s_server.c revision 7d3d122363e2a85d516db314892f3d6112cb1377
1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* apps/s_server.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * All rights reserved. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This package is an SSL implementation written 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * by Eric Young (eay@cryptsoft.com). 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The implementation was written so as to conform with Netscapes SSL. 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This library is free for commercial and non-commercial use as long as 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the following conditions are aheared to. The following conditions 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * apply to all code found in this distribution, be it the RC4, RSA, 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * included with this distribution is covered by the same copyright terms 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright remains Eric Young's, and as such any Copyright notices in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the code are not to be removed. 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If this package is used in a product, Eric Young should be given attribution 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as the author of the parts of the library used. 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This can be in the form of a textual message at program startup or 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in documentation (online or textual) provided with the package. 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the copyright 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in the 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * documentation and/or other materials provided with the distribution. 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this software 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * must display the following acknowledgement: 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes cryptographic software written by 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Eric Young (eay@cryptsoft.com)" 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The word 'cryptographic' can be left out if the rouines from the library 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * being used are not cryptographic related :-). 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. If you include any Windows specific code (or a derivative thereof) from 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the apps directory (application code) you must include an acknowledgement: 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUCH DAMAGE. 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The licence and distribution terms for any publically available version or 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * derivative of this code cannot be changed. i.e. this code cannot simply be 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * copied and put under another distribution licence 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * [including the GNU Public Licence.] 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 59221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * openssl-core@openssl.org. 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ECC cipher suite support in OpenSSL originally developed by 114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 116221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom/* ==================================================================== 117221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Copyright 2005 Nokia. All rights reserved. 118221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 119221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * The portions of the attached software ("Contribution") is developed by 120221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Nokia Corporation and is licensed pursuant to the OpenSSL open source 121221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * license. 122221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 123221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * The Contribution, originally written by Mika Kousa and Pasi Eronen of 124221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 125221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * support (see RFC 4279) to OpenSSL. 126221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 127221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * No patent licenses or other rights except those expressly stated in 128221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * the OpenSSL open source license shall be deemed granted or received 129221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * expressly, by implication, estoppel, or otherwise. 130221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 131221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * No assurances are provided by Nokia that the Contribution does not 132221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * infringe the patent or other intellectual property rights of any third 133221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * party or that the license provides you with all the necessary rights 134221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * to make use of the Contribution. 135221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * 136221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 137221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 138221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 139221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 140221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * OTHERWISE. 141221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom */ 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Until the key-gen callbacks are modified to use newer prototypes, we allow 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * deprecated functions for openssl-internal code */ 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_DEPRECATED 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef OPENSSL_NO_DEPRECATED 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <assert.h> 150221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#include <ctype.h> 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdlib.h> 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <string.h> 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/e_os2.h> 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_STDIO 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define APPS_WIN16 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */ 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <sys/types.h> 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* With IPv6, it looks like Digital has mixed up the proper order of 165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project recursive header file inclusion, resulting in the compiler complaining 166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which 167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project is needed to have fileno() declared correctly... So let's define u_int */ 168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT) 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define __U_INT 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef unsigned int u_int; 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/lhash.h> 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/bn.h> 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define USE_SOCKETS 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "apps.h" 177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/pem.h> 179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509.h> 180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ssl.h> 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rand.h> 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ocsp.h> 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/dh.h> 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rsa.h> 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "s_apps.h" 190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "timeouts.h" 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000) 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef FIONBIO 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 197221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if defined(OPENSSL_SYS_BEOS_R5) 198221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#include <fcntl.h> 199221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 200221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); 203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int sv_body(char *hostname, int s, unsigned char *context); 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int www_body(char *hostname, int s, unsigned char *context); 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void close_accept_socket(void ); 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void sv_usage(void); 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int init_ssl_connection(SSL *s); 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_stats(BIO *bp,SSL_CTX *ctx); 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int generate_session_id(const SSL *ssl, unsigned char *id, 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int *id_len); 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic DH *load_dh_param(const char *dhfile); 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic DH *get_dh512(void); 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef MONOLITH 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void s_server_init(void); 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic unsigned char dh512_p[]={ 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75, 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F, 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3, 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12, 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C, 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0x47,0x74,0xE8,0x33, 229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }; 230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic unsigned char dh512_g[]={ 231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0x02, 232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }; 233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic DH *get_dh512(void) 235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH *dh=NULL; 237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((dh=DH_new()) == NULL) return(NULL); 239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); 240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); 241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((dh->p == NULL) || (dh->g == NULL)) 242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(NULL); 243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(dh); 244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* static int load_CA(SSL_CTX *ctx, char *file);*/ 249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef BUFSIZZ 251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define BUFSIZZ 16*1024 252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int bufsize=BUFSIZZ; 253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int accept_socket= -1; 254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define TEST_CERT "server.pem" 256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define TEST_CERT2 "server2.pem" 258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#undef PROG 260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define PROG s_server_main 261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 262221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromextern int verify_depth, verify_return_error; 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char *cipher=NULL; 265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_server_verify=SSL_VERIFY_NONE; 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_server_session_id_context = 1; /* anything will do */ 267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const char *s_cert_file=TEST_CERT,*s_key_file=NULL; 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL; 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char *s_dcert_file=NULL,*s_dkey_file=NULL; 272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_nbio=0; 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_nbio_test=0; 276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint s_crlf=0; 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic SSL_CTX *ctx=NULL; 278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic SSL_CTX *ctx2=NULL; 280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int www=0; 282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic BIO *bio_s_out=NULL; 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_debug=0; 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_tlsextdebug=0; 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_tlsextstatus=0; 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int cert_status_cb(SSL *s, void *arg); 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_msg=0; 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int s_quiet=0; 292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int hack=0; 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char *engine_id=NULL; 296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const char *session_id_prefix=NULL; 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int enable_timeouts = 0; 30098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromstatic long socket_mtu; 30198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#ifndef OPENSSL_NO_DTLS1 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int cert_chain = 0; 30398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#endif 304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 305221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 306221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic char *psk_identity="Client_identity"; 307221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromchar *psk_key=NULL; /* by default PSK is not used */ 308221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 309221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic unsigned int psk_server_cb(SSL *ssl, const char *identity, 310221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom unsigned char *psk, unsigned int max_psk_len) 311221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 312221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom unsigned int psk_len = 0; 313221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int ret; 314221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIGNUM *bn = NULL; 315221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 316221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 317221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out,"psk_server_cb\n"); 318221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!identity) 319221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 320221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"Error: client did not send PSK identity\n"); 321221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto out_err; 322221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 323221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 324221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out,"identity_len=%d identity=%s\n", 325221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom identity ? (int)strlen(identity) : 0, identity); 326221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 327221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* here we could lookup the given identity e.g. from a database */ 328221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (strcmp(identity, psk_identity) != 0) 329221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 330221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out, "PSK error: client identity not found" 331221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom " (got '%s' expected '%s')\n", identity, 332221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_identity); 333221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto out_err; 334221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 335221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 336221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out, "PSK client identity found\n"); 337221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 338221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* convert the PSK key to binary */ 339221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = BN_hex2bn(&bn, psk_key); 340221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!ret) 341221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 342221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key); 343221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (bn) 344221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BN_free(bn); 345221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 346221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 347221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (BN_num_bytes(bn) > (int)max_psk_len) 348221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 349221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n", 350221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom max_psk_len, BN_num_bytes(bn)); 351221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BN_free(bn); 352221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 353221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 354221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 355221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = BN_bn2bin(bn, psk); 356221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BN_free(bn); 357221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 358221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ret < 0) 359221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto out_err; 360221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_len = (unsigned int)ret; 361221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 362221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 363221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len); 364221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return psk_len; 365221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom out_err: 366221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 367221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, "Error in PSK server callback\n"); 368221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 369221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 370221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef MONOLITH 373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void s_server_init(void) 374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project accept_socket=-1; 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cipher=NULL; 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_server_verify=SSL_VERIFY_NONE; 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert_file=NULL; 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_file=NULL; 380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file=TEST_CERT; 381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file=NULL; 382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file2=TEST_CERT2; 384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file2=NULL; 385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx2=NULL; 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio=0; 389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio_test=0; 391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx=NULL; 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project www=0; 393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_s_out=NULL; 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_debug=0; 396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_msg=0; 397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_quiet=0; 398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project hack=0; 399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project engine_id=NULL; 401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void sv_usage(void) 406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"usage: s_server [args ...]\n"); 408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"\n"); 409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -accept arg - port to accept on (default is %d)\n",PORT); 410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -context arg - set session ID context\n"); 411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); 412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); 413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cert arg - certificate file to use\n"); 414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," (default is %s)\n",TEST_CERT); 415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \ 416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " The CRL(s) are appended to the certificate file\n"); 417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \ 418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " or any other CRL in the CA chain. CRL(s) are appened to the\n" \ 419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " the certificate file.\n"); 420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n"); 422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT); 423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); 424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n"); 426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n"); 427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n"); 428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); 429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n"); 430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n"); 431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," or a default set of parameters is used\n"); 432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ 434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project " Use \"openssl ecparam -list_curves\" for all names\n" \ 435221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom " (default is nistp256).\n"); 436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n"); 441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -debug - Print more output\n"); 443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -msg - Show protocol messages\n"); 444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -state - Print the SSL states\n"); 445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); 448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); 449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); 450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -quiet - No server output\n"); 451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); 452221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 453221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n"); 454221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); 455221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom# ifndef OPENSSL_NO_JPAKE 456221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); 457221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom# endif 458221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); 460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); 461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); 462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); 463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -timeout - Enable timeouts\n"); 46498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err," -mtu - Set link layer MTU\n"); 465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -chain - Read a certificate chain\n"); 466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); 467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); 468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); 469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); 471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n"); 474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); 476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); 477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); 479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); 480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); 484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n"); 487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); 488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n"); 489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); 490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); 491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); 492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); 493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); 49498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); 495bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 496bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); 497bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int local_argc=0; 502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic char **local_argv; 503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_new(BIO *bi); 506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_free(BIO *a); 507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_read(BIO *b, char *out, int outl); 508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_write(BIO *b, const char *in, int inl); 509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr); 510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_gets(BIO *bp, char *buf, int size); 511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_puts(BIO *bp, const char *str); 512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define BIO_TYPE_EBCDIC_FILTER (18|0x0200) 514656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic BIO_METHOD methods_ebcdic= 515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_TYPE_EBCDIC_FILTER, 517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "EBCDIC/ASCII filter", 518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_write, 519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_read, 520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_puts, 521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_gets, 522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_ctrl, 523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_new, 524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic_free, 525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }; 526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct 528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project size_t alloced; 530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char buff[1]; 531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} EBCDIC_OUTBUFF; 532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectBIO_METHOD *BIO_f_ebcdic_filter() 534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(&methods_ebcdic); 536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_new(BIO *bi) 539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EBCDIC_OUTBUFF *wbuf; 541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024); 543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf->alloced = 1024; 544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf->buff[0] = '\0'; 545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bi->ptr=(char *)wbuf; 547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bi->init=1; 548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bi->flags=0; 549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_free(BIO *a) 553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (a == NULL) return(0); 555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (a->ptr != NULL) 556656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(a->ptr); 557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project a->ptr=NULL; 558656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project a->init=0; 559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project a->flags=0; 560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_read(BIO *b, char *out, int outl) 564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=0; 566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (out == NULL || outl == 0) return(0); 568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b->next_bio == NULL) return(0); 569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=BIO_read(b->next_bio,out,outl); 571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret > 0) 572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ascii2ebcdic(out,out,ret); 573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_write(BIO *b, const char *in, int inl) 577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EBCDIC_OUTBUFF *wbuf; 579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=0; 580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int num; 581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char n; 582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((in == NULL) || (inl <= 0)) return(0); 584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b->next_bio == NULL) return(0); 585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf=(EBCDIC_OUTBUFF *)b->ptr; 587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inl > (num = wbuf->alloced)) 589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project num = num + num; /* double the size */ 591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (num < inl) 592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project num = inl; 593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(wbuf); 594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num); 595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf->alloced = num; 597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wbuf->buff[0] = '\0'; 598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project b->ptr=(char *)wbuf; 600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 602656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic2ascii(wbuf->buff, in, inl); 603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=BIO_write(b->next_bio, wbuf->buff, inl); 605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr) 610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long ret; 612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (b->next_bio == NULL) return(0); 614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (cmd) 615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case BIO_CTRL_DUP: 617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=0L; 618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project default: 620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=BIO_ctrl(b->next_bio,cmd,num,ptr); 621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_gets(BIO *bp, char *buf, int size) 627656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 628656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i, ret=0; 629656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bp->next_bio == NULL) return(0); 630656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* return(BIO_gets(bp->next_bio,buf,size));*/ 631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<size-1; ++i) 632656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = ebcdic_read(bp,&buf[i],1); 634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret <= 0) 635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (buf[i] == '\n') 637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ++i; 639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i < size) 643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[i] = '\0'; 644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return (ret < 0 && i == 0) ? ret : i; 645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ebcdic_puts(BIO *bp, const char *str) 648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bp->next_bio == NULL) return(0); 650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ebcdic_write(bp, str, strlen(str)); 651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* This is a context that we pass to callbacks */ 657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct tlsextctx_st { 658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char * servername; 659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO * biodebug; 660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int extension_error; 661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} tlsextctx; 662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) 665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextctx * p = (tlsextctx *) arg; 667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); 668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (servername && p->biodebug) 669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername); 670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!p->servername) 672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return SSL_TLSEXT_ERR_NOACK; 673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (servername) 675656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (strcmp(servername,p->servername)) 677656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return p->extension_error; 678656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 679656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 680221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(p->biodebug,"Switching server context.\n"); 681656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_SSL_CTX(s,ctx2); 682656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 683656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 684656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return SSL_TLSEXT_ERR_OK; 685656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 686656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 687656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Structure passed to cert status callback */ 688656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 689656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecttypedef struct tlsextstatusctx_st { 690656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Default responder to use */ 691656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *host, *path, *port; 692656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int use_ssl; 693656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int timeout; 694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *err; 695656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int verbose; 696656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} tlsextstatusctx; 697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 698656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0}; 699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Certificate Status callback. This is called when a client includes a 701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * certificate status request extension. 702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This is a simplified version. It examines certificates each time and 704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * makes one OCSP responder query for each request. 705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * A full version would store details such as the OCSP certificate IDs and 707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * minimise the number of OCSP responses by caching them until they were 708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * considered "expired". 709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int cert_status_cb(SSL *s, void *arg) 712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextstatusctx *srctx = arg; 714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *err = srctx->err; 715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *host, *port, *path; 716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int use_ssl; 717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char *rspder = NULL; 718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int rspderlen; 719221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(OPENSSL_STRING) *aia = NULL; 720656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *x = NULL; 721656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_STORE_CTX inctx; 722656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_OBJECT obj; 723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_REQUEST *req = NULL; 724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE *resp = NULL; 725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_CERTID *id = NULL; 726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(X509_EXTENSION) *exts; 727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret = SSL_TLSEXT_ERR_NOACK; 728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectSTACK_OF(OCSP_RESPID) *ids; 731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectSSL_get_tlsext_status_ids(s, &ids); 732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectBIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); 733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (srctx->verbose) 735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: callback called\n"); 736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Build up OCSP query from server certificate */ 737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project x = SSL_get_certificate(s); 738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project aia = X509_get1_ocsp(x); 739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (aia) 740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 741221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), 742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &host, &port, &path, &use_ssl)) 743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: can't parse AIA URL\n"); 745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (srctx->verbose) 748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(err, "cert_status: AIA URL: %s\n", 749221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sk_OPENSSL_STRING_value(aia, 0)); 750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!srctx->host) 754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n"); 756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto done; 757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project host = srctx->host; 759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project path = srctx->path; 760656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project port = srctx->port; 761656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project use_ssl = srctx->use_ssl; 762656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 763656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 764656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_STORE_CTX_init(&inctx, 765656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), 766656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, NULL)) 767656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 768656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (X509_STORE_get_by_subject(&inctx,X509_LU_X509, 769656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_get_issuer_name(x),&obj) <= 0) 770656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 771656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); 772656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_STORE_CTX_cleanup(&inctx); 773656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto done; 774656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 775656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project req = OCSP_REQUEST_new(); 776656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!req) 777656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 778656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project id = OCSP_cert_to_id(NULL, x, obj.data.x509); 779656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(obj.data.x509); 780656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_STORE_CTX_cleanup(&inctx); 781656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!id) 782656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 783656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!OCSP_request_add0_id(req, id)) 784656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 785656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project id = NULL; 786656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Add any extensions to the request */ 787656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_get_tlsext_status_exts(s, &exts); 788656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) 789656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 790656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); 791656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!OCSP_REQUEST_add_ext(req, ext, -1)) 792656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 793656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 794221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom resp = process_responder(err, req, host, path, port, use_ssl, NULL, 795656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project srctx->timeout); 796656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!resp) 797656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 798656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: error querying responder\n"); 799656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto done; 800656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 801656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); 802656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (rspderlen <= 0) 803656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 804656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); 805656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (srctx->verbose) 806656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 807656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(err, "cert_status: ocsp response sent:\n"); 808656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE_print(err, resp, 2); 809656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 810656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = SSL_TLSEXT_ERR_OK; 811656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project done: 812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret != SSL_TLSEXT_ERR_OK) 813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(err); 814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (aia) 815656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(host); 817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(path); 818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(port); 819656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_email_free(aia); 820656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 821656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (id) 822656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_CERTID_free(id); 823656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (req) 824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_REQUEST_free(req); 825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (resp) 826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OCSP_RESPONSE_free(resp); 827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project err: 829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = SSL_TLSEXT_ERR_ALERT_FATAL; 830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto done; 831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 832bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 833bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 834bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen/* This is the context that we pass to next_proto_cb */ 835bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsentypedef struct tlsextnextprotoctx_st { 836bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned char *data; 837bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned int len; 838bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen} tlsextnextprotoctx; 839bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 840bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsenstatic int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg) 841bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 842bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen tlsextnextprotoctx *next_proto = arg; 843bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 844bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen *data = next_proto->data; 845bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen *len = next_proto->len; 846bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 847bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen return SSL_TLSEXT_ERR_OK; 848bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 849bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif /* ndef OPENSSL_NO_NPN */ 850656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 851221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 852656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int, char **); 853656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 854e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 855e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugustatic char *jpake_secret = NULL; 856e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 857e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint MAIN(int argc, char *argv[]) 859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 860221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_VERIFY_PARAM *vpm = NULL; 861221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int badarg = 0; 862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project short port=PORT; 863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *CApath=NULL,*CAfile=NULL; 864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char *context = NULL; 865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *dhfile = NULL; 866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *named_curve = NULL; 868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 869656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int badop=0,bugs=0; 870656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=1; 871656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int off=0; 872656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0; 873656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int state=0; 874221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const SSL_METHOD *meth=NULL; 875221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int socket_type=SOCK_STREAM; 876656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ENGINE *e=NULL; 877656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *inrand=NULL; 878656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; 879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *passarg = NULL, *pass = NULL; 880656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *dpassarg = NULL, *dpass = NULL; 881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; 882656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *s_cert = NULL, *s_dcert = NULL; 883656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *s_key = NULL, *s_dkey = NULL; 88498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom int no_cache = 0; 885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY *s_key2 = NULL; 887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *s_cert2 = NULL; 888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; 891bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 892bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen const char *next_proto_neg_in = NULL; 893bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen tlsextnextprotoctx next_proto; 894bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 895656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 896221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 897221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* by default do not send a PSK identity hint */ 898221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom static char *psk_identity_hint=NULL; 899221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 900656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) 901656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv23_server_method(); 902656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#elif !defined(OPENSSL_NO_SSL3) 903656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv3_server_method(); 904656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#elif !defined(OPENSSL_NO_SSL2) 905656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=SSLv2_server_method(); 906656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 907656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 908656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project local_argc=argc; 909656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project local_argv=argv; 910656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 911656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_startup(); 912656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef MONOLITH 913656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_server_init(); 914656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 915656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 916656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_err == NULL) 917656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); 918656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 919656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!load_config(bio_err, NULL)) 920656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 921656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 922656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=0; 923656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 924656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio=0; 925656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio_test=0; 927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (argc >= 1) 932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((strcmp(*argv,"-port") == 0) || 934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (strcmp(*argv,"-accept") == 0)) 935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 937656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!extract_port(*(++argv),&port)) 938656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 939656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 940656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-verify") == 0) 941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE; 943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=atoi(*(++argv)); 945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify depth is %d\n",verify_depth); 946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 947656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-Verify") == 0) 948656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 949656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT| 950656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_VERIFY_CLIENT_ONCE; 951656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 952656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_depth=atoi(*(++argv)); 953656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth); 954656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-context") == 0) 956656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 957656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project context= (unsigned char *)*(++argv); 959656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cert") == 0) 961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 962656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 963656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file= *(++argv); 964656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 965656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-certform") == 0) 966656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 967656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 968656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_format = str2fmt(*(++argv)); 969656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 970656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-key") == 0) 971656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 972656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 973656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file= *(++argv); 974656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 975656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-keyform") == 0) 976656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 977656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 978656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_format = str2fmt(*(++argv)); 979656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 980656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-pass") == 0) 981656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 982656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 983656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project passarg = *(++argv); 984656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 985656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dhparam") == 0) 986656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 987656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 988656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dhfile = *(++argv); 989656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 990656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 991656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-named_curve") == 0) 992656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 993656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 994656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project named_curve = *(++argv); 995656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 996656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 997656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dcertform") == 0) 998656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 999656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1000656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert_format = str2fmt(*(++argv)); 1001656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1002656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dcert") == 0) 1003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert_file= *(++argv); 1006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1007656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dkeyform") == 0) 1008656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1009656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1010656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_format = str2fmt(*(++argv)); 1011656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1012656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dpass") == 0) 1013656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1014656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1015656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dpassarg = *(++argv); 1016656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1017656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dkey") == 0) 1018656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1019656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1020656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_file= *(++argv); 1021656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1022656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nocert") == 0) 1023656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1024656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project nocert=1; 1025656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1026656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-CApath") == 0) 1027656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1029656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CApath= *(++argv); 1030656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 103198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-no_cache") == 0) 103298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom no_cache = 1; 1033221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) 1034656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1035221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (badarg) 1036221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto bad; 1037221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom continue; 1038656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1039221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-verify_return_error") == 0) 1040221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom verify_return_error = 1; 1041656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-serverpref") == 0) 1042656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; } 104398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else if (strcmp(*argv,"-legacy_renegotiation") == 0) 104498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; 1045656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cipher") == 0) 1046656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1047656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1048656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cipher= *(++argv); 1049656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1050656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-CAfile") == 0) 1051656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1052656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1053656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CAfile= *(++argv); 1054656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1055656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 1056656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nbio") == 0) 1057656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_nbio=1; } 1058656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-nbio_test") == 0) 1060656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1061656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 1062656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio=1; 1063656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1064656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_nbio_test=1; 1065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-debug") == 0) 1067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_debug=1; } 1068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-tlsextdebug") == 0) 1070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextdebug=1; 1071656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-status") == 0) 1072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextstatus=1; 1073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-status_verbose") == 0) 1074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextstatus=1; 1076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlscstatp.verbose = 1; 1077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!strcmp(*argv, "-status_timeout")) 1079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextstatus=1; 1081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1082656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlscstatp.timeout = atoi(*(++argv)); 1083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1084656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (!strcmp(*argv, "-status_url")) 1085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_tlsextstatus=1; 1087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!OCSP_parse_url(*(++argv), 1089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &tlscstatp.host, 1090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &tlscstatp.port, 1091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &tlscstatp.path, 1092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project &tlscstatp.use_ssl)) 1093656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1094656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error parsing URL\n"); 1095656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto bad; 1096656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1097656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1098656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1099656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-msg") == 0) 1100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_msg=1; } 1101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-hack") == 0) 1102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { hack=1; } 1103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-state") == 0) 1104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { state=1; } 1105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-crlf") == 0) 1106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_crlf=1; } 1107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-quiet") == 0) 1108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { s_quiet=1; } 1109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-bugs") == 0) 1110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { bugs=1; } 1111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_tmp_rsa") == 0) 1112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { no_tmp_rsa=1; } 1113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_dhe") == 0) 1114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { no_dhe=1; } 1115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ecdhe") == 0) 1116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { no_ecdhe=1; } 1117221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 1118221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-psk_hint") == 0) 1119221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1120221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (--argc < 1) goto bad; 1121221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_identity_hint= *(++argv); 1122221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1123221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-psk") == 0) 1124221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1125221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom size_t i; 1126221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1127221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (--argc < 1) goto bad; 1128221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_key=*(++argv); 1129221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for (i=0; i<strlen(psk_key); i++) 1130221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 11317d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom if (isxdigit((unsigned char)psk_key[i])) 1132221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom continue; 1133221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"Not a hex number '%s'\n",*argv); 1134221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto bad; 1135221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1136221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1137221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-www") == 0) 1139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { www=1; } 1140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-WWW") == 0) 1141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { www=2; } 1142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-HTTP") == 0) 1143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { www=3; } 1144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ssl2") == 0) 1145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_SSLv2; } 1146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ssl3") == 0) 1147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_SSLv3; } 1148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_tls1") == 0) 1149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_TLSv1; } 1150221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (strcmp(*argv,"-no_comp") == 0) 1151221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { off|=SSL_OP_NO_COMPRESSION; } 1152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-no_ticket") == 0) 1154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { off|=SSL_OP_NO_TICKET; } 1155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_SSL2 1157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ssl2") == 0) 1158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { meth=SSLv2_server_method(); } 1159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_SSL3 1161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-ssl3") == 0) 1162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { meth=SSLv3_server_method(); } 1163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLS1 1165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-tls1") == 0) 1166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { meth=TLSv1_server_method(); } 1167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DTLS1 1169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-dtls1") == 0) 1170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project meth=DTLSv1_server_method(); 1172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project socket_type = SOCK_DGRAM; 1173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-timeout") == 0) 1175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project enable_timeouts = 1; 1176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-mtu") == 0) 1177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 117998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom socket_mtu = atol(*(++argv)); 1180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv, "-chain") == 0) 1182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cert_chain = 1; 1183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv, "-id_prefix") == 0) 1185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project session_id_prefix = *(++argv); 1188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 1190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-engine") == 0) 1191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project engine_id= *(++argv); 1194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-rand") == 0) 1197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inrand= *(++argv); 1200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-servername") == 0) 1203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextcbp.servername= *(++argv); 1206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-servername_fatal") == 0) 1208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; } 1209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-cert2") == 0) 1210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file2= *(++argv); 1213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (strcmp(*argv,"-key2") == 0) 1215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (--argc < 1) goto bad; 1217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file2= *(++argv); 1218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1219bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 1220bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen else if (strcmp(*argv,"-nextprotoneg") == 0) 1221bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 1222bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (--argc < 1) goto bad; 1223bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto_neg_in = *(++argv); 1224bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 1225bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 1226e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 1227221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1228e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu else if (strcmp(*argv,"-jpake") == 0) 1229e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 1230e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (--argc < 1) goto bad; 1231e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu jpake_secret = *(++argv); 1232e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 1233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"unknown option %s\n",*argv); 1237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project badop=1; 1238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 1239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argc--; 1241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project argv++; 1242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (badop) 1244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectbad: 1246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sv_usage(); 1247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1250221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 1251221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (jpake_secret) 1252221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1253221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (psk_key) 1254221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1255221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, 1256221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom "Can't use JPAKE and PSK together\n"); 1257221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 1258221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1259221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom psk_identity = "JPAKE"; 1260221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (cipher) 1261221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1262221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, "JPAKE sets cipher to PSK\n"); 1263221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 1264221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1265221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom cipher = "PSK"; 1266221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1267221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1268221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1269221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_load_error_strings(); 1271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OpenSSL_add_ssl_algorithms(); 1272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 1274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project e = setup_engine(bio_err, engine_id, 1); 1275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) 1278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "Error getting password\n"); 1280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_key_file == NULL) 1285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file = s_cert_file; 1286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_key_file2 == NULL) 1288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file2 = s_cert_file2; 1289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nocert == 0) 1292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e, 1294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "server certificate private key file"); 1295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_key) 1296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert = load_cert(bio_err,s_cert_file,s_cert_format, 1302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, e, "server certificate file"); 1303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_cert) 1305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tlsextcbp.servername) 1312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e, 1314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "second server certificate private key file"); 1315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_key2) 1316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert2 = load_cert(bio_err,s_cert_file2,s_cert_format, 1322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, e, "second server certificate file"); 1323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_cert2) 1325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1332221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1333221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dcert_file) 1335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dkey_file == NULL) 1338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_file = s_dcert_file; 1339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, 1341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, dpass, e, 1342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "second certificate private key file"); 1343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_dkey) 1344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert = load_cert(bio_err,s_dcert_file,s_dcert_format, 1350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL, e, "second server certificate file"); 1351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_dcert) 1353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL 1361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project && !RAND_status()) 1362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 1364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inrand != NULL) 1366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 1367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project app_RAND_load_files(inrand)); 1368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_s_out == NULL) 1370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_quiet && !s_debug && !s_msg) 1372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_s_out=BIO_new(BIO_s_null()); 1374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_s_out == NULL) 1378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE); 1379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) 1383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nocert) 1384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file=NULL; 1387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file=NULL; 1388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dcert_file=NULL; 1389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_dkey_file=NULL; 1390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_cert_file2=NULL; 1392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project s_key_file2=NULL; 1393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx=SSL_CTX_new(meth); 1397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx == NULL) 1398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (session_id_prefix) 1403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(strlen(session_id_prefix) >= 32) 1405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project"warning: id_prefix is too long, only one new session will be possible\n"); 1407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if(strlen(session_id_prefix) >= 16) 1408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project"warning: id_prefix is too long if you use SSLv2\n"); 1410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) 1411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_quiet_shutdown(ctx,1); 1419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); 1420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_options(ctx,off); 1422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* DTLS: partial reads end up discarding unread UDP bytes :-( 1423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Setting read ahead solves this problem. 1424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); 1426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); 142898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (no_cache) 142998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); 143098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else 143198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_sess_set_cache_size(ctx,128); 1432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 1434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (cipher == NULL) cipher=getenv("SSL_CIPHER"); 1435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 1438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_cert_file == NULL) 1439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"You must specify a certificate file for the server to use\n"); 1441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || 1446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (!SSL_CTX_set_default_verify_paths(ctx))) 1447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ 1449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* goto end; */ 1451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1452221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (vpm) 1453221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_CTX_set1_param(ctx, vpm); 1454221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1455656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1456656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_cert2) 1457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ctx2=SSL_CTX_new(meth); 1459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2 == NULL) 1460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Setting secondary ctx parameters\n"); 1469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (session_id_prefix) 1471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(strlen(session_id_prefix) >= 32) 1473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "warning: id_prefix is too long, only one new session will be possible\n"); 1475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if(strlen(session_id_prefix) >= 16) 1476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, 1477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "warning: id_prefix is too long if you use SSLv2\n"); 1478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) 1479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error setting 'id_prefix'\n"); 1481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix); 1485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_quiet_shutdown(ctx2,1); 1487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL); 1488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); 1489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_options(ctx2,off); 1490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* DTLS: partial reads end up discarding unread UDP bytes :-( 1491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Setting read ahead solves this problem. 1492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1); 1494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback); 1496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 149798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (no_cache) 149898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_set_session_cache_mode(ctx2,SSL_SESS_CACHE_OFF); 149998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else 150098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_sess_set_cache_size(ctx2,128); 1501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) || 1503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (!SSL_CTX_set_default_verify_paths(ctx2))) 1504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1507221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (vpm) 1508221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_CTX_set1_param(ctx2, vpm); 1509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1510bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen 1511bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 1512bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto.data) 1513bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); 1514bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 1515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 1518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!no_dhe) 1519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH *dh=NULL; 1521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dhfile) 1523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh = load_dh_param(dhfile); 1524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (s_cert_file) 1525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh = load_dh_param(s_cert_file); 1526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dh != NULL) 1528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Using default temp DH parameters\n"); 1534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh=get_dh512(); 1535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_s_out); 1537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_dh(ctx,dh); 1539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!dhfile) 1543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH *dh2=load_dh_param(s_cert_file2); 1545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dh2 != NULL) 1546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Setting temp DH parameters\n"); 1548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_s_out); 1549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH_free(dh); 1551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dh = dh2; 1552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_dh(ctx2,dh); 1555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1556656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH_free(dh); 1558656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ECDH 1562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!no_ecdhe) 1563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY *ecdh=NULL; 1565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (named_curve) 1567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int nid = OBJ_sn2nid(named_curve); 1569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nid == 0) 1571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "unknown curve name (%s)\n", 1573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project named_curve); 1574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ecdh = EC_KEY_new_by_curve_name(nid); 1577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ecdh == NULL) 1578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err, "unable to create curve (%s)\n", 1580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project named_curve); 1581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ecdh != NULL) 1586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Setting temp ECDH parameters\n"); 1588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1591656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Using default temp ECDH parameters\n"); 1592221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); 1593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ecdh == NULL) 1594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1595221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err, "unable to create curve (nistp256)\n"); 1596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_s_out); 1600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_ecdh(ctx,ecdh); 1602656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_ecdh(ctx2,ecdh); 1605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY_free(ecdh); 1607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!set_cert_key_stuff(ctx,s_cert,s_key)) 1611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2)) 1614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dcert != NULL) 1617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!set_cert_key_stuff(ctx,s_dcert,s_dkey)) 1619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 1623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 1 1624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!no_tmp_rsa) 1625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb); 1627656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1628656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1629656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb); 1630221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1632656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 1633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) 1634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RSA *rsa; 1636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key..."); 1638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_flush(bio_s_out); 1639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rsa=RSA_generate_key(512,RSA_F4,NULL); 1641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!SSL_CTX_set_tmp_rsa(ctx,rsa)) 1643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!SSL_CTX_set_tmp_rsa(ctx2,rsa)) 1651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1656bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# ifndef OPENSSL_NO_NEXTPROTONEG 1657bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto_neg_in) 1658bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 1659bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned short len; 1660bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.data = next_protos_parse(&len, 1661bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto_neg_in); 1662bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto.data == NULL) 1663bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen goto end; 1664bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.len = len; 1665bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 1666bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen else 1667bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 1668bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen next_proto.data = NULL; 1669bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 1670bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen# endif 1671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RSA_free(rsa); 1673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"\n"); 1674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1675656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1677656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1678221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef OPENSSL_NO_PSK 1679221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifdef OPENSSL_NO_JPAKE 1680221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (psk_key != NULL) 1681221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#else 1682221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (psk_key != NULL || jpake_secret) 1683221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1684221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1685221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (s_debug) 1686221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n"); 1687221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_CTX_set_psk_server_callback(ctx, psk_server_cb); 1688221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1689221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1690221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) 1691221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1692221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"error setting PSK identity hint to context\n"); 1693656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1695221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1696221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1697221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1698221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (cipher != NULL) 1699221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1700221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!SSL_CTX_set_cipher_list(ctx,cipher)) 1701221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 1702221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_err,"error setting cipher list\n"); 1703221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_print_errors(bio_err); 1704221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto end; 1705221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher)) 1708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"error setting cipher list\n"); 1710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 1712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1714221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 1715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_verify(ctx,s_server_verify,verify_callback); 1716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context, 1717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sizeof s_server_session_id_context); 1718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 171998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom /* Set DTLS cookie generation and verification callbacks */ 172098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); 172198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); 172298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 1723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback); 1727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context, 1728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sizeof s_server_session_id_context); 1729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlsextcbp.biodebug = bio_s_out; 1731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); 1732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); 1733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); 1734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); 1735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1737221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (CAfile != NULL) 1739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile)); 1741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2) 1743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile)); 1744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1746221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 1747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ACCEPT\n"); 1748221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (void)BIO_flush(bio_s_out); 1749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (www) 1750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do_server(port,socket_type,&accept_socket,www_body, context); 1751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do_server(port,socket_type,&accept_socket,sv_body, context); 1753656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_stats(bio_s_out,ctx); 1754656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=0; 1755656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectend: 1756656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx != NULL) SSL_CTX_free(ctx); 1757656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_cert) 1758656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(s_cert); 1759656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dcert) 1760656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(s_dcert); 1761656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_key) 1762656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(s_key); 1763656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_dkey) 1764656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(s_dkey); 1765656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pass) 1766656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(pass); 1767656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dpass) 1768656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(dpass); 1769656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1770656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ctx2 != NULL) SSL_CTX_free(ctx2); 1771656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_cert2) 1772656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(s_cert2); 1773656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_key2) 1774656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_PKEY_free(s_key2); 1775656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1776656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio_s_out != NULL) 1777656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1778656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(bio_s_out); 1779656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project bio_s_out=NULL; 1780656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1781656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project apps_shutdown(); 1782656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_EXIT(ret); 1783656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1784656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1785656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_stats(BIO *bio, SSL_CTX *ssl_ctx) 1786656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1787656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld items in the session cache\n", 1788656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_number(ssl_ctx)); 1789656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld client connects (SSL_connect())\n", 1790656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_connect(ssl_ctx)); 1791656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld client renegotiates (SSL_connect())\n", 1792656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_connect_renegotiate(ssl_ctx)); 1793656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld client connects that finished\n", 1794656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_connect_good(ssl_ctx)); 1795656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld server accepts (SSL_accept())\n", 1796656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_accept(ssl_ctx)); 1797656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld server renegotiates (SSL_accept())\n", 1798656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_accept_renegotiate(ssl_ctx)); 1799656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld server accepts that finished\n", 1800656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_accept_good(ssl_ctx)); 1801656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld session cache hits\n",SSL_CTX_sess_hits(ssl_ctx)); 1802656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld session cache misses\n",SSL_CTX_sess_misses(ssl_ctx)); 1803656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx)); 1804656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx)); 1805656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio,"%4ld cache full overflows (%ld allowed)\n", 1806656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_cache_full(ssl_ctx), 1807656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_sess_get_cache_size(ssl_ctx)); 1808656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1809656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1810656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int sv_body(char *hostname, int s, unsigned char *context) 1811656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1812656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *buf=NULL; 1813656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fd_set readfds; 1814656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=1,width; 1815656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int k,i; 1816656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long l; 1817656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL *con=NULL; 1818656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *sbio; 181998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom struct timeval timeout; 1820221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) 1821656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project struct timeval tv; 182298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#else 182398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom struct timeval *timeoutp; 1824656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1825656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1826656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((buf=OPENSSL_malloc(bufsize)) == NULL) 1827656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1828656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"out of memory\n"); 1829656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 1830656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1831656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 1832656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_nbio) 1833656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1834656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long sl=1; 1835656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1836656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 1837656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"turning on non blocking io\n"); 1838656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 1839656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 1840656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1841656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1842656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1843656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (con == NULL) { 1844656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project con=SSL_new(ctx); 1845656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1846656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_tlsextdebug) 1847656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1848656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_callback(con, tlsext_cb); 1849656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_arg(con, bio_s_out); 1850656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1851656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_tlsextstatus) 1852656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1853656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); 1854656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tlscstatp.err = bio_err; 1855656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); 1856656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1857656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1858656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_KRB5 1859656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((con->kssl_ctx = kssl_ctx_new()) != NULL) 1860656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1861656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, 1862656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project KRB5SVC); 1863656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, 1864656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project KRB5KEYTAB); 1865656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1866656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif /* OPENSSL_NO_KRB5 */ 1867656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(context) 1868656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_session_id_context(con, context, 1869656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen((char *)context)); 1870656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1871656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_clear(con); 1872221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if 0 1873221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifdef TLSEXT_TYPE_opaque_prf_input 1874221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_set_tlsext_opaque_prf_input(con, "Test server", 11); 1875221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1876221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#endif 1877656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1878656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_version(con) == DTLS1_VERSION) 1879656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1880656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1881656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_dgram(s,BIO_NOCLOSE); 1882656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1883221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (enable_timeouts) 1884656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1885656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_sec = 0; 1886656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_usec = DGRAM_RCV_TIMEOUT; 1887656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); 1888656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1889656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_sec = 0; 1890656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project timeout.tv_usec = DGRAM_SND_TIMEOUT; 1891656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); 1892656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1893656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 189498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if (socket_mtu > 28) 1895656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1896656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_options(con, SSL_OP_NO_QUERY_MTU); 189798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_set_mtu(con, socket_mtu - 28); 1898656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1899656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1900656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* want to do MTU discovery */ 1901656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); 1902656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1903656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* turn on cookie exchange */ 1904656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); 1905656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1906656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 1907656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_socket(s,BIO_NOCLOSE); 1908656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1909656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_nbio_test) 1910656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1911656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *test; 1912656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1913656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project test=BIO_new(BIO_f_nbio_test()); 1914656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_push(test,sbio); 1915656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1916e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#ifndef OPENSSL_NO_JPAKE 1917e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if(jpake_secret) 1918e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu jpake_server_auth(bio_s_out, sbio, jpake_secret); 1919e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu#endif 1920e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 1921656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_bio(con,sbio,sbio); 1922656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_accept_state(con); 1923656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* SSL_set_fd(con,s); */ 1924656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1925656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_debug) 1926656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1927656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project con->debug=1; 1928656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 1929656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 1930656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1931656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_msg) 1932656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1933656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback(con, msg_cb); 1934656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback_arg(con, bio_s_out); 1935656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1936656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 1937656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_tlsextdebug) 1938656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1939656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_callback(con, tlsext_cb); 1940656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_arg(con, bio_s_out); 1941656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 1942656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1943656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1944656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project width=s+1; 1945656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 1946656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1947656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int read_from_terminal; 1948656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int read_from_sslcon; 1949656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1950656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_terminal = 0; 1951656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_sslcon = SSL_pending(con); 1952656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 1953656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!read_from_sslcon) 1954656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 1955656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project FD_ZERO(&readfds); 1956221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5) 1957221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom openssl_fdset(fileno(stdin),&readfds); 1958656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 1959221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom openssl_fdset(s,&readfds); 1960656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Note: under VMS with SOCKETSHR the second parameter is 1961656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * currently of type (int *) whereas under other systems 1962656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * it is (void *) if you don't have a cast it will choke 1963656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the compiler: if you do have a cast then you can either 1964656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * go for (int *) or (void *). 1965656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1966656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) 1967656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Under DOS (non-djgpp) and Windows we can't select on stdin: only 1968656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * on sockets. As a workaround we timeout the select every 1969656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * second and check for any keypress. In a proper Windows 1970656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * application we wouldn't do this because it is inefficient. 1971656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 1972656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_sec = 1; 1973656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tv.tv_usec = 0; 1974656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=select(width,(void *)&readfds,NULL,NULL,&tv); 1975656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if((i < 0) || (!i && !_kbhit() ) )continue; 1976656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(_kbhit()) 1977656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_terminal = 1; 1978221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#elif defined(OPENSSL_SYS_BEOS_R5) 1979221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Under BeOS-R5 the situation is similar to DOS */ 1980221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom tv.tv_sec = 1; 1981221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom tv.tv_usec = 0; 1982221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK); 1983221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i=select(width,(void *)&readfds,NULL,NULL,&tv); 1984221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0)) 1985221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom continue; 1986221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (read(fileno(stdin), buf, 0) >= 0) 1987221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom read_from_terminal = 1; 1988221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (void)fcntl(fileno(stdin), F_SETFL, 0); 1989656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 199098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if ((SSL_version(con) == DTLS1_VERSION) && 199198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom DTLSv1_get_timeout(con, &timeout)) 199298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom timeoutp = &timeout; 199398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom else 199498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom timeoutp = NULL; 199598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 199698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom i=select(width,(void *)&readfds,NULL,NULL,timeoutp); 199798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 199898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) 199998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom { 200098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_err,"TIMEOUT occured\n"); 200198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom } 200298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom 2003656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) continue; 2004656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (FD_ISSET(fileno(stdin),&readfds)) 2005656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_terminal = 1; 2006656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2007656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (FD_ISSET(s,&readfds)) 2008656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project read_from_sslcon = 1; 2009656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2010656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (read_from_terminal) 2011656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2012656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_crlf) 2013656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2014656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int j, lf_num; 2015656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2016221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i=raw_read_stdin(buf, bufsize/2); 2017656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num = 0; 2018656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* both loops are skipped when i <= 0 */ 2019656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j = 0; j < i; j++) 2020656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[j] == '\n') 2021656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num++; 2022656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j = i-1; j >= 0; j--) 2023656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2024656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[j+lf_num] = buf[j]; 2025656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[j] == '\n') 2026656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2027656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project lf_num--; 2028656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 2029656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[j+lf_num] = '\r'; 2030656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2031656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2032656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project assert(lf_num == 0); 2033656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2034656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2035221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i=raw_read_stdin(buf,bufsize); 2036656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2037656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2038656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((i <= 0) || (buf[0] == 'Q')) 2039656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2040656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DONE\n"); 2041656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(s); 2042656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project close_accept_socket(); 2043656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret= -11; 2044656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2045656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2046656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((i <= 0) || (buf[0] == 'q')) 2047656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2048656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DONE\n"); 2049656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_version(con) != DTLS1_VERSION) 2050656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN(s); 2051656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* close_accept_socket(); 2052656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret= -11;*/ 2053656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2054656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2055221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 2056656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((buf[0] == 'r') && 2057656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((buf[1] == '\n') || (buf[1] == '\r'))) 2058656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2059656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 2060656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=SSL_do_handshake(con); 2061656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project printf("SSL_do_handshake -> %d\n",i); 2062656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=0; /*13; */ 2063656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 2064656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* strcpy(buf,"server side RE-NEGOTIATE\n"); */ 2065656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2066656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((buf[0] == 'R') && 2067656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((buf[1] == '\n') || (buf[1] == '\r'))) 2068656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2069656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_verify(con, 2070656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL); 2071656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 2072656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=SSL_do_handshake(con); 2073656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project printf("SSL_do_handshake -> %d\n",i); 2074656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=0; /* 13; */ 2075656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 2076656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */ 2077656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2078656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[0] == 'P') 2079656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2080656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static const char *str="Lets print some clear text\n"; 2081656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(SSL_get_wbio(con),str,strlen(str)); 2082656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2083656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf[0] == 'S') 2084656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2085656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_stats(bio_s_out,SSL_get_SSL_CTX(con)); 2086656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2087656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2088656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 2089656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ebcdic2ascii(buf,buf,i); 2090656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2091656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l=k=0; 2092656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2093656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2094656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* should do a select for the write */ 2095656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef RENEG 2096656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } } 2097656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2098656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=SSL_write(con,&(buf[l]),(unsigned int)i); 2099656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,k)) 2100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 2102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 2104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 2105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 2106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Write BLOCK\n"); 2107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 2109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 2110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ERROR\n"); 2111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* break; */ 2115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 2116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DONE\n"); 2117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project l+=k; 2121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i-=k; 2122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) break; 2123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (read_from_sslcon) 2126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!SSL_is_init_finished(con)) 2128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=init_ssl_connection(con); 2130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i < 0) 2132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=0; 2134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (i == 0) 2137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectagain: 2145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=SSL_read(con,(char *)buf,bufsize); 2146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,i)) 2147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 2149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 2150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ascii2ebcdic(buf,buf,i); 2151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2152221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom raw_write_stdout(buf, 2153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned int)i); 2154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_pending(con)) goto again; 2155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 2157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 2158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 2159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Read BLOCK\n"); 2160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 2162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 2163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ERROR\n"); 2164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 2168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DONE\n"); 2169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 2176221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (con != NULL) 2177221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 2178221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(bio_s_out,"shutting down SSL\n"); 2179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 1 2180221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 2182221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_shutdown(con); 2183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2184221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom SSL_free(con); 2185221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 2186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); 2187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf != NULL) 2188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_cleanse(buf,bufsize); 2190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(buf); 2191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret >= 0) 2193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ACCEPT\n"); 2194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 2195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void close_accept_socket(void) 2198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"shutdown accept socket\n"); 2200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (accept_socket >= 0) 2201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SHUTDOWN2(accept_socket); 2203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int init_ssl_connection(SSL *con) 2207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 2209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char *str; 2210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *peer; 2211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long verify_error; 2212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MS_STATIC char buf[BUFSIZ]; 2213bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2214bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen const unsigned char *next_proto_neg; 2215bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen unsigned next_proto_neg_len; 2216bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#endif 2217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((i=SSL_accept(con)) <= 0) 2219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_sock_should_retry(i)) 2221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"DELAY\n"); 2223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 2224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"ERROR\n"); 2227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project verify_error=SSL_get_verify_result(con); 2228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (verify_error != X509_V_OK) 2229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"verify error:%s\n", 2231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_verify_cert_error_string(verify_error)); 2232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 2236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con)); 2239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project peer=SSL_get_peer_certificate(con); 2241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) 2242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Client certificate\n"); 2244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(bio_s_out,peer); 2245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf); 2246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"subject=%s\n",buf); 2247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf); 2248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"issuer=%s\n",buf); 2249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_free(peer); 2250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL) 2253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); 2254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); 2255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); 2256bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) 2257bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); 2258bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen if (next_proto_neg) 2259bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen { 2260bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_s_out,"NEXTPROTO is "); 2261bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); 2262bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen BIO_printf(bio_s_out, "\n"); 2263bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen } 2264bf9ac266e34f910ace31880ea92b8deaf6212aa6Kristian Monsen#endif 2265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n"); 2266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & 2267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project TLS1_FLAGS_TLS_PADDING_BUG) 2268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n"); 2269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_KRB5 2270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (con->kssl_ctx->client_princ != NULL) 2271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"Kerberos peer principal is %s\n", 2273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project con->kssl_ctx->client_princ); 2274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif /* OPENSSL_NO_KRB5 */ 227698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", 227798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); 2278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 2279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_DH 2282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic DH *load_dh_param(const char *dhfile) 2283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DH *ret=NULL; 2285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *bio; 2286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((bio=BIO_new_file(dhfile,"r")) == NULL) 2288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL); 2290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 2291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (bio != NULL) BIO_free(bio); 2292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 2293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 2297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int load_CA(SSL_CTX *ctx, char *file) 2298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project FILE *in; 2300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *x=NULL; 2301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((in=fopen(file,"r")) == NULL) 2303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 2304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (PEM_read_X509(in,&x,NULL) == NULL) 2308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CTX_add_client_CA(ctx,x); 2310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (x != NULL) X509_free(x); 2312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fclose(in); 2313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 2314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int www_body(char *hostname, int s, unsigned char *context) 2318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *buf=NULL; 2320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret=1; 232143c12e3d4f9bbbbd4a8ba7b149686437514bc6b6Brian Carlstrom int i,j,k,dot; 2322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL *con; 2323221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const SSL_CIPHER *c; 2324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *io,*ssl_bio,*sbio; 2325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf=OPENSSL_malloc(bufsize); 2327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf == NULL) return(0); 2328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project io=BIO_new(BIO_f_buffer()); 2329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssl_bio=BIO_new(BIO_f_ssl()); 2330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((io == NULL) || (ssl_bio == NULL)) goto err; 2331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef FIONBIO 2333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_nbio) 2334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long sl=1; 2336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"turning on non blocking io\n"); 2339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0) 2340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* lets make the output buffer a reasonable size */ 2345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BIO_set_write_buffer_size(io,bufsize)) goto err; 2346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((con=SSL_new(ctx)) == NULL) goto err; 2348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_TLSEXT 2349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_tlsextdebug) 2350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_callback(con, tlsext_cb); 2352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_tlsext_debug_arg(con, bio_s_out); 2353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_KRB5 2356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((con->kssl_ctx = kssl_ctx_new()) != NULL) 2357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVICE, KRB5SVC); 2359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project kssl_ctx_setstring(con->kssl_ctx, KSSL_KEYTAB, KRB5KEYTAB); 2360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif /* OPENSSL_NO_KRB5 */ 2362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(context) SSL_set_session_id_context(con, context, 2363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen((char *)context)); 2364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_new_socket(s,BIO_NOCLOSE); 2366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_nbio_test) 2367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *test; 2369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project test=BIO_new(BIO_f_nbio_test()); 2371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sbio=BIO_push(test,sbio); 2372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_bio(con,sbio,sbio); 2374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_accept_state(con); 2375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* SSL_set_fd(con,s); */ 2377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_ssl(ssl_bio,con,BIO_CLOSE); 2378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_push(io,ssl_bio); 2379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef CHARSET_EBCDIC 2380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io); 2381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_debug) 2384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project con->debug=1; 2386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback(SSL_get_rbio(con),bio_dump_callback); 2387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out); 2388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s_msg) 2390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback(con, msg_cb); 2392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_msg_callback_arg(con, bio_s_out); 2393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (hack) 2398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=SSL_accept(con); 2400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (SSL_get_error(con,i)) 2402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_NONE: 2404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_WRITE: 2406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_READ: 2407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_WANT_X509_LOOKUP: 2408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 2409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SYSCALL: 2410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_SSL: 2411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case SSL_ERROR_ZERO_RETURN: 2412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* break; */ 2415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 2418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_write(con,NULL,0); 2419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=BIO_gets(io,buf,bufsize-1); 2422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i < 0) /* error */ 2423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BIO_should_retry(io)) 2425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(bio_err); 2428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 2429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"read R BLOCK\n"); 2433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if defined(OPENSSL_SYS_NETWARE) 2434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project delay(1000); 2435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__) 2436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sleep(1); 2437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 2439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (i == 0) /* end of input */ 2442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 2444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto end; 2445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* else we have data */ 2448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) || 2449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((www == 2) && (strncmp("GET /stats ",buf,10) == 0))) 2450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p; 2452656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509 *peer; 2453656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(SSL_CIPHER) *sk; 2454656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static const char *space=" "; 2455656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2456656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n"); 2458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"<pre>\n"); 2459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ 2460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<local_argc; i++) 2462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,local_argv[i]); 2464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(io," ",1); 2465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* The following is evil and should not really 2469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * be done */ 2470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"Ciphers supported in s_server binary\n"); 2471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk=SSL_get_ciphers(con); 2472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=sk_SSL_CIPHER_num(sk); 2473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<j; i++) 2474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c=sk_SSL_CIPHER_value(sk,i); 2476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"%-11s:%-25s", 2477656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_version(c), 2478656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_name(c)); 2479656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((((i+1)%2) == 0) && (i+1 != j)) 2480656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2481656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2482656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2483656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=SSL_get_shared_ciphers(con,buf,bufsize); 2484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (p != NULL) 2485656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"---\nCiphers common between both SSL end points:\n"); 2487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=i=0; 2488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (*p) 2489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*p == ':') 2491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(io,space,26-j); 2493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i++; 2494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=0; 2495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(io,((i%3)?" ":"\n"),1); 2496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_write(io,p,1); 2500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j++; 2501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p++; 2503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"\n"); 2505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,((con->hit) 2507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ?"---\nReused, " 2508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project :"---\nNew, ")); 2509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project c=SSL_get_current_cipher(con); 2510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"%s, Cipher is %s\n", 2511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_version(c), 2512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_CIPHER_get_name(c)); 2513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_SESSION_print(io,SSL_get_session(con)); 2514656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"---\n"); 2515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_stats(io,SSL_get_SSL_CTX(con)); 2516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"---\n"); 2517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project peer=SSL_get_peer_certificate(con); 2518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (peer != NULL) 2519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"Client certificate\n"); 2521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_print(io,peer); 2522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project PEM_write_bio_X509(io,peer); 2523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"no client certificate available\n"); 2526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"</BODY></HTML>\r\n\r\n"); 2527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if ((www == 2 || www == 3) 2530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project && (strncmp("GET /",buf,5) == 0)) 2531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *file; 2533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *p,*e; 2534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; 2535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* skip the '/' */ 2537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p= &(buf[5]); 2538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = 1; 2540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (e=p; *e != '\0'; e++) 2541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (e[0] == ' ') 2543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch (dot) 2546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case 1: 2548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (e[0] == '.') ? 2 : 0; 2549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case 2: 2551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (e[0] == '.') ? 3 : 0; 2552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case 3: 2554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (e[0] == '/') ? -1 : 0; 2555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2556656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dot == 0) 2558656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (e[0] == '/') ? 1 : 0; 2559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dot = (dot == 3) || (dot == -1); /* filename contains ".." component */ 2561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*e == '\0') 2563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"'%s' is an invalid file name\r\n",p); 2566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *e='\0'; 2569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dot) 2571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"'%s' contains '..' reference\r\n",p); 2574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (*p == '/') 2578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"'%s' is an invalid path\r\n",p); 2581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 2585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* append if a directory lookup */ 2586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (e[-1] == '/') 2587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strcat(p,"index.html"); 2588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* if a directory, do the index thang */ 2591221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (app_isdir(p)>0) 2592656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2593656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 0 /* must check buffer size */ 2594656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strcat(p,"/index.html"); 2595656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 2596656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2597656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"'%s' is a directory\r\n",p); 2598656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2599656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2600656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2601656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2602656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((file=BIO_new_file(p,"r")) == NULL) 2603656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2604656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,text); 2605656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(io,"Error opening '%s'\r\n",p); 2606656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(io); 2607656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2608656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2609656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2610656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2611656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"FILE:%s\n",p); 2612656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2613656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (www == 2) 2614656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2615656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=strlen(p); 2616656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) || 2617656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) || 2618656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0))) 2619656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); 2620656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2621656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); 2622656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2623656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* send the file */ 2624656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2625656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2626656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=BIO_read(file,buf,bufsize); 2627656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) break; 2628656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2629656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef RENEG 2630656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project total_bytes+=i; 2631656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fprintf(stderr,"%d\n",i); 2632656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (total_bytes > 3*1024) 2633656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2634656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project total_bytes=0; 2635656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fprintf(stderr,"RENEGOTIATE\n"); 2636656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_renegotiate(con); 2637656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2638656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2639656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2640656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (j=0; j<i; ) 2641656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2642656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef RENEG 2643656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ static count=0; if (++count == 13) { SSL_renegotiate(con); } } 2644656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2645656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=BIO_write(io,&(buf[j]),i-j); 2646656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (k <= 0) 2647656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2648656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BIO_should_retry(io)) 2649656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto write_error; 2650656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2651656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2652656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"rwrite W BLOCK\n"); 2653656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2654656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2655656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2656656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2657656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j+=k; 2658656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2659656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2660656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2661656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectwrite_error: 2662656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(file); 2663656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2664656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2665656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2666656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2667656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (;;) 2668656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2669656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=(int)BIO_flush(io); 2670656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i <= 0) 2671656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2672656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BIO_should_retry(io)) 2673656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2674656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2675656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 2676656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 2677656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2678656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectend: 2679656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if 1 2680656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* make sure we re-use sessions */ 2681656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2682656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 2683656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* This kills performance */ 2684656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* SSL_shutdown(con); A shutdown gets sent in the 2685656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * BIO_free_all(io) procession */ 2686656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2687656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2688656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 2689656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2690656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret >= 0) 2691656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_s_out,"ACCEPT\n"); 2692656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2693656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf != NULL) OPENSSL_free(buf); 2694656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (io != NULL) BIO_free_all(io); 2695656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ 2696656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 2697656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2698656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2699656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_RSA 2700656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) 2701656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2702656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIGNUM *bn = NULL; 2703656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static RSA *rsa_tmp=NULL; 2704656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2705656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!rsa_tmp && ((bn = BN_new()) == NULL)) 2706656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Allocation error in generating RSA key\n"); 2707656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!rsa_tmp && bn) 2708656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2709656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2710656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2711656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); 2712656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_err); 2713656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2714656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) || 2715656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) 2716656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2717656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(rsa_tmp) RSA_free(rsa_tmp); 2718656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project rsa_tmp = NULL; 2719656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2720656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!s_quiet) 2721656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2722656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(bio_err,"\n"); 2723656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(bio_err); 2724656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2725656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BN_free(bn); 2726656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2727656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(rsa_tmp); 2728656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2729656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 2730656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 2731656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define MAX_SESSION_ID_ATTEMPTS 10 2732656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int generate_session_id(const SSL *ssl, unsigned char *id, 2733656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int *id_len) 2734656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 2735656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int count = 0; 2736656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do { 2737656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RAND_pseudo_bytes(id, *id_len); 2738656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Prefix the session_id with the required prefix. NB: If our 2739656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prefix is too long, clip it - but there will be worse effects 2740656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * anyway, eg. the server could only possibly create 1 session 2741656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ID (ie. the prefix!) so all future session negotiations will 2742656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * fail due to conflicts. */ 2743656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(id, session_id_prefix, 2744656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (strlen(session_id_prefix) < *id_len) ? 2745656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen(session_id_prefix) : *id_len); 2746656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2747656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while(SSL_has_matching_session_id(ssl, id, *id_len) && 2748656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (++count < MAX_SESSION_ID_ATTEMPTS)); 2749656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(count >= MAX_SESSION_ID_ATTEMPTS) 2750656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 2751656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 2752656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 2753