From 054009a638ad06c3e11b044bacf500d0abc8fcf2 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bodo=20M=C3=B6ller?= Date: Thu, 27 May 1999 23:59:58 +0000 Subject: [PATCH] Updated C++ SSL demos. Submitted (a month ago) by: Wade Scholine --- CHANGES | 2 +- demos/ssl/cli.cpp | 16 +++++++++++--- demos/ssl/serv.cpp | 54 ++++++++++++++++++++++++++++++++++------------ 3 files changed, 54 insertions(+), 18 deletions(-) diff --git a/CHANGES b/CHANGES index 7228510654..9c3c17127e 100644 --- a/CHANGES +++ b/CHANGES @@ -6,7 +6,7 @@ Changes between 0.9.3 and 0.9.3a [?] [xx May? 1999] *) Updated some demos. - [Sean O Riordain] + [Sean O Riordain, Wade Scholine] *) Add missing BIO_free at exit of pkcs12 application. [Wu Zhigang] diff --git a/demos/ssl/cli.cpp b/demos/ssl/cli.cpp index f15b7ad170..2efe161d43 100644 --- a/demos/ssl/cli.cpp +++ b/demos/ssl/cli.cpp @@ -1,6 +1,10 @@ /* cli.cpp - Minimal ssleay client for Unix 30.9.1996, Sampo Kellomaki */ +/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b + Simplified to be even more minimal + 12/98 - 4/99 Wade Scholine */ + #include #include #include @@ -17,6 +21,7 @@ #include #include + #define CHK_NULL(x) if ((x)==NULL) exit (1) #define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); } #define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); } @@ -31,9 +36,14 @@ void main () X509* server_cert; char* str; char buf [4096]; + SSL_METHOD *meth; + SSLeay_add_ssl_algorithms(); + meth = SSLv2_client_method(); SSL_load_error_strings(); - ctx = SSL_CTX_new (); CHK_NULL(ctx); + ctx = SSL_CTX_new (meth); CHK_NULL(ctx); + + CHK_SSL(err); /* ----------------------------------------------- */ /* Create a socket and connect to server using normal socket calls. */ @@ -67,12 +77,12 @@ void main () server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert); printf ("Server certificate:\n"); - str = X509_NAME_oneline (X509_get_subject_name (server_cert)); + str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0); CHK_NULL(str); printf ("\t subject: %s\n", str); Free (str); - str = X509_NAME_oneline (X509_get_issuer_name (server_cert)); + str = X509_NAME_oneline (X509_get_issuer_name (server_cert),0,0); CHK_NULL(str); printf ("\t issuer: %s\n", str); Free (str); diff --git a/demos/ssl/serv.cpp b/demos/ssl/serv.cpp index b103e78b26..aec610d018 100644 --- a/demos/ssl/serv.cpp +++ b/demos/ssl/serv.cpp @@ -1,7 +1,14 @@ /* serv.cpp - Minimal ssleay server for Unix 30.9.1996, Sampo Kellomaki */ + +/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b + Simplified to be even more minimal + 12/98 - 4/99 Wade Scholine */ + #include +#include +#include #include #include #include @@ -17,9 +24,13 @@ #include #include -#define HOME "/usr/users/sampo/sibs/tim/" -#define CERTF HOME "plain-cert.pem" -#define KEYF HOME "plain-key.pem" + +/* define HOME to be dir for key and cert files... */ +#define HOME "./" +/* Make these what you want for cert & key files */ +#define CERTF HOME "foo-cert.pem" +#define KEYF HOME "foo-cert.pem" + #define CHK_NULL(x) if ((x)==NULL) exit (1) #define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); } @@ -32,24 +43,39 @@ void main () int sd; struct sockaddr_in sa_serv; struct sockaddr_in sa_cli; - int client_len; + size_t client_len; SSL_CTX* ctx; SSL* ssl; X509* client_cert; char* str; char buf [4096]; - + SSL_METHOD *meth; + /* SSL preliminaries. We keep the certificate and key with the context. */ SSL_load_error_strings(); - ctx = SSL_CTX_new (); CHK_NULL(ctx); - - err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF, SSL_FILETYPE_PEM); - CHK_SSL(err); - - err = SSL_CTX_use_certificate_file (ctx, CERTF, SSL_FILETYPE_PEM); - CHK_SSL(err); + SSLeay_add_ssl_algorithms(); + meth = SSLv23_server_method(); + ctx = SSL_CTX_new (meth); + if (!ctx) { + ERR_print_errors_fp(stderr); + exit(2); + } + if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) { + ERR_print_errors_fp(stderr); + exit(3); + } + if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) { + ERR_print_errors_fp(stderr); + exit(4); + } + + if (!SSL_CTX_check_private_key(ctx)) { + fprintf(stderr,"Private key does not match the certificate public key\n"); + exit(5); + } + /* ----------------------------------------------- */ /* Prepare TCP socket for receiving connections */ @@ -92,12 +118,12 @@ void main () if (client_cert != NULL) { printf ("Client certificate:\n"); - str = X509_NAME_oneline (X509_get_subject_name (client_cert)); + str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0); CHK_NULL(str); printf ("\t subject: %s\n", str); Free (str); - str = X509_NAME_oneline (X509_get_issuer_name (client_cert)); + str = X509_NAME_oneline (X509_get_issuer_name (client_cert), 0, 0); CHK_NULL(str); printf ("\t issuer: %s\n", str); Free (str); -- 2.25.1