OpenSSL 0.9.4 merge

author: beck <beck@openbsd.org> 1999-09-29 04:35:07 +0000
committer: beck <beck@openbsd.org> 1999-09-29 04:35:07 +0000
commit: 913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0 (patch)
tree: 62c001f84cb6413a049c5c811a08bfbe7c747b77 /lib/libssl/src/demos/ssl
parent: fix byte counters; imain@netidea.com (diff)
download: wireguard-openbsd-913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0.tar.xz
wireguard-openbsd-913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0.zip
3 files changed, 70 insertions, 35 deletions
diff --git a/lib/libssl/src/demos/ssl/cli.cpp b/lib/libssl/src/demos/ssl/cli.cpp
index f52a9c025bb..b3d726961f5 100644
--- a/lib/libssl/src/demos/ssl/cli.cpp
+++ b/lib/libssl/src/demos/ssl/cli.cpp
@@ -1,6 +1,10 @@
 /* cli.cpp  -  Minimal ssleay client for Unix
    30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
 
+/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
+   Simplified to be even more minimal
+   12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
+
 #include <stdio.h>
 #include <memory.h>
 #include <errno.h>
@@ -11,11 +15,12 @@
 #include <netdb.h>
 
 #include "rsa.h"       /* SSLeay stuff */
-#include "crypto.h"
-#include "x509.h"
-#include "pem.h"
-#include "ssl.h"
-#include "err.h"
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
 
 #define CHK_NULL(x) if ((x)==NULL) exit (1)
 #define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
@@ -31,9 +36,14 @@ void main ()
   X509*    server_cert;
   char*    str;
   char     buf [4096];
+  SSL_METHOD *meth;
 
+  SSLeay_add_ssl_algorithms();
+  meth = SSLv2_client_method();
   SSL_load_error_strings();
-  ctx = SSL_CTX_new ();                        CHK_NULL(ctx);
+  ctx = SSL_CTX_new (meth);                        CHK_NULL(ctx);
+
+  CHK_SSL(err);
   
   /* ----------------------------------------------- */
   /* Create a socket and connect to server using normal socket calls. */
@@ -67,12 +77,12 @@ void main ()
   server_cert = SSL_get_peer_certificate (ssl);       CHK_NULL(server_cert);
   printf ("Server certificate:\n");
   
-  str = X509_NAME_oneline (X509_get_subject_name (server_cert));
+  str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0);
   CHK_NULL(str);
   printf ("\t subject: %s\n", str);
   Free (str);
 
-  str = X509_NAME_oneline (X509_get_issuer_name  (server_cert));
+  str = X509_NAME_oneline (X509_get_issuer_name  (server_cert),0,0);
   CHK_NULL(str);
   printf ("\t issuer: %s\n", str);
   Free (str);
@@ -87,11 +97,10 @@ void main ()
 
   err = SSL_write (ssl, "Hello World!", strlen("Hello World!"));  CHK_SSL(err);
   
-  shutdown (sd, 1);  /* Half close, send EOF to server. */
-  
   err = SSL_read (ssl, buf, sizeof(buf) - 1);                     CHK_SSL(err);
   buf[err] = '\0';
   printf ("Got %d chars:'%s'\n", err, buf);
+  SSL_shutdown (ssl);  /* send SSL/TLS close_notify */
 
   /* Clean up. */
 
diff --git a/lib/libssl/src/demos/ssl/inetdsrv.cpp b/lib/libssl/src/demos/ssl/inetdsrv.cpp
index b09c8b6e0bb..5b092272106 100644
--- a/lib/libssl/src/demos/ssl/inetdsrv.cpp
+++ b/lib/libssl/src/demos/ssl/inetdsrv.cpp
@@ -8,11 +8,11 @@
 #include <errno.h>
 
 #include "rsa.h"       /* SSLeay stuff */
-#include "crypto.h"
-#include "x509.h"
-#include "pem.h"
-#include "ssl.h"
-#include "err.h"
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
 
 #define HOME "/usr/users/sampo/demo/"
 #define CERTF HOME "plain-cert.pem"
diff --git a/lib/libssl/src/demos/ssl/serv.cpp b/lib/libssl/src/demos/ssl/serv.cpp
index 8681f2f22bf..aec610d0189 100644
--- a/lib/libssl/src/demos/ssl/serv.cpp
+++ b/lib/libssl/src/demos/ssl/serv.cpp
@@ -1,7 +1,14 @@
 /* serv.cpp  -  Minimal ssleay server for Unix
    30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
 
+
+/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
+   Simplified to be even more minimal
+   12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
+
 #include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
 #include <memory.h>
 #include <errno.h>
 #include <sys/types.h>
@@ -10,16 +17,20 @@
 #include <arpa/inet.h>
 #include <netdb.h>
 
-#include "rsa.h"       /* SSLeay stuff */
-#include "crypto.h"
-#include "x509.h"
-#include "pem.h"
-#include "ssl.h"
-#include "err.h"
+#include <openssl/rsa.h>       /* SSLeay stuff */
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+
+/* define HOME to be dir for key and cert files... */
+#define HOME "./"
+/* Make these what you want for cert & key files */
+#define CERTF  HOME "foo-cert.pem"
+#define KEYF  HOME  "foo-cert.pem"
 
-#define HOME "/usr/users/sampo/sibs/tim/"
-#define CERTF HOME "plain-cert.pem"
-#define KEYF  HOME "plain-key.pem"
 
 #define CHK_NULL(x) if ((x)==NULL) exit (1)
 #define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
@@ -32,24 +43,39 @@ void main ()
   int sd;
   struct sockaddr_in sa_serv;
   struct sockaddr_in sa_cli;
-  int client_len;
+  size_t client_len;
   SSL_CTX* ctx;
   SSL*     ssl;
   X509*    client_cert;
   char*    str;
   char     buf [4096];
-
+  SSL_METHOD *meth;
+  
   /* SSL preliminaries. We keep the certificate and key with the context. */
 
   SSL_load_error_strings();
-  ctx = SSL_CTX_new ();   CHK_NULL(ctx);
-  
-  err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF,  SSL_FILETYPE_PEM);
-  CHK_SSL(err);
-  
-  err = SSL_CTX_use_certificate_file   (ctx, CERTF, SSL_FILETYPE_PEM);
-  CHK_SSL(err);
+  SSLeay_add_ssl_algorithms();
+  meth = SSLv23_server_method();
+  ctx = SSL_CTX_new (meth);
+  if (!ctx) {
+    ERR_print_errors_fp(stderr);
+    exit(2);
+  }
   
+  if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) {
+    ERR_print_errors_fp(stderr);
+    exit(3);
+  }
+  if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) {
+    ERR_print_errors_fp(stderr);
+    exit(4);
+  }
+
+  if (!SSL_CTX_check_private_key(ctx)) {
+    fprintf(stderr,"Private key does not match the certificate public key\n");
+    exit(5);
+  }
+
   /* ----------------------------------------------- */
   /* Prepare TCP socket for receiving connections */
 
@@ -92,12 +118,12 @@ void main ()
   if (client_cert != NULL) {
     printf ("Client certificate:\n");
     
-    str = X509_NAME_oneline (X509_get_subject_name (client_cert));
+    str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0);
     CHK_NULL(str);
     printf ("\t subject: %s\n", str);
     Free (str);
     
-    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert));
+    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert), 0, 0);
     CHK_NULL(str);
     printf ("\t issuer: %s\n", str);
     Free (str);
author	beck <beck@openbsd.org>	1999-09-29 04:35:07 +0000
committer	beck <beck@openbsd.org>	1999-09-29 04:35:07 +0000
commit	913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0 (patch)
tree	62c001f84cb6413a049c5c811a08bfbe7c747b77 /lib/libssl/src/demos/ssl
parent	fix byte counters; imain@netidea.com (diff)
download	wireguard-openbsd-913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0.tar.xz wireguard-openbsd-913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0.zip