void tests_setup(void) { int ret = 0; /* * Create a temporary folder to store our files. * We do not use mkdtemp to avoid putting our temporary files in the wrong place. * In any case, mkdir fails if the folder already exists. */ ret = mkdir(temporary_folder, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH); if (ret < 0) { printf("could not create folder %s\n", temporary_folder); correctly_initialized = false; return; } /* OpenSSL is needed for our new protocol over TLS. */ SSL_library_init(); SSL_load_error_strings(); /* * First we start a new process to have a server for our tests. */ ret = start_child_process(); if (ret < 0) { correctly_initialized = false; return; } /* * If the initialization went without problems, then at this point * there is a second process waiting for connections. */ ssl_client_init(); }
int init_vmapi() { // Init SSL Client ssl_client_init(); int exit_code = EXIT_FAILURE; // Some configuration checks if(VCAS_Port_SSL == 0 || VKS_Port_SSL == 0) { RETURN_ERR("Check your port configuration!"); } if(strlen(vcasServerAddress) == 0) { RETURN_ERR("Check your VCAS server ip!"); } if(strlen(vksServerAddress) == 0) { RETURN_ERR("Check your VKS server ip!"); } if(strlen(api_clientID) != 12) { RETURN_ERR("Incorrect AMINOMAC length, length should be 12"); } if(strlen(api_company) == 0) { RETURN_ERR("Please add your company name to the configuration"); } return EXIT_SUCCESS; cleanup: return exit_code; }
bool ssl_aio_stream::open_ssl(bool on) { ACL_VSTREAM* stream = get_vstream(); acl_assert(stream); if (stream == NULL) { logger_error("stream null"); return false; } if (on) { #ifdef HAS_POLARSSL // 如果打开已经是 SSL 模式的流,则直接返回 if (ssl_ != NULL) { acl_assert(ssn_); acl_assert(hs_); return true; } #endif // 打开 SSL 流模式 return ssl_client_init(); } else { #ifdef HAS_POLARSSL // 如果关闭非 SSL 模式的流,则直接返回 if (ssl_ == NULL) { ssl_ = NULL; acl_assert(ssn_ == NULL); acl_assert(hs_ == NULL); return true; } #endif // 清除与 SSL 相关的对象 clear(); // 切换成非 SSL 流模式 acl_vstream_ctl(stream, ACL_VSTREAM_CTL_READ_FN, acl_socket_read, ACL_VSTREAM_CTL_WRITE_FN, acl_socket_write, ACL_VSTREAM_CTL_CTX, this, ACL_VSTREAM_CTL_END); return true; } }
bool ssl_aio_stream::open_callback() { #ifdef HAS_POLARSSL if (ssl_) { acl_assert(ssn_); acl_assert(hs_); return ssl_client_init(); } return true; #else return false; #endif }
int main( int argc, char* argv[] ) { int ret; SSL_CTX* ctx_server = ssl_server_init(SERVER_CERTIFICATE, SERVER_KEY); SSL_CTX* ctx_client = ssl_client_init(); int listen_socket; int accept_socket; listen_socket = server_listen("5003"); if( listen_socket < 0 ) { std::cout<<"socket error."<<std::endl; return -1; } accept_socket = accept (listen_socket, NULL, NULL); if( accept_socket < 0 ) { std::cout<<"accept error."<<std::endl; return -1; } close(listen_socket); SSL *ssl = ssl_server(ctx_server, accept_socket); char buf [4096]; ret = SSL_read (ssl, buf, sizeof(buf) - 1); if( ret == -1 ) { std::cout<<"SSL_read error."<<std::endl; return -1; } buf[ret] = '\0'; printf("%s\n", buf); int client_socket = client_connect("127.0.0.1", "5004"); SSL *ssl_cli = ssl_client(ctx_client, client_socket); ret = SSL_write (ssl_cli, "I hear you.", strlen("I hear you.")); if( ret == -1 ) { std::cout<<"SSL_write error."<<std::endl; return -1; } return 0; }
int main(int ac, char **av) { struct ssl_client cl; struct in_addr local_addr; int local_port; struct in_addr host_addr; int host_port; int i; int input; int output; ssl_client_set_default(&cl); local_addr.s_addr = INADDR_ANY; local_port = 0; inet_aton(HOST_ADDR, &host_addr); host_port = HOST_PORT; input = STDIN_FILENO; output = STDOUT_FILENO; for (i = 1 ; i < ac ; i++) { if (strcmp(av[i], "-local_addr") == 0) { if (i + 1 >= ac) goto no_arg; if (inet_aton(av[i + 1], &local_addr) == 0) goto inv_arg; i++; } else if (strcmp(av[i], "-local_port") == 0) { if (i + 1 >= ac) goto no_arg; local_port = atoi(av[i + 1]); if (local_port < 0 || local_port >= UINT16_MAX) goto inv_arg; i++; } else if (strcmp(av[i], "-host_addr") == 0) { if (i + 1 >= ac) goto no_arg; if (inet_aton(av[i + 1], &host_addr) == 0) goto inv_arg; i++; } else if (strcmp(av[i], "-host_port") == 0) { if (i + 1 >= ac) goto no_arg; host_port = atoi(av[i + 1]); if (host_port < 0 || host_port >= UINT16_MAX) goto inv_arg; i++; } else if (strcmp(av[i], "-input") == 0) { if (i + 1 >= ac) goto no_arg; input = open(av[i + 1], O_RDONLY); if (input < 0) { fprintf(stderr, "Failed to open <%s> : %s\n", av[i + 1], strerror(errno)); goto usage; } } else if (strcmp(av[i], "-output") == 0) { if (i + 1 >= ac) goto no_arg; output = open(av[i + 1], O_CREAT | O_TRUNC | O_WRONLY, 0664); if (output < 0) goto inv_arg; } else if (strcmp(av[i], "-help") == 0) goto usage; continue; inv_arg: fprintf(stderr, "Invalid argument for <%s> option : <%s>\n", av[i], av[i + 1]); goto usage; no_arg: fprintf(stderr, "No valid argument for <%s> option\n", av[i]); usage: fprintf(stderr, "Usage: %s [-local_addr <addr>] [-local_port <port>] [-host_addr <addr>] [-host_port <port>] [-input <file>][-help]\n", av[0]); return 1; } if (ssl_client_init(&cl, CA_CERTIFICATE, SSL_FILETYPE_PEM, PRIVATE_KEY, SSL_FILETYPE_PEM, local_addr, local_port, host_addr, host_port, 0) < 0) goto err; if (isatty(input)) printf("Triming EOL\n"); for (;;) { char buffer[4096 + 1]; int size; int got; size = read(input, buffer, sizeof buffer - 1); if (size < 0) { fprintf(stderr, "Failed to read from stdin : %s\n", strerror(errno)); break; } if (size == 0) break; if (isatty(input)) { while (size > 0 && buffer[size - 1] == '\n') buffer[--size] = 0; if (size == 0) continue; buffer[size] = 0; size ++; } if (ssl_client_write(&cl, buffer, size) <= 0) goto close_err; got = 0; while (got < size) { i = ssl_client_read(&cl, buffer, sizeof buffer); if (i <= 0) goto close_err; write(output, buffer, i); got += i; } } ssl_client_free(&cl); return 0; close_err: ssl_client_free(&cl); err: return 1; }
int main(int argc, char *argv[]) { if(argc != 2) { printf("usage : %s <ipaddress>\n", argv[0]); return -1; } strcpy(server_address, argv[1]); sleep_us(500000); /* * configure the client. */ if(client_configure(master_port, transmit_port, ssl_certificate, ssl_key) < 0) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "client configured"); return -1; } printf("%-60s[\033[;32mOK\033[0m]\n", "client configured"); sleep_us(500000); /* * initialize the SSL */ ctx_server = ssl_server_init(ssl_certificate, ssl_key); if(ctx_server == NULL) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "SSL server initialize"); return -1; } ctx_client = ssl_client_init(); if(ctx_client == NULL) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "SSL client initialize"); return -1; } printf("%-60s[\033[;32mOK\033[0m]\n", "SSL initialize"); sleep_us(500000); /* * connect to the master server. */ char temp[MAXLINE]; snprintf(temp, MAXLINE, "connect to master server: %s", argv[1]); int masterfd = client_connect(argv[1], master_port); if(masterfd == -1) { printf("%-60s[\033[;31mFAILED\033[0m]\n", temp); return -1; } sockaddr_in clientaddr; socklen_t len = sizeof(clientaddr); memset(&clientaddr, 0, len); getsockname(masterfd, (sockaddr*)&clientaddr, &len); inet_ntop(AF_INET, (void *)&clientaddr.sin_addr, ip_address, MAXLINE); printf("%-60s[\033[;32mOK\033[0m]\n", temp); sleep_us(500000); SSL *ssl = ssl_client(ctx_client, masterfd); if(ssl == NULL) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "ssl_client\n"); return -1; } /* * verify the executable client to judge if it's a fake one. */ char *ver_buf = file_verify(argv[0]); if(ver_buf == NULL) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "verify client"); return -1; } int k = SSL_write(ssl, ver_buf, strlen(ver_buf)); if( k != (int)strlen(ver_buf)) { printf("SSL_write error\n"); return -1; } k = SSL_read(ssl, temp, MAXLINE); if(k < 0) { printf("SSL_read error"); return -1; } temp[k] = '\0'; if(strcmp(temp, "verify client unsuccessfully") == 0) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "verify client"); return -1; } free(ver_buf); sleep_us(500000); /* * Listen to the transmit port to upload/download files */ snprintf(temp, MAXLINE, "listen to transmit port: %s", transmit_port); int listenfd = server_listen(transmit_port); if(listenfd == -1) { printf("%-60s[\033[;31mFAILED\033[0m]\n", temp); return -1; } printf("%-60s[\033[;32mOK\033[0m]\n", temp); sleep_us(500000); /* * create transmit_thread to handle upload/download files request * from the slave server. */ pthread_t thread; int ret = pthread_create(&thread, NULL, transmit_thread, static_cast<void*>(new int(listenfd))); if(ret == 0) printf("%-60s[\033[;32mOK\033[0m]\n", "transmit_thread create"); else { printf("%-60s[\033[;31FAILED\033[0m]\n", "transmit_thread create"); return -1; } /* * initialize the download/upload mutex. */ pthread_mutex_init(&download_mutex, NULL); pthread_mutex_init(&upload_mutex, NULL); char command_line[MAXLINE]; snprintf(cmd_line, MAXLINE,"%s:%s> ", argv[1], master_port); while(!stop) { printf(cmd_line); fflush(stdin); //read the command inputed by the user. fgets(command_line, MAXLINE, stdin); int len = strlen(command_line); if(command_line[len-1] == '\n') command_line[len-1] = '\0'; command_parse(ssl, command_line); } SSL_shutdown(ssl); // send SSL/TLS close_notify */ close(masterfd); SSL_free(ssl); SSL_CTX_free(ctx_server); SSL_CTX_free(ctx_client); return 0; }