/* * Pass the key-size and the password and this function returns * the PKCS12 structure as a stream. */ PKCS12* create_PKCS12_stream(int keysize, const char *password) { EVP_PKEY *privkey = NULL; X509 *x509_cert = NULL; STACK_OF(X509) *cacertstack = NULL; PKCS12 *pkcs12bundle = NULL; if(!keysize || !password) { fprintf(stderr,"Invalid key-size and/or password.\n"); return NULL; } if(keysize > MAX_KEY_SIZE) { fprintf(stderr,"Limit the keysize to 4096 bits.\n"); return NULL; } init_openssl(); privkey = create_rsa_key(keysize); if(privkey == NULL) { return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } fprintf(stdout,"Successfully created rsa key.\n"); x509_cert = create_x509_cert(privkey); if(x509_cert == NULL) { return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } fprintf(stdout,"Successfully created x509 certificate.\n"); cacertstack = create_ca_cert_stack(x509_cert); if(cacertstack == NULL) { return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } fprintf(stdout,"Successfully created stack-of-x509.\n"); if ((pkcs12bundle = PKCS12_new()) == NULL) { fprintf(stderr,"PKCS12_new failed.\n"); return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } pkcs12bundle = PKCS12_create( (char*)password, // certbundle access password "thali", // friendly certname privkey, // the certificate private key x509_cert, // the main certificate cacertstack, // stack of CA cert chain 0, // int nid_key (default 3DES) 0, // int nid_cert (40bitRC2) 0, // int iter (default 2048) 0, // int mac_iter (default 1) 0 // int keytype (default no flag) ); if (pkcs12bundle == NULL) { fprintf(stderr,"PKCS12_create failed.\n"); return (PKCS12*)free_openssl_resources(privkey, x509_cert, cacertstack); } fprintf(stdout,"Successfully created pkcs12 bundle.\n"); free_openssl_resources(privkey, x509_cert, cacertstack); return pkcs12bundle; //TODO: Make this a stream (char *) }
int main(int argc, char **argv) { BIO *acc, *client; SSL *ssl; SSL_CTX *ctx; pthread_t tid; init_openssl(); seed_prng(64); ctx = setup_server_ctx(); acc = BIO_new_accept(PORT); if(!acc) log_err("Error creating server socket."); /* first call BIO_do_accept() setup accept BIO */ if(BIO_do_accept(acc) <= 0) log_err("Error binding server socket."); for(;;) { if(BIO_do_accept(acc) <= 0) log_err("Error accepting connection."); client = BIO_pop(acc); if(!(ssl = SSL_new(ctx))) log_err("Error creating SSL context."); SSL_set_bio(ssl, client, client); pthread_create(&tid, NULL, server_thread, ssl); } SSL_CTX_free(ctx); BIO_free(acc); return 0; }
int main(int argc, char** argv) { char* host_and_port = argv[1]; char* store_path = "/etc/ssl/certs/"; char store_type = 'd'; char connection_type = 'e'; char buffer[4096]; buffer[0] = 0; BIO* bio; SSL_CTX* ctx = NULL; SSL* ssl = NULL; init_openssl(); if ((bio = connect_encrypted(host_and_port, store_path, store_type, &ctx, &ssl)) == NULL) return (EXIT_FAILURE); HeartbeatMessage * hbmsg = malloc(sizeof(HeartbeatMessage)); hbmsg->type = 1; hbmsg->payload_length = 0xffff; BIO_write(bio,hbmsg,sizeof(HeartbeatMessage)); int err = 0; while(1) { err = BIO_read(bio,buffer,4*1024); if (err <= 0) break; fwrite(buffer,1,err,stdout); fflush(stdout); } return (EXIT_SUCCESS); }
/* * Class: EmU_Login * Method: init_backend * Signature: ()V */ JNIEXPORT void JNICALL Java_EmU_1Login_init_1backend(JNIEnv *env, jobject obj) { set_using_safety_threads_for_openssl(true); seed_prng(); init_openssl(); assert_cache_directory_existence(); }
static SSL_CTX *on_config_listen_setup_ssl(h2o_configurator_command_t *cmd, const char *config_file, yoml_t *config_node) { SSL_CTX *ssl_ctx = NULL; const char *cert_file = NULL, *key_file = NULL; yoml_t *t; /* parse */ if (config_node->type != YOML_TYPE_MAPPING) { h2o_config_print_error(cmd, config_file, config_node, "`ssl` is not a mapping"); goto Error; } if ((t = yoml_get(config_node, "certificate-file")) == NULL) { h2o_config_print_error(cmd, config_file, config_node, "could not find mandatory property `certificate-file`"); goto Error; } else if (t->type != YOML_TYPE_SCALAR) { h2o_config_print_error(cmd, config_file, t, "the property must be a string"); goto Error; } cert_file = t->data.scalar; if ((t = yoml_get(config_node, "key-file")) == NULL) { h2o_config_print_error(cmd, config_file, config_node, "could not find mandatory property `key-file`"); goto Error; } else if (t->type != YOML_TYPE_SCALAR) { h2o_config_print_error(cmd, config_file, t, "the property must be a string"); goto Error; } key_file = t->data.scalar; /* setup */ init_openssl(); ssl_ctx = SSL_CTX_new(SSLv23_server_method()); SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2); setup_ecc_key(ssl_ctx); if (SSL_CTX_use_certificate_file(ssl_ctx, cert_file, SSL_FILETYPE_PEM) != 1) { h2o_config_print_error(cmd, config_file, config_node, "failed to load certificate file:%s\n", cert_file); ERR_print_errors_fp(stderr); goto Error; } if (SSL_CTX_use_PrivateKey_file(ssl_ctx, key_file, SSL_FILETYPE_PEM) != 1) { h2o_config_print_error(cmd, config_file, config_node, "failed to load private key file:%s\n", key_file); ERR_print_errors_fp(stderr); goto Error; } /* setup protocol negotiation methods */ #if H2O_USE_NPN h2o_ssl_register_npn_protocols(ssl_ctx, h2o_http2_npn_protocols); #endif #if H2O_USE_ALPN h2o_ssl_register_alpn_protocols(ssl_ctx, h2o_http2_alpn_protocols); #endif return ssl_ctx; Error: if (ssl_ctx != NULL) SSL_CTX_free(ssl_ctx); return NULL; }
void rand_bytes(char* buf, int count) { static int init = init_openssl(); (void)init; int result = RAND_bytes((unsigned char*)buf, count); if (result != 1) FC_THROW("Error calling OpenSSL's RAND_bytes(): ${code}", ("code", (uint32_t)ERR_get_error())); }
/* Process command line args, create the bound socket, * spawn child (worker) processes, and wait for them all to die * (which they shouldn't!) */ int main(int argc, char **argv) { parse_cli(argc, argv); if (OPTIONS.SYSLOG) openlog("stud", LOG_CONS | LOG_PID | LOG_NDELAY, LOG_DAEMON); signal(SIGPIPE, SIG_IGN); listener_socket = create_main_socket(); struct addrinfo hints; memset(&hints, 0, sizeof hints); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = 0; const int gai_err = getaddrinfo(OPTIONS.BACK_IP, OPTIONS.BACK_PORT, &hints, &backaddr); if (gai_err != 0) { ERR("{getaddrinfo}: [%s]", gai_strerror(gai_err)); exit(1); } /* load certificate, pass to handle_connections */ SSL_CTX * ctx = init_openssl(); master_pid = getpid(); if (OPTIONS.CHROOT && OPTIONS.CHROOT[0]) change_root(); if (OPTIONS.UID || OPTIONS.GID) drop_privileges(); for (child_num=0; child_num < OPTIONS.NCORES; child_num++) { int pid = fork(); if (pid == -1) { ERR("{core} fork() failed! Goodbye cruel world!\n"); exit(1); } else if (pid == 0) // child goto handle; } int child_status; int dead_child_pid = wait(&child_status); ERR("{core} A child (%d) died! This should not happen! Goodbye cruel world!\n", dead_child_pid); kill(0, SIGTERM); exit(2); handle: handle_connections(ctx); return 0; }
static void init_ssl(void) { #if defined LIBCURL_USE_OPENSSL || defined SSL_SECURITY init_openssl(); #endif #if defined LIBCURL_USE_GNUTLS init_gnutls(); #endif }
DWORD create_netconn(BOOL useSSL, server_t *server, DWORD security_flags, netconn_t **ret) { netconn_t *netconn; int result, flag; if(useSSL) { DWORD res; TRACE("using SSL connection\n"); EnterCriticalSection(&init_ssl_cs); res = init_openssl(); LeaveCriticalSection(&init_ssl_cs); if(res != ERROR_SUCCESS) return res; } netconn = heap_alloc_zero(sizeof(*netconn)); if(!netconn) return ERROR_OUTOFMEMORY; netconn->useSSL = useSSL; netconn->socketFD = -1; netconn->security_flags = security_flags; list_init(&netconn->pool_entry); assert(server->addr_len); result = netconn->socketFD = socket(server->addr.ss_family, SOCK_STREAM, 0); if(result != -1) { result = connect(netconn->socketFD, (struct sockaddr*)&server->addr, server->addr_len); if(result == -1) closesocket(netconn->socketFD); } if(result == -1) { heap_free(netconn); return sock_get_error(errno); } #ifdef TCP_NODELAY flag = 1; result = setsockopt(netconn->socketFD, IPPROTO_TCP, TCP_NODELAY, (void*)&flag, sizeof(flag)); if(result < 0) WARN("setsockopt(TCP_NODELAY) failed\n"); #endif server_addref(server); netconn->server = server; *ret = netconn; return ERROR_SUCCESS; }
void rand_pseudo_bytes(char* buf, int count) { static int init = init_openssl(); (void)init; // RAND_pseudo_bytes is deprecated in favor of RAND_bytes as of OpenSSL 1.1.0 #if OPENSSL_VERSION_NUMBER < 0x10100000L int result = RAND_pseudo_bytes((unsigned char*)buf, count); if (result == -1) FC_THROW("Error calling OpenSSL's RAND_pseudo_bytes(): ${code}", ("code", (uint32_t)ERR_get_error())); #else rand_bytes(buf, count); #endif }
static void init_server() { set_using_safety_threads_for_openssl(true); seed_prng(); init_openssl(); assert_cache_directory_existence(); get_necessary_info(); load_pub_key(); // Initial the e-mail sending lock mutex if(sem_init(&email_sending_lock_mutex, 0, 1) != 0) int_error("Initial a mutex failed"); }
/** * Main SSL demonstration code entry point */ int main(int argc, char** argv) { // char* host_and_port = argv[1]; /* localhost:4422 */ // char* server_request = argv[2]; /* "GET / \r\n\r\n" */ // char* store_path = argv[3]; /* /home/user/projects/sslclient/certificate.pem */ // char store_type = argv[4][0]; /* f = file, anything else is a directory structure */ // char connection_type = argv[5][0]; /* e = encrypted, anything else is unencrypted */ char buffer[4096]; buffer[0] = 0; BIO* bio; SSL_CTX* ctx = NULL; SSL* ssl = NULL; /* initilise the OpenSSL library */ init_openssl(); /* encrypted link */ /* if (connection_type == 'e') { if ((bio = connect_encrypted(host_and_port, store_path, store_type, &ctx, &ssl)) == NULL) return (EXIT_FAILURE); }*/ /* unencrypted link */ //else if ((bio = connect_unencrypted(host_and_port)) == NULL) //return (EXIT_FAILURE); if ((bio = connect_encrypted("127.0.0.1:7543" , &ctx , &ssl)) == NULL) return (EXIT_FAILURE); char* server_request = "GET / \r\n\r\n"; write_to_stream(bio, server_request, strlen(server_request)); read_from_stream(bio, buffer, 4096); printf("%s\r\n", buffer); if (close_connection(bio) == 0) return (EXIT_FAILURE); /* clean up the SSL context resources for the encrypted link */ //if (connection_type == 'e') SSL_CTX_free(ctx); return (EXIT_SUCCESS); }
void print_license_info() { license_struct lstr; int license_valid; fputs("License information:\n", stderr); init_openssl(); load_license(&lstr); print_license(&lstr); license_valid = verify_license(&lstr); free_license(&lstr); free_openssl(); if (!license_valid) { exit(EXIT_FAILURE); } fputs("The license key is valid.\n", stderr); }
/* Process command line args, create the bound socket, * spawn child (worker) processes, and wait for them all to die * (which they shouldn't!) */ int main(int argc, char **argv) { parse_cli(argc, argv); int s = create_main_socket(); int x; struct addrinfo hints; memset(&hints, 0, sizeof hints); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = 0; const int gai_err = getaddrinfo(OPTIONS.BACK_IP, OPTIONS.BACK_PORT, &hints, &backaddr); if (gai_err != 0) { fprintf(stderr, "{getaddrinfo}: [%s]", gai_strerror(gai_err)); exit(1); } /* load certificate, pass to handle_connections */ SSL_CTX * ctx = init_openssl(); for (x=0; x < OPTIONS.NCORES; x++) { int pid = fork(); if (pid == -1) { fprintf(stderr, "{core} fork() failed! Goodbye cruel world!\n"); exit(1); } else if (pid == 0) // child goto handle; } int child_status; for (x=0; x < OPTIONS.NCORES; x++) { wait(&child_status); fprintf(stderr, "{core} A child died! This should not happen! Goodbye cruel world!\n"); exit(2); } handle: handle_connections(x, s, ctx); return 0; }
/* --------------------------------------------------------------------- * ModuleInit * Initialize module * --------------------------------------------------------------------- */ int ModuleInit(MODULEINIT_T* modinit) { LibPMStartFrame = modinit->StartFrame; LibPMInsertStr = modinit->InsertStr; LibPMInsertInt = modinit->InsertInt; LibPMInsertLong = modinit->InsertLong; LibPMSendFrame = modinit->SendFrame; LibPMExecFrame = modinit->ExecFrame; LibPMWriteError = modinit->WriteError; LibPMStubCreate = modinit->StubCreate; LibPMStubCheck = modinit->StubCheck; LibPMStubDelete = modinit->StubDelete; LibPMStubSetHook = modinit->StubSetHook; LibPMStubSetProc = modinit->StubSetProc; LibPMStubFind = modinit->StubFind; init_openssl(); PMApiInit(); return TRUE; }
int main(int argc, char **argv) { BIO *conn; SSL *ssl; SSL_CTX *ctx; init_openssl(); seed_prng(64); ctx = setup_client_ctx(); conn = BIO_new_connect(SERVER ":" PORT); if(!conn) log_err("Failed create bio connection"); if(BIO_do_connect(conn) <= 0) log_err("Failed connecting to remote host"); if(!(ssl = SSL_new(ctx))) log_err("Error creating an SSL context."); SSL_set_bio(ssl, conn, conn); if(SSL_connect(ssl) <= 0) log_err("Error connecting SSL object."); fprintf(stderr, "Connection opened\n"); if(do_client(ssl)) SSL_shutdown(ssl); else SSL_clear(ssl); fprintf(stderr, "Connection closed\n"); //BIO_free(conn); SSL_free(ssl); SSL_CTX_free(ctx); return 0; }
void config_parse_cli(int argc, char **argv, stud_config *cfg) { static int tls = 0, ssl = 0; static int client = 0; int c, i; int test_only = 0; char *prog; struct option long_options[] = { #ifndef NO_CONFIG_FILE { CFG_CONFIG, 1, NULL, CFG_PARAM_CFGFILE }, { CFG_CONFIG_DEFAULT, 0, NULL, CFG_PARAM_DEFCFG }, #endif { "tls", 0, &tls, 1}, { "ssl", 0, &ssl, 1}, { "client", 0, &client, 1}, { CFG_CIPHERS, 1, NULL, 'c' }, { CFG_PREFER_SERVER_CIPHERS, 0, NULL, 'O' }, { CFG_BACKEND, 1, NULL, 'b' }, { CFG_FRONTEND, 1, NULL, 'f' }, { CFG_WORKERS, 1, NULL, 'n' }, { CFG_BACKLOG, 1, NULL, 'B' }, #ifdef USE_SHARED_CACHE { CFG_SHARED_CACHE, 1, NULL, 'C' }, { CFG_SHARED_CACHE_LISTEN, 1, NULL, 'U' }, { CFG_SHARED_CACHE_PEER, 1, NULL, 'P' }, { CFG_SHARED_CACHE_MCASTIF, 1, NULL, 'M' }, #endif { CFG_KEEPALIVE, 1, NULL, 'k' }, { CFG_CHROOT, 1, NULL, 'r' }, { CFG_USER, 1, NULL, 'u' }, { CFG_GROUP, 1, NULL, 'g' }, { CFG_QUIET, 0, NULL, 'q' }, { CFG_SYSLOG, 0, NULL, 's' }, { CFG_SYSLOG_FACILITY, 1, NULL, CFG_PARAM_SYSLOG_FACILITY }, { CFG_DAEMON, 0, &cfg->DAEMONIZE, 1 }, { CFG_WRITE_IP, 0, &cfg->WRITE_IP_OCTET, 1 }, { CFG_WRITE_PROXY, 0, &cfg->WRITE_PROXY_LINE, 1 }, { CFG_WRITE_XFF, 0, &cfg->WRITE_XFF_LINE, 1 }, { CFG_PROXY_PROXY, 0, &cfg->PROXY_PROXY_LINE, 1 }, { CFG_READ_PROXY, 0, &cfg->READ_PROXY_LINE, 1 }, { "test", 0, NULL, 't' }, { "version", 0, NULL, 'V' }, { "help", 0, NULL, 'h' }, { 0, 0, 0, 0 } }; while (1) { int option_index = 0; c = getopt_long( argc, argv, "c:e:Ob:f:n:B:C:U:P:M:k:r:u:g:qstVh", long_options, &option_index ); if (c == -1) break; switch (c) { case 0: break; #ifndef NO_CONFIG_FILE case CFG_PARAM_CFGFILE: if (!config_file_parse(optarg, cfg)) config_die("%s", config_error_get()); break; case CFG_PARAM_DEFCFG: config_print_default(stdout, cfg); exit(0); break; #endif case CFG_PARAM_SYSLOG_FACILITY: config_param_validate(CFG_SYSLOG_FACILITY, optarg, cfg, NULL, 0); break; case 'c': config_param_validate(CFG_CIPHERS, optarg, cfg, NULL, 0); break; case 'e': config_param_validate(CFG_SSL_ENGINE, optarg, cfg, NULL, 0); break; case 'O': config_param_validate(CFG_PREFER_SERVER_CIPHERS, CFG_BOOL_ON, cfg, NULL, 0); break; case 'b': config_param_validate(CFG_BACKEND, optarg, cfg, NULL, 0); break; case 'f': config_param_validate(CFG_FRONTEND, optarg, cfg, NULL, 0); break; case 'n': config_param_validate(CFG_WORKERS, optarg, cfg, NULL, 0); break; case 'B': config_param_validate(CFG_BACKLOG, optarg, cfg, NULL, 0); break; #ifdef USE_SHARED_CACHE case 'C': config_param_validate(CFG_SHARED_CACHE, optarg, cfg, NULL, 0); break; case 'U': config_param_validate(CFG_SHARED_CACHE_LISTEN, optarg, cfg, NULL, 0); break; case 'P': config_param_validate(CFG_SHARED_CACHE_PEER, optarg, cfg, NULL, 0); break; case 'M': config_param_validate(CFG_SHARED_CACHE_MCASTIF, optarg, cfg, NULL, 0); break; #endif case 'k': config_param_validate(CFG_KEEPALIVE, optarg, cfg, NULL, 0); break; case 'r': config_param_validate(CFG_CHROOT, optarg, cfg, NULL, 0); break; case 'u': config_param_validate(CFG_USER, optarg, cfg, NULL, 0); break; case 'g': config_param_validate(CFG_GROUP, optarg, cfg, NULL, 0); break; case 'q': config_param_validate(CFG_QUIET, CFG_BOOL_ON, cfg, NULL, 0); break; case 's': config_param_validate(CFG_SYSLOG, CFG_BOOL_ON, cfg, NULL, 0); break; case 't': test_only = 1; break; case 'V': printf("%s %s\n", basename(argv[0]), STUD_VERSION); exit(0); break; case 'h': config_print_usage(argv[0], cfg); exit(0); break; default: config_die("Invalid command line parameters. Run %s --help for instructions.", basename(argv[0])); } } prog = argv[0]; if (tls && ssl) config_die("Options --tls and --ssl are mutually exclusive."); else { if (ssl) cfg->ETYPE = ENC_SSL; else if (tls) cfg->ETYPE = ENC_TLS; } if (client) { cfg->PMODE = SSL_CLIENT; } if (cfg->WRITE_IP_OCTET && cfg->WRITE_PROXY_LINE) config_die("Options --write-ip and --write-proxy are mutually exclusive."); if (cfg->WRITE_PROXY_LINE && cfg->PROXY_PROXY_LINE) config_die("Options --write-proxy and --proxy-proxy are mutually exclusive."); if (cfg->WRITE_IP_OCTET && cfg->PROXY_PROXY_LINE) config_die("Options --write-ip and --proxy-proxy are mutually exclusive."); if (cfg->DAEMONIZE) { cfg->SYSLOG = 1; cfg->QUIET = 1; } #ifdef USE_SHARED_CACHE if (cfg->SHCUPD_IP != NULL && ! cfg->SHARED_CACHE) config_die("Shared cache update listener is defined, but shared cache is disabled."); #endif // Any arguments left are presumed to be PEM files argc -= optind; argv += optind; for (i = 0; i < argc; i++) { config_param_validate(CFG_PEM_FILE, argv[i], cfg, NULL, 0); } if (cfg->PMODE == SSL_SERVER && cfg->CERT_FILES == NULL) { config_die("No x509 certificate PEM file specified!"); } // was this only a test? if (test_only) { fprintf(stderr, "Trying to initialize SSL contexts with your certificates"); if (!init_openssl()) { config_die("Error initializing OpenSSL."); } printf("%s configuration looks ok.\n", basename(prog)); exit(0); } }
int main(int argc,char *argv[]) { int a,b,c,processed_files=0,filename_count=0; char *outfile_name=NULL; int vflag=0,oflag=0; #ifdef LICENSE license_struct lstr; #endif progname=argv[0]; atexit(DelTemp); signal(SIGINT,ControlChandler); while ((c = getopt(argc, argv, "vo:")) != -1) { switch (c) { case 'o': outfile_name=optarg; oflag = 1; break; case 'v': vflag=1; break; default: Usage();return 0; } } if(oflag&&vflag){Usage();return 0;}/*both switches are used*/ if(vflag) { fputs("Log Merger for the TTCN-3 Test Executor\n" "Product number: " PRODUCT_NUMBER "\n" "Version: " VERSION_STRING "\n" "Build date: " __DATE__ " " __TIME__ "\n" "Compiled with: " C_COMPILER_VERSION "\n\n" COPYRIGHT_STRING "\n\n", stderr); #ifdef LICENSE print_license_info(); #endif return 0; } #ifdef LICENSE init_openssl(); load_license(&lstr); if (!verify_license(&lstr)) { free_license(&lstr); free_openssl(); exit(EXIT_FAILURE); } if (!check_feature(&lstr, FEATURE_LOGFORMAT)) { fputs("The license key does not allow the merging of log files.\n", stderr); return 2; } free_license(&lstr); free_openssl(); #endif argc-=optind-1;argv+=optind-1; if(argc<2){Usage();return 0;}/*executed when no input file is given*/ for(a=1;a<argc;a++) {/*find first file with a valid timestamp*/ TimeStampUsed=GetTimeStampFormat(argv[a]); if(TimeStampUsed!=TSF_Undefined)break; } switch(TimeStampUsed) { case TSF_Seconds: fputs("Merging logs with timestamp " "format \"seconds\" has no sense.\n", stderr); return 0; case TSF_Time: TimeStampLength=TIMELENGTH;break; case TSF_DateTime: TimeStampLength=DATETIMELENGTH;break; default: fputs("Unsupported timestamp format.\n", stderr); return 1; } for(a=1,c=0;a<argc;a++) {/*get files with valid timestamp format*/ b=GetTimeStampFormat(argv[a]); if(TimeStampUsed==b) {/*file conains at least one valid timestamp*/ c++; name_list_in=(char **)Realloc(name_list_in,c*sizeof(char *)); name_list_in[c-1] = mcopystr(argv[a]); } else if(b==TSF_Undefined)/*file contains no timestamp or uses a different format than the first match*/ fprintf(stderr,"Warning: unknown format in %s\n",argv[a]); else fprintf(stderr,"Warning: format mismatch in %s\n",argv[a]); } num_allfiles=c; if(num_allfiles<1){Usage();return 0;}/*no valid log file found*/ if(oflag){/*switch [-o outfile] is used -> create outfile*/ outfile = fopen(outfile_name, FOPEN_WRITE); if(outfile==NULL) { fprintf(stderr,"Error creating %s %s\n",outfile_name,strerror(errno)); return 1; } } else { outfile = stdout; } while(1) { filename_count=num_allfiles;start_file=0; while(num_allfiles>0) {/*process files in name_list_in*/ processed_files=OpenMaxFiles(num_allfiles,name_list_in+start_file); must_use_temp=True;/*if there are infiles remaining use tempfiles for all*/ if((processed_files<2)&&(num_allfiles>1)){fprintf(stderr,"Error: " "can not open enough files.\nMore descriptors required " "(set with the command `limit descriptors\')\n");return 1;} if(infiles_processed==True) for(a=0;a<processed_files;a++) { Free(EventList[a]->str_to_add); EventList[a]->str_to_add = NULL; } num_allfiles-=processed_files; ProcessOpenFiles(); CloseAllFiles(); start_file+=processed_files; } must_use_temp=False;/*all infiles processed*/ /*remove temporary files used in previous step*/ if(infiles_processed==True) for(a=0;a<filename_count;a++)remove(name_list_in[a]); infiles_processed=True; for(a=0;a<filename_count;a++)Free(name_list_in[a]); Free(name_list_in); if(num_tempfiles==0)break;/*no more file to process*/ name_list_in=temp_file_list;/*process tempfiles*/ num_allfiles=num_tempfiles; num_tempfiles=0;temp_file_list=NULL; } check_mem_leak(progname); return 0; }
int generate_rsa(void) { int iRet = EXIT_SUCCESS; EVP_PKEY* pPrivKey = NULL; EVP_PKEY* pPubKey = NULL; FILE* pFile = NULL; const EVP_CIPHER* pCipher = NULL; init_openssl(); pPrivKey = create_rsa_key(); pPubKey = create_rsa_key(); if(pPrivKey && pPubKey) {/* Save the keys */ if((pFile = fopen("privkey.pem","wt")) && (pCipher = EVP_aes_256_cbc())) { if(!PEM_write_PrivateKey(pFile,pPrivKey,pCipher, (unsigned char*)pcszPassphrase, (int)strlen(pcszPassphrase),NULL,NULL)) { fprintf(stderr,"PEM_write_PrivateKey failed.\n"); handle_openssl_error(); iRet = EXIT_FAILURE; } fclose(pFile); pFile = NULL; if(iRet == EXIT_SUCCESS) { if((pFile = fopen("pubkey.pem","wt")) && PEM_write_PUBKEY(pFile,pPubKey)) fprintf(stderr,"Both keys saved.\n"); else { handle_openssl_error(); iRet = EXIT_FAILURE; } if(pFile) { fclose(pFile); pFile = NULL; } } } else { fprintf(stderr,"Cannot create \"privkey.pem\".\n"); handle_openssl_error(); iRet = EXIT_FAILURE; if(pFile) { fclose(pFile); pFile = NULL; } } if(iRet == EXIT_SUCCESS) {/* Read the keys */ EVP_PKEY_free(pPrivKey); pPrivKey = NULL; EVP_PKEY_free(pPubKey); pPubKey = NULL; if((pFile = fopen("privkey.pem","rt")) && (pPrivKey = PEM_read_PrivateKey(pFile,NULL,passwd_callback,(void*)pcszPassphrase))) { fprintf(stderr,"Private key read.\n"); } else { fprintf(stderr,"Cannot read \"privkey.pem\".\n"); handle_openssl_error(); iRet = EXIT_FAILURE; } if(pFile) { fclose(pFile); pFile = NULL; } if((pFile = fopen("pubkey.pem","rt")) && (pPubKey = PEM_read_PUBKEY(pFile,NULL,NULL,NULL))) { fprintf(stderr,"Public key read.\n"); } else { fprintf(stderr,"Cannot read \"pubkey.pem\".\n"); handle_openssl_error(); iRet = EXIT_FAILURE; } char msg[2048/8]; // Get rid of the newline int session_seed = rand(); sprintf(msg, "%d", session_seed); // Encrypt the message } } if(pPrivKey) { EVP_PKEY_free(pPrivKey); pPrivKey = NULL; } if(pPubKey) { EVP_PKEY_free(pPubKey); pPubKey = NULL; } cleanup_openssl(); return iRet; }
int run_server(int port, dserve_global_p globalptr) { struct sockaddr_in clientaddr; int rc, sd, connsd, next; thread_data_p tdata; struct common_data *common; long tid, maxtid, tcount, i; size_t clientlen; //struct timeval timeout; #ifdef MULTI_THREAD #if _MSC_VER HANDLE thandle; HANDLE thandlearray[MAX_THREADS]; DWORD threads[MAX_THREADS]; #else pthread_t threads[MAX_THREADS]; pthread_attr_t attr; struct timespec tim, tim2; #endif #ifdef USE_OPENSSL SSL_CTX *ctx; SSL *ssl; #endif #endif #if _MSC_VER void* db=NULL; // actual database pointer WSADATA wsaData; if (WSAStartup(MAKEWORD(2, 0),&wsaData) != 0) { errprint(WSASTART_ERR,NULL); exit(ERR_EX_UNAVAILABLE); } db = wg_attach_existing_database("1000"); //db = wg_attach_database(database,100000000); if (!db) { errprint(DB_ATTACH_ERR,NULL); exit(ERR_EX_UNAVAILABLE); } #else signal(SIGPIPE,SIG_IGN); // important for linux TCP/IP handling #endif tdata=&(globalptr->threads_data[0]); #ifdef MULTI_THREAD #if _MSC_VER #else if (THREADPOOL) { // ---------------- run as server with threadpool ----------- infoprint(THREADPOOL_INFO,NULL); // setup nanosleep for 100 microsec tim.tv_sec = 0; tim.tv_nsec = 100000; #ifdef USE_OPENSSL // prepare openssl ctx=init_openssl(globalptr->conf); #endif // prepare threads common=(struct common_data *)malloc(sizeof(struct common_data)); tid=0; tcount=0; maxtid=0; if (pthread_mutex_init(&(common->mutex),NULL) !=0 || pthread_cond_init(&(common->cond),NULL) != 0 || pthread_attr_init(&attr) !=0) { errprint(MUTEX_ERROR,NULL); exit(ERR_EX_UNAVAILABLE); } common->threads = threads; common->queue = (common_task_t *)malloc(sizeof(common_task_t) * QUEUE_SIZE); common->thread_count = 0; common->queue_size = QUEUE_SIZE; common->head = common->tail = common->count = 0; common->shutdown = common->started = 0; pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE); //PTHREAD_CREATE_DETACHED); // create threads for(tid=0;tid<MAX_THREADS;tid++) { // init thread data block tdata[tid].isserver=1; tdata[tid].thread_id=tid; tdata[tid].realthread=2; tdata[tid].common=common; tdata[tid].inuse=0; tdata[tid].conn=0; tdata[tid].ip=NULL; tdata[tid].port=0; tdata[tid].method=0; tdata[tid].res=0; tdata[tid].global=globalptr; //fprintf(stderr,"creating thread %d tcount %d \n",(int)tid,(int)tcount); rc=pthread_create(&threads[tid], &attr, handle_http, (void *) &tdata[tid]); if (rc) { errprint(THREAD_CREATE_ERR,strerror(errno)); exit(ERR_EX_UNAVAILABLE); } tcount++; } // sd=open_listener(port); if (sd<0) { errprint(PORT_LISTEN_ERR, strerror(errno)); return -1; } clientlen = sizeof(clientaddr); // loop forever, servicing requests while (1) { connsd=accept(sd,(struct sockaddr *)&clientaddr, &clientlen); if (connsd<0) { warnprint(CONN_ACCEPT_WARN, strerror(errno)); continue; } if(pthread_mutex_lock(&(common->mutex)) != 0) { errprint(THREADPOOL_LOCK_ERR,NULL); exit(ERR_EX_UNAVAILABLE); } #ifdef USE_OPENSSL ssl = SSL_new(ctx); // get new SSL state with context SSL_set_fd(ssl,connsd); #endif // now we have a connection: add to queue next=common->tail+1; next=(next==common->queue_size) ? 0 : next; do { if(common->count==common->queue_size) { // full? //fprintf(stderr, "queue full\n"); nanosleep(&tim , &tim2); break; //continue; } if(common->shutdown) { warnprint(SHUTDOWN_WARN,NULL); break; } // add to task queue common->queue[common->tail].conn=connsd; #ifdef USE_OPENSSL common->queue[common->tail].ssl=ssl; #endif common->tail=next; common->count+=1; //printf("next %d\n",next); // broadcast if(pthread_cond_signal(&(common->cond)) != 0) { warnprint(COND_SIGNAL_FAIL_WARN,NULL); break; } } while(0); //fprintf(stderr,"starting to unlock \n"); if(pthread_mutex_unlock(&(common->mutex)) != 0) { errprint(THREADPOOL_UNLOCK_ERR,NULL); exit(ERR_EX_UNAVAILABLE); } } return 0; // never come to this } else #endif // threadpool not implemented on windows version: using a non-threadpool version { // ------------- run as server without threadpool ------------- infoprint(MULTITHREAD_INFO,NULL); // setup nanosleep for 100 microsec #if _MSC_VER #else tim.tv_sec = 0; tim.tv_nsec = 100000; #endif // prepare common block common=(struct common_data *)malloc(sizeof(struct common_data)); common->shutdown=0; // mark thread data blocks free for(i=0;i<MAX_THREADS;i++) { tdata[i].inuse=0; tdata[i].common=common; tdata[i].global=globalptr; } // prepare threads tid=0; tcount=0; maxtid=0; #if _MSC_VER #else pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED); //PTHREAD_CREATE_JOINABLE); #endif sd=open_listener(port); if (sd<0) { errprint(PORT_LISTEN_ERR, strerror(errno)); return -1; } clientlen = sizeof(clientaddr); while (1) { connsd=accept(sd,(struct sockaddr *)&clientaddr, &clientlen); if (common->shutdown==1) break; if (connsd<0) { warnprint(CONN_ACCEPT_WARN, strerror(errno)); continue; } tid=-1; // find first free thread data block // loop until we get a free one while(tid<0) { for(i=0;i<MAX_THREADS;i++) { if (!tdata[i].inuse) { tid=i; break; } } if (tid>=0) break; #if _MSC_VER usleep(1); #else nanosleep(&tim , &tim2); #endif } if (tid>maxtid) maxtid=tid; tcount++; // init thread data block tdata[tid].isserver=1; tdata[tid].thread_id=tid; tdata[tid].realthread=1; tdata[tid].inuse=1; tdata[tid].conn=connsd; tdata[tid].ip=NULL; tdata[tid].port=0; tdata[tid].method=0; tdata[tid].res=0; tdata[tid].global=globalptr; #if _MSC_VER tdata[tid].db=db; thandle=CreateThread(NULL, 0, handle_http, (void *) &tdata[tid], 0, &threads[tid]); if (thandle==NULL) { win_err_handler(TEXT("CreateThread")); ExitProcess(3); } else { thandlearray[tid]=thandle; } #else rc=pthread_create(&threads[tid], &attr, handle_http, (void *) &tdata[tid]); #endif } return 0; // never come to this } #else // ------------ run as an iterative server ------------- sd=open_listener(port); if (sd<0) { errprint(PORT_LISTEN_ERR, strerror(errno)); return -1; } clientlen = sizeof(clientaddr); while (1) { connsd=accept(sd,(struct sockaddr *)&clientaddr, &clientlen); if (connsd<0) { warnprint(CONN_ACCEPT_WARN, strerror(errno)); continue; } tid=0; tdata[tid].isserver=1; tdata[tid].thread_id=tid; tdata[tid].realthread=0; tdata[tid].conn=connsd; tdata[tid].ip=NULL; tdata[tid].port=0; tdata[tid].method=0; tdata[tid].res=0; tdata[tid].global=globalptr; #if _MSC_VER tdata[tid].db=db; #endif handle_http((void *) &tdata[tid]); } return 0; // never come to this #endif }
int main(int argc,char *argv[]) { int a,b,c; FILE *outfile = NULL, *infile = NULL; char *outfile_name=NULL,*infile_name=NULL; char tmp[20]; int vflag=0,oflag=0,hflag=0,lflag=0,plusflag=0,minusflag=0; #ifdef LICENSE license_struct lstr; #endif while ((c = getopt(argc, argv, "lhvo:")) != -1) { switch (c) { case 'o':/*set outfile*/ outfile_name=optarg; oflag = 1; break; case 'v':/*print version*/ vflag=1; break; case 'h':/*print help (usage)*/ hflag=1; break; case 'l':/*list event types*/ lflag=1; break; default: Usage(argv[0]); return EXIT_FAILURE; } } if (oflag + vflag + hflag + lflag > 1) { Usage(argv[0]); return EXIT_FAILURE; } else if (vflag) { fputs("Log Filter for the TTCN-3 Test Executor\n" "Product number: " PRODUCT_NUMBER "\n" "Build date: " __DATE__ " " __TIME__ "\n" "Compiled with: " C_COMPILER_VERSION "\n\n" COPYRIGHT_STRING "\n\n", stderr); #ifdef LICENSE print_license_info(); #endif return EXIT_SUCCESS; } else if (hflag) { Usage(argv[0]); return EXIT_SUCCESS; } else if(lflag) { ListTypes(); return EXIT_SUCCESS; } #ifdef LICENSE init_openssl(); load_license(&lstr); if (!verify_license(&lstr)) { free_license(&lstr); free_openssl(); exit(EXIT_FAILURE); } if (!check_feature(&lstr, FEATURE_LOGFORMAT)) { fputs("The license key does not allow the filtering of log files.\n", stderr); return 2; } free_license(&lstr); free_openssl(); #endif /* switches: -v -o -h -l filter parameters: parameter+ or parameter- */ for(a=0;a<MaxType;a++)Wflags[a]=0; for(a=1;a<argc;a++) { if(*argv[a]=='-'){if(*(argv[a]+1)=='o')a++;continue;}/*switch*/ if(*(argv[a]+strlen(argv[a])-1)=='-') {/*type to ignore*/ for(b=0,c=0;b<MaxType;b++) if(0==strncmp(EventTypeNames[b],argv[a], strlen(EventTypeNames[b]))&&strlen(EventTypeNames[b])== strlen(argv[a])-1) { Wflags[b]=DontWrite; c=1; } if(!c) {/*Undefined type*/ strncpy(tmp,argv[a],sizeof(tmp)-1); if(strlen(argv[a])>sizeof(tmp)-1) for(c=2;c<5;c++)tmp[sizeof(tmp)-c]='.'; else tmp[strlen(argv[a])-1]='\0'; tmp[sizeof(tmp)-1]='\0'; if(strlen(tmp))fprintf(stderr,"Warning: %s is not a valid " "event-type name.\n",tmp); else fprintf(stderr,"Warning: `-\' without an event-type " "name.\n"); } Wothers=Write; minusflag=1; continue; } if(*(argv[a]+strlen(argv[a])-1)=='+') {/*type to write out*/ for(b=0,c=0;b<MaxType;b++) if(0==strncmp(EventTypeNames[b],argv[a], strlen(EventTypeNames[b]))&&strlen(EventTypeNames[b])== strlen(argv[a])-1) { Wflags[b]=Write; c=1; } if(!c) {/*Undefined type*/ strncpy(tmp,argv[a],sizeof(tmp)-1); if(strlen(argv[a])>sizeof(tmp)-1) for(c=2;c<5;c++)tmp[sizeof(tmp)-c]='.'; else tmp[strlen(argv[a])-1]='\0'; tmp[sizeof(tmp)-1]='\0'; if(strlen(tmp))fprintf(stderr,"Warning: %s is not a valid " "event-type name.\n",tmp); else fprintf(stderr,"Warning: `+\' without an event-type " "name.\n"); } Wothers=DontWrite; plusflag=1; continue; } if(infile_name!=NULL) {/*only one input file at once*/ fprintf(stderr,"Error: more than one input file specified.\n"); return EXIT_FAILURE; } infile_name=argv[a]; } if(minusflag&&plusflag) {/*type1+ and type2- at the same time could cause types that are not defined what to do with, to act based on the last filter definition. Thus it is not allowed.*/ fprintf(stderr,"Error: include and exclude at the same time.\n"); return EXIT_FAILURE; } if(infile_name==NULL)infile=stdin;/*if no infile specified use stdin*/ else { infile=fopen(infile_name,"r"); if(infile==NULL) { fprintf(stderr,"Error opening %s : %s\n",infile_name, strerror(errno)); return EXIT_FAILURE; } } if(oflag) { outfile=fopen(outfile_name,"w"); if(outfile==NULL) { fprintf(stderr,"Error creating %s : %s\n",outfile_name, strerror(errno)); return EXIT_FAILURE; } } else outfile=stdout;/*if no outfile specified use stdout*/ a=ProcessFile(outfile,infile);/*filter infile to outfile*/ if(a==ERR_INVALID_LOG) { if(infile_name!=NULL)fprintf(stderr,"Error: the file %s is not a valid " "log file.\n",infile_name); else fprintf(stderr,"Error: invalid format received from standard " "input.\n"); return EXIT_FAILURE; } else if(a==ERR_WRITE) { if(errno)fprintf(stderr,"Error writing to output: %s\n", strerror(errno)); else fprintf(stderr,"Error writing to output\n"); return EXIT_FAILURE; } return EXIT_SUCCESS; }
DWORD create_netconn(BOOL useSSL, server_t *server, DWORD security_flags, DWORD timeout, netconn_t **ret) { netconn_t *netconn; int result, flag; if(useSSL) { DWORD res; TRACE("using SSL connection\n"); EnterCriticalSection(&init_ssl_cs); res = init_openssl(); LeaveCriticalSection(&init_ssl_cs); if(res != ERROR_SUCCESS) return res; } netconn = heap_alloc_zero(sizeof(*netconn)); if(!netconn) return ERROR_OUTOFMEMORY; netconn->useSSL = useSSL; netconn->socketFD = -1; netconn->security_flags = security_flags; list_init(&netconn->pool_entry); assert(server->addr_len); result = netconn->socketFD = socket(server->addr.ss_family, SOCK_STREAM, 0); if(result != -1) { flag = 1; ioctlsocket(netconn->socketFD, FIONBIO, &flag); result = connect(netconn->socketFD, (struct sockaddr*)&server->addr, server->addr_len); if(result == -1) { if (sock_get_error(errno) == WSAEINPROGRESS) { struct pollfd pfd; int res; pfd.fd = netconn->socketFD; pfd.events = POLLOUT; res = poll(&pfd, 1, timeout); if (!res) { closesocket(netconn->socketFD); heap_free(netconn); return ERROR_INTERNET_CANNOT_CONNECT; } else if (res > 0) { int err; socklen_t len = sizeof(err); if (!getsockopt(netconn->socketFD, SOL_SOCKET, SO_ERROR, &err, &len) && !err) result = 0; } } } if(result == -1) closesocket(netconn->socketFD); else { flag = 0; ioctlsocket(netconn->socketFD, FIONBIO, &flag); } } if(result == -1) { heap_free(netconn); return sock_get_error(errno); } #ifdef TCP_NODELAY flag = 1; result = setsockopt(netconn->socketFD, IPPROTO_TCP, TCP_NODELAY, (void*)&flag, sizeof(flag)); if(result < 0) WARN("setsockopt(TCP_NODELAY) failed\n"); #endif server_addref(server); netconn->server = server; *ret = netconn; return ERROR_SUCCESS; }
void init() { sigset_t sigmask; sigemptyset(&sigmask); sigaddset(&sigmask, SIGALRM); sigaddset(&sigmask, SIGUSR1); sigprocmask(SIG_BLOCK, &sigmask, NULL); console_print("Emergence Client " VERSION "\n"); SDL_Init(SDL_INIT_AUDIO); init_user(); init_network(); init_timer(); init_openssl(); init_key(); init_download(); init_servers(); create_cvars(); init_console_cvars(); init_render_cvars(); init_map_cvars(); create_control_cvars(); // create_input_cvars(); init_tick_cvars(); init_console(); create_colour_cvars(); struct string_t *string = new_string_string(emergence_home_dir); string_cat_text(string, "/client.config"); if(!exec_config_file(string->text)) { exec_config_file(find_resource("default-controls.config")); } else { char *ver = get_cvar_string("version"); if(*ver == '\0') { struct string_t *command = new_string_text("rm "); string_cat_string(command, emergence_home_dir); string_cat_text(command, "/skins/default.skin*"); console_print("%s\n", command->text); system(command->text); vid_mode = -1; // find a nice mode exec_config_file(find_resource("default-controls.config")); } free(ver); } free_string(string); set_cvar_string("version", VERSION); init_skin(); init_input(); init_control(); init_render(); init_rcon(); init_ping(); create_cvar_command("quit", client_shutdown_char); init_sound(); init_game(); init_alarm(); render_frame(); string = new_string_text("%s%s", emergence_home_dir->text, "/client.autoexec"); if(!exec_config_file(string->text)) exec_config_file(find_resource("default-client.autoexec")); free_string(string); start_server_discovery(); }
void _init_lib() { static const secp256k1_context_t* ctx = _get_context(); static int init_o = init_openssl(); }
int test_ssl_certificate() { init_openssl(); SSL_CTX * ctx = SSL_CTX_new(SSLv23_client_method()); SSL * ssl; if (NULL == ctx) { DEBUG_PRINT("%s\n", "Failed to init SSL_CTX"); exit(1); } if(!SSL_CTX_load_verify_locations(ctx, NULL ,"/etc/ssl/certs")) { DEBUG_PRINT("%s\n", "Failed to load certs from /etc/ssl/certs"); exit(1); } BIO *bio; // Create secure BIO object bio = BIO_new_ssl_connect(ctx); if (NULL == bio) { DEBUG_PRINT("%s\n", "Failed to create the BIO object"); exit(1); } // Get the SSL connection from bio struct to ssl BIO_get_ssl(bio, &ssl); // Set SSL_MODE_AUTO_RETRY flag to allow retrying ssl handshake // int the background SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); DEBUG_PRINT("%s\n", "Performing SSL handshake with the host www.verisign.com"); // Set up connection hostname and port BIO_set_conn_hostname(bio, "www.verisign.com:https"); // Verify the connection opened and perform the handshake if (BIO_do_connect(bio) <= 0) { // Connection failed DEBUG_PRINT("%s\n", "Failed to open connection to host"); ERR_print_errors_fp(stderr); BIO_free_all(bio); exit(1); } // Verify certificate if(SSL_get_verify_result(ssl) != X509_V_OK) { // Problem in certificate DEBUG_PRINT("%s\n", "Failed to verify host certificate"); } else { DEBUG_PRINT("%s\n", "Verified host certificate"); } // Clean context structure SSL_CTX_free(ctx); /* To reuse the connection, use this line */ /*BIO_reset(bio);*/ /* To free it from memory, use this line */ BIO_free_all(bio); return 0; }
/** * * \brief Main exchange-tls12 function. For help on arguments * see the usage() above. * * \param[in] argc - the number of arguments passed into the * command line * \param[in] argv - a pointer to the array of arguments * \return 0 for success */ int main(int argc, char *argv[]) { int err = 0; int cmd = -1; char ch; uint32_t is_server = 0; uint32_t is_client = 0; char *ca_path = NULL; char *chain_file = NULL; char *cert_file = NULL; char *key_file = NULL; char *engine_id = NULL; char *cipher_list = NULL; char *ip_address = "127.0.0.1"; uint16_t port_number = PORT_NUMBER_DEFAULT; char cwd[200]; char cmd_buffer[256]; int buf_len = 128; verify_depth = 0; if (getcwd(cwd, sizeof(cwd)) != NULL) { fprintf(stderr, "Current working dir: %s\n", cwd); } else { fprintf(stderr, "getcwd() error"); return 100; } snprintf(cmd_buffer, 256, "%s/certstore", cwd); while ((ch = getopt(argc, argv, "C:Ec:sp:b:f:k:e:d:I:P:vh?")) != (char)-1) { switch (ch) { case 'C': cmd = strtol(optarg, NULL, 0); break; case 'E': cmd = ECCX08_CMD_EXTRACT_ALL_CERTS; break; case 'c': is_client = 1; cipher_list = strdup(optarg); break; case 's': is_server = 1; break; case 'p': ca_path = strdup(optarg); break; case 'b': chain_file = strdup(optarg); break; case 'f': cert_file = strdup(optarg); break; case 'k': key_file = strdup(optarg); break; case 'e': engine_id = strdup(optarg); break; case 'd': verify_depth = strtol(optarg, NULL, 0); break; case 'I': ip_address = strdup(optarg); break; case 'P': port_number = strtol(optarg, NULL, 0); break; case 'v': printf("Exchange version = %s\n", EXCHANGE_VERSION); cmd = ECCX08_CMD_GET_VERSION; break; case 'h': case '?': default: usage(); break; } } if (cmd != -1) { if (!engine_id) { fprintf(stderr, "\nNo Engine specified - cannot run a command\n"); return (10); } init_openssl(); err = setup_engine(engine_id); if (err == 0) { err = 19; goto done; } err = run_engine_cmds(engine_id, cmd, cmd_buffer, buf_len); if (err == 0) { err = 20; goto done; } if ('\0' != cmd_buffer) { printf("%s\n", cmd_buffer); } err = 0; goto done; } if ((is_server || is_client) == 0) { fprintf(stderr, "\nMust specify -c or -s option"); usage(); } else if ((is_server && is_client) == 1) { fprintf(stderr, "\nCannot specify both -c or -s options"); usage(); } if (!ca_path) { fprintf(stderr, "\nMust specify CA path"); usage(); } if (!chain_file) { fprintf(stderr, "\nMust specify Chain File (certificate bundle)"); usage(); } if (!cert_file) { fprintf(stderr, "\nMust specify Certificate File"); usage(); } if (!key_file) { fprintf(stderr, "\nMust specify Private Key File"); usage(); } if (!engine_id) { fprintf(stderr, "\nNo Engine specified - using software crypto/ssl libraries\n"); } if (is_server) { err = connect_server(engine_id, ca_path, chain_file, cert_file, key_file, ip_address, port_number); } else { err = connect_client(engine_id, ca_path, chain_file, cert_file, key_file, cipher_list, ip_address, port_number); } sleep(2); return (err); done: sleep(2); cleanup_openssl(); return (err); }