diff options
| author |   ryker <ryker@openbsd.org> | 1998-10-05 20:12:28 +0000 |
|---|---|---|
| committer | ryker <ryker@openbsd.org> | 1998-10-05 20:12:28 +0000 |
| commit | 5b37fcf34e412bf0b6ad32ddb294e900d64c5855 (patch) | |
| tree | cf5d52f4abf74eb3ee59fd705ef686e3c5b96d91 /lib/libssl/src/demos/ssl/cli.cpp | |
| parent | add a reference to fork(2) \ (diff) | |
| download | wireguard-openbsd-5b37fcf34e412bf0b6ad32ddb294e900d64c5855.tar.xz wireguard-openbsd-5b37fcf34e412bf0b6ad32ddb294e900d64c5855.zip | |
Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
Diffstat (limited to 'lib/libssl/src/demos/ssl/cli.cpp')
| -rw-r--r-- | lib/libssl/src/demos/ssl/cli.cpp | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/lib/libssl/src/demos/ssl/cli.cpp b/lib/libssl/src/demos/ssl/cli.cpp new file mode 100644 index 00000000000..f52a9c025bb --- /dev/null +++ b/lib/libssl/src/demos/ssl/cli.cpp @@ -0,0 +1,102 @@ +/* cli.cpp - Minimal ssleay client for Unix + 30.9.1996, Sampo Kellomaki <sampo@iki.fi> */ + +#include <stdio.h> +#include <memory.h> +#include <errno.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <arpa/inet.h> +#include <netdb.h> + +#include "rsa.h" /* SSLeay stuff */ +#include "crypto.h" +#include "x509.h" +#include "pem.h" +#include "ssl.h" +#include "err.h" + +#define CHK_NULL(x) if ((x)==NULL) exit (1) +#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); } +#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); } + +void main () +{ + int err; + int sd; + struct sockaddr_in sa; + SSL_CTX* ctx; + SSL* ssl; + X509* server_cert; + char* str; + char buf [4096]; + + SSL_load_error_strings(); + ctx = SSL_CTX_new (); CHK_NULL(ctx); + + /* ----------------------------------------------- */ + /* Create a socket and connect to server using normal socket calls. */ + + sd = socket (AF_INET, SOCK_STREAM, 0); CHK_ERR(sd, "socket"); + + memset (&sa, '\0', sizeof(sa)); + sa.sin_family = AF_INET; + sa.sin_addr.s_addr = inet_addr ("127.0.0.1"); /* Server IP */ + sa.sin_port = htons (1111); /* Server Port number */ + + err = connect(sd, (struct sockaddr*) &sa, + sizeof(sa)); CHK_ERR(err, "connect"); + + /* ----------------------------------------------- */ + /* Now we have TCP conncetion. Start SSL negotiation. */ + + ssl = SSL_new (ctx); CHK_NULL(ssl); + SSL_set_fd (ssl, sd); + err = SSL_connect (ssl); CHK_SSL(err); + + /* Following two steps are optional and not required for + data exchange to be successful. */ + + /* Get the cipher - opt */ + + printf ("SSL connection using %s\n", SSL_get_cipher (ssl)); + + /* Get server's certificate (note: beware of dynamic allocation) - opt */ + + server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert); + printf ("Server certificate:\n"); + + str = X509_NAME_oneline (X509_get_subject_name (server_cert)); + CHK_NULL(str); + printf ("\t subject: %s\n", str); + Free (str); + + str = X509_NAME_oneline (X509_get_issuer_name (server_cert)); + CHK_NULL(str); + printf ("\t issuer: %s\n", str); + Free (str); + + /* We could do all sorts of certificate verification stuff here before + deallocating the certificate. */ + + X509_free (server_cert); + + /* --------------------------------------------------- */ + /* DATA EXCHANGE - Send a message and receive a reply. */ + + err = SSL_write (ssl, "Hello World!", strlen("Hello World!")); CHK_SSL(err); + + shutdown (sd, 1); /* Half close, send EOF to server. */ + + err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err); + buf[err] = '\0'; + printf ("Got %d chars:'%s'\n", err, buf); + + /* Clean up. */ + + close (sd); + SSL_free (ssl); + SSL_CTX_free (ctx); +} +/* EOF - cli.cpp */ |