Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/openssl/demos/bio/client-conf.c
34868 views
1
/*

2
 * Copyright 2013-2023 The OpenSSL Project Authors. All Rights Reserved.

3
 *

4
 * Licensed under the Apache License 2.0 (the "License").  You may not use

5
 * this file except in compliance with the License.  You can obtain a copy

6
 * in the file LICENSE in the source distribution or at

7
 * https://www.openssl.org/source/license.html

8
 */

9


10
#include <string.h>

11
#include <openssl/err.h>

12
#include <openssl/ssl.h>

13
#include <openssl/conf.h>

14


15
int main(int argc, char **argv)

16
{

17
    BIO *sbio = NULL, *out = NULL;

18
    int i, len, rv;

19
    char tmpbuf[1024];

20
    SSL_CTX *ctx = NULL;

21
    SSL_CONF_CTX *cctx = NULL;

22
    SSL *ssl = NULL;

23
    CONF *conf = NULL;

24
    STACK_OF(CONF_VALUE) *sect = NULL;

25
    CONF_VALUE *cnf;

26
    const char *connect_str = "localhost:4433";

27
    long errline = -1;

28
    int ret = EXIT_FAILURE;

29


30
    conf = NCONF_new(NULL);

31


32
    if (NCONF_load(conf, "connect.cnf", &errline) <= 0) {

33
        if (errline <= 0)

34
            fprintf(stderr, "Error processing config file\n");

35
        else

36
            fprintf(stderr, "Error on line %ld\n", errline);

37
        goto end;

38
    }

39


40
    sect = NCONF_get_section(conf, "default");

41


42
    if (sect == NULL) {

43
        fprintf(stderr, "Error retrieving default section\n");

44
        goto end;

45
    }

46


47
    ctx = SSL_CTX_new(TLS_client_method());

48
    cctx = SSL_CONF_CTX_new();

49
    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);

50
    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);

51
    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);

52
    for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {

53
        cnf = sk_CONF_VALUE_value(sect, i);

54
        rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value);

55
        if (rv > 0)

56
            continue;

57
        if (rv != -2) {

58
            fprintf(stderr, "Error processing %s = %s\n",

59
                    cnf->name, cnf->value);

60
            ERR_print_errors_fp(stderr);

61
            goto end;

62
        }

63
        if (strcmp(cnf->name, "Connect") == 0) {

64
            connect_str = cnf->value;

65
        } else {

66
            fprintf(stderr, "Unknown configuration option %s\n", cnf->name);

67
            goto end;

68
        }

69
    }

70


71
    if (!SSL_CONF_CTX_finish(cctx)) {

72
        fprintf(stderr, "Finish error\n");

73
        ERR_print_errors_fp(stderr);

74
        goto end;

75
    }

76


77
    /*

78
     * We'd normally set some stuff like the verify paths and * mode here

79
     * because as things stand this will connect to * any server whose

80
     * certificate is signed by any CA.

81
     */

82


83
    sbio = BIO_new_ssl_connect(ctx);

84


85
    BIO_get_ssl(sbio, &ssl);

86


87
    if (!ssl) {

88
        fprintf(stderr, "Can't locate SSL pointer\n");

89
        goto end;

90
    }

91


92
    /* We might want to do other things with ssl here */

93


94
    BIO_set_conn_hostname(sbio, connect_str);

95


96
    out = BIO_new_fp(stdout, BIO_NOCLOSE);

97
    if (BIO_do_connect(sbio) <= 0) {

98
        fprintf(stderr, "Error connecting to server\n");

99
        ERR_print_errors_fp(stderr);

100
        goto end;

101
    }

102


103
    /* Could examine ssl here to get connection info */

104


105
    BIO_puts(sbio, "GET / HTTP/1.0\n\n");

106
    for (;;) {

107
        len = BIO_read(sbio, tmpbuf, 1024);

108
        if (len <= 0)

109
            break;

110
        BIO_write(out, tmpbuf, len);

111
    }

112
    ret = EXIT_SUCCESS;

113


114
 end:

115
    SSL_CONF_CTX_free(cctx);

116
    BIO_free_all(sbio);

117
    BIO_free(out);

118
    NCONF_free(conf);

119
    return ret;

120
}

121


122