[151] | 1 | /*#include <stdio.h> |
---|
| 2 | #include <stdlib.h> |
---|
| 3 | #include <string.h> |
---|
| 4 | |
---|
| 5 | #include <sys/socket.h> |
---|
| 6 | #include <sys/types.h> |
---|
| 7 | |
---|
| 8 | #include <netinet/in.h> |
---|
| 9 | #include <netdb.h> |
---|
| 10 | #include <unistd.h> |
---|
| 11 | |
---|
| 12 | #include <openssl/ssl.h> |
---|
| 13 | #include <openssl/err.h> |
---|
| 14 | #include <openssl/crypto.h> |
---|
| 15 | #include <openssl/x509.h> |
---|
| 16 | #include <openssl/pem.h> |
---|
| 17 | #include <openssl/ssl.h> |
---|
| 18 | #include <openssl/err.h> |
---|
| 19 | */ |
---|
| 20 | /* define HOME to be dir for key and certificate files... */ |
---|
| 21 | //#define HOME "/usr/local/ssl/" |
---|
| 22 | /* Make these what you want for certificate & key files */ |
---|
| 23 | //#define CERT_FILE "mycert.pem" |
---|
| 24 | //#define KEY_FILE "mycert.pem" |
---|
| 25 | |
---|
| 26 | /*Cipher list to be used*/ |
---|
| 27 | //#define CIPHER_LIST "RC4-MD5" |
---|
| 28 | |
---|
| 29 | /*Trusted CAs location*/ |
---|
| 30 | //#define CA_FILE CERT_FILE |
---|
| 31 | //#define CA_DIR NULL |
---|
| 32 | |
---|
| 33 | /*Password for the key file*/ |
---|
| 34 | //#define KEY_PASSWD "" |
---|
| 35 | |
---|
| 36 | //#define IP "im.celepar.parana" |
---|
| 37 | |
---|
| 38 | //#define PORT "5222" |
---|
| 39 | |
---|
| 40 | #include "server.h" |
---|
| 41 | |
---|
| 42 | |
---|
| 43 | int main(void) |
---|
| 44 | { |
---|
| 45 | int socketfd, nHostPort; |
---|
| 46 | int err; |
---|
| 47 | char buff[32]; |
---|
| 48 | struct sockaddr_in socketaddr; |
---|
| 49 | |
---|
| 50 | /*SSL PART*/ |
---|
| 51 | SSL_METHOD *meth; |
---|
| 52 | SSL_CTX *ctx; |
---|
| 53 | SSL *myssl; |
---|
| 54 | /*SSL PART*/ |
---|
| 55 | |
---|
| 56 | /* if ( (nHostPort = strtol(PORT, 0, 10)) == 0 ) |
---|
| 57 | { |
---|
| 58 | printf("\n<port>\n\n"); |
---|
| 59 | printf("\ncould not make a socket\n"); |
---|
| 60 | return 0; |
---|
| 61 | }*/ |
---|
| 62 | |
---|
| 63 | socketfd=socket(AF_INET,SOCK_STREAM,0); |
---|
| 64 | |
---|
| 65 | socketaddr.sin_family=AF_INET; |
---|
| 66 | inet_aton("127.0.0.1", &socketaddr.sin_addr); |
---|
| 67 | socketaddr.sin_port=htons(8888); |
---|
| 68 | |
---|
| 69 | /* Connect to the server, TCP/IP layer,*/ |
---|
| 70 | err=connect(socketfd,(struct sockaddr*)&socketaddr,sizeof(socketaddr)); |
---|
| 71 | if(err<0){ |
---|
| 72 | printf("Socket returned error #%d,program terminated\n", err); |
---|
| 73 | exit(0); |
---|
| 74 | } |
---|
| 75 | |
---|
| 76 | /* SSL Part*/ |
---|
| 77 | OpenSSL_add_all_algorithms(); |
---|
| 78 | SSL_library_init(); |
---|
| 79 | SSL_load_error_strings(); |
---|
| 80 | |
---|
| 81 | |
---|
| 82 | meth=TLSv1_client_method(); |
---|
| 83 | |
---|
| 84 | ctx=SSL_CTX_new(meth); |
---|
| 85 | if (!ctx) { |
---|
| 86 | printf("Error creating the context.\n"); |
---|
| 87 | exit(0); |
---|
| 88 | } |
---|
| 89 | |
---|
| 90 | /* |
---|
| 91 | if (SSL_CTX_set_cipher_list(ctx,CIPHER_LIST) <= 0) { |
---|
| 92 | printf("Error setting the cipher list.\n"); |
---|
| 93 | exit(0); |
---|
| 94 | } |
---|
| 95 | */ |
---|
| 96 | /*Indicate the certificate file to be used*/ |
---|
| 97 | /* if (SSL_CTX_use_certificate_file(ctx,CERT_FILE, SSL_FILETYPE_PEM) <= 0) { |
---|
| 98 | printf("Error setting the certificate file.\n"); |
---|
| 99 | exit(0); |
---|
| 100 | }*/ |
---|
| 101 | |
---|
| 102 | |
---|
| 103 | |
---|
| 104 | /*Load the password for the Private Key*/ |
---|
| 105 | //SSL_CTX_set_default_passwd_cb_userdata(ctx,KEY_PASSWD); |
---|
| 106 | |
---|
| 107 | |
---|
| 108 | /*Indicate the key file to be used*/ |
---|
| 109 | /*if (SSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM) <= 0) { |
---|
| 110 | printf("Error setting the key file.\n"); |
---|
| 111 | exit(0); |
---|
| 112 | }*/ |
---|
| 113 | |
---|
| 114 | /*Make sure the key and certificate file match*/ |
---|
| 115 | /*if (!SSL_CTX_check_private_key(ctx)) { |
---|
| 116 | printf("Private key does not match the certificate public key\n"); |
---|
| 117 | exit(0); |
---|
| 118 | }*/ |
---|
| 119 | |
---|
| 120 | /* Set the list of trusted CAs based on the file and/or directory provided*/ |
---|
| 121 | /* if(SSL_CTX_load_verify_locations(ctx,CA_FILE,CA_DIR)<1){ |
---|
| 122 | printf("Error setting verify location\n"); |
---|
| 123 | exit(0); |
---|
| 124 | }*/ |
---|
| 125 | |
---|
| 126 | /* Set for server verification*/ |
---|
| 127 | // SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL); |
---|
| 128 | SSL_CTX_set_verify(ctx,SSL_VERIFY_NONE,NULL); |
---|
| 129 | |
---|
| 130 | /*Create new ssl object*/ |
---|
| 131 | myssl=SSL_new(ctx); |
---|
| 132 | |
---|
| 133 | if(!myssl){ |
---|
| 134 | printf("Error creating SSL structure.\n"); |
---|
| 135 | exit(0); |
---|
| 136 | } |
---|
| 137 | |
---|
| 138 | /*Bind the socket to the SSL structure*/ |
---|
| 139 | SSL_set_fd(myssl,socketfd); |
---|
| 140 | |
---|
| 141 | /*Connect to the server, SSL layer.*/ |
---|
| 142 | err=SSL_connect(myssl); |
---|
| 143 | printf("SSL error #%d in accept,program terminated\n",err); |
---|
| 144 | /*Check for error in connect.*/ |
---|
| 145 | if (err<1) { |
---|
| 146 | |
---|
| 147 | err=SSL_get_error(myssl,err); |
---|
| 148 | printf("SSL error #%d in accept,program terminated\n",err); |
---|
| 149 | |
---|
| 150 | if(err==5){printf("sockerrno is:\n");} |
---|
| 151 | |
---|
| 152 | close(socketfd); |
---|
| 153 | SSL_CTX_free(ctx); |
---|
| 154 | exit(0); |
---|
| 155 | } |
---|
| 156 | |
---|
| 157 | /*Print out connection details*/ |
---|
| 158 | printf("SSL connection on socket %x,Version: %s, Cipher: %s\n", |
---|
| 159 | socketfd, |
---|
| 160 | SSL_get_version(myssl), |
---|
| 161 | SSL_get_cipher(myssl)); |
---|
| 162 | |
---|
| 163 | puts("_________OK_______________"); |
---|
| 164 | exit(0); |
---|
| 165 | /*Send message to the server.*/ |
---|
| 166 | err=SSL_write(myssl,"Hello there!!!!",sizeof("Hello there!!!!")+1); |
---|
| 167 | /*Check for error in write.*/ |
---|
| 168 | if(err<1){ |
---|
| 169 | err=SSL_get_error(myssl,err); |
---|
| 170 | printf("Error #%d in write,program terminated\n",err); |
---|
| 171 | /********************************/ |
---|
| 172 | /* If err=6 it means the client */ |
---|
| 173 | /* issued an SSL_shutdown. You */ |
---|
| 174 | /* must respond with a shutdown */ |
---|
| 175 | /* to complete a graceful */ |
---|
| 176 | /* shutdown */ |
---|
| 177 | /********************************/ |
---|
| 178 | if(err==6){ |
---|
| 179 | SSL_shutdown(myssl); |
---|
| 180 | } |
---|
| 181 | SSL_free(myssl); |
---|
| 182 | close(socketfd); |
---|
| 183 | SSL_CTX_free(ctx); |
---|
| 184 | exit(0); |
---|
| 185 | } |
---|
| 186 | |
---|
| 187 | /*Read servers response.*/ |
---|
| 188 | err = SSL_read (myssl, buff, sizeof(buff)); |
---|
| 189 | /*Check for error in read.*/ |
---|
| 190 | if(err<1){ |
---|
| 191 | err=SSL_get_error(myssl,err); |
---|
| 192 | printf("Error #%d in read,program terminated\n",err); |
---|
| 193 | /********************************/ |
---|
| 194 | /* If err=6 it means the client */ |
---|
| 195 | /* issued an SSL_shutdown. You */ |
---|
| 196 | /* must respond with a shutdown */ |
---|
| 197 | /* to complete a graceful */ |
---|
| 198 | /* shutdown */ |
---|
| 199 | /********************************/ |
---|
| 200 | if(err==6){ |
---|
| 201 | SSL_shutdown(myssl); |
---|
| 202 | } |
---|
| 203 | SSL_free(myssl); |
---|
| 204 | close(socketfd); |
---|
| 205 | SSL_CTX_free(ctx); |
---|
| 206 | exit(0); |
---|
| 207 | } |
---|
| 208 | printf("Server said: %s\n",buff); |
---|
| 209 | err=SSL_shutdown(myssl); |
---|
| 210 | buff[0] = '\0'; |
---|
| 211 | SSL_read (myssl, buff, sizeof(buff)); |
---|
| 212 | /*********************************/ |
---|
| 213 | /* If err is equal to 0 you are */ |
---|
| 214 | /* issuing the shutdown first. */ |
---|
| 215 | /* If its 1 then you are */ |
---|
| 216 | /* responding to a previously */ |
---|
| 217 | /* issued shutdown message */ |
---|
| 218 | /*********************************/ |
---|
| 219 | if(err==0) |
---|
| 220 | { |
---|
| 221 | err=SSL_shutdown(myssl); |
---|
| 222 | buff[0] = '\0'; |
---|
| 223 | SSL_read (myssl, buff, sizeof(buff)); |
---|
| 224 | if(err<1){ |
---|
| 225 | printf("#1 Error in shutdown\n"); |
---|
| 226 | }else if(err==1){ |
---|
| 227 | printf("Client exited gracefully\n"); |
---|
| 228 | } |
---|
| 229 | }else if(err<0){ |
---|
| 230 | printf("Error in shutdown\n"); |
---|
| 231 | |
---|
| 232 | }else if(err==1){ |
---|
| 233 | printf("Client exited gracefully\n"); |
---|
| 234 | } |
---|
| 235 | close(socketfd); |
---|
| 236 | SSL_free(myssl); |
---|
| 237 | SSL_CTX_free(ctx); |
---|
| 238 | exit(0); |
---|
| 239 | |
---|
| 240 | } |
---|