]>
Commit | Line | Data |
---|---|---|
3646578a DSH |
1 | #include <openssl/err.h> |
2 | #include <openssl/ssl.h> | |
3 | #include <openssl/conf.h> | |
4 | ||
5 | int main(int argc, char **argv) | |
6 | { | |
7 | BIO *sbio = NULL, *out = NULL; | |
8 | int i, len, rv; | |
9 | char tmpbuf[1024]; | |
10 | SSL_CTX *ctx = NULL; | |
11 | SSL_CONF_CTX *cctx = NULL; | |
12 | SSL *ssl = NULL; | |
13 | CONF *conf = NULL; | |
14 | STACK_OF(CONF_VALUE) *sect = NULL; | |
15 | CONF_VALUE *cnf; | |
16 | const char *connect_str = "localhost:4433"; | |
17 | long errline = -1; | |
18 | ||
19 | ERR_load_crypto_strings(); | |
20 | ERR_load_SSL_strings(); | |
21 | SSL_library_init(); | |
22 | ||
23 | conf = NCONF_new(NULL); | |
24 | ||
25 | if (NCONF_load(conf, "connect.cnf", &errline) <= 0) | |
26 | { | |
27 | if (errline <= 0) | |
28 | fprintf(stderr, "Error processing config file\n"); | |
29 | else | |
30 | fprintf(stderr, "Error on line %ld\n", errline); | |
31 | goto end; | |
32 | } | |
33 | ||
34 | sect = NCONF_get_section(conf, "default"); | |
35 | ||
36 | if (sect == NULL) | |
37 | { | |
38 | fprintf(stderr, "Error retrieving default section\n"); | |
39 | goto end; | |
40 | } | |
41 | ||
42 | ctx = SSL_CTX_new(SSLv23_client_method()); | |
43 | cctx = SSL_CONF_CTX_new(); | |
44 | SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT); | |
45 | SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE); | |
46 | SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); | |
47 | for (i = 0; i < sk_CONF_VALUE_num(sect); i++) | |
48 | { | |
49 | cnf = sk_CONF_VALUE_value(sect, i); | |
50 | rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value); | |
51 | if (rv > 0) | |
52 | continue; | |
53 | if (rv != -2) | |
54 | { | |
55 | fprintf(stderr, "Error processing %s = %s\n", | |
56 | cnf->name, cnf->value); | |
57 | ERR_print_errors_fp(stderr); | |
58 | goto end; | |
59 | } | |
60 | if (!strcmp(cnf->name, "Connect")) | |
61 | { | |
62 | connect_str = cnf->value; | |
63 | } | |
64 | else | |
65 | { | |
66 | fprintf(stderr, "Unknown configuration option %s\n", | |
67 | cnf->name); | |
68 | goto end; | |
69 | } | |
70 | } | |
ebd14bfc DSH |
71 | |
72 | if (!SSL_CONF_CTX_finish(cctx)) | |
73 | { | |
74 | fprintf(stderr, "Finish error\n"); | |
75 | ERR_print_errors_fp(stderr); | |
76 | goto err; | |
77 | } | |
3646578a DSH |
78 | |
79 | /* We'd normally set some stuff like the verify paths and | |
80 | * mode here because as things stand this will connect to | |
81 | * any server whose certificate is signed by any CA. | |
82 | */ | |
83 | ||
84 | sbio = BIO_new_ssl_connect(ctx); | |
85 | ||
86 | BIO_get_ssl(sbio, &ssl); | |
87 | ||
88 | if(!ssl) | |
89 | { | |
90 | fprintf(stderr, "Can't locate SSL pointer\n"); | |
91 | goto end; | |
92 | } | |
93 | ||
94 | /* Don't want any retries */ | |
95 | SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); | |
96 | ||
97 | /* We might want to do other things with ssl here */ | |
98 | ||
99 | BIO_set_conn_hostname(sbio, connect_str); | |
100 | ||
101 | out = BIO_new_fp(stdout, BIO_NOCLOSE); | |
102 | if(BIO_do_connect(sbio) <= 0) | |
103 | { | |
104 | fprintf(stderr, "Error connecting to server\n"); | |
105 | ERR_print_errors_fp(stderr); | |
106 | goto end; | |
107 | } | |
108 | ||
109 | if(BIO_do_handshake(sbio) <= 0) | |
110 | { | |
111 | fprintf(stderr, "Error establishing SSL connection\n"); | |
112 | ERR_print_errors_fp(stderr); | |
113 | goto end; | |
114 | } | |
115 | ||
116 | /* Could examine ssl here to get connection info */ | |
117 | ||
118 | BIO_puts(sbio, "GET / HTTP/1.0\n\n"); | |
119 | for(;;) | |
120 | { | |
121 | len = BIO_read(sbio, tmpbuf, 1024); | |
122 | if(len <= 0) break; | |
123 | BIO_write(out, tmpbuf, len); | |
124 | } | |
125 | end: | |
126 | SSL_CONF_CTX_free(cctx); | |
127 | BIO_free_all(sbio); | |
128 | BIO_free(out); | |
129 | NCONF_free(conf); | |
130 | return 0; | |
131 | } | |
132 |