static void prvInitialiseCyaSSL( void ) { int32_t iReturn; #ifdef DEBUG_CYASSL { CyaSSL_Debugging_ON(); } #endif /* Initialise CyaSSL. This must be done before any other CyaSSL functions are called. */ CyaSSL_Init(); /* Attempt to create a context that uses the TLS V1 server protocol. */ xCyaSSL_ServerContext = CyaSSL_CTX_new( CyaTLSv1_server_method() ); if( xCyaSSL_ServerContext != NULL ) { /* Load the CA certificate. Real applications should ensure that CyaSSL_CTX_load_verify_locations() returns SSL_SUCCESS before proceeding. */ iReturn = CyaSSL_CTX_load_verify_locations( xCyaSSL_ServerContext, "ca-cert.pem", 0 ); configASSERT( iReturn == SSL_SUCCESS ); iReturn = CyaSSL_CTX_use_certificate_file( xCyaSSL_ServerContext, "server-cert.pem", SSL_FILETYPE_PEM ); configASSERT( iReturn == SSL_SUCCESS ); iReturn = CyaSSL_CTX_use_PrivateKey_file( xCyaSSL_ServerContext, "server-key.pem", SSL_FILETYPE_PEM ); configASSERT( iReturn == SSL_SUCCESS ); } }
int test_CyaSSL_Method_Allocators(void) { #ifndef NO_OLD_TLS test_method(CyaSSLv3_server_method(), "CyaSSLv3_server_method()"); test_method(CyaSSLv3_client_method(), "CyaSSLv3_client_method()"); test_method(CyaTLSv1_server_method(), "CyaTLSv1_server_method()"); test_method(CyaTLSv1_client_method(), "CyaTLSv1_client_method()"); test_method(CyaTLSv1_1_server_method(), "CyaTLSv1_1_server_method()"); test_method(CyaTLSv1_1_client_method(), "CyaTLSv1_1_client_method()"); #endif /* NO_OLD_TLS */ test_method(CyaTLSv1_2_server_method(), "CyaTLSv1_2_server_method()"); test_method(CyaTLSv1_2_client_method(), "CyaTLSv1_2_client_method()"); test_method(CyaSSLv23_client_method(), "CyaSSLv23_client_method()"); #ifdef CYASSL_DTLS test_method(CyaDTLSv1_server_method(), "CyaDTLSv1_server_method()"); test_method(CyaDTLSv1_client_method(), "CyaDTLSv1_client_method()"); #endif /* CYASSL_DTLS */ #ifdef OPENSSL_EXTRA test_method2(CyaSSLv2_server_method(), "CyaSSLv2_server_method()"); test_method2(CyaSSLv2_client_method(), "CyaSSLv2_client_method()"); #endif /* OPENSSL_EXTRA */ return TEST_SUCCESS; }
// listens for incoming connections void *sys_listen2(void *arg) { struct listen_arguments *la = (struct listen_arguments*)arg; struct variable *listener = la->listener; int serverport = la->serverport; if (server_listeners == NULL) server_listeners = map_new_ex(NULL, &int_compare, &int_hash, &int_copy, &int_del); map_insert(server_listeners, (void*)(VOID_INT)serverport, listener); node_init(); // Create and initialize CYASSL_CTX structure CYASSL_CTX* ctx; if ( (ctx = CyaSSL_CTX_new(CyaTLSv1_server_method())) == NULL) { fprintf(stderr, "CyaSSL_CTX_new error.\n"); return NULL; } // Load CA certificates into CYASSL_CTX if (CyaSSL_CTX_load_verify_locations(ctx, "./conf/ca-cert.pem", 0) != SSL_SUCCESS) { fprintf(stderr, "Error loading ca-cert.pem, please check the file.\n"); return NULL; } // Load server certificate into CYASSL_CTX if (CyaSSL_CTX_use_certificate_file(ctx, "conf/server-cert.pem", SSL_FILETYPE_PEM) != SSL_SUCCESS) { fprintf(stderr, "Error loading server-cert.pem, please check the file.\n"); return NULL; } // Load server key into CYASSL_CTX if (CyaSSL_CTX_use_PrivateKey_file(ctx, "conf/server-key.pem", SSL_FILETYPE_PEM) != SSL_SUCCESS) { fprintf(stderr, "Error loading server-key.pem, please check the file.\n"); return NULL; } // open the server socket over specified port 8080 to accept client connections int listenfd = socket(AF_INET, SOCK_STREAM, 0); // setsockopt: Eliminates "ERROR on binding: Address already in use" error. int optval = 1; setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, (const void *)&optval, sizeof(int)); struct sockaddr_in servaddr; bzero(&servaddr, sizeof(servaddr)); servaddr.sin_family = AF_INET; servaddr.sin_addr.s_addr = htonl(INADDR_ANY); servaddr.sin_port = htons(serverport); bind(listenfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); listen(listenfd, 5); // create thread for processing each client request struct sockaddr_in client_addr; socklen_t sin_size = sizeof (struct sockaddr_in); for(;;) { int connfd = accept(listenfd, (struct sockaddr *) &client_addr, &sin_size ); DEBUGPRINT("\n Got a connection from (%s , %d)\n", inet_ntoa(client_addr.sin_addr), ntohs(client_addr.sin_port)); // Create CYASSL Object CYASSL* ssl; if ((ssl = CyaSSL_new(ctx)) == NULL) { fprintf(stderr, "CyaSSL_new error"); return NULL; } CyaSSL_set_fd(ssl, connfd); struct thread_argument *ta = (struct thread_argument *)malloc(sizeof(struct thread_argument)); ta->find = la->find; ta->listener = listener; ta->ssl = ssl; ta->fd = connfd; ta->cya = ctx; DEBUGPRINT("listenting on %d - %p\n", connfd, ta->ssl); pthread_t child; pthread_create(&child, NULL, incoming_connection, &ta); } return NULL; }