int start_session(char *server_addr, char *server_port)
{
SSL *ssl;
SSL_CTX *ctx;
open_connection(&ssl, &ctx, server_addr, server_port);
if (do_client_loop(ssl))
SSL_shutdown(ssl);
else
SSL_clear(ssl);
fprintf(stdout, "SSL Connection closed\n");
close_connection(ssl, ctx);
return 0;
}
int main_ssl(int argc, char **argv)
{
BIO *conn;
SSL *ssl;
SSL_CTX *ctx;
long err;
init_OpenSSL();
seed_prng();
ctx = setup_client_ctx();
fprintf(stderr, "SERVER= %s:%s\n", SERVER, PORT);
conn = BIO_new_connect(SERVER ":" PORT);
if (!conn)
int_error("Error creating connection BIO");
if (BIO_do_connect(conn) <= 0)
int_error("Error connecting to remote machine");
ssl = SSL_new(ctx);
SSL_set_bio(ssl, conn, conn);
if (SSL_connect(ssl) <= 0)
int_error("Error connecting SSL object");
if ((err = post_connection_check(ssl, SERVER)) != X509_V_OK) {
fprintf(stderr, "-Error: peer certificate: %s\n",
X509_verify_cert_error_string(err));
int_error("Error checking SSL object after connection");
}
fprintf(stderr, "SSL Connection opened\n");
if (do_client_loop(ssl))
SSL_shutdown(ssl);
else
SSL_clear(ssl);
fprintf(stderr, "SSL Connection closed\n");
SSL_free(ssl);
SSL_CTX_free(ctx);
return 0;
}
int main(int argc, char *argv[])
{
unsigned char tox_id[TOX_ADDRESS_SIZE];
unsigned char tox_printable_id[TOX_ADDRESS_SIZE * 2 + 1];
TOX_ERR_NEW tox_new_err;
int oc;
size_t save_size = 0;
uint8_t *save_data = NULL;
allowed_toxid *allowed_toxid_obj = NULL;
log_init();
while ((oc = getopt(argc, argv, "L:pi:C:s:P:dqhSF:DU:")) != -1)
{
switch(oc)
{
case 'L':
/* Local port forwarding */
client_mode = 1;
client_local_port_mode = 1;
if(parse_local_port_forward(optarg, &local_port, &remote_host, &remote_port) < 0)
{
log_printf(L_ERROR, "Invalid value for -L option - use something like -L 22:127.0.0.1:22\n");
exit(1);
}
if(min_log_level == L_UNSET)
{
min_log_level = L_INFO;
}
log_printf(L_DEBUG, "Forwarding remote port %d to local port %d\n", remote_port, local_port);
break;
case 'P':
/* Pipe forwarding */
client_mode = 1;
client_pipe_mode = 1;
if(parse_pipe_port_forward(optarg, &remote_host, &remote_port) < 0)
{
log_printf(L_ERROR, "Invalid value for -P option - use something like -P 127.0.0.1:22\n");
exit(1);
}
if(min_log_level == L_UNSET)
{
min_log_level = L_ERROR;
}
log_printf(L_INFO, "Forwarding remote port %d to stdin/out\n", remote_port);
break;
case 'p':
/* Ping */
client_mode = 1;
ping_mode = 1;
if(min_log_level == L_UNSET)
{
min_log_level = L_INFO;
}
break;
case 'i':
/* Tox ID */
server_whitelist_mode = 1;
log_printf(L_DEBUG, "Server whitelist mode enabled");
allowed_toxid_obj = (allowed_toxid *)calloc(sizeof(allowed_toxid), 1);
if(!allowed_toxid_obj)
{
log_printf(L_ERROR, "Could not allocate memory for allowed_toxid");
exit(1);
}
remote_tox_id = optarg;
if(!string_to_id(allowed_toxid_obj->toxid, optarg))
{
log_printf(L_ERROR, "Invalid Tox ID");
exit(1);
}
LL_APPEND(allowed_toxids, allowed_toxid_obj);
break;
case 'C':
/* Config directory */
strncpy(config_path, optarg, sizeof(config_path) - 1);
if(optarg[strlen(optarg) - 1] != '/')
{
int optarg_len = strlen(optarg);
config_path[optarg_len] = '/';
config_path[optarg_len + 1] = '\0';
}
load_saved_toxid_in_client_mode = 1;
break;
case 's':
/* Shared secret */
use_shared_secret = 1;
memset(shared_secret, 0, TOX_MAX_FRIEND_REQUEST_LENGTH);
strncpy(shared_secret, optarg, TOX_MAX_FRIEND_REQUEST_LENGTH-1);
break;
case 'd':
min_log_level = L_DEBUG;
break;
case 'q':
min_log_level = L_ERROR;
break;
case 'S':
use_syslog = 1;
break;
case 'D':
daemonize = 1;
use_syslog = 1;
break;
case 'F':
pidfile = optarg;
break;
case 'U':
daemon_username = optarg;
break;
case '?':
case 'h':
default:
print_version();
help();
exit(1);
}
}
if(!client_mode && min_log_level == L_UNSET)
{
min_log_level = L_INFO;
}
if(!client_mode && server_whitelist_mode)
{
log_printf(L_INFO, "Server in ToxID whitelisting mode - only clients listed with -i can connect");
}
if(daemonize)
{
do_daemonize();
}
atexit(cleanup);
print_version();
/* Bootstrap tox */
tox_options_default(&tox_options);
if((!client_mode) || load_saved_toxid_in_client_mode)
{
uint8_t *save_data = NULL;
save_size = load_save(&save_data);
if(save_data && save_size)
{
tox_options.savedata_type = TOX_SAVEDATA_TYPE_TOX_SAVE;
tox_options.savedata_data = save_data;
tox_options.savedata_length = save_size;
}
}
tox = tox_new(&tox_options, &tox_new_err);
if(tox == NULL)
{
log_printf(L_DEBUG, "tox_new() failed (%u) - trying without proxy\n", tox_new_err);
if((tox_options.proxy_type != TOX_PROXY_TYPE_NONE) || (tox_options.proxy_type = TOX_PROXY_TYPE_NONE, (tox = tox_new(&tox_options, &tox_new_err)) == NULL))
{
log_printf(L_DEBUG, "tox_new() failed (%u) - trying without IPv6\n", tox_new_err);
if(!tox_options.ipv6_enabled || (tox_options.ipv6_enabled = 0, (tox = tox_new(&tox_options, &tox_new_err)) == NULL))
{
log_printf(L_DEBUG, "tox_new() failed (%u) - trying with Tor\n", tox_new_err);
if((tox_options.proxy_type = TOX_PROXY_TYPE_SOCKS5, tox_options.proxy_host="127.0.0.1", tox_options.proxy_port=9050, (tox = tox_new(&tox_options, &tox_new_err)) == NULL))
{
log_printf(L_ERROR, "tox_new() failed (%u) - exiting\n", tox_new_err);
exit(1);
}
}
}
}
if(save_size && save_data)
{
free(save_data);
}
set_tox_username(tox);
tox_callback_self_connection_status(tox, handle_connection_status_change, NULL);
do_bootstrap(tox);
if(client_mode)
{
tox_self_get_address(tox, tox_id);
id_to_string(tox_printable_id, tox_id);
tox_printable_id[TOX_ADDRESS_SIZE * 2] = '\0';
log_printf(L_DEBUG, "Generated Tox ID: %s\n", tox_printable_id);
if(!remote_tox_id)
{
log_printf(L_ERROR, "Tox id is required in client mode. Use -i 58435984ABCDEF475...\n");
exit(1);
}
do_client_loop(remote_tox_id);
}
else
{
write_save(tox);
if(!use_shared_secret)
{
log_printf(L_WARNING, "Shared secret authentication is not used - skilled attackers may connect to your tuntox server");
}
tox_self_get_address(tox, tox_id);
memset(tox_printable_id, '\0', sizeof(tox_printable_id));
id_to_string(tox_printable_id, tox_id);
tox_printable_id[TOX_ADDRESS_SIZE * 2] = '\0';
log_printf(L_INFO, "Using Tox ID: %s\n", tox_printable_id);
tox_callback_friend_request(tox, accept_friend_request, NULL);
do_server_loop();
}
return 0;
}
