Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include "header.h"
- //#include "osal.h"
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
- #include <netinet/in.h>
- #include <sys/socket.h>
- #include <unistd.h>
- #include <arpa/inet.h>
- #include <openssl/ssl.h>
- #include <openssl/err.h>
- #include <openssl/x509.h>
- /*
- #define MAXBUF 1024
- #define SERVER_IP "172.16.20.250"
- #define MASK "255.255.255.0"
- #define GATWAY "172.16.20.1"
- #define DNS_SERVER "192.168.0.111"
- #define SERVER_PORT 7788
- */
- #define MAXBUF 1024
- #define SERVER_IP "127.0.0.1"
- #define SERVER_PORT 7788
- //#define CAFILE "./ca.pem"
- #define SERVCERT "./server.pem"
- #define SERVERKEY "./server.key"
- int SSL_Read_Write(SSL_CTX *ctx, int fd, int client_sockfd)
- {
- SSL *ssl;
- char ssl_buf[MAXBUF];
- socklen_t len;
- ssl = SSL_new(ctx);
- //SSL_set_fd(ssl, new_fd);
- SSL_set_fd(ssl, fd);
- if (SSL_accept(ssl) == -1)
- {
- perror("SSL_accept");
- //close(new_fd);
- close(fd);
- printf("Shehzad\n");
- goto error;
- }
- printf("SSL_accept success.\n");
- printf("Recv\n");
- bzero(ssl_buf, MAXBUF);
- while(1)
- {
- len = SSL_read(ssl, ssl_buf, MAXBUF);
- if(len < 0)
- {
- printf("SSL_read error, errno=%d(%s)\n", errno, strerror(errno));
- ERR_print_errors_fp(stdout);
- exit(-1);
- }
- if(0 == len)
- {
- continue;
- }
- break;
- }
- printf("SSL_read %d bytes: %s\n", len, ssl_buf);
- printf("serving client on fd %d\n", fd);
- bzero(ssl_buf, MAXBUF);
- strcpy(ssl_buf, "Hello Client: This is ssl server ,i have received you msg!\n");
- printf("send\n");
- len = SSL_write(ssl, ssl_buf, strlen(ssl_buf));
- if (len <= 0)
- {
- printf ("SSL_write error, errno=%d(%s)\n",
- errno, strerror(errno));
- goto error;
- }
- printf("SSL_write %d bytes: %s\n", len, ssl_buf);
- error:
- SSL_shutdown(ssl);
- SSL_free(ssl);
- // close(new_fd);
- // close(client_sockfd);
- printf("Inside Got\n");
- return 0;
- }
- int ssl_listen(SSL_CTX *ctx, int sockfd)
- {
- struct sockaddr_in client;
- char ssl_buf[MAXBUF];
- SSL *ssl;
- int new_fd;
- int server_sockfd, client_sockfd;
- struct sockaddr_in client_address;
- int result;
- int server_len, client_len;
- fd_set readfds, testfds; //Added by Srini
- char recv[] ="Recv";
- char send[] ="Send";
- char accep[] ="Accept";
- socklen_t len;
- /*
- printf("Accept\n");
- len = sizeof(struct sockaddr);
- if ((new_fd = accept(sockfd, (struct sockaddr *)&client,&len)) == -1)
- {
- perror("accept");
- exit(1);
- }
- printf("accept from %s, port %d, socket %d\n",inet_ntoa(client.sin_addr),ntohs(client.sin_port), new_fd);
- */
- printf("sockfd = %d\n", sockfd);
- server_sockfd = sockfd;
- FD_ZERO(&readfds);
- FD_SET(server_sockfd, &readfds);
- printf("server_sockfd = %d\n", server_sockfd);
- printf("After set\n");
- /* Now wait for clients and requests.
- Since we have passed a null pointer as the timeout parameter, no timeout will occur.
- The program will exit and report an error if select returns a value of less than 1. */
- int counter;
- counter = 0;
- while(1)
- {
- char ch;
- int fd;
- int nread;
- counter++;
- printf("counter = %d\n", counter);
- testfds = (fd_set)readfds;
- printf("server waiting\n");
- // printf("server_sockfd_while = %d\n", server_sockfd);
- printf("readfds = %d\n",readfds);
- printf("testfds = %d\n", testfds);
- printf("server_sockfd=%d\n", server_sockfd);
- printf("server_sockfd_after = %d\n", server_sockfd);
- result = select(FD_SETSIZE, &testfds, (fd_set *)0,
- (fd_set *)0, (struct timeval *) 0);
- printf("result = %d\n", result);
- if(result < 1) {
- perror("server5");
- exit(1);
- }
- /* Once we know we've got activity,
- we find which descriptor it's on by checking each in turn using FD_ISSET. */
- for(fd = 0; fd < FD_SETSIZE; fd++)
- {
- if(FD_ISSET(fd,&testfds))
- {
- //printf("readfds = %d\tserver_sockfd=%d\ttestfds = %d\tfd = %d\n",readfds, server_sockfd, testfds, fd);
- /* If the activity is on server_sockfd, it must be a request for a new connection
- and we add the associated client_sockfd to the descriptor set. */
- if(fd == server_sockfd)
- {
- client_len = sizeof(client_address);
- client_sockfd = accept(server_sockfd,
- (struct sockaddr *)&client_address, &client_len);
- FD_SET(client_sockfd, &readfds);
- printf("adding client on fd %d\n", client_sockfd);
- }
- /* If it isn't the server, it must be client activity.
- If close is received, the client has gone away and we remove it from the descriptor set.
- Otherwise, we 'serve' the client as in the previous examples. */
- else
- {
- ioctl(fd, FIONREAD, &nread);
- printf("nread = %d\n", nread);
- if(nread == 0)
- {
- close(fd);
- FD_CLR(fd, &readfds);
- printf("removing client on fd %d\n", fd);
- }
- else
- {
- /*
- read(fd, &ch, 1);
- sleep(5);
- printf("serving client on fd %d\n", fd);
- ch++;
- write(fd, &ch, 1);
- */
- SSL_Read_Write(ctx, fd, client_sockfd);
- /*
- ssl = SSL_new(ctx);
- //SSL_set_fd(ssl, new_fd);
- SSL_set_fd(ssl, fd);
- if (SSL_accept(ssl) == -1)
- {
- perror("SSL_accept");
- //close(new_fd);
- close(fd);
- printf("Shehzad\n");
- goto error;
- }
- printf("SSL_accept success.\n");
- printf("Recv\n");
- bzero(ssl_buf, MAXBUF);
- while(1)
- {
- len = SSL_read(ssl, ssl_buf, MAXBUF);
- if(len < 0)
- {
- printf("SSL_read error, errno=%d(%s)\n", errno, strerror(errno));
- ERR_print_errors_fp(stdout);
- exit(-1);
- }
- if(0 == len)
- {
- continue;
- }
- break;
- }
- printf("SSL_read %d bytes: %s\n", len, ssl_buf);
- printf("serving client on fd %d\n", fd);
- bzero(ssl_buf, MAXBUF);
- strcpy(ssl_buf, "Hello Client: This is ssl server ,i have received you msg!\n");
- printf("send\n");
- len = SSL_write(ssl, ssl_buf, strlen(ssl_buf));
- if (len <= 0)
- {
- printf ("SSL_write error, errno=%d(%s)\n",
- errno, strerror(errno));
- goto error;
- }
- printf("SSL_write %d bytes: %s\n", len, ssl_buf);
- */
- }
- }
- }
- }
- }
- /*
- error:
- SSL_shutdown(ssl);
- SSL_free(ssl);
- // close(new_fd);
- close(client_sockfd);
- printf("Inside Got\n");
- */
- return 0;
- }
- //static int SSL_CTX_use_PrivateKey_file_pass(SSL_CTX *ctx,char *filename,char *pass)
- //{
- // EVP_PKEY *pkey=NULL;
- // BIO *key=NULL;
- //
- // key=BIO_new(BIO_s_file());
- // BIO_read_filename(key,filename);
- // pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass);
- // if(pkey==NULL)
- // {
- // printf("PEM_read_bio_PrivateKey err");
- // return -1;
- // }
- // if (SSL_CTX_use_PrivateKey(ctx,pkey) <= 0)
- // {
- // printf("SSL_CTX_use_PrivateKey err\n");
- // return -1;
- // }
- // BIO_free(key);
- // return 1;
- //}
- int server_listen()
- {
- int sockfd;
- struct sockaddr_in server;
- SSL_CTX *ctx;
- SSL_library_init();
- OpenSSL_add_all_algorithms();
- SSL_load_error_strings();
- ctx = SSL_CTX_new(SSLv23_server_method());
- if (ctx == NULL)
- {
- ERR_print_errors_fp(stdout);
- printf("SSL_CTX_new err\n");
- exit(-1);
- }
- // SSL_CTX_set_quiet_shutdown(ctx,1);//�رպ�֪ͨ�Է�
- // SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL);//�Ƿ���Ҫ��֤�Է���ȱʡSSL_VERIFY_NONE����Ҫ��֤��SSL_VERIFY_PEER����Ҫ��֤�Է���wgx mask
- // if ((iret = SSL_CTX_load_verify_locations(ctx,CAFILE,NULL)) == 0)//��Ҫ��֤�Է��ͷ���CA֤��,����SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,NULL)���ú����ɶԳ���,wgx mask
- // {
- // printf("SSL_CTX_load_verify_locations err: %d\n", iret);
- // exit(1);
- // }
- if(SSL_CTX_use_certificate_file(ctx, SERVCERT, SSL_FILETYPE_PEM) <= 0)//�����Լ���֤���ļ�,���������й�Կ
- {
- ERR_print_errors_fp(stdout);
- printf("SSL_CTX_use_certificate_file err\n");
- exit(-1);
- }
- SSL_CTX_set_default_passwd_cb_userdata(ctx,"123456");
- SSL_CTX_use_PrivateKey_file(ctx,SERVCERT,SSL_FILETYPE_PEM);//ֱ�Ӵ�pem�ļ��ж�ȡ˽Կ,������ֱ�Ӵ�key�ļ��ж�ȡ,����2������,�������汻���ε����ݼ���
- // if(SSL_CTX_use_PrivateKey_file_pass(ctx, SERVERKEY, "123456") < 0) //����˽Կ,��key�ļ��ж�ȡ˽Կ,��Ϊ������֤��ʱ�����õ���Կ��123456,���Դ˴�����Կ��123456,��ͬ��֤�����ܴ˴���Կ�һ��
- // {
- // ERR_print_errors_fp(stdout);
- // printf("SSL_CTX_use_PrivateKey_file_pass err\n");
- // exit(-1);
- // }
- if (!SSL_CTX_check_private_key(ctx))//����֤����˽Կ�Ƿ�ƥ��
- {
- printf("SSL_CTX_check_private_key err\n");
- ERR_print_errors_fp(stdout);
- exit(-1);
- }
- // SSL_CTX_set_cipher_list(ctx,"RC4-MD5");//ѡ����ȫͨ��Э�� ��wgx mask
- if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1)
- {
- perror("socket");
- exit(-1);
- }
- bzero(&server, sizeof(server));
- server.sin_family = PF_INET;
- server.sin_port = htons(SERVER_PORT);
- server.sin_addr.s_addr = INADDR_ANY;
- if (bind(sockfd, (struct sockaddr *)&server, sizeof(struct sockaddr)) == -1)
- {
- perror("bind");
- exit(-1);
- }
- if (listen(sockfd, 2) == -1) {
- perror("listen");
- exit(-1);
- }
- ssl_listen(ctx,sockfd);
- close(sockfd);
- SSL_CTX_free(ctx);
- return 0;
- }
- int SslServer()
- {
- printf("SSL Server\n");
- printf("SSL Listen\n");
- server_listen();
- return 0;
- }
- int main()
- {
- int ret;
- SslServer();
- usleep(100*2000);
- return 0;
- }
Add Comment
Please, Sign In to add comment