Home Esplora Aiuto
Accedi
OWEALs
/
openssl
mirror da git://git.openssl.org/openssl.git
2
0
Forka 0
File Problemi 1 Wiki
Albero (Tree): 5b301b2fe3
Rami (Branch) Tag
openssl
/
demos
/
easy_tls
/
README

README 2.2 KB
Cronologia Originale

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. easy_tls - generic SSL/TLS proxy
    2. 

  2. ========
    3. 

  3. 

  4. (... and example for non-blocking SSL/TLS I/O multiplexing.)
    5. 

  5. 

  6. 

  7.   easy_tls.c, easy_tls.h:
    8. 

  8. 

  9.      Small generic SSL/TLS proxy library: With a few function calls,
    10. 

  10.      an application socket will be replaced by a pipe handled by a
    11. 

  11.      separate SSL/TLS proxy process.  This allows easily adding
    12. 

  12.      SSL/TLS support to many programs not originally designed for it.
    13. 

  13. 

  14.      [Actually easy_tls.c is not a proper library: Customization
    15. 

  15.      requires defining preprocessor macros while compiling it.
    16. 

  16.      This is quite confusing, so I'll probably change it.]
    17. 

  17. 

  18.      These files may be used under the OpenSSL license.
    19. 

  19. 

  20. 

  21. 

  22.   test.c, test.h, Makefile, cert.pem, cacerts.pem:
    23. 

  23. 

  24.      Rudimentary example program using the easy_tls library, and
    25. 

  25.      example key and certificates for it.  Usage examples:
    26. 

  26. 

  27.        $ ./test 8443     # create server listening at port 8443
    28. 

  28.        $ ./test 127.0.0.1 8443  # create client, connect to port 8443
    29. 

  29.                                 # at IP address 127.0.0.1
    30. 

  30. 

  31.      'test' will not automatically do SSL/TLS, or even read or write
    32. 

  32.      data -- it must be told to do so on input lines starting
    33. 

  33.      with a command letter.  'W' means write a line, 'R' means
    34. 

  34.      read a line, 'C' means close the connection, 'T' means
    35. 

  35.      start an SSL/TLS proxy.  E.g. (user input tagged with '*'):
    36. 

  36. 

  37.      * R
    38. 

  38.        <<< 220 mail.example.net
    39. 

  39.      * WSTARTTLS
    40. 

  40.        >>> STARTTLS
    41. 

  41.      * R
    42. 

  42.        <<< 220 Ready to start TLS
    43. 

  43.      * T
    44. 

  44.        test_process_init(fd = 3, client_p = 1, apparg = (nil))
    45. 

  45.        +++ `E:self signed certificate in certificate chain'
    46. 

  46.        +++ `<... certificate info ...>'
    47. 

  47.      * WHELO localhost
    48. 

  48.        >>> HELO localhost
    49. 

  49.        R
    50. 

  50.        <<< 250 mail.example.net
    51. 

  51. 

  52.      You can even do SSL/TLS over SSL/TLS over SSL/TLS ... by using
    53. 

  53.      'T' multiple times.  I have no idea why you would want to though.
    54. 

  54. 

  55. 

  56. This code is rather old.  When I find time I will update anything that
    57. 

  57. should be changed, and improve code comments.  To compile the sample
    58. 

  58. program 'test' on platforms other then Linux or Solaris, you will have
    59. 

  59. to edit the Makefile.
    60. 

  60. 

  61. As noted above, easy_tls.c will be changed to become a library one
    62. 

  62. day, which means that future revisions will not be fully compatible to
    63. 

  63. the current version.
    64. 

  64. 

  65. Bodo Möller <bodo@openssl.org>
    66.