VMINT vm_tls_shutdown(VMINT res_id) { kal_int32 ret; vm_tls_context_t * ctx_p = NULL; MMI_TRACE(TRACE_GROUP_8, TRC_MRE_SSL_S, 5, __LINE__); ctx_p = vm_tls_get_ctx_by_res(res_id); if (NULL == ctx_p) { MMI_TRACE(TRACE_GROUP_8, TRC_MRE_SSL_E1, 5, __LINE__); return VM_TLS_RET_BASE -2; } ret = tls_shutdown(ctx_p->soc_id); if (TLS_ERR_NONE != ret) { MMI_TRACE(TRACE_GROUP_8, TRC_MRE_SSL_E2, 5, ret); return ret; } MMI_TRACE(TRACE_GROUP_8, TRC_MRE_SSL_S, 5, ret); return ret; }
/* * perform one-way shutdown, do not wait fro notify from the remote peer */ void tls_close(struct tcp_connection *c, int fd) { /* * runs within global tcp lock */ LM_DBG("closing TLS connection\n"); tls_update_fd(c, fd); tls_shutdown(c); }
/** perform one-way shutdown, do not wait for notify from the remote peer. */ void tls_h_close(struct tcp_connection *c, int fd) { unsigned char wr_buf[TLS_WR_MBUF_SZ]; struct tls_mbuf rd, wr; /* * runs either within global tcp lock or after the connection has * been "detached" and is unreachable from any other process. * Unfortunately when called via * tcpconn_put_destroy()+tcpconn_close_main_fd() the connection might * still be in a writer, so in this case locking is needed. */ DBG("Closing SSL connection %p\n", c->extra_data); if (unlikely(cfg_get(tls, tls_cfg, send_close_notify) && c->extra_data)) { lock_get(&c->write_lock); if (unlikely(c->extra_data == 0)) { /* changed in the meanwhile */ lock_release(&c->write_lock); return; } tls_mbuf_init(&rd, 0, 0); /* no read */ tls_mbuf_init(&wr, wr_buf, sizeof(wr_buf)); if (tls_set_mbufs(c, &rd, &wr)==0) { tls_shutdown(c); /* shudown only on succesfull set fd */ /* write as much as possible and update wr. * Since this is a close, we don't want to queue the write * (if it can't write immediately, just fail silently) */ if (wr.used) _tcpconn_write_nb(fd, c, (char*)wr.buf, wr.used); /* we don't bother reading anything (we don't want to wait on close) */ } lock_release(&c->write_lock); } }
/** Shutdown the Strophe library. * * @ingroup Init */ void xmpp_shutdown(void) { tls_shutdown(); sock_shutdown(); }
/** * Simple command-line HTTP client. */ int main( int argc, char *argv[ ] ) { int client_connection; char *host, *path; char *proxy_host, *proxy_user, *proxy_password; int proxy_port; struct hostent *host_name; struct sockaddr_in host_address; int port = HTTPS_PORT; int ind; int master_secret_length; unsigned char *master_secret; int session_id_length; unsigned char *session_id; #ifdef WIN32 WSADATA wsaData; #endif TLSParameters tls_context; if ( argc < 2 ) { fprintf( stderr, "Usage: %s: [-p http://[username:password@]proxy-host:proxy-port] <URL>\n", argv[ 0 ] ); return 1; } proxy_host = proxy_user = proxy_password = host = path = session_id = master_secret = NULL; session_id_length = master_secret_length = 0; for ( ind = 1; ind < ( argc - 1 ); ind++ ) { if ( !strcmp( "-p", argv[ ind ] ) ) { if ( !parse_proxy_param( argv[ ++ind ], &proxy_host, &proxy_port, &proxy_user, &proxy_password ) ) { fprintf( stderr, "Error - malformed proxy parameter '%s'.\n", argv[ 2 ] ); return 2; } } else if ( !strcmp( "-s", argv[ ind ] ) ) { session_id_length = hex_decode( argv[ ++ind ], &session_id ); } else if ( !strcmp( "-m", argv[ ind ] ) ) { master_secret_length = hex_decode( argv[ ++ind ], &master_secret ); } } if ( ( ( master_secret_length > 0 ) && ( session_id_length == 0 ) ) || ( ( master_secret_length == 0 ) && ( session_id_length > 0 ) ) ) { fprintf( stderr, "session id and master secret must both be provided.\n" ); return 3; } if ( parse_url( argv[ ind ], &host, &path ) == -1 ) { fprintf( stderr, "Error - malformed URL '%s'.\n", argv[ 1 ] ); return 1; } printf( "Connecting to host '%s'\n", host ); // Step 1: open a socket connection on http port with the destination host. #ifdef WIN32 if ( WSAStartup( MAKEWORD( 2, 2 ), &wsaData ) != NO_ERROR ) { fprintf( stderr, "Error, unable to initialize winsock.\n" ); return 2; } #endif client_connection = socket( PF_INET, SOCK_STREAM, 0 ); if ( !client_connection ) { perror( "Unable to create local socket" ); return 2; } if ( proxy_host ) { printf( "Connecting to host '%s'\n", proxy_host ); host_name = gethostbyname( proxy_host ); } else { host_name = gethostbyname( host ); } if ( !host_name ) { perror( "Error in name resolution" ); return 3; } host_address.sin_family = AF_INET; host_address.sin_port = htons( proxy_host ? proxy_port : HTTPS_PORT ); memcpy( &host_address.sin_addr, host_name->h_addr_list[ 0 ], sizeof( struct in_addr ) ); if ( connect( client_connection, ( struct sockaddr * ) &host_address, sizeof( host_address ) ) == -1 ) { perror( "Unable to connect to host" ); return 4; } printf( "Connection complete; negotiating TLS parameters\n" ); if ( proxy_host ) { if ( !http_connect( client_connection, host, port, proxy_user, proxy_password ) ) { perror( "Unable to establish proxy tunnel" ); if ( close( client_connection ) == -1 ) { perror( "Error closing client connection" ); return 2; } return 3; } } if ( session_id != NULL ) { if ( tls_resume( client_connection, session_id_length, session_id, master_secret, &tls_context ) ) { fprintf( stderr, "Error: unable to negotiate SSL connection.\n" ); if ( close( client_connection ) == -1 ) { perror( "Error closing client connection" ); return 2; } return 3; } } else { if ( tls_connect( client_connection, &tls_context, 0 ) ) { fprintf( stderr, "Error: unable to negotiate TLS connection.\n" ); return 3; } } printf( "Retrieving document: '%s'\n", path ); http_get( client_connection, path, host, &tls_context ); display_result( client_connection, &tls_context ); tls_shutdown( client_connection, &tls_context ); printf( "Session ID was: " ); show_hex( tls_context.session_id, tls_context.session_id_length ); printf( "Master secret was: " ); show_hex( tls_context.master_secret, MASTER_SECRET_LENGTH ); printf( "Shutting down.\n" ); #ifdef WIN32 if ( closesocket( client_connection ) == -1 ) #else if ( close( client_connection ) == -1 ) #endif { perror( "Error closing client connection" ); return 5; } if ( session_id != NULL ) { free( session_id ); } if ( master_secret != NULL ) { free( master_secret ); } #ifdef WIN32 WSACleanup(); #endif return 0; }