xref: /netbsd-src/crypto/external/bsd/openssl/dist/demos/bio/client-conf.c (revision b0d1725196a7921d003d2c66a14f186abda4176b) 
1c7da899bSchristos /*
221497c5cSchristos  * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
3c7da899bSchristos  *
4*b0d17251Schristos  * Licensed under the Apache License 2.0 (the "License").  You may not use
5c7da899bSchristos  * this file except in compliance with the License.  You can obtain a copy
6c7da899bSchristos  * in the file LICENSE in the source distribution or at
7c7da899bSchristos  * https://www.openssl.org/source/license.html
8c7da899bSchristos  */
9c7da899bSchristos 
10c7da899bSchristos #include <string.h>
11a6054fbfSspz #include <openssl/err.h>
12a6054fbfSspz #include <openssl/ssl.h>
13a6054fbfSspz #include <openssl/conf.h>
14a6054fbfSspz 
main(int argc,char ** argv)15a6054fbfSspz int main(int argc, char **argv)
16a6054fbfSspz {
17a6054fbfSspz     BIO *sbio = NULL, *out = NULL;
18a6054fbfSspz     int i, len, rv;
19a6054fbfSspz     char tmpbuf[1024];
20a6054fbfSspz     SSL_CTX *ctx = NULL;
21a6054fbfSspz     SSL_CONF_CTX *cctx = NULL;
22a6054fbfSspz     SSL *ssl = NULL;
23a6054fbfSspz     CONF *conf = NULL;
24a6054fbfSspz     STACK_OF(CONF_VALUE) *sect = NULL;
25a6054fbfSspz     CONF_VALUE *cnf;
26a6054fbfSspz     const char *connect_str = "localhost:4433";
27a6054fbfSspz     long errline = -1;
28a6054fbfSspz 
29a6054fbfSspz     conf = NCONF_new(NULL);
30a6054fbfSspz 
31a6054fbfSspz     if (NCONF_load(conf, "connect.cnf", &errline) <= 0) {
32a6054fbfSspz         if (errline <= 0)
33a6054fbfSspz             fprintf(stderr, "Error processing config file\n");
34a6054fbfSspz         else
35a6054fbfSspz             fprintf(stderr, "Error on line %ld\n", errline);
36a6054fbfSspz         goto end;
37a6054fbfSspz     }
38a6054fbfSspz 
39a6054fbfSspz     sect = NCONF_get_section(conf, "default");
40a6054fbfSspz 
41a6054fbfSspz     if (sect == NULL) {
42a6054fbfSspz         fprintf(stderr, "Error retrieving default section\n");
43a6054fbfSspz         goto end;
44a6054fbfSspz     }
45a6054fbfSspz 
46c7da899bSchristos     ctx = SSL_CTX_new(TLS_client_method());
47a6054fbfSspz     cctx = SSL_CONF_CTX_new();
48a6054fbfSspz     SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);
49a6054fbfSspz     SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);
50a6054fbfSspz     SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
51a6054fbfSspz     for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
52a6054fbfSspz         cnf = sk_CONF_VALUE_value(sect, i);
53a6054fbfSspz         rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value);
54a6054fbfSspz         if (rv > 0)
55a6054fbfSspz             continue;
56a6054fbfSspz         if (rv != -2) {
57a6054fbfSspz             fprintf(stderr, "Error processing %s = %s\n",
58a6054fbfSspz                     cnf->name, cnf->value);
59a6054fbfSspz             ERR_print_errors_fp(stderr);
60a6054fbfSspz             goto end;
61a6054fbfSspz         }
62c7da899bSchristos         if (strcmp(cnf->name, "Connect") == 0) {
63a6054fbfSspz             connect_str = cnf->value;
64a6054fbfSspz         } else {
65a6054fbfSspz             fprintf(stderr, "Unknown configuration option %s\n", cnf->name);
66a6054fbfSspz             goto end;
67a6054fbfSspz         }
68a6054fbfSspz     }
69a6054fbfSspz 
70a6054fbfSspz     if (!SSL_CONF_CTX_finish(cctx)) {
71a6054fbfSspz         fprintf(stderr, "Finish error\n");
72a6054fbfSspz         ERR_print_errors_fp(stderr);
73c7da899bSchristos         goto end;
74a6054fbfSspz     }
75a6054fbfSspz 
76a6054fbfSspz     /*
77a6054fbfSspz      * We'd normally set some stuff like the verify paths and * mode here
78a6054fbfSspz      * because as things stand this will connect to * any server whose
79a6054fbfSspz      * certificate is signed by any CA.
80a6054fbfSspz      */
81a6054fbfSspz 
82a6054fbfSspz     sbio = BIO_new_ssl_connect(ctx);
83a6054fbfSspz 
84a6054fbfSspz     BIO_get_ssl(sbio, &ssl);
85a6054fbfSspz 
86a6054fbfSspz     if (!ssl) {
87a6054fbfSspz         fprintf(stderr, "Can't locate SSL pointer\n");
88a6054fbfSspz         goto end;
89a6054fbfSspz     }
90a6054fbfSspz 
91a6054fbfSspz     /* We might want to do other things with ssl here */
92a6054fbfSspz 
93a6054fbfSspz     BIO_set_conn_hostname(sbio, connect_str);
94a6054fbfSspz 
95a6054fbfSspz     out = BIO_new_fp(stdout, BIO_NOCLOSE);
96a6054fbfSspz     if (BIO_do_connect(sbio) <= 0) {
97a6054fbfSspz         fprintf(stderr, "Error connecting to server\n");
98a6054fbfSspz         ERR_print_errors_fp(stderr);
99a6054fbfSspz         goto end;
100a6054fbfSspz     }
101a6054fbfSspz 
102a6054fbfSspz     /* Could examine ssl here to get connection info */
103a6054fbfSspz 
104a6054fbfSspz     BIO_puts(sbio, "GET / HTTP/1.0\n\n");
105a6054fbfSspz     for (;;) {
106a6054fbfSspz         len = BIO_read(sbio, tmpbuf, 1024);
107a6054fbfSspz         if (len <= 0)
108a6054fbfSspz             break;
109a6054fbfSspz         BIO_write(out, tmpbuf, len);
110a6054fbfSspz     }
111a6054fbfSspz  end:
112a6054fbfSspz     SSL_CONF_CTX_free(cctx);
113a6054fbfSspz     BIO_free_all(sbio);
114a6054fbfSspz     BIO_free(out);
115a6054fbfSspz     NCONF_free(conf);
116a6054fbfSspz     return 0;
117a6054fbfSspz }
118