kris
/
boringssl
1
0
Форк 0
Код Проблеми 0 Запити на злиття 0 Релізи 0 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
106 Коміти
12 Гілки
38 MiB
 
 
 
 
 
 
Дерево: fb5cd20236
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'fb5cd20236'
${ noResults }
boringssl/tool/client.cc

281 рядки
7.2 KiB
Неформатований Звинувачення Історія 

  1. /* Copyright (c) 2014, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #include <openssl/base.h>

  16. 

  17. #include <string>

  18. #include <vector>

  19. 

  20. #include <sys/types.h>

  21. #include <sys/socket.h>

  22. 

  23. #if !defined(OPENSSL_WINDOWS)

  24. #include <arpa/inet.h>

  25. #include <fcntl.h>

  26. #include <netdb.h>

  27. #include <sys/select.h>

  28. #include <unistd.h>

  29. #else

  30. #include <WinSock2.h>

  31. #include <WS2tcpip.h>

  32. typedef int socklen_t;

  33. #endif

  34. 

  35. #include <openssl/err.h>

  36. #include <openssl/ssl.h>

  37. 

  38. #include "internal.h"

  39. 

  40. 

  41. static const struct argument kArguments[] = {

  42.     {

  43.      "-connect", true,

  44.      "The hostname and port of the server to connect to, e.g. foo.com:443",

  45.     },

  46.     {

  47.      "", false, "",

  48.     },

  49. };

  50. 

  51. // Connect sets |*out_sock| to be a socket connected to the destination given

  52. // in |hostname_and_port|, which should be of the form "www.example.com:123".

  53. // It returns true on success and false otherwise.

  54. static bool Connect(int *out_sock, const std::string &hostname_and_port) {

  55.   const size_t colon_offset = hostname_and_port.find_last_of(':');

  56.   std::string hostname, port;

  57. 

  58.   if (colon_offset == std::string::npos) {

  59.     hostname = hostname_and_port;

  60.     port = "443";

  61.   } else {

  62.     hostname = hostname_and_port.substr(0, colon_offset);

  63.     port = hostname_and_port.substr(colon_offset + 1);

  64.   }

  65. 

  66.   struct addrinfo hint, *result;

  67.   memset(&hint, 0, sizeof(hint));

  68.   hint.ai_family = AF_UNSPEC;

  69.   hint.ai_socktype = SOCK_STREAM;

  70. 

  71.   int ret = getaddrinfo(hostname.c_str(), port.c_str(), &hint, &result);

  72.   if (ret != 0) {

  73.     fprintf(stderr, "getaddrinfo returned: %s\n", gai_strerror(ret));

  74.     return false;

  75.   }

  76. 

  77.   bool ok = false;

  78.   char buf[256];

  79. 

  80.   *out_sock =

  81.       socket(result->ai_family, result->ai_socktype, result->ai_protocol);

  82.   if (*out_sock < 0) {

  83.     perror("socket");

  84.     goto out;

  85.   }

  86. 

  87.   switch (result->ai_family) {

  88.     case AF_INET: {

  89.       struct sockaddr_in *sin =

  90.           reinterpret_cast<struct sockaddr_in *>(result->ai_addr);

  91.       fprintf(stderr, "Connecting to %s:%d\n",

  92.               inet_ntop(result->ai_family, &sin->sin_addr, buf, sizeof(buf)),

  93.               ntohs(sin->sin_port));

  94.       break;

  95.     }

  96.     case AF_INET6: {

  97.       struct sockaddr_in6 *sin6 =

  98.           reinterpret_cast<struct sockaddr_in6 *>(result->ai_addr);

  99.       fprintf(stderr, "Connecting to [%s]:%d\n",

  100.               inet_ntop(result->ai_family, &sin6->sin6_addr, buf, sizeof(buf)),

  101.               ntohs(sin6->sin6_port));

  102.       break;

  103.     }

  104.   }

  105. 

  106.   if (connect(*out_sock, result->ai_addr, result->ai_addrlen) != 0) {

  107.     perror("connect");

  108.     goto out;

  109.   }

  110.   ok = true;

  111. 

  112. out:

  113.   freeaddrinfo(result);

  114.   return ok;

  115. }

  116. 

  117. static void PrintConnectionInfo(const SSL *ssl) {

  118.   const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);

  119. 

  120.   fprintf(stderr, "  Version: %s\n", SSL_get_version(ssl));

  121.   fprintf(stderr, "  Cipher: %s\n", SSL_CIPHER_get_name(cipher));

  122.   fprintf(stderr, "  Secure renegotiation: %s\n",

  123.           SSL_get_secure_renegotiation_support(ssl) ? "yes" : "no");

  124. }

  125. 

  126. static bool SocketSetNonBlocking(int sock, bool is_non_blocking) {

  127.   bool ok;

  128. 

  129. #if defined(OPENSSL_WINDOWS)

  130.   u_long arg = is_non_blocking;

  131.   ok = 0 == ioctlsocket(sock, FIOBIO, &arg);

  132. #else

  133.   int flags = fcntl(sock, F_GETFL, 0);

  134.   if (flags < 0) {

  135.     return false;

  136.   }

  137.   if (is_non_blocking) {

  138.     flags |= O_NONBLOCK;

  139.   } else {

  140.     flags &= ~O_NONBLOCK;

  141.   }

  142.   ok = 0 == fcntl(sock, F_SETFL, flags);

  143. #endif

  144.   if (!ok) {

  145.     fprintf(stderr, "Failed to set socket non-blocking.\n");

  146.   }

  147.   return ok;

  148. }

  149. 

  150. // PrintErrorCallback is a callback function from OpenSSL's

  151. // |ERR_print_errors_cb| that writes errors to a given |FILE*|.

  152. static int PrintErrorCallback(const char *str, size_t len, void *ctx) {

  153.   fwrite(str, len, 1, reinterpret_cast<FILE*>(ctx));

  154.   return 1;

  155. }

  156. 

  157. bool TransferData(SSL *ssl, int sock) {

  158.   bool stdin_open = true;

  159. 

  160.   fd_set read_fds;

  161.   FD_ZERO(&read_fds);

  162. 

  163.   if (!SocketSetNonBlocking(sock, true)) {

  164.     return false;

  165.   }

  166. 

  167.   for (;;) {

  168.     if (stdin_open) {

  169.       FD_SET(0, &read_fds);

  170.     }

  171.     FD_SET(sock, &read_fds);

  172. 

  173.     int ret = select(sock + 1, &read_fds, NULL, NULL, NULL);

  174.     if (ret <= 0) {

  175.       perror("select");

  176.       return false;

  177.     }

  178. 

  179.     if (FD_ISSET(0, &read_fds)) {

  180.       uint8_t buffer[512];

  181.       ssize_t n;

  182. 

  183.       do {

  184.         n = read(0, buffer, sizeof(buffer));

  185.       } while (n == -1 && errno == EINTR);

  186. 

  187.       if (n == 0) {

  188.         FD_CLR(0, &read_fds);

  189.         stdin_open = false;

  190.         shutdown(sock, SHUT_WR);

  191.         continue;

  192.       } else if (n < 0) {

  193.         perror("read from stdin");

  194.         return false;

  195.       }

  196. 

  197.       if (!SocketSetNonBlocking(sock, false)) {

  198.         return false;

  199.       }

  200.       int ssl_ret = SSL_write(ssl, buffer, n);

  201.       if (!SocketSetNonBlocking(sock, true)) {

  202.         return false;

  203.       }

  204. 

  205.       if (ssl_ret <= 0) {

  206.         int ssl_err = SSL_get_error(ssl, ssl_ret);

  207.         fprintf(stderr, "Error while writing: %d\n", ssl_err);

  208.         ERR_print_errors_cb(PrintErrorCallback, stderr);

  209.         return false;

  210.       } else if (ssl_ret != n) {

  211.         fprintf(stderr, "Short write from SSL_write.\n");

  212.         return false;

  213.       }

  214.     }

  215. 

  216.     if (FD_ISSET(sock, &read_fds)) {

  217.       uint8_t buffer[512];

  218.       int ssl_ret = SSL_read(ssl, buffer, sizeof(buffer));

  219. 

  220.       if (ssl_ret < 0) {

  221.         int ssl_err = SSL_get_error(ssl, ssl_ret);

  222.         if (ssl_err == SSL_ERROR_WANT_READ) {

  223.           continue;

  224.         }

  225.         fprintf(stderr, "Error while reading: %d\n", ssl_err);

  226.         ERR_print_errors_cb(PrintErrorCallback, stderr);

  227.         return false;

  228.       } else if (ssl_ret == 0) {

  229.         return true;

  230.       }

  231. 

  232.       ssize_t n;

  233.       do {

  234.         n = write(1, buffer, ssl_ret);

  235.       } while (n == -1 && errno == EINTR);

  236. 

  237.       if (n != ssl_ret) {

  238.         fprintf(stderr, "Short write to stderr.\n");

  239.         return false;

  240.       }

  241.     }

  242.   }

  243. }

  244. 

  245. bool Client(const std::vector<std::string> &args) {

  246.   std::map<std::string, std::string> args_map;

  247. 

  248.   if (!ParseKeyValueArguments(&args_map, args, kArguments)) {

  249.     PrintUsage(kArguments);

  250.     return false;

  251.   }

  252. 

  253.   SSL_CTX *ctx = SSL_CTX_new(SSLv23_client_method());

  254. 

  255.   int sock;

  256.   if (!Connect(&sock, args_map["-connect"])) {

  257.     return false;

  258.   }

  259. 

  260.   BIO *bio = BIO_new_socket(sock, BIO_CLOSE);

  261.   SSL *ssl = SSL_new(ctx);

  262.   SSL_set_bio(ssl, bio, bio);

  263. 

  264.   int ret = SSL_connect(ssl);

  265.   if (ret != 1) {

  266.     int ssl_err = SSL_get_error(ssl, ret);

  267.     fprintf(stderr, "Error while connecting: %d\n", ssl_err);

  268.     ERR_print_errors_cb(PrintErrorCallback, stderr);

  269.     return false;

  270.   }

  271. 

  272.   fprintf(stderr, "Connected.\n");

  273.   PrintConnectionInfo(ssl);

  274. 

  275.   bool ok = TransferData(ssl, sock);

  276. 

  277.   SSL_free(ssl);

  278.   SSL_CTX_free(ctx);

  279.   return ok;

  280. }