#include <assert.h>#include <stdio.h>#include <stdlib.h>#include <string.h>#include <openssl/e_os2.h>#include "apps.h"#include <openssl/x509.h>#include <openssl/ssl.h>#include <openssl/err.h>#include <openssl/pem.h>#include <openssl/rand.h>#include "s_apps.h"#include "timeouts.h"Go to the source code of this file.
Defines | |
| #define | USE_SOCKETS |
| #define | PROG s_client_main |
| #define | SSL_HOST_NAME "localhost" |
| #define | BUFSIZZ 1024*8 |
Functions | |
| static void | sc_usage (void) |
| static void | print_stuff (BIO *berr, SSL *con, int full) |
| int | MAIN (int, char **) |
Variables | |
| int | verify_depth |
| int | verify_error |
| static int | c_Pause = 0 |
| static int | c_debug = 0 |
| static int | c_msg = 0 |
| static int | c_showcerts = 0 |
| static BIO * | bio_c_out = NULL |
| static int | c_quiet = 0 |
| static int | c_ign_eof = 0 |
|
|
Definition at line 164 of file s_client.c. |
|
|
Definition at line 155 of file s_client.c. |
|
|
Definition at line 159 of file s_client.c. Referenced by sc_usage(). |
|
|
Definition at line 130 of file s_client.c. |
|
||||||||||||
|
|
|
||||||||||||||||
|
Definition at line 1088 of file s_client.c. References BIO_flush, BIO_number_read(), BIO_number_written(), BIO_printf(), BIO_write(), c, c_showcerts, EVP_PKEY_bits(), EVP_PKEY_free(), ssl_st::hit, p, sk_X509_NAME_num, sk_X509_NAME_value, sk_X509_num, sk_X509_value, SSL_CIPHER_get_name(), SSL_CIPHER_get_version(), SSL_COMP_get_name(), SSL_get_current_cipher(), SSL_get_current_compression(), SSL_get_current_expansion(), SSL_get_peer_certificate(), SSL_get_rbio(), SSL_get_session(), SSL_get_shared_ciphers(), SSL_get_wbio(), SSL_SESSION_print(), STACK_OF, X509_get_issuer_name(), X509_get_pubkey(), X509_get_subject_name(), and X509_NAME_oneline(). 01089 { 01090 X509 *peer=NULL; 01091 char *p; 01092 static const char *space=" "; 01093 char buf[BUFSIZ]; 01094 STACK_OF(X509) *sk; 01095 STACK_OF(X509_NAME) *sk2; 01096 SSL_CIPHER *c; 01097 X509_NAME *xn; 01098 int j,i; 01099 #ifndef OPENSSL_NO_COMP 01100 const COMP_METHOD *comp, *expansion; 01101 #endif 01102 01103 if (full) 01104 { 01105 int got_a_chain = 0; 01106 01107 sk=SSL_get_peer_cert_chain(s); 01108 if (sk != NULL) 01109 { 01110 got_a_chain = 1; /* we don't have it for SSL2 (yet) */ 01111 01112 BIO_printf(bio,"---\nCertificate chain\n"); 01113 for (i=0; i<sk_X509_num(sk); i++) 01114 { 01115 X509_NAME_oneline(X509_get_subject_name( 01116 sk_X509_value(sk,i)),buf,sizeof buf); 01117 BIO_printf(bio,"%2d s:%s\n",i,buf); 01118 X509_NAME_oneline(X509_get_issuer_name( 01119 sk_X509_value(sk,i)),buf,sizeof buf); 01120 BIO_printf(bio," i:%s\n",buf); 01121 if (c_showcerts) 01122 PEM_write_bio_X509(bio,sk_X509_value(sk,i)); 01123 } 01124 } 01125 01126 BIO_printf(bio,"---\n"); 01127 peer=SSL_get_peer_certificate(s); 01128 if (peer != NULL) 01129 { 01130 BIO_printf(bio,"Server certificate\n"); 01131 if (!(c_showcerts && got_a_chain)) /* Redundant if we showed the whole chain */ 01132 PEM_write_bio_X509(bio,peer); 01133 X509_NAME_oneline(X509_get_subject_name(peer), 01134 buf,sizeof buf); 01135 BIO_printf(bio,"subject=%s\n",buf); 01136 X509_NAME_oneline(X509_get_issuer_name(peer), 01137 buf,sizeof buf); 01138 BIO_printf(bio,"issuer=%s\n",buf); 01139 } 01140 else 01141 BIO_printf(bio,"no peer certificate available\n"); 01142 01143 sk2=SSL_get_client_CA_list(s); 01144 if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) 01145 { 01146 BIO_printf(bio,"---\nAcceptable client certificate CA names\n"); 01147 for (i=0; i<sk_X509_NAME_num(sk2); i++) 01148 { 01149 xn=sk_X509_NAME_value(sk2,i); 01150 X509_NAME_oneline(xn,buf,sizeof(buf)); 01151 BIO_write(bio,buf,strlen(buf)); 01152 BIO_write(bio,"\n",1); 01153 } 01154 } 01155 else 01156 { 01157 BIO_printf(bio,"---\nNo client certificate CA names sent\n"); 01158 } 01159 p=SSL_get_shared_ciphers(s,buf,sizeof buf); 01160 if (p != NULL) 01161 { 01162 /* This works only for SSL 2. In later protocol 01163 * versions, the client does not know what other 01164 * ciphers (in addition to the one to be used 01165 * in the current connection) the server supports. */ 01166 01167 BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n"); 01168 j=i=0; 01169 while (*p) 01170 { 01171 if (*p == ':') 01172 { 01173 BIO_write(bio,space,15-j%25); 01174 i++; 01175 j=0; 01176 BIO_write(bio,((i%3)?" ":"\n"),1); 01177 } 01178 else 01179 { 01180 BIO_write(bio,p,1); 01181 j++; 01182 } 01183 p++; 01184 } 01185 BIO_write(bio,"\n",1); 01186 } 01187 01188 BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n", 01189 BIO_number_read(SSL_get_rbio(s)), 01190 BIO_number_written(SSL_get_wbio(s))); 01191 } 01192 BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, ")); 01193 c=SSL_get_current_cipher(s); 01194 BIO_printf(bio,"%s, Cipher is %s\n", 01195 SSL_CIPHER_get_version(c), 01196 SSL_CIPHER_get_name(c)); 01197 if (peer != NULL) { 01198 EVP_PKEY *pktmp; 01199 pktmp = X509_get_pubkey(peer); 01200 BIO_printf(bio,"Server public key is %d bit\n", 01201 EVP_PKEY_bits(pktmp)); 01202 EVP_PKEY_free(pktmp); 01203 } 01204 #ifndef OPENSSL_NO_COMP 01205 comp=SSL_get_current_compression(s); 01206 expansion=SSL_get_current_expansion(s); 01207 BIO_printf(bio,"Compression: %s\n", 01208 comp ? SSL_COMP_get_name(comp) : "NONE"); 01209 BIO_printf(bio,"Expansion: %s\n", 01210 expansion ? SSL_COMP_get_name(expansion) : "NONE"); 01211 #endif 01212 SSL_SESSION_print(bio,SSL_get_session(s)); 01213 BIO_printf(bio,"---\n"); 01214 if (peer != NULL) 01215 X509_free(peer); 01216 /* flush, or debugging output gets mixed with http response */ 01217 BIO_flush(bio); 01218 }
|
|
|
Definition at line 183 of file s_client.c. References bio_err, BIO_printf(), LIST_SEPARATOR_CHAR, PORT_STR, and SSL_HOST_NAME. 00184 { 00185 BIO_printf(bio_err,"usage: s_client args\n"); 00186 BIO_printf(bio_err,"\n"); 00187 BIO_printf(bio_err," -host host - use -connect instead\n"); 00188 BIO_printf(bio_err," -port port - use -connect instead\n"); 00189 BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); 00190 00191 BIO_printf(bio_err," -verify depth - turn on peer certificate verification\n"); 00192 BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); 00193 BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); 00194 BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); 00195 BIO_printf(bio_err," not specified but cert file is.\n"); 00196 BIO_printf(bio_err," -keyform arg - key format (PEM or DER) PEM default\n"); 00197 BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); 00198 BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); 00199 BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); 00200 BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); 00201 BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); 00202 BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); 00203 BIO_printf(bio_err," -debug - extra output\n"); 00204 #ifdef WATT32 00205 BIO_printf(bio_err," -wdebug - WATT-32 tcp debugging\n"); 00206 #endif 00207 BIO_printf(bio_err," -msg - Show protocol messages\n"); 00208 BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n"); 00209 BIO_printf(bio_err," -state - print the 'ssl' states\n"); 00210 #ifdef FIONBIO 00211 BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); 00212 #endif 00213 BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); 00214 BIO_printf(bio_err," -quiet - no s_client output\n"); 00215 BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); 00216 BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); 00217 BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); 00218 BIO_printf(bio_err," -tls1 - just use TLSv1\n"); 00219 BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); 00220 BIO_printf(bio_err," -mtu - set the MTU\n"); 00221 BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); 00222 BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); 00223 BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); 00224 BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); 00225 BIO_printf(bio_err," command to see what is available\n"); 00226 BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); 00227 BIO_printf(bio_err," for those protocols that support it, where\n"); 00228 BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); 00229 BIO_printf(bio_err," only \"smtp\" and \"pop3\" are supported.\n"); 00230 #ifndef OPENSSL_NO_ENGINE 00231 BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); 00232 #endif 00233 BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 00234 00235 }
|
|
|
Definition at line 179 of file s_client.c. |
|
|
Definition at line 173 of file s_client.c. |
|
|
Definition at line 181 of file s_client.c. |
|
|
Definition at line 174 of file s_client.c. |
|
|
Definition at line 172 of file s_client.c. |
|
|
Definition at line 180 of file s_client.c. |
|
|
Definition at line 175 of file s_client.c. Referenced by print_stuff(). |
|
|
|
|
|
|