From e7d0806b33e19a088bbd05dc031b1b8e2446a39b Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sat, 4 Jun 2016 11:42:21 +0200 Subject: doc: removed OpenPGP examples Relates #102 --- doc/cha-gtls-examples.texi | 12 --- doc/examples/Makefile.am | 4 - doc/examples/ex-serv-pgp.c | 178 --------------------------------------------- 3 files changed, 194 deletions(-) delete mode 100644 doc/examples/ex-serv-pgp.c (limited to 'doc') diff --git a/doc/cha-gtls-examples.texi b/doc/cha-gtls-examples.texi index fb951cc43e..049b2d78a6 100644 --- a/doc/cha-gtls-examples.texi +++ b/doc/cha-gtls-examples.texi @@ -212,18 +212,6 @@ This example is a very simple echo server which supports @verbatiminclude examples/ex-serv-x509.c -@node Echo server with OpenPGP authentication -@subsection Echo server with @acronym{OpenPGP} authentication -@cindex OpenPGP server - -The following example is an echo server which supports -@acronym{OpenPGP} key authentication. You can easily combine -this functionality ---that is have a server that supports both -@acronym{X.509} and @acronym{OpenPGP} certificates--- but we separated -them to keep these examples as simple as possible. - -@verbatiminclude examples/ex-serv-pgp.c - @node Echo server with SRP authentication @subsection Echo server with @acronym{SRP} authentication diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am index ffafd22e97..f230eca8a4 100644 --- a/doc/examples/Makefile.am +++ b/doc/examples/Makefile.am @@ -63,10 +63,6 @@ if ENABLE_ANON noinst_PROGRAMS += ex-client-anon ex-serv-anon endif -if ENABLE_OPENPGP -noinst_PROGRAMS += ex-serv-pgp -endif - if ENABLE_PKCS11 noinst_PROGRAMS += ex-cert-select-pkcs11 endif diff --git a/doc/examples/ex-serv-pgp.c b/doc/examples/ex-serv-pgp.c deleted file mode 100644 index 9cd4395d75..0000000000 --- a/doc/examples/ex-serv-pgp.c +++ /dev/null @@ -1,178 +0,0 @@ -/* This example code is placed in the public domain. */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define KEYFILE "secret.asc" -#define CERTFILE "public.asc" -#define RINGFILE "ring.gpg" - -/* This is a sample TLS 1.0-OpenPGP echo server. - */ - - -#define SOCKET_ERR(err,s) if(err==-1) {perror(s);return(1);} -#define MAX_BUF 1024 -#define PORT 5556 /* listen to 5556 port */ - -/* These are global */ -gnutls_dh_params_t dh_params; - -static int generate_dh_params(void) -{ - unsigned int bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, - GNUTLS_SEC_PARAM_LEGACY); - - /* Generate Diffie-Hellman parameters - for use with DHE - * kx algorithms. These should be discarded and regenerated - * once a day, once a week or once a month. Depending on the - * security requirements. - */ - gnutls_dh_params_init(&dh_params); - gnutls_dh_params_generate2(dh_params, bits); - - return 0; -} - -int main(void) -{ - int err, listen_sd; - int sd, ret; - struct sockaddr_in sa_serv; - struct sockaddr_in sa_cli; - socklen_t client_len; - char topbuf[512]; - gnutls_session_t session; - gnutls_certificate_credentials_t cred; - char buffer[MAX_BUF + 1]; - int optval = 1; - char name[256]; - - strcpy(name, "Echo Server"); - - if (gnutls_check_version("3.1.4") == NULL) { - fprintf(stderr, "GnuTLS 3.1.4 or later is required for this example\n"); - exit(1); - } - - /* for backwards compatibility with gnutls < 3.3.0 */ - gnutls_global_init(); - - gnutls_certificate_allocate_credentials(&cred); - gnutls_certificate_set_openpgp_keyring_file(cred, RINGFILE, - GNUTLS_OPENPGP_FMT_BASE64); - - gnutls_certificate_set_openpgp_key_file(cred, CERTFILE, KEYFILE, - GNUTLS_OPENPGP_FMT_BASE64); - - generate_dh_params(); - - gnutls_certificate_set_dh_params(cred, dh_params); - - /* Socket operations - */ - listen_sd = socket(AF_INET, SOCK_STREAM, 0); - SOCKET_ERR(listen_sd, "socket"); - - memset(&sa_serv, '\0', sizeof(sa_serv)); - sa_serv.sin_family = AF_INET; - sa_serv.sin_addr.s_addr = INADDR_ANY; - sa_serv.sin_port = htons(PORT); /* Server Port number */ - - setsockopt(listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, - sizeof(int)); - - err = - bind(listen_sd, (struct sockaddr *) &sa_serv, sizeof(sa_serv)); - SOCKET_ERR(err, "bind"); - err = listen(listen_sd, 1024); - SOCKET_ERR(err, "listen"); - - printf("%s ready. Listening to port '%d'.\n\n", name, PORT); - - client_len = sizeof(sa_cli); - for (;;) { - gnutls_init(&session, GNUTLS_SERVER); - gnutls_priority_set_direct(session, - "NORMAL:+CTYPE-OPENPGP", NULL); - - /* request client certificate if any. - */ - gnutls_certificate_server_set_request(session, - GNUTLS_CERT_REQUEST); - - sd = accept(listen_sd, (struct sockaddr *) &sa_cli, - &client_len); - - printf("- connection from %s, port %d\n", - inet_ntop(AF_INET, &sa_cli.sin_addr, topbuf, - sizeof(topbuf)), ntohs(sa_cli.sin_port)); - - gnutls_transport_set_int(session, sd); - ret = gnutls_handshake(session); - if (ret < 0) { - close(sd); - gnutls_deinit(session); - fprintf(stderr, - "*** Handshake has failed (%s)\n\n", - gnutls_strerror(ret)); - continue; - } - printf("- Handshake was completed\n"); - - /* see the Getting peer's information example */ - /* print_info(session); */ - - for (;;) { - ret = gnutls_record_recv(session, buffer, MAX_BUF); - - if (ret == 0) { - printf - ("\n- Peer has closed the GnuTLS connection\n"); - break; - } else if (ret < 0 - && gnutls_error_is_fatal(ret) == 0) { - fprintf(stderr, "*** Warning: %s\n", - gnutls_strerror(ret)); - } else if (ret < 0) { - fprintf(stderr, "\n*** Received corrupted " - "data(%d). Closing the connection.\n\n", - ret); - break; - } else if (ret > 0) { - /* echo data back to the client - */ - gnutls_record_send(session, buffer, ret); - } - } - printf("\n"); - /* do not wait for the peer to close the connection. - */ - gnutls_bye(session, GNUTLS_SHUT_WR); - - close(sd); - gnutls_deinit(session); - - } - close(listen_sd); - - gnutls_certificate_free_credentials(cred); - - gnutls_global_deinit(); - - return 0; - -} -- cgit v1.2.1