lib/tls/openssl/openssl-client.c - platform/external/libwebsockets - Git at Google

 /*
  * libwebsockets - openSSL-specific client tls code
  *
  * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
  *
  *  This library is free software; you can redistribute it and/or
  *  modify it under the terms of the GNU Lesser General Public
  *  License as published by the Free Software Foundation:
  *  version 2.1 of the License.
  *
  *  This library is distributed in the hope that it will be useful,
  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  *  Lesser General Public License for more details.
  *
  *  You should have received a copy of the GNU Lesser General Public
  *  License along with this library; if not, write to the Free Software
  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
  *  MA  02110-1301  USA
  */

 #include "private-libwebsockets.h"

 extern int openssl_websocket_private_data_index,
     openssl_SSL_CTX_private_data_index;

 #if !defined(USE_WOLFSSL)

 static int
 OpenSSL_client_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
 {
 	SSL *ssl;
 	int n;
 	struct lws *wsi;

 	/* keep old behaviour accepting self-signed server certs */
 	if (!preverify_ok) {
 		int err = X509_STORE_CTX_get_error(x509_ctx);

 		if (err != X509_V_OK) {
 			ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
 			wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);

 			if ((err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
 					err == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) &&
 					wsi->use_ssl & LCCSCF_ALLOW_SELFSIGNED) {
 				lwsl_notice("accepting self-signed certificate (verify_callback)\n");
 				X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
 				return 1;	// ok
 			} else if ((err == X509_V_ERR_CERT_NOT_YET_VALID ||
 					err == X509_V_ERR_CERT_HAS_EXPIRED) &&
 					wsi->use_ssl & LCCSCF_ALLOW_EXPIRED) {
 				if (err == X509_V_ERR_CERT_NOT_YET_VALID)
 					lwsl_notice("accepting not yet valid certificate (verify_callback)\n");
 				else if (err == X509_V_ERR_CERT_HAS_EXPIRED)
 					lwsl_notice("accepting expired certificate (verify_callback)\n");
 				X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
 				return 1;	// ok
 			}
 		}
 	}

 	ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
 	wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);

 	n = lws_get_context_protocol(wsi->context, 0).callback(wsi,
 			LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION,
 			x509_ctx, ssl, preverify_ok);

 	/* keep old behaviour if something wrong with server certs */
 	/* if ssl error is overruled in callback and cert is ok,
 	 * X509_STORE_CTX_set_error(x509_ctx, X509_V_OK); must be set and
 	 * return value is 0 from callback */
 	if (!preverify_ok) {
 		int err = X509_STORE_CTX_get_error(x509_ctx);

 		if (err != X509_V_OK) {	/* cert validation error was not handled in callback */
 			int depth = X509_STORE_CTX_get_error_depth(x509_ctx);
 			const char* msg = X509_verify_cert_error_string(err);
 			lwsl_err("SSL error: %s (preverify_ok=%d;err=%d;depth=%d)\n", msg, preverify_ok, err, depth);
 			return preverify_ok;	// not ok
 		}
 	}
 	/* convert callback return code from 0 = OK to verify callback return value 1 = OK */
 	return !n;
 }
 #endif

 int
 lws_ssl_client_bio_create(struct lws *wsi)
 {
 #if defined LWS_HAVE_X509_VERIFY_PARAM_set1_host
 	X509_VERIFY_PARAM *param;
 #endif
 	char hostname[128], *p;

 	if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
 			 _WSI_TOKEN_CLIENT_HOST) <= 0) {
 		lwsl_err("%s: Unable to get hostname\n", __func__);

 		return -1;
 	}

 	/*
 	 * remove any :port part on the hostname... necessary for network
 	 * connection but typical certificates do not contain it
 	 */
 	p = hostname;
 	while (*p) {
 		if (*p == ':') {
 			*p = '\0';
 			break;
 		}
 		p++;
 	}

 	wsi->ssl = SSL_new(wsi->vhost->ssl_client_ctx);
 	if (!wsi->ssl) {
 		lwsl_err("SSL_new failed: %s\n",
 		         ERR_error_string(lws_ssl_get_error(wsi, 0), NULL));
 		lws_ssl_elaborate_error();
 		return -1;
 	}

 #if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK)
 	if (wsi->vhost->ssl_info_event_mask)
 		SSL_set_info_callback(wsi->ssl, lws_ssl_info_callback);
 #endif

 #if defined LWS_HAVE_X509_VERIFY_PARAM_set1_host
 	if (!(wsi->use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) {
 		param = SSL_get0_param(wsi->ssl);
 		/* Enable automatic hostname checks */
 		X509_VERIFY_PARAM_set_hostflags(param,
 						X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
 		X509_VERIFY_PARAM_set1_host(param, hostname, 0);
 	}
 #endif

 #if !defined(USE_WOLFSSL)
 #ifndef USE_OLD_CYASSL
 	/* OpenSSL_client_verify_callback will be called @ SSL_connect() */
 	SSL_set_verify(wsi->ssl, SSL_VERIFY_PEER, OpenSSL_client_verify_callback);
 #endif
 #endif

 #if !defined(USE_WOLFSSL)
 	SSL_set_mode(wsi->ssl,  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 #endif
 	/*
 	 * use server name indication (SNI), if supported,
 	 * when establishing connection
 	 */
 #ifdef USE_WOLFSSL
 #ifdef USE_OLD_CYASSL
 #ifdef CYASSL_SNI_HOST_NAME
 	CyaSSL_UseSNI(wsi->ssl, CYASSL_SNI_HOST_NAME, hostname, strlen(hostname));
 #endif
 #else
 #ifdef WOLFSSL_SNI_HOST_NAME
 	wolfSSL_UseSNI(wsi->ssl, WOLFSSL_SNI_HOST_NAME, hostname, strlen(hostname));
 #endif
 #endif
 #else
 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
 	SSL_set_tlsext_host_name(wsi->ssl, hostname);
 #endif
 #endif

 #ifdef USE_WOLFSSL
 	/*
 	 * wolfSSL/CyaSSL does certificate verification differently
 	 * from OpenSSL.
 	 * If we should ignore the certificate, we need to set
 	 * this before SSL_new and SSL_connect is called.
 	 * Otherwise the connect will simply fail with error code -155
 	 */
 #ifdef USE_OLD_CYASSL
 	if (wsi->use_ssl == 2)
 		CyaSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL);
 #else
 	if (wsi->use_ssl == 2)
 		wolfSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL);
 #endif
 #endif /* USE_WOLFSSL */

 	wsi->client_bio = BIO_new_socket((int)(long long)wsi->desc.sockfd, BIO_NOCLOSE);
 	SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio);

 #ifdef USE_WOLFSSL
 #ifdef USE_OLD_CYASSL
 	CyaSSL_set_using_nonblock(wsi->ssl, 1);
 #else
 	wolfSSL_set_using_nonblock(wsi->ssl, 1);
 #endif
 #else
 	BIO_set_nbio(wsi->client_bio, 1); /* nonblocking */
 #endif

 	SSL_set_ex_data(wsi->ssl, openssl_websocket_private_data_index, wsi);

 	return 0;
 }

 enum lws_ssl_capable_status
 lws_tls_client_connect(struct lws *wsi)
 {
 	int m, n = SSL_connect(wsi->ssl);

 	if (n == 1)
 		return LWS_SSL_CAPABLE_DONE;

 	m = lws_ssl_get_error(wsi, n);

 	if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->ssl))
 		return LWS_SSL_CAPABLE_MORE_SERVICE_READ;

 	if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->ssl))
 		return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE;

 	if (!n) /* we don't know what he wants, but he says to retry */
 		return LWS_SSL_CAPABLE_MORE_SERVICE;

 	return LWS_SSL_CAPABLE_ERROR;
 }

 int
 lws_tls_client_confirm_peer_cert(struct lws *wsi)
 {
 #ifndef USE_WOLFSSL
 	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
 	char *p = (char *)&pt->serv_buf[0];
 	char *sb = p;
 	int n;

 	lws_latency_pre(wsi->context, wsi);
 	n = SSL_get_verify_result(wsi->ssl);
 	lws_latency(wsi->context, wsi,
 		"SSL_get_verify_result LWS_CONNMODE..HANDSHAKE", n, n > 0);

 	lwsl_debug("get_verify says %d\n", n);

 	if (n != X509_V_OK) {
 		if ((n == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
 		     n == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) &&
 		     (wsi->use_ssl & LCCSCF_ALLOW_SELFSIGNED)) {
 			lwsl_notice("accepting self-signed certificate\n");
 		} else if ((n == X509_V_ERR_CERT_NOT_YET_VALID ||
 		            n == X509_V_ERR_CERT_HAS_EXPIRED) &&
 		     (wsi->use_ssl & LCCSCF_ALLOW_EXPIRED)) {
 			lwsl_notice("accepting expired certificate\n");
 		} else if (n == X509_V_ERR_CERT_NOT_YET_VALID) {
 			lwsl_notice("Cert is from the future... "
 				    "probably our clock... accepting...\n");
 		} else {
 			lwsl_err("server's cert didn't look good, X509_V_ERR = %d: %s\n",
 				 n, ERR_error_string(n, sb));
 			lws_ssl_elaborate_error();
 			return -1;
 		}
 	}
 #endif /* USE_WOLFSSL */

 	return 0;
 }

 int
 lws_tls_client_create_vhost_context(struct lws_vhost *vh,
 				    struct lws_context_creation_info *info,
 				    const char *cipher_list,
 				    const char *ca_filepath,
 				    const char *cert_filepath,
 				    const char *private_key_filepath)
 {
 	SSL_METHOD *method;
 	unsigned long error;
 	int n;

 	/* basic openssl init already happened in context init */

 	/* choose the most recent spin of the api */
 #if defined(LWS_HAVE_TLS_CLIENT_METHOD)
 	method = (SSL_METHOD *)TLS_client_method();
 #elif defined(LWS_HAVE_TLSV1_2_CLIENT_METHOD)
 	method = (SSL_METHOD *)TLSv1_2_client_method();
 #else
 	method = (SSL_METHOD *)SSLv23_client_method();
 #endif

 	if (!method) {
 		error = ERR_get_error();
 		lwsl_err("problem creating ssl method %lu: %s\n",
 			error, ERR_error_string(error,
 				      (char *)vh->context->pt[0].serv_buf));
 		return 1;
 	}
 	/* create context */
 	vh->ssl_client_ctx = SSL_CTX_new(method);
 	if (!vh->ssl_client_ctx) {
 		error = ERR_get_error();
 		lwsl_err("problem creating ssl context %lu: %s\n",
 			error, ERR_error_string(error,
 				      (char *)vh->context->pt[0].serv_buf));
 		return 1;
 	}

 #ifdef SSL_OP_NO_COMPRESSION
 	SSL_CTX_set_options(vh->ssl_client_ctx, SSL_OP_NO_COMPRESSION);
 #endif

 	SSL_CTX_set_options(vh->ssl_client_ctx,
 			    SSL_OP_CIPHER_SERVER_PREFERENCE);

 	if (cipher_list)
 		SSL_CTX_set_cipher_list(vh->ssl_client_ctx, cipher_list);

 #ifdef LWS_SSL_CLIENT_USE_OS_CA_CERTS
 	if (!lws_check_opt(vh->options, LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS))
 		/* loads OS default CA certs */
 		SSL_CTX_set_default_verify_paths(vh->ssl_client_ctx);
 #endif

 	/* openssl init for cert verification (for client sockets) */
 	if (!ca_filepath) {
 		if (!SSL_CTX_load_verify_locations(
 			vh->ssl_client_ctx, NULL, LWS_OPENSSL_CLIENT_CERTS))
 			lwsl_err("Unable to load SSL Client certs from %s "
 			    "(set by LWS_OPENSSL_CLIENT_CERTS) -- "
 			    "client ssl isn't going to work\n",
 			    LWS_OPENSSL_CLIENT_CERTS);
 	} else
 		if (!SSL_CTX_load_verify_locations(
 			vh->ssl_client_ctx, ca_filepath, NULL)) {
 			lwsl_err(
 				"Unable to load SSL Client certs "
 				"file from %s -- client ssl isn't "
 				"going to work\n", ca_filepath);
 			lws_ssl_elaborate_error();
 		}
 		else
 			lwsl_info("loaded ssl_ca_filepath\n");

 	/*
 	 * callback allowing user code to load extra verification certs
 	 * helping the client to verify server identity
 	 */

 	/* support for client-side certificate authentication */
 	if (cert_filepath) {
 		if (lws_tls_use_any_upgrade_check_extant(cert_filepath) != LWS_TLS_EXTANT_YES &&
 		    (info->options & LWS_SERVER_OPTION_IGNORE_MISSING_CERT))
 			return 0;

 		lwsl_notice("%s: doing cert filepath %s\n", __func__, cert_filepath);
 		n = SSL_CTX_use_certificate_chain_file(vh->ssl_client_ctx,
 						       cert_filepath);
 		if (n < 1) {
 			lwsl_err("problem %d getting cert '%s'\n", n,
 				 cert_filepath);
 			lws_ssl_elaborate_error();
 			return 1;
 		}
 		lwsl_notice("Loaded client cert %s\n", cert_filepath);
 	}
 	if (private_key_filepath) {
 		lwsl_notice("%s: doing private key filepath\n", __func__);
 		lws_ssl_bind_passphrase(vh->ssl_client_ctx, info);
 		/* set the private key from KeyFile */
 		if (SSL_CTX_use_PrivateKey_file(vh->ssl_client_ctx,
 		    private_key_filepath, SSL_FILETYPE_PEM) != 1) {
 			lwsl_err("use_PrivateKey_file '%s'\n",
 				 private_key_filepath);
 			lws_ssl_elaborate_error();
 			return 1;
 		}
 		lwsl_notice("Loaded client cert private key %s\n",
 			    private_key_filepath);

 		/* verify private key */
 		if (!SSL_CTX_check_private_key(vh->ssl_client_ctx)) {
 			lwsl_err("Private SSL key doesn't match cert\n");
 			return 1;
 		}
 	}

 	return 0;
 }
	/*
	* libwebsockets - openSSL-specific client tls code
	*
	* Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
	*
	* This library is free software; you can redistribute it and/or
	* modify it under the terms of the GNU Lesser General Public
	* License as published by the Free Software Foundation:
	* version 2.1 of the License.
	*
	* This library is distributed in the hope that it will be useful,
	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	* Lesser General Public License for more details.
	*
	* You should have received a copy of the GNU Lesser General Public
	* License along with this library; if not, write to the Free Software
	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
	* MA 02110-1301 USA
	*/

	#include "private-libwebsockets.h"

	extern int openssl_websocket_private_data_index,
	openssl_SSL_CTX_private_data_index;

	#if !defined(USE_WOLFSSL)

	static int
	OpenSSL_client_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
	{
	SSL *ssl;
	int n;
	struct lws *wsi;

	/* keep old behaviour accepting self-signed server certs */
	if (!preverify_ok) {
	int err = X509_STORE_CTX_get_error(x509_ctx);

	if (err != X509_V_OK) {
	ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
	wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);

	if ((err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT \|\|
	err == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) &&
	wsi->use_ssl & LCCSCF_ALLOW_SELFSIGNED) {
	lwsl_notice("accepting self-signed certificate (verify_callback)\n");
	X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
	return 1; // ok
	} else if ((err == X509_V_ERR_CERT_NOT_YET_VALID \|\|
	err == X509_V_ERR_CERT_HAS_EXPIRED) &&
	wsi->use_ssl & LCCSCF_ALLOW_EXPIRED) {
	if (err == X509_V_ERR_CERT_NOT_YET_VALID)
	lwsl_notice("accepting not yet valid certificate (verify_callback)\n");
	else if (err == X509_V_ERR_CERT_HAS_EXPIRED)
	lwsl_notice("accepting expired certificate (verify_callback)\n");
	X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
	return 1; // ok
	}
	}
	}

	ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
	wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);

	n = lws_get_context_protocol(wsi->context, 0).callback(wsi,
	LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION,
	x509_ctx, ssl, preverify_ok);

	/* keep old behaviour if something wrong with server certs */
	/* if ssl error is overruled in callback and cert is ok,
	* X509_STORE_CTX_set_error(x509_ctx, X509_V_OK); must be set and
	* return value is 0 from callback */
	if (!preverify_ok) {
	int err = X509_STORE_CTX_get_error(x509_ctx);

	if (err != X509_V_OK) { /* cert validation error was not handled in callback */
	int depth = X509_STORE_CTX_get_error_depth(x509_ctx);
	const char* msg = X509_verify_cert_error_string(err);
	lwsl_err("SSL error: %s (preverify_ok=%d;err=%d;depth=%d)\n", msg, preverify_ok, err, depth);
	return preverify_ok; // not ok
	}
	}
	/* convert callback return code from 0 = OK to verify callback return value 1 = OK */
	return !n;
	}
	#endif

	int
	lws_ssl_client_bio_create(struct lws *wsi)
	{
	#if defined LWS_HAVE_X509_VERIFY_PARAM_set1_host
	X509_VERIFY_PARAM *param;
	#endif
	char hostname[128], *p;

	if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
	_WSI_TOKEN_CLIENT_HOST) <= 0) {
	lwsl_err("%s: Unable to get hostname\n", __func__);

	return -1;
	}

	/*
	* remove any :port part on the hostname... necessary for network
	* connection but typical certificates do not contain it
	*/
	p = hostname;
	while (*p) {
	if (*p == ':') {
	*p = '\0';
	break;
	}
	p++;
	}

	wsi->ssl = SSL_new(wsi->vhost->ssl_client_ctx);
	if (!wsi->ssl) {
	lwsl_err("SSL_new failed: %s\n",
	ERR_error_string(lws_ssl_get_error(wsi, 0), NULL));
	lws_ssl_elaborate_error();
	return -1;
	}

	#if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK)
	if (wsi->vhost->ssl_info_event_mask)
	SSL_set_info_callback(wsi->ssl, lws_ssl_info_callback);
	#endif

	#if defined LWS_HAVE_X509_VERIFY_PARAM_set1_host
	if (!(wsi->use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) {
	param = SSL_get0_param(wsi->ssl);
	/* Enable automatic hostname checks */
	X509_VERIFY_PARAM_set_hostflags(param,
	X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
	X509_VERIFY_PARAM_set1_host(param, hostname, 0);
	}
	#endif

	#if !defined(USE_WOLFSSL)
	#ifndef USE_OLD_CYASSL
	/* OpenSSL_client_verify_callback will be called @ SSL_connect() */
	SSL_set_verify(wsi->ssl, SSL_VERIFY_PEER, OpenSSL_client_verify_callback);
	#endif
	#endif

	#if !defined(USE_WOLFSSL)
	SSL_set_mode(wsi->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
	#endif
	/*
	* use server name indication (SNI), if supported,
	* when establishing connection
	*/
	#ifdef USE_WOLFSSL
	#ifdef USE_OLD_CYASSL
	#ifdef CYASSL_SNI_HOST_NAME
	CyaSSL_UseSNI(wsi->ssl, CYASSL_SNI_HOST_NAME, hostname, strlen(hostname));
	#endif
	#else
	#ifdef WOLFSSL_SNI_HOST_NAME
	wolfSSL_UseSNI(wsi->ssl, WOLFSSL_SNI_HOST_NAME, hostname, strlen(hostname));
	#endif
	#endif
	#else
	#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
	SSL_set_tlsext_host_name(wsi->ssl, hostname);
	#endif
	#endif

	#ifdef USE_WOLFSSL
	/*
	* wolfSSL/CyaSSL does certificate verification differently
	* from OpenSSL.
	* If we should ignore the certificate, we need to set
	* this before SSL_new and SSL_connect is called.
	* Otherwise the connect will simply fail with error code -155
	*/
	#ifdef USE_OLD_CYASSL
	if (wsi->use_ssl == 2)
	CyaSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL);
	#else
	if (wsi->use_ssl == 2)
	wolfSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL);
	#endif
	#endif /* USE_WOLFSSL */

	wsi->client_bio = BIO_new_socket((int)(long long)wsi->desc.sockfd, BIO_NOCLOSE);
	SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio);

	#ifdef USE_WOLFSSL
	#ifdef USE_OLD_CYASSL
	CyaSSL_set_using_nonblock(wsi->ssl, 1);
	#else
	wolfSSL_set_using_nonblock(wsi->ssl, 1);
	#endif
	#else
	BIO_set_nbio(wsi->client_bio, 1); /* nonblocking */
	#endif

	SSL_set_ex_data(wsi->ssl, openssl_websocket_private_data_index, wsi);

	return 0;
	}

	enum lws_ssl_capable_status
	lws_tls_client_connect(struct lws *wsi)
	{
	int m, n = SSL_connect(wsi->ssl);

	if (n == 1)
	return LWS_SSL_CAPABLE_DONE;

	m = lws_ssl_get_error(wsi, n);

	if (m == SSL_ERROR_WANT_READ \|\| SSL_want_read(wsi->ssl))
	return LWS_SSL_CAPABLE_MORE_SERVICE_READ;

	if (m == SSL_ERROR_WANT_WRITE \|\| SSL_want_write(wsi->ssl))
	return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE;

	if (!n) /* we don't know what he wants, but he says to retry */
	return LWS_SSL_CAPABLE_MORE_SERVICE;

	return LWS_SSL_CAPABLE_ERROR;
	}

	int
	lws_tls_client_confirm_peer_cert(struct lws *wsi)
	{
	#ifndef USE_WOLFSSL
	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
	char p = (char )&pt->serv_buf[0];
	char *sb = p;
	int n;

	lws_latency_pre(wsi->context, wsi);
	n = SSL_get_verify_result(wsi->ssl);
	lws_latency(wsi->context, wsi,
	"SSL_get_verify_result LWS_CONNMODE..HANDSHAKE", n, n > 0);

	lwsl_debug("get_verify says %d\n", n);

	if (n != X509_V_OK) {
	if ((n == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT \|\|
	n == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) &&
	(wsi->use_ssl & LCCSCF_ALLOW_SELFSIGNED)) {
	lwsl_notice("accepting self-signed certificate\n");
	} else if ((n == X509_V_ERR_CERT_NOT_YET_VALID \|\|
	n == X509_V_ERR_CERT_HAS_EXPIRED) &&
	(wsi->use_ssl & LCCSCF_ALLOW_EXPIRED)) {
	lwsl_notice("accepting expired certificate\n");
	} else if (n == X509_V_ERR_CERT_NOT_YET_VALID) {
	lwsl_notice("Cert is from the future... "
	"probably our clock... accepting...\n");
	} else {
	lwsl_err("server's cert didn't look good, X509_V_ERR = %d: %s\n",
	n, ERR_error_string(n, sb));
	lws_ssl_elaborate_error();
	return -1;
	}
	}
	#endif /* USE_WOLFSSL */

	return 0;
	}

	int
	lws_tls_client_create_vhost_context(struct lws_vhost *vh,
	struct lws_context_creation_info *info,
	const char *cipher_list,
	const char *ca_filepath,
	const char *cert_filepath,
	const char *private_key_filepath)
	{
	SSL_METHOD *method;
	unsigned long error;
	int n;

	/* basic openssl init already happened in context init */

	/* choose the most recent spin of the api */
	#if defined(LWS_HAVE_TLS_CLIENT_METHOD)
	method = (SSL_METHOD *)TLS_client_method();
	#elif defined(LWS_HAVE_TLSV1_2_CLIENT_METHOD)
	method = (SSL_METHOD *)TLSv1_2_client_method();
	#else
	method = (SSL_METHOD *)SSLv23_client_method();
	#endif

	if (!method) {
	error = ERR_get_error();
	lwsl_err("problem creating ssl method %lu: %s\n",
	error, ERR_error_string(error,
	(char *)vh->context->pt[0].serv_buf));
	return 1;
	}
	/* create context */
	vh->ssl_client_ctx = SSL_CTX_new(method);
	if (!vh->ssl_client_ctx) {
	error = ERR_get_error();
	lwsl_err("problem creating ssl context %lu: %s\n",
	error, ERR_error_string(error,
	(char *)vh->context->pt[0].serv_buf));
	return 1;
	}

	#ifdef SSL_OP_NO_COMPRESSION
	SSL_CTX_set_options(vh->ssl_client_ctx, SSL_OP_NO_COMPRESSION);
	#endif

	SSL_CTX_set_options(vh->ssl_client_ctx,
	SSL_OP_CIPHER_SERVER_PREFERENCE);

	if (cipher_list)
	SSL_CTX_set_cipher_list(vh->ssl_client_ctx, cipher_list);

	#ifdef LWS_SSL_CLIENT_USE_OS_CA_CERTS
	if (!lws_check_opt(vh->options, LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS))
	/* loads OS default CA certs */
	SSL_CTX_set_default_verify_paths(vh->ssl_client_ctx);
	#endif

	/* openssl init for cert verification (for client sockets) */
	if (!ca_filepath) {
	if (!SSL_CTX_load_verify_locations(
	vh->ssl_client_ctx, NULL, LWS_OPENSSL_CLIENT_CERTS))
	lwsl_err("Unable to load SSL Client certs from %s "
	"(set by LWS_OPENSSL_CLIENT_CERTS) -- "
	"client ssl isn't going to work\n",
	LWS_OPENSSL_CLIENT_CERTS);
	} else
	if (!SSL_CTX_load_verify_locations(
	vh->ssl_client_ctx, ca_filepath, NULL)) {
	lwsl_err(
	"Unable to load SSL Client certs "
	"file from %s -- client ssl isn't "
	"going to work\n", ca_filepath);
	lws_ssl_elaborate_error();
	}
	else
	lwsl_info("loaded ssl_ca_filepath\n");

	/*
	* callback allowing user code to load extra verification certs
	* helping the client to verify server identity
	*/

	/* support for client-side certificate authentication */
	if (cert_filepath) {
	if (lws_tls_use_any_upgrade_check_extant(cert_filepath) != LWS_TLS_EXTANT_YES &&
	(info->options & LWS_SERVER_OPTION_IGNORE_MISSING_CERT))
	return 0;

	lwsl_notice("%s: doing cert filepath %s\n", __func__, cert_filepath);
	n = SSL_CTX_use_certificate_chain_file(vh->ssl_client_ctx,
	cert_filepath);
	if (n < 1) {
	lwsl_err("problem %d getting cert '%s'\n", n,
	cert_filepath);
	lws_ssl_elaborate_error();
	return 1;
	}
	lwsl_notice("Loaded client cert %s\n", cert_filepath);
	}
	if (private_key_filepath) {
	lwsl_notice("%s: doing private key filepath\n", __func__);
	lws_ssl_bind_passphrase(vh->ssl_client_ctx, info);
	/* set the private key from KeyFile */
	if (SSL_CTX_use_PrivateKey_file(vh->ssl_client_ctx,
	private_key_filepath, SSL_FILETYPE_PEM) != 1) {
	lwsl_err("use_PrivateKey_file '%s'\n",
	private_key_filepath);
	lws_ssl_elaborate_error();
	return 1;
	}
	lwsl_notice("Loaded client cert private key %s\n",
	private_key_filepath);

	/* verify private key */
	if (!SSL_CTX_check_private_key(vh->ssl_client_ctx)) {
	lwsl_err("Private SSL key doesn't match cert\n");
	return 1;
	}
	}

	return 0;
	}