Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
OWEALs
/
wolfssl
zrkadlo https://github.com/wolfSSL/wolfssl.git
2
0
Fork 0
Súbory Issues 8 Wiki
Strom: 403fcc5a4b
Branche Tagy
wolfssl
/
wrapper
/
Ada
/
tls_server.adb

tls_server.adb 11 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330 
  1. -- tls_server.adb
    2. 

  2. --
    3. 

  3. -- Copyright (C) 2006-2023 wolfSSL Inc.
    4. 

  4. --
    5. 

  5. -- This file is part of wolfSSL.
    6. 

  6. --
    7. 

  7. -- wolfSSL is free software; you can redistribute it and/or modify
    8. 

  8. -- it under the terms of the GNU General Public License as published by
    9. 

  9. -- the Free Software Foundation; either version 2 of the License, or
    10. 

  10. -- (at your option) any later version.
    11. 

  11. --
    12. 

  12. -- wolfSSL is distributed in the hope that it will be useful,
    13. 

  13. -- but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14. -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15. -- GNU General Public License for more details.
    16. 

  16. --
    17. 

  17. -- You should have received a copy of the GNU General Public License
    18. 

  18. -- along with this program; if not, write to the Free Software
    19. 

  19. -- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
    20. 

  20. --
    21. 

  21. 

  22. --  Ada Standard Library packages.
    23. 

  23. with Ada.Characters.Handling;
    24. 

  24. with Ada.Strings.Bounded;
    25. 

  25. with Ada.Text_IO.Bounded_IO;
    26. 

  26. 

  27. with SPARK_Terminal; pragma Elaborate_All (SPARK_Terminal);
    28. 

  28. 

  29. package body Tls_Server with SPARK_Mode is
    30. 

  30. 

  31.    use type WolfSSL.Mode_Type;
    32. 

  32.    use type WolfSSL.Byte_Index;
    33. 

  33.    use type WolfSSL.Byte_Array;
    34. 

  34.    use type WolfSSL.Subprogram_Result;
    35. 

  35. 

  36.    Success : WolfSSL.Subprogram_Result renames WolfSSL.Success;
    37. 

  37. 

  38.    procedure Put (Char : Character) is
    39. 

  39.    begin
    40. 

  40.       Ada.Text_IO.Put (Char);
    41. 

  41.    end Put;
    42. 

  42. 

  43.    procedure Put (Text : String) is
    44. 

  44.    begin
    45. 

  45.       Ada.Text_IO.Put (Text);
    46. 

  46.    end Put;
    47. 

  47. 

  48.    procedure Put_Line (Text : String) is
    49. 

  49.    begin
    50. 

  50.       Ada.Text_IO.Put_Line (Text);
    51. 

  51.    end Put_Line;
    52. 

  52. 

  53.    procedure New_Line is
    54. 

  54.    begin
    55. 

  55.       Ada.Text_IO.New_Line;
    56. 

  56.    end New_Line;
    57. 

  57. 

  58.    subtype Exit_Status is SPARK_Terminal.Exit_Status;
    59. 

  59. 

  60.    Exit_Status_Success : Exit_Status renames SPARK_Terminal.Exit_Status_Success;
    61. 

  61.    Exit_Status_Failure : Exit_Status renames SPARK_Terminal.Exit_Status_Failure;
    62. 

  62. 

  63.    procedure Set (Status : Exit_Status) with Global => null is
    64. 

  64.    begin
    65. 

  65.       SPARK_Terminal.Set_Exit_Status (Status);
    66. 

  66.    end Set;
    67. 

  67. 

  68.    subtype Port_Type is SPARK_Sockets.Port_Type;
    69. 

  69. 

  70.    subtype Level_Type is SPARK_Sockets.Level_Type;
    71. 

  71. 

  72.    subtype Socket_Type is SPARK_Sockets.Socket_Type;
    73. 

  73.    subtype Option_Name is SPARK_Sockets.Option_Name;
    74. 

  74.    subtype Option_Type is SPARK_Sockets.Option_Type;
    75. 

  75.    subtype Family_Type is SPARK_Sockets.Family_Type;
    76. 

  76. 

  77.    subtype Sock_Addr_Type is SPARK_Sockets.Sock_Addr_Type;
    78. 

  78.    subtype Inet_Addr_Type is SPARK_Sockets.Inet_Addr_Type;
    79. 

  79. 

  80.    Socket_Error : exception renames SPARK_Sockets.Socket_Error;
    81. 

  81. 

  82.    Reuse_Address : Option_Name renames SPARK_Sockets.Reuse_Address;
    83. 

  83. 

  84.    Socket_Level : Level_Type renames SPARK_Sockets.Socket_Level;
    85. 

  85. 

  86.    Family_Inet : Family_Type renames SPARK_Sockets.Family_Inet;
    87. 

  87. 

  88.    Any_Inet_Addr : Inet_Addr_Type renames SPARK_Sockets.Any_Inet_Addr;
    89. 

  89. 

  90.    CERT_FILE : constant String := "../../../certs/server-cert.pem";
    91. 

  91.    KEY_FILE  : constant String := "../../../certs/server-key.pem";
    92. 

  92.    CA_FILE   : constant String := "../../../certs/client-cert.pem";
    93. 

  93. 

  94.    subtype Byte_Array is WolfSSL.Byte_Array;
    95. 

  95. 

  96.    Reply : constant Byte_Array := "I hear ya fa shizzle!";
    97. 

  97. 

  98.    procedure Run (Ssl : in out WolfSSL.WolfSSL_Type;
    99. 

  99.                   Ctx : in out WolfSSL.Context_Type;
    100. 

  100.                   L   : in out SPARK_Sockets.Optional_Socket;
    101. 

  101.                   C   : in out SPARK_Sockets.Optional_Socket) is
    102. 

  102.       A : Sock_Addr_Type;
    103. 

  103.       P : constant Port_Type := 11111;
    104. 

  104. 

  105.       Ch : Character;
    106. 

  106. 

  107.       Result : WolfSSL.Subprogram_Result;
    108. 

  108.       Shall_Continue : Boolean := True;
    109. 

  109. 

  110.       Input  : WolfSSL.Read_Result;
    111. 

  111.       Output : WolfSSL.Write_Result;
    112. 

  112.       Option : Option_Type;
    113. 

  113.    begin
    114. 

  114.       Result := WolfSSL.Initialize;
    115. 

  115.       if Result /= Success then
    116. 

  116.          Put_Line ("ERROR: Failed to initialize the WolfSSL library.");
    117. 

  117.          return;
    118. 

  118.       end if;
    119. 

  119. 

  120.       SPARK_Sockets.Create_Socket (Socket => L);
    121. 

  121.       if not L.Exists then
    122. 

  122.          Put_Line ("ERROR: Failed to create socket.");
    123. 

  123.          return;
    124. 

  124.       end if;
    125. 

  125. 

  126.       Option := (Name => Reuse_Address, Enabled => True);
    127. 

  127.       Result := SPARK_Sockets.Set_Socket_Option (Socket => L.Socket,
    128. 

  128.                                                  Level  => Socket_Level,
    129. 

  129.                                                  Option => Option);
    130. 

  130.       if Result /= Success then
    131. 

  131.          Put_Line ("ERROR: Failed to set socket option.");
    132. 

  132.          SPARK_Sockets.Close_Socket (L);
    133. 

  133.          return;
    134. 

  134.       end if;
    135. 

  135. 

  136.       A := (Family => Family_Inet,
    137. 

  137.             Addr   => Any_Inet_Addr,
    138. 

  138.             Port   => P);
    139. 

  139.       Result := SPARK_Sockets.Bind_Socket (Socket  => L.Socket,
    140. 

  140.                                            Address => A);
    141. 

  141.       if Result /= Success then
    142. 

  142.          Put_Line ("ERROR: Failed to bind socket.");
    143. 

  143.          SPARK_Sockets.Close_Socket (L);
    144. 

  144.          return;
    145. 

  145.       end if;
    146. 

  146. 

  147.       Result := SPARK_Sockets.Listen_Socket (Socket => L.Socket,
    148. 

  148.                                              Length => 5);
    149. 

  149.       if Result /= Success then
    150. 

  150.          Put_Line ("ERROR: Failed to configure listener socket.");
    151. 

  151.          SPARK_Sockets.Close_Socket (L);
    152. 

  152.          return;
    153. 

  153.       end if;
    154. 

  154. 

  155.       --  Create and initialize WOLFSSL_CTX.
    156. 

  156.       WolfSSL.Create_Context (Method  => WolfSSL.TLSv1_3_Server_Method,
    157. 

  157.                               Context => Ctx);
    158. 

  158.       if not WolfSSL.Is_Valid (Ctx) then
    159. 

  159.          Put_Line ("ERROR: failed to create WOLFSSL_CTX.");
    160. 

  160.          SPARK_Sockets.Close_Socket (L);
    161. 

  161.          Set (Exit_Status_Failure);
    162. 

  162.          return;
    163. 

  163.       end if;
    164. 

  164. 

  165.       --  Require mutual authentication.
    166. 

  166.       WolfSSL.Set_Verify
    167. 

  167.          (Context => Ctx,
    168. 

  168.           Mode    => WolfSSL.Verify_Peer & WolfSSL.Verify_Fail_If_No_Peer_Cert);
    169. 

  169. 

  170.       --  Load server certificates into WOLFSSL_CTX.
    171. 

  171.       Result := WolfSSL.Use_Certificate_File (Context => Ctx,
    172. 

  172.                                               File    => CERT_FILE,
    173. 

  173.                                               Format  => WolfSSL.Format_Pem);
    174. 

  174.       if Result /= Success then
    175. 

  175.          Put ("ERROR: failed to load ");
    176. 

  176.          Put (CERT_FILE);
    177. 

  177.          Put (", please check the file.");
    178. 

  178.          New_Line;
    179. 

  179.          SPARK_Sockets.Close_Socket (L);
    180. 

  180.          WolfSSL.Free (Context => Ctx);
    181. 

  181.          Set (Exit_Status_Failure);
    182. 

  182.          return;
    183. 

  183.       end if;
    184. 

  184. 

  185.       --  Load server key into WOLFSSL_CTX.
    186. 

  186.       Result := WolfSSL.Use_Private_Key_File (Context => Ctx,
    187. 

  187.                                               File    => KEY_FILE,
    188. 

  188.                                               Format  => WolfSSL.Format_Pem);
    189. 

  189.       if Result /= Success then
    190. 

  190.          Put ("ERROR: failed to load ");
    191. 

  191.          Put (KEY_FILE);
    192. 

  192.          Put (", please check the file.");
    193. 

  193.          New_Line;
    194. 

  194.          SPARK_Sockets.Close_Socket (L);
    195. 

  195.          WolfSSL.Free (Context => Ctx);
    196. 

  196.          Set (Exit_Status_Failure);
    197. 

  197.          return;
    198. 

  198.       end if;
    199. 

  199. 

  200.       --  Load client certificate as "trusted" into WOLFSSL_CTX.
    201. 

  201.       Result := WolfSSL.Load_Verify_Locations (Context => Ctx,
    202. 

  202.                                                File    => CA_FILE,
    203. 

  203.                                                Path    => "");
    204. 

  204.       if Result /= Success then
    205. 

  205.          Put ("ERROR: failed to load ");
    206. 

  206.          Put (CA_FILE);
    207. 

  207.          Put (", please check the file.");
    208. 

  208.          New_Line;
    209. 

  209.          SPARK_Sockets.Close_Socket (L);
    210. 

  210.          WolfSSL.Free (Context => Ctx);
    211. 

  211.          Set (Exit_Status_Failure);
    212. 

  212.          return;
    213. 

  213.       end if;
    214. 

  214. 

  215.       while Shall_Continue loop
    216. 

  216.          pragma Loop_Invariant (not C.Exists);
    217. 

  217.          pragma Loop_Invariant (not WolfSSL.Is_Valid (Ssl));
    218. 

  218.          pragma Loop_Invariant (WolfSSL.Is_Valid (Ctx));
    219. 

  219. 

  220.          Put_Line ("Waiting for a connection...");
    221. 

  221.          SPARK_Sockets.Accept_Socket (Server  => L.Socket,
    222. 

  222.                                       Socket  => C,
    223. 

  223.                                       Address => A,
    224. 

  224.                                       Result  => Result);
    225. 

  225.          if Result /= Success then
    226. 

  226.             Put_Line ("ERROR: failed to accept the connection.");
    227. 

  227.             SPARK_Sockets.Close_Socket (L);
    228. 

  228.             WolfSSL.Free (Context => Ctx);
    229. 

  229.             return;
    230. 

  230.          end if;
    231. 

  231. 

  232.          --  Create a WOLFSSL object.
    233. 

  233.          WolfSSL.Create_WolfSSL (Context => Ctx, Ssl => Ssl);
    234. 

  234.          if not WolfSSL.Is_Valid (Ssl) then
    235. 

  235.             Put_Line ("ERROR: failed to create WOLFSSL object.");
    236. 

  236.             SPARK_Sockets.Close_Socket (L);
    237. 

  237.             SPARK_Sockets.Close_Socket (C);
    238. 

  238.             WolfSSL.Free (Context => Ctx);
    239. 

  239.             Set (Exit_Status_Failure);
    240. 

  240.             return;
    241. 

  241.          end if;
    242. 

  242. 

  243.          --  Attach wolfSSL to the socket.
    244. 

  244.          Result := WolfSSL.Attach (Ssl    => Ssl,
    245. 

  245.                                    Socket => SPARK_Sockets.To_C (C.Socket));
    246. 

  246.          if Result /= Success then
    247. 

  247.             Put_Line ("ERROR: Failed to set the file descriptor.");
    248. 

  248.             WolfSSL.Free (Ssl);
    249. 

  249.             SPARK_Sockets.Close_Socket (L);
    250. 

  250.             SPARK_Sockets.Close_Socket (C);
    251. 

  251.             WolfSSL.Free (Context => Ctx);
    252. 

  252.             Set (Exit_Status_Failure);
    253. 

  253.             return;
    254. 

  254.          end if;
    255. 

  255. 

  256.          --  Establish TLS connection.
    257. 

  257.          Result := WolfSSL.Accept_Connection (Ssl);
    258. 

  258.          if Result /= Success then
    259. 

  259.             Put_Line ("Accept error.");
    260. 

  260.             WolfSSL.Free (Ssl);
    261. 

  261.             SPARK_Sockets.Close_Socket (L);
    262. 

  262.             SPARK_Sockets.Close_Socket (C);
    263. 

  263.             WolfSSL.Free (Context => Ctx);
    264. 

  264.             Set (Exit_Status_Failure);
    265. 

  265.             return;
    266. 

  266.          end if;
    267. 

  267. 

  268.          Put_Line ("Client connected successfully.");
    269. 

  269. 

  270.          Input := WolfSSL.Read (Ssl);
    271. 

  271.          if not  Input.Success then
    272. 

  272.             Put_Line ("Read error.");
    273. 

  273.             WolfSSL.Free (Ssl);
    274. 

  274.             SPARK_Sockets.Close_Socket (L);
    275. 

  275.             SPARK_Sockets.Close_Socket (C);
    276. 

  276.             WolfSSL.Free (Context => Ctx);
    277. 

  277.             Set (Exit_Status_Failure);
    278. 

  278.             return;
    279. 

  279.          end if;
    280. 

  280. 

  281.          --  Print to stdout any data the client sends.
    282. 

  282.          for I in Input.Buffer'Range loop
    283. 

  283.             Ch := Character (Input.Buffer (I));
    284. 

  284.             if Ada.Characters.Handling.Is_Graphic (Ch) then
    285. 

  285.                Put (Ch);
    286. 

  286.             else
    287. 

  287.                null;
    288. 

  288.                --  Ignore the "newline" characters at end of message.
    289. 

  289.             end if;
    290. 

  290.          end loop;
    291. 

  291.          New_Line;
    292. 

  292. 

  293.          --  Check for server shutdown command.
    294. 

  294.          if Input.Last >= 8  then
    295. 

  295.             if Input.Buffer (1 .. 8) = "shutdown" then
    296. 

  296.                Put_Line ("Shutdown command issued!");
    297. 

  297.                Shall_Continue := False;
    298. 

  298.             end if;
    299. 

  299.          end if;
    300. 

  300. 

  301.          Output := WolfSSL.Write (Ssl, Reply);
    302. 

  302.          if not Output.Success then
    303. 

  303.             Put_Line ("ERROR: write failure.");
    304. 

  304.          elsif Output.Bytes_Written /= Reply'Length then
    305. 

  305.             Put_Line ("ERROR: failed to write full response.");
    306. 

  306.          end if;
    307. 

  307. 

  308.          for I in 1 .. 3 loop
    309. 

  309.             Result := WolfSSL.Shutdown (Ssl);
    310. 

  310.             exit when Result = Success;
    311. 

  311.             delay 0.001;  --  Delay is expressed in seconds.
    312. 

  312.          end loop;
    313. 

  313.          if Result /= Success then
    314. 

  314.             Put_Line ("ERROR: Failed to shutdown WolfSSL context.");
    315. 

  315.          end if;
    316. 

  316.          WolfSSL.Free (Ssl);
    317. 

  317.          SPARK_Sockets.Close_Socket (C);
    318. 

  318. 

  319.          Put_Line ("Shutdown complete.");
    320. 

  320.       end loop;
    321. 

  321.       SPARK_Sockets.Close_Socket (L);
    322. 

  322.       WolfSSL.Free (Context => Ctx);
    323. 

  323.       Result := WolfSSL.Finalize;
    324. 

  324.       if Result /= Success then
    325. 

  325.          Put_Line ("ERROR: Failed to finalize the WolfSSL library.");
    326. 

  326.          return;
    327. 

  327.       end if;
    328. 

  328.    end Run;
    329. 

  329. 

  330. end Tls_Server;
    331.