GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: usr.bin/openssl/sess_id.c Lines: 0 91 0.0 %
Date: 2016-12-06 Branches: 0 58 0.0 %

Line Branch Exec Source
1
/* $OpenBSD: sess_id.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
 * All rights reserved.
4
 *
5
 * This package is an SSL implementation written
6
 * by Eric Young (eay@cryptsoft.com).
7
 * The implementation was written so as to conform with Netscapes SSL.
8
 *
9
 * This library is free for commercial and non-commercial use as long as
10
 * the following conditions are aheared to.  The following conditions
11
 * apply to all code found in this distribution, be it the RC4, RSA,
12
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13
 * included with this distribution is covered by the same copyright terms
14
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15
 *
16
 * Copyright remains Eric Young's, and as such any Copyright notices in
17
 * the code are not to be removed.
18
 * If this package is used in a product, Eric Young should be given attribution
19
 * as the author of the parts of the library used.
20
 * This can be in the form of a textual message at program startup or
21
 * in documentation (online or textual) provided with the package.
22
 *
23
 * Redistribution and use in source and binary forms, with or without
24
 * modification, are permitted provided that the following conditions
25
 * are met:
26
 * 1. Redistributions of source code must retain the copyright
27
 *    notice, this list of conditions and the following disclaimer.
28
 * 2. Redistributions in binary form must reproduce the above copyright
29
 *    notice, this list of conditions and the following disclaimer in the
30
 *    documentation and/or other materials provided with the distribution.
31
 * 3. All advertising materials mentioning features or use of this software
32
 *    must display the following acknowledgement:
33
 *    "This product includes cryptographic software written by
34
 *     Eric Young (eay@cryptsoft.com)"
35
 *    The word 'cryptographic' can be left out if the rouines from the library
36
 *    being used are not cryptographic related :-).
37
 * 4. If you include any Windows specific code (or a derivative thereof) from
38
 *    the apps directory (application code) you must include an acknowledgement:
39
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40
 *
41
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
 * SUCH DAMAGE.
52
 *
53
 * The licence and distribution terms for any publically available version or
54
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55
 * copied and put under another distribution licence
56
 * [including the GNU Public Licence.]
57
 */
58
59
#include <stdio.h>
60
#include <stdlib.h>
61
#include <string.h>
62
63
#include "apps.h"
64
#include "progs.h"
65
66
#include <openssl/bio.h>
67
#include <openssl/err.h>
68
#include <openssl/pem.h>
69
#include <openssl/ssl.h>
70
#include <openssl/x509.h>
71
72
static struct {
73
	int cert;
74
	char *context;
75
	char *infile;
76
	int informat;
77
	int noout;
78
	char *outfile;
79
	int outformat;
80
	int text;
81
} sess_id_config;
82
83
static struct option sess_id_options[] = {
84
	{
85
		.name = "cert",
86
		.desc = "Output certificate if present in session",
87
		.type = OPTION_FLAG,
88
		.opt.flag = &sess_id_config.cert,
89
	},
90
	{
91
		.name = "context",
92
		.argname = "id",
93
		.desc = "Set the session ID context for output",
94
		.type = OPTION_ARG,
95
		.opt.arg = &sess_id_config.context,
96
	},
97
	{
98
		.name = "in",
99
		.argname = "file",
100
		.desc = "Input file (default stdin)",
101
		.type = OPTION_ARG,
102
		.opt.arg = &sess_id_config.infile,
103
	},
104
	{
105
		.name = "inform",
106
		.argname = "format",
107
		.desc = "Input format (DER or PEM (default))",
108
		.type = OPTION_ARG_FORMAT,
109
		.opt.value = &sess_id_config.informat,
110
	},
111
	{
112
		.name = "noout",
113
		.desc = "Do not output the encoded session info",
114
		.type = OPTION_FLAG,
115
		.opt.flag = &sess_id_config.noout,
116
	},
117
	{
118
		.name = "out",
119
		.argname = "file",
120
		.desc = "Output file (default stdout)",
121
		.type = OPTION_ARG,
122
		.opt.arg = &sess_id_config.outfile,
123
	},
124
	{
125
		.name = "outform",
126
		.argname = "format",
127
		.desc = "Output format (DER or PEM (default))",
128
		.type = OPTION_ARG_FORMAT,
129
		.opt.value = &sess_id_config.outformat,
130
	},
131
	{
132
		.name = "text",
133
		.desc = "Print various public or private key components in"
134
		    " plain text",
135
		.type = OPTION_FLAG,
136
		.opt.flag = &sess_id_config.text,
137
	},
138
	{ NULL }
139
};
140
141
static void
142
sess_id_usage(void)
143
{
144
	fprintf(stderr,
145
	    "usage: sess_id [-cert] [-context id] [-in file] [-inform fmt] "
146
	    "[-noout]\n"
147
	    "    [-out file] [-outform fmt] [-text]\n\n");
148
	options_usage(sess_id_options);
149
}
150
151
static SSL_SESSION *load_sess_id(char *file, int format);
152
153
int
154
sess_id_main(int argc, char **argv)
155
{
156
	SSL_SESSION *x = NULL;
157
	X509 *peer = NULL;
158
	int ret = 1, i;
159
	BIO *out = NULL;
160
161
	if (single_execution) {
162
		if (pledge("stdio rpath wpath cpath", NULL) == -1) {
163
			perror("pledge");
164
			exit(1);
165
		}
166
	}
167
168
	memset(&sess_id_config, 0, sizeof(sess_id_config));
169
170
	sess_id_config.informat = FORMAT_PEM;
171
	sess_id_config.outformat = FORMAT_PEM;
172
173
	if (options_parse(argc, argv, sess_id_options, NULL, NULL) != 0) {
174
		sess_id_usage();
175
		return (1);
176
	}
177
178
	x = load_sess_id(sess_id_config.infile, sess_id_config.informat);
179
	if (x == NULL) {
180
		goto end;
181
	}
182
	peer = SSL_SESSION_get0_peer(x);
183
184
	if (sess_id_config.context) {
185
		size_t ctx_len = strlen(sess_id_config.context);
186
		if (ctx_len > SSL_MAX_SID_CTX_LENGTH) {
187
			BIO_printf(bio_err, "Context too long\n");
188
			goto end;
189
		}
190
		SSL_SESSION_set1_id_context(x,
191
		    (unsigned char *)sess_id_config.context, ctx_len);
192
	}
193
194
	if (!sess_id_config.noout || sess_id_config.text) {
195
		out = BIO_new(BIO_s_file());
196
		if (out == NULL) {
197
			ERR_print_errors(bio_err);
198
			goto end;
199
		}
200
		if (sess_id_config.outfile == NULL) {
201
			BIO_set_fp(out, stdout, BIO_NOCLOSE);
202
		} else {
203
			if (BIO_write_filename(out, sess_id_config.outfile)
204
			    <= 0) {
205
				perror(sess_id_config.outfile);
206
				goto end;
207
			}
208
		}
209
	}
210
	if (sess_id_config.text) {
211
		SSL_SESSION_print(out, x);
212
213
		if (sess_id_config.cert) {
214
			if (peer == NULL)
215
				BIO_puts(out, "No certificate present\n");
216
			else
217
				X509_print(out, peer);
218
		}
219
	}
220
	if (!sess_id_config.noout && !sess_id_config.cert) {
221
		if (sess_id_config.outformat == FORMAT_ASN1)
222
			i = i2d_SSL_SESSION_bio(out, x);
223
		else if (sess_id_config.outformat == FORMAT_PEM)
224
			i = PEM_write_bio_SSL_SESSION(out, x);
225
		else {
226
			BIO_printf(bio_err,
227
			    "bad output format specified for outfile\n");
228
			goto end;
229
		}
230
		if (!i) {
231
			BIO_printf(bio_err, "unable to write SSL_SESSION\n");
232
			goto end;
233
		}
234
	} else if (!sess_id_config.noout && (peer != NULL)) {
235
		/* just print the certificate */
236
		if (sess_id_config.outformat == FORMAT_ASN1)
237
			i = (int) i2d_X509_bio(out, peer);
238
		else if (sess_id_config.outformat == FORMAT_PEM)
239
			i = PEM_write_bio_X509(out, peer);
240
		else {
241
			BIO_printf(bio_err,
242
			    "bad output format specified for outfile\n");
243
			goto end;
244
		}
245
		if (!i) {
246
			BIO_printf(bio_err, "unable to write X509\n");
247
			goto end;
248
		}
249
	}
250
	ret = 0;
251
252
end:
253
	BIO_free_all(out);
254
	SSL_SESSION_free(x);
255
256
	return (ret);
257
}
258
259
static SSL_SESSION *
260
load_sess_id(char *infile, int format)
261
{
262
	SSL_SESSION *x = NULL;
263
	BIO *in = NULL;
264
265
	in = BIO_new(BIO_s_file());
266
	if (in == NULL) {
267
		ERR_print_errors(bio_err);
268
		goto end;
269
	}
270
	if (infile == NULL)
271
		BIO_set_fp(in, stdin, BIO_NOCLOSE);
272
	else {
273
		if (BIO_read_filename(in, infile) <= 0) {
274
			perror(infile);
275
			goto end;
276
		}
277
	}
278
	if (format == FORMAT_ASN1)
279
		x = d2i_SSL_SESSION_bio(in, NULL);
280
	else if (format == FORMAT_PEM)
281
		x = PEM_read_bio_SSL_SESSION(in, NULL, NULL, NULL);
282
	else {
283
		BIO_printf(bio_err,
284
		    "bad input format specified for input crl\n");
285
		goto end;
286
	}
287
	if (x == NULL) {
288
		BIO_printf(bio_err, "unable to load SSL_SESSION\n");
289
		ERR_print_errors(bio_err);
290
		goto end;
291
	}
292
end:
293
	BIO_free(in);
294
	return (x);
295
}