search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix dangling/unused bindings in `(gnutls)'.
[gnutls.git] / tests / anonself.c
blob4b940ecd8fc5babec11a7d5a21bbb6d68dfcdc18
1 /*
2 * Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation
3 *
4 * Author: Simon Josefsson
5 *
6 * This file is part of GNUTLS.
7 *
8 * GNUTLS is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * GNUTLS is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with GNUTLS; if not, write to the Free Software Foundation,
20 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
21 */
22
23 /* Parts copied from GnuTLS example programs. */
24
25 #if HAVE_CONFIG_H
26 # include <config.h>
27 #endif
28
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32 #include <sys/types.h>
33 #include <netinet/in.h>
34 #include <sys/socket.h>
35 #include <sys/wait.h>
36 #include <arpa/inet.h>
37 #include <unistd.h>
38 #include <gnutls/gnutls.h>
39
40 #include "utils.h"
41
42 static void
43 tls_log_func (int level, const char *str)
44 {
45 fprintf (stderr, "|<%d>| %s", level, str);
46 }
47
48 /* A very basic TLS client, with anonymous authentication.
49 */
50
51 #define MAX_BUF 1024
52 #define MSG "Hello TLS"
53
54 /* Connects to the peer and returns a socket
55 * descriptor.
56 */
57 int
58 tcp_connect (void)
59 {
60 const char *PORT = "5556";
61 const char *SERVER = "127.0.0.1";
62 int err, sd;
63 struct sockaddr_in sa;
64
65 /* connects to server
66 */
67 sd = socket (AF_INET, SOCK_STREAM, 0);
68
69 memset (&sa, '\0', sizeof (sa));
70 sa.sin_family = AF_INET;
71 sa.sin_port = htons (atoi (PORT));
72 inet_pton (AF_INET, SERVER, &sa.sin_addr);
73
74 err = connect (sd, (struct sockaddr *) &sa, sizeof (sa));
75 if (err < 0)
76 {
77 fprintf (stderr, "Connect error\n");
78 exit (1);
79 }
80
81 return sd;
82 }
83
84 /* closes the given socket descriptor.
85 */
86 void
87 tcp_close (int sd)
88 {
89 shutdown (sd, SHUT_RDWR); /* no more receptions */
90 close (sd);
91 }
92
93 void
94 client (void)
95 {
96 int ret, sd, ii;
97 gnutls_session_t session;
98 char buffer[MAX_BUF + 1];
99 gnutls_anon_client_credentials_t anoncred;
100 /* Need to enable anonymous KX specifically. */
101 const int kx_prio[] = { GNUTLS_KX_ANON_DH, 0 };
102
103 gnutls_global_init ();
104
105 gnutls_global_set_log_function (tls_log_func);
106 gnutls_global_set_log_level (4711);
107
108 gnutls_anon_allocate_client_credentials (&anoncred);
109
110 /* Initialize TLS session
111 */
112 gnutls_init (&session, GNUTLS_CLIENT);
113
114 /* Use default priorities */
115 gnutls_set_default_priority (session);
116 gnutls_kx_set_priority (session, kx_prio);
117
118 /* put the anonymous credentials to the current session
119 */
120 gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
121
122 /* connect to the peer
123 */
124 sd = tcp_connect ();
125
126 gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
127
128 /* Perform the TLS handshake
129 */
130 ret = gnutls_handshake (session);
131
132 if (ret < 0)
133 {
134 fail ("client: Handshake failed\n");
135 gnutls_perror (ret);
136 goto end;
137 }
138 else
139 {
140 success ("client: Handshake was completed\n");
141 }
142
143 success ("client: TLS version is: %s\n",
144 gnutls_protocol_get_name (gnutls_protocol_get_version (session)));
145
146 gnutls_record_send (session, MSG, strlen (MSG));
147
148 ret = gnutls_record_recv (session, buffer, MAX_BUF);
149 if (ret == 0)
150 {
151 success ("client: Peer has closed the TLS connection\n");
152 goto end;
153 }
154 else if (ret < 0)
155 {
156 fail ("client: Error: %s\n", gnutls_strerror (ret));
157 goto end;
158 }
159
160 printf ("- Received %d bytes: ", ret);
161 for (ii = 0; ii < ret; ii++)
162 {
163 fputc (buffer[ii], stdout);
164 }
165 fputs ("\n", stdout);
166
167 gnutls_bye (session, GNUTLS_SHUT_RDWR);
168
169 end:
170
171 tcp_close (sd);
172
173 gnutls_deinit (session);
174
175 gnutls_anon_free_client_credentials (anoncred);
176
177 gnutls_global_deinit ();
178 }
179
180 /* This is a sample TLS 1.0 echo server, for anonymous authentication only.
181 */
182
183 #define SA struct sockaddr
184 #define MAX_BUF 1024
185 #define PORT 5556 /* listen to 5556 port */
186 #define DH_BITS 1024
187
188 /* These are global */
189 gnutls_anon_server_credentials_t anoncred;
190
191 gnutls_session_t
192 initialize_tls_session (void)
193 {
194 gnutls_session_t session;
195 const int kx_prio[] = { GNUTLS_KX_ANON_DH, 0 };
196
197 gnutls_init (&session, GNUTLS_SERVER);
198
199 /* avoid calling all the priority functions, since the defaults
200 * are adequate.
201 */
202 gnutls_set_default_priority (session);
203 gnutls_kx_set_priority (session, kx_prio);
204
205 gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
206
207 gnutls_dh_set_prime_bits (session, DH_BITS);
208
209 return session;
210 }
211
212 static gnutls_dh_params_t dh_params;
213
214 static int
215 generate_dh_params (void)
216 {
217 const gnutls_datum_t p3 = { pkcs3, strlen (pkcs3) };
218 /* Generate Diffie Hellman parameters - for use with DHE
219 * kx algorithms. These should be discarded and regenerated
220 * once a day, once a week or once a month. Depending on the
221 * security requirements.
222 */
223 gnutls_dh_params_init (&dh_params);
224 return gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
225 }
226
227 int err, listen_sd, i;
228 int sd, ret;
229 struct sockaddr_in sa_serv;
230 struct sockaddr_in sa_cli;
231 int client_len;
232 char topbuf[512];
233 gnutls_session_t session;
234 char buffer[MAX_BUF + 1];
235 int optval = 1;
236
237 void
238 server_start (void)
239 {
240 /* this must be called once in the program
241 */
242 gnutls_global_init ();
243
244 gnutls_global_set_log_function (tls_log_func);
245 gnutls_global_set_log_level (4711);
246
247 gnutls_anon_allocate_server_credentials (&anoncred);
248
249 success ("Launched, generating DH parameters...\n");
250
251 generate_dh_params ();
252
253 gnutls_anon_set_server_dh_params (anoncred, dh_params);
254
255 /* Socket operations
256 */
257 listen_sd = socket (AF_INET, SOCK_STREAM, 0);
258 if (err == -1)
259 {
260 perror ("socket");
261 fail ("server: socket failed\n");
262 return;
263 }
264
265 memset (&sa_serv, '\0', sizeof (sa_serv));
266 sa_serv.sin_family = AF_INET;
267 sa_serv.sin_addr.s_addr = INADDR_ANY;
268 sa_serv.sin_port = htons (PORT); /* Server Port number */
269
270 setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof (int));
271
272 err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
273 if (err == -1)
274 {
275 perror ("bind");
276 fail ("server: bind failed\n");
277 return;
278 }
279
280 err = listen (listen_sd, 1024);
281 if (err == -1)
282 {
283 perror ("listen");
284 fail ("server: listen failed\n");
285 return;
286 }
287
288 success ("server: ready. Listening to port '%d'.\n", PORT);
289 }
290
291 void
292 server (void)
293 {
294 client_len = sizeof (sa_cli);
295
296 session = initialize_tls_session ();
297
298 sd = accept (listen_sd, (SA *) & sa_cli, &client_len);
299
300 success ("server: connection from %s, port %d\n",
301 inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf,
302 sizeof (topbuf)), ntohs (sa_cli.sin_port));
303
304 gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
305 ret = gnutls_handshake (session);
306 if (ret < 0)
307 {
308 close (sd);
309 gnutls_deinit (session);
310 fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret));
311 return;
312 }
313 success ("server: Handshake was completed\n");
314
315 success ("server: TLS version is: %s\n",
316 gnutls_protocol_get_name (gnutls_protocol_get_version (session)));
317
318 /* see the Getting peer's information example */
319 /* print_info(session); */
320
321 i = 0;
322 for (;;)
323 {
324 bzero (buffer, MAX_BUF + 1);
325 ret = gnutls_record_recv (session, buffer, MAX_BUF);
326
327 if (ret == 0)
328 {
329 success ("server: Peer has closed the GNUTLS connection\n");
330 break;
331 }
332 else if (ret < 0)
333 {
334 fail ("server: Received corrupted data(%d). Closing...\n", ret);
335 break;
336 }
337 else if (ret > 0)
338 {
339 /* echo data back to the client
340 */
341 gnutls_record_send (session, buffer, strlen (buffer));
342 }
343 }
344 /* do not wait for the peer to close the connection.
345 */
346 gnutls_bye (session, GNUTLS_SHUT_WR);
347
348 close (sd);
349 gnutls_deinit (session);
350
351 close (listen_sd);
352
353 gnutls_anon_free_server_credentials (anoncred);
354
355 gnutls_global_deinit ();
356
357 success ("server: finished\n");
358 }
359
360 void
361 doit (void)
362 {
363 pid_t child;
364
365 server_start ();
366 if (error_count)
367 return;
368
369 child = fork ();
370 if (child < 0)
371 {
372 perror ("fork");
373 fail ("fork");
374 return;
375 }
376
377 if (child)
378 {
379 int status;
380 /* parent */
381 server ();
382 wait (&status);
383 }
384 else
385 client ();
386 }
Implementation of the SSL/TLS protocol