2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
35 #include <sys/types.h>
36 #include <sys/socket.h>
38 #include <netinet/in.h>
39 #include <arpa/inet.h>
45 #define INVALID_SOCKET (-1)
51 dump_blob(const char *name
, const void *data
, size_t len
)
53 const unsigned char *buf
;
57 fprintf(stderr
, "%s (len = %lu)", name
, (unsigned long)len
);
58 for (u
= 0; u
< len
; u
++) {
60 fprintf(stderr
, "\n%08lX ", (unsigned long)u
);
61 } else if ((u
& 7) == 0) {
64 fprintf(stderr
, " %02x", buf
[u
]);
66 fprintf(stderr
, "\n");
70 * Inspect the provided data in case it is a "command" to trigger a
71 * special behaviour. If the command is recognised, then it is executed
72 * and this function returns 1. Otherwise, this function returns 0.
75 run_command(br_ssl_engine_context
*cc
, unsigned char *buf
, size_t len
)
78 * A single static slot for saving session parameters.
80 static br_ssl_session_parameters slot
;
81 static int slot_used
= 0;
85 if (len
< 2 || len
> 3) {
88 if (len
== 3 && (buf
[1] != '\r' || buf
[2] != '\n')) {
91 if (len
== 2 && buf
[1] != '\n') {
96 fprintf(stderr
, "closing...\n");
97 br_ssl_engine_close(cc
);
100 if (br_ssl_engine_renegotiate(cc
)) {
101 fprintf(stderr
, "renegotiating...\n");
103 fprintf(stderr
, "not renegotiating.\n");
108 * Session forget is nominally client-only. But the
109 * session parameters are in the engine structure, which
110 * is the first field of the client context, so the cast
111 * still works properly. On the server, this forgetting
114 fprintf(stderr
, "forgetting session...\n");
115 br_ssl_client_forget_session((br_ssl_client_context
*)cc
);
118 fprintf(stderr
, "saving session parameters...\n");
119 br_ssl_engine_get_session_parameters(cc
, &slot
);
120 fprintf(stderr
, " id = ");
121 for (u
= 0; u
< slot
.session_id_len
; u
++) {
122 fprintf(stderr
, "%02X", slot
.session_id
[u
]);
124 fprintf(stderr
, "\n");
129 fprintf(stderr
, "restoring session parameters...\n");
130 fprintf(stderr
, " id = ");
131 for (u
= 0; u
< slot
.session_id_len
; u
++) {
132 fprintf(stderr
, "%02X", slot
.session_id
[u
]);
134 fprintf(stderr
, "\n");
135 br_ssl_engine_set_session_parameters(cc
, &slot
);
147 unsigned char buf
[1024];
152 in_return_bytes(in_buffer
*bb
, unsigned char *buf
, size_t len
)
154 if (bb
->ptr
< bb
->len
) {
160 clen
= bb
->len
- bb
->ptr
;
164 memcpy(buf
, bb
->buf
+ bb
->ptr
, clen
);
166 if (bb
->ptr
== bb
->len
) {
167 bb
->ptr
= bb
->len
= 0;
175 * A buffered version of in_read(), using a buffer to return only
176 * full lines when feasible.
179 in_read_buffered(HANDLE h_in
, in_buffer
*bb
, unsigned char *buf
, size_t len
)
186 n
= in_return_bytes(bb
, buf
, len
);
194 if (!PeekConsoleInput(h_in
, &inrec
, 1, &v
)) {
195 fprintf(stderr
, "ERROR: PeekConsoleInput()"
196 " failed with 0x%08lX\n",
197 (unsigned long)GetLastError());
203 if (!ReadConsoleInput(h_in
, &inrec
, 1, &v
)) {
204 fprintf(stderr
, "ERROR: ReadConsoleInput()"
205 " failed with 0x%08lX\n",
206 (unsigned long)GetLastError());
212 if (inrec
.EventType
== KEY_EVENT
213 && inrec
.Event
.KeyEvent
.bKeyDown
)
217 c
= inrec
.Event
.KeyEvent
.uChar
.AsciiChar
;
218 if (c
== '\n' || c
== '\r' || c
== '\t'
219 || (c
>= 32 && c
!= 127))
224 bb
->buf
[bb
->ptr
++] = (unsigned char)c
;
228 if (bb
->len
== sizeof bb
->buf
|| c
== '\n') {
230 return in_return_bytes(bb
, buf
, len
);
238 in_avail_buffered(HANDLE h_in
, in_buffer
*bb
)
240 return in_read_buffered(h_in
, bb
, NULL
, 1);
247 run_ssl_engine(br_ssl_engine_context
*cc
, unsigned long fd
, unsigned flags
)
255 int can_send
, can_recv
;
262 verbose
= (flags
& RUN_ENGINE_VERBOSE
) != 0;
263 trace
= (flags
& RUN_ENGINE_TRACE
) != 0;
266 fd_event
= WSA_INVALID_EVENT
;
273 * On Unix systems, we need to follow three descriptors:
274 * standard input (0), standard output (1), and the socket
275 * itself (for both read and write). This is done with a poll()
278 * On Windows systems, we use WSAEventSelect() to associate
279 * an event handle with the network activity, and we use
280 * WaitForMultipleObjectsEx() on that handle and the standard
281 * input handle, when appropriate. Standard output is assumed
282 * to be always writeable, and standard input to be the console;
283 * this does not work well (or at all) with redirections (to
284 * pipes or files) but it should be enough for a debug tool
285 * (TODO: make something that handles redirections as well).
289 fd_event
= WSACreateEvent();
290 if (fd_event
== WSA_INVALID_EVENT
) {
291 fprintf(stderr
, "ERROR: WSACreateEvent() failed with %d\n",
296 WSAEventSelect(fd
, fd_event
, FD_READ
| FD_WRITE
| FD_CLOSE
);
297 h_in
= GetStdHandle(STD_INPUT_HANDLE
);
298 h_out
= GetStdHandle(STD_OUTPUT_HANDLE
);
299 SetConsoleMode(h_in
, ENABLE_ECHO_INPUT
301 | ENABLE_PROCESSED_INPUT
302 | ENABLE_PROCESSED_OUTPUT
303 | ENABLE_WRAP_AT_EOL_OUTPUT
);
306 * Make sure that stdin and stdout are non-blocking.
308 fcntl(0, F_SETFL
, O_NONBLOCK
);
309 fcntl(1, F_SETFL
, O_NONBLOCK
);
317 int sendrec
, recvrec
, sendapp
, recvapp
;
322 struct pollfd pfd
[3];
325 size_t u
, k_fd
, k_in
, k_out
;
326 int sendrec_ok
, recvrec_ok
, sendapp_ok
, recvapp_ok
;
329 * Get current engine state.
331 st
= br_ssl_engine_current_state(cc
);
332 if (st
== BR_SSL_CLOSED
) {
335 err
= br_ssl_engine_last_error(cc
);
336 if (err
== BR_ERR_OK
) {
339 "SSL closed normally\n");
344 fprintf(stderr
, "ERROR: SSL error %d", err
);
346 if (err
>= BR_ERR_SEND_FATAL_ALERT
) {
347 err
-= BR_ERR_SEND_FATAL_ALERT
;
349 " (sent alert %d)\n", err
);
350 } else if (err
>= BR_ERR_RECV_FATAL_ALERT
) {
351 err
-= BR_ERR_RECV_FATAL_ALERT
;
353 " (received alert %d)\n", err
);
357 ename
= find_error_name(err
, NULL
);
361 fprintf(stderr
, " (%s)\n", ename
);
368 * Compute descriptors that must be polled, depending
371 sendrec
= ((st
& BR_SSL_SENDREC
) != 0);
372 recvrec
= ((st
& BR_SSL_RECVREC
) != 0);
373 sendapp
= ((st
& BR_SSL_SENDAPP
) != 0);
374 recvapp
= ((st
& BR_SSL_RECVAPP
) != 0);
375 if (verbose
&& sendapp
&& !hsdetails
) {
379 fprintf(stderr
, "Handshake completed\n");
380 fprintf(stderr
, " version: ");
381 switch (cc
->session
.version
) {
383 fprintf(stderr
, "SSL 3.0");
386 fprintf(stderr
, "TLS 1.0");
389 fprintf(stderr
, "TLS 1.1");
392 fprintf(stderr
, "TLS 1.2");
395 fprintf(stderr
, "unknown (0x%04X)",
396 (unsigned)cc
->session
.version
);
399 fprintf(stderr
, "\n");
401 cc
->session
.cipher_suite
, csn
, sizeof csn
);
402 fprintf(stderr
, " cipher suite: %s\n", csn
);
403 if (uses_ecdhe(cc
->session
.cipher_suite
)) {
405 br_ssl_engine_get_ecdhe_curve(cc
),
408 " ECDHE curve: %s\n", csn
);
410 fprintf(stderr
, " secure renegotiation: %s\n",
411 cc
->reneg
== 1 ? "no" : "yes");
412 pname
= br_ssl_engine_get_selected_protocol(cc
);
415 " protocol name (ALPN): %s\n",
428 * If we recorded that we can send or receive data, and we
429 * want to do exactly that, then we don't wait; we just do
437 if (sendrec
&& can_send
) {
439 } else if (recvrec
&& can_recv
) {
441 } else if (recvapp
) {
443 } else if (sendapp
&& in_avail_buffered(h_in
, &bb
)) {
447 * If we cannot do I/O right away, then we must
448 * wait for some event, and try again.
450 pfd
[u
] = (HANDLE
)fd_event
;
458 wt
= WaitForMultipleObjectsEx(u
, pfd
,
459 FALSE
, INFINITE
, FALSE
);
460 if (wt
== WAIT_FAILED
) {
461 fprintf(stderr
, "ERROR:"
462 " WaitForMultipleObjectsEx()"
463 " failed with 0x%08lX",
464 (unsigned long)GetLastError());
471 if (WSAEnumNetworkEvents(fd
, fd_event
, &e
)) {
472 fprintf(stderr
, "ERROR:"
473 " WSAEnumNetworkEvents()"
479 if (e
.lNetworkEvents
& (FD_WRITE
| FD_CLOSE
)) {
482 if (e
.lNetworkEvents
& (FD_READ
| FD_CLOSE
)) {
489 if (sendrec
|| recvrec
) {
494 pfd
[u
].events
|= POLLOUT
;
497 pfd
[u
].events
|= POLLIN
;
505 pfd
[u
].events
= POLLIN
;
512 pfd
[u
].events
= POLLOUT
;
516 n
= poll(pfd
, u
, -1);
518 if (errno
== EINTR
) {
521 perror("ERROR: poll()");
530 * We transform closures/errors into read+write accesses
531 * so as to force the read() or write() call that will
532 * detect the situation.
535 if (pfd
[u
].revents
& (POLLERR
| POLLHUP
)) {
536 pfd
[u
].revents
|= POLLIN
| POLLOUT
;
540 recvapp_ok
= recvapp
&& (pfd
[k_out
].revents
& POLLOUT
) != 0;
541 sendrec_ok
= sendrec
&& (pfd
[k_fd
].revents
& POLLOUT
) != 0;
542 recvrec_ok
= recvrec
&& (pfd
[k_fd
].revents
& POLLIN
) != 0;
543 sendapp_ok
= sendapp
&& (pfd
[k_in
].revents
& POLLIN
) != 0;
547 * We give preference to outgoing data, on stdout and on
559 buf
= br_ssl_engine_recvapp_buf(cc
, &len
);
561 if (!WriteFile(h_out
, buf
, len
, &wlen
, NULL
)) {
563 fprintf(stderr
, "stdout closed...\n");
569 wlen
= write(1, buf
, len
);
572 fprintf(stderr
, "stdout closed...\n");
578 br_ssl_engine_recvapp_ack(cc
, wlen
);
586 buf
= br_ssl_engine_sendrec_buf(cc
, &len
);
587 wlen
= send(fd
, buf
, len
, 0);
592 err
= WSAGetLastError();
593 if (err
== EWOULDBLOCK
594 || err
== WSAEWOULDBLOCK
)
600 if (errno
== EINTR
|| errno
== EWOULDBLOCK
) {
605 fprintf(stderr
, "socket closed...\n");
611 dump_blob("Outgoing bytes", buf
, wlen
);
613 br_ssl_engine_sendrec_ack(cc
, wlen
);
621 buf
= br_ssl_engine_recvrec_buf(cc
, &len
);
622 rlen
= recv(fd
, buf
, len
, 0);
627 err
= WSAGetLastError();
628 if (err
== EWOULDBLOCK
629 || err
== WSAEWOULDBLOCK
)
635 if (errno
== EINTR
|| errno
== EWOULDBLOCK
) {
640 fprintf(stderr
, "socket closed...\n");
646 dump_blob("Incoming bytes", buf
, rlen
);
648 br_ssl_engine_recvrec_ack(cc
, rlen
);
660 buf
= br_ssl_engine_sendapp_buf(cc
, &len
);
662 rlen
= in_read_buffered(h_in
, &bb
, buf
, len
);
664 rlen
= read(0, buf
, len
);
668 fprintf(stderr
, "stdin closed...\n");
670 br_ssl_engine_close(cc
);
671 } else if (!run_command(cc
, buf
, rlen
)) {
672 br_ssl_engine_sendapp_ack(cc
, rlen
);
674 br_ssl_engine_flush(cc
, 0);
678 /* We should never reach that point. */
679 fprintf(stderr
, "ERROR: poll() misbehaves\n");
685 * Release allocated structures.
689 if (fd_event
!= WSA_INVALID_EVENT
) {
690 WSACloseEvent(fd_event
);