Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <openssl/ssl.h>
- #include <stdio.h>
- #include <sys/types.h>
- #include <sys/socket.h>
- #include <netinet/in.h>
- #include <netdb.h>
- #include <time.h>
- #include <string.h>
- #include <regex.h>
- #include <libssh2.h>
- //# include <netinet/in.h>
- #ifdef HAVE_WINDOWS_H
- # include <windows.h>
- #endif
- #ifdef HAVE_WINSOCK2_H
- # include <winsock2.h>
- #endif
- /* FTP-SSL test
- * -o sshssl sshssl.c -lssl -lcrypto -lssh2
- */
- // Functions
- void tunnel_read(int pass);
- void tunnel_write(char *plaintext[]);
- // Variables: core
- char buffer[256];
- clock_t time_start = 0;
- // Variables: SSL
- SSL *ssl;
- SSL_METHOD *meth;
- SSL_CTX *ctx;
- BIO *ssl_side;
- BIO *net_side;
- // Variables: SSH
- LIBSSH2_SESSION *test_ssh_session;
- LIBSSH2_CHANNEL *test_ssh_channel;
- struct hostent *test_ssh_host;
- const char *ssh_hostname = "censored";
- const char *test_ssh_user = "censored";
- const char *test_ssh_pass = "censored";
- int *test_ssh_sock;
- struct sockaddr_in test_ssh_addr;
- const char *remote_host = // censored
- const char *local_host = "127.0.0.1";
- int remote_port = 21;
- int local_port = 21;
- ssh_tunnel()
- {
- printf("----------setting up SSH \"tunnel\"----------\n");
- // Setting up hostnames, IPs and ports
- test_ssh_host = gethostbyname(ssh_hostname);
- bzero((char *) &test_ssh_addr, sizeof(test_ssh_addr));
- test_ssh_addr.sin_family = AF_INET;
- bcopy((char *)test_ssh_host->h_addr, (char *)&test_ssh_addr.sin_addr.s_addr, test_ssh_host->h_length);
- test_ssh_addr.sin_port = htons(22);
- // Underlying SSH socket
- test_ssh_sock = socket(AF_INET, SOCK_STREAM, 0);
- // Connect socket to SSH host:port
- if (connect(test_ssh_sock,&test_ssh_addr, sizeof(test_ssh_addr)) < 0)
- printf("Couldn't connect to SSH server!\n");
- else
- printf("Connected to SSH server.\n");
- // Setting up the SSH session for tunneling.
- test_ssh_session = libssh2_session_init();
- if (libssh2_session_startup(test_ssh_session, test_ssh_sock) != 0)
- printf("Unable to start session.\n");
- if (libssh2_userauth_password(test_ssh_session, test_ssh_user, test_ssh_pass) != 0)
- printf("Bad user/pw.\n");
- if (!(test_ssh_channel = libssh2_channel_open_session(test_ssh_session)))
- printf("Failed to open session");
- if (libssh2_channel_shell(test_ssh_channel))
- printf("Failed requesting shell.\n");
- // "Tunnel"
- test_ssh_channel = libssh2_channel_direct_tcpip_ex(test_ssh_session, remote_host, remote_port, local_host, local_port);
- if (test_ssh_channel == NULL) {
- int error = libssh2_session_last_error(test_ssh_session, NULL, NULL, 0);
- printf("Unable to set up \"tunnel\" channel. (%i)\n\n\n", error);
- }
- else
- printf("SSH \"tunnel\" active.\n");
- printf("-------------------DONE--------------------\n");
- }
- void tunnel_read(int pass)
- {
- // Illustration 2
- bzero(buffer, 256);
- libssh2_channel_read(test_ssh_channel, buffer, 255);
- printf("CHANNEL_BUFFER:\t%s", buffer);
- bzero(buffer, 256);
- }
- void tunnel_write(char *plaintext[])
- {
- libssh2_channel_write(test_ssh_channel, plaintext, strlen(plaintext));
- }
- /* Flush any data that SSL has written to the BIO, out to the network */
- void ssl_wants_write(void)
- {
- char buf[1024];
- size_t len;
- while (BIO_ctrl_pending(net_side) > 0 )
- {
- len = BIO_read(net_side, buf, sizeof buf);
- libssh2_channel_write(test_ssh_channel, buf, len);
- }
- }
- /* SSL needs to read some data from the network to continue */
- void ssl_wants_read(void)
- {
- char buf[1024];
- size_t len;
- /* First, flush out any written data - otherwise we may deadlock */
- ssl_wants_write();
- len = libssh2_channel_read(test_ssh_channel, buf, sizeof buf);
- BIO_write(net_side, buf, len);
- }
- main()
- {
- int ret;
- // Start SSH "tunnel"
- ssh_tunnel();
- // SSL setup
- SSL_library_init();
- meth = SSLv23_method();
- ctx = SSL_CTX_new(meth);
- ssl = SSL_new(ctx);
- BIO_new_bio_pair(ssl_side, net_side);
- SSL_set_bio(ssl, ssl_side, ssl_side);
- // Communicate with FTP server. Get welcome note, ask for FTP server to turn on SSL encryption.
- tunnel_read(0); // Reads FTP identification/welcome string
- tunnel_write("AUTH SSL\n");
- tunnel_read(0); // AUTH SSL successful
- bzero(buffer, 256);
- do {
- ret = SSL_read(ssl, buffer, 255); // If necessary, SSL_read() will negotiate a TLS/SSL session, if not already explicitly performed
- switch (SSL_get_error(ssl, ret))
- {
- case SSL_ERROR_WANT_READ:
- ssl_wants_read();
- continue;
- case SSL_ERROR_WANT_WRITE:
- ssl_wants_write();
- continue;
- default:
- }
- } while (ret < 0)
- printf("SSL read:\t%s\n", buffer); // Empty
- //printf("Handshake:\t%i\n", SSL_do_handshake(ssl)); // Currently -1: FATAL error.
- printf("Shutting down.\n");
- SSL_shutdown(ssl);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement