1*ebfedea0SLionel Sambuc /* cli.cpp - Minimal ssleay client for Unix
2*ebfedea0SLionel Sambuc 30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
3*ebfedea0SLionel Sambuc
4*ebfedea0SLionel Sambuc /* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
5*ebfedea0SLionel Sambuc Simplified to be even more minimal
6*ebfedea0SLionel Sambuc 12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
7*ebfedea0SLionel Sambuc
8*ebfedea0SLionel Sambuc #include <stdio.h>
9*ebfedea0SLionel Sambuc #include <memory.h>
10*ebfedea0SLionel Sambuc #include <errno.h>
11*ebfedea0SLionel Sambuc #include <sys/types.h>
12*ebfedea0SLionel Sambuc #include <sys/socket.h>
13*ebfedea0SLionel Sambuc #include <netinet/in.h>
14*ebfedea0SLionel Sambuc #include <arpa/inet.h>
15*ebfedea0SLionel Sambuc #include <netdb.h>
16*ebfedea0SLionel Sambuc
17*ebfedea0SLionel Sambuc #include <openssl/crypto.h>
18*ebfedea0SLionel Sambuc #include <openssl/x509.h>
19*ebfedea0SLionel Sambuc #include <openssl/pem.h>
20*ebfedea0SLionel Sambuc #include <openssl/ssl.h>
21*ebfedea0SLionel Sambuc #include <openssl/err.h>
22*ebfedea0SLionel Sambuc
23*ebfedea0SLionel Sambuc
24*ebfedea0SLionel Sambuc #define CHK_NULL(x) if ((x)==NULL) exit (1)
25*ebfedea0SLionel Sambuc #define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
26*ebfedea0SLionel Sambuc #define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
27*ebfedea0SLionel Sambuc
main()28*ebfedea0SLionel Sambuc void main ()
29*ebfedea0SLionel Sambuc {
30*ebfedea0SLionel Sambuc int err;
31*ebfedea0SLionel Sambuc int sd;
32*ebfedea0SLionel Sambuc struct sockaddr_in sa;
33*ebfedea0SLionel Sambuc SSL_CTX* ctx;
34*ebfedea0SLionel Sambuc SSL* ssl;
35*ebfedea0SLionel Sambuc X509* server_cert;
36*ebfedea0SLionel Sambuc char* str;
37*ebfedea0SLionel Sambuc char buf [4096];
38*ebfedea0SLionel Sambuc SSL_METHOD *meth;
39*ebfedea0SLionel Sambuc
40*ebfedea0SLionel Sambuc SSLeay_add_ssl_algorithms();
41*ebfedea0SLionel Sambuc meth = SSLv2_client_method();
42*ebfedea0SLionel Sambuc SSL_load_error_strings();
43*ebfedea0SLionel Sambuc ctx = SSL_CTX_new (meth); CHK_NULL(ctx);
44*ebfedea0SLionel Sambuc
45*ebfedea0SLionel Sambuc CHK_SSL(err);
46*ebfedea0SLionel Sambuc
47*ebfedea0SLionel Sambuc /* ----------------------------------------------- */
48*ebfedea0SLionel Sambuc /* Create a socket and connect to server using normal socket calls. */
49*ebfedea0SLionel Sambuc
50*ebfedea0SLionel Sambuc sd = socket (AF_INET, SOCK_STREAM, 0); CHK_ERR(sd, "socket");
51*ebfedea0SLionel Sambuc
52*ebfedea0SLionel Sambuc memset (&sa, '\0', sizeof(sa));
53*ebfedea0SLionel Sambuc sa.sin_family = AF_INET;
54*ebfedea0SLionel Sambuc sa.sin_addr.s_addr = inet_addr ("127.0.0.1"); /* Server IP */
55*ebfedea0SLionel Sambuc sa.sin_port = htons (1111); /* Server Port number */
56*ebfedea0SLionel Sambuc
57*ebfedea0SLionel Sambuc err = connect(sd, (struct sockaddr*) &sa,
58*ebfedea0SLionel Sambuc sizeof(sa)); CHK_ERR(err, "connect");
59*ebfedea0SLionel Sambuc
60*ebfedea0SLionel Sambuc /* ----------------------------------------------- */
61*ebfedea0SLionel Sambuc /* Now we have TCP conncetion. Start SSL negotiation. */
62*ebfedea0SLionel Sambuc
63*ebfedea0SLionel Sambuc ssl = SSL_new (ctx); CHK_NULL(ssl);
64*ebfedea0SLionel Sambuc SSL_set_fd (ssl, sd);
65*ebfedea0SLionel Sambuc err = SSL_connect (ssl); CHK_SSL(err);
66*ebfedea0SLionel Sambuc
67*ebfedea0SLionel Sambuc /* Following two steps are optional and not required for
68*ebfedea0SLionel Sambuc data exchange to be successful. */
69*ebfedea0SLionel Sambuc
70*ebfedea0SLionel Sambuc /* Get the cipher - opt */
71*ebfedea0SLionel Sambuc
72*ebfedea0SLionel Sambuc printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
73*ebfedea0SLionel Sambuc
74*ebfedea0SLionel Sambuc /* Get server's certificate (note: beware of dynamic allocation) - opt */
75*ebfedea0SLionel Sambuc
76*ebfedea0SLionel Sambuc server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert);
77*ebfedea0SLionel Sambuc printf ("Server certificate:\n");
78*ebfedea0SLionel Sambuc
79*ebfedea0SLionel Sambuc str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0);
80*ebfedea0SLionel Sambuc CHK_NULL(str);
81*ebfedea0SLionel Sambuc printf ("\t subject: %s\n", str);
82*ebfedea0SLionel Sambuc OPENSSL_free (str);
83*ebfedea0SLionel Sambuc
84*ebfedea0SLionel Sambuc str = X509_NAME_oneline (X509_get_issuer_name (server_cert),0,0);
85*ebfedea0SLionel Sambuc CHK_NULL(str);
86*ebfedea0SLionel Sambuc printf ("\t issuer: %s\n", str);
87*ebfedea0SLionel Sambuc OPENSSL_free (str);
88*ebfedea0SLionel Sambuc
89*ebfedea0SLionel Sambuc /* We could do all sorts of certificate verification stuff here before
90*ebfedea0SLionel Sambuc deallocating the certificate. */
91*ebfedea0SLionel Sambuc
92*ebfedea0SLionel Sambuc X509_free (server_cert);
93*ebfedea0SLionel Sambuc
94*ebfedea0SLionel Sambuc /* --------------------------------------------------- */
95*ebfedea0SLionel Sambuc /* DATA EXCHANGE - Send a message and receive a reply. */
96*ebfedea0SLionel Sambuc
97*ebfedea0SLionel Sambuc err = SSL_write (ssl, "Hello World!", strlen("Hello World!")); CHK_SSL(err);
98*ebfedea0SLionel Sambuc
99*ebfedea0SLionel Sambuc err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
100*ebfedea0SLionel Sambuc buf[err] = '\0';
101*ebfedea0SLionel Sambuc printf ("Got %d chars:'%s'\n", err, buf);
102*ebfedea0SLionel Sambuc SSL_shutdown (ssl); /* send SSL/TLS close_notify */
103*ebfedea0SLionel Sambuc
104*ebfedea0SLionel Sambuc /* Clean up. */
105*ebfedea0SLionel Sambuc
106*ebfedea0SLionel Sambuc close (sd);
107*ebfedea0SLionel Sambuc SSL_free (ssl);
108*ebfedea0SLionel Sambuc SSL_CTX_free (ctx);
109*ebfedea0SLionel Sambuc }
110*ebfedea0SLionel Sambuc /* EOF - cli.cpp */
111