Updated C++ SSL demos.
Submitted (a month ago) by: Wade Scholine
This commit is contained in:
parent
71f080935a
commit
054009a638
2
CHANGES
2
CHANGES
@ -6,7 +6,7 @@
|
|||||||
Changes between 0.9.3 and 0.9.3a [?] [xx May? 1999]
|
Changes between 0.9.3 and 0.9.3a [?] [xx May? 1999]
|
||||||
|
|
||||||
*) Updated some demos.
|
*) Updated some demos.
|
||||||
[Sean O Riordain]
|
[Sean O Riordain, Wade Scholine]
|
||||||
|
|
||||||
*) Add missing BIO_free at exit of pkcs12 application.
|
*) Add missing BIO_free at exit of pkcs12 application.
|
||||||
[Wu Zhigang]
|
[Wu Zhigang]
|
||||||
|
@ -1,6 +1,10 @@
|
|||||||
/* cli.cpp - Minimal ssleay client for Unix
|
/* cli.cpp - Minimal ssleay client for Unix
|
||||||
30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
|
30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
|
||||||
|
|
||||||
|
/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
|
||||||
|
Simplified to be even more minimal
|
||||||
|
12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <memory.h>
|
#include <memory.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
@ -17,6 +21,7 @@
|
|||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
|
||||||
|
|
||||||
#define CHK_NULL(x) if ((x)==NULL) exit (1)
|
#define CHK_NULL(x) if ((x)==NULL) exit (1)
|
||||||
#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
|
#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
|
||||||
#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
|
#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
|
||||||
@ -31,9 +36,14 @@ void main ()
|
|||||||
X509* server_cert;
|
X509* server_cert;
|
||||||
char* str;
|
char* str;
|
||||||
char buf [4096];
|
char buf [4096];
|
||||||
|
SSL_METHOD *meth;
|
||||||
|
|
||||||
|
SSLeay_add_ssl_algorithms();
|
||||||
|
meth = SSLv2_client_method();
|
||||||
SSL_load_error_strings();
|
SSL_load_error_strings();
|
||||||
ctx = SSL_CTX_new (); CHK_NULL(ctx);
|
ctx = SSL_CTX_new (meth); CHK_NULL(ctx);
|
||||||
|
|
||||||
|
CHK_SSL(err);
|
||||||
|
|
||||||
/* ----------------------------------------------- */
|
/* ----------------------------------------------- */
|
||||||
/* Create a socket and connect to server using normal socket calls. */
|
/* Create a socket and connect to server using normal socket calls. */
|
||||||
@ -67,12 +77,12 @@ void main ()
|
|||||||
server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert);
|
server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert);
|
||||||
printf ("Server certificate:\n");
|
printf ("Server certificate:\n");
|
||||||
|
|
||||||
str = X509_NAME_oneline (X509_get_subject_name (server_cert));
|
str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0);
|
||||||
CHK_NULL(str);
|
CHK_NULL(str);
|
||||||
printf ("\t subject: %s\n", str);
|
printf ("\t subject: %s\n", str);
|
||||||
Free (str);
|
Free (str);
|
||||||
|
|
||||||
str = X509_NAME_oneline (X509_get_issuer_name (server_cert));
|
str = X509_NAME_oneline (X509_get_issuer_name (server_cert),0,0);
|
||||||
CHK_NULL(str);
|
CHK_NULL(str);
|
||||||
printf ("\t issuer: %s\n", str);
|
printf ("\t issuer: %s\n", str);
|
||||||
Free (str);
|
Free (str);
|
||||||
|
@ -1,7 +1,14 @@
|
|||||||
/* serv.cpp - Minimal ssleay server for Unix
|
/* serv.cpp - Minimal ssleay server for Unix
|
||||||
30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
|
30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
|
||||||
|
|
||||||
|
|
||||||
|
/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
|
||||||
|
Simplified to be even more minimal
|
||||||
|
12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <stdlib.h>
|
||||||
#include <memory.h>
|
#include <memory.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
@ -17,9 +24,13 @@
|
|||||||
#include <openssl/ssl.h>
|
#include <openssl/ssl.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
|
||||||
#define HOME "/usr/users/sampo/sibs/tim/"
|
|
||||||
#define CERTF HOME "plain-cert.pem"
|
/* define HOME to be dir for key and cert files... */
|
||||||
#define KEYF HOME "plain-key.pem"
|
#define HOME "./"
|
||||||
|
/* Make these what you want for cert & key files */
|
||||||
|
#define CERTF HOME "foo-cert.pem"
|
||||||
|
#define KEYF HOME "foo-cert.pem"
|
||||||
|
|
||||||
|
|
||||||
#define CHK_NULL(x) if ((x)==NULL) exit (1)
|
#define CHK_NULL(x) if ((x)==NULL) exit (1)
|
||||||
#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
|
#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
|
||||||
@ -32,24 +43,39 @@ void main ()
|
|||||||
int sd;
|
int sd;
|
||||||
struct sockaddr_in sa_serv;
|
struct sockaddr_in sa_serv;
|
||||||
struct sockaddr_in sa_cli;
|
struct sockaddr_in sa_cli;
|
||||||
int client_len;
|
size_t client_len;
|
||||||
SSL_CTX* ctx;
|
SSL_CTX* ctx;
|
||||||
SSL* ssl;
|
SSL* ssl;
|
||||||
X509* client_cert;
|
X509* client_cert;
|
||||||
char* str;
|
char* str;
|
||||||
char buf [4096];
|
char buf [4096];
|
||||||
|
SSL_METHOD *meth;
|
||||||
|
|
||||||
/* SSL preliminaries. We keep the certificate and key with the context. */
|
/* SSL preliminaries. We keep the certificate and key with the context. */
|
||||||
|
|
||||||
SSL_load_error_strings();
|
SSL_load_error_strings();
|
||||||
ctx = SSL_CTX_new (); CHK_NULL(ctx);
|
SSLeay_add_ssl_algorithms();
|
||||||
|
meth = SSLv23_server_method();
|
||||||
err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF, SSL_FILETYPE_PEM);
|
ctx = SSL_CTX_new (meth);
|
||||||
CHK_SSL(err);
|
if (!ctx) {
|
||||||
|
ERR_print_errors_fp(stderr);
|
||||||
err = SSL_CTX_use_certificate_file (ctx, CERTF, SSL_FILETYPE_PEM);
|
exit(2);
|
||||||
CHK_SSL(err);
|
}
|
||||||
|
|
||||||
|
if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) {
|
||||||
|
ERR_print_errors_fp(stderr);
|
||||||
|
exit(3);
|
||||||
|
}
|
||||||
|
if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) {
|
||||||
|
ERR_print_errors_fp(stderr);
|
||||||
|
exit(4);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!SSL_CTX_check_private_key(ctx)) {
|
||||||
|
fprintf(stderr,"Private key does not match the certificate public key\n");
|
||||||
|
exit(5);
|
||||||
|
}
|
||||||
|
|
||||||
/* ----------------------------------------------- */
|
/* ----------------------------------------------- */
|
||||||
/* Prepare TCP socket for receiving connections */
|
/* Prepare TCP socket for receiving connections */
|
||||||
|
|
||||||
@ -92,12 +118,12 @@ void main ()
|
|||||||
if (client_cert != NULL) {
|
if (client_cert != NULL) {
|
||||||
printf ("Client certificate:\n");
|
printf ("Client certificate:\n");
|
||||||
|
|
||||||
str = X509_NAME_oneline (X509_get_subject_name (client_cert));
|
str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0);
|
||||||
CHK_NULL(str);
|
CHK_NULL(str);
|
||||||
printf ("\t subject: %s\n", str);
|
printf ("\t subject: %s\n", str);
|
||||||
Free (str);
|
Free (str);
|
||||||
|
|
||||||
str = X509_NAME_oneline (X509_get_issuer_name (client_cert));
|
str = X509_NAME_oneline (X509_get_issuer_name (client_cert), 0, 0);
|
||||||
CHK_NULL(str);
|
CHK_NULL(str);
|
||||||
printf ("\t issuer: %s\n", str);
|
printf ("\t issuer: %s\n", str);
|
||||||
Free (str);
|
Free (str);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user