summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl/s_cb.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/usr.bin/openssl/s_cb.c')
-rw-r--r--src/usr.bin/openssl/s_cb.c930
1 files changed, 0 insertions, 930 deletions
diff --git a/src/usr.bin/openssl/s_cb.c b/src/usr.bin/openssl/s_cb.c
deleted file mode 100644
index fcb2cd3076..0000000000
--- a/src/usr.bin/openssl/s_cb.c
+++ /dev/null
@@ -1,930 +0,0 @@
1/* $OpenBSD: s_cb.c,v 1.22 2025/01/02 13:10:03 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <sys/socket.h>
113
114#include <netinet/in.h>
115
116#include <netdb.h>
117#include <stdio.h>
118#include <stdlib.h>
119#include <string.h>
120
121#include "apps.h"
122
123#include <openssl/err.h>
124#include <openssl/ssl.h>
125#include <openssl/x509.h>
126
127#define COOKIE_SECRET_LENGTH 16
128
129int verify_depth = 0;
130int verify_return_error = 0;
131unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
132int cookie_initialized = 0;
133
134int
135verify_callback(int ok, X509_STORE_CTX * ctx)
136{
137 X509 *err_cert;
138 int err, depth;
139
140 err_cert = X509_STORE_CTX_get_current_cert(ctx);
141 err = X509_STORE_CTX_get_error(ctx);
142 depth = X509_STORE_CTX_get_error_depth(ctx);
143
144 BIO_printf(bio_err, "depth=%d ", depth);
145 if (err_cert) {
146 X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
147 0, XN_FLAG_ONELINE);
148 BIO_puts(bio_err, "\n");
149 } else
150 BIO_puts(bio_err, "<no cert>\n");
151 if (!ok) {
152 BIO_printf(bio_err, "verify error:num=%d:%s\n", err,
153 X509_verify_cert_error_string(err));
154 if (verify_depth >= depth) {
155 if (!verify_return_error)
156 ok = 1;
157 } else {
158 ok = 0;
159 }
160 }
161 switch (err) {
162 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
163 BIO_puts(bio_err, "issuer= ");
164 if (err_cert == NULL)
165 BIO_puts(bio_err, "<error getting cert>");
166 else
167 X509_NAME_print_ex(bio_err,
168 X509_get_issuer_name(err_cert), 0, XN_FLAG_ONELINE);
169 BIO_puts(bio_err, "\n");
170 break;
171 case X509_V_ERR_CERT_NOT_YET_VALID:
172 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
173 BIO_printf(bio_err, "notBefore=");
174 if (err_cert == NULL)
175 BIO_printf(bio_err, " <error getting cert>");
176 else
177 ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
178 BIO_printf(bio_err, "\n");
179 break;
180 case X509_V_ERR_CERT_HAS_EXPIRED:
181 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
182 BIO_printf(bio_err, "notAfter=");
183 if (err_cert == NULL)
184 BIO_printf(bio_err, " <error getting cert>");
185 else
186 ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
187 BIO_printf(bio_err, "\n");
188 break;
189 case X509_V_ERR_NO_EXPLICIT_POLICY:
190 break;
191 }
192
193 BIO_printf(bio_err, "verify return:%d\n", ok);
194 return (ok);
195}
196
197int
198set_cert_stuff(SSL_CTX * ctx, char *cert_file, char *key_file)
199{
200 if (cert_file == NULL)
201 return 1;
202
203 if (key_file == NULL)
204 key_file = cert_file;
205
206 if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0) {
207 BIO_printf(bio_err,
208 "unable to get certificate from '%s'\n", cert_file);
209 ERR_print_errors(bio_err);
210 return 0;
211 }
212 if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0) {
213 BIO_printf(bio_err, "unable to get private key from '%s'\n",
214 key_file);
215 ERR_print_errors(bio_err);
216 return 0;
217 }
218
219 /* Now we know that a key and cert have been set against the context. */
220 if (!SSL_CTX_check_private_key(ctx)) {
221 BIO_printf(bio_err,
222 "Private key does not match the certificate public key\n");
223 return 0;
224 }
225
226 return 1;
227}
228
229int
230set_cert_key_stuff(SSL_CTX * ctx, X509 * cert, EVP_PKEY * key)
231{
232 if (cert == NULL)
233 return 1;
234 if (SSL_CTX_use_certificate(ctx, cert) <= 0) {
235 BIO_printf(bio_err, "error setting certificate\n");
236 ERR_print_errors(bio_err);
237 return 0;
238 }
239 if (SSL_CTX_use_PrivateKey(ctx, key) <= 0) {
240 BIO_printf(bio_err, "error setting private key\n");
241 ERR_print_errors(bio_err);
242 return 0;
243 }
244 /*
245 * Now we know that a key and cert have been set against the SSL
246 * context
247 */
248 if (!SSL_CTX_check_private_key(ctx)) {
249 BIO_printf(bio_err,
250 "Private key does not match the certificate public key\n");
251 return 0;
252 }
253 return 1;
254}
255
256int
257ssl_print_tmp_key(BIO *out, SSL *s)
258{
259 const char *cname;
260 EVP_PKEY *pkey;
261 EC_KEY *ec;
262 const EC_GROUP *group;
263 int nid;
264
265 if (!SSL_get_server_tmp_key(s, &pkey))
266 return 0;
267
268 BIO_puts(out, "Server Temp Key: ");
269 switch (EVP_PKEY_id(pkey)) {
270 case EVP_PKEY_DH:
271 BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(pkey));
272 break;
273
274 case EVP_PKEY_EC:
275 if ((ec = EVP_PKEY_get0_EC_KEY(pkey)) == NULL)
276 goto err;
277 if ((group = EC_KEY_get0_group(ec)) == NULL)
278 goto err;
279
280 nid = EC_GROUP_get_curve_name(group);
281
282 if ((cname = EC_curve_nid2nist(nid)) == NULL)
283 cname = OBJ_nid2sn(nid);
284
285 BIO_printf(out, "ECDH, %s, %d bits\n", cname, EVP_PKEY_bits(pkey));
286 break;
287
288 default:
289 BIO_printf(out, "%s, %d bits\n", OBJ_nid2sn(EVP_PKEY_id(pkey)),
290 EVP_PKEY_bits(pkey));
291 }
292
293 err:
294 EVP_PKEY_free(pkey);
295 return 1;
296}
297
298long
299bio_dump_callback(BIO * bio, int cmd, const char *argp,
300 int argi, long argl, long ret)
301{
302 BIO *out;
303
304 out = (BIO *) BIO_get_callback_arg(bio);
305 if (out == NULL)
306 return (ret);
307
308 if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) {
309 BIO_printf(out,
310 "read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
311 (void *) bio, argp, (unsigned long) argi, ret, ret);
312 BIO_dump(out, argp, (int) ret);
313 return (ret);
314 } else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) {
315 BIO_printf(out,
316 "write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
317 (void *) bio, argp, (unsigned long) argi, ret, ret);
318 BIO_dump(out, argp, (int) ret);
319 }
320 return (ret);
321}
322
323void
324apps_ssl_info_callback(const SSL * s, int where, int ret)
325{
326 const char *str;
327 int w;
328
329 w = where & ~SSL_ST_MASK;
330
331 if (w & SSL_ST_CONNECT)
332 str = "SSL_connect";
333 else if (w & SSL_ST_ACCEPT)
334 str = "SSL_accept";
335 else
336 str = "undefined";
337
338 if (where & SSL_CB_LOOP) {
339 BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
340 } else if (where & SSL_CB_ALERT) {
341 str = (where & SSL_CB_READ) ? "read" : "write";
342 BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", str,
343 SSL_alert_type_string_long(ret),
344 SSL_alert_desc_string_long(ret));
345 } else if (where & SSL_CB_EXIT) {
346 if (ret == 0)
347 BIO_printf(bio_err, "%s:failed in %s\n",
348 str, SSL_state_string_long(s));
349 else if (ret < 0) {
350 BIO_printf(bio_err, "%s:error in %s\n",
351 str, SSL_state_string_long(s));
352 }
353 }
354}
355
356
357void
358msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL * ssl, void *arg)
359{
360 BIO *bio = arg;
361 const char *str_write_p, *str_version, *str_content_type = "",
362 *str_details1 = "", *str_details2 = "";
363
364 str_write_p = write_p ? ">>>" : "<<<";
365
366 /* XXX convert to using ssl_get_version */
367 switch (version) {
368 case SSL2_VERSION:
369 str_version = "SSL 2.0";
370 break;
371 case SSL3_VERSION:
372 str_version = "SSL 3.0 ";
373 break;
374 case TLS1_VERSION:
375 str_version = "TLS 1.0 ";
376 break;
377 case TLS1_1_VERSION:
378 str_version = "TLS 1.1 ";
379 break;
380 case TLS1_2_VERSION:
381 str_version = "TLS 1.2 ";
382 break;
383 case TLS1_3_VERSION:
384 str_version = "TLS 1.3 ";
385 break;
386 case DTLS1_VERSION:
387 str_version = "DTLS 1.0 ";
388 break;
389 case DTLS1_2_VERSION:
390 str_version = "DTLS 1.2 ";
391 break;
392 default:
393 str_version = "???";
394 }
395
396 if (version == SSL2_VERSION) {
397 str_details1 = "???";
398
399 if (len > 0) {
400 /* XXX magic numbers */
401 switch (((const unsigned char *) buf)[0]) {
402 case 0:
403 str_details1 = ", ERROR:";
404 str_details2 = " ???";
405 if (len >= 3) {
406 unsigned err = (((const unsigned char *) buf)[1] << 8) + ((const unsigned char *) buf)[2];
407
408 switch (err) {
409 case 0x0001:
410 str_details2 = " NO-CIPHER-ERROR";
411 break;
412 case 0x0002:
413 str_details2 = " NO-CERTIFICATE-ERROR";
414 break;
415 case 0x0004:
416 str_details2 = " BAD-CERTIFICATE-ERROR";
417 break;
418 case 0x0006:
419 str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
420 break;
421 }
422 }
423 break;
424 case 1:
425 str_details1 = ", CLIENT-HELLO";
426 break;
427 case 2:
428 str_details1 = ", CLIENT-MASTER-KEY";
429 break;
430 case 3:
431 str_details1 = ", CLIENT-FINISHED";
432 break;
433 case 4:
434 str_details1 = ", SERVER-HELLO";
435 break;
436 case 5:
437 str_details1 = ", SERVER-VERIFY";
438 break;
439 case 6:
440 str_details1 = ", SERVER-FINISHED";
441 break;
442 case 7:
443 str_details1 = ", REQUEST-CERTIFICATE";
444 break;
445 case 8:
446 str_details1 = ", CLIENT-CERTIFICATE";
447 break;
448 }
449 }
450 }
451 if (version == SSL3_VERSION || version == TLS1_VERSION ||
452 version == TLS1_1_VERSION || version == TLS1_2_VERSION ||
453 version == TLS1_3_VERSION || version == DTLS1_VERSION ||
454 version == DTLS1_2_VERSION) {
455 /* XXX magic numbers are in ssl3.h */
456 switch (content_type) {
457 case 20:
458 str_content_type = "ChangeCipherSpec";
459 break;
460 case 21:
461 str_content_type = "Alert";
462 break;
463 case 22:
464 str_content_type = "Handshake";
465 break;
466 }
467
468 if (content_type == 21) { /* Alert */
469 str_details1 = ", ???";
470
471 if (len == 2) {
472 switch (((const unsigned char *) buf)[0]) {
473 case 1:
474 str_details1 = ", warning";
475 break;
476 case 2:
477 str_details1 = ", fatal";
478 break;
479 }
480
481 str_details2 = " ???";
482 switch (((const unsigned char *) buf)[1]) {
483 case 0:
484 str_details2 = " close_notify";
485 break;
486 case 10:
487 str_details2 = " unexpected_message";
488 break;
489 case 20:
490 str_details2 = " bad_record_mac";
491 break;
492 case 21:
493 str_details2 = " decryption_failed";
494 break;
495 case 22:
496 str_details2 = " record_overflow";
497 break;
498 case 30:
499 str_details2 = " decompression_failure";
500 break;
501 case 40:
502 str_details2 = " handshake_failure";
503 break;
504 case 42:
505 str_details2 = " bad_certificate";
506 break;
507 case 43:
508 str_details2 = " unsupported_certificate";
509 break;
510 case 44:
511 str_details2 = " certificate_revoked";
512 break;
513 case 45:
514 str_details2 = " certificate_expired";
515 break;
516 case 46:
517 str_details2 = " certificate_unknown";
518 break;
519 case 47:
520 str_details2 = " illegal_parameter";
521 break;
522 case 48:
523 str_details2 = " unknown_ca";
524 break;
525 case 49:
526 str_details2 = " access_denied";
527 break;
528 case 50:
529 str_details2 = " decode_error";
530 break;
531 case 51:
532 str_details2 = " decrypt_error";
533 break;
534 case 60:
535 str_details2 = " export_restriction";
536 break;
537 case 70:
538 str_details2 = " protocol_version";
539 break;
540 case 71:
541 str_details2 = " insufficient_security";
542 break;
543 case 80:
544 str_details2 = " internal_error";
545 break;
546 case 90:
547 str_details2 = " user_canceled";
548 break;
549 case 100:
550 str_details2 = " no_renegotiation";
551 break;
552 case 110:
553 str_details2 = " unsupported_extension";
554 break;
555 case 111:
556 str_details2 = " certificate_unobtainable";
557 break;
558 case 112:
559 str_details2 = " unrecognized_name";
560 break;
561 case 113:
562 str_details2 = " bad_certificate_status_response";
563 break;
564 case 114:
565 str_details2 = " bad_certificate_hash_value";
566 break;
567 case 115:
568 str_details2 = " unknown_psk_identity";
569 break;
570 }
571 }
572 }
573 if (content_type == 22) { /* Handshake */
574 str_details1 = "???";
575
576 if (len > 0) {
577 switch (((const unsigned char *) buf)[0]) {
578 case 0:
579 str_details1 = ", HelloRequest";
580 break;
581 case 1:
582 str_details1 = ", ClientHello";
583 break;
584 case 2:
585 str_details1 = ", ServerHello";
586 break;
587 case 3:
588 str_details1 = ", HelloVerifyRequest";
589 break;
590 case 4:
591 str_details1 = ", NewSessionTicket";
592 break;
593 case 5:
594 str_details1 = ", EndOfEarlyData";
595 break;
596 case 8:
597 str_details1 = ", EncryptedExtensions";
598 break;
599 case 11:
600 str_details1 = ", Certificate";
601 break;
602 case 12:
603 str_details1 = ", ServerKeyExchange";
604 break;
605 case 13:
606 str_details1 = ", CertificateRequest";
607 break;
608 case 14:
609 str_details1 = ", ServerHelloDone";
610 break;
611 case 15:
612 str_details1 = ", CertificateVerify";
613 break;
614 case 16:
615 str_details1 = ", ClientKeyExchange";
616 break;
617 case 20:
618 str_details1 = ", Finished";
619 break;
620 case 24:
621 str_details1 = ", KeyUpdate";
622 break;
623 }
624 }
625 }
626 }
627 BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p,
628 str_version, str_content_type, (unsigned long) len,
629 str_details1, str_details2);
630
631 if (len > 0) {
632 size_t num, i;
633
634 BIO_printf(bio, " ");
635 num = len;
636
637 for (i = 0; i < num; i++) {
638 if (i % 16 == 0 && i > 0)
639 BIO_printf(bio, "\n ");
640 BIO_printf(bio, " %02x",
641 ((const unsigned char *) buf)[i]);
642 }
643 if (i < len)
644 BIO_printf(bio, " ...");
645 BIO_printf(bio, "\n");
646 }
647 (void) BIO_flush(bio);
648}
649
650void
651tlsext_cb(SSL * s, int client_server, int type, unsigned char *data, int len,
652 void *arg)
653{
654 BIO *bio = arg;
655 char *extname;
656
657 switch (type) {
658 case TLSEXT_TYPE_server_name:
659 extname = "server name";
660 break;
661
662 case TLSEXT_TYPE_max_fragment_length:
663 extname = "max fragment length";
664 break;
665
666 case TLSEXT_TYPE_client_certificate_url:
667 extname = "client certificate URL";
668 break;
669
670 case TLSEXT_TYPE_trusted_ca_keys:
671 extname = "trusted CA keys";
672 break;
673
674 case TLSEXT_TYPE_truncated_hmac:
675 extname = "truncated HMAC";
676 break;
677
678 case TLSEXT_TYPE_status_request:
679 extname = "status request";
680 break;
681
682 case TLSEXT_TYPE_user_mapping:
683 extname = "user mapping";
684 break;
685
686 case TLSEXT_TYPE_client_authz:
687 extname = "client authz";
688 break;
689
690 case TLSEXT_TYPE_server_authz:
691 extname = "server authz";
692 break;
693
694 case TLSEXT_TYPE_cert_type:
695 extname = "cert type";
696 break;
697
698 case TLSEXT_TYPE_supported_groups:
699 extname = "supported groups";
700 break;
701
702 case TLSEXT_TYPE_ec_point_formats:
703 extname = "EC point formats";
704 break;
705
706 case TLSEXT_TYPE_srp:
707 extname = "SRP";
708 break;
709
710 case TLSEXT_TYPE_signature_algorithms:
711 extname = "signature algorithms";
712 break;
713
714 case TLSEXT_TYPE_use_srtp:
715 extname = "use SRTP";
716 break;
717
718 case TLSEXT_TYPE_heartbeat:
719 extname = "heartbeat";
720 break;
721
722 case TLSEXT_TYPE_application_layer_protocol_negotiation:
723 extname = "application layer protocol negotiation";
724 break;
725
726 case TLSEXT_TYPE_padding:
727 extname = "TLS padding";
728 break;
729
730 case TLSEXT_TYPE_session_ticket:
731 extname = "session ticket";
732 break;
733
734#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL)
735 case TLSEXT_TYPE_pre_shared_key:
736 extname = "pre shared key";
737 break;
738
739 case TLSEXT_TYPE_early_data:
740 extname = "early data";
741 break;
742
743 case TLSEXT_TYPE_supported_versions:
744 extname = "supported versions";
745 break;
746
747 case TLSEXT_TYPE_cookie:
748 extname = "cookie";
749 break;
750
751 case TLSEXT_TYPE_psk_key_exchange_modes:
752 extname = "PSK key exchange modes";
753 break;
754
755 case TLSEXT_TYPE_certificate_authorities:
756 extname = "certificate authorities";
757 break;
758
759 case TLSEXT_TYPE_oid_filters:
760 extname = "OID filters";
761 break;
762
763 case TLSEXT_TYPE_post_handshake_auth:
764 extname = "post handshake auth";
765 break;
766
767 case TLSEXT_TYPE_signature_algorithms_cert:
768 extname = "signature algorithms cert";
769 break;
770
771 case TLSEXT_TYPE_key_share:
772 extname = "key share";
773 break;
774#endif
775
776 case TLSEXT_TYPE_renegotiate:
777 extname = "renegotiation info";
778 break;
779
780 default:
781 extname = "unknown";
782 break;
783
784 }
785
786 BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
787 client_server ? "server" : "client", extname, type, len);
788 BIO_dump(bio, (char *) data, len);
789 (void) BIO_flush(bio);
790}
791
792int
793generate_cookie_callback(SSL * ssl, unsigned char *cookie,
794 unsigned int *cookie_len)
795{
796 unsigned char *buffer, result[EVP_MAX_MD_SIZE];
797 unsigned int length, resultlength;
798 union {
799 struct sockaddr sa;
800 struct sockaddr_in s4;
801 struct sockaddr_in6 s6;
802 } peer;
803
804 /* Initialize a random secret */
805 if (!cookie_initialized) {
806 arc4random_buf(cookie_secret, COOKIE_SECRET_LENGTH);
807 cookie_initialized = 1;
808 }
809 /* Read peer information */
810 (void) BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
811
812 /* Create buffer with peer's address and port */
813 length = 0;
814 switch (peer.sa.sa_family) {
815 case AF_INET:
816 length += sizeof(struct in_addr);
817 length += sizeof(peer.s4.sin_port);
818 break;
819 case AF_INET6:
820 length += sizeof(struct in6_addr);
821 length += sizeof(peer.s6.sin6_port);
822 break;
823 default:
824 OPENSSL_assert(0);
825 break;
826 }
827 buffer = malloc(length);
828
829 if (buffer == NULL) {
830 BIO_printf(bio_err, "out of memory\n");
831 return 0;
832 }
833 switch (peer.sa.sa_family) {
834 case AF_INET:
835 memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port));
836 memcpy(buffer + sizeof(peer.s4.sin_port),
837 &peer.s4.sin_addr, sizeof(struct in_addr));
838 break;
839 case AF_INET6:
840 memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port));
841 memcpy(buffer + sizeof(peer.s6.sin6_port),
842 &peer.s6.sin6_addr, sizeof(struct in6_addr));
843 break;
844 default:
845 OPENSSL_assert(0);
846 break;
847 }
848
849 /* Calculate HMAC of buffer using the secret */
850 HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
851 buffer, length, result, &resultlength);
852 free(buffer);
853
854 memcpy(cookie, result, resultlength);
855 *cookie_len = resultlength;
856
857 return 1;
858}
859
860int
861verify_cookie_callback(SSL * ssl, const unsigned char *cookie,
862 unsigned int cookie_len)
863{
864 unsigned char *buffer, result[EVP_MAX_MD_SIZE];
865 unsigned int length, resultlength;
866 union {
867 struct sockaddr sa;
868 struct sockaddr_in s4;
869 struct sockaddr_in6 s6;
870 } peer;
871
872 /* If secret isn't initialized yet, the cookie can't be valid */
873 if (!cookie_initialized)
874 return 0;
875
876 /* Read peer information */
877 (void) BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
878
879 /* Create buffer with peer's address and port */
880 length = 0;
881 switch (peer.sa.sa_family) {
882 case AF_INET:
883 length += sizeof(struct in_addr);
884 length += sizeof(peer.s4.sin_port);
885 break;
886 case AF_INET6:
887 length += sizeof(struct in6_addr);
888 length += sizeof(peer.s6.sin6_port);
889 break;
890 default:
891 OPENSSL_assert(0);
892 break;
893 }
894 buffer = malloc(length);
895
896 if (buffer == NULL) {
897 BIO_printf(bio_err, "out of memory\n");
898 return 0;
899 }
900 switch (peer.sa.sa_family) {
901 case AF_INET:
902 memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port));
903 memcpy(buffer + sizeof(peer.s4.sin_port),
904 &peer.s4.sin_addr, sizeof(struct in_addr));
905 break;
906 case AF_INET6:
907 memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port));
908 memcpy(buffer + sizeof(peer.s6.sin6_port),
909 &peer.s6.sin6_addr, sizeof(struct in6_addr));
910 break;
911 default:
912 OPENSSL_assert(0);
913 break;
914 }
915
916 /* Calculate HMAC of buffer using the secret */
917 if (HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
918 buffer, length, result, &resultlength) == NULL) {
919 free(buffer);
920 return 0;
921 }
922
923 free(buffer);
924
925 if (cookie_len == resultlength &&
926 memcmp(result, cookie, resultlength) == 0)
927 return 1;
928
929 return 0;
930}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-09 21:30:52 +0000