2 * Copyright (C) 2004, 2005, 2008, 2010 Free Software Foundation, Inc.
4 * Author: Simon Josefsson
6 * This file is part of GNUTLS.
8 * GNUTLS is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GNUTLS is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with GNUTLS; if not, write to the Free Software Foundation,
20 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
23 /* Parts copied from GnuTLS example programs. */
32 #include <sys/types.h>
33 #include <sys/socket.h>
35 #include <netinet/in.h>
36 #include <arpa/inet.h>
38 #include <gnutls/gnutls.h>
44 /* A very basic TLS client, with PSK authentication.
48 #define MSG "Hello TLS"
54 gnutls_session_t session
;
55 char buffer
[MAX_BUF
+ 1];
56 gnutls_psk_client_credentials_t pskcred
;
57 /* Need to enable anonymous KX specifically. */
58 const int kx_prio
[] = { GNUTLS_KX_PSK
, 0 };
59 const gnutls_datum_t key
= { (char *) "DEADBEEF", 8 };
61 gnutls_global_init ();
63 gnutls_psk_allocate_client_credentials (&pskcred
);
64 gnutls_psk_set_client_credentials (pskcred
, "test", &key
,
67 /* Initialize TLS session
69 gnutls_init (&session
, GNUTLS_CLIENT
);
71 /* Use default priorities */
72 gnutls_set_default_priority (session
);
73 gnutls_kx_set_priority (session
, kx_prio
);
75 /* put the anonymous credentials to the current session
77 gnutls_credentials_set (session
, GNUTLS_CRD_PSK
, pskcred
);
79 /* connect to the peer
83 gnutls_transport_set_ptr (session
, (gnutls_transport_ptr_t
) sd
);
85 /* Perform the TLS handshake
87 ret
= gnutls_handshake (session
);
91 fail ("client: Handshake failed\n");
97 success ("client: Handshake was completed\n");
100 gnutls_record_send (session
, MSG
, strlen (MSG
));
102 ret
= gnutls_record_recv (session
, buffer
, MAX_BUF
);
105 success ("client: Peer has closed the TLS connection\n");
110 fail ("client: Error: %s\n", gnutls_strerror (ret
));
116 printf ("- Received %d bytes: ", ret
);
117 for (ii
= 0; ii
< ret
; ii
++)
119 fputc (buffer
[ii
], stdout
);
121 fputs ("\n", stdout
);
124 gnutls_bye (session
, GNUTLS_SHUT_RDWR
);
130 gnutls_deinit (session
);
132 gnutls_psk_free_client_credentials (pskcred
);
134 gnutls_global_deinit ();
137 /* This is a sample TLS 1.0 echo server, for PSK authentication.
140 #define SA struct sockaddr
142 #define PORT 5556 /* listen to 5556 port */
144 /* These are global */
145 gnutls_psk_server_credentials_t server_pskcred
;
147 static gnutls_session_t
148 initialize_tls_session (void)
150 gnutls_session_t session
;
151 const int kx_prio
[] = { GNUTLS_KX_PSK
, 0 };
153 gnutls_init (&session
, GNUTLS_SERVER
);
155 /* avoid calling all the priority functions, since the defaults
158 gnutls_set_default_priority (session
);
159 gnutls_kx_set_priority (session
, kx_prio
);
161 gnutls_credentials_set (session
, GNUTLS_CRD_PSK
, server_pskcred
);
167 pskfunc (gnutls_session_t session
, const char *username
, gnutls_datum_t
* key
)
169 printf ("psk: username %s\n", username
);
170 key
->data
= gnutls_malloc (4);
179 int err
, listen_sd
, i
;
181 struct sockaddr_in sa_serv
;
182 struct sockaddr_in sa_cli
;
185 gnutls_session_t session
;
186 char buffer
[MAX_BUF
+ 1];
192 success ("Launched...\n");
196 listen_sd
= socket (AF_INET
, SOCK_STREAM
, 0);
200 fail ("server: socket failed\n");
204 memset (&sa_serv
, '\0', sizeof (sa_serv
));
205 sa_serv
.sin_family
= AF_INET
;
206 sa_serv
.sin_addr
.s_addr
= INADDR_ANY
;
207 sa_serv
.sin_port
= htons (PORT
); /* Server Port number */
209 setsockopt (listen_sd
, SOL_SOCKET
, SO_REUSEADDR
, (void *) &optval
,
212 err
= bind (listen_sd
, (SA
*) & sa_serv
, sizeof (sa_serv
));
216 fail ("server: bind failed\n");
220 err
= listen (listen_sd
, 1024);
224 fail ("server: listen failed\n");
228 success ("server: ready. Listening to port '%d'.\n", PORT
);
234 /* this must be called once in the program
236 gnutls_global_init ();
238 gnutls_psk_allocate_server_credentials (&server_pskcred
);
239 gnutls_psk_set_server_credentials_function (server_pskcred
, pskfunc
);
241 client_len
= sizeof (sa_cli
);
243 session
= initialize_tls_session ();
245 sd
= accept (listen_sd
, (SA
*) & sa_cli
, &client_len
);
247 success ("server: connection from %s, port %d\n",
248 inet_ntop (AF_INET
, &sa_cli
.sin_addr
, topbuf
,
249 sizeof (topbuf
)), ntohs (sa_cli
.sin_port
));
251 gnutls_transport_set_ptr (session
, (gnutls_transport_ptr_t
) sd
);
252 ret
= gnutls_handshake (session
);
256 gnutls_deinit (session
);
257 fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret
));
260 success ("server: Handshake was completed\n");
262 /* see the Getting peer's information example */
263 /* print_info(session); */
268 memset (buffer
, 0, MAX_BUF
+ 1);
269 ret
= gnutls_record_recv (session
, buffer
, MAX_BUF
);
273 success ("server: Peer has closed the GNUTLS connection\n");
278 fail ("server: Received corrupted data(%d). Closing...\n", ret
);
283 /* echo data back to the client
285 gnutls_record_send (session
, buffer
, strlen (buffer
));
288 /* do not wait for the peer to close the connection.
290 gnutls_bye (session
, GNUTLS_SHUT_WR
);
293 gnutls_deinit (session
);
297 gnutls_psk_free_server_credentials (server_pskcred
);
299 gnutls_global_deinit ();
301 success ("server: finished\n");