int main(int argc, char *argv[]) { int ret=0; char product_name[128] = {0}; signal(SIGPIPE, SIG_IGN); strcat(product_name, "Triclouds_CVR_Daemon"); #ifdef _OPEN_SECURED_CONN ssl_server_init("cacert.pem","privkey.pem"); printf("\n ==== start secure CVR tunnel deamon service at port %d ====\n",secure_service_port); #endif printf("\n ==== start CVR tunnel deamon service at port %d ====\n",service_port); // start Tunnel server service ret = tunnel_server_init(); // start process commands #ifndef TEST_TUNNEL while(!do_exit) sleep(1); #else if (ret>=0) do_console(); #endif tunnel_server_exit(); printf("exit CVR tunnel deamon service\n"); return 0; }
long PSINR (char *s,unsigned long n) { unsigned long i; if (start_tls) { /* doing a start TLS? */ ssl_server_init (start_tls);/* enter the mode */ start_tls = NIL; /* don't do this again */ } if (sslstdio) return ssl_getbuffer (sslstdio->sslstream,n,s); /* non-SSL case */ while (n && ((i = fread (s,1,n,stdin)) || (errno == EINTR))) s += i,n -= i; return n ? NIL : LONGT; }
char *PSIN (char *s,int n) { int i,c; if (start_tls) { /* doing a start TLS? */ ssl_server_init (start_tls);/* enter the mode */ start_tls = NIL; /* don't do this again */ } if (!sslstdio) return fgets (s,n,stdin); for (i = c = 0, n-- ; (c != '\n') && (i < n); sslstdio->sslstream->ictr--) { if ((sslstdio->sslstream->ictr <= 0) && !ssl_getdata (sslstdio->sslstream)) return NIL; /* read error */ c = s[i++] = *(sslstdio->sslstream->iptr)++; } s[i] = '\0'; /* tie off string */ return s; }
int main( int argc, char* argv[] ) { int ret; SSL_CTX* ctx_server = ssl_server_init(SERVER_CERTIFICATE, SERVER_KEY); SSL_CTX* ctx_client = ssl_client_init(); int listen_socket; int accept_socket; listen_socket = server_listen("5003"); if( listen_socket < 0 ) { std::cout<<"socket error."<<std::endl; return -1; } accept_socket = accept (listen_socket, NULL, NULL); if( accept_socket < 0 ) { std::cout<<"accept error."<<std::endl; return -1; } close(listen_socket); SSL *ssl = ssl_server(ctx_server, accept_socket); char buf [4096]; ret = SSL_read (ssl, buf, sizeof(buf) - 1); if( ret == -1 ) { std::cout<<"SSL_read error."<<std::endl; return -1; } buf[ret] = '\0'; printf("%s\n", buf); int client_socket = client_connect("127.0.0.1", "5004"); SSL *ssl_cli = ssl_client(ctx_client, client_socket); ret = SSL_write (ssl_cli, "I hear you.", strlen("I hear you.")); if( ret == -1 ) { std::cout<<"SSL_write error."<<std::endl; return -1; } return 0; }
int main(int argc, char *argv[]) { if(argc != 2) { printf("usage : %s <ipaddress>\n", argv[0]); return -1; } strcpy(server_address, argv[1]); sleep_us(500000); /* * configure the client. */ if(client_configure(master_port, transmit_port, ssl_certificate, ssl_key) < 0) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "client configured"); return -1; } printf("%-60s[\033[;32mOK\033[0m]\n", "client configured"); sleep_us(500000); /* * initialize the SSL */ ctx_server = ssl_server_init(ssl_certificate, ssl_key); if(ctx_server == NULL) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "SSL server initialize"); return -1; } ctx_client = ssl_client_init(); if(ctx_client == NULL) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "SSL client initialize"); return -1; } printf("%-60s[\033[;32mOK\033[0m]\n", "SSL initialize"); sleep_us(500000); /* * connect to the master server. */ char temp[MAXLINE]; snprintf(temp, MAXLINE, "connect to master server: %s", argv[1]); int masterfd = client_connect(argv[1], master_port); if(masterfd == -1) { printf("%-60s[\033[;31mFAILED\033[0m]\n", temp); return -1; } sockaddr_in clientaddr; socklen_t len = sizeof(clientaddr); memset(&clientaddr, 0, len); getsockname(masterfd, (sockaddr*)&clientaddr, &len); inet_ntop(AF_INET, (void *)&clientaddr.sin_addr, ip_address, MAXLINE); printf("%-60s[\033[;32mOK\033[0m]\n", temp); sleep_us(500000); SSL *ssl = ssl_client(ctx_client, masterfd); if(ssl == NULL) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "ssl_client\n"); return -1; } /* * verify the executable client to judge if it's a fake one. */ char *ver_buf = file_verify(argv[0]); if(ver_buf == NULL) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "verify client"); return -1; } int k = SSL_write(ssl, ver_buf, strlen(ver_buf)); if( k != (int)strlen(ver_buf)) { printf("SSL_write error\n"); return -1; } k = SSL_read(ssl, temp, MAXLINE); if(k < 0) { printf("SSL_read error"); return -1; } temp[k] = '\0'; if(strcmp(temp, "verify client unsuccessfully") == 0) { printf("%-60s[\033[;31mFAILED\033[0m]\n", "verify client"); return -1; } free(ver_buf); sleep_us(500000); /* * Listen to the transmit port to upload/download files */ snprintf(temp, MAXLINE, "listen to transmit port: %s", transmit_port); int listenfd = server_listen(transmit_port); if(listenfd == -1) { printf("%-60s[\033[;31mFAILED\033[0m]\n", temp); return -1; } printf("%-60s[\033[;32mOK\033[0m]\n", temp); sleep_us(500000); /* * create transmit_thread to handle upload/download files request * from the slave server. */ pthread_t thread; int ret = pthread_create(&thread, NULL, transmit_thread, static_cast<void*>(new int(listenfd))); if(ret == 0) printf("%-60s[\033[;32mOK\033[0m]\n", "transmit_thread create"); else { printf("%-60s[\033[;31FAILED\033[0m]\n", "transmit_thread create"); return -1; } /* * initialize the download/upload mutex. */ pthread_mutex_init(&download_mutex, NULL); pthread_mutex_init(&upload_mutex, NULL); char command_line[MAXLINE]; snprintf(cmd_line, MAXLINE,"%s:%s> ", argv[1], master_port); while(!stop) { printf(cmd_line); fflush(stdin); //read the command inputed by the user. fgets(command_line, MAXLINE, stdin); int len = strlen(command_line); if(command_line[len-1] == '\n') command_line[len-1] = '\0'; command_parse(ssl, command_line); } SSL_shutdown(ssl); // send SSL/TLS close_notify */ close(masterfd); SSL_free(ssl); SSL_CTX_free(ctx_server); SSL_CTX_free(ctx_client); return 0; }
void child_cycle(int channel) { int message = 0; int result = 0; int local_socket = 0; int remote_socket = 0; struct sockaddr_in my_addr, peer_addr; socklen_t peer_addr_size = 0; memset(&my_addr, 0, sizeof(struct sockaddr_in)); memset(&peer_addr, 0, sizeof(struct sockaddr_in)); /* * Do the TLS initialization dance. */ result = ssl_server_init(); if (result < 0) { message = -1; result = write(channel, &message, sizeof(int)); exit(0); } /* * Create a unix socket */ local_socket = socket(AF_INET, SOCK_STREAM, 0); my_addr.sin_family = AF_INET; my_addr.sin_addr.s_addr = INADDR_ANY; my_addr.sin_port = htons(8035); /* Avoid spurious failures when rerunning the test due to socket not yet * being released. */ int opt = 1; setsockopt(local_socket, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)); /* * Bind it */ result = bind(local_socket, (struct sockaddr *)&my_addr, sizeof(struct sockaddr_in)); if (result < 0) { message = -1; result = write(channel, &message, sizeof(int)); exit(0); } /* * Start listening for connections */ result = listen(local_socket, 5); if (result < 0) { message = -1; result = write(channel, &message, sizeof(int)); exit(0); } /* * Signal the parent that we are ok. */ result = write(channel, &message, sizeof(int)); /* * If this did not work, then we abort. */ if (result < 0) { exit(0); } /* * Send the name of the public key file. */ result = write(channel, server_name_template_public, strlen(server_name_template_public)); if (result < 0) { exit(0); } /* * Send the name of the certificate file. */ result = write(channel, server_certificate_template_public, strlen(server_certificate_template_public)); if (result < 0) { exit(0); } /* * Now wait until somebody calls. */ peer_addr_size = sizeof(struct sockaddr_in); while (true) { remote_socket = accept(local_socket, (struct sockaddr *)&peer_addr, &peer_addr_size); if (remote_socket < 0) { Log (LOG_LEVEL_CRIT, "Could not accept connection"); continue; } /* * We are not testing the server, we are testing the functions to send and receive data * over TLS. We do not need a full fletched server for that, we just need to send and * receive data and try the error conditions. */ SSL *ssl = SSL_new(SSLSERVERCONTEXT); if (!ssl) { Log(LOG_LEVEL_CRIT, "Could not create SSL structure on the server side"); SSL_free(ssl); close (remote_socket); remote_socket = -1; continue; } SSL_set_fd(ssl, remote_socket); result = SSL_accept(ssl); if (result < 0) { Log(LOG_LEVEL_CRIT, "Could not accept a TLS connection"); close (remote_socket); remote_socket = -1; continue; } /* * Our mission is pretty simple, receive data and send it back. */ int received = 0; int sent = 0; char buffer[4096]; do { received = SSL_read(ssl, buffer, 4096); if (received < 0) { Log(LOG_LEVEL_CRIT, "Failure while receiving data over TLS"); break; } sent = SSL_write(ssl, buffer, received); if (sent < 0) { Log(LOG_LEVEL_CRIT, "Failure while sending data over TLS"); break; } } while (received > 0); /* * Mission completed, start again. */ SSL_shutdown(ssl); SSL_free(ssl); remote_socket = -1; } exit(0); }