--- /dev/null
+/*
+ * Copyright (c) 2003-2010 Apple Inc. All Rights Reserved.
+ *
+ * SSL viewer tool, SecureTransport / OS X version.
+ */
+
+#include <Security/SecureTransport.h>
+#include <Security/SecureTransportPriv.h> // for SSLGetPeerSecTrust
+#include <Security/SecCertificate.h>
+#include <clAppUtils/sslAppUtils.h>
+#include <clAppUtils/ioSock.h>
+#include <security_cdsa_utils/cuPrintCert.h>
+#include <utilLib/fileIo.h>
+
+#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <ctype.h>
+#include <CoreFoundation/CoreFoundation.h>
+
+#define DEFAULT_GETMSG "GET"
+#define DEFAULT_PATH "/"
+#define DEFAULT_GET_SUFFIX "HTTP/1.0\r\n\r\n"
+
+#define DEFAULT_HOST "www.amazon.com"
+#define DEFAULT_PORT 443
+
+#define CFRELEASE(cf) if (cf) { CFRelease(cf); cf = NULL; }
+
+/* true when using SSLCopyPeerCertificates() per Radar 3311892 */
+#define USE_COPY_PEER_CERTS 1
+
+static void usageNorm(char **argv)
+{
+ printf("Usage: %s [hostname|-] [path] [option ...]\n", argv[0]);
+ printf(" %s hostname [path] [option ...]\n", argv[0]);
+ printf("Specifying '-' for hostname, or no args, uses default of %s.\n",
+ DEFAULT_HOST);
+ printf("Optional path argument must start with leading '/'.\n");
+ printf("Options:\n");
+ printf(" e Allow Expired Certs\n");
+ printf(" E Allow Expired Roots\n");
+ printf(" r Allow any root cert\n");
+ printf(" c Display peer certs\n");
+ printf(" d Display received data\n");
+ printf(" S Display enabled cipher suites\n");
+ printf(" 2 SSLv2 only (default is TLSv1)\n");
+ printf(" 3 SSLv3 only w/SSLv2 enabled (default is TLSv1)\n");
+ printf(" t TLSv1 only w/SSLv2,SSLv3 enabled (this is the default)\n");
+ printf(" L all - TLSv1, SSLv3, SSLv2 (default = TLSv1)\n");
+ printf(" o TLSv1, SSLv3 use kSSLProtocol__X__Only\n");
+ printf(" g={prot...} Specify legal protocols; prot = any combo of"
+ " [23t]\n");
+ printf(" k=keychain Contains (client|server) cert and keys. Optional.\n");
+ printf(" l=loopCount Perform loopCount ops (default = 1)\n");
+ printf(" P=port Default = %d\n", DEFAULT_PORT);
+ printf(" p Pause after each loop\n");
+ printf(" q Quiet/diagnostic mode (site names and errors"
+ " only)\n");
+ printf(" a fileName Add fileName to list of trusted roots\n");
+ printf(" A fileName fileName is ONLY trusted root\n");
+ printf(" Z fileName fileName is a trusted leaf cert\n");
+ printf(" x Disable Cert Verification\n");
+ printf(" z=password Unlock client keychain with password.\n");
+ printf(" 8 Complete cert chains (default is out cert is a root)\n");
+ printf(" s Silent\n");
+ printf(" V Verbose\n");
+ printf(" h Help\n");
+ printf(" hv More, verbose help\n");
+}
+
+static void usageVerbose(char **argv)
+{
+ usageNorm(argv);
+ printf("Obscure Usage:\n");
+ printf(" u kSSLProtocolUnknown only (TLSv1)\n");
+ printf(" M Manual cert verification via "
+ "SecTrustEvaluate\n");
+ printf(" f fileBase Write Peer Certs to fileBase*\n");
+ printf(" D fileBase Write DNList to fileBase*\n");
+ printf(" C=cipherSuite (e=40-bit d=DES D=40-bit DES 3=3DES 4=RC4"
+ "$=40-bit RC4\n"
+ " 2=RC2 a=AES128 A=AES256 h=DH H=Anon DH r=DHE/RSA s=DH/DSS\n"
+ " n=RSA/NULL E=ECDHE F=ECDH\n");
+ printf(" y=keychain Encryption-only cert and keys. Optional.\n");
+ printf(" K Keep connected until server disconnects\n");
+ printf(" n Require closure notify message in TLSv1, "
+ "SSLv3 mode (implies K)\n");
+ printf(" R Disable resumable session support\n");
+ printf(" i=timeout Session cache timeout\n");
+ printf(" b Non-blocking I/O\n");
+ printf(" v Verify negotiated protocol equals attempted\n");
+ printf(" m=[23t] Max protocol supported as specified; implies "
+ "v\n");
+ printf(" T=[nrsj] Verify client cert state = "
+ "none/requested/sent/rejected\n");
+ printf(" H allow hostname spoofing\n");
+ printf(" F=vfyHost Verify certs with specified host name\n");
+ printf(" G=getMsg Specify entire GET, POST, etc.\n");
+ printf(" I Interactive client authentication\n");
+ printf(" N Log handshake timing\n");
+ printf(" 4 Disable anonymous ciphers\n");
+ printf(" 7 Pause only after first loop\n");
+ exit(1);
+}
+
+static void usage(char **argv)
+{
+ usageNorm(argv);
+ exit(1);
+}
+
+/*
+ * Arguments to top-level sslPing()
+ */
+typedef struct {
+ SSLProtocol tryVersion; // only used if acceptedProts NULL
+ // uses SSLSetProtocolVersion
+ char *acceptedProts; // optional, any combo of {2,3,t}
+ // uses SSLSetProtocolVersionEnabled
+ const char *hostName; // e.g., "www.amazon.com"
+ const char *vfyHostName; // use this for cert vfy if non-NULL,
+ // else use hostName
+ unsigned short port;
+ const char *getMsg; // e.g.,
+ // "GET / HTTP/1.0\r\n\r\n"
+ bool allowExpired;
+ bool allowAnyRoot;
+ bool allowExpiredRoot;
+ bool disableCertVerify;
+ bool manualCertVerify;
+ bool dumpRxData; // display server data
+ char cipherRestrict; // '2', 'd'. etc...; '\0' for
+ // no restriction
+ bool keepConnected;
+ bool requireNotify; // require closure notify
+ // in V3 mode
+ bool resumableEnable;
+ bool allowHostnameSpoof;
+ bool nonBlocking;
+ char *anchorFile;
+ char *trustedLeafFile;
+ bool replaceAnchors;
+ bool interactiveAuth;
+ CFArrayRef clientCerts; // optional
+ CFArrayRef encryptClientCerts; // optional
+ uint32 sessionCacheTimeout;// optional
+ bool disableAnonCiphers;
+ bool showCipherSuites;
+ bool quiet; // minimal stdout
+ bool silent; // no stdout
+ bool verbose;
+ SSLProtocol negVersion; // RETURNED
+ SSLCipherSuite negCipher; // RETURNED
+ CFArrayRef peerCerts; // mallocd & RETURNED
+ SecTrustRef peerTrust; // RETURNED
+ SSLClientCertificateState certState; // RETURNED
+ SSLClientAuthenticationType authType; // RETURNED
+ CFArrayRef dnList; // RETURNED
+ char *password; // optional to open clientCerts
+ char **argv;
+ Boolean sessionWasResumed;
+ unsigned char sessionID[MAX_SESSION_ID_LENGTH];
+ size_t sessionIDLength;
+ CFAbsoluteTime handshakeTimeOp; // time for this op
+ CFAbsoluteTime handshakeTimeFirst; // time for FIRST op, not averaged
+ CFAbsoluteTime handshakeTimeTotal; // time for all ops except first
+ unsigned numHandshakes;
+
+} sslPingArgs;
+
+#include <signal.h>
+static void sigpipe(int sig)
+{
+ fflush(stdin);
+ printf("***SIGPIPE***\n");
+}
+
+/*
+ * Start up a CFRunLoop. This is needed to field keychain event callbacks, used
+ * to maintain root cert cache coherency.
+ */
+
+/* first we need something to register so we *have* a run loop */
+static OSStatus kcCacheCallback (
+ SecKeychainEvent keychainEvent,
+ SecKeychainCallbackInfo *info,
+ void *context)
+{
+ return noErr;
+}
+
+/* main thread has to wait for this to be set to know a run loop has been set up */
+static int runLoopInitialized = 0;
+
+/* this is the thread which actually runs the CFRunLoop */
+void *cfRunLoopThread(void *arg)
+{
+ OSStatus ortn = SecKeychainAddCallback(kcCacheCallback,
+ kSecTrustSettingsChangedEventMask, NULL);
+ if(ortn) {
+ printf("registerCacheCallbacks: SecKeychainAddCallback returned %d", (int32_t)ortn);
+ /* Not sure how this could ever happen - maybe if there is no run loop active? */
+ return NULL;
+ }
+ runLoopInitialized = 1;
+ CFRunLoopRun();
+ /* should not be reached */
+ printf("\n*** Hey! CFRunLoopRun() exited!***\n");
+ return NULL;
+}
+
+static int startCFRunLoop()
+{
+ pthread_t runLoopThread;
+
+ int result = pthread_create(&runLoopThread, NULL, cfRunLoopThread, NULL);
+ if(result) {
+ printf("***pthread_create returned %d, aborting\n", result);
+ return -1;
+ }
+ return 0;
+}
+
+/*
+ * Snag a copy of current connection's peer certs so we can
+ * examine them later after the connection is closed.
+ * SecureTransport actually does the create and retain for us.
+ */
+static OSStatus copyPeerCerts(
+ SSLContext *ctx,
+ CFArrayRef *peerCerts) // mallocd & RETURNED
+{
+ #if USE_COPY_PEER_CERTS
+ OSStatus ortn = SSLCopyPeerCertificates(ctx, peerCerts);
+ #else
+ OSStatus ortn = SSLGetPeerCertificates(ctx, peerCerts);
+ #endif
+ if(ortn) {
+ printf("***Error obtaining peer certs: %s\n",
+ sslGetSSLErrString(ortn));
+ }
+ return ortn;
+}
+
+/* free the cert array obtained via SSLGetPeerCertificates() */
+/* necessary due to a buggy SSLGetPeerCertificates which really should
+ * release its certs after they get added to this array */
+static void freePeerCerts(
+ CFArrayRef peerCerts)
+{
+ if(peerCerts == NULL) {
+ return;
+ }
+
+ #if USE_COPY_PEER_CERTS
+
+ /* Voila! Problem fixed. */
+ CFRelease(peerCerts);
+ return;
+
+ #else
+ CFIndex numCerts;
+ SecCertificateRef certData;
+ CFIndex i;
+
+ numCerts = CFArrayGetCount(peerCerts);
+ for(i=0; i<numCerts; i++) {
+ certData = (SecCertificateRef)CFArrayGetValueAtIndex(peerCerts, i);
+ CFRelease(certData);
+ }
+ CFRelease(peerCerts);
+ #endif /* USE_COPY_PEER_CERTS */
+}
+
+/*
+ * Manually evaluate session's SecTrustRef.
+ */
+#define SSL_SEC_TRUST 1
+
+static OSStatus sslEvaluateTrust(
+ SSLContext *ctx,
+ bool verbose,
+ bool silent,
+ CFArrayRef *peerCerts) // fetched and retained
+{
+ OSStatus ortn;
+ SecTrustRef secTrust = NULL;
+
+ #if SSL_SEC_TRUST
+ ortn = SSLGetPeerSecTrust(ctx, &secTrust);
+ #else
+ ortn = unimpErr;
+ #endif
+ if(ortn) {
+ printf("\n***Error obtaining peer SecTrustRef: %s\n",
+ sslGetSSLErrString(ortn));
+ return ortn;
+ }
+ if(secTrust == NULL) {
+ /* this is the normal case for resumed sessions, in which
+ * no cert evaluation is performed */
+ if(!silent) {
+ printf("...No SecTrust available - this is a resumed session, right?\n");
+ }
+ return noErr;
+ }
+ SecTrustResultType secTrustResult;
+ ortn = SecTrustEvaluate(secTrust, &secTrustResult);
+ if(ortn) {
+ printf("\n***Error on SecTrustEvaluate: %d\n", (int)ortn);
+ return ortn;
+ }
+ if(verbose) {
+ const char *res = NULL;
+ switch(secTrustResult) {
+ case kSecTrustResultInvalid:
+ res = "kSecTrustResultInvalid"; break;
+ case kSecTrustResultProceed:
+ res = "kSecTrustResultProceed"; break;
+ case kSecTrustResultConfirm:
+ res = "kSecTrustResultConfirm"; break;
+ case kSecTrustResultDeny:
+ res = "kSecTrustResultDeny"; break;
+ case kSecTrustResultUnspecified:
+ res = "kSecTrustResultUnspecified"; break;
+ case kSecTrustResultRecoverableTrustFailure:
+ res = "kSecTrustResultRecoverableTrustFailure"; break;
+ case kSecTrustResultFatalTrustFailure:
+ res = "kSecTrustResultFatalTrustFailure"; break;
+ case kSecTrustResultOtherError:
+ res = "kSecTrustResultOtherError"; break;
+ default:
+ res = "UNKNOWN"; break;
+ }
+ printf("\nSecTrustEvaluate(): secTrustResult %s\n", res);
+ }
+
+ switch(secTrustResult) {
+ case kSecTrustResultUnspecified:
+ /* cert chain valid, no special UserTrust assignments */
+ case kSecTrustResultProceed:
+ /* cert chain valid AND user explicitly trusts this */
+ break;
+ default:
+ printf("\n***SecTrustEvaluate reported secTrustResult %d\n",
+ (int)secTrustResult);
+ ortn = errSSLXCertChainInvalid;
+ break;
+ }
+
+ *peerCerts = NULL;
+
+ /* one more thing - get peer certs in the form of an evidence chain */
+ CSSM_TP_APPLE_EVIDENCE_INFO *dummyEv;
+ OSStatus thisRtn = SecTrustGetResult(secTrust, &secTrustResult,
+ peerCerts, &dummyEv);
+ if(thisRtn) {
+ printSslErrStr("SecTrustGetResult", thisRtn);
+ }
+ #if !USE_COPY_PEER_CERTS
+ else {
+ /* workaround for the fact that SSLGetPeerCertificates()
+ * leaves a retain count on each element in the returned array,
+ * requiring us to do a release on each cert.
+ */
+ CFIndex numCerts = CFArrayGetCount(*peerCerts);
+ for(CFIndex dex=0; dex<numCerts; dex++) {
+ CFRetain(CFArrayGetValueAtIndex(*peerCerts, dex));
+ }
+ }
+ #endif /* !USE_COPY_PEER_CERTS */
+ return ortn;
+}
+
+static void sslShowEnabledCipherSuites(
+ SSLContextRef ctx)
+{
+ OSStatus status;
+ SSLCipherSuite *ciphers;
+ size_t numCiphers, totalCiphers;
+ const char *c;
+ unsigned int i;
+
+ status = SSLGetNumberSupportedCiphers(ctx, &totalCiphers);
+ status = SSLGetNumberEnabledCiphers(ctx, &numCiphers);
+ ciphers = (SSLCipherSuite *)malloc(sizeof(SSLCipherSuite) * numCiphers);
+ status = SSLGetEnabledCiphers(ctx, ciphers, &numCiphers);
+
+ printf(" Total enabled ciphers : %ld of %ld\n", numCiphers, totalCiphers);
+
+ for(i=0; i<numCiphers; i++) {
+ switch(ciphers[i]) {
+ case SSL_NULL_WITH_NULL_NULL: c="SSL_NULL_WITH_NULL_NULL"; break;
+ case SSL_RSA_WITH_NULL_MD5: c="SSL_RSA_WITH_NULL_MD5"; break;
+ case SSL_RSA_WITH_NULL_SHA: c="SSL_RSA_WITH_NULL_SHA"; break;
+ case SSL_RSA_EXPORT_WITH_RC4_40_MD5: c="SSL_RSA_EXPORT_WITH_RC4_40_MD5"; break;
+ case SSL_RSA_WITH_RC4_128_MD5: c="SSL_RSA_WITH_RC4_128_MD5"; break;
+ case SSL_RSA_WITH_RC4_128_SHA: c="SSL_RSA_WITH_RC4_128_SHA"; break;
+ case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: c="SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"; break;
+ case SSL_RSA_WITH_IDEA_CBC_SHA: c="SSL_RSA_WITH_IDEA_CBC_SHA"; break;
+ case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: c="SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"; break;
+ case SSL_RSA_WITH_DES_CBC_SHA: c="SSL_RSA_WITH_DES_CBC_SHA"; break;
+ case SSL_RSA_WITH_3DES_EDE_CBC_SHA: c="SSL_RSA_WITH_3DES_EDE_CBC_SHA"; break;
+ case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: c="SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"; break;
+ case SSL_DH_DSS_WITH_DES_CBC_SHA: c="SSL_DH_DSS_WITH_DES_CBC_SHA"; break;
+ case SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA: c="SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"; break;
+ case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: c="SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"; break;
+ case SSL_DH_RSA_WITH_DES_CBC_SHA: c="SSL_DH_RSA_WITH_DES_CBC_SHA"; break;
+ case SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA: c="SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"; break;
+ case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: c="SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"; break;
+ case SSL_DHE_DSS_WITH_DES_CBC_SHA: c="SSL_DHE_DSS_WITH_DES_CBC_SHA"; break;
+ case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA: c="SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"; break;
+ case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: c="SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"; break;
+ case SSL_DHE_RSA_WITH_DES_CBC_SHA: c="SSL_DHE_RSA_WITH_DES_CBC_SHA"; break;
+ case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA: c="SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"; break;
+ case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5: c="SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"; break;
+ case SSL_DH_anon_WITH_RC4_128_MD5: c="SSL_DH_anon_WITH_RC4_128_MD5"; break;
+ case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA: c="SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"; break;
+ case SSL_DH_anon_WITH_DES_CBC_SHA: c="SSL_DH_anon_WITH_DES_CBC_SHA"; break;
+ case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA: c="SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"; break;
+ case SSL_FORTEZZA_DMS_WITH_NULL_SHA: c="SSL_FORTEZZA_DMS_WITH_NULL_SHA"; break;
+ case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA:c="SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA"; break;
+
+ /* TLS addenda using AES, per RFC 3268 */
+ case TLS_RSA_WITH_AES_128_CBC_SHA: c="TLS_RSA_WITH_AES_128_CBC_SHA"; break;
+ case TLS_DH_DSS_WITH_AES_128_CBC_SHA: c="TLS_DH_DSS_WITH_AES_128_CBC_SHA"; break;
+ case TLS_DH_RSA_WITH_AES_128_CBC_SHA: c="TLS_DH_RSA_WITH_AES_128_CBC_SHA"; break;
+ case TLS_DHE_DSS_WITH_AES_128_CBC_SHA: c="TLS_DHE_DSS_WITH_AES_128_CBC_SHA"; break;
+ case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: c="TLS_DHE_RSA_WITH_AES_128_CBC_SHA"; break;
+ case TLS_DH_anon_WITH_AES_128_CBC_SHA: c="TLS_DH_anon_WITH_AES_128_CBC_SHA"; break;
+ case TLS_RSA_WITH_AES_256_CBC_SHA: c="TLS_RSA_WITH_AES_256_CBC_SHA"; break;
+ case TLS_DH_DSS_WITH_AES_256_CBC_SHA: c="TLS_DH_DSS_WITH_AES_256_CBC_SHA"; break;
+ case TLS_DH_RSA_WITH_AES_256_CBC_SHA: c="TLS_DH_RSA_WITH_AES_256_CBC_SHA"; break;
+ case TLS_DHE_DSS_WITH_AES_256_CBC_SHA: c="TLS_DHE_DSS_WITH_AES_256_CBC_SHA"; break;
+ case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: c="TLS_DHE_RSA_WITH_AES_256_CBC_SHA"; break;
+ case TLS_DH_anon_WITH_AES_256_CBC_SHA: c="TLS_DH_anon_WITH_AES_256_CBC_SHA"; break;
+
+ /* ECDSA addenda, RFC 4492 */
+ case TLS_ECDH_ECDSA_WITH_NULL_SHA: c="TLS_ECDH_ECDSA_WITH_NULL_SHA"; break;
+ case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: c="TLS_ECDH_ECDSA_WITH_RC4_128_SHA"; break;
+ case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: c="TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"; break;
+ case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: c="TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"; break;
+ case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: c="TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"; break;
+ case TLS_ECDHE_ECDSA_WITH_NULL_SHA: c="TLS_ECDHE_ECDSA_WITH_NULL_SHA"; break;
+ case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: c="TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"; break;
+ case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: c="TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"; break;
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: c="TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"; break;
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: c="TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"; break;
+ case TLS_ECDH_RSA_WITH_NULL_SHA: c="TLS_ECDH_RSA_WITH_NULL_SHA"; break;
+ case TLS_ECDH_RSA_WITH_RC4_128_SHA: c="TLS_ECDH_RSA_WITH_RC4_128_SHA"; break;
+ case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: c="TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"; break;
+ case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: c="TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"; break;
+ case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: c="TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"; break;
+ case TLS_ECDHE_RSA_WITH_NULL_SHA: c="TLS_ECDHE_RSA_WITH_NULL_SHA"; break;
+ case TLS_ECDHE_RSA_WITH_RC4_128_SHA: c="TLS_ECDHE_RSA_WITH_RC4_128_SHA"; break;
+ case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: c="TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"; break;
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: c="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"; break;
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: c="TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"; break;
+ case TLS_ECDH_anon_WITH_NULL_SHA: c="TLS_ECDH_anon_WITH_NULL_SHA"; break;
+ case TLS_ECDH_anon_WITH_RC4_128_SHA: c="TLS_ECDH_anon_WITH_RC4_128_SHA"; break;
+ case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: c="TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"; break;
+ case TLS_ECDH_anon_WITH_AES_128_CBC_SHA: c="TLS_ECDH_anon_WITH_AES_128_CBC_SHA"; break;
+ case TLS_ECDH_anon_WITH_AES_256_CBC_SHA: c="TLS_ECDH_anon_WITH_AES_256_CBC_SHA"; break;
+
+ /*
+ * Tags for SSL 2 cipher kinds which are not specified
+ * for SSL 3.
+ */
+ case SSL_RSA_WITH_RC2_CBC_MD5: c="SSL_RSA_WITH_RC2_CBC_MD5"; break;
+ case SSL_RSA_WITH_IDEA_CBC_MD5: c="SSL_RSA_WITH_IDEA_CBC_MD5"; break;
+ case SSL_RSA_WITH_DES_CBC_MD5: c="SSL_RSA_WITH_DES_CBC_MD5"; break;
+ case SSL_RSA_WITH_3DES_EDE_CBC_MD5: c="SSL_RSA_WITH_3DES_EDE_CBC_MD5"; break;
+ case SSL_NO_SUCH_CIPHERSUITE:
+ default:
+ c="SSL_NO_SUCH_CIPHERSUITE"; break;
+ }
+ printf(" %s\n", c);
+ fflush(stdout);
+ }
+ free(ciphers);
+}
+
+/* print reply received from server, safely */
+static void dumpAscii(
+ uint8_t *rcvBuf,
+ uint32_t len)
+{
+ char *cp = (char *)rcvBuf;
+ uint32_t i;
+ char c;
+
+ for(i=0; i<len; i++) {
+ c = *cp++;
+ if(c == '\0') {
+ break;
+ }
+ switch(c) {
+ case '\n':
+ printf("\\n");
+ break;
+ case '\r':
+ printf("\\r");
+ break;
+ default:
+ if(isprint(c) && (c != '\n')) {
+ printf("%c", c);
+ }
+ else {
+ printf("<%02X>", ((unsigned)c) & 0xff);
+ }
+ break;
+ }
+
+ }
+ printf("\n");
+}
+
+/*
+ * Perform one SSL diagnostic session. Returns nonzero on error. Normally no
+ * output to stdout except initial "connecting to" message, unless there
+ * is a really screwed up error (i.e., something not directly related
+ * to the SSL connection).
+ */
+#define RCV_BUF_SIZE 256
+
+static OSStatus sslPing(
+ sslPingArgs *pargs)
+{
+ PeerSpec peerId;
+ otSocket sock = 0;
+ OSStatus ortn;
+ SSLContextRef ctx = NULL;
+ size_t length;
+ size_t actLen;
+ uint8_t rcvBuf[RCV_BUF_SIZE];
+ CFAbsoluteTime startHandshake;
+ CFAbsoluteTime endHandshake;
+
+ pargs->negVersion = kSSLProtocolUnknown;
+ pargs->negCipher = SSL_NULL_WITH_NULL_NULL;
+ pargs->peerCerts = NULL;
+
+ /* first make sure requested server is there */
+ ortn = MakeServerConnection(pargs->hostName, pargs->port, pargs->nonBlocking,
+ &sock, &peerId);
+ if(ortn) {
+ printf("MakeServerConnection returned %d; aborting\n", (int)ortn);
+ return ortn;
+ }
+ if(pargs->verbose) {
+ printf("...connected to server; starting SecureTransport\n");
+ }
+
+ /*
+ * Set up a SecureTransport session.
+ * First the standard calls.
+ */
+ ortn = SSLNewContext(false, &ctx);
+ if(ortn) {
+ printSslErrStr("SSLNewContext", ortn);
+ goto cleanup;
+ }
+ ortn = SSLSetIOFuncs(ctx, SocketRead, SocketWrite);
+ if(ortn) {
+ printSslErrStr("SSLSetIOFuncs", ortn);
+ goto cleanup;
+ }
+ ortn = SSLSetConnection(ctx, (SSLConnectionRef)sock);
+ if(ortn) {
+ printSslErrStr("SSLSetConnection", ortn);
+ goto cleanup;
+ }
+ SSLConnectionRef getConn;
+ ortn = SSLGetConnection(ctx, &getConn);
+ if(ortn) {
+ printSslErrStr("SSLGetConnection", ortn);
+ goto cleanup;
+ }
+ if(getConn != (SSLConnectionRef)sock) {
+ printf("***SSLGetConnection error\n");
+ ortn = paramErr;
+ goto cleanup;
+ }
+ if(!pargs->allowHostnameSpoof) {
+ /* if this isn't set, it isn't checked by AppleX509TP */
+ const char *vfyHost = pargs->hostName;
+ if(pargs->vfyHostName) {
+ /* generally means we're expecting an error */
+ vfyHost = pargs->vfyHostName;
+ }
+ ortn = SSLSetPeerDomainName(ctx, vfyHost, strlen(vfyHost));
+ if(ortn) {
+ printSslErrStr("SSLSetPeerDomainName", ortn);
+ goto cleanup;
+ }
+ }
+
+ /*
+ * SecureTransport options.
+ */
+ if(pargs->acceptedProts) {
+ ortn = SSLSetProtocolVersionEnabled(ctx, kSSLProtocolAll, false);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersionEnabled(all off)", ortn);
+ goto cleanup;
+ }
+ for(const char *cp = pargs->acceptedProts; *cp; cp++) {
+ SSLProtocol prot;
+ switch(*cp) {
+ case '2':
+ prot = kSSLProtocol2;
+ break;
+ case '3':
+ prot = kSSLProtocol3;
+ break;
+ case 't':
+ prot = kTLSProtocol1;
+ break;
+ default:
+ usage(pargs->argv);
+ }
+ ortn = SSLSetProtocolVersionEnabled(ctx, prot, true);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersionEnabled", ortn);
+ goto cleanup;
+ }
+ }
+ }
+ else {
+ ortn = SSLSetProtocolVersion(ctx, pargs->tryVersion);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersion", ortn);
+ goto cleanup;
+ }
+ SSLProtocol getVers;
+ ortn = SSLGetProtocolVersion(ctx, &getVers);
+ if(ortn) {
+ printSslErrStr("SSLSetProtocolVersion", ortn);
+ goto cleanup;
+ }
+ if(getVers != pargs->tryVersion) {
+ printf("***SSLGetProtocolVersion screwup: try %s get %s\n",
+ sslGetProtocolVersionString(pargs->tryVersion),
+ sslGetProtocolVersionString(getVers));
+ ortn = paramErr;
+ goto cleanup;
+ }
+ }
+ if(pargs->resumableEnable) {
+ const void *rtnId = NULL;
+ size_t rtnIdLen = 0;
+
+ ortn = SSLSetPeerID(ctx, &peerId, sizeof(PeerSpec));
+ if(ortn) {
+ printSslErrStr("SSLSetPeerID", ortn);
+ goto cleanup;
+ }
+ /* quick test of the get fcn */
+ ortn = SSLGetPeerID(ctx, &rtnId, &rtnIdLen);
+ if(ortn) {
+ printSslErrStr("SSLGetPeerID", ortn);
+ goto cleanup;
+ }
+ if((rtnId == NULL) || (rtnIdLen != sizeof(PeerSpec))) {
+ printf("***SSLGetPeerID screwup\n");
+ }
+ else if(memcmp(&peerId, rtnId, rtnIdLen) != 0) {
+ printf("***SSLGetPeerID data mismatch\n");
+ }
+ }
+ if(pargs->allowExpired) {
+ ortn = SSLSetAllowsExpiredCerts(ctx, true);
+ if(ortn) {
+ printSslErrStr("SSLSetAllowExpiredCerts", ortn);
+ goto cleanup;
+ }
+ }
+ if(pargs->allowExpiredRoot) {
+ ortn = SSLSetAllowsExpiredRoots(ctx, true);
+ if(ortn) {
+ printSslErrStr("SSLSetAllowsExpiredRoots", ortn);
+ goto cleanup;
+ }
+ }
+ if(pargs->disableCertVerify) {
+ ortn = SSLSetEnableCertVerify(ctx, false);
+ if(ortn) {
+ printSslErrStr("SSLSetEnableCertVerify", ortn);
+ goto cleanup;
+ }
+ }
+ if(pargs->allowAnyRoot) {
+ ortn = SSLSetAllowsAnyRoot(ctx, true);
+ if(ortn) {
+ printSslErrStr("SSLSetAllowAnyRoot", ortn);
+ goto cleanup;
+ }
+ }
+ if(pargs->cipherRestrict != '\0') {
+ ortn = sslSetCipherRestrictions(ctx, pargs->cipherRestrict);
+ if(ortn) {
+ goto cleanup;
+ }
+ }
+ if(pargs->anchorFile) {
+ ortn = sslAddTrustedRoot(ctx, pargs->anchorFile, pargs->replaceAnchors);
+ if(ortn) {
+ printf("***Error obtaining anchor file %s\n", pargs->anchorFile);
+ goto cleanup;
+ }
+ }
+ if(pargs->trustedLeafFile) {
+ SecCertificateRef leafCertRef = NULL;
+ CFMutableArrayRef leafCerts = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
+ /* sslReadAnchor is a misnomer; it just creates a SecCertificateRef from a file */
+ ortn = sslReadAnchor(pargs->trustedLeafFile, &leafCertRef);
+ if (!ortn) {
+ CFArrayAppendValue(leafCerts, leafCertRef);
+ CFRelease(leafCertRef);
+ ortn = SSLSetTrustedLeafCertificates(ctx, leafCerts);
+ CFRelease(leafCerts);
+ }
+ if(ortn) {
+ goto cleanup;
+ }
+ }
+ if(pargs->interactiveAuth) {
+ /* we want to get errSSLServerAuthCompleted from SSLHandshake on server auth completion */
+ SSLSetSessionOption(ctx, kSSLSessionOptionBreakOnServerAuth, true);
+ /* we want to get errSSLClientCertRequested from SSLHandshake on client auth request */
+ SSLSetSessionOption(ctx, kSSLSessionOptionBreakOnCertRequested, true);
+ }
+ else if(pargs->clientCerts) {
+ CFArrayRef dummy;
+ if(pargs->anchorFile == NULL) {
+ /* assume this is a root we want to implicitly trust */
+ ortn = addIdentityAsTrustedRoot(ctx, pargs->clientCerts);
+ if(ortn) {
+ goto cleanup;
+ }
+ }
+ ortn = SSLSetCertificate(ctx, pargs->clientCerts);
+ if(ortn) {
+ printSslErrStr("SSLSetCertificate", ortn);
+ goto cleanup;
+ }
+ /* quickie test for this new function */
+ ortn = SSLGetCertificate(ctx, &dummy);
+ if(ortn) {
+ printSslErrStr("SSLGetCertificate", ortn);
+ goto cleanup;
+ }
+ if(dummy != pargs->clientCerts) {
+ printf("***SSLGetCertificate error\n");
+ ortn = ioErr;
+ goto cleanup;
+ }
+ }
+ if(pargs->encryptClientCerts) {
+ if(pargs->anchorFile == NULL) {
+ ortn = addIdentityAsTrustedRoot(ctx, pargs->encryptClientCerts);
+ if(ortn) {
+ goto cleanup;
+ }
+ }
+ ortn = SSLSetEncryptionCertificate(ctx, pargs->encryptClientCerts);
+ if(ortn) {
+ printSslErrStr("SSLSetEncryptionCertificate", ortn);
+ goto cleanup;
+ }
+ }
+ if(pargs->sessionCacheTimeout) {
+ ortn = SSLSetSessionCacheTimeout(ctx, pargs->sessionCacheTimeout);
+ if(ortn) {
+ printSslErrStr("SSLSetSessionCacheTimeout", ortn);
+ goto cleanup;
+ }
+ }
+ if(pargs->disableAnonCiphers) {
+ ortn = SSLSetAllowAnonymousCiphers(ctx, false);
+ if(ortn) {
+ printSslErrStr("SSLSetAllowAnonymousCiphers", ortn);
+ goto cleanup;
+ }
+ /* quickie test of the getter */
+ Boolean e;
+ ortn = SSLGetAllowAnonymousCiphers(ctx, &e);
+ if(ortn) {
+ printSslErrStr("SSLGetAllowAnonymousCiphers", ortn);
+ goto cleanup;
+ }
+ if(e) {
+ printf("***SSLGetAllowAnonymousCiphers() returned true; expected false\n");
+ ortn = ioErr;
+ goto cleanup;
+ }
+ }
+ if(pargs->showCipherSuites) {
+ sslShowEnabledCipherSuites(ctx);
+ }
+ /*** end options ***/
+
+ if(pargs->verbose) {
+ printf("...starting SSL handshake\n");
+ }
+ startHandshake = CFAbsoluteTimeGetCurrent();
+
+ do
+ { ortn = SSLHandshake(ctx);
+ if((ortn == errSSLWouldBlock) && !pargs->silent) {
+ /* keep UI responsive */
+ sslOutputDot();
+ }
+ else if(ortn == errSSLServerAuthCompleted) {
+ if(pargs->verbose) {
+ printf("...server authentication completed\n");
+ }
+ }
+ else if(ortn == errSSLClientCertRequested) {
+ if(pargs->verbose) {
+ printf("...received client cert request\n");
+ }
+ /* %%% could prompt interactively here for client cert to use;
+ * for now, just use the client cert passed on the command line
+ */
+ if(pargs->clientCerts) {
+ CFArrayRef dummy;
+ if(pargs->anchorFile == NULL) {
+ /* assume this is a root we want to implicitly trust */
+ ortn = addIdentityAsTrustedRoot(ctx, pargs->clientCerts);
+ if(ortn) {
+ goto cleanup;
+ }
+ }
+ if(pargs->verbose) {
+ printf("...setting client certificate\n");
+ }
+ ortn = SSLSetCertificate(ctx, pargs->clientCerts);
+ if(ortn) {
+ printSslErrStr("SSLSetCertificate", ortn);
+ goto cleanup;
+ }
+ /* quickie test for this new function */
+ ortn = SSLGetCertificate(ctx, &dummy);
+ if(ortn) {
+ printSslErrStr("SSLGetCertificate", ortn);
+ goto cleanup;
+ }
+ if(dummy != pargs->clientCerts) {
+ printf("***SSLGetCertificate error\n");
+ ortn = ioErr;
+ goto cleanup;
+ }
+ }
+ else {
+ printf("***no client certificate specified!\n");
+ }
+ }
+ } while (ortn == errSSLWouldBlock ||
+ ortn == errSSLServerAuthCompleted ||
+ ortn == errSSLClientCertRequested);
+
+ endHandshake = CFAbsoluteTimeGetCurrent();
+ pargs->handshakeTimeOp = endHandshake - startHandshake;
+ if(pargs->numHandshakes == 0) {
+ /* special case, this one is always way longer */
+ pargs->handshakeTimeFirst = pargs->handshakeTimeOp;
+ }
+ else {
+ /* normal running total */
+ pargs->handshakeTimeTotal += pargs->handshakeTimeOp;
+ }
+ pargs->numHandshakes++;
+
+ /* this works even if handshake failed due to cert chain invalid */
+ CFRELEASE(pargs->peerCerts);
+ if(!pargs->manualCertVerify) {
+ copyPeerCerts(ctx, &pargs->peerCerts);
+ }
+ else {
+ /* else fetched via SecTrust later */
+ pargs->peerCerts = NULL;
+ }
+
+ ortn = SSLCopyPeerTrust(ctx, &pargs->peerTrust);
+ if(ortn) {
+ printf("***SSLCopyPeerTrust error %d\n", (int)ortn);
+ pargs->peerTrust = NULL;
+ }
+
+ /* ditto */
+ SSLGetClientCertificateState(ctx, &pargs->certState);
+ SSLGetNegotiatedClientAuthType(ctx, &pargs->authType);
+ SSLGetNegotiatedCipher(ctx, &pargs->negCipher);
+ SSLGetNegotiatedProtocolVersion(ctx, &pargs->negVersion);
+ CFRELEASE(pargs->dnList);
+ SSLCopyDistinguishedNames(ctx, &pargs->dnList);
+ pargs->sessionIDLength = MAX_SESSION_ID_LENGTH;
+ SSLGetResumableSessionInfo(ctx, &pargs->sessionWasResumed, pargs->sessionID,
+ &pargs->sessionIDLength);
+ if(pargs->manualCertVerify) {
+ OSStatus certRtn = sslEvaluateTrust(ctx, pargs->verbose, pargs->silent,
+ &pargs->peerCerts);
+ if(certRtn && !ortn ) {
+ ortn = certRtn;
+ }
+ }
+
+ if(ortn) {
+ if(!pargs->silent) {
+ printf("\n");
+ }
+ goto cleanup;
+ }
+
+ if(pargs->verbose) {
+ printf("...SSL handshake complete\n");
+ }
+
+ /* Write our GET request */
+ length = strlen(pargs->getMsg);
+ ortn = SSLWrite(ctx, pargs->getMsg, length, &actLen);
+ if(ortn) {
+ printf("***SSLWrite error: %d\n", (int)ortn);
+ } else if((actLen > 0) && pargs->dumpRxData) {
+ dumpAscii((uint8_t*)pargs->getMsg, actLen);
+ }
+
+ /*
+ * Try to snag RCV_BUF_SIZE bytes. Exit if (!keepConnected and we get any data
+ * at all), or (keepConnected and err != (none, wouldBlock)).
+ */
+ while (ortn == noErr) {
+ actLen = 0;
+ if(pargs->dumpRxData) {
+ size_t avail = 0;
+
+ ortn = SSLGetBufferedReadSize(ctx, &avail);
+ if(ortn) {
+ printf("***SSLGetBufferedReadSize error\n");
+ break;
+ }
+ if(avail != 0) {
+ printf("\n%d bytes available: ", (int)avail);
+ }
+ }
+ ortn = SSLRead(ctx, rcvBuf, RCV_BUF_SIZE, &actLen);
+ if((actLen == 0) && !pargs->silent) {
+ sslOutputDot();
+ }
+ if((actLen == 0) && (ortn == noErr)) {
+ printf("***Radar 2984932 confirmed***\n");
+ }
+ if (ortn == errSSLWouldBlock) {
+ /* for this loop, these are identical */
+ ortn = noErr;
+ }
+ if(ortn == errSSLServerAuthCompleted ||
+ ortn == errSSLClientCertRequested) {
+ /* should never get these once the handshake is complete */
+ printf("***SSLRead returned unexpected handshake error!\n");
+ }
+
+ if((actLen > 0) && pargs->dumpRxData) {
+ dumpAscii(rcvBuf, actLen);
+ }
+ if(ortn != noErr) {
+ /* connection closed by server or by error */
+ break;
+ }
+ if(!pargs->keepConnected && (actLen > 0)) {
+ /* good enough, we connected */
+ break;
+ }
+ }
+ if(!pargs->silent) {
+ printf("\n");
+ }
+
+ /* snag these again in case of renegotiate */
+ SSLGetClientCertificateState(ctx, &pargs->certState);
+ SSLGetNegotiatedCipher(ctx, &pargs->negCipher);
+ SSLGetNegotiatedProtocolVersion(ctx, &pargs->negVersion);
+ CFRELEASE(pargs->dnList);
+ SSLCopyDistinguishedNames(ctx, &pargs->dnList);
+
+ /* convert normal "shutdown" into zero err rtn */
+ if(ortn == errSSLClosedGraceful) {
+ ortn = noErr;
+ }
+ if((ortn == errSSLClosedNoNotify) && !pargs->requireNotify) {
+ /* relaxed disconnect rules */
+ ortn = noErr;
+ }
+cleanup:
+ /*
+ * always do close, even on error - to flush outgoing write queue
+ */
+ OSStatus cerr = SSLClose(ctx);
+ if(ortn == noErr) {
+ ortn = cerr;
+ }
+ if(sock) {
+ endpointShutdown(sock);
+ }
+ if(ctx) {
+ SSLDisposeContext(ctx);
+ }
+ return ortn;
+}
+
+static void showPeerCerts(
+ CFArrayRef peerCerts,
+ bool verbose)
+{
+ CFIndex numCerts;
+ SecCertificateRef certRef;
+ OSStatus ortn;
+ CSSM_DATA certData;
+ CFIndex i;
+
+ if(peerCerts == NULL) {
+ return;
+ }
+ numCerts = CFArrayGetCount(peerCerts);
+ for(i=0; i<numCerts; i++) {
+ certRef = (SecCertificateRef)CFArrayGetValueAtIndex(peerCerts, i);
+ ortn = SecCertificateGetData(certRef, &certData);
+ if(ortn) {
+ printf("***SecCertificateGetData returned %d\n", (int)ortn);
+ continue;
+ }
+ printf("\n================== Server Cert %lu ===================\n\n", i);
+ printCert(certData.Data, certData.Length, verbose);
+ printf("\n=============== End of Server Cert %lu ===============\n", i);
+ }
+}
+
+static void writePeerCerts(
+ CFArrayRef peerCerts,
+ const char *fileBase)
+{
+ CFIndex numCerts;
+ SecCertificateRef certRef;
+ OSStatus ortn;
+ CSSM_DATA certData;
+ CFIndex i;
+ char fileName[100];
+
+ if(peerCerts == NULL) {
+ return;
+ }
+ numCerts = CFArrayGetCount(peerCerts);
+ for(i=0; i<numCerts; i++) {
+ sprintf(fileName, "%s%02d.cer", fileBase, (int)i);
+ certRef = (SecCertificateRef)CFArrayGetValueAtIndex(peerCerts, i);
+ ortn = SecCertificateGetData(certRef, &certData);
+ if(ortn) {
+ printf("***SecCertificateGetData returned %d\n", (int)ortn);
+ continue;
+ }
+ cspWriteFile(fileName, certData.Data, certData.Length);
+ }
+ printf("...wrote %lu certs to fileBase %s\n", numCerts, fileBase);
+}
+
+static void writeDnList(
+ CFArrayRef dnList,
+ const char *fileBase)
+{
+ CFIndex numDns;
+ CFDataRef cfDn;
+ CFIndex i;
+ char fileName[100];
+
+ if(dnList == NULL) {
+ return;
+ }
+ numDns = CFArrayGetCount(dnList);
+ for(i=0; i<numDns; i++) {
+ sprintf(fileName, "%s%02d.der", fileBase, (int)i);
+ cfDn = (CFDataRef)CFArrayGetValueAtIndex(dnList, i);
+ cspWriteFile(fileName, CFDataGetBytePtr(cfDn), CFDataGetLength(cfDn));
+ }
+ printf("...wrote %lu RDNs to fileBase %s\n", numDns, fileBase);
+}
+
+/*
+ * Show result of an sslPing().
+ * Assumes the following from sslPingArgs:
+ *
+ * verbose
+ * tryVersion
+ * acceptedProts
+ * negVersion
+ * negCipher
+ * peerCerts
+ * certState
+ * authType
+ * sessionWasResumed
+ * sessionID
+ * sessionIDLength
+ * handshakeTime
+ */
+static void showSSLResult(
+ const sslPingArgs &pargs,
+ OSStatus err,
+ bool displayPeerCerts,
+ const char *fileBase, // non-NULL: write certs to file
+ const char *dnFileBase) // non-NULL: write DNList to file
+{
+ CFIndex numPeerCerts;
+
+ printf("\n");
+
+ if(pargs.acceptedProts) {
+ printf(" Allowed SSL versions : %s\n", pargs.acceptedProts);
+ }
+ else {
+ printf(" Attempted SSL version : %s\n",
+ sslGetProtocolVersionString(pargs.tryVersion));
+ }
+
+ printf(" Result : %s\n", sslGetSSLErrString(err));
+ printf(" Negotiated SSL version : %s\n",
+ sslGetProtocolVersionString(pargs.negVersion));
+ printf(" Negotiated CipherSuite : %s\n",
+ sslGetCipherSuiteString(pargs.negCipher));
+ if(pargs.certState != kSSLClientCertNone) {
+ printf(" Client Cert State : %s\n",
+ sslGetClientCertStateString(pargs.certState));
+ printf(" Client Auth Type : %s\n",
+ sslGetClientAuthTypeString(pargs.authType));
+ }
+ if(pargs.verbose) {
+ printf(" Resumed Session : ");
+ if(pargs.sessionWasResumed) {
+ for(unsigned dex=0; dex<pargs.sessionIDLength; dex++) {
+ printf("%02X ", pargs.sessionID[dex]);
+ if(((dex % 8) == 7) && (dex != (pargs.sessionIDLength - 1))) {
+ printf("\n ");
+ }
+ }
+ printf("\n");
+ }
+ else {
+ printf("NOT RESUMED\n");
+ }
+ printf(" Handshake time : %f seconds\n", pargs.handshakeTimeOp);
+ }
+ if(pargs.peerCerts == NULL) {
+ numPeerCerts = 0;
+ }
+ else {
+ numPeerCerts = CFArrayGetCount(pargs.peerCerts);
+ }
+ printf(" Number of server certs : %lu\n", numPeerCerts);
+ if(numPeerCerts != 0) {
+ if(displayPeerCerts) {
+ showPeerCerts(pargs.peerCerts, false);
+ }
+ if(fileBase != NULL) {
+ writePeerCerts(pargs.peerCerts, fileBase);
+ }
+ }
+ if(dnFileBase != NULL) {
+ writeDnList(pargs.dnList, dnFileBase);
+ }
+
+ printf("\n");
+}
+
+static int verifyProtocol(
+ bool verifyProt,
+ SSLProtocol maxProtocol,
+ SSLProtocol reqProtocol,
+ SSLProtocol negProtocol)
+{
+ if(!verifyProt) {
+ return 0;
+ }
+ if(reqProtocol > maxProtocol) {
+ /* known not to support this attempt, relax */
+ reqProtocol = maxProtocol;
+ }
+ if(reqProtocol != negProtocol) {
+ printf("***Expected protocol %s; negotiated %s\n",
+ sslGetProtocolVersionString(reqProtocol),
+ sslGetProtocolVersionString(negProtocol));
+ return 1;
+ }
+ else {
+ return 0;
+ }
+}
+
+static int verifyClientCertState(
+ bool verifyCertState,
+ SSLClientCertificateState expectState,
+ SSLClientCertificateState gotState)
+{
+ if(!verifyCertState) {
+ return 0;
+ }
+ if(expectState == gotState) {
+ return 0;
+ }
+ printf("***Expected clientCertState %s; got %s\n",
+ sslGetClientCertStateString(expectState),
+ sslGetClientCertStateString(gotState));
+ return 1;
+}
+
+/*
+ * Free everything allocated by sslPing in an sslPingArgs.
+ * Mainly for looping and malloc debugging.
+ */
+static void freePingArgs(
+ sslPingArgs *pargs)
+{
+ freePeerCerts(pargs->peerCerts);
+ pargs->peerCerts = NULL;
+ CFRELEASE(pargs->peerTrust);
+ CFRELEASE(pargs->dnList);
+ /* more, later, for client retry/identity fetch */
+}
+
+static SSLProtocol charToProt(
+ char c, // 2, 3, t
+ char **argv)
+{
+ switch(c) {
+ case '2':
+ return kSSLProtocol2;
+ case '3':
+ return kSSLProtocol3;
+ case 't':
+ return kTLSProtocol1;
+ default:
+ usage(argv);
+ }
+ /* NOT REACHED */
+ return kSSLProtocolUnknown;
+}
+
+int main(int argc, char **argv)
+{
+ OSStatus err;
+ int arg;
+ char *argp;
+ char getMsg[300];
+ char fullFileBase[100];
+ int ourRtn = 0; // exit status - sum of all errors
+ unsigned loop;
+ SecKeychainRef serverKc = nil;
+ SecKeychainRef encryptKc = nil;
+ sslPingArgs pargs;
+
+ /* user-spec'd parameters */
+ char *getPath = (char *)DEFAULT_PATH;
+ char *fileBase = NULL;
+ bool displayCerts = false;
+ bool doSslV2 = false;
+ bool doSslV3 = false;
+ bool doTlsV1 = true;
+ bool protXOnly = false; // kSSLProtocol3Only, kTLSProtocol1Only
+ bool doProtUnknown = false;
+ unsigned loopCount = 1;
+ bool doPause = false;
+ bool pauseFirstLoop = false;
+ bool verifyProt = false;
+ SSLProtocol maxProtocol = kTLSProtocol1; // for verifying negotiated
+ // protocol
+ char *acceptedProts = NULL;
+ char *keyChainName = NULL;
+ char *encryptKeyChainName = NULL;
+ char *getMsgSpec = NULL;
+ bool vfyCertState = false;
+ SSLClientCertificateState expectCertState;
+ bool displayHandshakeTimes = false;
+ bool completeCertChain = false;
+ char *dnFileBase = NULL;
+
+ /* special case - one arg of "h" or "-h" or "hv" */
+ if(argc == 2) {
+ if((strcmp(argv[1], "h") == 0) || (strcmp(argv[1], "-h") == 0)) {
+ usage(argv);
+ }
+ if(strcmp(argv[1], "hv") == 0) {
+ usageVerbose(argv);
+ }
+ }
+
+ /* set up defaults */
+ memset(&pargs, 0, sizeof(sslPingArgs));
+ pargs.hostName = DEFAULT_HOST;
+ pargs.port = DEFAULT_PORT;
+ pargs.resumableEnable = true;
+ pargs.argv = argv;
+
+ for(arg=1; arg<argc; arg++) {
+ argp = argv[arg];
+ if(arg == 1) {
+ /* first arg, is always hostname; '-' means default */
+ if(argp[0] != '-') {
+ pargs.hostName = argp;
+ }
+ continue;
+ }
+ if(argp[0] == '/') {
+ /* path always starts with leading slash */
+ getPath = argp;
+ continue;
+ }
+ /* options */
+ switch(argp[0]) {
+ case 'e':
+ pargs.allowExpired = true;
+ break;
+ case 'E':
+ pargs.allowExpiredRoot = true;
+ break;
+ case 'x':
+ pargs.disableCertVerify = true;
+ break;
+ case 'M':
+ pargs.disableCertVerify = true; // implied
+ pargs.manualCertVerify = true;
+ break;
+ case 'I':
+ pargs.interactiveAuth = true;
+ break;
+ case 'a':
+ if(++arg == argc) {
+ /* requires another arg */
+ usage(argv);
+ }
+ pargs.anchorFile = argv[arg];
+ break;
+ case 'A':
+ if(++arg == argc) {
+ /* requires another arg */
+ usage(argv);
+ }
+ pargs.anchorFile = argv[arg];
+ pargs.replaceAnchors = true;
+ break;
+ case 'Z':
+ if(++arg == argc) {
+ /* requires another arg */
+ usage(argv);
+ }
+ pargs.trustedLeafFile = argv[arg];
+ break;
+ case 'r':
+ pargs.allowAnyRoot = true;
+ break;
+ case 'd':
+ pargs.dumpRxData = true;
+ break;
+ case 'c':
+ displayCerts = true;
+ break;
+ case 'f':
+ if(++arg == argc) {
+ /* requires another arg */
+ usage(argv);
+ }
+ fileBase = argv[arg];
+ break;
+ case 'C':
+ pargs.cipherRestrict = argp[2];
+ break;
+ case 'S':
+ pargs.showCipherSuites = true;
+ break;
+ case '2':
+ doSslV3 = doTlsV1 = false;
+ doSslV2 = true;
+ break;
+ case '3':
+ doSslV2 = doTlsV1 = false;
+ doSslV3 = true;
+ break;
+ case 't':
+ /* currently the default... */
+ doSslV2 = doSslV3 = false;
+ doTlsV1 = true;
+ break;
+ case 'L':
+ doSslV2 = doSslV3 = doTlsV1 = true;
+ break;
+ case 'o':
+ protXOnly = true;
+ break;
+ case 'u':
+ doSslV2 = doSslV3 = doTlsV1 = false;
+ doProtUnknown = true;
+ break;
+ case 'K':
+ pargs.keepConnected = true;
+ break;
+ case 'n':
+ pargs.requireNotify = true;
+ pargs.keepConnected = true;
+ break;
+ case 'R':
+ pargs.resumableEnable = false;
+ break;
+ case 'b':
+ pargs.nonBlocking = true;
+ break;
+ case 'v':
+ verifyProt = true;
+ break;
+ case 'm':
+ if(argp[1] != '=') {
+ usage(argv);
+ }
+ verifyProt = true; // implied
+ maxProtocol = charToProt(argp[2], argv);
+ break;
+ case 'g':
+ if(argp[1] != '=') {
+ usage(argv);
+ }
+ acceptedProts = &argp[2];
+ doSslV3 = doSslV2 = doTlsV1 = false;
+ break;
+ case 'l':
+ loopCount = atoi(&argp[2]);
+ if(loopCount == 0) {
+ printf("***bad loopCount\n");
+ usage(argv);
+ }
+ break;
+ case 'P':
+ pargs.port = atoi(&argp[2]);
+ break;
+ case 'H':
+ pargs.allowHostnameSpoof = true;
+ break;
+ case 'F':
+ pargs.vfyHostName = &argp[2];
+ break;
+ case 'k':
+ keyChainName = &argp[2];
+ break;
+ case 'y':
+ encryptKeyChainName = &argp[2];
+ break;
+ case 'G':
+ getMsgSpec = &argp[2];
+ break;
+ case 'T':
+ if(argp[1] != '=') {
+ usage(argv);
+ }
+ vfyCertState = true;
+ switch(argp[2]) {
+ case 'n':
+ expectCertState = kSSLClientCertNone;
+ break;
+ case 'r':
+ expectCertState = kSSLClientCertRequested;
+ break;
+ case 's':
+ expectCertState = kSSLClientCertSent;
+ break;
+ case 'j':
+ expectCertState = kSSLClientCertRejected;
+ break;
+ default:
+ usage(argv);
+ }
+ break;
+ case 'z':
+ pargs.password = &argp[2];
+ break;
+ case 'p':
+ doPause = true;
+ break;
+ case '7':
+ pauseFirstLoop = true;
+ break;
+ case 'q':
+ pargs.quiet = true;
+ break;
+ case 'V':
+ pargs.verbose = true;
+ break;
+ case 's':
+ pargs.silent = pargs.quiet = true;
+ break;
+ case 'N':
+ displayHandshakeTimes = true;
+ break;
+ case '8':
+ completeCertChain = true;
+ break;
+ case 'i':
+ pargs.sessionCacheTimeout = atoi(&argp[2]);
+ break;
+ case '4':
+ pargs.disableAnonCiphers = true;
+ break;
+ case 'D':
+ if(++arg == argc) {
+ /* requires another arg */
+ usage(argv);
+ }
+ dnFileBase = argv[arg];
+ break;
+ case 'h':
+ if(pargs.verbose || (argp[1] == 'v')) {
+ usageVerbose(argv);
+ }
+ else {
+ usage(argv);
+ }
+ default:
+ usage(argv);
+ }
+ }
+ if(getMsgSpec) {
+ pargs.getMsg = getMsgSpec;
+ }
+ else {
+ sprintf(getMsg, "%s %s %s",
+ DEFAULT_GETMSG, getPath, DEFAULT_GET_SUFFIX);
+ pargs.getMsg = getMsg;
+ }
+
+ /* get client cert and optional encryption cert as CFArrayRef */
+ if(keyChainName) {
+ pargs.clientCerts = getSslCerts(keyChainName, false, completeCertChain,
+ pargs.anchorFile, &serverKc);
+ if(pargs.clientCerts == nil) {
+ exit(1);
+ }
+ if(pargs.password) {
+ OSStatus ortn = SecKeychainUnlock(serverKc,
+ strlen(pargs.password), pargs.password, true);
+ if(ortn) {
+ printf("SecKeychainUnlock returned %d\n", (int)ortn);
+ /* oh well */
+ }
+ }
+ }
+ if(encryptKeyChainName) {
+ pargs.encryptClientCerts = getSslCerts(encryptKeyChainName, true,
+ completeCertChain, pargs.anchorFile, &encryptKc);
+ if(pargs.encryptClientCerts == nil) {
+ exit(1);
+ }
+ }
+ signal(SIGPIPE, sigpipe);
+
+ if(loopCount != 0) {
+ /* prepare to handle KC callbacks for root cert cache invalidation */
+ if(startCFRunLoop()) {
+ exit(1);
+ }
+
+ /* give that thread a chance right now */
+ while(!runLoopInitialized) {
+ usleep(1000);
+ };
+ }
+
+ if(doPause) {
+ char resp;
+ fpurge(stdin);
+ printf("Before main loop. Hit a to abort, c to continue: ");
+ resp = getchar();
+ if(resp == 'a') {
+ exit(1);
+ }
+ }
+
+ for(loop=0; loop<loopCount; loop++) {
+ /*
+ * One pass for each protocol version, skipping any explicit version if
+ * an attempt at a higher version and succeeded in doing so successfully fell
+ * back.
+ */
+ if(doTlsV1) {
+ pargs.tryVersion =
+ protXOnly ? kTLSProtocol1Only : kTLSProtocol1;
+ pargs.acceptedProts = NULL;
+ if(!pargs.silent) {
+ printf("Connecting to host %s with TLS V1...\n", pargs.hostName);
+ }
+ fflush(stdout);
+ err = sslPing(&pargs);
+ if(err) {
+ ourRtn++;
+ }
+ if(!pargs.quiet) {
+ if(fileBase) {
+ sprintf(fullFileBase, "%s_v3.1", fileBase);
+ }
+ showSSLResult(pargs,
+ err,
+ displayCerts,
+ fileBase ? fullFileBase : NULL,
+ dnFileBase);
+ }
+ freePingArgs(&pargs);
+ if(!err) {
+ /* deal with fallbacks, skipping redundant tests */
+ switch(pargs.negVersion) {
+ case kSSLProtocol3:
+ doSslV3 = false;
+ break;
+ case kSSLProtocol2:
+ doSslV3 = false;
+ doSslV2 = false;
+ break;
+ default:
+ break;
+ }
+ ourRtn += verifyProtocol(verifyProt, maxProtocol, kTLSProtocol1,
+ pargs.negVersion);
+ }
+ /* note we do this regardless since the client state might be
+ * the cause of a failure */
+ ourRtn += verifyClientCertState(vfyCertState, expectCertState,
+ pargs.certState);
+ }
+ if(doSslV3) {
+ pargs.tryVersion = protXOnly ? kSSLProtocol3Only : kSSLProtocol3;
+ pargs.acceptedProts = NULL;
+ if(!pargs.silent) {
+ printf("Connecting to host %s with SSL V3...\n", pargs.hostName);
+ }
+ fflush(stdout);
+ err = sslPing(&pargs);
+ if(err) {
+ ourRtn++;
+ }
+ if(!pargs.quiet) {
+ if(fileBase) {
+ sprintf(fullFileBase, "%s_v3.0", fileBase);
+ }
+ showSSLResult(pargs,
+ err,
+ displayCerts,
+ fileBase ? fullFileBase : NULL,
+ dnFileBase);
+ }
+ freePingArgs(&pargs);
+ if(!err) {
+ /* deal with fallbacks, skipping redundant tests */
+ switch(pargs.negVersion) {
+ case kSSLProtocol2:
+ doSslV2 = false;
+ break;
+ default:
+ break;
+ }
+ ourRtn += verifyProtocol(verifyProt, maxProtocol, kSSLProtocol3,
+ pargs.negVersion);
+ }
+ /* note we do this regardless since the client state might be
+ * the cause of a failure */
+ ourRtn += verifyClientCertState(vfyCertState, expectCertState,
+ pargs.certState);
+ }
+
+ if(doSslV2) {
+ if(fileBase) {
+ sprintf(fullFileBase, "%s_v2", fileBase);
+ }
+ if(!pargs.silent) {
+ printf("Connecting to host %s with SSL V2...\n", pargs.hostName);
+ }
+ fflush(stdout);
+ pargs.tryVersion = kSSLProtocol2;
+ pargs.acceptedProts = NULL;
+ err = sslPing(&pargs);
+ if(err) {
+ ourRtn++;
+ }
+ if(!pargs.quiet) {
+ if(fileBase) {
+ sprintf(fullFileBase, "%s_v2", fileBase);
+ }
+ showSSLResult(pargs,
+ err,
+ displayCerts,
+ fileBase ? fullFileBase : NULL,
+ dnFileBase);
+ }
+ freePingArgs(&pargs);
+ if(!err) {
+ ourRtn += verifyProtocol(verifyProt, maxProtocol, kSSLProtocol2,
+ pargs.negVersion);
+ }
+ /* note we do this regardless since the client state might be
+ * the cause of a failure */
+ ourRtn += verifyClientCertState(vfyCertState, expectCertState,
+ pargs.certState);
+ }
+ if(doProtUnknown) {
+ if(!pargs.silent) {
+ printf("Connecting to host %s with kSSLProtocolUnknown...\n",
+ pargs.hostName);
+ }
+ fflush(stdout);
+ pargs.tryVersion = kSSLProtocolUnknown;
+ pargs.acceptedProts = NULL;
+ err = sslPing(&pargs);
+ if(err) {
+ ourRtn++;
+ }
+ if(!pargs.quiet) {
+ if(fileBase) {
+ sprintf(fullFileBase, "%s_def", fileBase);
+ }
+ showSSLResult(pargs,
+ err,
+ displayCerts,
+ fileBase ? fullFileBase : NULL,
+ dnFileBase);
+ }
+ freePingArgs(&pargs);
+ }
+ if(acceptedProts != NULL) {
+ pargs.acceptedProts = acceptedProts;
+ pargs.tryVersion = kSSLProtocolUnknown; // not used
+ if(!pargs.silent) {
+ printf("Connecting to host %s with acceptedProts %s...\n",
+ pargs.hostName, pargs.acceptedProts);
+ }
+ fflush(stdout);
+ err = sslPing(&pargs);
+ if(err) {
+ ourRtn++;
+ }
+ if(!pargs.quiet) {
+ if(fileBase) {
+ sprintf(fullFileBase, "%s_def", fileBase);
+ }
+ showSSLResult(pargs,
+ err,
+ displayCerts,
+ fileBase ? fullFileBase : NULL,
+ dnFileBase);
+ }
+ freePingArgs(&pargs);
+ }
+ if(doPause ||
+ (pauseFirstLoop &&
+ /* pause after first, before last to grab trace */
+ ((loop == 0) || (loop == loopCount - 1))
+ )
+ ) {
+ char resp;
+ fpurge(stdin);
+ printf("a to abort, c to continue: ");
+ resp = getchar();
+ if(resp == 'a') {
+ break;
+ }
+ }
+ } /* main loop */
+ if(displayHandshakeTimes) {
+ CFAbsoluteTime totalTime;
+ unsigned numHandshakes;
+ if(pargs.numHandshakes == 1) {
+ /* just display the first one */
+ totalTime = pargs.handshakeTimeFirst;
+ numHandshakes = 1;
+ }
+ else {
+ /* skip the first one */
+ totalTime = pargs.handshakeTimeTotal;
+ numHandshakes = pargs.numHandshakes - 1;
+ }
+ if(numHandshakes != 0) {
+ printf(" %u handshakes in %f seconds; %f seconds per handshake\n",
+ numHandshakes, totalTime,
+ (totalTime / numHandshakes));
+ }
+ }
+ printCertShutdown();
+ if(ourRtn) {
+ printf("===%s exiting with %d %s for host %s\n", argv[0], ourRtn,
+ (ourRtn > 1) ? "errors" : "error", pargs.hostName);
+ }
+ return ourRtn;
+
+}
+
+
projects / apple / security.git / blobdiff