search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Version 1.8.0.2 - CVE-2024-54661: Arbitrary file overwrite in readline.sh
[socat.git] / sslcls.c
blob4e29d71baca4b3c0e7aa26b48cece5e1a9d58e93
1 /* source: sslcls.c */
2 /* Copyright Gerhard Rieger and contributors (see file CHANGES) */
3 /* Published under the GNU General Public License V.2, see file COPYING */
4
5 /* explicit system call and C library trace function, for those who miss strace
6 */
7
8 #include "config.h"
9 #include "xioconfig.h" /* what features are enabled */
10
11 #if WITH_SYCLS && WITH_OPENSSL
12
13 #include "sysincludes.h"
14
15 #include "mytypes.h"
16 #include "compat.h"
17 #include "errno.h"
18
19 #include "error.h"
20 #include "filan.h"
21 #include "sysutils.h"
22 #include "sycls.h"
23
24 #if HAVE_OPENSSL_INIT_SSL
25 /* OpenBSD 7.2 does not know OPENSSL_INIT_SETTING */
26 int sycOPENSSL_init_ssl(uint64_t opts, const void *settings) {
27 int result;
28 Debug2("OPENSSL_init_ssl("F_uint64_t", %p)", opts, settings);
29 result = OPENSSL_init_ssl(opts, settings);
30 Debug1("OPENSSL_init_ssl() -> %d", result);
31 return result;
32 }
33 #endif
34
35 #if !(defined(HAVE_OPENSSL_INIT_SSL) && defined(HAVE_OPENSSL_INIT_new))
36 void sycSSL_load_error_strings(void) {
37 Debug("SSL_load_error_strings()");
38 SSL_load_error_strings();
39 Debug("SSL_load_error_strings() ->");
40 }
41 #endif
42
43 #if HAVE_SSL_library_init
44 int sycSSL_library_init(void) {
45 int result;
46 Debug("SSL_library_init()");
47 result = SSL_library_init();
48 Debug1("SSL_library_init() -> %d", result);
49 return result;
50 }
51 #endif
52
53 #if HAVE_TLS_client_method
54 const SSL_METHOD *sycTLS_client_method(void) {
55 const SSL_METHOD *result;
56 Debug("TLS_client_method()");
57 result = TLS_client_method();
58 Debug1("TLS_client_method() -> %p", result);
59 return result;
60 }
61 #endif
62
63 #if HAVE_TLS_server_method
64 const SSL_METHOD *sycTLS_server_method(void) {
65 const SSL_METHOD *result;
66 Debug("TLS_server_method()");
67 result = TLS_server_method();
68 Debug1("TLS_server_method() -> %p", result);
69 return result;
70 }
71 #endif
72
73 #if HAVE_SSLv2_client_method
74 const SSL_METHOD *sycSSLv2_client_method(void) {
75 const SSL_METHOD *result;
76 Debug("SSLv2_client_method()");
77 result = SSLv2_client_method();
78 Debug1("SSLv2_client_method() -> %p", result);
79 return result;
80 }
81 #endif
82
83 #if HAVE_SSLv2_server_method
84 const SSL_METHOD *sycSSLv2_server_method(void) {
85 const SSL_METHOD *result;
86 Debug("SSLv2_server_method()");
87 result = SSLv2_server_method();
88 Debug1("SSLv2_server_method() -> %p", result);
89 return result;
90 }
91 #endif
92
93 #if HAVE_SSLv3_client_method
94 const SSL_METHOD *sycSSLv3_client_method(void) {
95 const SSL_METHOD *result;
96 Debug("SSLv3_client_method()");
97 result = SSLv3_client_method();
98 Debug1("SSLv3_client_method() -> %p", result);
99 return result;
100 }
101 #endif
102
103 #if HAVE_SSLv3_server_method
104 const SSL_METHOD *sycSSLv3_server_method(void) {
105 const SSL_METHOD *result;
106 Debug("SSLv3_server_method()");
107 result = SSLv3_server_method();
108 Debug1("SSLv3_server_method() -> %p", result);
109 return result;
110 }
111 #endif
112
113 const SSL_METHOD *sycSSLv23_client_method(void) {
114 const SSL_METHOD *result;
115 Debug("SSLv23_client_method()");
116 result = SSLv23_client_method();
117 Debug1("SSLv23_client_method() -> %p", result);
118 return result;
119 }
120
121 const SSL_METHOD *sycSSLv23_server_method(void) {
122 const SSL_METHOD *result;
123 Debug("SSLv23_server_method()");
124 result = SSLv23_server_method();
125 Debug1("SSLv23_server_method() -> %p", result);
126 return result;
127 }
128
129 #if HAVE_TLSv1_client_method
130 const SSL_METHOD *sycTLSv1_client_method(void) {
131 const SSL_METHOD *result;
132 Debug("TLSv1_client_method()");
133 result = TLSv1_client_method();
134 Debug1("TLSv1_client_method() -> %p", result);
135 return result;
136 }
137 #endif
138
139 #if HAVE_TLSv1_server_method
140 const SSL_METHOD *sycTLSv1_server_method(void) {
141 const SSL_METHOD *result;
142 Debug("TLSv1_server_method()");
143 result = TLSv1_server_method();
144 Debug1("TLSv1_server_method() -> %p", result);
145 return result;
146 }
147 #endif
148
149 #if HAVE_TLSv1_1_client_method
150 const SSL_METHOD *sycTLSv1_1_client_method(void) {
151 const SSL_METHOD *result;
152 Debug("TLSv1_1_client_method()");
153 result = TLSv1_1_client_method();
154 Debug1("TLSv1_1_client_method() -> %p", result);
155 return result;
156 }
157 #endif
158
159 #if HAVE_TLSv1_1_server_method
160 const SSL_METHOD *sycTLSv1_1_server_method(void) {
161 const SSL_METHOD *result;
162 Debug("TLSv1_1_server_method()");
163 result = TLSv1_1_server_method();
164 Debug1("TLSv1_1_server_method() -> %p", result);
165 return result;
166 }
167 #endif
168
169 #if HAVE_TLSv1_2_client_method
170 const SSL_METHOD *sycTLSv1_2_client_method(void) {
171 const SSL_METHOD *result;
172 Debug("TLSv1_2_client_method()");
173 result = TLSv1_2_client_method();
174 Debug1("TLSv1_2_client_method() -> %p", result);
175 return result;
176 }
177 #endif
178
179 #if HAVE_TLSv1_2_server_method
180 const SSL_METHOD *sycTLSv1_2_server_method(void) {
181 const SSL_METHOD *result;
182 Debug("TLSv1_2_server_method()");
183 result = TLSv1_2_server_method();
184 Debug1("TLSv1_2_server_method() -> %p", result);
185 return result;
186 }
187 #endif
188
189 #if HAVE_DTLS_client_method
190 const SSL_METHOD *sycDTLS_client_method(void) {
191 const SSL_METHOD *result;
192 Debug("DTLS_client_method()");
193 result = DTLS_client_method();
194 Debug1("DTLS_client_method() -> %p", result);
195 return result;
196 }
197 #endif
198
199 #if HAVE_DTLS_server_method
200 const SSL_METHOD *sycDTLS_server_method(void) {
201 const SSL_METHOD *result;
202 Debug("DTLS_server_method()");
203 result = DTLS_server_method();
204 Debug1("DTLS_server_method() -> %p", result);
205 return result;
206 }
207 #endif
208
209 #if HAVE_DTLSv1_client_method
210 const SSL_METHOD *sycDTLSv1_client_method(void) {
211 const SSL_METHOD *result;
212 Debug("DTLSv1_client_method()");
213 result = DTLSv1_client_method();
214 Debug1("DTLSv1_client_method() -> %p", result);
215 return result;
216 }
217 #endif
218
219 #if HAVE_DTLSv1_server_method
220 const SSL_METHOD *sycDTLSv1_server_method(void) {
221 const SSL_METHOD *result;
222 Debug("DTLSv1_server_method()");
223 result = DTLSv1_server_method();
224 Debug1("DTLSv1_server_method() -> %p", result);
225 return result;
226 }
227 #endif
228
229 #if HAVE_DTLSv1_2_client_method
230 const SSL_METHOD *sycDTLSv1_2_client_method(void) {
231 const SSL_METHOD *result;
232 Debug("DTLSv1_2_client_method()");
233 result = DTLSv1_2_client_method();
234 Debug1("DTLSv1_2_client_method() -> %p", result);
235 return result;
236 }
237 #endif
238
239 #if HAVE_DTLSv1_2_server_method
240 const SSL_METHOD *sycDTLSv1_2_server_method(void) {
241 const SSL_METHOD *result;
242 Debug("DTLSv1_2_server_method()");
243 result = DTLSv1_2_server_method();
244 Debug1("DTLSv1_2_server_method() -> %p", result);
245 return result;
246 }
247 #endif
248
249 SSL_CTX *sycSSL_CTX_new(const SSL_METHOD *method) {
250 SSL_CTX *result;
251 Debug1("SSL_CTX_new(%p)", method);
252 result = SSL_CTX_new(method);
253 Debug1("SSL_CTX_new() -> %p", result);
254 return result;
255 }
256
257 SSL *sycSSL_new(SSL_CTX *ctx) {
258 SSL *result;
259 Debug1("SSL_new(%p)", ctx);
260 result = SSL_new(ctx);
261 Debug1("SSL_new() -> %p", result);
262 return result;
263 }
264
265 int sycSSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
266 const char *CApath) {
267 int result;
268 Debug7("SSL_CTX_load_verify_locations(%p, %s%s%s, %s%s%s)", ctx,
269 CAfile?"\"":"", CAfile?CAfile:"", CAfile?"\"":"",
270 CApath?"\"":"", CApath?CApath:"", CApath?"\"":"");
271 result = SSL_CTX_load_verify_locations(ctx, CAfile, CApath);
272 Debug1("SSL_CTX_load_verify_locations() -> %d", result);
273 return result;
274 }
275
276 int sycSSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) {
277 int result;
278 Debug3("SSL_CTX_use_certificate_file(%p, \"%s\", %d)", ctx, file, type);
279 result = SSL_CTX_use_certificate_file(ctx, file, type);
280 Debug1("SSL_CTX_use_certificate_file() -> %d", result);
281 return result;
282 }
283
284 int sycSSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) {
285 int result;
286 Debug2("SSL_CTX_use_certificate_chain_file(%p, \"%s\")", ctx, file);
287 result = SSL_CTX_use_certificate_chain_file(ctx, file);
288 Debug1("SSL_CTX_use_certificate_chain_file() -> %d", result);
289 return result;
290 }
291
292 int sycSSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) {
293 int result;
294 Debug3("SSL_CTX_use_PrivateKey_file(%p, \"%s\", %d)", ctx, file, type);
295 result = SSL_CTX_use_PrivateKey_file(ctx, file, type);
296 Debug1("SSL_CTX_use_PrivateKey_file() -> %d", result);
297 return result;
298 }
299
300 void sycSSL_CTX_set_verify(SSL_CTX *ctx, int mode,
301 int (*verify_callback)(int, X509_STORE_CTX *)) {
302 Debug3("SSL_CTX_set_verify(%p, %u, %p)", ctx, mode, verify_callback);
303 SSL_CTX_set_verify(ctx, mode, verify_callback);
304 Debug("SSL_CTX_set_verify() -> ");
305 }
306
307 int sycSSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) {
308 int result;
309 Debug2("SSL_CTX_set_cipher_list(%p, \"%s\")", ctx, str);
310 result = SSL_CTX_set_cipher_list(ctx, str);
311 Debug1("SSL_CTX_set_cipher_list() -> %d", result);
312 return result;
313 }
314
315 int sycSSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh) {
316 int result;
317 Debug2("SSL_CTX_set_tmp_dh(%p, %p)", ctx, dh);
318 result = SSL_CTX_set_tmp_dh(ctx, dh);
319 Debug1("SSL_CTX_set_tmp_dh() -> %d", result);
320 return result;
321 }
322
323 #if HAVE_SSL_CTX_set_tlsext_max_fragment_length || defined(SSL_CTX_set_tlsext_max_fragment_length)
324 int sycSSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode) {
325 int result;
326 Debug2("SSL_CTX_set_tlsext_max_fragment_length(%p, %u)", ctx, mode);
327 result = SSL_CTX_set_tlsext_max_fragment_length(ctx, mode);
328 Debug1("SSL_CTX_set_tlsext_max_fragment_length() -> %d", result);
329 return result;
330 }
331 #endif
332
333 #if HAVE_SSL_CTX_set_max_send_fragment || defined(SSL_CTX_set_max_send_fragment)
334 int sycSSL_CTX_set_max_send_fragment(SSL_CTX *ctx, long msf) {
335 int result;
336 Debug2("SSL_CTX_set_max_send_fragment(%p, %ld)", ctx, msf);
337 result = SSL_CTX_set_max_send_fragment(ctx, msf);
338 Debug1("SSL_CTX_set_max_send_fragment() -> %d", result);
339 return result;
340 }
341 #endif
342
343 int sycSSL_set_cipher_list(SSL *ssl, const char *str) {
344 int result;
345 Debug2("SSL_set_cipher_list(%p, \"%s\")", ssl, str);
346 result = SSL_set_cipher_list(ssl, str);
347 Debug1("SSL_set_cipher_list() -> %d", result);
348 return result;
349 }
350
351 long sycSSL_get_verify_result(SSL *ssl) {
352 long result;
353 Debug1("SSL_get_verify_result(%p)", ssl);
354 result = SSL_get_verify_result(ssl);
355 Debug1("SSL_get_verify_result() -> %lx", result);
356 return result;
357 }
358
359 int sycSSL_set_fd(SSL *ssl, int fd) {
360 int result;
361 Debug2("SSL_set_fd(%p, %d)", ssl, fd);
362 result = SSL_set_fd(ssl, fd);
363 Debug1("SSL_set_fd() -> %d", result);
364 return result;
365 }
366
367 int sycSSL_connect(SSL *ssl) {
368 int result;
369 Debug1("SSL_connect(%p)", ssl);
370 result = SSL_connect(ssl);
371 Debug1("SSL_connect() -> %d", result);
372 return result;
373 }
374
375 int sycSSL_accept(SSL *ssl) {
376 int result;
377 Debug1("SSL_accept(%p)", ssl);
378 result = SSL_accept(ssl);
379 Debug1("SSL_accept() -> %d", result);
380 return result;
381 }
382
383 int sycSSL_read(SSL *ssl, void *buf, int num) {
384 int result;
385 Debug3("SSL_read(%p, %p, %d)", ssl, buf, num);
386 result = SSL_read(ssl, buf, num);
387 Debug1("SSL_read() -> %d", result);
388 return result;
389 }
390
391 int sycSSL_pending(SSL *ssl) {
392 int result;
393 Debug1("SSL_pending(%p)", ssl);
394 result = SSL_pending(ssl);
395 Debug1("SSL_pending() -> %d", result);
396 return result;
397 }
398
399 int sycSSL_write(SSL *ssl, const void *buf, int num) {
400 int result;
401 Debug3("SSL_write(%p, %p, %d)", ssl, buf, num);
402 result = SSL_write(ssl, buf, num);
403 Debug1("SSL_write() -> %d", result);
404 return result;
405 }
406
407 X509 *sycSSL_get_peer_certificate(SSL *ssl) {
408 X509 *result;
409 Debug1("SSL_get_peer_certificate(%p)", ssl);
410 result = SSL_get_peer_certificate(ssl);
411 if (result) {
412 Debug1("SSL_get_peer_certificate() -> %p", result);
413 } else {
414 Debug("SSL_get_peer_certificate() -> NULL");
415 }
416 return result;
417 }
418
419 int sycSSL_shutdown(SSL *ssl) {
420 int result;
421 Debug1("SSL_shutdown(%p)", ssl);
422 result = SSL_shutdown(ssl);
423 Debug1("SSL_shutdown() -> %d", result);
424 return result;
425 }
426
427 void sycSSL_CTX_free(SSL_CTX *ctx) {
428 Debug1("SSL_CTX_free(%p)", ctx);
429 SSL_CTX_free(ctx);
430 Debug("SSL_CTX_free() -> void");
431 return;
432 }
433
434 void sycSSL_free(SSL *ssl) {
435 Debug1("SSL_free(%p)", ssl);
436 SSL_free(ssl);
437 Debug("SSL_free() -> void");
438 return;
439 }
440
441 #if !defined(OPENSSL_NO_EGD) && HAVE_RAND_egd
442 int sycRAND_egd(const char *path) {
443 int result;
444 Debug1("RAND_egd(\"%s\")", path);
445 result = RAND_egd(path);
446 Debug1("RAND_egd() -> %d", result);
447 return result;
448 }
449 #endif
450
451 DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) {
452 DH *result;
453 Debug4("PEM_read_bio_DHparams(%p, %p, %p, %p)",
454 bp, x, cb, u);
455 result = PEM_read_bio_DHparams(bp, x, cb, u);
456 if (result) {
457 /*Debug2("PEM_read_bio_DHparams(, {%p},,) -> %p", *x, result);*/
458 Debug1("PEM_read_bio_DHparams() -> %p", result);
459 } else {
460 Debug("PEM_read_bio_DHparams() -> NULL");
461 }
462 return result;
463 }
464
465 BIO *sycBIO_new_file(const char *filename, const char *mode) {
466 BIO *result;
467 Debug2("BIO_new_file(\"%s\", \"%s\")", filename, mode);
468 result = BIO_new_file(filename, mode);
469 if (result) {
470 Debug1("BIO_new_file() -> %p", result);
471 } else {
472 Debug("BIO_new_file() -> NULL");
473 }
474 return result;
475 }
476
477 #if WITH_FIPS
478 int sycFIPS_mode_set(int onoff) {
479 int result;
480 Debug1("FIPS_mode_set(%d)", onoff);
481 result = FIPS_mode_set(onoff);
482 Debug1("FIPS_mode_set() -> %d", result);
483 return result;
484 }
485 #endif /* WITH_FIPS */
486
487 #if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
488 const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl) {
489 const COMP_METHOD *result;
490 Debug1("SSL_get_current_compression(%p)", ssl);
491 result = SSL_get_current_compression(ssl);
492 if (result) {
493 Debug1("SSL_get_current_compression() -> %p", result);
494 } else {
495 Debug("SSL_get_current_compression() -> NULL");
496 }
497 return result;
498 }
499
500 const COMP_METHOD *sycSSL_get_current_expansion(SSL *ssl) {
501 const COMP_METHOD *result;
502 Debug1("SSL_get_current_expansion(%p)", ssl);
503 result = SSL_get_current_expansion(ssl);
504 if (result) {
505 Debug1("SSL_get_current_expansion() -> %p", result);
506 } else {
507 Debug("SSL_get_current_expansion() -> NULL");
508 }
509 return result;
510 }
511
512 const char *sycSSL_COMP_get_name(const COMP_METHOD *comp) {
513 const char *result;
514 Debug1("SSL_COMP_get_name(%p)", comp);
515 result = SSL_COMP_get_name(comp);
516 if (result) {
517 Debug1("SSL_COMP_get_name() -> \"%s\"", result);
518 } else {
519 Debug("SSL_COMP_get_name() -> NULL");
520 }
521 return result;
522 }
523 #endif
524
525 #endif /* WITH_SYCLS && WITH_OPENSSL */
Relay for bidirectional data transfer