s_server.c 102.9 KB
Newer Older
1
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 3 4 5 6
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
7
 *
8 9 10 11 12 13
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14
 *
15 16 17 18 19 20
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
21
 *
22 23 24 25 26 27 28 29 30 31 32 33 34 35
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
36
 * 4. If you include any Windows specific code (or a derivative thereof) from
37 38
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39
 *
40 41 42 43 44 45 46 47 48 49 50
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
51
 *
52 53 54 55 56
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
57
/* ====================================================================
B
Bodo Möller 已提交
58
 * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
59 60 61 62 63 64
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
65
 *    notice, this list of conditions and the following disclaimer.
66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */
B
Bodo Möller 已提交
110 111
/* ====================================================================
 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
112
 * ECC cipher suite support in OpenSSL originally developed by
B
Bodo Möller 已提交
113 114
 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
 */
115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140
/* ====================================================================
 * Copyright 2005 Nokia. All rights reserved.
 *
 * The portions of the attached software ("Contribution") is developed by
 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
 * license.
 *
 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
 * support (see RFC 4279) to OpenSSL.
 *
 * No patent licenses or other rights except those expressly stated in
 * the OpenSSL open source license shall be deemed granted or received
 * expressly, by implication, estoppel, or otherwise.
 *
 * No assurances are provided by Nokia that the Contribution does not
 * infringe the patent or other intellectual property rights of any third
 * party or that the license provides you with all the necessary rights
 * to make use of the Contribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
 * OTHERWISE.
 */
141

B
Bodo Möller 已提交
142
#include <assert.h>
143
#include <ctype.h>
U
Ulf Möller 已提交
144 145 146
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
R
Richard Levitte 已提交
147

148
#include <openssl/e_os2.h>
U
Ulf Möller 已提交
149

150 151
/* conflicts with winsock2 stuff on netware */
#if !defined(OPENSSL_SYS_NETWARE)
152
# include <sys/types.h>
R
Richard Levitte 已提交
153 154
#endif

155 156 157 158 159 160
/*
 * With IPv6, it looks like Digital has mixed up the proper order of
 * recursive header file inclusion, resulting in the compiler complaining
 * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
 * needed to have fileno() declared correctly...  So let's define u_int
 */
161
#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
162
# define __U_INT
U
Ulf Möller 已提交
163 164 165
typedef unsigned int u_int;
#endif

166 167
#include <openssl/lhash.h>
#include <openssl/bn.h>
168 169
#define USE_SOCKETS
#include "apps.h"
170 171 172 173
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
#include <openssl/ssl.h>
174
#include <openssl/rand.h>
175
#include <openssl/ocsp.h>
N
make  
Nils Larsch 已提交
176
#ifndef OPENSSL_NO_DH
177
# include <openssl/dh.h>
N
make  
Nils Larsch 已提交
178 179
#endif
#ifndef OPENSSL_NO_RSA
180
# include <openssl/rsa.h>
N
make  
Nils Larsch 已提交
181
#endif
B
Ben Laurie 已提交
182
#ifndef OPENSSL_NO_SRP
183
# include <openssl/srp.h>
B
Ben Laurie 已提交
184
#endif
185
#include "s_apps.h"
B
Ben Laurie 已提交
186
#include "timeouts.h"
187

188
#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
U
Ulf Möller 已提交
189
/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
190
# undef FIONBIO
U
Ulf Möller 已提交
191 192
#endif

193
#ifndef OPENSSL_NO_RSA
R
Rich Salz 已提交
194
static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength);
195
#endif
196
static int not_resumable_sess_cb(SSL *s, int is_forward_secure);
197 198 199
static int sv_body(char *hostname, int s, int stype, unsigned char *context);
static int www_body(char *hostname, int s, int stype, unsigned char *context);
static int rev_body(char *hostname, int s, int stype, unsigned char *context);
200
static void close_accept_socket(void);
201
static int init_ssl_connection(SSL *s);
202
static void print_stats(BIO *bp, SSL_CTX *ctx);
203
static int generate_session_id(const SSL *ssl, unsigned char *id,
204
                               unsigned int *id_len);
205 206
static void init_session_cache_ctx(SSL_CTX *sctx);
static void free_sessions(void);
207
#ifndef OPENSSL_NO_DH
N
Nils Larsch 已提交
208
static DH *load_dh_param(const char *dhfile);
209
#endif
B
Bodo Möller 已提交
210

211
static void s_server_init(void);
212 213 214 215

/* static int load_CA(SSL_CTX *ctx, char *file);*/

#undef BUFSIZZ
216 217 218
#define BUFSIZZ 16*1024
static int bufsize = BUFSIZZ;
static int accept_socket = -1;
219

220
#define TEST_CERT       "server.pem"
221
#ifndef OPENSSL_NO_TLSEXT
222
# define TEST_CERT2      "server2.pem"
223
#endif
224

225
extern int verify_depth, verify_return_error, verify_quiet;
226

227
static int s_server_verify = SSL_VERIFY_NONE;
228
static int s_server_session_id_context = 1; /* anything will do */
229 230
static const char *s_cert_file = TEST_CERT, *s_key_file =
    NULL, *s_chain_file = NULL;
231 232
static const char *krb5svc = NULL;
static const char *krb5tab = NULL;
233
#ifndef OPENSSL_NO_TLSEXT
234
static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
235
#endif
236
static char *s_dcert_file = NULL, *s_dkey_file = NULL, *s_dchain_file = NULL;
237
#ifdef FIONBIO
238
static int s_nbio = 0;
239
#endif
240 241 242
static int s_nbio_test = 0;
int s_crlf = 0;
static SSL_CTX *ctx = NULL;
243
#ifndef OPENSSL_NO_TLSEXT
244
static SSL_CTX *ctx2 = NULL;
245
#endif
246
static int www = 0;
247

248
static BIO *bio_s_out = NULL;
249
static BIO *bio_s_msg = NULL;
250
static int s_debug = 0;
251
#ifndef OPENSSL_NO_TLSEXT
252 253
static int s_tlsextdebug = 0;
static int s_tlsextstatus = 0;
254
static int cert_status_cb(SSL *s, void *arg);
255
#endif
256
static int no_resume_ephemeral = 0;
257 258 259 260
static int s_msg = 0;
static int s_quiet = 0;
static int s_ign_eof = 0;
static int s_brief = 0;
261

262 263
static char *keymatexportlabel = NULL;
static int keymatexportlen = 20;
B
Ben Laurie 已提交
264

265
#ifndef OPENSSL_NO_ENGINE
266
static char *engine_id = NULL;
267
#endif
268
static const char *session_id_prefix = NULL;
269

B
Ben Laurie 已提交
270
static int enable_timeouts = 0;
B
Bodo Möller 已提交
271
static long socket_mtu;
D
Dr. Stephen Henson 已提交
272
#ifndef OPENSSL_NO_DTLS1
B
Ben Laurie 已提交
273
static int cert_chain = 0;
D
Dr. Stephen Henson 已提交
274
#endif
B
Ben Laurie 已提交
275

B
Ben Laurie 已提交
276
#ifndef OPENSSL_NO_TLSEXT
277 278
static BIO *serverinfo_in = NULL;
static const char *s_serverinfo_file = NULL;
279

B
Ben Laurie 已提交
280
#endif
B
Ben Laurie 已提交
281

282
#ifndef OPENSSL_NO_PSK
283 284
static char *psk_identity = "Client_identity";
char *psk_key = NULL;           /* by default PSK is not used */
285 286

static unsigned int psk_server_cb(SSL *ssl, const char *identity,
287 288 289 290 291 292 293 294 295 296 297 298 299 300 301
                                  unsigned char *psk,
                                  unsigned int max_psk_len)
{
    unsigned int psk_len = 0;
    int ret;
    BIGNUM *bn = NULL;

    if (s_debug)
        BIO_printf(bio_s_out, "psk_server_cb\n");
    if (!identity) {
        BIO_printf(bio_err, "Error: client did not send PSK identity\n");
        goto out_err;
    }
    if (s_debug)
        BIO_printf(bio_s_out, "identity_len=%d identity=%s\n",
M
Matt Caswell 已提交
302
                   (int)strlen(identity), identity);
303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339

    /* here we could lookup the given identity e.g. from a database */
    if (strcmp(identity, psk_identity) != 0) {
        BIO_printf(bio_s_out, "PSK error: client identity not found"
                   " (got '%s' expected '%s')\n", identity, psk_identity);
        goto out_err;
    }
    if (s_debug)
        BIO_printf(bio_s_out, "PSK client identity found\n");

    /* convert the PSK key to binary */
    ret = BN_hex2bn(&bn, psk_key);
    if (!ret) {
        BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
                   psk_key);
        if (bn)
            BN_free(bn);
        return 0;
    }
    if (BN_num_bytes(bn) > (int)max_psk_len) {
        BIO_printf(bio_err,
                   "psk buffer of callback is too small (%d) for key (%d)\n",
                   max_psk_len, BN_num_bytes(bn));
        BN_free(bn);
        return 0;
    }

    ret = BN_bn2bin(bn, psk);
    BN_free(bn);

    if (ret < 0)
        goto out_err;
    psk_len = (unsigned int)ret;

    if (s_debug)
        BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
    return psk_len;
340
 out_err:
341 342
    if (s_debug)
        BIO_printf(bio_err, "Error in PSK server callback\n");
R
Rich Salz 已提交
343 344
    (void)BIO_flush(bio_err);
    (void)BIO_flush(bio_s_out);
345 346
    return 0;
}
347
#endif
B
Ben Laurie 已提交
348

B
Ben Laurie 已提交
349 350
#ifndef OPENSSL_NO_SRP
/* This is a context that we pass to callbacks */
351 352 353 354 355 356 357 358 359 360 361 362 363 364
typedef struct srpsrvparm_st {
    char *login;
    SRP_VBASE *vb;
    SRP_user_pwd *user;
} srpsrvparm;

/*
 * This callback pretends to require some asynchronous logic in order to
 * obtain a verifier. When the callback is called for a new connection we
 * return with a negative value. This will provoke the accept etc to return
 * with an LOOKUP_X509. The main logic of the reinvokes the suspended call
 * (which would normally occur after a worker has finished) and we set the
 * user parameters.
 */
R
Rich Salz 已提交
365
static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391
{
    srpsrvparm *p = (srpsrvparm *) arg;
    if (p->login == NULL && p->user == NULL) {
        p->login = SSL_get_srp_username(s);
        BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
        return (-1);
    }

    if (p->user == NULL) {
        BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
        return SSL3_AL_FATAL;
    }
    if (SSL_set_srp_server_param
        (s, p->user->N, p->user->g, p->user->s, p->user->v,
         p->user->info) < 0) {
        *ad = SSL_AD_INTERNAL_ERROR;
        return SSL3_AL_FATAL;
    }
    BIO_printf(bio_err,
               "SRP parameters set: username = \"%s\" info=\"%s\" \n",
               p->login, p->user->info);
    /* need to check whether there are memory leaks */
    p->user = NULL;
    p->login = NULL;
    return SSL_ERROR_NONE;
}
B
Ben Laurie 已提交
392 393 394

#endif

U
Ulf Möller 已提交
395
static void s_server_init(void)
396 397
{
    accept_socket = -1;
398
    verify_depth = 0;
399 400 401 402 403 404 405
    s_server_verify = SSL_VERIFY_NONE;
    s_dcert_file = NULL;
    s_dkey_file = NULL;
    s_dchain_file = NULL;
    s_cert_file = TEST_CERT;
    s_key_file = NULL;
    s_chain_file = NULL;
406
#ifndef OPENSSL_NO_TLSEXT
407 408 409
    s_cert_file2 = TEST_CERT2;
    s_key_file2 = NULL;
    ctx2 = NULL;
410
#endif
411 412 413 414 415 416 417 418 419
    s_nbio = 0;
    s_nbio_test = 0;
    ctx = NULL;
    www = 0;
    bio_s_out = NULL;
    s_debug = 0;
    s_msg = 0;
    s_quiet = 0;
    s_brief = 0;
420
#ifndef OPENSSL_NO_ENGINE
421
    engine_id = NULL;
422 423
#endif
}
424

425
static int local_argc = 0;
426 427
static char **local_argv;

428 429 430 431
#ifdef CHARSET_EBCDIC
static int ebcdic_new(BIO *bi);
static int ebcdic_free(BIO *a);
static int ebcdic_read(BIO *b, char *out, int outl);
B
Bodo Möller 已提交
432 433
static int ebcdic_write(BIO *b, const char *in, int inl);
static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
434
static int ebcdic_gets(BIO *bp, char *buf, int size);
B
Bodo Möller 已提交
435
static int ebcdic_puts(BIO *bp, const char *str);
436

437 438 439 440 441 442 443 444 445 446 447 448 449
# define BIO_TYPE_EBCDIC_FILTER  (18|0x0200)
static BIO_METHOD methods_ebcdic = {
    BIO_TYPE_EBCDIC_FILTER,
    "EBCDIC/ASCII filter",
    ebcdic_write,
    ebcdic_read,
    ebcdic_puts,
    ebcdic_gets,
    ebcdic_ctrl,
    ebcdic_new,
    ebcdic_free,
};

R
Rich Salz 已提交
450
/* This struct is "unwarranted chumminess with the compiler." */
451 452 453
typedef struct {
    size_t alloced;
    char buff[1];
454 455 456 457
} EBCDIC_OUTBUFF;

BIO_METHOD *BIO_f_ebcdic_filter()
{
458
    return (&methods_ebcdic);
459 460 461 462
}

static int ebcdic_new(BIO *bi)
{
463
    EBCDIC_OUTBUFF *wbuf;
464

R
Rich Salz 已提交
465
    wbuf = app_malloc(sizeof(EBCDIC_OUTBUFF) + 1024, "ebcdef wbuf");
466 467
    wbuf->alloced = 1024;
    wbuf->buff[0] = '\0';
468

469 470 471 472
    bi->ptr = (char *)wbuf;
    bi->init = 1;
    bi->flags = 0;
    return (1);
473 474 475 476
}

static int ebcdic_free(BIO *a)
{
477 478 479 480 481 482 483 484
    if (a == NULL)
        return (0);
    if (a->ptr != NULL)
        OPENSSL_free(a->ptr);
    a->ptr = NULL;
    a->init = 0;
    a->flags = 0;
    return (1);
485
}
486

487 488
static int ebcdic_read(BIO *b, char *out, int outl)
{
489
    int ret = 0;
490

491 492 493 494
    if (out == NULL || outl == 0)
        return (0);
    if (b->next_bio == NULL)
        return (0);
495

496 497 498 499
    ret = BIO_read(b->next_bio, out, outl);
    if (ret > 0)
        ascii2ebcdic(out, out, ret);
    return (ret);
500 501
}

B
Bodo Möller 已提交
502
static int ebcdic_write(BIO *b, const char *in, int inl)
503
{
504 505 506 507
    EBCDIC_OUTBUFF *wbuf;
    int ret = 0;
    int num;
    unsigned char n;
508

509 510 511 512
    if ((in == NULL) || (inl <= 0))
        return (0);
    if (b->next_bio == NULL)
        return (0);
513

514
    wbuf = (EBCDIC_OUTBUFF *) b->ptr;
515

516 517 518 519
    if (inl > (num = wbuf->alloced)) {
        num = num + num;        /* double the size */
        if (num < inl)
            num = inl;
R
Rich Salz 已提交
520
        wbuf = app_malloc(sizeof(EBCDIC_OUTBUFF) + num, "grow ebcdic wbuf");
M
Matt Caswell 已提交
521
        OPENSSL_free(b->ptr);
522

523 524
        wbuf->alloced = num;
        wbuf->buff[0] = '\0';
525

526 527
        b->ptr = (char *)wbuf;
    }
528

529
    ebcdic2ascii(wbuf->buff, in, inl);
530

531
    ret = BIO_write(b->next_bio, wbuf->buff, inl);
532

533
    return (ret);
534 535
}

B
Bodo Möller 已提交
536
static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
537
{
538 539 540 541 542 543 544 545 546 547 548 549 550
    long ret;

    if (b->next_bio == NULL)
        return (0);
    switch (cmd) {
    case BIO_CTRL_DUP:
        ret = 0L;
        break;
    default:
        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
        break;
    }
    return (ret);
551 552 553 554
}

static int ebcdic_gets(BIO *bp, char *buf, int size)
{
555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570
    int i, ret = 0;
    if (bp->next_bio == NULL)
        return (0);
/*      return(BIO_gets(bp->next_bio,buf,size));*/
    for (i = 0; i < size - 1; ++i) {
        ret = ebcdic_read(bp, &buf[i], 1);
        if (ret <= 0)
            break;
        else if (buf[i] == '\n') {
            ++i;
            break;
        }
    }
    if (i < size)
        buf[i] = '\0';
    return (ret < 0 && i == 0) ? ret : i;
571 572
}

B
Bodo Möller 已提交
573
static int ebcdic_puts(BIO *bp, const char *str)
574
{
575 576 577
    if (bp->next_bio == NULL)
        return (0);
    return ebcdic_write(bp, str, strlen(str));
578 579 580
}
#endif

581 582 583 584
#ifndef OPENSSL_NO_TLSEXT

/* This is a context that we pass to callbacks */
typedef struct tlsextctx_st {
585 586 587
    char *servername;
    BIO *biodebug;
    int extension_error;
588 589
} tlsextctx;

R
Rich Salz 已提交
590
static int ssl_servername_cb(SSL *s, int *ad, void *arg)
591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609
{
    tlsextctx *p = (tlsextctx *) arg;
    const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
    if (servername && p->biodebug)
        BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n",
                   servername);

    if (!p->servername)
        return SSL_TLSEXT_ERR_NOACK;

    if (servername) {
        if (strcasecmp(servername, p->servername))
            return p->extension_error;
        if (ctx2) {
            BIO_printf(p->biodebug, "Switching server context.\n");
            SSL_set_SSL_CTX(s, ctx2);
        }
    }
    return SSL_TLSEXT_ERR_OK;
610
}
611 612 613 614

/* Structure passed to cert status callback */

typedef struct tlsextstatusctx_st {
615 616 617 618 619
    /* Default responder to use */
    char *host, *path, *port;
    int use_ssl;
    int timeout;
    int verbose;
620 621
} tlsextstatusctx;

622
static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, 0 };
623

624 625 626 627 628 629 630
/*
 * Certificate Status callback. This is called when a client includes a
 * certificate status request extension. This is a simplified version. It
 * examines certificates each time and makes one OCSP responder query for
 * each request. A full version would store details such as the OCSP
 * certificate IDs and minimise the number of OCSP responses by caching them
 * until they were considered "expired".
631 632 633
 */

static int cert_status_cb(SSL *s, void *arg)
634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649
{
    tlsextstatusctx *srctx = arg;
    char *host, *port, *path;
    int use_ssl;
    unsigned char *rspder = NULL;
    int rspderlen;
    STACK_OF(OPENSSL_STRING) *aia = NULL;
    X509 *x = NULL;
    X509_STORE_CTX inctx;
    X509_OBJECT obj;
    OCSP_REQUEST *req = NULL;
    OCSP_RESPONSE *resp = NULL;
    OCSP_CERTID *id = NULL;
    STACK_OF(X509_EXTENSION) *exts;
    int ret = SSL_TLSEXT_ERR_NOACK;
    int i;
650

651
    if (srctx->verbose)
652
        BIO_puts(bio_err, "cert_status: callback called\n");
653 654 655 656 657 658
    /* Build up OCSP query from server certificate */
    x = SSL_get_certificate(s);
    aia = X509_get1_ocsp(x);
    if (aia) {
        if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
                            &host, &port, &path, &use_ssl)) {
659
            BIO_puts(bio_err, "cert_status: can't parse AIA URL\n");
660 661 662
            goto err;
        }
        if (srctx->verbose)
663
            BIO_printf(bio_err, "cert_status: AIA URL: %s\n",
664 665 666
                       sk_OPENSSL_STRING_value(aia, 0));
    } else {
        if (!srctx->host) {
667
            BIO_puts(bio_err,
668 669 670 671 672 673 674 675 676 677 678 679 680 681 682
                     "cert_status: no AIA and no default responder URL\n");
            goto done;
        }
        host = srctx->host;
        path = srctx->path;
        port = srctx->port;
        use_ssl = srctx->use_ssl;
    }

    if (!X509_STORE_CTX_init(&inctx,
                             SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
                             NULL, NULL))
        goto err;
    if (X509_STORE_get_by_subject(&inctx, X509_LU_X509,
                                  X509_get_issuer_name(x), &obj) <= 0) {
683
        BIO_puts(bio_err, "cert_status: Can't retrieve issuer certificate.\n");
684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704
        X509_STORE_CTX_cleanup(&inctx);
        goto done;
    }
    req = OCSP_REQUEST_new();
    if (!req)
        goto err;
    id = OCSP_cert_to_id(NULL, x, obj.data.x509);
    X509_free(obj.data.x509);
    X509_STORE_CTX_cleanup(&inctx);
    if (!id)
        goto err;
    if (!OCSP_request_add0_id(req, id))
        goto err;
    id = NULL;
    /* Add any extensions to the request */
    SSL_get_tlsext_status_exts(s, &exts);
    for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
        X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
        if (!OCSP_REQUEST_add_ext(req, ext, -1))
            goto err;
    }
705
    resp = process_responder(req, host, path, port, use_ssl, NULL,
706 707
                             srctx->timeout);
    if (!resp) {
708
        BIO_puts(bio_err, "cert_status: error querying responder\n");
709 710 711 712 713 714 715
        goto done;
    }
    rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
    if (rspderlen <= 0)
        goto err;
    SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
    if (srctx->verbose) {
716 717
        BIO_puts(bio_err, "cert_status: ocsp response sent:\n");
        OCSP_RESPONSE_print(bio_err, resp, 2);
718 719 720 721
    }
    ret = SSL_TLSEXT_ERR_OK;
 done:
    if (ret != SSL_TLSEXT_ERR_OK)
722
        ERR_print_errors(bio_err);
723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739
    if (aia) {
        OPENSSL_free(host);
        OPENSSL_free(path);
        OPENSSL_free(port);
        X509_email_free(aia);
    }
    if (id)
        OCSP_CERTID_free(id);
    if (req)
        OCSP_REQUEST_free(req);
    if (resp)
        OCSP_RESPONSE_free(resp);
    return ret;
 err:
    ret = SSL_TLSEXT_ERR_ALERT_FATAL;
    goto done;
}
B
Ben Laurie 已提交
740

B
Ben Laurie 已提交
741
# ifndef OPENSSL_NO_NEXTPROTONEG
B
Ben Laurie 已提交
742 743
/* This is the context that we pass to next_proto_cb */
typedef struct tlsextnextprotoctx_st {
744 745
    unsigned char *data;
    unsigned int len;
B
Ben Laurie 已提交
746 747
} tlsextnextprotoctx;

748 749 750 751
static int next_proto_cb(SSL *s, const unsigned char **data,
                         unsigned int *len, void *arg)
{
    tlsextnextprotoctx *next_proto = arg;
B
Ben Laurie 已提交
752

753 754
    *data = next_proto->data;
    *len = next_proto->len;
B
Ben Laurie 已提交
755

756 757 758
    return SSL_TLSEXT_ERR_OK;
}
# endif                         /* ndef OPENSSL_NO_NEXTPROTONEG */
A
Adam Langley 已提交
759 760 761

/* This the context that we pass to alpn_cb */
typedef struct tlsextalpnctx_st {
762 763
    unsigned char *data;
    unsigned short len;
A
Adam Langley 已提交
764 765
} tlsextalpnctx;

766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798
static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
                   const unsigned char *in, unsigned int inlen, void *arg)
{
    tlsextalpnctx *alpn_ctx = arg;

    if (!s_quiet) {
        /* We can assume that |in| is syntactically valid. */
        unsigned i;
        BIO_printf(bio_s_out, "ALPN protocols advertised by the client: ");
        for (i = 0; i < inlen;) {
            if (i)
                BIO_write(bio_s_out, ", ", 2);
            BIO_write(bio_s_out, &in[i + 1], in[i]);
            i += in[i] + 1;
        }
        BIO_write(bio_s_out, "\n", 1);
    }

    if (SSL_select_next_proto
        ((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in,
         inlen) != OPENSSL_NPN_NEGOTIATED) {
        return SSL_TLSEXT_ERR_NOACK;
    }

    if (!s_quiet) {
        BIO_printf(bio_s_out, "ALPN protocols selected: ");
        BIO_write(bio_s_out, *out, *outlen);
        BIO_write(bio_s_out, "\n", 1);
    }

    return SSL_TLSEXT_ERR_OK;
}
#endif                          /* ndef OPENSSL_NO_TLSEXT */
799

800
static int not_resumable_sess_cb(SSL *s, int is_forward_secure)
801 802 803 804
{
    /* disable resumption for sessions with forward secure ciphers */
    return is_forward_secure;
}
805

B
Ben Laurie 已提交
806
static char *jpake_secret = NULL;
D
Dr. Stephen Henson 已提交
807
#ifndef OPENSSL_NO_SRP
808
static srpsrvparm srp_callback_parm;
D
Dr. Stephen Henson 已提交
809
#endif
P
Piotr Sikora 已提交
810
#ifndef OPENSSL_NO_SRTP
B
Ben Laurie 已提交
811
static char *srtp_profiles = NULL;
P
Piotr Sikora 已提交
812
#endif
B
Ben Laurie 已提交
813

814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840
typedef enum OPTION_choice {
    OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
    OPT_ENGINE, OPT_PORT, OPT_UNIX, OPT_UNLINK, OPT_NACCEPT,
    OPT_VERIFY, OPT_UPPER_V_VERIFY, OPT_CONTEXT, OPT_CERT, OPT_CRL,
    OPT_CRL_DOWNLOAD, OPT_SERVERINFO, OPT_CERTFORM, OPT_KEY, OPT_KEYFORM,
    OPT_PASS, OPT_CERT_CHAIN, OPT_DHPARAM, OPT_DCERTFORM, OPT_DCERT,
    OPT_DKEYFORM, OPT_DPASS, OPT_DKEY, OPT_DCERT_CHAIN, OPT_NOCERT,
    OPT_CAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH, OPT_NO_CACHE,
    OPT_EXT_CACHE, OPT_CRLFORM, OPT_VERIFY_RET_ERROR, OPT_VERIFY_QUIET,
    OPT_BUILD_CHAIN, OPT_CAFILE, OPT_CHAINCAFILE, OPT_VERIFYCAFILE,
    OPT_NBIO, OPT_NBIO_TEST, OPT_IGN_EOF, OPT_NO_IGN_EOF, OPT_DEBUG,
    OPT_TLSEXTDEBUG, OPT_STATUS, OPT_STATUS_VERBOSE, OPT_STATUS_TIMEOUT,
    OPT_STATUS_URL, OPT_MSG, OPT_MSGFILE, OPT_TRACE, OPT_SECURITY_DEBUG,
    OPT_SECURITY_DEBUG_VERBOSE, OPT_STATE, OPT_CRLF, OPT_QUIET,
    OPT_BRIEF, OPT_NO_TMP_RSA, OPT_NO_DHE, OPT_NO_ECDHE,
    OPT_NO_RESUME_EPHEMERAL, OPT_PSK_HINT, OPT_PSK, OPT_SRPVFILE,
    OPT_SRPUSERSEED, OPT_REV, OPT_WWW, OPT_UPPER_WWW, OPT_HTTP,
#ifndef OPENSSL_NO_SSL3
    OPT_SSL3,
#endif
    OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
    OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_CHAIN,
    OPT_ID_PREFIX, OPT_RAND, OPT_SERVERNAME, OPT_SERVERNAME_FATAL,
    OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN, OPT_JPAKE,
    OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN,
    OPT_S_ENUM,
    OPT_V_ENUM,
841 842
    OPT_X_ENUM,
    OPT_KRB5SVC, OPT_KRBTAB
843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899
} OPTION_CHOICE;

OPTIONS s_server_options[] = {
    {"help", OPT_HELP, '-', "Display this summary"},

    {"port", OPT_PORT, 'p'},
    {"accept", OPT_PORT, 'p',
     "TCP/IP port to accept on (default is " PORT_STR ")"},
    {"unix", OPT_UNIX, 's', "Unix domain socket to accept on"},
    {"unlink", OPT_UNLINK, '-', "For -unix, unlink existing socket first"},
    {"context", OPT_CONTEXT, 's', "Set session ID context"},
    {"verify", OPT_VERIFY, 'n', "Turn on peer certificate verification"},
    {"Verify", OPT_UPPER_V_VERIFY, 'n',
     "Turn on peer certificate verification, must have a cert"},
    {"cert", OPT_CERT, '<', "Certificate file to use; default is " TEST_CERT},
    {"naccept", OPT_NACCEPT, 'p', "Terminate after pnum connections"},
#ifndef OPENSSL_NO_TLSEXT
    {"serverinfo", OPT_SERVERINFO, 's',
     "PEM serverinfo file for certificate"},
#endif
    {"certform", OPT_CERTFORM, 'F',
     "Certificate format (PEM or DER) PEM default"},
    {"key", OPT_KEY, '<',
     "Private Key if not in -cert; default is " TEST_CERT},
    {"keyform", OPT_KEYFORM, 'f',
     "Key format (PEM, DER or ENGINE) PEM default"},
    {"pass", OPT_PASS, 's', "Private key file pass phrase source"},
    {"dcert", OPT_DCERT, '<',
     "Second certificate file to use (usually for DSA)"},
    {"dcertform", OPT_DCERTFORM, 'F',
     "Second certificate format (PEM or DER) PEM default"},
    {"dkey", OPT_DKEY, '<',
     "Second private key file to use (usually for DSA)"},
    {"dkeyform", OPT_DKEYFORM, 'F',
     "Second key format (PEM, DER or ENGINE) PEM default"},
    {"dpass", OPT_DPASS, 's', "Second private key file pass phrase source"},
#ifdef FIONBIO
    {"nbio", OPT_NBIO, '-', "Use non-blocking IO"},
#endif
    {"nbio_test", OPT_NBIO_TEST, '-', "Test with the non-blocking test bio"},
    {"crlf", OPT_CRLF, '-', "Convert LF from terminal into CRLF"},
    {"debug", OPT_DEBUG, '-', "Print more output"},
    {"msg", OPT_MSG, '-', "Show protocol messages"},
    {"msgfile", OPT_MSGFILE, '>'},
    {"state", OPT_STATE, '-', "Print the SSL states"},
    {"CApath", OPT_CAPATH, '/', "PEM format directory of CA's"},
    {"CAfile", OPT_CAFILE, '<', "PEM format file of CA's"},
    {"nocert", OPT_NOCERT, '-', "Don't use any certificates (Anon-DH)"},
    {"quiet", OPT_QUIET, '-', "No server output"},
    {"no_tmp_rsa", OPT_NO_TMP_RSA, '-', "Do not generate a tmp RSA key"},
#ifndef OPENSSL_NO_PSK
    {"psk_hint", OPT_PSK_HINT, 's', "PSK identity hint to use"},
    {"psk", OPT_PSK, 's', "PSK in hex (without 0x)"},
# ifndef OPENSSL_NO_JPAKE
    {"jpake", OPT_JPAKE, 's', "JPAKE secret to use"},
# endif
#endif
900 901
    {"krb5svc", OPT_KRB5SVC, 's', "Kerberos service name"},
    {"keytab", OPT_KRBTAB, '<', "Kerberos keytab file"},
902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994
#ifndef OPENSSL_NO_SRP
    {"srpvfile", OPT_SRPVFILE, '<', "The verifier file for SRP"},
    {"srpuserseed", OPT_SRPUSERSEED, 's',
     "A seed string for a default user salt"},
#endif
#ifndef OPENSSL_NO_SSL3
    {"ssl3", OPT_SSL3, '-', "Just talk SSLv3"},
#endif
    {"tls1_2", OPT_TLS1_2, '-', "just talk TLSv1.2"},
    {"tls1_1", OPT_TLS1_1, '-', "Just talk TLSv1.1"},
    {"tls1", OPT_TLS1, '-', "Just talk TLSv1"},
#ifndef OPENSSL_NO_DTLS1
    {"dtls", OPT_DTLS, '-'},
    {"dtls1", OPT_DTLS1, '-', "Just talk DTLSv1"},
    {"dtls1_2", OPT_DTLS1_2, '-', "Just talk DTLSv1.2"},
    {"timeout", OPT_TIMEOUT, '-', "Enable timeouts"},
    {"mtu", OPT_MTU, 'p', "Set link layer MTU"},
    {"chain", OPT_CHAIN, '-', "Read a certificate chain"},
#endif
#ifndef OPENSSL_NO_DH
    {"no_dhe", OPT_NO_DHE, '-', "Disable ephemeral DH"},
#endif
#ifndef OPENSSL_NO_EC
    {"no_ecdhe", OPT_NO_ECDHE, '-', "Disable ephemeral ECDH"},
#endif
    {"no_resume_ephemeral", OPT_NO_RESUME_EPHEMERAL, '-',
     "Disable caching and tickets if ephemeral (EC)DH is used"},
    {"www", OPT_WWW, '-', "Respond to a 'GET /' with a status page"},
    {"WWW", OPT_UPPER_WWW, '-', "Respond to a 'GET with the file ./path"},
    {"HTTP", OPT_HTTP, '-', "Like -WWW but ./path incluedes HTTP headers"},
    {"id_prefix", OPT_ID_PREFIX, 's',
     "Generate SSL/TLS session IDs prefixed by arg"},
    {"rand", OPT_RAND, 's',
     "Load the file(s) into the random number generator"},
#ifndef OPENSSL_NO_TLSEXT
    {"servername", OPT_SERVERNAME, 's',
     "Servername for HostName TLS extension"},
    {"servername_fatal", OPT_SERVERNAME_FATAL, '-',
     "mismatch send fatal alert (default warning alert)"},
    {"cert2", OPT_CERT2, '<',
     "Certificate file to use for servername; default is" TEST_CERT2},
    {"key2", OPT_KEY2, '<',
     "-Private Key file to use for servername if not in -cert2"},
    {"tlsextdebug", OPT_TLSEXTDEBUG, '-',
     "Hex dump of all TLS extensions received"},
# ifndef OPENSSL_NO_NEXTPROTONEG
    {"nextprotoneg", OPT_NEXTPROTONEG, 's',
     "Set the advertised protocols for the NPN extension (comma-separated list)"},
# endif
    {"use_srtp", OPT_SRTP_PROFILES, '<',
     "Offer SRTP key management with a colon-separated profile list"},
    {"alpn", OPT_ALPN, 's',
     "Set the advertised protocols for the ALPN extension (comma-separated list)"},
#endif
    {"keymatexport", OPT_KEYMATEXPORT, 's',
     "Export keying material using label"},
    {"keymatexportlen", OPT_KEYMATEXPORTLEN, 'p',
     "Export len bytes of keying material (default 20)"},
    {"CRL", OPT_CRL, '<'},
    {"crl_download", OPT_CRL_DOWNLOAD, '-'},
    {"cert_chain", OPT_CERT_CHAIN, '<'},
    {"dcert_chain", OPT_DCERT_CHAIN, '<'},
    {"chainCApath", OPT_CHAINCAPATH, '/'},
    {"verifyCApath", OPT_VERIFYCAPATH, '/'},
    {"no_cache", OPT_NO_CACHE, '-'},
    {"ext_cache", OPT_EXT_CACHE, '-'},
    {"CRLform", OPT_CRLFORM, 'F'},
    {"verify_return_error", OPT_VERIFY_RET_ERROR, '-'},
    {"verify_quiet", OPT_VERIFY_QUIET, '-'},
    {"build_chain", OPT_BUILD_CHAIN, '-'},
    {"chainCAfile", OPT_CHAINCAFILE, '<'},
    {"verifyCAfile", OPT_VERIFYCAFILE, '<'},
    {"ign_eof", OPT_IGN_EOF, '-'},
    {"no_ign_eof", OPT_NO_IGN_EOF, '-'},
    {"status", OPT_STATUS, '-'},
    {"status_verbose", OPT_STATUS_VERBOSE, '-'},
    {"status_timeout", OPT_STATUS_TIMEOUT, 'n'},
    {"status_url", OPT_STATUS_URL, 's'},
    {"trace", OPT_TRACE, '-'},
    {"security_debug", OPT_SECURITY_DEBUG, '-'},
    {"security_debug_verbose", OPT_SECURITY_DEBUG_VERBOSE, '-'},
    {"brief", OPT_BRIEF, '-'},
    {"rev", OPT_REV, '-'},
#ifndef OPENSSL_NO_ENGINE
    {"engine", OPT_ENGINE, 's'},
#endif
    OPT_S_OPTIONS,
    OPT_V_OPTIONS,
    OPT_X_OPTIONS,
    {NULL}
};

int s_server_main(int argc, char *argv[])
995
{
996 997 998 999 1000 1001 1002 1003 1004
    ENGINE *e = NULL;
    EVP_PKEY *s_key = NULL, *s_dkey = NULL;
    SSL_CONF_CTX *cctx = NULL;
    const SSL_METHOD *meth = SSLv23_server_method();
    SSL_EXCERT *exc = NULL;
    STACK_OF(OPENSSL_STRING) *ssl_args = NULL;
    STACK_OF(X509) *s_chain = NULL, *s_dchain = NULL;
    STACK_OF(X509_CRL) *crls = NULL;
    X509 *s_cert = NULL, *s_dcert = NULL;
1005
    X509_VERIFY_PARAM *vpm = NULL;
1006 1007 1008 1009
    char *CApath = NULL, *CAfile = NULL, *chCApath = NULL, *chCAfile = NULL;
    char *dhfile = NULL, *dpassarg = NULL, *dpass = NULL, *inrand = NULL;
    char *passarg = NULL, *pass = NULL, *vfyCApath = NULL, *vfyCAfile = NULL;
    char *crl_file = NULL, *prog, *p;
1010
    const char *unix_path = NULL;
D
Dr. Stephen Henson 已提交
1011
#ifndef NO_SYS_UN_H
1012 1013 1014 1015
    int unlink_unix_path = 0;
#endif
    int (*server_cb) (char *hostname, int s, int stype,
                      unsigned char *context);
1016 1017
    int vpmtouched = 0, build_chain = 0, no_cache = 0, ext_cache = 0;
    int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0, ret = 1;
1018 1019
    int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
    int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
1020 1021 1022 1023 1024
    int rev = 0, naccept = -1, sdebug = 0, socket_type = SOCK_STREAM;
    int state = 0, crl_format = FORMAT_PEM, crl_download = 0;
    unsigned short port = PORT;
    unsigned char *context = NULL;
    OPTION_CHOICE o;
1025
#ifndef OPENSSL_NO_TLSEXT
1026 1027 1028
    EVP_PKEY *s_key2 = NULL;
    X509 *s_cert2 = NULL;
    tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
B
Ben Laurie 已提交
1029
# ifndef OPENSSL_NO_NEXTPROTONEG
1030 1031
    const char *next_proto_neg_in = NULL;
    tlsextnextprotoctx next_proto = { NULL, 0 };
1032
# endif
1033 1034
    const char *alpn_in = NULL;
    tlsextalpnctx alpn_ctx = { NULL, 0 };
1035
#endif
1036
#ifndef OPENSSL_NO_PSK
1037 1038
    /* by default do not send a PSK identity hint */
    static char *psk_identity_hint = NULL;
1039
#endif
B
Ben Laurie 已提交
1040
#ifndef OPENSSL_NO_SRP
1041 1042
    char *srpuserseed = NULL;
    char *srp_verifier_file = NULL;
B
Ben Laurie 已提交
1043
#endif
1044

1045 1046
    local_argc = argc;
    local_argv = argv;
1047

1048 1049
    s_server_init();
    cctx = SSL_CONF_CTX_new();
1050 1051
    vpm = X509_VERIFY_PARAM_new();
    if (cctx == NULL || vpm == NULL)
1052
        goto end;
1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066
    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CMDLINE);

    prog = opt_init(argc, argv, s_server_options);
    while ((o = opt_next()) != OPT_EOF) {
        switch (o) {
        case OPT_EOF:
        case OPT_ERR:
 opthelp:
            BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
            goto end;
        case OPT_HELP:
            opt_help(s_server_options);
            ret = 0;
            goto end;
1067

1068 1069 1070 1071 1072
        case OPT_PORT:
            if (!extract_port(opt_arg(), &port))
                goto end;
            break;
        case OPT_UNIX:
1073
#ifdef NO_SYS_UN_H
1074
            BIO_printf(bio_err, "unix domain sockets unsupported\n");
1075
            goto end;
1076
#else
1077
            unix_path = opt_arg();
1078
#endif
1079 1080
            break;
        case OPT_UNLINK:
1081
#ifdef NO_SYS_UN_H
1082
            BIO_printf(bio_err, "unix domain sockets unsupported\n");
1083
            goto end;
1084
#else
1085 1086
            unlink_unix_path = 1;
#endif
1087 1088 1089 1090 1091
            break;
        case OPT_NACCEPT:
            naccept = atol(opt_arg());
            break;
        case OPT_VERIFY:
1092
            s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
1093
            verify_depth = atoi(opt_arg());
1094 1095
            if (!s_quiet)
                BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
1096 1097
            break;
        case OPT_UPPER_V_VERIFY:
1098 1099 1100
            s_server_verify =
                SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
                SSL_VERIFY_CLIENT_ONCE;
1101
            verify_depth = atoi(opt_arg());
1102 1103 1104 1105
            if (!s_quiet)
                BIO_printf(bio_err,
                           "verify depth is %d, must return a certificate\n",
                           verify_depth);
1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116
            break;
        case OPT_CONTEXT:
            context = (unsigned char *)opt_arg();
            break;
        case OPT_CERT:
            s_cert_file = opt_arg();
            break;
        case OPT_CRL:
            crl_file = opt_arg();
            break;
        case OPT_CRL_DOWNLOAD:
1117
            crl_download = 1;
1118
            break;
B
Ben Laurie 已提交
1119
#ifndef OPENSSL_NO_TLSEXT
1120 1121 1122
        case OPT_SERVERINFO:
            s_serverinfo_file = opt_arg();
            break;
1123
#endif
1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164
        case OPT_CERTFORM:
            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &s_cert_format))
                goto opthelp;
            break;
        case OPT_KEY:
            s_key_file = opt_arg();
            break;
        case OPT_KEYFORM:
            if (!opt_format(opt_arg(), OPT_FMT_ANY, &s_key_format))
                goto opthelp;
            break;
        case OPT_PASS:
            passarg = opt_arg();
            break;
        case OPT_CERT_CHAIN:
            s_chain_file = opt_arg();
            break;
        case OPT_DHPARAM:
            dhfile = opt_arg();
            break;
        case OPT_DCERTFORM:
            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &s_dcert_format))
                goto opthelp;
            break;
        case OPT_DCERT:
            s_dcert_file = opt_arg();
            break;
        case OPT_DKEYFORM:
            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &s_dkey_format))
                goto opthelp;
            break;
        case OPT_DPASS:
            dpassarg = opt_arg();
            break;
        case OPT_DKEY:
            s_dkey_file = opt_arg();
            break;
        case OPT_DCERT_CHAIN:
            s_dchain_file = opt_arg();
            break;
        case OPT_NOCERT:
1165
            nocert = 1;
1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176
            break;
        case OPT_CAPATH:
            CApath = opt_arg();
            break;
        case OPT_CHAINCAPATH:
            chCApath = opt_arg();
            break;
        case OPT_VERIFYCAPATH:
            vfyCApath = opt_arg();
            break;
        case OPT_NO_CACHE:
1177
            no_cache = 1;
1178 1179
            break;
        case OPT_EXT_CACHE:
1180
            ext_cache = 1;
1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205
            break;
        case OPT_CRLFORM:
            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &crl_format))
                goto opthelp;
            break;
        case OPT_S_CASES:
            if (ssl_args == NULL)
                ssl_args = sk_OPENSSL_STRING_new_null();
            if (ssl_args == NULL
                || !sk_OPENSSL_STRING_push(ssl_args, opt_flag())
                || !sk_OPENSSL_STRING_push(ssl_args, opt_arg())) {
                BIO_printf(bio_err, "%s: Memory allocation failure\n", prog);
                goto end;
            }
            break;
        case OPT_V_CASES:
            if (!opt_verify(o, vpm))
                goto end;
            vpmtouched++;
            break;
        case OPT_X_CASES:
            if (!args_excert(o, &exc))
                goto end;
            break;
        case OPT_VERIFY_RET_ERROR:
1206
            verify_return_error = 1;
1207 1208
            break;
        case OPT_VERIFY_QUIET:
1209
            verify_quiet = 1;
1210 1211
            break;
        case OPT_BUILD_CHAIN:
1212
            build_chain = 1;
1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223
            break;
        case OPT_CAFILE:
            CAfile = opt_arg();
            break;
        case OPT_CHAINCAFILE:
            chCAfile = opt_arg();
            break;
        case OPT_VERIFYCAFILE:
            vfyCAfile = opt_arg();
            break;
        case OPT_NBIO:
1224
            s_nbio = 1;
1225 1226 1227 1228 1229
            break;
        case OPT_NBIO_TEST:
            s_nbio = s_nbio_test = 1;
            break;
        case OPT_IGN_EOF:
1230
            s_ign_eof = 1;
1231 1232
            break;
        case OPT_NO_IGN_EOF:
1233
            s_ign_eof = 0;
1234 1235
            break;
        case OPT_DEBUG:
1236
            s_debug = 1;
1237
            break;
1238
#ifndef OPENSSL_NO_TLSEXT
1239
        case OPT_TLSEXTDEBUG:
1240
            s_tlsextdebug = 1;
1241 1242
            break;
        case OPT_STATUS:
1243
            s_tlsextstatus = 1;
1244 1245 1246 1247 1248
            break;
        case OPT_STATUS_VERBOSE:
            s_tlsextstatus = tlscstatp.verbose = 1;
            break;
        case OPT_STATUS_TIMEOUT:
1249
            s_tlsextstatus = 1;
1250 1251 1252
            tlscstatp.timeout = atoi(opt_arg());
            break;
        case OPT_STATUS_URL:
1253
            s_tlsextstatus = 1;
1254
            if (!OCSP_parse_url(opt_arg(),
1255 1256 1257 1258
                                &tlscstatp.host,
                                &tlscstatp.port,
                                &tlscstatp.path, &tlscstatp.use_ssl)) {
                BIO_printf(bio_err, "Error parsing URL\n");
1259
                goto end;
1260
            }
1261
            break;
1262
#endif
1263
        case OPT_MSG:
1264
            s_msg = 1;
1265 1266 1267 1268
            break;
        case OPT_MSGFILE:
            bio_s_msg = BIO_new_file(opt_arg(), "w");
            break;
1269
#ifndef OPENSSL_NO_SSL_TRACE
1270
        case OPT_TRACE:
1271
            s_msg = 2;
1272 1273 1274 1275
            break;
#else
        case OPT_TRACE:
            goto opthelp;
1276
#endif
1277
        case OPT_SECURITY_DEBUG:
1278
            sdebug = 1;
1279 1280
            break;
        case OPT_SECURITY_DEBUG_VERBOSE:
1281
            sdebug = 2;
1282 1283
            break;
        case OPT_STATE:
1284
            state = 1;
1285 1286
            break;
        case OPT_CRLF:
1287
            s_crlf = 1;
1288 1289
            break;
        case OPT_QUIET:
1290
            s_quiet = 1;
1291 1292 1293 1294 1295
            break;
        case OPT_BRIEF:
            s_quiet = s_brief = verify_quiet = 1;
            break;
        case OPT_NO_TMP_RSA:
1296
            no_tmp_rsa = 1;
1297 1298
            break;
        case OPT_NO_DHE:
1299
            no_dhe = 1;
1300 1301
            break;
        case OPT_NO_ECDHE:
1302
            no_ecdhe = 1;
1303 1304
            break;
        case OPT_NO_RESUME_EPHEMERAL:
1305
            no_resume_ephemeral = 1;
1306
            break;
1307
#ifndef OPENSSL_NO_PSK
1308 1309 1310 1311 1312 1313
        case OPT_PSK_HINT:
            psk_identity_hint = opt_arg();
            break;
        case OPT_PSK:
            for (p = psk_key = opt_arg(); *p; p++) {
                if (isxdigit(*p))
1314 1315
                    continue;
                BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
1316
                goto end;
1317
            }
1318
            break;
B
Ben Laurie 已提交
1319 1320
#endif
#ifndef OPENSSL_NO_SRP
1321 1322
        case OPT_SRPVFILE:
            srp_verifier_file = opt_arg();
1323
            meth = TLSv1_server_method();
1324 1325 1326
            break;
        case OPT_SRPUSERSEED:
            srpuserseed = opt_arg();
1327
            meth = TLSv1_server_method();
1328
            break;
1329
#endif
1330
        case OPT_REV:
1331
            rev = 1;
1332 1333
            break;
        case OPT_WWW:
1334
            www = 1;
1335 1336
            break;
        case OPT_UPPER_WWW:
1337
            www = 2;
1338 1339
            break;
        case OPT_HTTP:
1340
            www = 3;
1341 1342 1343 1344 1345
            break;
#ifndef OPENSSL_NO_SSL3
        case OPT_SSL3:
            meth = SSLv3_client_method();
            break;
1346
#endif
1347 1348 1349 1350 1351 1352 1353 1354 1355
        case OPT_TLS1_2:
            meth = TLSv1_2_client_method();
            break;
        case OPT_TLS1_1:
            meth = TLSv1_1_client_method();
            break;
        case OPT_TLS1:
            meth = TLSv1_client_method();
            break;
B
Ben Laurie 已提交
1356
#ifndef OPENSSL_NO_DTLS1
1357 1358
        case OPT_DTLS:
            meth = DTLS_client_method();
1359
            socket_type = SOCK_DGRAM;
1360 1361 1362
            break;
        case OPT_DTLS1:
            meth = DTLSv1_client_method();
1363
            socket_type = SOCK_DGRAM;
1364 1365 1366
            break;
        case OPT_DTLS1_2:
            meth = DTLSv1_2_client_method();
1367
            socket_type = SOCK_DGRAM;
1368 1369
            break;
        case OPT_TIMEOUT:
1370
            enable_timeouts = 1;
1371 1372 1373 1374 1375
            break;
        case OPT_MTU:
            socket_mtu = atol(opt_arg());
            break;
        case OPT_CHAIN:
1376
            cert_chain = 1;
1377
            break;
1378
#endif
1379 1380 1381 1382
        case OPT_ID_PREFIX:
            session_id_prefix = opt_arg();
            break;
        case OPT_ENGINE:
R
Rich Salz 已提交
1383
            e = setup_engine(opt_arg(), 1);
1384 1385 1386 1387
            break;
        case OPT_RAND:
            inrand = opt_arg();
            break;
1388
#ifndef OPENSSL_NO_TLSEXT
1389 1390 1391 1392
        case OPT_SERVERNAME:
            tlsextcbp.servername = opt_arg();
            break;
        case OPT_SERVERNAME_FATAL:
1393
            tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL;
1394 1395 1396 1397 1398 1399 1400
            break;
        case OPT_CERT2:
            s_cert_file2 = opt_arg();
            break;
        case OPT_KEY2:
            s_key_file2 = opt_arg();
            break;
B
Ben Laurie 已提交
1401
# ifndef OPENSSL_NO_NEXTPROTONEG
1402 1403 1404
        case OPT_NEXTPROTONEG:
            next_proto_neg_in = opt_arg();
            break;
1405
# endif
1406 1407 1408
        case OPT_ALPN:
            alpn_in = opt_arg();
            break;
1409
#endif
D
Dr. Stephen Henson 已提交
1410
#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1411 1412 1413 1414 1415 1416
        case OPT_JPAKE:
            jpake_secret = opt_arg();
            break;
#else
        case OPT_JPAKE:
            goto opthelp;
1417
#endif
1418 1419 1420 1421 1422 1423
        case OPT_KRB5SVC:
            krb5svc = opt_arg();
            break;
        case OPT_KRBTAB:
            krb5tab = opt_arg();
            break;
1424 1425 1426 1427 1428 1429 1430 1431
        case OPT_SRTP_PROFILES:
            srtp_profiles = opt_arg();
            break;
        case OPT_KEYMATEXPORT:
            keymatexportlabel = opt_arg();
            break;
        case OPT_KEYMATEXPORTLEN:
            keymatexportlen = atoi(opt_arg());
1432 1433 1434
            break;
        }
    }
1435 1436 1437
    argc = opt_num_rest();
    argv = opt_rest();

1438
#ifndef OPENSSL_NO_DTLS1
1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449
    if (www && socket_type == SOCK_DGRAM) {
        BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n");
        goto end;
    }
#endif

    if (unix_path && (socket_type != SOCK_STREAM)) {
        BIO_printf(bio_err,
                   "Can't use unix sockets and datagrams together\n");
        goto end;
    }
D
Dr. Stephen Henson 已提交
1450
#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
1451 1452 1453 1454 1455 1456 1457
    if (jpake_secret) {
        if (psk_key) {
            BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
            goto end;
        }
        psk_identity = "JPAKE";
    }
1458
#endif
1459

1460
    if (!app_passwd(passarg, dpassarg, &pass, &dpass)) {
1461 1462 1463
        BIO_printf(bio_err, "Error getting password\n");
        goto end;
    }
D
PR: 910  
Dr. Stephen Henson 已提交
1464

1465 1466
    if (s_key_file == NULL)
        s_key_file = s_cert_file;
1467
#ifndef OPENSSL_NO_TLSEXT
1468 1469 1470
    if (s_key_file2 == NULL)
        s_key_file2 = s_cert_file2;
#endif
1471

1472
    if (!load_excert(&exc))
1473 1474 1475
        goto end;

    if (nocert == 0) {
1476
        s_key = load_key(s_key_file, s_key_format, 0, pass, e,
1477 1478 1479 1480 1481
                         "server certificate private key file");
        if (!s_key) {
            ERR_print_errors(bio_err);
            goto end;
        }
D
PR: 910  
Dr. Stephen Henson 已提交
1482

1483
        s_cert = load_cert(s_cert_file, s_cert_format,
1484 1485 1486 1487 1488 1489 1490
                           NULL, e, "server certificate file");

        if (!s_cert) {
            ERR_print_errors(bio_err);
            goto end;
        }
        if (s_chain_file) {
1491
            s_chain = load_certs(s_chain_file, FORMAT_PEM,
1492 1493 1494 1495 1496 1497
                                 NULL, e, "server certificate chain");
            if (!s_chain)
                goto end;
        }
#ifndef OPENSSL_NO_TLSEXT
        if (tlsextcbp.servername) {
1498
            s_key2 = load_key(s_key_file2, s_key_format, 0, pass, e,
1499 1500 1501 1502 1503 1504
                              "second server certificate private key file");
            if (!s_key2) {
                ERR_print_errors(bio_err);
                goto end;
            }

1505
            s_cert2 = load_cert(s_cert_file2, s_cert_format,
1506 1507 1508 1509 1510 1511 1512 1513 1514
                                NULL, e, "second server certificate file");

            if (!s_cert2) {
                ERR_print_errors(bio_err);
                goto end;
            }
        }
#endif                          /* OPENSSL_NO_TLSEXT */
    }
A
Adam Langley 已提交
1515
#if !defined(OPENSSL_NO_TLSEXT)
1516 1517 1518 1519 1520 1521 1522 1523 1524 1525
# if !defined(OPENSSL_NO_NEXTPROTONEG)
    if (next_proto_neg_in) {
        unsigned short len;
        next_proto.data = next_protos_parse(&len, next_proto_neg_in);
        if (next_proto.data == NULL)
            goto end;
        next_proto.len = len;
    } else {
        next_proto.data = NULL;
    }
A
Adam Langley 已提交
1526
# endif
1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554
    alpn_ctx.data = NULL;
    if (alpn_in) {
        unsigned short len;
        alpn_ctx.data = next_protos_parse(&len, alpn_in);
        if (alpn_ctx.data == NULL)
            goto end;
        alpn_ctx.len = len;
    }
#endif

    if (crl_file) {
        X509_CRL *crl;
        crl = load_crl(crl_file, crl_format);
        if (!crl) {
            BIO_puts(bio_err, "Error loading CRL\n");
            ERR_print_errors(bio_err);
            goto end;
        }
        crls = sk_X509_CRL_new_null();
        if (!crls || !sk_X509_CRL_push(crls, crl)) {
            BIO_puts(bio_err, "Error adding CRL\n");
            ERR_print_errors(bio_err);
            X509_CRL_free(crl);
            goto end;
        }
    }

    if (s_dcert_file) {
1555

1556 1557 1558
        if (s_dkey_file == NULL)
            s_dkey_file = s_dcert_file;

1559
        s_dkey = load_key(s_dkey_file, s_dkey_format,
1560 1561 1562 1563 1564 1565
                          0, dpass, e, "second certificate private key file");
        if (!s_dkey) {
            ERR_print_errors(bio_err);
            goto end;
        }

1566
        s_dcert = load_cert(s_dcert_file, s_dcert_format,
1567 1568 1569 1570 1571 1572 1573
                            NULL, e, "second server certificate file");

        if (!s_dcert) {
            ERR_print_errors(bio_err);
            goto end;
        }
        if (s_dchain_file) {
1574
            s_dchain = load_certs(s_dchain_file, FORMAT_PEM,
1575 1576 1577 1578 1579 1580 1581
                                  NULL, e, "second server certificate chain");
            if (!s_dchain)
                goto end;
        }

    }

1582
    if (!app_RAND_load_file(NULL, 1) && inrand == NULL
1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594
        && !RAND_status()) {
        BIO_printf(bio_err,
                   "warning, not much extra random data, consider using the -rand option\n");
    }
    if (inrand != NULL)
        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
                   app_RAND_load_files(inrand));

    if (bio_s_out == NULL) {
        if (s_quiet && !s_debug) {
            bio_s_out = BIO_new(BIO_s_null());
            if (s_msg && !bio_s_msg)
1595
                bio_s_msg = dup_bio_out();
1596 1597
        } else {
            if (bio_s_out == NULL)
1598
                bio_s_out = dup_bio_out();
1599 1600
        }
    }
1601
#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
1602
    if (nocert)
1603
#endif
1604 1605 1606 1607 1608
    {
        s_cert_file = NULL;
        s_key_file = NULL;
        s_dcert_file = NULL;
        s_dkey_file = NULL;
1609
#ifndef OPENSSL_NO_TLSEXT
1610 1611 1612 1613 1614 1615 1616
        s_cert_file2 = NULL;
        s_key_file2 = NULL;
#endif
    }

    ctx = SSL_CTX_new(meth);
    if (sdebug)
R
Rich Salz 已提交
1617
        ssl_ctx_security_debug(ctx, sdebug);
1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644
    if (ctx == NULL) {
        ERR_print_errors(bio_err);
        goto end;
    }
    if (session_id_prefix) {
        if (strlen(session_id_prefix) >= 32)
            BIO_printf(bio_err,
                       "warning: id_prefix is too long, only one new session will be possible\n");
        if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
            BIO_printf(bio_err, "error setting 'id_prefix'\n");
            ERR_print_errors(bio_err);
            goto end;
        }
        BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
    }
    SSL_CTX_set_quiet_shutdown(ctx, 1);
    if (exc)
        ssl_ctx_set_excert(ctx, exc);

    if (state)
        SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
    if (no_cache)
        SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
    else if (ext_cache)
        init_session_cache_ctx(ctx);
    else
        SSL_CTX_sess_set_cache_size(ctx, 128);
1645

P
Piotr Sikora 已提交
1646
#ifndef OPENSSL_NO_SRTP
M
Matt Caswell 已提交
1647
    if (srtp_profiles != NULL) {
1648 1649
        /* Returns 0 on success! */
        if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles) != 0) {
M
Matt Caswell 已提交
1650 1651 1652 1653 1654
            BIO_printf(bio_err, "Error setting SRTP profile\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }
P
Piotr Sikora 已提交
1655
#endif
B
Ben Laurie 已提交
1656

1657
    if (!ctx_set_verify_locations(ctx, CAfile, CApath)) {
1658
        ERR_print_errors(bio_err);
1659
        goto end;
1660
    }
1661 1662
    if (vpmtouched && !SSL_CTX_set1_param(ctx, vpm)) {
        BIO_printf(bio_err, "Error setting verify params\n");
M
Matt Caswell 已提交
1663 1664 1665
        ERR_print_errors(bio_err);
        goto end;
    }
1666 1667

    ssl_ctx_add_crls(ctx, crls, 0);
1668
    if (!config_ctx(cctx, ssl_args, ctx, no_ecdhe, jpake_secret == NULL))
1669 1670 1671 1672 1673 1674 1675 1676
        goto end;

    if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile,
                         crls, crl_download)) {
        BIO_printf(bio_err, "Error loading store locations\n");
        ERR_print_errors(bio_err);
        goto end;
    }
1677
#ifndef OPENSSL_NO_TLSEXT
1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689
    if (s_cert2) {
        ctx2 = SSL_CTX_new(meth);
        if (ctx2 == NULL) {
            ERR_print_errors(bio_err);
            goto end;
        }
    }

    if (ctx2) {
        BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");

        if (sdebug)
R
Rich Salz 已提交
1690
            ssl_ctx_security_debug(ctx, sdebug);
1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720

        if (session_id_prefix) {
            if (strlen(session_id_prefix) >= 32)
                BIO_printf(bio_err,
                           "warning: id_prefix is too long, only one new session will be possible\n");
            if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) {
                BIO_printf(bio_err, "error setting 'id_prefix'\n");
                ERR_print_errors(bio_err);
                goto end;
            }
            BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
        }
        SSL_CTX_set_quiet_shutdown(ctx2, 1);
        if (exc)
            ssl_ctx_set_excert(ctx2, exc);

        if (state)
            SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);

        if (no_cache)
            SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF);
        else if (ext_cache)
            init_session_cache_ctx(ctx2);
        else
            SSL_CTX_sess_set_cache_size(ctx2, 128);

        if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
            (!SSL_CTX_set_default_verify_paths(ctx2))) {
            ERR_print_errors(bio_err);
        }
1721 1722
        if (vpmtouched && !SSL_CTX_set1_param(ctx2, vpm)) {
            BIO_printf(bio_err, "Error setting verify params\n");
M
Matt Caswell 已提交
1723 1724 1725
            ERR_print_errors(bio_err);
            goto end;
        }
B
Ben Laurie 已提交
1726

1727
        ssl_ctx_add_crls(ctx2, crls, 0);
1728
        if (!config_ctx(cctx, ssl_args, ctx2, no_ecdhe, jpake_secret == NULL))
1729 1730
            goto end;
    }
B
Ben Laurie 已提交
1731
# ifndef OPENSSL_NO_NEXTPROTONEG
1732 1733 1734
    if (next_proto.data)
        SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb,
                                              &next_proto);
B
Ben Laurie 已提交
1735
# endif
1736 1737 1738
    if (alpn_ctx.data)
        SSL_CTX_set_alpn_select_cb(ctx, alpn_cb, &alpn_ctx);
#endif
B
Bodo Möller 已提交
1739

1740
#ifndef OPENSSL_NO_DH
1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787
    if (!no_dhe) {
        DH *dh = NULL;

        if (dhfile)
            dh = load_dh_param(dhfile);
        else if (s_cert_file)
            dh = load_dh_param(s_cert_file);

        if (dh != NULL) {
            BIO_printf(bio_s_out, "Setting temp DH parameters\n");
        } else {
            BIO_printf(bio_s_out, "Using default temp DH parameters\n");
        }
        (void)BIO_flush(bio_s_out);

        if (dh == NULL)
            SSL_CTX_set_dh_auto(ctx, 1);
        else if (!SSL_CTX_set_tmp_dh(ctx, dh)) {
            BIO_puts(bio_err, "Error setting temp DH parameters\n");
            ERR_print_errors(bio_err);
            DH_free(dh);
            goto end;
        }
# ifndef OPENSSL_NO_TLSEXT
        if (ctx2) {
            if (!dhfile) {
                DH *dh2 = load_dh_param(s_cert_file2);
                if (dh2 != NULL) {
                    BIO_printf(bio_s_out, "Setting temp DH parameters\n");
                    (void)BIO_flush(bio_s_out);

                    DH_free(dh);
                    dh = dh2;
                }
            }
            if (dh == NULL)
                SSL_CTX_set_dh_auto(ctx2, 1);
            else if (!SSL_CTX_set_tmp_dh(ctx2, dh)) {
                BIO_puts(bio_err, "Error setting temp DH parameters\n");
                ERR_print_errors(bio_err);
                DH_free(dh);
                goto end;
            }
        }
# endif
        DH_free(dh);
    }
1788
#endif
1789

1790 1791
    if (!set_cert_key_stuff(ctx, s_cert, s_key, s_chain, build_chain))
        goto end;
1792
#ifndef OPENSSL_NO_TLSEXT
1793 1794 1795 1796 1797
    if (s_serverinfo_file != NULL
        && !SSL_CTX_use_serverinfo_file(ctx, s_serverinfo_file)) {
        ERR_print_errors(bio_err);
        goto end;
    }
1798
#endif
1799 1800 1801
#ifndef OPENSSL_NO_TLSEXT
    if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2, NULL, build_chain))
        goto end;
1802
#endif
1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814
    if (s_dcert != NULL) {
        if (!set_cert_key_stuff(ctx, s_dcert, s_dkey, s_dchain, build_chain))
            goto end;
    }
#ifndef OPENSSL_NO_RSA
    if (!no_tmp_rsa) {
        SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
#  ifndef OPENSSL_NO_TLSEXT
        if (ctx2)
            SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
#  endif
    }
1815 1816
#endif

1817 1818 1819
    if (no_resume_ephemeral) {
        SSL_CTX_set_not_resumable_session_callback(ctx,
                                                   not_resumable_sess_cb);
1820
#ifndef OPENSSL_NO_TLSEXT
1821 1822 1823
        if (ctx2)
            SSL_CTX_set_not_resumable_session_callback(ctx2,
                                                       not_resumable_sess_cb);
1824
#endif
1825
    }
1826
#ifndef OPENSSL_NO_PSK
1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837
# ifdef OPENSSL_NO_JPAKE
    if (psk_key != NULL)
# else
    if (psk_key != NULL || jpake_secret)
# endif
    {
        if (s_debug)
            BIO_printf(bio_s_out,
                       "PSK key given or JPAKE in use, setting server callback\n");
        SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
    }
1838

1839 1840 1841 1842 1843
    if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) {
        BIO_printf(bio_err, "error setting PSK identity hint to context\n");
        ERR_print_errors(bio_err);
        goto end;
    }
1844 1845
#endif

1846
    SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
V
Viktor Dukhovni 已提交
1847
    if (!SSL_CTX_set_session_id_context(ctx,
1848 1849
                (void *)&s_server_session_id_context,
                sizeof s_server_session_id_context)) {
M
Matt Caswell 已提交
1850 1851 1852 1853
        BIO_printf(bio_err, "error setting session id context\n");
        ERR_print_errors(bio_err);
        goto end;
    }
1854

1855 1856 1857
    /* Set DTLS cookie generation and verification callbacks */
    SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
    SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
D
Dr. Stephen Henson 已提交
1858

1859
#ifndef OPENSSL_NO_TLSEXT
1860 1861
    if (ctx2) {
        SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
V
Viktor Dukhovni 已提交
1862
        if (!SSL_CTX_set_session_id_context(ctx2,
1863 1864
                    (void *)&s_server_session_id_context,
                    sizeof s_server_session_id_context)) {
M
Matt Caswell 已提交
1865 1866 1867 1868
            BIO_printf(bio_err, "error setting session id context\n");
            ERR_print_errors(bio_err);
            goto end;
        }
1869 1870 1871 1872 1873 1874
        tlsextcbp.biodebug = bio_s_out;
        SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
        SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
        SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
        SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
    }
1875
#endif
1876

B
Ben Laurie 已提交
1877
#ifndef OPENSSL_NO_SRP
1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896
    if (srp_verifier_file != NULL) {
        srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
        srp_callback_parm.user = NULL;
        srp_callback_parm.login = NULL;
        if ((ret =
             SRP_VBASE_init(srp_callback_parm.vb,
                            srp_verifier_file)) != SRP_NO_ERROR) {
            BIO_printf(bio_err,
                       "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
                       srp_verifier_file, ret);
            goto end;
        }
        SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback);
        SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
        SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
    } else
#endif
    if (CAfile != NULL) {
        SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
1897
#ifndef OPENSSL_NO_TLSEXT
1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910
        if (ctx2)
            SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
#endif
    }

    BIO_printf(bio_s_out, "ACCEPT\n");
    (void)BIO_flush(bio_s_out);
    if (rev)
        server_cb = rev_body;
    else if (www)
        server_cb = www_body;
    else
        server_cb = sv_body;
D
Dr. Stephen Henson 已提交
1911
#ifndef NO_SYS_UN_H
1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923
    if (unix_path) {
        if (unlink_unix_path)
            unlink(unix_path);
        do_server_unix(unix_path, &accept_socket, server_cb, context,
                       naccept);
    } else
#endif
        do_server(port, socket_type, &accept_socket, server_cb, context,
                  naccept);
    print_stats(bio_s_out, ctx);
    ret = 0;
 end:
R
Rich Salz 已提交
1924
    SSL_CTX_free(ctx);
R
Rich Salz 已提交
1925 1926 1927
    X509_free(s_cert);
    sk_X509_CRL_pop_free(crls, X509_CRL_free);
    X509_free(s_dcert);
R
Rich Salz 已提交
1928 1929
    EVP_PKEY_free(s_key);
    EVP_PKEY_free(s_dkey);
R
Rich Salz 已提交
1930 1931
    sk_X509_pop_free(s_chain, X509_free);
    sk_X509_pop_free(s_dchain, X509_free);
1932 1933 1934 1935
    if (pass)
        OPENSSL_free(pass);
    if (dpass)
        OPENSSL_free(dpass);
R
Rich Salz 已提交
1936
    X509_VERIFY_PARAM_free(vpm);
1937
    free_sessions();
1938
#ifndef OPENSSL_NO_TLSEXT
1939 1940 1941 1942 1943 1944
    if (tlscstatp.host)
        OPENSSL_free(tlscstatp.host);
    if (tlscstatp.port)
        OPENSSL_free(tlscstatp.port);
    if (tlscstatp.path)
        OPENSSL_free(tlscstatp.path);
R
Rich Salz 已提交
1945
    if (ctx2 != NULL)
R
Rich Salz 已提交
1946
    SSL_CTX_free(ctx2);
R
Rich Salz 已提交
1947
    X509_free(s_cert2);
R
Rich Salz 已提交
1948
    EVP_PKEY_free(s_key2);
R
Rich Salz 已提交
1949
    BIO_free(serverinfo_in);
1950
# ifndef OPENSSL_NO_NEXTPROTONEG
1951 1952
    if (next_proto.data)
        OPENSSL_free(next_proto.data);
1953
# endif
1954 1955 1956 1957
    if (alpn_ctx.data)
        OPENSSL_free(alpn_ctx.data);
#endif
    ssl_excert_free(exc);
1958
    sk_OPENSSL_STRING_free(ssl_args);
R
Rich Salz 已提交
1959
    SSL_CONF_CTX_free(cctx);
1960
#ifndef OPENSSL_NO_JPAKE
1961 1962 1963
    if (jpake_secret && psk_key)
        OPENSSL_free(psk_key);
#endif
R
Rich Salz 已提交
1964 1965 1966 1967
    BIO_free(bio_s_out);
    bio_s_out = NULL;
    BIO_free(bio_s_msg);
    bio_s_msg = NULL;
1968
    return (ret);
1969
}
1970

U
Ulf Möller 已提交
1971
static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997
{
    BIO_printf(bio, "%4ld items in the session cache\n",
               SSL_CTX_sess_number(ssl_ctx));
    BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
               SSL_CTX_sess_connect(ssl_ctx));
    BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
               SSL_CTX_sess_connect_renegotiate(ssl_ctx));
    BIO_printf(bio, "%4ld client connects that finished\n",
               SSL_CTX_sess_connect_good(ssl_ctx));
    BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
               SSL_CTX_sess_accept(ssl_ctx));
    BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
               SSL_CTX_sess_accept_renegotiate(ssl_ctx));
    BIO_printf(bio, "%4ld server accepts that finished\n",
               SSL_CTX_sess_accept_good(ssl_ctx));
    BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx));
    BIO_printf(bio, "%4ld session cache misses\n",
               SSL_CTX_sess_misses(ssl_ctx));
    BIO_printf(bio, "%4ld session cache timeouts\n",
               SSL_CTX_sess_timeouts(ssl_ctx));
    BIO_printf(bio, "%4ld callback cache hits\n",
               SSL_CTX_sess_cb_hits(ssl_ctx));
    BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
               SSL_CTX_sess_cache_full(ssl_ctx),
               SSL_CTX_sess_get_cache_size(ssl_ctx));
}
1998

1999
static int sv_body(char *hostname, int s, int stype, unsigned char *context)
2000 2001 2002 2003 2004 2005 2006 2007
{
    char *buf = NULL;
    fd_set readfds;
    int ret = 1, width;
    int k, i;
    unsigned long l;
    SSL *con = NULL;
    BIO *sbio;
2008
#ifndef OPENSSL_NO_KRB5
2009
    KSSL_CTX *kctx;
2010
#endif
2011
    struct timeval timeout;
R
Rich Salz 已提交
2012
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
2013
    struct timeval tv;
2014
#else
2015
    struct timeval *timeoutp;
2016
#endif
2017

R
Rich Salz 已提交
2018
    buf = app_malloc(bufsize, "server buffer");
2019 2020 2021
#ifdef FIONBIO
    if (s_nbio) {
        unsigned long sl = 1;
2022

2023 2024 2025 2026 2027
        if (!s_quiet)
            BIO_printf(bio_err, "turning on non blocking io\n");
        if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
            ERR_print_errors(bio_err);
    }
2028 2029
#endif

2030 2031
    if (con == NULL) {
        con = SSL_new(ctx);
2032
#ifndef OPENSSL_NO_TLSEXT
2033 2034 2035 2036 2037 2038 2039 2040
        if (s_tlsextdebug) {
            SSL_set_tlsext_debug_callback(con, tlsext_cb);
            SSL_set_tlsext_debug_arg(con, bio_s_out);
        }
        if (s_tlsextstatus) {
            SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
            SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
        }
2041
#endif
2042
#ifndef OPENSSL_NO_KRB5
2043 2044
        if ((kctx = kssl_ctx_new()) != NULL) {
            SSL_set0_kssl_ctx(con, kctx);
2045 2046 2047 2048
            kssl_ctx_setstring(kctx, KSSL_SERVICE,
                               krb5svc ? krb5svc : KRB5SVC);
            if (krb5tab)
                kssl_ctx_setstring(kctx, KSSL_KEYTAB, krb5tab);
2049 2050
        }
#endif                          /* OPENSSL_NO_KRB5 */
2051 2052 2053
        if (context
                && !SSL_set_session_id_context(con,
                        context, strlen((char *)context))) {
M
Matt Caswell 已提交
2054 2055 2056 2057 2058
            BIO_printf(bio_err, "Error setting session id context\n");
            ret = -1;
            goto err;
        }
    }
V
Viktor Dukhovni 已提交
2059
    if (!SSL_clear(con)) {
M
Matt Caswell 已提交
2060 2061 2062
        BIO_printf(bio_err, "Error clearing SSL connection\n");
        ret = -1;
        goto err;
2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096
    }

    if (stype == SOCK_DGRAM) {

        sbio = BIO_new_dgram(s, BIO_NOCLOSE);

        if (enable_timeouts) {
            timeout.tv_sec = 0;
            timeout.tv_usec = DGRAM_RCV_TIMEOUT;
            BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);

            timeout.tv_sec = 0;
            timeout.tv_usec = DGRAM_SND_TIMEOUT;
            BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
        }

        if (socket_mtu) {
            if (socket_mtu < DTLS_get_link_min_mtu(con)) {
                BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
                           DTLS_get_link_min_mtu(con));
                ret = -1;
                BIO_free(sbio);
                goto err;
            }
            SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
            if (!DTLS_set_link_mtu(con, socket_mtu)) {
                BIO_printf(bio_err, "Failed to set MTU\n");
                ret = -1;
                BIO_free(sbio);
                goto err;
            }
        } else
            /* want to do MTU discovery */
            BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
B
Ben Laurie 已提交
2097 2098 2099

        /* turn on cookie exchange */
        SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
2100 2101
    } else
        sbio = BIO_new_socket(s, BIO_NOCLOSE);
B
Ben Laurie 已提交
2102

2103 2104
    if (s_nbio_test) {
        BIO *test;
2105

2106 2107 2108
        test = BIO_new(BIO_f_nbio_test());
        sbio = BIO_push(test, sbio);
    }
D
Dr. Stephen Henson 已提交
2109
#ifndef OPENSSL_NO_JPAKE
2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123
    if (jpake_secret)
        jpake_server_auth(bio_s_out, sbio, jpake_secret);
#endif

    SSL_set_bio(con, sbio, sbio);
    SSL_set_accept_state(con);
    /* SSL_set_fd(con,s); */

    if (s_debug) {
        SSL_set_debug(con, 1);
        BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
        BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
    }
    if (s_msg) {
2124
#ifndef OPENSSL_NO_SSL_TRACE
2125 2126 2127
        if (s_msg == 2)
            SSL_set_msg_callback(con, SSL_trace);
        else
2128
#endif
2129 2130 2131
            SSL_set_msg_callback(con, msg_cb);
        SSL_set_msg_callback_arg(con, bio_s_msg ? bio_s_msg : bio_s_out);
    }
2132
#ifndef OPENSSL_NO_TLSEXT
2133 2134 2135 2136
    if (s_tlsextdebug) {
        SSL_set_tlsext_debug_callback(con, tlsext_cb);
        SSL_set_tlsext_debug_arg(con, bio_s_out);
    }
2137
#endif
2138

2139 2140 2141 2142
    width = s + 1;
    for (;;) {
        int read_from_terminal;
        int read_from_sslcon;
B
Bodo Möller 已提交
2143

2144 2145
        read_from_terminal = 0;
        read_from_sslcon = SSL_pending(con);
B
Bodo Möller 已提交
2146

2147 2148
        if (!read_from_sslcon) {
            FD_ZERO(&readfds);
R
Rich Salz 已提交
2149
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
2150 2151 2152 2153 2154 2155 2156 2157 2158 2159
            openssl_fdset(fileno(stdin), &readfds);
#endif
            openssl_fdset(s, &readfds);
            /*
             * Note: under VMS with SOCKETSHR the second parameter is
             * currently of type (int *) whereas under other systems it is
             * (void *) if you don't have a cast it will choke the compiler:
             * if you do have a cast then you can either go for (int *) or
             * (void *).
             */
R
Richard Levitte 已提交
2160
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173
            /*
             * Under DOS (non-djgpp) and Windows we can't select on stdin:
             * only on sockets. As a workaround we timeout the select every
             * second and check for any keypress. In a proper Windows
             * application we wouldn't do this because it is inefficient.
             */
            tv.tv_sec = 1;
            tv.tv_usec = 0;
            i = select(width, (void *)&readfds, NULL, NULL, &tv);
            if ((i < 0) || (!i && !_kbhit()))
                continue;
            if (_kbhit())
                read_from_terminal = 1;
2174
#else
2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 2210 2211 2212 2213 2214 2215 2216 2217 2218 2219
            if ((SSL_version(con) == DTLS1_VERSION) &&
                DTLSv1_get_timeout(con, &timeout))
                timeoutp = &timeout;
            else
                timeoutp = NULL;

            i = select(width, (void *)&readfds, NULL, NULL, timeoutp);

            if ((SSL_version(con) == DTLS1_VERSION)
                && DTLSv1_handle_timeout(con) > 0) {
                BIO_printf(bio_err, "TIMEOUT occurred\n");
            }

            if (i <= 0)
                continue;
            if (FD_ISSET(fileno(stdin), &readfds))
                read_from_terminal = 1;
#endif
            if (FD_ISSET(s, &readfds))
                read_from_sslcon = 1;
        }
        if (read_from_terminal) {
            if (s_crlf) {
                int j, lf_num;

                i = raw_read_stdin(buf, bufsize / 2);
                lf_num = 0;
                /* both loops are skipped when i <= 0 */
                for (j = 0; j < i; j++)
                    if (buf[j] == '\n')
                        lf_num++;
                for (j = i - 1; j >= 0; j--) {
                    buf[j + lf_num] = buf[j];
                    if (buf[j] == '\n') {
                        lf_num--;
                        i++;
                        buf[j + lf_num] = '\r';
                    }
                }
                assert(lf_num == 0);
            } else
                i = raw_read_stdin(buf, bufsize);
            if (!s_quiet && !s_brief) {
                if ((i <= 0) || (buf[0] == 'Q')) {
                    BIO_printf(bio_s_out, "DONE\n");
2220
                    (void)BIO_flush(bio_s_out);
2221 2222 2223 2224 2225 2226 2227
                    SHUTDOWN(s);
                    close_accept_socket();
                    ret = -11;
                    goto err;
                }
                if ((i <= 0) || (buf[0] == 'q')) {
                    BIO_printf(bio_s_out, "DONE\n");
2228
                    (void)BIO_flush(bio_s_out);
2229
                    if (SSL_version(con) != DTLS1_VERSION)
B
Ben Laurie 已提交
2230
                        SHUTDOWN(s);
2231 2232 2233 2234 2235
                    /*
                     * close_accept_socket(); ret= -11;
                     */
                    goto err;
                }
D
Dr. Stephen Henson 已提交
2236
#ifndef OPENSSL_NO_HEARTBEATS
2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 2262 2263 2264 2265 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275
                if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
                    BIO_printf(bio_err, "HEARTBEATING\n");
                    SSL_heartbeat(con);
                    i = 0;
                    continue;
                }
#endif
                if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
                    SSL_renegotiate(con);
                    i = SSL_do_handshake(con);
                    printf("SSL_do_handshake -> %d\n", i);
                    i = 0;      /* 13; */
                    continue;
                    /*
                     * strcpy(buf,"server side RE-NEGOTIATE\n");
                     */
                }
                if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
                    SSL_set_verify(con,
                                   SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
                                   NULL);
                    SSL_renegotiate(con);
                    i = SSL_do_handshake(con);
                    printf("SSL_do_handshake -> %d\n", i);
                    i = 0;      /* 13; */
                    continue;
                    /*
                     * strcpy(buf,"server side RE-NEGOTIATE asking for client
                     * cert\n");
                     */
                }
                if (buf[0] == 'P') {
                    static const char *str = "Lets print some clear text\n";
                    BIO_write(SSL_get_wbio(con), str, strlen(str));
                }
                if (buf[0] == 'S') {
                    print_stats(bio_s_out, SSL_get_SSL_CTX(con));
                }
            }
2276
#ifdef CHARSET_EBCDIC
2277
            ebcdic2ascii(buf, buf, i);
2278
#endif
2279 2280 2281
            l = k = 0;
            for (;;) {
                /* should do a select for the write */
2282
#ifdef RENEG
2283 2284 2285 2286 2287 2288 2289
                {
                    static count = 0;
                    if (++count == 100) {
                        count = 0;
                        SSL_renegotiate(con);
                    }
                }
2290
#endif
2291
                k = SSL_write(con, &(buf[l]), (unsigned int)i);
D
Dr. Stephen Henson 已提交
2292
#ifndef OPENSSL_NO_SRP
2293 2294 2295 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 2310 2311 2312 2313 2314 2315 2316
                while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) {
                    BIO_printf(bio_s_out, "LOOKUP renego during write\n");
                    srp_callback_parm.user =
                        SRP_VBASE_get_by_user(srp_callback_parm.vb,
                                              srp_callback_parm.login);
                    if (srp_callback_parm.user)
                        BIO_printf(bio_s_out, "LOOKUP done %s\n",
                                   srp_callback_parm.user->info);
                    else
                        BIO_printf(bio_s_out, "LOOKUP not successful\n");
                    k = SSL_write(con, &(buf[l]), (unsigned int)i);
                }
#endif
                switch (SSL_get_error(con, k)) {
                case SSL_ERROR_NONE:
                    break;
                case SSL_ERROR_WANT_WRITE:
                case SSL_ERROR_WANT_READ:
                case SSL_ERROR_WANT_X509_LOOKUP:
                    BIO_printf(bio_s_out, "Write BLOCK\n");
                    break;
                case SSL_ERROR_SYSCALL:
                case SSL_ERROR_SSL:
                    BIO_printf(bio_s_out, "ERROR\n");
2317
                    (void)BIO_flush(bio_s_out);
2318 2319 2320 2321 2322 2323
                    ERR_print_errors(bio_err);
                    ret = 1;
                    goto err;
                    /* break; */
                case SSL_ERROR_ZERO_RETURN:
                    BIO_printf(bio_s_out, "DONE\n");
2324
                    (void)BIO_flush(bio_s_out);
2325 2326 2327 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347
                    ret = 1;
                    goto err;
                }
                l += k;
                i -= k;
                if (i <= 0)
                    break;
            }
        }
        if (read_from_sslcon) {
            if (!SSL_is_init_finished(con)) {
                i = init_ssl_connection(con);

                if (i < 0) {
                    ret = 0;
                    goto err;
                } else if (i == 0) {
                    ret = 1;
                    goto err;
                }
            } else {
 again:
                i = SSL_read(con, (char *)buf, bufsize);
D
Dr. Stephen Henson 已提交
2348
#ifndef OPENSSL_NO_SRP
2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363
                while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
                    BIO_printf(bio_s_out, "LOOKUP renego during read\n");
                    srp_callback_parm.user =
                        SRP_VBASE_get_by_user(srp_callback_parm.vb,
                                              srp_callback_parm.login);
                    if (srp_callback_parm.user)
                        BIO_printf(bio_s_out, "LOOKUP done %s\n",
                                   srp_callback_parm.user->info);
                    else
                        BIO_printf(bio_s_out, "LOOKUP not successful\n");
                    i = SSL_read(con, (char *)buf, bufsize);
                }
#endif
                switch (SSL_get_error(con, i)) {
                case SSL_ERROR_NONE:
2364
#ifdef CHARSET_EBCDIC
2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377
                    ascii2ebcdic(buf, buf, i);
#endif
                    raw_write_stdout(buf, (unsigned int)i);
                    if (SSL_pending(con))
                        goto again;
                    break;
                case SSL_ERROR_WANT_WRITE:
                case SSL_ERROR_WANT_READ:
                    BIO_printf(bio_s_out, "Read BLOCK\n");
                    break;
                case SSL_ERROR_SYSCALL:
                case SSL_ERROR_SSL:
                    BIO_printf(bio_s_out, "ERROR\n");
2378
                    (void)BIO_flush(bio_s_out);
2379 2380 2381 2382 2383
                    ERR_print_errors(bio_err);
                    ret = 1;
                    goto err;
                case SSL_ERROR_ZERO_RETURN:
                    BIO_printf(bio_s_out, "DONE\n");
2384
                    (void)BIO_flush(bio_s_out);
2385 2386 2387 2388 2389 2390 2391 2392 2393 2394 2395 2396 2397
                    ret = 1;
                    goto err;
                }
            }
        }
    }
 err:
    if (con != NULL) {
        BIO_printf(bio_s_out, "shutting down SSL\n");
        SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
        SSL_free(con);
    }
    BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
R
Rich Salz 已提交
2398
    OPENSSL_clear_free(buf, bufsize);
2399 2400
    if (ret >= 0)
        BIO_printf(bio_s_out, "ACCEPT\n");
R
Rich Salz 已提交
2401
    (void)BIO_flush(bio_s_out);
2402 2403
    return (ret);
}
2404

U
Ulf Möller 已提交
2405
static void close_accept_socket(void)
2406 2407 2408 2409 2410 2411
{
    BIO_printf(bio_err, "shutdown accept socket\n");
    if (accept_socket >= 0) {
        SHUTDOWN2(accept_socket);
    }
}
2412

U
Ulf Möller 已提交
2413
static int init_ssl_connection(SSL *con)
2414 2415 2416 2417 2418
{
    int i;
    const char *str;
    X509 *peer;
    long verify_error;
2419
    char buf[BUFSIZ];
2420
#ifndef OPENSSL_NO_KRB5
2421
    char *client_princ;
2422
#endif
B
Ben Laurie 已提交
2423
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2424 2425
    const unsigned char *next_proto_neg;
    unsigned next_proto_neg_len;
2426
#endif
2427
    unsigned char *exportedkeymat;
2428

2429
    i = SSL_accept(con);
2430
#ifdef CERT_CB_TEST_RETRY
2431 2432 2433 2434 2435 2436 2437 2438
    {
        while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP
               && SSL_state(con) == SSL3_ST_SR_CLNT_HELLO_C) {
            fprintf(stderr,
                    "LOOKUP from certificate callback during accept\n");
            i = SSL_accept(con);
        }
    }
2439
#endif
D
Dr. Stephen Henson 已提交
2440
#ifndef OPENSSL_NO_SRP
2441 2442 2443 2444 2445 2446 2447 2448 2449 2450 2451 2452 2453 2454 2455 2456 2457 2458 2459 2460 2461 2462
    while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
        BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
                   srp_callback_parm.login);
        srp_callback_parm.user =
            SRP_VBASE_get_by_user(srp_callback_parm.vb,
                                  srp_callback_parm.login);
        if (srp_callback_parm.user)
            BIO_printf(bio_s_out, "LOOKUP done %s\n",
                       srp_callback_parm.user->info);
        else
            BIO_printf(bio_s_out, "LOOKUP not successful\n");
        i = SSL_accept(con);
    }
#endif

    if (i <= 0) {
        if (BIO_sock_should_retry(i)) {
            BIO_printf(bio_s_out, "DELAY\n");
            return (1);
        }

        BIO_printf(bio_err, "ERROR\n");
2463

2464 2465 2466 2467 2468 2469 2470 2471 2472 2473 2474
        verify_error = SSL_get_verify_result(con);
        if (verify_error != X509_V_OK) {
            BIO_printf(bio_err, "verify error:%s\n",
                       X509_verify_cert_error_string(verify_error));
        }
        /* Always print any error messages */
        ERR_print_errors(bio_err);
        return (0);
    }

    if (s_brief)
R
Rich Salz 已提交
2475
        print_ssl_summary(con);
2476 2477 2478 2479 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 2491 2492 2493

    PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));

    peer = SSL_get_peer_certificate(con);
    if (peer != NULL) {
        BIO_printf(bio_s_out, "Client certificate\n");
        PEM_write_bio_X509(bio_s_out, peer);
        X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
        BIO_printf(bio_s_out, "subject=%s\n", buf);
        X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
        BIO_printf(bio_s_out, "issuer=%s\n", buf);
        X509_free(peer);
    }

    if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
        BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
    str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
    ssl_print_sigalgs(bio_s_out, con);
2494
#ifndef OPENSSL_NO_EC
2495 2496
    ssl_print_point_formats(bio_s_out, con);
    ssl_print_curves(bio_s_out, con, 0);
2497
#endif
2498
    BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
2499

B
Ben Laurie 已提交
2500
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2501 2502 2503 2504 2505 2506
    SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
    if (next_proto_neg) {
        BIO_printf(bio_s_out, "NEXTPROTO is ");
        BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
        BIO_printf(bio_s_out, "\n");
    }
B
Ben Laurie 已提交
2507
#endif
P
Piotr Sikora 已提交
2508
#ifndef OPENSSL_NO_SRTP
2509 2510 2511 2512 2513 2514 2515 2516 2517 2518 2519 2520 2521 2522
    {
        SRTP_PROTECTION_PROFILE *srtp_profile
            = SSL_get_selected_srtp_profile(con);

        if (srtp_profile)
            BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
                       srtp_profile->name);
    }
#endif
    if (SSL_cache_hit(con))
        BIO_printf(bio_s_out, "Reused session-id\n");
    if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
        TLS1_FLAGS_TLS_PADDING_BUG)
        BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
2523
#ifndef OPENSSL_NO_KRB5
2524 2525 2526 2527 2528 2529 2530 2531 2532 2533 2534 2535
    client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
    if (client_princ != NULL) {
        BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
                   client_princ);
    }
#endif                          /* OPENSSL_NO_KRB5 */
    BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
               SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
    if (keymatexportlabel != NULL) {
        BIO_printf(bio_s_out, "Keying material exporter:\n");
        BIO_printf(bio_s_out, "    Label: '%s'\n", keymatexportlabel);
        BIO_printf(bio_s_out, "    Length: %i bytes\n", keymatexportlen);
R
Rich Salz 已提交
2536 2537 2538 2539 2540 2541 2542 2543 2544 2545 2546 2547
        exportedkeymat = app_malloc(keymatexportlen, "export key");
        if (!SSL_export_keying_material(con, exportedkeymat,
                                        keymatexportlen,
                                        keymatexportlabel,
                                        strlen(keymatexportlabel),
                                        NULL, 0, 0)) {
            BIO_printf(bio_s_out, "    Error\n");
        } else {
            BIO_printf(bio_s_out, "    Keying material: ");
            for (i = 0; i < keymatexportlen; i++)
                BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
            BIO_printf(bio_s_out, "\n");
2548
        }
R
Rich Salz 已提交
2549
        OPENSSL_free(exportedkeymat);
2550 2551 2552 2553
    }

    return (1);
}
2554

2555
#ifndef OPENSSL_NO_DH
N
Nils Larsch 已提交
2556
static DH *load_dh_param(const char *dhfile)
2557 2558 2559 2560 2561 2562 2563 2564
{
    DH *ret = NULL;
    BIO *bio;

    if ((bio = BIO_new_file(dhfile, "r")) == NULL)
        goto err;
    ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
 err:
R
Rich Salz 已提交
2565
    BIO_free(bio);
2566 2567
    return (ret);
}
2568
#endif
2569

2570
static int www_body(char *hostname, int s, int stype, unsigned char *context)
2571 2572 2573 2574 2575 2576 2577
{
    char *buf = NULL;
    int ret = 1;
    int i, j, k, dot;
    SSL *con;
    const SSL_CIPHER *c;
    BIO *io, *ssl_bio, *sbio;
2578
#ifndef OPENSSL_NO_KRB5
2579
    KSSL_CTX *kctx;
2580
#endif
2581 2582 2583
#ifdef RENEG
    int total_bytes = 0;
#endif
2584

R
Rich Salz 已提交
2585
    buf = app_malloc(bufsize, "server www buffer");
2586 2587 2588 2589
    io = BIO_new(BIO_f_buffer());
    ssl_bio = BIO_new(BIO_f_ssl());
    if ((io == NULL) || (ssl_bio == NULL))
        goto err;
2590

2591 2592 2593
#ifdef FIONBIO
    if (s_nbio) {
        unsigned long sl = 1;
2594

2595 2596 2597 2598 2599
        if (!s_quiet)
            BIO_printf(bio_err, "turning on non blocking io\n");
        if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
            ERR_print_errors(bio_err);
    }
2600 2601
#endif

2602 2603 2604
    /* lets make the output buffer a reasonable size */
    if (!BIO_set_write_buffer_size(io, bufsize))
        goto err;
2605

2606 2607
    if ((con = SSL_new(ctx)) == NULL)
        goto err;
2608
#ifndef OPENSSL_NO_TLSEXT
2609 2610 2611 2612
    if (s_tlsextdebug) {
        SSL_set_tlsext_debug_callback(con, tlsext_cb);
        SSL_set_tlsext_debug_arg(con, bio_s_out);
    }
2613
#endif
2614
#ifndef OPENSSL_NO_KRB5
2615 2616 2617 2618 2619
    if ((kctx = kssl_ctx_new()) != NULL) {
        kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
        kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
    }
#endif                          /* OPENSSL_NO_KRB5 */
M
Matt Caswell 已提交
2620
    if (context && !SSL_set_session_id_context(con, context,
2621
                        strlen((char *)context)))
M
Matt Caswell 已提交
2622
        goto err;
2623 2624 2625 2626 2627 2628 2629 2630 2631 2632 2633 2634 2635 2636

    sbio = BIO_new_socket(s, BIO_NOCLOSE);
    if (s_nbio_test) {
        BIO *test;

        test = BIO_new(BIO_f_nbio_test());
        sbio = BIO_push(test, sbio);
    }
    SSL_set_bio(con, sbio, sbio);
    SSL_set_accept_state(con);

    /* SSL_set_fd(con,s); */
    BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
    BIO_push(io, ssl_bio);
2637
#ifdef CHARSET_EBCDIC
2638
    io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
2639
#endif
2640

2641 2642 2643 2644 2645 2646
    if (s_debug) {
        SSL_set_debug(con, 1);
        BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
        BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
    }
    if (s_msg) {
2647
#ifndef OPENSSL_NO_SSL_TRACE
2648 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 2660 2661 2662 2663 2664
        if (s_msg == 2)
            SSL_set_msg_callback(con, SSL_trace);
        else
#endif
            SSL_set_msg_callback(con, msg_cb);
        SSL_set_msg_callback_arg(con, bio_s_msg ? bio_s_msg : bio_s_out);
    }

    for (;;) {
        i = BIO_gets(io, buf, bufsize - 1);
        if (i < 0) {            /* error */
            if (!BIO_should_retry(io)) {
                if (!s_quiet)
                    ERR_print_errors(bio_err);
                goto err;
            } else {
                BIO_printf(bio_s_out, "read R BLOCK\n");
R
Richard Levitte 已提交
2665
#if defined(OPENSSL_SYS_NETWARE)
2666
                delay(1000);
2667
#elif !defined(OPENSSL_SYS_MSDOS)
2668 2669 2670 2671 2672 2673 2674 2675
                sleep(1);
#endif
                continue;
            }
        } else if (i == 0) {    /* end of input */
            ret = 1;
            goto end;
        }
2676

2677 2678
        /* else we have data */
        if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
2679
            ((www == 2) && (strncmp("GET /stats ", buf, 11) == 0))) {
2680 2681 2682 2683 2684 2685 2686 2687 2688 2689 2690 2691 2692 2693 2694 2695 2696 2697 2698 2699 2700 2701 2702 2703 2704 2705 2706 2707 2708 2709 2710 2711 2712 2713 2714 2715 2716 2717
            char *p;
            X509 *peer;
            STACK_OF(SSL_CIPHER) *sk;
            static const char *space = "                          ";

            if (www == 1 && strncmp("GET /reneg", buf, 10) == 0) {
                if (strncmp("GET /renegcert", buf, 14) == 0)
                    SSL_set_verify(con,
                                   SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
                                   NULL);
                i = SSL_renegotiate(con);
                BIO_printf(bio_s_out, "SSL_renegotiate -> %d\n", i);
                i = SSL_do_handshake(con);
                if (i <= 0) {
                    BIO_printf(bio_s_out, "SSL_do_handshake() Retval %d\n",
                               SSL_get_error(con, i));
                    ERR_print_errors(bio_err);
                    goto err;
                }
                /* EVIL HACK! */
                SSL_set_state(con, SSL_ST_ACCEPT);
                i = SSL_do_handshake(con);
                BIO_printf(bio_s_out, "SSL_do_handshake -> %d\n", i);
                if (i <= 0) {
                    BIO_printf(bio_s_out, "SSL_do_handshake() Retval %d\n",
                               SSL_get_error(con, i));
                    ERR_print_errors(bio_err);
                    goto err;
                }
            }

            BIO_puts(io,
                     "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
            BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
            BIO_puts(io, "<pre>\n");
/*                      BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
            BIO_puts(io, "\n");
            for (i = 0; i < local_argc; i++) {
2718 2719 2720 2721 2722 2723 2724 2725 2726 2727 2728 2729 2730 2731 2732 2733
                const char *myp;
                for (myp = local_argv[i]; *myp; myp++)
                    switch (*myp) {
                    case '<':
                        BIO_puts(io, "&lt;");
                        break;
                    case '>':
                        BIO_puts(io, "&gt;");
                        break;
                    case '&':
                        BIO_puts(io, "&amp;");
                        break;
                    default:
                        BIO_write(io, myp, 1);
                        break;
                    }
2734 2735 2736 2737 2738 2739 2740 2741 2742 2743 2744 2745 2746 2747 2748 2749 2750
                BIO_write(io, " ", 1);
            }
            BIO_puts(io, "\n");

            BIO_printf(io,
                       "Secure Renegotiation IS%s supported\n",
                       SSL_get_secure_renegotiation_support(con) ?
                       "" : " NOT");

            /*
             * The following is evil and should not really be done
             */
            BIO_printf(io, "Ciphers supported in s_server binary\n");
            sk = SSL_get_ciphers(con);
            j = sk_SSL_CIPHER_num(sk);
            for (i = 0; i < j; i++) {
                c = sk_SSL_CIPHER_value(sk, i);
2751
                BIO_printf(io, "%-11s:%-25s ",
2752 2753 2754 2755 2756 2757 2758 2759 2760 2761 2762 2763 2764 2765 2766 2767 2768 2769 2770 2771 2772 2773 2774 2775 2776 2777 2778 2779 2780 2781 2782 2783 2784 2785 2786 2787 2788 2789 2790 2791 2792 2793 2794 2795 2796 2797 2798 2799 2800 2801 2802 2803 2804 2805 2806 2807 2808 2809 2810 2811 2812 2813 2814 2815 2816 2817 2818 2819 2820 2821 2822 2823 2824 2825 2826 2827 2828 2829 2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2840 2841 2842 2843 2844 2845 2846 2847
                           SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
                if ((((i + 1) % 2) == 0) && (i + 1 != j))
                    BIO_puts(io, "\n");
            }
            BIO_puts(io, "\n");
            p = SSL_get_shared_ciphers(con, buf, bufsize);
            if (p != NULL) {
                BIO_printf(io,
                           "---\nCiphers common between both SSL end points:\n");
                j = i = 0;
                while (*p) {
                    if (*p == ':') {
                        BIO_write(io, space, 26 - j);
                        i++;
                        j = 0;
                        BIO_write(io, ((i % 3) ? " " : "\n"), 1);
                    } else {
                        BIO_write(io, p, 1);
                        j++;
                    }
                    p++;
                }
                BIO_puts(io, "\n");
            }
            ssl_print_sigalgs(io, con);
#ifndef OPENSSL_NO_EC
            ssl_print_curves(io, con, 0);
#endif
            BIO_printf(io, (SSL_cache_hit(con)
                            ? "---\nReused, " : "---\nNew, "));
            c = SSL_get_current_cipher(con);
            BIO_printf(io, "%s, Cipher is %s\n",
                       SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
            SSL_SESSION_print(io, SSL_get_session(con));
            BIO_printf(io, "---\n");
            print_stats(io, SSL_get_SSL_CTX(con));
            BIO_printf(io, "---\n");
            peer = SSL_get_peer_certificate(con);
            if (peer != NULL) {
                BIO_printf(io, "Client certificate\n");
                X509_print(io, peer);
                PEM_write_bio_X509(io, peer);
            } else
                BIO_puts(io, "no client certificate available\n");
            BIO_puts(io, "</BODY></HTML>\r\n\r\n");
            break;
        } else if ((www == 2 || www == 3)
                   && (strncmp("GET /", buf, 5) == 0)) {
            BIO *file;
            char *p, *e;
            static const char *text =
                "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";

            /* skip the '/' */
            p = &(buf[5]);

            dot = 1;
            for (e = p; *e != '\0'; e++) {
                if (e[0] == ' ')
                    break;

                switch (dot) {
                case 1:
                    dot = (e[0] == '.') ? 2 : 0;
                    break;
                case 2:
                    dot = (e[0] == '.') ? 3 : 0;
                    break;
                case 3:
                    dot = (e[0] == '/') ? -1 : 0;
                    break;
                }
                if (dot == 0)
                    dot = (e[0] == '/') ? 1 : 0;
            }
            dot = (dot == 3) || (dot == -1); /* filename contains ".."
                                              * component */

            if (*e == '\0') {
                BIO_puts(io, text);
                BIO_printf(io, "'%s' is an invalid file name\r\n", p);
                break;
            }
            *e = '\0';

            if (dot) {
                BIO_puts(io, text);
                BIO_printf(io, "'%s' contains '..' reference\r\n", p);
                break;
            }

            if (*p == '/') {
                BIO_puts(io, text);
                BIO_printf(io, "'%s' is an invalid path\r\n", p);
                break;
            }
2848

2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 2862 2863 2864 2865 2866 2867 2868 2869 2870 2871 2872 2873 2874 2875 2876 2877 2878 2879 2880 2881
            /* if a directory, do the index thang */
            if (app_isdir(p) > 0) {
                BIO_puts(io, text);
                BIO_printf(io, "'%s' is a directory\r\n", p);
                break;
            }

            if ((file = BIO_new_file(p, "r")) == NULL) {
                BIO_puts(io, text);
                BIO_printf(io, "Error opening '%s'\r\n", p);
                ERR_print_errors(io);
                break;
            }

            if (!s_quiet)
                BIO_printf(bio_err, "FILE:%s\n", p);

            if (www == 2) {
                i = strlen(p);
                if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) ||
                    ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) ||
                    ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
                    BIO_puts(io,
                             "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
                else
                    BIO_puts(io,
                             "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
            }
            /* send the file */
            for (;;) {
                i = BIO_read(file, buf, bufsize);
                if (i <= 0)
                    break;
2882

2883
#ifdef RENEG
2884 2885 2886 2887 2888 2889 2890 2891 2892 2893
                total_bytes += i;
                fprintf(stderr, "%d\n", i);
                if (total_bytes > 3 * 1024) {
                    total_bytes = 0;
                    fprintf(stderr, "RENEGOTIATE\n");
                    SSL_renegotiate(con);
                }
#endif

                for (j = 0; j < i;) {
2894
#ifdef RENEG
2895 2896 2897 2898 2899 2900 2901 2902 2903 2904 2905 2906 2907 2908 2909 2910 2911 2912 2913 2914 2915 2916 2917 2918 2919 2920 2921 2922 2923 2924 2925 2926 2927 2928 2929 2930
                    {
                        static count = 0;
                        if (++count == 13) {
                            SSL_renegotiate(con);
                        }
                    }
#endif
                    k = BIO_write(io, &(buf[j]), i - j);
                    if (k <= 0) {
                        if (!BIO_should_retry(io))
                            goto write_error;
                        else {
                            BIO_printf(bio_s_out, "rwrite W BLOCK\n");
                        }
                    } else {
                        j += k;
                    }
                }
            }
 write_error:
            BIO_free(file);
            break;
        }
    }

    for (;;) {
        i = (int)BIO_flush(io);
        if (i <= 0) {
            if (!BIO_should_retry(io))
                break;
        } else
            break;
    }
 end:
    /* make sure we re-use sessions */
    SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
2931

2932 2933 2934 2935 2936
 err:
    if (ret >= 0)
        BIO_printf(bio_s_out, "ACCEPT\n");
    if (buf != NULL)
        OPENSSL_free(buf);
R
Rich Salz 已提交
2937
    BIO_free_all(io);
2938 2939
    return (ret);
}
2940

2941
static int rev_body(char *hostname, int s, int stype, unsigned char *context)
2942 2943 2944 2945 2946 2947
{
    char *buf = NULL;
    int i;
    int ret = 1;
    SSL *con;
    BIO *io, *ssl_bio, *sbio;
2948
#ifndef OPENSSL_NO_KRB5
2949
    KSSL_CTX *kctx;
2950 2951
#endif

R
Rich Salz 已提交
2952
    buf = app_malloc(bufsize, "server rev buffer");
2953 2954 2955 2956
    io = BIO_new(BIO_f_buffer());
    ssl_bio = BIO_new(BIO_f_ssl());
    if ((io == NULL) || (ssl_bio == NULL))
        goto err;
2957

2958 2959 2960
    /* lets make the output buffer a reasonable size */
    if (!BIO_set_write_buffer_size(io, bufsize))
        goto err;
2961

2962 2963
    if ((con = SSL_new(ctx)) == NULL)
        goto err;
2964
#ifndef OPENSSL_NO_TLSEXT
2965 2966 2967 2968
    if (s_tlsextdebug) {
        SSL_set_tlsext_debug_callback(con, tlsext_cb);
        SSL_set_tlsext_debug_arg(con, bio_s_out);
    }
2969 2970
#endif
#ifndef OPENSSL_NO_KRB5
2971 2972 2973 2974 2975
    if ((kctx = kssl_ctx_new()) != NULL) {
        kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
        kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
    }
#endif                          /* OPENSSL_NO_KRB5 */
M
Matt Caswell 已提交
2976
    if (context && !SSL_set_session_id_context(con, context,
2977
                        strlen((char *)context))) {
M
Matt Caswell 已提交
2978 2979 2980
        ERR_print_errors(bio_err);
        goto err;
    }
2981 2982 2983 2984 2985 2986 2987

    sbio = BIO_new_socket(s, BIO_NOCLOSE);
    SSL_set_bio(con, sbio, sbio);
    SSL_set_accept_state(con);

    BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
    BIO_push(io, ssl_bio);
2988
#ifdef CHARSET_EBCDIC
2989
    io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
2990 2991
#endif

2992 2993 2994 2995 2996 2997
    if (s_debug) {
        SSL_set_debug(con, 1);
        BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
        BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
    }
    if (s_msg) {
2998
#ifndef OPENSSL_NO_SSL_TRACE
2999 3000 3001 3002 3003 3004 3005 3006 3007 3008 3009 3010 3011 3012 3013 3014 3015 3016 3017
        if (s_msg == 2)
            SSL_set_msg_callback(con, SSL_trace);
        else
#endif
            SSL_set_msg_callback(con, msg_cb);
        SSL_set_msg_callback_arg(con, bio_s_msg ? bio_s_msg : bio_s_out);
    }

    for (;;) {
        i = BIO_do_handshake(io);
        if (i > 0)
            break;
        if (!BIO_should_retry(io)) {
            BIO_puts(bio_err, "CONNECTION FAILURE\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }
    BIO_printf(bio_err, "CONNECTION ESTABLISHED\n");
R
Rich Salz 已提交
3018
    print_ssl_summary(con);
3019 3020 3021 3022 3023 3024 3025 3026 3027 3028

    for (;;) {
        i = BIO_gets(io, buf, bufsize - 1);
        if (i < 0) {            /* error */
            if (!BIO_should_retry(io)) {
                if (!s_quiet)
                    ERR_print_errors(bio_err);
                goto err;
            } else {
                BIO_printf(bio_s_out, "read R BLOCK\n");
3029
#if defined(OPENSSL_SYS_NETWARE)
3030
                delay(1000);
3031
#elif !defined(OPENSSL_SYS_MSDOS)
3032 3033 3034 3035 3036 3037 3038 3039 3040 3041 3042 3043 3044 3045 3046 3047 3048 3049 3050 3051 3052 3053 3054 3055 3056 3057 3058 3059 3060 3061 3062 3063 3064 3065 3066 3067 3068 3069 3070
                sleep(1);
#endif
                continue;
            }
        } else if (i == 0) {    /* end of input */
            ret = 1;
            BIO_printf(bio_err, "CONNECTION CLOSED\n");
            goto end;
        } else {
            char *p = buf + i - 1;
            while (i && (*p == '\n' || *p == '\r')) {
                p--;
                i--;
            }
            if (!s_ign_eof && i == 5 && !strncmp(buf, "CLOSE", 5)) {
                ret = 1;
                BIO_printf(bio_err, "CONNECTION CLOSED\n");
                goto end;
            }
            BUF_reverse((unsigned char *)buf, NULL, i);
            buf[i] = '\n';
            BIO_write(io, buf, i + 1);
            for (;;) {
                i = BIO_flush(io);
                if (i > 0)
                    break;
                if (!BIO_should_retry(io))
                    goto end;
            }
        }
    }
 end:
    /* make sure we re-use sessions */
    SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);

 err:

    if (buf != NULL)
        OPENSSL_free(buf);
R
Rich Salz 已提交
3071
    BIO_free_all(io);
3072 3073
    return (ret);
}
3074

3075
#ifndef OPENSSL_NO_RSA
R
Rich Salz 已提交
3076
static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength)
3077 3078 3079 3080 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090
{
    BIGNUM *bn = NULL;
    static RSA *rsa_tmp = NULL;

    if (!rsa_tmp && ((bn = BN_new()) == NULL))
        BIO_printf(bio_err, "Allocation error in generating RSA key\n");
    if (!rsa_tmp && bn) {
        if (!s_quiet) {
            BIO_printf(bio_err, "Generating temp (%d bit) RSA key...",
                       keylength);
            (void)BIO_flush(bio_err);
        }
        if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
            !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
R
Rich Salz 已提交
3091
            RSA_free(rsa_tmp);
3092 3093 3094 3095 3096 3097 3098 3099 3100 3101
            rsa_tmp = NULL;
        }
        if (!s_quiet) {
            BIO_printf(bio_err, "\n");
            (void)BIO_flush(bio_err);
        }
        BN_free(bn);
    }
    return (rsa_tmp);
}
3102
#endif
3103 3104 3105

#define MAX_SESSION_ID_ATTEMPTS 10
static int generate_session_id(const SSL *ssl, unsigned char *id,
3106 3107 3108 3109
                               unsigned int *id_len)
{
    unsigned int count = 0;
    do {
M
Matt Caswell 已提交
3110 3111
        if (RAND_bytes(id, *id_len) <= 0)
            return 0;
3112 3113 3114 3115 3116 3117 3118 3119 3120 3121 3122 3123 3124 3125 3126 3127 3128 3129 3130 3131
        /*
         * Prefix the session_id with the required prefix. NB: If our prefix
         * is too long, clip it - but there will be worse effects anyway, eg.
         * the server could only possibly create 1 session ID (ie. the
         * prefix!) so all future session negotiations will fail due to
         * conflicts.
         */
        memcpy(id, session_id_prefix,
               (strlen(session_id_prefix) < *id_len) ?
               strlen(session_id_prefix) : *id_len);
    }
    while (SSL_has_matching_session_id(ssl, id, *id_len) &&
           (++count < MAX_SESSION_ID_ATTEMPTS));
    if (count >= MAX_SESSION_ID_ATTEMPTS)
        return 0;
    return 1;
}

/*
 * By default s_server uses an in-memory cache which caches SSL_SESSION
3132 3133 3134 3135 3136
 * structures without any serialisation. This hides some bugs which only
 * become apparent in deployed servers. By implementing a basic external
 * session cache some issues can be debugged using s_server.
 */

3137 3138 3139 3140 3141 3142 3143
typedef struct simple_ssl_session_st {
    unsigned char *id;
    unsigned int idlen;
    unsigned char *der;
    int derlen;
    struct simple_ssl_session_st *next;
} simple_ssl_session;
3144 3145 3146 3147

static simple_ssl_session *first = NULL;

static int add_session(SSL *ssl, SSL_SESSION *session)
3148
{
R
Rich Salz 已提交
3149
    simple_ssl_session *sess = app_malloc(sizeof *sess, "get session");
3150
    unsigned char *p;
3151

3152 3153
    SSL_SESSION_get_id(session, &sess->idlen);
    sess->derlen = i2d_SSL_SESSION(session, NULL);
3154 3155
    if (sess->derlen < 0) {
        BIO_printf(bio_err, "Error encoding session\n");
R
Rich Salz 已提交
3156
        OPENSSL_free(sess);
3157 3158
        return 0;
    }
3159

3160
    sess->id = BUF_memdup(SSL_SESSION_get_id(session, NULL), sess->idlen);
R
Rich Salz 已提交
3161 3162
    sess->der = app_malloc(sess->derlen, "get session buffer");
    if (!sess->id) {
3163
        BIO_printf(bio_err, "Out of memory adding to external cache\n");
R
Rich Salz 已提交
3164 3165
        OPENSSL_free(sess->id);
        OPENSSL_free(sess->der);
M
Matt Caswell 已提交
3166 3167 3168
        OPENSSL_free(sess);
        return 0;
    }
3169
    p = sess->der;
3170 3171 3172

    /* Assume it still works. */
    if (i2d_SSL_SESSION(session, &p) != sess->derlen) {
R
Rich Salz 已提交
3173
        BIO_printf(bio_err, "Unexpected session encoding length\n");
R
Rich Salz 已提交
3174 3175 3176
        OPENSSL_free(sess->id);
        OPENSSL_free(sess->der);
        OPENSSL_free(sess);
M
Matt Caswell 已提交
3177 3178
        return 0;
    }
3179

3180 3181 3182 3183 3184
    sess->next = first;
    first = sess;
    BIO_printf(bio_err, "New session added to external cache\n");
    return 0;
}
3185 3186

static SSL_SESSION *get_session(SSL *ssl, unsigned char *id, int idlen,
3187 3188 3189 3190 3191 3192 3193 3194 3195 3196 3197 3198 3199 3200
                                int *do_copy)
{
    simple_ssl_session *sess;
    *do_copy = 0;
    for (sess = first; sess; sess = sess->next) {
        if (idlen == (int)sess->idlen && !memcmp(sess->id, id, idlen)) {
            const unsigned char *p = sess->der;
            BIO_printf(bio_err, "Lookup session: cache hit\n");
            return d2i_SSL_SESSION(NULL, &p, sess->derlen);
        }
    }
    BIO_printf(bio_err, "Lookup session: cache miss\n");
    return NULL;
}
3201 3202

static void del_session(SSL_CTX *sctx, SSL_SESSION *session)
3203 3204 3205 3206 3207 3208 3209 3210 3211 3212 3213 3214 3215 3216 3217 3218 3219 3220 3221
{
    simple_ssl_session *sess, *prev = NULL;
    const unsigned char *id;
    unsigned int idlen;
    id = SSL_SESSION_get_id(session, &idlen);
    for (sess = first; sess; sess = sess->next) {
        if (idlen == sess->idlen && !memcmp(sess->id, id, idlen)) {
            if (prev)
                prev->next = sess->next;
            else
                first = sess->next;
            OPENSSL_free(sess->id);
            OPENSSL_free(sess->der);
            OPENSSL_free(sess);
            return;
        }
        prev = sess;
    }
}
3222 3223

static void init_session_cache_ctx(SSL_CTX *sctx)
3224 3225 3226 3227 3228 3229 3230 3231
{
    SSL_CTX_set_session_cache_mode(sctx,
                                   SSL_SESS_CACHE_NO_INTERNAL |
                                   SSL_SESS_CACHE_SERVER);
    SSL_CTX_sess_set_new_cb(sctx, add_session);
    SSL_CTX_sess_set_get_cb(sctx, get_session);
    SSL_CTX_sess_set_remove_cb(sctx, del_session);
}
3232 3233

static void free_sessions(void)
3234 3235 3236 3237 3238 3239 3240 3241 3242 3243 3244
{
    simple_ssl_session *sess, *tsess;
    for (sess = first; sess;) {
        OPENSSL_free(sess->id);
        OPENSSL_free(sess->der);
        tsess = sess;
        sess = sess->next;
        OPENSSL_free(tsess);
    }
    first = NULL;
}