VMINT vm_tls_shutdown(VMINT res_id)
{
kal_int32 ret;
vm_tls_context_t * ctx_p = NULL;
MMI_TRACE(TRACE_GROUP_8, TRC_MRE_SSL_S, 5, __LINE__);
ctx_p = vm_tls_get_ctx_by_res(res_id);
if (NULL == ctx_p)
{
MMI_TRACE(TRACE_GROUP_8, TRC_MRE_SSL_E1, 5, __LINE__);
return VM_TLS_RET_BASE -2;
}
ret = tls_shutdown(ctx_p->soc_id);
if (TLS_ERR_NONE != ret)
{
MMI_TRACE(TRACE_GROUP_8, TRC_MRE_SSL_E2, 5, ret);
return ret;
}
MMI_TRACE(TRACE_GROUP_8, TRC_MRE_SSL_S, 5, ret);
return ret;
}
/*
* perform one-way shutdown, do not wait fro notify from the remote peer
*/
void
tls_close(struct tcp_connection *c, int fd)
{
/*
* runs within global tcp lock
*/
LM_DBG("closing TLS connection\n");
tls_update_fd(c, fd);
tls_shutdown(c);
}
/** perform one-way shutdown, do not wait for notify from the remote peer.
*/
void tls_h_close(struct tcp_connection *c, int fd)
{
unsigned char wr_buf[TLS_WR_MBUF_SZ];
struct tls_mbuf rd, wr;
/*
* runs either within global tcp lock or after the connection has
* been "detached" and is unreachable from any other process.
* Unfortunately when called via
* tcpconn_put_destroy()+tcpconn_close_main_fd() the connection might
* still be in a writer, so in this case locking is needed.
*/
DBG("Closing SSL connection %p\n", c->extra_data);
if (unlikely(cfg_get(tls, tls_cfg, send_close_notify) && c->extra_data)) {
lock_get(&c->write_lock);
if (unlikely(c->extra_data == 0)) {
/* changed in the meanwhile */
lock_release(&c->write_lock);
return;
}
tls_mbuf_init(&rd, 0, 0); /* no read */
tls_mbuf_init(&wr, wr_buf, sizeof(wr_buf));
if (tls_set_mbufs(c, &rd, &wr)==0) {
tls_shutdown(c); /* shudown only on succesfull set fd */
/* write as much as possible and update wr.
* Since this is a close, we don't want to queue the write
* (if it can't write immediately, just fail silently)
*/
if (wr.used)
_tcpconn_write_nb(fd, c, (char*)wr.buf, wr.used);
/* we don't bother reading anything (we don't want to wait
on close) */
}
lock_release(&c->write_lock);
}
}
/** Shutdown the Strophe library.
*
* @ingroup Init
*/
void xmpp_shutdown(void)
{
tls_shutdown();
sock_shutdown();
}
/**
* Simple command-line HTTP client.
*/
int main( int argc, char *argv[ ] )
{
int client_connection;
char *host, *path;
char *proxy_host, *proxy_user, *proxy_password;
int proxy_port;
struct hostent *host_name;
struct sockaddr_in host_address;
int port = HTTPS_PORT;
int ind;
int master_secret_length;
unsigned char *master_secret;
int session_id_length;
unsigned char *session_id;
#ifdef WIN32
WSADATA wsaData;
#endif
TLSParameters tls_context;
if ( argc < 2 )
{
fprintf( stderr,
"Usage: %s: [-p http://[username:password@]proxy-host:proxy-port] <URL>\n",
argv[ 0 ] );
return 1;
}
proxy_host = proxy_user = proxy_password = host = path = session_id = master_secret = NULL;
session_id_length = master_secret_length = 0;
for ( ind = 1; ind < ( argc - 1 ); ind++ )
{
if ( !strcmp( "-p", argv[ ind ] ) )
{
if ( !parse_proxy_param( argv[ ++ind ], &proxy_host, &proxy_port,
&proxy_user, &proxy_password ) )
{
fprintf( stderr, "Error - malformed proxy parameter '%s'.\n", argv[ 2 ] );
return 2;
}
}
else if ( !strcmp( "-s", argv[ ind ] ) )
{
session_id_length = hex_decode( argv[ ++ind ], &session_id );
}
else if ( !strcmp( "-m", argv[ ind ] ) )
{
master_secret_length = hex_decode( argv[ ++ind ], &master_secret );
}
}
if ( ( ( master_secret_length > 0 ) && ( session_id_length == 0 ) ) ||
( ( master_secret_length == 0 ) && ( session_id_length > 0 ) ) )
{
fprintf( stderr, "session id and master secret must both be provided.\n" );
return 3;
}
if ( parse_url( argv[ ind ], &host, &path ) == -1 )
{
fprintf( stderr, "Error - malformed URL '%s'.\n", argv[ 1 ] );
return 1;
}
printf( "Connecting to host '%s'\n", host );
// Step 1: open a socket connection on http port with the destination host.
#ifdef WIN32
if ( WSAStartup( MAKEWORD( 2, 2 ), &wsaData ) != NO_ERROR )
{
fprintf( stderr, "Error, unable to initialize winsock.\n" );
return 2;
}
#endif
client_connection = socket( PF_INET, SOCK_STREAM, 0 );
if ( !client_connection )
{
perror( "Unable to create local socket" );
return 2;
}
if ( proxy_host )
{
printf( "Connecting to host '%s'\n", proxy_host );
host_name = gethostbyname( proxy_host );
}
else
{
host_name = gethostbyname( host );
}
if ( !host_name )
{
perror( "Error in name resolution" );
return 3;
}
host_address.sin_family = AF_INET;
host_address.sin_port = htons( proxy_host ? proxy_port : HTTPS_PORT );
memcpy( &host_address.sin_addr, host_name->h_addr_list[ 0 ],
sizeof( struct in_addr ) );
if ( connect( client_connection, ( struct sockaddr * ) &host_address,
sizeof( host_address ) ) == -1 )
{
perror( "Unable to connect to host" );
return 4;
}
printf( "Connection complete; negotiating TLS parameters\n" );
if ( proxy_host )
{
if ( !http_connect( client_connection, host, port, proxy_user,
proxy_password ) )
{
perror( "Unable to establish proxy tunnel" );
if ( close( client_connection ) == -1 )
{
perror( "Error closing client connection" );
return 2;
}
return 3;
}
}
if ( session_id != NULL )
{
if ( tls_resume( client_connection, session_id_length,
session_id, master_secret, &tls_context ) )
{
fprintf( stderr, "Error: unable to negotiate SSL connection.\n" );
if ( close( client_connection ) == -1 )
{
perror( "Error closing client connection" );
return 2;
}
return 3;
}
}
else
{
if ( tls_connect( client_connection, &tls_context, 0 ) )
{
fprintf( stderr, "Error: unable to negotiate TLS connection.\n" );
return 3;
}
}
printf( "Retrieving document: '%s'\n", path );
http_get( client_connection, path, host, &tls_context );
display_result( client_connection, &tls_context );
tls_shutdown( client_connection, &tls_context );
printf( "Session ID was: " );
show_hex( tls_context.session_id, tls_context.session_id_length );
printf( "Master secret was: " );
show_hex( tls_context.master_secret, MASTER_SECRET_LENGTH );
printf( "Shutting down.\n" );
#ifdef WIN32
if ( closesocket( client_connection ) == -1 )
#else
if ( close( client_connection ) == -1 )
#endif
{
perror( "Error closing client connection" );
return 5;
}
if ( session_id != NULL )
{
free( session_id );
}
if ( master_secret != NULL )
{
free( master_secret );
}
#ifdef WIN32
WSACleanup();
#endif
return 0;
}
