2 /* demos/bio/server-arg.c */
5 * A minimal program to serve an SSL connection. It uses blocking. It use the
6 * SSL_CONF API with the command line. cc -I../../include server-arg.c
7 * -L../.. -lssl -lcrypto -ldl
12 #include <openssl/err.h>
13 #include <openssl/ssl.h>
15 int main(int argc
, char *argv
[])
17 char *port
= "*:4433";
24 char **args
= argv
+ 1;
27 SSL_load_error_strings();
29 /* Add ciphers and message digests */
30 OpenSSL_add_ssl_algorithms();
32 ctx
= SSL_CTX_new(SSLv23_server_method());
34 cctx
= SSL_CONF_CTX_new();
35 SSL_CONF_CTX_set_flags(cctx
, SSL_CONF_FLAG_SERVER
);
36 SSL_CONF_CTX_set_flags(cctx
, SSL_CONF_FLAG_CERTIFICATE
);
37 SSL_CONF_CTX_set_ssl_ctx(cctx
, ctx
);
38 while (*args
&& **args
== '-') {
40 /* Parse standard arguments */
41 rv
= SSL_CONF_cmd_argv(cctx
, &nargs
, &args
);
43 fprintf(stderr
, "Missing argument for %s\n", *args
);
47 fprintf(stderr
, "Error in command %s\n", *args
);
48 ERR_print_errors_fp(stderr
);
51 /* If rv > 0 we processed something so proceed to next arg */
54 /* Otherwise application specific argument processing */
55 if (!strcmp(*args
, "-port")) {
58 fprintf(stderr
, "Missing -port argument\n");
65 fprintf(stderr
, "Unknown argument %s\n", *args
);
70 if (!SSL_CONF_CTX_finish(cctx
)) {
71 fprintf(stderr
, "Finish error\n");
72 ERR_print_errors_fp(stderr
);
77 * Demo of how to iterate over all certificates in an SSL_CTX structure.
82 rv
= SSL_CTX_set_current_cert(ctx
, SSL_CERT_SET_FIRST
);
84 X509
*x
= SSL_CTX_get0_certificate(ctx
);
85 X509_NAME_print_ex_fp(stdout
, X509_get_subject_name(x
), 0,
88 rv
= SSL_CTX_set_current_cert(ctx
, SSL_CERT_SET_NEXT
);
93 /* Setup server side SSL bio */
94 ssl_bio
= BIO_new_ssl(ctx
, 0);
96 if ((in
= BIO_new_accept(port
)) == NULL
)
100 * This means that when a new connection is accepted on 'in', The ssl_bio
101 * will be 'duplicated' and have the new socket BIO push into it.
102 * Basically it means the SSL BIO will be automatically setup
104 BIO_set_accept_bios(in
, ssl_bio
);
108 * The first call will setup the accept socket, and the second will get a
109 * socket. In this loop, the first actual accept will occur in the
110 * BIO_read() function.
113 if (BIO_do_accept(in
) <= 0)
117 i
= BIO_read(in
, buf
, 512);
120 * If we have finished, remove the underlying BIO stack so the
121 * next time we call any function for this BIO, it will attempt
131 fwrite(buf
, 1, i
, stdout
);
138 ERR_print_errors_fp(stderr
);