tstclnt.c
来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 655 行 · 第 1/2 页
C
655 行
Usage(progName); if (!host || !port) Usage(progName); if (!certDir) { certDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */ certDir = SECU_ConfigDirectory(certDir); /* call even if it's NULL */ } PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); /* set our password function */ if ( useCommandLinePassword ) { PK11_SetPasswordFunc(ownPasswd); } else { PK11_SetPasswordFunc(SECU_GetModulePassword); } /* open the cert DB, the key DB, and the secmod DB. */ rv = NSS_Init(certDir); if (rv != SECSuccess) { SECU_PrintError(progName, "unable to open cert database");#if 0 rv = CERT_OpenVolatileCertDB(handle); CERT_SetDefaultCertDB(handle);#else return -1;#endif } handle = CERT_GetDefaultCertDB(); /* set the policy bits true for all the cipher suites. */ if (useExportPolicy) NSS_SetExportPolicy(); else NSS_SetDomesticPolicy(); /* all the SSL2 and SSL3 cipher suites are enabled by default. */ if (cipherString) { /* disable all the ciphers, then enable the ones we want. */ disableSSL2Ciphers(); disableSSL3Ciphers(); } /* Lookup host */ status = PR_GetHostByName(host, buf, sizeof(buf), &hp); if (status != PR_SUCCESS) { SECU_PrintError(progName, "error looking up host"); return -1; } if (PR_EnumerateHostEnt(0, &hp, atoi(port), &addr) == -1) { SECU_PrintError(progName, "error looking up host address"); return -1; } ip = PR_ntohl(addr.inet.ip); printf("%s: connecting to %s:%d (address=%d.%d.%d.%d)\n", progName, host, PR_ntohs(addr.inet.port), (ip >> 24) & 0xff, (ip >> 16) & 0xff, (ip >> 8) & 0xff, (ip >> 0) & 0xff); /* Create socket */ s = PR_NewTCPSocket(); if (s == NULL) { SECU_PrintError(progName, "error creating socket"); return -1; } opt.option = PR_SockOpt_Nonblocking; opt.value.non_blocking = PR_TRUE; PR_SetSocketOption(s, &opt); /*PR_SetSocketOption(PR_GetSpecialFD(PR_StandardInput), &opt);*/ s = SSL_ImportFD(NULL, s); if (s == NULL) { SECU_PrintError(progName, "error importing socket"); return -1; } rv = SSL_Enable(s, SSL_SECURITY, 1); if (rv != SECSuccess) { SECU_PrintError(progName, "error enabling socket"); return -1; } rv = SSL_Enable(s, SSL_HANDSHAKE_AS_CLIENT, 1); if (rv != SECSuccess) { SECU_PrintError(progName, "error enabling client handshake"); return -1; } /* all the SSL2 and SSL3 cipher suites are enabled by default. */ if (cipherString) { int ndx; while (0 != (ndx = *cipherString++)) { int *cptr; int cipher; if (! isalpha(ndx)) Usage(progName); cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites; for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) /* do nothing */; if (cipher) { SECStatus status; status = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED); if (status != SECSuccess) SECU_PrintError(progName, "SSL_CipherPrefSet()"); } } } rv = SSL_Enable(s, SSL_ENABLE_SSL2, !disableSSL2); if (rv != SECSuccess) { SECU_PrintError(progName, "error enabling SSLv2 "); return -1; } rv = SSL_Enable(s, SSL_ENABLE_SSL3, !disableSSL3); if (rv != SECSuccess) { SECU_PrintError(progName, "error enabling SSLv3 "); return -1; } rv = SSL_Enable(s, SSL_ENABLE_TLS, !disableTLS); if (rv != SECSuccess) { SECU_PrintError(progName, "error enabling TLS "); return -1; }#if 0 /* disable ssl2 and ssl2-compatible client hellos. */ rv = SSL_Enable(s, SSL_V2_COMPATIBLE_HELLO, 0); if (rv != SECSuccess) { SECU_PrintError(progName, "error disabling v2 compatibility"); return -1; }#endif if (useCommandLinePassword) { SSL_SetPKCS11PinArg(s, password); } SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle); if (override) { SSL_BadCertHook(s, ownBadCertHandler, NULL); } SSL_GetClientAuthDataHook(s, NSS_GetClientAuthData, (void *)nickname); SSL_HandshakeCallback(s, handshakeCallback, NULL); SSL_SetURL(s, host); /* Try to connect to the server */ status = PR_Connect(s, &addr, PR_INTERVAL_NO_TIMEOUT); if (status != PR_SUCCESS) { if (PR_GetError() == PR_IN_PROGRESS_ERROR) { SECU_PrintError(progName, "connect"); milliPause(50 * multiplier); pollset[0].fd = s; pollset[0].in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT; pollset[0].out_flags = 0; while(1) { printf("%s: about to call PR_Poll for connect completion!\n", progName); filesReady = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT); if (filesReady < 0) { SECU_PrintError(progName, "unable to connect (poll)"); return -1; } printf("%s: PR_Poll returned 0x%02x for socket out_flags.\n", progName, pollset[0].out_flags); if (filesReady == 0) { /* shouldn't happen! */ printf("%s: PR_Poll returned zero!\n", progName); return -1; } /* Must milliPause between PR_Poll and PR_GetConnectStatus, * Or else winsock gets mighty confused. * Sleep(0); */ milliPause(1); status = PR_GetConnectStatus(pollset); if (status == PR_SUCCESS) { break; } if (PR_GetError() != PR_IN_PROGRESS_ERROR) { SECU_PrintError(progName, "unable to connect (poll)"); return -1; } SECU_PrintError(progName, "poll"); milliPause(50 * multiplier); } } else { SECU_PrintError(progName, "unable to connect"); return -1; } } pollset[0].fd = s; pollset[0].in_flags = PR_POLL_READ; pollset[1].fd = PR_GetSpecialFD(PR_StandardInput); pollset[1].in_flags = PR_POLL_READ; npds = 2; std_out = PR_GetSpecialFD(PR_StandardOutput); if (file_read) { pollset[1].out_flags = PR_POLL_READ; npds=1; } /* ** Select on stdin and on the socket. Write data from stdin to ** socket, read data from socket and write to stdout. */ printf("%s: ready...\n", progName); while (pollset[0].in_flags || pollset[1].in_flags) { char buf[4000]; /* buffer for stdin */ int nb; /* num bytes read from stdin. */ pollset[0].out_flags = 0; if (!file_read) { pollset[1].out_flags = 0; } printf("%s: about to call PR_Poll !\n", progName); if (pollset[1].in_flags && file_read) { filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_WAIT); filesReady++; } else { filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_TIMEOUT); } if (filesReady < 0) { SECU_PrintError(progName, "select failed"); error=-1; goto done; } if (filesReady == 0) { /* shouldn't happen! */ printf("%s: PR_Poll returned zero!\n", progName); return -1; } printf("%s: PR_Poll returned!\n", progName); if (pollset[1].in_flags) { printf("%s: PR_Poll returned 0x%02x for stdin out_flags.\n", progName, pollset[1].out_flags);#ifndef _WINDOWS } if (pollset[1].out_flags & PR_POLL_READ) {#endif /* Read from stdin and write to socket */ nb = PR_Read(pollset[1].fd, buf, sizeof(buf)); printf("%s: stdin read %d bytes\n", progName, nb); if (nb < 0) { if (PR_GetError() != PR_WOULD_BLOCK_ERROR) { SECU_PrintError(progName, "read from stdin failed"); error=-1; break; } } else if (nb == 0) { pollset[1].in_flags = 0; } else { char * bufp = buf; printf("%s: Writing %d bytes to server\n", progName, nb); do { PRInt32 cc = PR_Write(s, bufp, nb); if (cc < 0) { PRErrorCode err = PR_GetError(); if (err != PR_WOULD_BLOCK_ERROR) { SECU_PrintError(progName, "write to SSL socket failed"); error=-2; goto done; } cc = 0; } bufp += cc; nb -= cc; if (nb <= 0) break; pollset[0].in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT; pollset[0].out_flags = 0; printf("%s: about to call PR_Poll on writable socket !\n", progName); cc = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT); printf("%s: PR_Poll returned with writable socket !\n", progName); } while (1); pollset[0].in_flags = PR_POLL_READ; } } if (pollset[0].in_flags) { printf("%s: PR_Poll returned 0x%02x for socket out_flags.\n", progName, pollset[0].out_flags); } if ( (pollset[0].out_flags & PR_POLL_READ) || (pollset[0].out_flags & PR_POLL_ERR) #ifdef PR_POLL_HUP || (pollset[0].out_flags & PR_POLL_HUP)#endif ) { /* Read from socket and write to stdout */ nb = PR_Read(pollset[0].fd, buf, sizeof(buf)); printf("%s: Read from server %d bytes\n", progName, nb); if (nb < 0) { if (PR_GetError() != PR_WOULD_BLOCK_ERROR) { SECU_PrintError(progName, "read from socket failed"); error=-1; goto done; } } else if (nb == 0) { /* EOF from socket... bye bye */ pollset[0].in_flags = 0; } else { PR_Write(std_out, buf, nb); puts("\n\n"); } } milliPause(50 * multiplier); } done: PR_Close(s); NSS_Shutdown(); PR_Cleanup(); return error;}⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?