Пример #1
0
/** go ahead and read config, contact server and perform command and display */
static int
go(const char* cfgfile, char* svr, int argc, char* argv[])
{
	struct config_file* cfg;
	int fd, ret;
	SSL_CTX* ctx;
	SSL* ssl;

	/* read config */
	if(!(cfg = config_create()))
		fatal_exit("out of memory");
	if(!config_read(cfg, cfgfile, NULL))
		fatal_exit("could not read config file");
	if(!cfg->remote_control_enable)
		log_warn("control-enable is 'no' in the config file.");
	ctx = setup_ctx(cfg);
	
	/* contact server */
	fd = contact_server(svr, cfg, argc>0&&strcmp(argv[0],"status")==0);
	ssl = setup_ssl(ctx, fd);
	
	/* send command */
	ret = go_cmd(ssl, argc, argv);

	SSL_free(ssl);
#ifndef USE_WINSOCK
	close(fd);
#else
	closesocket(fd);
#endif
	SSL_CTX_free(ctx);
	config_delete(cfg);
	return ret;
}
Пример #2
0
/** provide ssl service */
static void
do_service(char* addr, int port, char* key, char* cert)
{
	SSL_CTX* sslctx = setup_ctx(key, cert);
	int fd = setup_fd(addr, port);
	int go = 1;
	if(fd == -1) print_exit("could not setup sockets");
	if(verb) {printf("petal start\n"); fflush(stdout);}
	while(go) {
		struct sockaddr_storage from;
		socklen_t flen = (socklen_t)sizeof(from);
		int s = accept(fd, (struct sockaddr*)&from, &flen);
		if(verb) fflush(stdout);
		if(s != -1) {
			SSL* ssl = setup_ssl(s, sslctx);
			if(verb) fflush(stdout);
			if(ssl) {
				service_ssl(ssl, &from, flen);
				if(verb) fflush(stdout);
				SSL_shutdown(ssl);
				SSL_free(ssl);
			}
			fd_close(s);
		} else if (verb >=2) log_errno("accept");
		if(verb) fflush(stdout);
	}
	/* if we get a kill signal, the process dies and the OS reaps us */
	if(verb) printf("petal end\n");
	fd_close(fd);
	SSL_CTX_free(sslctx);
}
Пример #3
0
/** go ahead and read config, contact server and perform command and display */
static int
go(const char* cfgfile, char* svr, int argc, char* argv[])
{
	struct nsd_options* opt;
	int fd, ret;
	SSL_CTX* ctx;
	SSL* ssl;

	/* read config */
	if(!(opt = nsd_options_create(region_create(xalloc, free)))) {
		fprintf(stderr, "out of memory\n");
		exit(1);
	}
	tsig_init(opt->region);
	if(!parse_options_file(opt, cfgfile, NULL, NULL)) {
		fprintf(stderr, "could not read config file\n");
		exit(1);
	}
	if(!opt->control_enable)
		fprintf(stderr, "warning: control-enable is 'no' in the config file.\n");
	ctx = setup_ctx(opt);

	/* contact server */
	fd = contact_server(svr, opt, argc>0&&strcmp(argv[0],"status")==0);
	ssl = setup_ssl(ctx, fd);

	/* send command */
	ret = go_cmd(ssl, fd, argc, argv);

	if(ssl) SSL_free(ssl);
	close(fd);
	if(ctx) SSL_CTX_free(ctx);
	region_destroy(opt->region);
	return ret;
}
Пример #4
0
static int
setup_ctx_yang(void **state)
{
    return setup_ctx(state, LYS_IN_YANG);
}
Пример #5
0
static int
setup_ctx_yin(void **state)
{
    return setup_ctx(state, LYS_IN_YIN);
}
Пример #6
0
static int do_test(const char *cert_file, const char *key_file,
                   const char *ca_file, const char *cipher) {
  struct sockaddr_in sa;
  socklen_t slen;
  SSL_CTX *ctx;
  SSL *ssl;
  int ret = 0;
  int fd, cfd;

  ctx = setup_ctx(cert_file, key_file, ca_file, cipher);
  if (NULL == ctx) goto out;

  ssl = SSL_new(ctx);
  if (NULL == ssl) goto out_ctx;

  fd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
  if (fd < 0) {
    fprintf(stderr, "socket: %s\n", strerror(errno));
    goto out_ssl;
  }

  do {
    int val = 1;
    setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val));
  } while (0);

  sa.sin_family = AF_INET;
  sa.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
  sa.sin_port = htons(TEST_PORT);
  if (bind(fd, (struct sockaddr *) &sa, sizeof(sa))) {
    fprintf(stderr, "bind: %s\n", strerror(errno));
    goto out_close;
  }

  if (listen(fd, 128)) {
    fprintf(stderr, "bind: %s\n", strerror(errno));
    goto out_close;
  }

  slen = sizeof(sa);
  printf("Waiting for a connection...\n");
  cfd = accept(fd, (struct sockaddr *) &sa, &slen);
  if (cfd < 0) {
    fprintf(stderr, "accept: %s\n", strerror(errno));
    goto out_close;
  }
  ns_set_non_blocking_mode(cfd);

  if (!SSL_set_fd(ssl, cfd)) goto out_close_cl;

  printf("Got connection\n");
  if (do_accept(ssl) <= 0) {
    goto shutdown;
  }

  if (!test_content(ssl)) {
    goto shutdown;
  }

  ret = 1;

shutdown:
  if (do_shutdown(ssl) > 0 && ret) {
    printf("SUCCESS\n");
  } else {
    printf("shutdown failed\n");
    ret = 0;
  }
out_close_cl:
  close(cfd);
out_close:
  close(fd);
out_ssl:
  SSL_free(ssl);
out_ctx:
  SSL_CTX_free(ctx);
out:
  return ret;
}
Пример #7
0
static int
setup_ctx_yang_trusted(void **state)
{
    return setup_ctx(state, LYS_IN_YANG, LY_CTX_TRUSTED);
}
Пример #8
0
static int
setup_ctx_yin_trusted(void **state)
{
    return setup_ctx(state, LYS_IN_YIN, LY_CTX_TRUSTED);
}