X-Git-Url: http://gitweb.hugovil.com/?a=blobdiff_plain;f=src%2Fssl.c;h=df140c75203dc73b47aea9dfb052a7e2a2e23c02;hb=a6c4c0c8d8224cdc455f0d184e91d0cf881f0077;hp=3acb5299314ae73d5640867336f378ef93a48740;hpb=36eddd2c06ce9b09c83102353deb213e065e901d;p=dockapps%2Fwmnotify.git diff --git a/src/ssl.c b/src/ssl.c index 3acb529..df140c7 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1,115 +1,113 @@ -/* - * ssl.c - * - * Copyright (C) 2003 Hugo Villeneuve - * Based on ssl_client.c (Sean Walton and Macmillan Publishers). - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. - */ - -#if HAVE_CONFIG_H -# include "config.h" -#endif - -#if HAVE_SSL - -/* Define filename_M */ -#define SSL_M 1 - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "common.h" -#include "wmnotify.h" -#include "ssl.h" - - -/* InitCTX - initialize the SSL engine. */ -SSL_CTX * -InitCTX( void ) -{ - const SSL_METHOD *method; - SSL_CTX *ctx; - - SSL_library_init(); /* Load cryptos, et.al. */ - SSL_load_error_strings(); /* Bring in and register error messages */ - method = SSLv23_client_method(); /* Indicate we support SSLv2, SSLv3 and TLSv1 methods. */ - ctx = SSL_CTX_new(method); /* Create new context */ - if( ctx == NULL ) { - ERR_print_errors_fp(stderr); - abort(); - } - return ctx; -} - - -/* ShowCerts - print out the certificates. */ -void -ShowCerts( SSL *ssl ) -{ - X509 *cert; - char *line; - - cert = SSL_get_peer_certificate(ssl); /* get the server's certificate */ - if ( cert != NULL ) { - printf("Server certificates:\n"); - line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0); - printf("Subject: %s\n", line); - free(line); /* free the malloc'ed string */ - line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0); - printf("Issuer: %s\n", line); - free(line); /* free the malloc'ed string */ - X509_free(cert); /* free the malloc'ed certificate copy */ - } - else { - printf("No certificates.\n"); - } -} - - -int -InitSSL( int sock_fd ) -{ - ssl_infos.ctx = InitCTX(); - ssl_infos.ssl = SSL_new( ssl_infos.ctx ); /* create new SSL connection state */ - if( ssl_infos.ssl == NULL ) { - printf( "%s: Error in SSL_new()\n", PACKAGE ); - return EXIT_FAILURE; - } - - SSL_set_fd( ssl_infos.ssl, sock_fd ); /* attach the socket descriptor */ - if( SSL_connect( ssl_infos.ssl ) == FAIL ) { /* perform the connection */ - ERR_print_errors_fp(stderr); - return EXIT_FAILURE; - } - - if( wmnotify_infos.debug ) { - printf("Connected with %s encryption\n", SSL_get_cipher( ssl_infos.ssl )); - ShowCerts( ssl_infos.ssl ); /* get any certs */ - } - - return EXIT_SUCCESS; -} - - -#endif /* HAVE_SSL */ +/* + * ssl.c + * + * Copyright (C) 2003 Hugo Villeneuve + * Based on ssl_client.c (Sean Walton and Macmillan Publishers). + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif /* */ + +#if HAVE_SSL + +/* Define filename_M */ +#define SSL_M 1 + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "common.h" +#include "wmnotify.h" +#include "ssl.h" + +/* InitCTX - initialize the SSL engine. */ +SSL_CTX *InitCTX(void) +{ + const SSL_METHOD *method; + SSL_CTX *ctx; + SSL_library_init(); /* Load cryptos, et.al. */ + SSL_load_error_strings(); /* Bring in and register error messages */ + method = SSLv23_client_method(); /* + * Indicate we support SSLv2, SSLv3 and + * TLSv1 methods. + */ + ctx = SSL_CTX_new(method); /* Create new context */ + if (ctx == NULL) { + ERR_print_errors_fp(stderr); + abort(); + } + return ctx; +} + + +/* ShowCerts - print out the certificates. */ +void ShowCerts(SSL *ssl) +{ + X509 *cert; + char *line; + cert = SSL_get_peer_certificate(ssl); /* get the server's certificate */ + if (cert != NULL) { + printf("Server certificates:\n"); + line = + X509_NAME_oneline(X509_get_subject_name(cert), 0, 0); + printf("Subject: %s\n", line); + free(line); /* free the malloc'ed string */ + line = + X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0); + printf("Issuer: %s\n", line); + free(line); /* free the malloc'ed string */ + X509_free(cert); /* free the malloc'ed certificate copy */ + } else { + printf("No certificates.\n"); + } +} + +int InitSSL(int sock_fd) +{ + ssl_infos.ctx = InitCTX(); + ssl_infos.ssl = SSL_new(ssl_infos.ctx); /* + * create new SSL connection + * state + */ + if (ssl_infos.ssl == NULL) { + printf("%s: Error in SSL_new()\n", PACKAGE); + return EXIT_FAILURE; + } + SSL_set_fd(ssl_infos.ssl, sock_fd); /* attach the socket descriptor */ + if (SSL_connect(ssl_infos.ssl) == FAIL) { /* perform the connection */ + ERR_print_errors_fp(stderr); + return EXIT_FAILURE; + } + if (wmnotify_infos.debug) { + printf("Connected with %s encryption\n", + SSL_get_cipher(ssl_infos.ssl)); + ShowCerts(ssl_infos.ssl); /* get any certs */ + } + return EXIT_SUCCESS; +} + + +#endif /* HAVE_SSL */