void crypt_ec_helper::save_key_pair(std::string path, EC_KEY *keypair)
{
BIO *out;
int i;
FILE* outfile;
EVP_PKEY *pkey = NULL;
ERR_load_BIO_strings();
ERR_load_crypto_strings();
pkey = EVP_PKEY_new();
EVP_PKEY_assign_EC_KEY(pkey, keypair);
EC_GROUP *ecgroup = EC_GROUP_new_by_curve_name(NID_secp256k1);
outfile = fopen(path.c_str(), "w");
out = BIO_new(BIO_s_file());
out = BIO_new_fp(outfile, BIO_NOCLOSE);
EC_KEY_set_asn1_flag(keypair, OPENSSL_EC_NAMED_CURVE);
i = PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, 0, NULL);
fclose(outfile);
EC_GROUP_free(ecgroup);
EVP_PKEY_free(pkey);
BIO_free_all(out);
}
void err_load_crypto_strings_intern(void)
{
#ifdef OPENSSL_FIPS
FIPS_set_error_callbacks(ERR_put_error, ERR_add_error_vdata);
#endif
#ifndef OPENSSL_NO_ERR
ERR_load_ERR_strings(); /* include error strings for SYSerr */
ERR_load_BN_strings();
# ifndef OPENSSL_NO_RSA
ERR_load_RSA_strings();
# endif
# ifndef OPENSSL_NO_DH
ERR_load_DH_strings();
# endif
ERR_load_EVP_strings();
ERR_load_BUF_strings();
ERR_load_OBJ_strings();
ERR_load_PEM_strings();
# ifndef OPENSSL_NO_DSA
ERR_load_DSA_strings();
# endif
ERR_load_X509_strings();
ERR_load_ASN1_strings();
ERR_load_CONF_strings();
ERR_load_CRYPTO_strings();
# ifndef OPENSSL_NO_COMP
ERR_load_COMP_strings();
# endif
# ifndef OPENSSL_NO_EC
ERR_load_EC_strings();
# endif
/* skip ERR_load_SSL_strings() because it is not in this library */
ERR_load_BIO_strings();
ERR_load_PKCS7_strings();
ERR_load_X509V3_strings();
ERR_load_PKCS12_strings();
ERR_load_RAND_strings();
ERR_load_DSO_strings();
# ifndef OPENSSL_NO_TS
ERR_load_TS_strings();
# endif
# ifndef OPENSSL_NO_ENGINE
ERR_load_ENGINE_strings();
# endif
ERR_load_OCSP_strings();
ERR_load_UI_strings();
# ifdef OPENSSL_FIPS
ERR_load_FIPS_strings();
# endif
# ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings();
# endif
# ifndef OPENSSL_NO_CT
ERR_load_CT_strings();
# endif
ERR_load_ASYNC_strings();
#endif
ERR_load_KDF_strings();
}
static void tls_begin(void)
{
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
}
void ERR_load_crypto_strings(void)
{
#ifndef OPENSSL_NO_ERR
ERR_load_ERR_strings(); /* include error strings for SYSerr */
ERR_load_BN_strings();
# ifndef OPENSSL_NO_RSA
ERR_load_RSA_strings();
# endif
# ifndef OPENSSL_NO_DH
ERR_load_DH_strings();
# endif
ERR_load_EVP_strings();
ERR_load_BUF_strings();
ERR_load_OBJ_strings();
ERR_load_PEM_strings();
# ifndef OPENSSL_NO_DSA
ERR_load_DSA_strings();
# endif
ERR_load_X509_strings();
ERR_load_ASN1_strings();
ERR_load_CONF_strings();
ERR_load_CRYPTO_strings();
# ifndef OPENSSL_NO_COMP
ERR_load_COMP_strings();
# endif
# ifndef OPENSSL_NO_EC
ERR_load_EC_strings();
# endif
# ifndef OPENSSL_NO_ECDSA
ERR_load_ECDSA_strings();
# endif
# ifndef OPENSSL_NO_ECDH
ERR_load_ECDH_strings();
# endif
/* skip ERR_load_SSL_strings() because it is not in this library */
ERR_load_BIO_strings();
ERR_load_PKCS7_strings();
ERR_load_X509V3_strings();
ERR_load_PKCS12_strings();
ERR_load_RAND_strings();
ERR_load_DSO_strings();
ERR_load_TS_strings();
# ifndef OPENSSL_NO_ENGINE
ERR_load_ENGINE_strings();
# endif
ERR_load_OCSP_strings();
ERR_load_UI_strings();
# ifdef OPENSSL_FIPS
ERR_load_FIPS_strings();
# endif
# ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings();
# endif
# ifndef OPENSSL_NO_JPAKE
ERR_load_JPAKE_strings();
# endif
#endif
}
int main()
{
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
SSL_CTX *ctx = SSL_CTX_new(SSLv23_client_method());
if (ctx == NULL) {
printf("SSL_CTX_new err func:%s\n reaseon:%s", ERR_func_error_string(ERR_get_error()),
ERR_reason_error_string(ERR_get_error()));
exit(1);
}
//加载可信任证书库
if (0 == SSL_CTX_load_verify_locations(ctx, "./push_cer.pem", NULL)) {
printf("err func:%s\n reaseon:%s", ERR_func_error_string(ERR_get_error()),
ERR_reason_error_string(ERR_get_error()));
ERR_print_errors_fp(stdout);
exit(1);
}
//set BIO
BIO *bio = BIO_new_ssl_connect(ctx);
if (bio == NULL) {
printf("err func:%s\n", ERR_func_error_string(ERR_get_error()));
ERR_print_errors_fp(stdout);
exit(1);
}
SSL *ssl;
BIO_get_ssl(bio, &ssl);
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
//open safe connect
BIO_set_conn_hostname(bio, "gateway.sandbox.push.apple.com:2195");
//verify connect ok
if (BIO_do_connect(bio) <= 0) {
ERR_print_errors_fp(stdout);
exit(1);
}
if (SSL_get_verify_result(ssl) != X509_V_OK) {
printf("SSL_get_verify_result not success\n");
}
char buf[MAXBUF];
char *json = "{\"aps\":{\"badge\":123}}";
sendPayload(bio, token, json, strlen(json));
int ret = BIO_read(bio, buf, MAXBUF);
if (ret <= 0) {
printf("BIO_read return 0\n");
}
SSL_CTX_free(ctx);
BIO_free_all(bio);
return 0;
}
static void tls_ctx_init(void)
{
pthread_key_create(&tls_ctx_key, NULL);
/* init OpenSSL */
SSL_load_error_strings();
ERR_load_BIO_strings();
SSL_library_init();
}
SecureSocket::SecureSocket()
: m_context(0), m_conn(0), m_eof(false)
{
m_socket = std::make_unique<Socket>(SocketType::Streaming);
// Intitialize the SSL client-side socket
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
}
void Security::libsslInit()
{
//TODO: make it thread-safe
if (!libsslReady) {
ERR_load_BIO_strings();
SSL_load_error_strings(); /* readable error messages */
SSL_library_init(); /* initialize library */
libsslReady = true;
}
}
int
mowgli_vio_openssl_setssl(mowgli_vio_t *vio, mowgli_vio_ssl_settings_t *settings, mowgli_vio_ops_t *ops)
{
mowgli_ssl_connection_t *connection;
return_val_if_fail(vio, -255);
if (!ssl_heap)
ssl_heap = mowgli_heap_create(sizeof(mowgli_ssl_connection_t), 64, BH_NOW);
connection = mowgli_heap_alloc(ssl_heap);
vio->privdata = connection;
if (settings)
memcpy(&connection->settings, settings, sizeof(mowgli_vio_ssl_settings_t));
else
/* Greatest compat without being terribly insecure */
connection->settings.ssl_version = MOWGLI_VIO_SSLFLAGS_SSLV3;
if (ops == NULL)
{
if (!openssl_ops)
{
openssl_ops = mowgli_alloc(sizeof(mowgli_vio_ops_t));
memcpy(openssl_ops, &mowgli_vio_default_ops, sizeof(mowgli_vio_ops_t));
}
vio->ops = openssl_ops;
}
else
{
vio->ops = ops;
}
/* Change ops */
mowgli_vio_ops_set_op(vio->ops, connect, mowgli_vio_openssl_default_connect);
mowgli_vio_ops_set_op(vio->ops, read, mowgli_vio_openssl_default_read);
mowgli_vio_ops_set_op(vio->ops, write, mowgli_vio_openssl_default_write);
mowgli_vio_ops_set_op(vio->ops, close, mowgli_vio_openssl_default_close);
mowgli_vio_ops_set_op(vio->ops, accept, mowgli_vio_openssl_default_accept);
mowgli_vio_ops_set_op(vio->ops, listen, mowgli_vio_openssl_default_listen);
/* SSL setup */
if (!openssl_init)
{
openssl_init = true;
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
}
return 0;
}
/**
* Initialise OpenSSL
*/
void init_openssl() {
/* call the standard SSL init functions */
SSL_load_error_strings();
SSL_library_init();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
/* seed the random number system - only really nessecary for systems without '/dev/random' */
/* RAND_add(?,?,?); need to work out a cryptographically significant way of generating the seed */
}
/* Initialize the SSL library internals for use by the messaging bus. */
bool BusSSL_Init(struct bus *b) {
if (!SSL_library_init()) { return false; }
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_ssl_algorithms();
SSL_CTX *ctx = NULL;
if (!init_client_SSL_CTX(&ctx)) { return false; }
b->ssl_ctx = ctx;
return true;
}
int init_conn(CONN *conn)
{
// Initialise OpenSSL
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
SSL_library_init();
// Set up the SSL context
conn->ctx = SSL_CTX_new(SSLv3_method());
return 0;
}
int main(int argc, char *argv[])
{
const char *cert_filename = "ecc_server.crt";
BIO *cert_bio = NULL;
BIO *out_bio = NULL;
X509 *cert = NULL;
EVP_PKEY *pkey = NULL;
int ret;
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
cert_bio = BIO_new(BIO_s_file());
out_bio = BIO_new_fp(stdout, BIO_NOCLOSE);
ret = BIO_read_filename(cert_bio, cert_filename);
if (!(cert = PEM_read_bio_X509(cert_bio, NULL, 0, NULL)))
{
BIO_printf(out_bio, "Error loading cert into memory\n");
exit(-1);
}
if ((pkey = X509_get_pubkey(cert)) == NULL)
BIO_printf(out_bio, "Error getting public key from certificate\n");
if (pkey)
{
switch (EVP_PKEY_id(pkey))
{
case EVP_PKEY_RSA:
BIO_printf(out_bio, "%d bit RSA Key\n\n", EVP_PKEY_bits(pkey));
break;
case EVP_PKEY_DSA:
BIO_printf(out_bio, "%d bit DSA Key\n\n", EVP_PKEY_bits(pkey));
break;
default:
BIO_printf(out_bio, "%d bit non-RSA/DSA\n\n", EVP_PKEY_bits(pkey));
break;
}
}
if (!PEM_write_bio_PUBKEY(out_bio, pkey))
BIO_printf(out_bio, "Error writing public key data in PEM format\n");
EVP_PKEY_free(pkey);
X509_free(cert);
BIO_free_all(cert_bio);
BIO_free_all(out_bio);
return 0;
}
static void mz_crypt_init(void)
{
static int32_t openssl_initialized = 0;
if (openssl_initialized == 0)
{
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
openssl_initialized = 1;
}
}
static void lumberjack_init(void) {
if (lumberjack_init_done) {
return;
}
/* ssl init */
CRYPTO_malloc_init();
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
lumberjack_init_done = 1;
} /* lumberjack_init */
/* SSL library initialisation */
void init()
{
static bool init_once = false;
if (init_once == false)
{
INFO("OpenSSL", "Initializing (%s)", OPENSSL_VERSION_TEXT);
init_once = true;
SSL_library_init();
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
}
}
/**
* @desc Initialize OpenSSL lib
* @throw Char *
*/
void IOSocketSSL::initSSL(const bool force_server_method = false) {
TRACE_CALL();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_ssl_algorithms();
switch (socket_t) {
case IOSOCKET_LISTEN_T:
ctx = SSL_CTX_new(SSLv3_server_method());
break;
case IOSOCKET_CONNECT_T:
if (force_server_method)
ctx = SSL_CTX_new(SSLv3_server_method());
else
ctx = SSL_CTX_new(SSLv3_client_method());
break;
default:
/* Shouln't happen, mother class constructor should have thrown
* an exception earlier */
throw("Unknown socket type");
break;
}
/**
* Should use a loop on ERR_get_error()
* to retrieve the whole error process
*/
if (ctx == NULL)
throw(new_SSL_error("initializing ssl context"));
if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) != 1)
throw(new_SSL_error("loading cert file"));
if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) != 1)
throw(new_SSL_error("loading private key file"));
if (SSL_CTX_check_private_key(ctx) != 1)
throw(new_SSL_error("verifying private key"));
/* Don't bother with renego */
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
init_ssl = true;
}
void ERR_load_crypto_strings(void)
{
static int done=0;
if (done) return;
done=1;
#ifndef OPENSSL_NO_ERR
ERR_load_ERR_strings(); /* include error strings for SYSerr */
ERR_load_BN_strings();
#ifndef OPENSSL_NO_RSA
ERR_load_RSA_strings();
#endif
#ifndef OPENSSL_NO_DH
ERR_load_DH_strings();
#endif
ERR_load_EVP_strings();
ERR_load_BUF_strings();
ERR_load_OBJ_strings();
ERR_load_PEM_strings();
#ifndef OPENSSL_NO_DSA
ERR_load_DSA_strings();
#endif
ERR_load_X509_strings();
ERR_load_ASN1_strings();
ERR_load_CONF_strings();
ERR_load_CRYPTO_strings();
#ifndef OPENSSL_NO_EC
ERR_load_EC_strings();
#endif
#ifndef OPENSSL_NO_ECDSA
ERR_load_ECDSA_strings();
#endif
#ifndef OPENSSL_NO_ECDH
ERR_load_ECDH_strings();
#endif
/* skip ERR_load_SSL_strings() because it is not in this library */
ERR_load_BIO_strings();
ERR_load_PKCS7_strings();
ERR_load_X509V3_strings();
ERR_load_PKCS12_strings();
ERR_load_RAND_strings();
ERR_load_DSO_strings();
#ifndef OPENSSL_NO_ENGINE
ERR_load_ENGINE_strings();
#endif
ERR_load_OCSP_strings();
ERR_load_UI_strings();
#endif
}
void openssl_error_show(const char *string, int type)
{
char buf[MAX1_LEN] = { 0 };
if (type == 0) {
strncpy(buf, string, sizeof(buf) - 1);
perror(buf);
} else if (type == 1) {
BIO_printf(bio_err, "%s\n", string);
ERR_print_errors(bio_err);
} else {
ERR_load_BIO_strings();
ERR_clear_error();
bio_err = BIO_new(BIO_s_file());
BIO_set_fp(bio_err, stdout, BIO_NOCLOSE);
}
}
void init_openssl(void){
(void)SSL_library_init();
SSL_load_error_strings();
/* Load the human readable error strings for libcrypto */
ERR_load_BIO_strings();
/* Load the human readable error strings for libcrypto */
ERR_load_crypto_strings();
/* Load all digest and cipher algorithms */
OpenSSL_add_all_algorithms();
OPENSSL_config(NULL);
}
int main()
{
BIO * bio;
int p;
char * request = "GET / HTTP/1.1\x0D\x0AHost: www.verisign.com\x0D\x0A\x43onnection: Close\x0D\x0A\x0D\x0A";
char r[1024];
/* Set up the library */
ERR_load_BIO_strings();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
/* Create and setup the connection */
bio = BIO_new_connect("www.verisign.com:80");
if(bio == NULL) { printf("BIO is null\n"); return; }
if(BIO_do_connect(bio) <= 0)
{
ERR_print_errors_fp(stderr);
BIO_free_all(bio);
return;
}
/* Send the request */
BIO_write(bio, request, strlen(request));
/* Read in the response */
for(;;)
{
p = BIO_read(bio, r, 1023);
if(p <= 0) break;
r[p] = 0;
printf("%s", r);
}
/* Close the connection and free the context */
BIO_free_all(bio);
return 0;
}
int neo4j_openssl_init(void)
{
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
int num_locks = CRYPTO_num_locks();
thread_locks = calloc(num_locks, sizeof(neo4j_mutex_t));
if (thread_locks == NULL)
{
return -1;
}
for (int i = 0; i < num_locks; i++)
{
int err = neo4j_mutex_init(&(thread_locks[i]));
if (err)
{
for (; i > 0; --i)
{
neo4j_mutex_destroy(&(thread_locks[i-1]));
}
free(thread_locks);
errno = err;
return -1;
}
}
if (CRYPTO_get_locking_callback() == NULL)
{
CRYPTO_set_locking_callback(locking_callback);
CRYPTO_set_id_callback(neo4j_current_thread_id);
}
SSL_CTX *ctx = SSL_CTX_new(TLSv1_method());
if (ctx == NULL)
{
errno = openssl_error(NULL, NEO4J_LOG_ERROR, __FILE__, __LINE__);
return -1;
}
SSL_CTX_free(ctx);
return 0;
}
ResponseCode OpenSSLConnection::Initialize() {
#ifdef WIN32
// TODO : Check if it is possible to replace this with std::call_once
WSADATA wsa_data;
int result;
bool was_wsa_initialized = true;
int s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if(INVALID_SOCKET == s) {
if(WSANOTINITIALISED == WSAGetLastError()) {
was_wsa_initialized = false;
}
} else {
closesocket(s);
}
if(!was_wsa_initialized) {
// Initialize Winsock
result = WSAStartup(MAKEWORD(2, 2), &wsa_data);
if(0 != result) {
AWS_LOG_ERROR(OPENSSL_WRAPPER_LOG_TAG, "WSAStartup failed: %d", result);
return ResponseCode::NETWORK_SSL_INIT_ERROR;
}
}
#endif
const SSL_METHOD *method;
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
SSL_load_error_strings();
if (SSL_library_init() < 0) {
return ResponseCode::NETWORK_SSL_INIT_ERROR;
}
method = TLSv1_2_method();
if ((p_ssl_context_ = SSL_CTX_new(method)) == NULL) {
AWS_LOG_ERROR(OPENSSL_WRAPPER_LOG_TAG, " SSL INIT Failed - Unable to create SSL Context");
return ResponseCode::NETWORK_SSL_INIT_ERROR;
}
return ResponseCode::SUCCESS;
}
DofusRSA::DofusRSA()
{
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
stringstream SDofusPublicKey;
SDofusPublicKey << "-----BEGIN PUBLIC KEY-----\n"
"MIIBUzANBgkqhkiG9w0BAQEFAAOCAUAAMIIBOwKCATIAgucoka9J2PXcNdjcu6CuDmgteIMB+rih\n"
"2UZJIuSoNT/0J/lEKL/W4UYbDA4U/6TDS0dkMhOpDsSCIDpO1gPG6+6JfhADRfIJItyHZflyXNUj\n"
"WOBG4zuxc/L6wldgX24jKo+iCvlDTNUedE553lrfSU23Hwwzt3+doEfgkgAf0l4ZBez5Z/ldp9it\n"
"2NH6/2/7spHm0Hsvt/YPrJ+EK8ly5fdLk9cvB4QIQel9SQ3JE8UQrxOAx2wrivc6P0gXp5Q6bHQo\n"
"ad1aUp81Ox77l5e8KBJXHzYhdeXaM91wnHTZNhuWmFS3snUHRCBpjDBCkZZ+CxPnKMtm2qJIi57R\n"
"slALQVTykEZoAETKWpLBlSm92X/eXY2DdGf+a7vju9EigYbX0aXxQy2Ln2ZBWmUJyZE8B58CAwEA\n"
"AQ==\n"
"-----END PUBLIC KEY-----";
DofusPublicKey = SDofusPublicKey.str();
}
void plugin_init(plugin_provisor *pr)
{
if(pr == NULL)
{ /*this is checked by the calling function, but
I'd like to reinforce the idea of paranoia*/
fprintf(stderr, "<ssl_transport:init> null plugin object (perhaps a bug?!)\n");
return;
}
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
pr->capex = ssl_transport_capex;
pr->name = ssl_transport_name;
pr->version = ssl_transport_version;
pr->trans = ssl_transport_insecure_send;
pr->config = ssl_transport_config;
}
/**
* _mongoc_openssl_init:
*
* initialization function for SSL
*
* This needs to get called early on and is not threadsafe. Called by
* mongoc_init.
*/
void
_mongoc_openssl_init (void)
{
SSL_CTX *ctx;
SSL_library_init ();
SSL_load_error_strings ();
ERR_load_BIO_strings ();
OpenSSL_add_all_algorithms ();
#if OPENSSL_VERSION_NUMBER < 0x10100000L
_mongoc_openssl_thread_startup ();
#endif
ctx = SSL_CTX_new (SSLv23_method ());
if (!ctx) {
MONGOC_ERROR ("Failed to initialize OpenSSL.");
}
SSL_CTX_free (ctx);
}
openssl()
{
locks = new std::mutex[CRYPTO_num_locks()];
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
// these callback functions need to be set last because
// the setup functions above call these (especially the locking function)
// which calls back to us and whole thing goes astray.
// Calling the functions above without locking should be safe
// considering that this constructor code is already protected from MT access
// If there are random crashes, maybe this assumption is wrong
// and locking needs to be taken care of already.
CRYPTO_set_id_callback(identity_callback);
CRYPTO_set_locking_callback(lock_callback);
}
// ----------------------------------------------------------------------------
void SecureClient::init() {
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
m_ssl_context = SSL_CTX_new(SSLv23_client_method());
// loading the Trust Store
if(!SSL_CTX_load_verify_locations(m_ssl_context, "../client/certs/TrustStore.pem", nullptr)) {
ERR("Failed to load the Trust Store of certificates: %s", ERR_reason_error_string(ERR_get_error()));
throw ClientException();
}
m_bio = BIO_new_ssl_connect(m_ssl_context);
if (m_bio == nullptr) {
ERR("Failed to prepare new secure connection: %s", ERR_reason_error_string(ERR_get_error()));
throw ClientException();
}
BIO_get_ssl(m_bio, &m_ssl);
SSL_set_mode(m_ssl, SSL_MODE_AUTO_RETRY); // retry handshake transparently if Server suddenly wants
// establish secure connection
BIO_set_conn_hostname(m_bio, m_ip_address.c_str());
BIO_set_conn_port(m_bio, m_port.c_str());
if (BIO_do_connect(m_bio) <= 0) {
ERR("Failed to securely connect to [%s:%s]: %s", m_ip_address.c_str(), m_port.c_str(), ERR_reason_error_string(ERR_get_error()));
m_is_connected = false;
} else {
m_is_connected = true;
}
// checking certificate from Server
if (SSL_get_verify_result(m_ssl) != X509_V_OK) {
WRN("Certificate verification has failed: %s", ERR_reason_error_string(ERR_get_error()));
// TODO: probably, proceed further
}
INF("Secure connection has been established");
m_api_impl = new SecureClientApiImpl(m_bio, m_ip_address, m_port);
}
int main( int argc, const char* argv[] )
{
header(3, 1, false);
//============================
// SSL init
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
// ============== SSL init //
// Verify args
if (argc !=5)
{
printf("Usage:\n");
printf("\t ./client --serverAddress=127.0.0.1 --port=1234 --send ./filename\n");
printf("\t ./client --serverAddress=127.0.0.1 --port=1234 --recieve ./filename\n");
exit(54);
}
char* serverhost = (char*) argv[1];
char* port = (char*) argv[2];
char* transType = (char*) argv[3];
char* file = (char*) argv[4];
serverhost = strrchr(serverhost, '=') + sizeof(char);
port = strrchr(port, '=') + sizeof(char);
transType = strrchr(transType, '-') + sizeof(char);
printf("server: %s\n", serverhost);
printf("port: %s\n", port);
printf("transType: %s\n", transType);
printf("file: %s\n", file);
// seed for random numbers
srand(time(0));
// connect to server
connectToServer(serverhost,port,transType, file);
printf("Client application is exiting.\nGood Bye!\n");
return 0;
}
bool secure::init(void)
{
if(private_locks)
return true;
Thread::init();
Socket::init();
SSL_library_init();
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
OpenSSL_add_all_digests();
if(CRYPTO_get_id_callback() != NULL)
return false;
private_locks = new Mutex[CRYPTO_num_locks()];
CRYPTO_set_id_callback(ssl_self);
CRYPTO_set_locking_callback(ssl_lock);
return true;
}
