2 /* demos/bio/saccept.c */
4 /* A minimal program to server an SSL connection.
7 * host is the interface IP to use. If any interface, use *:port
8 * The default it *:4433
10 * cc -I../../include saccept.c -L../.. -lssl -lcrypto
15 #include <openssl/err.h>
16 #include <openssl/ssl.h>
17 #include <openssl/conf.h>
19 int main(int argc
, char *argv
[])
21 char *port
= "*:4433";
25 SSL_CONF_CTX
*cctx
= NULL
;
27 STACK_OF(CONF_VALUE
) *sect
= NULL
;
33 SSL_load_error_strings();
35 /* Add ciphers and message digests */
36 OpenSSL_add_ssl_algorithms();
38 conf
= NCONF_new(NULL
);
40 if (NCONF_load(conf
, "accept.cnf", &errline
) <= 0)
43 fprintf(stderr
, "Error processing config file\n");
45 fprintf(stderr
, "Error on line %ld\n", errline
);
49 sect
= NCONF_get_section(conf
, "default");
53 fprintf(stderr
, "Error retrieving default section\n");
57 ctx
=SSL_CTX_new(SSLv23_server_method());
58 cctx
= SSL_CONF_CTX_new();
59 SSL_CONF_CTX_set_flags(cctx
, SSL_CONF_FLAG_SERVER
);
60 SSL_CONF_CTX_set_flags(cctx
, SSL_CONF_FLAG_CERTIFICATE
);
61 SSL_CONF_CTX_set_flags(cctx
, SSL_CONF_FLAG_FILE
);
62 SSL_CONF_CTX_set_ssl_ctx(cctx
, ctx
);
63 for (i
= 0; i
< sk_CONF_VALUE_num(sect
); i
++)
66 cnf
= sk_CONF_VALUE_value(sect
, i
);
67 rv
= SSL_CONF_cmd(cctx
, cnf
->name
, cnf
->value
);
72 fprintf(stderr
, "Error processing %s = %s\n",
73 cnf
->name
, cnf
->value
);
74 ERR_print_errors_fp(stderr
);
77 if (!strcmp(cnf
->name
, "Port"))
83 fprintf(stderr
, "Unknown configuration option %s\n",
89 if (!SSL_CONF_CTX_finish(cctx
))
91 fprintf(stderr
, "Finish error\n");
92 ERR_print_errors_fp(stderr
);
96 /* Setup server side SSL bio */
97 ssl_bio
=BIO_new_ssl(ctx
,0);
99 if ((in
=BIO_new_accept(port
)) == NULL
) goto err
;
101 /* This means that when a new connection is acceptede on 'in',
102 * The ssl_bio will be 'dupilcated' and have the new socket
103 * BIO push into it. Basically it means the SSL BIO will be
104 * automatically setup */
105 BIO_set_accept_bios(in
,ssl_bio
);
108 /* The first call will setup the accept socket, and the second
109 * will get a socket. In this loop, the first actual accept
110 * will occur in the BIO_read() function. */
112 if (BIO_do_accept(in
) <= 0) goto err
;
116 i
=BIO_read(in
,buf
,512);
119 /* If we have finished, remove the underlying
120 * BIO stack so the next time we call any function
121 * for this BIO, it will attempt to do an
129 fwrite(buf
,1,i
,stdout
);
137 ERR_print_errors_fp(stderr
);
139 if (in
!= NULL
) BIO_free(in
);