OpenSSL  1.0.1c
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros
s_server.c
Go to the documentation of this file.
1 /* apps/s_server.c */
2 /* Copyright (C) 1995-1998 Eric Young ([email protected])
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young ([email protected]).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to. The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson ([email protected]).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  * notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  * notice, this list of conditions and the following disclaimer in the
30  * documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  * must display the following acknowledgement:
33  * "This product includes cryptographic software written by
34  * Eric Young ([email protected])"
35  * The word 'cryptographic' can be left out if the rouines from the library
36  * being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  * the apps directory (application code) you must include an acknowledgement:
39  * "This product includes software written by Tim Hudson ([email protected])"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed. i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  * notice, this list of conditions and the following disclaimer.
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  * notice, this list of conditions and the following disclaimer in
70  * the documentation and/or other materials provided with the
71  * distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  * software must display the following acknowledgment:
75  * "This product includes software developed by the OpenSSL Project
76  * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  * endorse or promote products derived from this software without
80  * prior written permission. For written permission, please contact
81  * [email protected].
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  * nor may "OpenSSL" appear in their names without prior written
85  * permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  * acknowledgment:
89  * "This product includes software developed by the OpenSSL Project
90  * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * ([email protected]). This product includes software written by Tim
108  * Hudson ([email protected]).
109  *
110  */
111 /* ====================================================================
112  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113  * ECC cipher suite support in OpenSSL originally developed by
114  * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115  */
116 /* ====================================================================
117  * Copyright 2005 Nokia. All rights reserved.
118  *
119  * The portions of the attached software ("Contribution") is developed by
120  * Nokia Corporation and is licensed pursuant to the OpenSSL open source
121  * license.
122  *
123  * The Contribution, originally written by Mika Kousa and Pasi Eronen of
124  * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125  * support (see RFC 4279) to OpenSSL.
126  *
127  * No patent licenses or other rights except those expressly stated in
128  * the OpenSSL open source license shall be deemed granted or received
129  * expressly, by implication, estoppel, or otherwise.
130  *
131  * No assurances are provided by Nokia that the Contribution does not
132  * infringe the patent or other intellectual property rights of any third
133  * party or that the license provides you with all the necessary rights
134  * to make use of the Contribution.
135  *
136  * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137  * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138  * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139  * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140  * OTHERWISE.
141  */
142 
143 /* Until the key-gen callbacks are modified to use newer prototypes, we allow
144  * deprecated functions for openssl-internal code */
145 #ifdef OPENSSL_NO_DEPRECATED
146 #undef OPENSSL_NO_DEPRECATED
147 #endif
148 
149 #include <assert.h>
150 #include <ctype.h>
151 #include <stdio.h>
152 #include <stdlib.h>
153 #include <string.h>
154 
155 #include <openssl/e_os2.h>
156 #ifdef OPENSSL_NO_STDIO
157 #define APPS_WIN16
158 #endif
159 
160 #if !defined(OPENSSL_SYS_NETWARE) /* conflicts with winsock2 stuff on netware */
161 #include <sys/types.h>
162 #endif
163 
164 /* With IPv6, it looks like Digital has mixed up the proper order of
165  recursive header file inclusion, resulting in the compiler complaining
166  that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which
167  is needed to have fileno() declared correctly... So let's define u_int */
168 #if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
169 #define __U_INT
170 typedef unsigned int u_int;
171 #endif
172 
173 #include <openssl/lhash.h>
174 #include <openssl/bn.h>
175 #define USE_SOCKETS
176 #include "apps.h"
177 #include <openssl/err.h>
178 #include <openssl/pem.h>
179 #include <openssl/x509.h>
180 #include <openssl/ssl.h>
181 #include <openssl/rand.h>
182 #include <openssl/ocsp.h>
183 #ifndef OPENSSL_NO_DH
184 #include <openssl/dh.h>
185 #endif
186 #ifndef OPENSSL_NO_RSA
187 #include <openssl/rsa.h>
188 #endif
189 #ifndef OPENSSL_NO_SRP
190 #include <openssl/srp.h>
191 #endif
192 #include "s_apps.h"
193 #include "timeouts.h"
194 
195 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
196 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
197 #undef FIONBIO
198 #endif
199 
200 #if defined(OPENSSL_SYS_BEOS_R5)
201 #include <fcntl.h>
202 #endif
203 
204 #ifndef OPENSSL_NO_RSA
205 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
206 #endif
207 static int sv_body(char *hostname, int s, unsigned char *context);
208 static int www_body(char *hostname, int s, unsigned char *context);
209 static void close_accept_socket(void );
210 static void sv_usage(void);
211 static int init_ssl_connection(SSL *s);
212 static void print_stats(BIO *bp,SSL_CTX *ctx);
213 static int generate_session_id(const SSL *ssl, unsigned char *id,
214  unsigned int *id_len);
215 #ifndef OPENSSL_NO_DH
216 static DH *load_dh_param(const char *dhfile);
217 static DH *get_dh512(void);
218 #endif
219 
220 #ifdef MONOLITH
221 static void s_server_init(void);
222 #endif
223 
224 #ifndef OPENSSL_NO_DH
225 static unsigned char dh512_p[]={
226  0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
227  0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
228  0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
229  0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
230  0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
231  0x47,0x74,0xE8,0x33,
232  };
233 static unsigned char dh512_g[]={
234  0x02,
235  };
236 
237 static DH *get_dh512(void)
238  {
239  DH *dh=NULL;
240 
241  if ((dh=DH_new()) == NULL) return(NULL);
242  dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
243  dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
244  if ((dh->p == NULL) || (dh->g == NULL))
245  return(NULL);
246  return(dh);
247  }
248 #endif
249 
250 
251 /* static int load_CA(SSL_CTX *ctx, char *file);*/
252 
253 #undef BUFSIZZ
254 #define BUFSIZZ 16*1024
255 static int bufsize=BUFSIZZ;
256 static int accept_socket= -1;
257 
258 #define TEST_CERT "server.pem"
259 #ifndef OPENSSL_NO_TLSEXT
260 #define TEST_CERT2 "server2.pem"
261 #endif
262 #undef PROG
263 #define PROG s_server_main
264 
265 extern int verify_depth, verify_return_error;
266 
267 static char *cipher=NULL;
268 static int s_server_verify=SSL_VERIFY_NONE;
269 static int s_server_session_id_context = 1; /* anything will do */
270 static const char *s_cert_file=TEST_CERT,*s_key_file=NULL;
271 #ifndef OPENSSL_NO_TLSEXT
272 static const char *s_cert_file2=TEST_CERT2,*s_key_file2=NULL;
273 #endif
274 static char *s_dcert_file=NULL,*s_dkey_file=NULL;
275 #ifdef FIONBIO
276 static int s_nbio=0;
277 #endif
278 static int s_nbio_test=0;
279 int s_crlf=0;
280 static SSL_CTX *ctx=NULL;
281 #ifndef OPENSSL_NO_TLSEXT
282 static SSL_CTX *ctx2=NULL;
283 #endif
284 static int www=0;
285 
286 static BIO *bio_s_out=NULL;
287 static int s_debug=0;
288 #ifndef OPENSSL_NO_TLSEXT
289 static int s_tlsextdebug=0;
290 static int s_tlsextstatus=0;
291 static int cert_status_cb(SSL *s, void *arg);
292 #endif
293 static int s_msg=0;
294 static int s_quiet=0;
295 
296 static char *keymatexportlabel=NULL;
297 static int keymatexportlen=20;
298 
299 static int hack=0;
300 #ifndef OPENSSL_NO_ENGINE
301 static char *engine_id=NULL;
302 #endif
303 static const char *session_id_prefix=NULL;
304 
305 static int enable_timeouts = 0;
306 static long socket_mtu;
307 #ifndef OPENSSL_NO_DTLS1
308 static int cert_chain = 0;
309 #endif
310 
311 
312 #ifndef OPENSSL_NO_PSK
313 static char *psk_identity="Client_identity";
314 char *psk_key=NULL; /* by default PSK is not used */
315 
316 static unsigned int psk_server_cb(SSL *ssl, const char *identity,
317  unsigned char *psk, unsigned int max_psk_len)
318  {
319  unsigned int psk_len = 0;
320  int ret;
321  BIGNUM *bn = NULL;
322 
323  if (s_debug)
324  BIO_printf(bio_s_out,"psk_server_cb\n");
325  if (!identity)
326  {
327  BIO_printf(bio_err,"Error: client did not send PSK identity\n");
328  goto out_err;
329  }
330  if (s_debug)
331  BIO_printf(bio_s_out,"identity_len=%d identity=%s\n",
332  identity ? (int)strlen(identity) : 0, identity);
333 
334  /* here we could lookup the given identity e.g. from a database */
335  if (strcmp(identity, psk_identity) != 0)
336  {
337  BIO_printf(bio_s_out, "PSK error: client identity not found"
338  " (got '%s' expected '%s')\n", identity,
339  psk_identity);
340  goto out_err;
341  }
342  if (s_debug)
343  BIO_printf(bio_s_out, "PSK client identity found\n");
344 
345  /* convert the PSK key to binary */
346  ret = BN_hex2bn(&bn, psk_key);
347  if (!ret)
348  {
349  BIO_printf(bio_err,"Could not convert PSK key '%s' to BIGNUM\n", psk_key);
350  if (bn)
351  BN_free(bn);
352  return 0;
353  }
354  if (BN_num_bytes(bn) > (int)max_psk_len)
355  {
356  BIO_printf(bio_err,"psk buffer of callback is too small (%d) for key (%d)\n",
357  max_psk_len, BN_num_bytes(bn));
358  BN_free(bn);
359  return 0;
360  }
361 
362  ret = BN_bn2bin(bn, psk);
363  BN_free(bn);
364 
365  if (ret < 0)
366  goto out_err;
367  psk_len = (unsigned int)ret;
368 
369  if (s_debug)
370  BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
371  return psk_len;
372  out_err:
373  if (s_debug)
374  BIO_printf(bio_err, "Error in PSK server callback\n");
375  return 0;
376  }
377 #endif
378 
379 #ifndef OPENSSL_NO_SRP
380 /* This is a context that we pass to callbacks */
381 typedef struct srpsrvparm_st
382  {
383  char *login;
384  SRP_VBASE *vb;
385  SRP_user_pwd *user;
386  } srpsrvparm;
387 
388 /* This callback pretends to require some asynchronous logic in order to obtain
389  a verifier. When the callback is called for a new connection we return
390  with a negative value. This will provoke the accept etc to return with
391  an LOOKUP_X509. The main logic of the reinvokes the suspended call
392  (which would normally occur after a worker has finished) and we
393  set the user parameters.
394 */
395 static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
396  {
397  srpsrvparm *p = (srpsrvparm *)arg;
398  if (p->login == NULL && p->user == NULL )
399  {
400  p->login = SSL_get_srp_username(s);
401  BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
402  return (-1) ;
403  }
404 
405  if (p->user == NULL)
406  {
407  BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
408  return SSL3_AL_FATAL;
409  }
410  if (SSL_set_srp_server_param(s, p->user->N, p->user->g, p->user->s, p->user->v,
411  p->user->info) < 0)
412  {
413  *ad = SSL_AD_INTERNAL_ERROR;
414  return SSL3_AL_FATAL;
415  }
416  BIO_printf(bio_err, "SRP parameters set: username = \"%s\" info=\"%s\" \n", p->login,p->user->info);
417  /* need to check whether there are memory leaks */
418  p->user = NULL;
419  p->login = NULL;
420  return SSL_ERROR_NONE;
421  }
422 
423 #endif
424 
425 #ifdef MONOLITH
426 static void s_server_init(void)
427  {
428  accept_socket=-1;
429  cipher=NULL;
430  s_server_verify=SSL_VERIFY_NONE;
431  s_dcert_file=NULL;
432  s_dkey_file=NULL;
433  s_cert_file=TEST_CERT;
434  s_key_file=NULL;
435 #ifndef OPENSSL_NO_TLSEXT
436  s_cert_file2=TEST_CERT2;
437  s_key_file2=NULL;
438  ctx2=NULL;
439 #endif
440 #ifdef FIONBIO
441  s_nbio=0;
442 #endif
443  s_nbio_test=0;
444  ctx=NULL;
445  www=0;
446 
447  bio_s_out=NULL;
448  s_debug=0;
449  s_msg=0;
450  s_quiet=0;
451  hack=0;
452 #ifndef OPENSSL_NO_ENGINE
453  engine_id=NULL;
454 #endif
455  }
456 #endif
457 
458 static void sv_usage(void)
459  {
460  BIO_printf(bio_err,"usage: s_server [args ...]\n");
461  BIO_printf(bio_err,"\n");
462  BIO_printf(bio_err," -accept arg - port to accept on (default is %d)\n",PORT);
463  BIO_printf(bio_err," -context arg - set session ID context\n");
464  BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
465  BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n");
466  BIO_printf(bio_err," -cert arg - certificate file to use\n");
467  BIO_printf(bio_err," (default is %s)\n",TEST_CERT);
468  BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \
469  " The CRL(s) are appended to the certificate file\n");
470  BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \
471  " or any other CRL in the CA chain. CRL(s) are appened to the\n" \
472  " the certificate file.\n");
473  BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n");
474  BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n");
475  BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT);
476  BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n");
477  BIO_printf(bio_err," -pass arg - private key file pass phrase source\n");
478  BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n");
479  BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n");
480  BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n");
481  BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
482  BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n");
483  BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n");
484  BIO_printf(bio_err," or a default set of parameters is used\n");
485 #ifndef OPENSSL_NO_ECDH
486  BIO_printf(bio_err," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \
487  " Use \"openssl ecparam -list_curves\" for all names\n" \
488  " (default is nistp256).\n");
489 #endif
490 #ifdef FIONBIO
491  BIO_printf(bio_err," -nbio - Run with non-blocking IO\n");
492 #endif
493  BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n");
494  BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n");
495  BIO_printf(bio_err," -debug - Print more output\n");
496  BIO_printf(bio_err," -msg - Show protocol messages\n");
497  BIO_printf(bio_err," -state - Print the SSL states\n");
498  BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
499  BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
500  BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n");
501  BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n");
502  BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n");
503  BIO_printf(bio_err," -quiet - No server output\n");
504  BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n");
505 #ifndef OPENSSL_NO_PSK
506  BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n");
507  BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n");
508 # ifndef OPENSSL_NO_JPAKE
509  BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n");
510 # endif
511 #endif
512 #ifndef OPENSSL_NO_SRP
513  BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n");
514  BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n");
515 #endif
516  BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n");
517  BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n");
518  BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n");
519  BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n");
520  BIO_printf(bio_err," -tls1 - Just talk TLSv1\n");
521  BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n");
522  BIO_printf(bio_err," -timeout - Enable timeouts\n");
523  BIO_printf(bio_err," -mtu - Set link layer MTU\n");
524  BIO_printf(bio_err," -chain - Read a certificate chain\n");
525  BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n");
526  BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n");
527  BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n");
528  BIO_printf(bio_err," -no_tls1_1 - Just disable TLSv1.1\n");
529  BIO_printf(bio_err," -no_tls1_2 - Just disable TLSv1.2\n");
530 #ifndef OPENSSL_NO_DH
531  BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n");
532 #endif
533 #ifndef OPENSSL_NO_ECDH
534  BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n");
535 #endif
536  BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n");
537  BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n");
538  BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
539  BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
540  BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n");
541 #ifndef OPENSSL_NO_ENGINE
542  BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
543 #endif
544  BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
545  BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
546 #ifndef OPENSSL_NO_TLSEXT
547  BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n");
548  BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
549  BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n");
550  BIO_printf(bio_err," (default is %s)\n",TEST_CERT2);
551  BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n");
552  BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2);
553  BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
554  BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
555  BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
556 # ifndef OPENSSL_NO_NEXTPROTONEG
557  BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
558 # endif
559  BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
560 #endif
561  BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
562  BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n");
563  }
564 
565 static int local_argc=0;
566 static char **local_argv;
567 
568 #ifdef CHARSET_EBCDIC
569 static int ebcdic_new(BIO *bi);
570 static int ebcdic_free(BIO *a);
571 static int ebcdic_read(BIO *b, char *out, int outl);
572 static int ebcdic_write(BIO *b, const char *in, int inl);
573 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
574 static int ebcdic_gets(BIO *bp, char *buf, int size);
575 static int ebcdic_puts(BIO *bp, const char *str);
576 
577 #define BIO_TYPE_EBCDIC_FILTER (18|0x0200)
578 static BIO_METHOD methods_ebcdic=
579  {
580  BIO_TYPE_EBCDIC_FILTER,
581  "EBCDIC/ASCII filter",
582  ebcdic_write,
583  ebcdic_read,
584  ebcdic_puts,
585  ebcdic_gets,
586  ebcdic_ctrl,
587  ebcdic_new,
588  ebcdic_free,
589  };
590 
591 typedef struct
592 {
593  size_t alloced;
594  char buff[1];
595 } EBCDIC_OUTBUFF;
596 
597 BIO_METHOD *BIO_f_ebcdic_filter()
598 {
599  return(&methods_ebcdic);
600 }
601 
602 static int ebcdic_new(BIO *bi)
603 {
604  EBCDIC_OUTBUFF *wbuf;
605 
606  wbuf = (EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
607  wbuf->alloced = 1024;
608  wbuf->buff[0] = '\0';
609 
610  bi->ptr=(char *)wbuf;
611  bi->init=1;
612  bi->flags=0;
613  return(1);
614 }
615 
616 static int ebcdic_free(BIO *a)
617 {
618  if (a == NULL) return(0);
619  if (a->ptr != NULL)
620  OPENSSL_free(a->ptr);
621  a->ptr=NULL;
622  a->init=0;
623  a->flags=0;
624  return(1);
625 }
626 
627 static int ebcdic_read(BIO *b, char *out, int outl)
628 {
629  int ret=0;
630 
631  if (out == NULL || outl == 0) return(0);
632  if (b->next_bio == NULL) return(0);
633 
634  ret=BIO_read(b->next_bio,out,outl);
635  if (ret > 0)
636  ascii2ebcdic(out,out,ret);
637  return(ret);
638 }
639 
640 static int ebcdic_write(BIO *b, const char *in, int inl)
641 {
642  EBCDIC_OUTBUFF *wbuf;
643  int ret=0;
644  int num;
645  unsigned char n;
646 
647  if ((in == NULL) || (inl <= 0)) return(0);
648  if (b->next_bio == NULL) return(0);
649 
650  wbuf=(EBCDIC_OUTBUFF *)b->ptr;
651 
652  if (inl > (num = wbuf->alloced))
653  {
654  num = num + num; /* double the size */
655  if (num < inl)
656  num = inl;
657  OPENSSL_free(wbuf);
658  wbuf=(EBCDIC_OUTBUFF *)OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
659 
660  wbuf->alloced = num;
661  wbuf->buff[0] = '\0';
662 
663  b->ptr=(char *)wbuf;
664  }
665 
666  ebcdic2ascii(wbuf->buff, in, inl);
667 
668  ret=BIO_write(b->next_bio, wbuf->buff, inl);
669 
670  return(ret);
671 }
672 
673 static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
674 {
675  long ret;
676 
677  if (b->next_bio == NULL) return(0);
678  switch (cmd)
679  {
680  case BIO_CTRL_DUP:
681  ret=0L;
682  break;
683  default:
684  ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
685  break;
686  }
687  return(ret);
688 }
689 
690 static int ebcdic_gets(BIO *bp, char *buf, int size)
691 {
692  int i, ret=0;
693  if (bp->next_bio == NULL) return(0);
694 /* return(BIO_gets(bp->next_bio,buf,size));*/
695  for (i=0; i<size-1; ++i)
696  {
697  ret = ebcdic_read(bp,&buf[i],1);
698  if (ret <= 0)
699  break;
700  else if (buf[i] == '\n')
701  {
702  ++i;
703  break;
704  }
705  }
706  if (i < size)
707  buf[i] = '\0';
708  return (ret < 0 && i == 0) ? ret : i;
709 }
710 
711 static int ebcdic_puts(BIO *bp, const char *str)
712 {
713  if (bp->next_bio == NULL) return(0);
714  return ebcdic_write(bp, str, strlen(str));
715 }
716 #endif
717 
718 #ifndef OPENSSL_NO_TLSEXT
719 
720 /* This is a context that we pass to callbacks */
721 typedef struct tlsextctx_st {
722  char * servername;
723  BIO * biodebug;
724  int extension_error;
725 } tlsextctx;
726 
727 
728 static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
729  {
730  tlsextctx * p = (tlsextctx *) arg;
731  const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
732  if (servername && p->biodebug)
733  BIO_printf(p->biodebug,"Hostname in TLS extension: \"%s\"\n",servername);
734 
735  if (!p->servername)
736  return SSL_TLSEXT_ERR_NOACK;
737 
738  if (servername)
739  {
740  if (strcmp(servername,p->servername))
741  return p->extension_error;
742  if (ctx2)
743  {
744  BIO_printf(p->biodebug,"Switching server context.\n");
745  SSL_set_SSL_CTX(s,ctx2);
746  }
747  }
748  return SSL_TLSEXT_ERR_OK;
749 }
750 
751 /* Structure passed to cert status callback */
752 
753 typedef struct tlsextstatusctx_st {
754  /* Default responder to use */
755  char *host, *path, *port;
756  int use_ssl;
757  int timeout;
758  BIO *err;
759  int verbose;
760 } tlsextstatusctx;
761 
762 static tlsextstatusctx tlscstatp = {NULL, NULL, NULL, 0, -1, NULL, 0};
763 
764 /* Certificate Status callback. This is called when a client includes a
765  * certificate status request extension.
766  *
767  * This is a simplified version. It examines certificates each time and
768  * makes one OCSP responder query for each request.
769  *
770  * A full version would store details such as the OCSP certificate IDs and
771  * minimise the number of OCSP responses by caching them until they were
772  * considered "expired".
773  */
774 
775 static int cert_status_cb(SSL *s, void *arg)
776  {
777  tlsextstatusctx *srctx = arg;
778  BIO *err = srctx->err;
779  char *host, *port, *path;
780  int use_ssl;
781  unsigned char *rspder = NULL;
782  int rspderlen;
783  STACK_OF(OPENSSL_STRING) *aia = NULL;
784  X509 *x = NULL;
785  X509_STORE_CTX inctx;
786  X509_OBJECT obj;
787  OCSP_REQUEST *req = NULL;
788  OCSP_RESPONSE *resp = NULL;
789  OCSP_CERTID *id = NULL;
790  STACK_OF(X509_EXTENSION) *exts;
791  int ret = SSL_TLSEXT_ERR_NOACK;
792  int i;
793 #if 0
794 STACK_OF(OCSP_RESPID) *ids;
795 SSL_get_tlsext_status_ids(s, &ids);
796 BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
797 #endif
798  if (srctx->verbose)
799  BIO_puts(err, "cert_status: callback called\n");
800  /* Build up OCSP query from server certificate */
801  x = SSL_get_certificate(s);
802  aia = X509_get1_ocsp(x);
803  if (aia)
804  {
805  if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
806  &host, &port, &path, &use_ssl))
807  {
808  BIO_puts(err, "cert_status: can't parse AIA URL\n");
809  goto err;
810  }
811  if (srctx->verbose)
812  BIO_printf(err, "cert_status: AIA URL: %s\n",
813  sk_OPENSSL_STRING_value(aia, 0));
814  }
815  else
816  {
817  if (!srctx->host)
818  {
819  BIO_puts(srctx->err, "cert_status: no AIA and no default responder URL\n");
820  goto done;
821  }
822  host = srctx->host;
823  path = srctx->path;
824  port = srctx->port;
825  use_ssl = srctx->use_ssl;
826  }
827 
828  if (!X509_STORE_CTX_init(&inctx,
829  SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
830  NULL, NULL))
831  goto err;
832  if (X509_STORE_get_by_subject(&inctx,X509_LU_X509,
833  X509_get_issuer_name(x),&obj) <= 0)
834  {
835  BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
836  X509_STORE_CTX_cleanup(&inctx);
837  goto done;
838  }
839  req = OCSP_REQUEST_new();
840  if (!req)
841  goto err;
842  id = OCSP_cert_to_id(NULL, x, obj.data.x509);
843  X509_free(obj.data.x509);
844  X509_STORE_CTX_cleanup(&inctx);
845  if (!id)
846  goto err;
847  if (!OCSP_request_add0_id(req, id))
848  goto err;
849  id = NULL;
850  /* Add any extensions to the request */
851  SSL_get_tlsext_status_exts(s, &exts);
852  for (i = 0; i < sk_X509_EXTENSION_num(exts); i++)
853  {
854  X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
855  if (!OCSP_REQUEST_add_ext(req, ext, -1))
856  goto err;
857  }
858  resp = process_responder(err, req, host, path, port, use_ssl, NULL,
859  srctx->timeout);
860  if (!resp)
861  {
862  BIO_puts(err, "cert_status: error querying responder\n");
863  goto done;
864  }
865  rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
866  if (rspderlen <= 0)
867  goto err;
868  SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
869  if (srctx->verbose)
870  {
871  BIO_puts(err, "cert_status: ocsp response sent:\n");
872  OCSP_RESPONSE_print(err, resp, 2);
873  }
874  ret = SSL_TLSEXT_ERR_OK;
875  done:
876  if (ret != SSL_TLSEXT_ERR_OK)
877  ERR_print_errors(err);
878  if (aia)
879  {
880  OPENSSL_free(host);
881  OPENSSL_free(path);
882  OPENSSL_free(port);
883  X509_email_free(aia);
884  }
885  if (id)
886  OCSP_CERTID_free(id);
887  if (req)
888  OCSP_REQUEST_free(req);
889  if (resp)
890  OCSP_RESPONSE_free(resp);
891  return ret;
892  err:
893  ret = SSL_TLSEXT_ERR_ALERT_FATAL;
894  goto done;
895  }
896 
897 # ifndef OPENSSL_NO_NEXTPROTONEG
898 /* This is the context that we pass to next_proto_cb */
899 typedef struct tlsextnextprotoctx_st {
900  unsigned char *data;
901  unsigned int len;
902 } tlsextnextprotoctx;
903 
904 static int next_proto_cb(SSL *s, const unsigned char **data, unsigned int *len, void *arg)
905  {
906  tlsextnextprotoctx *next_proto = arg;
907 
908  *data = next_proto->data;
909  *len = next_proto->len;
910 
911  return SSL_TLSEXT_ERR_OK;
912  }
913 # endif /* ndef OPENSSL_NO_NEXTPROTONEG */
914 
915 
916 #endif
917 
918 int MAIN(int, char **);
919 
920 #ifndef OPENSSL_NO_JPAKE
921 static char *jpake_secret = NULL;
922 #endif
923 #ifndef OPENSSL_NO_SRP
924  static srpsrvparm srp_callback_parm;
925 #endif
926 static char *srtp_profiles = NULL;
927 
928 int MAIN(int argc, char *argv[])
929  {
930  X509_VERIFY_PARAM *vpm = NULL;
931  int badarg = 0;
932  short port=PORT;
933  char *CApath=NULL,*CAfile=NULL;
934  unsigned char *context = NULL;
935  char *dhfile = NULL;
936 #ifndef OPENSSL_NO_ECDH
937  char *named_curve = NULL;
938 #endif
939  int badop=0,bugs=0;
940  int ret=1;
941  int off=0;
942  int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0;
943  int state=0;
944  const SSL_METHOD *meth=NULL;
945  int socket_type=SOCK_STREAM;
946  ENGINE *e=NULL;
947  char *inrand=NULL;
948  int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
949  char *passarg = NULL, *pass = NULL;
950  char *dpassarg = NULL, *dpass = NULL;
951  int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
952  X509 *s_cert = NULL, *s_dcert = NULL;
953  EVP_PKEY *s_key = NULL, *s_dkey = NULL;
954  int no_cache = 0;
955 #ifndef OPENSSL_NO_TLSEXT
956  EVP_PKEY *s_key2 = NULL;
957  X509 *s_cert2 = NULL;
958  tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING};
959 # ifndef OPENSSL_NO_NEXTPROTONEG
960  const char *next_proto_neg_in = NULL;
961  tlsextnextprotoctx next_proto;
962 # endif
963 #endif
964 #ifndef OPENSSL_NO_PSK
965  /* by default do not send a PSK identity hint */
966  static char *psk_identity_hint=NULL;
967 #endif
968 #ifndef OPENSSL_NO_SRP
969  char *srpuserseed = NULL;
970  char *srp_verifier_file = NULL;
971 #endif
972  meth=SSLv23_server_method();
973 
974  local_argc=argc;
975  local_argv=argv;
976 
977  apps_startup();
978 #ifdef MONOLITH
979  s_server_init();
980 #endif
981 
982  if (bio_err == NULL)
983  bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
984 
985  if (!load_config(bio_err, NULL))
986  goto end;
987 
988  verify_depth=0;
989 #ifdef FIONBIO
990  s_nbio=0;
991 #endif
992  s_nbio_test=0;
993 
994  argc--;
995  argv++;
996 
997  while (argc >= 1)
998  {
999  if ((strcmp(*argv,"-port") == 0) ||
1000  (strcmp(*argv,"-accept") == 0))
1001  {
1002  if (--argc < 1) goto bad;
1003  if (!extract_port(*(++argv),&port))
1004  goto bad;
1005  }
1006  else if (strcmp(*argv,"-verify") == 0)
1007  {
1008  s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
1009  if (--argc < 1) goto bad;
1010  verify_depth=atoi(*(++argv));
1011  BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
1012  }
1013  else if (strcmp(*argv,"-Verify") == 0)
1014  {
1015  s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
1016  SSL_VERIFY_CLIENT_ONCE;
1017  if (--argc < 1) goto bad;
1018  verify_depth=atoi(*(++argv));
1019  BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth);
1020  }
1021  else if (strcmp(*argv,"-context") == 0)
1022  {
1023  if (--argc < 1) goto bad;
1024  context= (unsigned char *)*(++argv);
1025  }
1026  else if (strcmp(*argv,"-cert") == 0)
1027  {
1028  if (--argc < 1) goto bad;
1029  s_cert_file= *(++argv);
1030  }
1031  else if (strcmp(*argv,"-certform") == 0)
1032  {
1033  if (--argc < 1) goto bad;
1034  s_cert_format = str2fmt(*(++argv));
1035  }
1036  else if (strcmp(*argv,"-key") == 0)
1037  {
1038  if (--argc < 1) goto bad;
1039  s_key_file= *(++argv);
1040  }
1041  else if (strcmp(*argv,"-keyform") == 0)
1042  {
1043  if (--argc < 1) goto bad;
1044  s_key_format = str2fmt(*(++argv));
1045  }
1046  else if (strcmp(*argv,"-pass") == 0)
1047  {
1048  if (--argc < 1) goto bad;
1049  passarg = *(++argv);
1050  }
1051  else if (strcmp(*argv,"-dhparam") == 0)
1052  {
1053  if (--argc < 1) goto bad;
1054  dhfile = *(++argv);
1055  }
1056 #ifndef OPENSSL_NO_ECDH
1057  else if (strcmp(*argv,"-named_curve") == 0)
1058  {
1059  if (--argc < 1) goto bad;
1060  named_curve = *(++argv);
1061  }
1062 #endif
1063  else if (strcmp(*argv,"-dcertform") == 0)
1064  {
1065  if (--argc < 1) goto bad;
1066  s_dcert_format = str2fmt(*(++argv));
1067  }
1068  else if (strcmp(*argv,"-dcert") == 0)
1069  {
1070  if (--argc < 1) goto bad;
1071  s_dcert_file= *(++argv);
1072  }
1073  else if (strcmp(*argv,"-dkeyform") == 0)
1074  {
1075  if (--argc < 1) goto bad;
1076  s_dkey_format = str2fmt(*(++argv));
1077  }
1078  else if (strcmp(*argv,"-dpass") == 0)
1079  {
1080  if (--argc < 1) goto bad;
1081  dpassarg = *(++argv);
1082  }
1083  else if (strcmp(*argv,"-dkey") == 0)
1084  {
1085  if (--argc < 1) goto bad;
1086  s_dkey_file= *(++argv);
1087  }
1088  else if (strcmp(*argv,"-nocert") == 0)
1089  {
1090  nocert=1;
1091  }
1092  else if (strcmp(*argv,"-CApath") == 0)
1093  {
1094  if (--argc < 1) goto bad;
1095  CApath= *(++argv);
1096  }
1097  else if (strcmp(*argv,"-no_cache") == 0)
1098  no_cache = 1;
1099  else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm))
1100  {
1101  if (badarg)
1102  goto bad;
1103  continue;
1104  }
1105  else if (strcmp(*argv,"-verify_return_error") == 0)
1106  verify_return_error = 1;
1107  else if (strcmp(*argv,"-serverpref") == 0)
1108  { off|=SSL_OP_CIPHER_SERVER_PREFERENCE; }
1109  else if (strcmp(*argv,"-legacy_renegotiation") == 0)
1110  off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
1111  else if (strcmp(*argv,"-cipher") == 0)
1112  {
1113  if (--argc < 1) goto bad;
1114  cipher= *(++argv);
1115  }
1116  else if (strcmp(*argv,"-CAfile") == 0)
1117  {
1118  if (--argc < 1) goto bad;
1119  CAfile= *(++argv);
1120  }
1121 #ifdef FIONBIO
1122  else if (strcmp(*argv,"-nbio") == 0)
1123  { s_nbio=1; }
1124 #endif
1125  else if (strcmp(*argv,"-nbio_test") == 0)
1126  {
1127 #ifdef FIONBIO
1128  s_nbio=1;
1129 #endif
1130  s_nbio_test=1;
1131  }
1132  else if (strcmp(*argv,"-debug") == 0)
1133  { s_debug=1; }
1134 #ifndef OPENSSL_NO_TLSEXT
1135  else if (strcmp(*argv,"-tlsextdebug") == 0)
1136  s_tlsextdebug=1;
1137  else if (strcmp(*argv,"-status") == 0)
1138  s_tlsextstatus=1;
1139  else if (strcmp(*argv,"-status_verbose") == 0)
1140  {
1141  s_tlsextstatus=1;
1142  tlscstatp.verbose = 1;
1143  }
1144  else if (!strcmp(*argv, "-status_timeout"))
1145  {
1146  s_tlsextstatus=1;
1147  if (--argc < 1) goto bad;
1148  tlscstatp.timeout = atoi(*(++argv));
1149  }
1150  else if (!strcmp(*argv, "-status_url"))
1151  {
1152  s_tlsextstatus=1;
1153  if (--argc < 1) goto bad;
1154  if (!OCSP_parse_url(*(++argv),
1155  &tlscstatp.host,
1156  &tlscstatp.port,
1157  &tlscstatp.path,
1158  &tlscstatp.use_ssl))
1159  {
1160  BIO_printf(bio_err, "Error parsing URL\n");
1161  goto bad;
1162  }
1163  }
1164 #endif
1165  else if (strcmp(*argv,"-msg") == 0)
1166  { s_msg=1; }
1167  else if (strcmp(*argv,"-hack") == 0)
1168  { hack=1; }
1169  else if (strcmp(*argv,"-state") == 0)
1170  { state=1; }
1171  else if (strcmp(*argv,"-crlf") == 0)
1172  { s_crlf=1; }
1173  else if (strcmp(*argv,"-quiet") == 0)
1174  { s_quiet=1; }
1175  else if (strcmp(*argv,"-bugs") == 0)
1176  { bugs=1; }
1177  else if (strcmp(*argv,"-no_tmp_rsa") == 0)
1178  { no_tmp_rsa=1; }
1179  else if (strcmp(*argv,"-no_dhe") == 0)
1180  { no_dhe=1; }
1181  else if (strcmp(*argv,"-no_ecdhe") == 0)
1182  { no_ecdhe=1; }
1183 #ifndef OPENSSL_NO_PSK
1184  else if (strcmp(*argv,"-psk_hint") == 0)
1185  {
1186  if (--argc < 1) goto bad;
1187  psk_identity_hint= *(++argv);
1188  }
1189  else if (strcmp(*argv,"-psk") == 0)
1190  {
1191  size_t i;
1192 
1193  if (--argc < 1) goto bad;
1194  psk_key=*(++argv);
1195  for (i=0; i<strlen(psk_key); i++)
1196  {
1197  if (isxdigit((unsigned char)psk_key[i]))
1198  continue;
1199  BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
1200  goto bad;
1201  }
1202  }
1203 #endif
1204 #ifndef OPENSSL_NO_SRP
1205  else if (strcmp(*argv, "-srpvfile") == 0)
1206  {
1207  if (--argc < 1) goto bad;
1208  srp_verifier_file = *(++argv);
1209  meth=TLSv1_server_method();
1210  }
1211  else if (strcmp(*argv, "-srpuserseed") == 0)
1212  {
1213  if (--argc < 1) goto bad;
1214  srpuserseed = *(++argv);
1215  meth=TLSv1_server_method();
1216  }
1217 #endif
1218  else if (strcmp(*argv,"-www") == 0)
1219  { www=1; }
1220  else if (strcmp(*argv,"-WWW") == 0)
1221  { www=2; }
1222  else if (strcmp(*argv,"-HTTP") == 0)
1223  { www=3; }
1224  else if (strcmp(*argv,"-no_ssl2") == 0)
1225  { off|=SSL_OP_NO_SSLv2; }
1226  else if (strcmp(*argv,"-no_ssl3") == 0)
1227  { off|=SSL_OP_NO_SSLv3; }
1228  else if (strcmp(*argv,"-no_tls1") == 0)
1229  { off|=SSL_OP_NO_TLSv1; }
1230  else if (strcmp(*argv,"-no_tls1_1") == 0)
1231  { off|=SSL_OP_NO_TLSv1_1; }
1232  else if (strcmp(*argv,"-no_tls1_2") == 0)
1233  { off|=SSL_OP_NO_TLSv1_2; }
1234  else if (strcmp(*argv,"-no_comp") == 0)
1235  { off|=SSL_OP_NO_COMPRESSION; }
1236 #ifndef OPENSSL_NO_TLSEXT
1237  else if (strcmp(*argv,"-no_ticket") == 0)
1238  { off|=SSL_OP_NO_TICKET; }
1239 #endif
1240 #ifndef OPENSSL_NO_SSL2
1241  else if (strcmp(*argv,"-ssl2") == 0)
1242  { meth=SSLv2_server_method(); }
1243 #endif
1244 #ifndef OPENSSL_NO_SSL3
1245  else if (strcmp(*argv,"-ssl3") == 0)
1246  { meth=SSLv3_server_method(); }
1247 #endif
1248 #ifndef OPENSSL_NO_TLS1
1249  else if (strcmp(*argv,"-tls1") == 0)
1250  { meth=TLSv1_server_method(); }
1251  else if (strcmp(*argv,"-tls1_1") == 0)
1252  { meth=TLSv1_1_server_method(); }
1253  else if (strcmp(*argv,"-tls1_2") == 0)
1254  { meth=TLSv1_2_server_method(); }
1255 #endif
1256 #ifndef OPENSSL_NO_DTLS1
1257  else if (strcmp(*argv,"-dtls1") == 0)
1258  {
1259  meth=DTLSv1_server_method();
1260  socket_type = SOCK_DGRAM;
1261  }
1262  else if (strcmp(*argv,"-timeout") == 0)
1263  enable_timeouts = 1;
1264  else if (strcmp(*argv,"-mtu") == 0)
1265  {
1266  if (--argc < 1) goto bad;
1267  socket_mtu = atol(*(++argv));
1268  }
1269  else if (strcmp(*argv, "-chain") == 0)
1270  cert_chain = 1;
1271 #endif
1272  else if (strcmp(*argv, "-id_prefix") == 0)
1273  {
1274  if (--argc < 1) goto bad;
1275  session_id_prefix = *(++argv);
1276  }
1277 #ifndef OPENSSL_NO_ENGINE
1278  else if (strcmp(*argv,"-engine") == 0)
1279  {
1280  if (--argc < 1) goto bad;
1281  engine_id= *(++argv);
1282  }
1283 #endif
1284  else if (strcmp(*argv,"-rand") == 0)
1285  {
1286  if (--argc < 1) goto bad;
1287  inrand= *(++argv);
1288  }
1289 #ifndef OPENSSL_NO_TLSEXT
1290  else if (strcmp(*argv,"-servername") == 0)
1291  {
1292  if (--argc < 1) goto bad;
1293  tlsextcbp.servername= *(++argv);
1294  }
1295  else if (strcmp(*argv,"-servername_fatal") == 0)
1296  { tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL; }
1297  else if (strcmp(*argv,"-cert2") == 0)
1298  {
1299  if (--argc < 1) goto bad;
1300  s_cert_file2= *(++argv);
1301  }
1302  else if (strcmp(*argv,"-key2") == 0)
1303  {
1304  if (--argc < 1) goto bad;
1305  s_key_file2= *(++argv);
1306  }
1307 # ifndef OPENSSL_NO_NEXTPROTONEG
1308  else if (strcmp(*argv,"-nextprotoneg") == 0)
1309  {
1310  if (--argc < 1) goto bad;
1311  next_proto_neg_in = *(++argv);
1312  }
1313 # endif
1314 #endif
1315 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1316  else if (strcmp(*argv,"-jpake") == 0)
1317  {
1318  if (--argc < 1) goto bad;
1319  jpake_secret = *(++argv);
1320  }
1321 #endif
1322  else if (strcmp(*argv,"-use_srtp") == 0)
1323  {
1324  if (--argc < 1) goto bad;
1325  srtp_profiles = *(++argv);
1326  }
1327  else if (strcmp(*argv,"-keymatexport") == 0)
1328  {
1329  if (--argc < 1) goto bad;
1330  keymatexportlabel= *(++argv);
1331  }
1332  else if (strcmp(*argv,"-keymatexportlen") == 0)
1333  {
1334  if (--argc < 1) goto bad;
1335  keymatexportlen=atoi(*(++argv));
1336  if (keymatexportlen == 0) goto bad;
1337  }
1338  else
1339  {
1340  BIO_printf(bio_err,"unknown option %s\n",*argv);
1341  badop=1;
1342  break;
1343  }
1344  argc--;
1345  argv++;
1346  }
1347  if (badop)
1348  {
1349 bad:
1350  sv_usage();
1351  goto end;
1352  }
1353 
1354 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1355  if (jpake_secret)
1356  {
1357  if (psk_key)
1358  {
1359  BIO_printf(bio_err,
1360  "Can't use JPAKE and PSK together\n");
1361  goto end;
1362  }
1363  psk_identity = "JPAKE";
1364  if (cipher)
1365  {
1366  BIO_printf(bio_err, "JPAKE sets cipher to PSK\n");
1367  goto end;
1368  }
1369  cipher = "PSK";
1370  }
1371 
1372 #endif
1373 
1374  SSL_load_error_strings();
1375  OpenSSL_add_ssl_algorithms();
1376 
1377 #ifndef OPENSSL_NO_ENGINE
1378  e = setup_engine(bio_err, engine_id, 1);
1379 #endif
1380 
1381  if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass))
1382  {
1383  BIO_printf(bio_err, "Error getting password\n");
1384  goto end;
1385  }
1386 
1387 
1388  if (s_key_file == NULL)
1389  s_key_file = s_cert_file;
1390 #ifndef OPENSSL_NO_TLSEXT
1391  if (s_key_file2 == NULL)
1392  s_key_file2 = s_cert_file2;
1393 #endif
1394 
1395  if (nocert == 0)
1396  {
1397  s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
1398  "server certificate private key file");
1399  if (!s_key)
1400  {
1401  ERR_print_errors(bio_err);
1402  goto end;
1403  }
1404 
1405  s_cert = load_cert(bio_err,s_cert_file,s_cert_format,
1406  NULL, e, "server certificate file");
1407 
1408  if (!s_cert)
1409  {
1410  ERR_print_errors(bio_err);
1411  goto end;
1412  }
1413 
1414 #ifndef OPENSSL_NO_TLSEXT
1415  if (tlsextcbp.servername)
1416  {
1417  s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
1418  "second server certificate private key file");
1419  if (!s_key2)
1420  {
1421  ERR_print_errors(bio_err);
1422  goto end;
1423  }
1424 
1425  s_cert2 = load_cert(bio_err,s_cert_file2,s_cert_format,
1426  NULL, e, "second server certificate file");
1427 
1428  if (!s_cert2)
1429  {
1430  ERR_print_errors(bio_err);
1431  goto end;
1432  }
1433  }
1434 
1435 # ifndef OPENSSL_NO_NEXTPROTONEG
1436  if (next_proto_neg_in)
1437  {
1438  unsigned short len;
1439  next_proto.data = next_protos_parse(&len,
1440  next_proto_neg_in);
1441  if (next_proto.data == NULL)
1442  goto end;
1443  next_proto.len = len;
1444  }
1445  else
1446  {
1447  next_proto.data = NULL;
1448  }
1449 # endif
1450 #endif
1451  }
1452 
1453 
1454  if (s_dcert_file)
1455  {
1456 
1457  if (s_dkey_file == NULL)
1458  s_dkey_file = s_dcert_file;
1459 
1460  s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
1461  0, dpass, e,
1462  "second certificate private key file");
1463  if (!s_dkey)
1464  {
1465  ERR_print_errors(bio_err);
1466  goto end;
1467  }
1468 
1469  s_dcert = load_cert(bio_err,s_dcert_file,s_dcert_format,
1470  NULL, e, "second server certificate file");
1471 
1472  if (!s_dcert)
1473  {
1474  ERR_print_errors(bio_err);
1475  goto end;
1476  }
1477 
1478  }
1479 
1480  if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
1481  && !RAND_status())
1482  {
1483  BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
1484  }
1485  if (inrand != NULL)
1486  BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
1487  app_RAND_load_files(inrand));
1488 
1489  if (bio_s_out == NULL)
1490  {
1491  if (s_quiet && !s_debug && !s_msg)
1492  {
1493  bio_s_out=BIO_new(BIO_s_null());
1494  }
1495  else
1496  {
1497  if (bio_s_out == NULL)
1498  bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE);
1499  }
1500  }
1501 
1502 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
1503  if (nocert)
1504 #endif
1505  {
1506  s_cert_file=NULL;
1507  s_key_file=NULL;
1508  s_dcert_file=NULL;
1509  s_dkey_file=NULL;
1510 #ifndef OPENSSL_NO_TLSEXT
1511  s_cert_file2=NULL;
1512  s_key_file2=NULL;
1513 #endif
1514  }
1515 
1516  ctx=SSL_CTX_new(meth);
1517  if (ctx == NULL)
1518  {
1519  ERR_print_errors(bio_err);
1520  goto end;
1521  }
1522  if (session_id_prefix)
1523  {
1524  if(strlen(session_id_prefix) >= 32)
1525  BIO_printf(bio_err,
1526 "warning: id_prefix is too long, only one new session will be possible\n");
1527  else if(strlen(session_id_prefix) >= 16)
1528  BIO_printf(bio_err,
1529 "warning: id_prefix is too long if you use SSLv2\n");
1530  if(!SSL_CTX_set_generate_session_id(ctx, generate_session_id))
1531  {
1532  BIO_printf(bio_err,"error setting 'id_prefix'\n");
1533  ERR_print_errors(bio_err);
1534  goto end;
1535  }
1536  BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix);
1537  }
1538  SSL_CTX_set_quiet_shutdown(ctx,1);
1539  if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
1540  if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
1541  SSL_CTX_set_options(ctx,off);
1542  /* DTLS: partial reads end up discarding unread UDP bytes :-(
1543  * Setting read ahead solves this problem.
1544  */
1545  if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
1546 
1547  if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
1548  if (no_cache)
1549  SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
1550  else
1551  SSL_CTX_sess_set_cache_size(ctx,128);
1552 
1553  if (srtp_profiles != NULL)
1554  SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
1555 
1556 #if 0
1557  if (cipher == NULL) cipher=getenv("SSL_CIPHER");
1558 #endif
1559 
1560 #if 0
1561  if (s_cert_file == NULL)
1562  {
1563  BIO_printf(bio_err,"You must specify a certificate file for the server to use\n");
1564  goto end;
1565  }
1566 #endif
1567 
1568  if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
1569  (!SSL_CTX_set_default_verify_paths(ctx)))
1570  {
1571  /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
1572  ERR_print_errors(bio_err);
1573  /* goto end; */
1574  }
1575  if (vpm)
1576  SSL_CTX_set1_param(ctx, vpm);
1577 
1578 #ifndef OPENSSL_NO_TLSEXT
1579  if (s_cert2)
1580  {
1581  ctx2=SSL_CTX_new(meth);
1582  if (ctx2 == NULL)
1583  {
1584  ERR_print_errors(bio_err);
1585  goto end;
1586  }
1587  }
1588 
1589  if (ctx2)
1590  {
1591  BIO_printf(bio_s_out,"Setting secondary ctx parameters\n");
1592 
1593  if (session_id_prefix)
1594  {
1595  if(strlen(session_id_prefix) >= 32)
1596  BIO_printf(bio_err,
1597  "warning: id_prefix is too long, only one new session will be possible\n");
1598  else if(strlen(session_id_prefix) >= 16)
1599  BIO_printf(bio_err,
1600  "warning: id_prefix is too long if you use SSLv2\n");
1601  if(!SSL_CTX_set_generate_session_id(ctx2, generate_session_id))
1602  {
1603  BIO_printf(bio_err,"error setting 'id_prefix'\n");
1604  ERR_print_errors(bio_err);
1605  goto end;
1606  }
1607  BIO_printf(bio_err,"id_prefix '%s' set.\n", session_id_prefix);
1608  }
1609  SSL_CTX_set_quiet_shutdown(ctx2,1);
1610  if (bugs) SSL_CTX_set_options(ctx2,SSL_OP_ALL);
1611  if (hack) SSL_CTX_set_options(ctx2,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
1612  SSL_CTX_set_options(ctx2,off);
1613  /* DTLS: partial reads end up discarding unread UDP bytes :-(
1614  * Setting read ahead solves this problem.
1615  */
1616  if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx2, 1);
1617 
1618  if (state) SSL_CTX_set_info_callback(ctx2,apps_ssl_info_callback);
1619 
1620  if (no_cache)
1621  SSL_CTX_set_session_cache_mode(ctx2,SSL_SESS_CACHE_OFF);
1622  else
1623  SSL_CTX_sess_set_cache_size(ctx2,128);
1624 
1625  if ((!SSL_CTX_load_verify_locations(ctx2,CAfile,CApath)) ||
1626  (!SSL_CTX_set_default_verify_paths(ctx2)))
1627  {
1628  ERR_print_errors(bio_err);
1629  }
1630  if (vpm)
1631  SSL_CTX_set1_param(ctx2, vpm);
1632  }
1633 
1634 # ifndef OPENSSL_NO_NEXTPROTONEG
1635  if (next_proto.data)
1636  SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb, &next_proto);
1637 # endif
1638 #endif
1639 
1640 #ifndef OPENSSL_NO_DH
1641  if (!no_dhe)
1642  {
1643  DH *dh=NULL;
1644 
1645  if (dhfile)
1646  dh = load_dh_param(dhfile);
1647  else if (s_cert_file)
1648  dh = load_dh_param(s_cert_file);
1649 
1650  if (dh != NULL)
1651  {
1652  BIO_printf(bio_s_out,"Setting temp DH parameters\n");
1653  }
1654  else
1655  {
1656  BIO_printf(bio_s_out,"Using default temp DH parameters\n");
1657  dh=get_dh512();
1658  }
1659  (void)BIO_flush(bio_s_out);
1660 
1661  SSL_CTX_set_tmp_dh(ctx,dh);
1662 #ifndef OPENSSL_NO_TLSEXT
1663  if (ctx2)
1664  {
1665  if (!dhfile)
1666  {
1667  DH *dh2=load_dh_param(s_cert_file2);
1668  if (dh2 != NULL)
1669  {
1670  BIO_printf(bio_s_out,"Setting temp DH parameters\n");
1671  (void)BIO_flush(bio_s_out);
1672 
1673  DH_free(dh);
1674  dh = dh2;
1675  }
1676  }
1677  SSL_CTX_set_tmp_dh(ctx2,dh);
1678  }
1679 #endif
1680  DH_free(dh);
1681  }
1682 #endif
1683 
1684 #ifndef OPENSSL_NO_ECDH
1685  if (!no_ecdhe)
1686  {
1687  EC_KEY *ecdh=NULL;
1688 
1689  if (named_curve)
1690  {
1691  int nid = OBJ_sn2nid(named_curve);
1692 
1693  if (nid == 0)
1694  {
1695  BIO_printf(bio_err, "unknown curve name (%s)\n",
1696  named_curve);
1697  goto end;
1698  }
1699  ecdh = EC_KEY_new_by_curve_name(nid);
1700  if (ecdh == NULL)
1701  {
1702  BIO_printf(bio_err, "unable to create curve (%s)\n",
1703  named_curve);
1704  goto end;
1705  }
1706  }
1707 
1708  if (ecdh != NULL)
1709  {
1710  BIO_printf(bio_s_out,"Setting temp ECDH parameters\n");
1711  }
1712  else
1713  {
1714  BIO_printf(bio_s_out,"Using default temp ECDH parameters\n");
1715  ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
1716  if (ecdh == NULL)
1717  {
1718  BIO_printf(bio_err, "unable to create curve (nistp256)\n");
1719  goto end;
1720  }
1721  }
1722  (void)BIO_flush(bio_s_out);
1723 
1724  SSL_CTX_set_tmp_ecdh(ctx,ecdh);
1725 #ifndef OPENSSL_NO_TLSEXT
1726  if (ctx2)
1727  SSL_CTX_set_tmp_ecdh(ctx2,ecdh);
1728 #endif
1729  EC_KEY_free(ecdh);
1730  }
1731 #endif
1732 
1733  if (!set_cert_key_stuff(ctx,s_cert,s_key))
1734  goto end;
1735 #ifndef OPENSSL_NO_TLSEXT
1736  if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2))
1737  goto end;
1738 #endif
1739  if (s_dcert != NULL)
1740  {
1741  if (!set_cert_key_stuff(ctx,s_dcert,s_dkey))
1742  goto end;
1743  }
1744 
1745 #ifndef OPENSSL_NO_RSA
1746 #if 1
1747  if (!no_tmp_rsa)
1748  {
1749  SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
1750 #ifndef OPENSSL_NO_TLSEXT
1751  if (ctx2)
1752  SSL_CTX_set_tmp_rsa_callback(ctx2,tmp_rsa_cb);
1753 #endif
1754  }
1755 #else
1756  if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx))
1757  {
1758  RSA *rsa;
1759 
1760  BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key...");
1761  BIO_flush(bio_s_out);
1762 
1763  rsa=RSA_generate_key(512,RSA_F4,NULL);
1764 
1765  if (!SSL_CTX_set_tmp_rsa(ctx,rsa))
1766  {
1767  ERR_print_errors(bio_err);
1768  goto end;
1769  }
1770 #ifndef OPENSSL_NO_TLSEXT
1771  if (ctx2)
1772  {
1773  if (!SSL_CTX_set_tmp_rsa(ctx2,rsa))
1774  {
1775  ERR_print_errors(bio_err);
1776  goto end;
1777  }
1778  }
1779 #endif
1780  RSA_free(rsa);
1781  BIO_printf(bio_s_out,"\n");
1782  }
1783 #endif
1784 #endif
1785 
1786 #ifndef OPENSSL_NO_PSK
1787 #ifdef OPENSSL_NO_JPAKE
1788  if (psk_key != NULL)
1789 #else
1790  if (psk_key != NULL || jpake_secret)
1791 #endif
1792  {
1793  if (s_debug)
1794  BIO_printf(bio_s_out, "PSK key given or JPAKE in use, setting server callback\n");
1795  SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
1796  }
1797 
1798  if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint))
1799  {
1800  BIO_printf(bio_err,"error setting PSK identity hint to context\n");
1801  ERR_print_errors(bio_err);
1802  goto end;
1803  }
1804 #endif
1805 
1806  if (cipher != NULL)
1807  {
1808  if(!SSL_CTX_set_cipher_list(ctx,cipher))
1809  {
1810  BIO_printf(bio_err,"error setting cipher list\n");
1811  ERR_print_errors(bio_err);
1812  goto end;
1813  }
1814 #ifndef OPENSSL_NO_TLSEXT
1815  if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,cipher))
1816  {
1817  BIO_printf(bio_err,"error setting cipher list\n");
1818  ERR_print_errors(bio_err);
1819  goto end;
1820  }
1821 #endif
1822  }
1823  SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
1824  SSL_CTX_set_session_id_context(ctx,(void*)&s_server_session_id_context,
1825  sizeof s_server_session_id_context);
1826 
1827  /* Set DTLS cookie generation and verification callbacks */
1828  SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
1829  SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
1830 
1831 #ifndef OPENSSL_NO_TLSEXT
1832  if (ctx2)
1833  {
1834  SSL_CTX_set_verify(ctx2,s_server_verify,verify_callback);
1835  SSL_CTX_set_session_id_context(ctx2,(void*)&s_server_session_id_context,
1836  sizeof s_server_session_id_context);
1837 
1838  tlsextcbp.biodebug = bio_s_out;
1839  SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
1840  SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
1841  SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
1842  SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
1843  }
1844 #endif
1845 
1846 #ifndef OPENSSL_NO_SRP
1847  if (srp_verifier_file != NULL)
1848  {
1849  srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
1850  srp_callback_parm.user = NULL;
1851  srp_callback_parm.login = NULL;
1852  if ((ret = SRP_VBASE_init(srp_callback_parm.vb, srp_verifier_file)) != SRP_NO_ERROR)
1853  {
1854  BIO_printf(bio_err,
1855  "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
1856  srp_verifier_file, ret);
1857  goto end;
1858  }
1859  SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE,verify_callback);
1860  SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
1861  SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
1862  }
1863  else
1864 #endif
1865  if (CAfile != NULL)
1866  {
1867  SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
1868 #ifndef OPENSSL_NO_TLSEXT
1869  if (ctx2)
1870  SSL_CTX_set_client_CA_list(ctx2,SSL_load_client_CA_file(CAfile));
1871 #endif
1872  }
1873 
1874  BIO_printf(bio_s_out,"ACCEPT\n");
1875  (void)BIO_flush(bio_s_out);
1876  if (www)
1877  do_server(port,socket_type,&accept_socket,www_body, context);
1878  else
1879  do_server(port,socket_type,&accept_socket,sv_body, context);
1880  print_stats(bio_s_out,ctx);
1881  ret=0;
1882 end:
1883  if (ctx != NULL) SSL_CTX_free(ctx);
1884  if (s_cert)
1885  X509_free(s_cert);
1886  if (s_dcert)
1887  X509_free(s_dcert);
1888  if (s_key)
1889  EVP_PKEY_free(s_key);
1890  if (s_dkey)
1891  EVP_PKEY_free(s_dkey);
1892  if (pass)
1893  OPENSSL_free(pass);
1894  if (dpass)
1895  OPENSSL_free(dpass);
1896 #ifndef OPENSSL_NO_TLSEXT
1897  if (ctx2 != NULL) SSL_CTX_free(ctx2);
1898  if (s_cert2)
1899  X509_free(s_cert2);
1900  if (s_key2)
1901  EVP_PKEY_free(s_key2);
1902 #endif
1903  if (bio_s_out != NULL)
1904  {
1905  BIO_free(bio_s_out);
1906  bio_s_out=NULL;
1907  }
1908  apps_shutdown();
1909  OPENSSL_EXIT(ret);
1910  }
1911 
1912 static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
1913  {
1914  BIO_printf(bio,"%4ld items in the session cache\n",
1915  SSL_CTX_sess_number(ssl_ctx));
1916  BIO_printf(bio,"%4ld client connects (SSL_connect())\n",
1917  SSL_CTX_sess_connect(ssl_ctx));
1918  BIO_printf(bio,"%4ld client renegotiates (SSL_connect())\n",
1919  SSL_CTX_sess_connect_renegotiate(ssl_ctx));
1920  BIO_printf(bio,"%4ld client connects that finished\n",
1921  SSL_CTX_sess_connect_good(ssl_ctx));
1922  BIO_printf(bio,"%4ld server accepts (SSL_accept())\n",
1923  SSL_CTX_sess_accept(ssl_ctx));
1924  BIO_printf(bio,"%4ld server renegotiates (SSL_accept())\n",
1925  SSL_CTX_sess_accept_renegotiate(ssl_ctx));
1926  BIO_printf(bio,"%4ld server accepts that finished\n",
1927  SSL_CTX_sess_accept_good(ssl_ctx));
1928  BIO_printf(bio,"%4ld session cache hits\n",SSL_CTX_sess_hits(ssl_ctx));
1929  BIO_printf(bio,"%4ld session cache misses\n",SSL_CTX_sess_misses(ssl_ctx));
1930  BIO_printf(bio,"%4ld session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx));
1931  BIO_printf(bio,"%4ld callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx));
1932  BIO_printf(bio,"%4ld cache full overflows (%ld allowed)\n",
1933  SSL_CTX_sess_cache_full(ssl_ctx),
1934  SSL_CTX_sess_get_cache_size(ssl_ctx));
1935  }
1936 
1937 static int sv_body(char *hostname, int s, unsigned char *context)
1938  {
1939  char *buf=NULL;
1940  fd_set readfds;
1941  int ret=1,width;
1942  int k,i;
1943  unsigned long l;
1944  SSL *con=NULL;
1945  BIO *sbio;
1946 #ifndef OPENSSL_NO_KRB5
1947  KSSL_CTX *kctx;
1948 #endif
1949  struct timeval timeout;
1950 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
1951  struct timeval tv;
1952 #else
1953  struct timeval *timeoutp;
1954 #endif
1955 
1956  if ((buf=OPENSSL_malloc(bufsize)) == NULL)
1957  {
1958  BIO_printf(bio_err,"out of memory\n");
1959  goto err;
1960  }
1961 #ifdef FIONBIO
1962  if (s_nbio)
1963  {
1964  unsigned long sl=1;
1965 
1966  if (!s_quiet)
1967  BIO_printf(bio_err,"turning on non blocking io\n");
1968  if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
1969  ERR_print_errors(bio_err);
1970  }
1971 #endif
1972 
1973  if (con == NULL) {
1974  con=SSL_new(ctx);
1975 #ifndef OPENSSL_NO_TLSEXT
1976  if (s_tlsextdebug)
1977  {
1978  SSL_set_tlsext_debug_callback(con, tlsext_cb);
1979  SSL_set_tlsext_debug_arg(con, bio_s_out);
1980  }
1981  if (s_tlsextstatus)
1982  {
1983  SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
1984  tlscstatp.err = bio_err;
1985  SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
1986  }
1987 #endif
1988 #ifndef OPENSSL_NO_KRB5
1989  if ((kctx = kssl_ctx_new()) != NULL)
1990  {
1991  SSL_set0_kssl_ctx(con, kctx);
1992  kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
1993  kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
1994  }
1995 #endif /* OPENSSL_NO_KRB5 */
1996  if(context)
1997  SSL_set_session_id_context(con, context,
1998  strlen((char *)context));
1999  }
2000  SSL_clear(con);
2001 #if 0
2002 #ifdef TLSEXT_TYPE_opaque_prf_input
2003  SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
2004 #endif
2005 #endif
2006 
2007  if (SSL_version(con) == DTLS1_VERSION)
2008  {
2009 
2010  sbio=BIO_new_dgram(s,BIO_NOCLOSE);
2011 
2012  if (enable_timeouts)
2013  {
2014  timeout.tv_sec = 0;
2015  timeout.tv_usec = DGRAM_RCV_TIMEOUT;
2016  BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
2017 
2018  timeout.tv_sec = 0;
2019  timeout.tv_usec = DGRAM_SND_TIMEOUT;
2020  BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
2021  }
2022 
2023  if (socket_mtu > 28)
2024  {
2025  SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
2026  SSL_set_mtu(con, socket_mtu - 28);
2027  }
2028  else
2029  /* want to do MTU discovery */
2030  BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
2031 
2032  /* turn on cookie exchange */
2033  SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
2034  }
2035  else
2036  sbio=BIO_new_socket(s,BIO_NOCLOSE);
2037 
2038  if (s_nbio_test)
2039  {
2040  BIO *test;
2041 
2042  test=BIO_new(BIO_f_nbio_test());
2043  sbio=BIO_push(test,sbio);
2044  }
2045 #ifndef OPENSSL_NO_JPAKE
2046  if(jpake_secret)
2047  jpake_server_auth(bio_s_out, sbio, jpake_secret);
2048 #endif
2049 
2050  SSL_set_bio(con,sbio,sbio);
2051  SSL_set_accept_state(con);
2052  /* SSL_set_fd(con,s); */
2053 
2054  if (s_debug)
2055  {
2056  SSL_set_debug(con, 1);
2057  BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
2058  BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
2059  }
2060  if (s_msg)
2061  {
2062  SSL_set_msg_callback(con, msg_cb);
2063  SSL_set_msg_callback_arg(con, bio_s_out);
2064  }
2065 #ifndef OPENSSL_NO_TLSEXT
2066  if (s_tlsextdebug)
2067  {
2068  SSL_set_tlsext_debug_callback(con, tlsext_cb);
2069  SSL_set_tlsext_debug_arg(con, bio_s_out);
2070  }
2071 #endif
2072 
2073  width=s+1;
2074  for (;;)
2075  {
2076  int read_from_terminal;
2077  int read_from_sslcon;
2078 
2079  read_from_terminal = 0;
2080  read_from_sslcon = SSL_pending(con);
2081 
2082  if (!read_from_sslcon)
2083  {
2084  FD_ZERO(&readfds);
2085 #if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
2086  openssl_fdset(fileno(stdin),&readfds);
2087 #endif
2088  openssl_fdset(s,&readfds);
2089  /* Note: under VMS with SOCKETSHR the second parameter is
2090  * currently of type (int *) whereas under other systems
2091  * it is (void *) if you don't have a cast it will choke
2092  * the compiler: if you do have a cast then you can either
2093  * go for (int *) or (void *).
2094  */
2095 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
2096  /* Under DOS (non-djgpp) and Windows we can't select on stdin: only
2097  * on sockets. As a workaround we timeout the select every
2098  * second and check for any keypress. In a proper Windows
2099  * application we wouldn't do this because it is inefficient.
2100  */
2101  tv.tv_sec = 1;
2102  tv.tv_usec = 0;
2103  i=select(width,(void *)&readfds,NULL,NULL,&tv);
2104  if((i < 0) || (!i && !_kbhit() ) )continue;
2105  if(_kbhit())
2106  read_from_terminal = 1;
2107 #elif defined(OPENSSL_SYS_BEOS_R5)
2108  /* Under BeOS-R5 the situation is similar to DOS */
2109  tv.tv_sec = 1;
2110  tv.tv_usec = 0;
2111  (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
2112  i=select(width,(void *)&readfds,NULL,NULL,&tv);
2113  if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
2114  continue;
2115  if (read(fileno(stdin), buf, 0) >= 0)
2116  read_from_terminal = 1;
2117  (void)fcntl(fileno(stdin), F_SETFL, 0);
2118 #else
2119  if ((SSL_version(con) == DTLS1_VERSION) &&
2120  DTLSv1_get_timeout(con, &timeout))
2121  timeoutp = &timeout;
2122  else
2123  timeoutp = NULL;
2124 
2125  i=select(width,(void *)&readfds,NULL,NULL,timeoutp);
2126 
2127  if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
2128  {
2129  BIO_printf(bio_err,"TIMEOUT occured\n");
2130  }
2131 
2132  if (i <= 0) continue;
2133  if (FD_ISSET(fileno(stdin),&readfds))
2134  read_from_terminal = 1;
2135 #endif
2136  if (FD_ISSET(s,&readfds))
2137  read_from_sslcon = 1;
2138  }
2139  if (read_from_terminal)
2140  {
2141  if (s_crlf)
2142  {
2143  int j, lf_num;
2144 
2145  i=raw_read_stdin(buf, bufsize/2);
2146  lf_num = 0;
2147  /* both loops are skipped when i <= 0 */
2148  for (j = 0; j < i; j++)
2149  if (buf[j] == '\n')
2150  lf_num++;
2151  for (j = i-1; j >= 0; j--)
2152  {
2153  buf[j+lf_num] = buf[j];
2154  if (buf[j] == '\n')
2155  {
2156  lf_num--;
2157  i++;
2158  buf[j+lf_num] = '\r';
2159  }
2160  }
2161  assert(lf_num == 0);
2162  }
2163  else
2164  i=raw_read_stdin(buf,bufsize);
2165  if (!s_quiet)
2166  {
2167  if ((i <= 0) || (buf[0] == 'Q'))
2168  {
2169  BIO_printf(bio_s_out,"DONE\n");
2170  SHUTDOWN(s);
2171  close_accept_socket();
2172  ret= -11;
2173  goto err;
2174  }
2175  if ((i <= 0) || (buf[0] == 'q'))
2176  {
2177  BIO_printf(bio_s_out,"DONE\n");
2178  if (SSL_version(con) != DTLS1_VERSION)
2179  SHUTDOWN(s);
2180  /* close_accept_socket();
2181  ret= -11;*/
2182  goto err;
2183  }
2184 
2185 #ifndef OPENSSL_NO_HEARTBEATS
2186  if ((buf[0] == 'B') &&
2187  ((buf[1] == '\n') || (buf[1] == '\r')))
2188  {
2189  BIO_printf(bio_err,"HEARTBEATING\n");
2190  SSL_heartbeat(con);
2191  i=0;
2192  continue;
2193  }
2194 #endif
2195  if ((buf[0] == 'r') &&
2196  ((buf[1] == '\n') || (buf[1] == '\r')))
2197  {
2198  SSL_renegotiate(con);
2199  i=SSL_do_handshake(con);
2200  printf("SSL_do_handshake -> %d\n",i);
2201  i=0; /*13; */
2202  continue;
2203  /* strcpy(buf,"server side RE-NEGOTIATE\n"); */
2204  }
2205  if ((buf[0] == 'R') &&
2206  ((buf[1] == '\n') || (buf[1] == '\r')))
2207  {
2208  SSL_set_verify(con,
2209  SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL);
2210  SSL_renegotiate(con);
2211  i=SSL_do_handshake(con);
2212  printf("SSL_do_handshake -> %d\n",i);
2213  i=0; /* 13; */
2214  continue;
2215  /* strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n"); */
2216  }
2217  if (buf[0] == 'P')
2218  {
2219  static const char *str="Lets print some clear text\n";
2220  BIO_write(SSL_get_wbio(con),str,strlen(str));
2221  }
2222  if (buf[0] == 'S')
2223  {
2224  print_stats(bio_s_out,SSL_get_SSL_CTX(con));
2225  }
2226  }
2227 #ifdef CHARSET_EBCDIC
2228  ebcdic2ascii(buf,buf,i);
2229 #endif
2230  l=k=0;
2231  for (;;)
2232  {
2233  /* should do a select for the write */
2234 #ifdef RENEG
2235 { static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } }
2236 #endif
2237  k=SSL_write(con,&(buf[l]),(unsigned int)i);
2238 #ifndef OPENSSL_NO_SRP
2239  while (SSL_get_error(con,k) == SSL_ERROR_WANT_X509_LOOKUP)
2240  {
2241  BIO_printf(bio_s_out,"LOOKUP renego during write\n");
2242  srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login);
2243  if (srp_callback_parm.user)
2244  BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info);
2245  else
2246  BIO_printf(bio_s_out,"LOOKUP not successful\n");
2247  k=SSL_write(con,&(buf[l]),(unsigned int)i);
2248  }
2249 #endif
2250  switch (SSL_get_error(con,k))
2251  {
2252  case SSL_ERROR_NONE:
2253  break;
2254  case SSL_ERROR_WANT_WRITE:
2255  case SSL_ERROR_WANT_READ:
2256  case SSL_ERROR_WANT_X509_LOOKUP:
2257  BIO_printf(bio_s_out,"Write BLOCK\n");
2258  break;
2259  case SSL_ERROR_SYSCALL:
2260  case SSL_ERROR_SSL:
2261  BIO_printf(bio_s_out,"ERROR\n");
2262  ERR_print_errors(bio_err);
2263  ret=1;
2264  goto err;
2265  /* break; */
2266  case SSL_ERROR_ZERO_RETURN:
2267  BIO_printf(bio_s_out,"DONE\n");
2268  ret=1;
2269  goto err;
2270  }
2271  l+=k;
2272  i-=k;
2273  if (i <= 0) break;
2274  }
2275  }
2276  if (read_from_sslcon)
2277  {
2278  if (!SSL_is_init_finished(con))
2279  {
2280  i=init_ssl_connection(con);
2281 
2282  if (i < 0)
2283  {
2284  ret=0;
2285  goto err;
2286  }
2287  else if (i == 0)
2288  {
2289  ret=1;
2290  goto err;
2291  }
2292  }
2293  else
2294  {
2295 again:
2296  i=SSL_read(con,(char *)buf,bufsize);
2297 #ifndef OPENSSL_NO_SRP
2298  while (SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP)
2299  {
2300  BIO_printf(bio_s_out,"LOOKUP renego during read\n");
2301  srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login);
2302  if (srp_callback_parm.user)
2303  BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info);
2304  else
2305  BIO_printf(bio_s_out,"LOOKUP not successful\n");
2306  i=SSL_read(con,(char *)buf,bufsize);
2307  }
2308 #endif
2309  switch (SSL_get_error(con,i))
2310  {
2311  case SSL_ERROR_NONE:
2312 #ifdef CHARSET_EBCDIC
2313  ascii2ebcdic(buf,buf,i);
2314 #endif
2315  raw_write_stdout(buf,
2316  (unsigned int)i);
2317  if (SSL_pending(con)) goto again;
2318  break;
2319  case SSL_ERROR_WANT_WRITE:
2320  case SSL_ERROR_WANT_READ:
2321  BIO_printf(bio_s_out,"Read BLOCK\n");
2322  break;
2323  case SSL_ERROR_SYSCALL:
2324  case SSL_ERROR_SSL:
2325  BIO_printf(bio_s_out,"ERROR\n");
2326  ERR_print_errors(bio_err);
2327  ret=1;
2328  goto err;
2329  case SSL_ERROR_ZERO_RETURN:
2330  BIO_printf(bio_s_out,"DONE\n");
2331  ret=1;
2332  goto err;
2333  }
2334  }
2335  }
2336  }
2337 err:
2338  if (con != NULL)
2339  {
2340  BIO_printf(bio_s_out,"shutting down SSL\n");
2341 #if 1
2342  SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
2343 #else
2344  SSL_shutdown(con);
2345 #endif
2346  SSL_free(con);
2347  }
2348  BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
2349  if (buf != NULL)
2350  {
2351  OPENSSL_cleanse(buf,bufsize);
2352  OPENSSL_free(buf);
2353  }
2354  if (ret >= 0)
2355  BIO_printf(bio_s_out,"ACCEPT\n");
2356  return(ret);
2357  }
2358 
2359 static void close_accept_socket(void)
2360  {
2361  BIO_printf(bio_err,"shutdown accept socket\n");
2362  if (accept_socket >= 0)
2363  {
2364  SHUTDOWN2(accept_socket);
2365  }
2366  }
2367 
2368 static int init_ssl_connection(SSL *con)
2369  {
2370  int i;
2371  const char *str;
2372  X509 *peer;
2373  long verify_error;
2374  MS_STATIC char buf[BUFSIZ];
2375 #ifndef OPENSSL_NO_KRB5
2376  char *client_princ;
2377 #endif
2378 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2379  const unsigned char *next_proto_neg;
2380  unsigned next_proto_neg_len;
2381 #endif
2382  unsigned char *exportedkeymat;
2383 
2384 
2385  i=SSL_accept(con);
2386 #ifndef OPENSSL_NO_SRP
2387  while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP)
2388  {
2389  BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login);
2390  srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login);
2391  if (srp_callback_parm.user)
2392  BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info);
2393  else
2394  BIO_printf(bio_s_out,"LOOKUP not successful\n");
2395  i=SSL_accept(con);
2396  }
2397 #endif
2398  if (i <= 0)
2399  {
2400  if (BIO_sock_should_retry(i))
2401  {
2402  BIO_printf(bio_s_out,"DELAY\n");
2403  return(1);
2404  }
2405 
2406  BIO_printf(bio_err,"ERROR\n");
2407  verify_error=SSL_get_verify_result(con);
2408  if (verify_error != X509_V_OK)
2409  {
2410  BIO_printf(bio_err,"verify error:%s\n",
2411  X509_verify_cert_error_string(verify_error));
2412  }
2413  else
2414  ERR_print_errors(bio_err);
2415  return(0);
2416  }
2417 
2418  PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con));
2419 
2420  peer=SSL_get_peer_certificate(con);
2421  if (peer != NULL)
2422  {
2423  BIO_printf(bio_s_out,"Client certificate\n");
2424  PEM_write_bio_X509(bio_s_out,peer);
2425  X509_NAME_oneline(X509_get_subject_name(peer),buf,sizeof buf);
2426  BIO_printf(bio_s_out,"subject=%s\n",buf);
2427  X509_NAME_oneline(X509_get_issuer_name(peer),buf,sizeof buf);
2428  BIO_printf(bio_s_out,"issuer=%s\n",buf);
2429  X509_free(peer);
2430  }
2431 
2432  if (SSL_get_shared_ciphers(con,buf,sizeof buf) != NULL)
2433  BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
2434  str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
2435  BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
2436 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2437  SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
2438  if (next_proto_neg)
2439  {
2440  BIO_printf(bio_s_out,"NEXTPROTO is ");
2441  BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
2442  BIO_printf(bio_s_out, "\n");
2443  }
2444 #endif
2445  {
2446  SRTP_PROTECTION_PROFILE *srtp_profile
2447  = SSL_get_selected_srtp_profile(con);
2448 
2449  if(srtp_profile)
2450  BIO_printf(bio_s_out,"SRTP Extension negotiated, profile=%s\n",
2451  srtp_profile->name);
2452  }
2453  if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n");
2454  if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
2455  TLS1_FLAGS_TLS_PADDING_BUG)
2456  BIO_printf(bio_s_out,
2457  "Peer has incorrect TLSv1 block padding\n");
2458 #ifndef OPENSSL_NO_KRB5
2459  client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
2460  if (client_princ != NULL)
2461  {
2462  BIO_printf(bio_s_out,"Kerberos peer principal is %s\n",
2463  client_princ);
2464  }
2465 #endif /* OPENSSL_NO_KRB5 */
2466  BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
2467  SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
2468  if (keymatexportlabel != NULL)
2469  {
2470  BIO_printf(bio_s_out, "Keying material exporter:\n");
2471  BIO_printf(bio_s_out, " Label: '%s'\n", keymatexportlabel);
2472  BIO_printf(bio_s_out, " Length: %i bytes\n",
2473  keymatexportlen);
2474  exportedkeymat = OPENSSL_malloc(keymatexportlen);
2475  if (exportedkeymat != NULL)
2476  {
2477  if (!SSL_export_keying_material(con, exportedkeymat,
2478  keymatexportlen,
2479  keymatexportlabel,
2480  strlen(keymatexportlabel),
2481  NULL, 0, 0))
2482  {
2483  BIO_printf(bio_s_out, " Error\n");
2484  }
2485  else
2486  {
2487  BIO_printf(bio_s_out, " Keying material: ");
2488  for (i=0; i<keymatexportlen; i++)
2489  BIO_printf(bio_s_out, "%02X",
2490  exportedkeymat[i]);
2491  BIO_printf(bio_s_out, "\n");
2492  }
2493  OPENSSL_free(exportedkeymat);
2494  }
2495  }
2496 
2497  return(1);
2498  }
2499 
2500 #ifndef OPENSSL_NO_DH
2501 static DH *load_dh_param(const char *dhfile)
2502  {
2503  DH *ret=NULL;
2504  BIO *bio;
2505 
2506  if ((bio=BIO_new_file(dhfile,"r")) == NULL)
2507  goto err;
2508  ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
2509 err:
2510  if (bio != NULL) BIO_free(bio);
2511  return(ret);
2512  }
2513 #endif
2514 #ifndef OPENSSL_NO_KRB5
2515  char *client_princ;
2516 #endif
2517 
2518 #if 0
2519 static int load_CA(SSL_CTX *ctx, char *file)
2520  {
2521  FILE *in;
2522  X509 *x=NULL;
2523 
2524  if ((in=fopen(file,"r")) == NULL)
2525  return(0);
2526 
2527  for (;;)
2528  {
2529  if (PEM_read_X509(in,&x,NULL) == NULL)
2530  break;
2531  SSL_CTX_add_client_CA(ctx,x);
2532  }
2533  if (x != NULL) X509_free(x);
2534  fclose(in);
2535  return(1);
2536  }
2537 #endif
2538 
2539 static int www_body(char *hostname, int s, unsigned char *context)
2540  {
2541  char *buf=NULL;
2542  int ret=1;
2543  int i,j,k,dot;
2544  SSL *con;
2545  const SSL_CIPHER *c;
2546  BIO *io,*ssl_bio,*sbio;
2547 #ifndef OPENSSL_NO_KRB5
2548  KSSL_CTX *kctx;
2549 #endif
2550 
2551  buf=OPENSSL_malloc(bufsize);
2552  if (buf == NULL) return(0);
2553  io=BIO_new(BIO_f_buffer());
2554  ssl_bio=BIO_new(BIO_f_ssl());
2555  if ((io == NULL) || (ssl_bio == NULL)) goto err;
2556 
2557 #ifdef FIONBIO
2558  if (s_nbio)
2559  {
2560  unsigned long sl=1;
2561 
2562  if (!s_quiet)
2563  BIO_printf(bio_err,"turning on non blocking io\n");
2564  if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
2565  ERR_print_errors(bio_err);
2566  }
2567 #endif
2568 
2569  /* lets make the output buffer a reasonable size */
2570  if (!BIO_set_write_buffer_size(io,bufsize)) goto err;
2571 
2572  if ((con=SSL_new(ctx)) == NULL) goto err;
2573 #ifndef OPENSSL_NO_TLSEXT
2574  if (s_tlsextdebug)
2575  {
2576  SSL_set_tlsext_debug_callback(con, tlsext_cb);
2577  SSL_set_tlsext_debug_arg(con, bio_s_out);
2578  }
2579 #endif
2580 #ifndef OPENSSL_NO_KRB5
2581  if ((kctx = kssl_ctx_new()) != NULL)
2582  {
2583  kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
2584  kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
2585  }
2586 #endif /* OPENSSL_NO_KRB5 */
2587  if(context) SSL_set_session_id_context(con, context,
2588  strlen((char *)context));
2589 
2590  sbio=BIO_new_socket(s,BIO_NOCLOSE);
2591  if (s_nbio_test)
2592  {
2593  BIO *test;
2594 
2595  test=BIO_new(BIO_f_nbio_test());
2596  sbio=BIO_push(test,sbio);
2597  }
2598  SSL_set_bio(con,sbio,sbio);
2599  SSL_set_accept_state(con);
2600 
2601  /* SSL_set_fd(con,s); */
2602  BIO_set_ssl(ssl_bio,con,BIO_CLOSE);
2603  BIO_push(io,ssl_bio);
2604 #ifdef CHARSET_EBCDIC
2605  io = BIO_push(BIO_new(BIO_f_ebcdic_filter()),io);
2606 #endif
2607 
2608  if (s_debug)
2609  {
2610  SSL_set_debug(con, 1);
2611  BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);
2612  BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);
2613  }
2614  if (s_msg)
2615  {
2616  SSL_set_msg_callback(con, msg_cb);
2617  SSL_set_msg_callback_arg(con, bio_s_out);
2618  }
2619 
2620  for (;;)
2621  {
2622  if (hack)
2623  {
2624  i=SSL_accept(con);
2625 #ifndef OPENSSL_NO_SRP
2626  while (i <= 0 && SSL_get_error(con,i) == SSL_ERROR_WANT_X509_LOOKUP)
2627  {
2628  BIO_printf(bio_s_out,"LOOKUP during accept %s\n",srp_callback_parm.login);
2629  srp_callback_parm.user = SRP_VBASE_get_by_user(srp_callback_parm.vb, srp_callback_parm.login);
2630  if (srp_callback_parm.user)
2631  BIO_printf(bio_s_out,"LOOKUP done %s\n",srp_callback_parm.user->info);
2632  else
2633  BIO_printf(bio_s_out,"LOOKUP not successful\n");
2634  i=SSL_accept(con);
2635  }
2636 #endif
2637  switch (SSL_get_error(con,i))
2638  {
2639  case SSL_ERROR_NONE:
2640  break;
2641  case SSL_ERROR_WANT_WRITE:
2642  case SSL_ERROR_WANT_READ:
2643  case SSL_ERROR_WANT_X509_LOOKUP:
2644  continue;
2645  case SSL_ERROR_SYSCALL:
2646  case SSL_ERROR_SSL:
2647  case SSL_ERROR_ZERO_RETURN:
2648  ret=1;
2649  goto err;
2650  /* break; */
2651  }
2652 
2653  SSL_renegotiate(con);
2654  SSL_write(con,NULL,0);
2655  }
2656 
2657  i=BIO_gets(io,buf,bufsize-1);
2658  if (i < 0) /* error */
2659  {
2660  if (!BIO_should_retry(io))
2661  {
2662  if (!s_quiet)
2663  ERR_print_errors(bio_err);
2664  goto err;
2665  }
2666  else
2667  {
2668  BIO_printf(bio_s_out,"read R BLOCK\n");
2669 #if defined(OPENSSL_SYS_NETWARE)
2670  delay(1000);
2671 #elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
2672  sleep(1);
2673 #endif
2674  continue;
2675  }
2676  }
2677  else if (i == 0) /* end of input */
2678  {
2679  ret=1;
2680  goto end;
2681  }
2682 
2683  /* else we have data */
2684  if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) ||
2685  ((www == 2) && (strncmp("GET /stats ",buf,10) == 0)))
2686  {
2687  char *p;
2688  X509 *peer;
2689  STACK_OF(SSL_CIPHER) *sk;
2690  static const char *space=" ";
2691 
2692  BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2693  BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n");
2694  BIO_puts(io,"<pre>\n");
2695 /* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
2696  BIO_puts(io,"\n");
2697  for (i=0; i<local_argc; i++)
2698  {
2699  BIO_puts(io,local_argv[i]);
2700  BIO_write(io," ",1);
2701  }
2702  BIO_puts(io,"\n");
2703 
2704  /* The following is evil and should not really
2705  * be done */
2706  BIO_printf(io,"Ciphers supported in s_server binary\n");
2707  sk=SSL_get_ciphers(con);
2708  j=sk_SSL_CIPHER_num(sk);
2709  for (i=0; i<j; i++)
2710  {
2711  c=sk_SSL_CIPHER_value(sk,i);
2712  BIO_printf(io,"%-11s:%-25s",
2713  SSL_CIPHER_get_version(c),
2714  SSL_CIPHER_get_name(c));
2715  if ((((i+1)%2) == 0) && (i+1 != j))
2716  BIO_puts(io,"\n");
2717  }
2718  BIO_puts(io,"\n");
2719  p=SSL_get_shared_ciphers(con,buf,bufsize);
2720  if (p != NULL)
2721  {
2722  BIO_printf(io,"---\nCiphers common between both SSL end points:\n");
2723  j=i=0;
2724  while (*p)
2725  {
2726  if (*p == ':')
2727  {
2728  BIO_write(io,space,26-j);
2729  i++;
2730  j=0;
2731  BIO_write(io,((i%3)?" ":"\n"),1);
2732  }
2733  else
2734  {
2735  BIO_write(io,p,1);
2736  j++;
2737  }
2738  p++;
2739  }
2740  BIO_puts(io,"\n");
2741  }
2742  BIO_printf(io,(SSL_cache_hit(con)
2743  ?"---\nReused, "
2744  :"---\nNew, "));
2745  c=SSL_get_current_cipher(con);
2746  BIO_printf(io,"%s, Cipher is %s\n",
2747  SSL_CIPHER_get_version(c),
2748  SSL_CIPHER_get_name(c));
2749  SSL_SESSION_print(io,SSL_get_session(con));
2750  BIO_printf(io,"---\n");
2751  print_stats(io,SSL_get_SSL_CTX(con));
2752  BIO_printf(io,"---\n");
2753  peer=SSL_get_peer_certificate(con);
2754  if (peer != NULL)
2755  {
2756  BIO_printf(io,"Client certificate\n");
2757  X509_print(io,peer);
2758  PEM_write_bio_X509(io,peer);
2759  }
2760  else
2761  BIO_puts(io,"no client certificate available\n");
2762  BIO_puts(io,"</BODY></HTML>\r\n\r\n");
2763  break;
2764  }
2765  else if ((www == 2 || www == 3)
2766  && (strncmp("GET /",buf,5) == 0))
2767  {
2768  BIO *file;
2769  char *p,*e;
2770  static const char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
2771 
2772  /* skip the '/' */
2773  p= &(buf[5]);
2774 
2775  dot = 1;
2776  for (e=p; *e != '\0'; e++)
2777  {
2778  if (e[0] == ' ')
2779  break;
2780 
2781  switch (dot)
2782  {
2783  case 1:
2784  dot = (e[0] == '.') ? 2 : 0;
2785  break;
2786  case 2:
2787  dot = (e[0] == '.') ? 3 : 0;
2788  break;
2789  case 3:
2790  dot = (e[0] == '/') ? -1 : 0;
2791  break;
2792  }
2793  if (dot == 0)
2794  dot = (e[0] == '/') ? 1 : 0;
2795  }
2796  dot = (dot == 3) || (dot == -1); /* filename contains ".." component */
2797 
2798  if (*e == '\0')
2799  {
2800  BIO_puts(io,text);
2801  BIO_printf(io,"'%s' is an invalid file name\r\n",p);
2802  break;
2803  }
2804  *e='\0';
2805 
2806  if (dot)
2807  {
2808  BIO_puts(io,text);
2809  BIO_printf(io,"'%s' contains '..' reference\r\n",p);
2810  break;
2811  }
2812 
2813  if (*p == '/')
2814  {
2815  BIO_puts(io,text);
2816  BIO_printf(io,"'%s' is an invalid path\r\n",p);
2817  break;
2818  }
2819 
2820 #if 0
2821  /* append if a directory lookup */
2822  if (e[-1] == '/')
2823  strcat(p,"index.html");
2824 #endif
2825 
2826  /* if a directory, do the index thang */
2827  if (app_isdir(p)>0)
2828  {
2829 #if 0 /* must check buffer size */
2830  strcat(p,"/index.html");
2831 #else
2832  BIO_puts(io,text);
2833  BIO_printf(io,"'%s' is a directory\r\n",p);
2834  break;
2835 #endif
2836  }
2837 
2838  if ((file=BIO_new_file(p,"r")) == NULL)
2839  {
2840  BIO_puts(io,text);
2841  BIO_printf(io,"Error opening '%s'\r\n",p);
2842  ERR_print_errors(io);
2843  break;
2844  }
2845 
2846  if (!s_quiet)
2847  BIO_printf(bio_err,"FILE:%s\n",p);
2848 
2849  if (www == 2)
2850  {
2851  i=strlen(p);
2852  if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) ||
2853  ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) ||
2854  ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0)))
2855  BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2856  else
2857  BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
2858  }
2859  /* send the file */
2860  for (;;)
2861  {
2862  i=BIO_read(file,buf,bufsize);
2863  if (i <= 0) break;
2864 
2865 #ifdef RENEG
2866  total_bytes+=i;
2867  fprintf(stderr,"%d\n",i);
2868  if (total_bytes > 3*1024)
2869  {
2870  total_bytes=0;
2871  fprintf(stderr,"RENEGOTIATE\n");
2872  SSL_renegotiate(con);
2873  }
2874 #endif
2875 
2876  for (j=0; j<i; )
2877  {
2878 #ifdef RENEG
2879 { static count=0; if (++count == 13) { SSL_renegotiate(con); } }
2880 #endif
2881  k=BIO_write(io,&(buf[j]),i-j);
2882  if (k <= 0)
2883  {
2884  if (!BIO_should_retry(io))
2885  goto write_error;
2886  else
2887  {
2888  BIO_printf(bio_s_out,"rwrite W BLOCK\n");
2889  }
2890  }
2891  else
2892  {
2893  j+=k;
2894  }
2895  }
2896  }
2897 write_error:
2898  BIO_free(file);
2899  break;
2900  }
2901  }
2902 
2903  for (;;)
2904  {
2905  i=(int)BIO_flush(io);
2906  if (i <= 0)
2907  {
2908  if (!BIO_should_retry(io))
2909  break;
2910  }
2911  else
2912  break;
2913  }
2914 end:
2915 #if 1
2916  /* make sure we re-use sessions */
2917  SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
2918 #else
2919  /* This kills performance */
2920 /* SSL_shutdown(con); A shutdown gets sent in the
2921  * BIO_free_all(io) procession */
2922 #endif
2923 
2924 err:
2925 
2926  if (ret >= 0)
2927  BIO_printf(bio_s_out,"ACCEPT\n");
2928 
2929  if (buf != NULL) OPENSSL_free(buf);
2930  if (io != NULL) BIO_free_all(io);
2931 /* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
2932  return(ret);
2933  }
2934 
2935 #ifndef OPENSSL_NO_RSA
2936 static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
2937  {
2938  BIGNUM *bn = NULL;
2939  static RSA *rsa_tmp=NULL;
2940 
2941  if (!rsa_tmp && ((bn = BN_new()) == NULL))
2942  BIO_printf(bio_err,"Allocation error in generating RSA key\n");
2943  if (!rsa_tmp && bn)
2944  {
2945  if (!s_quiet)
2946  {
2947  BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);
2948  (void)BIO_flush(bio_err);
2949  }
2950  if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
2951  !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))
2952  {
2953  if(rsa_tmp) RSA_free(rsa_tmp);
2954  rsa_tmp = NULL;
2955  }
2956  if (!s_quiet)
2957  {
2958  BIO_printf(bio_err,"\n");
2959  (void)BIO_flush(bio_err);
2960  }
2961  BN_free(bn);
2962  }
2963  return(rsa_tmp);
2964  }
2965 #endif
2966 
2967 #define MAX_SESSION_ID_ATTEMPTS 10
2968 static int generate_session_id(const SSL *ssl, unsigned char *id,
2969  unsigned int *id_len)
2970  {
2971  unsigned int count = 0;
2972  do {
2973  RAND_pseudo_bytes(id, *id_len);
2974  /* Prefix the session_id with the required prefix. NB: If our
2975  * prefix is too long, clip it - but there will be worse effects
2976  * anyway, eg. the server could only possibly create 1 session
2977  * ID (ie. the prefix!) so all future session negotiations will
2978  * fail due to conflicts. */
2979  memcpy(id, session_id_prefix,
2980  (strlen(session_id_prefix) < *id_len) ?
2981  strlen(session_id_prefix) : *id_len);
2982  }
2983  while(SSL_has_matching_session_id(ssl, id, *id_len) &&
2984  (++count < MAX_SESSION_ID_ATTEMPTS));
2985  if(count >= MAX_SESSION_ID_ATTEMPTS)
2986  return 0;
2987  return 1;
2988  }
Generated on Thu Jan 10 2013 09:53:32 for OpenSSL by   doxygen 1.8.2