search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
purple: take renamed API 3.x.x headers in use
[siplcs.git] / src / core / sipe-tls-tester.c
blob31db061700bfb5bb92a1d00a51eb2e31ac7fd11f
1 /**
2 * @file sipe-tls-tester.c
3 *
4 * pidgin-sipe
5 *
6 * Copyright (C) 2011-12 SIPE Project <http://sipe.sourceforge.net/>
7 *
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 *
23 *
24 * TLS handshake implementation (sipe-tls.c) tester
25 *
26 * Example test setup using OpenSSL:
27 *
28 * - Setting up the server certificate:
29 *
30 * $ openssl req -new -keyout server.pem -out server.req
31 * $ openssl x509 -req -in server.req -signkey server.pem -out server.cert
32 *
33 * - Running the test server in one shell with same parameters used by Lync:
34 *
35 * $ openssl s_server -accept 8443 -debug -msg \
36 * -cert server.cert -key server.pem \
37 * -tls1 -verify 0 -cipher RC4-SHA
38 *
39 * - Running the test program in another shell:
40 *
41 * $ sipe_tls_tester
42 *
43 * You can add <host>[:<port>] to connect to a server on another machine
44 */
45
46 #include <stdlib.h>
47 #include <string.h>
48 #include <stdio.h>
49 #include <stdarg.h>
50 #include <time.h>
51 #include <unistd.h>
52 #include <errno.h>
53 #include <sys/types.h>
54 #include <sys/socket.h>
55 #include <netdb.h>
56 #include <poll.h>
57
58 #include <glib.h>
59
60 #include "sipe-common.h" /* coverity[hfa: FALSE] */
61 #include "sipe-backend.h"
62 #include "sipe-cert-crypto.h"
63 #include "sipe-crypt.h"
64 #include "sipe-tls.h"
65
66 /*
67 * Stubs
68 */
69 gboolean sipe_backend_debug_enabled(void)
70 {
71 return(TRUE);
72 }
73
74 void sipe_backend_debug_literal(sipe_debug_level level,
75 const gchar *msg)
76 {
77 printf("DEBUG(%d): %s\n", level, msg);
78 }
79
80 void sipe_backend_debug(sipe_debug_level level,
81 const gchar *format,
82 ...)
83 {
84 va_list ap;
85 gchar *newformat = g_strdup_printf("DEBUG(%d): %s\n", level, format);
86
87 va_start(ap, format);
88 vprintf(newformat, ap);
89 va_end(ap);
90
91 g_free(newformat);
92 }
93
94 /*
95 * Tester code
96 */
97 struct record {
98 gsize length;
99 guchar *msg;
100 };
101
102 static guchar *read_tls_record(int fd,
103 gsize *in_length)
104 {
105 GSList *fragments = NULL;
106 guchar *merged = NULL;
107 gsize length = 0;
108 static gchar buffer[10000];
109
110 while (1) {
111 struct pollfd fds[] = {
112 { fd, POLLIN, 0 }
113 };
114 int result;
115 struct record *record;
116
117 /* Read one chunk */
118 result = poll(fds, 1, 500 /* [milliseconds] */);
119 if (result < 0) {
120 printf("poll failed: %s\n", strerror(errno));
121 break;
122 }
123 if (result == 0) {
124 if (!fragments) {
125 printf("timeout.\n");
126 continue;
127 } else {
128 printf("reading done.\n");
129 break;
130 }
131 }
132
133 result = read(fd, buffer, sizeof(buffer));
134 if (result < 0) {
135 printf("read failed: %s\n", strerror(errno));
136 break;
137 }
138 if (result == 0) {
139 printf("server closed connection: %s\n",
140 strerror(errno));
141 break;
142 }
143
144 printf("received %d bytes from server\n", result);
145 record = g_new0(struct record, 1);
146 record->length = result;
147 record->msg = g_memdup(buffer, result);
148 length += result;
149 fragments = g_slist_append(fragments, record);
150 }
151
152 if (fragments) {
153 GSList *elem = fragments;
154 guchar *p;
155
156 printf("received a total of %" G_GSIZE_FORMAT " bytes.\n",
157 length);
158
159 p = merged = g_malloc(length);
160 while (elem) {
161 struct record *record = elem->data;
162
163 memcpy(p, record->msg, record->length);
164 p += record->length;
165 g_free(record->msg);
166 g_free(record);
167
168 elem = elem->next;
169 }
170
171 g_slist_free(fragments);
172 }
173
174 *in_length = length;
175 return(merged);
176 }
177
178 static void tls_handshake(struct sipe_tls_state *state,
179 int fd)
180 {
181 printf("TLS handshake starting...\n");
182
183 /* generate next handshake message */
184 while (sipe_tls_next(state)) {
185 int sent;
186
187 /* handshake completed? */
188 if (!state->out_buffer) {
189 printf("Handshake completed.\n");
190 break;
191 }
192
193 /* send buffer to server */
194 sent = write(fd, state->out_buffer, state->out_length);
195 if (sent < 0) {
196 printf("write to server failed: %s\n",
197 strerror(errno));
198 break;
199 } else if ((unsigned int) sent < state->out_length) {
200 printf("could only write %d bytes, out of %" G_GSIZE_FORMAT "\n",
201 sent, state->out_length);
202 break;
203 }
204
205 /* message sent, drop buffer */
206 g_free(state->out_buffer);
207 state->out_buffer = NULL;
208
209 state->in_buffer = read_tls_record(fd, &state->in_length);
210 if (!state->in_buffer) {
211 printf("end of data.\n");
212 break;
213 }
214 }
215
216 printf("TLS handshake done.\n");
217 }
218
219
220 static int tls_connect(const gchar *param)
221 {
222 gchar **parts = g_strsplit(param, ":", 2);
223 int fd = -1;
224
225 if (parts[0]) {
226 const gchar *host = parts[0];
227 const gchar *port = parts[1] ? parts[1] : "443";
228 struct addrinfo hints;
229 struct addrinfo *result;
230 int status;
231
232 printf("TLS connect to host '%s', port %s...\n",
233 host, port);
234
235 memset(&hints, 0, sizeof(struct addrinfo));
236 hints.ai_family = AF_UNSPEC;
237 hints.ai_socktype = SOCK_STREAM;
238 hints.ai_flags = 0;
239 hints.ai_protocol = 0;
240 status = getaddrinfo(host, port, &hints, &result);
241
242 if (status == 0) {
243 struct addrinfo *rp;
244
245 for (rp = result; rp != NULL; rp = rp->ai_next) {
246 int sock = socket(rp->ai_family,
247 rp->ai_socktype,
248 rp->ai_protocol);
249
250 if (sock < 0) continue;
251
252 if (connect(sock,
253 rp->ai_addr,
254 rp->ai_addrlen) >= 0) {
255 /* connected */
256 printf("connected to host '%s', port %s.\n",
257 host, port);
258 fd = sock;
259 break;
260 }
261 fprintf(stderr, "failed to connect: %s\n",
262 strerror(errno));
263
264 close(sock);
265 }
266 freeaddrinfo(result);
267
268 if (rp == NULL) {
269 fprintf(stderr, "couldn't connect to host '%s'!\n",
270 host);
271 }
272 } else {
273 fprintf(stderr, "couldn't find host '%s': %s\n",
274 host, gai_strerror(status));
275 }
276 } else {
277 fprintf(stderr, "corrupted host[:port] '%s'!\n", param);
278 }
279 g_strfreev(parts);
280
281 return(fd);
282 }
283
284 int main(int argc, char *argv[])
285 {
286 struct sipe_cert_crypto *scc;
287
288 sipe_crypto_init(FALSE);
289 srand(time(NULL));
290
291 scc = sipe_cert_crypto_init();
292 if (scc) {
293 gpointer certificate;
294 struct sipe_tls_state *state;
295
296 printf("SIPE cert crypto backend initialized.\n");
297
298 certificate = sipe_cert_crypto_test_certificate(scc);
299 state = sipe_tls_start(certificate);
300 if (state) {
301 int fd;
302
303 printf("SIPE TLS initialized.\n");
304
305 fd = tls_connect((argc > 1) ? argv[1] : "localhost:8443");
306 if (fd >= 0) {
307 tls_handshake(state, fd);
308 close(fd);
309 }
310
311 sipe_tls_free(state);
312 }
313
314 sipe_cert_crypto_destroy(certificate);
315 sipe_cert_crypto_free(scc);
316 }
317 sipe_crypto_shutdown();
318
319 return(0);
320 }
321
322 /*
323 Local Variables:
324 mode: c
325 c-file-style: "bsd"
326 indent-tabs-mode: t
327 tab-width: 8
328 End:
329 */
A third-party Pidgin plugin for Microsoft LCS/OCS