4 * Copyright (C) 2003 Hugo Villeneuve <hugo@hugovil.com>
5 * Based on ssl_client.c (Sean Walton and Macmillan Publishers).
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
28 /* Define filename_M */
36 #include <sys/socket.h>
39 #include <openssl/ssl.h>
40 #include <openssl/err.h>
47 /* InitCTX - initialize the SSL engine. */
54 SSL_library_init(); /* Load cryptos, et.al. */
55 SSL_load_error_strings(); /* Bring in and register error messages */
56 method
= SSLv23_client_method(); /* Indicate we support SSLv2, SSLv3 and TLSv1 methods. */
57 ctx
= SSL_CTX_new(method
); /* Create new context */
59 ERR_print_errors_fp(stderr
);
66 /* ShowCerts - print out the certificates. */
73 cert
= SSL_get_peer_certificate(ssl
); /* get the server's certificate */
75 printf("Server certificates:\n");
76 line
= X509_NAME_oneline(X509_get_subject_name(cert
), 0, 0);
77 printf("Subject: %s\n", line
);
78 free(line
); /* free the malloc'ed string */
79 line
= X509_NAME_oneline(X509_get_issuer_name(cert
), 0, 0);
80 printf("Issuer: %s\n", line
);
81 free(line
); /* free the malloc'ed string */
82 X509_free(cert
); /* free the malloc'ed certificate copy */
85 printf("No certificates.\n");
91 InitSSL( int sock_fd
)
93 ssl_infos
.ctx
= InitCTX();
94 ssl_infos
.ssl
= SSL_new( ssl_infos
.ctx
); /* create new SSL connection state */
95 if( ssl_infos
.ssl
== NULL
) {
96 printf( "%s: Error in SSL_new()\n", PACKAGE
);
100 SSL_set_fd( ssl_infos
.ssl
, sock_fd
); /* attach the socket descriptor */
101 if( SSL_connect( ssl_infos
.ssl
) == FAIL
) { /* perform the connection */
102 ERR_print_errors_fp(stderr
);
106 if( wmnotify_infos
.debug
) {
107 printf("Connected with %s encryption\n", SSL_get_cipher( ssl_infos
.ssl
));
108 ShowCerts( ssl_infos
.ssl
); /* get any certs */
115 #endif /* HAVE_SSL */