23 #include "SSLClient.h"
25 SSLClient::SSLClient() {
26 logger = Logger::getLogger(
"SSLClient");
29 SSLClient::~SSLClient() {
33 static void sigpipe_handle(
int x){
36 static int password_cb(
char *buf,
int num,
37 int rwflag,
void *userdata)
39 if(num<(
int)(strlen(pass)+1))
46 SSL_CTX *SSLClient::initialize_ctx(
char *keyfile,
char *password)
53 SSL_load_error_strings();
56 signal(SIGPIPE,sigpipe_handle);
59 meth=(SSL_METHOD*)SSLv23_method();
60 ctx=SSL_CTX_new(meth);
63 if(!(SSL_CTX_use_certificate_chain_file(ctx,
65 logger <<
"Can't read certificate file" << flush;
68 SSL_CTX_set_default_passwd_cb(ctx,
70 if(!(SSL_CTX_use_PrivateKey_file(ctx,
71 keyfile,SSL_FILETYPE_PEM)))
72 logger <<
"Can't read key file" << flush;
75 if(!(SSL_CTX_load_verify_locations(ctx,
77 logger <<
"Can't read CA list" << flush;
78 #if (OPENSSL_VERSION_NUMBER < 0x00905100L)
79 SSL_CTX_set_verify_depth(ctx,1);
85 void SSLClient::destroy_ctx(SSL_CTX *ctx)
90 void SSLClient::closeSSL()
92 int r=SSL_shutdown(ssl);
108 logger <<
"shutdown failed" << flush;
114 bool SSLClient::connection(
string host,
int port)
116 if(host==
"localhost")
118 return connectionUnresolv(host, port);
121 struct sockaddr_in *remote;
125 sockfd = create_tcp_socket();
126 ip = get_ip((
char*)host.c_str());
127 fprintf(stderr,
"IP is %s\n", ip);
128 remote = (
struct sockaddr_in *)malloc(
sizeof(
struct sockaddr_in *));
129 remote->sin_family = AF_INET;
130 tmpres = inet_pton(AF_INET, ip, (
void *)(&(remote->sin_addr.s_addr)));
133 perror(
"Can't set remote->sin_addr.s_addr");
138 fprintf(stderr,
"%s is not a valid IP address\n", ip);
141 remote->sin_port = htons(port);
143 if(connect(sockfd, (
struct sockaddr *)remote,
sizeof(
struct sockaddr)) < 0){
144 perror(
"Could not connect");
154 ctx=initialize_ctx((
char*)KEYFILE,(
char*)PASSWORD);
158 sbio=BIO_new_socket(sockfd,BIO_CLOSE);
159 SSL_set_bio(ssl,sbio,sbio);
160 io=BIO_new(BIO_f_buffer());
161 ssl_bio=BIO_new(BIO_f_ssl());
162 BIO_set_ssl(ssl_bio,ssl,BIO_NOCLOSE);
163 BIO_push(io,ssl_bio);
165 if(SSL_connect(ssl)<=0)
167 logger <<
"SSL connect error";
175 bool SSLClient::connectionUnresolv(
string host,
int port)
177 struct addrinfo hints, *servinfo, *p;
179 char s[INET6_ADDRSTRLEN];
181 memset(&hints, 0,
sizeof hints);
182 hints.ai_family = AF_UNSPEC;
183 hints.ai_socktype = SOCK_STREAM;
184 string sport = CastUtil::lexical_cast<
string>(port);
185 if ((rv = getaddrinfo(host.c_str(), sport.c_str(), &hints, &servinfo)) != 0) {
186 fprintf(stderr,
"getaddrinfo: %s\n", gai_strerror(rv));
191 for(p = servinfo; p != NULL; p = p->ai_next) {
192 if ((sockfd = socket(p->ai_family, p->ai_socktype,
193 p->ai_protocol)) == -1) {
194 perror(
"client: socket");
198 if (connect(sockfd, p->ai_addr, p->ai_addrlen) == -1) {
200 perror(
"client: connect");
210 fprintf(stderr,
"client: failed to connect\n");
214 inet_ntop(p->ai_family, get_in_addr((
struct sockaddr *)p->ai_addr),
218 freeaddrinfo(servinfo);
221 ctx=initialize_ctx((
char*)KEYFILE,(
char*)PASSWORD);
225 sbio=BIO_new_socket(sockfd,BIO_CLOSE);
226 SSL_set_bio(ssl,sbio,sbio);
227 io=BIO_new(BIO_f_buffer());
228 ssl_bio=BIO_new(BIO_f_ssl());
229 BIO_set_ssl(ssl_bio,ssl,BIO_NOCLOSE);
230 BIO_push(io,ssl_bio);
232 if(SSL_connect(ssl)<=0)
234 logger <<
"SSL connect error";
241 int SSLClient::sendData(
string data)
244 while(data.length()>0)
246 int bytes = SSL_write(ssl, data.c_str(), data.length());
247 switch(SSL_get_error(ssl,bytes)){
251 logger <<
"SSL write problem" ;
254 data = data.substr(bytes);
259 string SSLClient::getData(
string hdrdelm,
string cntlnhdr)
261 return getTextData(hdrdelm, cntlnhdr);
264 string SSLClient::getTextData(
string hdrdelm,
string cntlnhdr)
273 er = BIO_gets(io,buf,MAXBUFLE-1);
274 switch(SSL_get_error(ssl,er))
278 case SSL_ERROR_ZERO_RETURN:
280 logger <<
"SSL - Connection closed\n";
285 logger <<
"SSL read problem";
289 if(!strcmp(buf,hdrdelm.c_str()))
295 string temp(buf, er);
296 temp = temp.substr(0,temp.length()-1);
297 alldat += (temp +
"\n");
298 if(temp.find(cntlnhdr)!=string::npos)
300 std::string cntle = temp.substr(temp.find(
": ")+2);
301 cntle = cntle.substr(0,cntle.length()-1);
304 cntlen = CastUtil::lexical_cast<
int>(cntle);
308 logger <<
"bad lexical cast" <<endl;
311 memset(&buf[0], 0,
sizeof(buf));
318 toRead = MAXBUFLE - 1;
319 er = BIO_read(io,buf,toRead);
320 switch(SSL_get_error(ssl,er))
325 case SSL_ERROR_ZERO_RETURN:
327 logger <<
"SSL - Connection closed\n";
332 logger <<
"SSL read problem";
336 string temp(buf, er);
338 memset(&buf[0], 0,
sizeof(buf));
343 string SSLClient::getData(
int cntlen)
351 er = BIO_read(io,buf,cntlen);
352 switch(SSL_get_error(ssl,er))
357 case SSL_ERROR_ZERO_RETURN:
359 logger <<
"SSL - Connection closed\n";
364 logger <<
"SSL read problem\n";
369 memset(&buf[0], 0,
sizeof(buf));
374 string SSLClient::getBinaryData(
int len,
bool isLengthIncluded)
377 string alldat = getData(len);
379 int leng = getLengthCl(alldat, len);
385 alldat = getData(leng);
386 logger << alldat.length();
390 void SSLClient::closeConnection()
397 bool SSLClient::isConnected()
399 return connected && ClientInterface::isConnected(sockfd);