client-conf.c revision 1.1.1.1
1#include <openssl/err.h> 2#include <openssl/ssl.h> 3#include <openssl/conf.h> 4 5int main(int argc, char **argv) 6{ 7 BIO *sbio = NULL, *out = NULL; 8 int i, len, rv; 9 char tmpbuf[1024]; 10 SSL_CTX *ctx = NULL; 11 SSL_CONF_CTX *cctx = NULL; 12 SSL *ssl = NULL; 13 CONF *conf = NULL; 14 STACK_OF(CONF_VALUE) *sect = NULL; 15 CONF_VALUE *cnf; 16 const char *connect_str = "localhost:4433"; 17 long errline = -1; 18 19 ERR_load_crypto_strings(); 20 ERR_load_SSL_strings(); 21 SSL_library_init(); 22 23 conf = NCONF_new(NULL); 24 25 if (NCONF_load(conf, "connect.cnf", &errline) <= 0) { 26 if (errline <= 0) 27 fprintf(stderr, "Error processing config file\n"); 28 else 29 fprintf(stderr, "Error on line %ld\n", errline); 30 goto end; 31 } 32 33 sect = NCONF_get_section(conf, "default"); 34 35 if (sect == NULL) { 36 fprintf(stderr, "Error retrieving default section\n"); 37 goto end; 38 } 39 40 ctx = SSL_CTX_new(SSLv23_client_method()); 41 cctx = SSL_CONF_CTX_new(); 42 SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT); 43 SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE); 44 SSL_CONF_CTX_set_ssl_ctx(cctx, ctx); 45 for (i = 0; i < sk_CONF_VALUE_num(sect); i++) { 46 cnf = sk_CONF_VALUE_value(sect, i); 47 rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value); 48 if (rv > 0) 49 continue; 50 if (rv != -2) { 51 fprintf(stderr, "Error processing %s = %s\n", 52 cnf->name, cnf->value); 53 ERR_print_errors_fp(stderr); 54 goto end; 55 } 56 if (!strcmp(cnf->name, "Connect")) { 57 connect_str = cnf->value; 58 } else { 59 fprintf(stderr, "Unknown configuration option %s\n", cnf->name); 60 goto end; 61 } 62 } 63 64 if (!SSL_CONF_CTX_finish(cctx)) { 65 fprintf(stderr, "Finish error\n"); 66 ERR_print_errors_fp(stderr); 67 goto err; 68 } 69 70 /* 71 * We'd normally set some stuff like the verify paths and * mode here 72 * because as things stand this will connect to * any server whose 73 * certificate is signed by any CA. 74 */ 75 76 sbio = BIO_new_ssl_connect(ctx); 77 78 BIO_get_ssl(sbio, &ssl); 79 80 if (!ssl) { 81 fprintf(stderr, "Can't locate SSL pointer\n"); 82 goto end; 83 } 84 85 /* Don't want any retries */ 86 SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); 87 88 /* We might want to do other things with ssl here */ 89 90 BIO_set_conn_hostname(sbio, connect_str); 91 92 out = BIO_new_fp(stdout, BIO_NOCLOSE); 93 if (BIO_do_connect(sbio) <= 0) { 94 fprintf(stderr, "Error connecting to server\n"); 95 ERR_print_errors_fp(stderr); 96 goto end; 97 } 98 99 if (BIO_do_handshake(sbio) <= 0) { 100 fprintf(stderr, "Error establishing SSL connection\n"); 101 ERR_print_errors_fp(stderr); 102 goto end; 103 } 104 105 /* Could examine ssl here to get connection info */ 106 107 BIO_puts(sbio, "GET / HTTP/1.0\n\n"); 108 for (;;) { 109 len = BIO_read(sbio, tmpbuf, 1024); 110 if (len <= 0) 111 break; 112 BIO_write(out, tmpbuf, len); 113 } 114 end: 115 SSL_CONF_CTX_free(cctx); 116 BIO_free_all(sbio); 117 BIO_free(out); 118 NCONF_free(conf); 119 return 0; 120} 121