search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
The test now works.
[gnutls.git] / tests / openpgpself.c
blob6d502b6664d1f27105d745fa081a660b83d55998
1 /*
2 * Copyright (C) 2004, 2005, 2006, 2007, 2008 Free Software Foundation
3 *
4 * Author: Simon Josefsson
5 *
6 * This file is part of GNUTLS.
7 *
8 * GNUTLS is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * GNUTLS is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with GNUTLS; if not, write to the Free Software Foundation,
20 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
21 */
22
23 /* Parts copied from GnuTLS example programs. */
24
25 #if HAVE_CONFIG_H
26 # include <config.h>
27 #endif
28
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32 #include <sys/types.h>
33 #include <netinet/in.h>
34 #include <sys/socket.h>
35 #include <sys/wait.h>
36 #include <arpa/inet.h>
37 #include <unistd.h>
38 #include <gnutls/gnutls.h>
39 #include <gnutls/openpgp.h>
40
41 #include "utils.h"
42
43 #include "ex-session-info.c"
44 #include "ex-x509-info.c"
45
46 pid_t child;
47
48 static void
49 tls_log_func (int level, const char *str)
50 {
51 fprintf (stderr, "%s |<%d>| %s", child ? "server" : "client", level, str);
52 }
53
54 /* A very basic TLS client, with anonymous authentication.
55 */
56
57 #define MAX_BUF 1024
58 #define MSG "Hello TLS"
59
60 /* Connects to the peer and returns a socket
61 * descriptor.
62 */
63 int
64 tcp_connect (void)
65 {
66 const char *PORT = "5556";
67 const char *SERVER = "127.0.0.1";
68 int err, sd;
69 struct sockaddr_in sa;
70
71 /* connects to server
72 */
73 sd = socket (AF_INET, SOCK_STREAM, 0);
74
75 memset (&sa, '\0', sizeof (sa));
76 sa.sin_family = AF_INET;
77 sa.sin_port = htons (atoi (PORT));
78 inet_pton (AF_INET, SERVER, &sa.sin_addr);
79
80 err = connect (sd, (struct sockaddr *) &sa, sizeof (sa));
81 if (err < 0)
82 {
83 fprintf (stderr, "Connect error\n");
84 exit (1);
85 }
86
87 return sd;
88 }
89
90 /* closes the given socket descriptor.
91 */
92 void
93 tcp_close (int sd)
94 {
95 shutdown (sd, SHUT_RDWR); /* no more receptions */
96 close (sd);
97 }
98
99 const char cert_txt[] =
100 "-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
101 "Version: GnuPG v1.0.6 (GNU/Linux)\n"
102 "Comment: For info see http://www.gnupg.org\n"
103 "\n"
104 "mQGiBDxnlY0RBACAsWUhi/goBvpvTBgL8fFPwBAuD04VYFEtC7+4pBp6kFsHjUR7\n"
105 "TTUkBsOk2PvMHrDdv0+C4x2CH8YGP1e+O0f2yLWk8Uu+kkF12yiqbbvDEiCdeJT6\n"
106 "c3vIstY8vJ9Jso5g/LB8Xggq88R7jXFS3hH+WC5v/6P6SARfzXl457cVewCgvxSf\n"
107 "Gsm9mFospJ0B3RGyg5MB0d8D/RQQryJCGdR2nLe4VfctPL2QBD/1XhtubqEbetaV\n"
108 "PxssqrJdA+eplBRT7UHokSBahM8gmSmNuSrLDujPfEtaMg6YIkB+Kq0VeJLE0cXT\n"
109 "ZIH29KJlI/qk1xG4K7D6B0cKaHC/L4BIoKcQLJzfTIPw3frS4jVeNaQZNHSVqZ8/\n"
110 "VmOMA/9rkNtccQ4RVd9WTFoHKvT4vfiISEOIzKGmcBY9Hymq7MCci3mNe4CDImkv\n"
111 "ZgnjDlJAM91CX1ODthPLBqvyhnMhhxDnaDl4Nh42uPMSr9JEW2IwoIbFne10ihGT\n"
112 "O4lBS1C28UfSGEMm/8JBMtxAjbYy3BYzUtCMA+bGBG6Voe5i5LQlRHIuIFdobyAo\n"
113 "Tm8gY29tbWVudHMpIDx3aG9Ad2hvaXMub3JnPohdBBMRAgAdBQI8Z5WNBQkDwmcA\n"
114 "BQsHCgMEAxUDAgMWAgECF4AACgkQNRRc6qfZPD+WWACfeJnLyfbpTDB7mDh3aATb\n"
115 "+0PXz28AoKRdApBVM6Bty+vWyXH6HfF6ZTj+\n"
116 "=m8dH\n"
117 "-----END PGP PUBLIC KEY BLOCK-----\n";
118 const gnutls_datum_t cert = { cert_txt, sizeof (cert_txt) };
119
120 const char key_txt[] =
121 "-----BEGIN PGP PRIVATE KEY BLOCK-----\n"
122 "Version: GnuPG v1.0.6 (GNU/Linux)\n"
123 "Comment: For info see http://www.gnupg.org\n"
124 "\n"
125 "lQG7BDxnlY0RBACAsWUhi/goBvpvTBgL8fFPwBAuD04VYFEtC7+4pBp6kFsHjUR7\n"
126 "TTUkBsOk2PvMHrDdv0+C4x2CH8YGP1e+O0f2yLWk8Uu+kkF12yiqbbvDEiCdeJT6\n"
127 "c3vIstY8vJ9Jso5g/LB8Xggq88R7jXFS3hH+WC5v/6P6SARfzXl457cVewCgvxSf\n"
128 "Gsm9mFospJ0B3RGyg5MB0d8D/RQQryJCGdR2nLe4VfctPL2QBD/1XhtubqEbetaV\n"
129 "PxssqrJdA+eplBRT7UHokSBahM8gmSmNuSrLDujPfEtaMg6YIkB+Kq0VeJLE0cXT\n"
130 "ZIH29KJlI/qk1xG4K7D6B0cKaHC/L4BIoKcQLJzfTIPw3frS4jVeNaQZNHSVqZ8/\n"
131 "VmOMA/9rkNtccQ4RVd9WTFoHKvT4vfiISEOIzKGmcBY9Hymq7MCci3mNe4CDImkv\n"
132 "ZgnjDlJAM91CX1ODthPLBqvyhnMhhxDnaDl4Nh42uPMSr9JEW2IwoIbFne10ihGT\n"
133 "O4lBS1C28UfSGEMm/8JBMtxAjbYy3BYzUtCMA+bGBG6Voe5i5AAAnjMCLPrxGdgE\n"
134 "I0xXdwCQ4Sh2diNECAj9JiM6RFNBX2ZhY3RvcjoAAK9cun7/j4AUMmdvIy5UMJph\n"
135 "A6eq6atP/SYjOkRTQV9mYWN0b3I6AACvVjUuomodmmyCggPHWdeVSzpX3ODEHf0m\n"
136 "IzpEU0FfZmFjdG9yOgAAr2Iv9H2aSH+vJKGYW/BO4ehQwwFck7u0JURyLiBXaG8g\n"
137 "KE5vIGNvbW1lbnRzKSA8d2hvQHdob2lzLm9yZz6IXQQTEQIAHQUCPGeVjQUJA8Jn\n"
138 "AAULBwoDBAMVAwIDFgIBAheAAAoJEDUUXOqn2Tw/llgAnjBPQdWxIqBCQGlcI2K/\n"
139 "gLkZR1ARAJ9kaAeJYERc0bV/vlm0ot7UDdr+bQ==\n"
140 "=4M0W\n"
141 "-----END PGP PRIVATE KEY BLOCK-----\n";
142 const gnutls_datum_t key = { key_txt, sizeof (key_txt) };
143
144 void
145 client (void)
146 {
147 int ret, sd, ii;
148 gnutls_session_t session;
149 char buffer[MAX_BUF + 1];
150 gnutls_certificate_credentials_t xcred;
151
152 gnutls_global_init ();
153
154 gnutls_global_set_log_function (tls_log_func);
155 gnutls_global_set_log_level (2);
156
157 gnutls_certificate_allocate_credentials (&xcred);
158
159 /* sets the trusted cas file
160 */
161 success ("Setting key files...\n");
162
163 ret = gnutls_certificate_set_openpgp_key_mem (xcred, &cert, &key,
164 GNUTLS_OPENPGP_FMT_BASE64);
165 if (ret < 0)
166 {
167 fail ("Could not set key files...\n");
168 }
169
170 /* Initialize TLS session
171 */
172 gnutls_init (&session, GNUTLS_CLIENT);
173
174 /* Use default priorities */
175 gnutls_set_default_priority (session);
176
177 /* put the x509 credentials to the current session
178 */
179 gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
180
181 /* connect to the peer
182 */
183 success ("Connecting...\n");
184 sd = tcp_connect ();
185
186 gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
187
188 /* Perform the TLS handshake
189 */
190 ret = gnutls_handshake (session);
191
192 if (ret < 0)
193 {
194 fail ("client: Handshake failed\n");
195 gnutls_perror (ret);
196 goto end;
197 }
198 else
199 {
200 success ("client: Handshake was completed\n");
201 }
202
203 success ("client: TLS version is: %s\n",
204 gnutls_protocol_get_name (gnutls_protocol_get_version (session)));
205
206 /* see the Getting peer's information example */
207 print_info(session);
208
209 gnutls_record_send (session, MSG, strlen (MSG));
210
211 ret = gnutls_record_recv (session, buffer, MAX_BUF);
212 if (ret == 0)
213 {
214 success ("client: Peer has closed the TLS connection\n");
215 goto end;
216 }
217 else if (ret < 0)
218 {
219 fail ("client: Error: %s\n", gnutls_strerror (ret));
220 goto end;
221 }
222
223 printf ("- Received %d bytes: ", ret);
224 for (ii = 0; ii < ret; ii++)
225 {
226 fputc (buffer[ii], stdout);
227 }
228 fputs ("\n", stdout);
229
230 gnutls_bye (session, GNUTLS_SHUT_RDWR);
231
232 end:
233
234 tcp_close (sd);
235
236 gnutls_deinit (session);
237
238 gnutls_certificate_free_credentials (xcred);
239
240 gnutls_global_deinit ();
241 }
242
243 /* This is a sample TLS 1.0 echo server, using X.509 authentication.
244 */
245
246 #define SA struct sockaddr
247 #define MAX_BUF 1024
248 #define PORT 5556 /* listen to 5556 port */
249 #define DH_BITS 1024
250
251 /* These are global */
252 gnutls_certificate_credentials_t pgp_cred;
253
254 gnutls_session_t
255 initialize_tls_session (void)
256 {
257 gnutls_session_t session;
258
259 gnutls_init (&session, GNUTLS_SERVER);
260
261 /* avoid calling all the priority functions, since the defaults
262 * are adequate.
263 */
264 gnutls_set_default_priority (session);
265
266 gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, pgp_cred);
267
268 /* request client certificate if any.
269 */
270 gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
271
272 gnutls_dh_set_prime_bits (session, DH_BITS);
273
274 return session;
275 }
276
277 static gnutls_dh_params_t dh_params;
278
279 static int
280 generate_dh_params (void)
281 {
282 const gnutls_datum_t p3 = { pkcs3, strlen (pkcs3) };
283 /* Generate Diffie Hellman parameters - for use with DHE
284 * kx algorithms. These should be discarded and regenerated
285 * once a day, once a week or once a month. Depending on the
286 * security requirements.
287 */
288 gnutls_dh_params_init (&dh_params);
289 return gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
290 }
291
292 int err, listen_sd, i;
293 int sd, ret;
294 struct sockaddr_in sa_serv;
295 struct sockaddr_in sa_cli;
296 int client_len;
297 char topbuf[512];
298 gnutls_session_t session;
299 char buffer[MAX_BUF + 1];
300 int optval = 1;
301
302 const char server_crt_txt[] =
303 "-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
304 "Version: GnuPG v1.4.6 (GNU/Linux)\n"
305 "\n"
306 "mNEER2PogwEGINdIR4u5PR4SwADWwj/ztgtoi7XVbmlfbQTHpBYFxTSC88pISSNy\n"
307 "V/rgnlqunYP77F7aHL4KUReN3v9sKw01xSGEfox/JmlqUUg6CVvTjdeLfkuVIBnH\n"
308 "j+2KMlaxezp7IxtPaTXpXcSf8iOuVq7UX7p6tKbppKXO5GgmfA88VUVvGBs1/PQp\n"
309 "WKQdGrj+6I3RRmDN/hna1jGU/N23230Hbx+bu7g9cviiSh10ri7rdDhVJ67tRkRG\n"
310 "Usy3XO6dWC7EmzZlEO8AEQEAAbQQdGVzdDMuZ251dGxzLm9yZ4kBAAQTAQIAJgUC\n"
311 "R2PogwIbAwUJCWYBgAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEKAh4/gImZBR\n"
312 "96QGH3E3zynETuQS3++hGMvMXq2mDJeT2e8964y/ifIOBpr2K2isuLYnrtGKyxi+\n"
313 "ZptyHv6ymR3bDvio50cjnoT/WK1onosOJvtijGBS+U/ooq3im7ExpeQYXc/zpYsX\n"
314 "OmB5m6BvdomUp2PMqdxsmOPoaRkSYx5R2Rlo/z3csodl6sp3k465Y/jg7L4gkxDz\n"
315 "XJM+CS1xMhcOF0gBhppqLnG67x0ow847Pydstzkw0sOqedkLPuScaHNnlAWQ7QH6\n"
316 "mbbpqHJwekS4jQRHiKV8AQQA0iZ81WXypLI4ZE2+hYfBCnfMVfQF/vPgvASxhwri\n"
317 "GDa9Zc2f/VfakfNiwZgHH6iCeppHBiP2jljnbuOsL6f1R+0FsnyTVwHbuEU7IU2y\n"
318 "+J0/s0z3wcx9sx8T7brP5z5F2hdagBsD9YFGCifHDAEew4mmAisY0i2QHVIuXJFj\n"
319 "4RMAEQEAAYkBhwQYAQIADwUCR4ilfAIbAgUJEOrPgACoCRCgIeP4CJmQUZ0gBBkB\n"
320 "AgAGBQJHiKV8AAoJEIN7b7QuD+F2AEcEAKAjhO9kSOE8UuwEOKlwsWL9LUUSkHJj\n"
321 "c/ca0asLAerzrHsldRAcwCbWkVxBBHySw2CLFjzpgdXhwRtsytMgHaapfAPbinAW\n"
322 "jCPIEJx2gDZeZnTgi4DVbZn5E3UzHGyL69MEoXr5t+vpiemQFd/nGD+h/Q2A76od\n"
323 "gvAryRvS1Soj8bcGHjUflayXGOSvaD8P2V5Vz0hS82QZcqWxD8qUBqbcB8atokmO\n"
324 "IYxhKyRmO58T5Ma+iaxBTUIwee+pBYDgdH6E2dh9xLlwwzZKaCcIRCQcObkLsMVo\n"
325 "fZJo+m0Xf8zI57NeQF+hXJhW7lIrWgQVr8IVp/lgo76acLHfL/t1n0Nhg4r2srz2\n"
326 "fpP2w5laQ0qImYLnZhGFHU+rJUyFaHfhD8/svN2LuZkO570pjV/K68EaHnEfk5b8\n"
327 "jWu/euohwcCwf20M1kTo3Bg=\n"
328 "=Xjon\n"
329 "-----END PGP PUBLIC KEY BLOCK-----\n";
330 const gnutls_datum_t server_crt = { server_crt_txt, sizeof (server_crt_txt) };
331
332 const char server_key_txt[] =
333 "-----BEGIN PGP PRIVATE KEY BLOCK-----\n"
334 "Version: GnuPG v1.4.6 (GNU/Linux)\n"
335 "\n"
336 "lQLGBEdj6IMBBiDXSEeLuT0eEsAA1sI/87YLaIu11W5pX20Ex6QWBcU0gvPKSEkj\n"
337 "clf64J5arp2D++xe2hy+ClEXjd7/bCsNNcUhhH6MfyZpalFIOglb043Xi35LlSAZ\n"
338 "x4/tijJWsXs6eyMbT2k16V3En/Ijrlau1F+6erSm6aSlzuRoJnwPPFVFbxgbNfz0\n"
339 "KVikHRq4/uiN0UZgzf4Z2tYxlPzdt9t9B28fm7u4PXL4okoddK4u63Q4VSeu7UZE\n"
340 "RlLMt1zunVguxJs2ZRDvABEBAAEABhwMx6crpb75ko5gXl9gsYSMj9O/YyCvU7Fi\n"
341 "l8FnZ0dKMz3qs7jXyFlttLjh1DzYkXN6PAN5yp3+wnbK/e5eVeNSdo2WpJOwrVWO\n"
342 "7pcQovHoKklAjmU98olaRhpv6BBTK+0tGUFaRrmrrYuz2xnwf3+kIpt4ahYW2dr9\n"
343 "B+/pvBSVC/sv2+3PEQSsXlWCYVgkQ7WBN4GQdyjjxhQpcWdf8Z6unx4zuS3s7GGM\n"
344 "4WaDxmDNCFlTGdrKPQeogtS3LVF9OiRCOvIlAxDmDvnC3zAwO/IvDUHFED9x9hmK\n"
345 "MeVwCg8rwDMptVYN2hm+bjNzjV4pimUVd+w7edjEky0Jd/6tTH01CBUWxs9Pfup2\n"
346 "cQ9zkYcVz1bwcoqeyRzFCJgi6PiVT38QFEvyusoVkwMQ747D6p7y+R52MEcIvcLb\n"
347 "lBXhRviz3rW+Sch4+ohUPvBU41saM5B6UcOmhdPfdvPriI4qXwFxusGWt98NN3aW\n"
348 "Ns2/L9kMX/SWnN6Elfj5hrrExDZ2CE60uuvfj+O/uXfO8LUDENE4vQrC399KLbJw\n"
349 "uCaqjqLysYA9EY/Nv8RFGkk1UM4ViW8v1/95D95F9WqochSYH8Phr3br0chDxofb\n"
350 "rnm6dUPE8uiriNaKWdoiUNSuvumh9lVixmRI923+4imu3scq+rlJAZ20EHRlc3Qz\n"
351 "LmdudXRscy5vcmeJAQAEEwECACYFAkdj6IMCGwMFCQlmAYAGCwkIBwMCBBUCCAME\n"
352 "FgIDAQIeAQIXgAAKCRCgIeP4CJmQUfekBh9xN88pxE7kEt/voRjLzF6tpgyXk9nv\n"
353 "PeuMv4nyDgaa9itorLi2J67RissYvmabch7+spkd2w74qOdHI56E/1itaJ6LDib7\n"
354 "YoxgUvlP6KKt4puxMaXkGF3P86WLFzpgeZugb3aJlKdjzKncbJjj6GkZEmMeUdkZ\n"
355 "aP893LKHZerKd5OOuWP44Oy+IJMQ81yTPgktcTIXDhdIAYaaai5xuu8dKMPOOz8n\n"
356 "bLc5MNLDqnnZCz7knGhzZ5QFkO0B+pm26ahycHpEnQHXBEeIpXwBBADSJnzVZfKk\n"
357 "sjhkTb6Fh8EKd8xV9AX+8+C8BLGHCuIYNr1lzZ/9V9qR82LBmAcfqIJ6mkcGI/aO\n"
358 "WOdu46wvp/VH7QWyfJNXAdu4RTshTbL4nT+zTPfBzH2zHxPtus/nPkXaF1qAGwP1\n"
359 "gUYKJ8cMAR7DiaYCKxjSLZAdUi5ckWPhEwARAQABAAP3QKGVoNi52HXEN3ttUCyB\n"
360 "Q1CDurh0MLDQoHomY3MGfI4VByk2YKMb2el4IJqyHrUbBYjTpHY31W2CSIdWfoTU\n"
361 "DIik49CQaUpR13dJXEiG4d+nyETFutEalTQI4hMjABD9l1XvZP7Ll3YWmqN8Cam5\n"
362 "JY23YAy2Noqbc3AcEut4+QIA1zcv8EU1QVqOwjSybRdm6HKK/A2bMqnITeUR/ikm\n"
363 "IuU4lhijm/d1qS6ZBehRvvYa9MY4V7BGEQLWSlyc5aYJ/wIA+fmRv0lHSs78QSUg\n"
364 "uRbNv6Aa6CXEOXmG+TpIaf/RWrPmBpdG8AROBVo1wmwG8oQaIjeX3RjKXfL3HTDD\n"
365 "CxNg7QIA06tApdo2j1gr3IrroUwQ7yvi56ELB1Lv+W3WLN8lzCfQ6Fs+7IJRrC2R\n"
366 "0uzLMGOsSORGAFIbAuLIMpc6rHCeS50hiQGHBBgBAgAPBQJHiKV8AhsCBQkQ6s+A\n"
367 "AKgJEKAh4/gImZBRnSAEGQECAAYFAkeIpXwACgkQg3tvtC4P4XYARwQAoCOE72RI\n"
368 "4TxS7AQ4qXCxYv0tRRKQcmNz9xrRqwsB6vOseyV1EBzAJtaRXEEEfJLDYIsWPOmB\n"
369 "1eHBG2zK0yAdpql8A9uKcBaMI8gQnHaANl5mdOCLgNVtmfkTdTMcbIvr0wShevm3\n"
370 "6+mJ6ZAV3+cYP6H9DYDvqh2C8CvJG9LVKiPxtwYeNR+VrJcY5K9oPw/ZXlXPSFLz\n"
371 "ZBlypbEPypQGptwHxq2iSY4hjGErJGY7nxPkxr6JrEFNQjB576kFgOB0foTZ2H3E\n"
372 "uXDDNkpoJwhEJBw5uQuwxWh9kmj6bRd/zMjns15AX6FcmFbuUitaBBWvwhWn+WCj\n"
373 "vppwsd8v+3WfQ2GDivayvPZ+k/bDmVpDSoiZgudmEYUdT6slTIVod+EPz+y83Yu5\n"
374 "mQ7nvSmNX8rrwRoecR+TlvyNa7966iHBwLB/bQzWROjcGA==\n"
375 "=mZnW\n"
376 "-----END PGP PRIVATE KEY BLOCK-----\n";
377 const gnutls_datum_t server_key = { server_key_txt, sizeof (server_key_txt) };
378
379 void
380 server_start (void)
381 {
382 /* this must be called once in the program
383 */
384 gnutls_global_init ();
385
386 gnutls_global_set_log_function (tls_log_func);
387 gnutls_global_set_log_level (2);
388
389 gnutls_certificate_allocate_credentials (&pgp_cred);
390
391 ret = gnutls_certificate_set_openpgp_key_mem2 (pgp_cred, &server_crt,
392 &server_key, "auto",
393 GNUTLS_OPENPGP_FMT_BASE64);
394 if (err < 0)
395 {
396 fail ("Could not set server key files...\n");
397 }
398
399 success ("Launched, setting DH parameters...\n");
400
401 generate_dh_params ();
402
403 gnutls_certificate_set_dh_params (pgp_cred, dh_params);
404
405 /* Socket operations
406 */
407 listen_sd = socket (AF_INET, SOCK_STREAM, 0);
408 if (err == -1)
409 {
410 perror ("socket");
411 fail ("server: socket failed\n");
412 return;
413 }
414
415 memset (&sa_serv, '\0', sizeof (sa_serv));
416 sa_serv.sin_family = AF_INET;
417 sa_serv.sin_addr.s_addr = INADDR_ANY;
418 sa_serv.sin_port = htons (PORT); /* Server Port number */
419
420 setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof (int));
421
422 err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
423 if (err == -1)
424 {
425 perror ("bind");
426 fail ("server: bind failed\n");
427 return;
428 }
429
430 err = listen (listen_sd, 1024);
431 if (err == -1)
432 {
433 perror ("listen");
434 fail ("server: listen failed\n");
435 return;
436 }
437
438 success ("server: ready. Listening to port '%d'.\n", PORT);
439 }
440
441 void
442 server (void)
443 {
444 client_len = sizeof (sa_cli);
445
446 session = initialize_tls_session ();
447
448 sd = accept (listen_sd, (SA *) & sa_cli, &client_len);
449
450 success ("server: connection from %s, port %d\n",
451 inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf,
452 sizeof (topbuf)), ntohs (sa_cli.sin_port));
453
454 gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
455 ret = gnutls_handshake (session);
456 if (ret < 0)
457 {
458 close (sd);
459 gnutls_deinit (session);
460 fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret));
461 return;
462 }
463 success ("server: Handshake was completed\n");
464
465 success ("server: TLS version is: %s\n",
466 gnutls_protocol_get_name (gnutls_protocol_get_version (session)));
467
468 /* see the Getting peer's information example */
469 print_info(session);
470
471 i = 0;
472 for (;;)
473 {
474 bzero (buffer, MAX_BUF + 1);
475 ret = gnutls_record_recv (session, buffer, MAX_BUF);
476
477 if (ret == 0)
478 {
479 success ("server: Peer has closed the GNUTLS connection\n");
480 break;
481 }
482 else if (ret < 0)
483 {
484 fail ("server: Received corrupted data(%d). Closing...\n", ret);
485 break;
486 }
487 else if (ret > 0)
488 {
489 /* echo data back to the client
490 */
491 gnutls_record_send (session, buffer, strlen (buffer));
492 }
493 }
494 /* do not wait for the peer to close the connection.
495 */
496 gnutls_bye (session, GNUTLS_SHUT_WR);
497
498 close (sd);
499 gnutls_deinit (session);
500
501 close (listen_sd);
502
503 gnutls_certificate_free_credentials (pgp_cred);
504
505 gnutls_global_deinit ();
506
507 success ("server: finished\n");
508 }
509
510
511 void
512 doit (void)
513 {
514 server_start ();
515 if (error_count)
516 return;
517
518 child = fork ();
519 if (child < 0)
520 {
521 perror ("fork");
522 fail ("fork");
523 return;
524 }
525
526 if (child)
527 {
528 int status;
529 /* parent */
530 server ();
531 wait (&status);
532 }
533 else
534 client ();
535 }
Implementation of the SSL/TLS protocol