View difference between Paste ID: bZnESbhc and
SHOW:
|
|
- or go back to the newest paste.
1 | - | |
1 | + | #include <openssl/ssl.h> |
2 | #include <stdio.h> | |
3 | #include <sys/types.h> | |
4 | #include <sys/socket.h> | |
5 | #include <netinet/in.h> | |
6 | #include <netdb.h> | |
7 | #include <time.h> | |
8 | #include <string.h> | |
9 | #include <regex.h> | |
10 | #include <libssh2.h> | |
11 | ||
12 | //# include <netinet/in.h> | |
13 | #ifdef HAVE_WINDOWS_H | |
14 | # include <windows.h> | |
15 | #endif | |
16 | #ifdef HAVE_WINSOCK2_H | |
17 | # include <winsock2.h> | |
18 | #endif | |
19 | ||
20 | /* FTP-SSL test | |
21 | * -o sshssl sshssl.c -lssl -lcrypto -lssh2 | |
22 | */ | |
23 | ||
24 | // Functions | |
25 | void tunnel_read(int pass); | |
26 | void tunnel_write(char *plaintext[]); | |
27 | ||
28 | // Variables: core | |
29 | char buffer[256]; | |
30 | clock_t time_start = 0; | |
31 | ||
32 | // Variables: SSL | |
33 | SSL *ssl; | |
34 | SSL_METHOD *meth; | |
35 | SSL_CTX *ctx; | |
36 | BIO *ssl_side; | |
37 | BIO *net_side; | |
38 | ||
39 | // Variables: SSH | |
40 | LIBSSH2_SESSION *test_ssh_session; | |
41 | LIBSSH2_CHANNEL *test_ssh_channel; | |
42 | struct hostent *test_ssh_host; | |
43 | const char *ssh_hostname = "censored"; | |
44 | const char *test_ssh_user = "censored"; | |
45 | const char *test_ssh_pass = "censored"; | |
46 | int *test_ssh_sock; | |
47 | struct sockaddr_in test_ssh_addr; | |
48 | const char *remote_host = // censored | |
49 | const char *local_host = "127.0.0.1"; | |
50 | int remote_port = 21; | |
51 | int local_port = 21; | |
52 | ||
53 | ssh_tunnel() | |
54 | { | |
55 | printf("----------setting up SSH \"tunnel\"----------\n"); | |
56 | // Setting up hostnames, IPs and ports | |
57 | test_ssh_host = gethostbyname(ssh_hostname); | |
58 | bzero((char *) &test_ssh_addr, sizeof(test_ssh_addr)); | |
59 | test_ssh_addr.sin_family = AF_INET; | |
60 | bcopy((char *)test_ssh_host->h_addr, (char *)&test_ssh_addr.sin_addr.s_addr, test_ssh_host->h_length); | |
61 | test_ssh_addr.sin_port = htons(22); | |
62 | ||
63 | // Underlying SSH socket | |
64 | test_ssh_sock = socket(AF_INET, SOCK_STREAM, 0); | |
65 | ||
66 | // Connect socket to SSH host:port | |
67 | if (connect(test_ssh_sock,&test_ssh_addr, sizeof(test_ssh_addr)) < 0) | |
68 | printf("Couldn't connect to SSH server!\n"); | |
69 | else | |
70 | printf("Connected to SSH server.\n"); | |
71 | ||
72 | // Setting up the SSH session for tunneling. | |
73 | test_ssh_session = libssh2_session_init(); | |
74 | ||
75 | if (libssh2_session_startup(test_ssh_session, test_ssh_sock) != 0) | |
76 | printf("Unable to start session.\n"); | |
77 | if (libssh2_userauth_password(test_ssh_session, test_ssh_user, test_ssh_pass) != 0) | |
78 | printf("Bad user/pw.\n"); | |
79 | if (!(test_ssh_channel = libssh2_channel_open_session(test_ssh_session))) | |
80 | printf("Failed to open session"); | |
81 | if (libssh2_channel_shell(test_ssh_channel)) | |
82 | printf("Failed requesting shell.\n"); | |
83 | ||
84 | // "Tunnel" | |
85 | test_ssh_channel = libssh2_channel_direct_tcpip_ex(test_ssh_session, remote_host, remote_port, local_host, local_port); | |
86 | if (test_ssh_channel == NULL) { | |
87 | int error = libssh2_session_last_error(test_ssh_session, NULL, NULL, 0); | |
88 | printf("Unable to set up \"tunnel\" channel. (%i)\n\n\n", error); | |
89 | } | |
90 | else | |
91 | printf("SSH \"tunnel\" active.\n"); | |
92 | printf("-------------------DONE--------------------\n"); | |
93 | } | |
94 | ||
95 | void tunnel_read(int pass) | |
96 | { | |
97 | // Illustration 2 | |
98 | bzero(buffer, 256); | |
99 | libssh2_channel_read(test_ssh_channel, buffer, 255); | |
100 | printf("CHANNEL_BUFFER:\t%s", buffer); | |
101 | bzero(buffer, 256); | |
102 | } | |
103 | ||
104 | void tunnel_write(char *plaintext[]) | |
105 | { | |
106 | libssh2_channel_write(test_ssh_channel, plaintext, strlen(plaintext)); | |
107 | } | |
108 | ||
109 | /* Flush any data that SSL has written to the BIO, out to the network */ | |
110 | void ssl_wants_write(void) | |
111 | { | |
112 | char buf[1024]; | |
113 | size_t len; | |
114 | ||
115 | while (BIO_ctrl_pending(net_side) > 0 ) | |
116 | { | |
117 | len = BIO_read(net_side, buf, sizeof buf); | |
118 | libssh2_channel_write(test_ssh_channel, buf, len); | |
119 | } | |
120 | } | |
121 | ||
122 | /* SSL needs to read some data from the network to continue */ | |
123 | void ssl_wants_read(void) | |
124 | { | |
125 | char buf[1024]; | |
126 | size_t len; | |
127 | ||
128 | /* First, flush out any written data - otherwise we may deadlock */ | |
129 | ssl_wants_write(); | |
130 | ||
131 | len = libssh2_channel_read(test_ssh_channel, buf, sizeof buf); | |
132 | BIO_write(net_side, buf, len); | |
133 | } | |
134 | ||
135 | main() | |
136 | { | |
137 | int ret; | |
138 | ||
139 | // Start SSH "tunnel" | |
140 | ssh_tunnel(); | |
141 | ||
142 | // SSL setup | |
143 | SSL_library_init(); | |
144 | ||
145 | meth = SSLv23_method(); | |
146 | ctx = SSL_CTX_new(meth); | |
147 | ssl = SSL_new(ctx); | |
148 | BIO_new_bio_pair(ssl_side, net_side); | |
149 | SSL_set_bio(ssl, ssl_side, ssl_side); | |
150 | ||
151 | // Communicate with FTP server. Get welcome note, ask for FTP server to turn on SSL encryption. | |
152 | tunnel_read(0); // Reads FTP identification/welcome string | |
153 | tunnel_write("AUTH SSL\n"); | |
154 | tunnel_read(0); // AUTH SSL successful | |
155 | ||
156 | bzero(buffer, 256); | |
157 | do { | |
158 | ret = SSL_read(ssl, buffer, 255); // If necessary, SSL_read() will negotiate a TLS/SSL session, if not already explicitly performed | |
159 | ||
160 | switch (SSL_get_error(ssl, ret)) | |
161 | { | |
162 | case SSL_ERROR_WANT_READ: | |
163 | ssl_wants_read(); | |
164 | continue; | |
165 | ||
166 | case SSL_ERROR_WANT_WRITE: | |
167 | ssl_wants_write(); | |
168 | continue; | |
169 | ||
170 | default: | |
171 | } | |
172 | } while (ret < 0) | |
173 | ||
174 | printf("SSL read:\t%s\n", buffer); // Empty | |
175 | ||
176 | //printf("Handshake:\t%i\n", SSL_do_handshake(ssl)); // Currently -1: FATAL error. | |
177 | ||
178 | printf("Shutting down.\n"); | |
179 | SSL_shutdown(ssl); | |
180 | } |