search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ucs: move GetUserPhoto operation to buddy
[siplcs.git] / src / core / sipe-tls-tester.c
blobd0e3d73a3d2e3ab69f582eb9ae6207a21c6df345
1 /**
2 * @file sipe-tls-tester.c
3 *
4 * pidgin-sipe
5 *
6 * Copyright (C) 2011-2015 SIPE Project <http://sipe.sourceforge.net/>
7 *
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 *
23 *
24 * TLS handshake implementation (sipe-tls.c) tester
25 *
26 * Example test setup using OpenSSL:
27 *
28 * - Setting up the server certificate:
29 *
30 * $ openssl req -new -keyout server.pem -out server.req
31 * $ openssl x509 -req -in server.req -signkey server.pem -out server.cert
32 *
33 * - Running the test server in one shell with same parameters used by Lync:
34 *
35 * $ openssl s_server -accept 8443 -debug -msg \
36 * -cert server.cert -key server.pem \
37 * -tls1 -verify 0 [ -cipher <c1>[:<c2>...] ]
38 *
39 * ciphers: RC4-MD5, RC4-SHA, AES128-SHA, AES256-SHA
40 *
41 * - Running the test program in another shell:
42 *
43 * $ sipe_tls_tester
44 *
45 * You can add <host>[:<port>] to connect to a server on another machine
46 */
47
48 #include <stdlib.h>
49 #include <string.h>
50 #include <stdio.h>
51 #include <stdarg.h>
52 #include <time.h>
53 #include <unistd.h>
54 #include <errno.h>
55 #include <sys/types.h>
56 #include <sys/socket.h>
57 #include <netdb.h>
58 #include <poll.h>
59
60 #include <glib.h>
61
62 #include "sipe-common.h" /* coverity[hfa: FALSE] */
63 #include "sipe-backend.h"
64 #include "sipe-cert-crypto.h"
65 #include "sipe-crypt.h"
66 #include "sipe-tls.h"
67
68 /*
69 * Stubs
70 */
71 gboolean sipe_backend_debug_enabled(void)
72 {
73 return(TRUE);
74 }
75
76 void sipe_backend_debug_literal(sipe_debug_level level,
77 const gchar *msg)
78 {
79 printf("DEBUG(%d): %s\n", level, msg);
80 }
81
82 void sipe_backend_debug(sipe_debug_level level,
83 const gchar *format,
84 ...)
85 {
86 va_list ap;
87 gchar *newformat = g_strdup_printf("DEBUG(%d): %s\n", level, format);
88
89 va_start(ap, format);
90 vprintf(newformat, ap);
91 va_end(ap);
92
93 g_free(newformat);
94 }
95
96 /*
97 * Tester code
98 */
99 struct record {
100 gsize length;
101 guchar *msg;
102 };
103
104 static guchar *read_tls_record(int fd,
105 gsize *in_length)
106 {
107 GSList *fragments = NULL;
108 guchar *merged = NULL;
109 gsize length = 0;
110 static gchar buffer[10000];
111
112 while (1) {
113 struct pollfd fds[] = {
114 { fd, POLLIN, 0 }
115 };
116 int result;
117 struct record *record;
118
119 /* Read one chunk */
120 result = poll(fds, 1, 500 /* [milliseconds] */);
121 if (result < 0) {
122 printf("poll failed: %s\n", strerror(errno));
123 break;
124 }
125 if (result == 0) {
126 if (!fragments) {
127 printf("timeout.\n");
128 continue;
129 } else {
130 printf("reading done.\n");
131 break;
132 }
133 }
134
135 result = read(fd, buffer, sizeof(buffer));
136 if (result < 0) {
137 printf("read failed: %s\n", strerror(errno));
138 break;
139 }
140 if (result == 0) {
141 printf("server closed connection: %s\n",
142 strerror(errno));
143 break;
144 }
145
146 printf("received %d bytes from server\n", result);
147 record = g_new0(struct record, 1);
148 record->length = result;
149 record->msg = g_memdup(buffer, result);
150 length += result;
151 fragments = g_slist_append(fragments, record);
152 }
153
154 if (fragments) {
155 GSList *elem = fragments;
156 guchar *p;
157
158 printf("received a total of %" G_GSIZE_FORMAT " bytes.\n",
159 length);
160
161 p = merged = g_malloc(length);
162 while (elem) {
163 struct record *record = elem->data;
164
165 memcpy(p, record->msg, record->length);
166 p += record->length;
167 g_free(record->msg);
168 g_free(record);
169
170 elem = elem->next;
171 }
172
173 g_slist_free(fragments);
174 }
175
176 *in_length = length;
177 return(merged);
178 }
179
180 static void tls_handshake(struct sipe_tls_state *state,
181 int fd)
182 {
183 gboolean success = FALSE;
184
185 printf("TLS handshake starting...\n");
186
187 /* generate next handshake message */
188 while (sipe_tls_next(state)) {
189 int sent;
190
191 /* handshake completed? */
192 if (!state->out_buffer) {
193 success = TRUE;
194 break;
195 }
196
197 /* send buffer to server */
198 sent = write(fd, state->out_buffer, state->out_length);
199 if (sent < 0) {
200 printf("write to server failed: %s\n",
201 strerror(errno));
202 break;
203 } else if ((unsigned int) sent < state->out_length) {
204 printf("could only write %d bytes, out of %" G_GSIZE_FORMAT "\n",
205 sent, state->out_length);
206 break;
207 }
208
209 /* message sent, drop buffer */
210 g_free(state->out_buffer);
211 state->out_buffer = NULL;
212
213 state->in_buffer = read_tls_record(fd, &state->in_length);
214 if (!state->in_buffer) {
215 printf("end of data.\n");
216 break;
217 }
218 }
219
220 printf("TLS handshake %s.\n", success ? "SUCCESSFUL" : "FAILED");
221 }
222
223
224 static int tls_connect(const gchar *param)
225 {
226 gchar **parts = g_strsplit(param, ":", 2);
227 int fd = -1;
228
229 if (parts[0]) {
230 const gchar *host = parts[0];
231 const gchar *port = parts[1] ? parts[1] : "443";
232 struct addrinfo hints;
233 struct addrinfo *result;
234 int status;
235
236 printf("TLS connect to host '%s', port %s...\n",
237 host, port);
238
239 memset(&hints, 0, sizeof(struct addrinfo));
240 hints.ai_family = AF_UNSPEC;
241 hints.ai_socktype = SOCK_STREAM;
242 hints.ai_flags = 0;
243 hints.ai_protocol = 0;
244 status = getaddrinfo(host, port, &hints, &result);
245
246 if (status == 0) {
247 struct addrinfo *rp;
248
249 for (rp = result; rp != NULL; rp = rp->ai_next) {
250 int sock = socket(rp->ai_family,
251 rp->ai_socktype,
252 rp->ai_protocol);
253
254 if (sock < 0) continue;
255
256 if (connect(sock,
257 rp->ai_addr,
258 rp->ai_addrlen) >= 0) {
259 /* connected */
260 printf("connected to host '%s', port %s.\n",
261 host, port);
262 fd = sock;
263 break;
264 }
265 fprintf(stderr, "failed to connect: %s\n",
266 strerror(errno));
267
268 close(sock);
269 }
270 freeaddrinfo(result);
271
272 if (rp == NULL) {
273 fprintf(stderr, "couldn't connect to host '%s'!\n",
274 host);
275 }
276 } else {
277 fprintf(stderr, "couldn't find host '%s': %s\n",
278 host, gai_strerror(status));
279 }
280 } else {
281 fprintf(stderr, "corrupted host[:port] '%s'!\n", param);
282 }
283 g_strfreev(parts);
284
285 return(fd);
286 }
287
288 int main(int argc, char *argv[])
289 {
290 struct sipe_cert_crypto *scc;
291
292 sipe_crypto_init(FALSE);
293 srand(time(NULL));
294
295 scc = sipe_cert_crypto_init();
296 if (scc) {
297 gpointer certificate;
298 struct sipe_tls_state *state;
299
300 printf("SIPE cert crypto backend initialized.\n");
301
302 certificate = sipe_cert_crypto_test_certificate(scc);
303 state = sipe_tls_start(certificate);
304 if (state) {
305 int fd;
306
307 printf("SIPE TLS initialized.\n");
308
309 fd = tls_connect((argc > 1) ? argv[1] : "localhost:8443");
310 if (fd >= 0) {
311 tls_handshake(state, fd);
312 close(fd);
313 }
314
315 sipe_tls_free(state);
316 }
317
318 sipe_cert_crypto_destroy(certificate);
319 sipe_cert_crypto_free(scc);
320 }
321 sipe_crypto_shutdown();
322
323 return(0);
324 }
325
326 /*
327 Local Variables:
328 mode: c
329 c-file-style: "bsd"
330 indent-tabs-mode: t
331 tab-width: 8
332 End:
333 */
A third-party Pidgin plugin for Microsoft LCS/OCS