caf

1. #include <openssl/ssl.h>
2. #include <stdio.h>
3. #include <sys/types.h>
4. #include <sys/socket.h>
5. #include <netinet/in.h>
6. #include <netdb.h>
7. #include <time.h>
8. #include <string.h>
9. #include <regex.h>
10. #include <libssh2.h>
11.  
12. //# include <netinet/in.h>
13. #ifdef HAVE_WINDOWS_H
14. # include <windows.h>
15. #endif
16. #ifdef HAVE_WINSOCK2_H
17. # include <winsock2.h>
18. #endif
19.  
20. /* FTP-SSL test
21.  * -o sshssl sshssl.c -lssl -lcrypto -lssh2
22. */
23.  
24. // Functions
25. void tunnel_read(int pass);
26. void tunnel_write(char *plaintext[]);
27.  
28. // Variables: core
29. char buffer[256];        
30. clock_t time_start = 0;
31.  
32. // Variables: SSL
33. SSL        *ssl;
34. SSL_METHOD *meth;
35. SSL_CTX    *ctx;
36. BIO        *ssl_side;
37. BIO        *net_side;
38.  
39. // Variables: SSH
40. LIBSSH2_SESSION *test_ssh_session;
41. LIBSSH2_CHANNEL *test_ssh_channel;
42. struct hostent *test_ssh_host;
43. const char *ssh_hostname = "censored";
44. const char *test_ssh_user = "censored";
45. const char *test_ssh_pass = "censored";
46. int *test_ssh_sock;
47. struct sockaddr_in test_ssh_addr;
48. const char *remote_host = // censored
49. const char *local_host  = "127.0.0.1";
50. int remote_port = 21;
51. int local_port  = 21;
52.  
53. ssh_tunnel()
54. {
55.     printf("----------setting up SSH \"tunnel\"----------\n");
56.     // Setting up hostnames, IPs and ports
57.     test_ssh_host = gethostbyname(ssh_hostname);
58.     bzero((char *) &test_ssh_addr, sizeof(test_ssh_addr));
59.     test_ssh_addr.sin_family = AF_INET;
60.     bcopy((char *)test_ssh_host->h_addr, (char *)&test_ssh_addr.sin_addr.s_addr, test_ssh_host->h_length);
61.     test_ssh_addr.sin_port = htons(22);
62.  
63.     // Underlying SSH socket
64.     test_ssh_sock = socket(AF_INET, SOCK_STREAM, 0);
65.  
66.     // Connect socket to SSH host:port
67.     if (connect(test_ssh_sock,&test_ssh_addr, sizeof(test_ssh_addr)) < 0)
68.         printf("Couldn't connect to SSH server!\n");
69.     else
70.         printf("Connected to SSH server.\n");
71.  
72.     // Setting up the SSH session for tunneling.
73.     test_ssh_session = libssh2_session_init();
74.  
75.     if (libssh2_session_startup(test_ssh_session, test_ssh_sock) != 0)
76.         printf("Unable to start session.\n");
77.     if (libssh2_userauth_password(test_ssh_session, test_ssh_user, test_ssh_pass) != 0)
78.         printf("Bad user/pw.\n");
79.     if (!(test_ssh_channel = libssh2_channel_open_session(test_ssh_session)))
80.         printf("Failed to open session");
81.     if (libssh2_channel_shell(test_ssh_channel))
82.         printf("Failed requesting shell.\n");
83.  
84.     // "Tunnel"
85.     test_ssh_channel = libssh2_channel_direct_tcpip_ex(test_ssh_session, remote_host, remote_port, local_host, local_port);
86.     if (test_ssh_channel == NULL) {
87.         int error = libssh2_session_last_error(test_ssh_session, NULL, NULL, 0);
88.         printf("Unable to set up \"tunnel\" channel. (%i)\n\n\n", error);
89.     }
90.     else
91.         printf("SSH \"tunnel\" active.\n");
92.     printf("-------------------DONE--------------------\n");
93. }
94.  
95. void tunnel_read(int pass)
96. {
97.     // Illustration 2
98.     bzero(buffer, 256);
99.     libssh2_channel_read(test_ssh_channel, buffer, 255);
100.     printf("CHANNEL_BUFFER:\t%s", buffer);
101.     bzero(buffer, 256);
102. }
103.  
104. void tunnel_write(char *plaintext[])
105. {
106.     libssh2_channel_write(test_ssh_channel, plaintext, strlen(plaintext));
107. }
108.  
109. /* Flush any data that SSL has written to the BIO, out to the network */
110. void ssl_wants_write(void)
111. {
112.     char buf[1024];
113.     size_t len;
114.  
115.     while (BIO_ctrl_pending(net_side) > 0 )
116.     {
117.         len = BIO_read(net_side, buf, sizeof buf);
118.         libssh2_channel_write(test_ssh_channel, buf, len);
119.     }
120. }
121.  
122. /* SSL needs to read some data from the network to continue */
123. void ssl_wants_read(void)
124. {
125.     char buf[1024];
126.     size_t len;
127.  
128.     /* First, flush out any written data - otherwise we may deadlock */
129.     ssl_wants_write();
130.  
131.     len = libssh2_channel_read(test_ssh_channel, buf, sizeof buf);
132.     BIO_write(net_side, buf, len);
133. }
134.  
135. main()
136. {
137.         int ret;
138.  
139.     // Start SSH "tunnel"
140.     ssh_tunnel();
141.  
142.     // SSL setup
143.     SSL_library_init();
144.  
145.     meth = SSLv23_method();
146.     ctx  = SSL_CTX_new(meth);
147.     ssl  = SSL_new(ctx);
148.     BIO_new_bio_pair(ssl_side, net_side);
149.     SSL_set_bio(ssl, ssl_side, ssl_side);
150.  
151.     // Communicate with FTP server. Get welcome note, ask for FTP server to turn on SSL encryption.
152.     tunnel_read(0);                                         // Reads FTP identification/welcome string
153.     tunnel_write("AUTH SSL\n");
154.     tunnel_read(0);                                         // AUTH SSL successful
155.  
156.     bzero(buffer, 256);
157.         do {
158.             ret = SSL_read(ssl, buffer, 255); // If necessary, SSL_read() will negotiate a TLS/SSL session, if not already explicitly performed
159.  
160.             switch (SSL_get_error(ssl, ret))
161.             {
162.                 case SSL_ERROR_WANT_READ:
163.                     ssl_wants_read();
164.                     continue;
165.  
166.                 case SSL_ERROR_WANT_WRITE:
167.                     ssl_wants_write();
168.                     continue;
169.            
170.                 default:
171.             }
172.         } while (ret < 0)
173.  
174.     printf("SSL read:\t%s\n", buffer);                      // Empty
175.    
176.     //printf("Handshake:\t%i\n", SSL_do_handshake(ssl));        // Currently -1: FATAL error.
177.  
178.     printf("Shutting down.\n");
179.     SSL_shutdown(ssl);
180. }