]>
Commit | Line | Data |
---|---|---|
3646578a DSH |
1 | #include <openssl/err.h> |
2 | #include <openssl/ssl.h> | |
3 | ||
4 | int main(int argc, char **argv) | |
0f113f3e MC |
5 | { |
6 | BIO *sbio = NULL, *out = NULL; | |
7 | int len; | |
8 | char tmpbuf[1024]; | |
9 | SSL_CTX *ctx; | |
10 | SSL_CONF_CTX *cctx; | |
11 | SSL *ssl; | |
12 | char **args = argv + 1; | |
13 | const char *connect_str = "localhost:4433"; | |
14 | int nargs = argc - 1; | |
15 | ||
16 | ERR_load_crypto_strings(); | |
17 | ERR_load_SSL_strings(); | |
18 | SSL_library_init(); | |
19 | ||
20 | ctx = SSL_CTX_new(SSLv23_client_method()); | |
21 | cctx = SSL_CONF_CTX_new(); | |
22 | SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT); | |
23 | SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); | |
24 | while (*args && **args == '-') { | |
25 | int rv; | |
26 | /* Parse standard arguments */ | |
27 | rv = SSL_CONF_cmd_argv(cctx, &nargs, &args); | |
28 | if (rv == -3) { | |
29 | fprintf(stderr, "Missing argument for %s\n", *args); | |
30 | goto end; | |
31 | } | |
32 | if (rv < 0) { | |
33 | fprintf(stderr, "Error in command %s\n", *args); | |
34 | ERR_print_errors_fp(stderr); | |
35 | goto end; | |
36 | } | |
37 | /* If rv > 0 we processed something so proceed to next arg */ | |
38 | if (rv > 0) | |
39 | continue; | |
40 | /* Otherwise application specific argument processing */ | |
41 | if (!strcmp(*args, "-connect")) { | |
42 | connect_str = args[1]; | |
43 | if (connect_str == NULL) { | |
44 | fprintf(stderr, "Missing -connect argument\n"); | |
45 | goto end; | |
46 | } | |
47 | args += 2; | |
48 | nargs -= 2; | |
49 | continue; | |
50 | } else { | |
51 | fprintf(stderr, "Unknown argument %s\n", *args); | |
52 | goto end; | |
53 | } | |
54 | } | |
55 | ||
56 | if (!SSL_CONF_CTX_finish(cctx)) { | |
57 | fprintf(stderr, "Finish error\n"); | |
58 | ERR_print_errors_fp(stderr); | |
59 | goto err; | |
60 | } | |
61 | ||
62 | /* | |
63 | * We'd normally set some stuff like the verify paths and * mode here | |
64 | * because as things stand this will connect to * any server whose | |
65 | * certificate is signed by any CA. | |
66 | */ | |
67 | ||
68 | sbio = BIO_new_ssl_connect(ctx); | |
69 | ||
70 | BIO_get_ssl(sbio, &ssl); | |
71 | ||
72 | if (!ssl) { | |
73 | fprintf(stderr, "Can't locate SSL pointer\n"); | |
74 | goto end; | |
75 | } | |
76 | ||
77 | /* Don't want any retries */ | |
78 | SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); | |
79 | ||
80 | /* We might want to do other things with ssl here */ | |
81 | ||
82 | BIO_set_conn_hostname(sbio, connect_str); | |
83 | ||
84 | out = BIO_new_fp(stdout, BIO_NOCLOSE); | |
85 | if (BIO_do_connect(sbio) <= 0) { | |
86 | fprintf(stderr, "Error connecting to server\n"); | |
87 | ERR_print_errors_fp(stderr); | |
88 | goto end; | |
89 | } | |
90 | ||
91 | if (BIO_do_handshake(sbio) <= 0) { | |
92 | fprintf(stderr, "Error establishing SSL connection\n"); | |
93 | ERR_print_errors_fp(stderr); | |
94 | goto end; | |
95 | } | |
96 | ||
97 | /* Could examine ssl here to get connection info */ | |
98 | ||
99 | BIO_puts(sbio, "GET / HTTP/1.0\n\n"); | |
100 | for (;;) { | |
101 | len = BIO_read(sbio, tmpbuf, 1024); | |
102 | if (len <= 0) | |
103 | break; | |
104 | BIO_write(out, tmpbuf, len); | |
105 | } | |
106 | end: | |
107 | SSL_CONF_CTX_free(cctx); | |
108 | BIO_free_all(sbio); | |
109 | BIO_free(out); | |
110 | return 0; | |
111 | } |