/usr/src/usr.bin/openssl/s

Bug Summary

File:	src/usr.bin/openssl/s_server.c
Warning:	line 1649, column 6 Value stored to 'i' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.4 -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name s_server.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/usr.bin/openssl/obj -resource-dir /usr/local/llvm16/lib/clang/16 -D LIBRESSL_INTERNAL -internal-isystem /usr/local/llvm16/lib/clang/16/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/usr.bin/openssl/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fcf-protection=branch -fno-jump-tables -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/scan/2024-01-11-140451-98009-1 -x c /usr/src/usr.bin/openssl/s_server.c

1	/* $OpenBSD: s_server.c,v 1.59 2023/12/29 12:15:49 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58	/* ====================================================================
59	* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
60	*
61	* Redistribution and use in source and binary forms, with or without
62	* modification, are permitted provided that the following conditions
63	* are met:
64	*
65	* 1. Redistributions of source code must retain the above copyright
66	* notice, this list of conditions and the following disclaimer.
67	*
68	* 2. Redistributions in binary form must reproduce the above copyright
69	* notice, this list of conditions and the following disclaimer in
70	* the documentation and/or other materials provided with the
71	* distribution.
72	*
73	* 3. All advertising materials mentioning features or use of this
74	* software must display the following acknowledgment:
75	* "This product includes software developed by the OpenSSL Project
76	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77	*
78	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79	* endorse or promote products derived from this software without
80	* prior written permission. For written permission, please contact
81	* openssl-core@openssl.org.
82	*
83	* 5. Products derived from this software may not be called "OpenSSL"
84	* nor may "OpenSSL" appear in their names without prior written
85	* permission of the OpenSSL Project.
86	*
87	* 6. Redistributions of any form whatsoever must retain the following
88	* acknowledgment:
89	* "This product includes software developed by the OpenSSL Project
90	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91	*
92	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103	* OF THE POSSIBILITY OF SUCH DAMAGE.
104	* ====================================================================
105	*
106	* This product includes cryptographic software written by Eric Young
107	* (eay@cryptsoft.com). This product includes software written by Tim
108	* Hudson (tjh@cryptsoft.com).
109	*
110	*/
111	/* ====================================================================
112	* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
113	* ECC cipher suite support in OpenSSL originally developed by
114	* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
115	*/
116	/* ====================================================================
117	* Copyright 2005 Nokia. All rights reserved.
118	*
119	* The portions of the attached software ("Contribution") is developed by
120	* Nokia Corporation and is licensed pursuant to the OpenSSL open source
121	* license.
122	*
123	* The Contribution, originally written by Mika Kousa and Pasi Eronen of
124	* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
125	* support (see RFC 4279) to OpenSSL.
126	*
127	* No patent licenses or other rights except those expressly stated in
128	* the OpenSSL open source license shall be deemed granted or received
129	* expressly, by implication, estoppel, or otherwise.
130	*
131	* No assurances are provided by Nokia that the Contribution does not
132	* infringe the patent or other intellectual property rights of any third
133	* party or that the license provides you with all the necessary rights
134	* to make use of the Contribution.
135	*
136	* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
137	* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
138	* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
139	* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
140	* OTHERWISE.
141	*/
142
143	/* Until the key-gen callbacks are modified to use newer prototypes, we allow
144	* deprecated functions for openssl-internal code */
145	#ifdef OPENSSL_NO_DEPRECATED
146	#undef OPENSSL_NO_DEPRECATED
147	#endif
148
149	#include <sys/types.h>
150	#include <sys/socket.h>
151
152	#include <assert.h>
153	#include <ctype.h>
154	#include <stdio.h>
155	#include <stdlib.h>
156	#include <limits.h>
157	#include <string.h>
158	#include <unistd.h>
159	#include <poll.h>
160
161	#include "apps.h"
162
163	#include <openssl/bn.h>
164	#include <openssl/err.h>
165	#include <openssl/lhash.h>
166	#include <openssl/ocsp.h>
167	#include <openssl/pem.h>
168	#include <openssl/ssl.h>
169	#include <openssl/x509.h>
170
171	#ifndef OPENSSL_NO_DH
172	#include <openssl/dh.h>
173	#endif
174
175	#include <openssl/rsa.h>
176
177	#include "s_apps.h"
178	#include "timeouts.h"
179
180	static void s_server_init(void);
181	static void sv_usage(void);
182	static void print_stats(BIO bp, SSL_CTX ctx);
183	static int sv_body(int s, unsigned char *context);
184	static void close_accept_socket(void);
185	static int init_ssl_connection(SSL *s);
186	#ifndef OPENSSL_NO_DH
187	static DH load_dh_param(const char dhfile);
188	#endif
189	static int www_body(int s, unsigned char *context);
190	static int generate_session_id(const SSL ssl, unsigned char id,
191	unsigned int *id_len);
192	static int ssl_servername_cb(SSL s, int ad, void *arg);
193	static int cert_status_cb(SSL * s, void *arg);
194	static int alpn_cb(SSL s, const unsigned char out, unsigned char outlen,
195	const unsigned char in, unsigned int inlen, void arg);
196	/* static int load_CA(SSL_CTX ctx, char file);*/
197
198	#define BUFSIZZ161024 161024
199	static int bufsize = BUFSIZZ16*1024;
200	static int accept_socket = -1;
201
202	#define TEST_CERT"server.pem" "server.pem"
203	#define TEST_CERT2"server2.pem" "server2.pem"
204
205	static int s_server_session_id_context = 1; /* anything will do */
206	static SSL_CTX ctx = NULL((void )0);
207	static SSL_CTX ctx2 = NULL((void )0);
208	static BIO bio_s_out = NULL((void )0);
209
210	static int local_argc = 0;
211	static char **local_argv;
212
213	/* This is a context that we pass to callbacks */
214	typedef struct tlsextctx_st {
215	char *servername;
216	BIO *biodebug;
217	int extension_error;
218	} tlsextctx;
219
220	/* Structure passed to cert status callback */
221	typedef struct tlsextstatusctx_st {
222	/* Default responder to use */
223	char host, path, *port;
224	int use_ssl;
225	int timeout;
226	BIO *err;
227	int verbose;
228	} tlsextstatusctx;
229
230	/* This the context that we pass to alpn_cb */
231	typedef struct tlsextalpnctx_st {
232	unsigned char *data;
233	unsigned short len;
234	} tlsextalpnctx;
235
236	static struct {
237	char *alpn_in;
238	char npn_in; / Ignored. */
239	int bugs;
240	char *CAfile;
241	char *CApath;
242	#ifndef OPENSSL_NO_DTLS
243	int cert_chain;
244	#endif
245	char *cert_file;
246	char *cert_file2;
247	int cert_format;
248	char *cipher;
249	unsigned char *context;
250	int crlf;
251	char *dcert_file;
252	int dcert_format;
253	int debug;
254	char *dhfile;
255	char *dkey_file;
256	int dkey_format;
257	char *dpassarg;
258	int enable_timeouts;
259	const char *errstr;
260	char *groups_in;
261	char *key_file;
262	char *key_file2;
263	int key_format;
264	char *keymatexportlabel;
265	int keymatexportlen;
266	uint16_t max_version;
267	uint16_t min_version;
268	const SSL_METHOD *meth;
269	int msg;
270	int naccept;
271	char *named_curve;
272	int nbio;
273	int nbio_test;
274	int no_cache;
275	int nocert;
276	int no_dhe;
277	int no_ecdhe;
278	int no_tmp_rsa; /* No-op. */
279	int off;
280	char *passarg;
281	short port;
282	int quiet;
283	int server_verify;
284	char *session_id_prefix;
285	long socket_mtu;
286	int socket_type;
287	#ifndef OPENSSL_NO_SRTP
288	char *srtp_profiles;
289	#endif
290	int state;
291	tlsextstatusctx tlscstatp;
292	tlsextctx tlsextcbp;
293	int tlsextdebug;
294	int tlsextstatus;
295	X509_VERIFY_PARAM *vpm;
296	int www;
297	} cfg;
298
299	static int
300	s_server_opt_context(char *arg)
301	{
302	cfg.context = (unsigned char *) arg;
303	return (0);
304	}
305
306	static int
307	s_server_opt_keymatexportlen(char *arg)
308	{
309	cfg.keymatexportlen = strtonum(arg, 1, INT_MAX0x7fffffff,
310	&cfg.errstr);
311	if (cfg.errstr != NULL((void *)0)) {
312	BIO_printf(bio_err, "invalid argument %s: %s\n",
313	arg, cfg.errstr);
314	return (1);
315	}
316	return (0);
317	}
318
319	#ifndef OPENSSL_NO_DTLS
320	static int
321	s_server_opt_mtu(char *arg)
322	{
323	cfg.socket_mtu = strtonum(arg, 0, LONG_MAX0x7fffffffffffffffL,
324	&cfg.errstr);
325	if (cfg.errstr != NULL((void *)0)) {
326	BIO_printf(bio_err, "invalid argument %s: %s\n",
327	arg, cfg.errstr);
328	return (1);
329	}
330	return (0);
331	}
332	#endif
333
334	#ifndef OPENSSL_NO_DTLS
335	static int
336	s_server_opt_protocol_version_dtls(void)
337	{
338	cfg.meth = DTLS_server_method();
339	cfg.socket_type = SOCK_DGRAM2;
340	return (0);
341	}
342	#endif
343
344	#ifndef OPENSSL_NO_DTLS1_2
345	static int
346	s_server_opt_protocol_version_dtls1_2(void)
347	{
348	cfg.meth = DTLS_server_method();
349	cfg.min_version = DTLS1_2_VERSION0xFEFD;
350	cfg.max_version = DTLS1_2_VERSION0xFEFD;
351	cfg.socket_type = SOCK_DGRAM2;
352	return (0);
353	}
354	#endif
355
356	static int
357	s_server_opt_protocol_version_tls1_2(void)
358	{
359	cfg.min_version = TLS1_2_VERSION0x0303;
360	cfg.max_version = TLS1_2_VERSION0x0303;
361	return (0);
362	}
363
364	static int
365	s_server_opt_protocol_version_tls1_3(void)
366	{
367	cfg.min_version = TLS1_3_VERSION0x0304;
368	cfg.max_version = TLS1_3_VERSION0x0304;
369	return (0);
370	}
371
372	static int
373	s_server_opt_nbio_test(void)
374	{
375	cfg.nbio = 1;
376	cfg.nbio_test = 1;
377	return (0);
378	}
379
380	static int
381	s_server_opt_port(char *arg)
382	{
383	if (!extract_port(arg, &cfg.port))
384	return (1);
385	return (0);
386	}
387
388	static int
389	s_server_opt_status_timeout(char *arg)
390	{
391	cfg.tlsextstatus = 1;
392	cfg.tlscstatp.timeout = strtonum(arg, 0, INT_MAX0x7fffffff,
393	&cfg.errstr);
394	if (cfg.errstr != NULL((void *)0)) {
395	BIO_printf(bio_err, "invalid argument %s: %s\n",
396	arg, cfg.errstr);
397	return (1);
398	}
399	return (0);
400	}
401
402	static int
403	s_server_opt_status_url(char *arg)
404	{
405	cfg.tlsextstatus = 1;
406	if (!OCSP_parse_url(arg, &cfg.tlscstatp.host,
407	&cfg.tlscstatp.port, &cfg.tlscstatp.path,
408	&cfg.tlscstatp.use_ssl)) {
409	BIO_printf(bio_err, "Error parsing URL\n");
410	return (1);
411	}
412	return (0);
413	}
414
415	static int
416	s_server_opt_status_verbose(void)
417	{
418	cfg.tlsextstatus = 1;
419	cfg.tlscstatp.verbose = 1;
420	return (0);
421	}
422
423	static int
424	s_server_opt_verify(char *arg)
425	{
426	cfg.server_verify = SSL_VERIFY_PEER0x01 \|
427	SSL_VERIFY_CLIENT_ONCE0x04;
428	verify_depth = strtonum(arg, 0, INT_MAX0x7fffffff, &cfg.errstr);
429	if (cfg.errstr != NULL((void *)0)) {
430	BIO_printf(bio_err, "invalid argument %s: %s\n",
431	arg, cfg.errstr);
432	return (1);
433	}
434	BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
435	return (0);
436	}
437
438	static int
439	s_server_opt_verify_fail(char *arg)
440	{
441	cfg.server_verify = SSL_VERIFY_PEER0x01 \|
442	SSL_VERIFY_FAIL_IF_NO_PEER_CERT0x02 \| SSL_VERIFY_CLIENT_ONCE0x04;
443	verify_depth = strtonum(arg, 0, INT_MAX0x7fffffff, &cfg.errstr);
444	if (cfg.errstr != NULL((void *)0)) {
445	BIO_printf(bio_err, "invalid argument %s: %s\n",
446	arg, cfg.errstr);
447	return (1);
448	}
449	BIO_printf(bio_err, "verify depth is %d, must return a certificate\n",
450	verify_depth);
451	return (0);
452	}
453
454	static int
455	s_server_opt_verify_param(int argc, char *argv, int argsused)
456	{
457	char **pargs = argv;
458	int pargc = argc;
459	int badarg = 0;
460
461	if (!args_verify(&pargs, &pargc, &badarg, bio_err,
462	&cfg.vpm)) {
463	BIO_printf(bio_err, "unknown option %s\n", *argv);
464	return (1);
465	}
466	if (badarg)
467	return (1);
468
469	*argsused = argc - pargc;
470	return (0);
471	}
472
473	static const struct option s_server_options[] = {
474	{
475	.name = "4",
476	.type = OPTION_DISCARD,
477	},
478	{
479	.name = "6",
480	.type = OPTION_DISCARD,
481	},
482	{
483	.name = "accept",
484	.argname = "port",
485	.desc = "Port to accept on (default is 4433)",
486	.type = OPTION_ARG_FUNC,
487	.opt.argfunc = s_server_opt_port,
488	},
489	{
490	.name = "alpn",
491	.argname = "protocols",
492	.desc = "Set the advertised protocols for the ALPN extension"
493	" (comma-separated list)",
494	.type = OPTION_ARG,
495	.opt.arg = &cfg.alpn_in,
496	},
497	{
498	.name = "bugs",
499	.desc = "Turn on SSL bug compatibility",
500	.type = OPTION_FLAG,
501	.opt.flag = &cfg.bugs,
502	},
503	{
504	.name = "CAfile",
505	.argname = "file",
506	.desc = "PEM format file of CA certificates",
507	.type = OPTION_ARG,
508	.opt.arg = &cfg.CAfile,
509	},
510	{
511	.name = "CApath",
512	.argname = "directory",
513	.desc = "PEM format directory of CA certificates",
514	.type = OPTION_ARG,
515	.opt.arg = &cfg.CApath,
516	},
517	{
518	.name = "cert",
519	.argname = "file",
520	.desc = "Certificate file to use\n"
521	"(default is " TEST_CERT"server.pem" ")",
522	.type = OPTION_ARG,
523	.opt.arg = &cfg.cert_file,
524	},
525	{
526	.name = "cert2",
527	.argname = "file",
528	.desc = "Certificate file to use for servername\n"
529	"(default is " TEST_CERT2"server2.pem" ")",
530	.type = OPTION_ARG,
531	.opt.arg = &cfg.cert_file2,
532	},
533	{
534	.name = "certform",
535	.argname = "fmt",
536	.desc = "Certificate format (PEM or DER) PEM default",
537	.type = OPTION_ARG_FORMAT,
538	.opt.value = &cfg.cert_format,
539	},
540	#ifndef OPENSSL_NO_DTLS
541	{
542	.name = "chain",
543	.type = OPTION_FLAG,
544	.opt.flag = &cfg.cert_chain,
545	},
546	#endif
547	{
548	.name = "cipher",
549	.argname = "list",
550	.desc = "List of ciphers to enable (see `openssl ciphers`)",
551	.type = OPTION_ARG,
552	.opt.arg = &cfg.cipher,
553	},
554	{
555	.name = "context",
556	.argname = "id",
557	.desc = "Set session ID context",
558	.type = OPTION_ARG_FUNC,
559	.opt.argfunc = s_server_opt_context,
560	},
561	{
562	.name = "crlf",
563	.desc = "Convert LF from terminal into CRLF",
564	.type = OPTION_FLAG,
565	.opt.flag = &cfg.crlf,
566	},
567	{
568	.name = "dcert",
569	.argname = "file",
570	.desc = "Second certificate file to use (usually for DSA)",
571	.type = OPTION_ARG,
572	.opt.arg = &cfg.dcert_file,
573	},
574	{
575	.name = "dcertform",
576	.argname = "fmt",
577	.desc = "Second certificate format (PEM or DER) PEM default",
578	.type = OPTION_ARG_FORMAT,
579	.opt.value = &cfg.dcert_format,
580	},
581	{
582	.name = "debug",
583	.desc = "Print more output",
584	.type = OPTION_FLAG,
585	.opt.flag = &cfg.debug,
586	},
587	{
588	.name = "dhparam",
589	.argname = "file",
590	.desc = "DH parameter file to use, in cert file if not specified",
591	.type = OPTION_ARG,
592	.opt.arg = &cfg.dhfile,
593	},
594	{
595	.name = "dkey",
596	.argname = "file",
597	.desc = "Second private key file to use (usually for DSA)",
598	.type = OPTION_ARG,
599	.opt.arg = &cfg.dkey_file,
600	},
601	{
602	.name = "dkeyform",
603	.argname = "fmt",
604	.desc = "Second key format (PEM or DER) PEM default",
605	.type = OPTION_ARG_FORMAT,
606	.opt.value = &cfg.dkey_format,
607	},
608	{
609	.name = "dpass",
610	.argname = "arg",
611	.desc = "Second private key file pass phrase source",
612	.type = OPTION_ARG,
613	.opt.arg = &cfg.dpassarg,
614	},
615	#ifndef OPENSSL_NO_DTLS
616	{
617	.name = "dtls",
618	.desc = "Use any version of DTLS",
619	.type = OPTION_FUNC,
620	.opt.func = s_server_opt_protocol_version_dtls,
621	},
622	#endif
623	#ifndef OPENSSL_NO_DTLS1_2
624	{
625	.name = "dtls1_2",
626	.desc = "Just use DTLSv1.2",
627	.type = OPTION_FUNC,
628	.opt.func = s_server_opt_protocol_version_dtls1_2,
629	},
630	#endif
631	{
632	.name = "groups",
633	.argname = "list",
634	.desc = "Specify EC groups (colon-separated list)",
635	.type = OPTION_ARG,
636	.opt.arg = &cfg.groups_in,
637	},
638	{
639	.name = "HTTP",
640	.desc = "Respond to a 'GET /<path> HTTP/1.0' with file ./<path>",
641	.type = OPTION_VALUE,
642	.opt.value = &cfg.www,
643	.value = 3,
644	},
645	{
646	.name = "id_prefix",
647	.argname = "arg",
648	.desc = "Generate SSL/TLS session IDs prefixed by 'arg'",
649	.type = OPTION_ARG,
650	.opt.arg = &cfg.session_id_prefix,
651	},
652	{
653	.name = "key",
654	.argname = "file",
655	.desc = "Private Key file to use, in cert file if\n"
656	"not specified (default is " TEST_CERT"server.pem" ")",
657	.type = OPTION_ARG,
658	.opt.arg = &cfg.key_file,
659	},
660	{
661	.name = "key2",
662	.argname = "file",
663	.desc = "Private Key file to use for servername, in cert file if\n"
664	"not specified (default is " TEST_CERT2"server2.pem" ")",
665	.type = OPTION_ARG,
666	.opt.arg = &cfg.key_file2,
667	},
668	{
669	.name = "keyform",
670	.argname = "fmt",
671	.desc = "Key format (PEM or DER) PEM default",
672	.type = OPTION_ARG_FORMAT,
673	.opt.value = &cfg.key_format,
674	},
675	{
676	.name = "keymatexport",
677	.argname = "label",
678	.desc = "Export keying material using label",
679	.type = OPTION_ARG,
680	.opt.arg = &cfg.keymatexportlabel,
681	},
682	{
683	.name = "keymatexportlen",
684	.argname = "len",
685	.desc = "Export len bytes of keying material (default 20)",
686	.type = OPTION_ARG_FUNC,
687	.opt.argfunc = s_server_opt_keymatexportlen,
688	},
689	{
690	.name = "legacy_renegotiation",
691	.type = OPTION_DISCARD,
692	},
693	{
694	.name = "msg",
695	.desc = "Show protocol messages",
696	.type = OPTION_FLAG,
697	.opt.flag = &cfg.msg,
698	},
699	#ifndef OPENSSL_NO_DTLS
700	{
701	.name = "mtu",
702	.argname = "mtu",
703	.desc = "Set link layer MTU",
704	.type = OPTION_ARG_FUNC,
705	.opt.argfunc = s_server_opt_mtu,
706	},
707	#endif
708	{
709	.name = "naccept",
710	.argname = "num",
711	.desc = "Terminate after num connections",
712	.type = OPTION_ARG_INT,
713	.opt.value = &cfg.naccept
714	},
715	{
716	.name = "named_curve",
717	.argname = "arg",
718	.type = OPTION_ARG,
719	.opt.arg = &cfg.named_curve,
720	},
721	{
722	.name = "nbio",
723	.desc = "Run with non-blocking I/O",
724	.type = OPTION_FLAG,
725	.opt.flag = &cfg.nbio,
726	},
727	{
728	.name = "nbio_test",
729	.desc = "Test with the non-blocking test bio",
730	.type = OPTION_FUNC,
731	.opt.func = s_server_opt_nbio_test,
732	},
733	{
734	.name = "nextprotoneg",
735	.argname = "arg",
736	.type = OPTION_ARG,
737	.opt.arg = &cfg.npn_in, /* Ignored. */
738	},
739	{
740	.name = "no_cache",
741	.desc = "Disable session cache",
742	.type = OPTION_FLAG,
743	.opt.flag = &cfg.no_cache,
744	},
745	{
746	.name = "no_comp",
747	.desc = "Disable SSL/TLS compression",
748	.type = OPTION_VALUE_OR,
749	.opt.value = &cfg.off,
750	.value = SSL_OP_NO_COMPRESSION0x0,
751	},
752	{
753	.name = "no_dhe",
754	.desc = "Disable ephemeral DH",
755	.type = OPTION_FLAG,
756	.opt.flag = &cfg.no_dhe,
757	},
758	{
759	.name = "no_ecdhe",
760	.desc = "Disable ephemeral ECDH",
761	.type = OPTION_FLAG,
762	.opt.flag = &cfg.no_ecdhe,
763	},
764	{
765	.name = "no_ticket",
766	.desc = "Disable use of RFC4507bis session tickets",
767	.type = OPTION_VALUE_OR,
768	.opt.value = &cfg.off,
769	.value = SSL_OP_NO_TICKET0x00004000L,
770	},
771	{
772	.name = "no_ssl2",
773	.type = OPTION_DISCARD,
774	},
775	{
776	.name = "no_ssl3",
777	.type = OPTION_DISCARD,
778	},
779	{
780	.name = "no_tls1",
781	.type = OPTION_DISCARD,
782	},
783	{
784	.name = "no_tls1_1",
785	.type = OPTION_DISCARD,
786	},
787	{
788	.name = "no_tls1_2",
789	.desc = "Just disable TLSv1.2",
790	.type = OPTION_VALUE_OR,
791	.opt.value = &cfg.off,
792	.value = SSL_OP_NO_TLSv1_20x08000000L,
793	},
794	{
795	.name = "no_tls1_3",
796	.desc = "Just disable TLSv1.3",
797	.type = OPTION_VALUE_OR,
798	.opt.value = &cfg.off,
799	.value = SSL_OP_NO_TLSv1_30x20000000L,
800	},
801	{
802	.name = "no_tmp_rsa",
803	.type = OPTION_DISCARD,
804	},
805	{
806	.name = "nocert",
807	.desc = "Don't use any certificates (Anon-DH)",
808	.type = OPTION_FLAG,
809	.opt.flag = &cfg.nocert,
810	},
811	{
812	.name = "pass",
813	.argname = "arg",
814	.desc = "Private key file pass phrase source",
815	.type = OPTION_ARG,
816	.opt.arg = &cfg.passarg,
817	},
818	{
819	.name = "port",
820	.argname = "port",
821	.type = OPTION_ARG_FUNC,
822	.opt.argfunc = s_server_opt_port,
823	},
824	{
825	.name = "quiet",
826	.desc = "Inhibit printing of session and certificate information",
827	.type = OPTION_FLAG,
828	.opt.flag = &cfg.quiet,
829	},
830	{
831	.name = "servername",
832	.argname = "name",
833	.desc = "Servername for HostName TLS extension",
834	.type = OPTION_ARG,
835	.opt.arg = &cfg.tlsextcbp.servername,
836	},
837	{
838	.name = "servername_fatal",
839	.desc = "On mismatch send fatal alert (default warning alert)",
840	.type = OPTION_VALUE,
841	.opt.value = &cfg.tlsextcbp.extension_error,
842	.value = SSL_TLSEXT_ERR_ALERT_FATAL2,
843	},
844	{
845	.name = "serverpref",
846	.desc = "Use server's cipher preferences",
847	.type = OPTION_VALUE_OR,
848	.opt.value = &cfg.off,
849	.value = SSL_OP_CIPHER_SERVER_PREFERENCE0x00400000L,
850	},
851	{
852	.name = "state",
853	.desc = "Print the SSL states",
854	.type = OPTION_FLAG,
855	.opt.flag = &cfg.state,
856	},
857	{
858	.name = "status",
859	.desc = "Respond to certificate status requests",
860	.type = OPTION_FLAG,
861	.opt.flag = &cfg.tlsextstatus,
862	},
863	{
864	.name = "status_timeout",
865	.argname = "nsec",
866	.desc = "Status request responder timeout",
867	.type = OPTION_ARG_FUNC,
868	.opt.argfunc = s_server_opt_status_timeout,
869	},
870	{
871	.name = "status_url",
872	.argname = "url",
873	.desc = "Status request fallback URL",
874	.type = OPTION_ARG_FUNC,
875	.opt.argfunc = s_server_opt_status_url,
876	},
877	{
878	.name = "status_verbose",
879	.desc = "Enable status request verbose printout",
880	.type = OPTION_FUNC,
881	.opt.func = s_server_opt_status_verbose,
882	},
883	#ifndef OPENSSL_NO_DTLS
884	{
885	.name = "timeout",
886	.desc = "Enable timeouts",
887	.type = OPTION_FLAG,
888	.opt.flag = &cfg.enable_timeouts,
889	},
890	#endif
891	{
892	.name = "tls1_2",
893	.desc = "Just talk TLSv1.2",
894	.type = OPTION_FUNC,
895	.opt.func = s_server_opt_protocol_version_tls1_2,
896	},
897	{
898	.name = "tls1_3",
899	.desc = "Just talk TLSv1.3",
900	.type = OPTION_FUNC,
901	.opt.func = s_server_opt_protocol_version_tls1_3,
902	},
903	{
904	.name = "tlsextdebug",
905	.desc = "Hex dump of all TLS extensions received",
906	.type = OPTION_FLAG,
907	.opt.flag = &cfg.tlsextdebug,
908	},
909	#ifndef OPENSSL_NO_SRTP
910	{
911	.name = "use_srtp",
912	.argname = "profiles",
913	.desc = "Offer SRTP key management with a colon-separated profile list",
914	.type = OPTION_ARG,
915	.opt.arg = &cfg.srtp_profiles,
916	},
917	#endif
918	{
919	.name = "Verify",
920	.argname = "depth",
921	.desc = "Turn on peer certificate verification, must have a cert",
922	.type = OPTION_ARG_FUNC,
923	.opt.argfunc = s_server_opt_verify_fail,
924	},
925	{
926	.name = "verify",
927	.argname = "depth",
928	.desc = "Turn on peer certificate verification",
929	.type = OPTION_ARG_FUNC,
930	.opt.argfunc = s_server_opt_verify,
931	},
932	{
933	.name = "verify_return_error",
934	.desc = "Return verification error",
935	.type = OPTION_FLAG,
936	.opt.flag = &verify_return_error,
937	},
938	{
939	.name = "WWW",
940	.desc = "Respond to a 'GET /<path> HTTP/1.0' with file ./<path>",
941	.type = OPTION_VALUE,
942	.opt.value = &cfg.www,
943	.value = 2,
944	},
945	{
946	.name = "www",
947	.desc = "Respond to a 'GET /' with a status page",
948	.type = OPTION_VALUE,
949	.opt.value = &cfg.www,
950	.value = 1,
951	},
952	{
953	.name = NULL((void *)0),
954	.desc = "",
955	.type = OPTION_ARGV_FUNC,
956	.opt.argvfunc = s_server_opt_verify_param,
957	},
958	{ NULL((void *)0) },
959	};
960
961	static void
962	s_server_init(void)
963	{
964	accept_socket = -1;
965	cfg.cipher = NULL((void *)0);
966	cfg.server_verify = SSL_VERIFY_NONE0x00;
967	cfg.dcert_file = NULL((void *)0);
968	cfg.dkey_file = NULL((void *)0);
969	cfg.cert_file = TEST_CERT"server.pem";
970	cfg.key_file = NULL((void *)0);
971	cfg.cert_file2 = TEST_CERT2"server2.pem";
972	cfg.key_file2 = NULL((void *)0);
973	ctx2 = NULL((void *)0);
974	cfg.nbio = 0;
975	cfg.nbio_test = 0;
976	ctx = NULL((void *)0);
977	cfg.www = 0;
978
979	bio_s_out = NULL((void *)0);
980	cfg.debug = 0;
981	cfg.msg = 0;
982	cfg.quiet = 0;
983	}
984
985	static void
986	sv_usage(void)
987	{
988	fprintf(stderr(&__sF[2]), "usage: s_server "
989	"[-accept port] [-alpn protocols] [-bugs] [-CAfile file]\n"
990	" [-CApath directory] [-cert file] [-cert2 file]\n"
991	" [-certform der \| pem] [-cipher cipherlist]\n"
992	" [-context id] [-crl_check] [-crl_check_all] [-crlf]\n"
993	" [-dcert file] [-dcertform der \| pem] [-debug]\n"
994	" [-dhparam file] [-dkey file] [-dkeyform der \| pem]\n"
995	" [-dpass arg] [-dtls] [-dtls1_2] [-groups list] [-HTTP]\n"
996	" [-id_prefix arg] [-key keyfile] [-key2 keyfile]\n"
997	" [-keyform der \| pem] [-keymatexport label]\n"
998	" [-keymatexportlen len] [-msg] [-mtu mtu] [-naccept num]\n"
999	" [-named_curve arg] [-nbio] [-nbio_test] [-no_cache]\n"
1000	" [-no_dhe] [-no_ecdhe] [-no_ticket] \n"
1001	" [-no_tls1_2] [-no_tls1_3] [-no_tmp_rsa]\n"
1002	" [-nocert] [-pass arg] [-quiet] [-servername name]\n"
1003	" [-servername_fatal] [-serverpref] [-state] [-status]\n"
1004	" [-status_timeout nsec] [-status_url url]\n"
1005	" [-status_verbose] [-timeout] \n"
1006	" [-tls1_2] [-tls1_3] [-tlsextdebug] [-use_srtp profiles]\n"
1007	" [-Verify depth] [-verify depth] [-verify_return_error]\n"
1008	" [-WWW] [-www]\n");
1009	fprintf(stderr(&__sF[2]), "\n");
1010	options_usage(s_server_options);
1011	fprintf(stderr(&__sF[2]), "\n");
1012	}
1013
1014	int
1015	s_server_main(int argc, char *argv[])
1016	{
1017	int ret = 1;
1018	char pass = NULL((void )0);
1019	char dpass = NULL((void )0);
1020	X509 s_cert = NULL((void )0), s_dcert = NULL((void )0);
1021	EVP_PKEY s_key = NULL((void )0), s_dkey = NULL((void )0);
1022	EVP_PKEY s_key2 = NULL((void )0);
1023	X509 s_cert2 = NULL((void )0);
1024	tlsextalpnctx alpn_ctx = { NULL((void *)0), 0 };
1025
1026	if (pledge("stdio rpath inet dns tty", NULL((void *)0)) == -1) {
1027	perror("pledge");
1028	exit(1);
1029	}
1030
1031	memset(&cfg, 0, sizeof(cfg));
1032	cfg.keymatexportlen = 20;
1033	cfg.meth = TLS_server_method();
1034	cfg.naccept = -1;
1035	cfg.port = PORT4433;
1036	cfg.cert_file = TEST_CERT"server.pem";
1037	cfg.cert_file2 = TEST_CERT2"server2.pem";
1038	cfg.cert_format = FORMAT_PEM3;
1039	cfg.dcert_format = FORMAT_PEM3;
1040	cfg.dkey_format = FORMAT_PEM3;
1041	cfg.key_format = FORMAT_PEM3;
1042	cfg.server_verify = SSL_VERIFY_NONE0x00;
1043	cfg.socket_type = SOCK_STREAM1;
1044	cfg.tlscstatp.timeout = -1;
1045	cfg.tlsextcbp.extension_error =
1046	SSL_TLSEXT_ERR_ALERT_WARNING1;
1047
1048	local_argc = argc;
1049	local_argv = argv;
1050
1051	s_server_init();
1052
1053	verify_depth = 0;
1054
1055	if (options_parse(argc, argv, s_server_options, NULL((void )0), NULL((void )0)) != 0) {
1056	if (cfg.errstr == NULL((void *)0))
1057	sv_usage();
1058	goto end;
1059	}
1060
1061	if (!app_passwd(bio_err, cfg.passarg,
1062	cfg.dpassarg, &pass, &dpass)) {
1063	BIO_printf(bio_err, "Error getting password\n");
1064	goto end;
1065	}
1066	if (cfg.key_file == NULL((void *)0))
1067	cfg.key_file = cfg.cert_file;
1068	if (cfg.key_file2 == NULL((void *)0))
1069	cfg.key_file2 = cfg.cert_file2;
1070
1071	if (cfg.nocert == 0) {
1072	s_key = load_key(bio_err, cfg.key_file,
1073	cfg.key_format, 0, pass,
1074	"server certificate private key file");
1075	if (!s_key) {
1076	ERR_print_errors(bio_err);
1077	goto end;
1078	}
1079	s_cert = load_cert(bio_err, cfg.cert_file,
1080	cfg.cert_format,
1081	NULL((void *)0), "server certificate file");
1082
1083	if (!s_cert) {
1084	ERR_print_errors(bio_err);
1085	goto end;
1086	}
1087	if (cfg.tlsextcbp.servername) {
1088	s_key2 = load_key(bio_err, cfg.key_file2,
1089	cfg.key_format, 0, pass,
1090	"second server certificate private key file");
1091	if (!s_key2) {
1092	ERR_print_errors(bio_err);
1093	goto end;
1094	}
1095	s_cert2 = load_cert(bio_err, cfg.cert_file2,
1096	cfg.cert_format,
1097	NULL((void *)0), "second server certificate file");
1098
1099	if (!s_cert2) {
1100	ERR_print_errors(bio_err);
1101	goto end;
1102	}
1103	}
1104	}
1105	alpn_ctx.data = NULL((void *)0);
1106	if (cfg.alpn_in) {
1107	unsigned short len;
1108	alpn_ctx.data = next_protos_parse(&len,
1109	cfg.alpn_in);
1110	if (alpn_ctx.data == NULL((void *)0))
1111	goto end;
1112	alpn_ctx.len = len;
1113	}
1114
1115	if (cfg.dcert_file) {
1116
1117	if (cfg.dkey_file == NULL((void *)0))
1118	cfg.dkey_file = cfg.dcert_file;
1119
1120	s_dkey = load_key(bio_err, cfg.dkey_file,
1121	cfg.dkey_format,
1122	0, dpass, "second certificate private key file");
1123	if (!s_dkey) {
1124	ERR_print_errors(bio_err);
1125	goto end;
1126	}
1127	s_dcert = load_cert(bio_err, cfg.dcert_file,
1128	cfg.dcert_format,
1129	NULL((void *)0), "second server certificate file");
1130
1131	if (!s_dcert) {
1132	ERR_print_errors(bio_err);
1133	goto end;
1134	}
1135	}
1136	if (bio_s_out == NULL((void *)0)) {
1137	if (cfg.quiet && !cfg.debug &&
1138	!cfg.msg) {
1139	bio_s_out = BIO_new(BIO_s_null());
1140	} else {
1141	if (bio_s_out == NULL((void *)0))
1142	bio_s_out = BIO_new_fp(stdout(&__sF[1]), BIO_NOCLOSE0x00);
1143	}
1144	}
1145	if (cfg.nocert) {
1146	cfg.cert_file = NULL((void *)0);
1147	cfg.key_file = NULL((void *)0);
1148	cfg.dcert_file = NULL((void *)0);
1149	cfg.dkey_file = NULL((void *)0);
1150	cfg.cert_file2 = NULL((void *)0);
1151	cfg.key_file2 = NULL((void *)0);
1152	}
1153	ctx = SSL_CTX_new(cfg.meth);
1154	if (ctx == NULL((void *)0)) {
1155	ERR_print_errors(bio_err);
1156	goto end;
1157	}
1158
1159	SSL_CTX_clear_mode(ctx, SSL_MODE_AUTO_RETRY)SSL_CTX_ctrl((ctx),78,(0x00000004L),((void *)0));
1160
1161	if (!SSL_CTX_set_min_proto_version(ctx, cfg.min_version))
1162	goto end;
1163	if (!SSL_CTX_set_max_proto_version(ctx, cfg.max_version))
1164	goto end;
1165
1166	if (cfg.session_id_prefix) {
1167	if (strlen(cfg.session_id_prefix) >= 32)
1168	BIO_printf(bio_err,
1169	"warning: id_prefix is too long, only one new session will be possible\n");
1170	else if (strlen(cfg.session_id_prefix) >= 16)
1171	BIO_printf(bio_err,
1172	"warning: id_prefix is too long if you use SSLv2\n");
1173	if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
1174	BIO_printf(bio_err, "error setting 'id_prefix'\n");
1175	ERR_print_errors(bio_err);
1176	goto end;
1177	}
1178	BIO_printf(bio_err, "id_prefix '%s' set.\n",
1179	cfg.session_id_prefix);
1180	}
1181	SSL_CTX_set_quiet_shutdown(ctx, 1);
1182	if (cfg.bugs)
1183	SSL_CTX_set_options(ctx, SSL_OP_ALL)SSL_CTX_ctrl((ctx),32,((0x00000004L)),((void *)0));
1184	SSL_CTX_set_options(ctx, cfg.off)SSL_CTX_ctrl((ctx),32,(cfg.off),((void *)0));
1185
1186	if (cfg.state)
1187	SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
1188	if (cfg.no_cache)
1189	SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF)SSL_CTX_ctrl(ctx,44,0x0000,((void *)0));
1190	else
1191	SSL_CTX_sess_set_cache_size(ctx, 128)SSL_CTX_ctrl(ctx,42,128,((void *)0));
1192
1193	#ifndef OPENSSL_NO_SRTP
1194	if (cfg.srtp_profiles != NULL((void *)0))
1195	SSL_CTX_set_tlsext_use_srtp(ctx, cfg.srtp_profiles);
1196	#endif
1197
1198	if ((!SSL_CTX_load_verify_locations(ctx, cfg.CAfile,
1199	cfg.CApath)) \|\|
1200	(!SSL_CTX_set_default_verify_paths(ctx))) {
1201	/* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
1202	ERR_print_errors(bio_err);
1203	/* goto end; */
1204	}
1205	if (cfg.vpm)
1206	SSL_CTX_set1_param(ctx, cfg.vpm);
1207
1208	if (s_cert2) {
1209	ctx2 = SSL_CTX_new(cfg.meth);
1210	if (ctx2 == NULL((void *)0)) {
1211	ERR_print_errors(bio_err);
1212	goto end;
1213	}
1214
1215	if (!SSL_CTX_set_min_proto_version(ctx2,
1216	cfg.min_version))
1217	goto end;
1218	if (!SSL_CTX_set_max_proto_version(ctx2,
1219	cfg.max_version))
1220	goto end;
1221	SSL_CTX_clear_mode(ctx2, SSL_MODE_AUTO_RETRY)SSL_CTX_ctrl((ctx2),78,(0x00000004L),((void *)0));
1222	}
1223	if (ctx2) {
1224	BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
1225
1226	if (cfg.session_id_prefix) {
1227	if (strlen(cfg.session_id_prefix) >= 32)
1228	BIO_printf(bio_err,
1229	"warning: id_prefix is too long, only one new session will be possible\n");
1230	else if (strlen(cfg.session_id_prefix) >= 16)
1231	BIO_printf(bio_err,
1232	"warning: id_prefix is too long if you use SSLv2\n");
1233	if (!SSL_CTX_set_generate_session_id(ctx2,
1234	generate_session_id)) {
1235	BIO_printf(bio_err,
1236	"error setting 'id_prefix'\n");
1237	ERR_print_errors(bio_err);
1238	goto end;
1239	}
1240	BIO_printf(bio_err, "id_prefix '%s' set.\n",
1241	cfg.session_id_prefix);
1242	}
1243	SSL_CTX_set_quiet_shutdown(ctx2, 1);
1244	if (cfg.bugs)
1245	SSL_CTX_set_options(ctx2, SSL_OP_ALL)SSL_CTX_ctrl((ctx2),32,((0x00000004L)),((void *)0));
1246	SSL_CTX_set_options(ctx2, cfg.off)SSL_CTX_ctrl((ctx2),32,(cfg.off),((void *)0));
1247
1248	if (cfg.state)
1249	SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
1250
1251	if (cfg.no_cache)
1252	SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF)SSL_CTX_ctrl(ctx2,44,0x0000,((void *)0));
1253	else
1254	SSL_CTX_sess_set_cache_size(ctx2, 128)SSL_CTX_ctrl(ctx2,42,128,((void *)0));
1255
1256	if ((!SSL_CTX_load_verify_locations(ctx2,
1257	cfg.CAfile, cfg.CApath)) \|\|
1258	(!SSL_CTX_set_default_verify_paths(ctx2))) {
1259	ERR_print_errors(bio_err);
1260	}
1261	if (cfg.vpm)
1262	SSL_CTX_set1_param(ctx2, cfg.vpm);
1263	}
1264	if (alpn_ctx.data)
1265	SSL_CTX_set_alpn_select_cb(ctx, alpn_cb, &alpn_ctx);
1266
1267	if (cfg.groups_in != NULL((void *)0)) {
1268	if (SSL_CTX_set1_groups_list(ctx, cfg.groups_in) != 1) {
1269	BIO_printf(bio_err, "Failed to set groups '%s'\n",
1270	cfg.groups_in);
1271	goto end;
1272	}
1273	}
1274
1275	#ifndef OPENSSL_NO_DH
1276	if (!cfg.no_dhe) {
1277	DH dh = NULL((void )0);
1278
1279	if (cfg.dhfile)
1280	dh = load_dh_param(cfg.dhfile);
1281	else if (cfg.cert_file)
1282	dh = load_dh_param(cfg.cert_file);
1283
1284	if (dh != NULL((void *)0))
1285	BIO_printf(bio_s_out, "Setting temp DH parameters\n");
1286	else
1287	BIO_printf(bio_s_out, "Using auto DH parameters\n");
1288	(void) BIO_flush(bio_s_out)(int)BIO_ctrl(bio_s_out,11,0,((void *)0));
1289
1290	if (dh == NULL((void *)0))
1291	SSL_CTX_set_dh_auto(ctx, 1)SSL_CTX_ctrl(ctx,118,1,((void *)0));
1292	else if (!SSL_CTX_set_tmp_dh(ctx, dh)SSL_CTX_ctrl(ctx,3,0,(char *)dh)) {
1293	BIO_printf(bio_err,
1294	"Error setting temp DH parameters\n");
1295	ERR_print_errors(bio_err);
1296	DH_free(dh);
1297	goto end;
1298	}
1299
1300	if (ctx2) {
1301	if (!cfg.dhfile) {
1302	DH dh2 = NULL((void )0);
1303
1304	if (cfg.cert_file2 != NULL((void *)0))
1305	dh2 = load_dh_param(
1306	cfg.cert_file2);
1307	if (dh2 != NULL((void *)0)) {
1308	BIO_printf(bio_s_out,
1309	"Setting temp DH parameters\n");
1310	(void) BIO_flush(bio_s_out)(int)BIO_ctrl(bio_s_out,11,0,((void *)0));
1311
1312	DH_free(dh);
1313	dh = dh2;
1314	}
1315	}
1316	if (dh == NULL((void *)0))
1317	SSL_CTX_set_dh_auto(ctx2, 1)SSL_CTX_ctrl(ctx2,118,1,((void *)0));
1318	else if (!SSL_CTX_set_tmp_dh(ctx2, dh)SSL_CTX_ctrl(ctx2,3,0,(char *)dh)) {
1319	BIO_printf(bio_err,
1320	"Error setting temp DH parameters\n");
1321	ERR_print_errors(bio_err);
1322	DH_free(dh);
1323	goto end;
1324	}
1325	}
1326	DH_free(dh);
1327	}
1328	#endif
1329
1330	if (!cfg.no_ecdhe && cfg.named_curve != NULL((void *)0)) {
1331	EC_KEY ecdh = NULL((void )0);
1332	int nid;
1333
1334	if ((nid = OBJ_sn2nid(cfg.named_curve)) == 0) {
1335	BIO_printf(bio_err, "unknown curve name (%s)\n",
1336	cfg.named_curve);
1337	goto end;
1338	}
1339	if ((ecdh = EC_KEY_new_by_curve_name(nid)) == NULL((void *)0)) {
1340	BIO_printf(bio_err, "unable to create curve (%s)\n",
1341	cfg.named_curve);
1342	goto end;
1343	}
1344	BIO_printf(bio_s_out, "Setting temp ECDH parameters\n");
1345	(void) BIO_flush(bio_s_out)(int)BIO_ctrl(bio_s_out,11,0,((void *)0));
1346
1347	SSL_CTX_set_tmp_ecdh(ctx, ecdh)SSL_CTX_ctrl(ctx,4,0,(char *)ecdh);
1348	if (ctx2)
1349	SSL_CTX_set_tmp_ecdh(ctx2, ecdh)SSL_CTX_ctrl(ctx2,4,0,(char *)ecdh);
1350	EC_KEY_free(ecdh);
1351	}
1352
1353	if (!set_cert_key_stuff(ctx, s_cert, s_key))
1354	goto end;
1355	if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2))
1356	goto end;
1357	if (s_dcert != NULL((void *)0)) {
1358	if (!set_cert_key_stuff(ctx, s_dcert, s_dkey))
1359	goto end;
1360	}
1361
1362	if (cfg.cipher != NULL((void *)0)) {
1363	if (!SSL_CTX_set_cipher_list(ctx, cfg.cipher)) {
1364	BIO_printf(bio_err, "error setting cipher list\n");
1365	ERR_print_errors(bio_err);
1366	goto end;
1367	}
1368	if (ctx2 && !SSL_CTX_set_cipher_list(ctx2,
1369	cfg.cipher)) {
1370	BIO_printf(bio_err, "error setting cipher list\n");
1371	ERR_print_errors(bio_err);
1372	goto end;
1373	}
1374	}
1375	SSL_CTX_set_verify(ctx, cfg.server_verify, verify_callback);
1376	SSL_CTX_set_session_id_context(ctx,
1377	(void *) &s_server_session_id_context,
1378	sizeof s_server_session_id_context);
1379
1380	/* Set DTLS cookie generation and verification callbacks */
1381	SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
1382	SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
1383
1384	if (ctx2) {
1385	SSL_CTX_set_verify(ctx2, cfg.server_verify,
1386	verify_callback);
1387	SSL_CTX_set_session_id_context(ctx2,
1388	(void *) &s_server_session_id_context,
1389	sizeof s_server_session_id_context);
1390
1391	cfg.tlsextcbp.biodebug = bio_s_out;
1392	SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb)SSL_CTX_callback_ctrl(ctx2,53,(void (*)(void))ssl_servername_cb );
1393	SSL_CTX_set_tlsext_servername_arg(ctx2,SSL_CTX_ctrl(ctx2,54,0, (void *)&cfg.tlsextcbp)
1394	&cfg.tlsextcbp)SSL_CTX_ctrl(ctx2,54,0, (void *)&cfg.tlsextcbp);
1395	SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb)SSL_CTX_callback_ctrl(ctx,53,(void (*)(void))ssl_servername_cb );
1396	SSL_CTX_set_tlsext_servername_arg(ctx,SSL_CTX_ctrl(ctx,54,0, (void *)&cfg.tlsextcbp)
1397	&cfg.tlsextcbp)SSL_CTX_ctrl(ctx,54,0, (void *)&cfg.tlsextcbp);
1398	}
1399
1400	if (cfg.CAfile != NULL((void *)0)) {
1401	SSL_CTX_set_client_CA_list(ctx,
1402	SSL_load_client_CA_file(cfg.CAfile));
1403	if (ctx2)
1404	SSL_CTX_set_client_CA_list(ctx2,
1405	SSL_load_client_CA_file(cfg.CAfile));
1406	}
1407	BIO_printf(bio_s_out, "ACCEPT\n");
1408	(void) BIO_flush(bio_s_out)(int)BIO_ctrl(bio_s_out,11,0,((void *)0));
1409	if (cfg.www)
1410	do_server(cfg.port, cfg.socket_type,
1411	&accept_socket, www_body, cfg.context,
1412	cfg.naccept);
1413	else
1414	do_server(cfg.port, cfg.socket_type,
1415	&accept_socket, sv_body, cfg.context,
1416	cfg.naccept);
1417	print_stats(bio_s_out, ctx);
1418	ret = 0;
1419	end:
1420	SSL_CTX_free(ctx);
1421	X509_free(s_cert);
1422	X509_free(s_dcert);
1423	EVP_PKEY_free(s_key);
1424	EVP_PKEY_free(s_dkey);
1425	free(pass);
1426	free(dpass);
1427	X509_VERIFY_PARAM_free(cfg.vpm);
1428	free(cfg.tlscstatp.host);
1429	free(cfg.tlscstatp.port);
1430	free(cfg.tlscstatp.path);
1431	SSL_CTX_free(ctx2);
1432	X509_free(s_cert2);
1433	EVP_PKEY_free(s_key2);
1434	free(alpn_ctx.data);
1435	if (bio_s_out != NULL((void *)0)) {
1436	BIO_free(bio_s_out);
1437	bio_s_out = NULL((void *)0);
1438	}
1439
1440	return (ret);
1441	}
1442
1443	static void
1444	print_stats(BIO bio, SSL_CTX ssl_ctx)
1445	{
1446	BIO_printf(bio, "%4ld items in the session cache\n",
1447	SSL_CTX_sess_number(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,20,0,((void *)0)));
1448	BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
1449	SSL_CTX_sess_connect(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,21,0,((void *)0)));
1450	BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
1451	SSL_CTX_sess_connect_renegotiate(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,23,0,((void *)0)));
1452	BIO_printf(bio, "%4ld client connects that finished\n",
1453	SSL_CTX_sess_connect_good(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,22,0,((void *)0)));
1454	BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
1455	SSL_CTX_sess_accept(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,24,0,((void *)0)));
1456	BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
1457	SSL_CTX_sess_accept_renegotiate(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,26,0,((void *)0)));
1458	BIO_printf(bio, "%4ld server accepts that finished\n",
1459	SSL_CTX_sess_accept_good(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,25,0,((void *)0)));
1460	BIO_printf(bio, "%4ld session cache hits\n",
1461	SSL_CTX_sess_hits(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,27,0,((void *)0)));
1462	BIO_printf(bio, "%4ld session cache misses\n",
1463	SSL_CTX_sess_misses(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,29,0,((void *)0)));
1464	BIO_printf(bio, "%4ld session cache timeouts\n",
1465	SSL_CTX_sess_timeouts(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,30,0,((void *)0)));
1466	BIO_printf(bio, "%4ld callback cache hits\n",
1467	SSL_CTX_sess_cb_hits(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,28,0,((void *)0)));
1468	BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
1469	SSL_CTX_sess_cache_full(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,31,0,((void *)0)),
1470	SSL_CTX_sess_get_cache_size(ssl_ctx)SSL_CTX_ctrl(ssl_ctx,43,0,((void *)0)));
1471	}
1472
1473	static int
1474	sv_body(int s, unsigned char *context)
1475	{
1476	char buf = NULL((void )0);
1477	int ret = 1;
1478	int k, i;
1479	unsigned long l;
1480	SSL con = NULL((void )0);
1481	BIO *sbio;
1482	struct timeval timeout;
1483
1484	if ((buf = malloc(bufsize)) == NULL((void *)0)) {
1485	BIO_printf(bio_err, "out of memory\n");
1486	goto err;
1487	}
1488	if (cfg.nbio) {
1489	if (!cfg.quiet)
1490	BIO_printf(bio_err, "turning on non blocking io\n");
1491	if (!BIO_socket_nbio(s, 1))
1492	ERR_print_errors(bio_err);
1493	}
1494
1495	if (con == NULL((void *)0)) {
1496	con = SSL_new(ctx);
1497	if (cfg.tlsextdebug) {
1498	SSL_set_tlsext_debug_callback(con, tlsext_cb)SSL_callback_ctrl(con,56,(void (*)(void))tlsext_cb);
1499	SSL_set_tlsext_debug_arg(con, bio_s_out)SSL_ctrl(con,57,0, (void *)bio_s_out);
1500	}
1501	if (cfg.tlsextstatus) {
1502	SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb)SSL_CTX_callback_ctrl(ctx,63,(void (*)(void))cert_status_cb);
1503	cfg.tlscstatp.err = bio_err;
1504	SSL_CTX_set_tlsext_status_arg(ctx,SSL_CTX_ctrl(ctx,64,0,(void *)&cfg.tlscstatp)
1505	&cfg.tlscstatp)SSL_CTX_ctrl(ctx,64,0,(void *)&cfg.tlscstatp);
1506	}
1507	if (context)
1508	SSL_set_session_id_context(con, context,
1509	strlen((char *) context));
1510	}
1511	SSL_clear(con);
1512
1513	if (SSL_is_dtls(con)) {
1514	sbio = BIO_new_dgram(s, BIO_NOCLOSE0x00);
1515
1516	if (cfg.enable_timeouts) {
1517	timeout.tv_sec = 0;
1518	timeout.tv_usec = DGRAM_RCV_TIMEOUT250000;
1519	BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT33, 0,
1520	&timeout);
1521
1522	timeout.tv_sec = 0;
1523	timeout.tv_usec = DGRAM_SND_TIMEOUT250000;
1524	BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT35, 0,
1525	&timeout);
1526	}
1527	if (cfg.socket_mtu > 28) {
1528	SSL_set_options(con, SSL_OP_NO_QUERY_MTU)SSL_ctrl((con),32,(0x00001000L),((void *)0));
1529	SSL_set_mtu(con, cfg.socket_mtu - 28)SSL_ctrl((con),17,(cfg.socket_mtu - 28),((void *)0));
1530	} else
1531	/* want to do MTU discovery */
1532	BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER39, 0, NULL((void *)0));
1533
1534	/* turn on cookie exchange */
1535	SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE)SSL_ctrl((con),32,(0x00002000L),((void *)0));
1536	} else
1537	sbio = BIO_new_socket(s, BIO_NOCLOSE0x00);
1538
1539	if (cfg.nbio_test) {
1540	BIO *test;
1541
1542	test = BIO_new(BIO_f_nbio_test());
1543	sbio = BIO_push(test, sbio);
1544	}
1545
1546	SSL_set_bio(con, sbio, sbio);
1547	SSL_set_accept_state(con);
1548	/* SSL_set_fd(con,s); */
1549
1550	if (cfg.debug) {
1551	BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
1552	BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out);
1553	}
1554	if (cfg.msg) {
1555	SSL_set_msg_callback(con, msg_cb);
1556	SSL_set_msg_callback_arg(con, bio_s_out)SSL_ctrl((con), 16, 0, (bio_s_out));
1557	}
1558	if (cfg.tlsextdebug) {
1559	SSL_set_tlsext_debug_callback(con, tlsext_cb)SSL_callback_ctrl(con,56,(void (*)(void))tlsext_cb);
1560	SSL_set_tlsext_debug_arg(con, bio_s_out)SSL_ctrl(con,57,0, (void *)bio_s_out);
1561	}
1562
1563	for (;;) {
1564	int read_from_terminal;
1565	int read_from_sslcon;
1566	struct pollfd pfd[2];
1567	int ptimeout;
1568
1569	read_from_terminal = 0;
1570	read_from_sslcon = SSL_pending(con);
1571
1572	if (!read_from_sslcon) {
1573	pfd[0].fd = fileno(stdin)(!__isthreaded ? (((&__sF[0]))->_file) : (fileno)((& __sF[0])));
1574	pfd[0].events = POLLIN0x0001;
1575	pfd[1].fd = s;
1576	pfd[1].events = POLLIN0x0001;
1577
1578	if (SSL_is_dtls(con) &&
1579	DTLSv1_get_timeout(con, &timeout)SSL_ctrl(con,73,0, (void *)&timeout))
1580	ptimeout = timeout.tv_sec * 1000 +
1581	timeout.tv_usec / 1000;
1582	else
1583	ptimeout = -1;
1584
1585	i = poll(pfd, 2, ptimeout);
1586
1587	if (SSL_is_dtls(con) &&
1588	DTLSv1_handle_timeout(con)SSL_ctrl(con,74,0, ((void *)0)) > 0)
1589	BIO_printf(bio_err, "TIMEOUT occured\n");
1590	if (i <= 0)
1591	continue;
1592	if (pfd[0].revents) {
1593	if ((pfd[0].revents & (POLLERR0x0008\|POLLNVAL0x0020)))
1594	continue;
1595	read_from_terminal = 1;
1596	}
1597	if (pfd[1].revents) {
1598	if ((pfd[1].revents & (POLLERR0x0008\|POLLNVAL0x0020)))
1599	continue;
1600	read_from_sslcon = 1;
1601	}
1602	}
1603	if (read_from_terminal) {
1604	if (cfg.crlf) {
1605	int j, lf_num;
1606
1607	i = read(fileno(stdin)(!__isthreaded ? (((&__sF[0]))->_file) : (fileno)((& __sF[0]))), buf, bufsize / 2);
1608	lf_num = 0;
1609	/* both loops are skipped when i <= 0 */
1610	for (j = 0; j < i; j++)
1611	if (buf[j] == '\n')
1612	lf_num++;
1613	for (j = i - 1; j >= 0; j--) {
1614	buf[j + lf_num] = buf[j];
1615	if (buf[j] == '\n') {
1616	lf_num--;
1617	i++;
1618	buf[j + lf_num] = '\r';
1619	}
1620	}
1621	assert(lf_num == 0)((lf_num == 0) ? (void)0 : __assert2("/usr/src/usr.bin/openssl/s_server.c" , 1621, __func__, "lf_num == 0"));
1622	} else
1623	i = read(fileno(stdin)(!__isthreaded ? (((&__sF[0]))->_file) : (fileno)((& __sF[0]))), buf, bufsize);
1624	if (!cfg.quiet) {
1625	if ((i <= 0) \|\| (buf[0] == 'Q')) {
1626	BIO_printf(bio_s_out, "DONE\n");
1627	shutdown(s, SHUT_RD0);
1628	close(s);
1629	close_accept_socket();
1630	ret = -11;
1631	goto err;
1632	}
1633	if ((i <= 0) \|\| (buf[0] == 'q')) {
1634	BIO_printf(bio_s_out, "DONE\n");
1635	if (!SSL_is_dtls(con)) {
1636	shutdown(s, SHUT_RD0);
1637	close(s);
1638	}
1639	/*
1640	* close_accept_socket(); ret= -11;
1641	*/
1642	goto err;
1643	}
1644	if ((buf[0] == 'r') &&
1645	((buf[1] == '\n') \|\| (buf[1] == '\r'))) {
1646	SSL_renegotiate(con);
1647	i = SSL_do_handshake(con);
1648	printf("SSL_do_handshake -> %d\n", i);
1649	i = 0; /* 13; */
	Value stored to 'i' is never read
1650	continue;
1651	/*
1652	* RE-NEGOTIATE\n");
1653	*/
1654	}
1655	if ((buf[0] == 'R') &&
1656	((buf[1] == '\n') \|\| (buf[1] == '\r'))) {
1657	SSL_set_verify(con,
1658	SSL_VERIFY_PEER0x01 \|
1659	SSL_VERIFY_CLIENT_ONCE0x04,
1660	NULL((void *)0));
1661	SSL_renegotiate(con);
1662	i = SSL_do_handshake(con);
1663	printf("SSL_do_handshake -> %d\n", i);
1664	i = 0; /* 13; */
1665	continue;
1666	/*
1667	* RE-NEGOTIATE asking for client
1668	* cert\n");
1669	*/
1670	}
1671	if (buf[0] == 'P') {
1672	static const char *str =
1673	"Lets print some clear text\n";
1674	BIO_write(SSL_get_wbio(con), str,
1675	strlen(str));
1676	}
1677	if (buf[0] == 'S') {
1678	print_stats(bio_s_out,
1679	SSL_get_SSL_CTX(con));
1680	}
1681	}
1682	l = k = 0;
1683	for (;;) {
1684	/* should do a select for the write */
1685	#ifdef RENEG
1686	{
1687	static count = 0;
1688	if (++count == 100) {
1689	count = 0;
1690	SSL_renegotiate(con);
1691	}
1692	}
1693	#endif
1694	k = SSL_write(con, &(buf[l]), (unsigned int) i);
1695	switch (SSL_get_error(con, k)) {
1696	case SSL_ERROR_NONE0:
1697	break;
1698	case SSL_ERROR_WANT_WRITE3:
1699	case SSL_ERROR_WANT_READ2:
1700	case SSL_ERROR_WANT_X509_LOOKUP4:
1701	BIO_printf(bio_s_out, "Write BLOCK\n");
1702	break;
1703	case SSL_ERROR_SYSCALL5:
1704	case SSL_ERROR_SSL1:
1705	BIO_printf(bio_s_out, "ERROR\n");
1706	ERR_print_errors(bio_err);
1707	ret = 1;
1708	goto err;
1709	/* break; */
1710	case SSL_ERROR_ZERO_RETURN6:
1711	BIO_printf(bio_s_out, "DONE\n");
1712	ret = 1;
1713	goto err;
1714	}
1715	if (k <= 0)
1716	continue;
1717	l += k;
1718	i -= k;
1719	if (i <= 0)
1720	break;
1721	}
1722	}
1723	if (read_from_sslcon) {
1724	if (!SSL_is_init_finished(con)(SSL_state((con)) == 0x03)) {
1725	i = init_ssl_connection(con);
1726
1727	if (i < 0) {
1728	ret = 0;
1729	goto err;
1730	} else if (i == 0) {
1731	ret = 1;
1732	goto err;
1733	}
1734	} else {
1735	again:
1736	i = SSL_read(con, (char *) buf, bufsize);
1737	switch (SSL_get_error(con, i)) {
1738	case SSL_ERROR_NONE0: {
1739	int len, n;
1740	for (len = 0; len < i;) {
1741	do {
1742	n = write(fileno(stdout)(!__isthreaded ? (((&__sF[1]))->_file) : (fileno)((& __sF[1]))), buf + len, i - len);
1743	} while (n == -1 && errno(*__errno()) == EINTR4);
1744
1745	if (n == -1) {
1746	BIO_printf(bio_s_out, "ERROR\n");
1747	goto err;
1748	}
1749	len += n;
1750	}
1751	}
1752	if (SSL_pending(con))
1753	goto again;
1754	break;
1755	case SSL_ERROR_WANT_WRITE3:
1756	case SSL_ERROR_WANT_READ2:
1757	BIO_printf(bio_s_out, "Read BLOCK\n");
1758	break;
1759	case SSL_ERROR_SYSCALL5:
1760	case SSL_ERROR_SSL1:
1761	BIO_printf(bio_s_out, "ERROR\n");
1762	ERR_print_errors(bio_err);
1763	ret = 1;
1764	goto err;
1765	case SSL_ERROR_ZERO_RETURN6:
1766	BIO_printf(bio_s_out, "DONE\n");
1767	ret = 1;
1768	goto err;
1769	}
1770	}
1771	}
1772	}
1773	err:
1774	if (con != NULL((void *)0)) {
1775	BIO_printf(bio_s_out, "shutting down SSL\n");
1776	SSL_set_shutdown(con,
1777	SSL_SENT_SHUTDOWN1 \| SSL_RECEIVED_SHUTDOWN2);
1778	SSL_free(con);
1779	}
1780	BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
1781	freezero(buf, bufsize);
1782	if (ret >= 0)
1783	BIO_printf(bio_s_out, "ACCEPT\n");
1784	return (ret);
1785	}
1786
1787	static void
1788	close_accept_socket(void)
1789	{
1790	BIO_printf(bio_err, "shutdown accept socket\n");
1791	if (accept_socket >= 0) {
1792	shutdown(accept_socket, SHUT_RDWR2);
1793	close(accept_socket);
1794	}
1795	}
1796
1797	static int
1798	init_ssl_connection(SSL *con)
1799	{
1800	int i;
1801	const char *str;
1802	X509 *peer;
1803	long verify_error;
1804	char buf[BUFSIZ1024];
1805	unsigned char *exportedkeymat;
1806
1807	i = SSL_accept(con);
1808	if (i <= 0) {
1809	if (BIO_sock_should_retry(i)) {
1810	BIO_printf(bio_s_out, "DELAY\n");
1811	return (1);
1812	}
1813	BIO_printf(bio_err, "ERROR\n");
1814	verify_error = SSL_get_verify_result(con);
1815	if (verify_error != X509_V_OK0) {
1816	BIO_printf(bio_err, "verify error:%s\n",
1817	X509_verify_cert_error_string(verify_error));
1818	} else
1819	ERR_print_errors(bio_err);
1820	return (0);
1821	}
1822	PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));
1823
1824	peer = SSL_get_peer_certificate(con);
1825	if (peer != NULL((void *)0)) {
1826	BIO_printf(bio_s_out, "Client certificate\n");
1827	PEM_write_bio_X509(bio_s_out, peer);
1828	X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
1829	BIO_printf(bio_s_out, "subject=%s\n", buf);
1830	X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
1831	BIO_printf(bio_s_out, "issuer=%s\n", buf);
1832	X509_free(peer);
1833	}
1834	if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL((void *)0))
1835	BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
1836	str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
1837	BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL((void *)0)) ? str : "(NONE)");
1838
1839	#ifndef OPENSSL_NO_SRTP
1840	{
1841	SRTP_PROTECTION_PROFILE *srtp_profile
1842	= SSL_get_selected_srtp_profile(con);
1843
1844	if (srtp_profile)
1845	BIO_printf(bio_s_out,
1846	"SRTP Extension negotiated, profile=%s\n",
1847	srtp_profile->name);
1848	}
1849	#endif
1850	if (SSL_cache_hit(con))
1851	BIO_printf(bio_s_out, "Reused session-id\n");
1852	BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
1853	SSL_get_secure_renegotiation_support(con)SSL_ctrl((con), 76, 0, ((void *)0)) ? "" : " NOT");
1854	if (cfg.keymatexportlabel != NULL((void *)0)) {
1855	BIO_printf(bio_s_out, "Keying material exporter:\n");
1856	BIO_printf(bio_s_out, " Label: '%s'\n",
1857	cfg.keymatexportlabel);
1858	BIO_printf(bio_s_out, " Length: %i bytes\n",
1859	cfg.keymatexportlen);
1860	exportedkeymat = malloc(cfg.keymatexportlen);
1861	if (exportedkeymat != NULL((void *)0)) {
1862	if (!SSL_export_keying_material(con, exportedkeymat,
1863	cfg.keymatexportlen,
1864	cfg.keymatexportlabel,
1865	strlen(cfg.keymatexportlabel),
1866	NULL((void *)0), 0, 0)) {
1867	BIO_printf(bio_s_out, " Error\n");
1868	} else {
1869	BIO_printf(bio_s_out, " Keying material: ");
1870	for (i = 0; i < cfg.keymatexportlen; i++)
1871	BIO_printf(bio_s_out, "%02X",
1872	exportedkeymat[i]);
1873	BIO_printf(bio_s_out, "\n");
1874	}
1875	free(exportedkeymat);
1876	}
1877	}
1878	return (1);
1879	}
1880
1881	#ifndef OPENSSL_NO_DH
1882	static DH *
1883	load_dh_param(const char *dhfile)
1884	{
1885	DH ret = NULL((void )0);
1886	BIO *bio;
1887
1888	if ((bio = BIO_new_file(dhfile, "r")) == NULL((void *)0))
1889	goto err;
1890	ret = PEM_read_bio_DHparams(bio, NULL((void )0), NULL((void )0), NULL((void *)0));
1891	err:
1892	BIO_free(bio);
1893	return (ret);
1894	}
1895	#endif
1896
1897	static int
1898	www_body(int s, unsigned char *context)
1899	{
1900	char buf = NULL((void )0);
1901	int ret = 1;
1902	int i, j, k, dot;
1903	SSL *con;
1904	const SSL_CIPHER *c;
1905	BIO io, ssl_bio, *sbio;
1906
1907	buf = malloc(bufsize);
1908	if (buf == NULL((void *)0))
1909	return (0);
1910	io = BIO_new(BIO_f_buffer());
1911	ssl_bio = BIO_new(BIO_f_ssl());
1912	if ((io == NULL((void )0)) \|\| (ssl_bio == NULL((void )0)))
1913	goto err;
1914
1915	if (cfg.nbio) {
1916	if (!cfg.quiet)
1917	BIO_printf(bio_err, "turning on non blocking io\n");
1918	if (!BIO_socket_nbio(s, 1))
1919	ERR_print_errors(bio_err);
1920	}
1921
1922	/* lets make the output buffer a reasonable size */
1923	if (!BIO_set_write_buffer_size(io, bufsize)BIO_int_ctrl(io,117,bufsize,1))
1924	goto err;
1925
1926	if ((con = SSL_new(ctx)) == NULL((void *)0))
1927	goto err;
1928	if (cfg.tlsextdebug) {
1929	SSL_set_tlsext_debug_callback(con, tlsext_cb)SSL_callback_ctrl(con,56,(void (*)(void))tlsext_cb);
1930	SSL_set_tlsext_debug_arg(con, bio_s_out)SSL_ctrl(con,57,0, (void *)bio_s_out);
1931	}
1932	if (context)
1933	SSL_set_session_id_context(con, context,
1934	strlen((char *) context));
1935
1936	sbio = BIO_new_socket(s, BIO_NOCLOSE0x00);
1937	if (cfg.nbio_test) {
1938	BIO *test;
1939
1940	test = BIO_new(BIO_f_nbio_test());
1941	sbio = BIO_push(test, sbio);
1942	}
1943	SSL_set_bio(con, sbio, sbio);
1944	SSL_set_accept_state(con);
1945
1946	/* SSL_set_fd(con,s); */
1947	BIO_set_ssl(ssl_bio, con, BIO_CLOSE)BIO_ctrl(ssl_bio,109,0x01,(char *)con);
1948	BIO_push(io, ssl_bio);
1949
1950	if (cfg.debug) {
1951	BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
1952	BIO_set_callback_arg(SSL_get_rbio(con), (char *) bio_s_out);
1953	}
1954	if (cfg.msg) {
1955	SSL_set_msg_callback(con, msg_cb);
1956	SSL_set_msg_callback_arg(con, bio_s_out)SSL_ctrl((con), 16, 0, (bio_s_out));
1957	}
1958	for (;;) {
1959	i = BIO_gets(io, buf, bufsize - 1);
1960	if (i < 0) { /* error */
1961	if (!BIO_should_retry(io)BIO_test_flags(io, 0x08)) {
1962	if (!cfg.quiet)
1963	ERR_print_errors(bio_err);
1964	goto err;
1965	} else {
1966	if (cfg.debug) {
1967	BIO_printf(bio_s_out, "read R BLOCK\n");
1968	sleep(1);
1969	}
1970	continue;
1971	}
1972	} else if (i == 0) { /* end of input */
1973	ret = 1;
1974	goto end;
1975	}
1976	/* else we have data */
1977	if (((cfg.www == 1) &&
1978	(strncmp("GET ", buf, 4) == 0)) \|\|
1979	((cfg.www == 2) &&
1980	(strncmp("GET /stats ", buf, 11) == 0))) {
1981	char *p;
1982	X509 *peer;
1983	STACK_OF(SSL_CIPHER)struct stack_st_SSL_CIPHER *sk;
1984	static const char *space = " ";
1985
1986	BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
1987	BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
1988	BIO_puts(io, "<pre>\n");
1989	/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
1990	BIO_puts(io, "\n");
1991	for (i = 0; i < local_argc; i++) {
1992	BIO_puts(io, local_argv[i]);
1993	BIO_write(io, " ", 1);
1994	}
1995	BIO_puts(io, "\n");
1996
1997	BIO_printf(io,
1998	"Secure Renegotiation IS%s supported\n",
1999	SSL_get_secure_renegotiation_support(con)SSL_ctrl((con), 76, 0, ((void *)0)) ?
2000	"" : " NOT");
2001
2002	/*
2003	* The following is evil and should not really be
2004	* done
2005	*/
2006	BIO_printf(io,
2007	"Ciphers supported in s_server binary\n");
2008	sk = SSL_get_ciphers(con);
2009	j = sk_SSL_CIPHER_num(sk)sk_num(((_STACK) (1 ? (sk) : (struct stack_st_SSL_CIPHER)0) ));
2010	for (i = 0; i < j; i++) {
2011	c = sk_SSL_CIPHER_value(sk, i)((SSL_CIPHER )sk_value(((_STACK) (1 ? (sk) : (struct stack_st_SSL_CIPHER *)0)), (i)));
2012	BIO_printf(io, "%-11s:%-25s",
2013	SSL_CIPHER_get_version(c),
2014	SSL_CIPHER_get_name(c));
2015	if ((((i + 1) % 2) == 0) && (i + 1 != j))
2016	BIO_puts(io, "\n");
2017	}
2018	BIO_puts(io, "\n");
2019	p = SSL_get_shared_ciphers(con, buf, bufsize);
2020	if (p != NULL((void *)0)) {
2021	BIO_printf(io,
2022	"---\nCiphers common between both SSL end points:\n");
2023	j = i = 0;
2024	while (*p) {
2025	if (*p == ':') {
2026	BIO_write(io, space, 26 - j);
2027	i++;
2028	j = 0;
2029	BIO_write(io,
2030	((i % 3) ? " " : "\n"), 1);
2031	} else {
2032	BIO_write(io, p, 1);
2033	j++;
2034	}
2035	p++;
2036	}
2037	BIO_puts(io, "\n");
2038	}
2039	BIO_printf(io, (SSL_cache_hit(con)
2040	? "---\nReused, "
2041	: "---\nNew, "));
2042	c = SSL_get_current_cipher(con);
2043	BIO_printf(io, "%s, Cipher is %s\n",
2044	SSL_CIPHER_get_version(c),
2045	SSL_CIPHER_get_name(c));
2046	SSL_SESSION_print(io, SSL_get_session(con));
2047	BIO_printf(io, "---\n");
2048	print_stats(io, SSL_get_SSL_CTX(con));
2049	BIO_printf(io, "---\n");
2050	peer = SSL_get_peer_certificate(con);
2051	if (peer != NULL((void *)0)) {
2052	BIO_printf(io, "Client certificate\n");
2053	X509_print(io, peer);
2054	PEM_write_bio_X509(io, peer);
2055	} else
2056	BIO_puts(io,
2057	"no client certificate available\n");
2058	BIO_puts(io, "</BODY></HTML>\r\n\r\n");
2059	break;
2060	} else if ((cfg.www == 2 \|\|
2061	cfg.www == 3) &&
2062	(strncmp("GET /", buf, 5) == 0)) {
2063	BIO *file;
2064	char p, e;
2065	static const char *text = "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
2066
2067	/* skip the '/' */
2068	p = &(buf[5]);
2069
2070	dot = 1;
2071	for (e = p; *e != '\0'; e++) {
2072	if (e[0] == ' ')
2073	break;
2074
2075	switch (dot) {
2076	case 1:
2077	dot = (e[0] == '.') ? 2 : 0;
2078	break;
2079	case 2:
2080	dot = (e[0] == '.') ? 3 : 0;
2081	break;
2082	case 3:
2083	dot = (e[0] == '/' \|\| e[0] == '\\') ?
2084	-1 : 0;
2085	break;
2086	}
2087	if (dot == 0)
2088	dot = (e[0] == '/' \|\| e[0] == '\\') ?
2089	1 : 0;
2090	}
2091	dot = (dot == 3) \|\| (dot == -1); /* filename contains
2092	* ".." component */
2093
2094	if (*e == '\0') {
2095	BIO_puts(io, text);
2096	BIO_printf(io,
2097	"'%s' is an invalid file name\r\n", p);
2098	break;
2099	}
2100	*e = '\0';
2101
2102	if (dot) {
2103	BIO_puts(io, text);
2104	BIO_printf(io,
2105	"'%s' contains '..' reference\r\n", p);
2106	break;
2107	}
2108	if (*p == '/') {
2109	BIO_puts(io, text);
2110	BIO_printf(io,
2111	"'%s' is an invalid path\r\n", p);
2112	break;
2113	}
2114	/* if a directory, do the index thang */
2115	if (app_isdir(p) > 0) {
2116	BIO_puts(io, text);
2117	BIO_printf(io, "'%s' is a directory\r\n", p);
2118	break;
2119	}
2120	if ((file = BIO_new_file(p, "r")) == NULL((void *)0)) {
2121	BIO_puts(io, text);
2122	BIO_printf(io, "Error opening '%s'\r\n", p);
2123	ERR_print_errors(io);
2124	break;
2125	}
2126	if (!cfg.quiet)
2127	BIO_printf(bio_err, "FILE:%s\n", p);
2128
2129	if (cfg.www == 2) {
2130	i = strlen(p);
2131	if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) \|\|
2132	((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) \|\|
2133	((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
2134	BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
2135	else
2136	BIO_puts(io, "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
2137	}
2138	/* send the file */
2139	for (;;) {
2140	i = BIO_read(file, buf, bufsize);
2141	if (i <= 0)
2142	break;
2143
2144	#ifdef RENEG
2145	total_bytes += i;
2146	fprintf(stderr(&__sF[2]), "%d\n", i);
2147	if (total_bytes > 3 * 1024) {
2148	total_bytes = 0;
2149	fprintf(stderr(&__sF[2]), "RENEGOTIATE\n");
2150	SSL_renegotiate(con);
2151	}
2152	#endif
2153
2154	for (j = 0; j < i;) {
2155	#ifdef RENEG
2156	{
2157	static count = 0;
2158	if (++count == 13) {
2159	SSL_renegotiate(con);
2160	}
2161	}
2162	#endif
2163	k = BIO_write(io, &(buf[j]), i - j);
2164	if (k <= 0) {
2165	if (!BIO_should_retry(io)BIO_test_flags(io, 0x08))
2166	goto write_error;
2167	else {
2168	BIO_printf(bio_s_out,
2169	"rwrite W BLOCK\n");
2170	}
2171	} else {
2172	j += k;
2173	}
2174	}
2175	}
2176	write_error:
2177	BIO_free(file);
2178	break;
2179	}
2180	}
2181
2182	for (;;) {
2183	i = (int) BIO_flush(io)(int)BIO_ctrl(io,11,0,((void *)0));
2184	if (i <= 0) {
2185	if (!BIO_should_retry(io)BIO_test_flags(io, 0x08))
2186	break;
2187	} else
2188	break;
2189	}
2190	end:
2191	/* make sure we re-use sessions */
2192	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN1 \| SSL_RECEIVED_SHUTDOWN2);
2193
2194	err:
2195
2196	if (ret >= 0)
2197	BIO_printf(bio_s_out, "ACCEPT\n");
2198
2199	free(buf);
2200	BIO_free_all(io);
2201	/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
2202	return (ret);
2203	}
2204
2205	#define MAX_SESSION_ID_ATTEMPTS10 10
2206	static int
2207	generate_session_id(const SSL ssl, unsigned char id, unsigned int *id_len)
2208	{
2209	unsigned int count = 0;
2210	do {
2211	arc4random_buf(id, *id_len);
2212	/*
2213	* Prefix the session_id with the required prefix. NB: If our
2214	* prefix is too long, clip it - but there will be worse
2215	* effects anyway, eg. the server could only possibly create
2216	* 1 session ID (ie. the prefix!) so all future session
2217	* negotiations will fail due to conflicts.
2218	*/
2219	memcpy(id, cfg.session_id_prefix,
2220	(strlen(cfg.session_id_prefix) < *id_len) ?
2221	strlen(cfg.session_id_prefix) : *id_len);
2222	}
2223	while (SSL_has_matching_session_id(ssl, id, *id_len) &&
2224	(++count < MAX_SESSION_ID_ATTEMPTS10));
2225	if (count >= MAX_SESSION_ID_ATTEMPTS10)
2226	return 0;
2227	return 1;
2228	}
2229
2230	static int
2231	ssl_servername_cb(SSL s, int ad, void *arg)
2232	{
2233	tlsextctx p = (tlsextctx ) arg;
2234	const char *servername = SSL_get_servername(s,
2235	TLSEXT_NAMETYPE_host_name0);
2236
2237	if (servername && p->biodebug)
2238	BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n",
2239	servername);
2240
2241	if (!p->servername)
2242	return SSL_TLSEXT_ERR_NOACK3;
2243
2244	if (servername) {
2245	if (strcmp(servername, p->servername))
2246	return p->extension_error;
2247	if (ctx2) {
2248	BIO_printf(p->biodebug, "Switching server context.\n");
2249	SSL_set_SSL_CTX(s, ctx2);
2250	}
2251	}
2252	return SSL_TLSEXT_ERR_OK0;
2253	}
2254
2255	/* Certificate Status callback. This is called when a client includes a
2256	* certificate status request extension.
2257	*
2258	* This is a simplified version. It examines certificates each time and
2259	* makes one OCSP responder query for each request.
2260	*
2261	* A full version would store details such as the OCSP certificate IDs and
2262	* minimise the number of OCSP responses by caching them until they were
2263	* considered "expired".
2264	*/
2265
2266	static int
2267	cert_status_cb(SSL s, void arg)
2268	{
2269	tlsextstatusctx *srctx = arg;
2270	BIO *err = srctx->err;
2271	char host = NULL((void )0), port = NULL((void )0), path = NULL((void )0);
2272	int use_ssl;
2273	unsigned char rspder = NULL((void )0);
2274	int rspderlen;
2275	STACK_OF(OPENSSL_STRING)struct stack_st_OPENSSL_STRING aia = NULL((void )0);
2276	X509 x = NULL((void )0);
2277	X509_STORE_CTX inctx = NULL((void )0);
2278	X509_OBJECT obj = NULL((void )0);
2279	OCSP_REQUEST req = NULL((void )0);
2280	OCSP_RESPONSE resp = NULL((void )0);
2281	OCSP_CERTID id = NULL((void )0);
2282	STACK_OF(X509_EXTENSION)struct stack_st_X509_EXTENSION *exts;
2283	int ret = SSL_TLSEXT_ERR_NOACK3;
2284	int i;
2285
2286	if (srctx->verbose)
2287	BIO_puts(err, "cert_status: callback called\n");
2288	/* Build up OCSP query from server certificate */
2289	x = SSL_get_certificate(s);
2290	aia = X509_get1_ocsp(x);
2291	if (aia) {
2292	if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0)((OPENSSL_STRING)sk_value(((_STACK) (1 ? aia : (struct stack_st_OPENSSL_STRING )0)), 0)),
2293	&host, &port, &path, &use_ssl)) {
2294	BIO_puts(err, "cert_status: can't parse AIA URL\n");
2295	goto err;
2296	}
2297	if (srctx->verbose)
2298	BIO_printf(err, "cert_status: AIA URL: %s\n",
2299	sk_OPENSSL_STRING_value(aia, 0)((OPENSSL_STRING)sk_value(((_STACK) (1 ? aia : (struct stack_st_OPENSSL_STRING )0)), 0)));
2300	} else {
2301	if (!srctx->host) {
2302	BIO_puts(srctx->err,
2303	"cert_status: no AIA and no default responder URL\n");
2304	goto done;
2305	}
2306	host = srctx->host;
2307	path = srctx->path;
2308	port = srctx->port;
2309	use_ssl = srctx->use_ssl;
2310	}
2311
2312	if ((inctx = X509_STORE_CTX_new()) == NULL((void *)0))
2313	goto err;
2314
2315	if (!X509_STORE_CTX_init(inctx,
2316	SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
2317	NULL((void )0), NULL((void )0)))
2318	goto err;
2319	if ((obj = X509_OBJECT_new()) == NULL((void *)0))
2320	goto done;
2321	if (X509_STORE_get_by_subjectX509_STORE_CTX_get_by_subject(inctx, X509_LU_X509,
2322	X509_get_issuer_name(x), obj) <= 0) {
2323	BIO_puts(err,
2324	"cert_status: Can't retrieve issuer certificate.\n");
2325	X509_STORE_CTX_cleanup(inctx);
2326	goto done;
2327	}
2328	req = OCSP_REQUEST_new();
2329	if (!req)
2330	goto err;
2331	id = OCSP_cert_to_id(NULL((void *)0), x, X509_OBJECT_get0_X509(obj));
2332	X509_OBJECT_free(obj);
2333	obj = NULL((void *)0);
2334	X509_STORE_CTX_free(inctx);
2335	inctx = NULL((void *)0);
2336	if (!id)
2337	goto err;
2338	if (!OCSP_request_add0_id(req, id))
2339	goto err;
2340	id = NULL((void *)0);
2341	/* Add any extensions to the request */
2342	SSL_get_tlsext_status_exts(s, &exts)SSL_ctrl(s,66,0, (void *)&exts);
2343	for (i = 0; i < sk_X509_EXTENSION_num(exts)sk_num(((_STACK) (1 ? (exts) : (struct stack_st_X509_EXTENSION )0))); i++) {
2344	X509_EXTENSION ext = sk_X509_EXTENSION_value(exts, i)((X509_EXTENSION )sk_value(((_STACK) (1 ? (exts) : (struct stack_st_X509_EXTENSION )0)), (i)));
2345	if (!OCSP_REQUEST_add_ext(req, ext, -1))
2346	goto err;
2347	}
2348	resp = process_responder(err, req, host, path, port, use_ssl, NULL((void *)0),
2349	srctx->timeout);
2350	if (!resp) {
2351	BIO_puts(err, "cert_status: error querying responder\n");
2352	goto done;
2353	}
2354	rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
2355	if (rspderlen <= 0)
2356	goto err;
2357	SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen)SSL_ctrl(s,71,rspderlen, (void *)rspder);
2358	if (srctx->verbose) {
2359	BIO_puts(err, "cert_status: ocsp response sent:\n");
2360	OCSP_RESPONSE_print(err, resp, 2);
2361	}
2362	ret = SSL_TLSEXT_ERR_OK0;
2363	done:
2364	X509_STORE_CTX_free(inctx);
2365	X509_OBJECT_free(obj);
2366	if (ret != SSL_TLSEXT_ERR_OK0)
2367	ERR_print_errors(err);
2368	if (aia) {
2369	free(host);
2370	free(path);
2371	free(port);
2372	X509_email_free(aia);
2373	}
2374	if (id)
2375	OCSP_CERTID_free(id);
2376	if (req)
2377	OCSP_REQUEST_free(req);
2378	if (resp)
2379	OCSP_RESPONSE_free(resp);
2380	return ret;
2381	err:
2382	ret = SSL_TLSEXT_ERR_ALERT_FATAL2;
2383	goto done;
2384	}
2385
2386	static int
2387	alpn_cb(SSL s, const unsigned char out, unsigned char outlen,
2388	const unsigned char in, unsigned int inlen, void arg)
2389	{
2390	tlsextalpnctx *alpn_ctx = arg;
2391
2392	if (!cfg.quiet) {
2393	/* We can assume that in is syntactically valid. */
2394	unsigned i;
2395
2396	BIO_printf(bio_s_out,
2397	"ALPN protocols advertised by the client: ");
2398	for (i = 0; i < inlen; ) {
2399	if (i)
2400	BIO_write(bio_s_out, ", ", 2);
2401	BIO_write(bio_s_out, &in[i + 1], in[i]);
2402	i += in[i] + 1;
2403	}
2404	BIO_write(bio_s_out, "\n", 1);
2405	}
2406
2407	if (SSL_select_next_proto((unsigned char**)out, outlen, alpn_ctx->data,
2408	alpn_ctx->len, in, inlen) != OPENSSL_NPN_NEGOTIATED1)
2409	return (SSL_TLSEXT_ERR_NOACK3);
2410
2411	if (!cfg.quiet) {
2412	BIO_printf(bio_s_out, "ALPN protocols selected: ");
2413	BIO_write(bio_s_out, out, outlen);
2414	BIO_write(bio_s_out, "\n", 1);
2415	}
2416
2417	return (SSL_TLSEXT_ERR_OK0);
2418	}