[thirdparty/openssl.git] / demos / bio / saccept.c

/*
 * Copyright 1998-2025 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/*-
 * A minimal program to serve an SSL connection.
 * It uses blocking.
 * saccept host:port
 * host is the interface IP to use.  If any interface, use *:port
 * The default it *:4433
 *
 * cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl
 */

#include <stdio.h>
#include <signal.h>
#include <stdlib.h>
#include <openssl/err.h>
#include <openssl/ssl.h>

#define CERT_FILE       "server.pem"

static volatile int done = 0;

static void interrupt(int sig)
{
    done = 1;
}

static void sigsetup(void)
{
#if defined(OPENSSL_SYS_WINDOWS)
    signal(SIGINT, interrupt);
#else
    struct sigaction sa;

    /*
     * Catch at most once, and don't restart the accept system call.
     */
    sa.sa_flags = SA_RESETHAND;
    sa.sa_handler = interrupt;
    sigemptyset(&sa.sa_mask);
    sigaction(SIGINT, &sa, NULL);
#endif
}

int main(int argc, char *argv[])
{
    char *port = NULL;
    BIO *in = NULL;
    BIO *ssl_bio = NULL;
    BIO *tmp;
    SSL_CTX *ctx;
    char buf[512];
    int ret = EXIT_FAILURE, i;

    if (argc <= 1)
        port = "*:4433";
    else
        port = argv[1];

    ctx = SSL_CTX_new(TLS_server_method());
    if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE))
        goto err;
    if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
        goto err;
    if (!SSL_CTX_check_private_key(ctx))
        goto err;

    /* Setup server side SSL bio */
    ssl_bio = BIO_new_ssl(ctx, 0);

    if ((in = BIO_new_accept(port)) == NULL)
        goto err;

    /*
     * This means that when a new connection is accepted on 'in', The ssl_bio
     * will be 'duplicated' and have the new socket BIO push into it.
     * Basically it means the SSL BIO will be automatically setup
     */
    BIO_set_accept_bios(in, ssl_bio);
    ssl_bio = NULL;

    /* Arrange to leave server loop on interrupt */
    sigsetup();

 again:
    /*
     * The first call will setup the accept socket, and the second will get a
     * socket.  In this loop, the first actual accept will occur in the
     * BIO_read() function.
     */

    if (BIO_do_accept(in) <= 0)
        goto err;

    while (!done) {
        i = BIO_read(in, buf, 512);
        if (i == 0) {
            /*
             * If we have finished, remove the underlying BIO stack so the
             * next time we call any function for this BIO, it will attempt
             * to do an accept
             */
            printf("Done\n");
            tmp = BIO_pop(in);
            BIO_free_all(tmp);
            goto again;
        }
        if (i < 0)
            goto err;
        fwrite(buf, 1, i, stdout);
        fflush(stdout);
    }

    ret = EXIT_SUCCESS;
 err:
    if (ret != EXIT_SUCCESS)
        ERR_print_errors_fp(stderr);
    BIO_free(in);
    BIO_free_all(ssl_bio);
    return ret;
}
Commit	Line	Data
	1	/*
	2	* Copyright 1998-2025 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	/*-
	11	* A minimal program to serve an SSL connection.
	12	* It uses blocking.
	13	* saccept host:port
	14	* host is the interface IP to use. If any interface, use *:port
	15	* The default it *:4433
	16	*
	17	* cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl
	18	*/
	19
	20	#include <stdio.h>
	21	#include <signal.h>
	22	#include <stdlib.h>
	23	#include <openssl/err.h>
	24	#include <openssl/ssl.h>
	25
	26	#define CERT_FILE "server.pem"
	27
	28	static volatile int done = 0;
	29
	30	static void interrupt(int sig)
	31	{
	32	done = 1;
	33	}
	34
	35	static void sigsetup(void)
	36	{
	37	#if defined(OPENSSL_SYS_WINDOWS)
	38	signal(SIGINT, interrupt);
	39	#else
	40	struct sigaction sa;
	41
	42	/*
	43	* Catch at most once, and don't restart the accept system call.
	44	*/
	45	sa.sa_flags = SA_RESETHAND;
	46	sa.sa_handler = interrupt;
	47	sigemptyset(&sa.sa_mask);
	48	sigaction(SIGINT, &sa, NULL);
	49	#endif
	50	}
	51
	52	int main(int argc, char *argv[])
	53	{
	54	char *port = NULL;
	55	BIO *in = NULL;
	56	BIO *ssl_bio = NULL;
	57	BIO *tmp;
	58	SSL_CTX *ctx;
	59	char buf[512];
	60	int ret = EXIT_FAILURE, i;
	61
	62	if (argc <= 1)
	63	port = "*:4433";
	64	else
	65	port = argv[1];
	66
	67	ctx = SSL_CTX_new(TLS_server_method());
	68	if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE))
	69	goto err;
	70	if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
	71	goto err;
	72	if (!SSL_CTX_check_private_key(ctx))
	73	goto err;
	74
	75	/* Setup server side SSL bio */
	76	ssl_bio = BIO_new_ssl(ctx, 0);
	77
	78	if ((in = BIO_new_accept(port)) == NULL)
	79	goto err;
	80
	81	/*
	82	* This means that when a new connection is accepted on 'in', The ssl_bio
	83	* will be 'duplicated' and have the new socket BIO push into it.
	84	* Basically it means the SSL BIO will be automatically setup
	85	*/
	86	BIO_set_accept_bios(in, ssl_bio);
	87	ssl_bio = NULL;
	88
	89	/* Arrange to leave server loop on interrupt */
	90	sigsetup();
	91
	92	again:
	93	/*
	94	* The first call will setup the accept socket, and the second will get a
	95	* socket. In this loop, the first actual accept will occur in the
	96	* BIO_read() function.
	97	*/
	98
	99	if (BIO_do_accept(in) <= 0)
	100	goto err;
	101
	102	while (!done) {
	103	i = BIO_read(in, buf, 512);
	104	if (i == 0) {
	105	/*
	106	* If we have finished, remove the underlying BIO stack so the
	107	* next time we call any function for this BIO, it will attempt
	108	* to do an accept
	109	*/
	110	printf("Done\n");
	111	tmp = BIO_pop(in);
	112	BIO_free_all(tmp);
	113	goto again;
	114	}
	115	if (i < 0)
	116	goto err;
	117	fwrite(buf, 1, i, stdout);
	118	fflush(stdout);
	119	}
	120
	121	ret = EXIT_SUCCESS;
	122	err:
	123	if (ret != EXIT_SUCCESS)
	124	ERR_print_errors_fp(stderr);
	125	BIO_free(in);
	126	BIO_free_all(ssl_bio);
	127	return ret;
	128	}