int main(int argc, char *argv[])
{
int ret=0;
char product_name[128] = {0};
signal(SIGPIPE, SIG_IGN);
strcat(product_name, "Triclouds_CVR_Daemon");
#ifdef _OPEN_SECURED_CONN
ssl_server_init("cacert.pem","privkey.pem");
printf("\n ==== start secure CVR tunnel deamon service at port %d ====\n",secure_service_port);
#endif
printf("\n ==== start CVR tunnel deamon service at port %d ====\n",service_port);
// start Tunnel server service
ret = tunnel_server_init();
// start process commands
#ifndef TEST_TUNNEL
while(!do_exit)
sleep(1);
#else
if (ret>=0)
do_console();
#endif
tunnel_server_exit();
printf("exit CVR tunnel deamon service\n");
return 0;
}
long PSINR (char *s,unsigned long n)
{
unsigned long i;
if (start_tls) { /* doing a start TLS? */
ssl_server_init (start_tls);/* enter the mode */
start_tls = NIL; /* don't do this again */
}
if (sslstdio) return ssl_getbuffer (sslstdio->sslstream,n,s);
/* non-SSL case */
while (n && ((i = fread (s,1,n,stdin)) || (errno == EINTR))) s += i,n -= i;
return n ? NIL : LONGT;
}
char *PSIN (char *s,int n)
{
int i,c;
if (start_tls) { /* doing a start TLS? */
ssl_server_init (start_tls);/* enter the mode */
start_tls = NIL; /* don't do this again */
}
if (!sslstdio) return fgets (s,n,stdin);
for (i = c = 0, n-- ; (c != '\n') && (i < n); sslstdio->sslstream->ictr--) {
if ((sslstdio->sslstream->ictr <= 0) && !ssl_getdata (sslstdio->sslstream))
return NIL; /* read error */
c = s[i++] = *(sslstdio->sslstream->iptr)++;
}
s[i] = '\0'; /* tie off string */
return s;
}
int main( int argc, char* argv[] ) {
int ret;
SSL_CTX* ctx_server = ssl_server_init(SERVER_CERTIFICATE, SERVER_KEY);
SSL_CTX* ctx_client = ssl_client_init();
int listen_socket;
int accept_socket;
listen_socket = server_listen("5003");
if( listen_socket < 0 ) {
std::cout<<"socket error."<<std::endl;
return -1;
}
accept_socket = accept (listen_socket, NULL, NULL);
if( accept_socket < 0 ) {
std::cout<<"accept error."<<std::endl;
return -1;
}
close(listen_socket);
SSL *ssl = ssl_server(ctx_server, accept_socket);
char buf [4096];
ret = SSL_read (ssl, buf, sizeof(buf) - 1);
if( ret == -1 ) {
std::cout<<"SSL_read error."<<std::endl;
return -1;
}
buf[ret] = '\0';
printf("%s\n", buf);
int client_socket = client_connect("127.0.0.1", "5004");
SSL *ssl_cli = ssl_client(ctx_client, client_socket);
ret = SSL_write (ssl_cli, "I hear you.", strlen("I hear you."));
if( ret == -1 ) {
std::cout<<"SSL_write error."<<std::endl;
return -1;
}
return 0;
}
int main(int argc, char *argv[])
{
if(argc != 2)
{
printf("usage : %s <ipaddress>\n", argv[0]);
return -1;
}
strcpy(server_address, argv[1]);
sleep_us(500000);
/*
* configure the client.
*/
if(client_configure(master_port, transmit_port, ssl_certificate, ssl_key) < 0)
{
printf("%-60s[\033[;31mFAILED\033[0m]\n", "client configured");
return -1;
}
printf("%-60s[\033[;32mOK\033[0m]\n", "client configured");
sleep_us(500000);
/*
* initialize the SSL
*/
ctx_server = ssl_server_init(ssl_certificate, ssl_key);
if(ctx_server == NULL)
{
printf("%-60s[\033[;31mFAILED\033[0m]\n", "SSL server initialize");
return -1;
}
ctx_client = ssl_client_init();
if(ctx_client == NULL)
{
printf("%-60s[\033[;31mFAILED\033[0m]\n", "SSL client initialize");
return -1;
}
printf("%-60s[\033[;32mOK\033[0m]\n", "SSL initialize");
sleep_us(500000);
/*
* connect to the master server.
*/
char temp[MAXLINE];
snprintf(temp, MAXLINE, "connect to master server: %s", argv[1]);
int masterfd = client_connect(argv[1], master_port);
if(masterfd == -1)
{
printf("%-60s[\033[;31mFAILED\033[0m]\n", temp);
return -1;
}
sockaddr_in clientaddr;
socklen_t len = sizeof(clientaddr);
memset(&clientaddr, 0, len);
getsockname(masterfd, (sockaddr*)&clientaddr, &len);
inet_ntop(AF_INET, (void *)&clientaddr.sin_addr, ip_address, MAXLINE);
printf("%-60s[\033[;32mOK\033[0m]\n", temp);
sleep_us(500000);
SSL *ssl = ssl_client(ctx_client, masterfd);
if(ssl == NULL)
{
printf("%-60s[\033[;31mFAILED\033[0m]\n", "ssl_client\n");
return -1;
}
/*
* verify the executable client to judge if it's a fake one.
*/
char *ver_buf = file_verify(argv[0]);
if(ver_buf == NULL)
{
printf("%-60s[\033[;31mFAILED\033[0m]\n", "verify client");
return -1;
}
int k = SSL_write(ssl, ver_buf, strlen(ver_buf));
if( k != (int)strlen(ver_buf))
{
printf("SSL_write error\n");
return -1;
}
k = SSL_read(ssl, temp, MAXLINE);
if(k < 0)
{
printf("SSL_read error");
return -1;
}
temp[k] = '\0';
if(strcmp(temp, "verify client unsuccessfully") == 0)
{
printf("%-60s[\033[;31mFAILED\033[0m]\n", "verify client");
return -1;
}
free(ver_buf);
sleep_us(500000);
/*
* Listen to the transmit port to upload/download files
*/
snprintf(temp, MAXLINE, "listen to transmit port: %s", transmit_port);
int listenfd = server_listen(transmit_port);
if(listenfd == -1)
{
printf("%-60s[\033[;31mFAILED\033[0m]\n", temp);
return -1;
}
printf("%-60s[\033[;32mOK\033[0m]\n", temp);
sleep_us(500000);
/*
* create transmit_thread to handle upload/download files request
* from the slave server.
*/
pthread_t thread;
int ret = pthread_create(&thread, NULL, transmit_thread, static_cast<void*>(new int(listenfd)));
if(ret == 0)
printf("%-60s[\033[;32mOK\033[0m]\n", "transmit_thread create");
else
{
printf("%-60s[\033[;31FAILED\033[0m]\n", "transmit_thread create");
return -1;
}
/*
* initialize the download/upload mutex.
*/
pthread_mutex_init(&download_mutex, NULL);
pthread_mutex_init(&upload_mutex, NULL);
char command_line[MAXLINE];
snprintf(cmd_line, MAXLINE,"%s:%s> ", argv[1], master_port);
while(!stop)
{
printf(cmd_line);
fflush(stdin);
//read the command inputed by the user.
fgets(command_line, MAXLINE, stdin);
int len = strlen(command_line);
if(command_line[len-1] == '\n')
command_line[len-1] = '\0';
command_parse(ssl, command_line);
}
SSL_shutdown(ssl); // send SSL/TLS close_notify */
close(masterfd);
SSL_free(ssl);
SSL_CTX_free(ctx_server);
SSL_CTX_free(ctx_client);
return 0;
}
void child_cycle(int channel)
{
int message = 0;
int result = 0;
int local_socket = 0;
int remote_socket = 0;
struct sockaddr_in my_addr, peer_addr;
socklen_t peer_addr_size = 0;
memset(&my_addr, 0, sizeof(struct sockaddr_in));
memset(&peer_addr, 0, sizeof(struct sockaddr_in));
/*
* Do the TLS initialization dance.
*/
result = ssl_server_init();
if (result < 0)
{
message = -1;
result = write(channel, &message, sizeof(int));
exit(0);
}
/*
* Create a unix socket
*/
local_socket = socket(AF_INET, SOCK_STREAM, 0);
my_addr.sin_family = AF_INET;
my_addr.sin_addr.s_addr = INADDR_ANY;
my_addr.sin_port = htons(8035);
/* Avoid spurious failures when rerunning the test due to socket not yet
* being released. */
int opt = 1;
setsockopt(local_socket, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
/*
* Bind it
*/
result = bind(local_socket, (struct sockaddr *)&my_addr, sizeof(struct sockaddr_in));
if (result < 0)
{
message = -1;
result = write(channel, &message, sizeof(int));
exit(0);
}
/*
* Start listening for connections
*/
result = listen(local_socket, 5);
if (result < 0)
{
message = -1;
result = write(channel, &message, sizeof(int));
exit(0);
}
/*
* Signal the parent that we are ok.
*/
result = write(channel, &message, sizeof(int));
/*
* If this did not work, then we abort.
*/
if (result < 0)
{
exit(0);
}
/*
* Send the name of the public key file.
*/
result = write(channel, server_name_template_public, strlen(server_name_template_public));
if (result < 0)
{
exit(0);
}
/*
* Send the name of the certificate file.
*/
result = write(channel, server_certificate_template_public, strlen(server_certificate_template_public));
if (result < 0)
{
exit(0);
}
/*
* Now wait until somebody calls.
*/
peer_addr_size = sizeof(struct sockaddr_in);
while (true)
{
remote_socket = accept(local_socket, (struct sockaddr *)&peer_addr, &peer_addr_size);
if (remote_socket < 0)
{
Log (LOG_LEVEL_CRIT, "Could not accept connection");
continue;
}
/*
* We are not testing the server, we are testing the functions to send and receive data
* over TLS. We do not need a full fletched server for that, we just need to send and
* receive data and try the error conditions.
*/
SSL *ssl = SSL_new(SSLSERVERCONTEXT);
if (!ssl)
{
Log(LOG_LEVEL_CRIT, "Could not create SSL structure on the server side");
SSL_free(ssl);
close (remote_socket);
remote_socket = -1;
continue;
}
SSL_set_fd(ssl, remote_socket);
result = SSL_accept(ssl);
if (result < 0)
{
Log(LOG_LEVEL_CRIT, "Could not accept a TLS connection");
close (remote_socket);
remote_socket = -1;
continue;
}
/*
* Our mission is pretty simple, receive data and send it back.
*/
int received = 0;
int sent = 0;
char buffer[4096];
do {
received = SSL_read(ssl, buffer, 4096);
if (received < 0)
{
Log(LOG_LEVEL_CRIT, "Failure while receiving data over TLS");
break;
}
sent = SSL_write(ssl, buffer, received);
if (sent < 0)
{
Log(LOG_LEVEL_CRIT, "Failure while sending data over TLS");
break;
}
} while (received > 0);
/*
* Mission completed, start again.
*/
SSL_shutdown(ssl);
SSL_free(ssl);
remote_socket = -1;
}
exit(0);
}
