added web

1 files changed, 369 insertions, 0 deletions

diff --git a/manual/html_node/Echo-server-with-OpenPGP-authentication.html b/manual/html_node/Echo-server-with-OpenPGP-authentication.html
new file mode 100644
index 0000000000..035e6fc43b
--- /dev/null
+++ b/manual/html_node/Echo-server-with-OpenPGP-authentication.html
@@ -0,0 +1,369 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<!-- This manual is last updated 17 November 2012 for version
+3.1.5 of GnuTLS.
+
+Copyright (C) 2001-2012 Free Software Foundation, Inc.
+
+Permission is granted to copy, distribute and/or modify this document
+under the terms of the GNU Free Documentation License, Version 1.3 or
+any later version published by the Free Software Foundation; with no
+Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.  A
+copy of the license is included in the section entitled "GNU Free
+Documentation License". -->
+<!-- Created by GNU Texinfo 4.13.90, http://www.gnu.org/software/texinfo/ -->
+<head>
+<title>GnuTLS 3.1.5: Echo server with OpenPGP authentication</title>
+
+<meta name="description" content="GnuTLS 3.1.5: Echo server with OpenPGP authentication">
+<meta name="keywords" content="GnuTLS 3.1.5: Echo server with OpenPGP authentication">
+<meta name="resource-type" content="document">
+<meta name="distribution" content="global">
+<meta name="Generator" content="makeinfo">
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link href="index.html#Top" rel="start" title="Top">
+<link href="Function-and-Data-Index.html#Function-and-Data-Index" rel="index" title="Function and Data Index">
+<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents">
+<link href="Server-examples.html#Server-examples" rel="up" title="Server examples">
+<link href="Echo-server-with-SRP-authentication.html#Echo-server-with-SRP-authentication" rel="next" title="Echo server with SRP authentication">
+<link href="Echo-server-with-X_002e509-authentication.html#Echo-server-with-X_002e509-authentication" rel="previous" title="Echo server with X.509 authentication">
+<style type="text/css">
+<!--
+a.summary-letter {text-decoration: none}
+blockquote.smallquotation {font-size: smaller}
+div.display {margin-left: 3.2em}
+div.example {margin-left: 3.2em}
+div.indentedblock {margin-left: 3.2em}
+div.lisp {margin-left: 3.2em}
+div.smalldisplay {margin-left: 3.2em}
+div.smallexample {margin-left: 3.2em}
+div.smallindentedblock {margin-left: 3.2em; font-size: smaller}
+div.smalllisp {margin-left: 3.2em}
+kbd {font-style:oblique}
+pre.display {font-family: inherit}
+pre.format {font-family: inherit}
+pre.menu-comment {font-family: serif}
+pre.menu-preformatted {font-family: serif}
+pre.smalldisplay {font-family: inherit; font-size: smaller}
+pre.smallexample {font-size: smaller}
+pre.smallformat {font-family: inherit; font-size: smaller}
+pre.smalllisp {font-size: smaller}
+span.nocodebreak {white-space:nowrap}
+span.nolinebreak {white-space:nowrap}
+span.roman {font-family:serif; font-weight:normal}
+span.sansserif {font-family:sans-serif; font-weight:normal}
+ul.no-bullet {list-style: none}
+body { 
+	margin: 2%;
+	padding: 0 5%;
+	background: #ffffff;
+}
+h1,h2,h3,h4,h5 {
+    font-weight: bold;
+    padding: 5px 5px 5px 5px;
+    background-color: #c2e0ff;
+    color: #336699;
+}
+h1 {
+    padding: 2em 2em 2em 5%;
+    color: white;
+    background: #336699;
+    text-align: center;
+    letter-spacing: 3px;
+}
+h2 { text-decoration: underline; }
+pre {
+  margin: 0 5%;
+  padding: 0.5em;
+}
+pre.example,pre.verbatim {
+  padding-bottom: 1em;
+
+  border: solid #c2e0ff;
+  background: #f0faff;
+  border-width: 1px 1px 1px 5px;
+  margin: 1em auto;
+  width: 90%;
+}
+
+div.node {
+  margin: 0 -5% 0 -2%;
+  padding: 0.5em 0.5em;
+  margin-top: 0.5em;
+  margin-bottom: 0.5em;
+  font-weight: bold;
+}
+dd, li {
+  padding-top: 0.1em;
+  padding-bottom: 0.1em;
+}
+div.float {
+
+  margin-bottom: 0.5em;
+  text-align: center;
+}
+
+table {
+  text-align: left;
+  margin-left:auto;
+  margin-right:auto;
+  width: 50%;
+}
+
+th {
+  padding: 0;
+  color: #336699;
+  background-color: #c2e0ff;
+  border: solid #000000;
+  border-width: 0px;
+  margin: 1em auto;
+  text-align: center;
+  margin-left:auto;
+  margin-right:auto;
+}
+
+td {
+  padding: 0;
+  border: solid #000000;
+  background-color: #f0faff;
+  border-width: 0px;
+  margin: 1em auto;
+  text-align: left;
+  margin-left:auto;
+  margin-right:auto;
+  padding-left: 1em;
+}
+
+dl {
+  text-align: left;
+  margin-left:auto;
+  margin-right:auto;
+  width: 50%;
+
+  padding-left: 1em;
+  border: solid #c2e0ff;
+  background: #f0faff;
+  border-width: 5px 1px 1px 1px;
+  margin: 1em auto;
+}
+
+-->
+</style>
+
+
+</head>
+
+<body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
+<a name="Echo-server-with-OpenPGP-authentication"></a>
+<div class="header">
+<p>
+Next: <a href="Echo-server-with-SRP-authentication.html#Echo-server-with-SRP-authentication" accesskey="n" rel="next">Echo server with SRP authentication</a>, Previous: <a href="Echo-server-with-X_002e509-authentication.html#Echo-server-with-X_002e509-authentication" accesskey="p" rel="previous">Echo server with X.509 authentication</a>, Up: <a href="Server-examples.html#Server-examples" accesskey="u" rel="up">Server examples</a> &nbsp; [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p>
+</div>
+<hr>
+<a name="Echo-server-with-OpenPGP-authentication-1"></a>
+<h4 class="subsection">9.2.2 Echo server with <acronym>OpenPGP</acronym> authentication</h4>
+<a name="index-OpenPGP-server"></a>
+
+<p>The following example is an echo server which supports
+<acronym>OpenPGP</acronym> key authentication. You can easily combine
+this functionality &mdash;that is have a server that supports both
+<acronym>X.509</acronym> and <acronym>OpenPGP</acronym> certificates&mdash; but we separated
+them to keep these examples as simple as possible.
+</p>
+<pre class="verbatim">/* This example code is placed in the public domain. */
+
+#ifdef HAVE_CONFIG_H
+#include &lt;config.h&gt;
+#endif
+
+#include &lt;stdio.h&gt;
+#include &lt;stdlib.h&gt;
+#include &lt;errno.h&gt;
+#include &lt;sys/types.h&gt;
+#include &lt;sys/socket.h&gt;
+#include &lt;arpa/inet.h&gt;
+#include &lt;netinet/in.h&gt;
+#include &lt;string.h&gt;
+#include &lt;unistd.h&gt;
+#include &lt;gnutls/gnutls.h&gt;
+#include &lt;gnutls/openpgp.h&gt;
+
+#define KEYFILE &quot;secret.asc&quot;
+#define CERTFILE &quot;public.asc&quot;
+#define RINGFILE &quot;ring.gpg&quot;
+
+/* This is a sample TLS 1.0-OpenPGP echo server.
+ */
+
+
+#define SOCKET_ERR(err,s) if(err==-1) {perror(s);return(1);}
+#define MAX_BUF 1024
+#define PORT 5556               /* listen to 5556 port */
+#define DH_BITS 1024
+
+/* These are global */
+gnutls_certificate_credentials_t cred;
+gnutls_dh_params_t dh_params;
+
+static int
+generate_dh_params (void)
+{
+
+  /* Generate Diffie-Hellman parameters - for use with DHE
+   * kx algorithms. These should be discarded and regenerated
+   * once a day, once a week or once a month. Depending on the
+   * security requirements.
+   */
+  gnutls_dh_params_init (&amp;dh_params);
+  gnutls_dh_params_generate2 (dh_params, DH_BITS);
+
+  return 0;
+}
+
+static gnutls_session_t
+initialize_tls_session (void)
+{
+  gnutls_session_t session;
+
+  gnutls_init (&amp;session, GNUTLS_SERVER);
+
+  gnutls_priority_set_direct (session, &quot;NORMAL:+CTYPE-OPENPGP&quot;, NULL);
+
+  /* request client certificate if any.
+   */
+  gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
+
+  gnutls_dh_set_prime_bits (session, DH_BITS);
+
+  return session;
+}
+
+int
+main (void)
+{
+  int err, listen_sd;
+  int sd, ret;
+  struct sockaddr_in sa_serv;
+  struct sockaddr_in sa_cli;
+  socklen_t client_len;
+  char topbuf[512];
+  gnutls_session_t session;
+  char buffer[MAX_BUF + 1];
+  int optval = 1;
+  char name[256];
+
+  strcpy (name, &quot;Echo Server&quot;);
+
+  /* this must be called once in the program
+   */
+  gnutls_global_init ();
+
+  gnutls_certificate_allocate_credentials (&amp;cred);
+  gnutls_certificate_set_openpgp_keyring_file (cred, RINGFILE,
+                                               GNUTLS_OPENPGP_FMT_BASE64);
+
+  gnutls_certificate_set_openpgp_key_file (cred, CERTFILE, KEYFILE,
+                                           GNUTLS_OPENPGP_FMT_BASE64);
+
+  generate_dh_params ();
+
+  gnutls_certificate_set_dh_params (cred, dh_params);
+
+  /* Socket operations
+   */
+  listen_sd = socket (AF_INET, SOCK_STREAM, 0);
+  SOCKET_ERR (listen_sd, &quot;socket&quot;);
+
+  memset (&amp;sa_serv, '\0', sizeof (sa_serv));
+  sa_serv.sin_family = AF_INET;
+  sa_serv.sin_addr.s_addr = INADDR_ANY;
+  sa_serv.sin_port = htons (PORT);      /* Server Port number */
+
+  setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &amp;optval,
+              sizeof (int));
+
+  err = bind (listen_sd, (struct sockaddr *) &amp; sa_serv, sizeof (sa_serv));
+  SOCKET_ERR (err, &quot;bind&quot;);
+  err = listen (listen_sd, 1024);
+  SOCKET_ERR (err, &quot;listen&quot;);
+
+  printf (&quot;%s ready. Listening to port '%d'.\n\n&quot;, name, PORT);
+
+  client_len = sizeof (sa_cli);
+  for (;;)
+    {
+      session = initialize_tls_session ();
+
+      sd = accept (listen_sd, (struct sockaddr *) &amp; sa_cli, &amp;client_len);
+
+      printf (&quot;- connection from %s, port %d\n&quot;,
+              inet_ntop (AF_INET, &amp;sa_cli.sin_addr, topbuf,
+                         sizeof (topbuf)), ntohs (sa_cli.sin_port));
+
+      gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
+      ret = gnutls_handshake (session);
+      if (ret &lt; 0)
+        {
+          close (sd);
+          gnutls_deinit (session);
+          fprintf (stderr, &quot;*** Handshake has failed (%s)\n\n&quot;,
+                   gnutls_strerror (ret));
+          continue;
+        }
+      printf (&quot;- Handshake was completed\n&quot;);
+
+      /* see the Getting peer's information example */
+      /* print_info(session); */
+
+      for (;;)
+        {
+          memset (buffer, 0, MAX_BUF + 1);
+          ret = gnutls_record_recv (session, buffer, MAX_BUF);
+
+          if (ret == 0)
+            {
+              printf (&quot;\n- Peer has closed the GnuTLS connection\n&quot;);
+              break;
+            }
+          else if (ret &lt; 0)
+            {
+              fprintf (stderr, &quot;\n*** Received corrupted &quot;
+                       &quot;data(%d). Closing the connection.\n\n&quot;, ret);
+              break;
+            }
+          else if (ret &gt; 0)
+            {
+              /* echo data back to the client
+               */
+              gnutls_record_send (session, buffer, strlen (buffer));
+            }
+        }
+      printf (&quot;\n&quot;);
+      /* do not wait for the peer to close the connection.
+       */
+      gnutls_bye (session, GNUTLS_SHUT_WR);
+
+      close (sd);
+      gnutls_deinit (session);
+
+    }
+  close (listen_sd);
+
+  gnutls_certificate_free_credentials (cred);
+
+  gnutls_global_deinit ();
+
+  return 0;
+
+}
+</pre>
+<hr>
+<div class="header">
+<p>
+Next: <a href="Echo-server-with-SRP-authentication.html#Echo-server-with-SRP-authentication" accesskey="n" rel="next">Echo server with SRP authentication</a>, Previous: <a href="Echo-server-with-X_002e509-authentication.html#Echo-server-with-X_002e509-authentication" accesskey="p" rel="previous">Echo server with X.509 authentication</a>, Up: <a href="Server-examples.html#Server-examples" accesskey="u" rel="up">Server examples</a> &nbsp; [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p>
+</div>
+
+
+
+</body>
+</html>