1/*
2 * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License").  You may not use
5 * this file except in compliance with the License.  You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <string.h>
11#include <openssl/err.h>
12#include <openssl/ssl.h>
13
14int main(int argc, char **argv)
15{
16    BIO *sbio = NULL, *out = NULL;
17    int len;
18    char tmpbuf[1024];
19    SSL_CTX *ctx;
20    SSL_CONF_CTX *cctx;
21    SSL *ssl;
22    char **args = argv + 1;
23    const char *connect_str = "localhost:4433";
24    int nargs = argc - 1;
25
26    ctx = SSL_CTX_new(TLS_client_method());
27    cctx = SSL_CONF_CTX_new();
28    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);
29    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
30    while (*args && **args == '-') {
31        int rv;
32        /* Parse standard arguments */
33        rv = SSL_CONF_cmd_argv(cctx, &nargs, &args);
34        if (rv == -3) {
35            fprintf(stderr, "Missing argument for %s\n", *args);
36            goto end;
37        }
38        if (rv < 0) {
39            fprintf(stderr, "Error in command %s\n", *args);
40            ERR_print_errors_fp(stderr);
41            goto end;
42        }
43        /* If rv > 0 we processed something so proceed to next arg */
44        if (rv > 0)
45            continue;
46        /* Otherwise application specific argument processing */
47        if (strcmp(*args, "-connect") == 0) {
48            connect_str = args[1];
49            if (connect_str == NULL) {
50                fprintf(stderr, "Missing -connect argument\n");
51                goto end;
52            }
53            args += 2;
54            nargs -= 2;
55            continue;
56        } else {
57            fprintf(stderr, "Unknown argument %s\n", *args);
58            goto end;
59        }
60    }
61
62    if (!SSL_CONF_CTX_finish(cctx)) {
63        fprintf(stderr, "Finish error\n");
64        ERR_print_errors_fp(stderr);
65        goto end;
66    }
67
68    /*
69     * We'd normally set some stuff like the verify paths and * mode here
70     * because as things stand this will connect to * any server whose
71     * certificate is signed by any CA.
72     */
73
74    sbio = BIO_new_ssl_connect(ctx);
75
76    BIO_get_ssl(sbio, &ssl);
77
78    if (!ssl) {
79        fprintf(stderr, "Can't locate SSL pointer\n");
80        goto end;
81    }
82
83    /* We might want to do other things with ssl here */
84
85    BIO_set_conn_hostname(sbio, connect_str);
86
87    out = BIO_new_fp(stdout, BIO_NOCLOSE);
88    if (BIO_do_connect(sbio) <= 0) {
89        fprintf(stderr, "Error connecting to server\n");
90        ERR_print_errors_fp(stderr);
91        goto end;
92    }
93
94    /* Could examine ssl here to get connection info */
95
96    BIO_puts(sbio, "GET / HTTP/1.0\n\n");
97    for (;;) {
98        len = BIO_read(sbio, tmpbuf, 1024);
99        if (len <= 0)
100            break;
101        BIO_write(out, tmpbuf, len);
102    }
103 end:
104    SSL_CONF_CTX_free(cctx);
105    BIO_free_all(sbio);
106    BIO_free(out);
107    return 0;
108}
109