int
tls_configure_ssl(struct tls *ctx)
{
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
if (ctx->config->ciphers != NULL) {
if (SSL_CTX_set_cipher_list(ctx->ssl_ctx,
ctx->config->ciphers) != 1) {
tls_set_error(ctx, "failed to set ciphers");
goto err;
}
}
return (0);
err:
return (-1);
}
int
tls_configure_ssl(struct tls *ctx)
{
SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
if (ctx->config->ciphers != NULL) {
if (SSL_CTX_set_cipher_list(ctx->ssl_ctx,
ctx->config->ciphers) != 1) {
tls_set_errorx(ctx, "failed to set ciphers");
goto err;
}
}
SSL_CTX_set_info_callback(ctx->ssl_ctx, tls_info_callback);
return (0);
err:
return (-1);
}
int ourfa_ssl_ctx_set_ssl_type(ourfa_ssl_ctx_t *ssl_ctx, unsigned ssl_type)
{
const char *cipher_list = "ADH-RC4-MD5";
assert(ssl_ctx);
if (ssl_ctx->ssl_type == ssl_type)
return OURFA_OK;
switch (ssl_type) {
case OURFA_SSL_TYPE_NONE:
/* XXX */
SSL_CTX_set_options(ssl_ctx->ssl_ctx, SSL_OP_NO_TLSv1 | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
break;
case OURFA_SSL_TYPE_TLS1:
SSL_CTX_set_options(ssl_ctx->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
#ifdef SSL_CTRL_CLEAR_OPTIONS
SSL_CTX_clear_options(ssl_ctx->ssl_ctx, SSL_OP_NO_TLSv1);
#endif
break;
case OURFA_SSL_TYPE_SSL3:
SSL_CTX_set_options(ssl_ctx->ssl_ctx, SSL_OP_NO_TLSv1 | SSL_OP_NO_SSLv2);
#ifdef SSL_CTRL_CLEAR_OPTIONS
SSL_CTX_clear_options(ssl_ctx->ssl_ctx, SSL_OP_NO_SSLv3);
#endif
break;
case OURFA_SSL_TYPE_RSA_CRT:
SSL_CTX_set_options(ssl_ctx->ssl_ctx, SSL_OP_NO_TLSv1 | SSL_OP_NO_SSLv2);
#ifdef SSL_CTRL_CLEAR_OPTIONS
SSL_CTX_clear_options(ssl_ctx->ssl_ctx, SSL_OP_NO_SSLv3);
#endif
cipher_list = "RC4-MD5";
break;
case OURFA_SSL_TYPE_CRT:
/* XXX: Cert, key required */
SSL_CTX_set_options(ssl_ctx->ssl_ctx, SSL_OP_NO_TLSv1 | SSL_OP_NO_SSLv2);
#ifdef SSL_CTRL_CLEAR_OPTIONS
SSL_CTX_clear_options(ssl_ctx->ssl_ctx, SSL_OP_NO_SSLv3);
#endif
break;
default:
return ssl_ctx->printf_err(OURFA_ERROR_WRONG_SSL_TYPE, ssl_ctx->err_ctx,
"Unknown requested SSL type 0x%x", ssl_type);
} /* switch (ssl_type) */
ssl_ctx->ssl_type = ssl_type;
if ((ssl_type != OURFA_SSL_TYPE_NONE)
&& SSL_CTX_set_cipher_list(ssl_ctx->ssl_ctx, cipher_list) == 0) {
return ssl_ctx->printf_err(OURFA_ERROR_WRONG_CLIENT_CERTIFICATE, ssl_ctx->err_ctx,
"SSL_CTX_set_cipher_list(""%s"") Failed",
cipher_list);
}
return OURFA_OK;
}
int
tls_configure_ssl(struct tls *ctx, SSL_CTX *ssl_ctx)
{
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_1);
SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_2);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0) == 0)
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1) == 0)
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0)
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_2);
if (ctx->config->alpn != NULL) {
if (SSL_CTX_set_alpn_protos(ssl_ctx, ctx->config->alpn,
ctx->config->alpn_len) != 0) {
tls_set_errorx(ctx, "failed to set alpn");
goto err;
}
}
if (ctx->config->ciphers != NULL) {
if (SSL_CTX_set_cipher_list(ssl_ctx,
ctx->config->ciphers) != 1) {
tls_set_errorx(ctx, "failed to set ciphers");
goto err;
}
}
if (ctx->config->verify_time == 0) {
X509_VERIFY_PARAM_set_flags(ssl_ctx->param,
X509_V_FLAG_NO_CHECK_TIME);
}
/* Disable any form of session caching by default */
SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_OFF);
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET);
return (0);
err:
return (-1);
}
/* Initializes an Nsock pool to create SSL connections. This sets an internal
* SSL_CTX, which is like a template that sets options for all connections that
* are made from it. The connections made from this context will use only secure
* ciphers but no server certificate verification is done. Returns the SSL_CTX
* so you can set your own options. */
nsock_ssl_ctx nsock_pool_ssl_init(nsock_pool ms_pool, int flags) {
struct npool *ms = (struct npool *)ms_pool;
char rndbuf[128];
if (ms->sslctx == NULL)
ms->sslctx = ssl_init_common();
/* Get_random_bytes may or may not provide high-quality randomness. Add it to
* the entropy pool without increasing the entropy estimate (third argument of
* RAND_add is 0). We rely on OpenSSL's entropy gathering, called implicitly
* by RAND_status, to give us what we need, or else bail out if it fails. */
get_random_bytes(rndbuf, sizeof(rndbuf));
RAND_add(rndbuf, sizeof(rndbuf), 0);
if (!(flags & NSOCK_SSL_MAX_SPEED)) {
if (!RAND_status())
fatal("%s: Failed to seed OpenSSL PRNG"
" (RAND_status returned false).", __func__);
}
/* SSL_OP_ALL sets bug-compatibility for pretty much everything.
* SSL_OP_NO_SSLv2 disables the less-secure SSLv2 while allowing us to use the
* SSLv2-compatible SSLv23_client_method. */
SSL_CTX_set_verify(ms->sslctx, SSL_VERIFY_NONE, NULL);
SSL_CTX_clear_options(ms->sslctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ms->sslctx, flags & NSOCK_SSL_MAX_SPEED ?
SSL_OP_ALL : SSL_OP_ALL|SSL_OP_NO_SSLv2);
if (!SSL_CTX_set_cipher_list(ms->sslctx, flags & NSOCK_SSL_MAX_SPEED ?
CIPHERS_FAST : CIPHERS_SECURE))
fatal("Unable to set OpenSSL cipher list: %s",
ERR_error_string(ERR_get_error(), NULL));
return ms->sslctx;
}
void OnReload(Configuration::Conf *conf) override
{
Configuration::Block *config = conf->GetModule(this);
this->certfile = config->Get<Anope::string>("cert", "data/anope.crt");
this->keyfile = config->Get<Anope::string>("key", "data/anope.key");
if (Anope::IsFile(this->certfile.c_str()))
{
if (!SSL_CTX_use_certificate_file(client_ctx, this->certfile.c_str(), SSL_FILETYPE_PEM) || !SSL_CTX_use_certificate_file(server_ctx, this->certfile.c_str(), SSL_FILETYPE_PEM))
throw ConfigException("Error loading certificate");
else
Log(LOG_DEBUG) << "m_ssl_openssl: Successfully loaded certificate " << this->certfile;
}
else
Log() << "Unable to open certificate " << this->certfile;
if (Anope::IsFile(this->keyfile.c_str()))
{
if (!SSL_CTX_use_PrivateKey_file(client_ctx, this->keyfile.c_str(), SSL_FILETYPE_PEM) || !SSL_CTX_use_PrivateKey_file(server_ctx, this->keyfile.c_str(), SSL_FILETYPE_PEM))
throw ConfigException("Error loading private key");
else
Log(LOG_DEBUG) << "m_ssl_openssl: Successfully loaded private key " << this->keyfile;
}
else
{
if (Anope::IsFile(this->certfile.c_str()))
throw ConfigException("Error loading private key " + this->keyfile + " - file not found");
else
Log() << "Unable to open private key " << this->keyfile;
}
// Allow disabling SSLv3
if (!config->Get<Anope::string>("sslv3").empty())
{
if (config->Get<bool>("sslv3"))
{
SSL_CTX_clear_options(client_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_clear_options(server_ctx, SSL_OP_NO_SSLv3);
}
else
{
SSL_CTX_set_options(client_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_set_options(server_ctx, SSL_OP_NO_SSLv3);
}
}
}
int amqp_ssl_socket_set_ssl_versions(amqp_socket_t *base,
amqp_tls_version_t min,
amqp_tls_version_t max) {
struct amqp_ssl_socket_t *self;
if (base->klass != &amqp_ssl_socket_class) {
amqp_abort("<%p> is not of type amqp_ssl_socket_t", base);
}
self = (struct amqp_ssl_socket_t *)base;
{
long clear_options;
long set_options = 0;
#if defined(SSL_OP_NO_TLSv1_2)
amqp_tls_version_t max_supported = AMQP_TLSv1_2;
clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2;
#elif defined(SSL_OP_NO_TLSv1_1)
amqp_tls_version_t max_supported = AMQP_TLSv1_1;
clear_options = SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1;
#elif defined(SSL_OP_NO_TLSv1)
amqp_tls_version_t max_supported = AMQP_TLSv1;
clear_options = SSL_OP_NO_TLSv1;
#else
# error "Need a version of OpenSSL that can support TLSv1 or greater."
#endif
if (AMQP_TLSvLATEST == max) {
max = max_supported;
}
if (AMQP_TLSvLATEST == min) {
min = max_supported;
}
if (min > max) {
return AMQP_STATUS_INVALID_PARAMETER;
}
if (max > max_supported || min > max_supported) {
return AMQP_STATUS_UNSUPPORTED;
}
if (min > AMQP_TLSv1) {
set_options |= SSL_OP_NO_TLSv1;
}
#ifdef SSL_OP_NO_TLSv1_1
if (min > AMQP_TLSv1_1 || max < AMQP_TLSv1_1) {
set_options |= SSL_OP_NO_TLSv1_1;
}
#endif
#ifdef SSL_OP_NO_TLSv1_2
if (max < AMQP_TLSv1_2) {
set_options |= SSL_OP_NO_TLSv1_2;
}
#endif
SSL_CTX_clear_options(self->ctx, clear_options);
SSL_CTX_set_options(self->ctx, set_options);
}
return AMQP_STATUS_OK;
}
/* OpenSSL < 0.9.8m does not have SSL_CTX_clear_options() */
long HsOpenSSL_SSL_CTX_clear_options(SSL_CTX* ctx, long options) {
#if defined(SSL_CTX_clear_options)
return SSL_CTX_clear_options(ctx, options);
#else
long tmp = SSL_CTX_get_options(ctx);
return SSL_CTX_set_options(ctx, tmp & ~options);
#endif
}
int
tls_configure_ssl(struct tls *ctx)
{
SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
if (ctx->config->ciphers != NULL) {
if (SSL_CTX_set_cipher_list(ctx->ssl_ctx,
ctx->config->ciphers) != 1) {
tls_set_errorx(ctx, "failed to set ciphers");
goto err;
}
}
SSL_CTX_set_info_callback(ctx->ssl_ctx, tls_info_callback);
#ifdef X509_V_FLAG_NO_CHECK_TIME
if (ctx->config->verify_time == 0) {
X509_VERIFY_PARAM *vfp = SSL_CTX_get0_param(ctx->ssl_ctx);
X509_VERIFY_PARAM_set_flags(vfp, X509_V_FLAG_NO_CHECK_TIME);
}
#endif
return (0);
err:
return (-1);
}
static int openssl_ssl_ctx_options(lua_State*L)
{
SSL_CTX* ctx = CHECK_OBJECT(1, SSL_CTX, "openssl.ssl_ctx");
long options = 0;
int ret;
int i;
if (!lua_isnoneornil(L, 2))
{
int top = lua_gettop(L);
int clear = lua_isboolean(L, 2) ? lua_toboolean(L, 2) : 0;
i = lua_isboolean(L, 2) ? 3 : 2;
for (; i <= top; i++)
{
if (lua_isnumber(L, i))
options |= (long)luaL_checkinteger(L, i);
else
{
const char* s = luaL_checkstring(L, i);
int j;
for (j = 0; ssl_options[j].name; j++)
{
LuaL_Enum e = ssl_options[j];
if (strcasecmp(s, e.name))
{
options |= e.val;
break;
}
}
}
}
if (clear != 0)
options = SSL_CTX_clear_options(ctx, options);
else
options = SSL_CTX_set_options(ctx, options);
}
else
options = SSL_CTX_get_options(ctx);
lua_newtable(L);
ret = 0;
for (i = 0; ssl_options[i].name; i++)
{
LuaL_Enum e = ssl_options[i];
if (options && e.val)
{
lua_pushstring(L, e.name);
ret++;
lua_rawseti(L, -2, ret);
}
}
return 1;
}
static void tls_init_options(void)
{
static int passes;
# ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
SSL_CTX_set_options(tls_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
# endif
# ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
SSL_CTX_set_options(tls_ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
# endif
SSL_CTX_set_options(tls_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(tls_ctx, SSL_OP_NO_SSLv3);
# ifdef SSL_OP_NO_TLSv1
SSL_CTX_set_options(tls_ctx, SSL_OP_NO_TLSv1);
# endif
# ifdef SSL_OP_NO_TLSv1_1
SSL_CTX_set_options(tls_ctx, SSL_OP_NO_TLSv1_1);
# endif
# ifdef SSL_OP_NO_TLSv1_2
SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_2);
# endif
# ifdef SSL_OP_NO_TLSv1_3
SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_3);
# endif
if (tlsciphersuite != NULL) {
if (SSL_CTX_set_cipher_list(tls_ctx, tlsciphersuite) != 1) {
logfile(LOG_ERR, MSG_TLS_CIPHER_FAILED, tlsciphersuite);
_EXIT(EXIT_FAILURE);
}
}
SSL_CTX_set_info_callback(tls_ctx, ssl_info_cb);
if (passes == 0) {
SSL_CTX_set_tlsext_servername_callback(tls_ctx, ssl_servername_cb);
passes++;
}
SSL_CTX_set_verify_depth(tls_ctx, MAX_CERTIFICATE_DEPTH);
}
long SSL_CTX_clear_options_shim(SSL_CTX *ctx, long options) {
return SSL_CTX_clear_options(ctx, options);
}
boost::asio::ssl::context ssl_options_t::create_context() const
{
boost::asio::ssl::context ssl_context{boost::asio::ssl::context::tlsv12};
if (!bool(*this))
return ssl_context;
// only allow tls v1.2 and up
ssl_context.set_options(boost::asio::ssl::context::default_workarounds);
ssl_context.set_options(boost::asio::ssl::context::no_sslv2);
ssl_context.set_options(boost::asio::ssl::context::no_sslv3);
ssl_context.set_options(boost::asio::ssl::context::no_tlsv1);
ssl_context.set_options(boost::asio::ssl::context::no_tlsv1_1);
// only allow a select handful of tls v1.3 and v1.2 ciphers to be used
SSL_CTX_set_cipher_list(ssl_context.native_handle(), "ECDHE-ECDSA-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256");
// set options on the SSL context for added security
SSL_CTX *ctx = ssl_context.native_handle();
CHECK_AND_ASSERT_THROW_MES(ctx, "Failed to get SSL context");
SSL_CTX_clear_options(ctx, SSL_OP_LEGACY_SERVER_CONNECT); // SSL_CTX_SET_OPTIONS(3)
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); // https://stackoverflow.com/questions/22378442
#ifdef SSL_OP_NO_TICKET
SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET); // https://stackoverflow.com/questions/22378442
#endif
#ifdef SSL_OP_NO_RENEGOTIATION
SSL_CTX_set_options(ctx, SSL_OP_NO_RENEGOTIATION);
#endif
#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
#endif
#ifdef SSL_OP_NO_COMPRESSION
SSL_CTX_set_options(ctx, SSL_OP_NO_COMPRESSION);
#endif
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
#endif
SSL_CTX_set_ecdh_auto(ctx, 1);
switch (verification)
{
case ssl_verification_t::system_ca:
ssl_context.set_default_verify_paths();
break;
case ssl_verification_t::user_certificates:
ssl_context.set_verify_depth(0);
/* fallthrough */
case ssl_verification_t::user_ca:
if (!ca_path.empty())
{
const boost::system::error_code err = load_ca_file(ssl_context, ca_path);
if (err)
throw boost::system::system_error{err, "Failed to load user CA file at " + ca_path};
}
break;
default:
break;
}
CHECK_AND_ASSERT_THROW_MES(auth.private_key_path.empty() == auth.certificate_path.empty(), "private key and certificate must be either both given or both empty");
if (auth.private_key_path.empty())
{
EVP_PKEY *pkey;
X509 *cert;
bool ok = false;
#ifdef USE_EXTRA_EC_CERT
CHECK_AND_ASSERT_THROW_MES(create_ec_ssl_certificate(pkey, cert, NID_secp256k1), "Failed to create certificate");
CHECK_AND_ASSERT_THROW_MES(SSL_CTX_use_certificate(ctx, cert), "Failed to use generated certificate");
if (!SSL_CTX_use_PrivateKey(ctx, pkey))
MERROR("Failed to use generated EC private key for " << NID_secp256k1);
else
ok = true;
X509_free(cert);
EVP_PKEY_free(pkey);
#endif
CHECK_AND_ASSERT_THROW_MES(create_rsa_ssl_certificate(pkey, cert), "Failed to create certificate");
CHECK_AND_ASSERT_THROW_MES(SSL_CTX_use_certificate(ctx, cert), "Failed to use generated certificate");
if (!SSL_CTX_use_PrivateKey(ctx, pkey))
MERROR("Failed to use generated RSA private key for RSA");
else
ok = true;
X509_free(cert);
EVP_PKEY_free(pkey);
CHECK_AND_ASSERT_THROW_MES(ok, "Failed to use any generated certificate");
}
else
auth.use_ssl_certificate(ssl_context);
return ssl_context;
}
/*
Open the SSL module
*/
PUBLIC int sslOpen()
{
RandBuf randBuf;
X509_STORE *store;
uchar resume[16];
char *ciphers;
trace(7, "Initializing SSL");
randBuf.now = time(0);
randBuf.pid = getpid();
RAND_seed((void*) &randBuf, sizeof(randBuf));
#if ME_UNIX_LIKE
trace(6, "OpenSsl: Before calling RAND_load_file");
RAND_load_file("/dev/urandom", 256);
trace(6, "OpenSsl: After calling RAND_load_file");
#endif
CRYPTO_malloc_init();
#if !ME_WIN_LIKE
OpenSSL_add_all_algorithms();
#endif
SSL_library_init();
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
if ((sslctx = SSL_CTX_new(SSLv23_server_method())) == 0) {
error("Unable to create SSL context");
return -1;
}
/*
Set the server certificate and key files
*/
if (*ME_GOAHEAD_SSL_KEY && sslSetKeyFile(ME_GOAHEAD_SSL_KEY) < 0) {
sslClose();
return -1;
}
if (*ME_GOAHEAD_SSL_CERTIFICATE && sslSetCertFile(ME_GOAHEAD_SSL_CERTIFICATE) < 0) {
sslClose();
return -1;
}
if (ME_GOAHEAD_SSL_VERIFY_PEER) {
SSL_CTX_set_verify(sslctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verifyClientCertificate);
SSL_CTX_set_verify_depth(sslctx, VERIFY_DEPTH);
} else {
SSL_CTX_set_verify(sslctx, SSL_VERIFY_NONE, verifyClientCertificate);
}
/*
Set the client certificate verification locations
*/
if (ME_GOAHEAD_SSL_AUTHORITY && *ME_GOAHEAD_SSL_AUTHORITY) {
if ((!SSL_CTX_load_verify_locations(sslctx, ME_GOAHEAD_SSL_AUTHORITY, NULL)) ||
(!SSL_CTX_set_default_verify_paths(sslctx))) {
error("Unable to read cert verification locations");
sslClose();
return -1;
}
/*
Define the list of CA certificates to send to the client before they send their client
certificate for validation
*/
SSL_CTX_set_client_CA_list(sslctx, SSL_load_client_CA_file(ME_GOAHEAD_SSL_AUTHORITY));
}
if (ME_GOAHEAD_SSL_REVOKE && *ME_GOAHEAD_SSL_REVOKE) {
store = SSL_CTX_get_cert_store(sslctx);
if (!X509_STORE_load_locations(store, ME_GOAHEAD_SSL_REVOKE, 0)) {
error("Cannot load certificate revoke list: %s", ME_GOAHEAD_SSL_REVOKE);
sslClose();
return -1;
}
}
/*
Configure DH parameters
*/
dhKey = getDhKey();
SSL_CTX_set_tmp_dh_callback(sslctx, dhcallback);
/*
Configure cipher suite
*/
if (ME_GOAHEAD_SSL_CIPHERS && *ME_GOAHEAD_SSL_CIPHERS) {
ciphers = ME_GOAHEAD_SSL_CIPHERS;
} else {
ciphers = OPENSSL_DEFAULT_CIPHERS;
}
ciphers = mapCipherNames(ciphers);
trace(5, "Using OpenSSL ciphers: %s", ciphers);
if (SSL_CTX_set_cipher_list(sslctx, ciphers) != 1) {
error("Unable to set cipher list \"%s\"", ciphers);
sslClose();
wfree(ciphers);
return -1;
}
wfree(ciphers);
/*
Define default OpenSSL options
*/
SSL_CTX_set_options(sslctx, SSL_OP_ALL);
/*
Ensure we generate a new private key for each connection
*/
SSL_CTX_set_options(sslctx, SSL_OP_SINGLE_DH_USE);
/*
Define a session reuse context
*/
RAND_bytes(resume, sizeof(resume));
SSL_CTX_set_session_id_context(sslctx, resume, sizeof(resume));
/*
Elliptic Curve initialization
*/
#if SSL_OP_SINGLE_ECDH_USE
#ifdef SSL_CTX_set_ecdh_auto
SSL_CTX_set_ecdh_auto(sslctx, 1);
#else
{
EC_KEY *ecdh;
cchar *name;
int nid;
name = ME_GOAHEAD_SSL_CURVE;
if ((nid = OBJ_sn2nid(name)) == 0) {
error("Unknown curve name \"%s\"", name);
sslClose();
return -1;
}
if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0) {
error("Unable to create curve \"%s\"", name);
sslClose();
return -1;
}
SSL_CTX_set_options(sslctx, SSL_OP_SINGLE_ECDH_USE);
SSL_CTX_set_tmp_ecdh(sslctx, ecdh);
EC_KEY_free(ecdh);
}
#endif
#endif
SSL_CTX_set_mode(sslctx, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
SSL_CTX_set_options(sslctx, SSL_OP_MSIE_SSLV2_RSA_PADDING);
#endif
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(sslctx, SSL_MODE_RELEASE_BUFFERS);
#endif
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
SSL_CTX_set_mode(sslctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
#endif
/*
Select the required protocols
Disable both SSLv2 and SSLv3 by default - they are insecure
*/
SSL_CTX_set_options(sslctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(sslctx, SSL_OP_NO_SSLv3);
#if defined(SSL_OP_NO_TLSv1) && ME_GOAHEAD_SSL_NO_V1
SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1);
#endif
#if defined(SSL_OP_NO_TLSv1_1) && ME_GOAHEAD_SSL_NO_V1_1
SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1_1);
#endif
#if defined(SSL_OP_NO_TLSv1_2) && ME_GOAHEAD_SSL_NO_V1_2
SSL_CTX_set_options(sslctx, SSL_OP_NO_TLSv1_2);
#endif
#if defined(SSL_OP_NO_TICKET)
/*
Ticket based session reuse is enabled by default
*/
#if defined(ME_GOAHEAD_SSL_TICKET)
if (ME_GOAHEAD_SSL_TICKET) {
SSL_CTX_clear_options(sslctx, SSL_OP_NO_TICKET);
} else {
SSL_CTX_set_options(sslctx, SSL_OP_NO_TICKET);
}
#else
SSL_CTX_clear_options(sslctx, SSL_OP_NO_TICKET);
#endif
#endif
#if defined(SSL_OP_NO_COMPRESSION)
/*
CRIME attack targets compression
*/
SSL_CTX_clear_options(sslctx, SSL_OP_NO_COMPRESSION);
#endif
#if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
/*
Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers.
Defaults to true.
*/
#if defined(ME_GOAHEAD_SSL_EMPTY_FRAGMENTS)
if (ME_GOAHEAD_SSL_EMPTY_FRAGMENTS) {
/* SSL_OP_ALL disables empty fragments. Only needed for ancient browsers like IE-6 on SSL-3.0/TLS-1.0 */
SSL_CTX_clear_options(sslctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
} else {
SSL_CTX_set_options(sslctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
}
#else
SSL_CTX_set_options(sslctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
#endif
#endif
#if defined(ME_GOAHEAD_SSL_CACHE)
/*
Set the number of sessions supported. Default in OpenSSL is 20K.
*/
SSL_CTX_sess_set_cache_size(sslctx, ME_GOAHEAD_SSL_CACHE);
#else
SSL_CTX_sess_set_cache_size(sslctx, 256);
#endif
return 0;
}
LWS_VISIBLE int
lws_context_init_server_ssl(struct lws_context_creation_info *info,
struct lws_vhost *vhost)
{
struct lws_context *context = vhost->context;
struct lws wsi;
unsigned long error;
int n;
if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) {
vhost->use_ssl = 0;
return 0;
}
/*
* If he is giving a cert filepath, take it as a sign he wants to use
* it on this vhost. User code can leave the cert filepath NULL and
* set the LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX option itself, in
* which case he's expected to set up the cert himself at
* LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which
* provides the vhost SSL_CTX * in the user parameter.
*/
if (info->ssl_cert_filepath)
info->options |= LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX;
if (info->port != CONTEXT_PORT_NO_LISTEN) {
vhost->use_ssl = lws_check_opt(info->options,
LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX);
if (vhost->use_ssl && info->ssl_cipher_list)
lwsl_notice(" SSL ciphers: '%s'\n", info->ssl_cipher_list);
if (vhost->use_ssl)
lwsl_notice(" Using SSL mode\n");
else
lwsl_notice(" Using non-SSL mode\n");
}
/*
* give him a fake wsi with context + vhost set, so he can use
* lws_get_context() in the callback
*/
memset(&wsi, 0, sizeof(wsi));
wsi.vhost = vhost;
wsi.context = context;
(void)n;
(void)error;
/*
* Firefox insists on SSLv23 not SSLv3
* Konq disables SSLv2 by default now, SSLv23 works
*
* SSLv23_server_method() is the openssl method for "allow all TLS
* versions", compared to e.g. TLSv1_2_server_method() which only allows
* tlsv1.2. Unwanted versions must be disabled using SSL_CTX_set_options()
*/
#if !defined(LWS_WITH_MBEDTLS)
{
SSL_METHOD *method;
method = (SSL_METHOD *)SSLv23_server_method();
if (!method) {
error = ERR_get_error();
lwsl_err("problem creating ssl method %lu: %s\n",
error, ERR_error_string(error,
(char *)context->pt[0].serv_buf));
return 1;
}
vhost->ssl_ctx = SSL_CTX_new(method); /* create context */
if (!vhost->ssl_ctx) {
error = ERR_get_error();
lwsl_err("problem creating ssl context %lu: %s\n",
error, ERR_error_string(error,
(char *)context->pt[0].serv_buf));
return 1;
}
}
#else
{
const SSL_METHOD *method = TLSv1_2_server_method();
vhost->ssl_ctx = SSL_CTX_new(method); /* create context */
if (!vhost->ssl_ctx) {
lwsl_err("problem creating ssl context\n");
return 1;
}
}
#endif
#if !defined(LWS_WITH_MBEDTLS)
/* associate the lws context with the SSL_CTX */
SSL_CTX_set_ex_data(vhost->ssl_ctx,
openssl_SSL_CTX_private_data_index, (char *)vhost->context);
/* Disable SSLv2 and SSLv3 */
SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
#ifdef SSL_OP_NO_COMPRESSION
SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_NO_COMPRESSION);
#endif
SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
if (info->ssl_cipher_list)
SSL_CTX_set_cipher_list(vhost->ssl_ctx,
info->ssl_cipher_list);
#endif
/* as a server, are we requiring clients to identify themselves? */
if (lws_check_opt(info->options,
LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT)) {
int verify_options = SSL_VERIFY_PEER;
if (!lws_check_opt(info->options,
LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED))
verify_options |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
#if !defined(LWS_WITH_MBEDTLS)
SSL_CTX_set_session_id_context(vhost->ssl_ctx,
(unsigned char *)context, sizeof(void *));
/* absolutely require the client cert */
SSL_CTX_set_verify(vhost->ssl_ctx,
verify_options, OpenSSL_verify_callback);
#endif
}
#if !defined(LWS_WITH_MBEDTLS) && !defined(OPENSSL_NO_TLSEXT)
SSL_CTX_set_tlsext_servername_callback(vhost->ssl_ctx,
lws_ssl_server_name_cb);
SSL_CTX_set_tlsext_servername_arg(vhost->ssl_ctx, context);
#endif
/*
* give user code a chance to load certs into the server
* allowing it to verify incoming client certs
*/
#if !defined(LWS_WITH_MBEDTLS)
if (info->ssl_ca_filepath &&
!SSL_CTX_load_verify_locations(vhost->ssl_ctx,
info->ssl_ca_filepath, NULL)) {
lwsl_err("%s: SSL_CTX_load_verify_locations unhappy\n", __func__);
}
#endif
if (vhost->use_ssl) {
if (lws_context_ssl_init_ecdh_curve(info, vhost))
return -1;
vhost->protocols[0].callback(&wsi,
LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS,
vhost->ssl_ctx, NULL, 0);
}
if (lws_check_opt(info->options, LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT))
/* Normally SSL listener rejects non-ssl, optionally allow */
vhost->allow_non_ssl_on_ssl_port = 1;
if (info->ssl_options_set)
SSL_CTX_set_options(vhost->ssl_ctx, info->ssl_options_set);
/* SSL_clear_options introduced in 0.9.8m */
#if !defined(LWS_WITH_MBEDTLS)
#if (OPENSSL_VERSION_NUMBER >= 0x009080df) && !defined(USE_WOLFSSL)
if (info->ssl_options_clear)
SSL_CTX_clear_options(vhost->ssl_ctx, info->ssl_options_clear);
#endif
#endif
lwsl_info(" SSL options 0x%lX\n", SSL_CTX_get_options(vhost->ssl_ctx));
if (vhost->use_ssl && info->ssl_cert_filepath) {
/*
* The user code can choose to either pass the cert and
* key filepaths using the info members like this, or it can
* leave them NULL; force the vhost SSL_CTX init using the info
* options flag LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; and
* set up the cert himself using the user callback
* LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which
* happened just above and has the vhost SSL_CTX * in the user
* parameter.
*/
#if !defined(LWS_WITH_MBEDTLS)
/* set the local certificate from CertFile */
n = SSL_CTX_use_certificate_chain_file(vhost->ssl_ctx,
info->ssl_cert_filepath);
if (n != 1) {
error = ERR_get_error();
lwsl_err("problem getting cert '%s' %lu: %s\n",
info->ssl_cert_filepath,
error,
ERR_error_string(error,
(char *)context->pt[0].serv_buf));
return 1;
}
lws_ssl_bind_passphrase(vhost->ssl_ctx, info);
#else
uint8_t *p;
lws_filepos_t flen;
int err;
if (alloc_pem_to_der_file(vhost->context, info->ssl_cert_filepath, &p,
&flen)) {
lwsl_err("couldn't find cert file %s\n",
info->ssl_cert_filepath);
return 1;
}
err = SSL_CTX_use_certificate_ASN1(vhost->ssl_ctx, flen, p);
if (!err) {
lwsl_err("Problem loading cert\n");
return 1;
}
#if !defined(LWS_WITH_ESP32)
free(p);
p = NULL;
#endif
if (info->ssl_private_key_filepath) {
if (alloc_pem_to_der_file(vhost->context,
info->ssl_private_key_filepath, &p, &flen)) {
lwsl_err("couldn't find cert file %s\n",
info->ssl_cert_filepath);
return 1;
}
err = SSL_CTX_use_PrivateKey_ASN1(0, vhost->ssl_ctx, p, flen);
if (!err) {
lwsl_err("Problem loading key\n");
return 1;
}
}
#if !defined(LWS_WITH_ESP32)
free(p);
p = NULL;
#endif
#endif
if (info->ssl_private_key_filepath != NULL) {
#if !defined(LWS_WITH_MBEDTLS)
/* set the private key from KeyFile */
if (SSL_CTX_use_PrivateKey_file(vhost->ssl_ctx,
info->ssl_private_key_filepath,
SSL_FILETYPE_PEM) != 1) {
error = ERR_get_error();
lwsl_err("ssl problem getting key '%s' %lu: %s\n",
info->ssl_private_key_filepath, error,
ERR_error_string(error,
(char *)context->pt[0].serv_buf));
return 1;
}
#endif
} else
if (vhost->protocols[0].callback(&wsi,
LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY,
vhost->ssl_ctx, NULL, 0)) {
lwsl_err("ssl private key not set\n");
return 1;
}
#if !defined(LWS_WITH_MBEDTLS)
/* verify private key */
if (!SSL_CTX_check_private_key(vhost->ssl_ctx)) {
lwsl_err("Private SSL key doesn't match cert\n");
return 1;
}
#endif
}
if (vhost->use_ssl) {
if (lws_context_ssl_init_ecdh(vhost))
return 1;
/*
* SSL is happy and has a cert it's content with
* If we're supporting HTTP2, initialize that
*/
lws_context_init_http2_ssl(vhost);
}
return 0;
}
int MAIN(int argc, char **argv)
{
int off=0, clr = 0;
SSL *con=NULL,*con2=NULL;
X509_STORE *store = NULL;
int s,k,width,state=0;
char *cbuf=NULL,*sbuf=NULL,*mbuf=NULL;
int cbuf_len,cbuf_off;
int sbuf_len,sbuf_off;
fd_set readfds,writefds;
short port=PORT;
int full_log=1;
char *host=SSL_HOST_NAME;
char *cert_file=NULL,*key_file=NULL;
int cert_format = FORMAT_PEM, key_format = FORMAT_PEM;
char *passarg = NULL, *pass = NULL;
X509 *cert = NULL;
EVP_PKEY *key = NULL;
char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
int cutthrough=0;
int crlf=0;
int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
SSL_CTX *ctx=NULL;
int ret=1,in_init=1,i,nbio_test=0;
int starttls_proto = PROTO_OFF;
int prexit = 0, vflags = 0;
SSL_METHOD *meth=NULL;
#ifdef sock_type
#undef sock_type
#endif
int sock_type=SOCK_STREAM;
BIO *sbio;
char *inrand=NULL;
int mbuf_len=0;
struct timeval timeout, *timeoutp;
#ifndef OPENSSL_NO_ENGINE
char *engine_id=NULL;
char *ssl_client_engine_id=NULL;
ENGINE *ssl_client_engine=NULL;
#endif
ENGINE *e=NULL;
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
struct timeval tv;
#endif
#ifndef OPENSSL_NO_TLSEXT
char *servername = NULL;
tlsextctx tlsextcbp =
{NULL,0};
#endif
char *sess_in = NULL;
char *sess_out = NULL;
struct sockaddr peer;
int peerlen = sizeof(peer);
int enable_timeouts = 0 ;
long socket_mtu = 0;
#ifndef OPENSSL_NO_JPAKE
char *jpake_secret = NULL;
#endif
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_client_method();
#elif !defined(OPENSSL_NO_SSL3)
meth=SSLv3_client_method();
#elif !defined(OPENSSL_NO_SSL2)
meth=SSLv2_client_method();
#endif
apps_startup();
c_Pause=0;
c_quiet=0;
c_ign_eof=0;
c_debug=0;
c_msg=0;
c_showcerts=0;
if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
if ( ((cbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
((sbuf=OPENSSL_malloc(BUFSIZZ)) == NULL) ||
((mbuf=OPENSSL_malloc(BUFSIZZ)) == NULL))
{
BIO_printf(bio_err,"out of memory\n");
goto end;
}
verify_depth=0;
verify_error=X509_V_OK;
#ifdef FIONBIO
c_nbio=0;
#endif
argc--;
argv++;
while (argc >= 1)
{
if (strcmp(*argv,"-host") == 0)
{
if (--argc < 1) goto bad;
host= *(++argv);
}
else if (strcmp(*argv,"-port") == 0)
{
if (--argc < 1) goto bad;
port=atoi(*(++argv));
if (port == 0) goto bad;
}
else if (strcmp(*argv,"-connect") == 0)
{
if (--argc < 1) goto bad;
if (!extract_host_port(*(++argv),&host,NULL,&port))
goto bad;
}
else if (strcmp(*argv,"-verify") == 0)
{
verify=SSL_VERIFY_PEER;
if (--argc < 1) goto bad;
verify_depth=atoi(*(++argv));
BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
}
else if (strcmp(*argv,"-cert") == 0)
{
if (--argc < 1) goto bad;
cert_file= *(++argv);
}
else if (strcmp(*argv,"-sess_out") == 0)
{
if (--argc < 1) goto bad;
sess_out = *(++argv);
}
else if (strcmp(*argv,"-sess_in") == 0)
{
if (--argc < 1) goto bad;
sess_in = *(++argv);
}
else if (strcmp(*argv,"-certform") == 0)
{
if (--argc < 1) goto bad;
cert_format = str2fmt(*(++argv));
}
else if (strcmp(*argv,"-crl_check") == 0)
vflags |= X509_V_FLAG_CRL_CHECK;
else if (strcmp(*argv,"-crl_check_all") == 0)
vflags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL;
else if (strcmp(*argv,"-prexit") == 0)
prexit=1;
else if (strcmp(*argv,"-crlf") == 0)
crlf=1;
else if (strcmp(*argv,"-quiet") == 0)
{
c_quiet=1;
c_ign_eof=1;
}
else if (strcmp(*argv,"-ign_eof") == 0)
c_ign_eof=1;
else if (strcmp(*argv,"-no_ign_eof") == 0)
c_ign_eof=0;
else if (strcmp(*argv,"-pause") == 0)
c_Pause=1;
else if (strcmp(*argv,"-debug") == 0)
c_debug=1;
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv,"-tlsextdebug") == 0)
c_tlsextdebug=1;
else if (strcmp(*argv,"-status") == 0)
c_status_req=1;
#endif
#ifdef WATT32
else if (strcmp(*argv,"-wdebug") == 0)
dbug_init();
#endif
else if (strcmp(*argv,"-msg") == 0)
c_msg=1;
else if (strcmp(*argv,"-showcerts") == 0)
c_showcerts=1;
else if (strcmp(*argv,"-nbio_test") == 0)
nbio_test=1;
else if (strcmp(*argv,"-state") == 0)
state=1;
#ifndef OPENSSL_NO_SSL2
else if (strcmp(*argv,"-ssl2") == 0)
meth=SSLv2_client_method();
#endif
#ifndef OPENSSL_NO_SSL3
else if (strcmp(*argv,"-ssl3") == 0)
meth=SSLv3_client_method();
#endif
#ifndef OPENSSL_NO_TLS1
else if (strcmp(*argv,"-tls1") == 0)
meth=TLSv1_client_method();
#endif
#ifndef OPENSSL_NO_DTLS1
else if (strcmp(*argv,"-dtls1") == 0)
{
meth=DTLSv1_client_method();
sock_type=SOCK_DGRAM;
}
else if (strcmp(*argv,"-timeout") == 0)
enable_timeouts=1;
else if (strcmp(*argv,"-mtu") == 0)
{
if (--argc < 1) goto bad;
socket_mtu = atol(*(++argv));
}
#endif
else if (strcmp(*argv,"-bugs") == 0)
bugs=1;
else if (strcmp(*argv,"-keyform") == 0)
{
if (--argc < 1) goto bad;
key_format = str2fmt(*(++argv));
}
else if (strcmp(*argv,"-pass") == 0)
{
if (--argc < 1) goto bad;
passarg = *(++argv);
}
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
key_file= *(++argv);
}
else if (strcmp(*argv,"-reconnect") == 0)
{
reconnect=5;
}
else if (strcmp(*argv,"-CApath") == 0)
{
if (--argc < 1) goto bad;
CApath= *(++argv);
}
else if (strcmp(*argv,"-CAfile") == 0)
{
if (--argc < 1) goto bad;
CAfile= *(++argv);
}
else if (strcmp(*argv,"-no_tls1") == 0)
off|=SSL_OP_NO_TLSv1;
else if (strcmp(*argv,"-no_ssl3") == 0)
off|=SSL_OP_NO_SSLv3;
else if (strcmp(*argv,"-no_ssl2") == 0)
off|=SSL_OP_NO_SSLv2;
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv,"-no_ticket") == 0)
{ off|=SSL_OP_NO_TICKET; }
#endif
else if (strcmp(*argv,"-cutthrough") == 0)
cutthrough=1;
else if (strcmp(*argv,"-serverpref") == 0)
off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
else if (strcmp(*argv,"-legacy_renegotiation") == 0)
off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
else if (strcmp(*argv,"-legacy_server_connect") == 0)
{ off|=SSL_OP_LEGACY_SERVER_CONNECT; }
else if (strcmp(*argv,"-no_legacy_server_connect") == 0)
{ clr|=SSL_OP_LEGACY_SERVER_CONNECT; }
else if (strcmp(*argv,"-cipher") == 0)
{
if (--argc < 1) goto bad;
cipher= *(++argv);
}
#ifdef FIONBIO
else if (strcmp(*argv,"-nbio") == 0)
{ c_nbio=1; }
#endif
else if (strcmp(*argv,"-starttls") == 0)
{
if (--argc < 1) goto bad;
++argv;
if (strcmp(*argv,"smtp") == 0)
starttls_proto = PROTO_SMTP;
else if (strcmp(*argv,"pop3") == 0)
starttls_proto = PROTO_POP3;
else if (strcmp(*argv,"imap") == 0)
starttls_proto = PROTO_IMAP;
else if (strcmp(*argv,"ftp") == 0)
starttls_proto = PROTO_FTP;
else if (strcmp(*argv, "xmpp") == 0)
starttls_proto = PROTO_XMPP;
else
goto bad;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine_id = *(++argv);
}
else if (strcmp(*argv,"-ssl_client_engine") == 0)
{
if (--argc < 1) goto bad;
ssl_client_engine_id = *(++argv);
}
#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
inrand= *(++argv);
}
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv,"-servername") == 0)
{
if (--argc < 1) goto bad;
servername= *(++argv);
/* meth=TLSv1_client_method(); */
}
#endif
#ifndef OPENSSL_NO_JPAKE
else if (strcmp(*argv,"-jpake") == 0)
{
if (--argc < 1) goto bad;
jpake_secret = *++argv;
}
#endif
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badop=1;
break;
}
argc--;
argv++;
}
if (badop)
{
bad:
sc_usage();
goto end;
}
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
if (ssl_client_engine_id)
{
ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
if (!ssl_client_engine)
{
BIO_printf(bio_err,
"Error getting client auth engine\n");
goto end;
}
}
#endif
if (!app_passwd(bio_err, passarg, NULL, &pass, NULL))
{
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
if (key_file == NULL)
key_file = cert_file;
if (key_file)
{
key = load_key(bio_err, key_file, key_format, 0, pass, e,
"client certificate private key file");
if (!key)
{
ERR_print_errors(bio_err);
goto end;
}
}
if (cert_file)
{
cert = load_cert(bio_err,cert_file,cert_format,
NULL, e, "client certificate file");
if (!cert)
{
ERR_print_errors(bio_err);
goto end;
}
}
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (bio_c_out == NULL)
{
if (c_quiet && !c_debug && !c_msg)
{
bio_c_out=BIO_new(BIO_s_null());
}
else
{
if (bio_c_out == NULL)
bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
}
}
ctx=SSL_CTX_new(meth);
if (ctx == NULL)
{
ERR_print_errors(bio_err);
goto end;
}
#ifndef OPENSSL_NO_ENGINE
if (ssl_client_engine)
{
if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine))
{
BIO_puts(bio_err, "Error setting client auth engine\n");
ERR_print_errors(bio_err);
ENGINE_free(ssl_client_engine);
goto end;
}
ENGINE_free(ssl_client_engine);
}
#endif
if (bugs)
SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
else
SSL_CTX_set_options(ctx,off);
if (clr)
SSL_CTX_clear_options(ctx, clr);
/* DTLS: partial reads end up discarding unread UDP bytes :-(
* Setting read ahead solves this problem.
*/
if (sock_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
/* Enable handshake cutthrough for client connections using
* strong ciphers. */
if (cutthrough)
{
int ssl_mode = SSL_CTX_get_mode(ctx);
ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH;
SSL_CTX_set_mode(ctx, ssl_mode);
}
if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
if (cipher != NULL)
if(!SSL_CTX_set_cipher_list(ctx,cipher)) {
BIO_printf(bio_err,"error setting cipher list\n");
ERR_print_errors(bio_err);
goto end;
}
#if 0
else
SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
#endif
SSL_CTX_set_verify(ctx,verify,verify_callback);
if (!set_cert_key_stuff(ctx,cert,key))
goto end;
if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
(!SSL_CTX_set_default_verify_paths(ctx)))
{
/* BIO_printf(bio_err,"error setting default verify locations\n"); */
ERR_print_errors(bio_err);
/* goto end; */
}
store = SSL_CTX_get_cert_store(ctx);
X509_STORE_set_flags(store, vflags);
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL)
{
tlsextcbp.biodebug = bio_err;
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
}
#endif
con=SSL_new(ctx);
if (sess_in)
{
SSL_SESSION *sess;
BIO *stmp = BIO_new_file(sess_in, "r");
if (!stmp)
{
BIO_printf(bio_err, "Can't open session file %s\n",
sess_in);
ERR_print_errors(bio_err);
goto end;
}
sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL);
BIO_free(stmp);
if (!sess)
{
BIO_printf(bio_err, "Can't open session file %s\n",
sess_in);
ERR_print_errors(bio_err);
goto end;
}
SSL_set_session(con, sess);
SSL_SESSION_free(sess);
}
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL)
{
if (!SSL_set_tlsext_host_name(con,servername))
{
BIO_printf(bio_err,"Unable to set TLS servername extension.\n");
ERR_print_errors(bio_err);
goto end;
}
}
#endif
#ifndef OPENSSL_NO_KRB5
if (con && (con->kssl_ctx = kssl_ctx_new()) != NULL)
{
kssl_ctx_setstring(con->kssl_ctx, KSSL_SERVER, host);
}
#endif /* OPENSSL_NO_KRB5 */
/* SSL_set_cipher_list(con,"RC4-MD5"); */
re_start:
if (init_client(&s,host,port,sock_type) == 0)
{
BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
SHUTDOWN(s);
goto end;
}
BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
#ifdef FIONBIO
if (c_nbio)
{
unsigned long l=1;
BIO_printf(bio_c_out,"turning on non blocking io\n");
if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
{
ERR_print_errors(bio_err);
goto end;
}
}
#endif
if (c_Pause & 0x01) con->debug=1;
if ( SSL_version(con) == DTLS1_VERSION)
{
sbio=BIO_new_dgram(s,BIO_NOCLOSE);
if (getsockname(s, &peer, (void *)&peerlen) < 0)
{
BIO_printf(bio_err, "getsockname:errno=%d\n",
get_last_socket_error());
SHUTDOWN(s);
goto end;
}
(void)BIO_ctrl_set_connected(sbio, 1, &peer);
if ( enable_timeouts)
{
timeout.tv_sec = 0;
timeout.tv_usec = DGRAM_RCV_TIMEOUT;
BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
timeout.tv_sec = 0;
timeout.tv_usec = DGRAM_SND_TIMEOUT;
BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
}
if (socket_mtu > 28)
{
SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
SSL_set_mtu(con, socket_mtu - 28);
}
else
/* want to do MTU discovery */
BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
}
else
sbio=BIO_new_socket(s,BIO_NOCLOSE);
if (nbio_test)
{
BIO *test;
test=BIO_new(BIO_f_nbio_test());
sbio=BIO_push(test,sbio);
}
if (c_debug)
{
con->debug=1;
BIO_set_callback(sbio,bio_dump_callback);
BIO_set_callback_arg(sbio,(char *)bio_c_out);
}
if (c_msg)
{
SSL_set_msg_callback(con, msg_cb);
SSL_set_msg_callback_arg(con, bio_c_out);
}
#ifndef OPENSSL_NO_TLSEXT
if (c_tlsextdebug)
{
SSL_set_tlsext_debug_callback(con, tlsext_cb);
SSL_set_tlsext_debug_arg(con, bio_c_out);
}
if (c_status_req)
{
SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
#if 0
{
STACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null();
OCSP_RESPID *id = OCSP_RESPID_new();
id->value.byKey = ASN1_OCTET_STRING_new();
id->type = V_OCSP_RESPID_KEY;
ASN1_STRING_set(id->value.byKey, "Hello World", -1);
sk_OCSP_RESPID_push(ids, id);
SSL_set_tlsext_status_ids(con, ids);
}
#endif
}
#endif
#ifndef OPENSSL_NO_JPAKE
if (jpake_secret)
jpake_client_auth(bio_c_out, sbio, jpake_secret);
#endif
SSL_set_bio(con,sbio,sbio);
SSL_set_connect_state(con);
/* ok, lets connect */
width=SSL_get_fd(con)+1;
read_tty=1;
write_tty=0;
tty_on=0;
read_ssl=1;
write_ssl=1;
cbuf_len=0;
cbuf_off=0;
sbuf_len=0;
sbuf_off=0;
/* This is an ugly hack that does a lot of assumptions */
/* We do have to handle multi-line responses which may come
in a single packet or not. We therefore have to use
BIO_gets() which does need a buffering BIO. So during
the initial chitchat we do push a buffering BIO into the
chain that is removed again later on to not disturb the
rest of the s_client operation. */
if (starttls_proto == PROTO_SMTP)
{
int foundit=0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
/* wait for multi-line response to end from SMTP */
do
{
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
}
while (mbuf_len>3 && mbuf[3]=='-');
/* STARTTLS command requires EHLO... */
BIO_printf(fbio,"EHLO openssl.client.net\r\n");
(void)BIO_flush(fbio);
/* wait for multi-line response to end EHLO SMTP response */
do
{
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
if (strstr(mbuf,"STARTTLS"))
foundit=1;
}
while (mbuf_len>3 && mbuf[3]=='-');
(void)BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
if (!foundit)
BIO_printf(bio_err,
"didn't found starttls in server response,"
" try anyway...\n");
BIO_printf(sbio,"STARTTLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
else if (starttls_proto == PROTO_POP3)
{
BIO_read(sbio,mbuf,BUFSIZZ);
BIO_printf(sbio,"STLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
else if (starttls_proto == PROTO_IMAP)
{
int foundit=0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
BIO_gets(fbio,mbuf,BUFSIZZ);
/* STARTTLS command requires CAPABILITY... */
BIO_printf(fbio,". CAPABILITY\r\n");
(void)BIO_flush(fbio);
/* wait for multi-line CAPABILITY response */
do
{
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
if (strstr(mbuf,"STARTTLS"))
foundit=1;
}
while (mbuf_len>3 && mbuf[0]!='.');
(void)BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
if (!foundit)
BIO_printf(bio_err,
"didn't found STARTTLS in server response,"
" try anyway...\n");
BIO_printf(sbio,". STARTTLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
else if (starttls_proto == PROTO_FTP)
{
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
/* wait for multi-line response to end from FTP */
do
{
mbuf_len = BIO_gets(fbio,mbuf,BUFSIZZ);
}
while (mbuf_len>3 && mbuf[3]=='-');
(void)BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
BIO_printf(sbio,"AUTH TLS\r\n");
BIO_read(sbio,sbuf,BUFSIZZ);
}
if (starttls_proto == PROTO_XMPP)
{
int seen = 0;
BIO_printf(sbio,"<stream:stream "
"xmlns:stream='http://etherx.jabber.org/streams' "
"xmlns='jabber:client' to='%s' version='1.0'>", host);
seen = BIO_read(sbio,mbuf,BUFSIZZ);
mbuf[seen] = 0;
while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'"))
{
if (strstr(mbuf, "/stream:features>"))
goto shut;
seen = BIO_read(sbio,mbuf,BUFSIZZ);
mbuf[seen] = 0;
}
BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
seen = BIO_read(sbio,sbuf,BUFSIZZ);
sbuf[seen] = 0;
if (!strstr(sbuf, "<proceed"))
goto shut;
mbuf[0] = 0;
}
for (;;)
{
FD_ZERO(&readfds);
FD_ZERO(&writefds);
if ((SSL_version(con) == DTLS1_VERSION) &&
DTLSv1_get_timeout(con, &timeout))
timeoutp = &timeout;
else
timeoutp = NULL;
if (SSL_in_init(con) && !SSL_total_renegotiations(con))
{
in_init=1;
tty_on=0;
}
else
{
tty_on=1;
if (in_init)
{
in_init=0;
if (sess_out)
{
BIO *stmp = BIO_new_file(sess_out, "w");
if (stmp)
{
PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con));
BIO_free(stmp);
}
else
BIO_printf(bio_err, "Error writing session file %s\n", sess_out);
}
print_stuff(bio_c_out,con,full_log);
if (full_log > 0) full_log--;
if (starttls_proto)
{
BIO_printf(bio_err,"%s",mbuf);
/* We don't need to know any more */
starttls_proto = PROTO_OFF;
}
if (reconnect)
{
reconnect--;
BIO_printf(bio_c_out,"drop connection and then reconnect\n");
SSL_shutdown(con);
SSL_set_connect_state(con);
SHUTDOWN(SSL_get_fd(con));
goto re_start;
}
}
}
ssl_pending = read_ssl && SSL_pending(con);
if (!ssl_pending)
{
#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE)
if (tty_on)
{
if (read_tty) FD_SET(fileno(stdin),&readfds);
if (write_tty) FD_SET(fileno(stdout),&writefds);
}
if (read_ssl)
FD_SET(SSL_get_fd(con),&readfds);
if (write_ssl)
FD_SET(SSL_get_fd(con),&writefds);
#else
if(!tty_on || !write_tty) {
if (read_ssl)
FD_SET(SSL_get_fd(con),&readfds);
if (write_ssl)
FD_SET(SSL_get_fd(con),&writefds);
}
#endif
/* printf("mode tty(%d %d%d) ssl(%d%d)\n",
tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
/* Note: under VMS with SOCKETSHR the second parameter
* is currently of type (int *) whereas under other
* systems it is (void *) if you don't have a cast it
* will choke the compiler: if you do have a cast then
* you can either go for (int *) or (void *).
*/
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
/* Under Windows/DOS we make the assumption that we can
* always write to the tty: therefore if we need to
* write to the tty we just fall through. Otherwise
* we timeout the select every second and see if there
* are any keypresses. Note: this is a hack, in a proper
* Windows application we wouldn't do this.
*/
i=0;
if(!write_tty) {
if(read_tty) {
tv.tv_sec = 1;
tv.tv_usec = 0;
i=select(width,(void *)&readfds,(void *)&writefds,
NULL,&tv);
#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
if(!i && (!_kbhit() || !read_tty) ) continue;
#else
if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
#endif
} else i=select(width,(void *)&readfds,(void *)&writefds,
NULL,timeoutp);
}
#elif defined(OPENSSL_SYS_NETWARE)
if(!write_tty) {
if(read_tty) {
tv.tv_sec = 1;
tv.tv_usec = 0;
i=select(width,(void *)&readfds,(void *)&writefds,
NULL,&tv);
} else i=select(width,(void *)&readfds,(void *)&writefds,
NULL,timeoutp);
}
#else
i=select(width,(void *)&readfds,(void *)&writefds,
NULL,timeoutp);
#endif
if ( i < 0)
{
BIO_printf(bio_err,"bad select %d\n",
get_last_socket_error());
goto shut;
/* goto end; */
}
}
if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0)
{
BIO_printf(bio_err,"TIMEOUT occured\n");
}
if (!ssl_pending && FD_ISSET(SSL_get_fd(con),&writefds))
{
k=SSL_write(con,&(cbuf[cbuf_off]),
(unsigned int)cbuf_len);
switch (SSL_get_error(con,k))
{
case SSL_ERROR_NONE:
cbuf_off+=k;
cbuf_len-=k;
if (k <= 0) goto end;
/* we have done a write(con,NULL,0); */
if (cbuf_len <= 0)
{
read_tty=1;
write_ssl=0;
}
else /* if (cbuf_len > 0) */
{
read_tty=0;
write_ssl=1;
}
break;
case SSL_ERROR_WANT_WRITE:
BIO_printf(bio_c_out,"write W BLOCK\n");
write_ssl=1;
read_tty=0;
break;
case SSL_ERROR_WANT_READ:
BIO_printf(bio_c_out,"write R BLOCK\n");
write_tty=0;
read_ssl=1;
write_ssl=0;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
BIO_printf(bio_c_out,"write X BLOCK\n");
break;
case SSL_ERROR_ZERO_RETURN:
if (cbuf_len != 0)
{
BIO_printf(bio_c_out,"shutdown\n");
goto shut;
}
else
{
read_tty=1;
write_ssl=0;
break;
}
case SSL_ERROR_SYSCALL:
if ((k != 0) || (cbuf_len != 0))
{
BIO_printf(bio_err,"write:errno=%d\n",
get_last_socket_error());
goto shut;
}
else
{
read_tty=1;
write_ssl=0;
}
break;
case SSL_ERROR_SSL:
ERR_print_errors(bio_err);
goto shut;
}
}
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
/* Assume Windows/DOS can always write */
else if (!ssl_pending && write_tty)
#else
else if (!ssl_pending && FD_ISSET(fileno(stdout),&writefds))
#endif
{
#ifdef CHARSET_EBCDIC
ascii2ebcdic(&(sbuf[sbuf_off]),&(sbuf[sbuf_off]),sbuf_len);
#endif
i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
if (i <= 0)
{
BIO_printf(bio_c_out,"DONE\n");
goto shut;
/* goto end; */
}
sbuf_len-=i;;
sbuf_off+=i;
if (sbuf_len <= 0)
{
read_ssl=1;
write_tty=0;
}
}
else if (ssl_pending || FD_ISSET(SSL_get_fd(con),&readfds))
{
#ifdef RENEG
{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
#endif
#if 1
k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
#else
/* Demo for pending and peek :-) */
k=SSL_read(con,sbuf,16);
{ char zbuf[10240];
printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240));
}
#endif
switch (SSL_get_error(con,k))
{
case SSL_ERROR_NONE:
if (k <= 0)
goto end;
sbuf_off=0;
sbuf_len=k;
read_ssl=0;
write_tty=1;
break;
case SSL_ERROR_WANT_WRITE:
BIO_printf(bio_c_out,"read W BLOCK\n");
write_ssl=1;
read_tty=0;
break;
case SSL_ERROR_WANT_READ:
BIO_printf(bio_c_out,"read R BLOCK\n");
write_tty=0;
read_ssl=1;
if ((read_tty == 0) && (write_ssl == 0))
write_ssl=1;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
BIO_printf(bio_c_out,"read X BLOCK\n");
break;
case SSL_ERROR_SYSCALL:
BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
goto shut;
case SSL_ERROR_ZERO_RETURN:
BIO_printf(bio_c_out,"closed\n");
goto shut;
case SSL_ERROR_SSL:
ERR_print_errors(bio_err);
goto shut;
/* break; */
}
}
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
#if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
else if (_kbhit())
#else
else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
#endif
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
#else
else if (FD_ISSET(fileno(stdin),&readfds))
#endif
{
if (crlf)
{
int j, lf_num;
i=read(fileno(stdin),cbuf,BUFSIZZ/2);
lf_num = 0;
/* both loops are skipped when i <= 0 */
for (j = 0; j < i; j++)
if (cbuf[j] == '\n')
lf_num++;
for (j = i-1; j >= 0; j--)
{
cbuf[j+lf_num] = cbuf[j];
if (cbuf[j] == '\n')
{
lf_num--;
i++;
cbuf[j+lf_num] = '\r';
}
}
assert(lf_num == 0);
}
else
i=read(fileno(stdin),cbuf,BUFSIZZ);
if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
{
BIO_printf(bio_err,"DONE\n");
goto shut;
}
if ((!c_ign_eof) && (cbuf[0] == 'R'))
{
BIO_printf(bio_err,"RENEGOTIATING\n");
SSL_renegotiate(con);
cbuf_len=0;
}
else
{
cbuf_len=i;
cbuf_off=0;
#ifdef CHARSET_EBCDIC
ebcdic2ascii(cbuf, cbuf, i);
#endif
}
write_ssl=1;
read_tty=0;
}
}
shut:
SSL_shutdown(con);
SHUTDOWN(SSL_get_fd(con));
ret=0;
end:
if(prexit) print_stuff(bio_c_out,con,1);
if (con != NULL) SSL_free(con);
if (con2 != NULL) SSL_free(con2);
if (ctx != NULL) SSL_CTX_free(ctx);
if (cert)
X509_free(cert);
if (key)
EVP_PKEY_free(key);
if (pass)
OPENSSL_free(pass);
if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }
if (bio_c_out != NULL)
{
BIO_free(bio_c_out);
bio_c_out=NULL;
}
apps_shutdown();
OPENSSL_EXIT(ret);
}
int
s_client_main(int argc, char **argv)
{
unsigned int off = 0, clr = 0;
SSL *con = NULL;
int s, k, width, state = 0, af = AF_UNSPEC;
char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL;
int cbuf_len, cbuf_off;
int sbuf_len, sbuf_off;
fd_set readfds, writefds;
char *port = PORT_STR;
int full_log = 1;
char *host = SSL_HOST_NAME;
char *cert_file = NULL, *key_file = NULL;
int cert_format = FORMAT_PEM, key_format = FORMAT_PEM;
char *passarg = NULL, *pass = NULL;
X509 *cert = NULL;
EVP_PKEY *key = NULL;
char *CApath = NULL, *CAfile = NULL, *cipher = NULL;
int reconnect = 0, badop = 0, verify = SSL_VERIFY_NONE, bugs = 0;
int crlf = 0;
int write_tty, read_tty, write_ssl, read_ssl, tty_on, ssl_pending;
SSL_CTX *ctx = NULL;
int ret = 1, in_init = 1, i, nbio_test = 0;
int starttls_proto = PROTO_OFF;
int prexit = 0;
X509_VERIFY_PARAM *vpm = NULL;
int badarg = 0;
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
BIO *sbio;
int mbuf_len = 0;
struct timeval timeout, *timeoutp;
const char *errstr = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine_id = NULL;
char *ssl_client_engine_id = NULL;
ENGINE *ssl_client_engine = NULL;
#endif
ENGINE *e = NULL;
#ifndef OPENSSL_NO_TLSEXT
char *servername = NULL;
tlsextctx tlsextcbp =
{NULL, 0};
#ifndef OPENSSL_NO_NEXTPROTONEG
const char *next_proto_neg_in = NULL;
#endif
#endif
char *sess_in = NULL;
char *sess_out = NULL;
struct sockaddr peer;
int peerlen = sizeof(peer);
int enable_timeouts = 0;
long socket_mtu = 0;
meth = SSLv23_client_method();
c_Pause = 0;
c_quiet = 0;
c_ign_eof = 0;
c_debug = 0;
c_msg = 0;
c_showcerts = 0;
if (((cbuf = malloc(BUFSIZZ)) == NULL) ||
((sbuf = malloc(BUFSIZZ)) == NULL) ||
((mbuf = malloc(BUFSIZZ + 1)) == NULL)) { /* NUL byte */
BIO_printf(bio_err, "out of memory\n");
goto end;
}
verify_depth = 0;
verify_error = X509_V_OK;
c_nbio = 0;
argc--;
argv++;
while (argc >= 1) {
if (strcmp(*argv, "-host") == 0) {
if (--argc < 1)
goto bad;
host = *(++argv);
} else if (strcmp(*argv, "-port") == 0) {
if (--argc < 1)
goto bad;
port = *(++argv);
if (port == NULL || *port == '\0')
goto bad;
} else if (strcmp(*argv, "-connect") == 0) {
if (--argc < 1)
goto bad;
if (!extract_host_port(*(++argv), &host, NULL, &port))
goto bad;
} else if (strcmp(*argv, "-verify") == 0) {
verify = SSL_VERIFY_PEER;
if (--argc < 1)
goto bad;
verify_depth = strtonum(*(++argv), 0, INT_MAX, &errstr);
if (errstr)
goto bad;
BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
} else if (strcmp(*argv, "-cert") == 0) {
if (--argc < 1)
goto bad;
cert_file = *(++argv);
} else if (strcmp(*argv, "-sess_out") == 0) {
if (--argc < 1)
goto bad;
sess_out = *(++argv);
} else if (strcmp(*argv, "-sess_in") == 0) {
if (--argc < 1)
goto bad;
sess_in = *(++argv);
} else if (strcmp(*argv, "-certform") == 0) {
if (--argc < 1)
goto bad;
cert_format = str2fmt(*(++argv));
} else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
if (badarg)
goto bad;
continue;
} else if (strcmp(*argv, "-verify_return_error") == 0)
verify_return_error = 1;
else if (strcmp(*argv, "-prexit") == 0)
prexit = 1;
else if (strcmp(*argv, "-crlf") == 0)
crlf = 1;
else if (strcmp(*argv, "-quiet") == 0) {
c_quiet = 1;
c_ign_eof = 1;
} else if (strcmp(*argv, "-ign_eof") == 0)
c_ign_eof = 1;
else if (strcmp(*argv, "-no_ign_eof") == 0)
c_ign_eof = 0;
else if (strcmp(*argv, "-pause") == 0)
c_Pause = 1;
else if (strcmp(*argv, "-debug") == 0)
c_debug = 1;
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv, "-tlsextdebug") == 0)
c_tlsextdebug = 1;
else if (strcmp(*argv, "-status") == 0)
c_status_req = 1;
#endif
else if (strcmp(*argv, "-msg") == 0)
c_msg = 1;
else if (strcmp(*argv, "-showcerts") == 0)
c_showcerts = 1;
else if (strcmp(*argv, "-nbio_test") == 0)
nbio_test = 1;
else if (strcmp(*argv, "-state") == 0)
state = 1;
else if (strcmp(*argv, "-ssl3") == 0)
meth = SSLv3_client_method();
else if (strcmp(*argv, "-tls1_2") == 0)
meth = TLSv1_2_client_method();
else if (strcmp(*argv, "-tls1_1") == 0)
meth = TLSv1_1_client_method();
else if (strcmp(*argv, "-tls1") == 0)
meth = TLSv1_client_method();
#ifndef OPENSSL_NO_DTLS1
else if (strcmp(*argv, "-dtls1") == 0) {
meth = DTLSv1_client_method();
socket_type = SOCK_DGRAM;
} else if (strcmp(*argv, "-timeout") == 0)
enable_timeouts = 1;
else if (strcmp(*argv, "-mtu") == 0) {
if (--argc < 1)
goto bad;
socket_mtu = strtonum(*(++argv), 0, LONG_MAX, &errstr);
if (errstr)
goto bad;
}
#endif
else if (strcmp(*argv, "-bugs") == 0)
bugs = 1;
else if (strcmp(*argv, "-keyform") == 0) {
if (--argc < 1)
goto bad;
key_format = str2fmt(*(++argv));
} else if (strcmp(*argv, "-pass") == 0) {
if (--argc < 1)
goto bad;
passarg = *(++argv);
} else if (strcmp(*argv, "-key") == 0) {
if (--argc < 1)
goto bad;
key_file = *(++argv);
} else if (strcmp(*argv, "-reconnect") == 0) {
reconnect = 5;
} else if (strcmp(*argv, "-CApath") == 0) {
if (--argc < 1)
goto bad;
CApath = *(++argv);
} else if (strcmp(*argv, "-CAfile") == 0) {
if (--argc < 1)
goto bad;
CAfile = *(++argv);
} else if (strcmp(*argv, "-no_tls1_2") == 0)
off |= SSL_OP_NO_TLSv1_2;
else if (strcmp(*argv, "-no_tls1_1") == 0)
off |= SSL_OP_NO_TLSv1_1;
else if (strcmp(*argv, "-no_tls1") == 0)
off |= SSL_OP_NO_TLSv1;
else if (strcmp(*argv, "-no_ssl3") == 0)
off |= SSL_OP_NO_SSLv3;
else if (strcmp(*argv, "-no_ssl2") == 0)
off |= SSL_OP_NO_SSLv2;
else if (strcmp(*argv, "-no_comp") == 0) {
off |= SSL_OP_NO_COMPRESSION;
}
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv, "-no_ticket") == 0) {
off |= SSL_OP_NO_TICKET;
}
#ifndef OPENSSL_NO_NEXTPROTONEG
else if (strcmp(*argv, "-nextprotoneg") == 0) {
if (--argc < 1)
goto bad;
next_proto_neg_in = *(++argv);
}
#endif
#endif
else if (strcmp(*argv, "-serverpref") == 0)
off |= SSL_OP_CIPHER_SERVER_PREFERENCE;
else if (strcmp(*argv, "-legacy_renegotiation") == 0)
; /* no-op */
else if (strcmp(*argv, "-legacy_server_connect") == 0) {
off |= SSL_OP_LEGACY_SERVER_CONNECT;
} else if (strcmp(*argv, "-no_legacy_server_connect") == 0) {
clr |= SSL_OP_LEGACY_SERVER_CONNECT;
} else if (strcmp(*argv, "-cipher") == 0) {
if (--argc < 1)
goto bad;
cipher = *(++argv);
}
else if (strcmp(*argv, "-nbio") == 0) {
c_nbio = 1;
}
else if (strcmp(*argv, "-starttls") == 0) {
if (--argc < 1)
goto bad;
++argv;
if (strcmp(*argv, "smtp") == 0)
starttls_proto = PROTO_SMTP;
else if (strcmp(*argv, "lmtp") == 0)
starttls_proto = PROTO_LMTP;
else if (strcmp(*argv, "pop3") == 0)
starttls_proto = PROTO_POP3;
else if (strcmp(*argv, "imap") == 0)
starttls_proto = PROTO_IMAP;
else if (strcmp(*argv, "ftp") == 0)
starttls_proto = PROTO_FTP;
else if (strcmp(*argv, "xmpp") == 0)
starttls_proto = PROTO_XMPP;
else
goto bad;
}
#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
engine_id = *(++argv);
} else if (strcmp(*argv, "-ssl_client_engine") == 0) {
if (--argc < 1)
goto bad;
ssl_client_engine_id = *(++argv);
}
#endif
else if (strcmp(*argv, "-4") == 0) {
af = AF_INET;
} else if (strcmp(*argv, "-6") == 0) {
af = AF_INET6;
}
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv, "-servername") == 0) {
if (--argc < 1)
goto bad;
servername = *(++argv);
/* meth=TLSv1_client_method(); */
}
#endif
#ifndef OPENSSL_NO_SRTP
else if (strcmp(*argv, "-use_srtp") == 0) {
if (--argc < 1)
goto bad;
srtp_profiles = *(++argv);
}
#endif
else if (strcmp(*argv, "-keymatexport") == 0) {
if (--argc < 1)
goto bad;
keymatexportlabel = *(++argv);
} else if (strcmp(*argv, "-keymatexportlen") == 0) {
const char *errstr;
if (--argc < 1)
goto bad;
keymatexportlen = strtonum(*(++argv), 1, INT_MAX, &errstr);
if (errstr)
goto bad;
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
break;
}
argc--;
argv++;
}
if (badop) {
bad:
if (errstr)
BIO_printf(bio_err, "invalid argument %s: %s\n",
*argv, errstr);
else
sc_usage();
goto end;
}
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
next_proto.status = -1;
if (next_proto_neg_in) {
next_proto.data = next_protos_parse(&next_proto.len, next_proto_neg_in);
if (next_proto.data == NULL) {
BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n");
goto end;
}
} else
next_proto.data = NULL;
#endif
#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
if (ssl_client_engine_id) {
ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
if (!ssl_client_engine) {
BIO_printf(bio_err,
"Error getting client auth engine\n");
goto end;
}
}
#endif
if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
if (key_file == NULL)
key_file = cert_file;
if (key_file) {
key = load_key(bio_err, key_file, key_format, 0, pass, e,
"client certificate private key file");
if (!key) {
ERR_print_errors(bio_err);
goto end;
}
}
if (cert_file) {
cert = load_cert(bio_err, cert_file, cert_format,
NULL, e, "client certificate file");
if (!cert) {
ERR_print_errors(bio_err);
goto end;
}
}
if (bio_c_out == NULL) {
if (c_quiet && !c_debug && !c_msg) {
bio_c_out = BIO_new(BIO_s_null());
} else {
if (bio_c_out == NULL)
bio_c_out = BIO_new_fp(stdout, BIO_NOCLOSE);
}
}
ctx = SSL_CTX_new(meth);
if (ctx == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (vpm)
SSL_CTX_set1_param(ctx, vpm);
#ifndef OPENSSL_NO_ENGINE
if (ssl_client_engine) {
if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) {
BIO_puts(bio_err, "Error setting client auth engine\n");
ERR_print_errors(bio_err);
ENGINE_free(ssl_client_engine);
goto end;
}
ENGINE_free(ssl_client_engine);
}
#endif
#ifndef OPENSSL_NO_SRTP
if (srtp_profiles != NULL)
SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
#endif
if (bugs)
SSL_CTX_set_options(ctx, SSL_OP_ALL | off);
else
SSL_CTX_set_options(ctx, off);
if (clr)
SSL_CTX_clear_options(ctx, clr);
/*
* DTLS: partial reads end up discarding unread UDP bytes :-( Setting
* read ahead solves this problem.
*/
if (socket_type == SOCK_DGRAM)
SSL_CTX_set_read_ahead(ctx, 1);
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
if (next_proto.data)
SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
#endif
if (state)
SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
if (cipher != NULL)
if (!SSL_CTX_set_cipher_list(ctx, cipher)) {
BIO_printf(bio_err, "error setting cipher list\n");
ERR_print_errors(bio_err);
goto end;
}
SSL_CTX_set_verify(ctx, verify, verify_callback);
if (!set_cert_key_stuff(ctx, cert, key))
goto end;
if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(ctx))) {
/*
* BIO_printf(bio_err,"error setting default verify
* locations\n");
*/
ERR_print_errors(bio_err);
/* goto end; */
}
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL) {
tlsextcbp.biodebug = bio_err;
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
}
#endif
con = SSL_new(ctx);
if (sess_in) {
SSL_SESSION *sess;
BIO *stmp = BIO_new_file(sess_in, "r");
if (!stmp) {
BIO_printf(bio_err, "Can't open session file %s\n",
sess_in);
ERR_print_errors(bio_err);
goto end;
}
sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL);
BIO_free(stmp);
if (!sess) {
BIO_printf(bio_err, "Can't open session file %s\n",
sess_in);
ERR_print_errors(bio_err);
goto end;
}
SSL_set_session(con, sess);
SSL_SESSION_free(sess);
}
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL) {
if (!SSL_set_tlsext_host_name(con, servername)) {
BIO_printf(bio_err, "Unable to set TLS servername extension.\n");
ERR_print_errors(bio_err);
goto end;
}
}
#endif
/* SSL_set_cipher_list(con,"RC4-MD5"); */
re_start:
if (init_client(&s, host, port, socket_type, af) == 0) {
BIO_printf(bio_err, "connect:errno=%d\n", errno);
shutdown(s, SHUT_RD);
close(s);
goto end;
}
BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s);
if (c_nbio) {
unsigned long l = 1;
BIO_printf(bio_c_out, "turning on non blocking io\n");
if (BIO_socket_ioctl(s, FIONBIO, &l) < 0) {
ERR_print_errors(bio_err);
goto end;
}
}
if (c_Pause & 0x01)
SSL_set_debug(con, 1);
if (SSL_version(con) == DTLS1_VERSION) {
sbio = BIO_new_dgram(s, BIO_NOCLOSE);
if (getsockname(s, &peer, (void *) &peerlen) < 0) {
BIO_printf(bio_err, "getsockname:errno=%d\n",
errno);
shutdown(s, SHUT_RD);
close(s);
goto end;
}
(void) BIO_ctrl_set_connected(sbio, 1, &peer);
if (enable_timeouts) {
timeout.tv_sec = 0;
timeout.tv_usec = DGRAM_RCV_TIMEOUT;
BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
timeout.tv_sec = 0;
timeout.tv_usec = DGRAM_SND_TIMEOUT;
BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
}
if (socket_mtu > 28) {
SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
SSL_set_mtu(con, socket_mtu - 28);
} else
/* want to do MTU discovery */
BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
} else
sbio = BIO_new_socket(s, BIO_NOCLOSE);
if (nbio_test) {
BIO *test;
test = BIO_new(BIO_f_nbio_test());
sbio = BIO_push(test, sbio);
}
if (c_debug) {
SSL_set_debug(con, 1);
BIO_set_callback(sbio, bio_dump_callback);
BIO_set_callback_arg(sbio, (char *) bio_c_out);
}
if (c_msg) {
SSL_set_msg_callback(con, msg_cb);
SSL_set_msg_callback_arg(con, bio_c_out);
}
#ifndef OPENSSL_NO_TLSEXT
if (c_tlsextdebug) {
SSL_set_tlsext_debug_callback(con, tlsext_cb);
SSL_set_tlsext_debug_arg(con, bio_c_out);
}
if (c_status_req) {
SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
}
#endif
SSL_set_bio(con, sbio, sbio);
SSL_set_connect_state(con);
/* ok, lets connect */
width = SSL_get_fd(con) + 1;
read_tty = 1;
write_tty = 0;
tty_on = 0;
read_ssl = 1;
write_ssl = 1;
cbuf_len = 0;
cbuf_off = 0;
sbuf_len = 0;
sbuf_off = 0;
/* This is an ugly hack that does a lot of assumptions */
/*
* We do have to handle multi-line responses which may come in a
* single packet or not. We therefore have to use BIO_gets() which
* does need a buffering BIO. So during the initial chitchat we do
* push a buffering BIO into the chain that is removed again later on
* to not disturb the rest of the s_client operation.
*/
if (starttls_proto == PROTO_SMTP || starttls_proto == PROTO_LMTP) {
int foundit = 0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
/* wait for multi-line response to end from SMTP */
do {
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
}
while (mbuf_len > 3 && mbuf[3] == '-');
/* STARTTLS command requires EHLO... */
BIO_printf(fbio, "%cHLO openssl.client.net\r\n",
starttls_proto == PROTO_SMTP ? 'E' : 'L');
(void) BIO_flush(fbio);
/* wait for multi-line response to end EHLO SMTP response */
do {
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
if (strstr(mbuf, "STARTTLS"))
foundit = 1;
}
while (mbuf_len > 3 && mbuf[3] == '-');
(void) BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
if (!foundit)
BIO_printf(bio_err,
"didn't found starttls in server response,"
" try anyway...\n");
BIO_printf(sbio, "STARTTLS\r\n");
BIO_read(sbio, sbuf, BUFSIZZ);
} else if (starttls_proto == PROTO_POP3) {
mbuf_len = BIO_read(sbio, mbuf, BUFSIZZ);
if (mbuf_len == -1) {
BIO_printf(bio_err, "BIO_read failed\n");
goto end;
}
BIO_printf(sbio, "STLS\r\n");
BIO_read(sbio, sbuf, BUFSIZZ);
} else if (starttls_proto == PROTO_IMAP) {
int foundit = 0;
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
BIO_gets(fbio, mbuf, BUFSIZZ);
/* STARTTLS command requires CAPABILITY... */
BIO_printf(fbio, ". CAPABILITY\r\n");
(void) BIO_flush(fbio);
/* wait for multi-line CAPABILITY response */
do {
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
if (strstr(mbuf, "STARTTLS"))
foundit = 1;
}
while (mbuf_len > 3 && mbuf[0] != '.');
(void) BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
if (!foundit)
BIO_printf(bio_err,
"didn't found STARTTLS in server response,"
" try anyway...\n");
BIO_printf(sbio, ". STARTTLS\r\n");
BIO_read(sbio, sbuf, BUFSIZZ);
} else if (starttls_proto == PROTO_FTP) {
BIO *fbio = BIO_new(BIO_f_buffer());
BIO_push(fbio, sbio);
/* wait for multi-line response to end from FTP */
do {
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
}
while (mbuf_len > 3 && mbuf[3] == '-');
(void) BIO_flush(fbio);
BIO_pop(fbio);
BIO_free(fbio);
BIO_printf(sbio, "AUTH TLS\r\n");
BIO_read(sbio, sbuf, BUFSIZZ);
}
if (starttls_proto == PROTO_XMPP) {
int seen = 0;
BIO_printf(sbio, "<stream:stream "
"xmlns:stream='http://etherx.jabber.org/streams' "
"xmlns='jabber:client' to='%s' version='1.0'>", host);
seen = BIO_read(sbio, mbuf, BUFSIZZ);
mbuf[seen] = 0;
while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")) {
if (strstr(mbuf, "/stream:features>"))
goto shut;
seen = BIO_read(sbio, mbuf, BUFSIZZ);
mbuf[seen] = 0;
}
BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
seen = BIO_read(sbio, sbuf, BUFSIZZ);
sbuf[seen] = 0;
if (!strstr(sbuf, "<proceed"))
goto shut;
mbuf[0] = 0;
}
for (;;) {
FD_ZERO(&readfds);
FD_ZERO(&writefds);
if ((SSL_version(con) == DTLS1_VERSION) &&
DTLSv1_get_timeout(con, &timeout))
timeoutp = &timeout;
else
timeoutp = NULL;
if (SSL_in_init(con) && !SSL_total_renegotiations(con)) {
in_init = 1;
tty_on = 0;
} else {
tty_on = 1;
if (in_init) {
in_init = 0;
if (sess_out) {
BIO *stmp = BIO_new_file(sess_out, "w");
if (stmp) {
PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con));
BIO_free(stmp);
} else
BIO_printf(bio_err, "Error writing session file %s\n", sess_out);
}
print_stuff(bio_c_out, con, full_log);
if (full_log > 0)
full_log--;
if (starttls_proto) {
BIO_write(bio_err, mbuf, mbuf_len);
/* We don't need to know any more */
starttls_proto = PROTO_OFF;
}
if (reconnect) {
reconnect--;
BIO_printf(bio_c_out, "drop connection and then reconnect\n");
SSL_shutdown(con);
SSL_set_connect_state(con);
shutdown(SSL_get_fd(con), SHUT_RD);
close(SSL_get_fd(con));
goto re_start;
}
}
}
ssl_pending = read_ssl && SSL_pending(con);
/* XXX should add tests for fd_set overflow */
if (!ssl_pending) {
if (tty_on) {
if (read_tty)
FD_SET(fileno(stdin), &readfds);
if (write_tty)
FD_SET(fileno(stdout), &writefds);
}
if (read_ssl)
FD_SET(SSL_get_fd(con), &readfds);
if (write_ssl)
FD_SET(SSL_get_fd(con), &writefds);
/* printf("mode tty(%d %d%d) ssl(%d%d)\n",
tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
i = select(width, &readfds, &writefds,
NULL, timeoutp);
if (i < 0) {
BIO_printf(bio_err, "bad select %d\n",
errno);
goto shut;
/* goto end; */
}
}
if ((SSL_version(con) == DTLS1_VERSION) && DTLSv1_handle_timeout(con) > 0) {
BIO_printf(bio_err, "TIMEOUT occured\n");
}
if (!ssl_pending && FD_ISSET(SSL_get_fd(con), &writefds)) {
k = SSL_write(con, &(cbuf[cbuf_off]),
(unsigned int) cbuf_len);
switch (SSL_get_error(con, k)) {
case SSL_ERROR_NONE:
cbuf_off += k;
cbuf_len -= k;
if (k <= 0)
goto end;
/* we have done a write(con,NULL,0); */
if (cbuf_len <= 0) {
read_tty = 1;
write_ssl = 0;
} else { /* if (cbuf_len > 0) */
read_tty = 0;
write_ssl = 1;
}
break;
case SSL_ERROR_WANT_WRITE:
BIO_printf(bio_c_out, "write W BLOCK\n");
write_ssl = 1;
read_tty = 0;
break;
case SSL_ERROR_WANT_READ:
BIO_printf(bio_c_out, "write R BLOCK\n");
write_tty = 0;
read_ssl = 1;
write_ssl = 0;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
BIO_printf(bio_c_out, "write X BLOCK\n");
break;
case SSL_ERROR_ZERO_RETURN:
if (cbuf_len != 0) {
BIO_printf(bio_c_out, "shutdown\n");
ret = 0;
goto shut;
} else {
read_tty = 1;
write_ssl = 0;
break;
}
case SSL_ERROR_SYSCALL:
if ((k != 0) || (cbuf_len != 0)) {
BIO_printf(bio_err, "write:errno=%d\n",
errno);
goto shut;
} else {
read_tty = 1;
write_ssl = 0;
}
break;
case SSL_ERROR_SSL:
ERR_print_errors(bio_err);
goto shut;
}
} else if (!ssl_pending && FD_ISSET(fileno(stdout), &writefds)) {
i = write(fileno(stdout), &(sbuf[sbuf_off]), sbuf_len);
if (i <= 0) {
BIO_printf(bio_c_out, "DONE\n");
ret = 0;
goto shut;
/* goto end; */
}
sbuf_len -= i;
sbuf_off += i;
if (sbuf_len <= 0) {
read_ssl = 1;
write_tty = 0;
}
} else if (ssl_pending || FD_ISSET(SSL_get_fd(con), &readfds)) {
#ifdef RENEG
{
static int iiii;
if (++iiii == 52) {
SSL_renegotiate(con);
iiii = 0;
}
}
#endif
k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ );
switch (SSL_get_error(con, k)) {
case SSL_ERROR_NONE:
if (k <= 0)
goto end;
sbuf_off = 0;
sbuf_len = k;
read_ssl = 0;
write_tty = 1;
break;
case SSL_ERROR_WANT_WRITE:
BIO_printf(bio_c_out, "read W BLOCK\n");
write_ssl = 1;
read_tty = 0;
break;
case SSL_ERROR_WANT_READ:
BIO_printf(bio_c_out, "read R BLOCK\n");
write_tty = 0;
read_ssl = 1;
if ((read_tty == 0) && (write_ssl == 0))
write_ssl = 1;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
BIO_printf(bio_c_out, "read X BLOCK\n");
break;
case SSL_ERROR_SYSCALL:
ret = errno;
BIO_printf(bio_err, "read:errno=%d\n", ret);
goto shut;
case SSL_ERROR_ZERO_RETURN:
BIO_printf(bio_c_out, "closed\n");
ret = 0;
goto shut;
case SSL_ERROR_SSL:
ERR_print_errors(bio_err);
goto shut;
/* break; */
}
} else if (FD_ISSET(fileno(stdin), &readfds)) {
if (crlf) {
int j, lf_num;
i = read(fileno(stdin), cbuf, BUFSIZZ / 2);
lf_num = 0;
/* both loops are skipped when i <= 0 */
for (j = 0; j < i; j++)
if (cbuf[j] == '\n')
lf_num++;
for (j = i - 1; j >= 0; j--) {
cbuf[j + lf_num] = cbuf[j];
if (cbuf[j] == '\n') {
lf_num--;
i++;
cbuf[j + lf_num] = '\r';
}
}
assert(lf_num == 0);
} else
i = read(fileno(stdin), cbuf, BUFSIZZ);
if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) {
BIO_printf(bio_err, "DONE\n");
ret = 0;
goto shut;
}
if ((!c_ign_eof) && (cbuf[0] == 'R')) {
BIO_printf(bio_err, "RENEGOTIATING\n");
SSL_renegotiate(con);
cbuf_len = 0;
} else {
cbuf_len = i;
cbuf_off = 0;
}
write_ssl = 1;
read_tty = 0;
}
}
ret = 0;
shut:
if (in_init)
print_stuff(bio_c_out, con, full_log);
SSL_shutdown(con);
shutdown(SSL_get_fd(con), SHUT_RD);
close(SSL_get_fd(con));
end:
if (con != NULL) {
if (prexit != 0)
print_stuff(bio_c_out, con, 1);
SSL_free(con);
}
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
free(next_proto.data);
#endif
if (ctx != NULL)
SSL_CTX_free(ctx);
if (cert)
X509_free(cert);
if (key)
EVP_PKEY_free(key);
free(pass);
if (vpm)
X509_VERIFY_PARAM_free(vpm);
if (cbuf != NULL) {
OPENSSL_cleanse(cbuf, BUFSIZZ);
free(cbuf);
}
if (sbuf != NULL) {
OPENSSL_cleanse(sbuf, BUFSIZZ);
free(sbuf);
}
if (mbuf != NULL) {
OPENSSL_cleanse(mbuf, BUFSIZZ);
free(mbuf);
}
if (bio_c_out != NULL) {
BIO_free(bio_c_out);
bio_c_out = NULL;
}
return (ret);
}
static int test_tls13ccs(int tst)
{
SSL_CTX *sctx = NULL, *cctx = NULL;
SSL *sssl = NULL, *cssl = NULL;
int ret = 0;
const char msg[] = "Dummy data";
char buf[80];
size_t written, readbytes;
SSL_SESSION *sess = NULL;
chseen = shseen = sccsseen = ccsaftersh = ccsbeforesh = 0;
sappdataseen = cappdataseen = badccs = badvers = badsessid = 0;
chsessidlen = 0;
if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(),
TLS1_VERSION, 0,
&sctx, &cctx, cert, privkey))
|| !TEST_true(SSL_CTX_set_max_early_data(sctx,
SSL3_RT_MAX_PLAIN_LENGTH)))
goto err;
/*
* Test 0: Simple Handshake
* Test 1: Simple Handshake, client middlebox compat mode disabled
* Test 2: Simple Handshake, server middlebox compat mode disabled
* Test 3: HRR Handshake
* Test 4: HRR Handshake, client middlebox compat mode disabled
* Test 5: HRR Handshake, server middlebox compat mode disabled
* Test 6: Early data handshake
* Test 7: Early data handshake, client middlebox compat mode disabled
* Test 8: Early data handshake, server middlebox compat mode disabled
* Test 9: Early data then HRR
* Test 10: Early data then HRR, client middlebox compat mode disabled
* Test 11: Early data then HRR, server middlebox compat mode disabled
*/
switch (tst) {
case 0:
case 3:
case 6:
case 9:
break;
case 1:
case 4:
case 7:
case 10:
SSL_CTX_clear_options(cctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
break;
case 2:
case 5:
case 8:
case 11:
SSL_CTX_clear_options(sctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
break;
default:
TEST_error("Invalid test value");
goto err;
}
if (tst >= 6) {
/* Get a session suitable for early_data */
if (!TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, NULL))
|| !TEST_true(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE)))
goto err;
sess = SSL_get1_session(cssl);
if (!TEST_ptr(sess))
goto err;
SSL_shutdown(cssl);
SSL_shutdown(sssl);
SSL_free(sssl);
SSL_free(cssl);
sssl = cssl = NULL;
}
if ((tst >= 3 && tst <= 5) || tst >= 9) {
/* HRR handshake */
if (!TEST_true(SSL_CTX_set1_groups_list(sctx, "P-256")))
goto err;
}
s_to_c_fbio = BIO_new(bio_f_watchccs_filter());
c_to_s_fbio = BIO_new(bio_f_watchccs_filter());
if (!TEST_ptr(s_to_c_fbio)
|| !TEST_ptr(c_to_s_fbio)) {
BIO_free(s_to_c_fbio);
BIO_free(c_to_s_fbio);
goto err;
}
/* BIOs get freed on error */
if (!TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, s_to_c_fbio,
c_to_s_fbio)))
goto err;
if (tst >= 6) {
/* Early data */
if (!TEST_true(SSL_set_session(cssl, sess))
|| !TEST_true(SSL_write_early_data(cssl, msg, strlen(msg),
&written))
|| (tst <= 8
&& !TEST_int_eq(SSL_read_early_data(sssl, buf, sizeof(buf),
&readbytes),
SSL_READ_EARLY_DATA_SUCCESS)))
goto err;
if (tst <= 8) {
if (!TEST_int_gt(SSL_connect(cssl), 0))
goto err;
} else {
if (!TEST_int_le(SSL_connect(cssl), 0))
goto err;
}
if (!TEST_int_eq(SSL_read_early_data(sssl, buf, sizeof(buf),
&readbytes),
SSL_READ_EARLY_DATA_FINISH))
goto err;
}
/* Perform handshake (or complete it if doing early data ) */
if (!TEST_true(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE)))
goto err;
/*
* Check there were no unexpected CCS messages, all record versions
* were as expected, and that the session ids were reflected by the server
* correctly.
*/
if (!TEST_false(badccs) || !TEST_false(badvers) || !TEST_false(badsessid))
goto err;
switch (tst) {
case 0:
if (!TEST_true(sccsseen)
|| !TEST_true(ccsaftersh)
|| !TEST_false(ccsbeforesh)
|| !TEST_size_t_gt(chsessidlen, 0))
goto err;
break;
case 1:
if (!TEST_true(sccsseen)
|| !TEST_false(ccsaftersh)
|| !TEST_false(ccsbeforesh)
|| !TEST_size_t_eq(chsessidlen, 0))
goto err;
break;
case 2:
if (!TEST_false(sccsseen)
|| !TEST_true(ccsaftersh)
|| !TEST_false(ccsbeforesh)
|| !TEST_size_t_gt(chsessidlen, 0))
goto err;
break;
case 3:
if (!TEST_true(sccsseen)
|| !TEST_true(ccsaftersh)
|| !TEST_false(ccsbeforesh)
|| !TEST_size_t_gt(chsessidlen, 0))
goto err;
break;
case 4:
if (!TEST_true(sccsseen)
|| !TEST_false(ccsaftersh)
|| !TEST_false(ccsbeforesh)
|| !TEST_size_t_eq(chsessidlen, 0))
goto err;
break;
case 5:
if (!TEST_false(sccsseen)
|| !TEST_true(ccsaftersh)
|| !TEST_false(ccsbeforesh)
|| !TEST_size_t_gt(chsessidlen, 0))
goto err;
break;
case 6:
if (!TEST_true(sccsseen)
|| !TEST_false(ccsaftersh)
|| !TEST_true(ccsbeforesh)
|| !TEST_size_t_gt(chsessidlen, 0))
goto err;
break;
case 7:
if (!TEST_true(sccsseen)
|| !TEST_false(ccsaftersh)
|| !TEST_false(ccsbeforesh)
|| !TEST_size_t_eq(chsessidlen, 0))
goto err;
break;
case 8:
if (!TEST_false(sccsseen)
|| !TEST_false(ccsaftersh)
|| !TEST_true(ccsbeforesh)
|| !TEST_size_t_gt(chsessidlen, 0))
goto err;
break;
case 9:
if (!TEST_true(sccsseen)
|| !TEST_false(ccsaftersh)
|| !TEST_true(ccsbeforesh)
|| !TEST_size_t_gt(chsessidlen, 0))
goto err;
break;
case 10:
if (!TEST_true(sccsseen)
|| !TEST_false(ccsaftersh)
|| !TEST_false(ccsbeforesh)
|| !TEST_size_t_eq(chsessidlen, 0))
goto err;
break;
case 11:
if (!TEST_false(sccsseen)
|| !TEST_false(ccsaftersh)
|| !TEST_true(ccsbeforesh)
|| !TEST_size_t_gt(chsessidlen, 0))
goto err;
break;
default:
TEST_error("Invalid test value");
goto err;
}
ret = 1;
err:
SSL_SESSION_free(sess);
SSL_free(sssl);
SSL_free(cssl);
SSL_CTX_free(sctx);
SSL_CTX_free(cctx);
return ret;
}
int main(int argc, char *argv[])
{
BIO *err;
int testresult = 0;
int currtest = 0;
SSL_library_init();
SSL_load_error_strings();
err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
CRYPTO_malloc_debug_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
confctx = SSL_CONF_CTX_new();
ctx = SSL_CTX_new(SSLv23_method());
ssl = SSL_new(ctx);
if (confctx == NULL || ctx == NULL)
goto end;
SSL_CONF_CTX_set_flags(confctx, SSL_CONF_FLAG_FILE
| SSL_CONF_FLAG_CLIENT
| SSL_CONF_FLAG_SERVER);
/*
* For each test set up an SSL_CTX and SSL and see whether SSLv2 is enabled
* as expected after various SSL_CONF_cmd("Protocol", ...) calls.
*/
for (currtest = 0; currtest < TOTAL_NUM_TESTS; currtest++) {
BIO_printf(err, "SSLv2 CONF Test number %d\n", currtest);
if (currtest == TEST_SSL_CTX)
SSL_CONF_CTX_set_ssl_ctx(confctx, ctx);
else
SSL_CONF_CTX_set_ssl(confctx, ssl);
/* SSLv2 should be off by default */
if (!checksslv2(currtest, SSLV2OFF)) {
BIO_printf(err, "SSLv2 CONF Test: Off by default test FAIL\n");
goto end;
}
if (SSL_CONF_cmd(confctx, "Protocol", "ALL") != 2
|| !SSL_CONF_CTX_finish(confctx)) {
BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n");
goto end;
}
/* Should still be off even after ALL Protocols on */
if (!checksslv2(currtest, SSLV2OFF)) {
BIO_printf(err, "SSLv2 CONF Test: Off after config #1 FAIL\n");
goto end;
}
if (SSL_CONF_cmd(confctx, "Protocol", "SSLv2") != 2
|| !SSL_CONF_CTX_finish(confctx)) {
BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n");
goto end;
}
/* Should still be off even if explicitly asked for */
if (!checksslv2(currtest, SSLV2OFF)) {
BIO_printf(err, "SSLv2 CONF Test: Off after config #2 FAIL\n");
goto end;
}
if (SSL_CONF_cmd(confctx, "Protocol", "-SSLv2") != 2
|| !SSL_CONF_CTX_finish(confctx)) {
BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n");;
goto end;
}
if (!checksslv2(currtest, SSLV2OFF)) {
BIO_printf(err, "SSLv2 CONF Test: Off after config #3 FAIL\n");
goto end;
}
if (currtest == TEST_SSL_CTX)
SSL_CTX_clear_options(ctx, SSL_OP_NO_SSLv2);
else
SSL_clear_options(ssl, SSL_OP_NO_SSLv2);
if (!checksslv2(currtest, SSLV2ON)) {
BIO_printf(err, "SSLv2 CONF Test: On after clear FAIL\n");
goto end;
}
if (SSL_CONF_cmd(confctx, "Protocol", "ALL") != 2
|| !SSL_CONF_CTX_finish(confctx)) {
BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n");
goto end;
}
/* Option has been cleared and config says have SSLv2 so should be on */
if (!checksslv2(currtest, SSLV2ON)) {
BIO_printf(err, "SSLv2 CONF Test: On after config #1 FAIL\n");
goto end;
}
if (SSL_CONF_cmd(confctx, "Protocol", "SSLv2") != 2
|| !SSL_CONF_CTX_finish(confctx)) {
BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n");
goto end;
}
/* Option has been cleared and config says have SSLv2 so should be on */
if (!checksslv2(currtest, SSLV2ON)) {
BIO_printf(err, "SSLv2 CONF Test: On after config #2 FAIL\n");
goto end;
}
if (SSL_CONF_cmd(confctx, "Protocol", "-SSLv2") != 2
|| !SSL_CONF_CTX_finish(confctx)) {
BIO_printf(err, "SSLv2 CONF Test: SSL_CONF command FAIL\n");
goto end;
}
/* Option has been cleared but config says no SSLv2 so should be off */
if (!checksslv2(currtest, SSLV2OFF)) {
BIO_printf(err, "SSLv2 CONF Test: Off after config #4 FAIL\n");
goto end;
}
}
testresult = 1;
end:
SSL_free(ssl);
SSL_CTX_free(ctx);
SSL_CONF_CTX_free(confctx);
if (!testresult) {
printf("SSLv2 CONF test: FAILED (Test %d)\n", currtest);
ERR_print_errors(err);
} else {
printf("SSLv2 CONF test: PASSED\n");
}
ERR_free_strings();
ERR_remove_thread_state(NULL);
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
CRYPTO_mem_leaks(err);
BIO_free(err);
return testresult ? EXIT_SUCCESS : EXIT_FAILURE;
}
int tls_init_library(void)
{
unsigned int rnd;
tls_cnx_handshook = 0;
tls_data_cnx_handshook = 0;
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
while (RAND_status() == 0) {
rnd = zrand();
RAND_seed(&rnd, (int) sizeof rnd);
}
if ((tls_ctx = SSL_CTX_new(SSLv23_server_method())) == NULL) {
tls_error(__LINE__, 0);
}
# ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
SSL_CTX_set_options(tls_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
# endif
# ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
SSL_CTX_set_options(tls_ctx,
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
# endif
SSL_CTX_set_options(tls_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(tls_ctx, SSL_OP_NO_SSLv3);
# ifdef SSL_OP_NO_TLSv1
SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1);
# endif
# ifdef SSL_OP_NO_TLSv1_1
SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_1);
# endif
# ifdef SSL_OP_NO_TLSv1_2
SSL_CTX_clear_options(tls_ctx, SSL_OP_NO_TLSv1_2);
# endif
if (tlsciphersuite != NULL) {
if (SSL_CTX_set_cipher_list(tls_ctx, tlsciphersuite) != 1) {
logfile(LOG_ERR, MSG_TLS_CIPHER_FAILED, tlsciphersuite);
_EXIT(EXIT_FAILURE);
}
}
if (SSL_CTX_use_certificate_chain_file(tls_ctx, cert_file) != 1) {
die(421, LOG_ERR,
MSG_FILE_DOESNT_EXIST ": [%s]", cert_file);
}
if (SSL_CTX_use_PrivateKey_file(tls_ctx, cert_file,
SSL_FILETYPE_PEM) != 1) {
tls_error(__LINE__, 0);
}
if (SSL_CTX_check_private_key(tls_ctx) != 1) {
tls_error(__LINE__, 0);
}
tls_init_cache();
# ifdef SSL_CTRL_SET_ECDH_AUTO
SSL_CTX_ctrl(tls_ctx, SSL_CTRL_SET_ECDH_AUTO, 1, NULL);
# else
tls_init_ecdh_curve();
# endif
# ifdef SSL_CTRL_SET_DH_AUTO
if (tls_init_dhparams() != 0) {
SSL_CTX_ctrl(tls_ctx, SSL_CTRL_SET_DH_AUTO, 1, NULL);
}
# else
if (tls_init_dhparams() != 0) {
tls_init_dhparams_default();
}
# endif
# ifdef DISABLE_SSL_RENEGOTIATION
SSL_CTX_set_info_callback(tls_ctx, ssl_info_cb);
# endif
SSL_CTX_set_verify_depth(tls_ctx, 6);
if (ssl_verify_client_cert) {
SSL_CTX_set_verify(tls_ctx, SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
SSL_VERIFY_PEER, NULL);
if (SSL_CTX_load_verify_locations(tls_ctx, cert_file, NULL) != 1) {
tls_error(__LINE__, 0);
}
}
return 0;
}
/*
Create and initialize an SSL configuration for a route. This configuration is used by all requests for
a given route. An application can have different SSL configurations for different routes. There is also
a default SSL configuration that is used when a route does not define a configuration and one for clients.
*/
static int configOss(MprSsl *ssl, int flags, char **errorMsg)
{
OpenConfig *cfg;
X509_STORE *store;
SSL_CTX *ctx;
cchar *key;
uchar resume[16];
int verifyMode;
assert(ssl);
if (ssl->config && !ssl->changed) {
return 0;
}
if ((ssl->config = mprAllocObj(OpenConfig, manageOpenConfig)) == 0) {
return MPR_ERR_MEMORY;
}
cfg = ssl->config;
if ((ctx = SSL_CTX_new(SSLv23_method())) == 0) {
mprLog("error openssl", 0, "Unable to create SSL context");
return MPR_ERR_CANT_INITIALIZE;
}
SSL_CTX_set_app_data(ctx, (void*) ssl);
if (ssl->verifyPeer && !(ssl->caFile || ssl->caPath)) {
*errorMsg = sfmt("Cannot verify peer due to undefined CA certificates");
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
/*
Configure the certificates
*/
if (ssl->certFile) {
if (setCertFile(ctx, ssl->certFile) < 0) {
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
key = (ssl->keyFile == 0) ? ssl->certFile : ssl->keyFile;
if (key) {
if (setKeyFile(ctx, key) < 0) {
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
if (!SSL_CTX_check_private_key(ctx)) {
mprLog("error openssl", 0, "Check of private key file failed: %s", key);
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
}
}
if (ssl->ciphers) {
ssl->ciphers = mapCipherNames(ssl->ciphers);
}
if (!ssl->ciphers && (flags & MPR_SOCKET_SERVER)) {
ssl->ciphers = sclone(OPENSSL_DEFAULT_CIPHERS);
}
if (ssl->ciphers) {
mprLog("info openssl", 5, "Using SSL ciphers: %s", ssl->ciphers);
if (SSL_CTX_set_cipher_list(ctx, ssl->ciphers) != 1) {
*errorMsg = sfmt("Unable to set cipher list \"%s\"", ssl->ciphers);
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
}
verifyMode = ssl->verifyPeer ? SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT : SSL_VERIFY_NONE;
if (verifyMode != SSL_VERIFY_NONE) {
if (!(ssl->caFile || ssl->caPath)) {
*errorMsg = sclone("No defined certificate authority file");
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
if ((!SSL_CTX_load_verify_locations(ctx, (char*) ssl->caFile, (char*) ssl->caPath)) ||
(!SSL_CTX_set_default_verify_paths(ctx))) {
*errorMsg = sfmt("Unable to set certificate locations: %s: %s", ssl->caFile, ssl->caPath);
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
if (ssl->caFile) {
STACK_OF(X509_NAME) *certNames;
certNames = SSL_load_client_CA_file(ssl->caFile);
if (certNames) {
/*
Define the list of CA certificates to send to the client
before they send their client certificate for validation
*/
SSL_CTX_set_client_CA_list(ctx, certNames);
}
}
store = SSL_CTX_get_cert_store(ctx);
if (ssl->revoke && !X509_STORE_load_locations(store, ssl->revoke, 0)) {
mprLog("error openssl", 0, "Cannot load certificate revoke list: %s", ssl->revoke);
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
if (flags & MPR_SOCKET_SERVER) {
SSL_CTX_set_verify_depth(ctx, ssl->verifyDepth);
}
}
/*
Define callbacks
*/
SSL_CTX_set_verify(ctx, verifyMode, verifyPeerCertificate);
if (flags & MPR_SOCKET_SERVER) {
SSL_CTX_set_tlsext_servername_callback(ctx, sniHostname);
}
/*
Configure DH parameters
*/
SSL_CTX_set_tmp_dh_callback(ctx, dhcallback);
cfg->dhKey = getDhKey();
/*
Define default OpenSSL options
Ensure we generate a new private key for each connection
Disable SSLv2 and SSLv3 by default -- they are insecure.
*/
cfg->setFlags = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_ECDH_USE | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
#ifdef SSL_OP_NO_TLSv1
if (!(ssl->protocols & MPR_PROTO_TLSV1)) {
cfg->setFlags |= SSL_OP_NO_TLSv1;
}
#endif
#ifdef SSL_OP_NO_TLSv1_1
if (!(ssl->protocols & MPR_PROTO_TLSV1_1)) {
cfg->setFlags |= SSL_OP_NO_TLSv1_1;
}
#endif
#ifdef SSL_OP_NO_TLSv1_2
if (!(ssl->protocols & MPR_PROTO_TLSV1_2)) {
cfg->setFlags |= SSL_OP_NO_TLSv1_2;
}
#endif
#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
cfg->setFlags |= SSL_OP_MSIE_SSLV2_RSA_PADDING;
#endif
#if defined(SSL_OP_NO_TICKET)
/*
Ticket based session reuse is enabled by default
*/
#if defined(ME_MPR_SSL_TICKET)
if (ME_MPR_SSL_TICKET) {
cfg->clearFlags |= SSL_OP_NO_TICKET;
} else {
cfg->setFlags |= SSL_OP_NO_TICKET;
}
#else
cfg->clearFlags |= SSL_OP_NO_TICKET;
#endif
#endif
#if defined(SSL_OP_NO_COMPRESSION)
/*
CRIME attack targets compression
*/
cfg->clearFlags |= SSL_OP_NO_COMPRESSION;
#endif
#if defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)
/*
Force a new session on renegotiation. Default to true.
This is required when using SNI and changing context during the SSL hello
*/
#if defined(ME_MPR_SSL_RENEGOTIATE)
if (ME_MPR_SSL_RENEGOTIATE) {
cfg->clearFlags |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
} else {
cfg->setFlags |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
}
#else
cfg->setFlags |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
#endif
#endif
#if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
/*
Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers.
Defaults to true.
*/
#if defined(ME_MPR_SSL_EMPTY_FRAGMENTS)
if (ME_MPR_SSL_EMPTY_FRAGMENTS) {
/* SSL_OP_ALL disables empty fragments. Only needed for ancient browsers like IE-6 on SSL-3.0/TLS-1.0 */
cfg->clearFlags |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
} else {
cfg->setFlags |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
}
#else
cfg->setFlags |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
#endif
#endif
/*
Define a session reuse context
*/
RAND_bytes(resume, sizeof(resume));
SSL_CTX_set_session_id_context(ctx, resume, sizeof(resume));
/*
Elliptic Curve initialization
*/
#if SSL_OP_SINGLE_ECDH_USE
#ifdef SSL_CTX_set_ecdh_auto
/* This is supported in OpenSSL 1.0.2 */
SSL_CTX_set_ecdh_auto(ctx, 1);
#else
{
EC_KEY *ecdh;
cchar *name;
int nid;
name = ME_MPR_SSL_CURVE;
if ((nid = OBJ_sn2nid(name)) == 0) {
*errorMsg = sfmt("Unknown curve name \"%s\"", name);
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0) {
*errorMsg = sfmt("Unable to create curve \"%s\"", name);
SSL_CTX_free(ctx);
return MPR_ERR_CANT_INITIALIZE;
}
SSL_CTX_set_tmp_ecdh(ctx, ecdh);
EC_KEY_free(ecdh);
}
#endif
#endif
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
SSL_CTX_set_mode(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
#endif
#if defined(ME_MPR_SSL_CACHE)
/*
Set the number of sessions supported. Default in OpenSSL is 20K.
*/
SSL_CTX_sess_set_cache_size(ctx, ME_MPR_SSL_CACHE);
#else
SSL_CTX_sess_set_cache_size(ctx, 1024);
#endif
SSL_CTX_set_options(ctx, cfg->setFlags);
SSL_CTX_clear_options(ctx, cfg->clearFlags);
cfg->ctx = ctx;
ssl->changed = 0;
ssl->config = cfg;
return 0;
}
int context_init(SERVICE_OPTIONS *section) { /* init SSL context */
/* create SSL context */
if(section->option.client)
section->ctx=SSL_CTX_new(section->client_method);
else /* server mode */
section->ctx=SSL_CTX_new(section->server_method);
if(!section->ctx) {
sslerror("SSL_CTX_new");
return 1; /* FAILED */
}
SSL_CTX_set_ex_data(section->ctx, index_opt, section); /* for callbacks */
/* load certificate and private key to be verified by the peer server */
#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER>=0x0090809fL
/* SSL_CTX_set_client_cert_engine() was introduced in OpenSSL 0.9.8i */
if(section->option.client && section->engine) {
if(SSL_CTX_set_client_cert_engine(section->ctx, section->engine))
s_log(LOG_INFO, "Client certificate engine (%s) enabled",
ENGINE_get_id(section->engine));
else /* no client certificate functionality in this engine */
sslerror("SSL_CTX_set_client_cert_engine"); /* ignore error */
}
#endif
if(auth_init(section))
return 1; /* FAILED */
/* initialize verification of the peer server certificate */
if(verify_init(section))
return 1; /* FAILED */
/* initialize DH/ECDH server mode */
if(!section->option.client) {
#ifndef OPENSSL_NO_TLSEXT
SSL_CTX_set_tlsext_servername_arg(section->ctx, section);
SSL_CTX_set_tlsext_servername_callback(section->ctx, servername_cb);
#endif /* OPENSSL_NO_TLSEXT */
#ifndef OPENSSL_NO_DH
dh_init(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
ecdh_init(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_ECDH */
}
/* setup session cache */
if(!section->option.client) {
unsigned servname_len=(unsigned)strlen(section->servname);
if(servname_len>SSL_MAX_SSL_SESSION_ID_LENGTH)
servname_len=SSL_MAX_SSL_SESSION_ID_LENGTH;
if(!SSL_CTX_set_session_id_context(section->ctx,
(unsigned char *)section->servname, servname_len)) {
sslerror("SSL_CTX_set_session_id_context");
return 1; /* FAILED */
}
}
#ifdef SSL_SESS_CACHE_NO_INTERNAL_STORE
/* the default cache mode is just SSL_SESS_CACHE_SERVER */
SSL_CTX_set_session_cache_mode(section->ctx,
SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_STORE);
#endif
SSL_CTX_sess_set_cache_size(section->ctx, section->session_size);
SSL_CTX_set_timeout(section->ctx, section->session_timeout);
SSL_CTX_sess_set_new_cb(section->ctx, sess_new_cb);
SSL_CTX_sess_set_get_cb(section->ctx, sess_get_cb);
SSL_CTX_sess_set_remove_cb(section->ctx, sess_remove_cb);
/* set info callback */
SSL_CTX_set_info_callback(section->ctx, info_callback);
/* ciphers, options, mode */
if(section->cipher_list)
if(!SSL_CTX_set_cipher_list(section->ctx, section->cipher_list)) {
sslerror("SSL_CTX_set_cipher_list");
return 1; /* FAILED */
}
SSL_CTX_set_options(section->ctx,
(SSL_OPTIONS_TYPE)(section->ssl_options_set));
#if OPENSSL_VERSION_NUMBER>=0x009080dfL
SSL_CTX_clear_options(section->ctx,
(SSL_OPTIONS_TYPE)(section->ssl_options_clear));
s_log(LOG_DEBUG, "SSL options: 0x%08lX (+0x%08lX, -0x%08lX)",
SSL_CTX_get_options(section->ctx),
section->ssl_options_set, section->ssl_options_clear);
#else /* OpenSSL older than 0.9.8m */
s_log(LOG_DEBUG, "SSL options: 0x%08lX (+0x%08lX)",
SSL_CTX_get_options(section->ctx),
section->ssl_options_set);
#endif /* OpenSSL 0.9.8m or later */
/* initialize OpenSSL CONF options */
if(conf_init(section))
return 1; /* FAILED */
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_RELEASE_BUFFERS);
#else
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#endif
return 0; /* OK */
}
/*
* this may now get called after the vhost creation, when certs become
* available.
*/
int
lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi,
const char *cert, const char *private_key,
const char *mem_cert, size_t mem_cert_len,
const char *mem_privkey, size_t mem_privkey_len)
{
#if !defined(OPENSSL_NO_EC)
const char *ecdh_curve = "prime256v1";
#if !defined(LWS_WITH_BORINGSSL) && defined(LWS_HAVE_SSL_EXTRA_CHAIN_CERTS)
STACK_OF(X509) *extra_certs = NULL;
#endif
EC_KEY *ecdh, *EC_key = NULL;
EVP_PKEY *pkey;
X509 *x = NULL;
int ecdh_nid;
int KeyType;
#endif
unsigned long error;
lws_filepos_t flen;
uint8_t *p;
int ret;
int n = lws_tls_generic_cert_checks(vhost, cert, private_key), m;
(void)ret;
if (!cert && !private_key)
n = LWS_TLS_EXTANT_ALTERNATIVE;
if (n == LWS_TLS_EXTANT_NO && (!mem_cert || !mem_privkey))
return 0;
if (n == LWS_TLS_EXTANT_NO)
n = LWS_TLS_EXTANT_ALTERNATIVE;
if (n == LWS_TLS_EXTANT_ALTERNATIVE && (!mem_cert || !mem_privkey))
return 1; /* no alternative */
if (n == LWS_TLS_EXTANT_ALTERNATIVE) {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
/*
* Although we have prepared update certs, we no longer have
* the rights to read our own cert + key we saved.
*
* If we were passed copies in memory buffers, use those
* in favour of the filepaths we normally want.
*/
cert = NULL;
private_key = NULL;
}
/*
* use the multi-cert interface for backwards compatibility in the
* both simple files case
*/
if (n != LWS_TLS_EXTANT_ALTERNATIVE && cert) {
/* set the local certificate from CertFile */
m = SSL_CTX_use_certificate_chain_file(vhost->tls.ssl_ctx, cert);
if (m != 1) {
error = ERR_get_error();
lwsl_err("problem getting cert '%s' %lu: %s\n",
cert, error, ERR_error_string(error,
(char *)vhost->context->pt[0].serv_buf));
return 1;
}
if (private_key) {
/* set the private key from KeyFile */
if (SSL_CTX_use_PrivateKey_file(vhost->tls.ssl_ctx, private_key,
SSL_FILETYPE_PEM) != 1) {
error = ERR_get_error();
lwsl_err("ssl problem getting key '%s' %lu: %s\n",
private_key, error,
ERR_error_string(error,
(char *)vhost->context->pt[0].serv_buf));
return 1;
}
} else {
if (vhost->protocols[0].callback(wsi,
LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY,
vhost->tls.ssl_ctx, NULL, 0)) {
lwsl_err("ssl private key not set\n");
return 1;
}
}
return 0;
}
/* otherwise allow for DER or PEM, file or memory image */
if (lws_tls_alloc_pem_to_der_file(vhost->context, cert, mem_cert,
mem_cert_len, &p, &flen)) {
lwsl_err("%s: couldn't read cert file\n", __func__);
return 1;
}
#if !defined(USE_WOLFSSL)
ret = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx, (int)flen, p);
#else
ret = wolfSSL_CTX_use_certificate_buffer(vhost->tls.ssl_ctx,
(uint8_t *)p, (int)flen,
WOLFSSL_FILETYPE_ASN1);
#endif
lws_free_set_NULL(p);
if (ret != 1) {
lwsl_err("%s: Problem loading cert\n", __func__);
return 1;
}
if (lws_tls_alloc_pem_to_der_file(vhost->context, private_key,
mem_privkey, mem_privkey_len,
&p, &flen)) {
lwsl_notice("unable to convert memory privkey\n");
return 1;
}
#if !defined(USE_WOLFSSL)
ret = SSL_CTX_use_PrivateKey_ASN1(EVP_PKEY_RSA, vhost->tls.ssl_ctx, p,
(long)(long long)flen);
if (ret != 1) {
ret = SSL_CTX_use_PrivateKey_ASN1(EVP_PKEY_EC,
vhost->tls.ssl_ctx, p,
(long)(long long)flen);
}
#else
ret = wolfSSL_CTX_use_PrivateKey_buffer(vhost->tls.ssl_ctx, p, flen,
WOLFSSL_FILETYPE_ASN1);
#endif
lws_free_set_NULL(p);
if (ret != 1) {
lwsl_notice("unable to use memory privkey\n");
return 1;
}
#else
/*
* Although we have prepared update certs, we no longer have
* the rights to read our own cert + key we saved.
*
* If we were passed copies in memory buffers, use those
* instead.
*
* The passed memory-buffer cert image is in DER, and the
* memory-buffer private key image is PEM.
*/
#ifndef USE_WOLFSSL
if (SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx,
(int)mem_cert_len,
(uint8_t *)mem_cert) != 1) {
#else
if (wolfSSL_CTX_use_certificate_buffer(vhost->tls.ssl_ctx,
(uint8_t *)mem_cert,
(int)mem_cert_len,
WOLFSSL_FILETYPE_ASN1) != 1) {
#endif
lwsl_err("Problem loading update cert\n");
return 1;
}
if (lws_tls_alloc_pem_to_der_file(vhost->context, NULL,
mem_privkey, mem_privkey_len,
&p, &flen)) {
lwsl_notice("unable to convert memory privkey\n");
return 1;
}
#ifndef USE_WOLFSSL
if (SSL_CTX_use_PrivateKey_ASN1(EVP_PKEY_RSA,
vhost->tls.ssl_ctx, p,
(long)(long long)flen) != 1) {
#else
if (wolfSSL_CTX_use_PrivateKey_buffer(vhost->tls.ssl_ctx, p,
flen, WOLFSSL_FILETYPE_ASN1) != 1) {
#endif
lwsl_notice("unable to use memory privkey\n");
return 1;
}
goto check_key;
}
/* set the local certificate from CertFile */
m = SSL_CTX_use_certificate_chain_file(vhost->tls.ssl_ctx, cert);
if (m != 1) {
error = ERR_get_error();
lwsl_err("problem getting cert '%s' %lu: %s\n",
cert, error, ERR_error_string(error,
(char *)vhost->context->pt[0].serv_buf));
return 1;
}
if (n != LWS_TLS_EXTANT_ALTERNATIVE && private_key) {
/* set the private key from KeyFile */
if (SSL_CTX_use_PrivateKey_file(vhost->tls.ssl_ctx, private_key,
SSL_FILETYPE_PEM) != 1) {
error = ERR_get_error();
lwsl_err("ssl problem getting key '%s' %lu: %s\n",
private_key, error,
ERR_error_string(error,
(char *)vhost->context->pt[0].serv_buf));
return 1;
}
} else {
if (vhost->protocols[0].callback(wsi,
LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY,
vhost->tls.ssl_ctx, NULL, 0)) {
lwsl_err("ssl private key not set\n");
return 1;
}
}
check_key:
#endif
/* verify private key */
if (!SSL_CTX_check_private_key(vhost->tls.ssl_ctx)) {
lwsl_err("Private SSL key doesn't match cert\n");
return 1;
}
#if !defined(OPENSSL_NO_EC)
if (vhost->tls.ecdh_curve[0])
ecdh_curve = vhost->tls.ecdh_curve;
ecdh_nid = OBJ_sn2nid(ecdh_curve);
if (NID_undef == ecdh_nid) {
lwsl_err("SSL: Unknown curve name '%s'", ecdh_curve);
return 1;
}
ecdh = EC_KEY_new_by_curve_name(ecdh_nid);
if (NULL == ecdh) {
lwsl_err("SSL: Unable to create curve '%s'", ecdh_curve);
return 1;
}
SSL_CTX_set_tmp_ecdh(vhost->tls.ssl_ctx, ecdh);
EC_KEY_free(ecdh);
SSL_CTX_set_options(vhost->tls.ssl_ctx, SSL_OP_SINGLE_ECDH_USE);
lwsl_notice(" SSL ECDH curve '%s'\n", ecdh_curve);
if (lws_check_opt(vhost->context->options, LWS_SERVER_OPTION_SSL_ECDH))
lwsl_notice(" Using ECDH certificate support\n");
/* Get X509 certificate from ssl context */
#if !defined(LWS_WITH_BORINGSSL)
#if !defined(LWS_HAVE_SSL_EXTRA_CHAIN_CERTS)
x = sk_X509_value(vhost->tls.ssl_ctx->extra_certs, 0);
#else
SSL_CTX_get_extra_chain_certs_only(vhost->tls.ssl_ctx, &extra_certs);
if (extra_certs)
x = sk_X509_value(extra_certs, 0);
else
lwsl_info("%s: no extra certs\n", __func__);
#endif
if (!x) {
//lwsl_err("%s: x is NULL\n", __func__);
goto post_ecdh;
}
#else
return 0;
#endif
/* Get the public key from certificate */
pkey = X509_get_pubkey(x);
if (!pkey) {
lwsl_err("%s: pkey is NULL\n", __func__);
return 1;
}
/* Get the key type */
KeyType = EVP_PKEY_type(EVP_PKEY_id(pkey));
if (EVP_PKEY_EC != KeyType) {
lwsl_notice("Key type is not EC\n");
return 0;
}
/* Get the key */
EC_key = EVP_PKEY_get1_EC_KEY(pkey);
/* Set ECDH parameter */
if (!EC_key) {
lwsl_err("%s: ECDH key is NULL \n", __func__);
return 1;
}
SSL_CTX_set_tmp_ecdh(vhost->tls.ssl_ctx, EC_key);
EC_KEY_free(EC_key);
#else
lwsl_notice(" OpenSSL doesn't support ECDH\n");
#endif
#if !defined(OPENSSL_NO_EC) && !defined(LWS_WITH_BORINGSSL)
post_ecdh:
#endif
vhost->tls.skipped_certs = 0;
return 0;
}
int
lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info,
struct lws_vhost *vhost, struct lws *wsi)
{
unsigned long error;
SSL_METHOD *method = (SSL_METHOD *)SSLv23_server_method();
if (!method) {
error = ERR_get_error();
lwsl_err("problem creating ssl method %lu: %s\n",
error, ERR_error_string(error,
(char *)vhost->context->pt[0].serv_buf));
return 1;
}
vhost->tls.ssl_ctx = SSL_CTX_new(method); /* create context */
if (!vhost->tls.ssl_ctx) {
error = ERR_get_error();
lwsl_err("problem creating ssl context %lu: %s\n",
error, ERR_error_string(error,
(char *)vhost->context->pt[0].serv_buf));
return 1;
}
SSL_CTX_set_ex_data(vhost->tls.ssl_ctx,
openssl_SSL_CTX_private_data_index,
(char *)vhost->context);
/* Disable SSLv2 and SSLv3 */
SSL_CTX_set_options(vhost->tls.ssl_ctx, SSL_OP_NO_SSLv2 |
SSL_OP_NO_SSLv3);
#ifdef SSL_OP_NO_COMPRESSION
SSL_CTX_set_options(vhost->tls.ssl_ctx, SSL_OP_NO_COMPRESSION);
#endif
SSL_CTX_set_options(vhost->tls.ssl_ctx, SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_options(vhost->tls.ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
if (info->ssl_cipher_list)
SSL_CTX_set_cipher_list(vhost->tls.ssl_ctx, info->ssl_cipher_list);
#if defined(LWS_HAVE_SSL_CTX_set_ciphersuites)
if (info->tls1_3_plus_cipher_list)
SSL_CTX_set_ciphersuites(vhost->tls.ssl_ctx,
info->tls1_3_plus_cipher_list);
#endif
#if !defined(OPENSSL_NO_TLSEXT)
SSL_CTX_set_tlsext_servername_callback(vhost->tls.ssl_ctx,
lws_ssl_server_name_cb);
SSL_CTX_set_tlsext_servername_arg(vhost->tls.ssl_ctx, vhost->context);
#endif
if (info->ssl_ca_filepath &&
!SSL_CTX_load_verify_locations(vhost->tls.ssl_ctx,
info->ssl_ca_filepath, NULL)) {
lwsl_err("%s: SSL_CTX_load_verify_locations unhappy\n",
__func__);
}
if (info->ssl_options_set)
SSL_CTX_set_options(vhost->tls.ssl_ctx, info->ssl_options_set);
/* SSL_clear_options introduced in 0.9.8m */
#if (OPENSSL_VERSION_NUMBER >= 0x009080df) && !defined(USE_WOLFSSL)
if (info->ssl_options_clear)
SSL_CTX_clear_options(vhost->tls.ssl_ctx,
info->ssl_options_clear);
#endif
lwsl_info(" SSL options 0x%lX\n",
(unsigned long)SSL_CTX_get_options(vhost->tls.ssl_ctx));
if (!vhost->tls.use_ssl ||
(!info->ssl_cert_filepath && !info->server_ssl_cert_mem))
return 0;
lws_ssl_bind_passphrase(vhost->tls.ssl_ctx, info);
return lws_tls_server_certs_load(vhost, wsi, info->ssl_cert_filepath,
info->ssl_private_key_filepath,
info->server_ssl_cert_mem,
info->server_ssl_cert_mem_len,
info->server_ssl_private_key_mem,
info->server_ssl_private_key_mem_len);
}
/* Init necessary structures for SSL in WebIf*/
SSL_CTX *SSL_Webif_Init(void)
{
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
ERR_load_SSL_strings();
SSL_CTX *ctx;
static const char *cs_cert = "oscam.pem";
if(pthread_key_create(&getssl, NULL))
{
cs_log("Could not create getssl");
}
// set locking callbacks for SSL
int32_t i, num = CRYPTO_num_locks();
lock_cs = (CS_MUTEX_LOCK *) OPENSSL_malloc(num * sizeof(CS_MUTEX_LOCK));
for(i = 0; i < num; ++i)
{
cs_lock_create(&lock_cs[i], "ssl_lock_cs", 10000);
}
/* static lock callbacks */
CRYPTO_set_id_callback(SSL_id_function);
CRYPTO_set_locking_callback(SSL_locking_function);
/* dynamic lock callbacks */
CRYPTO_set_dynlock_create_callback(SSL_dyn_create_function);
CRYPTO_set_dynlock_lock_callback(SSL_dyn_lock_function);
CRYPTO_set_dynlock_destroy_callback(SSL_dyn_destroy_function);
if(cfg.http_force_sslv3)
{
ctx = SSL_CTX_new(SSLv3_server_method());
#ifdef SSL_CTX_clear_options
SSL_CTX_clear_options(ctx, SSL_OP_ALL); //we CLEAR all bug workarounds! This is for security reason
#else
cs_log("WARNING: You enabled to force sslv3 but your system does not support to clear the ssl workarounds! SSL security will be reduced!");
#endif
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); // we force SSL v3 !
SSL_CTX_set_cipher_list(ctx, SSL_TXT_RC4);
}
else
{ ctx = SSL_CTX_new(SSLv23_server_method()); }
char path[128];
if(!cfg.http_cert)
{ get_config_filename(path, sizeof(path), cs_cert); }
else
{ cs_strncpy(path, cfg.http_cert, sizeof(path)); }
if(!ctx)
{
ERR_print_errors_fp(stderr);
return NULL;
}
if(SSL_CTX_use_certificate_file(ctx, path, SSL_FILETYPE_PEM) <= 0)
{
ERR_print_errors_fp(stderr);
return NULL;
}
if(SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0)
{
ERR_print_errors_fp(stderr);
return NULL;
}
if(!SSL_CTX_check_private_key(ctx))
{
cs_log("SSL: Private key does not match the certificate public key");
return NULL;
}
cs_log("load ssl certificate file %s", path);
return ctx;
}
/*
Create and initialize an SSL configuration for a route. This configuration is used by all requests for
a given route. An application can have different SSL configurations for different routes. There is also
a default SSL configuration that is used when a route does not define a configuration and one for clients.
*/
static OpenConfig *createOpenSslConfig(MprSocket *sp)
{
MprSsl *ssl;
OpenConfig *cfg;
X509_STORE *store;
SSL_CTX *context;
cchar *key;
uchar resume[16];
int verifyMode;
ssl = sp->ssl;
assert(ssl);
if ((ssl->config = mprAllocObj(OpenConfig, manageOpenConfig)) == 0) {
return 0;
}
cfg = ssl->config;
if ((context = SSL_CTX_new(SSLv23_method())) == 0) {
mprLog("error openssl", 0, "Unable to create SSL context");
return 0;
}
SSL_CTX_set_app_data(context, (void*) ssl);
if (ssl->verifyPeer && !(ssl->caFile || ssl->caPath)) {
sp->errorMsg = sfmt("Cannot verify peer due to undefined CA certificates");
SSL_CTX_free(context);
return 0;
}
/*
Configure the certificates
*/
if (ssl->certFile) {
if (SSL_CTX_use_certificate_chain_file(context, ssl->certFile) <= 0) {
if (SSL_CTX_use_certificate_file(context, ssl->certFile, SSL_FILETYPE_ASN1) <= 0) {
mprLog("error openssl", 0, "Cannot open certificate file: %s", ssl->certFile);
SSL_CTX_free(context);
return 0;
}
}
key = (ssl->keyFile == 0) ? ssl->certFile : ssl->keyFile;
if (key) {
if (SSL_CTX_use_PrivateKey_file(context, key, SSL_FILETYPE_PEM) <= 0) {
/* attempt ASN1 for self-signed format */
if (SSL_CTX_use_PrivateKey_file(context, key, SSL_FILETYPE_ASN1) <= 0) {
mprLog("error openssl", 0, "Cannot open private key file: %s", key);
SSL_CTX_free(context);
return 0;
}
}
if (!SSL_CTX_check_private_key(context)) {
mprLog("error openssl", 0, "Check of private key file failed: %s", key);
SSL_CTX_free(context);
return 0;
}
}
}
if (ssl->ciphers) {
ssl->ciphers = mapCipherNames(ssl->ciphers);
}
if (!ssl->ciphers && (sp->flags & MPR_SOCKET_SERVER)) {
ssl->ciphers = sclone(OPENSSL_DEFAULT_CIPHERS);
}
if (ssl->ciphers) {
mprLog("info openssl", 5, "Using SSL ciphers: %s", ssl->ciphers);
if (SSL_CTX_set_cipher_list(context, ssl->ciphers) != 1) {
sp->errorMsg = sfmt("Unable to set cipher list \"%s\". %s", ssl->ciphers, getOssError(sp));
SSL_CTX_free(context);
return 0;
}
}
verifyMode = ssl->verifyPeer ? SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT : SSL_VERIFY_NONE;
if (verifyMode != SSL_VERIFY_NONE) {
if (!(ssl->caFile || ssl->caPath)) {
sp->errorMsg = sclone("No defined certificate authority file");
SSL_CTX_free(context);
return 0;
}
if ((!SSL_CTX_load_verify_locations(context, (char*) ssl->caFile, (char*) ssl->caPath)) ||
(!SSL_CTX_set_default_verify_paths(context))) {
sp->errorMsg = sfmt("Unable to set certificate locations: %s: %s", ssl->caFile, ssl->caPath);
SSL_CTX_free(context);
return 0;
}
if (ssl->caFile) {
STACK_OF(X509_NAME) *certNames;
certNames = SSL_load_client_CA_file(ssl->caFile);
if (certNames) {
/*
Define the list of CA certificates to send to the client
before they send their client certificate for validation
*/
SSL_CTX_set_client_CA_list(context, certNames);
}
}
store = SSL_CTX_get_cert_store(context);
if (ssl->revokeList && !X509_STORE_load_locations(store, ssl->revokeList, 0)) {
mprLog("error openssl", 0, "Cannot load certificate revoke list: %s", ssl->revokeList);
SSL_CTX_free(context);
return 0;
}
if (sp->flags & MPR_SOCKET_SERVER) {
SSL_CTX_set_verify_depth(context, ssl->verifyDepth);
}
}
/*
Define callbacks
*/
SSL_CTX_set_verify(context, verifyMode, verifyPeerCertificate);
/*
Configure DH parameters
*/
SSL_CTX_set_tmp_dh_callback(context, dhcallback);
cfg->dhKey = getDhKey();
/*
Define default OpenSSL options
*/
SSL_CTX_set_options(context, SSL_OP_ALL);
/*
Ensure we generate a new private key for each connection
*/
SSL_CTX_set_options(context, SSL_OP_SINGLE_DH_USE);
/*
Define a session reuse context
*/
RAND_bytes(resume, sizeof(resume));
SSL_CTX_set_session_id_context(context, resume, sizeof(resume));
/*
Elliptic Curve initialization
*/
#if SSL_OP_SINGLE_ECDH_USE
#ifdef SSL_CTX_set_ecdh_auto
SSL_CTX_set_ecdh_auto(context, 1);
#else
{
EC_KEY *ecdh;
cchar *name;
int nid;
name = ME_MPR_SSL_CURVE;
if ((nid = OBJ_sn2nid(name)) == 0) {
sp->errorMsg = sfmt("Unknown curve name \"%s\"", name);
SSL_CTX_free(context);
return 0;
}
if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0) {
sp->errorMsg = sfmt("Unable to create curve \"%s\"", name);
SSL_CTX_free(context);
return 0;
}
SSL_CTX_set_options(context, SSL_OP_SINGLE_ECDH_USE);
SSL_CTX_set_tmp_ecdh(context, ecdh);
EC_KEY_free(ecdh);
}
#endif
#endif
SSL_CTX_set_mode(context, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_AUTO_RETRY | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
SSL_CTX_set_options(context, SSL_OP_MSIE_SSLV2_RSA_PADDING);
#endif
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(context, SSL_MODE_RELEASE_BUFFERS);
#endif
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
SSL_CTX_set_mode(context, SSL_OP_CIPHER_SERVER_PREFERENCE);
#endif
/*
Select the required protocols
Disable SSLv2 and SSLv3 by default -- they are insecure.
*/
SSL_CTX_set_options(context, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(context, SSL_OP_NO_SSLv3);
#ifdef SSL_OP_NO_TLSv1
if (!(ssl->protocols & MPR_PROTO_TLSV1)) {
SSL_CTX_set_options(context, SSL_OP_NO_TLSv1);
}
#endif
#ifdef SSL_OP_NO_TLSv1_1
if (!(ssl->protocols & MPR_PROTO_TLSV1_1)) {
SSL_CTX_set_options(context, SSL_OP_NO_TLSv1_1);
}
#endif
#ifdef SSL_OP_NO_TLSv1_2
if (!(ssl->protocols & MPR_PROTO_TLSV1_2)) {
SSL_CTX_set_options(context, SSL_OP_NO_TLSv1_2);
}
#endif
/*
Options set via main.me mpr.ssl.*
*/
#if defined(SSL_OP_NO_TICKET)
/*
Ticket based session reuse is enabled by default
*/
#if defined(ME_MPR_SSL_TICKET)
if (ME_MPR_SSL_TICKET) {
SSL_CTX_clear_options(context, SSL_OP_NO_TICKET);
} else {
SSL_CTX_set_options(context, SSL_OP_NO_TICKET);
}
#else
SSL_CTX_clear_options(context, SSL_OP_NO_TICKET);
#endif
#endif
#if defined(SSL_OP_NO_COMPRESSION)
/*
Use of compression is not secure. Disabled by default.
*/
#if defined(ME_MPR_SSL_COMPRESSION)
if (ME_MPR_SSL_COMPRESSION) {
SSL_CTX_clear_options(context, SSL_OP_NO_COMPRESSION);
} else {
SSL_CTX_set_options(context, SSL_OP_NO_COMPRESSION);
}
#else
/*
CRIME attack targets compression
*/
SSL_CTX_clear_options(context, SSL_OP_NO_COMPRESSION);
#endif
#endif
#if defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)
/*
Force a new session on renegotiation. Default to true.
*/
#if defined(ME_MPR_SSL_RENEGOTIATE)
if (ME_MPR_SSL_RENEGOTIATE) {
SSL_CTX_clear_options(context, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
} else {
SSL_CTX_set_options(context, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
}
#else
SSL_CTX_set_options(context, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
#endif
#endif
#if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
/*
Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers.
Defaults to true.
*/
#if defined(ME_MPR_SSL_EMPTY_FRAGMENTS)
if (ME_MPR_SSL_EMPTY_FRAGMENTS) {
/* SSL_OP_ALL disables empty fragments. Only needed for ancient browsers like IE-6 on SSL-3.0/TLS-1.0 */
SSL_CTX_clear_options(context, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
} else {
SSL_CTX_set_options(context, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
}
#else
SSL_CTX_set_options(context, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
#endif
#endif
#if defined(ME_MPR_SSL_CACHE)
/*
Set the number of sessions supported. Default in OpenSSL is 20K.
*/
SSL_CTX_sess_set_cache_size(context, ME_MPR_SSL_CACHE);
#else
SSL_CTX_sess_set_cache_size(context, 1024);
#endif
cfg->context = context;
return cfg;
}
