search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Drop AC_CANONICAL_TARGET, unused.
[gnutls.git] / tests / anonself.c
blob1341a4845800b73a9e79a823c70125905e283636
1 /*
2 * Copyright (C) 2004, 2005, 2006, 2007, 2008 Free Software Foundation
3 *
4 * Author: Simon Josefsson
5 *
6 * This file is part of GNUTLS.
7 *
8 * GNUTLS is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * GNUTLS is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with GNUTLS; if not, write to the Free Software Foundation,
20 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
21 */
22
23 /* Parts copied from GnuTLS example programs. */
24
25 #if HAVE_CONFIG_H
26 # include <config.h>
27 #endif
28
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32 #include <sys/types.h>
33 #include <netinet/in.h>
34 #include <sys/socket.h>
35 #include <sys/wait.h>
36 #include <arpa/inet.h>
37 #include <unistd.h>
38 #include <gnutls/gnutls.h>
39
40 #include "utils.h"
41
42 static void
43 tls_log_func (int level, const char *str)
44 {
45 fprintf (stderr, "|<%d>| %s", level, str);
46 }
47
48 /* A very basic TLS client, with anonymous authentication.
49 */
50
51 #define MAX_BUF 1024
52 #define MSG "Hello TLS"
53
54 /* Connects to the peer and returns a socket
55 * descriptor.
56 */
57 int
58 tcp_connect (void)
59 {
60 const char *PORT = "5556";
61 const char *SERVER = "127.0.0.1";
62 int err, sd;
63 struct sockaddr_in sa;
64
65 /* connects to server
66 */
67 sd = socket (AF_INET, SOCK_STREAM, 0);
68
69 memset (&sa, '\0', sizeof (sa));
70 sa.sin_family = AF_INET;
71 sa.sin_port = htons (atoi (PORT));
72 inet_pton (AF_INET, SERVER, &sa.sin_addr);
73
74 err = connect (sd, (struct sockaddr *) &sa, sizeof (sa));
75 if (err < 0)
76 {
77 fprintf (stderr, "Connect error\n");
78 exit (1);
79 }
80
81 return sd;
82 }
83
84 /* closes the given socket descriptor.
85 */
86 void
87 tcp_close (int sd)
88 {
89 shutdown (sd, SHUT_RDWR); /* no more receptions */
90 close (sd);
91 }
92
93 void
94 client (void)
95 {
96 int ret, sd, ii;
97 gnutls_session_t session;
98 char buffer[MAX_BUF + 1];
99 gnutls_anon_client_credentials_t anoncred;
100 /* Need to enable anonymous KX specifically. */
101 const int kx_prio[] = { GNUTLS_KX_ANON_DH, 0 };
102
103 gnutls_global_init ();
104
105 gnutls_global_set_log_function (tls_log_func);
106 if (debug)
107 gnutls_global_set_log_level (4711);
108
109 gnutls_anon_allocate_client_credentials (&anoncred);
110
111 /* Initialize TLS session
112 */
113 gnutls_init (&session, GNUTLS_CLIENT);
114
115 /* Use default priorities */
116 gnutls_set_default_priority (session);
117 gnutls_kx_set_priority (session, kx_prio);
118
119 /* put the anonymous credentials to the current session
120 */
121 gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
122
123 /* connect to the peer
124 */
125 sd = tcp_connect ();
126
127 gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
128
129 /* Perform the TLS handshake
130 */
131 ret = gnutls_handshake (session);
132
133 if (ret < 0)
134 {
135 fail ("client: Handshake failed\n");
136 gnutls_perror (ret);
137 goto end;
138 }
139 else
140 {
141 success ("client: Handshake was completed\n");
142 }
143
144 success ("client: TLS version is: %s\n",
145 gnutls_protocol_get_name (gnutls_protocol_get_version (session)));
146
147 gnutls_record_send (session, MSG, strlen (MSG));
148
149 ret = gnutls_record_recv (session, buffer, MAX_BUF);
150 if (ret == 0)
151 {
152 success ("client: Peer has closed the TLS connection\n");
153 goto end;
154 }
155 else if (ret < 0)
156 {
157 fail ("client: Error: %s\n", gnutls_strerror (ret));
158 goto end;
159 }
160
161 printf ("- Received %d bytes: ", ret);
162 for (ii = 0; ii < ret; ii++)
163 {
164 fputc (buffer[ii], stdout);
165 }
166 fputs ("\n", stdout);
167
168 gnutls_bye (session, GNUTLS_SHUT_RDWR);
169
170 end:
171
172 tcp_close (sd);
173
174 gnutls_deinit (session);
175
176 gnutls_anon_free_client_credentials (anoncred);
177
178 gnutls_global_deinit ();
179 }
180
181 /* This is a sample TLS 1.0 echo server, for anonymous authentication only.
182 */
183
184 #define SA struct sockaddr
185 #define MAX_BUF 1024
186 #define PORT 5556 /* listen to 5556 port */
187 #define DH_BITS 1024
188
189 /* These are global */
190 gnutls_anon_server_credentials_t anoncred;
191
192 gnutls_session_t
193 initialize_tls_session (void)
194 {
195 gnutls_session_t session;
196 const int kx_prio[] = { GNUTLS_KX_ANON_DH, 0 };
197
198 gnutls_init (&session, GNUTLS_SERVER);
199
200 /* avoid calling all the priority functions, since the defaults
201 * are adequate.
202 */
203 gnutls_set_default_priority (session);
204 gnutls_kx_set_priority (session, kx_prio);
205
206 gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
207
208 gnutls_dh_set_prime_bits (session, DH_BITS);
209
210 return session;
211 }
212
213 static gnutls_dh_params_t dh_params;
214
215 static int
216 generate_dh_params (void)
217 {
218 const gnutls_datum_t p3 = { pkcs3, strlen (pkcs3) };
219 /* Generate Diffie Hellman parameters - for use with DHE
220 * kx algorithms. These should be discarded and regenerated
221 * once a day, once a week or once a month. Depending on the
222 * security requirements.
223 */
224 gnutls_dh_params_init (&dh_params);
225 return gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
226 }
227
228 int err, listen_sd, i;
229 int sd, ret;
230 struct sockaddr_in sa_serv;
231 struct sockaddr_in sa_cli;
232 int client_len;
233 char topbuf[512];
234 gnutls_session_t session;
235 char buffer[MAX_BUF + 1];
236 int optval = 1;
237
238 void
239 server_start (void)
240 {
241 /* Socket operations
242 */
243 listen_sd = socket (AF_INET, SOCK_STREAM, 0);
244 if (err == -1)
245 {
246 perror ("socket");
247 fail ("server: socket failed\n");
248 return;
249 }
250
251 memset (&sa_serv, '\0', sizeof (sa_serv));
252 sa_serv.sin_family = AF_INET;
253 sa_serv.sin_addr.s_addr = INADDR_ANY;
254 sa_serv.sin_port = htons (PORT); /* Server Port number */
255
256 setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof (int));
257
258 err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
259 if (err == -1)
260 {
261 perror ("bind");
262 fail ("server: bind failed\n");
263 return;
264 }
265
266 err = listen (listen_sd, 1024);
267 if (err == -1)
268 {
269 perror ("listen");
270 fail ("server: listen failed\n");
271 return;
272 }
273
274 success ("server: ready. Listening to port '%d'.\n", PORT);
275 }
276
277 void
278 server (void)
279 {
280 /* this must be called once in the program
281 */
282 gnutls_global_init ();
283
284 gnutls_global_set_log_function (tls_log_func);
285 if (debug)
286 gnutls_global_set_log_level (4711);
287
288 gnutls_anon_allocate_server_credentials (&anoncred);
289
290 success ("Launched, generating DH parameters...\n");
291
292 generate_dh_params ();
293
294 gnutls_anon_set_server_dh_params (anoncred, dh_params);
295
296 client_len = sizeof (sa_cli);
297
298 session = initialize_tls_session ();
299
300 sd = accept (listen_sd, (SA *) & sa_cli, &client_len);
301
302 success ("server: connection from %s, port %d\n",
303 inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf,
304 sizeof (topbuf)), ntohs (sa_cli.sin_port));
305
306 gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
307 ret = gnutls_handshake (session);
308 if (ret < 0)
309 {
310 close (sd);
311 gnutls_deinit (session);
312 fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret));
313 return;
314 }
315 success ("server: Handshake was completed\n");
316
317 success ("server: TLS version is: %s\n",
318 gnutls_protocol_get_name (gnutls_protocol_get_version (session)));
319
320 /* see the Getting peer's information example */
321 /* print_info(session); */
322
323 i = 0;
324 for (;;)
325 {
326 bzero (buffer, MAX_BUF + 1);
327 ret = gnutls_record_recv (session, buffer, MAX_BUF);
328
329 if (ret == 0)
330 {
331 success ("server: Peer has closed the GNUTLS connection\n");
332 break;
333 }
334 else if (ret < 0)
335 {
336 fail ("server: Received corrupted data(%d). Closing...\n", ret);
337 break;
338 }
339 else if (ret > 0)
340 {
341 /* echo data back to the client
342 */
343 gnutls_record_send (session, buffer, strlen (buffer));
344 }
345 }
346 /* do not wait for the peer to close the connection.
347 */
348 gnutls_bye (session, GNUTLS_SHUT_WR);
349
350 close (sd);
351 gnutls_deinit (session);
352
353 close (listen_sd);
354
355 gnutls_anon_free_server_credentials (anoncred);
356
357 gnutls_dh_params_deinit (dh_params);
358
359 gnutls_global_deinit ();
360
361 success ("server: finished\n");
362 }
363
364 void
365 doit (void)
366 {
367 pid_t child;
368
369 server_start ();
370 if (error_count)
371 return;
372
373 child = fork ();
374 if (child < 0)
375 {
376 perror ("fork");
377 fail ("fork");
378 return;
379 }
380
381 if (child)
382 {
383 int status;
384 /* parent */
385 server ();
386 wait (&status);
387 }
388 else
389 client ();
390 }
Implementation of the SSL/TLS protocol