summaryrefslogtreecommitdiff
path: root/doc/examples/ex-serv-x509.c
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2013-11-08 22:14:07 +0100
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2013-11-08 22:17:10 +0100
commit76c93d23c073ef8b885503b7d28a31ffe2add6d8 (patch)
tree1dd2d22a197bc40c5330e516969a7cb1ae9bc96f /doc/examples/ex-serv-x509.c
parent559a144f6bbcbb611453f82e655dd7438c14d1a7 (diff)
downloadgnutls-76c93d23c073ef8b885503b7d28a31ffe2add6d8.tar.gz
reindented code
Diffstat (limited to 'doc/examples/ex-serv-x509.c')
-rw-r--r--doc/examples/ex-serv-x509.c295
1 files changed, 147 insertions, 148 deletions
diff --git a/doc/examples/ex-serv-x509.c b/doc/examples/ex-serv-x509.c
index 2060f80a8b..bc5b371877 100644
--- a/doc/examples/ex-serv-x509.c
+++ b/doc/examples/ex-serv-x509.c
@@ -38,165 +38,164 @@
/* These are global */
static gnutls_dh_params_t dh_params;
-static int
-generate_dh_params (void)
+static int generate_dh_params(void)
{
- unsigned int bits =
- gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY);
+ unsigned int bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH,
+ GNUTLS_SEC_PARAM_LEGACY);
- /* Generate Diffie-Hellman parameters - for use with DHE
- * kx algorithms. When short bit length is used, it might
- * be wise to regenerate parameters often.
- */
- gnutls_dh_params_init (&dh_params);
- gnutls_dh_params_generate2 (dh_params, bits);
+ /* Generate Diffie-Hellman parameters - for use with DHE
+ * kx algorithms. When short bit length is used, it might
+ * be wise to regenerate parameters often.
+ */
+ gnutls_dh_params_init(&dh_params);
+ gnutls_dh_params_generate2(dh_params, bits);
- return 0;
+ return 0;
}
-int
-main (void)
+int main(void)
{
- int listen_sd;
- int sd, ret;
- gnutls_certificate_credentials_t x509_cred;
- gnutls_priority_t priority_cache;
- struct sockaddr_in sa_serv;
- struct sockaddr_in sa_cli;
- socklen_t client_len;
- char topbuf[512];
- gnutls_session_t session;
- char buffer[MAX_BUF + 1];
- int optval = 1;
-
- /* this must be called once in the program
- */
- gnutls_global_init ();
-
- gnutls_certificate_allocate_credentials (&x509_cred);
- /* gnutls_certificate_set_x509_system_trust(xcred); */
- gnutls_certificate_set_x509_trust_file (x509_cred, CAFILE,
- GNUTLS_X509_FMT_PEM);
-
- gnutls_certificate_set_x509_crl_file (x509_cred, CRLFILE,
- GNUTLS_X509_FMT_PEM);
-
- ret = gnutls_certificate_set_x509_key_file (x509_cred, CERTFILE, KEYFILE,
- GNUTLS_X509_FMT_PEM);
- if (ret < 0)
- {
- printf("No certificate or key were found\n");
- exit(1);
- }
-
- /* loads an OCSP status request if available */
- gnutls_certificate_set_ocsp_status_request_file(x509_cred, OCSP_STATUS_FILE, 0);
-
- generate_dh_params ();
-
- gnutls_priority_init (&priority_cache, "PERFORMANCE:%SERVER_PRECEDENCE", NULL);
-
-
- gnutls_certificate_set_dh_params (x509_cred, dh_params);
-
- /* Socket operations
- */
- listen_sd = socket (AF_INET, SOCK_STREAM, 0);
-
- memset (&sa_serv, '\0', sizeof (sa_serv));
- sa_serv.sin_family = AF_INET;
- sa_serv.sin_addr.s_addr = INADDR_ANY;
- sa_serv.sin_port = htons (PORT); /* Server Port number */
-
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
- sizeof (int));
-
- bind (listen_sd, (struct sockaddr *) & sa_serv, sizeof (sa_serv));
-
- listen (listen_sd, 1024);
-
- printf ("Server ready. Listening to port '%d'.\n\n", PORT);
-
- client_len = sizeof (sa_cli);
- for (;;)
- {
- gnutls_init (&session, GNUTLS_SERVER);
- gnutls_priority_set (session, priority_cache);
- gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred);
- /* We don't request any certificate from the client.
- * If we did we would need to verify it.
- */
- gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE);
-
- sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len);
-
- printf ("- connection from %s, port %d\n",
- inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf,
- sizeof (topbuf)), ntohs (sa_cli.sin_port));
-
- gnutls_transport_set_int (session, sd);
-
- do
- {
- ret = gnutls_handshake (session);
- }
- while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
-
- if (ret < 0)
- {
- close (sd);
- gnutls_deinit (session);
- fprintf (stderr, "*** Handshake has failed (%s)\n\n",
- gnutls_strerror (ret));
- continue;
+ int listen_sd;
+ int sd, ret;
+ gnutls_certificate_credentials_t x509_cred;
+ gnutls_priority_t priority_cache;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ socklen_t client_len;
+ char topbuf[512];
+ gnutls_session_t session;
+ char buffer[MAX_BUF + 1];
+ int optval = 1;
+
+ /* this must be called once in the program
+ */
+ gnutls_global_init();
+
+ gnutls_certificate_allocate_credentials(&x509_cred);
+ /* gnutls_certificate_set_x509_system_trust(xcred); */
+ gnutls_certificate_set_x509_trust_file(x509_cred, CAFILE,
+ GNUTLS_X509_FMT_PEM);
+
+ gnutls_certificate_set_x509_crl_file(x509_cred, CRLFILE,
+ GNUTLS_X509_FMT_PEM);
+
+ ret =
+ gnutls_certificate_set_x509_key_file(x509_cred, CERTFILE,
+ KEYFILE,
+ GNUTLS_X509_FMT_PEM);
+ if (ret < 0) {
+ printf("No certificate or key were found\n");
+ exit(1);
}
- printf ("- Handshake was completed\n");
-
- /* see the Getting peer's information example */
- /* print_info(session); */
-
- for (;;)
- {
- ret = gnutls_record_recv (session, buffer, MAX_BUF);
-
- if (ret == 0)
- {
- printf ("\n- Peer has closed the GnuTLS connection\n");
- break;
- }
- else if (ret < 0 && gnutls_error_is_fatal (ret) == 0)
- {
- fprintf (stderr, "*** Warning: %s\n", gnutls_strerror (ret));
- }
- else if (ret < 0)
- {
- fprintf (stderr, "\n*** Received corrupted "
- "data(%d). Closing the connection.\n\n", ret);
- break;
- }
- else if (ret > 0)
- {
- /* echo data back to the client
- */
- gnutls_record_send (session, buffer, ret);
- }
- }
- printf ("\n");
- /* do not wait for the peer to close the connection.
- */
- gnutls_bye (session, GNUTLS_SHUT_WR);
- close (sd);
- gnutls_deinit (session);
+ /* loads an OCSP status request if available */
+ gnutls_certificate_set_ocsp_status_request_file(x509_cred,
+ OCSP_STATUS_FILE,
+ 0);
+
+ generate_dh_params();
+
+ gnutls_priority_init(&priority_cache,
+ "PERFORMANCE:%SERVER_PRECEDENCE", NULL);
+
+
+ gnutls_certificate_set_dh_params(x509_cred, dh_params);
+
+ /* Socket operations
+ */
+ listen_sd = socket(AF_INET, SOCK_STREAM, 0);
+
+ memset(&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons(PORT); /* Server Port number */
+
+ setsockopt(listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof(int));
+
+ bind(listen_sd, (struct sockaddr *) &sa_serv, sizeof(sa_serv));
+
+ listen(listen_sd, 1024);
+
+ printf("Server ready. Listening to port '%d'.\n\n", PORT);
+
+ client_len = sizeof(sa_cli);
+ for (;;) {
+ gnutls_init(&session, GNUTLS_SERVER);
+ gnutls_priority_set(session, priority_cache);
+ gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
+ x509_cred);
+ /* We don't request any certificate from the client.
+ * If we did we would need to verify it.
+ */
+ gnutls_certificate_server_set_request(session,
+ GNUTLS_CERT_IGNORE);
+
+ sd = accept(listen_sd, (struct sockaddr *) &sa_cli,
+ &client_len);
+
+ printf("- connection from %s, port %d\n",
+ inet_ntop(AF_INET, &sa_cli.sin_addr, topbuf,
+ sizeof(topbuf)), ntohs(sa_cli.sin_port));
+
+ gnutls_transport_set_int(session, sd);
+
+ do {
+ ret = gnutls_handshake(session);
+ }
+ while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
+
+ if (ret < 0) {
+ close(sd);
+ gnutls_deinit(session);
+ fprintf(stderr,
+ "*** Handshake has failed (%s)\n\n",
+ gnutls_strerror(ret));
+ continue;
+ }
+ printf("- Handshake was completed\n");
+
+ /* see the Getting peer's information example */
+ /* print_info(session); */
+
+ for (;;) {
+ ret = gnutls_record_recv(session, buffer, MAX_BUF);
+
+ if (ret == 0) {
+ printf
+ ("\n- Peer has closed the GnuTLS connection\n");
+ break;
+ } else if (ret < 0
+ && gnutls_error_is_fatal(ret) == 0) {
+ fprintf(stderr, "*** Warning: %s\n",
+ gnutls_strerror(ret));
+ } else if (ret < 0) {
+ fprintf(stderr, "\n*** Received corrupted "
+ "data(%d). Closing the connection.\n\n",
+ ret);
+ break;
+ } else if (ret > 0) {
+ /* echo data back to the client
+ */
+ gnutls_record_send(session, buffer, ret);
+ }
+ }
+ printf("\n");
+ /* do not wait for the peer to close the connection.
+ */
+ gnutls_bye(session, GNUTLS_SHUT_WR);
+
+ close(sd);
+ gnutls_deinit(session);
- }
- close (listen_sd);
+ }
+ close(listen_sd);
- gnutls_certificate_free_credentials (x509_cred);
- gnutls_priority_deinit (priority_cache);
+ gnutls_certificate_free_credentials(x509_cred);
+ gnutls_priority_deinit(priority_cache);
- gnutls_global_deinit ();
+ gnutls_global_deinit();
- return 0;
+ return 0;
}
View Lorry Controller Status