wmnotify-1.0.0/src/ssl.c

   1 /*
   2  * ssl.c
   3  *
   4  * Copyright (C) 2003 Hugo Villeneuve <hugo@hugovil.com>
   5  * Based on ssl_client.c (Sean Walton and Macmillan Publishers).
   6  *
   7  * This program is free software; you can redistribute it and/or modify
   8  * it under the terms of the GNU General Public License as published by
   9  * the Free Software Foundation; either version 2 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program; if not, write to the Free Software
  19  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
  20  */
  21
  22 #if HAVE_CONFIG_H
  23 #  include "config.h"
  24 #endif
  25
  26 #if HAVE_SSL
  27
  28 /* Define filename_M */
  29 #define SSL_M 1
  30
  31 #include <stdio.h>
  32 #include <errno.h>
  33 #include <unistd.h>
  34 #include <malloc.h>
  35 #include <string.h>
  36 #include <sys/socket.h>
  37 #include <resolv.h>
  38 #include <netdb.h>
  39 #include <openssl/ssl.h>
  40 #include <openssl/err.h>
  41
  42 #include "common.h"
  43 #include "wmnotify.h"
  44 #include "ssl.h"
  45
  46
  47 /* InitCTX - initialize the SSL engine. */
  48 SSL_CTX *
  49 InitCTX( void )
  50 {
  51   SSL_METHOD *method;
  52   SSL_CTX *ctx;
  53
  54   SSL_library_init();             /* Load cryptos, et.al. */
  55   SSL_load_error_strings();       /* Bring in and register error messages */
  56   method = SSLv23_client_method(); /* Indicate we support SSLv2, SSLv3 and TLSv1 methods. */
  57   ctx = SSL_CTX_new(method);      /* Create new context */
  58   if( ctx == NULL ) {
  59     ERR_print_errors_fp(stderr);
  60     abort();
  61   }
  62   return ctx;
  63 }
  64
  65
  66 /* ShowCerts - print out the certificates. */
  67 void
  68 ShowCerts( SSL *ssl )
  69 {
  70   X509 *cert;
  71   char *line;
  72
  73   cert = SSL_get_peer_certificate(ssl); /* get the server's certificate */
  74   if ( cert != NULL ) {
  75     printf("Server certificates:\n");
  76     line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
  77     printf("Subject: %s\n", line);
  78     free(line); /* free the malloc'ed string */
  79     line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
  80     printf("Issuer: %s\n", line);
  81     free(line); /* free the malloc'ed string */
  82     X509_free(cert); /* free the malloc'ed certificate copy */
  83   }
  84   else {
  85     printf("No certificates.\n");
  86   }
  87 }
  88
  89
  90 int
  91 InitSSL( int sock_fd )
  92 {
  93   ssl_infos.ctx = InitCTX();
  94   ssl_infos.ssl = SSL_new( ssl_infos.ctx ); /* create new SSL connection state */
  95   if( ssl_infos.ssl == NULL ) {
  96     printf( "%s: Error in SSL_new()\n", PACKAGE );
  97     return EXIT_FAILURE;
  98   }
  99
 100   SSL_set_fd( ssl_infos.ssl, sock_fd ); /* attach the socket descriptor */
 101   if( SSL_connect( ssl_infos.ssl ) == FAIL ) { /* perform the connection */
 102     ERR_print_errors_fp(stderr);
 103     return EXIT_FAILURE;
 104   }
 105
 106   if( wmnotify_infos.debug ) {
 107     printf("Connected with %s encryption\n", SSL_get_cipher( ssl_infos.ssl ));
 108     ShowCerts( ssl_infos.ssl ); /* get any certs */
 109   }
 110
 111   return EXIT_SUCCESS;
 112 }
 113
 114
 115 #endif /* HAVE_SSL */