]> git.ipfire.org Git - thirdparty/openssl.git/blob - demos/ssl/inetdsrv.cpp
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Replace "SSLeay" in API with OpenSSL
[thirdparty/openssl.git] / demos / ssl / inetdsrv.cpp
1 /* inetdserv.cpp - Minimal ssleay server for Unix inetd.conf
2 * 30.9.1996, Sampo Kellomaki <sampo@iki.fi>
3 * From /etc/inetd.conf:
4 * 1111 stream tcp nowait sampo /usr/users/sampo/demo/inetdserv inetdserv
5 */
6
7 #include <stdio.h>
8 #include <errno.h>
9
10 #include "rsa.h"
11 #include <openssl/crypto.h>
12 #include <openssl/x509.h>
13 #include <openssl/pem.h>
14 #include <openssl/ssl.h>
15 #include <openssl/err.h>
16
17 #define HOME "/usr/users/sampo/demo/"
18 #define CERTF HOME "plain-cert.pem"
19 #define KEYF HOME "plain-key.pem"
20
21 #define CHK_NULL(x) if ((x)==NULL) exit (1)
22 #define CHK_ERR(err,s) if ((err)==-1) \
23 { fprintf(log, "%s %d\n", (s), errno); exit(1); }
24 #define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(log); exit(2); }
25
26 void main ()
27 {
28 int err;
29 SSL_CTX* ctx;
30 SSL* ssl;
31 X509* client_cert;
32 char* str;
33 char buf [4096];
34 FILE* log;
35
36 log = fopen ("/dev/console", "a"); CHK_NULL(log);
37 fprintf (log, "inetdserv %ld\n", (long)getpid());
38
39 SSL_load_error_strings();
40 ctx = SSL_CTX_new (); CHK_NULL(ctx);
41
42 err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF, SSL_FILETYPE_PEM);
43 CHK_SSL (err);
44
45 err = SSL_CTX_use_certificate_file (ctx, CERTF, SSL_FILETYPE_PEM);
46 CHK_SSL (err);
47
48 /* inetd has already opened the TCP connection, so we can get right
49 down to business. */
50
51 ssl = SSL_new (ctx); CHK_NULL(ssl);
52 SSL_set_fd (ssl, fileno(stdin));
53 err = SSL_accept (ssl); CHK_SSL(err);
54
55 /* Get the cipher - opt */
56
57 fprintf (log, "SSL connection using %s\n", SSL_get_cipher (ssl));
58
59 /* Get client's certificate (note: beware of dynamic allocation) - opt */
60
61 client_cert = SSL_get_peer_certificate (ssl);
62 if (client_cert != NULL) {
63 fprintf (log, "Client certificate:\n");
64
65 str = X509_NAME_oneline (X509_get_subject_name (client_cert));
66 CHK_NULL(str);
67 fprintf (log, "\t subject: %s\n", str);
68 OPENSSL_free (str);
69
70 str = X509_NAME_oneline (X509_get_issuer_name (client_cert));
71 CHK_NULL(str);
72 fprintf (log, "\t issuer: %s\n", str);
73 OPENSSL_free (str);
74
75 /* We could do all sorts of certificate verification stuff here before
76 deallocating the certificate. */
77
78 X509_free (client_cert);
79 } else
80 fprintf (log, "Client doe not have certificate.\n");
81
82 /* ------------------------------------------------- */
83 /* DATA EXCHANGE: Receive message and send reply */
84
85 err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
86 buf[err] = '\0';
87 fprintf (log, "Got %d chars:'%s'\n", err, buf);
88
89 err = SSL_write (ssl, "Loud and clear.", strlen("Loud and clear."));
90 CHK_SSL(err);
91
92 /* Clean up. */
93
94 fclose (log);
95 SSL_free (ssl);
96 SSL_CTX_free (ctx);
97 }
98 /* EOF - inetdserv.cpp */
A mirror of the official openssl repository