diff options
Diffstat (limited to 'doc/examples/ex-serv-srp.c')
-rw-r--r-- | doc/examples/ex-serv-srp.c | 261 |
1 files changed, 130 insertions, 131 deletions
diff --git a/doc/examples/ex-serv-srp.c b/doc/examples/ex-serv-srp.c index 3a95edd172..44b0a711ad 100644 --- a/doc/examples/ex-serv-srp.c +++ b/doc/examples/ex-serv-srp.c @@ -29,141 +29,140 @@ #define MAX_BUF 1024 #define PORT 5556 /* listen to 5556 port */ -int -main (void) +int main(void) { - int err, listen_sd; - int sd, ret; - struct sockaddr_in sa_serv; - struct sockaddr_in sa_cli; - socklen_t client_len; - char topbuf[512]; - gnutls_session_t session; - gnutls_srp_server_credentials_t srp_cred; - gnutls_certificate_credentials_t cert_cred; - char buffer[MAX_BUF + 1]; - int optval = 1; - char name[256]; - - strcpy (name, "Echo Server"); - - gnutls_global_init (); - - /* SRP_PASSWD a password file (created with the included srptool utility) - */ - gnutls_srp_allocate_server_credentials (&srp_cred); - gnutls_srp_set_server_credentials_file (srp_cred, SRP_PASSWD, - SRP_PASSWD_CONF); - - gnutls_certificate_allocate_credentials (&cert_cred); - gnutls_certificate_set_x509_trust_file (cert_cred, CAFILE, - GNUTLS_X509_FMT_PEM); - gnutls_certificate_set_x509_key_file (cert_cred, CERTFILE, KEYFILE, - GNUTLS_X509_FMT_PEM); - - /* TCP socket operations - */ - listen_sd = socket (AF_INET, SOCK_STREAM, 0); - SOCKET_ERR (listen_sd, "socket"); - - memset (&sa_serv, '\0', sizeof (sa_serv)); - sa_serv.sin_family = AF_INET; - sa_serv.sin_addr.s_addr = INADDR_ANY; - sa_serv.sin_port = htons (PORT); /* Server Port number */ - - setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, - sizeof (int)); - - err = bind (listen_sd, (struct sockaddr *) & sa_serv, sizeof (sa_serv)); - SOCKET_ERR (err, "bind"); - err = listen (listen_sd, 1024); - SOCKET_ERR (err, "listen"); - - printf ("%s ready. Listening to port '%d'.\n\n", name, PORT); - - client_len = sizeof (sa_cli); - for (;;) - { - gnutls_init (&session, GNUTLS_SERVER); - gnutls_priority_set_direct (session, - "NORMAL:-KX-ALL:+SRP:+SRP-DSS:+SRP-RSA", NULL); - gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred); - /* for the certificate authenticated ciphersuites. - */ - gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cert_cred); - - /* request client certificate if any. - */ - gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE); - - sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len); - - printf ("- connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); - - gnutls_transport_set_int (session, sd); - - do - { - ret = gnutls_handshake (session); - } - while (ret < 0 && gnutls_error_is_fatal (ret) == 0); - - if (ret < 0) - { - close (sd); - gnutls_deinit (session); - fprintf (stderr, "*** Handshake has failed (%s)\n\n", - gnutls_strerror (ret)); - continue; - } - printf ("- Handshake was completed\n"); - printf ("- User %s was connected\n", gnutls_srp_server_get_username(session)); - - /* print_info(session); */ - - for (;;) - { - ret = gnutls_record_recv (session, buffer, MAX_BUF); - - if (ret == 0) - { - printf ("\n- Peer has closed the GnuTLS connection\n"); - break; - } - else if (ret < 0 && gnutls_error_is_fatal (ret) == 0) - { - fprintf (stderr, "*** Warning: %s\n", gnutls_strerror (ret)); - } - else if (ret < 0) - { - fprintf (stderr, "\n*** Received corrupted " - "data(%d). Closing the connection.\n\n", ret); - break; - } - else if (ret > 0) - { - /* echo data back to the client - */ - gnutls_record_send (session, buffer, ret); - } - } - printf ("\n"); - /* do not wait for the peer to close the connection. */ - gnutls_bye (session, GNUTLS_SHUT_WR); + int err, listen_sd; + int sd, ret; + struct sockaddr_in sa_serv; + struct sockaddr_in sa_cli; + socklen_t client_len; + char topbuf[512]; + gnutls_session_t session; + gnutls_srp_server_credentials_t srp_cred; + gnutls_certificate_credentials_t cert_cred; + char buffer[MAX_BUF + 1]; + int optval = 1; + char name[256]; + + strcpy(name, "Echo Server"); + + gnutls_global_init(); + + /* SRP_PASSWD a password file (created with the included srptool utility) + */ + gnutls_srp_allocate_server_credentials(&srp_cred); + gnutls_srp_set_server_credentials_file(srp_cred, SRP_PASSWD, + SRP_PASSWD_CONF); + + gnutls_certificate_allocate_credentials(&cert_cred); + gnutls_certificate_set_x509_trust_file(cert_cred, CAFILE, + GNUTLS_X509_FMT_PEM); + gnutls_certificate_set_x509_key_file(cert_cred, CERTFILE, KEYFILE, + GNUTLS_X509_FMT_PEM); + + /* TCP socket operations + */ + listen_sd = socket(AF_INET, SOCK_STREAM, 0); + SOCKET_ERR(listen_sd, "socket"); + + memset(&sa_serv, '\0', sizeof(sa_serv)); + sa_serv.sin_family = AF_INET; + sa_serv.sin_addr.s_addr = INADDR_ANY; + sa_serv.sin_port = htons(PORT); /* Server Port number */ + + setsockopt(listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, + sizeof(int)); + + err = + bind(listen_sd, (struct sockaddr *) &sa_serv, sizeof(sa_serv)); + SOCKET_ERR(err, "bind"); + err = listen(listen_sd, 1024); + SOCKET_ERR(err, "listen"); + + printf("%s ready. Listening to port '%d'.\n\n", name, PORT); + + client_len = sizeof(sa_cli); + for (;;) { + gnutls_init(&session, GNUTLS_SERVER); + gnutls_priority_set_direct(session, + "NORMAL:-KX-ALL:+SRP:+SRP-DSS:+SRP-RSA", + NULL); + gnutls_credentials_set(session, GNUTLS_CRD_SRP, srp_cred); + /* for the certificate authenticated ciphersuites. + */ + gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, + cert_cred); + + /* request client certificate if any. + */ + gnutls_certificate_server_set_request(session, + GNUTLS_CERT_IGNORE); + + sd = accept(listen_sd, (struct sockaddr *) &sa_cli, + &client_len); + + printf("- connection from %s, port %d\n", + inet_ntop(AF_INET, &sa_cli.sin_addr, topbuf, + sizeof(topbuf)), ntohs(sa_cli.sin_port)); + + gnutls_transport_set_int(session, sd); + + do { + ret = gnutls_handshake(session); + } + while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + + if (ret < 0) { + close(sd); + gnutls_deinit(session); + fprintf(stderr, + "*** Handshake has failed (%s)\n\n", + gnutls_strerror(ret)); + continue; + } + printf("- Handshake was completed\n"); + printf("- User %s was connected\n", + gnutls_srp_server_get_username(session)); + + /* print_info(session); */ + + for (;;) { + ret = gnutls_record_recv(session, buffer, MAX_BUF); + + if (ret == 0) { + printf + ("\n- Peer has closed the GnuTLS connection\n"); + break; + } else if (ret < 0 + && gnutls_error_is_fatal(ret) == 0) { + fprintf(stderr, "*** Warning: %s\n", + gnutls_strerror(ret)); + } else if (ret < 0) { + fprintf(stderr, "\n*** Received corrupted " + "data(%d). Closing the connection.\n\n", + ret); + break; + } else if (ret > 0) { + /* echo data back to the client + */ + gnutls_record_send(session, buffer, ret); + } + } + printf("\n"); + /* do not wait for the peer to close the connection. */ + gnutls_bye(session, GNUTLS_SHUT_WR); + + close(sd); + gnutls_deinit(session); - close (sd); - gnutls_deinit (session); - - } - close (listen_sd); + } + close(listen_sd); - gnutls_srp_free_server_credentials (srp_cred); - gnutls_certificate_free_credentials (cert_cred); + gnutls_srp_free_server_credentials(srp_cred); + gnutls_certificate_free_credentials(cert_cred); - gnutls_global_deinit (); + gnutls_global_deinit(); - return 0; + return 0; } |