View difference between Paste ID: <a href="/bZnESbhc">bZnESbhc</a> and <a href="/post/view"></a>

View difference between Paste ID: bZnESbhc and

SHOW: | | - or go back to the newest paste.


#include <openssl/ssl.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <time.h>
#include <string.h>
#include <regex.h>
#include <libssh2.h>

//# include <netinet/in.h>
#ifdef HAVE_WINDOWS_H
# include <windows.h>
#endif
#ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
#endif

/* FTP-SSL test
 * -o sshssl sshssl.c -lssl -lcrypto -lssh2
*/

// Functions
void tunnel_read(int pass);
void tunnel_write(char *plaintext[]);

// Variables: core
char buffer[256];        
clock_t time_start = 0;

// Variables: SSL
SSL        *ssl;
SSL_METHOD *meth;
SSL_CTX    *ctx;
BIO        *ssl_side;
BIO        *net_side;

// Variables: SSH
LIBSSH2_SESSION *test_ssh_session;
LIBSSH2_CHANNEL *test_ssh_channel;
struct hostent *test_ssh_host;
const char *ssh_hostname = "censored";
const char *test_ssh_user = "censored";
const char *test_ssh_pass = "censored";
int *test_ssh_sock;
struct sockaddr_in test_ssh_addr;
const char *remote_host = // censored
const char *local_host  = "127.0.0.1";
int remote_port = 21;
int local_port  = 21;

ssh_tunnel()
{
	printf("----------setting up SSH \"tunnel\"----------\n");
	// Setting up hostnames, IPs and ports
	test_ssh_host = gethostbyname(ssh_hostname);
	bzero((char *) &test_ssh_addr, sizeof(test_ssh_addr));
	test_ssh_addr.sin_family = AF_INET;
	bcopy((char *)test_ssh_host->h_addr, (char *)&test_ssh_addr.sin_addr.s_addr, test_ssh_host->h_length);
	test_ssh_addr.sin_port = htons(22);

	// Underlying SSH socket
	test_ssh_sock = socket(AF_INET, SOCK_STREAM, 0);

	// Connect socket to SSH host:port
	if (connect(test_ssh_sock,&test_ssh_addr, sizeof(test_ssh_addr)) < 0)
		printf("Couldn't connect to SSH server!\n");
	else
		printf("Connected to SSH server.\n");

	// Setting up the SSH session for tunneling.
	test_ssh_session = libssh2_session_init();

	if (libssh2_session_startup(test_ssh_session, test_ssh_sock) != 0)
		printf("Unable to start session.\n");
	if (libssh2_userauth_password(test_ssh_session, test_ssh_user, test_ssh_pass) != 0)
		printf("Bad user/pw.\n");
	if (!(test_ssh_channel = libssh2_channel_open_session(test_ssh_session)))
		printf("Failed to open session");
	if (libssh2_channel_shell(test_ssh_channel))
		printf("Failed requesting shell.\n");

	// "Tunnel"
	test_ssh_channel = libssh2_channel_direct_tcpip_ex(test_ssh_session, remote_host, remote_port, local_host, local_port);
	if (test_ssh_channel == NULL) {
		int error = libssh2_session_last_error(test_ssh_session, NULL, NULL, 0);
		printf("Unable to set up \"tunnel\" channel. (%i)\n\n\n", error);
	}
	else
		printf("SSH \"tunnel\" active.\n");
	printf("-------------------DONE--------------------\n");
}

void tunnel_read(int pass)
{
	// Illustration 2
	bzero(buffer, 256);
	libssh2_channel_read(test_ssh_channel, buffer, 255);
	printf("CHANNEL_BUFFER:\t%s", buffer);
	bzero(buffer, 256);
}

void tunnel_write(char *plaintext[])
{
	libssh2_channel_write(test_ssh_channel, plaintext, strlen(plaintext));
}

/* Flush any data that SSL has written to the BIO, out to the network */
void ssl_wants_write(void)
{
    char buf[1024];
    size_t len;

    while (BIO_ctrl_pending(net_side) > 0 )
    {
        len = BIO_read(net_side, buf, sizeof buf);
        libssh2_channel_write(test_ssh_channel, buf, len);
    }
}

/* SSL needs to read some data from the network to continue */
void ssl_wants_read(void)
{
    char buf[1024];
    size_t len;

    /* First, flush out any written data - otherwise we may deadlock */
    ssl_wants_write();

    len = libssh2_channel_read(test_ssh_channel, buf, sizeof buf);
    BIO_write(net_side, buf, len);
}

main()
{
        int ret;

	// Start SSH "tunnel"
	ssh_tunnel();

	// SSL setup
	SSL_library_init();

	meth = SSLv23_method();
	ctx  = SSL_CTX_new(meth);
	ssl  = SSL_new(ctx);
	BIO_new_bio_pair(ssl_side, net_side);
	SSL_set_bio(ssl, ssl_side, ssl_side);

	// Communicate with FTP server. Get welcome note, ask for FTP server to turn on SSL encryption.
	tunnel_read(0);											// Reads FTP identification/welcome string
	tunnel_write("AUTH SSL\n");
	tunnel_read(0);											// AUTH SSL successful

	bzero(buffer, 256);
        do {
            ret = SSL_read(ssl, buffer, 255); // If necessary, SSL_read() will negotiate a TLS/SSL session, if not already explicitly performed

            switch (SSL_get_error(ssl, ret))
            {
                case SSL_ERROR_WANT_READ:
                    ssl_wants_read();
                    continue;

                case SSL_ERROR_WANT_WRITE:
                    ssl_wants_write();
                    continue;
            
                default:
            }
        } while (ret < 0)

	printf("SSL read:\t%s\n", buffer);						// Empty
	
	//printf("Handshake:\t%i\n", SSL_do_handshake(ssl));		// Currently -1: FATAL error.

	printf("Shutting down.\n");
	SSL_shutdown(ssl);
}

1	-
1	+	#include <openssl/ssl.h>
2		#include <stdio.h>
3		#include <sys/types.h>
4		#include <sys/socket.h>
5		#include <netinet/in.h>
6		#include <netdb.h>
7		#include <time.h>
8		#include <string.h>
9		#include <regex.h>
10		#include <libssh2.h>
11
12		//# include <netinet/in.h>
13		#ifdef HAVE_WINDOWS_H
14		# include <windows.h>
15		#endif
16		#ifdef HAVE_WINSOCK2_H
17		# include <winsock2.h>
18		#endif
19
20		/* FTP-SSL test
21		* -o sshssl sshssl.c -lssl -lcrypto -lssh2
22		*/
23
24		// Functions
25		void tunnel_read(int pass);
26		void tunnel_write(char *plaintext[]);
27
28		// Variables: core
29		char buffer[256];
30		clock_t time_start = 0;
31
32		// Variables: SSL
33		SSL *ssl;
34		SSL_METHOD *meth;
35		SSL_CTX *ctx;
36		BIO *ssl_side;
37		BIO *net_side;
38
39		// Variables: SSH
40		LIBSSH2_SESSION *test_ssh_session;
41		LIBSSH2_CHANNEL *test_ssh_channel;
42		struct hostent *test_ssh_host;
43		const char *ssh_hostname = "censored";
44		const char *test_ssh_user = "censored";
45		const char *test_ssh_pass = "censored";
46		int *test_ssh_sock;
47		struct sockaddr_in test_ssh_addr;
48		const char *remote_host = // censored
49		const char *local_host = "127.0.0.1";
50		int remote_port = 21;
51		int local_port = 21;
52
53		ssh_tunnel()
54		{
55		printf("----------setting up SSH \"tunnel\"----------\n");
56		// Setting up hostnames, IPs and ports
57		test_ssh_host = gethostbyname(ssh_hostname);
58		bzero((char *) &test_ssh_addr, sizeof(test_ssh_addr));
59		test_ssh_addr.sin_family = AF_INET;
60		bcopy((char )test_ssh_host->h_addr, (char )&test_ssh_addr.sin_addr.s_addr, test_ssh_host->h_length);
61		test_ssh_addr.sin_port = htons(22);
62
63		// Underlying SSH socket
64		test_ssh_sock = socket(AF_INET, SOCK_STREAM, 0);
65
66		// Connect socket to SSH host:port
67		if (connect(test_ssh_sock,&test_ssh_addr, sizeof(test_ssh_addr)) < 0)
68		printf("Couldn't connect to SSH server!\n");
69		else
70		printf("Connected to SSH server.\n");
71
72		// Setting up the SSH session for tunneling.
73		test_ssh_session = libssh2_session_init();
74
75		if (libssh2_session_startup(test_ssh_session, test_ssh_sock) != 0)
76		printf("Unable to start session.\n");
77		if (libssh2_userauth_password(test_ssh_session, test_ssh_user, test_ssh_pass) != 0)
78		printf("Bad user/pw.\n");
79		if (!(test_ssh_channel = libssh2_channel_open_session(test_ssh_session)))
80		printf("Failed to open session");
81		if (libssh2_channel_shell(test_ssh_channel))
82		printf("Failed requesting shell.\n");
83
84		// "Tunnel"
85		test_ssh_channel = libssh2_channel_direct_tcpip_ex(test_ssh_session, remote_host, remote_port, local_host, local_port);
86		if (test_ssh_channel == NULL) {
87		int error = libssh2_session_last_error(test_ssh_session, NULL, NULL, 0);
88		printf("Unable to set up \"tunnel\" channel. (%i)\n\n\n", error);
89		}
90		else
91		printf("SSH \"tunnel\" active.\n");
92		printf("-------------------DONE--------------------\n");
93		}
94
95		void tunnel_read(int pass)
96		{
97		// Illustration 2
98		bzero(buffer, 256);
99		libssh2_channel_read(test_ssh_channel, buffer, 255);
100		printf("CHANNEL_BUFFER:\t%s", buffer);
101		bzero(buffer, 256);
102		}
103
104		void tunnel_write(char *plaintext[])
105		{
106		libssh2_channel_write(test_ssh_channel, plaintext, strlen(plaintext));
107		}
108
109		/* Flush any data that SSL has written to the BIO, out to the network */
110		void ssl_wants_write(void)
111		{
112		char buf[1024];
113		size_t len;
114
115		while (BIO_ctrl_pending(net_side) > 0 )
116		{
117		len = BIO_read(net_side, buf, sizeof buf);
118		libssh2_channel_write(test_ssh_channel, buf, len);
119		}
120		}
121
122		/* SSL needs to read some data from the network to continue */
123		void ssl_wants_read(void)
124		{
125		char buf[1024];
126		size_t len;
127
128		/* First, flush out any written data - otherwise we may deadlock */
129		ssl_wants_write();
130
131		len = libssh2_channel_read(test_ssh_channel, buf, sizeof buf);
132		BIO_write(net_side, buf, len);
133		}
134
135		main()
136		{
137		int ret;
138
139		// Start SSH "tunnel"
140		ssh_tunnel();
141
142		// SSL setup
143		SSL_library_init();
144
145		meth = SSLv23_method();
146		ctx = SSL_CTX_new(meth);
147		ssl = SSL_new(ctx);
148		BIO_new_bio_pair(ssl_side, net_side);
149		SSL_set_bio(ssl, ssl_side, ssl_side);
150
151		// Communicate with FTP server. Get welcome note, ask for FTP server to turn on SSL encryption.
152		tunnel_read(0); // Reads FTP identification/welcome string
153		tunnel_write("AUTH SSL\n");
154		tunnel_read(0); // AUTH SSL successful
155
156		bzero(buffer, 256);
157		do {
158		ret = SSL_read(ssl, buffer, 255); // If necessary, SSL_read() will negotiate a TLS/SSL session, if not already explicitly performed
159
160		switch (SSL_get_error(ssl, ret))
161		{
162		case SSL_ERROR_WANT_READ:
163		ssl_wants_read();
164		continue;
165
166		case SSL_ERROR_WANT_WRITE:
167		ssl_wants_write();
168		continue;
169
170		default:
171		}
172		} while (ret < 0)
173
174		printf("SSL read:\t%s\n", buffer); // Empty
175
176		//printf("Handshake:\t%i\n", SSL_do_handshake(ssl)); // Currently -1: FATAL error.
177
178		printf("Shutting down.\n");
179		SSL_shutdown(ssl);
180		}