2 #include <netinet/in.h>
8 #include <sys/socket.h>
10 #include <sys/types.h>
13 #include <polarssl/ssl.h>
14 #include <polarssl/entropy.h>
15 #include <polarssl/ctr_drbg.h>
22 ctr_drbg_context ctr_drbg
;
26 static int ps_send(void *ctx
, const unsigned char *buf
, size_t len
)
28 return write(*(int *) ctx
, buf
, len
);
31 static int ps_recv(void *ctx
, unsigned char *buf
, size_t len
)
33 return read(*(int *) ctx
, buf
, len
);
36 int conn_read(struct conn
*conn
, char *buf
, int len
)
39 return ssl_read(&conn
->ssl
, (unsigned char *) buf
, len
);
40 return read(conn
->fd
, buf
, len
);
43 int conn_write(struct conn
*conn
, char *buf
, int len
)
46 return ssl_write(&conn
->ssl
, (unsigned char *) buf
, len
);
47 return write(conn
->fd
, buf
, len
);
50 int conn_tls(struct conn
*conn
, char *certfile
)
52 entropy_context entropy
;
53 entropy_init(&entropy
);
54 ctr_drbg_init(&conn
->ctr_drbg
, entropy_func
, &entropy
, NULL
, 0);
55 if (ssl_init(&conn
->ssl
))
57 ssl_set_endpoint(&conn
->ssl
, SSL_IS_CLIENT
);
59 x509_crt_parse_file(&conn
->cert
, certfile
);
60 ssl_set_ca_chain(&conn
->ssl
, &conn
->cert
, NULL
, NULL
);
61 ssl_set_authmode(&conn
->ssl
, SSL_VERIFY_REQUIRED
);
63 ssl_set_authmode(&conn
->ssl
, SSL_VERIFY_NONE
);
65 ssl_set_rng(&conn
->ssl
, ctr_drbg_random
, &conn
->ctr_drbg
);
66 ssl_set_bio(&conn
->ssl
, ps_recv
, &conn
->fd
, ps_send
, &conn
->fd
);
67 ssl_set_ciphersuites(&conn
->ssl
, ssl_list_ciphersuites());
68 ssl_set_session(&conn
->ssl
, &conn
->ssn
);
70 return ssl_handshake(&conn
->ssl
);
73 struct conn
*conn_connect(char *addr
, char *port
, char *certfile
)
75 struct addrinfo hints
, *addrinfo
;
79 memset(&hints
, 0, sizeof(hints
));
80 hints
.ai_family
= AF_UNSPEC
;
81 hints
.ai_socktype
= SOCK_STREAM
;
82 hints
.ai_flags
= AI_PASSIVE
;
84 if (getaddrinfo(addr
, port
, &hints
, &addrinfo
))
86 fd
= socket(addrinfo
->ai_family
, addrinfo
->ai_socktype
,
87 addrinfo
->ai_protocol
);
89 if (connect(fd
, addrinfo
->ai_addr
, addrinfo
->ai_addrlen
) == -1) {
91 freeaddrinfo(addrinfo
);
94 freeaddrinfo(addrinfo
);
96 conn
= malloc(sizeof(*conn
));
97 memset(conn
, 0, sizeof(*conn
));
102 int conn_close(struct conn
*conn
)
105 ssl_close_notify(&conn
->ssl
);
106 x509_crt_free(&conn
->cert
);
107 ssl_free(&conn
->ssl
);