/* * Establish a new SSL connection to an SSL server. */ EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx, int client_fd, const uint8_t *session_id, uint8_t sess_id_size, const char* host_name) { SSL *ssl = ssl_new(ssl_ctx, client_fd); ssl->version = SSL_PROTOCOL_VERSION_MAX; /* try top version first */ if (session_id && ssl_ctx->num_sessions) { if (sess_id_size > SSL_SESSION_ID_SIZE) /* validity check */ { ssl_free(ssl); return NULL; } memcpy(ssl->session_id, session_id, sess_id_size); ssl->sess_id_size = sess_id_size; SET_SSL_FLAG(SSL_SESSION_RESUME); /* just flag for later */ } if(host_name != NULL && strlen(host_name) > 0) { ssl->host_name = (char *)strdup(host_name); } SET_SSL_FLAG(SSL_IS_CLIENT); do_client_connect(ssl); return ssl; }
int SSL_connect(SSL *ssl) { SET_SSL_FLAG(SSL_IS_CLIENT); int stat = do_client_connect(ssl); ssl_display_error(stat); return (stat == SSL_OK) ? 1 : -1; }
/* * Process the handshake record. */ int ICACHE_FLASH_ATTR do_clnt_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len) { int ret; /* To get here the state must be valid */ // ssl_printf("do_clnt_handshake: %d %d\n",__LINE__, handshake_type); switch (handshake_type) { case HS_SERVER_HELLO: ret = process_server_hello(ssl); break; case HS_CERTIFICATE: ret = process_certificate(ssl, &ssl->x509_ctx); break; case HS_SERVER_HELLO_DONE: if ((ret = process_server_hello_done(ssl)) == SSL_OK) { if (IS_SET_SSL_FLAG(SSL_HAS_CERT_REQ)) { if ((ret = send_certificate(ssl)) == SSL_OK && (ret = send_client_key_xchg(ssl)) == SSL_OK) { send_cert_verify(ssl); } } else { ret = send_client_key_xchg(ssl); } if (ret == SSL_OK && (ret = send_change_cipher_spec(ssl)) == SSL_OK) { ret = send_finished(ssl); } } break; case HS_CERT_REQ: ret = process_cert_req(ssl); break; case HS_FINISHED: ret = process_finished(ssl, buf, hs_len); disposable_free(ssl); /* free up some memory */ /* note: client renegotiation is not allowed after this */ break; case HS_HELLO_REQUEST: disposable_new(ssl); ret = do_client_connect(ssl); break; default: ret = SSL_ERROR_INVALID_HANDSHAKE; break; } return ret; }
int SSL_connect(SSL *ssl) { return do_client_connect(ssl) == SSL_OK ? 1 : -1; }
int main(int argc, char *argv[]) { char ch; int u_csock, i_csock; progname = strrchr(argv[0], '/'); if (!progname) progname = argv[0]; else progname++; /* Initialise configuration values from file. */ config_setdefaults(); while ((ch = getopt(argc, argv, "d:")) != -1) { switch (ch) { case 'd': config.nast_dir = optarg; break; default: usage(); /* NOTREACHED */ } } if (config_init()) return 1; if (init_daemon()) { log_err("Couldn't initialise nastd. Exiting."); return 1; } u_csock = make_u_csock(); if (u_csock == -1) return 1; i_csock = make_i_csock(); if (i_csock == -1) return 1; /* Create the FQM threads. */ (void)fqm_new(10); /* * Creat a thread that runs periodically. */ if (periodic_new() == -1) { log_err("Couldn't start periodic thread. Exiting."); return 1; } start_time = time(NULL); /* * Main control loop. Sit on the socket and wait for a client to * connect. As soon as it does, make another thread to handle it. */ for (;;) { fd_set read_fds; int rc; FD_ZERO(&read_fds); FD_SET(i_csock, &read_fds); FD_SET(u_csock, &read_fds); rc = select(10, &read_fds, NULL, NULL, NULL); if (rc == -1) { log_err("Couldn't select on sockets: %s.", strerror(errno)); sleep(30); } if (FD_ISSET(i_csock, &read_fds)) (void)do_client_connect(i_csock); if (FD_ISSET(u_csock, &read_fds)) (void)do_client_connect(u_csock); } return 0; }