📄 ssl.c
字号:
{
printExtError( cryptSession, "Attempt to send data to "
"client", status, __LINE__ );
cryptDestroySession( cryptSession );
return( FALSE );
}
/* Wait for the data to be flushed through to the client before
we close the session */
delayThread( 1 );
}
else
{
char fetchString[ 128 ];
int fetchStringLen;
/* Send a fetch request to the server */
if( localSocket )
{
if( protocol == PROTOCOL_SMTP )
strcpy( fetchString, "EHLO foo.bar.com\r\n" );
else
if( protocol == PROTOCOL_POP )
strcpy( fetchString, "CAPA\r\n" );
else
if( protocol == PROTOCOL_IMAP )
strcpy( fetchString, "a003 CAPABILITY\r\n" );
else
strcpy( fetchString, "USER test\r\n" );
}
else
sprintf( fetchString, "GET %s HTTP/1.0\r\n\r\n",
sslInfo[ SSL_SERVER_NO ].path );
fetchStringLen = strlen( fetchString );
#if defined( __MVS__ ) || defined( __VMCMS__ )
ebcdicToAscii( fetchString, fetchStringLen );
#endif /* EBCDIC systems */
status = cryptPushData( cryptSession, fetchString,
fetchStringLen, &bytesCopied );
if( cryptStatusOK( status ) )
status = cryptFlushData( cryptSession );
if( cryptStatusError( status ) || bytesCopied != fetchStringLen )
{
printExtError( cryptSession, "Attempt to send data to "
"server", status, __LINE__ );
cryptDestroySession( cryptSession );
return( FALSE );
}
/* Print the text of the reply from the server */
status = cryptPopData( cryptSession, buffer, FILEBUFFER_SIZE,
&bytesCopied );
if( cryptStatusError( status ) )
{
printExtError( cryptSession, "Attempt to read data from "
"server", status, __LINE__ );
cryptDestroySession( cryptSession );
return( FALSE );
}
if( bytesCopied == 0 )
{
/* We've set a 5s timeout, we should get at least some
data */
puts( "Server returned no data in response to our request." );
cryptDestroySession( cryptSession );
return( FALSE );
}
buffer[ bytesCopied ] = '\0';
#if defined( __MVS__ ) || defined( __VMCMS__ )
asciiToEbcdic( buffer, bytesCopied );
#endif /* EBCDIC systems */
printf( "---- Server sent %d bytes ----\n", bytesCopied );
#if SSL_SERVER_NO == 3
puts( " (Large data quantity omitted)" );
#else
puts( buffer );
#endif /* SSL_SERVER_NO == 3 */
puts( "---- End of output ----" );
#if SSL_SERVER_NO == 3
/* If we're reading a lot of data, more may have arrived in the
meantime */
status = cryptPopData( cryptSession, buffer, FILEBUFFER_SIZE,
&bytesCopied );
if( cryptStatusError( status ) )
{
if( status == CRYPT_ERROR_READ )
/* Since this is HTTP, the other side can close the
connection with no further warning, even though SSL
says you shouldn't really do this */
puts( "Remote system closed connection." );
else
{
printExtError( cryptSession, "Attempt to read data from "
"server", status, __LINE__ );
cryptDestroySession( cryptSession );
return( FALSE );
}
}
else
{
buffer[ bytesCopied ] = '\0';
#if defined( __MVS__ ) || defined( __VMCMS__ )
asciiToEbcdic( buffer, bytesCopied );
#endif /* EBCDIC systems */
printf( "---- Server sent further %d bytes ----\n",
bytesCopied );
puts( buffer );
puts( "---- End of output ----" );
}
#endif /* SSL_SERVER_NO == 3 */
/* If it's a chatty protocol, exchange some more pleasantries */
if( localSocket )
{
if( protocol == PROTOCOL_SMTP )
strcpy( fetchString, "QUIT\r\n" );
else
if( protocol == PROTOCOL_POP )
strcpy( fetchString, "USER test\r\n" );
else
if( protocol == PROTOCOL_IMAP )
strcpy( fetchString, "a004 LOGIN test\r\n" );
fetchStringLen = strlen( fetchString );
#if defined( __MVS__ ) || defined( __VMCMS__ )
ebcdicToAscii( fetchString, fetchStringLen );
#endif /* EBCDIC systems */
status = cryptPushData( cryptSession, fetchString,
fetchStringLen, &bytesCopied );
if( cryptStatusOK( status ) )
status = cryptFlushData( cryptSession );
if( cryptStatusError( status ) || bytesCopied != fetchStringLen )
{
printExtError( cryptSession, "Attempt to send data to "
"server", status, __LINE__ );
cryptDestroySession( cryptSession );
return( FALSE );
}
status = cryptPopData( cryptSession, buffer, FILEBUFFER_SIZE,
&bytesCopied );
if( cryptStatusError( status ) )
{
printExtError( cryptSession, "Attempt to read data from "
"server", status, __LINE__ );
cryptDestroySession( cryptSession );
return( FALSE );
}
buffer[ bytesCopied ] = '\0';
#if defined( __MVS__ ) || defined( __VMCMS__ )
asciiToEbcdic( buffer, bytesCopied );
#endif /* EBCDIC systems */
printf( "---- Server sent %d bytes ----\n", bytesCopied );
puts( buffer );
puts( "---- End of output ----" );
}
}
/* Clean up */
status = cryptDestroySession( cryptSession );
if( cryptStatusError( status ) )
{
printf( "cryptDestroySession() failed with error code %d, line %d.\n",
status, __LINE__ );
return( FALSE );
}
#if defined( __WINDOWS__ ) && !defined( _WIN32_WCE )
if( localSocket )
{
closesocket( netSocket );
WSACleanup();
}
#endif /* __WINDOWS__ && !_WIN32_WCE */
printf( "%s%s session succeeded.\n\n", isServer ? "SVR: " : "",
versionStr[ version ] );
return( TRUE );
}
int testSessionSSL( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL, 0, FALSE, FALSE, FALSE, FALSE, FALSE ) );
}
int testSessionSSLLocalSocket( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL, 0, FALSE, FALSE, FALSE, TRUE, FALSE ) );
}
int testSessionSSLClientCert( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL, 0, TRUE, FALSE, FALSE, FALSE, FALSE ) );
}
int testSessionSSLSharedKey( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL, 0, TRUE, FALSE, FALSE, FALSE, TRUE ) );
}
int testSessionSSLServer( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 0, FALSE, FALSE, FALSE, FALSE, FALSE ) );
}
int testSessionSSLServerCached( void )
{
int status;
/* Run the server twice to check session cacheing. Testing this requires
manual reconnection with a browser to localhost, since it's too
complex to handle easily via a loopback test. Note that with MSIE
this will require three lots of connects rather than two, because it
handles an unknown cert by doing a resume, which consumes two lots of
sessions, and then the third one is the actual session resume */
status = connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 0, FALSE, FALSE, FALSE, FALSE, FALSE );
if( status <= 0 )
return( status );
return( connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 0, FALSE, FALSE, FALSE, FALSE, FALSE ) );
}
int testSessionSSLServerClientCert( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 0, TRUE, FALSE, FALSE, FALSE, FALSE ) );
}
int testSessionTLS( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL, 1, FALSE, FALSE, FALSE, FALSE, FALSE ) );
}
int testSessionTLSServer( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 1, FALSE, FALSE, FALSE, FALSE, FALSE ) );
}
int testSessionTLSServerSharedKey( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 1, FALSE, FALSE, FALSE, FALSE, TRUE ) );
}
int testSessionTLS11( void )
{
return( connectSSLTLS( CRYPT_SESSION_SSL, 2, FALSE, FALSE, FALSE, FALSE, FALSE ) );
}
/* Perform a client/server loopback test */
#ifdef WINDOWS_THREADS
unsigned __stdcall sslServerThread( void *dummy )
{
connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 0, FALSE, TRUE, FALSE, FALSE, FALSE );
_endthreadex( 0 );
return( 0 );
}
int testSessionSSLClientServer( void )
{
HANDLE hThread;
unsigned threadID;
int status;
/* Start the server and wait for it to initialise */
hThread = ( HANDLE ) _beginthreadex( NULL, 0, &sslServerThread,
NULL, 0, &threadID );
Sleep( 1000 );
/* Connect to the local server */
status = connectSSLTLS( CRYPT_SESSION_SSL, 0, FALSE, TRUE, FALSE, FALSE, FALSE );
if( WaitForSingleObject( hThread, 15000 ) == WAIT_TIMEOUT )
{
puts( "Warning: Server thread is still active due to session "
"negotiation failure,\n this will cause an error "
"condition when cryptEnd() is called due\n to "
"resources remaining allocated. Press a key to continue." );
getchar();
}
CloseHandle( hThread );
return( status );
}
unsigned __stdcall sslClientCertServerThread( void *dummy )
{
connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 0, TRUE, TRUE, FALSE, FALSE, FALSE );
_endthreadex( 0 );
return( 0 );
}
int testSessionSSLClientCertClientServer( void )
{
HANDLE hThread;
unsigned threadID;
int status;
/* Start the server and wait for it to initialise */
hThread = ( HANDLE ) _beginthreadex( NULL, 0, &sslClientCertServerThread,
NULL, 0, &threadID );
Sleep( 1000 );
/* Connect to the local server */
status = connectSSLTLS( CRYPT_SESSION_SSL, 0, TRUE, TRUE, FALSE, FALSE, FALSE );
if( WaitForSingleObject( hThread, 15000 ) == WAIT_TIMEOUT )
{
puts( "Warning: Server thread is still active due to session "
"negotiation failure,\n this will cause an error "
"condition when cryptEnd() is called due\n to "
"resources remaining allocated. Press a key to continue." );
getchar();
}
CloseHandle( hThread );
return( status );
}
unsigned __stdcall tlsServerThread( void *dummy )
{
connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 1, FALSE, TRUE, FALSE, FALSE, FALSE );
_endthreadex( 0 );
return( 0 );
}
int testSessionTLSClientServer( void )
{
HANDLE hThread;
unsigned threadID;
int status;
/* Start the server and wait for it to initialise */
hThread = ( HANDLE ) _beginthreadex( NULL, 0, &tlsServerThread,
NULL, 0, &threadID );
Sleep( 1000 );
/* Connect to the local server */
status = connectSSLTLS( CRYPT_SESSION_SSL, 1, FALSE, TRUE, FALSE, FALSE, FALSE );
if( WaitForSingleObject( hThread, 15000 ) == WAIT_TIMEOUT )
{
puts( "Warning: Server thread is still active due to session "
"negotiation failure,\n this will cause an error "
"condition when cryptEnd() is called due\n to "
"resources remaining allocated. Press a key to continue." );
getchar();
}
CloseHandle( hThread );
return( status );
}
unsigned __stdcall tlsSharedKeyServerThread( void *dummy )
{
connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 1, FALSE, TRUE, FALSE, FALSE, TRUE );
_endthreadex( 0 );
return( 0 );
}
int testSessionTLSSharedKeyClientServer( void )
{
HANDLE hThread;
unsigned threadID;
int status;
/* Start the server and wait for it to initialise */
hThread = ( HANDLE ) _beginthreadex( NULL, 0, &tlsSharedKeyServerThread,
NULL, 0, &threadID );
Sleep( 1000 );
/* Connect to the local server */
status = connectSSLTLS( CRYPT_SESSION_SSL, 1, FALSE, TRUE, FALSE, FALSE, TRUE );
if( WaitForSingleObject( hThread, 15000 ) == WAIT_TIMEOUT )
{
puts( "Warning: Server thread is still active due to session "
"negotiation failure,\n this will cause an error "
"condition when cryptEnd() is called due\n to "
"resources remaining allocated. Press a key to continue." );
getchar();
}
CloseHandle( hThread );
return( status );
}
unsigned __stdcall tlsBulkTransferServerThread( void *dummy )
{
connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 1, FALSE, TRUE, TRUE, FALSE, FALSE );
_endthreadex( 0 );
return( 0 );
}
int testSessionTLSBulkTransferClientServer( void )
{
HANDLE hThread;
unsigned threadID;
int status;
/* Start the server and wait for it to initialise */
hThread = ( HANDLE ) _beginthreadex( NULL, 0, &tlsBulkTransferServerThread,
NULL, 0, &threadID );
Sleep( 1000 );
/* Connect to the local server */
status = connectSSLTLS( CRYPT_SESSION_SSL, 1, FALSE, TRUE, TRUE, FALSE, FALSE );
if( WaitForSingleObject( hThread, 15000 ) == WAIT_TIMEOUT )
{
puts( "Warning: Server thread is still active due to session "
"negotiation failure,\n this will cause an error "
"condition when cryptEnd() is called due\n to "
"resources remaining allocated. Press a key to continue." );
getchar();
}
CloseHandle( hThread );
return( status );
}
unsigned __stdcall tls11ServerThread( void *dummy )
{
connectSSLTLS( CRYPT_SESSION_SSL_SERVER, 2, FALSE, TRUE, FALSE, FALSE, FALSE );
_endthreadex( 0 );
return( 0 );
}
int testSessionTLS11ClientServer( void )
{
HANDLE hThread;
unsigned threadID;
int status;
/* Start the server and wait for it to initialise */
hThread = ( HANDLE ) _beginthreadex( NULL, 0, &tls11ServerThread,
NULL, 0, &threadID );
Sleep( 1000 );
/* Connect to the local server */
status = connectSSLTLS( CRYPT_SESSION_SSL, 2, FALSE, TRUE, FALSE, FALSE, FALSE );
if( WaitForSingleObject( hThread, 15000 ) == WAIT_TIMEOUT )
{
puts( "Warning: Server thread is still active due to session "
"negotiation failure,\n this will cause an error "
"condition when cryptEnd() is called due\n to "
"resources remaining allocated. Press a key to continue." );
getchar();
}
CloseHandle( hThread );
return( status );
}
#endif /* WINDOWS_THREADS */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -