]>
Commit | Line | Data |
---|---|---|
d02b48c6 RE |
1 | /* NOCW */ |
2 | /* demos/bio/saccept.c */ | |
3 | ||
71254823 MC |
4 | /*- |
5 | * A minimal program to server an SSL connection. | |
d02b48c6 RE |
6 | * It uses blocking. |
7 | * saccept host:port | |
8 | * host is the interface IP to use. If any interface, use *:port | |
9 | * The default it *:4433 | |
10 | * | |
11 | * cc -I../../include saccept.c -L../.. -lssl -lcrypto | |
12 | */ | |
13 | ||
14 | #include <stdio.h> | |
15 | #include <signal.h> | |
ec577822 BM |
16 | #include <openssl/err.h> |
17 | #include <openssl/ssl.h> | |
d02b48c6 | 18 | |
10621efd | 19 | #define CERT_FILE "server.pem" |
d02b48c6 | 20 | |
10621efd | 21 | BIO *in = NULL; |
d02b48c6 RE |
22 | |
23 | void close_up() | |
10621efd MC |
24 | { |
25 | if (in != NULL) | |
26 | BIO_free(in); | |
27 | } | |
d02b48c6 | 28 | |
10621efd | 29 | int main(argc, argv) |
d02b48c6 RE |
30 | int argc; |
31 | char *argv[]; | |
10621efd MC |
32 | { |
33 | char *port = NULL; | |
34 | BIO *ssl_bio, *tmp; | |
35 | SSL_CTX *ctx; | |
36 | SSL *ssl; | |
37 | char buf[512]; | |
38 | int ret = 1, i; | |
d02b48c6 | 39 | |
10621efd MC |
40 | if (argc <= 1) |
41 | port = "*:4433"; | |
42 | else | |
43 | port = argv[1]; | |
d02b48c6 | 44 | |
10621efd | 45 | signal(SIGINT, close_up); |
d02b48c6 | 46 | |
10621efd | 47 | SSL_load_error_strings(); |
d02b48c6 | 48 | |
8d6e6048 | 49 | #ifdef WATT32 |
10621efd MC |
50 | dbug_init(); |
51 | sock_init(); | |
8d6e6048 RL |
52 | #endif |
53 | ||
10621efd MC |
54 | /* Add ciphers and message digests */ |
55 | OpenSSL_add_ssl_algorithms(); | |
56 | ||
57 | ctx = SSL_CTX_new(SSLv23_server_method()); | |
58 | if (!SSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) | |
59 | goto err; | |
60 | if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) | |
61 | goto err; | |
62 | if (!SSL_CTX_check_private_key(ctx)) | |
63 | goto err; | |
64 | ||
65 | /* Setup server side SSL bio */ | |
66 | ssl = SSL_new(ctx); | |
67 | ssl_bio = BIO_new_ssl(ctx, 0); | |
68 | ||
69 | if ((in = BIO_new_accept(port)) == NULL) | |
70 | goto err; | |
71 | ||
72 | /* | |
73 | * This means that when a new connection is acceptede on 'in', The | |
74 | * ssl_bio will be 'dupilcated' and have the new socket BIO push into it. | |
75 | * Basically it means the SSL BIO will be automatically setup | |
76 | */ | |
77 | BIO_set_accept_bios(in, ssl_bio); | |
78 | ||
79 | again: | |
80 | /* | |
81 | * The first call will setup the accept socket, and the second will get a | |
82 | * socket. In this loop, the first actual accept will occur in the | |
83 | * BIO_read() function. | |
84 | */ | |
85 | ||
86 | if (BIO_do_accept(in) <= 0) | |
87 | goto err; | |
88 | ||
89 | for (;;) { | |
90 | i = BIO_read(in, buf, 512); | |
91 | if (i == 0) { | |
92 | /* | |
93 | * If we have finished, remove the underlying BIO stack so the | |
94 | * next time we call any function for this BIO, it will attempt | |
95 | * to do an accept | |
96 | */ | |
97 | printf("Done\n"); | |
98 | tmp = BIO_pop(in); | |
99 | BIO_free_all(tmp); | |
100 | goto again; | |
101 | } | |
102 | if (i < 0) | |
103 | goto err; | |
104 | fwrite(buf, 1, i, stdout); | |
105 | fflush(stdout); | |
106 | } | |
107 | ||
108 | ret = 0; | |
109 | err: | |
110 | if (ret) { | |
111 | ERR_print_errors_fp(stderr); | |
112 | } | |
113 | if (in != NULL) | |
114 | BIO_free(in); | |
115 | exit(ret); | |
116 | return (!ret); | |
117 | } |