Annotation of src/usr.bin/openssl/s_server.c, Revision 1.42
1.42 ! inoguchi 1: /* $OpenBSD: s_server.c,v 1.41 2020/07/27 12:29:51 inoguchi Exp $ */
1.1 jsing 2: /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3: * All rights reserved.
4: *
5: * This package is an SSL implementation written
6: * by Eric Young (eay@cryptsoft.com).
7: * The implementation was written so as to conform with Netscapes SSL.
8: *
9: * This library is free for commercial and non-commercial use as long as
10: * the following conditions are aheared to. The following conditions
11: * apply to all code found in this distribution, be it the RC4, RSA,
12: * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13: * included with this distribution is covered by the same copyright terms
14: * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15: *
16: * Copyright remains Eric Young's, and as such any Copyright notices in
17: * the code are not to be removed.
18: * If this package is used in a product, Eric Young should be given attribution
19: * as the author of the parts of the library used.
20: * This can be in the form of a textual message at program startup or
21: * in documentation (online or textual) provided with the package.
22: *
23: * Redistribution and use in source and binary forms, with or without
24: * modification, are permitted provided that the following conditions
25: * are met:
26: * 1. Redistributions of source code must retain the copyright
27: * notice, this list of conditions and the following disclaimer.
28: * 2. Redistributions in binary form must reproduce the above copyright
29: * notice, this list of conditions and the following disclaimer in the
30: * documentation and/or other materials provided with the distribution.
31: * 3. All advertising materials mentioning features or use of this software
32: * must display the following acknowledgement:
33: * "This product includes cryptographic software written by
34: * Eric Young (eay@cryptsoft.com)"
35: * The word 'cryptographic' can be left out if the rouines from the library
36: * being used are not cryptographic related :-).
37: * 4. If you include any Windows specific code (or a derivative thereof) from
38: * the apps directory (application code) you must include an acknowledgement:
39: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40: *
41: * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44: * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51: * SUCH DAMAGE.
52: *
53: * The licence and distribution terms for any publically available version or
54: * derivative of this code cannot be changed. i.e. this code cannot simply be
55: * copied and put under another distribution licence
56: * [including the GNU Public Licence.]
57: */
58: /* ====================================================================
59: * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
60: *
61: * Redistribution and use in source and binary forms, with or without
62: * modification, are permitted provided that the following conditions
63: * are met:
64: *
65: * 1. Redistributions of source code must retain the above copyright
66: * notice, this list of conditions and the following disclaimer.
67: *
68: * 2. Redistributions in binary form must reproduce the above copyright
69: * notice, this list of conditions and the following disclaimer in
70: * the documentation and/or other materials provided with the
71: * distribution.
72: *
73: * 3. All advertising materials mentioning features or use of this
74: * software must display the following acknowledgment:
75: * "This product includes software developed by the OpenSSL Project
76: * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77: *
78: * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79: * endorse or promote products derived from this software without
80: * prior written permission. For written permission, please contact
81: * openssl-core@openssl.org.
82: *
83: * 5. Products derived from this software may not be called "OpenSSL"
84: * nor may "OpenSSL" appear in their names without prior written
85: * permission of the OpenSSL Project.
86: *
87: * 6. Redistributions of any form whatsoever must retain the following
88: * acknowledgment:
89: * "This product includes software developed by the OpenSSL Project
90: * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91: *
92: * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93: * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99: * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101: * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103: * OF THE POSSIBILITY OF SUCH DAMAGE.
104: * ====================================================================
105: *
106: * This product includes cryptographic software written by Eric Young
107: * (eay@cryptsoft.com). This product includes software written by Tim
108: * Hudson (tjh@cryptsoft.com).
109: *
110: */
111: /* ====================================================================
112: * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113: * ECC cipher suite support in OpenSSL originally developed by
114: * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115: */
116: /* ====================================================================
117: * Copyright 2005 Nokia. All rights reserved.
118: *
119: * The portions of the attached software ("Contribution") is developed by
120: * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121: * license.
122: *
123: * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124: * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125: * support (see RFC 4279) to OpenSSL.
126: *
127: * No patent licenses or other rights except those expressly stated in
128: * the OpenSSL open source license shall be deemed granted or received
129: * expressly, by implication, estoppel, or otherwise.
130: *
131: * No assurances are provided by Nokia that the Contribution does not
132: * infringe the patent or other intellectual property rights of any third
133: * party or that the license provides you with all the necessary rights
134: * to make use of the Contribution.
135: *
136: * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137: * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138: * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139: * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140: * OTHERWISE.
141: */
142:
143: /* Until the key-gen callbacks are modified to use newer prototypes, we allow
144: * deprecated functions for openssl-internal code */
145: #ifdef OPENSSL_NO_DEPRECATED
146: #undef OPENSSL_NO_DEPRECATED
147: #endif
148:
149: #include <sys/types.h>
150: #include <sys/socket.h>
151:
152: #include <assert.h>
153: #include <ctype.h>
154: #include <stdio.h>
155: #include <stdlib.h>
156: #include <limits.h>
157: #include <string.h>
158: #include <unistd.h>
1.7 deraadt 159: #include <poll.h>
1.1 jsing 160:
161: #include "apps.h"
162:
163: #include <openssl/bn.h>
164: #include <openssl/err.h>
165: #include <openssl/lhash.h>
166: #include <openssl/ocsp.h>
167: #include <openssl/pem.h>
168: #include <openssl/ssl.h>
169: #include <openssl/x509.h>
170:
171: #ifndef OPENSSL_NO_DH
172: #include <openssl/dh.h>
173: #endif
174:
175: #include <openssl/rsa.h>
176:
177: #include "s_apps.h"
178: #include "timeouts.h"
179:
1.42 ! inoguchi 180: static void s_server_init(void);
! 181: static void sv_usage(void);
! 182: static void print_stats(BIO *bp, SSL_CTX *ctx);
1.1 jsing 183: static int sv_body(char *hostname, int s, unsigned char *context);
184: static void close_accept_socket(void);
1.41 inoguchi 185: static int init_ssl_connection(SSL *s);
1.1 jsing 186: #ifndef OPENSSL_NO_DH
187: static DH *load_dh_param(const char *dhfile);
188: #endif
1.42 ! inoguchi 189: static int www_body(char *hostname, int s, unsigned char *context);
! 190: static int generate_session_id(const SSL *ssl, unsigned char *id,
! 191: unsigned int *id_len);
! 192: static int ssl_servername_cb(SSL *s, int *ad, void *arg);
! 193: static int cert_status_cb(SSL * s, void *arg);
! 194: static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
! 195: const unsigned char *in, unsigned int inlen, void *arg);
1.1 jsing 196: /* static int load_CA(SSL_CTX *ctx, char *file);*/
197:
198: #define BUFSIZZ 16*1024
199: static int bufsize = BUFSIZZ;
200: static int accept_socket = -1;
201:
202: #define TEST_CERT "server.pem"
203: #define TEST_CERT2 "server2.pem"
204:
205: static int s_server_session_id_context = 1; /* anything will do */
206: static SSL_CTX *ctx = NULL;
207: static SSL_CTX *ctx2 = NULL;
208: static BIO *bio_s_out = NULL;
1.42 ! inoguchi 209:
! 210: static int local_argc = 0;
! 211: static char **local_argv;
1.1 jsing 212:
1.39 inoguchi 213: /* This is a context that we pass to callbacks */
214: typedef struct tlsextctx_st {
215: char *servername;
216: BIO *biodebug;
217: int extension_error;
218: } tlsextctx;
1.1 jsing 219:
1.39 inoguchi 220: /* Structure passed to cert status callback */
221: typedef struct tlsextstatusctx_st {
222: /* Default responder to use */
223: char *host, *path, *port;
224: int use_ssl;
225: int timeout;
226: BIO *err;
227: int verbose;
228: } tlsextstatusctx;
229:
1.42 ! inoguchi 230: /* This the context that we pass to alpn_cb */
! 231: typedef struct tlsextalpnctx_st {
! 232: unsigned char *data;
! 233: unsigned short len;
! 234: } tlsextalpnctx;
! 235:
1.39 inoguchi 236: static struct {
237: char *alpn_in;
238: char *npn_in; /* Ignored. */
239: int bugs;
240: char *CAfile;
241: char *CApath;
242: #ifndef OPENSSL_NO_DTLS1
243: int cert_chain;
244: #endif
1.40 inoguchi 245: char *cert_file;
246: char *cert_file2;
247: int cert_format;
1.39 inoguchi 248: char *cipher;
249: unsigned char *context;
1.40 inoguchi 250: int crlf;
251: char *dcert_file;
252: int dcert_format;
253: int debug;
1.39 inoguchi 254: char *dhfile;
1.40 inoguchi 255: char *dkey_file;
256: int dkey_format;
1.39 inoguchi 257: char *dpassarg;
258: int enable_timeouts;
259: const char *errstr;
260: char *groups_in;
1.40 inoguchi 261: char *key_file;
262: char *key_file2;
263: int key_format;
1.39 inoguchi 264: char *keymatexportlabel;
265: int keymatexportlen;
266: uint16_t max_version;
267: uint16_t min_version;
268: const SSL_METHOD *meth;
1.40 inoguchi 269: int msg;
1.39 inoguchi 270: char *named_curve;
1.40 inoguchi 271: int nbio;
272: int nbio_test;
1.39 inoguchi 273: int no_cache;
274: int nocert;
275: int no_dhe;
276: int no_ecdhe;
277: int no_tmp_rsa; /* No-op. */
278: int off;
279: char *passarg;
280: short port;
1.40 inoguchi 281: int quiet;
282: int server_verify;
1.39 inoguchi 283: char *session_id_prefix;
284: long socket_mtu;
285: int socket_type;
286: #ifndef OPENSSL_NO_SRTP
287: char *srtp_profiles;
288: #endif
289: int state;
290: tlsextstatusctx tlscstatp;
291: tlsextctx tlsextcbp;
1.40 inoguchi 292: int tlsextdebug;
293: int tlsextstatus;
1.39 inoguchi 294: X509_VERIFY_PARAM *vpm;
295: int www;
296: } s_server_config;
297:
298: static int
299: s_server_opt_context(char *arg)
300: {
301: s_server_config.context = (unsigned char *) arg;
302: return (0);
303: }
304:
305: static int
306: s_server_opt_keymatexportlen(char *arg)
307: {
308: s_server_config.keymatexportlen = strtonum(arg, 1, INT_MAX,
309: &s_server_config.errstr);
310: if (s_server_config.errstr != NULL) {
311: BIO_printf(bio_err, "invalid argument %s: %s\n",
312: arg, s_server_config.errstr);
313: return (1);
314: }
315: return (0);
316: }
1.1 jsing 317:
318: #ifndef OPENSSL_NO_DTLS1
1.39 inoguchi 319: static int
320: s_server_opt_mtu(char *arg)
321: {
322: s_server_config.socket_mtu = strtonum(arg, 0, LONG_MAX,
323: &s_server_config.errstr);
324: if (s_server_config.errstr != NULL) {
325: BIO_printf(bio_err, "invalid argument %s: %s\n",
326: arg, s_server_config.errstr);
327: return (1);
328: }
329: return (0);
330: }
331:
332: static int
333: s_server_protocol_version_dtls1(void)
334: {
335: s_server_config.meth = DTLS_server_method();
336: s_server_config.socket_type = SOCK_DGRAM;
337: return (0);
338: }
1.1 jsing 339: #endif
340:
1.39 inoguchi 341: static int
342: s_server_protocol_version_tls1(void)
343: {
344: s_server_config.min_version = TLS1_VERSION;
345: s_server_config.max_version = TLS1_VERSION;
346: return (0);
347: }
348:
349: static int
350: s_server_protocol_version_tls1_1(void)
351: {
352: s_server_config.min_version = TLS1_1_VERSION;
353: s_server_config.max_version = TLS1_1_VERSION;
354: return (0);
355: }
356:
357: static int
358: s_server_protocol_version_tls1_2(void)
359: {
360: s_server_config.min_version = TLS1_2_VERSION;
361: s_server_config.max_version = TLS1_2_VERSION;
362: return (0);
363: }
364:
365: static int
366: s_server_protocol_version_tls1_3(void)
367: {
368: s_server_config.min_version = TLS1_3_VERSION;
369: s_server_config.max_version = TLS1_3_VERSION;
370: return (0);
371: }
372:
373: static int
374: s_server_opt_nbio_test(void)
375: {
1.40 inoguchi 376: s_server_config.nbio = 1;
377: s_server_config.nbio_test = 1;
1.39 inoguchi 378: return (0);
379: }
380:
381: static int
382: s_server_opt_port(char *arg)
383: {
384: if (!extract_port(arg, &s_server_config.port))
385: return (1);
386: return (0);
387: }
388:
389: static int
390: s_server_opt_status_timeout(char *arg)
391: {
1.40 inoguchi 392: s_server_config.tlsextstatus = 1;
1.39 inoguchi 393: s_server_config.tlscstatp.timeout = strtonum(arg, 0, INT_MAX,
394: &s_server_config.errstr);
395: if (s_server_config.errstr != NULL) {
396: BIO_printf(bio_err, "invalid argument %s: %s\n",
397: arg, s_server_config.errstr);
398: return (1);
399: }
400: return (0);
401: }
402:
403: static int
404: s_server_opt_status_url(char *arg)
405: {
1.40 inoguchi 406: s_server_config.tlsextstatus = 1;
1.39 inoguchi 407: if (!OCSP_parse_url(arg, &s_server_config.tlscstatp.host,
408: &s_server_config.tlscstatp.port, &s_server_config.tlscstatp.path,
409: &s_server_config.tlscstatp.use_ssl)) {
410: BIO_printf(bio_err, "Error parsing URL\n");
411: return (1);
412: }
413: return (0);
414: }
415:
416: static int
417: s_server_opt_status_verbose(void)
418: {
1.40 inoguchi 419: s_server_config.tlsextstatus = 1;
1.39 inoguchi 420: s_server_config.tlscstatp.verbose = 1;
421: return (0);
422: }
423:
424: static int
425: s_server_opt_verify(char *arg)
426: {
1.40 inoguchi 427: s_server_config.server_verify = SSL_VERIFY_PEER |
1.39 inoguchi 428: SSL_VERIFY_CLIENT_ONCE;
429: verify_depth = strtonum(arg, 0, INT_MAX, &s_server_config.errstr);
430: if (s_server_config.errstr != NULL) {
431: BIO_printf(bio_err, "invalid argument %s: %s\n",
432: arg, s_server_config.errstr);
433: return (1);
434: }
435: BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
436: return (0);
437: }
438:
439: static int
440: s_server_opt_verify_fail(char *arg)
441: {
1.40 inoguchi 442: s_server_config.server_verify = SSL_VERIFY_PEER |
1.39 inoguchi 443: SSL_VERIFY_FAIL_IF_NO_PEER_CERT | SSL_VERIFY_CLIENT_ONCE;
444: verify_depth = strtonum(arg, 0, INT_MAX, &s_server_config.errstr);
445: if (s_server_config.errstr != NULL) {
446: BIO_printf(bio_err, "invalid argument %s: %s\n",
447: arg, s_server_config.errstr);
448: return (1);
449: }
450: BIO_printf(bio_err, "verify depth is %d, must return a certificate\n",
451: verify_depth);
452: return (0);
453: }
454:
455: static int
456: s_server_opt_verify_param(int argc, char **argv, int *argsused)
457: {
458: char **pargs = argv;
459: int pargc = argc;
460: int badarg = 0;
1.1 jsing 461:
1.39 inoguchi 462: if (!args_verify(&pargs, &pargc, &badarg, bio_err,
463: &s_server_config.vpm)) {
464: BIO_printf(bio_err, "unknown option %s\n", *argv);
465: return (1);
466: }
467: if (badarg)
468: return (1);
469:
470: *argsused = argc - pargc;
471: return (0);
472: }
1.1 jsing 473:
1.39 inoguchi 474: static const struct option s_server_options[] = {
475: {
476: .name = "accept",
477: .argname = "port",
478: .desc = "Port to accept on (default is 4433)",
479: .type = OPTION_ARG_FUNC,
480: .opt.argfunc = s_server_opt_port,
481: },
482: {
483: .name = "alpn",
484: .argname = "protocols",
485: .desc = "Set the advertised protocols for the ALPN extension"
486: " (comma-separated list)",
487: .type = OPTION_ARG,
488: .opt.arg = &s_server_config.alpn_in,
489: },
490: {
491: .name = "bugs",
492: .desc = "Turn on SSL bug compatibility",
493: .type = OPTION_FLAG,
494: .opt.flag = &s_server_config.bugs,
495: },
496: {
497: .name = "CAfile",
498: .argname = "file",
499: .desc = "PEM format file of CA certificates",
500: .type = OPTION_ARG,
501: .opt.arg = &s_server_config.CAfile,
502: },
503: {
504: .name = "CApath",
505: .argname = "directory",
506: .desc = "PEM format directory of CA certificates",
507: .type = OPTION_ARG,
508: .opt.arg = &s_server_config.CApath,
509: },
510: {
511: .name = "cert",
512: .argname = "file",
513: .desc = "Certificate file to use\n"
514: "(default is " TEST_CERT ")",
515: .type = OPTION_ARG,
1.40 inoguchi 516: .opt.arg = &s_server_config.cert_file,
1.39 inoguchi 517: },
518: {
519: .name = "cert2",
520: .argname = "file",
521: .desc = "Certificate file to use for servername\n"
522: "(default is " TEST_CERT2 ")",
523: .type = OPTION_ARG,
1.40 inoguchi 524: .opt.arg = &s_server_config.cert_file2,
1.39 inoguchi 525: },
526: {
527: .name = "certform",
528: .argname = "fmt",
529: .desc = "Certificate format (PEM or DER) PEM default",
530: .type = OPTION_ARG_FORMAT,
1.40 inoguchi 531: .opt.value = &s_server_config.cert_format,
1.39 inoguchi 532: },
533: #ifndef OPENSSL_NO_DTLS1
534: {
535: .name = "chain",
536: .type = OPTION_FLAG,
537: .opt.flag = &s_server_config.cert_chain,
538: },
539: #endif
540: {
541: .name = "cipher",
542: .argname = "list",
543: .desc = "List of ciphers to enable (see `openssl ciphers`)",
544: .type = OPTION_ARG,
545: .opt.arg = &s_server_config.cipher,
546: },
547: {
548: .name = "context",
549: .argname = "id",
550: .desc = "Set session ID context",
551: .type = OPTION_ARG_FUNC,
552: .opt.argfunc = s_server_opt_context,
553: },
554: {
555: .name = "crlf",
556: .desc = "Convert LF from terminal into CRLF",
557: .type = OPTION_FLAG,
1.40 inoguchi 558: .opt.flag = &s_server_config.crlf,
1.39 inoguchi 559: },
560: {
561: .name = "dcert",
562: .argname = "file",
563: .desc = "Second certificate file to use (usually for DSA)",
564: .type = OPTION_ARG,
1.40 inoguchi 565: .opt.arg = &s_server_config.dcert_file,
1.39 inoguchi 566: },
567: {
568: .name = "dcertform",
569: .argname = "fmt",
570: .desc = "Second certificate format (PEM or DER) PEM default",
571: .type = OPTION_ARG_FORMAT,
1.40 inoguchi 572: .opt.value = &s_server_config.dcert_format,
1.39 inoguchi 573: },
574: {
575: .name = "debug",
576: .desc = "Print more output",
577: .type = OPTION_FLAG,
1.40 inoguchi 578: .opt.flag = &s_server_config.debug,
1.39 inoguchi 579: },
580: {
581: .name = "dhparam",
582: .argname = "file",
583: .desc = "DH parameter file to use, in cert file if not specified",
584: .type = OPTION_ARG,
585: .opt.arg = &s_server_config.dhfile,
586: },
587: {
588: .name = "dkey",
589: .argname = "file",
590: .desc = "Second private key file to use (usually for DSA)",
591: .type = OPTION_ARG,
1.40 inoguchi 592: .opt.arg = &s_server_config.dkey_file,
1.39 inoguchi 593: },
594: {
595: .name = "dkeyform",
596: .argname = "fmt",
597: .desc = "Second key format (PEM or DER) PEM default",
598: .type = OPTION_ARG_FORMAT,
1.40 inoguchi 599: .opt.value = &s_server_config.dkey_format,
1.39 inoguchi 600: },
601: {
602: .name = "dpass",
603: .argname = "arg",
604: .desc = "Second private key file pass phrase source",
605: .type = OPTION_ARG,
606: .opt.arg = &s_server_config.dpassarg,
607: },
608: #ifndef OPENSSL_NO_DTLS1
609: {
610: .name = "dtls1",
611: .desc = "Just talk DTLSv1",
612: .type = OPTION_FUNC,
613: .opt.func = s_server_protocol_version_dtls1,
614: },
615: #endif
616: {
617: .name = "groups",
618: .argname = "list",
619: .desc = "Specify EC groups (colon-separated list)",
620: .type = OPTION_ARG,
621: .opt.arg = &s_server_config.groups_in,
622: },
623: {
624: .name = "HTTP",
625: .desc = "Respond to a 'GET /<path> HTTP/1.0' with file ./<path>",
626: .type = OPTION_VALUE,
627: .opt.value = &s_server_config.www,
628: .value = 3,
629: },
630: {
631: .name = "id_prefix",
632: .argname = "arg",
633: .desc = "Generate SSL/TLS session IDs prefixed by 'arg'",
634: .type = OPTION_ARG,
635: .opt.arg = &s_server_config.session_id_prefix,
636: },
637: {
638: .name = "key",
639: .argname = "file",
640: .desc = "Private Key file to use, in cert file if\n"
641: "not specified (default is " TEST_CERT ")",
642: .type = OPTION_ARG,
1.40 inoguchi 643: .opt.arg = &s_server_config.key_file,
1.39 inoguchi 644: },
645: {
646: .name = "key2",
647: .argname = "file",
648: .desc = "Private Key file to use for servername, in cert file if\n"
649: "not specified (default is " TEST_CERT2 ")",
650: .type = OPTION_ARG,
1.40 inoguchi 651: .opt.arg = &s_server_config.key_file2,
1.39 inoguchi 652: },
653: {
654: .name = "keyform",
655: .argname = "fmt",
656: .desc = "Key format (PEM or DER) PEM default",
657: .type = OPTION_ARG_FORMAT,
1.40 inoguchi 658: .opt.value = &s_server_config.key_format,
1.39 inoguchi 659: },
660: {
661: .name = "keymatexport",
662: .argname = "label",
663: .desc = "Export keying material using label",
664: .type = OPTION_ARG,
665: .opt.arg = &s_server_config.keymatexportlabel,
666: },
667: {
668: .name = "keymatexportlen",
669: .argname = "len",
670: .desc = "Export len bytes of keying material (default 20)",
671: .type = OPTION_ARG_FUNC,
672: .opt.argfunc = s_server_opt_keymatexportlen,
673: },
674: {
675: .name = "legacy_renegotiation",
676: .type = OPTION_DISCARD,
677: },
678: {
679: .name = "msg",
680: .desc = "Show protocol messages",
681: .type = OPTION_FLAG,
1.40 inoguchi 682: .opt.flag = &s_server_config.msg,
1.39 inoguchi 683: },
684: #ifndef OPENSSL_NO_DTLS1
685: {
686: .name = "mtu",
687: .argname = "mtu",
688: .desc = "Set link layer MTU",
689: .type = OPTION_ARG_FUNC,
690: .opt.argfunc = s_server_opt_mtu,
691: },
692: #endif
693: {
694: .name = "named_curve",
695: .argname = "arg",
696: .type = OPTION_ARG,
697: .opt.arg = &s_server_config.named_curve,
698: },
699: {
700: .name = "nbio",
701: .desc = "Run with non-blocking I/O",
702: .type = OPTION_FLAG,
1.40 inoguchi 703: .opt.flag = &s_server_config.nbio,
1.39 inoguchi 704: },
705: {
706: .name = "nbio_test",
707: .desc = "Test with the non-blocking test bio",
708: .type = OPTION_FUNC,
709: .opt.func = s_server_opt_nbio_test,
710: },
711: {
712: .name = "nextprotoneg",
713: .argname = "arg",
714: .type = OPTION_ARG,
715: .opt.arg = &s_server_config.npn_in, /* Ignored. */
716: },
717: {
718: .name = "no_cache",
719: .desc = "Disable session cache",
720: .type = OPTION_FLAG,
721: .opt.flag = &s_server_config.no_cache,
722: },
723: {
724: .name = "no_comp",
725: .desc = "Disable SSL/TLS compression",
726: .type = OPTION_VALUE_OR,
727: .opt.value = &s_server_config.off,
728: .value = SSL_OP_NO_COMPRESSION,
729: },
730: {
731: .name = "no_dhe",
732: .desc = "Disable ephemeral DH",
733: .type = OPTION_FLAG,
734: .opt.flag = &s_server_config.no_dhe,
735: },
736: {
737: .name = "no_ecdhe",
738: .desc = "Disable ephemeral ECDH",
739: .type = OPTION_FLAG,
740: .opt.flag = &s_server_config.no_ecdhe,
741: },
742: {
743: .name = "no_ticket",
744: .desc = "Disable use of RFC4507bis session tickets",
745: .type = OPTION_VALUE_OR,
746: .opt.value = &s_server_config.off,
747: .value = SSL_OP_NO_TICKET,
748: },
749: {
750: .name = "no_ssl2",
751: .type = OPTION_VALUE_OR,
752: .opt.value = &s_server_config.off,
753: .value = SSL_OP_NO_SSLv2,
754: },
755: {
756: .name = "no_ssl3",
757: .type = OPTION_VALUE_OR,
758: .opt.value = &s_server_config.off,
759: .value = SSL_OP_NO_SSLv3,
760: },
761: {
762: .name = "no_tls1",
763: .desc = "Just disable TLSv1",
764: .type = OPTION_VALUE_OR,
765: .opt.value = &s_server_config.off,
766: .value = SSL_OP_NO_TLSv1,
767: },
768: {
769: .name = "no_tls1_1",
770: .desc = "Just disable TLSv1.1",
771: .type = OPTION_VALUE_OR,
772: .opt.value = &s_server_config.off,
773: .value = SSL_OP_NO_TLSv1_1,
774: },
775: {
776: .name = "no_tls1_2",
777: .desc = "Just disable TLSv1.2",
778: .type = OPTION_VALUE_OR,
779: .opt.value = &s_server_config.off,
780: .value = SSL_OP_NO_TLSv1_2,
781: },
782: {
783: .name = "no_tls1_3",
784: .desc = "Just disable TLSv1.3",
785: .type = OPTION_VALUE_OR,
786: .opt.value = &s_server_config.off,
787: .value = SSL_OP_NO_TLSv1_3,
788: },
789: {
790: .name = "no_tmp_rsa",
791: .type = OPTION_DISCARD,
792: },
793: {
794: .name = "nocert",
795: .desc = "Don't use any certificates (Anon-DH)",
796: .type = OPTION_FLAG,
797: .opt.flag = &s_server_config.nocert,
798: },
799: {
800: .name = "pass",
801: .argname = "arg",
802: .desc = "Private key file pass phrase source",
803: .type = OPTION_ARG,
804: .opt.arg = &s_server_config.passarg,
805: },
806: {
807: .name = "port",
808: .argname = "port",
809: .type = OPTION_ARG_FUNC,
810: .opt.argfunc = s_server_opt_port,
811: },
812: {
813: .name = "quiet",
814: .desc = "Inhibit printing of session and certificate information",
815: .type = OPTION_FLAG,
1.40 inoguchi 816: .opt.flag = &s_server_config.quiet,
1.39 inoguchi 817: },
818: {
819: .name = "servername",
820: .argname = "name",
821: .desc = "Servername for HostName TLS extension",
822: .type = OPTION_ARG,
823: .opt.arg = &s_server_config.tlsextcbp.servername,
824: },
825: {
826: .name = "servername_fatal",
827: .desc = "On mismatch send fatal alert (default warning alert)",
828: .type = OPTION_VALUE,
829: .opt.value = &s_server_config.tlsextcbp.extension_error,
830: .value = SSL_TLSEXT_ERR_ALERT_FATAL,
831: },
832: {
833: .name = "serverpref",
834: .desc = "Use server's cipher preferences",
835: .type = OPTION_VALUE_OR,
836: .opt.value = &s_server_config.off,
837: .value = SSL_OP_CIPHER_SERVER_PREFERENCE,
838: },
839: {
840: .name = "state",
841: .desc = "Print the SSL states",
842: .type = OPTION_FLAG,
843: .opt.flag = &s_server_config.state,
844: },
845: {
846: .name = "status",
847: .desc = "Respond to certificate status requests",
848: .type = OPTION_FLAG,
1.40 inoguchi 849: .opt.flag = &s_server_config.tlsextstatus,
1.39 inoguchi 850: },
851: {
852: .name = "status_timeout",
853: .argname = "nsec",
854: .desc = "Status request responder timeout",
855: .type = OPTION_ARG_FUNC,
856: .opt.argfunc = s_server_opt_status_timeout,
857: },
858: {
859: .name = "status_url",
860: .argname = "url",
861: .desc = "Status request fallback URL",
862: .type = OPTION_ARG_FUNC,
863: .opt.argfunc = s_server_opt_status_url,
864: },
865: {
866: .name = "status_verbose",
867: .desc = "Enable status request verbose printout",
868: .type = OPTION_FUNC,
869: .opt.func = s_server_opt_status_verbose,
870: },
871: #ifndef OPENSSL_NO_DTLS1
872: {
873: .name = "timeout",
874: .desc = "Enable timeouts",
875: .type = OPTION_FLAG,
876: .opt.flag = &s_server_config.enable_timeouts,
877: },
878: #endif
879: {
880: .name = "tls1",
881: .desc = "Just talk TLSv1",
882: .type = OPTION_FUNC,
883: .opt.func = s_server_protocol_version_tls1,
884: },
885: {
886: .name = "tls1_1",
887: .desc = "Just talk TLSv1.1",
888: .type = OPTION_FUNC,
889: .opt.func = s_server_protocol_version_tls1_1,
890: },
891: {
892: .name = "tls1_2",
893: .desc = "Just talk TLSv1.2",
894: .type = OPTION_FUNC,
895: .opt.func = s_server_protocol_version_tls1_2,
896: },
897: {
898: .name = "tls1_3",
899: .desc = "Just talk TLSv1.3",
900: .type = OPTION_FUNC,
901: .opt.func = s_server_protocol_version_tls1_3,
902: },
903: {
904: .name = "tlsextdebug",
905: .desc = "Hex dump of all TLS extensions received",
906: .type = OPTION_FLAG,
1.40 inoguchi 907: .opt.flag = &s_server_config.tlsextdebug,
1.39 inoguchi 908: },
909: #ifndef OPENSSL_NO_SRTP
910: {
911: .name = "use_srtp",
912: .argname = "profiles",
913: .desc = "Offer SRTP key management with a colon-separated profile list",
914: .type = OPTION_ARG,
915: .opt.arg = &s_server_config.srtp_profiles,
916: },
917: #endif
918: {
919: .name = "Verify",
920: .argname = "depth",
921: .desc = "Turn on peer certificate verification, must have a cert",
922: .type = OPTION_ARG_FUNC,
923: .opt.argfunc = s_server_opt_verify_fail,
924: },
925: {
926: .name = "verify",
927: .argname = "depth",
928: .desc = "Turn on peer certificate verification",
929: .type = OPTION_ARG_FUNC,
930: .opt.argfunc = s_server_opt_verify,
931: },
932: {
933: .name = "verify_return_error",
934: .desc = "Return verification error",
935: .type = OPTION_FLAG,
936: .opt.flag = &verify_return_error,
937: },
938: {
939: .name = "WWW",
940: .desc = "Respond to a 'GET /<path> HTTP/1.0' with file ./<path>",
941: .type = OPTION_VALUE,
942: .opt.value = &s_server_config.www,
943: .value = 2,
944: },
945: {
946: .name = "www",
947: .desc = "Respond to a 'GET /' with a status page",
948: .type = OPTION_VALUE,
949: .opt.value = &s_server_config.www,
950: .value = 1,
951: },
952: {
953: .name = NULL,
954: .desc = "",
955: .type = OPTION_ARGV_FUNC,
956: .opt.argvfunc = s_server_opt_verify_param,
957: },
958: { NULL },
959: };
1.1 jsing 960:
961: static void
962: s_server_init(void)
963: {
964: accept_socket = -1;
1.39 inoguchi 965: s_server_config.cipher = NULL;
1.40 inoguchi 966: s_server_config.server_verify = SSL_VERIFY_NONE;
967: s_server_config.dcert_file = NULL;
968: s_server_config.dkey_file = NULL;
969: s_server_config.cert_file = TEST_CERT;
970: s_server_config.key_file = NULL;
971: s_server_config.cert_file2 = TEST_CERT2;
972: s_server_config.key_file2 = NULL;
1.1 jsing 973: ctx2 = NULL;
1.40 inoguchi 974: s_server_config.nbio = 0;
975: s_server_config.nbio_test = 0;
1.1 jsing 976: ctx = NULL;
1.39 inoguchi 977: s_server_config.www = 0;
1.1 jsing 978:
979: bio_s_out = NULL;
1.40 inoguchi 980: s_server_config.debug = 0;
981: s_server_config.msg = 0;
982: s_server_config.quiet = 0;
1.1 jsing 983: }
984:
985: static void
986: sv_usage(void)
987: {
1.39 inoguchi 988: fprintf(stderr, "usage: s_server "
989: "[-accept port] [-alpn protocols] [-bugs] [-CAfile file]\n"
990: " [-CApath directory] [-cert file] [-cert2 file]\n"
991: " [-certform der | pem] [-cipher cipherlist]\n"
992: " [-context id] [-crl_check] [-crl_check_all] [-crlf]\n"
993: " [-dcert file] [-dcertform der | pem] [-debug]\n"
994: " [-dhparam file] [-dkey file] [-dkeyform der | pem]\n"
995: " [-dpass arg] [-dtls1] [-groups list] [-HTTP]\n"
996: " [-id_prefix arg] [-key keyfile] [-key2 keyfile]\n"
997: " [-keyform der | pem] [-keymatexport label]\n"
998: " [-keymatexportlen len] [-msg] [-mtu mtu]\n"
999: " [-named_curve arg] [-nbio] [-nbio_test] [-no_cache]\n"
1000: " [-no_dhe] [-no_ecdhe] [-no_ticket] [-no_tls1]\n"
1001: " [-no_tls1_1] [-no_tls1_2] [-no_tls1_3] [-no_tmp_rsa]\n"
1002: " [-nocert] [-pass arg] [-quiet] [-servername name]\n"
1003: " [-servername_fatal] [-serverpref] [-state] [-status]\n"
1004: " [-status_timeout nsec] [-status_url url]\n"
1005: " [-status_verbose] [-timeout] [-tls1] [-tls1_1]\n"
1006: " [-tls1_2] [-tls1_3] [-tlsextdebug] [-use_srtp profiles]\n"
1007: " [-Verify depth] [-verify depth] [-verify_return_error]\n"
1008: " [-WWW] [-www]\n");
1009: fprintf(stderr, "\n");
1010: options_usage(s_server_options);
1011: fprintf(stderr, "\n");
1.1 jsing 1012: }
1013:
1014: int
1015: s_server_main(int argc, char *argv[])
1016: {
1.39 inoguchi 1017: int badop = 0;
1.1 jsing 1018: int ret = 1;
1.39 inoguchi 1019: char *pass = NULL;
1020: char *dpass = NULL;
1.1 jsing 1021: X509 *s_cert = NULL, *s_dcert = NULL;
1022: EVP_PKEY *s_key = NULL, *s_dkey = NULL;
1023: EVP_PKEY *s_key2 = NULL;
1024: X509 *s_cert2 = NULL;
1.8 jsing 1025: tlsextalpnctx alpn_ctx = { NULL, 0 };
1.20 doug 1026:
1027: if (single_execution) {
1.25 deraadt 1028: if (pledge("stdio rpath inet dns tty", NULL) == -1) {
1.20 doug 1029: perror("pledge");
1.22 doug 1030: exit(1);
1031: }
1.20 doug 1032: }
1033:
1.39 inoguchi 1034: memset(&s_server_config, 0, sizeof(s_server_config));
1035: s_server_config.keymatexportlen = 20;
1036: s_server_config.meth = TLS_server_method();
1037: s_server_config.port = PORT;
1.40 inoguchi 1038: s_server_config.cert_file = TEST_CERT;
1039: s_server_config.cert_file2 = TEST_CERT2;
1040: s_server_config.cert_format = FORMAT_PEM;
1041: s_server_config.dcert_format = FORMAT_PEM;
1042: s_server_config.dkey_format = FORMAT_PEM;
1043: s_server_config.key_format = FORMAT_PEM;
1044: s_server_config.server_verify = SSL_VERIFY_NONE;
1.39 inoguchi 1045: s_server_config.socket_type = SOCK_STREAM;
1046: s_server_config.tlscstatp.timeout = -1;
1047: s_server_config.tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_WARNING;
1.1 jsing 1048:
1049: local_argc = argc;
1050: local_argv = argv;
1051:
1052: s_server_init();
1053:
1054: verify_depth = 0;
1055:
1.39 inoguchi 1056: if (options_parse(argc, argv, s_server_options, NULL, NULL) != 0) {
1057: badop = 1;
1058: goto bad;
1.1 jsing 1059: }
1060: if (badop) {
1.30 jsing 1061: bad:
1.39 inoguchi 1062: if (s_server_config.errstr == NULL)
1.1 jsing 1063: sv_usage();
1064: goto end;
1065: }
1066:
1.39 inoguchi 1067: if (!app_passwd(bio_err, s_server_config.passarg, s_server_config.dpassarg, &pass, &dpass)) {
1.1 jsing 1068: BIO_printf(bio_err, "Error getting password\n");
1069: goto end;
1070: }
1.40 inoguchi 1071: if (s_server_config.key_file == NULL)
1072: s_server_config.key_file = s_server_config.cert_file;
1073: if (s_server_config.key_file2 == NULL)
1074: s_server_config.key_file2 = s_server_config.cert_file2;
1.1 jsing 1075:
1.39 inoguchi 1076: if (s_server_config.nocert == 0) {
1.40 inoguchi 1077: s_key = load_key(bio_err, s_server_config.key_file, s_server_config.key_format, 0, pass,
1.1 jsing 1078: "server certificate private key file");
1079: if (!s_key) {
1080: ERR_print_errors(bio_err);
1081: goto end;
1082: }
1.40 inoguchi 1083: s_cert = load_cert(bio_err, s_server_config.cert_file, s_server_config.cert_format,
1.17 bcook 1084: NULL, "server certificate file");
1.1 jsing 1085:
1086: if (!s_cert) {
1087: ERR_print_errors(bio_err);
1088: goto end;
1089: }
1.39 inoguchi 1090: if (s_server_config.tlsextcbp.servername) {
1.40 inoguchi 1091: s_key2 = load_key(bio_err, s_server_config.key_file2, s_server_config.key_format, 0, pass,
1.1 jsing 1092: "second server certificate private key file");
1093: if (!s_key2) {
1094: ERR_print_errors(bio_err);
1095: goto end;
1096: }
1.40 inoguchi 1097: s_cert2 = load_cert(bio_err, s_server_config.cert_file2, s_server_config.cert_format,
1.17 bcook 1098: NULL, "second server certificate file");
1.1 jsing 1099:
1100: if (!s_cert2) {
1101: ERR_print_errors(bio_err);
1102: goto end;
1103: }
1104: }
1105: }
1.8 jsing 1106: alpn_ctx.data = NULL;
1.39 inoguchi 1107: if (s_server_config.alpn_in) {
1.8 jsing 1108: unsigned short len;
1.39 inoguchi 1109: alpn_ctx.data = next_protos_parse(&len, s_server_config.alpn_in);
1.8 jsing 1110: if (alpn_ctx.data == NULL)
1111: goto end;
1112: alpn_ctx.len = len;
1113: }
1.1 jsing 1114:
1.40 inoguchi 1115: if (s_server_config.dcert_file) {
1.1 jsing 1116:
1.40 inoguchi 1117: if (s_server_config.dkey_file == NULL)
1118: s_server_config.dkey_file = s_server_config.dcert_file;
1.1 jsing 1119:
1.40 inoguchi 1120: s_dkey = load_key(bio_err, s_server_config.dkey_file, s_server_config.dkey_format,
1.17 bcook 1121: 0, dpass, "second certificate private key file");
1.1 jsing 1122: if (!s_dkey) {
1123: ERR_print_errors(bio_err);
1124: goto end;
1125: }
1.40 inoguchi 1126: s_dcert = load_cert(bio_err, s_server_config.dcert_file, s_server_config.dcert_format,
1.17 bcook 1127: NULL, "second server certificate file");
1.1 jsing 1128:
1129: if (!s_dcert) {
1130: ERR_print_errors(bio_err);
1131: goto end;
1132: }
1133: }
1134: if (bio_s_out == NULL) {
1.40 inoguchi 1135: if (s_server_config.quiet && !s_server_config.debug && !s_server_config.msg) {
1.1 jsing 1136: bio_s_out = BIO_new(BIO_s_null());
1137: } else {
1138: if (bio_s_out == NULL)
1139: bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE);
1140: }
1141: }
1.39 inoguchi 1142: if (s_server_config.nocert) {
1.40 inoguchi 1143: s_server_config.cert_file = NULL;
1144: s_server_config.key_file = NULL;
1145: s_server_config.dcert_file = NULL;
1146: s_server_config.dkey_file = NULL;
1147: s_server_config.cert_file2 = NULL;
1148: s_server_config.key_file2 = NULL;
1.1 jsing 1149: }
1.39 inoguchi 1150: ctx = SSL_CTX_new(s_server_config.meth);
1.1 jsing 1151: if (ctx == NULL) {
1152: ERR_print_errors(bio_err);
1153: goto end;
1154: }
1.37 tb 1155:
1156: SSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY);
1.35 inoguchi 1157:
1.39 inoguchi 1158: if (!SSL_CTX_set_min_proto_version(ctx, s_server_config.min_version))
1.35 inoguchi 1159: goto end;
1.39 inoguchi 1160: if (!SSL_CTX_set_max_proto_version(ctx, s_server_config.max_version))
1.35 inoguchi 1161: goto end;
1162:
1.39 inoguchi 1163: if (s_server_config.session_id_prefix) {
1164: if (strlen(s_server_config.session_id_prefix) >= 32)
1.1 jsing 1165: BIO_printf(bio_err,
1166: "warning: id_prefix is too long, only one new session will be possible\n");
1.39 inoguchi 1167: else if (strlen(s_server_config.session_id_prefix) >= 16)
1.1 jsing 1168: BIO_printf(bio_err,
1169: "warning: id_prefix is too long if you use SSLv2\n");
1170: if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
1171: BIO_printf(bio_err, "error setting 'id_prefix'\n");
1172: ERR_print_errors(bio_err);
1173: goto end;
1174: }
1.39 inoguchi 1175: BIO_printf(bio_err, "id_prefix '%s' set.\n", s_server_config.session_id_prefix);
1.1 jsing 1176: }
1177: SSL_CTX_set_quiet_shutdown(ctx, 1);
1.39 inoguchi 1178: if (s_server_config.bugs)
1.1 jsing 1179: SSL_CTX_set_options(ctx, SSL_OP_ALL);
1.39 inoguchi 1180: SSL_CTX_set_options(ctx, s_server_config.off);
1.1 jsing 1181: /*
1182: * DTLS: partial reads end up discarding unread UDP bytes :-( Setting
1183: * read ahead solves this problem.
1184: */
1.39 inoguchi 1185: if (s_server_config.socket_type == SOCK_DGRAM)
1.1 jsing 1186: SSL_CTX_set_read_ahead(ctx, 1);
1187:
1.39 inoguchi 1188: if (s_server_config.state)
1.1 jsing 1189: SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
1.39 inoguchi 1190: if (s_server_config.no_cache)
1.1 jsing 1191: SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
1192: else
1193: SSL_CTX_sess_set_cache_size(ctx, 128);
1194:
1195: #ifndef OPENSSL_NO_SRTP
1.39 inoguchi 1196: if (s_server_config.srtp_profiles != NULL)
1197: SSL_CTX_set_tlsext_use_srtp(ctx, s_server_config.srtp_profiles);
1.1 jsing 1198: #endif
1199:
1200:
1.39 inoguchi 1201: if ((!SSL_CTX_load_verify_locations(ctx, s_server_config.CAfile, s_server_config.CApath)) ||
1.1 jsing 1202: (!SSL_CTX_set_default_verify_paths(ctx))) {
1203: /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
1204: ERR_print_errors(bio_err);
1205: /* goto end; */
1206: }
1.39 inoguchi 1207: if (s_server_config.vpm)
1208: SSL_CTX_set1_param(ctx, s_server_config.vpm);
1.1 jsing 1209:
1210: if (s_cert2) {
1.39 inoguchi 1211: ctx2 = SSL_CTX_new(s_server_config.meth);
1.1 jsing 1212: if (ctx2 == NULL) {
1213: ERR_print_errors(bio_err);
1214: goto end;
1215: }
1.35 inoguchi 1216:
1.39 inoguchi 1217: if (!SSL_CTX_set_min_proto_version(ctx2, s_server_config.min_version))
1.35 inoguchi 1218: goto end;
1.39 inoguchi 1219: if (!SSL_CTX_set_max_proto_version(ctx2, s_server_config.max_version))
1.35 inoguchi 1220: goto end;
1.38 tb 1221: SSL_CTX_clear_mode(ctx2, SSL_MODE_AUTO_RETRY);
1.1 jsing 1222: }
1223: if (ctx2) {
1224: BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
1225:
1.39 inoguchi 1226: if (s_server_config.session_id_prefix) {
1227: if (strlen(s_server_config.session_id_prefix) >= 32)
1.1 jsing 1228: BIO_printf(bio_err,
1229: "warning: id_prefix is too long, only one new session will be possible\n");
1.39 inoguchi 1230: else if (strlen(s_server_config.session_id_prefix) >= 16)
1.1 jsing 1231: BIO_printf(bio_err,
1232: "warning: id_prefix is too long if you use SSLv2\n");
1233: if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) {
1234: BIO_printf(bio_err, "error setting 'id_prefix'\n");
1235: ERR_print_errors(bio_err);
1236: goto end;
1237: }
1.39 inoguchi 1238: BIO_printf(bio_err, "id_prefix '%s' set.\n", s_server_config.session_id_prefix);
1.1 jsing 1239: }
1240: SSL_CTX_set_quiet_shutdown(ctx2, 1);
1.39 inoguchi 1241: if (s_server_config.bugs)
1.1 jsing 1242: SSL_CTX_set_options(ctx2, SSL_OP_ALL);
1.39 inoguchi 1243: SSL_CTX_set_options(ctx2, s_server_config.off);
1.1 jsing 1244: /*
1245: * DTLS: partial reads end up discarding unread UDP bytes :-(
1246: * Setting read ahead solves this problem.
1247: */
1.39 inoguchi 1248: if (s_server_config.socket_type == SOCK_DGRAM)
1.1 jsing 1249: SSL_CTX_set_read_ahead(ctx2, 1);
1250:
1.39 inoguchi 1251: if (s_server_config.state)
1.1 jsing 1252: SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
1253:
1.39 inoguchi 1254: if (s_server_config.no_cache)
1.1 jsing 1255: SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF);
1256: else
1257: SSL_CTX_sess_set_cache_size(ctx2, 128);
1258:
1.39 inoguchi 1259: if ((!SSL_CTX_load_verify_locations(ctx2, s_server_config.CAfile, s_server_config.CApath)) ||
1.1 jsing 1260: (!SSL_CTX_set_default_verify_paths(ctx2))) {
1261: ERR_print_errors(bio_err);
1262: }
1.39 inoguchi 1263: if (s_server_config.vpm)
1264: SSL_CTX_set1_param(ctx2, s_server_config.vpm);
1.1 jsing 1265: }
1.8 jsing 1266: if (alpn_ctx.data)
1267: SSL_CTX_set_alpn_select_cb(ctx, alpn_cb, &alpn_ctx);
1.1 jsing 1268:
1.39 inoguchi 1269: if (s_server_config.groups_in != NULL) {
1270: if (SSL_CTX_set1_groups_list(ctx, s_server_config.groups_in) != 1) {
1.33 jsing 1271: BIO_printf(bio_err, "Failed to set groups '%s'\n",
1.39 inoguchi 1272: s_server_config.groups_in);
1.33 jsing 1273: goto end;
1274: }
1275: }
1276:
1.1 jsing 1277: #ifndef OPENSSL_NO_DH
1.39 inoguchi 1278: if (!s_server_config.no_dhe) {
1.1 jsing 1279: DH *dh = NULL;
1280:
1.39 inoguchi 1281: if (s_server_config.dhfile)
1282: dh = load_dh_param(s_server_config.dhfile);
1.40 inoguchi 1283: else if (s_server_config.cert_file)
1284: dh = load_dh_param(s_server_config.cert_file);
1.1 jsing 1285:
1.4 jsing 1286: if (dh != NULL)
1.1 jsing 1287: BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1.4 jsing 1288: else
1289: BIO_printf(bio_s_out, "Using auto DH parameters\n");
1290: (void) BIO_flush(bio_s_out);
1291:
1292: if (dh == NULL)
1293: SSL_CTX_set_dh_auto(ctx, 1);
1294: else if (!SSL_CTX_set_tmp_dh(ctx, dh)) {
1295: BIO_printf(bio_err,
1296: "Error setting temp DH parameters\n");
1297: ERR_print_errors(bio_err);
1298: DH_free(dh);
1299: goto end;
1.1 jsing 1300: }
1301:
1302: if (ctx2) {
1.39 inoguchi 1303: if (!s_server_config.dhfile) {
1.14 doug 1304: DH *dh2 = NULL;
1305:
1.40 inoguchi 1306: if (s_server_config.cert_file2 != NULL)
1307: dh2 = load_dh_param(s_server_config.cert_file2);
1.1 jsing 1308: if (dh2 != NULL) {
1309: BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1310: (void) BIO_flush(bio_s_out);
1311:
1312: DH_free(dh);
1313: dh = dh2;
1314: }
1315: }
1.4 jsing 1316: if (dh == NULL)
1317: SSL_CTX_set_dh_auto(ctx2, 1);
1318: else if (!SSL_CTX_set_tmp_dh(ctx2, dh)) {
1319: BIO_printf(bio_err,
1320: "Error setting temp DH parameters\n");
1321: ERR_print_errors(bio_err);
1322: DH_free(dh);
1323: goto end;
1324: }
1.1 jsing 1325: }
1326: DH_free(dh);
1327: }
1328: #endif
1329:
1.39 inoguchi 1330: if (!s_server_config.no_ecdhe && s_server_config.named_curve != NULL) {
1.1 jsing 1331: EC_KEY *ecdh = NULL;
1.33 jsing 1332: int nid;
1.1 jsing 1333:
1.39 inoguchi 1334: if ((nid = OBJ_sn2nid(s_server_config.named_curve)) == 0) {
1.33 jsing 1335: BIO_printf(bio_err, "unknown curve name (%s)\n",
1.39 inoguchi 1336: s_server_config.named_curve);
1.33 jsing 1337: goto end;
1.39 inoguchi 1338: }
1.33 jsing 1339: if ((ecdh = EC_KEY_new_by_curve_name(nid)) == NULL) {
1340: BIO_printf(bio_err, "unable to create curve (%s)\n",
1.39 inoguchi 1341: s_server_config.named_curve);
1.33 jsing 1342: goto end;
1.39 inoguchi 1343: }
1.33 jsing 1344: BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");
1.1 jsing 1345: (void) BIO_flush(bio_s_out);
1346:
1347: SSL_CTX_set_tmp_ecdh(ctx, ecdh);
1348: if (ctx2)
1349: SSL_CTX_set_tmp_ecdh(ctx2, ecdh);
1350: EC_KEY_free(ecdh);
1351: }
1352:
1353: if (!set_cert_key_stuff(ctx, s_cert, s_key))
1354: goto end;
1355: if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2))
1356: goto end;
1357: if (s_dcert != NULL) {
1358: if (!set_cert_key_stuff(ctx, s_dcert, s_dkey))
1359: goto end;
1360: }
1361:
1.39 inoguchi 1362: if (s_server_config.cipher != NULL) {
1363: if (!SSL_CTX_set_cipher_list(ctx, s_server_config.cipher)) {
1.1 jsing 1364: BIO_printf(bio_err, "error setting cipher list\n");
1365: ERR_print_errors(bio_err);
1366: goto end;
1367: }
1.39 inoguchi 1368: if (ctx2 && !SSL_CTX_set_cipher_list(ctx2, s_server_config.cipher)) {
1.1 jsing 1369: BIO_printf(bio_err, "error setting cipher list\n");
1370: ERR_print_errors(bio_err);
1371: goto end;
1372: }
1373: }
1.40 inoguchi 1374: SSL_CTX_set_verify(ctx, s_server_config.server_verify, verify_callback);
1.1 jsing 1375: SSL_CTX_set_session_id_context(ctx, (void *) &s_server_session_id_context,
1376: sizeof s_server_session_id_context);
1377:
1378: /* Set DTLS cookie generation and verification callbacks */
1379: SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
1380: SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
1381:
1382: if (ctx2) {
1.40 inoguchi 1383: SSL_CTX_set_verify(ctx2, s_server_config.server_verify, verify_callback);
1.1 jsing 1384: SSL_CTX_set_session_id_context(ctx2, (void *) &s_server_session_id_context,
1385: sizeof s_server_session_id_context);
1386:
1.39 inoguchi 1387: s_server_config.tlsextcbp.biodebug = bio_s_out;
1.1 jsing 1388: SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
1.39 inoguchi 1389: SSL_CTX_set_tlsext_servername_arg(ctx2, &s_server_config.tlsextcbp);
1.1 jsing 1390: SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1.39 inoguchi 1391: SSL_CTX_set_tlsext_servername_arg(ctx, &s_server_config.tlsextcbp);
1.1 jsing 1392: }
1393:
1.39 inoguchi 1394: if (s_server_config.CAfile != NULL) {
1395: SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(s_server_config.CAfile));
1.1 jsing 1396: if (ctx2)
1.39 inoguchi 1397: SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(s_server_config.CAfile));
1.1 jsing 1398: }
1399: BIO_printf(bio_s_out, "ACCEPT\n");
1400: (void) BIO_flush(bio_s_out);
1.39 inoguchi 1401: if (s_server_config.www)
1402: do_server(s_server_config.port, s_server_config.socket_type, &accept_socket, www_body, s_server_config.context);
1.1 jsing 1403: else
1.39 inoguchi 1404: do_server(s_server_config.port, s_server_config.socket_type, &accept_socket, sv_body, s_server_config.context);
1.1 jsing 1405: print_stats(bio_s_out, ctx);
1406: ret = 0;
1.30 jsing 1407: end:
1.29 jsing 1408: SSL_CTX_free(ctx);
1409: X509_free(s_cert);
1410: X509_free(s_dcert);
1411: EVP_PKEY_free(s_key);
1412: EVP_PKEY_free(s_dkey);
1.1 jsing 1413: free(pass);
1414: free(dpass);
1.39 inoguchi 1415: X509_VERIFY_PARAM_free(s_server_config.vpm);
1416: free(s_server_config.tlscstatp.host);
1417: free(s_server_config.tlscstatp.port);
1418: free(s_server_config.tlscstatp.path);
1.29 jsing 1419: SSL_CTX_free(ctx2);
1420: X509_free(s_cert2);
1421: EVP_PKEY_free(s_key2);
1.8 jsing 1422: free(alpn_ctx.data);
1.1 jsing 1423: if (bio_s_out != NULL) {
1424: BIO_free(bio_s_out);
1425: bio_s_out = NULL;
1426: }
1427:
1428: return (ret);
1429: }
1430:
1431: static void
1.41 inoguchi 1432: print_stats(BIO *bio, SSL_CTX *ssl_ctx)
1.1 jsing 1433: {
1434: BIO_printf(bio, "%4ld items in the session cache\n",
1435: SSL_CTX_sess_number(ssl_ctx));
1436: BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
1437: SSL_CTX_sess_connect(ssl_ctx));
1438: BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
1439: SSL_CTX_sess_connect_renegotiate(ssl_ctx));
1440: BIO_printf(bio, "%4ld client connects that finished\n",
1441: SSL_CTX_sess_connect_good(ssl_ctx));
1442: BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
1443: SSL_CTX_sess_accept(ssl_ctx));
1444: BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
1445: SSL_CTX_sess_accept_renegotiate(ssl_ctx));
1446: BIO_printf(bio, "%4ld server accepts that finished\n",
1447: SSL_CTX_sess_accept_good(ssl_ctx));
1448: BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx));
1449: BIO_printf(bio, "%4ld session cache misses\n", SSL_CTX_sess_misses(ssl_ctx));
1450: BIO_printf(bio, "%4ld session cache timeouts\n", SSL_CTX_sess_timeouts(ssl_ctx));
1451: BIO_printf(bio, "%4ld callback cache hits\n", SSL_CTX_sess_cb_hits(ssl_ctx));
1452: BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
1453: SSL_CTX_sess_cache_full(ssl_ctx),
1454: SSL_CTX_sess_get_cache_size(ssl_ctx));
1455: }
1456:
1457: static int
1458: sv_body(char *hostname, int s, unsigned char *context)
1459: {
1460: char *buf = NULL;
1.7 deraadt 1461: int ret = 1;
1.1 jsing 1462: int k, i;
1463: unsigned long l;
1464: SSL *con = NULL;
1465: BIO *sbio;
1466: struct timeval timeout;
1467:
1468: if ((buf = malloc(bufsize)) == NULL) {
1469: BIO_printf(bio_err, "out of memory\n");
1470: goto err;
1471: }
1.40 inoguchi 1472: if (s_server_config.nbio) {
1473: if (!s_server_config.quiet)
1.1 jsing 1474: BIO_printf(bio_err, "turning on non blocking io\n");
1.2 bcook 1475: if (!BIO_socket_nbio(s, 1))
1.1 jsing 1476: ERR_print_errors(bio_err);
1477: }
1478:
1479: if (con == NULL) {
1480: con = SSL_new(ctx);
1.40 inoguchi 1481: if (s_server_config.tlsextdebug) {
1.1 jsing 1482: SSL_set_tlsext_debug_callback(con, tlsext_cb);
1483: SSL_set_tlsext_debug_arg(con, bio_s_out);
1484: }
1.40 inoguchi 1485: if (s_server_config.tlsextstatus) {
1.1 jsing 1486: SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
1.39 inoguchi 1487: s_server_config.tlscstatp.err = bio_err;
1488: SSL_CTX_set_tlsext_status_arg(ctx, &s_server_config.tlscstatp);
1.1 jsing 1489: }
1490: if (context)
1491: SSL_set_session_id_context(con, context,
1492: strlen((char *) context));
1493: }
1494: SSL_clear(con);
1495:
1496: if (SSL_version(con) == DTLS1_VERSION) {
1497:
1498: sbio = BIO_new_dgram(s, BIO_NOCLOSE);
1499:
1.39 inoguchi 1500: if (s_server_config.enable_timeouts) {
1.1 jsing 1501: timeout.tv_sec = 0;
1502: timeout.tv_usec = DGRAM_RCV_TIMEOUT;
1503: BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
1504:
1505: timeout.tv_sec = 0;
1506: timeout.tv_usec = DGRAM_SND_TIMEOUT;
1507: BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
1508: }
1.39 inoguchi 1509: if (s_server_config.socket_mtu > 28) {
1.1 jsing 1510: SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
1.39 inoguchi 1511: SSL_set_mtu(con, s_server_config.socket_mtu - 28);
1.1 jsing 1512: } else
1513: /* want to do MTU discovery */
1514: BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
1515:
1516: /* turn on cookie exchange */
1517: SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
1518: } else
1519: sbio = BIO_new_socket(s, BIO_NOCLOSE);
1520:
1.40 inoguchi 1521: if (s_server_config.nbio_test) {
1.1 jsing 1522: BIO *test;
1523:
1524: test = BIO_new(BIO_f_nbio_test());
1525: sbio = BIO_push(test, sbio);
1526: }
1527:
1528: SSL_set_bio(con, sbio, sbio);
1529: SSL_set_accept_state(con);
1530: /* SSL_set_fd(con,s); */
1531:
1.40 inoguchi 1532: if (s_server_config.debug) {
1.1 jsing 1533: SSL_set_debug(con, 1);
1534: BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
1535: BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out);
1536: }
1.40 inoguchi 1537: if (s_server_config.msg) {
1.1 jsing 1538: SSL_set_msg_callback(con, msg_cb);
1539: SSL_set_msg_callback_arg(con, bio_s_out);
1540: }
1.40 inoguchi 1541: if (s_server_config.tlsextdebug) {
1.1 jsing 1542: SSL_set_tlsext_debug_callback(con, tlsext_cb);
1543: SSL_set_tlsext_debug_arg(con, bio_s_out);
1544: }
1545:
1546: for (;;) {
1547: int read_from_terminal;
1548: int read_from_sslcon;
1.7 deraadt 1549: struct pollfd pfd[2];
1550: int ptimeout;
1.1 jsing 1551:
1552: read_from_terminal = 0;
1553: read_from_sslcon = SSL_pending(con);
1554:
1555: if (!read_from_sslcon) {
1.7 deraadt 1556: pfd[0].fd = fileno(stdin);
1557: pfd[0].events = POLLIN;
1558: pfd[1].fd = s;
1559: pfd[1].events = POLLIN;
1560:
1.1 jsing 1561: if ((SSL_version(con) == DTLS1_VERSION) &&
1562: DTLSv1_get_timeout(con, &timeout))
1.7 deraadt 1563: ptimeout = timeout.tv_sec * 1000 +
1564: timeout.tv_usec / 1000;
1.1 jsing 1565: else
1.7 deraadt 1566: ptimeout = -1;
1.1 jsing 1567:
1.7 deraadt 1568: i = poll(pfd, 2, ptimeout);
1.1 jsing 1569:
1570: if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) {
1571: BIO_printf(bio_err, "TIMEOUT occured\n");
1572: }
1573: if (i <= 0)
1574: continue;
1.7 deraadt 1575: if (pfd[0].revents) {
1576: if ((pfd[0].revents & (POLLERR|POLLNVAL)))
1577: continue;
1.1 jsing 1578: read_from_terminal = 1;
1.7 deraadt 1579: }
1580: if (pfd[1].revents) {
1581: if ((pfd[1].revents & (POLLERR|POLLNVAL)))
1582: continue;
1.1 jsing 1583: read_from_sslcon = 1;
1.7 deraadt 1584: }
1.1 jsing 1585: }
1586: if (read_from_terminal) {
1.40 inoguchi 1587: if (s_server_config.crlf) {
1.1 jsing 1588: int j, lf_num;
1589:
1590: i = read(fileno(stdin), buf, bufsize / 2);
1591: lf_num = 0;
1592: /* both loops are skipped when i <= 0 */
1593: for (j = 0; j < i; j++)
1594: if (buf[j] == '\n')
1595: lf_num++;
1596: for (j = i - 1; j >= 0; j--) {
1597: buf[j + lf_num] = buf[j];
1598: if (buf[j] == '\n') {
1599: lf_num--;
1600: i++;
1601: buf[j + lf_num] = '\r';
1602: }
1603: }
1604: assert(lf_num == 0);
1605: } else
1606: i = read(fileno(stdin), buf, bufsize);
1.40 inoguchi 1607: if (!s_server_config.quiet) {
1.1 jsing 1608: if ((i <= 0) || (buf[0] == 'Q')) {
1609: BIO_printf(bio_s_out, "DONE\n");
1610: shutdown(s, SHUT_RD);
1611: close(s);
1612: close_accept_socket();
1613: ret = -11;
1614: goto err;
1615: }
1616: if ((i <= 0) || (buf[0] == 'q')) {
1617: BIO_printf(bio_s_out, "DONE\n");
1618: if (SSL_version(con) != DTLS1_VERSION) {
1619: shutdown(s, SHUT_RD);
1620: close(s);
1621: }
1622: /*
1623: * close_accept_socket(); ret= -11;
1624: */
1625: goto err;
1626: }
1627: if ((buf[0] == 'r') &&
1628: ((buf[1] == '\n') || (buf[1] == '\r'))) {
1629: SSL_renegotiate(con);
1630: i = SSL_do_handshake(con);
1631: printf("SSL_do_handshake -> %d\n", i);
1632: i = 0; /* 13; */
1633: continue;
1634: /*
1635: * RE-NEGOTIATE\n");
1636: */
1637: }
1638: if ((buf[0] == 'R') &&
1639: ((buf[1] == '\n') || (buf[1] == '\r'))) {
1640: SSL_set_verify(con,
1641: SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, NULL);
1642: SSL_renegotiate(con);
1643: i = SSL_do_handshake(con);
1644: printf("SSL_do_handshake -> %d\n", i);
1645: i = 0; /* 13; */
1646: continue;
1647: /*
1648: * RE-NEGOTIATE asking for client
1649: * cert\n");
1650: */
1651: }
1652: if (buf[0] == 'P') {
1653: static const char *str = "Lets print some clear text\n";
1654: BIO_write(SSL_get_wbio(con), str, strlen(str));
1655: }
1656: if (buf[0] == 'S') {
1657: print_stats(bio_s_out, SSL_get_SSL_CTX(con));
1658: }
1659: }
1660: l = k = 0;
1661: for (;;) {
1662: /* should do a select for the write */
1663: #ifdef RENEG
1664: {
1665: static count = 0;
1666: if (++count == 100) {
1667: count = 0;
1668: SSL_renegotiate(con);
1669: }
1670: }
1671: #endif
1672: k = SSL_write(con, &(buf[l]), (unsigned int) i);
1673: switch (SSL_get_error(con, k)) {
1674: case SSL_ERROR_NONE:
1675: break;
1676: case SSL_ERROR_WANT_WRITE:
1677: case SSL_ERROR_WANT_READ:
1678: case SSL_ERROR_WANT_X509_LOOKUP:
1679: BIO_printf(bio_s_out, "Write BLOCK\n");
1680: break;
1681: case SSL_ERROR_SYSCALL:
1682: case SSL_ERROR_SSL:
1683: BIO_printf(bio_s_out, "ERROR\n");
1684: ERR_print_errors(bio_err);
1685: ret = 1;
1686: goto err;
1687: /* break; */
1688: case SSL_ERROR_ZERO_RETURN:
1689: BIO_printf(bio_s_out, "DONE\n");
1690: ret = 1;
1691: goto err;
1692: }
1.36 tb 1693: if (k <= 0)
1694: continue;
1.1 jsing 1695: l += k;
1696: i -= k;
1697: if (i <= 0)
1698: break;
1699: }
1700: }
1701: if (read_from_sslcon) {
1702: if (!SSL_is_init_finished(con)) {
1703: i = init_ssl_connection(con);
1704:
1705: if (i < 0) {
1706: ret = 0;
1707: goto err;
1708: } else if (i == 0) {
1709: ret = 1;
1710: goto err;
1711: }
1712: } else {
1713: again:
1714: i = SSL_read(con, (char *) buf, bufsize);
1715: switch (SSL_get_error(con, i)) {
1716: case SSL_ERROR_NONE: {
1717: int len, n;
1718: for (len = 0; len < i;) {
1719: do {
1720: n = write(fileno(stdout), buf + len, i - len);
1721: } while (n == -1 && errno == EINTR);
1722:
1.31 deraadt 1723: if (n == -1) {
1.1 jsing 1724: BIO_printf(bio_s_out, "ERROR\n");
1725: goto err;
1726: }
1727: len += n;
1728: }
1729: }
1730: if (SSL_pending(con))
1731: goto again;
1732: break;
1733: case SSL_ERROR_WANT_WRITE:
1734: case SSL_ERROR_WANT_READ:
1735: BIO_printf(bio_s_out, "Read BLOCK\n");
1736: break;
1737: case SSL_ERROR_SYSCALL:
1738: case SSL_ERROR_SSL:
1739: BIO_printf(bio_s_out, "ERROR\n");
1740: ERR_print_errors(bio_err);
1741: ret = 1;
1742: goto err;
1743: case SSL_ERROR_ZERO_RETURN:
1744: BIO_printf(bio_s_out, "DONE\n");
1745: ret = 1;
1746: goto err;
1747: }
1748: }
1749: }
1750: }
1.30 jsing 1751: err:
1.1 jsing 1752: if (con != NULL) {
1753: BIO_printf(bio_s_out, "shutting down SSL\n");
1754: SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
1755: SSL_free(con);
1756: }
1757: BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
1.26 deraadt 1758: freezero(buf, bufsize);
1.1 jsing 1759: if (ret >= 0)
1760: BIO_printf(bio_s_out, "ACCEPT\n");
1761: return (ret);
1762: }
1763:
1764: static void
1765: close_accept_socket(void)
1766: {
1767: BIO_printf(bio_err, "shutdown accept socket\n");
1768: if (accept_socket >= 0) {
1769: shutdown(accept_socket, SHUT_RDWR);
1770: close(accept_socket);
1771: }
1772: }
1773:
1774: static int
1.41 inoguchi 1775: init_ssl_connection(SSL *con)
1.1 jsing 1776: {
1777: int i;
1778: const char *str;
1779: X509 *peer;
1780: long verify_error;
1781: char buf[BUFSIZ];
1782: unsigned char *exportedkeymat;
1783:
1784: i = SSL_accept(con);
1785: if (i <= 0) {
1786: if (BIO_sock_should_retry(i)) {
1787: BIO_printf(bio_s_out, "DELAY\n");
1788: return (1);
1789: }
1790: BIO_printf(bio_err, "ERROR\n");
1791: verify_error = SSL_get_verify_result(con);
1792: if (verify_error != X509_V_OK) {
1793: BIO_printf(bio_err, "verify error:%s\n",
1794: X509_verify_cert_error_string(verify_error));
1795: } else
1796: ERR_print_errors(bio_err);
1797: return (0);
1798: }
1799: PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));
1800:
1801: peer = SSL_get_peer_certificate(con);
1802: if (peer != NULL) {
1803: BIO_printf(bio_s_out, "Client certificate\n");
1804: PEM_write_bio_X509(bio_s_out, peer);
1805: X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
1806: BIO_printf(bio_s_out, "subject=%s\n", buf);
1807: X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
1808: BIO_printf(bio_s_out, "issuer=%s\n", buf);
1809: X509_free(peer);
1810: }
1811: if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
1812: BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
1813: str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
1814: BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
1815:
1816: #ifndef OPENSSL_NO_SRTP
1817: {
1818: SRTP_PROTECTION_PROFILE *srtp_profile
1819: = SSL_get_selected_srtp_profile(con);
1820:
1821: if (srtp_profile)
1822: BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
1823: srtp_profile->name);
1824: }
1825: #endif
1826: if (SSL_cache_hit(con))
1827: BIO_printf(bio_s_out, "Reused session-id\n");
1828: BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
1829: SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
1.39 inoguchi 1830: if (s_server_config.keymatexportlabel != NULL) {
1.1 jsing 1831: BIO_printf(bio_s_out, "Keying material exporter:\n");
1.39 inoguchi 1832: BIO_printf(bio_s_out, " Label: '%s'\n", s_server_config.keymatexportlabel);
1.1 jsing 1833: BIO_printf(bio_s_out, " Length: %i bytes\n",
1.39 inoguchi 1834: s_server_config.keymatexportlen);
1835: exportedkeymat = malloc(s_server_config.keymatexportlen);
1.1 jsing 1836: if (exportedkeymat != NULL) {
1837: if (!SSL_export_keying_material(con, exportedkeymat,
1.39 inoguchi 1838: s_server_config.keymatexportlen,
1839: s_server_config.keymatexportlabel,
1840: strlen(s_server_config.keymatexportlabel),
1.1 jsing 1841: NULL, 0, 0)) {
1842: BIO_printf(bio_s_out, " Error\n");
1843: } else {
1844: BIO_printf(bio_s_out, " Keying material: ");
1.39 inoguchi 1845: for (i = 0; i < s_server_config.keymatexportlen; i++)
1.1 jsing 1846: BIO_printf(bio_s_out, "%02X",
1847: exportedkeymat[i]);
1848: BIO_printf(bio_s_out, "\n");
1849: }
1850: free(exportedkeymat);
1851: }
1852: }
1853: return (1);
1854: }
1855:
1856: #ifndef OPENSSL_NO_DH
1857: static DH *
1858: load_dh_param(const char *dhfile)
1859: {
1860: DH *ret = NULL;
1861: BIO *bio;
1862:
1863: if ((bio = BIO_new_file(dhfile, "r")) == NULL)
1864: goto err;
1865: ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
1.30 jsing 1866: err:
1.1 jsing 1867: BIO_free(bio);
1868: return (ret);
1869: }
1870: #endif
1871:
1872: static int
1873: www_body(char *hostname, int s, unsigned char *context)
1874: {
1875: char *buf = NULL;
1876: int ret = 1;
1877: int i, j, k, dot;
1878: SSL *con;
1879: const SSL_CIPHER *c;
1880: BIO *io, *ssl_bio, *sbio;
1881:
1882: buf = malloc(bufsize);
1883: if (buf == NULL)
1884: return (0);
1885: io = BIO_new(BIO_f_buffer());
1886: ssl_bio = BIO_new(BIO_f_ssl());
1887: if ((io == NULL) || (ssl_bio == NULL))
1888: goto err;
1889:
1.40 inoguchi 1890: if (s_server_config.nbio) {
1891: if (!s_server_config.quiet)
1.1 jsing 1892: BIO_printf(bio_err, "turning on non blocking io\n");
1.2 bcook 1893: if (!BIO_socket_nbio(s, 1))
1.1 jsing 1894: ERR_print_errors(bio_err);
1895: }
1896:
1897: /* lets make the output buffer a reasonable size */
1898: if (!BIO_set_write_buffer_size(io, bufsize))
1899: goto err;
1900:
1901: if ((con = SSL_new(ctx)) == NULL)
1902: goto err;
1.40 inoguchi 1903: if (s_server_config.tlsextdebug) {
1.1 jsing 1904: SSL_set_tlsext_debug_callback(con, tlsext_cb);
1905: SSL_set_tlsext_debug_arg(con, bio_s_out);
1906: }
1907: if (context)
1908: SSL_set_session_id_context(con, context,
1909: strlen((char *) context));
1910:
1911: sbio = BIO_new_socket(s, BIO_NOCLOSE);
1.40 inoguchi 1912: if (s_server_config.nbio_test) {
1.1 jsing 1913: BIO *test;
1914:
1915: test = BIO_new(BIO_f_nbio_test());
1916: sbio = BIO_push(test, sbio);
1917: }
1918: SSL_set_bio(con, sbio, sbio);
1919: SSL_set_accept_state(con);
1920:
1921: /* SSL_set_fd(con,s); */
1922: BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
1923: BIO_push(io, ssl_bio);
1924:
1.40 inoguchi 1925: if (s_server_config.debug) {
1.1 jsing 1926: SSL_set_debug(con, 1);
1927: BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
1928: BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out);
1929: }
1.40 inoguchi 1930: if (s_server_config.msg) {
1.1 jsing 1931: SSL_set_msg_callback(con, msg_cb);
1932: SSL_set_msg_callback_arg(con, bio_s_out);
1933: }
1934: for (;;) {
1935: i = BIO_gets(io, buf, bufsize - 1);
1936: if (i < 0) { /* error */
1937: if (!BIO_should_retry(io)) {
1.40 inoguchi 1938: if (!s_server_config.quiet)
1.1 jsing 1939: ERR_print_errors(bio_err);
1940: goto err;
1941: } else {
1.40 inoguchi 1942: if (s_server_config.debug) {
1.34 beck 1943: BIO_printf(bio_s_out, "read R BLOCK\n");
1944: sleep(1);
1945: }
1.1 jsing 1946: continue;
1947: }
1948: } else if (i == 0) { /* end of input */
1949: ret = 1;
1950: goto end;
1951: }
1952: /* else we have data */
1.39 inoguchi 1953: if (((s_server_config.www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
1954: ((s_server_config.www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
1.1 jsing 1955: char *p;
1956: X509 *peer;
1.41 inoguchi 1957: STACK_OF(SSL_CIPHER) *sk;
1.1 jsing 1958: static const char *space = " ";
1959:
1960: BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
1961: BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
1962: BIO_puts(io, "<pre>\n");
1963: /* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
1964: BIO_puts(io, "\n");
1965: for (i = 0; i < local_argc; i++) {
1966: BIO_puts(io, local_argv[i]);
1967: BIO_write(io, " ", 1);
1968: }
1969: BIO_puts(io, "\n");
1970:
1971: BIO_printf(io,
1972: "Secure Renegotiation IS%s supported\n",
1973: SSL_get_secure_renegotiation_support(con) ?
1974: "" : " NOT");
1975:
1976: /*
1977: * The following is evil and should not really be
1978: * done
1979: */
1980: BIO_printf(io, "Ciphers supported in s_server binary\n");
1981: sk = SSL_get_ciphers(con);
1982: j = sk_SSL_CIPHER_num(sk);
1983: for (i = 0; i < j; i++) {
1984: c = sk_SSL_CIPHER_value(sk, i);
1985: BIO_printf(io, "%-11s:%-25s",
1986: SSL_CIPHER_get_version(c),
1987: SSL_CIPHER_get_name(c));
1988: if ((((i + 1) % 2) == 0) && (i + 1 != j))
1989: BIO_puts(io, "\n");
1990: }
1991: BIO_puts(io, "\n");
1992: p = SSL_get_shared_ciphers(con, buf, bufsize);
1993: if (p != NULL) {
1994: BIO_printf(io, "---\nCiphers common between both SSL end points:\n");
1995: j = i = 0;
1996: while (*p) {
1997: if (*p == ':') {
1998: BIO_write(io, space, 26 - j);
1999: i++;
2000: j = 0;
2001: BIO_write(io, ((i % 3) ? " " : "\n"), 1);
2002: } else {
2003: BIO_write(io, p, 1);
2004: j++;
2005: }
2006: p++;
2007: }
2008: BIO_puts(io, "\n");
2009: }
2010: BIO_printf(io, (SSL_cache_hit(con)
2011: ? "---\nReused, "
2012: : "---\nNew, "));
2013: c = SSL_get_current_cipher(con);
2014: BIO_printf(io, "%s, Cipher is %s\n",
2015: SSL_CIPHER_get_version(c),
2016: SSL_CIPHER_get_name(c));
2017: SSL_SESSION_print(io, SSL_get_session(con));
2018: BIO_printf(io, "---\n");
2019: print_stats(io, SSL_get_SSL_CTX(con));
2020: BIO_printf(io, "---\n");
2021: peer = SSL_get_peer_certificate(con);
2022: if (peer != NULL) {
2023: BIO_printf(io, "Client certificate\n");
2024: X509_print(io, peer);
2025: PEM_write_bio_X509(io, peer);
2026: } else
2027: BIO_puts(io, "no client certificate available\n");
2028: BIO_puts(io, "</BODY></HTML>\r\n\r\n");
2029: break;
1.39 inoguchi 2030: } else if ((s_server_config.www == 2 || s_server_config.www == 3)
1.1 jsing 2031: && (strncmp("GET /", buf, 5) == 0)) {
2032: BIO *file;
2033: char *p, *e;
2034: static const char *text = "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
2035:
2036: /* skip the '/' */
2037: p = &(buf[5]);
2038:
2039: dot = 1;
2040: for (e = p; *e != '\0'; e++) {
2041: if (e[0] == ' ')
2042: break;
2043:
2044: switch (dot) {
2045: case 1:
2046: dot = (e[0] == '.') ? 2 : 0;
2047: break;
2048: case 2:
2049: dot = (e[0] == '.') ? 3 : 0;
2050: break;
2051: case 3:
1.32 bcook 2052: dot = (e[0] == '/' || e[0] == '\\') ? -1 : 0;
1.1 jsing 2053: break;
2054: }
2055: if (dot == 0)
1.32 bcook 2056: dot = (e[0] == '/' || e[0] == '\\') ? 1 : 0;
1.1 jsing 2057: }
2058: dot = (dot == 3) || (dot == -1); /* filename contains
2059: * ".." component */
2060:
2061: if (*e == '\0') {
2062: BIO_puts(io, text);
2063: BIO_printf(io, "'%s' is an invalid file name\r\n", p);
2064: break;
2065: }
2066: *e = '\0';
2067:
2068: if (dot) {
2069: BIO_puts(io, text);
2070: BIO_printf(io, "'%s' contains '..' reference\r\n", p);
2071: break;
2072: }
2073: if (*p == '/') {
2074: BIO_puts(io, text);
2075: BIO_printf(io, "'%s' is an invalid path\r\n", p);
2076: break;
2077: }
2078: /* if a directory, do the index thang */
2079: if (app_isdir(p) > 0) {
2080: BIO_puts(io, text);
2081: BIO_printf(io, "'%s' is a directory\r\n", p);
2082: break;
2083: }
2084: if ((file = BIO_new_file(p, "r")) == NULL) {
2085: BIO_puts(io, text);
2086: BIO_printf(io, "Error opening '%s'\r\n", p);
2087: ERR_print_errors(io);
2088: break;
2089: }
1.40 inoguchi 2090: if (!s_server_config.quiet)
1.1 jsing 2091: BIO_printf(bio_err, "FILE:%s\n", p);
2092:
1.39 inoguchi 2093: if (s_server_config.www == 2) {
1.1 jsing 2094: i = strlen(p);
2095: if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) ||
2096: ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) ||
2097: ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
2098: BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2099: else
2100: BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
2101: }
2102: /* send the file */
2103: for (;;) {
2104: i = BIO_read(file, buf, bufsize);
2105: if (i <= 0)
2106: break;
2107:
2108: #ifdef RENEG
2109: total_bytes += i;
2110: fprintf(stderr, "%d\n", i);
2111: if (total_bytes > 3 * 1024) {
2112: total_bytes = 0;
2113: fprintf(stderr, "RENEGOTIATE\n");
2114: SSL_renegotiate(con);
2115: }
2116: #endif
2117:
2118: for (j = 0; j < i;) {
2119: #ifdef RENEG
2120: {
2121: static count = 0;
2122: if (++count == 13) {
2123: SSL_renegotiate(con);
2124: }
2125: }
2126: #endif
2127: k = BIO_write(io, &(buf[j]), i - j);
2128: if (k <= 0) {
2129: if (!BIO_should_retry(io))
2130: goto write_error;
2131: else {
2132: BIO_printf(bio_s_out, "rwrite W BLOCK\n");
2133: }
2134: } else {
2135: j += k;
2136: }
2137: }
2138: }
2139: write_error:
2140: BIO_free(file);
2141: break;
2142: }
2143: }
2144:
2145: for (;;) {
2146: i = (int) BIO_flush(io);
2147: if (i <= 0) {
2148: if (!BIO_should_retry(io))
2149: break;
2150: } else
2151: break;
2152: }
1.30 jsing 2153: end:
1.1 jsing 2154: /* make sure we re-use sessions */
2155: SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
2156:
1.30 jsing 2157: err:
1.1 jsing 2158:
2159: if (ret >= 0)
2160: BIO_printf(bio_s_out, "ACCEPT\n");
2161:
1.24 mmcc 2162: free(buf);
1.29 jsing 2163: BIO_free_all(io);
1.1 jsing 2164: /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
2165: return (ret);
2166: }
2167:
2168: #define MAX_SESSION_ID_ATTEMPTS 10
2169: static int
1.42 ! inoguchi 2170: generate_session_id(const SSL *ssl, unsigned char *id, unsigned int *id_len)
1.1 jsing 2171: {
2172: unsigned int count = 0;
2173: do {
1.3 jsing 2174: arc4random_buf(id, *id_len);
1.1 jsing 2175: /*
2176: * Prefix the session_id with the required prefix. NB: If our
2177: * prefix is too long, clip it - but there will be worse
2178: * effects anyway, eg. the server could only possibly create
2179: * 1 session ID (ie. the prefix!) so all future session
2180: * negotiations will fail due to conflicts.
2181: */
1.39 inoguchi 2182: memcpy(id, s_server_config.session_id_prefix,
2183: (strlen(s_server_config.session_id_prefix) < *id_len) ?
2184: strlen(s_server_config.session_id_prefix) : *id_len);
1.1 jsing 2185: }
2186: while (SSL_has_matching_session_id(ssl, id, *id_len) &&
2187: (++count < MAX_SESSION_ID_ATTEMPTS));
2188: if (count >= MAX_SESSION_ID_ATTEMPTS)
2189: return 0;
2190: return 1;
1.42 ! inoguchi 2191: }
! 2192:
! 2193: static int
! 2194: ssl_servername_cb(SSL *s, int *ad, void *arg)
! 2195: {
! 2196: tlsextctx *p = (tlsextctx *) arg;
! 2197: const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
! 2198: if (servername && p->biodebug)
! 2199: BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n", servername);
! 2200:
! 2201: if (!p->servername)
! 2202: return SSL_TLSEXT_ERR_NOACK;
! 2203:
! 2204: if (servername) {
! 2205: if (strcmp(servername, p->servername))
! 2206: return p->extension_error;
! 2207: if (ctx2) {
! 2208: BIO_printf(p->biodebug, "Switching server context.\n");
! 2209: SSL_set_SSL_CTX(s, ctx2);
! 2210: }
! 2211: }
! 2212: return SSL_TLSEXT_ERR_OK;
! 2213: }
! 2214:
! 2215: /* Certificate Status callback. This is called when a client includes a
! 2216: * certificate status request extension.
! 2217: *
! 2218: * This is a simplified version. It examines certificates each time and
! 2219: * makes one OCSP responder query for each request.
! 2220: *
! 2221: * A full version would store details such as the OCSP certificate IDs and
! 2222: * minimise the number of OCSP responses by caching them until they were
! 2223: * considered "expired".
! 2224: */
! 2225:
! 2226: static int
! 2227: cert_status_cb(SSL *s, void *arg)
! 2228: {
! 2229: tlsextstatusctx *srctx = arg;
! 2230: BIO *err = srctx->err;
! 2231: char *host = NULL, *port = NULL, *path = NULL;
! 2232: int use_ssl;
! 2233: unsigned char *rspder = NULL;
! 2234: int rspderlen;
! 2235: STACK_OF(OPENSSL_STRING) *aia = NULL;
! 2236: X509 *x = NULL;
! 2237: X509_STORE_CTX inctx;
! 2238: X509_OBJECT obj;
! 2239: OCSP_REQUEST *req = NULL;
! 2240: OCSP_RESPONSE *resp = NULL;
! 2241: OCSP_CERTID *id = NULL;
! 2242: STACK_OF(X509_EXTENSION) *exts;
! 2243: int ret = SSL_TLSEXT_ERR_NOACK;
! 2244: int i;
! 2245:
! 2246: if (srctx->verbose)
! 2247: BIO_puts(err, "cert_status: callback called\n");
! 2248: /* Build up OCSP query from server certificate */
! 2249: x = SSL_get_certificate(s);
! 2250: aia = X509_get1_ocsp(x);
! 2251: if (aia) {
! 2252: if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
! 2253: &host, &port, &path, &use_ssl)) {
! 2254: BIO_puts(err, "cert_status: can't parse AIA URL\n");
! 2255: goto err;
! 2256: }
! 2257: if (srctx->verbose)
! 2258: BIO_printf(err, "cert_status: AIA URL: %s\n",
! 2259: sk_OPENSSL_STRING_value(aia, 0));
! 2260: } else {
! 2261: if (!srctx->host) {
! 2262: BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n");
! 2263: goto done;
! 2264: }
! 2265: host = srctx->host;
! 2266: path = srctx->path;
! 2267: port = srctx->port;
! 2268: use_ssl = srctx->use_ssl;
! 2269: }
! 2270:
! 2271: if (!X509_STORE_CTX_init(&inctx,
! 2272: SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
! 2273: NULL, NULL))
! 2274: goto err;
! 2275: if (X509_STORE_get_by_subject(&inctx, X509_LU_X509,
! 2276: X509_get_issuer_name(x), &obj) <= 0) {
! 2277: BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
! 2278: X509_STORE_CTX_cleanup(&inctx);
! 2279: goto done;
! 2280: }
! 2281: req = OCSP_REQUEST_new();
! 2282: if (!req)
! 2283: goto err;
! 2284: id = OCSP_cert_to_id(NULL, x, obj.data.x509);
! 2285: X509_free(obj.data.x509);
! 2286: X509_STORE_CTX_cleanup(&inctx);
! 2287: if (!id)
! 2288: goto err;
! 2289: if (!OCSP_request_add0_id(req, id))
! 2290: goto err;
! 2291: id = NULL;
! 2292: /* Add any extensions to the request */
! 2293: SSL_get_tlsext_status_exts(s, &exts);
! 2294: for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
! 2295: X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
! 2296: if (!OCSP_REQUEST_add_ext(req, ext, -1))
! 2297: goto err;
! 2298: }
! 2299: resp = process_responder(err, req, host, path, port, use_ssl, NULL,
! 2300: srctx->timeout);
! 2301: if (!resp) {
! 2302: BIO_puts(err, "cert_status: error querying responder\n");
! 2303: goto done;
! 2304: }
! 2305: rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
! 2306: if (rspderlen <= 0)
! 2307: goto err;
! 2308: SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
! 2309: if (srctx->verbose) {
! 2310: BIO_puts(err, "cert_status: ocsp response sent:\n");
! 2311: OCSP_RESPONSE_print(err, resp, 2);
! 2312: }
! 2313: ret = SSL_TLSEXT_ERR_OK;
! 2314: done:
! 2315: if (ret != SSL_TLSEXT_ERR_OK)
! 2316: ERR_print_errors(err);
! 2317: if (aia) {
! 2318: free(host);
! 2319: free(path);
! 2320: free(port);
! 2321: X509_email_free(aia);
! 2322: }
! 2323: if (id)
! 2324: OCSP_CERTID_free(id);
! 2325: if (req)
! 2326: OCSP_REQUEST_free(req);
! 2327: if (resp)
! 2328: OCSP_RESPONSE_free(resp);
! 2329: return ret;
! 2330: err:
! 2331: ret = SSL_TLSEXT_ERR_ALERT_FATAL;
! 2332: goto done;
! 2333: }
! 2334:
! 2335: static int
! 2336: alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
! 2337: const unsigned char *in, unsigned int inlen, void *arg)
! 2338: {
! 2339: tlsextalpnctx *alpn_ctx = arg;
! 2340:
! 2341: if (!s_server_config.quiet) {
! 2342: /* We can assume that in is syntactically valid. */
! 2343: unsigned i;
! 2344:
! 2345: BIO_printf(bio_s_out,
! 2346: "ALPN protocols advertised by the client: ");
! 2347: for (i = 0; i < inlen; ) {
! 2348: if (i)
! 2349: BIO_write(bio_s_out, ", ", 2);
! 2350: BIO_write(bio_s_out, &in[i + 1], in[i]);
! 2351: i += in[i] + 1;
! 2352: }
! 2353: BIO_write(bio_s_out, "\n", 1);
! 2354: }
! 2355:
! 2356: if (SSL_select_next_proto((unsigned char**)out, outlen, alpn_ctx->data,
! 2357: alpn_ctx->len, in, inlen) != OPENSSL_NPN_NEGOTIATED)
! 2358: return (SSL_TLSEXT_ERR_NOACK);
! 2359:
! 2360: if (!s_server_config.quiet) {
! 2361: BIO_printf(bio_s_out, "ALPN protocols selected: ");
! 2362: BIO_write(bio_s_out, *out, *outlen);
! 2363: BIO_write(bio_s_out, "\n", 1);
! 2364: }
! 2365:
! 2366: return (SSL_TLSEXT_ERR_OK);
1.1 jsing 2367: }