2 * Copyright (C) 2004, 2005, 2008, 2010 Free Software Foundation, Inc.
4 * Author: Simon Josefsson
6 * This file is part of GnuTLS.
8 * GnuTLS is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuTLS is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with GnuTLS; if not, write to the Free Software Foundation,
20 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
23 /* Parts copied from GnuTLS example programs. */
32 #include <sys/types.h>
34 #include <sys/socket.h>
36 #include <netinet/in.h>
37 #include <arpa/inet.h>
40 #include <gnutls/gnutls.h>
46 /* A very basic TLS client, with PSK authentication.
50 #define MSG "Hello TLS"
56 gnutls_session_t session
;
57 char buffer
[MAX_BUF
+ 1];
58 gnutls_psk_client_credentials_t pskcred
;
59 /* Need to enable anonymous KX specifically. */
60 const gnutls_datum_t key
= { (char *) "DEADBEEF", 8 };
62 gnutls_global_init ();
64 gnutls_psk_allocate_client_credentials (&pskcred
);
65 gnutls_psk_set_client_credentials (pskcred
, "test", &key
,
68 /* Initialize TLS session
70 gnutls_init (&session
, GNUTLS_CLIENT
);
72 /* Use default priorities */
73 gnutls_priority_set_direct (session
, "NORMAL:+PSK", NULL
);
75 /* put the anonymous credentials to the current session
77 gnutls_credentials_set (session
, GNUTLS_CRD_PSK
, pskcred
);
79 /* connect to the peer
83 gnutls_transport_set_ptr (session
, (gnutls_transport_ptr_t
) sd
);
85 /* Perform the TLS handshake
87 ret
= gnutls_handshake (session
);
91 fail ("client: Handshake failed\n");
98 success ("client: Handshake was completed\n");
101 gnutls_record_send (session
, MSG
, strlen (MSG
));
103 ret
= gnutls_record_recv (session
, buffer
, MAX_BUF
);
107 success ("client: Peer has closed the TLS connection\n");
112 fail ("client: Error: %s\n", gnutls_strerror (ret
));
118 printf ("- Received %d bytes: ", ret
);
119 for (ii
= 0; ii
< ret
; ii
++)
121 fputc (buffer
[ii
], stdout
);
123 fputs ("\n", stdout
);
126 gnutls_bye (session
, GNUTLS_SHUT_RDWR
);
132 gnutls_deinit (session
);
134 gnutls_psk_free_client_credentials (pskcred
);
136 gnutls_global_deinit ();
139 /* This is a sample TLS 1.0 echo server, for PSK authentication.
142 #define SA struct sockaddr
144 #define PORT 5556 /* listen to 5556 port */
146 /* These are global */
147 gnutls_psk_server_credentials_t server_pskcred
;
149 static gnutls_session_t
150 initialize_tls_session (void)
152 gnutls_session_t session
;
154 gnutls_init (&session
, GNUTLS_SERVER
);
156 /* avoid calling all the priority functions, since the defaults
159 gnutls_priority_set_direct (session
, "NORMAL:+PSK", NULL
);
161 gnutls_credentials_set (session
, GNUTLS_CRD_PSK
, server_pskcred
);
167 pskfunc (gnutls_session_t session
, const char *username
, gnutls_datum_t
* key
)
170 printf ("psk: username %s\n", username
);
171 key
->data
= gnutls_malloc (4);
180 int err
, listen_sd
, i
;
182 struct sockaddr_in sa_serv
;
183 struct sockaddr_in sa_cli
;
186 gnutls_session_t session
;
187 char buffer
[MAX_BUF
+ 1];
194 success ("Launched...\n");
198 listen_sd
= socket (AF_INET
, SOCK_STREAM
, 0);
202 fail ("server: socket failed\n");
206 memset (&sa_serv
, '\0', sizeof (sa_serv
));
207 sa_serv
.sin_family
= AF_INET
;
208 sa_serv
.sin_addr
.s_addr
= INADDR_ANY
;
209 sa_serv
.sin_port
= htons (PORT
); /* Server Port number */
211 setsockopt (listen_sd
, SOL_SOCKET
, SO_REUSEADDR
, (void *) &optval
,
214 err
= bind (listen_sd
, (SA
*) & sa_serv
, sizeof (sa_serv
));
218 fail ("server: bind failed\n");
222 err
= listen (listen_sd
, 1024);
226 fail ("server: listen failed\n");
231 success ("server: ready. Listening to port '%d'.\n", PORT
);
237 /* this must be called once in the program
239 gnutls_global_init ();
241 gnutls_psk_allocate_server_credentials (&server_pskcred
);
242 gnutls_psk_set_server_credentials_function (server_pskcred
, pskfunc
);
244 client_len
= sizeof (sa_cli
);
246 session
= initialize_tls_session ();
248 sd
= accept (listen_sd
, (SA
*) & sa_cli
, &client_len
);
251 success ("server: connection from %s, port %d\n",
252 inet_ntop (AF_INET
, &sa_cli
.sin_addr
, topbuf
,
253 sizeof (topbuf
)), ntohs (sa_cli
.sin_port
));
255 gnutls_transport_set_ptr (session
, (gnutls_transport_ptr_t
) sd
);
256 ret
= gnutls_handshake (session
);
260 gnutls_deinit (session
);
261 fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret
));
265 success ("server: Handshake was completed\n");
267 /* see the Getting peer's information example */
268 /* print_info(session); */
273 memset (buffer
, 0, MAX_BUF
+ 1);
274 ret
= gnutls_record_recv (session
, buffer
, MAX_BUF
);
279 success ("server: Peer has closed the GnuTLS connection\n");
284 fail ("server: Received corrupted data(%d). Closing...\n", ret
);
289 /* echo data back to the client
291 gnutls_record_send (session
, buffer
, strlen (buffer
));
294 /* do not wait for the peer to close the connection.
296 gnutls_bye (session
, GNUTLS_SHUT_WR
);
299 gnutls_deinit (session
);
303 gnutls_psk_free_server_credentials (server_pskcred
);
305 gnutls_global_deinit ();
308 success ("server: finished\n");