[thirdparty/openssl.git] / demos / bio / saccept.c

/*-
 * A minimal program to serve an SSL connection.
 * It uses blocking.
 * saccept host:port
 * host is the interface IP to use.  If any interface, use *:port
 * The default it *:4433
 *
 * cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl
 */

#include <stdio.h>
#include <signal.h>
#include <openssl/err.h>
#include <openssl/ssl.h>

#define CERT_FILE       "server.pem"

static int done = 0;

void interrupt()
{
    done = 1;
}

void sigsetup(void)
{
    struct sigaction sa;

    /*
     * Catch at most once, and don't restart the accept system call.
     */
    sa.sa_flags = SA_RESETHAND;
    sa.sa_handler = interrupt;
    sigemptyset(&sa.sa_mask);
    sigaction(SIGINT, &sa, NULL);
}

int main(int argc, char *argv[])
{
    char *port = NULL;
    BIO *in = NULL;
    BIO *ssl_bio, *tmp;
    SSL_CTX *ctx;
    char buf[512];
    int ret = 1, i;

    if (argc <= 1)
        port = "*:4433";
    else
        port = argv[1];

    SSL_load_error_strings();

    /* Add ciphers and message digests */
    OpenSSL_add_ssl_algorithms();

    ctx = SSL_CTX_new(TLS_server_method());
    if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE))
        goto err;
    if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
        goto err;
    if (!SSL_CTX_check_private_key(ctx))
        goto err;

    /* Setup server side SSL bio */
    ssl_bio = BIO_new_ssl(ctx, 0);

    if ((in = BIO_new_accept(port)) == NULL)
        goto err;

    /*
     * This means that when a new connection is accepted on 'in', The ssl_bio
     * will be 'duplicated' and have the new socket BIO push into it.
     * Basically it means the SSL BIO will be automatically setup
     */
    BIO_set_accept_bios(in, ssl_bio);

    /* Arrange to leave server loop on interrupt */
    sigsetup();

 again:
    /*
     * The first call will setup the accept socket, and the second will get a
     * socket.  In this loop, the first actual accept will occur in the
     * BIO_read() function.
     */

    if (BIO_do_accept(in) <= 0)
        goto err;

    while (!done) {
        i = BIO_read(in, buf, 512);
        if (i == 0) {
            /*
             * If we have finished, remove the underlying BIO stack so the
             * next time we call any function for this BIO, it will attempt
             * to do an accept
             */
            printf("Done\n");
            tmp = BIO_pop(in);
            BIO_free_all(tmp);
            goto again;
        }
        if (i < 0)
            goto err;
        fwrite(buf, 1, i, stdout);
        fflush(stdout);
    }

    ret = 0;
 err:
    if (ret) {
        ERR_print_errors_fp(stderr);
    }
    BIO_free(in);
    exit(ret);
    return (!ret);
}
Commit	Line	Data
23a22b4c MC	1	/*-
23a22b4c MC	2	* A minimal program to serve an SSL connection.
d02b48c6 RE	3	* It uses blocking.
	4	* saccept host:port
	5	* host is the interface IP to use. If any interface, use *:port
	6	* The default it *:4433
	7	*
f3efeaad	8	* cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl
d02b48c6 RE	9	*/
	10
	11	#include <stdio.h>
	12	#include <signal.h>
ec577822 BM	13	#include <openssl/err.h>
ec577822 BM	14	#include <openssl/ssl.h>
d02b48c6	15
0f113f3e	16	#define CERT_FILE "server.pem"
d02b48c6	17
919ba009	18	static int done = 0;
d02b48c6	19
919ba009	20	void interrupt()
0f113f3e	21	{
919ba009 VD	22	done = 1;
	23	}
	24
	25	void sigsetup(void)
	26	{
	27	struct sigaction sa;
	28
	29	/*
	30	* Catch at most once, and don't restart the accept system call.
	31	*/
	32	sa.sa_flags = SA_RESETHAND;
	33	sa.sa_handler = interrupt;
	34	sigemptyset(&sa.sa_mask);
	35	sigaction(SIGINT, &sa, NULL);
0f113f3e	36	}
d02b48c6	37
24f77b34	38	int main(int argc, char *argv[])
0f113f3e MC	39	{
0f113f3e MC	40	char *port = NULL;
919ba009	41	BIO *in = NULL;
0f113f3e MC	42	BIO ssl_bio, tmp;
	43	SSL_CTX *ctx;
	44	char buf[512];
	45	int ret = 1, i;
	46
	47	if (argc <= 1)
	48	port = "*:4433";
	49	else
	50	port = argv[1];
	51
0f113f3e MC	52	SSL_load_error_strings();
	53
	54	/* Add ciphers and message digests */
	55	OpenSSL_add_ssl_algorithms();
	56
32ec4153	57	ctx = SSL_CTX_new(TLS_server_method());
919ba009	58	if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE))
0f113f3e MC	59	goto err;
	60	if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
	61	goto err;
	62	if (!SSL_CTX_check_private_key(ctx))
	63	goto err;
	64
	65	/* Setup server side SSL bio */
	66	ssl_bio = BIO_new_ssl(ctx, 0);
	67
	68	if ((in = BIO_new_accept(port)) == NULL)
	69	goto err;
	70
	71	/*
	72	* This means that when a new connection is accepted on 'in', The ssl_bio
	73	* will be 'duplicated' and have the new socket BIO push into it.
	74	* Basically it means the SSL BIO will be automatically setup
	75	*/
	76	BIO_set_accept_bios(in, ssl_bio);
	77
919ba009 VD	78	/* Arrange to leave server loop on interrupt */
	79	sigsetup();
	80
0f113f3e MC	81	again:
	82	/*
	83	* The first call will setup the accept socket, and the second will get a
	84	* socket. In this loop, the first actual accept will occur in the
	85	* BIO_read() function.
	86	*/
	87
	88	if (BIO_do_accept(in) <= 0)
	89	goto err;
	90
919ba009	91	while (!done) {
0f113f3e MC	92	i = BIO_read(in, buf, 512);
	93	if (i == 0) {
	94	/*
	95	* If we have finished, remove the underlying BIO stack so the
	96	* next time we call any function for this BIO, it will attempt
	97	* to do an accept
	98	*/
	99	printf("Done\n");
	100	tmp = BIO_pop(in);
	101	BIO_free_all(tmp);
	102	goto again;
	103	}
	104	if (i < 0)
	105	goto err;
	106	fwrite(buf, 1, i, stdout);
	107	fflush(stdout);
	108	}
	109
	110	ret = 0;
	111	err:
	112	if (ret) {
	113	ERR_print_errors_fp(stderr);
	114	}
ca3a82c3	115	BIO_free(in);
0f113f3e MC	116	exit(ret);
	117	return (!ret);
	118	}