void exec(PRO* pro)
{
int ret;
if(pro->flag == 1)
{
switch(pro->cmd)
{
case '0':
ret = connect(pro);
break;
case '1':
ret = warning(pro);
break;
case '2':
ret = jdq1(pro);
break;
case '3':
ret = jdq2(pro);
break;
case '4':
ret = setTime(pro);
break;
case '6':
ret = set_host_left_right(pro);
break;
case '7':
ret = set_disp_mode(pro);
break;
case '8':
ret = set_num_enter_mode(pro);
break;
case '9':
ret = set_num_out_mode(pro);
break;
case 'A':
ret = set_local_ip(pro);
break;
default :
ret = 9;
break;
}
ack(ret);
ackBuf[4] = pro->cmd;
msg.len =sizeof(ackBuf);
msg.buf = ackBuf;
udp.send(&msg);
pro->flag = 0;
pro->cmd = 0;
pro->type = 0;
for(int i = 0; i < MAX_LENGTH; i++)
pro->para[i] = 0;
}
}
//用户未输入密码的处理
void getPassword()
{
char temp[100];
printf("请输入密码:");
setbuf(stdin,NULL);//清除缓冲区(Linux),Windows下可以使用fflush或者rewind。
//关闭回显
set_disp_mode(STDIN_FILENO,0);
GetPassword:
fgets(temp,sizeof(char)*100,stdin);
printf("\n");
if(strlen(temp)==0 || (strlen(temp)==1&&temp[0]=='\n'))
{
printf("密码不能为空!\n");
goto GetPassword;
}
else
memcpy(password,temp,strlen(temp)-1);
//打开回显
set_disp_mode(STDIN_FILENO,1);
}
static ssize_t store_disp_mode(struct device * dev, struct device_attribute *attr, const char * buf, size_t count)
{
set_disp_mode(buf);
return 16;
}
/*********************parent process tcp connection use to manage************************/
void client_mgr(char *ip, int serverPort, int pipefd, int pid)
{
int flag = 0;
char *p;
char name[256], passwd[256];
char realName[512];
int err, fd, i;
struct sockaddr_in sa;
char buf[4096];
SSL_CTX* ctx;
SSL* ssl;
//create a TCP socket
fd = socket (AF_INET, SOCK_STREAM, 0);
CHK_ERR(fd, "socket");
memset (&sa, 0, sizeof(sa));
sa.sin_family = AF_INET;
sa.sin_addr.s_addr = inet_addr(ip);
sa.sin_port = htons(serverPort);
//connect step
err = connect(fd, (struct sockaddr*) &sa, sizeof(sa));
CHK_ERR(err, "connect");
sleep(2);
puts("Please input the common name: ");
scanf("%s", realName);
setupCTX(&ctx);
//build SSL on the TCP connection
ssl = SSL_new(ctx);
CHK_NULL(ssl);
SSL_set_fd (ssl, fd);
err = SSL_connect(ssl);
CHK_SSL(err);
//check certificate
SSL_CTX_load_verify_locations(ctx, CACERT, NULL);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
int result = SSL_get_verify_result(ssl);
if(result == X509_V_OK || result == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) {
printf("The certificate is valid.\n");
}
else {
printf("Invalid certificate %d\n", result);
exit(1);
}
X509* server_cert = SSL_get_peer_certificate(ssl);
CHK_NULL(server_cert);
char *str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0);
CHK_NULL(str);
OPENSSL_free(str);
str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0);
CHK_NULL(str);
OPENSSL_free(str);
X509_NAME *xname = X509_get_subject_name(server_cert);
X509_NAME_get_text_by_NID(xname, NID_commonName, commonName, 512);
if( strcasecmp(commonName, realName) !=0 )
{
printf("commonName is wrong.\n");
exit(1);
}
printf("commonName is right.\n");
printf("Server authentication is successful.\n");
//release!
X509_free(server_cert);
sleep(2);
while(!flag)
{
//handle the login part
printf("username: "******"%s",name);
getchar();
//safe mode
set_disp_mode(STDIN_FILENO, 0);
getpasswd(passwd, sizeof(passwd));
p = passwd;
while(*p != '\n')
p++;
*p = '\0';
//OK!
set_disp_mode(STDIN_FILENO, 1);
sendName(ssl, name);
sendPass(ssl, passwd);
SSL_read(ssl, buf, sizeof(buf) - 1);
putchar(10);
if( buf[0] == 'o' )
{
puts("Connect successfully");
flag = 1;
}
else {
puts("wrong password, please try again!");
}
}
//clean the password for security reason
memset(passwd, 0, sizeof(passwd));
genKey(key);
sendKey(ssl, key);
while (1) {
talkToudp(key, pipefd, 'k');
printf("1. ipnut 'q' to quit.\n");
printf("2. input 'c' to change the key.\n");
scanf("%s", buf);
if (strlen(buf) == 1) {
if (buf[0]=='q') {
break;
}
else if( buf[0]=='r'){
genKey(key);
sendKey(ssl, key);
}
}
else {
printf("Invalid.\n");
continue;
}
}
memset(key, 0, KEYSIZE);
memset(IV, 0, IVSIZE);
sendKey(ssl, key);
sleep(1);
kill(pid, SIGTERM);
wait(0);
SSL_shutdown(ssl); /* send SSL/TLS close_notify */
close(fd);
SSL_free(ssl);
SSL_CTX_free(ctx);
}
