/* * nisccSimpleClient.cpp - just do one SSL client session expecting * errSSLPeerCertUnknown and ClientCertRejected */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include /* skip certs larger than this - ST can't fragment protocol msgs (yet) */ #define MAX_CERT_SIZE 16000 static void usage(char **argv) { printf("Usage: %s hostname port keychain [q(uiet)]\n", argv[0]); exit(1); } #define IGNORE_SIGPIPE 1 #if IGNORE_SIGPIPE #include void sigpipe(int sig) { } #endif /* IGNORE_SIGPIPE */ SslAppTestParams clientDefaults = { NULL, // hostName - user-provided true, // skipHostNameCHeck 0, // port - user-provided NULL, NULL, // RingBuffers false, // noProtSpec kTLSProtocol1, NULL, // acceptedProts - not used in this test NULL, // myCerts - user-provided NULL, // password - same as myCerts false, // idIsTrustedRoot true, // disableCertVerify - SPECIAL FOR THIS TEST NULL, // anchorFile - not needed - right? false, // replaceAnchors kAlwaysAuthenticate, false, // resumeEnable NULL, // ciphers false, // nonBlocking NULL, // dhParams 0, // dhParamsLen errSSLPeerCertUnknown, // expectRtn kTLSProtocol1, // expectVersion kSSLClientCertRejected, SSL_CIPHER_IGNORE, false, // quiet - user-provided false, // silent false, // verbose NULL, // lock 0, // clientDone false, // serverAbort /* returned */ kSSLProtocolUnknown, SSL_NULL_WITH_NULL_NULL, kSSLClientCertNone, noHardwareErr }; static void testStartBanner( char *testName, int argc, char **argv) { printf("Starting %s; args: ", testName); for(int i=1; i(errStr.c_str()); } int main(int argc, char **argv) { int ourRtn = 0; char *argp; int errCount = 0; if(argc < 4) { usage(argv); } /* required args */ clientDefaults.hostName = argv[1]; clientDefaults.password = argv[1]; clientDefaults.port = atoi(argv[2]); clientDefaults.myCertKcName = argv[3]; /* optional args */ for(int arg=4; arg