]>
Commit | Line | Data |
---|---|---|
38141708 DSH |
1 | /* NOCW */ |
2 | /* demos/bio/saccept.c */ | |
3 | ||
4 | /* A minimal program to server an SSL connection. | |
5 | * It uses blocking. | |
6 | * saccept host:port | |
7 | * host is the interface IP to use. If any interface, use *:port | |
8 | * The default it *:4433 | |
9 | * | |
10 | * cc -I../../include saccept.c -L../.. -lssl -lcrypto | |
11 | */ | |
12 | ||
13 | #include <stdio.h> | |
14 | #include <signal.h> | |
15 | #include <openssl/err.h> | |
16 | #include <openssl/ssl.h> | |
17 | #include <openssl/conf.h> | |
18 | ||
19 | int main(int argc, char *argv[]) | |
20 | { | |
21 | char *port = "*:4433"; | |
22 | BIO *in=NULL; | |
23 | BIO *ssl_bio,*tmp; | |
24 | SSL_CTX *ctx; | |
25 | SSL_CONF_CTX *cctx = NULL; | |
26 | CONF *conf = NULL; | |
27 | STACK_OF(CONF_VALUE) *sect = NULL; | |
28 | CONF_VALUE *cnf; | |
29 | long errline = -1; | |
30 | char buf[512]; | |
31 | int ret=1,i; | |
32 | ||
33 | SSL_load_error_strings(); | |
34 | ||
35 | /* Add ciphers and message digests */ | |
36 | OpenSSL_add_ssl_algorithms(); | |
37 | ||
38 | conf = NCONF_new(NULL); | |
39 | ||
40 | if (NCONF_load(conf, "accept.cnf", &errline) <= 0) | |
41 | { | |
42 | if (errline <= 0) | |
43 | fprintf(stderr, "Error processing config file\n"); | |
44 | else | |
45 | fprintf(stderr, "Error on line %ld\n", errline); | |
46 | goto err; | |
47 | } | |
48 | ||
49 | sect = NCONF_get_section(conf, "default"); | |
50 | ||
51 | if (sect == NULL) | |
52 | { | |
53 | fprintf(stderr, "Error retrieving default section\n"); | |
54 | goto err; | |
55 | } | |
56 | ||
57 | ctx=SSL_CTX_new(SSLv23_server_method()); | |
58 | cctx = SSL_CONF_CTX_new(); | |
59 | SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER); | |
60 | SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE); | |
61 | SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE); | |
62 | SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); | |
63 | for (i = 0; i < sk_CONF_VALUE_num(sect); i++) | |
64 | { | |
65 | int rv; | |
66 | cnf = sk_CONF_VALUE_value(sect, i); | |
67 | rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value); | |
68 | if (rv > 0) | |
69 | continue; | |
70 | if (rv != -2) | |
71 | { | |
72 | fprintf(stderr, "Error processing %s = %s\n", | |
73 | cnf->name, cnf->value); | |
74 | ERR_print_errors_fp(stderr); | |
75 | goto err; | |
76 | } | |
77 | if (!strcmp(cnf->name, "Port")) | |
78 | { | |
79 | port = cnf->value; | |
80 | } | |
81 | else | |
82 | { | |
83 | fprintf(stderr, "Unknown configuration option %s\n", | |
84 | cnf->name); | |
85 | goto err; | |
86 | } | |
87 | } | |
88 | ||
89 | if (!SSL_CONF_CTX_finish(cctx)) | |
90 | { | |
91 | fprintf(stderr, "Finish error\n"); | |
92 | ERR_print_errors_fp(stderr); | |
93 | goto err; | |
94 | } | |
95 | ||
96 | /* Setup server side SSL bio */ | |
97 | ssl_bio=BIO_new_ssl(ctx,0); | |
98 | ||
99 | if ((in=BIO_new_accept(port)) == NULL) goto err; | |
100 | ||
101 | /* This means that when a new connection is acceptede on 'in', | |
102 | * The ssl_bio will be 'dupilcated' and have the new socket | |
103 | * BIO push into it. Basically it means the SSL BIO will be | |
104 | * automatically setup */ | |
105 | BIO_set_accept_bios(in,ssl_bio); | |
106 | ||
107 | again: | |
108 | /* The first call will setup the accept socket, and the second | |
109 | * will get a socket. In this loop, the first actual accept | |
110 | * will occur in the BIO_read() function. */ | |
111 | ||
112 | if (BIO_do_accept(in) <= 0) goto err; | |
113 | ||
114 | for (;;) | |
115 | { | |
116 | i=BIO_read(in,buf,512); | |
117 | if (i == 0) | |
118 | { | |
119 | /* If we have finished, remove the underlying | |
120 | * BIO stack so the next time we call any function | |
121 | * for this BIO, it will attempt to do an | |
122 | * accept */ | |
123 | printf("Done\n"); | |
124 | tmp=BIO_pop(in); | |
125 | BIO_free_all(tmp); | |
126 | goto again; | |
127 | } | |
130eed01 DSH |
128 | if (i < 0) |
129 | { | |
130 | if (BIO_should_retry(in)) | |
131 | continue; | |
132 | goto err; | |
133 | } | |
38141708 DSH |
134 | fwrite(buf,1,i,stdout); |
135 | fflush(stdout); | |
136 | } | |
137 | ||
138 | ret=0; | |
139 | err: | |
140 | if (ret) | |
141 | { | |
142 | ERR_print_errors_fp(stderr); | |
143 | } | |
144 | if (in != NULL) BIO_free(in); | |
145 | exit(ret); | |
146 | return(!ret); | |
147 | } | |
148 |