Communication Samples

Some C code examples

Classes | Macros | Functions
serverssl.c File Reference

Example web server using SSL connection. It will always send the same web. It's just a test to stablish a secure connection and send some data This server cannot attend simultaneous connections. More...

#include <fcntl.h>
#include <string.h>
#include <stdlib.h>
#include <errno.h>
#include <stdio.h>
#include <netinet/in.h>
#include <resolv.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
#include <openssl/err.h>

Go to the source code of this file.

Classes

struct  Sslc
 

Macros

#define PORT   1430
 
#define BUFFERSIZE   16384
 
#define CRLF   "\r\n"
 
#define RESPONSE
 
#define CERTFILE   "sslserverchain.pem"
 
#define KEYFILE   "sslserver.key"
 

Functions

int TCP_Server (Sslc *h, int port)
 
int TCP_select (Sslc *h, double timeout)
 
int SSL_init (Sslc *h)
 
int SSL_load_certificates (Sslc *h, char *cert, char *key)
 
int TCP_acceptClient (Sslc *h)
 
int TCP_clientDialog (Sslc *h)
 
int SSL_clientDialog (Sslc *h)
 
void panic (char *msg)
 
void aclock (int loop)
 
int main (int argv, char **argc)
 

Detailed Description

Example web server using SSL connection. It will always send the same web. It's just a test to stablish a secure connection and send some data This server cannot attend simultaneous connections.

Author
Gaspar Fernández blake.nosp@m.yed@.nosp@m.totak.nosp@m.i.co.nosp@m.m
Version
0.1
Date
18 apr 2015

Changelog: 20150422 - Some more doc.

To compile $ gcc -o serverssl serverssl.c -lcrypto -lssl

Definition in file serverssl.c.

Macro Definition Documentation

#define BUFFERSIZE   16384

Buffer Size to use

Definition at line 42 of file serverssl.c.

Referenced by SSL_clientDialog(), and TCP_clientDialog().

#define CERTFILE   "sslserverchain.pem"

Certificate file, or certificate chain file

Definition at line 55 of file serverssl.c.

#define CRLF   "\r\n"

CRLF

Definition at line 45 of file serverssl.c.

#define KEYFILE   "sslserver.key"

Key file

Definition at line 57 of file serverssl.c.

#define PORT   1430

Port

Definition at line 39 of file serverssl.c.

#define RESPONSE
Value:
"HTTP/1.1 200 OK" CRLF \
"Content-Type: text/html charset=utf-8" CRLF \
"Server: ServerTest" CRLF \
CRLF \
"<html><head><title>Server Test</title></head><body>This is just a test</body></html>" CRLF
CRLF
#define CRLF
Definition: serverssl.c:45

The only response of this server

Definition at line 48 of file serverssl.c.

Referenced by SSL_clientDialog(), and TCP_clientDialog().

Function Documentation

void aclock ( int  loop)

ASCII clock to wait for clients

Parameters
loopJust a number, when it changes, it draws a new character. If loop == 0, restarts
Returns
void

Definition at line 339 of file serverssl.c.

340 {
341  if (loop==0)
342  printf("[SERVER] Waiting for connections ");
343 
344  printf("\033[1D"); /* ANSI code to go back 2 characters */
345  switch (loop%4)
346  {
347  case 0: printf("|"); break;
348  case 1: printf("/"); break;
349  case 2: printf("-"); break;
350  case 3: printf("\\"); break;
351  default: /* Nothing here */
352  break;
353  }
354 
355  fflush(stdout); /* Update screen */
356 }
void panic ( char *  msg)

Prints a tragic error and exit

Parameters
msgError text
Returns
void

Definition at line 359 of file serverssl.c.

360 {
361  fprintf (stderr, "Error: %s (errno %d, %s)\n", msg, errno, strerror(errno));
362  /* Print SSL errors */
363  ERR_print_errors_fp(stderr);
364  exit(2);
365 }
int SSL_clientDialog ( Sslc h)

It's everything we're here for. SSL dialog with the clients

Parameters
hOur struct
Returns
0 if OK

Definition at line 274 of file serverssl.c.

References BUFFERSIZE, Sslc::client_skt, Sslc::ctx, RESPONSE, and Sslc::ssl.

Referenced by TCP_acceptClient().

275 {
276  char buffer[BUFFERSIZE];
277  int bytecount;
278 
279  h->ssl = SSL_new(h->ctx);
280  if (h->ssl == NULL)
281  return -11;
282  /* SSL_set_options(h->ssl, SSL_OP_ALL ); */
283 
284  if (SSL_set_fd(h->ssl, h->client_skt) == 0)
285  return -12;
286 
287  /* Accept SSL connection and handshake */
288  if (SSL_accept(h->ssl) < 1)
289  return -13;
290 
291  memset(buffer, 0, BUFFERSIZE);
292  if((bytecount = SSL_read(h->ssl, buffer, BUFFERSIZE)) < 1)
293  return -7;
294 
295  if (SSL_write(h->ssl, RESPONSE, strlen(RESPONSE))< 1)
296  return -8;
297 
298  SSL_free(h->ssl); /* free mem */
299 
300  return 0;
301 }
Sslc::client_skt
int client_skt
Definition: serverssl.c:66
BUFFERSIZE
#define BUFFERSIZE
Definition: serverssl.c:42
Sslc::ctx
SSL_CTX * ctx
Definition: myssl.c:57
RESPONSE
#define RESPONSE
Definition: serverssl.c:48
Sslc::ssl
SSL * ssl
Definition: myssl.c:55
int SSL_init ( Sslc h)

Initializes SSL connection and creates the SSL Context

Parameters
hOur struct to store everything
Returns
0 if OK

Definition at line 303 of file serverssl.c.

References Sslc::ctx.

304 {
305  SSL_library_init(); /* not reentrant! */
306 
307  SSL_load_error_strings();
308 
309  OpenSSL_add_all_algorithms(); /* load & register all cryptos, etc. */
310 
311  /* We can try SSLv23_server_method() to try several
312  methods, starting from the more secure*/
313  h->ctx = SSL_CTX_new(TLSv1_2_server_method());
314  if (h->ctx == NULL)
315  return -4;
316 
317  return 0;
318 }
Sslc::ctx
SSL_CTX * ctx
Definition: myssl.c:57
int SSL_load_certificates ( Sslc h,
char *  cert,
char *  key 
)

Loads certificates in the context.

Parameters
hOur struct to store everything
certPEM certificate file or chain (we can store several certificates in one file, just concatenating them.
keyEncryption key
Returns
0 if OK

Definition at line 320 of file serverssl.c.

References Sslc::ctx.

321 {
322  if ( SSL_CTX_use_certificate_chain_file(h->ctx, cert) < 1 )
323  return -8;
324 
325  /* set the private key */
326  if ( SSL_CTX_use_PrivateKey_file(h->ctx, key, SSL_FILETYPE_PEM) <= 0 )
327  return -9;
328 
329  /* verify private key */
330  if ( !SSL_CTX_check_private_key(h->ctx) )
331  {
332  printf("Private key doesn't match the public certificate\n");
333  return -10;
334  }
335 
336  return 0;
337 }
Sslc::ctx
SSL_CTX * ctx
Definition: myssl.c:57
int TCP_acceptClient ( Sslc h)

Accepts client and start dialog

Parameters
hOur struct
Returns
0 if OK

Definition at line 238 of file serverssl.c.

References Sslc::client_skt, Sslc::skt, and SSL_clientDialog().

239 {
240  struct sockaddr_in client_addr;
241  socklen_t size_addr = sizeof(struct sockaddr_in);
242 
243  if ((h->client_skt = accept( h->skt, (struct sockaddr*)&client_addr, &size_addr))!= -1)
244  {
245  printf("\nNew client connection from %s:%d\n", inet_ntoa(client_addr.sin_addr), client_addr.sin_port);
246  int r = SSL_clientDialog(h);
247  if (r<0)
248  {
249  printf ("There was a problem with this client connection\n");
250  ERR_print_errors_fp(stderr);
251  }
252  close(h->client_skt);
253  }
254 
255  /* Returns 0 to avoid tragic fails, just display on screen*/
256  return -6;
257 }
Sslc::client_skt
int client_skt
Definition: serverssl.c:66
Sslc::skt
int skt
Definition: myssl.c:51
SSL_clientDialog
int SSL_clientDialog(Sslc *h)
Definition: serverssl.c:274
int TCP_clientDialog ( Sslc h)

Just a test, replace SSL_clientDialog() in acceptClient() by TCP_clientDialog() to create an insecure web server.

Parameters
hOur struct
Returns
0 if OK

Definition at line 259 of file serverssl.c.

References BUFFERSIZE, Sslc::client_skt, and RESPONSE.

260 {
261  char buffer[BUFFERSIZE];
262  int bytecount;
263 
264  memset(buffer, 0, BUFFERSIZE);
265  if((bytecount = recv(h->client_skt, buffer, BUFFERSIZE, 0))== -1)
266  return -7;
267 
268  if (send(h->client_skt, RESPONSE, strlen(RESPONSE), 0)<0)
269  return -8;
270 
271  return 0;
272 }
Sslc::client_skt
int client_skt
Definition: serverssl.c:66
BUFFERSIZE
#define BUFFERSIZE
Definition: serverssl.c:42
RESPONSE
#define RESPONSE
Definition: serverssl.c:48
int TCP_select ( Sslc h,
double  timeout 
)

Uses select to test if there is anything waiting to be read. The same function as myssl.c

Parameters
hOur structure. Only the socket will be used
timeoutTimeout before giving up
Returns
(0 timeout, 1 data waiting, <0 fail)

Definition at line 222 of file serverssl.c.

References Sslc::skt.

223 {
224  fd_set fds;
225  FD_ZERO(&fds);
226  FD_SET(h->skt, &fds);
227  fd_set *rset=&fds;
228  fd_set *wset=NULL;
229 
230  struct timeval tv;
231  tv.tv_sec = (int)(timeout);
232  tv.tv_usec = (int)((timeout - (int)(timeout)) * 1000000.0);
233 
234  int ret = select(h->skt+1, rset, wset, NULL, &tv);
235  return ret;
236 }
Sslc::skt
int skt
Definition: myssl.c:51
int TCP_Server ( Sslc h,
int  port 
)
Parameters
hOur struct
portPor to listen to
Returns
(0 if OK, else fail)

Definition at line 201 of file serverssl.c.

References Sslc::skt.

202 {
203  struct sockaddr_in my_addr;
204 
205  h->skt = socket(AF_INET, SOCK_STREAM, 0);
206  if(h->skt < 0)
207  return -1;
208 
209  my_addr.sin_family = AF_INET ;
210  my_addr.sin_port = htons(port);
211  my_addr.sin_addr.s_addr = INADDR_ANY ;
212 
213  if( bind( h->skt, (struct sockaddr*)&my_addr, sizeof(my_addr)) == -1 )
214  return -2;
215 
216  if(listen( h->skt, 10) == -1 )
217  return -3;
218 
219  return 0;
220 }
Sslc::skt
int skt
Definition: myssl.c:51
Generated on Wed Apr 22 2015 20:24:20 for Communication Samples by   doxygen 1.8.6 This doc is part of a project by Gaspar Fernández.