]>
Commit | Line | Data |
---|---|---|
9e200689 RS |
1 | /* |
2 | * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
5e73e6ba | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
9e200689 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
919ba009 | 10 | #include <string.h> |
3646578a DSH |
11 | #include <openssl/err.h> |
12 | #include <openssl/ssl.h> | |
13 | #include <openssl/conf.h> | |
14 | ||
15 | int main(int argc, char **argv) | |
0f113f3e MC |
16 | { |
17 | BIO *sbio = NULL, *out = NULL; | |
18 | int i, len, rv; | |
19 | char tmpbuf[1024]; | |
20 | SSL_CTX *ctx = NULL; | |
21 | SSL_CONF_CTX *cctx = NULL; | |
22 | SSL *ssl = NULL; | |
23 | CONF *conf = NULL; | |
24 | STACK_OF(CONF_VALUE) *sect = NULL; | |
25 | CONF_VALUE *cnf; | |
26 | const char *connect_str = "localhost:4433"; | |
27 | long errline = -1; | |
28 | ||
0f113f3e MC |
29 | conf = NCONF_new(NULL); |
30 | ||
31 | if (NCONF_load(conf, "connect.cnf", &errline) <= 0) { | |
32 | if (errline <= 0) | |
33 | fprintf(stderr, "Error processing config file\n"); | |
34 | else | |
35 | fprintf(stderr, "Error on line %ld\n", errline); | |
36 | goto end; | |
37 | } | |
38 | ||
39 | sect = NCONF_get_section(conf, "default"); | |
40 | ||
41 | if (sect == NULL) { | |
42 | fprintf(stderr, "Error retrieving default section\n"); | |
43 | goto end; | |
44 | } | |
45 | ||
13c9bb3e | 46 | ctx = SSL_CTX_new(TLS_client_method()); |
0f113f3e MC |
47 | cctx = SSL_CONF_CTX_new(); |
48 | SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT); | |
49 | SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE); | |
50 | SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); | |
51 | for (i = 0; i < sk_CONF_VALUE_num(sect); i++) { | |
52 | cnf = sk_CONF_VALUE_value(sect, i); | |
53 | rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value); | |
54 | if (rv > 0) | |
55 | continue; | |
56 | if (rv != -2) { | |
57 | fprintf(stderr, "Error processing %s = %s\n", | |
58 | cnf->name, cnf->value); | |
59 | ERR_print_errors_fp(stderr); | |
60 | goto end; | |
61 | } | |
86885c28 | 62 | if (strcmp(cnf->name, "Connect") == 0) { |
0f113f3e MC |
63 | connect_str = cnf->value; |
64 | } else { | |
65 | fprintf(stderr, "Unknown configuration option %s\n", cnf->name); | |
66 | goto end; | |
67 | } | |
68 | } | |
69 | ||
70 | if (!SSL_CONF_CTX_finish(cctx)) { | |
71 | fprintf(stderr, "Finish error\n"); | |
72 | ERR_print_errors_fp(stderr); | |
919ba009 | 73 | goto end; |
0f113f3e MC |
74 | } |
75 | ||
76 | /* | |
77 | * We'd normally set some stuff like the verify paths and * mode here | |
78 | * because as things stand this will connect to * any server whose | |
79 | * certificate is signed by any CA. | |
80 | */ | |
81 | ||
82 | sbio = BIO_new_ssl_connect(ctx); | |
83 | ||
84 | BIO_get_ssl(sbio, &ssl); | |
85 | ||
86 | if (!ssl) { | |
87 | fprintf(stderr, "Can't locate SSL pointer\n"); | |
88 | goto end; | |
89 | } | |
90 | ||
0f113f3e MC |
91 | /* We might want to do other things with ssl here */ |
92 | ||
93 | BIO_set_conn_hostname(sbio, connect_str); | |
94 | ||
95 | out = BIO_new_fp(stdout, BIO_NOCLOSE); | |
96 | if (BIO_do_connect(sbio) <= 0) { | |
97 | fprintf(stderr, "Error connecting to server\n"); | |
98 | ERR_print_errors_fp(stderr); | |
99 | goto end; | |
100 | } | |
101 | ||
0f113f3e MC |
102 | /* Could examine ssl here to get connection info */ |
103 | ||
104 | BIO_puts(sbio, "GET / HTTP/1.0\n\n"); | |
105 | for (;;) { | |
106 | len = BIO_read(sbio, tmpbuf, 1024); | |
107 | if (len <= 0) | |
108 | break; | |
109 | BIO_write(out, tmpbuf, len); | |
110 | } | |
111 | end: | |
112 | SSL_CONF_CTX_free(cctx); | |
113 | BIO_free_all(sbio); | |
114 | BIO_free(out); | |
115 | NCONF_free(conf); | |
116 | return 0; | |
117 | } |