1*4724848cSchristos /*
2*4724848cSchristos * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
3*4724848cSchristos *
4*4724848cSchristos * Licensed under the OpenSSL license (the "License"). You may not use
5*4724848cSchristos * this file except in compliance with the License. You can obtain a copy
6*4724848cSchristos * in the file LICENSE in the source distribution or at
7*4724848cSchristos * https://www.openssl.org/source/license.html
8*4724848cSchristos */
9*4724848cSchristos
10*4724848cSchristos /*
11*4724848cSchristos * A minimal TLS server it ses SSL_CTX_config and a configuration file to
12*4724848cSchristos * set most server parameters.
13*4724848cSchristos */
14*4724848cSchristos
15*4724848cSchristos #include <stdio.h>
16*4724848cSchristos #include <signal.h>
17*4724848cSchristos #include <stdlib.h>
18*4724848cSchristos #include <openssl/err.h>
19*4724848cSchristos #include <openssl/ssl.h>
20*4724848cSchristos #include <openssl/conf.h>
21*4724848cSchristos
main(int argc,char * argv[])22*4724848cSchristos int main(int argc, char *argv[])
23*4724848cSchristos {
24*4724848cSchristos unsigned char buf[512];
25*4724848cSchristos char *port = "*:4433";
26*4724848cSchristos BIO *in = NULL;
27*4724848cSchristos BIO *ssl_bio, *tmp;
28*4724848cSchristos SSL_CTX *ctx;
29*4724848cSchristos int ret = EXIT_FAILURE, i;
30*4724848cSchristos
31*4724848cSchristos ctx = SSL_CTX_new(TLS_server_method());
32*4724848cSchristos
33*4724848cSchristos if (CONF_modules_load_file("cmod.cnf", "testapp", 0) <= 0) {
34*4724848cSchristos fprintf(stderr, "Error processing config file\n");
35*4724848cSchristos goto err;
36*4724848cSchristos }
37*4724848cSchristos
38*4724848cSchristos if (SSL_CTX_config(ctx, "server") == 0) {
39*4724848cSchristos fprintf(stderr, "Error configuring server.\n");
40*4724848cSchristos goto err;
41*4724848cSchristos }
42*4724848cSchristos
43*4724848cSchristos /* Setup server side SSL bio */
44*4724848cSchristos ssl_bio = BIO_new_ssl(ctx, 0);
45*4724848cSchristos
46*4724848cSchristos if ((in = BIO_new_accept(port)) == NULL)
47*4724848cSchristos goto err;
48*4724848cSchristos
49*4724848cSchristos /*
50*4724848cSchristos * This means that when a new connection is accepted on 'in', The ssl_bio
51*4724848cSchristos * will be 'duplicated' and have the new socket BIO push into it.
52*4724848cSchristos * Basically it means the SSL BIO will be automatically setup
53*4724848cSchristos */
54*4724848cSchristos BIO_set_accept_bios(in, ssl_bio);
55*4724848cSchristos
56*4724848cSchristos again:
57*4724848cSchristos /*
58*4724848cSchristos * The first call will setup the accept socket, and the second will get a
59*4724848cSchristos * socket. In this loop, the first actual accept will occur in the
60*4724848cSchristos * BIO_read() function.
61*4724848cSchristos */
62*4724848cSchristos
63*4724848cSchristos if (BIO_do_accept(in) <= 0)
64*4724848cSchristos goto err;
65*4724848cSchristos
66*4724848cSchristos for (;;) {
67*4724848cSchristos i = BIO_read(in, buf, sizeof(buf));
68*4724848cSchristos if (i == 0) {
69*4724848cSchristos /*
70*4724848cSchristos * If we have finished, remove the underlying BIO stack so the
71*4724848cSchristos * next time we call any function for this BIO, it will attempt
72*4724848cSchristos * to do an accept
73*4724848cSchristos */
74*4724848cSchristos printf("Done\n");
75*4724848cSchristos tmp = BIO_pop(in);
76*4724848cSchristos BIO_free_all(tmp);
77*4724848cSchristos goto again;
78*4724848cSchristos }
79*4724848cSchristos if (i < 0) {
80*4724848cSchristos if (BIO_should_retry(in))
81*4724848cSchristos continue;
82*4724848cSchristos goto err;
83*4724848cSchristos }
84*4724848cSchristos fwrite(buf, 1, i, stdout);
85*4724848cSchristos fflush(stdout);
86*4724848cSchristos }
87*4724848cSchristos
88*4724848cSchristos ret = EXIT_SUCCESS;
89*4724848cSchristos err:
90*4724848cSchristos if (ret != EXIT_SUCCESS)
91*4724848cSchristos ERR_print_errors_fp(stderr);
92*4724848cSchristos BIO_free(in);
93*4724848cSchristos return ret;
94*4724848cSchristos }
95