summaryrefslogtreecommitdiff
path: root/src/lib/libssl/src/ssl/ssltest.c
diff options
context:
space:
mode:
authorryker <>1998-10-05 20:13:15 +0000
committerryker <>1998-10-05 20:13:15 +0000
commit536c76cbb863bab152f19842ab88772c01e922c7 (patch)
treedfecec371a097b73d605aae665887946d9982219 /src/lib/libssl/src/ssl/ssltest.c
downloadopenbsd-536c76cbb863bab152f19842ab88772c01e922c7.tar.gz
openbsd-536c76cbb863bab152f19842ab88772c01e922c7.tar.bz2
openbsd-536c76cbb863bab152f19842ab88772c01e922c7.zip
Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build
functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
Diffstat (limited to 'src/lib/libssl/src/ssl/ssltest.c')
-rw-r--r--src/lib/libssl/src/ssl/ssltest.c751
1 files changed, 751 insertions, 0 deletions
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c
new file mode 100644
index 0000000000..f9dca4e3ef
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -0,0 +1,751 @@
1/* ssl/ssltest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include <errno.h>
63#include "e_os.h"
64#include "bio.h"
65#include "crypto.h"
66#include "x509.h"
67#include "ssl.h"
68#include "err.h"
69#ifdef WINDOWS
70#include "../crypto/bio/bss_file.c"
71#endif
72
73#define TEST_SERVER_CERT "../apps/server.pem"
74#define TEST_CLIENT_CERT "../apps/client.pem"
75
76#ifndef NOPROTO
77int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
78static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export);
79#ifndef NO_DSA
80static DH *get_dh512(void);
81#endif
82#else
83int MS_CALLBACK verify_callback();
84static RSA MS_CALLBACK *tmp_rsa_cb();
85#ifndef NO_DSA
86static DH *get_dh512();
87#endif
88#endif
89
90BIO *bio_err=NULL;
91BIO *bio_stdout=NULL;
92
93static char *cipher=NULL;
94int verbose=0;
95int debug=0;
96#ifdef FIONBIO
97static int s_nbio=0;
98#endif
99
100
101#ifndef NOPROTO
102int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
103#else
104int doit();
105#endif
106
107static void sv_usage()
108 {
109 fprintf(stderr,"usage: ssltest [args ...]\n");
110 fprintf(stderr,"\n");
111 fprintf(stderr," -server_auth - check server certificate\n");
112 fprintf(stderr," -client_auth - do client authentication\n");
113 fprintf(stderr," -v - more output\n");
114 fprintf(stderr," -d - debug output\n");
115 fprintf(stderr," -reuse - use session-id reuse\n");
116 fprintf(stderr," -num <val> - number of connections to perform\n");
117 fprintf(stderr," -bytes <val> - number of bytes to swap between client/server\n");
118#ifndef NO_SSL2
119 fprintf(stderr," -ssl2 - use SSLv2\n");
120#endif
121#ifndef NO_SSL3
122 fprintf(stderr," -ssl3 - use SSLv3\n");
123#endif
124#ifndef NO_TLS1
125 fprintf(stderr," -tls1 - use TLSv1\n");
126#endif
127 fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
128 fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
129 fprintf(stderr," -cert arg - Certificate file\n");
130 fprintf(stderr," -s_cert arg - Just the server certificate file\n");
131 fprintf(stderr," -c_cert arg - Just the client certificate file\n");
132 fprintf(stderr," -cipher arg - The cipher list\n");
133 }
134
135int main(argc, argv)
136int argc;
137char *argv[];
138 {
139 char *CApath=NULL,*CAfile=NULL;
140 int badop=0;
141 int tls1=0,ssl2=0,ssl3=0,ret=1;
142 int client_auth=0;
143 int server_auth=0,i;
144 char *server_cert=TEST_SERVER_CERT;
145 char *client_cert=TEST_CLIENT_CERT;
146 SSL_CTX *s_ctx=NULL;
147 SSL_CTX *c_ctx=NULL;
148 SSL_METHOD *meth=NULL;
149 SSL *c_ssl,*s_ssl;
150 int number=1,reuse=0;
151 long bytes=1L;
152 SSL_CIPHER *ciph;
153#ifndef NO_DH
154 DH *dh;
155#endif
156
157 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
158 bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
159
160 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
161
162 argc--;
163 argv++;
164
165 while (argc >= 1)
166 {
167 if (strcmp(*argv,"-server_auth") == 0)
168 server_auth=1;
169 else if (strcmp(*argv,"-client_auth") == 0)
170 client_auth=1;
171 else if (strcmp(*argv,"-v") == 0)
172 verbose=1;
173 else if (strcmp(*argv,"-d") == 0)
174 debug=1;
175 else if (strcmp(*argv,"-reuse") == 0)
176 reuse=1;
177 else if (strcmp(*argv,"-ssl2") == 0)
178 ssl2=1;
179 else if (strcmp(*argv,"-tls1") == 0)
180 tls1=1;
181 else if (strcmp(*argv,"-ssl3") == 0)
182 ssl3=1;
183 else if (strncmp(*argv,"-num",4) == 0)
184 {
185 if (--argc < 1) goto bad;
186 number= atoi(*(++argv));
187 if (number == 0) number=1;
188 }
189 else if (strcmp(*argv,"-bytes") == 0)
190 {
191 if (--argc < 1) goto bad;
192 bytes= atol(*(++argv));
193 if (bytes == 0L) bytes=1L;
194 i=strlen(argv[0]);
195 if (argv[0][i-1] == 'k') bytes*=1024L;
196 if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
197 }
198 else if (strcmp(*argv,"-cert") == 0)
199 {
200 if (--argc < 1) goto bad;
201 server_cert= *(++argv);
202 }
203 else if (strcmp(*argv,"-s_cert") == 0)
204 {
205 if (--argc < 1) goto bad;
206 server_cert= *(++argv);
207 }
208 else if (strcmp(*argv,"-c_cert") == 0)
209 {
210 if (--argc < 1) goto bad;
211 client_cert= *(++argv);
212 }
213 else if (strcmp(*argv,"-cipher") == 0)
214 {
215 if (--argc < 1) goto bad;
216 cipher= *(++argv);
217 }
218 else if (strcmp(*argv,"-CApath") == 0)
219 {
220 if (--argc < 1) goto bad;
221 CApath= *(++argv);
222 }
223 else if (strcmp(*argv,"-CAfile") == 0)
224 {
225 if (--argc < 1) goto bad;
226 CAfile= *(++argv);
227 }
228 else
229 {
230 fprintf(stderr,"unknown option %s\n",*argv);
231 badop=1;
232 break;
233 }
234 argc--;
235 argv++;
236 }
237 if (badop)
238 {
239bad:
240 sv_usage();
241 goto end;
242 }
243
244/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
245
246 SSLeay_add_ssl_algorithms();
247 SSL_load_error_strings();
248
249#if !defined(NO_SSL2) && !defined(NO_SSL3)
250 if (ssl2)
251 meth=SSLv2_method();
252 else
253 if (tls1)
254 meth=TLSv1_method();
255 else
256 if (ssl3)
257 meth=SSLv3_method();
258 else
259 meth=SSLv23_method();
260#else
261#ifdef NO_SSL2
262 meth=SSLv3_method();
263#else
264 meth=SSLv2_method();
265#endif
266#endif
267
268 c_ctx=SSL_CTX_new(meth);
269 s_ctx=SSL_CTX_new(meth);
270 if ((c_ctx == NULL) || (s_ctx == NULL))
271 {
272 ERR_print_errors(bio_err);
273 goto end;
274 }
275
276 if (cipher != NULL)
277 {
278 SSL_CTX_set_cipher_list(c_ctx,cipher);
279 SSL_CTX_set_cipher_list(s_ctx,cipher);
280 }
281
282#ifndef NO_DH
283 dh=get_dh512();
284 SSL_CTX_set_tmp_dh(s_ctx,dh);
285 DH_free(dh);
286#endif
287
288#ifndef NO_RSA
289 SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
290#endif
291
292 if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
293 {
294 ERR_print_errors(bio_err);
295 }
296 else if (!SSL_CTX_use_PrivateKey_file(s_ctx,server_cert,
297 SSL_FILETYPE_PEM))
298 {
299 ERR_print_errors(bio_err);
300 goto end;
301 }
302
303 if (client_auth)
304 {
305 SSL_CTX_use_certificate_file(c_ctx,client_cert,
306 SSL_FILETYPE_PEM);
307 SSL_CTX_use_PrivateKey_file(c_ctx,client_cert,
308 SSL_FILETYPE_PEM);
309 }
310
311 if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
312 (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
313 (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
314 (!SSL_CTX_set_default_verify_paths(c_ctx)))
315 {
316 /* fprintf(stderr,"SSL_load_verify_locations\n"); */
317 ERR_print_errors(bio_err);
318 /* goto end; */
319 }
320
321 if (client_auth)
322 {
323 fprintf(stderr,"client authentication\n");
324 SSL_CTX_set_verify(s_ctx,
325 SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
326 verify_callback);
327 }
328 if (server_auth)
329 {
330 fprintf(stderr,"server authentication\n");
331 SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
332 verify_callback);
333 }
334
335 c_ssl=SSL_new(c_ctx);
336 s_ssl=SSL_new(s_ctx);
337
338 for (i=0; i<number; i++)
339 {
340 if (!reuse) SSL_set_session(c_ssl,NULL);
341 ret=doit(s_ssl,c_ssl,bytes);
342 }
343
344 if (!verbose)
345 {
346 ciph=SSL_get_current_cipher(c_ssl);
347 fprintf(stdout,"Protocol %s, cipher %s, %s\n",
348 SSL_get_version(c_ssl),
349 SSL_CIPHER_get_version(ciph),
350 SSL_CIPHER_get_name(ciph));
351 }
352 if ((number > 1) || (bytes > 1L))
353 printf("%d handshakes of %ld bytes done\n",number,bytes);
354
355 SSL_free(s_ssl);
356 SSL_free(c_ssl);
357
358end:
359 if (s_ctx != NULL) SSL_CTX_free(s_ctx);
360 if (c_ctx != NULL) SSL_CTX_free(c_ctx);
361
362 if (bio_stdout != NULL) BIO_free(bio_stdout);
363
364 ERR_remove_state(0);
365 EVP_cleanup();
366 CRYPTO_mem_leaks(bio_err);
367 EXIT(ret);
368 }
369
370#define W_READ 1
371#define W_WRITE 2
372#define C_DONE 1
373#define S_DONE 2
374
375int doit(s_ssl,c_ssl,count)
376SSL *s_ssl,*c_ssl;
377long count;
378 {
379 MS_STATIC char cbuf[1024*8],sbuf[1024*8];
380 long cw_num=count,cr_num=count;
381 long sw_num=count,sr_num=count;
382 int ret=1;
383 BIO *c_to_s=NULL;
384 BIO *s_to_c=NULL;
385 BIO *c_bio=NULL;
386 BIO *s_bio=NULL;
387 int c_r,c_w,s_r,s_w;
388 int c_want,s_want;
389 int i,j;
390 int done=0;
391 int c_write,s_write;
392 int do_server=0,do_client=0;
393 SSL_CIPHER *ciph;
394
395 c_to_s=BIO_new(BIO_s_mem());
396 s_to_c=BIO_new(BIO_s_mem());
397 if ((s_to_c == NULL) || (c_to_s == NULL))
398 {
399 ERR_print_errors(bio_err);
400 goto err;
401 }
402
403 c_bio=BIO_new(BIO_f_ssl());
404 s_bio=BIO_new(BIO_f_ssl());
405 if ((c_bio == NULL) || (s_bio == NULL))
406 {
407 ERR_print_errors(bio_err);
408 goto err;
409 }
410
411 SSL_set_connect_state(c_ssl);
412 SSL_set_bio(c_ssl,s_to_c,c_to_s);
413 BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
414
415 SSL_set_accept_state(s_ssl);
416 SSL_set_bio(s_ssl,c_to_s,s_to_c);
417 BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
418
419 c_r=0; s_r=1;
420 c_w=1; s_w=0;
421 c_want=W_WRITE;
422 s_want=0;
423 c_write=1,s_write=0;
424
425 /* We can always do writes */
426 for (;;)
427 {
428 do_server=0;
429 do_client=0;
430
431 i=(int)BIO_pending(s_bio);
432 if ((i && s_r) || s_w) do_server=1;
433
434 i=(int)BIO_pending(c_bio);
435 if ((i && c_r) || c_w) do_client=1;
436
437 if (do_server && debug)
438 {
439 if (SSL_in_init(s_ssl))
440 printf("server waiting in SSL_accept - %s\n",
441 SSL_state_string_long(s_ssl));
442/* else if (s_write)
443 printf("server:SSL_write()\n");
444 else
445 printf("server:SSL_read()\n"); */
446 }
447
448 if (do_client && debug)
449 {
450 if (SSL_in_init(c_ssl))
451 printf("client waiting in SSL_connect - %s\n",
452 SSL_state_string_long(c_ssl));
453/* else if (c_write)
454 printf("client:SSL_write()\n");
455 else
456 printf("client:SSL_read()\n"); */
457 }
458
459 if (!do_client && !do_server)
460 {
461 fprintf(stdout,"ERROR IN STARTUP\n");
462 ERR_print_errors(bio_err);
463 break;
464 }
465 if (do_client && !(done & C_DONE))
466 {
467 if (c_write)
468 {
469 j=(cw_num > (long)sizeof(cbuf))
470 ?sizeof(cbuf):(int)cw_num;
471 i=BIO_write(c_bio,cbuf,j);
472 if (i < 0)
473 {
474 c_r=0;
475 c_w=0;
476 if (BIO_should_retry(c_bio))
477 {
478 if (BIO_should_read(c_bio))
479 c_r=1;
480 if (BIO_should_write(c_bio))
481 c_w=1;
482 }
483 else
484 {
485 fprintf(stderr,"ERROR in CLIENT\n");
486 ERR_print_errors(bio_err);
487 goto err;
488 }
489 }
490 else if (i == 0)
491 {
492 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
493 goto err;
494 }
495 else
496 {
497 if (debug)
498 printf("client wrote %d\n",i);
499 /* ok */
500 s_r=1;
501 c_write=0;
502 cw_num-=i;
503 }
504 }
505 else
506 {
507 i=BIO_read(c_bio,cbuf,sizeof(cbuf));
508 if (i < 0)
509 {
510 c_r=0;
511 c_w=0;
512 if (BIO_should_retry(c_bio))
513 {
514 if (BIO_should_read(c_bio))
515 c_r=1;
516 if (BIO_should_write(c_bio))
517 c_w=1;
518 }
519 else
520 {
521 fprintf(stderr,"ERROR in CLIENT\n");
522 ERR_print_errors(bio_err);
523 goto err;
524 }
525 }
526 else if (i == 0)
527 {
528 fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
529 goto err;
530 }
531 else
532 {
533 if (debug)
534 printf("client read %d\n",i);
535 cr_num-=i;
536 if (sw_num > 0)
537 {
538 s_write=1;
539 s_w=1;
540 }
541 if (cr_num <= 0)
542 {
543 s_write=1;
544 s_w=1;
545 done=S_DONE|C_DONE;
546 }
547 }
548 }
549 }
550
551 if (do_server && !(done & S_DONE))
552 {
553 if (!s_write)
554 {
555 i=BIO_read(s_bio,sbuf,sizeof(cbuf));
556 if (i < 0)
557 {
558 s_r=0;
559 s_w=0;
560 if (BIO_should_retry(s_bio))
561 {
562 if (BIO_should_read(s_bio))
563 s_r=1;
564 if (BIO_should_write(s_bio))
565 s_w=1;
566 }
567 else
568 {
569 fprintf(stderr,"ERROR in SERVER\n");
570 ERR_print_errors(bio_err);
571 goto err;
572 }
573 }
574 else if (i == 0)
575 {
576 ERR_print_errors(bio_err);
577 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
578 goto err;
579 }
580 else
581 {
582 if (debug)
583 printf("server read %d\n",i);
584 sr_num-=i;
585 if (cw_num > 0)
586 {
587 c_write=1;
588 c_w=1;
589 }
590 if (sr_num <= 0)
591 {
592 s_write=1;
593 s_w=1;
594 c_write=0;
595 }
596 }
597 }
598 else
599 {
600 j=(sw_num > (long)sizeof(sbuf))?
601 sizeof(sbuf):(int)sw_num;
602 i=BIO_write(s_bio,sbuf,j);
603 if (i < 0)
604 {
605 s_r=0;
606 s_w=0;
607 if (BIO_should_retry(s_bio))
608 {
609 if (BIO_should_read(s_bio))
610 s_r=1;
611 if (BIO_should_write(s_bio))
612 s_w=1;
613 }
614 else
615 {
616 fprintf(stderr,"ERROR in SERVER\n");
617 ERR_print_errors(bio_err);
618 goto err;
619 }
620 }
621 else if (i == 0)
622 {
623 ERR_print_errors(bio_err);
624 fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
625 goto err;
626 }
627 else
628 {
629 if (debug)
630 printf("server wrote %d\n",i);
631 sw_num-=i;
632 s_write=0;
633 c_r=1;
634 if (sw_num <= 0)
635 done|=S_DONE;
636 }
637 }
638 }
639
640 if ((done & S_DONE) && (done & C_DONE)) break;
641 }
642
643 ciph=SSL_get_current_cipher(c_ssl);
644 if (verbose)
645 fprintf(stdout,"DONE, protocol %s, cipher %s, %s\n",
646 SSL_get_version(c_ssl),
647 SSL_CIPHER_get_version(ciph),
648 SSL_CIPHER_get_name(ciph));
649 ret=0;
650err:
651 /* We have to set the BIO's to NULL otherwise they will be
652 * Free()ed twice. Once when th s_ssl is SSL_free()ed and
653 * again when c_ssl is SSL_free()ed.
654 * This is a hack required because s_ssl and c_ssl are sharing the same
655 * BIO structure and SSL_set_bio() and SSL_free() automatically
656 * BIO_free non NULL entries.
657 * You should not normally do this or be required to do this */
658 if (s_ssl != NULL)
659 {
660 s_ssl->rbio=NULL;
661 s_ssl->wbio=NULL;
662 }
663 if (c_ssl != NULL)
664 {
665 c_ssl->rbio=NULL;
666 c_ssl->wbio=NULL;
667 }
668
669 if (c_to_s != NULL) BIO_free(c_to_s);
670 if (s_to_c != NULL) BIO_free(s_to_c);
671 if (c_bio != NULL) BIO_free_all(c_bio);
672 if (s_bio != NULL) BIO_free_all(s_bio);
673 return(ret);
674 }
675
676int MS_CALLBACK verify_callback(ok, ctx)
677int ok;
678X509_STORE_CTX *ctx;
679 {
680 char *s,buf[256];
681
682 s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,256);
683 if (s != NULL)
684 {
685 if (ok)
686 fprintf(stderr,"depth=%d %s\n",ctx->error_depth,buf);
687 else
688 fprintf(stderr,"depth=%d error=%d %s\n",
689 ctx->error_depth,ctx->error,buf);
690 }
691
692 if (ok == 0)
693 {
694 switch (ctx->error)
695 {
696 case X509_V_ERR_CERT_NOT_YET_VALID:
697 case X509_V_ERR_CERT_HAS_EXPIRED:
698 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
699 ok=1;
700 }
701 }
702
703 return(ok);
704 }
705
706#ifndef NO_DH
707static unsigned char dh512_p[]={
708 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
709 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
710 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
711 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
712 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
713 0x47,0x74,0xE8,0x33,
714 };
715static unsigned char dh512_g[]={
716 0x02,
717 };
718
719static DH *get_dh512()
720 {
721 DH *dh=NULL;
722
723 if ((dh=DH_new()) == NULL) return(NULL);
724 dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
725 dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
726 if ((dh->p == NULL) || (dh->g == NULL))
727 return(NULL);
728 return(dh);
729 }
730#endif
731
732static RSA MS_CALLBACK *tmp_rsa_cb(s,export)
733SSL *s;
734int export;
735 {
736 static RSA *rsa_tmp=NULL;
737
738 if (rsa_tmp == NULL)
739 {
740 BIO_printf(bio_err,"Generating temp (512 bit) RSA key...");
741 BIO_flush(bio_err);
742#ifndef NO_RSA
743 rsa_tmp=RSA_generate_key(512,RSA_F4,NULL,NULL);
744#endif
745 BIO_printf(bio_err,"\n");
746 BIO_flush(bio_err);
747 }
748 return(rsa_tmp);
749 }
750
751
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-28 12:08:34 +0000