OpenSSL  1.0.1c
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros
serv.cpp
Go to the documentation of this file.
1 /* serv.cpp - Minimal ssleay server for Unix
2  30.9.1996, Sampo Kellomaki <[email protected]> */
3 
4 
5 /* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
6  Simplified to be even more minimal
7  12/98 - 4/99 Wade Scholine <[email protected]> */
8 
9 #include <stdio.h>
10 #include <unistd.h>
11 #include <stdlib.h>
12 #include <memory.h>
13 #include <errno.h>
14 #include <sys/types.h>
15 #include <sys/socket.h>
16 #include <netinet/in.h>
17 #include <arpa/inet.h>
18 #include <netdb.h>
19 
20 #include <openssl/rsa.h> /* SSLeay stuff */
21 #include <openssl/crypto.h>
22 #include <openssl/x509.h>
23 #include <openssl/pem.h>
24 #include <openssl/ssl.h>
25 #include <openssl/err.h>
26 
27 
28 /* define HOME to be dir for key and cert files... */
29 #define HOME "./"
30 /* Make these what you want for cert & key files */
31 #define CERTF HOME "foo-cert.pem"
32 #define KEYF HOME "foo-cert.pem"
33 
34 
35 #define CHK_NULL(x) if ((x)==NULL) exit (1)
36 #define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
37 #define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
38 
39 void main ()
40 {
41  int err;
42  int listen_sd;
43  int sd;
44  struct sockaddr_in sa_serv;
45  struct sockaddr_in sa_cli;
46  size_t client_len;
47  SSL_CTX* ctx;
48  SSL* ssl;
49  X509* client_cert;
50  char* str;
51  char buf [4096];
52  SSL_METHOD *meth;
53 
54  /* SSL preliminaries. We keep the certificate and key with the context. */
55 
56  SSL_load_error_strings();
57  SSLeay_add_ssl_algorithms();
58  meth = SSLv23_server_method();
59  ctx = SSL_CTX_new (meth);
60  if (!ctx) {
61  ERR_print_errors_fp(stderr);
62  exit(2);
63  }
64 
65  if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) {
66  ERR_print_errors_fp(stderr);
67  exit(3);
68  }
69  if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) {
70  ERR_print_errors_fp(stderr);
71  exit(4);
72  }
73 
74  if (!SSL_CTX_check_private_key(ctx)) {
75  fprintf(stderr,"Private key does not match the certificate public key\n");
76  exit(5);
77  }
78 
79  /* ----------------------------------------------- */
80  /* Prepare TCP socket for receiving connections */
81 
82  listen_sd = socket (AF_INET, SOCK_STREAM, 0); CHK_ERR(listen_sd, "socket");
83 
84  memset (&sa_serv, '\0', sizeof(sa_serv));
85  sa_serv.sin_family = AF_INET;
86  sa_serv.sin_addr.s_addr = INADDR_ANY;
87  sa_serv.sin_port = htons (1111); /* Server Port number */
88 
89  err = bind(listen_sd, (struct sockaddr*) &sa_serv,
90  sizeof (sa_serv)); CHK_ERR(err, "bind");
91 
92  /* Receive a TCP connection. */
93 
94  err = listen (listen_sd, 5); CHK_ERR(err, "listen");
95 
96  client_len = sizeof(sa_cli);
97  sd = accept (listen_sd, (struct sockaddr*) &sa_cli, &client_len);
98  CHK_ERR(sd, "accept");
99  close (listen_sd);
100 
101  printf ("Connection from %lx, port %x\n",
102  sa_cli.sin_addr.s_addr, sa_cli.sin_port);
103 
104  /* ----------------------------------------------- */
105  /* TCP connection is ready. Do server side SSL. */
106 
107  ssl = SSL_new (ctx); CHK_NULL(ssl);
108  SSL_set_fd (ssl, sd);
109  err = SSL_accept (ssl); CHK_SSL(err);
110 
111  /* Get the cipher - opt */
112 
113  printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
114 
115  /* Get client's certificate (note: beware of dynamic allocation) - opt */
116 
117  client_cert = SSL_get_peer_certificate (ssl);
118  if (client_cert != NULL) {
119  printf ("Client certificate:\n");
120 
121  str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0);
122  CHK_NULL(str);
123  printf ("\t subject: %s\n", str);
124  OPENSSL_free (str);
125 
126  str = X509_NAME_oneline (X509_get_issuer_name (client_cert), 0, 0);
127  CHK_NULL(str);
128  printf ("\t issuer: %s\n", str);
129  OPENSSL_free (str);
130 
131  /* We could do all sorts of certificate verification stuff here before
132  deallocating the certificate. */
133 
134  X509_free (client_cert);
135  } else
136  printf ("Client does not have certificate.\n");
137 
138  /* DATA EXCHANGE - Receive message and send reply. */
139 
140  err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
141  buf[err] = '\0';
142  printf ("Got %d chars:'%s'\n", err, buf);
143 
144  err = SSL_write (ssl, "I hear you.", strlen("I hear you.")); CHK_SSL(err);
145 
146  /* Clean up. */
147 
148  close (sd);
149  SSL_free (ssl);
150  SSL_CTX_free (ctx);
151 }
152 /* EOF - serv.cpp */
Generated on Thu Jan 10 2013 09:53:41 for OpenSSL by   doxygen 1.8.2