1 |
|
|
/* $OpenBSD: s_server.c,v 1.24 2015/12/23 20:43:42 mmcc Exp $ */ |
2 |
|
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 |
|
|
* All rights reserved. |
4 |
|
|
* |
5 |
|
|
* This package is an SSL implementation written |
6 |
|
|
* by Eric Young (eay@cryptsoft.com). |
7 |
|
|
* The implementation was written so as to conform with Netscapes SSL. |
8 |
|
|
* |
9 |
|
|
* This library is free for commercial and non-commercial use as long as |
10 |
|
|
* the following conditions are aheared to. The following conditions |
11 |
|
|
* apply to all code found in this distribution, be it the RC4, RSA, |
12 |
|
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation |
13 |
|
|
* included with this distribution is covered by the same copyright terms |
14 |
|
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com). |
15 |
|
|
* |
16 |
|
|
* Copyright remains Eric Young's, and as such any Copyright notices in |
17 |
|
|
* the code are not to be removed. |
18 |
|
|
* If this package is used in a product, Eric Young should be given attribution |
19 |
|
|
* as the author of the parts of the library used. |
20 |
|
|
* This can be in the form of a textual message at program startup or |
21 |
|
|
* in documentation (online or textual) provided with the package. |
22 |
|
|
* |
23 |
|
|
* Redistribution and use in source and binary forms, with or without |
24 |
|
|
* modification, are permitted provided that the following conditions |
25 |
|
|
* are met: |
26 |
|
|
* 1. Redistributions of source code must retain the copyright |
27 |
|
|
* notice, this list of conditions and the following disclaimer. |
28 |
|
|
* 2. Redistributions in binary form must reproduce the above copyright |
29 |
|
|
* notice, this list of conditions and the following disclaimer in the |
30 |
|
|
* documentation and/or other materials provided with the distribution. |
31 |
|
|
* 3. All advertising materials mentioning features or use of this software |
32 |
|
|
* must display the following acknowledgement: |
33 |
|
|
* "This product includes cryptographic software written by |
34 |
|
|
* Eric Young (eay@cryptsoft.com)" |
35 |
|
|
* The word 'cryptographic' can be left out if the rouines from the library |
36 |
|
|
* being used are not cryptographic related :-). |
37 |
|
|
* 4. If you include any Windows specific code (or a derivative thereof) from |
38 |
|
|
* the apps directory (application code) you must include an acknowledgement: |
39 |
|
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
40 |
|
|
* |
41 |
|
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
42 |
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
43 |
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
44 |
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
45 |
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
46 |
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
47 |
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
48 |
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
49 |
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
50 |
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
51 |
|
|
* SUCH DAMAGE. |
52 |
|
|
* |
53 |
|
|
* The licence and distribution terms for any publically available version or |
54 |
|
|
* derivative of this code cannot be changed. i.e. this code cannot simply be |
55 |
|
|
* copied and put under another distribution licence |
56 |
|
|
* [including the GNU Public Licence.] |
57 |
|
|
*/ |
58 |
|
|
/* ==================================================================== |
59 |
|
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. |
60 |
|
|
* |
61 |
|
|
* Redistribution and use in source and binary forms, with or without |
62 |
|
|
* modification, are permitted provided that the following conditions |
63 |
|
|
* are met: |
64 |
|
|
* |
65 |
|
|
* 1. Redistributions of source code must retain the above copyright |
66 |
|
|
* notice, this list of conditions and the following disclaimer. |
67 |
|
|
* |
68 |
|
|
* 2. Redistributions in binary form must reproduce the above copyright |
69 |
|
|
* notice, this list of conditions and the following disclaimer in |
70 |
|
|
* the documentation and/or other materials provided with the |
71 |
|
|
* distribution. |
72 |
|
|
* |
73 |
|
|
* 3. All advertising materials mentioning features or use of this |
74 |
|
|
* software must display the following acknowledgment: |
75 |
|
|
* "This product includes software developed by the OpenSSL Project |
76 |
|
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)" |
77 |
|
|
* |
78 |
|
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
79 |
|
|
* endorse or promote products derived from this software without |
80 |
|
|
* prior written permission. For written permission, please contact |
81 |
|
|
* openssl-core@openssl.org. |
82 |
|
|
* |
83 |
|
|
* 5. Products derived from this software may not be called "OpenSSL" |
84 |
|
|
* nor may "OpenSSL" appear in their names without prior written |
85 |
|
|
* permission of the OpenSSL Project. |
86 |
|
|
* |
87 |
|
|
* 6. Redistributions of any form whatsoever must retain the following |
88 |
|
|
* acknowledgment: |
89 |
|
|
* "This product includes software developed by the OpenSSL Project |
90 |
|
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)" |
91 |
|
|
* |
92 |
|
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
93 |
|
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
94 |
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
95 |
|
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
96 |
|
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
97 |
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
98 |
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
99 |
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
100 |
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
101 |
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
102 |
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
103 |
|
|
* OF THE POSSIBILITY OF SUCH DAMAGE. |
104 |
|
|
* ==================================================================== |
105 |
|
|
* |
106 |
|
|
* This product includes cryptographic software written by Eric Young |
107 |
|
|
* (eay@cryptsoft.com). This product includes software written by Tim |
108 |
|
|
* Hudson (tjh@cryptsoft.com). |
109 |
|
|
* |
110 |
|
|
*/ |
111 |
|
|
/* ==================================================================== |
112 |
|
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. |
113 |
|
|
* ECC cipher suite support in OpenSSL originally developed by |
114 |
|
|
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. |
115 |
|
|
*/ |
116 |
|
|
/* ==================================================================== |
117 |
|
|
* Copyright 2005 Nokia. All rights reserved. |
118 |
|
|
* |
119 |
|
|
* The portions of the attached software ("Contribution") is developed by |
120 |
|
|
* Nokia Corporation and is licensed pursuant to the OpenSSL open source |
121 |
|
|
* license. |
122 |
|
|
* |
123 |
|
|
* The Contribution, originally written by Mika Kousa and Pasi Eronen of |
124 |
|
|
* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites |
125 |
|
|
* support (see RFC 4279) to OpenSSL. |
126 |
|
|
* |
127 |
|
|
* No patent licenses or other rights except those expressly stated in |
128 |
|
|
* the OpenSSL open source license shall be deemed granted or received |
129 |
|
|
* expressly, by implication, estoppel, or otherwise. |
130 |
|
|
* |
131 |
|
|
* No assurances are provided by Nokia that the Contribution does not |
132 |
|
|
* infringe the patent or other intellectual property rights of any third |
133 |
|
|
* party or that the license provides you with all the necessary rights |
134 |
|
|
* to make use of the Contribution. |
135 |
|
|
* |
136 |
|
|
* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN |
137 |
|
|
* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA |
138 |
|
|
* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY |
139 |
|
|
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR |
140 |
|
|
* OTHERWISE. |
141 |
|
|
*/ |
142 |
|
|
|
143 |
|
|
/* Until the key-gen callbacks are modified to use newer prototypes, we allow |
144 |
|
|
* deprecated functions for openssl-internal code */ |
145 |
|
|
#ifdef OPENSSL_NO_DEPRECATED |
146 |
|
|
#undef OPENSSL_NO_DEPRECATED |
147 |
|
|
#endif |
148 |
|
|
|
149 |
|
|
#include <sys/types.h> |
150 |
|
|
#include <sys/socket.h> |
151 |
|
|
|
152 |
|
|
#include <assert.h> |
153 |
|
|
#include <ctype.h> |
154 |
|
|
#include <stdio.h> |
155 |
|
|
#include <stdlib.h> |
156 |
|
|
#include <limits.h> |
157 |
|
|
#include <string.h> |
158 |
|
|
#include <unistd.h> |
159 |
|
|
#include <poll.h> |
160 |
|
|
|
161 |
|
|
#include "apps.h" |
162 |
|
|
|
163 |
|
|
#include <openssl/bn.h> |
164 |
|
|
#include <openssl/err.h> |
165 |
|
|
#include <openssl/lhash.h> |
166 |
|
|
#include <openssl/ocsp.h> |
167 |
|
|
#include <openssl/pem.h> |
168 |
|
|
#include <openssl/ssl.h> |
169 |
|
|
#include <openssl/x509.h> |
170 |
|
|
|
171 |
|
|
#ifndef OPENSSL_NO_DH |
172 |
|
|
#include <openssl/dh.h> |
173 |
|
|
#endif |
174 |
|
|
|
175 |
|
|
#include <openssl/rsa.h> |
176 |
|
|
|
177 |
|
|
#include "s_apps.h" |
178 |
|
|
#include "timeouts.h" |
179 |
|
|
|
180 |
|
|
static int sv_body(char *hostname, int s, unsigned char *context); |
181 |
|
|
static int www_body(char *hostname, int s, unsigned char *context); |
182 |
|
|
static void close_accept_socket(void); |
183 |
|
|
static void sv_usage(void); |
184 |
|
|
static int init_ssl_connection(SSL * s); |
185 |
|
|
static void print_stats(BIO * bp, SSL_CTX * ctx); |
186 |
|
|
static int |
187 |
|
|
generate_session_id(const SSL * ssl, unsigned char *id, |
188 |
|
|
unsigned int *id_len); |
189 |
|
|
#ifndef OPENSSL_NO_DH |
190 |
|
|
static DH *load_dh_param(const char *dhfile); |
191 |
|
|
#endif |
192 |
|
|
|
193 |
|
|
static void s_server_init(void); |
194 |
|
|
|
195 |
|
|
/* static int load_CA(SSL_CTX *ctx, char *file);*/ |
196 |
|
|
|
197 |
|
|
#define BUFSIZZ 16*1024 |
198 |
|
|
static int bufsize = BUFSIZZ; |
199 |
|
|
static int accept_socket = -1; |
200 |
|
|
|
201 |
|
|
#define TEST_CERT "server.pem" |
202 |
|
|
#define TEST_CERT2 "server2.pem" |
203 |
|
|
|
204 |
|
|
static char *cipher = NULL; |
205 |
|
|
static int s_server_verify = SSL_VERIFY_NONE; |
206 |
|
|
static int s_server_session_id_context = 1; /* anything will do */ |
207 |
|
|
static const char *s_cert_file = TEST_CERT, *s_key_file = NULL; |
208 |
|
|
static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL; |
209 |
|
|
static char *s_dcert_file = NULL, *s_dkey_file = NULL; |
210 |
|
|
static int s_nbio = 0; |
211 |
|
|
static int s_nbio_test = 0; |
212 |
|
|
int s_crlf = 0; |
213 |
|
|
static SSL_CTX *ctx = NULL; |
214 |
|
|
static SSL_CTX *ctx2 = NULL; |
215 |
|
|
static int www = 0; |
216 |
|
|
|
217 |
|
|
static BIO *bio_s_out = NULL; |
218 |
|
|
static int s_debug = 0; |
219 |
|
|
static int s_tlsextdebug = 0; |
220 |
|
|
static int s_tlsextstatus = 0; |
221 |
|
|
static int cert_status_cb(SSL * s, void *arg); |
222 |
|
|
static int s_msg = 0; |
223 |
|
|
static int s_quiet = 0; |
224 |
|
|
|
225 |
|
|
static char *keymatexportlabel = NULL; |
226 |
|
|
static int keymatexportlen = 20; |
227 |
|
|
|
228 |
|
|
static const char *session_id_prefix = NULL; |
229 |
|
|
|
230 |
|
|
static int enable_timeouts = 0; |
231 |
|
|
static long socket_mtu; |
232 |
|
|
#ifndef OPENSSL_NO_DTLS1 |
233 |
|
|
static int cert_chain = 0; |
234 |
|
|
#endif |
235 |
|
|
|
236 |
|
|
|
237 |
|
|
|
238 |
|
|
|
239 |
|
|
static void |
240 |
|
|
s_server_init(void) |
241 |
|
|
{ |
242 |
|
|
accept_socket = -1; |
243 |
|
|
cipher = NULL; |
244 |
|
|
s_server_verify = SSL_VERIFY_NONE; |
245 |
|
|
s_dcert_file = NULL; |
246 |
|
|
s_dkey_file = NULL; |
247 |
|
|
s_cert_file = TEST_CERT; |
248 |
|
|
s_key_file = NULL; |
249 |
|
|
s_cert_file2 = TEST_CERT2; |
250 |
|
|
s_key_file2 = NULL; |
251 |
|
|
ctx2 = NULL; |
252 |
|
|
s_nbio = 0; |
253 |
|
|
s_nbio_test = 0; |
254 |
|
|
ctx = NULL; |
255 |
|
|
www = 0; |
256 |
|
|
|
257 |
|
|
bio_s_out = NULL; |
258 |
|
|
s_debug = 0; |
259 |
|
|
s_msg = 0; |
260 |
|
|
s_quiet = 0; |
261 |
|
|
} |
262 |
|
|
|
263 |
|
|
static void |
264 |
|
|
sv_usage(void) |
265 |
|
|
{ |
266 |
|
|
BIO_printf(bio_err, "usage: s_server [args ...]\n"); |
267 |
|
|
BIO_printf(bio_err, "\n"); |
268 |
|
|
BIO_printf(bio_err, " -accept arg - port to accept on (default is %d)\n", PORT); |
269 |
|
|
BIO_printf(bio_err, " -context arg - set session ID context\n"); |
270 |
|
|
BIO_printf(bio_err, " -verify arg - turn on peer certificate verification\n"); |
271 |
|
|
BIO_printf(bio_err, " -Verify arg - turn on peer certificate verification, must have a cert.\n"); |
272 |
|
|
BIO_printf(bio_err, " -cert arg - certificate file to use\n"); |
273 |
|
|
BIO_printf(bio_err, " (default is %s)\n", TEST_CERT); |
274 |
|
|
BIO_printf(bio_err, " -crl_check - check the peer certificate has not been revoked by its CA.\n" \ |
275 |
|
|
" The CRL(s) are appended to the certificate file\n"); |
276 |
|
|
BIO_printf(bio_err, " -crl_check_all - check the peer certificate has not been revoked by its CA\n" \ |
277 |
|
|
" or any other CRL in the CA chain. CRL(s) are appended to the\n" \ |
278 |
|
|
" the certificate file.\n"); |
279 |
|
|
BIO_printf(bio_err, " -certform arg - certificate format (PEM or DER) PEM default\n"); |
280 |
|
|
BIO_printf(bio_err, " -key arg - Private Key file to use, in cert file if\n"); |
281 |
|
|
BIO_printf(bio_err, " not specified (default is %s)\n", TEST_CERT); |
282 |
|
|
BIO_printf(bio_err, " -keyform arg - key format (PEM or DER) PEM default\n"); |
283 |
|
|
BIO_printf(bio_err, " -pass arg - private key file pass phrase source\n"); |
284 |
|
|
BIO_printf(bio_err, " -dcert arg - second certificate file to use (usually for DSA)\n"); |
285 |
|
|
BIO_printf(bio_err, " -dcertform x - second certificate format (PEM or DER) PEM default\n"); |
286 |
|
|
BIO_printf(bio_err, " -dkey arg - second private key file to use (usually for DSA)\n"); |
287 |
|
|
BIO_printf(bio_err, " -dkeyform arg - second key format (PEM or DER) PEM default\n"); |
288 |
|
|
BIO_printf(bio_err, " -dpass arg - second private key file pass phrase source\n"); |
289 |
|
|
BIO_printf(bio_err, " -dhparam arg - DH parameter file to use, in cert file if not specified\n"); |
290 |
|
|
BIO_printf(bio_err, " or a default set of parameters is used\n"); |
291 |
|
|
BIO_printf(bio_err, " -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ |
292 |
|
|
" Use \"openssl ecparam -list_curves\" for all names\n" \ |
293 |
|
|
" (default is nistp256).\n"); |
294 |
|
|
BIO_printf(bio_err, " -nbio - Run with non-blocking IO\n"); |
295 |
|
|
BIO_printf(bio_err, " -nbio_test - test with the non-blocking test bio\n"); |
296 |
|
|
BIO_printf(bio_err, " -crlf - convert LF from terminal into CRLF\n"); |
297 |
|
|
BIO_printf(bio_err, " -debug - Print more output\n"); |
298 |
|
|
BIO_printf(bio_err, " -msg - Show protocol messages\n"); |
299 |
|
|
BIO_printf(bio_err, " -state - Print the SSL states\n"); |
300 |
|
|
BIO_printf(bio_err, " -CApath arg - PEM format directory of CA's\n"); |
301 |
|
|
BIO_printf(bio_err, " -CAfile arg - PEM format file of CA's\n"); |
302 |
|
|
BIO_printf(bio_err, " -nocert - Don't use any certificates (Anon-DH)\n"); |
303 |
|
|
BIO_printf(bio_err, " -cipher arg - play with 'openssl ciphers' to see what goes here\n"); |
304 |
|
|
BIO_printf(bio_err, " -serverpref - Use server's cipher preferences\n"); |
305 |
|
|
BIO_printf(bio_err, " -quiet - Inhibit printing of session and certificate information\n"); |
306 |
|
|
BIO_printf(bio_err, " -tls1_2 - Just talk TLSv1.2\n"); |
307 |
|
|
BIO_printf(bio_err, " -tls1_1 - Just talk TLSv1.1\n"); |
308 |
|
|
BIO_printf(bio_err, " -tls1 - Just talk TLSv1\n"); |
309 |
|
|
BIO_printf(bio_err, " -dtls1 - Just talk DTLSv1\n"); |
310 |
|
|
BIO_printf(bio_err, " -timeout - Enable timeouts\n"); |
311 |
|
|
BIO_printf(bio_err, " -mtu - Set link layer MTU\n"); |
312 |
|
|
BIO_printf(bio_err, " -chain - Read a certificate chain\n"); |
313 |
|
|
BIO_printf(bio_err, " -no_ssl2 - Just disable SSLv2\n"); |
314 |
|
|
BIO_printf(bio_err, " -no_ssl3 - Just disable SSLv3\n"); |
315 |
|
|
BIO_printf(bio_err, " -no_tls1 - Just disable TLSv1\n"); |
316 |
|
|
BIO_printf(bio_err, " -no_tls1_1 - Just disable TLSv1.1\n"); |
317 |
|
|
BIO_printf(bio_err, " -no_tls1_2 - Just disable TLSv1.2\n"); |
318 |
|
|
#ifndef OPENSSL_NO_DH |
319 |
|
|
BIO_printf(bio_err, " -no_dhe - Disable ephemeral DH\n"); |
320 |
|
|
#endif |
321 |
|
|
BIO_printf(bio_err, " -no_ecdhe - Disable ephemeral ECDH\n"); |
322 |
|
|
BIO_printf(bio_err, " -bugs - Turn on SSL bug compatibility\n"); |
323 |
|
|
BIO_printf(bio_err, " -www - Respond to a 'GET /' with a status page\n"); |
324 |
|
|
BIO_printf(bio_err, " -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); |
325 |
|
|
BIO_printf(bio_err, " -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); |
326 |
|
|
BIO_printf(bio_err, " with the assumption it contains a complete HTTP response.\n"); |
327 |
|
|
BIO_printf(bio_err, " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); |
328 |
|
|
BIO_printf(bio_err, " -servername host - servername for HostName TLS extension\n"); |
329 |
|
|
BIO_printf(bio_err, " -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); |
330 |
|
|
BIO_printf(bio_err, " -cert2 arg - certificate file to use for servername\n"); |
331 |
|
|
BIO_printf(bio_err, " (default is %s)\n", TEST_CERT2); |
332 |
|
|
BIO_printf(bio_err, " -key2 arg - Private Key file to use for servername, in cert file if\n"); |
333 |
|
|
BIO_printf(bio_err, " not specified (default is %s)\n", TEST_CERT2); |
334 |
|
|
BIO_printf(bio_err, " -tlsextdebug - hex dump of all TLS extensions received\n"); |
335 |
|
|
BIO_printf(bio_err, " -no_ticket - disable use of RFC4507bis session tickets\n"); |
336 |
|
|
BIO_printf(bio_err, " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); |
337 |
|
|
BIO_printf(bio_err," -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n"); |
338 |
|
|
#ifndef OPENSSL_NO_SRTP |
339 |
|
|
BIO_printf(bio_err, " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); |
340 |
|
|
#endif |
341 |
|
|
BIO_printf(bio_err, " -keymatexport label - Export keying material using label\n"); |
342 |
|
|
BIO_printf(bio_err, " -keymatexportlen len - Export len bytes of keying material (default 20)\n"); |
343 |
|
|
} |
344 |
|
|
|
345 |
|
|
static int local_argc = 0; |
346 |
|
|
static char **local_argv; |
347 |
|
|
|
348 |
|
|
|
349 |
|
|
/* This is a context that we pass to callbacks */ |
350 |
|
|
typedef struct tlsextctx_st { |
351 |
|
|
char *servername; |
352 |
|
|
BIO *biodebug; |
353 |
|
|
int extension_error; |
354 |
|
|
} tlsextctx; |
355 |
|
|
|
356 |
|
|
|
357 |
|
|
static int |
358 |
|
|
ssl_servername_cb(SSL * s, int *ad, void *arg) |
359 |
|
|
{ |
360 |
|
|
tlsextctx *p = (tlsextctx *) arg; |
361 |
|
|
const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); |
362 |
|
|
if (servername && p->biodebug) |
363 |
|
|
BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n", servername); |
364 |
|
|
|
365 |
|
|
if (!p->servername) |
366 |
|
|
return SSL_TLSEXT_ERR_NOACK; |
367 |
|
|
|
368 |
|
|
if (servername) { |
369 |
|
|
if (strcmp(servername, p->servername)) |
370 |
|
|
return p->extension_error; |
371 |
|
|
if (ctx2) { |
372 |
|
|
BIO_printf(p->biodebug, "Switching server context.\n"); |
373 |
|
|
SSL_set_SSL_CTX(s, ctx2); |
374 |
|
|
} |
375 |
|
|
} |
376 |
|
|
return SSL_TLSEXT_ERR_OK; |
377 |
|
|
} |
378 |
|
|
|
379 |
|
|
/* Structure passed to cert status callback */ |
380 |
|
|
|
381 |
|
|
typedef struct tlsextstatusctx_st { |
382 |
|
|
/* Default responder to use */ |
383 |
|
|
char *host, *path, *port; |
384 |
|
|
int use_ssl; |
385 |
|
|
int timeout; |
386 |
|
|
BIO *err; |
387 |
|
|
int verbose; |
388 |
|
|
} tlsextstatusctx; |
389 |
|
|
|
390 |
|
|
static tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0}; |
391 |
|
|
|
392 |
|
|
/* Certificate Status callback. This is called when a client includes a |
393 |
|
|
* certificate status request extension. |
394 |
|
|
* |
395 |
|
|
* This is a simplified version. It examines certificates each time and |
396 |
|
|
* makes one OCSP responder query for each request. |
397 |
|
|
* |
398 |
|
|
* A full version would store details such as the OCSP certificate IDs and |
399 |
|
|
* minimise the number of OCSP responses by caching them until they were |
400 |
|
|
* considered "expired". |
401 |
|
|
*/ |
402 |
|
|
|
403 |
|
|
static int |
404 |
|
|
cert_status_cb(SSL * s, void *arg) |
405 |
|
|
{ |
406 |
|
|
tlsextstatusctx *srctx = arg; |
407 |
|
|
BIO *err = srctx->err; |
408 |
|
|
char *host, *port, *path; |
409 |
|
|
int use_ssl; |
410 |
|
|
unsigned char *rspder = NULL; |
411 |
|
|
int rspderlen; |
412 |
|
|
STACK_OF(OPENSSL_STRING) * aia = NULL; |
413 |
|
|
X509 *x = NULL; |
414 |
|
|
X509_STORE_CTX inctx; |
415 |
|
|
X509_OBJECT obj; |
416 |
|
|
OCSP_REQUEST *req = NULL; |
417 |
|
|
OCSP_RESPONSE *resp = NULL; |
418 |
|
|
OCSP_CERTID *id = NULL; |
419 |
|
|
STACK_OF(X509_EXTENSION) * exts; |
420 |
|
|
int ret = SSL_TLSEXT_ERR_NOACK; |
421 |
|
|
int i; |
422 |
|
|
|
423 |
|
|
if (srctx->verbose) |
424 |
|
|
BIO_puts(err, "cert_status: callback called\n"); |
425 |
|
|
/* Build up OCSP query from server certificate */ |
426 |
|
|
x = SSL_get_certificate(s); |
427 |
|
|
aia = X509_get1_ocsp(x); |
428 |
|
|
if (aia) { |
429 |
|
|
if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), |
430 |
|
|
&host, &port, &path, &use_ssl)) { |
431 |
|
|
BIO_puts(err, "cert_status: can't parse AIA URL\n"); |
432 |
|
|
goto err; |
433 |
|
|
} |
434 |
|
|
if (srctx->verbose) |
435 |
|
|
BIO_printf(err, "cert_status: AIA URL: %s\n", |
436 |
|
|
sk_OPENSSL_STRING_value(aia, 0)); |
437 |
|
|
} else { |
438 |
|
|
if (!srctx->host) { |
439 |
|
|
BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n"); |
440 |
|
|
goto done; |
441 |
|
|
} |
442 |
|
|
host = srctx->host; |
443 |
|
|
path = srctx->path; |
444 |
|
|
port = srctx->port; |
445 |
|
|
use_ssl = srctx->use_ssl; |
446 |
|
|
} |
447 |
|
|
|
448 |
|
|
if (!X509_STORE_CTX_init(&inctx, |
449 |
|
|
SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)), |
450 |
|
|
NULL, NULL)) |
451 |
|
|
goto err; |
452 |
|
|
if (X509_STORE_get_by_subject(&inctx, X509_LU_X509, |
453 |
|
|
X509_get_issuer_name(x), &obj) <= 0) { |
454 |
|
|
BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n"); |
455 |
|
|
X509_STORE_CTX_cleanup(&inctx); |
456 |
|
|
goto done; |
457 |
|
|
} |
458 |
|
|
req = OCSP_REQUEST_new(); |
459 |
|
|
if (!req) |
460 |
|
|
goto err; |
461 |
|
|
id = OCSP_cert_to_id(NULL, x, obj.data.x509); |
462 |
|
|
X509_free(obj.data.x509); |
463 |
|
|
X509_STORE_CTX_cleanup(&inctx); |
464 |
|
|
if (!id) |
465 |
|
|
goto err; |
466 |
|
|
if (!OCSP_request_add0_id(req, id)) |
467 |
|
|
goto err; |
468 |
|
|
id = NULL; |
469 |
|
|
/* Add any extensions to the request */ |
470 |
|
|
SSL_get_tlsext_status_exts(s, &exts); |
471 |
|
|
for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { |
472 |
|
|
X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); |
473 |
|
|
if (!OCSP_REQUEST_add_ext(req, ext, -1)) |
474 |
|
|
goto err; |
475 |
|
|
} |
476 |
|
|
resp = process_responder(err, req, host, path, port, use_ssl, NULL, |
477 |
|
|
srctx->timeout); |
478 |
|
|
if (!resp) { |
479 |
|
|
BIO_puts(err, "cert_status: error querying responder\n"); |
480 |
|
|
goto done; |
481 |
|
|
} |
482 |
|
|
rspderlen = i2d_OCSP_RESPONSE(resp, &rspder); |
483 |
|
|
if (rspderlen <= 0) |
484 |
|
|
goto err; |
485 |
|
|
SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen); |
486 |
|
|
if (srctx->verbose) { |
487 |
|
|
BIO_puts(err, "cert_status: ocsp response sent:\n"); |
488 |
|
|
OCSP_RESPONSE_print(err, resp, 2); |
489 |
|
|
} |
490 |
|
|
ret = SSL_TLSEXT_ERR_OK; |
491 |
|
|
done: |
492 |
|
|
if (ret != SSL_TLSEXT_ERR_OK) |
493 |
|
|
ERR_print_errors(err); |
494 |
|
|
if (aia) { |
495 |
|
|
free(host); |
496 |
|
|
free(path); |
497 |
|
|
free(port); |
498 |
|
|
X509_email_free(aia); |
499 |
|
|
} |
500 |
|
|
if (id) |
501 |
|
|
OCSP_CERTID_free(id); |
502 |
|
|
if (req) |
503 |
|
|
OCSP_REQUEST_free(req); |
504 |
|
|
if (resp) |
505 |
|
|
OCSP_RESPONSE_free(resp); |
506 |
|
|
return ret; |
507 |
|
|
err: |
508 |
|
|
ret = SSL_TLSEXT_ERR_ALERT_FATAL; |
509 |
|
|
goto done; |
510 |
|
|
} |
511 |
|
|
|
512 |
|
|
/* This is the context that we pass to next_proto_cb */ |
513 |
|
|
typedef struct tlsextnextprotoctx_st { |
514 |
|
|
unsigned char *data; |
515 |
|
|
unsigned int len; |
516 |
|
|
} tlsextnextprotoctx; |
517 |
|
|
|
518 |
|
|
static int |
519 |
|
|
next_proto_cb(SSL * s, const unsigned char **data, unsigned int *len, void *arg) |
520 |
|
|
{ |
521 |
|
|
tlsextnextprotoctx *next_proto = arg; |
522 |
|
|
|
523 |
|
|
*data = next_proto->data; |
524 |
|
|
*len = next_proto->len; |
525 |
|
|
|
526 |
|
|
return SSL_TLSEXT_ERR_OK; |
527 |
|
|
} |
528 |
|
|
|
529 |
|
|
|
530 |
|
|
/* This the context that we pass to alpn_cb */ |
531 |
|
|
typedef struct tlsextalpnctx_st { |
532 |
|
|
unsigned char *data; |
533 |
|
|
unsigned short len; |
534 |
|
|
} tlsextalpnctx; |
535 |
|
|
|
536 |
|
|
static int |
537 |
|
|
alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen, |
538 |
|
|
const unsigned char *in, unsigned int inlen, void *arg) |
539 |
|
|
{ |
540 |
|
|
tlsextalpnctx *alpn_ctx = arg; |
541 |
|
|
|
542 |
|
|
if (!s_quiet) { |
543 |
|
|
/* We can assume that in is syntactically valid. */ |
544 |
|
|
unsigned i; |
545 |
|
|
|
546 |
|
|
BIO_printf(bio_s_out, |
547 |
|
|
"ALPN protocols advertised by the client: "); |
548 |
|
|
for (i = 0; i < inlen; ) { |
549 |
|
|
if (i) |
550 |
|
|
BIO_write(bio_s_out, ", ", 2); |
551 |
|
|
BIO_write(bio_s_out, &in[i + 1], in[i]); |
552 |
|
|
i += in[i] + 1; |
553 |
|
|
} |
554 |
|
|
BIO_write(bio_s_out, "\n", 1); |
555 |
|
|
} |
556 |
|
|
|
557 |
|
|
if (SSL_select_next_proto((unsigned char**)out, outlen, alpn_ctx->data, |
558 |
|
|
alpn_ctx->len, in, inlen) != OPENSSL_NPN_NEGOTIATED) |
559 |
|
|
return (SSL_TLSEXT_ERR_NOACK); |
560 |
|
|
|
561 |
|
|
if (!s_quiet) { |
562 |
|
|
BIO_printf(bio_s_out, "ALPN protocols selected: "); |
563 |
|
|
BIO_write(bio_s_out, *out, *outlen); |
564 |
|
|
BIO_write(bio_s_out, "\n", 1); |
565 |
|
|
} |
566 |
|
|
|
567 |
|
|
return (SSL_TLSEXT_ERR_OK); |
568 |
|
|
} |
569 |
|
|
|
570 |
|
|
#ifndef OPENSSL_NO_SRTP |
571 |
|
|
static char *srtp_profiles = NULL; |
572 |
|
|
#endif |
573 |
|
|
|
574 |
|
|
int |
575 |
|
|
s_server_main(int argc, char *argv[]) |
576 |
|
|
{ |
577 |
|
|
X509_VERIFY_PARAM *vpm = NULL; |
578 |
|
|
int badarg = 0; |
579 |
|
|
short port = PORT; |
580 |
|
|
char *CApath = NULL, *CAfile = NULL; |
581 |
|
|
unsigned char *context = NULL; |
582 |
|
|
char *dhfile = NULL; |
583 |
|
|
char *named_curve = NULL; |
584 |
|
|
int badop = 0, bugs = 0; |
585 |
|
|
int ret = 1; |
586 |
|
|
int off = 0; |
587 |
|
|
int no_dhe = 0, no_ecdhe = 0, nocert = 0; |
588 |
|
|
int state = 0; |
589 |
|
|
const SSL_METHOD *meth = NULL; |
590 |
|
|
int socket_type = SOCK_STREAM; |
591 |
|
|
int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; |
592 |
|
|
char *passarg = NULL, *pass = NULL; |
593 |
|
|
char *dpassarg = NULL, *dpass = NULL; |
594 |
|
|
int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM; |
595 |
|
|
X509 *s_cert = NULL, *s_dcert = NULL; |
596 |
|
|
EVP_PKEY *s_key = NULL, *s_dkey = NULL; |
597 |
|
|
int no_cache = 0; |
598 |
|
|
const char *errstr = NULL; |
599 |
|
|
EVP_PKEY *s_key2 = NULL; |
600 |
|
|
X509 *s_cert2 = NULL; |
601 |
|
|
tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; |
602 |
|
|
const char *next_proto_neg_in = NULL; |
603 |
|
|
tlsextnextprotoctx next_proto = { NULL, 0 }; |
604 |
|
|
const char *alpn_in = NULL; |
605 |
|
|
tlsextalpnctx alpn_ctx = { NULL, 0 }; |
606 |
|
|
|
607 |
|
|
if (single_execution) { |
608 |
|
|
if (pledge("stdio inet dns rpath tty wpath cpath", NULL) == -1) { |
609 |
|
|
perror("pledge"); |
610 |
|
|
exit(1); |
611 |
|
|
} |
612 |
|
|
} |
613 |
|
|
|
614 |
|
|
meth = SSLv23_server_method(); |
615 |
|
|
|
616 |
|
|
local_argc = argc; |
617 |
|
|
local_argv = argv; |
618 |
|
|
|
619 |
|
|
s_server_init(); |
620 |
|
|
|
621 |
|
|
verify_depth = 0; |
622 |
|
|
s_nbio = 0; |
623 |
|
|
s_nbio_test = 0; |
624 |
|
|
|
625 |
|
|
argc--; |
626 |
|
|
argv++; |
627 |
|
|
|
628 |
|
|
while (argc >= 1) { |
629 |
|
|
if ((strcmp(*argv, "-port") == 0) || |
630 |
|
|
(strcmp(*argv, "-accept") == 0)) { |
631 |
|
|
if (--argc < 1) |
632 |
|
|
goto bad; |
633 |
|
|
if (!extract_port(*(++argv), &port)) |
634 |
|
|
goto bad; |
635 |
|
|
} else if (strcmp(*argv, "-verify") == 0) { |
636 |
|
|
s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE; |
637 |
|
|
if (--argc < 1) |
638 |
|
|
goto bad; |
639 |
|
|
verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr); |
640 |
|
|
if (errstr) |
641 |
|
|
goto bad; |
642 |
|
|
BIO_printf(bio_err, "verify depth is %d\n", verify_depth); |
643 |
|
|
} else if (strcmp(*argv, "-Verify") == 0) { |
644 |
|
|
s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT | |
645 |
|
|
SSL_VERIFY_CLIENT_ONCE; |
646 |
|
|
if (--argc < 1) |
647 |
|
|
goto bad; |
648 |
|
|
verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr); |
649 |
|
|
if (errstr) |
650 |
|
|
goto bad; |
651 |
|
|
BIO_printf(bio_err, "verify depth is %d, must return a certificate\n", verify_depth); |
652 |
|
|
} else if (strcmp(*argv, "-context") == 0) { |
653 |
|
|
if (--argc < 1) |
654 |
|
|
goto bad; |
655 |
|
|
context = (unsigned char *) *(++argv); |
656 |
|
|
} else if (strcmp(*argv, "-cert") == 0) { |
657 |
|
|
if (--argc < 1) |
658 |
|
|
goto bad; |
659 |
|
|
s_cert_file = *(++argv); |
660 |
|
|
} else if (strcmp(*argv, "-certform") == 0) { |
661 |
|
|
if (--argc < 1) |
662 |
|
|
goto bad; |
663 |
|
|
s_cert_format = str2fmt(*(++argv)); |
664 |
|
|
} else if (strcmp(*argv, "-key") == 0) { |
665 |
|
|
if (--argc < 1) |
666 |
|
|
goto bad; |
667 |
|
|
s_key_file = *(++argv); |
668 |
|
|
} else if (strcmp(*argv, "-keyform") == 0) { |
669 |
|
|
if (--argc < 1) |
670 |
|
|
goto bad; |
671 |
|
|
s_key_format = str2fmt(*(++argv)); |
672 |
|
|
} else if (strcmp(*argv, "-pass") == 0) { |
673 |
|
|
if (--argc < 1) |
674 |
|
|
goto bad; |
675 |
|
|
passarg = *(++argv); |
676 |
|
|
} else if (strcmp(*argv, "-dhparam") == 0) { |
677 |
|
|
if (--argc < 1) |
678 |
|
|
goto bad; |
679 |
|
|
dhfile = *(++argv); |
680 |
|
|
} |
681 |
|
|
else if (strcmp(*argv, "-named_curve") == 0) { |
682 |
|
|
if (--argc < 1) |
683 |
|
|
goto bad; |
684 |
|
|
named_curve = *(++argv); |
685 |
|
|
} |
686 |
|
|
else if (strcmp(*argv, "-dcertform") == 0) { |
687 |
|
|
if (--argc < 1) |
688 |
|
|
goto bad; |
689 |
|
|
s_dcert_format = str2fmt(*(++argv)); |
690 |
|
|
} else if (strcmp(*argv, "-dcert") == 0) { |
691 |
|
|
if (--argc < 1) |
692 |
|
|
goto bad; |
693 |
|
|
s_dcert_file = *(++argv); |
694 |
|
|
} else if (strcmp(*argv, "-dkeyform") == 0) { |
695 |
|
|
if (--argc < 1) |
696 |
|
|
goto bad; |
697 |
|
|
s_dkey_format = str2fmt(*(++argv)); |
698 |
|
|
} else if (strcmp(*argv, "-dpass") == 0) { |
699 |
|
|
if (--argc < 1) |
700 |
|
|
goto bad; |
701 |
|
|
dpassarg = *(++argv); |
702 |
|
|
} else if (strcmp(*argv, "-dkey") == 0) { |
703 |
|
|
if (--argc < 1) |
704 |
|
|
goto bad; |
705 |
|
|
s_dkey_file = *(++argv); |
706 |
|
|
} else if (strcmp(*argv, "-nocert") == 0) { |
707 |
|
|
nocert = 1; |
708 |
|
|
} else if (strcmp(*argv, "-CApath") == 0) { |
709 |
|
|
if (--argc < 1) |
710 |
|
|
goto bad; |
711 |
|
|
CApath = *(++argv); |
712 |
|
|
} else if (strcmp(*argv, "-no_cache") == 0) |
713 |
|
|
no_cache = 1; |
714 |
|
|
else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) { |
715 |
|
|
if (badarg) |
716 |
|
|
goto bad; |
717 |
|
|
continue; |
718 |
|
|
} else if (strcmp(*argv, "-verify_return_error") == 0) |
719 |
|
|
verify_return_error = 1; |
720 |
|
|
else if (strcmp(*argv, "-serverpref") == 0) { |
721 |
|
|
off |= SSL_OP_CIPHER_SERVER_PREFERENCE; |
722 |
|
|
} else if (strcmp(*argv, "-legacy_renegotiation") == 0) |
723 |
|
|
; /* no-op */ |
724 |
|
|
else if (strcmp(*argv, "-cipher") == 0) { |
725 |
|
|
if (--argc < 1) |
726 |
|
|
goto bad; |
727 |
|
|
cipher = *(++argv); |
728 |
|
|
} else if (strcmp(*argv, "-CAfile") == 0) { |
729 |
|
|
if (--argc < 1) |
730 |
|
|
goto bad; |
731 |
|
|
CAfile = *(++argv); |
732 |
|
|
} |
733 |
|
|
else if (strcmp(*argv, "-nbio") == 0) { |
734 |
|
|
s_nbio = 1; |
735 |
|
|
} |
736 |
|
|
else if (strcmp(*argv, "-nbio_test") == 0) { |
737 |
|
|
s_nbio = 1; |
738 |
|
|
s_nbio_test = 1; |
739 |
|
|
} else if (strcmp(*argv, "-debug") == 0) { |
740 |
|
|
s_debug = 1; |
741 |
|
|
} |
742 |
|
|
else if (strcmp(*argv, "-tlsextdebug") == 0) |
743 |
|
|
s_tlsextdebug = 1; |
744 |
|
|
else if (strcmp(*argv, "-status") == 0) |
745 |
|
|
s_tlsextstatus = 1; |
746 |
|
|
else if (strcmp(*argv, "-status_verbose") == 0) { |
747 |
|
|
s_tlsextstatus = 1; |
748 |
|
|
tlscstatp.verbose = 1; |
749 |
|
|
} else if (!strcmp(*argv, "-status_timeout")) { |
750 |
|
|
s_tlsextstatus = 1; |
751 |
|
|
if (--argc < 1) |
752 |
|
|
goto bad; |
753 |
|
|
tlscstatp.timeout = strtonum(*(++argv), 0, INT_MAX, &errstr); |
754 |
|
|
if (errstr) |
755 |
|
|
goto bad; |
756 |
|
|
} else if (!strcmp(*argv, "-status_url")) { |
757 |
|
|
s_tlsextstatus = 1; |
758 |
|
|
if (--argc < 1) |
759 |
|
|
goto bad; |
760 |
|
|
if (!OCSP_parse_url(*(++argv), |
761 |
|
|
&tlscstatp.host, |
762 |
|
|
&tlscstatp.port, |
763 |
|
|
&tlscstatp.path, |
764 |
|
|
&tlscstatp.use_ssl)) { |
765 |
|
|
BIO_printf(bio_err, "Error parsing URL\n"); |
766 |
|
|
goto bad; |
767 |
|
|
} |
768 |
|
|
} |
769 |
|
|
else if (strcmp(*argv, "-msg") == 0) { |
770 |
|
|
s_msg = 1; |
771 |
|
|
} else if (strcmp(*argv, "-state") == 0) { |
772 |
|
|
state = 1; |
773 |
|
|
} else if (strcmp(*argv, "-crlf") == 0) { |
774 |
|
|
s_crlf = 1; |
775 |
|
|
} else if (strcmp(*argv, "-quiet") == 0) { |
776 |
|
|
s_quiet = 1; |
777 |
|
|
} else if (strcmp(*argv, "-bugs") == 0) { |
778 |
|
|
bugs = 1; |
779 |
|
|
} else if (strcmp(*argv, "-no_tmp_rsa") == 0) { |
780 |
|
|
/* No-op. */ |
781 |
|
|
} else if (strcmp(*argv, "-no_dhe") == 0) { |
782 |
|
|
no_dhe = 1; |
783 |
|
|
} else if (strcmp(*argv, "-no_ecdhe") == 0) { |
784 |
|
|
no_ecdhe = 1; |
785 |
|
|
} else if (strcmp(*argv, "-www") == 0) { |
786 |
|
|
www = 1; |
787 |
|
|
} else if (strcmp(*argv, "-WWW") == 0) { |
788 |
|
|
www = 2; |
789 |
|
|
} else if (strcmp(*argv, "-HTTP") == 0) { |
790 |
|
|
www = 3; |
791 |
|
|
} else if (strcmp(*argv, "-no_ssl2") == 0) { |
792 |
|
|
off |= SSL_OP_NO_SSLv2; |
793 |
|
|
} else if (strcmp(*argv, "-no_ssl3") == 0) { |
794 |
|
|
off |= SSL_OP_NO_SSLv3; |
795 |
|
|
} else if (strcmp(*argv, "-no_tls1") == 0) { |
796 |
|
|
off |= SSL_OP_NO_TLSv1; |
797 |
|
|
} else if (strcmp(*argv, "-no_tls1_1") == 0) { |
798 |
|
|
off |= SSL_OP_NO_TLSv1_1; |
799 |
|
|
} else if (strcmp(*argv, "-no_tls1_2") == 0) { |
800 |
|
|
off |= SSL_OP_NO_TLSv1_2; |
801 |
|
|
} else if (strcmp(*argv, "-no_comp") == 0) { |
802 |
|
|
off |= SSL_OP_NO_COMPRESSION; |
803 |
|
|
} else if (strcmp(*argv, "-no_ticket") == 0) { |
804 |
|
|
off |= SSL_OP_NO_TICKET; |
805 |
|
|
} else if (strcmp(*argv, "-tls1") == 0) { |
806 |
|
|
meth = TLSv1_server_method(); |
807 |
|
|
} else if (strcmp(*argv, "-tls1_1") == 0) { |
808 |
|
|
meth = TLSv1_1_server_method(); |
809 |
|
|
} else if (strcmp(*argv, "-tls1_2") == 0) { |
810 |
|
|
meth = TLSv1_2_server_method(); |
811 |
|
|
} |
812 |
|
|
#ifndef OPENSSL_NO_DTLS1 |
813 |
|
|
else if (strcmp(*argv, "-dtls1") == 0) { |
814 |
|
|
meth = DTLSv1_server_method(); |
815 |
|
|
socket_type = SOCK_DGRAM; |
816 |
|
|
} else if (strcmp(*argv, "-timeout") == 0) |
817 |
|
|
enable_timeouts = 1; |
818 |
|
|
else if (strcmp(*argv, "-mtu") == 0) { |
819 |
|
|
if (--argc < 1) |
820 |
|
|
goto bad; |
821 |
|
|
socket_mtu = strtonum(*(++argv), 0, LONG_MAX, &errstr); |
822 |
|
|
if (errstr) |
823 |
|
|
goto bad; |
824 |
|
|
} else if (strcmp(*argv, "-chain") == 0) |
825 |
|
|
cert_chain = 1; |
826 |
|
|
#endif |
827 |
|
|
else if (strcmp(*argv, "-id_prefix") == 0) { |
828 |
|
|
if (--argc < 1) |
829 |
|
|
goto bad; |
830 |
|
|
session_id_prefix = *(++argv); |
831 |
|
|
} |
832 |
|
|
else if (strcmp(*argv, "-servername") == 0) { |
833 |
|
|
if (--argc < 1) |
834 |
|
|
goto bad; |
835 |
|
|
tlsextcbp.servername = *(++argv); |
836 |
|
|
} else if (strcmp(*argv, "-servername_fatal") == 0) { |
837 |
|
|
tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; |
838 |
|
|
} else if (strcmp(*argv, "-cert2") == 0) { |
839 |
|
|
if (--argc < 1) |
840 |
|
|
goto bad; |
841 |
|
|
s_cert_file2 = *(++argv); |
842 |
|
|
} else if (strcmp(*argv, "-key2") == 0) { |
843 |
|
|
if (--argc < 1) |
844 |
|
|
goto bad; |
845 |
|
|
s_key_file2 = *(++argv); |
846 |
|
|
} |
847 |
|
|
else if (strcmp(*argv, "-nextprotoneg") == 0) { |
848 |
|
|
if (--argc < 1) |
849 |
|
|
goto bad; |
850 |
|
|
next_proto_neg_in = *(++argv); |
851 |
|
|
} |
852 |
|
|
else if (strcmp(*argv,"-alpn") == 0) { |
853 |
|
|
if (--argc < 1) |
854 |
|
|
goto bad; |
855 |
|
|
alpn_in = *(++argv); |
856 |
|
|
} |
857 |
|
|
#ifndef OPENSSL_NO_SRTP |
858 |
|
|
else if (strcmp(*argv, "-use_srtp") == 0) { |
859 |
|
|
if (--argc < 1) |
860 |
|
|
goto bad; |
861 |
|
|
srtp_profiles = *(++argv); |
862 |
|
|
} |
863 |
|
|
#endif |
864 |
|
|
else if (strcmp(*argv, "-keymatexport") == 0) { |
865 |
|
|
if (--argc < 1) |
866 |
|
|
goto bad; |
867 |
|
|
keymatexportlabel = *(++argv); |
868 |
|
|
} else if (strcmp(*argv, "-keymatexportlen") == 0) { |
869 |
|
|
if (--argc < 1) |
870 |
|
|
goto bad; |
871 |
|
|
keymatexportlen = strtonum(*(++argv), 1, INT_MAX, &errstr); |
872 |
|
|
if (errstr) |
873 |
|
|
goto bad; |
874 |
|
|
} else { |
875 |
|
|
BIO_printf(bio_err, "unknown option %s\n", *argv); |
876 |
|
|
badop = 1; |
877 |
|
|
break; |
878 |
|
|
} |
879 |
|
|
argc--; |
880 |
|
|
argv++; |
881 |
|
|
} |
882 |
|
|
if (badop) { |
883 |
|
|
bad: |
884 |
|
|
if (errstr) |
885 |
|
|
BIO_printf(bio_err, "invalid argument %s: %s\n", |
886 |
|
|
*argv, errstr); |
887 |
|
|
else |
888 |
|
|
sv_usage(); |
889 |
|
|
goto end; |
890 |
|
|
} |
891 |
|
|
|
892 |
|
|
if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) { |
893 |
|
|
BIO_printf(bio_err, "Error getting password\n"); |
894 |
|
|
goto end; |
895 |
|
|
} |
896 |
|
|
if (s_key_file == NULL) |
897 |
|
|
s_key_file = s_cert_file; |
898 |
|
|
if (s_key_file2 == NULL) |
899 |
|
|
s_key_file2 = s_cert_file2; |
900 |
|
|
|
901 |
|
|
if (nocert == 0) { |
902 |
|
|
s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, |
903 |
|
|
"server certificate private key file"); |
904 |
|
|
if (!s_key) { |
905 |
|
|
ERR_print_errors(bio_err); |
906 |
|
|
goto end; |
907 |
|
|
} |
908 |
|
|
s_cert = load_cert(bio_err, s_cert_file, s_cert_format, |
909 |
|
|
NULL, "server certificate file"); |
910 |
|
|
|
911 |
|
|
if (!s_cert) { |
912 |
|
|
ERR_print_errors(bio_err); |
913 |
|
|
goto end; |
914 |
|
|
} |
915 |
|
|
if (tlsextcbp.servername) { |
916 |
|
|
s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, |
917 |
|
|
"second server certificate private key file"); |
918 |
|
|
if (!s_key2) { |
919 |
|
|
ERR_print_errors(bio_err); |
920 |
|
|
goto end; |
921 |
|
|
} |
922 |
|
|
s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format, |
923 |
|
|
NULL, "second server certificate file"); |
924 |
|
|
|
925 |
|
|
if (!s_cert2) { |
926 |
|
|
ERR_print_errors(bio_err); |
927 |
|
|
goto end; |
928 |
|
|
} |
929 |
|
|
} |
930 |
|
|
} |
931 |
|
|
if (next_proto_neg_in) { |
932 |
|
|
unsigned short len; |
933 |
|
|
next_proto.data = next_protos_parse(&len, next_proto_neg_in); |
934 |
|
|
if (next_proto.data == NULL) |
935 |
|
|
goto end; |
936 |
|
|
next_proto.len = len; |
937 |
|
|
} else { |
938 |
|
|
next_proto.data = NULL; |
939 |
|
|
} |
940 |
|
|
alpn_ctx.data = NULL; |
941 |
|
|
if (alpn_in) { |
942 |
|
|
unsigned short len; |
943 |
|
|
alpn_ctx.data = next_protos_parse(&len, alpn_in); |
944 |
|
|
if (alpn_ctx.data == NULL) |
945 |
|
|
goto end; |
946 |
|
|
alpn_ctx.len = len; |
947 |
|
|
} |
948 |
|
|
|
949 |
|
|
if (s_dcert_file) { |
950 |
|
|
|
951 |
|
|
if (s_dkey_file == NULL) |
952 |
|
|
s_dkey_file = s_dcert_file; |
953 |
|
|
|
954 |
|
|
s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format, |
955 |
|
|
0, dpass, "second certificate private key file"); |
956 |
|
|
if (!s_dkey) { |
957 |
|
|
ERR_print_errors(bio_err); |
958 |
|
|
goto end; |
959 |
|
|
} |
960 |
|
|
s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format, |
961 |
|
|
NULL, "second server certificate file"); |
962 |
|
|
|
963 |
|
|
if (!s_dcert) { |
964 |
|
|
ERR_print_errors(bio_err); |
965 |
|
|
goto end; |
966 |
|
|
} |
967 |
|
|
} |
968 |
|
|
if (bio_s_out == NULL) { |
969 |
|
|
if (s_quiet && !s_debug && !s_msg) { |
970 |
|
|
bio_s_out = BIO_new(BIO_s_null()); |
971 |
|
|
} else { |
972 |
|
|
if (bio_s_out == NULL) |
973 |
|
|
bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE); |
974 |
|
|
} |
975 |
|
|
} |
976 |
|
|
if (nocert) { |
977 |
|
|
s_cert_file = NULL; |
978 |
|
|
s_key_file = NULL; |
979 |
|
|
s_dcert_file = NULL; |
980 |
|
|
s_dkey_file = NULL; |
981 |
|
|
s_cert_file2 = NULL; |
982 |
|
|
s_key_file2 = NULL; |
983 |
|
|
} |
984 |
|
|
ctx = SSL_CTX_new(meth); |
985 |
|
|
if (ctx == NULL) { |
986 |
|
|
ERR_print_errors(bio_err); |
987 |
|
|
goto end; |
988 |
|
|
} |
989 |
|
|
if (session_id_prefix) { |
990 |
|
|
if (strlen(session_id_prefix) >= 32) |
991 |
|
|
BIO_printf(bio_err, |
992 |
|
|
"warning: id_prefix is too long, only one new session will be possible\n"); |
993 |
|
|
else if (strlen(session_id_prefix) >= 16) |
994 |
|
|
BIO_printf(bio_err, |
995 |
|
|
"warning: id_prefix is too long if you use SSLv2\n"); |
996 |
|
|
if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) { |
997 |
|
|
BIO_printf(bio_err, "error setting 'id_prefix'\n"); |
998 |
|
|
ERR_print_errors(bio_err); |
999 |
|
|
goto end; |
1000 |
|
|
} |
1001 |
|
|
BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix); |
1002 |
|
|
} |
1003 |
|
|
SSL_CTX_set_quiet_shutdown(ctx, 1); |
1004 |
|
|
if (bugs) |
1005 |
|
|
SSL_CTX_set_options(ctx, SSL_OP_ALL); |
1006 |
|
|
SSL_CTX_set_options(ctx, off); |
1007 |
|
|
/* |
1008 |
|
|
* DTLS: partial reads end up discarding unread UDP bytes :-( Setting |
1009 |
|
|
* read ahead solves this problem. |
1010 |
|
|
*/ |
1011 |
|
|
if (socket_type == SOCK_DGRAM) |
1012 |
|
|
SSL_CTX_set_read_ahead(ctx, 1); |
1013 |
|
|
|
1014 |
|
|
if (state) |
1015 |
|
|
SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback); |
1016 |
|
|
if (no_cache) |
1017 |
|
|
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); |
1018 |
|
|
else |
1019 |
|
|
SSL_CTX_sess_set_cache_size(ctx, 128); |
1020 |
|
|
|
1021 |
|
|
#ifndef OPENSSL_NO_SRTP |
1022 |
|
|
if (srtp_profiles != NULL) |
1023 |
|
|
SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); |
1024 |
|
|
#endif |
1025 |
|
|
|
1026 |
|
|
|
1027 |
|
|
if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) || |
1028 |
|
|
(!SSL_CTX_set_default_verify_paths(ctx))) { |
1029 |
|
|
/* BIO_printf(bio_err,"X509_load_verify_locations\n"); */ |
1030 |
|
|
ERR_print_errors(bio_err); |
1031 |
|
|
/* goto end; */ |
1032 |
|
|
} |
1033 |
|
|
if (vpm) |
1034 |
|
|
SSL_CTX_set1_param(ctx, vpm); |
1035 |
|
|
|
1036 |
|
|
if (s_cert2) { |
1037 |
|
|
ctx2 = SSL_CTX_new(meth); |
1038 |
|
|
if (ctx2 == NULL) { |
1039 |
|
|
ERR_print_errors(bio_err); |
1040 |
|
|
goto end; |
1041 |
|
|
} |
1042 |
|
|
} |
1043 |
|
|
if (ctx2) { |
1044 |
|
|
BIO_printf(bio_s_out, "Setting secondary ctx parameters\n"); |
1045 |
|
|
|
1046 |
|
|
if (session_id_prefix) { |
1047 |
|
|
if (strlen(session_id_prefix) >= 32) |
1048 |
|
|
BIO_printf(bio_err, |
1049 |
|
|
"warning: id_prefix is too long, only one new session will be possible\n"); |
1050 |
|
|
else if (strlen(session_id_prefix) >= 16) |
1051 |
|
|
BIO_printf(bio_err, |
1052 |
|
|
"warning: id_prefix is too long if you use SSLv2\n"); |
1053 |
|
|
if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) { |
1054 |
|
|
BIO_printf(bio_err, "error setting 'id_prefix'\n"); |
1055 |
|
|
ERR_print_errors(bio_err); |
1056 |
|
|
goto end; |
1057 |
|
|
} |
1058 |
|
|
BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix); |
1059 |
|
|
} |
1060 |
|
|
SSL_CTX_set_quiet_shutdown(ctx2, 1); |
1061 |
|
|
if (bugs) |
1062 |
|
|
SSL_CTX_set_options(ctx2, SSL_OP_ALL); |
1063 |
|
|
SSL_CTX_set_options(ctx2, off); |
1064 |
|
|
/* |
1065 |
|
|
* DTLS: partial reads end up discarding unread UDP bytes :-( |
1066 |
|
|
* Setting read ahead solves this problem. |
1067 |
|
|
*/ |
1068 |
|
|
if (socket_type == SOCK_DGRAM) |
1069 |
|
|
SSL_CTX_set_read_ahead(ctx2, 1); |
1070 |
|
|
|
1071 |
|
|
if (state) |
1072 |
|
|
SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback); |
1073 |
|
|
|
1074 |
|
|
if (no_cache) |
1075 |
|
|
SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF); |
1076 |
|
|
else |
1077 |
|
|
SSL_CTX_sess_set_cache_size(ctx2, 128); |
1078 |
|
|
|
1079 |
|
|
if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) || |
1080 |
|
|
(!SSL_CTX_set_default_verify_paths(ctx2))) { |
1081 |
|
|
ERR_print_errors(bio_err); |
1082 |
|
|
} |
1083 |
|
|
if (vpm) |
1084 |
|
|
SSL_CTX_set1_param(ctx2, vpm); |
1085 |
|
|
} |
1086 |
|
|
if (next_proto.data) |
1087 |
|
|
SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto); |
1088 |
|
|
if (alpn_ctx.data) |
1089 |
|
|
SSL_CTX_set_alpn_select_cb(ctx, alpn_cb, &alpn_ctx); |
1090 |
|
|
|
1091 |
|
|
#ifndef OPENSSL_NO_DH |
1092 |
|
|
if (!no_dhe) { |
1093 |
|
|
DH *dh = NULL; |
1094 |
|
|
|
1095 |
|
|
if (dhfile) |
1096 |
|
|
dh = load_dh_param(dhfile); |
1097 |
|
|
else if (s_cert_file) |
1098 |
|
|
dh = load_dh_param(s_cert_file); |
1099 |
|
|
|
1100 |
|
|
if (dh != NULL) |
1101 |
|
|
BIO_printf(bio_s_out, "Setting temp DH parameters\n"); |
1102 |
|
|
else |
1103 |
|
|
BIO_printf(bio_s_out, "Using auto DH parameters\n"); |
1104 |
|
|
(void) BIO_flush(bio_s_out); |
1105 |
|
|
|
1106 |
|
|
if (dh == NULL) |
1107 |
|
|
SSL_CTX_set_dh_auto(ctx, 1); |
1108 |
|
|
else if (!SSL_CTX_set_tmp_dh(ctx, dh)) { |
1109 |
|
|
BIO_printf(bio_err, |
1110 |
|
|
"Error setting temp DH parameters\n"); |
1111 |
|
|
ERR_print_errors(bio_err); |
1112 |
|
|
DH_free(dh); |
1113 |
|
|
goto end; |
1114 |
|
|
} |
1115 |
|
|
|
1116 |
|
|
if (ctx2) { |
1117 |
|
|
if (!dhfile) { |
1118 |
|
|
DH *dh2 = NULL; |
1119 |
|
|
|
1120 |
|
|
if (s_cert_file2 != NULL) |
1121 |
|
|
dh2 = load_dh_param(s_cert_file2); |
1122 |
|
|
if (dh2 != NULL) { |
1123 |
|
|
BIO_printf(bio_s_out, "Setting temp DH parameters\n"); |
1124 |
|
|
(void) BIO_flush(bio_s_out); |
1125 |
|
|
|
1126 |
|
|
DH_free(dh); |
1127 |
|
|
dh = dh2; |
1128 |
|
|
} |
1129 |
|
|
} |
1130 |
|
|
if (dh == NULL) |
1131 |
|
|
SSL_CTX_set_dh_auto(ctx2, 1); |
1132 |
|
|
else if (!SSL_CTX_set_tmp_dh(ctx2, dh)) { |
1133 |
|
|
BIO_printf(bio_err, |
1134 |
|
|
"Error setting temp DH parameters\n"); |
1135 |
|
|
ERR_print_errors(bio_err); |
1136 |
|
|
DH_free(dh); |
1137 |
|
|
goto end; |
1138 |
|
|
} |
1139 |
|
|
} |
1140 |
|
|
DH_free(dh); |
1141 |
|
|
} |
1142 |
|
|
#endif |
1143 |
|
|
|
1144 |
|
|
if (!no_ecdhe) { |
1145 |
|
|
EC_KEY *ecdh = NULL; |
1146 |
|
|
|
1147 |
|
|
if (named_curve) { |
1148 |
|
|
int nid = OBJ_sn2nid(named_curve); |
1149 |
|
|
|
1150 |
|
|
if (nid == 0) { |
1151 |
|
|
BIO_printf(bio_err, "unknown curve name (%s)\n", |
1152 |
|
|
named_curve); |
1153 |
|
|
goto end; |
1154 |
|
|
} |
1155 |
|
|
ecdh = EC_KEY_new_by_curve_name(nid); |
1156 |
|
|
if (ecdh == NULL) { |
1157 |
|
|
BIO_printf(bio_err, "unable to create curve (%s)\n", |
1158 |
|
|
named_curve); |
1159 |
|
|
goto end; |
1160 |
|
|
} |
1161 |
|
|
} |
1162 |
|
|
if (ecdh != NULL) { |
1163 |
|
|
BIO_printf(bio_s_out, "Setting temp ECDH parameters\n"); |
1164 |
|
|
} else { |
1165 |
|
|
BIO_printf(bio_s_out, "Using default temp ECDH parameters\n"); |
1166 |
|
|
ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); |
1167 |
|
|
if (ecdh == NULL) { |
1168 |
|
|
BIO_printf(bio_err, "unable to create curve (nistp256)\n"); |
1169 |
|
|
goto end; |
1170 |
|
|
} |
1171 |
|
|
} |
1172 |
|
|
(void) BIO_flush(bio_s_out); |
1173 |
|
|
|
1174 |
|
|
SSL_CTX_set_tmp_ecdh(ctx, ecdh); |
1175 |
|
|
if (ctx2) |
1176 |
|
|
SSL_CTX_set_tmp_ecdh(ctx2, ecdh); |
1177 |
|
|
EC_KEY_free(ecdh); |
1178 |
|
|
} |
1179 |
|
|
|
1180 |
|
|
if (!set_cert_key_stuff(ctx, s_cert, s_key)) |
1181 |
|
|
goto end; |
1182 |
|
|
if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2)) |
1183 |
|
|
goto end; |
1184 |
|
|
if (s_dcert != NULL) { |
1185 |
|
|
if (!set_cert_key_stuff(ctx, s_dcert, s_dkey)) |
1186 |
|
|
goto end; |
1187 |
|
|
} |
1188 |
|
|
|
1189 |
|
|
if (cipher != NULL) { |
1190 |
|
|
if (!SSL_CTX_set_cipher_list(ctx, cipher)) { |
1191 |
|
|
BIO_printf(bio_err, "error setting cipher list\n"); |
1192 |
|
|
ERR_print_errors(bio_err); |
1193 |
|
|
goto end; |
1194 |
|
|
} |
1195 |
|
|
if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, cipher)) { |
1196 |
|
|
BIO_printf(bio_err, "error setting cipher list\n"); |
1197 |
|
|
ERR_print_errors(bio_err); |
1198 |
|
|
goto end; |
1199 |
|
|
} |
1200 |
|
|
} |
1201 |
|
|
SSL_CTX_set_verify(ctx, s_server_verify, verify_callback); |
1202 |
|
|
SSL_CTX_set_session_id_context(ctx, (void *) &s_server_session_id_context, |
1203 |
|
|
sizeof s_server_session_id_context); |
1204 |
|
|
|
1205 |
|
|
/* Set DTLS cookie generation and verification callbacks */ |
1206 |
|
|
SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); |
1207 |
|
|
SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); |
1208 |
|
|
|
1209 |
|
|
if (ctx2) { |
1210 |
|
|
SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback); |
1211 |
|
|
SSL_CTX_set_session_id_context(ctx2, (void *) &s_server_session_id_context, |
1212 |
|
|
sizeof s_server_session_id_context); |
1213 |
|
|
|
1214 |
|
|
tlsextcbp.biodebug = bio_s_out; |
1215 |
|
|
SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb); |
1216 |
|
|
SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp); |
1217 |
|
|
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb); |
1218 |
|
|
SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp); |
1219 |
|
|
} |
1220 |
|
|
|
1221 |
|
|
if (CAfile != NULL) { |
1222 |
|
|
SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile)); |
1223 |
|
|
if (ctx2) |
1224 |
|
|
SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile)); |
1225 |
|
|
} |
1226 |
|
|
BIO_printf(bio_s_out, "ACCEPT\n"); |
1227 |
|
|
(void) BIO_flush(bio_s_out); |
1228 |
|
|
if (www) |
1229 |
|
|
do_server(port, socket_type, &accept_socket, www_body, context); |
1230 |
|
|
else |
1231 |
|
|
do_server(port, socket_type, &accept_socket, sv_body, context); |
1232 |
|
|
print_stats(bio_s_out, ctx); |
1233 |
|
|
ret = 0; |
1234 |
|
|
end: |
1235 |
|
|
if (ctx != NULL) |
1236 |
|
|
SSL_CTX_free(ctx); |
1237 |
|
|
if (s_cert) |
1238 |
|
|
X509_free(s_cert); |
1239 |
|
|
if (s_dcert) |
1240 |
|
|
X509_free(s_dcert); |
1241 |
|
|
if (s_key) |
1242 |
|
|
EVP_PKEY_free(s_key); |
1243 |
|
|
if (s_dkey) |
1244 |
|
|
EVP_PKEY_free(s_dkey); |
1245 |
|
|
free(pass); |
1246 |
|
|
free(dpass); |
1247 |
|
|
if (vpm) |
1248 |
|
|
X509_VERIFY_PARAM_free(vpm); |
1249 |
|
|
free(tlscstatp.host); |
1250 |
|
|
free(tlscstatp.port); |
1251 |
|
|
free(tlscstatp.path); |
1252 |
|
|
if (ctx2 != NULL) |
1253 |
|
|
SSL_CTX_free(ctx2); |
1254 |
|
|
if (s_cert2) |
1255 |
|
|
X509_free(s_cert2); |
1256 |
|
|
if (s_key2) |
1257 |
|
|
EVP_PKEY_free(s_key2); |
1258 |
|
|
free(next_proto.data); |
1259 |
|
|
free(alpn_ctx.data); |
1260 |
|
|
if (bio_s_out != NULL) { |
1261 |
|
|
BIO_free(bio_s_out); |
1262 |
|
|
bio_s_out = NULL; |
1263 |
|
|
} |
1264 |
|
|
|
1265 |
|
|
return (ret); |
1266 |
|
|
} |
1267 |
|
|
|
1268 |
|
|
static void |
1269 |
|
|
print_stats(BIO * bio, SSL_CTX * ssl_ctx) |
1270 |
|
|
{ |
1271 |
|
|
BIO_printf(bio, "%4ld items in the session cache\n", |
1272 |
|
|
SSL_CTX_sess_number(ssl_ctx)); |
1273 |
|
|
BIO_printf(bio, "%4ld client connects (SSL_connect())\n", |
1274 |
|
|
SSL_CTX_sess_connect(ssl_ctx)); |
1275 |
|
|
BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n", |
1276 |
|
|
SSL_CTX_sess_connect_renegotiate(ssl_ctx)); |
1277 |
|
|
BIO_printf(bio, "%4ld client connects that finished\n", |
1278 |
|
|
SSL_CTX_sess_connect_good(ssl_ctx)); |
1279 |
|
|
BIO_printf(bio, "%4ld server accepts (SSL_accept())\n", |
1280 |
|
|
SSL_CTX_sess_accept(ssl_ctx)); |
1281 |
|
|
BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n", |
1282 |
|
|
SSL_CTX_sess_accept_renegotiate(ssl_ctx)); |
1283 |
|
|
BIO_printf(bio, "%4ld server accepts that finished\n", |
1284 |
|
|
SSL_CTX_sess_accept_good(ssl_ctx)); |
1285 |
|
|
BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx)); |
1286 |
|
|
BIO_printf(bio, "%4ld session cache misses\n", SSL_CTX_sess_misses(ssl_ctx)); |
1287 |
|
|
BIO_printf(bio, "%4ld session cache timeouts\n", SSL_CTX_sess_timeouts(ssl_ctx)); |
1288 |
|
|
BIO_printf(bio, "%4ld callback cache hits\n", SSL_CTX_sess_cb_hits(ssl_ctx)); |
1289 |
|
|
BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n", |
1290 |
|
|
SSL_CTX_sess_cache_full(ssl_ctx), |
1291 |
|
|
SSL_CTX_sess_get_cache_size(ssl_ctx)); |
1292 |
|
|
} |
1293 |
|
|
|
1294 |
|
|
static int |
1295 |
|
|
sv_body(char *hostname, int s, unsigned char *context) |
1296 |
|
|
{ |
1297 |
|
|
char *buf = NULL; |
1298 |
|
|
int ret = 1; |
1299 |
|
|
int k, i; |
1300 |
|
|
unsigned long l; |
1301 |
|
|
SSL *con = NULL; |
1302 |
|
|
BIO *sbio; |
1303 |
|
|
struct timeval timeout; |
1304 |
|
|
|
1305 |
|
|
if ((buf = malloc(bufsize)) == NULL) { |
1306 |
|
|
BIO_printf(bio_err, "out of memory\n"); |
1307 |
|
|
goto err; |
1308 |
|
|
} |
1309 |
|
|
if (s_nbio) { |
1310 |
|
|
if (!s_quiet) |
1311 |
|
|
BIO_printf(bio_err, "turning on non blocking io\n"); |
1312 |
|
|
if (!BIO_socket_nbio(s, 1)) |
1313 |
|
|
ERR_print_errors(bio_err); |
1314 |
|
|
} |
1315 |
|
|
|
1316 |
|
|
if (con == NULL) { |
1317 |
|
|
con = SSL_new(ctx); |
1318 |
|
|
if (s_tlsextdebug) { |
1319 |
|
|
SSL_set_tlsext_debug_callback(con, tlsext_cb); |
1320 |
|
|
SSL_set_tlsext_debug_arg(con, bio_s_out); |
1321 |
|
|
} |
1322 |
|
|
if (s_tlsextstatus) { |
1323 |
|
|
SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); |
1324 |
|
|
tlscstatp.err = bio_err; |
1325 |
|
|
SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); |
1326 |
|
|
} |
1327 |
|
|
if (context) |
1328 |
|
|
SSL_set_session_id_context(con, context, |
1329 |
|
|
strlen((char *) context)); |
1330 |
|
|
} |
1331 |
|
|
SSL_clear(con); |
1332 |
|
|
|
1333 |
|
|
if (SSL_version(con) == DTLS1_VERSION) { |
1334 |
|
|
|
1335 |
|
|
sbio = BIO_new_dgram(s, BIO_NOCLOSE); |
1336 |
|
|
|
1337 |
|
|
if (enable_timeouts) { |
1338 |
|
|
timeout.tv_sec = 0; |
1339 |
|
|
timeout.tv_usec = DGRAM_RCV_TIMEOUT; |
1340 |
|
|
BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout); |
1341 |
|
|
|
1342 |
|
|
timeout.tv_sec = 0; |
1343 |
|
|
timeout.tv_usec = DGRAM_SND_TIMEOUT; |
1344 |
|
|
BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout); |
1345 |
|
|
} |
1346 |
|
|
if (socket_mtu > 28) { |
1347 |
|
|
SSL_set_options(con, SSL_OP_NO_QUERY_MTU); |
1348 |
|
|
SSL_set_mtu(con, socket_mtu - 28); |
1349 |
|
|
} else |
1350 |
|
|
/* want to do MTU discovery */ |
1351 |
|
|
BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); |
1352 |
|
|
|
1353 |
|
|
/* turn on cookie exchange */ |
1354 |
|
|
SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE); |
1355 |
|
|
} else |
1356 |
|
|
sbio = BIO_new_socket(s, BIO_NOCLOSE); |
1357 |
|
|
|
1358 |
|
|
if (s_nbio_test) { |
1359 |
|
|
BIO *test; |
1360 |
|
|
|
1361 |
|
|
test = BIO_new(BIO_f_nbio_test()); |
1362 |
|
|
sbio = BIO_push(test, sbio); |
1363 |
|
|
} |
1364 |
|
|
|
1365 |
|
|
SSL_set_bio(con, sbio, sbio); |
1366 |
|
|
SSL_set_accept_state(con); |
1367 |
|
|
/* SSL_set_fd(con,s); */ |
1368 |
|
|
|
1369 |
|
|
if (s_debug) { |
1370 |
|
|
SSL_set_debug(con, 1); |
1371 |
|
|
BIO_set_callback(SSL_get_rbio(con), bio_dump_callback); |
1372 |
|
|
BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out); |
1373 |
|
|
} |
1374 |
|
|
if (s_msg) { |
1375 |
|
|
SSL_set_msg_callback(con, msg_cb); |
1376 |
|
|
SSL_set_msg_callback_arg(con, bio_s_out); |
1377 |
|
|
} |
1378 |
|
|
if (s_tlsextdebug) { |
1379 |
|
|
SSL_set_tlsext_debug_callback(con, tlsext_cb); |
1380 |
|
|
SSL_set_tlsext_debug_arg(con, bio_s_out); |
1381 |
|
|
} |
1382 |
|
|
|
1383 |
|
|
for (;;) { |
1384 |
|
|
int read_from_terminal; |
1385 |
|
|
int read_from_sslcon; |
1386 |
|
|
struct pollfd pfd[2]; |
1387 |
|
|
int ptimeout; |
1388 |
|
|
|
1389 |
|
|
read_from_terminal = 0; |
1390 |
|
|
read_from_sslcon = SSL_pending(con); |
1391 |
|
|
|
1392 |
|
|
if (!read_from_sslcon) { |
1393 |
|
|
pfd[0].fd = fileno(stdin); |
1394 |
|
|
pfd[0].events = POLLIN; |
1395 |
|
|
pfd[1].fd = s; |
1396 |
|
|
pfd[1].events = POLLIN; |
1397 |
|
|
|
1398 |
|
|
if ((SSL_version(con) == DTLS1_VERSION) && |
1399 |
|
|
DTLSv1_get_timeout(con, &timeout)) |
1400 |
|
|
ptimeout = timeout.tv_sec * 1000 + |
1401 |
|
|
timeout.tv_usec / 1000; |
1402 |
|
|
else |
1403 |
|
|
ptimeout = -1; |
1404 |
|
|
|
1405 |
|
|
i = poll(pfd, 2, ptimeout); |
1406 |
|
|
|
1407 |
|
|
if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) { |
1408 |
|
|
BIO_printf(bio_err, "TIMEOUT occured\n"); |
1409 |
|
|
} |
1410 |
|
|
if (i <= 0) |
1411 |
|
|
continue; |
1412 |
|
|
if (pfd[0].revents) { |
1413 |
|
|
if ((pfd[0].revents & (POLLERR|POLLNVAL))) |
1414 |
|
|
continue; |
1415 |
|
|
read_from_terminal = 1; |
1416 |
|
|
} |
1417 |
|
|
if (pfd[1].revents) { |
1418 |
|
|
if ((pfd[1].revents & (POLLERR|POLLNVAL))) |
1419 |
|
|
continue; |
1420 |
|
|
read_from_sslcon = 1; |
1421 |
|
|
} |
1422 |
|
|
} |
1423 |
|
|
if (read_from_terminal) { |
1424 |
|
|
if (s_crlf) { |
1425 |
|
|
int j, lf_num; |
1426 |
|
|
|
1427 |
|
|
i = read(fileno(stdin), buf, bufsize / 2); |
1428 |
|
|
lf_num = 0; |
1429 |
|
|
/* both loops are skipped when i <= 0 */ |
1430 |
|
|
for (j = 0; j < i; j++) |
1431 |
|
|
if (buf[j] == '\n') |
1432 |
|
|
lf_num++; |
1433 |
|
|
for (j = i - 1; j >= 0; j--) { |
1434 |
|
|
buf[j + lf_num] = buf[j]; |
1435 |
|
|
if (buf[j] == '\n') { |
1436 |
|
|
lf_num--; |
1437 |
|
|
i++; |
1438 |
|
|
buf[j + lf_num] = '\r'; |
1439 |
|
|
} |
1440 |
|
|
} |
1441 |
|
|
assert(lf_num == 0); |
1442 |
|
|
} else |
1443 |
|
|
i = read(fileno(stdin), buf, bufsize); |
1444 |
|
|
if (!s_quiet) { |
1445 |
|
|
if ((i <= 0) || (buf[0] == 'Q')) { |
1446 |
|
|
BIO_printf(bio_s_out, "DONE\n"); |
1447 |
|
|
shutdown(s, SHUT_RD); |
1448 |
|
|
close(s); |
1449 |
|
|
close_accept_socket(); |
1450 |
|
|
ret = -11; |
1451 |
|
|
goto err; |
1452 |
|
|
} |
1453 |
|
|
if ((i <= 0) || (buf[0] == 'q')) { |
1454 |
|
|
BIO_printf(bio_s_out, "DONE\n"); |
1455 |
|
|
if (SSL_version(con) != DTLS1_VERSION) { |
1456 |
|
|
shutdown(s, SHUT_RD); |
1457 |
|
|
close(s); |
1458 |
|
|
} |
1459 |
|
|
/* |
1460 |
|
|
* close_accept_socket(); ret= -11; |
1461 |
|
|
*/ |
1462 |
|
|
goto err; |
1463 |
|
|
} |
1464 |
|
|
if ((buf[0] == 'r') && |
1465 |
|
|
((buf[1] == '\n') || (buf[1] == '\r'))) { |
1466 |
|
|
SSL_renegotiate(con); |
1467 |
|
|
i = SSL_do_handshake(con); |
1468 |
|
|
printf("SSL_do_handshake -> %d\n", i); |
1469 |
|
|
i = 0; /* 13; */ |
1470 |
|
|
continue; |
1471 |
|
|
/* |
1472 |
|
|
* RE-NEGOTIATE\n"); |
1473 |
|
|
*/ |
1474 |
|
|
} |
1475 |
|
|
if ((buf[0] == 'R') && |
1476 |
|
|
((buf[1] == '\n') || (buf[1] == '\r'))) { |
1477 |
|
|
SSL_set_verify(con, |
1478 |
|
|
SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, NULL); |
1479 |
|
|
SSL_renegotiate(con); |
1480 |
|
|
i = SSL_do_handshake(con); |
1481 |
|
|
printf("SSL_do_handshake -> %d\n", i); |
1482 |
|
|
i = 0; /* 13; */ |
1483 |
|
|
continue; |
1484 |
|
|
/* |
1485 |
|
|
* RE-NEGOTIATE asking for client |
1486 |
|
|
* cert\n"); |
1487 |
|
|
*/ |
1488 |
|
|
} |
1489 |
|
|
if (buf[0] == 'P') { |
1490 |
|
|
static const char *str = "Lets print some clear text\n"; |
1491 |
|
|
BIO_write(SSL_get_wbio(con), str, strlen(str)); |
1492 |
|
|
} |
1493 |
|
|
if (buf[0] == 'S') { |
1494 |
|
|
print_stats(bio_s_out, SSL_get_SSL_CTX(con)); |
1495 |
|
|
} |
1496 |
|
|
} |
1497 |
|
|
l = k = 0; |
1498 |
|
|
for (;;) { |
1499 |
|
|
/* should do a select for the write */ |
1500 |
|
|
#ifdef RENEG |
1501 |
|
|
{ |
1502 |
|
|
static count = 0; |
1503 |
|
|
if (++count == 100) { |
1504 |
|
|
count = 0; |
1505 |
|
|
SSL_renegotiate(con); |
1506 |
|
|
} |
1507 |
|
|
} |
1508 |
|
|
#endif |
1509 |
|
|
k = SSL_write(con, &(buf[l]), (unsigned int) i); |
1510 |
|
|
switch (SSL_get_error(con, k)) { |
1511 |
|
|
case SSL_ERROR_NONE: |
1512 |
|
|
break; |
1513 |
|
|
case SSL_ERROR_WANT_WRITE: |
1514 |
|
|
case SSL_ERROR_WANT_READ: |
1515 |
|
|
case SSL_ERROR_WANT_X509_LOOKUP: |
1516 |
|
|
BIO_printf(bio_s_out, "Write BLOCK\n"); |
1517 |
|
|
break; |
1518 |
|
|
case SSL_ERROR_SYSCALL: |
1519 |
|
|
case SSL_ERROR_SSL: |
1520 |
|
|
BIO_printf(bio_s_out, "ERROR\n"); |
1521 |
|
|
ERR_print_errors(bio_err); |
1522 |
|
|
ret = 1; |
1523 |
|
|
goto err; |
1524 |
|
|
/* break; */ |
1525 |
|
|
case SSL_ERROR_ZERO_RETURN: |
1526 |
|
|
BIO_printf(bio_s_out, "DONE\n"); |
1527 |
|
|
ret = 1; |
1528 |
|
|
goto err; |
1529 |
|
|
} |
1530 |
|
|
l += k; |
1531 |
|
|
i -= k; |
1532 |
|
|
if (i <= 0) |
1533 |
|
|
break; |
1534 |
|
|
} |
1535 |
|
|
} |
1536 |
|
|
if (read_from_sslcon) { |
1537 |
|
|
if (!SSL_is_init_finished(con)) { |
1538 |
|
|
i = init_ssl_connection(con); |
1539 |
|
|
|
1540 |
|
|
if (i < 0) { |
1541 |
|
|
ret = 0; |
1542 |
|
|
goto err; |
1543 |
|
|
} else if (i == 0) { |
1544 |
|
|
ret = 1; |
1545 |
|
|
goto err; |
1546 |
|
|
} |
1547 |
|
|
} else { |
1548 |
|
|
again: |
1549 |
|
|
i = SSL_read(con, (char *) buf, bufsize); |
1550 |
|
|
switch (SSL_get_error(con, i)) { |
1551 |
|
|
case SSL_ERROR_NONE: { |
1552 |
|
|
int len, n; |
1553 |
|
|
for (len = 0; len < i;) { |
1554 |
|
|
do { |
1555 |
|
|
n = write(fileno(stdout), buf + len, i - len); |
1556 |
|
|
} while (n == -1 && errno == EINTR); |
1557 |
|
|
|
1558 |
|
|
if (n < 0) { |
1559 |
|
|
BIO_printf(bio_s_out, "ERROR\n"); |
1560 |
|
|
goto err; |
1561 |
|
|
} |
1562 |
|
|
len += n; |
1563 |
|
|
} |
1564 |
|
|
} |
1565 |
|
|
if (SSL_pending(con)) |
1566 |
|
|
goto again; |
1567 |
|
|
break; |
1568 |
|
|
case SSL_ERROR_WANT_WRITE: |
1569 |
|
|
case SSL_ERROR_WANT_READ: |
1570 |
|
|
BIO_printf(bio_s_out, "Read BLOCK\n"); |
1571 |
|
|
break; |
1572 |
|
|
case SSL_ERROR_SYSCALL: |
1573 |
|
|
case SSL_ERROR_SSL: |
1574 |
|
|
BIO_printf(bio_s_out, "ERROR\n"); |
1575 |
|
|
ERR_print_errors(bio_err); |
1576 |
|
|
ret = 1; |
1577 |
|
|
goto err; |
1578 |
|
|
case SSL_ERROR_ZERO_RETURN: |
1579 |
|
|
BIO_printf(bio_s_out, "DONE\n"); |
1580 |
|
|
ret = 1; |
1581 |
|
|
goto err; |
1582 |
|
|
} |
1583 |
|
|
} |
1584 |
|
|
} |
1585 |
|
|
} |
1586 |
|
|
err: |
1587 |
|
|
if (con != NULL) { |
1588 |
|
|
BIO_printf(bio_s_out, "shutting down SSL\n"); |
1589 |
|
|
SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); |
1590 |
|
|
SSL_free(con); |
1591 |
|
|
} |
1592 |
|
|
BIO_printf(bio_s_out, "CONNECTION CLOSED\n"); |
1593 |
|
|
if (buf != NULL) { |
1594 |
|
|
explicit_bzero(buf, bufsize); |
1595 |
|
|
free(buf); |
1596 |
|
|
} |
1597 |
|
|
if (ret >= 0) |
1598 |
|
|
BIO_printf(bio_s_out, "ACCEPT\n"); |
1599 |
|
|
return (ret); |
1600 |
|
|
} |
1601 |
|
|
|
1602 |
|
|
static void |
1603 |
|
|
close_accept_socket(void) |
1604 |
|
|
{ |
1605 |
|
|
BIO_printf(bio_err, "shutdown accept socket\n"); |
1606 |
|
|
if (accept_socket >= 0) { |
1607 |
|
|
shutdown(accept_socket, SHUT_RDWR); |
1608 |
|
|
close(accept_socket); |
1609 |
|
|
} |
1610 |
|
|
} |
1611 |
|
|
|
1612 |
|
|
static int |
1613 |
|
|
init_ssl_connection(SSL * con) |
1614 |
|
|
{ |
1615 |
|
|
int i; |
1616 |
|
|
const char *str; |
1617 |
|
|
X509 *peer; |
1618 |
|
|
long verify_error; |
1619 |
|
|
char buf[BUFSIZ]; |
1620 |
|
|
const unsigned char *next_proto_neg; |
1621 |
|
|
unsigned next_proto_neg_len; |
1622 |
|
|
unsigned char *exportedkeymat; |
1623 |
|
|
|
1624 |
|
|
i = SSL_accept(con); |
1625 |
|
|
if (i <= 0) { |
1626 |
|
|
if (BIO_sock_should_retry(i)) { |
1627 |
|
|
BIO_printf(bio_s_out, "DELAY\n"); |
1628 |
|
|
return (1); |
1629 |
|
|
} |
1630 |
|
|
BIO_printf(bio_err, "ERROR\n"); |
1631 |
|
|
verify_error = SSL_get_verify_result(con); |
1632 |
|
|
if (verify_error != X509_V_OK) { |
1633 |
|
|
BIO_printf(bio_err, "verify error:%s\n", |
1634 |
|
|
X509_verify_cert_error_string(verify_error)); |
1635 |
|
|
} else |
1636 |
|
|
ERR_print_errors(bio_err); |
1637 |
|
|
return (0); |
1638 |
|
|
} |
1639 |
|
|
PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con)); |
1640 |
|
|
|
1641 |
|
|
peer = SSL_get_peer_certificate(con); |
1642 |
|
|
if (peer != NULL) { |
1643 |
|
|
BIO_printf(bio_s_out, "Client certificate\n"); |
1644 |
|
|
PEM_write_bio_X509(bio_s_out, peer); |
1645 |
|
|
X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf); |
1646 |
|
|
BIO_printf(bio_s_out, "subject=%s\n", buf); |
1647 |
|
|
X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf); |
1648 |
|
|
BIO_printf(bio_s_out, "issuer=%s\n", buf); |
1649 |
|
|
X509_free(peer); |
1650 |
|
|
} |
1651 |
|
|
if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL) |
1652 |
|
|
BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf); |
1653 |
|
|
str = SSL_CIPHER_get_name(SSL_get_current_cipher(con)); |
1654 |
|
|
BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)"); |
1655 |
|
|
|
1656 |
|
|
SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); |
1657 |
|
|
if (next_proto_neg) { |
1658 |
|
|
BIO_printf(bio_s_out, "NEXTPROTO is "); |
1659 |
|
|
BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len); |
1660 |
|
|
BIO_printf(bio_s_out, "\n"); |
1661 |
|
|
} |
1662 |
|
|
#ifndef OPENSSL_NO_SRTP |
1663 |
|
|
{ |
1664 |
|
|
SRTP_PROTECTION_PROFILE *srtp_profile |
1665 |
|
|
= SSL_get_selected_srtp_profile(con); |
1666 |
|
|
|
1667 |
|
|
if (srtp_profile) |
1668 |
|
|
BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n", |
1669 |
|
|
srtp_profile->name); |
1670 |
|
|
} |
1671 |
|
|
#endif |
1672 |
|
|
if (SSL_cache_hit(con)) |
1673 |
|
|
BIO_printf(bio_s_out, "Reused session-id\n"); |
1674 |
|
|
BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n", |
1675 |
|
|
SSL_get_secure_renegotiation_support(con) ? "" : " NOT"); |
1676 |
|
|
if (keymatexportlabel != NULL) { |
1677 |
|
|
BIO_printf(bio_s_out, "Keying material exporter:\n"); |
1678 |
|
|
BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel); |
1679 |
|
|
BIO_printf(bio_s_out, " Length: %i bytes\n", |
1680 |
|
|
keymatexportlen); |
1681 |
|
|
exportedkeymat = malloc(keymatexportlen); |
1682 |
|
|
if (exportedkeymat != NULL) { |
1683 |
|
|
if (!SSL_export_keying_material(con, exportedkeymat, |
1684 |
|
|
keymatexportlen, |
1685 |
|
|
keymatexportlabel, |
1686 |
|
|
strlen(keymatexportlabel), |
1687 |
|
|
NULL, 0, 0)) { |
1688 |
|
|
BIO_printf(bio_s_out, " Error\n"); |
1689 |
|
|
} else { |
1690 |
|
|
BIO_printf(bio_s_out, " Keying material: "); |
1691 |
|
|
for (i = 0; i < keymatexportlen; i++) |
1692 |
|
|
BIO_printf(bio_s_out, "%02X", |
1693 |
|
|
exportedkeymat[i]); |
1694 |
|
|
BIO_printf(bio_s_out, "\n"); |
1695 |
|
|
} |
1696 |
|
|
free(exportedkeymat); |
1697 |
|
|
} |
1698 |
|
|
} |
1699 |
|
|
return (1); |
1700 |
|
|
} |
1701 |
|
|
|
1702 |
|
|
#ifndef OPENSSL_NO_DH |
1703 |
|
|
static DH * |
1704 |
|
|
load_dh_param(const char *dhfile) |
1705 |
|
|
{ |
1706 |
|
|
DH *ret = NULL; |
1707 |
|
|
BIO *bio; |
1708 |
|
|
|
1709 |
|
|
if ((bio = BIO_new_file(dhfile, "r")) == NULL) |
1710 |
|
|
goto err; |
1711 |
|
|
ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); |
1712 |
|
|
err: |
1713 |
|
|
BIO_free(bio); |
1714 |
|
|
return (ret); |
1715 |
|
|
} |
1716 |
|
|
#endif |
1717 |
|
|
|
1718 |
|
|
static int |
1719 |
|
|
www_body(char *hostname, int s, unsigned char *context) |
1720 |
|
|
{ |
1721 |
|
|
char *buf = NULL; |
1722 |
|
|
int ret = 1; |
1723 |
|
|
int i, j, k, dot; |
1724 |
|
|
SSL *con; |
1725 |
|
|
const SSL_CIPHER *c; |
1726 |
|
|
BIO *io, *ssl_bio, *sbio; |
1727 |
|
|
|
1728 |
|
|
buf = malloc(bufsize); |
1729 |
|
|
if (buf == NULL) |
1730 |
|
|
return (0); |
1731 |
|
|
io = BIO_new(BIO_f_buffer()); |
1732 |
|
|
ssl_bio = BIO_new(BIO_f_ssl()); |
1733 |
|
|
if ((io == NULL) || (ssl_bio == NULL)) |
1734 |
|
|
goto err; |
1735 |
|
|
|
1736 |
|
|
if (s_nbio) { |
1737 |
|
|
if (!s_quiet) |
1738 |
|
|
BIO_printf(bio_err, "turning on non blocking io\n"); |
1739 |
|
|
if (!BIO_socket_nbio(s, 1)) |
1740 |
|
|
ERR_print_errors(bio_err); |
1741 |
|
|
} |
1742 |
|
|
|
1743 |
|
|
/* lets make the output buffer a reasonable size */ |
1744 |
|
|
if (!BIO_set_write_buffer_size(io, bufsize)) |
1745 |
|
|
goto err; |
1746 |
|
|
|
1747 |
|
|
if ((con = SSL_new(ctx)) == NULL) |
1748 |
|
|
goto err; |
1749 |
|
|
if (s_tlsextdebug) { |
1750 |
|
|
SSL_set_tlsext_debug_callback(con, tlsext_cb); |
1751 |
|
|
SSL_set_tlsext_debug_arg(con, bio_s_out); |
1752 |
|
|
} |
1753 |
|
|
if (context) |
1754 |
|
|
SSL_set_session_id_context(con, context, |
1755 |
|
|
strlen((char *) context)); |
1756 |
|
|
|
1757 |
|
|
sbio = BIO_new_socket(s, BIO_NOCLOSE); |
1758 |
|
|
if (s_nbio_test) { |
1759 |
|
|
BIO *test; |
1760 |
|
|
|
1761 |
|
|
test = BIO_new(BIO_f_nbio_test()); |
1762 |
|
|
sbio = BIO_push(test, sbio); |
1763 |
|
|
} |
1764 |
|
|
SSL_set_bio(con, sbio, sbio); |
1765 |
|
|
SSL_set_accept_state(con); |
1766 |
|
|
|
1767 |
|
|
/* SSL_set_fd(con,s); */ |
1768 |
|
|
BIO_set_ssl(ssl_bio, con, BIO_CLOSE); |
1769 |
|
|
BIO_push(io, ssl_bio); |
1770 |
|
|
|
1771 |
|
|
if (s_debug) { |
1772 |
|
|
SSL_set_debug(con, 1); |
1773 |
|
|
BIO_set_callback(SSL_get_rbio(con), bio_dump_callback); |
1774 |
|
|
BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out); |
1775 |
|
|
} |
1776 |
|
|
if (s_msg) { |
1777 |
|
|
SSL_set_msg_callback(con, msg_cb); |
1778 |
|
|
SSL_set_msg_callback_arg(con, bio_s_out); |
1779 |
|
|
} |
1780 |
|
|
for (;;) { |
1781 |
|
|
i = BIO_gets(io, buf, bufsize - 1); |
1782 |
|
|
if (i < 0) { /* error */ |
1783 |
|
|
if (!BIO_should_retry(io)) { |
1784 |
|
|
if (!s_quiet) |
1785 |
|
|
ERR_print_errors(bio_err); |
1786 |
|
|
goto err; |
1787 |
|
|
} else { |
1788 |
|
|
BIO_printf(bio_s_out, "read R BLOCK\n"); |
1789 |
|
|
sleep(1); |
1790 |
|
|
continue; |
1791 |
|
|
} |
1792 |
|
|
} else if (i == 0) { /* end of input */ |
1793 |
|
|
ret = 1; |
1794 |
|
|
goto end; |
1795 |
|
|
} |
1796 |
|
|
/* else we have data */ |
1797 |
|
|
if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) || |
1798 |
|
|
((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) { |
1799 |
|
|
char *p; |
1800 |
|
|
X509 *peer; |
1801 |
|
|
STACK_OF(SSL_CIPHER) * sk; |
1802 |
|
|
static const char *space = " "; |
1803 |
|
|
|
1804 |
|
|
BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); |
1805 |
|
|
BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n"); |
1806 |
|
|
BIO_puts(io, "<pre>\n"); |
1807 |
|
|
/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/ |
1808 |
|
|
BIO_puts(io, "\n"); |
1809 |
|
|
for (i = 0; i < local_argc; i++) { |
1810 |
|
|
BIO_puts(io, local_argv[i]); |
1811 |
|
|
BIO_write(io, " ", 1); |
1812 |
|
|
} |
1813 |
|
|
BIO_puts(io, "\n"); |
1814 |
|
|
|
1815 |
|
|
BIO_printf(io, |
1816 |
|
|
"Secure Renegotiation IS%s supported\n", |
1817 |
|
|
SSL_get_secure_renegotiation_support(con) ? |
1818 |
|
|
"" : " NOT"); |
1819 |
|
|
|
1820 |
|
|
/* |
1821 |
|
|
* The following is evil and should not really be |
1822 |
|
|
* done |
1823 |
|
|
*/ |
1824 |
|
|
BIO_printf(io, "Ciphers supported in s_server binary\n"); |
1825 |
|
|
sk = SSL_get_ciphers(con); |
1826 |
|
|
j = sk_SSL_CIPHER_num(sk); |
1827 |
|
|
for (i = 0; i < j; i++) { |
1828 |
|
|
c = sk_SSL_CIPHER_value(sk, i); |
1829 |
|
|
BIO_printf(io, "%-11s:%-25s", |
1830 |
|
|
SSL_CIPHER_get_version(c), |
1831 |
|
|
SSL_CIPHER_get_name(c)); |
1832 |
|
|
if ((((i + 1) % 2) == 0) && (i + 1 != j)) |
1833 |
|
|
BIO_puts(io, "\n"); |
1834 |
|
|
} |
1835 |
|
|
BIO_puts(io, "\n"); |
1836 |
|
|
p = SSL_get_shared_ciphers(con, buf, bufsize); |
1837 |
|
|
if (p != NULL) { |
1838 |
|
|
BIO_printf(io, "---\nCiphers common between both SSL end points:\n"); |
1839 |
|
|
j = i = 0; |
1840 |
|
|
while (*p) { |
1841 |
|
|
if (*p == ':') { |
1842 |
|
|
BIO_write(io, space, 26 - j); |
1843 |
|
|
i++; |
1844 |
|
|
j = 0; |
1845 |
|
|
BIO_write(io, ((i % 3) ? " " : "\n"), 1); |
1846 |
|
|
} else { |
1847 |
|
|
BIO_write(io, p, 1); |
1848 |
|
|
j++; |
1849 |
|
|
} |
1850 |
|
|
p++; |
1851 |
|
|
} |
1852 |
|
|
BIO_puts(io, "\n"); |
1853 |
|
|
} |
1854 |
|
|
BIO_printf(io, (SSL_cache_hit(con) |
1855 |
|
|
? "---\nReused, " |
1856 |
|
|
: "---\nNew, ")); |
1857 |
|
|
c = SSL_get_current_cipher(con); |
1858 |
|
|
BIO_printf(io, "%s, Cipher is %s\n", |
1859 |
|
|
SSL_CIPHER_get_version(c), |
1860 |
|
|
SSL_CIPHER_get_name(c)); |
1861 |
|
|
SSL_SESSION_print(io, SSL_get_session(con)); |
1862 |
|
|
BIO_printf(io, "---\n"); |
1863 |
|
|
print_stats(io, SSL_get_SSL_CTX(con)); |
1864 |
|
|
BIO_printf(io, "---\n"); |
1865 |
|
|
peer = SSL_get_peer_certificate(con); |
1866 |
|
|
if (peer != NULL) { |
1867 |
|
|
BIO_printf(io, "Client certificate\n"); |
1868 |
|
|
X509_print(io, peer); |
1869 |
|
|
PEM_write_bio_X509(io, peer); |
1870 |
|
|
} else |
1871 |
|
|
BIO_puts(io, "no client certificate available\n"); |
1872 |
|
|
BIO_puts(io, "</BODY></HTML>\r\n\r\n"); |
1873 |
|
|
break; |
1874 |
|
|
} else if ((www == 2 || www == 3) |
1875 |
|
|
&& (strncmp("GET /", buf, 5) == 0)) { |
1876 |
|
|
BIO *file; |
1877 |
|
|
char *p, *e; |
1878 |
|
|
static const char *text = "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"; |
1879 |
|
|
|
1880 |
|
|
/* skip the '/' */ |
1881 |
|
|
p = &(buf[5]); |
1882 |
|
|
|
1883 |
|
|
dot = 1; |
1884 |
|
|
for (e = p; *e != '\0'; e++) { |
1885 |
|
|
if (e[0] == ' ') |
1886 |
|
|
break; |
1887 |
|
|
|
1888 |
|
|
switch (dot) { |
1889 |
|
|
case 1: |
1890 |
|
|
dot = (e[0] == '.') ? 2 : 0; |
1891 |
|
|
break; |
1892 |
|
|
case 2: |
1893 |
|
|
dot = (e[0] == '.') ? 3 : 0; |
1894 |
|
|
break; |
1895 |
|
|
case 3: |
1896 |
|
|
dot = (e[0] == '/') ? -1 : 0; |
1897 |
|
|
break; |
1898 |
|
|
} |
1899 |
|
|
if (dot == 0) |
1900 |
|
|
dot = (e[0] == '/') ? 1 : 0; |
1901 |
|
|
} |
1902 |
|
|
dot = (dot == 3) || (dot == -1); /* filename contains |
1903 |
|
|
* ".." component */ |
1904 |
|
|
|
1905 |
|
|
if (*e == '\0') { |
1906 |
|
|
BIO_puts(io, text); |
1907 |
|
|
BIO_printf(io, "'%s' is an invalid file name\r\n", p); |
1908 |
|
|
break; |
1909 |
|
|
} |
1910 |
|
|
*e = '\0'; |
1911 |
|
|
|
1912 |
|
|
if (dot) { |
1913 |
|
|
BIO_puts(io, text); |
1914 |
|
|
BIO_printf(io, "'%s' contains '..' reference\r\n", p); |
1915 |
|
|
break; |
1916 |
|
|
} |
1917 |
|
|
if (*p == '/') { |
1918 |
|
|
BIO_puts(io, text); |
1919 |
|
|
BIO_printf(io, "'%s' is an invalid path\r\n", p); |
1920 |
|
|
break; |
1921 |
|
|
} |
1922 |
|
|
/* if a directory, do the index thang */ |
1923 |
|
|
if (app_isdir(p) > 0) { |
1924 |
|
|
BIO_puts(io, text); |
1925 |
|
|
BIO_printf(io, "'%s' is a directory\r\n", p); |
1926 |
|
|
break; |
1927 |
|
|
} |
1928 |
|
|
if ((file = BIO_new_file(p, "r")) == NULL) { |
1929 |
|
|
BIO_puts(io, text); |
1930 |
|
|
BIO_printf(io, "Error opening '%s'\r\n", p); |
1931 |
|
|
ERR_print_errors(io); |
1932 |
|
|
break; |
1933 |
|
|
} |
1934 |
|
|
if (!s_quiet) |
1935 |
|
|
BIO_printf(bio_err, "FILE:%s\n", p); |
1936 |
|
|
|
1937 |
|
|
if (www == 2) { |
1938 |
|
|
i = strlen(p); |
1939 |
|
|
if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) || |
1940 |
|
|
((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) || |
1941 |
|
|
((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0))) |
1942 |
|
|
BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); |
1943 |
|
|
else |
1944 |
|
|
BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); |
1945 |
|
|
} |
1946 |
|
|
/* send the file */ |
1947 |
|
|
for (;;) { |
1948 |
|
|
i = BIO_read(file, buf, bufsize); |
1949 |
|
|
if (i <= 0) |
1950 |
|
|
break; |
1951 |
|
|
|
1952 |
|
|
#ifdef RENEG |
1953 |
|
|
total_bytes += i; |
1954 |
|
|
fprintf(stderr, "%d\n", i); |
1955 |
|
|
if (total_bytes > 3 * 1024) { |
1956 |
|
|
total_bytes = 0; |
1957 |
|
|
fprintf(stderr, "RENEGOTIATE\n"); |
1958 |
|
|
SSL_renegotiate(con); |
1959 |
|
|
} |
1960 |
|
|
#endif |
1961 |
|
|
|
1962 |
|
|
for (j = 0; j < i;) { |
1963 |
|
|
#ifdef RENEG |
1964 |
|
|
{ |
1965 |
|
|
static count = 0; |
1966 |
|
|
if (++count == 13) { |
1967 |
|
|
SSL_renegotiate(con); |
1968 |
|
|
} |
1969 |
|
|
} |
1970 |
|
|
#endif |
1971 |
|
|
k = BIO_write(io, &(buf[j]), i - j); |
1972 |
|
|
if (k <= 0) { |
1973 |
|
|
if (!BIO_should_retry(io)) |
1974 |
|
|
goto write_error; |
1975 |
|
|
else { |
1976 |
|
|
BIO_printf(bio_s_out, "rwrite W BLOCK\n"); |
1977 |
|
|
} |
1978 |
|
|
} else { |
1979 |
|
|
j += k; |
1980 |
|
|
} |
1981 |
|
|
} |
1982 |
|
|
} |
1983 |
|
|
write_error: |
1984 |
|
|
BIO_free(file); |
1985 |
|
|
break; |
1986 |
|
|
} |
1987 |
|
|
} |
1988 |
|
|
|
1989 |
|
|
for (;;) { |
1990 |
|
|
i = (int) BIO_flush(io); |
1991 |
|
|
if (i <= 0) { |
1992 |
|
|
if (!BIO_should_retry(io)) |
1993 |
|
|
break; |
1994 |
|
|
} else |
1995 |
|
|
break; |
1996 |
|
|
} |
1997 |
|
|
end: |
1998 |
|
|
/* make sure we re-use sessions */ |
1999 |
|
|
SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN); |
2000 |
|
|
|
2001 |
|
|
err: |
2002 |
|
|
|
2003 |
|
|
if (ret >= 0) |
2004 |
|
|
BIO_printf(bio_s_out, "ACCEPT\n"); |
2005 |
|
|
|
2006 |
|
|
free(buf); |
2007 |
|
|
if (io != NULL) |
2008 |
|
|
BIO_free_all(io); |
2009 |
|
|
/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/ |
2010 |
|
|
return (ret); |
2011 |
|
|
} |
2012 |
|
|
|
2013 |
|
|
#define MAX_SESSION_ID_ATTEMPTS 10 |
2014 |
|
|
static int |
2015 |
|
|
generate_session_id(const SSL * ssl, unsigned char *id, |
2016 |
|
|
unsigned int *id_len) |
2017 |
|
|
{ |
2018 |
|
|
unsigned int count = 0; |
2019 |
|
|
do { |
2020 |
|
|
arc4random_buf(id, *id_len); |
2021 |
|
|
/* |
2022 |
|
|
* Prefix the session_id with the required prefix. NB: If our |
2023 |
|
|
* prefix is too long, clip it - but there will be worse |
2024 |
|
|
* effects anyway, eg. the server could only possibly create |
2025 |
|
|
* 1 session ID (ie. the prefix!) so all future session |
2026 |
|
|
* negotiations will fail due to conflicts. |
2027 |
|
|
*/ |
2028 |
|
|
memcpy(id, session_id_prefix, |
2029 |
|
|
(strlen(session_id_prefix) < *id_len) ? |
2030 |
|
|
strlen(session_id_prefix) : *id_len); |
2031 |
|
|
} |
2032 |
|
|
while (SSL_has_matching_session_id(ssl, id, *id_len) && |
2033 |
|
|
(++count < MAX_SESSION_ID_ATTEMPTS)); |
2034 |
|
|
if (count >= MAX_SESSION_ID_ATTEMPTS) |
2035 |
|
|
return 0; |
2036 |
|
|
return 1; |
2037 |
|
|
} |