version 1.47, 2020/07/09 12:48:19 |
version 1.48, 2020/07/09 13:07:46 |
|
|
int bugs; |
int bugs; |
char *CAfile; |
char *CAfile; |
char *CApath; |
char *CApath; |
int c_debug; |
|
int c_ign_eof; |
|
int c_msg; |
|
int c_nbio; |
|
int c_Pause; |
|
int c_quiet; |
|
int c_showcerts; |
|
int c_status_req; |
|
int c_tlsextdebug; |
|
char *cert_file; |
char *cert_file; |
int cert_format; |
int cert_format; |
char *cipher; |
char *cipher; |
unsigned int clr; |
unsigned int clr; |
char *connect; |
char *connect; |
int crlf; |
int crlf; |
|
int debug; |
int enable_timeouts; |
int enable_timeouts; |
const char *errstr; |
const char *errstr; |
char *groups_in; |
char *groups_in; |
char *host; |
char *host; |
|
int ign_eof; |
char *key_file; |
char *key_file; |
int key_format; |
int key_format; |
char *keymatexportlabel; |
char *keymatexportlabel; |
|
|
uint16_t max_version; |
uint16_t max_version; |
uint16_t min_version; |
uint16_t min_version; |
const SSL_METHOD *meth; |
const SSL_METHOD *meth; |
|
int msg; |
|
int nbio; |
int nbio_test; |
int nbio_test; |
char *npn_in; |
char *npn_in; |
unsigned int off; |
unsigned int off; |
char *passarg; |
char *passarg; |
|
int pause; |
int peekaboo; |
int peekaboo; |
char *port; |
char *port; |
int prexit; |
int prexit; |
char *proxy; |
char *proxy; |
|
int quiet; |
int reconnect; |
int reconnect; |
char *servername; |
char *servername; |
char *sess_in; |
char *sess_in; |
char *sess_out; |
char *sess_out; |
|
int showcerts; |
int socket_type; |
int socket_type; |
long socket_mtu; |
long socket_mtu; |
#ifndef OPENSSL_NO_SRTP |
#ifndef OPENSSL_NO_SRTP |
|
|
#endif |
#endif |
int starttls_proto; |
int starttls_proto; |
int state; |
int state; |
|
int status_req; |
|
int tlsextdebug; |
int verify; |
int verify; |
X509_VERIFY_PARAM *vpm; |
X509_VERIFY_PARAM *vpm; |
char *xmpphost; |
char *xmpphost; |
|
|
static int |
static int |
s_client_opt_quiet(void) |
s_client_opt_quiet(void) |
{ |
{ |
s_client_config.c_quiet = 1; |
s_client_config.quiet = 1; |
s_client_config.c_ign_eof = 1; |
s_client_config.ign_eof = 1; |
return (0); |
return (0); |
} |
} |
|
|
|
|
.name = "debug", |
.name = "debug", |
.desc = "Print extensive debugging information", |
.desc = "Print extensive debugging information", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_client_config.c_debug, |
.opt.flag = &s_client_config.debug, |
}, |
}, |
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS1 |
{ |
{ |
|
|
.name = "ign_eof", |
.name = "ign_eof", |
.desc = "Ignore input EOF (default when -quiet)", |
.desc = "Ignore input EOF (default when -quiet)", |
.type = OPTION_VALUE, |
.type = OPTION_VALUE, |
.opt.value = &s_client_config.c_ign_eof, |
.opt.value = &s_client_config.ign_eof, |
.value = 1, |
.value = 1, |
}, |
}, |
{ |
{ |
|
|
.name = "msg", |
.name = "msg", |
.desc = "Show all protocol messages with hex dump", |
.desc = "Show all protocol messages with hex dump", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_client_config.c_msg, |
.opt.flag = &s_client_config.msg, |
}, |
}, |
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS1 |
{ |
{ |
|
|
.name = "nbio", |
.name = "nbio", |
.desc = "Turn on non-blocking I/O", |
.desc = "Turn on non-blocking I/O", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_client_config.c_nbio, |
.opt.flag = &s_client_config.nbio, |
}, |
}, |
{ |
{ |
.name = "nbio_test", |
.name = "nbio_test", |
|
|
.name = "no_ign_eof", |
.name = "no_ign_eof", |
.desc = "Don't ignore input EOF", |
.desc = "Don't ignore input EOF", |
.type = OPTION_VALUE, |
.type = OPTION_VALUE, |
.opt.value = &s_client_config.c_ign_eof, |
.opt.value = &s_client_config.ign_eof, |
.value = 0, |
.value = 0, |
}, |
}, |
{ |
{ |
|
|
.name = "pause", |
.name = "pause", |
.desc = "Pause 1 second between each read and write call", |
.desc = "Pause 1 second between each read and write call", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_client_config.c_Pause, |
.opt.flag = &s_client_config.pause, |
}, |
}, |
{ |
{ |
.name = "peekaboo", |
.name = "peekaboo", |
|
|
.name = "showcerts", |
.name = "showcerts", |
.desc = "Show all server certificates in the chain", |
.desc = "Show all server certificates in the chain", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_client_config.c_showcerts, |
.opt.flag = &s_client_config.showcerts, |
}, |
}, |
{ |
{ |
.name = "starttls", |
.name = "starttls", |
|
|
.name = "status", |
.name = "status", |
.desc = "Send a certificate status request to the server (OCSP)", |
.desc = "Send a certificate status request to the server (OCSP)", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_client_config.c_status_req, |
.opt.flag = &s_client_config.status_req, |
}, |
}, |
#ifndef OPENSSL_NO_DTLS1 |
#ifndef OPENSSL_NO_DTLS1 |
{ |
{ |
|
|
.name = "tlsextdebug", |
.name = "tlsextdebug", |
.desc = "Hex dump of all TLS extensions received", |
.desc = "Hex dump of all TLS extensions received", |
.type = OPTION_FLAG, |
.type = OPTION_FLAG, |
.opt.flag = &s_client_config.c_tlsextdebug, |
.opt.flag = &s_client_config.tlsextdebug, |
}, |
}, |
#ifndef OPENSSL_NO_SRTP |
#ifndef OPENSSL_NO_SRTP |
{ |
{ |
|
|
} |
} |
} |
} |
if (bio_c_out == NULL) { |
if (bio_c_out == NULL) { |
if (s_client_config.c_quiet && !s_client_config.c_debug && !s_client_config.c_msg) { |
if (s_client_config.quiet && !s_client_config.debug && !s_client_config.msg) { |
bio_c_out = BIO_new(BIO_s_null()); |
bio_c_out = BIO_new(BIO_s_null()); |
} else { |
} else { |
if (bio_c_out == NULL) |
if (bio_c_out == NULL) |
|
|
} |
} |
BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s); |
BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s); |
|
|
if (s_client_config.c_nbio) { |
if (s_client_config.nbio) { |
if (!s_client_config.c_quiet) |
if (!s_client_config.quiet) |
BIO_printf(bio_c_out, "turning on non blocking io\n"); |
BIO_printf(bio_c_out, "turning on non blocking io\n"); |
if (!BIO_socket_nbio(s, 1)) { |
if (!BIO_socket_nbio(s, 1)) { |
ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
goto end; |
goto end; |
} |
} |
} |
} |
if (s_client_config.c_Pause & 0x01) |
if (s_client_config.pause & 0x01) |
SSL_set_debug(con, 1); |
SSL_set_debug(con, 1); |
|
|
if (SSL_version(con) == DTLS1_VERSION) { |
if (SSL_version(con) == DTLS1_VERSION) { |
|
|
test = BIO_new(BIO_f_nbio_test()); |
test = BIO_new(BIO_f_nbio_test()); |
sbio = BIO_push(test, sbio); |
sbio = BIO_push(test, sbio); |
} |
} |
if (s_client_config.c_debug) { |
if (s_client_config.debug) { |
SSL_set_debug(con, 1); |
SSL_set_debug(con, 1); |
BIO_set_callback(sbio, bio_dump_callback); |
BIO_set_callback(sbio, bio_dump_callback); |
BIO_set_callback_arg(sbio, (char *) bio_c_out); |
BIO_set_callback_arg(sbio, (char *) bio_c_out); |
} |
} |
if (s_client_config.c_msg) { |
if (s_client_config.msg) { |
SSL_set_msg_callback(con, msg_cb); |
SSL_set_msg_callback(con, msg_cb); |
SSL_set_msg_callback_arg(con, bio_c_out); |
SSL_set_msg_callback_arg(con, bio_c_out); |
} |
} |
if (s_client_config.c_tlsextdebug) { |
if (s_client_config.tlsextdebug) { |
SSL_set_tlsext_debug_callback(con, tlsext_cb); |
SSL_set_tlsext_debug_callback(con, tlsext_cb); |
SSL_set_tlsext_debug_arg(con, bio_c_out); |
SSL_set_tlsext_debug_arg(con, bio_c_out); |
} |
} |
if (s_client_config.c_status_req) { |
if (s_client_config.status_req) { |
SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); |
SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp); |
SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); |
SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb); |
SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); |
SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out); |
|
|
} else |
} else |
i = read(fileno(stdin), cbuf, BUFSIZZ); |
i = read(fileno(stdin), cbuf, BUFSIZZ); |
|
|
if ((!s_client_config.c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) { |
if ((!s_client_config.ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) { |
BIO_printf(bio_err, "DONE\n"); |
BIO_printf(bio_err, "DONE\n"); |
ret = 0; |
ret = 0; |
goto shut; |
goto shut; |
} |
} |
if ((!s_client_config.c_ign_eof) && (cbuf[0] == 'R')) { |
if ((!s_client_config.ign_eof) && (cbuf[0] == 'R')) { |
BIO_printf(bio_err, "RENEGOTIATING\n"); |
BIO_printf(bio_err, "RENEGOTIATING\n"); |
SSL_renegotiate(con); |
SSL_renegotiate(con); |
cbuf_len = 0; |
cbuf_len = 0; |
|
|
X509_NAME_oneline(X509_get_issuer_name( |
X509_NAME_oneline(X509_get_issuer_name( |
sk_X509_value(sk, i)), buf, sizeof buf); |
sk_X509_value(sk, i)), buf, sizeof buf); |
BIO_printf(bio, " i:%s\n", buf); |
BIO_printf(bio, " i:%s\n", buf); |
if (s_client_config.c_showcerts) |
if (s_client_config.showcerts) |
PEM_write_bio_X509(bio, sk_X509_value(sk, i)); |
PEM_write_bio_X509(bio, sk_X509_value(sk, i)); |
} |
} |
} |
} |
|
|
peer = SSL_get_peer_certificate(s); |
peer = SSL_get_peer_certificate(s); |
if (peer != NULL) { |
if (peer != NULL) { |
BIO_printf(bio, "Server certificate\n"); |
BIO_printf(bio, "Server certificate\n"); |
if (!(s_client_config.c_showcerts && got_a_chain)) /* Redundant if we |
if (!(s_client_config.showcerts && got_a_chain)) /* Redundant if we |
* showed the whole |
* showed the whole |
* chain */ |
* chain */ |
PEM_write_bio_X509(bio, peer); |
PEM_write_bio_X509(bio, peer); |