Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build

functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
author: ryker <ryker@openbsd.org> 1998-10-05 20:12:28 +0000
committer: ryker <ryker@openbsd.org> 1998-10-05 20:12:28 +0000
commit: 5b37fcf34e412bf0b6ad32ddb294e900d64c5855 (patch)
tree: cf5d52f4abf74eb3ee59fd705ef686e3c5b96d91 /lib/libssl/src/demos/ssl/serv.cpp
parent: add a reference to fork(2) \ (diff)
download: wireguard-openbsd-5b37fcf34e412bf0b6ad32ddb294e900d64c5855.tar.xz
wireguard-openbsd-5b37fcf34e412bf0b6ad32ddb294e900d64c5855.zip
1 files changed, 126 insertions, 0 deletions
diff --git a/lib/libssl/src/demos/ssl/serv.cpp b/lib/libssl/src/demos/ssl/serv.cpp
new file mode 100644
index 00000000000..8681f2f22bf
--- /dev/null
+++ b/lib/libssl/src/demos/ssl/serv.cpp
@@ -0,0 +1,126 @@
+/* serv.cpp  -  Minimal ssleay server for Unix
+   30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+#include <stdio.h>
+#include <memory.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+
+#include "rsa.h"       /* SSLeay stuff */
+#include "crypto.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#include "err.h"
+
+#define HOME "/usr/users/sampo/sibs/tim/"
+#define CERTF HOME "plain-cert.pem"
+#define KEYF  HOME "plain-key.pem"
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
+
+void main ()
+{
+  int err;
+  int listen_sd;
+  int sd;
+  struct sockaddr_in sa_serv;
+  struct sockaddr_in sa_cli;
+  int client_len;
+  SSL_CTX* ctx;
+  SSL*     ssl;
+  X509*    client_cert;
+  char*    str;
+  char     buf [4096];
+
+  /* SSL preliminaries. We keep the certificate and key with the context. */
+
+  SSL_load_error_strings();
+  ctx = SSL_CTX_new ();   CHK_NULL(ctx);
+  
+  err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF,  SSL_FILETYPE_PEM);
+  CHK_SSL(err);
+  
+  err = SSL_CTX_use_certificate_file   (ctx, CERTF, SSL_FILETYPE_PEM);
+  CHK_SSL(err);
+  
+  /* ----------------------------------------------- */
+  /* Prepare TCP socket for receiving connections */
+
+  listen_sd = socket (AF_INET, SOCK_STREAM, 0);   CHK_ERR(listen_sd, "socket");
+  
+  memset (&sa_serv, '\0', sizeof(sa_serv));
+  sa_serv.sin_family      = AF_INET;
+  sa_serv.sin_addr.s_addr = INADDR_ANY;
+  sa_serv.sin_port        = htons (1111);          /* Server Port number */
+  
+  err = bind(listen_sd, (struct sockaddr*) &sa_serv,
+	     sizeof (sa_serv));                   CHK_ERR(err, "bind");
+	     
+  /* Receive a TCP connection. */
+	     
+  err = listen (listen_sd, 5);                    CHK_ERR(err, "listen");
+  
+  client_len = sizeof(sa_cli);
+  sd = accept (listen_sd, (struct sockaddr*) &sa_cli, &client_len);
+  CHK_ERR(sd, "accept");
+  close (listen_sd);
+
+  printf ("Connection from %lx, port %x\n",
+	  sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+  
+  /* ----------------------------------------------- */
+  /* TCP connection is ready. Do server side SSL. */
+
+  ssl = SSL_new (ctx);                           CHK_NULL(ssl);
+  SSL_set_fd (ssl, sd);
+  err = SSL_accept (ssl);                        CHK_SSL(err);
+  
+  /* Get the cipher - opt */
+  
+  printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+  
+  /* Get client's certificate (note: beware of dynamic allocation) - opt */
+
+  client_cert = SSL_get_peer_certificate (ssl);
+  if (client_cert != NULL) {
+    printf ("Client certificate:\n");
+    
+    str = X509_NAME_oneline (X509_get_subject_name (client_cert));
+    CHK_NULL(str);
+    printf ("\t subject: %s\n", str);
+    Free (str);
+    
+    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert));
+    CHK_NULL(str);
+    printf ("\t issuer: %s\n", str);
+    Free (str);
+    
+    /* We could do all sorts of certificate verification stuff here before
+       deallocating the certificate. */
+    
+    X509_free (client_cert);
+  } else
+    printf ("Client does not have certificate.\n");
+
+  /* DATA EXCHANGE - Receive message and send reply. */
+
+  err = SSL_read (ssl, buf, sizeof(buf) - 1);                   CHK_SSL(err);
+  buf[err] = '\0';
+  printf ("Got %d chars:'%s'\n", err, buf);
+  
+  err = SSL_write (ssl, "I hear you.", strlen("I hear you."));  CHK_SSL(err);
+
+  /* Clean up. */
+
+  close (sd);
+  SSL_free (ssl);
+  SSL_CTX_free (ctx);
+}
+/* EOF - serv.cpp */
author	ryker <ryker@openbsd.org>	1998-10-05 20:12:28 +0000
committer	ryker <ryker@openbsd.org>	1998-10-05 20:12:28 +0000
commit	5b37fcf34e412bf0b6ad32ddb294e900d64c5855 (patch)
tree	cf5d52f4abf74eb3ee59fd705ef686e3c5b96d91 /lib/libssl/src/demos/ssl/serv.cpp
parent	add a reference to fork(2) \ (diff)
download	wireguard-openbsd-5b37fcf34e412bf0b6ad32ddb294e900d64c5855.tar.xz wireguard-openbsd-5b37fcf34e412bf0b6ad32ddb294e900d64c5855.zip