s_cert_file == NULL) 1583 { 1584 BIO_printf(bio_err,"You must specify a certificate file for the server to use\n"); 1585 goto end; 1586 } 1587#endif 1588 1589 if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || 1590 (!SSL_CTX_set_default_verify_paths(ctx))) 1591 { 1592 /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ 1593 ERR_print_errors(bio_err); 1594 /* goto end; */ 1595 } 1596 if (vpm) 1597 SSL_CTX_set1_param(ctx, vpm); 1598 1599#ifndef OPENSSL_NO_TLSEXT 1600 if (s_cert2) 1601 { 1602 ctx2=SSL_CTX_new(meth); 1603 if (ctx2 == NULL) 1604 { 1605 ERR_print_errors(bio_err); 1606 goto end; 1607 } 1608 } 1609 1610 if (ctx2) 1611 { 1612 BIO_printf(bio_s_out,"Setting secondary ctx parameters\n"); 1613 1614 if (session_id_prefix) 1615 { 1616 if(strlen(session_id_prefix) >= 32) 1617 BIO_printf(bio_err, 1618 "warning: id_prefix is too long, only one new session will be possible\n"); 1619 else if(strlen(session_id_prefix) >= 16) 1620 BIO_printf(bio_err, 1621 "warning: id_prefix is too long if you use SSLv2\n"); 1622 if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) 1623 { 1624 BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1625 ERR_print_errors(bio_err); 1626 goto end; 1627 } 1628 BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1629 } 1630 SSL_CTX_set_quiet_shutdown(ctx2,1); 1631 if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL); 1632 if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1633 SSL_CTX_set_options(ctx2,off); 1634 /* DTLS: partial reads end up discarding unread UDP bytes :-( 1635 * Setting read ahead solves this problem. 1636 */ 1637 if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1); 1638 1639 if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback); 1640 1641 if (no_cache) 1642 SSL_CTX_set_session_cache_mode(ctx2,SSL_SESS_CACHE_OFF); 1643 else 1644 SSL_CTX_sess_set_cache_size(ctx2,128); 1645 1646 if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) || 1647 (!SSL_CTX_set_default_verify_paths(ctx2))) 1648 { 1649 ERR_print_errors(bio_err); 1650 } 1651 if (vpm) 1652 SSL_CTX_set1_param(ctx2, vpm); 1653 } 1654 1655# ifndef OPENSSL_NO_NEXTPROTONEG 1656 if (next_proto.data) 1657 SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); 1658# endif 1659#endif 1660 1661#ifndef OPENSSL_NO_DH 1662 if (!no_dhe) 1663 { 1664 DH *dh=NULL; 1665 1666 if (dhfile) 1667 dh = load_dh_param(dhfile); 1668 else if (s_cert_file) 1669 dh = load_dh_param(s_cert_file); 1670 1671 if (dh != NULL) 1672 { 1673 BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1674 } 1675 else 1676 { 1677 BIO_printf(bio_s_out,"Using default temp DH parameters\n"); 1678 dh=get_dh512(); 1679 } 1680 (void)BIO_flush(bio_s_out); 1681 1682 SSL_CTX_set_tmp_dh(ctx,dh); 1683#ifndef OPENSSL_NO_TLSEXT 1684 if (ctx2) 1685 { 1686 if (!dhfile) 1687 { 1688 DH *dh2=load_dh_param(s_cert_file2); 1689 if (dh2 != NULL) 1690 { 1691 BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1692 (void)BIO_flush(bio_s_out); 1693 1694 DH_free(dh); 1695 dh = dh2; 1696 } 1697 } 1698 SSL_CTX_set_tmp_dh(ctx2,dh); 1699 } 1700#endif 1701 DH_free(dh); 1702 } 1703#endif 1704 1705#ifndef OPENSSL_NO_ECDH 1706 if (!no_ecdhe) 1707 { 1708 EC_KEY *ecdh=NULL; 1709 1710 if (named_curve) 1711 { 1712 int nid = OBJ_sn2nid(named_curve); 1713 1714 if (nid == 0) 1715 { 1716 BIO_printf(bio_err, "unknown curve name (%s)\n", 1717 named_curve); 1718 goto end; 1719 } 1720 ecdh = EC_KEY_new_by_curve_name(nid); 1721 if (ecdh == NULL) 1722 { 1723 BIO_printf(bio_err, "unable to create curve (%s)\n", 1724 named_curve); 1725 goto end; 1726 } 1727 } 1728 1729 if (ecdh != NULL) 1730 { 1731 BIO_printf(bio_s_out,"Setting temp ECDH parameters\n"); 1732 } 1733 else 1734 { 1735 BIO_printf(bio_s_out,"Using default temp ECDH parameters\n"); 1736 ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); 1737 if (ecdh == NULL) 1738 { 1739 BIO_printf(bio_err, "unable to create curve (nistp256)\n"); 1740 goto end; 1741 } 1742 } 1743 (void)BIO_flush(bio_s_out); 1744 1745 SSL_CTX_set_tmp_ecdh(ctx,ecdh); 1746#ifndef OPENSSL_NO_TLSEXT 1747 if (ctx2) 1748 SSL_CTX_set_tmp_ecdh(ctx2,ecdh); 1749#endif 1750 EC_KEY_free(ecdh); 1751 } 1752#endif 1753 1754 if (!set_cert_key_stuff(ctx, s_cert, s_key)) 1755 goto end; 1756#ifndef OPENSSL_NO_TLSEXT 1757 if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2)) 1758 goto end; 1759#endif 1760 if (s_dcert != NULL) 1761 { 1762 if (!set_cert_key_stuff(ctx, s_dcert, s_dkey)) 1763 goto end; 1764 } 1765 1766#ifndef OPENSSL_NO_RSA 1767#if 1 1768 if (!no_tmp_rsa) 1769 { 1770 SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); 1771#ifndef OPENSSL_NO_TLSEXT 1772 if (ctx2) 1773 SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb); 1774#endif 1775 } 1776#else 1777 if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) 1778 { 1779 RSA *rsa; 1780 1781 BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key..."); 1782 BIO_flush(bio_s_out); 1783 1784 rsa=RSA_generate_key(512,RSA_F4,NULL); 1785 1786 if (!SSL_CTX_set_tmp_rsa(ctx,rsa)) 1787 { 1788 ERR_print_errors(bio_err); 1789 goto end; 1790 } 1791#ifndef OPENSSL_NO_TLSEXT 1792 if (ctx2) 1793 { 1794 if (!SSL_CTX_set_tmp_rsa(ctx2,rsa)) 1795 { 1796 ERR_print_errors(bio_err); 1797 goto end; 1798 } 1799 } 1800#endif 1801 RSA_free(rsa); 1802 BIO_printf(bio_s_out,"\n"); 1803 } 1804#endif 1805#endif 1806 1807#ifndef OPENSSL_NO_PSK 1808#ifdef OPENSSL_NO_JPAKE 1809 if (psk_key != NULL) 1810#else 1811 if (psk_key != NULL || jpake_secret) 1812#endif 1813 { 1814 if (s_debug) 1815 BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n"); 1816 SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); 1817 } 1818 1819 if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) 1820 { 1821 BIO_printf(bio_err,"error setting PSK identity hint to context\n"); 1822 ERR_print_errors(bio_err); 1823 goto end; 1824 } 1825#endif 1826 1827 if (cipher != NULL) 1828 { 1829 if(!SSL_CTX_set_cipher_list(ctx,cipher)) 1830 { 1831 BIO_printf(bio_err,"error setting cipher list\n"); 1832 ERR_print_errors(bio_err); 1833 goto end; 1834 } 1835#ifndef OPENSSL_NO_TLSEXT 1836 if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher)) 1837 { 1838 BIO_printf(bio_err,"error setting cipher list\n"); 1839 ERR_print_errors(bio_err); 1840 goto end; 1841 } 1842#endif 1843 } 1844 SSL_CTX_set_verify(ctx,s_server_verify,verify_callback); 1845 SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context, 1846 sizeof s_server_session_id_context); 1847 1848 /* Set DTLS cookie generation and verification callbacks */ 1849 SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); 1850 SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); 1851 1852#ifndef OPENSSL_NO_TLSEXT 1853 if (ctx2) 1854 { 1855 SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback); 1856 SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context, 1857 sizeof s_server_session_id_context); 1858 1859 tlsextcbp.biodebug = bio_s_out; 1860 SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); 1861 SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); 1862 SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1863 SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1864 } 1865#endif 1866 1867#ifndef OPENSSL_NO_SRP 1868 if (srp_verifier_file != NULL) 1869 { 1870 srp_callback_parm.vb = SRP_VBASE_new(srpuserseed); 1871 srp_callback_parm.user = NULL; 1872 srp_callback_parm.login = NULL; 1873 if ((ret = SRP_VBASE_init(srp_callback_parm.vb, srp_verifier_file)) != SRP_NO_ERROR) 1874 { 1875 BIO_printf(bio_err, 1876 "Cannot initialize SRP verifier file \"%s\":ret=%d\n", 1877 srp_verifier_file, ret); 1878 goto end; 1879 } 1880 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE,verify_callback); 1881 SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm); 1882 SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb); 1883 } 1884 else 1885#endif 1886 if (CAfile != NULL) 1887 { 1888 SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); 1889#ifndef OPENSSL_NO_TLSEXT 1890 if (ctx2) 1891 SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile)); 1892#endif 1893 } 1894 1895 BIO_printf(bio_s_out,"ACCEPT\n"); 1896 (void)BIO_flush(bio_s_out); 1897 if (www) 1898 do_server(port,socket_type,&accept_socket,www_body, context); 1899 else 1900 do_server(port,socket_type,&accept_socket,sv_body, context); 1901 print_stats(bio_s_out,ctx); 1902 ret=0; 1903end: 1904 if (ctx != NULL) SSL_CTX_free(ctx); 1905 if (s_cert) 1906 X509_free(s_cert); 1907 if (s_dcert) 1908 X509_free(s_dcert); 1909 if (s_key) 1910 EVP_PKEY_free(s_key); 1911 if (s_dkey) 1912 EVP_PKEY_free(s_dkey); 1913 if (pass) 1914 OPENSSL_free(pass); 1915 if (dpass) 1916 OPENSSL_free(dpass); 1917 if (vpm) 1918 X509_VERIFY_PARAM_free(vpm); 1919#ifndef OPENSSL_NO_TLSEXT 1920 if (tlscstatp.host) 1921 OPENSSL_free(tlscstatp.host); 1922 if (tlscstatp.port) 1923 OPENSSL_free(tlscstatp.port); 1924 if (tlscstatp.path) 1925 OPENSSL_free(tlscstatp.path); 1926 if (ctx2 != NULL) SSL_CTX_free(ctx2); 1927 if (s_cert2) 1928 X509_free(s_cert2); 1929 if (s_key2) 1930 EVP_PKEY_free(s_key2); 1931#endif 1932 if (bio_s_out != NULL) 1933 { 1934 BIO_free(bio_s_out); 1935 bio_s_out=NULL; 1936 } 1937 apps_shutdown(); 1938 OPENSSL_EXIT(ret); 1939 } 1940 1941static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) 1942 { 1943 BIO_printf(bio,"%4ld items in the session cache\n", 1944 SSL_CTX_sess_number(ssl_ctx)); 1945 BIO_printf(bio,"%4ld client connects (SSL_connect())\n", 1946 SSL_CTX_sess_connect(ssl_ctx)); 1947 BIO_printf(bio,"%4ld client renegotiates (SSL_connect())\n", 1948 SSL_CTX_sess_connect_renegotiate(ssl_ctx)); 1949 BIO_printf(bio,"%4ld client connects that finished\n", 1950 SSL_CTX_sess_connect_good(ssl_ctx)); 1951 BIO_printf(bio,"%4ld server accepts (SSL_accept())\n", 1952 SSL_CTX_sess_accept(ssl_ctx)); 1953 BIO_printf(bio,"%4ld server renegotiates (SSL_accept())\n", 1954 SSL_CTX_sess_accept_renegotiate(ssl_ctx)); 1955 BIO_printf(bio,"%4ld server accepts that finished\n", 1956 SSL_CTX_sess_accept_good(ssl_ctx)); 1957 BIO_printf(bio,"%4ld session cache hits\n",SSL_CTX_sess_hits(ssl_ctx)); 1958 BIO_printf(bio,"%4ld session cache misses\n",SSL_CTX_sess_misses(ssl_ctx)); 1959 BIO_printf(bio,"%4ld session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx)); 1960 BIO_printf(bio,"%4ld callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx)); 1961 BIO_printf(bio,"%4ld cache full overflows (%ld allowed)\n", 1962 SSL_CTX_sess_cache_full(ssl_ctx), 1963 SSL_CTX_sess_get_cache_size(ssl_ctx)); 1964 } 1965 1966static int sv_body(char *hostname, int s, unsigned char *context) 1967 { 1968 char *buf=NULL; 1969 fd_set readfds; 1970 int ret=1,width; 1971 int k,i; 1972 unsigned long l; 1973 SSL *con=NULL; 1974 BIO *sbio; 1975#ifndef OPENSSL_NO_KRB5 1976 KSSL_CTX *kctx; 1977#endif 1978 struct timeval timeout; 1979#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1980 struct timeval tv; 1981#else 1982 struct timeval *timeoutp; 1983#endif 1984 1985 if ((buf=OPENSSL_malloc(bufsize)) == NULL) 1986 { 1987 BIO_printf(bio_err,"out of memory\n"); 1988 goto err; 1989 } 1990#ifdef FIONBIO 1991 if (s_nbio) 1992 { 1993 unsigned long sl=1; 1994 1995 if (!s_quiet) 1996 BIO_printf(bio_err,"turning on non blocking io\n"); 1997 if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 1998 ERR_print_errors(bio_err); 1999 } 2000#endif 2001 2002 if (con == NULL) { 2003 con=SSL_new(ctx); 2004#ifndef OPENSSL_NO_TLSEXT 2005 if (s_tlsextdebug) 2006 { 2007 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2008 SSL_set_tlsext_debug_arg(con, bio_s_out); 2009 } 2010 if (s_tlsextstatus) 2011 { 2012 SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); 2013 tlscstatp.err = bio_err; 2014 SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); 2015 } 2016#endif 2017#ifndef OPENSSL_NO_KRB5 2018 if ((kctx = kssl_ctx_new()) != NULL) 2019 { 2020 SSL_set0_kssl_ctx(con, kctx); 2021 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2022 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2023 } 2024#endif /* OPENSSL_NO_KRB5 */ 2025 if(context) 2026 SSL_set_session_id_context(con, context, 2027 strlen((char *)context)); 2028 } 2029 SSL_clear(con); 2030#if 0 2031#ifdef TLSEXT_TYPE_opaque_prf_input 2032 SSL_set_tlsext_opaque_prf_input(con, "Test server", 11); 2033#endif 2034#endif 2035 2036 if (SSL_version(con) == DTLS1_VERSION) 2037 { 2038 2039 sbio=BIO_new_dgram(s,BIO_NOCLOSE); 2040 2041 if (enable_timeouts) 2042 { 2043 timeout.tv_sec = 0; 2044 timeout.tv_usec = DGRAM_RCV_TIMEOUT; 2045 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 2046 2047 timeout.tv_sec = 0; 2048 timeout.tv_usec = DGRAM_SND_TIMEOUT; 2049 BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 2050 } 2051 2052 if (socket_mtu > 28) 2053 { 2054 SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 2055 SSL_set_mtu(con, socket_mtu - 28); 2056 } 2057 else 2058 /* want to do MTU discovery */ 2059 BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 2060 2061 /* turn on cookie exchange */ 2062 SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); 2063 } 2064 else 2065 sbio=BIO_new_socket(s,BIO_NOCLOSE); 2066 2067 if (s_nbio_test) 2068 { 2069 BIO *test; 2070 2071 test=BIO_new(BIO_f_nbio_test()); 2072 sbio=BIO_push(test,sbio); 2073 } 2074#ifndef OPENSSL_NO_JPAKE 2075 if(jpake_secret) 2076 jpake_server_auth(bio_s_out, sbio, jpake_secret); 2077#endif 2078 2079 SSL_set_bio(con,sbio,sbio); 2080 SSL_set_accept_state(con); 2081 /* SSL_set_fd(con,s); */ 2082 2083 if (s_debug) 2084 { 2085 SSL_set_debug(con, 1); 2086 BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2087 BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2088 } 2089 if (s_msg) 2090 { 2091 SSL_set_msg_callback(con, msg_cb); 2092 SSL_set_msg_callback_arg(con, bio_s_out); 2093 } 2094#ifndef OPENSSL_NO_TLSEXT 2095 if (s_tlsextdebug) 2096 { 2097 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2098 SSL_set_tlsext_debug_arg(con, bio_s_out); 2099 } 2100#endif 2101 2102 width=s+1; 2103 for (;;) 2104 { 2105 int read_from_terminal; 2106 int read_from_sslcon; 2107 2108 read_from_terminal = 0; 2109 read_from_sslcon = SSL_pending(con); 2110 2111 if (!read_from_sslcon) 2112 { 2113 FD_ZERO(&readfds); 2114#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5) 2115 openssl_fdset(fileno(stdin),&readfds); 2116#endif 2117 openssl_fdset(s,&readfds); 2118 /* Note: under VMS with SOCKETSHR the second parameter is 2119 * currently of type (int *) whereas under other systems 2120 * it is (void *) if you don't have a cast it will choke 2121 * the compiler: if you do have a cast then you can either 2122 * go for (int *) or (void *). 2123 */ 2124#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) 2125 /* Under DOS (non-djgpp) and Windows we can't select on stdin: only 2126 * on sockets. As a workaround we timeout the select every 2127 * second and check for any keypress. In a proper Windows 2128 * application we wouldn't do this because it is inefficient. 2129 */ 2130 tv.tv_sec = 1; 2131 tv.tv_usec = 0; 2132 i=select(width,(void *)&readfds,NULL,NULL,&tv); 2133 if((i < 0) || (!i && !_kbhit() ) )continue; 2134 if(_kbhit()) 2135 read_from_terminal = 1; 2136#elif defined(OPENSSL_SYS_BEOS_R5) 2137 /* Under BeOS-R5 the situation is similar to DOS */ 2138 tv.tv_sec = 1; 2139 tv.tv_usec = 0; 2140 (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 2141 i=select(width,(void *)&readfds,NULL,NULL,&tv); 2142 if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0)) 2143 continue; 2144 if (read(fileno(stdin), buf, 0) >= 0) 2145 read_from_terminal = 1; 2146 (void)fcntl(fileno(stdin), F_SETFL, 0); 2147#else 2148 if ((SSL_version(con) == DTLS1_VERSION) && 2149 DTLSv1_get_timeout(con, &timeout)) 2150 timeoutp = &timeout; 2151 else 2152 timeoutp = NULL; 2153 2154 i=select(width,(void *)&readfds,NULL,NULL,timeoutp); 2155 2156 if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) 2157 { 2158 BIO_printf(bio_err,"TIMEOUT occured\n"); 2159 } 2160 2161 if (i <= 0) continue; 2162 if (FD_ISSET(fileno(stdin),&readfds)) 2163 read_from_terminal = 1; 2164#endif 2165 if (FD_ISSET(s,&readfds)) 2166 read_from_sslcon = 1; 2167 } 2168 if (read_from_terminal) 2169 { 2170 if (s_crlf) 2171 { 2172 int j, lf_num; 2173 2174 i=raw_read_stdin(buf, bufsize/2); 2175 lf_num = 0; 2176 /* both loops are skipped when i <= 0 */ 2177 for (j = 0; j < i; j++) 2178 if (buf[j] == '\n') 2179 lf_num++; 2180 for (j = i-1; j >= 0; j--) 2181 { 2182 buf[j+lf_num] = buf[j]; 2183 if (buf[j] == '\n') 2184 { 2185 lf_num--; 2186 i++; 2187 buf[j+lf_num] = '\r'; 2188 } 2189 } 2190 assert(lf_num == 0); 2191 } 2192 else 2193 i=raw_read_stdin(buf,bufsize); 2194 if (!s_quiet) 2195 { 2196 if ((i <= 0) || (buf[0] == 'Q')) 2197 { 2198 BIO_printf(bio_s_out,"DONE\n"); 2199 SHUTDOWN(s); 2200 close_accept_socket(); 2201 ret= -11; 2202 goto err; 2203 } 2204 if ((i <= 0) || (buf[0] == 'q')) 2205 { 2206 BIO_printf(bio_s_out,"DONE\n"); 2207 if (SSL_version(con) != DTLS1_VERSION) 2208 SHUTDOWN(s); 2209 /* close_accept_socket(); 2210 ret= -11;*/ 2211 goto err; 2212 } 2213 2214#ifndef OPENSSL_NO_HEARTBEATS 2215 if ((buf[0] == 'B') && 2216 ((buf[1] == '\n') || (buf[1] == '\r'))) 2217 { 2218 BIO_printf(bio_err,"HEARTBEATING\n"); 2219 SSL_heartbeat(con); 2220 i=0; 2221 continue; 2222 } 2223#endif 2224 if ((buf[0] == 'r') && 2225 ((buf[1] == '\n') || (buf[1] == '\r'))) 2226 { 2227 SSL_renegotiate(con); 2228 i=SSL_do_handshake(con); 2229 printf("SSL_do_handshake -> %d\n",i); 2230 i=0; /*13; */ 2231 continue; 2232 /* strcpy(buf,"server side RE-NEGOTIATE\n"); */ 2233 } 2234 if ((buf[0] == 'R') && 2235 ((buf[1] == '\n') || (buf[1] == '\r'))) 2236 { 2237 SSL_set_verify(con, 2238 SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL); 2239 SSL_renegotiate(con); 2240 i=SSL_do_handshake(con); 2241 printf("SSL_do_handshake -> %d\n",i); 2242 i=0; /* 13; */ 2243 continue; 2244 /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */ 2245 } 2246 if (buf[0] == 'P') 2247 { 2248 static const char *str="Lets print some clear text\n"; 2249 BIO_write(SSL_get_wbio(con),str,strlen(str)); 2250 } 2251 if (buf[0] == 'S') 2252 { 2253 print_stats(bio_s_out,SSL_get_SSL_CTX(con)); 2254 } 2255 } 2256#ifdef CHARSET_EBCDIC 2257 ebcdic2ascii(buf,buf,i); 2258#endif 2259 l=k=0; 2260 for (;;) 2261 { 2262 /* should do a select for the write */ 2263#ifdef RENEG 2264{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } } 2265#endif 2266 k=SSL_write(con,&(buf[l]),(unsigned int)i); 2267#ifndef OPENSSL_NO_SRP 2268 while (SSL_get_error(con,k) == SSL_ERROR_WANT_X509_LOOKUP) 2269 { 2270 BIO_printf(bio_s_out,"LOOKUP renego during write\n"); 2271 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2272 if (srp_callback_parm.user) 2273 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2274 else 2275 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2276 k=SSL_write(con,&(buf[l]),(unsigned int)i); 2277 } 2278#endif 2279 switch (SSL_get_error(con,k)) 2280 { 2281 case SSL_ERROR_NONE: 2282 break; 2283 case SSL_ERROR_WANT_WRITE: 2284 case SSL_ERROR_WANT_READ: 2285 case SSL_ERROR_WANT_X509_LOOKUP: 2286 BIO_printf(bio_s_out,"Write BLOCK\n"); 2287 break; 2288 case SSL_ERROR_SYSCALL: 2289 case SSL_ERROR_SSL: 2290 BIO_printf(bio_s_out,"ERROR\n"); 2291 ERR_print_errors(bio_err); 2292 ret=1; 2293 goto err; 2294 /* break; */ 2295 case SSL_ERROR_ZERO_RETURN: 2296 BIO_printf(bio_s_out,"DONE\n"); 2297 ret=1; 2298 goto err; 2299 } 2300 l+=k; 2301 i-=k; 2302 if (i <= 0) break; 2303 } 2304 } 2305 if (read_from_sslcon) 2306 { 2307 if (!SSL_is_init_finished(con)) 2308 { 2309 i=init_ssl_connection(con); 2310 2311 if (i < 0) 2312 { 2313 ret=0; 2314 goto err; 2315 } 2316 else if (i == 0) 2317 { 2318 ret=1; 2319 goto err; 2320 } 2321 } 2322 else 2323 { 2324again: 2325 i=SSL_read(con,(char *)buf,bufsize); 2326#ifndef OPENSSL_NO_SRP 2327 while (SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2328 { 2329 BIO_printf(bio_s_out,"LOOKUP renego during read\n"); 2330 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2331 if (srp_callback_parm.user) 2332 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2333 else 2334 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2335 i=SSL_read(con,(char *)buf,bufsize); 2336 } 2337#endif 2338 switch (SSL_get_error(con,i)) 2339 { 2340 case SSL_ERROR_NONE: 2341#ifdef CHARSET_EBCDIC 2342 ascii2ebcdic(buf,buf,i); 2343#endif 2344 raw_write_stdout(buf, 2345 (unsigned int)i); 2346 if (SSL_pending(con)) goto again; 2347 break; 2348 case SSL_ERROR_WANT_WRITE: 2349 case SSL_ERROR_WANT_READ: 2350 BIO_printf(bio_s_out,"Read BLOCK\n"); 2351 break; 2352 case SSL_ERROR_SYSCALL: 2353 case SSL_ERROR_SSL: 2354 BIO_printf(bio_s_out,"ERROR\n"); 2355 ERR_print_errors(bio_err); 2356 ret=1; 2357 goto err; 2358 case SSL_ERROR_ZERO_RETURN: 2359 BIO_printf(bio_s_out,"DONE\n"); 2360 ret=1; 2361 goto err; 2362 } 2363 } 2364 } 2365 } 2366err: 2367 if (con != NULL) 2368 { 2369 BIO_printf(bio_s_out,"shutting down SSL\n"); 2370#if 1 2371 SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2372#else 2373 SSL_shutdown(con); 2374#endif 2375 SSL_free(con); 2376 } 2377 BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); 2378 if (buf != NULL) 2379 { 2380 OPENSSL_cleanse(buf,bufsize); 2381 OPENSSL_free(buf); 2382 } 2383 if (ret >= 0) 2384 BIO_printf(bio_s_out,"ACCEPT\n"); 2385 return(ret); 2386 } 2387 2388static void close_accept_socket(void) 2389 { 2390 BIO_printf(bio_err,"shutdown accept socket\n"); 2391 if (accept_socket >= 0) 2392 { 2393 SHUTDOWN2(accept_socket); 2394 } 2395 } 2396 2397static int init_ssl_connection(SSL *con) 2398 { 2399 int i; 2400 const char *str; 2401 X509 *peer; 2402 long verify_error; 2403 MS_STATIC char buf[BUFSIZ]; 2404#ifndef OPENSSL_NO_KRB5 2405 char *client_princ; 2406#endif 2407#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2408 const unsigned char *next_proto_neg; 2409 unsigned next_proto_neg_len; 2410#endif 2411 unsigned char *exportedkeymat; 2412 2413 2414 i=SSL_accept(con); 2415#ifndef OPENSSL_NO_SRP 2416 while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2417 { 2418 BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login); 2419 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2420 if (srp_callback_parm.user) 2421 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2422 else 2423 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2424 i=SSL_accept(con); 2425 } 2426#endif 2427 if (i <= 0) 2428 { 2429 if (BIO_sock_should_retry(i)) 2430 { 2431 BIO_printf(bio_s_out,"DELAY\n"); 2432 return(1); 2433 } 2434 2435 BIO_printf(bio_err,"ERROR\n"); 2436 verify_error=SSL_get_verify_result(con); 2437 if (verify_error != X509_V_OK) 2438 { 2439 BIO_printf(bio_err,"verify error:%s\n", 2440 X509_verify_cert_error_string(verify_error)); 2441 } 2442 else 2443 ERR_print_errors(bio_err); 2444 return(0); 2445 } 2446 2447 PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con)); 2448 2449 peer=SSL_get_peer_certificate(con); 2450 if (peer != NULL) 2451 { 2452 BIO_printf(bio_s_out,"Client certificate\n"); 2453 PEM_write_bio_X509(bio_s_out,peer); 2454 X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf); 2455 BIO_printf(bio_s_out,"subject=%s\n",buf); 2456 X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf); 2457 BIO_printf(bio_s_out,"issuer=%s\n",buf); 2458 X509_free(peer); 2459 } 2460 2461 if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL) 2462 BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); 2463 str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); 2464 BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); 2465 2466#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2467 SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); 2468 if (next_proto_neg) 2469 { 2470 BIO_printf(bio_s_out,"NEXTPROTO is "); 2471 BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); 2472 BIO_printf(bio_s_out, "\n"); 2473 } 2474#endif 2475#ifndef OPENSSL_NO_SRTP 2476 { 2477 SRTP_PROTECTION_PROFILE *srtp_profile 2478 = SSL_get_selected_srtp_profile(con); 2479 2480 if(srtp_profile) 2481 BIO_printf(bio_s_out,"SRTP Extension negotiated, profile=%s\n", 2482 srtp_profile->name); 2483 } 2484#endif 2485 if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n"); 2486 if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & 2487 TLS1_FLAGS_TLS_PADDING_BUG) 2488 BIO_printf(bio_s_out, 2489 "Peer has incorrect TLSv1 block padding\n"); 2490#ifndef OPENSSL_NO_KRB5 2491 client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con)); 2492 if (client_princ != NULL) 2493 { 2494 BIO_printf(bio_s_out,"Kerberos peer principal is %s\n", 2495 client_princ); 2496 } 2497#endif /* OPENSSL_NO_KRB5 */ 2498 BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", 2499 SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); 2500 if (keymatexportlabel != NULL) 2501 { 2502 BIO_printf(bio_s_out, "Keying material exporter:\n"); 2503 BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel); 2504 BIO_printf(bio_s_out, " Length: %i bytes\n", 2505 keymatexportlen); 2506 exportedkeymat = OPENSSL_malloc(keymatexportlen); 2507 if (exportedkeymat != NULL) 2508 { 2509 if (!SSL_export_keying_material(con, exportedkeymat, 2510 keymatexportlen, 2511 keymatexportlabel, 2512 strlen(keymatexportlabel), 2513 NULL, 0, 0)) 2514 { 2515 BIO_printf(bio_s_out, " Error\n"); 2516 } 2517 else 2518 { 2519 BIO_printf(bio_s_out, " Keying material: "); 2520 for (i=0; i<keymatexportlen; i++) 2521 BIO_printf(bio_s_out, "%02X", 2522 exportedkeymat[i]); 2523 BIO_printf(bio_s_out, "\n"); 2524 } 2525 OPENSSL_free(exportedkeymat); 2526 } 2527 } 2528 2529 return(1); 2530 } 2531 2532#ifndef OPENSSL_NO_DH 2533static DH *load_dh_param(const char *dhfile) 2534 { 2535 DH *ret=NULL; 2536 BIO *bio; 2537 2538 if ((bio=BIO_new_file(dhfile,"r")) == NULL) 2539 goto err; 2540 ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL); 2541err: 2542 if (bio != NULL) BIO_free(bio); 2543 return(ret); 2544 } 2545#endif 2546#ifndef OPENSSL_NO_KRB5 2547 char *client_princ; 2548#endif 2549 2550#if 0 2551static int load_CA(SSL_CTX *ctx, char *file) 2552 { 2553 FILE *in; 2554 X509 *x=NULL; 2555 2556 if ((in=fopen(file,"r")) == NULL) 2557 return(0); 2558 2559 for (;;) 2560 { 2561 if (PEM_read_X509(in,&x,NULL) == NULL) 2562 break; 2563 SSL_CTX_add_client_CA(ctx,x); 2564 } 2565 if (x != NULL) X509_free(x); 2566 fclose(in); 2567 return(1); 2568 } 2569#endif 2570 2571static int www_body(char *hostname, int s, unsigned char *context) 2572 { 2573 char *buf=NULL; 2574 int ret=1; 2575 int i,j,k,dot; 2576 SSL *con; 2577 const SSL_CIPHER *c; 2578 BIO *io,*ssl_bio,*sbio; 2579#ifndef OPENSSL_NO_KRB5 2580 KSSL_CTX *kctx; 2581#endif 2582 2583 buf=OPENSSL_malloc(bufsize); 2584 if (buf == NULL) return(0); 2585 io=BIO_new(BIO_f_buffer()); 2586 ssl_bio=BIO_new(BIO_f_ssl()); 2587 if ((io == NULL) || (ssl_bio == NULL)) goto err; 2588 2589#ifdef FIONBIO 2590 if (s_nbio) 2591 { 2592 unsigned long sl=1; 2593 2594 if (!s_quiet) 2595 BIO_printf(bio_err,"turning on non blocking io\n"); 2596 if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 2597 ERR_print_errors(bio_err); 2598 } 2599#endif 2600 2601 /* lets make the output buffer a reasonable size */ 2602 if (!BIO_set_write_buffer_size(io,bufsize)) goto err; 2603 2604 if ((con=SSL_new(ctx)) == NULL) goto err; 2605#ifndef OPENSSL_NO_TLSEXT 2606 if (s_tlsextdebug) 2607 { 2608 SSL_set_tlsext_debug_callback(con, tlsext_cb); 2609 SSL_set_tlsext_debug_arg(con, bio_s_out); 2610 } 2611#endif 2612#ifndef OPENSSL_NO_KRB5 2613 if ((kctx = kssl_ctx_new()) != NULL) 2614 { 2615 kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC); 2616 kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB); 2617 } 2618#endif /* OPENSSL_NO_KRB5 */ 2619 if(context) SSL_set_session_id_context(con, context, 2620 strlen((char *)context)); 2621 2622 sbio=BIO_new_socket(s,BIO_NOCLOSE); 2623 if (s_nbio_test) 2624 { 2625 BIO *test; 2626 2627 test=BIO_new(BIO_f_nbio_test()); 2628 sbio=BIO_push(test,sbio); 2629 } 2630 SSL_set_bio(con,sbio,sbio); 2631 SSL_set_accept_state(con); 2632 2633 /* SSL_set_fd(con,s); */ 2634 BIO_set_ssl(ssl_bio,con,BIO_CLOSE); 2635 BIO_push(io,ssl_bio); 2636#ifdef CHARSET_EBCDIC 2637 io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io); 2638#endif 2639 2640 if (s_debug) 2641 { 2642 SSL_set_debug(con, 1); 2643 BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2644 BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2645 } 2646 if (s_msg) 2647 { 2648 SSL_set_msg_callback(con, msg_cb); 2649 SSL_set_msg_callback_arg(con, bio_s_out); 2650 } 2651 2652 for (;;) 2653 { 2654 if (hack) 2655 { 2656 i=SSL_accept(con); 2657#ifndef OPENSSL_NO_SRP 2658 while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP) 2659 { 2660 BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login); 2661 srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login); 2662 if (srp_callback_parm.user) 2663 BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info); 2664 else 2665 BIO_printf(bio_s_out,"LOOKUP not successful\n"); 2666 i=SSL_accept(con); 2667 } 2668#endif 2669 switch (SSL_get_error(con,i)) 2670 { 2671 case SSL_ERROR_NONE: 2672 break; 2673 case SSL_ERROR_WANT_WRITE: 2674 case SSL_ERROR_WANT_READ: 2675 case SSL_ERROR_WANT_X509_LOOKUP: 2676 continue; 2677 case SSL_ERROR_SYSCALL: 2678 case SSL_ERROR_SSL: 2679 case SSL_ERROR_ZERO_RETURN: 2680 ret=1; 2681 goto err; 2682 /* break; */ 2683 } 2684 2685 SSL_renegotiate(con); 2686 SSL_write(con,NULL,0); 2687 } 2688 2689 i=BIO_gets(io,buf,bufsize-1); 2690 if (i < 0) /* error */ 2691 { 2692 if (!BIO_should_retry(io)) 2693 { 2694 if (!s_quiet) 2695 ERR_print_errors(bio_err); 2696 goto err; 2697 } 2698 else 2699 { 2700 BIO_printf(bio_s_out,"read R BLOCK\n"); 2701#if defined(OPENSSL_SYS_NETWARE) 2702 delay(1000); 2703#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) 2704 sleep(1); 2705#endif 2706 continue; 2707 } 2708 } 2709 else if (i == 0) /* end of input */ 2710 { 2711 ret=1; 2712 goto end; 2713 } 2714 2715 /* else we have data */ 2716 if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) || 2717 ((www == 2) && (strncmp("GET /stats ",buf,10) == 0))) 2718 { 2719 char *p; 2720 X509 *peer; 2721 STACK_OF(SSL_CIPHER) *sk; 2722 static const char *space=" "; 2723 2724 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2725 BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n"); 2726 BIO_puts(io,"<pre>\n"); 2727/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ 2728 BIO_puts(io,"\n"); 2729 for (i=0; i<local_argc; i++) 2730 { 2731 BIO_puts(io,local_argv[i]); 2732 BIO_write(io," ",1); 2733 } 2734 BIO_puts(io,"\n"); 2735 2736 BIO_printf(io, 2737 "Secure Renegotiation IS%s supported\n", 2738 SSL_get_secure_renegotiation_support(con) ? 2739 "" : " NOT"); 2740 2741 /* The following is evil and should not really 2742 * be done */ 2743 BIO_printf(io,"Ciphers supported in s_server binary\n"); 2744 sk=SSL_get_ciphers(con); 2745 j=sk_SSL_CIPHER_num(sk); 2746 for (i=0; i<j; i++) 2747 { 2748 c=sk_SSL_CIPHER_value(sk,i); 2749 BIO_printf(io,"%-11s:%-25s", 2750 SSL_CIPHER_get_version(c), 2751 SSL_CIPHER_get_name(c)); 2752 if ((((i+1)%2) == 0) && (i+1 != j)) 2753 BIO_puts(io,"\n"); 2754 } 2755 BIO_puts(io,"\n"); 2756 p=SSL_get_shared_ciphers(con,buf,bufsize); 2757 if (p != NULL) 2758 { 2759 BIO_printf(io,"---\nCiphers common between both SSL end points:\n"); 2760 j=i=0; 2761 while (*p) 2762 { 2763 if (*p == ':') 2764 { 2765 BIO_write(io,space,26-j); 2766 i++; 2767 j=0; 2768 BIO_write(io,((i%3)?" ":"\n"),1); 2769 } 2770 else 2771 { 2772 BIO_write(io,p,1); 2773 j++; 2774 } 2775 p++; 2776 } 2777 BIO_puts(io,"\n"); 2778 } 2779 BIO_printf(io,(SSL_cache_hit(con) 2780 ?"---\nReused, " 2781 :"---\nNew, ")); 2782 c=SSL_get_current_cipher(con); 2783 BIO_printf(io,"%s, Cipher is %s\n", 2784 SSL_CIPHER_get_version(c), 2785 SSL_CIPHER_get_name(c)); 2786 SSL_SESSION_print(io,SSL_get_session(con)); 2787 BIO_printf(io,"---\n"); 2788 print_stats(io,SSL_get_SSL_CTX(con)); 2789 BIO_printf(io,"---\n"); 2790 peer=SSL_get_peer_certificate(con); 2791 if (peer != NULL) 2792 { 2793 BIO_printf(io,"Client certificate\n"); 2794 X509_print(io,peer); 2795 PEM_write_bio_X509(io,peer); 2796 } 2797 else 2798 BIO_puts(io,"no client certificate available\n"); 2799 BIO_puts(io,"</BODY></HTML>\r\n\r\n"); 2800 break; 2801 } 2802 else if ((www == 2 || www == 3) 2803 && (strncmp("GET /",buf,5) == 0)) 2804 { 2805 BIO *file; 2806 char *p,*e; 2807 static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; 2808 2809 /* skip the '/' */ 2810 p= &(buf[5]); 2811 2812 dot = 1; 2813 for (e=p; *e != '\0'; e++) 2814 { 2815 if (e[0] == ' ') 2816 break; 2817 2818 switch (dot) 2819 { 2820 case 1: 2821 dot = (e[0] == '.') ? 2 : 0; 2822 break; 2823 case 2: 2824 dot = (e[0] == '.') ? 3 : 0; 2825 break; 2826 case 3: 2827 dot = (e[0] == '/') ? -1 : 0; 2828 break; 2829 } 2830 if (dot == 0) 2831 dot = (e[0] == '/') ? 1 : 0; 2832 } 2833 dot = (dot == 3) || (dot == -1); /* filename contains ".." component */ 2834 2835 if (*e == '\0') 2836 { 2837 BIO_puts(io,text); 2838 BIO_printf(io,"'%s' is an invalid file name\r\n",p); 2839 break; 2840 } 2841 *e='\0'; 2842 2843 if (dot) 2844 { 2845 BIO_puts(io,text); 2846 BIO_printf(io,"'%s' contains '..' reference\r\n",p); 2847 break; 2848 } 2849 2850 if (*p == '/') 2851 { 2852 BIO_puts(io,text); 2853 BIO_printf(io,"'%s' is an invalid path\r\n",p); 2854 break; 2855 } 2856 2857#if 0 2858 /* append if a directory lookup */ 2859 if (e[-1] == '/') 2860 strcat(p,"index.html"); 2861#endif 2862 2863 /* if a directory, do the index thang */ 2864 if (app_isdir(p)>0) 2865 { 2866#if 0 /* must check buffer size */ 2867 strcat(p,"/index.html"); 2868#else 2869 BIO_puts(io,text); 2870 BIO_printf(io,"'%s' is a directory\r\n",p); 2871 break; 2872#endif 2873 } 2874 2875 if ((file=BIO_new_file(p,"r")) == NULL) 2876 { 2877 BIO_puts(io,text); 2878 BIO_printf(io,"Error opening '%s'\r\n",p); 2879 ERR_print_errors(io); 2880 break; 2881 } 2882 2883 if (!s_quiet) 2884 BIO_printf(bio_err,"FILE:%s\n",p); 2885 2886 if (www == 2) 2887 { 2888 i=strlen(p); 2889 if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) || 2890 ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) || 2891 ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0))) 2892 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2893 else 2894 BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); 2895 } 2896 /* send the file */ 2897 for (;;) 2898 { 2899 i=BIO_read(file,buf,bufsize); 2900 if (i <= 0) break; 2901 2902#ifdef RENEG 2903 total_bytes+=i; 2904 fprintf(stderr,"%d\n",i); 2905 if (total_bytes > 3*1024) 2906 { 2907 total_bytes=0; 2908 fprintf(stderr,"RENEGOTIATE\n"); 2909 SSL_renegotiate(con); 2910 } 2911#endif 2912 2913 for (j=0; j<i; ) 2914 { 2915#ifdef RENEG 2916{ static count=0; if (++count == 13) { SSL_renegotiate(con); } } 2917#endif 2918 k=BIO_write(io,&(buf[j]),i-j); 2919 if (k <= 0) 2920 { 2921 if (!BIO_should_retry(io)) 2922 goto write_error; 2923 else 2924 { 2925 BIO_printf(bio_s_out,"rwrite W BLOCK\n"); 2926 } 2927 } 2928 else 2929 { 2930 j+=k; 2931 } 2932 } 2933 } 2934write_error: 2935 BIO_free(file); 2936 break; 2937 } 2938 } 2939 2940 for (;;) 2941 { 2942 i=(int)BIO_flush(io); 2943 if (i <= 0) 2944 { 2945 if (!BIO_should_retry(io)) 2946 break; 2947 } 2948 else 2949 break; 2950 } 2951end: 2952#if 1 2953 /* make sure we re-use sessions */ 2954 SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2955#else 2956 /* This kills performance */ 2957/* SSL_shutdown(con); A shutdown gets sent in the 2958 * BIO_free_all(io) procession */ 2959#endif 2960 2961err: 2962 2963 if (ret >= 0) 2964 BIO_printf(bio_s_out,"ACCEPT\n"); 2965 2966 if (buf != NULL) OPENSSL_free(buf); 2967 if (io != NULL) BIO_free_all(io); 2968/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ 2969 return(ret); 2970 } 2971 2972#ifndef OPENSSL_NO_RSA 2973static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2974 { 2975 BIGNUM *bn = NULL; 2976 static RSA *rsa_tmp=NULL; 2977 2978 if (!rsa_tmp && ((bn = BN_new()) == NULL)) 2979 BIO_printf(bio_err,"Allocation error in generating RSA key\n"); 2980 if (!rsa_tmp && bn) 2981 { 2982 if (!s_quiet) 2983 { 2984 BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); 2985 (void)BIO_flush(bio_err); 2986 } 2987 if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || 2988 !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) 2989 { 2990 if(rsa_tmp) RSA_free(rsa_tmp); 2991 rsa_tmp = NULL; 2992 } 2993 if (!s_quiet) 2994 { 2995 BIO_printf(bio_err,"\n"); 2996 (void)BIO_flush(bio_err); 2997 } 2998 BN_free(bn); 2999 } 3000 return(rsa_tmp); 3001 } 3002#endif 3003 3004#define MAX_SESSION_ID_ATTEMPTS 10 3005static int generate_session_id(const SSL *ssl, unsigned char *id, 3006 unsigned int *id_len) 3007 { 3008 unsigned int count = 0; 3009 do { 3010 RAND_pseudo_bytes(id, *id_len); 3011 /* Prefix the session_id with the required prefix. NB: If our 3012 * prefix is too long, clip it - but there will be worse effects 3013 * anyway, eg. the server could only possibly create 1 session 3014 * ID (ie. the prefix!) so all future session negotiations will 3015 * fail due to conflicts. */ 3016 memcpy(id, session_id_prefix, 3017 (strlen(session_id_prefix) < *id_len) ? 3018 strlen(session_id_prefix) : *id_len); 3019 } 3020 while(SSL_has_matching_session_id(ssl, id, *id_len) && 3021 (++count < MAX_SESSION_ID_ATTEMPTS)); 3022 if(count >= MAX_SESSION_ID_ATTEMPTS) 3023 return 0; 3024 return 1; 3025 } 3026