Domů Procházet Nápověda
Přihlásit se
OWEALs
/
openssl
zrcadlo git://git.openssl.org/openssl.git
2
0
Rozštěpit 0
Soubory Úkoly 1 Wiki
Strom: 6594baf645
Větve Značky
openssl
/
doc
/
designs
/
ddd
/
ddd-01-conn-blocking.c

ddd-01-conn-blocking.c 4.4 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187 
  1. #include <openssl/ssl.h>
    2. 

  2. 

  3. /*
    4. 

  4.  * Demo 1: Client — Managed Connection — Blocking
    5. 

  5.  * ==============================================
    6. 

  6.  *
    7. 

  7.  * This is an example of (part of) an application which uses libssl in a simple,
    8. 

  8.  * synchronous, blocking fashion. The functions show all interactions with
    9. 

  9.  * libssl the application makes, and would hypothetically be linked into a
    10. 

  10.  * larger application.
    11. 

  11.  */
    12. 

  12. 

  13. /*
    14. 

  14.  * The application is initializing and wants an SSL_CTX which it will use for
    15. 

  15.  * some number of outgoing connections, which it creates in subsequent calls to
    16. 

  16.  * new_conn. The application may also call this function multiple times to
    17. 

  17.  * create multiple SSL_CTX.
    18. 

  18.  */
    19. 

  19. SSL_CTX *create_ssl_ctx(void)
    20. 

  20. {
    21. 

  21.     SSL_CTX *ctx;
    22. 

  22. 

  23. #ifdef USE_QUIC
    24. 

  24.     ctx = SSL_CTX_new(OSSL_QUIC_client_method());
    25. 

  25. #else
    26. 

  26.     ctx = SSL_CTX_new(TLS_client_method());
    27. 

  27. #endif
    28. 

  28.     if (ctx == NULL)
    29. 

  29.         return NULL;
    30. 

  30. 

  31.     /* Enable trust chain verification. */
    32. 

  32.     SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
    33. 

  33. 

  34.     /* Load default root CA store. */
    35. 

  35.     if (SSL_CTX_set_default_verify_paths(ctx) == 0) {
    36. 

  36.         SSL_CTX_free(ctx);
    37. 

  37.         return NULL;
    38. 

  38.     }
    39. 

  39. 

  40.     return ctx;
    41. 

  41. }
    42. 

  42. 

  43. /*
    44. 

  44.  * The application wants to create a new outgoing connection using a given
    45. 

  45.  * SSL_CTX.
    46. 

  46.  *
    47. 

  47.  * hostname is a string like "openssl.org:443" or "[::1]:443".
    48. 

  48.  */
    49. 

  49. BIO *new_conn(SSL_CTX *ctx, const char *hostname)
    50. 

  50. {
    51. 

  51.     BIO *out;
    52. 

  52.     SSL *ssl = NULL;
    53. 

  53.     const char *bare_hostname;
    54. 

  54. #ifdef USE_QUIC
    55. 

  55.     static const unsigned char alpn[] = {5, 'd', 'u', 'm', 'm', 'y'};
    56. 

  56. #endif
    57. 

  57. 

  58.     out = BIO_new_ssl_connect(ctx);
    59. 

  59.     if (out == NULL)
    60. 

  60.         return NULL;
    61. 

  61. 

  62.     if (BIO_get_ssl(out, &ssl) == 0) {
    63. 

  63.         BIO_free_all(out);
    64. 

  64.         return NULL;
    65. 

  65.     }
    66. 

  66. 

  67.     if (BIO_set_conn_hostname(out, hostname) == 0) {
    68. 

  68.         BIO_free_all(out);
    69. 

  69.         return NULL;
    70. 

  70.     }
    71. 

  71. 

  72.     /* Returns the parsed hostname extracted from the hostname:port string. */
    73. 

  73.     bare_hostname = BIO_get_conn_hostname(out);
    74. 

  74.     if (bare_hostname == NULL) {
    75. 

  75.         BIO_free_all(out);
    76. 

  76.         return NULL;
    77. 

  77.     }
    78. 

  78. 

  79.     /* Tell the SSL object the hostname to check certificates against. */
    80. 

  80.     if (SSL_set1_host(ssl, bare_hostname) <= 0) {
    81. 

  81.         BIO_free_all(out);
    82. 

  82.         return NULL;
    83. 

  83.     }
    84. 

  84. 

  85. #ifdef USE_QUIC
    86. 

  86.     /* Configure ALPN, which is required for QUIC. */
    87. 

  87.     if (SSL_set_alpn_protos(ssl, alpn, sizeof(alpn))) {
    88. 

  88.         /* Note: SSL_set_alpn_protos returns 1 for failure. */
    89. 

  89.         BIO_free_all(out);
    90. 

  90.         return NULL;
    91. 

  91.     }
    92. 

  92. #endif
    93. 

  93. 

  94.     return out;
    95. 

  95. }
    96. 

  96. 

  97. /*
    98. 

  98.  * The application wants to send some block of data to the peer.
    99. 

  99.  * This is a blocking call.
    100. 

  100.  */
    101. 

  101. int tx(BIO *bio, const void *buf, int buf_len)
    102. 

  102. {
    103. 

  103.     return BIO_write(bio, buf, buf_len);
    104. 

  104. }
    105. 

  105. 

  106. /*
    107. 

  107.  * The application wants to receive some block of data from
    108. 

  108.  * the peer. This is a blocking call.
    109. 

  109.  */
    110. 

  110. int rx(BIO *bio, void *buf, int buf_len)
    111. 

  111. {
    112. 

  112.     return BIO_read(bio, buf, buf_len);
    113. 

  113. }
    114. 

  114. 

  115. /*
    116. 

  116.  * The application wants to close the connection and free bookkeeping
    117. 

  117.  * structures.
    118. 

  118.  */
    119. 

  119. void teardown(BIO *bio)
    120. 

  120. {
    121. 

  121.     BIO_free_all(bio);
    122. 

  122. }
    123. 

  123. 

  124. /*
    125. 

  125.  * The application is shutting down and wants to free a previously
    126. 

  126.  * created SSL_CTX.
    127. 

  127.  */
    128. 

  128. void teardown_ctx(SSL_CTX *ctx)
    129. 

  129. {
    130. 

  130.     SSL_CTX_free(ctx);
    131. 

  131. }
    132. 

  132. 

  133. /*
    134. 

  134.  * ============================================================================
    135. 

  135.  * Example driver for the above code. This is just to demonstrate that the code
    136. 

  136.  * works and is not intended to be representative of a real application.
    137. 

  137.  */
    138. 

  138. int main(int argc, char **argv)
    139. 

  139. {
    140. 

  140.     static char msg[384], host_port[300];
    141. 

  141.     SSL_CTX *ctx = NULL;
    142. 

  142.     BIO *b = NULL;
    143. 

  143.     char buf[2048];
    144. 

  144.     int l, mlen, res = 1;
    145. 

  145. 

  146.     if (argc < 3) {
    147. 

  147.         fprintf(stderr, "usage: %s host port\n", argv[0]);
    148. 

  148.         goto fail;
    149. 

  149.     }
    150. 

  150. 

  151.     snprintf(host_port, sizeof(host_port), "%s:%s", argv[1], argv[2]);
    152. 

  152.     mlen = snprintf(msg, sizeof(msg),
    153. 

  153.                     "GET / HTTP/1.0\r\nHost: %s\r\n\r\n", argv[1]);
    154. 

  154. 

  155.     ctx = create_ssl_ctx();
    156. 

  156.     if (ctx == NULL) {
    157. 

  157.         fprintf(stderr, "could not create context\n");
    158. 

  158.         goto fail;
    159. 

  159.     }
    160. 

  160. 

  161.     b = new_conn(ctx, host_port);
    162. 

  162.     if (b == NULL) {
    163. 

  163.         fprintf(stderr, "could not create connection\n");
    164. 

  164.         goto fail;
    165. 

  165.     }
    166. 

  166. 

  167.     l = tx(b, msg, mlen);
    168. 

  168.     if (l < mlen) {
    169. 

  169.         fprintf(stderr, "tx error\n");
    170. 

  170.         goto fail;
    171. 

  171.     }
    172. 

  172. 

  173.     for (;;) {
    174. 

  174.         l = rx(b, buf, sizeof(buf));
    175. 

  175.         if (l <= 0)
    176. 

  176.             break;
    177. 

  177.         fwrite(buf, 1, l, stdout);
    178. 

  178.     }
    179. 

  179. 

  180.     res = 0;
    181. 

  181. fail:
    182. 

  182.     if (b != NULL)
    183. 

  183.         teardown(b);
    184. 

  184.     if (ctx != NULL)
    185. 

  185.         teardown_ctx(ctx);
    186. 

  186.     return res;
    187. 

  187. }
    188.