/* UpTools v8.6 * * Copyright (c) 2005-2013 Fundacion Universidad de Palermo (Argentina). * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. Neither the name of the copyright holder nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * 4. Redistributions of any form whatsoever must retain the following * acknowledgment: 'This product includes software developed by the * "Universidad de Palermo, Argentina" (http://www.palermo.edu/).' * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include <UpTools/UpSsl.h> #include <cstring> #include <cerrno> #include <iostream> using namespace std; std::string dataToSend("Content-Type: text/plain\n\nHello world\n"); int main(int argc,char* argv[]) { // UpCryptoSslLibMultithreading upssllib; // only needed in a multithreadd program UpCryptoSslLib upssllib; UpSslContext upsslcontext; ///////////////////////////////////////////////////////////////////////// // load server certificate UpX509 serverCert; if( !serverCert.readCertFile("/etc/pki/tls/certs/mail-pops-crt.ipsca.pem") ) { cerr<<serverCert.getStatus()<<endl; return 2; } std::string serverCertTxt; serverCert.showCert(serverCertTxt); cout<<"Our certificate:\n"<<serverCertTxt<<endl; ///////////////////////////////////////////////////////////////////////// // load server key UpRsa serverKey; if( !serverKey.readKeyFile("/etc/pki/tls/private/mail-pops-key.ipsca.pem") ) { cerr<<serverKey.getStatus()<<endl; return 3; } cout<<"Server key loaded"<<endl; ///////////////////////////////////////////////////////////////////////// // configure ssl context if( !upsslcontext.addCAChainFile("/etc/pki/tls/certs/ips-ca-bundle.crt") ) { cerr<<upsslcontext.getErrBuf()<<endl; return 5; } // the following method must always be called after any addCAChainXXX // methods because they would change the default certificate also if( !upsslcontext.useCertAndRsaPrivateKey(serverCert,serverKey) ) { cerr<<upsslcontext.getErrBuf()<<endl; return 4; } cout<<"Global ssl context configured"<<endl; ///////////////////////////////////////////////////////////////////////// UpSocket sl,sc; if( ! sl.bind("0.0.0.0:4430") or !sl.listen(10) ) { cerr<<"Listening socket error: "<<strerror(errno)<<endl; return 1; } cout<<"Listening for connections on port 4430"<<endl; ///////////////////////////////////////////////////////////////////////// // accept and process connections for(;;) { if( ! sl.accept(sc) ) { cerr<<"Socket accept error: "<<strerror(errno)<<endl; continue; } cout<<"Connection accepted from: "<<sc.getRemoteSockAddr()<<endl; UpSsl ssl(upsslcontext); // We set this in order to automatically call shutdown twice. // Alternatively we could call it twice. // If we do not care about the peer close notify, we could instead // ignore the shutdown return value (we could not reuse session though) ssl.setBidirectionalShutdown(true); if( !ssl.setChannel(sc) or !ssl.accept() ) { cerr<<ssl.getErrBuf()<<endl; ssl.close(); continue; } char buf[10240]; int n = ssl.read(buf,10240); if( n==0 ) { cout<<"eof on ssl connection: "<<ssl.getErrBuf()<<endl; ssl.close(); continue; } if( n<0 ) { cerr<<"error on ssl connection: "<<ssl.getErrBuf()<<endl; ssl.close(); continue; } cout<<"data received:\n"; cout.write(buf,n); if( (int)dataToSend.size()!=ssl.write(dataToSend.c_str(),dataToSend.size()) ) { cerr<<"error on ssl connection: "<<ssl.getErrBuf()<<endl; ssl.close(); continue; } if( ! ssl.shutdown() ) { cerr<<"error on ssl shutdown: "<<ssl.getErrBuf()<<endl; } ssl.close(); } return 0; }