ssl client
by end from LinuxQuestions.org on (#4XT61)
hi
way this client not working, i have ssl server and i can connect to it from openssl s_client --connect127.0.0.1:80 --cert my.pem --key -- my.pem
but client not working
CLIENT
Code:#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/types.h>
#include<arpa/inet.h>
#include <fcntl.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
int main( int argc , char *argv[] )
{
int sockett;
struct sockaddr_in server;
char buffer[1024];
char bufferr[1024];
SSL *ssl;
SSL_CTX *ctx;
const SSL_METHOD *method;
OpenSSL_add_ssl_algorithms();
method = SSLv23_method();
ctx = SSL_CTX_new(method);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_verify_depth(ctx, 4);
SSL_CTX_load_verify_locations(ctx, "/root/mycert.pem","/root/mycert.pem" );
// SSL_CTX_use_certificate_file(ctx, "/root/mycert.pem" , SSL_FILETYPE_PEM);
//SSL_CTX_use_PrivateKey_file(ctx, "/root/mycert.pem", SSL_FILETYPE_PEM);
SSL_CTX_check_private_key(ctx);
sockett=socket(AF_INET,SOCK_STREAM ,0);
server.sin_family=AF_INET;
server.sin_port= htons(atoi(argv[2]));
server.sin_addr.s_addr =inet_addr(argv[1]);
int ret;
ret= connect(sockett, (struct sockaddr *)&server, sizeof(struct sockaddr_in));
if (sockett<0)
printf("SOCKET ERROR\n");
if (ret<0)
printf("CONNECT ERROR\n\n");
ssl = SSL_new(ctx);
if(SSL_set_fd(ssl, ret)<=0)
printf("SSLFDSETERR");
if(SSL_connect(ssl) <=0)
printf("SSLCONNERR\n");
else
{
printf("SSLCONNECTED\n");
}
SSL_read(ssl,buffer,sizeof(buffer));
}SERVER
Code:#include <stdio.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <string.h>
#include <sys/time.h>
#include <stdlib.h>
#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
int main()
{
int sockett, nsocket;
char bufferr[1024];
char buferr[1024]="hi";
struct sockaddr_in server, connstorage;
int len;
int opt=1;
int port;
int conn;
long on = 1L;
SSL_CTX *sslctx;
SSL *cSSL;
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
sslctx = SSL_CTX_new( SSLv23_server_method());
SSL_CTX_set_options(sslctx, SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_verify(sslctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_verify_depth(sslctx, 4);
SSL_CTX_load_verify_locations(sslctx, "/root/mycert.pem","/root/mycert.pem" );
SSL_CTX_use_certificate_file(sslctx, "/root/mycert.pem" , SSL_FILETYPE_PEM);
SSL_CTX_use_PrivateKey_file(sslctx, "/root/mycert.pem", SSL_FILETYPE_PEM);
//SSL_CTX_load_verify_locations(sslctx, "/root/mycert.pem", NULL );
sockett=socket(AF_INET,SOCK_STREAM ,0);
setsockopt(sockett,SOL_SOCKET,SO_REUSEADDR,&opt,sizeof(opt));
server.sin_family=AF_INET;
server.sin_port=htons(80);
server.sin_addr.s_addr=inet_addr("127.0.0.1");
if ((bind(sockett,(struct sockaddr *) &server,sizeof(server))) != 0)
{
printf("Bind failed\n");
}
else
printf("Bind success\n");
if ((listen(sockett,5)) != 0)
{
printf("Listen failed\n");
}
else
printf("Listen success\n");
len=sizeof(connstorage);
while(1)
{
conn=accept(sockett,(struct sockaddr *)&connstorage,&len);
if(conn>0)
break;
}
if(conn <0)
{
printf("Not Acepted");
}
else
printf("Accepted\n");
cSSL = SSL_new(sslctx);
if(SSL_set_fd(cSSL, conn ) <=0)
{
printf("SSLSETFDERR\n");
}
else
printf("SSLSETFDD\n");
if(SSL_accept(cSSL) <=0)
{
printf("SSLACCEPTERR\n");
}
else
printf("SSLACCEPTED\n");
SSL_write(cSSL, buferr,1024);
SSL_read(cSSL, bufferr,1024);
printf("%s",bufferr);
}
way this client not working, i have ssl server and i can connect to it from openssl s_client --connect127.0.0.1:80 --cert my.pem --key -- my.pem
but client not working
CLIENT
Code:#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/types.h>
#include<arpa/inet.h>
#include <fcntl.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
int main( int argc , char *argv[] )
{
int sockett;
struct sockaddr_in server;
char buffer[1024];
char bufferr[1024];
SSL *ssl;
SSL_CTX *ctx;
const SSL_METHOD *method;
OpenSSL_add_ssl_algorithms();
method = SSLv23_method();
ctx = SSL_CTX_new(method);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_verify_depth(ctx, 4);
SSL_CTX_load_verify_locations(ctx, "/root/mycert.pem","/root/mycert.pem" );
// SSL_CTX_use_certificate_file(ctx, "/root/mycert.pem" , SSL_FILETYPE_PEM);
//SSL_CTX_use_PrivateKey_file(ctx, "/root/mycert.pem", SSL_FILETYPE_PEM);
SSL_CTX_check_private_key(ctx);
sockett=socket(AF_INET,SOCK_STREAM ,0);
server.sin_family=AF_INET;
server.sin_port= htons(atoi(argv[2]));
server.sin_addr.s_addr =inet_addr(argv[1]);
int ret;
ret= connect(sockett, (struct sockaddr *)&server, sizeof(struct sockaddr_in));
if (sockett<0)
printf("SOCKET ERROR\n");
if (ret<0)
printf("CONNECT ERROR\n\n");
ssl = SSL_new(ctx);
if(SSL_set_fd(ssl, ret)<=0)
printf("SSLFDSETERR");
if(SSL_connect(ssl) <=0)
printf("SSLCONNERR\n");
else
{
printf("SSLCONNECTED\n");
}
SSL_read(ssl,buffer,sizeof(buffer));
}SERVER
Code:#include <stdio.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <string.h>
#include <sys/time.h>
#include <stdlib.h>
#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
int main()
{
int sockett, nsocket;
char bufferr[1024];
char buferr[1024]="hi";
struct sockaddr_in server, connstorage;
int len;
int opt=1;
int port;
int conn;
long on = 1L;
SSL_CTX *sslctx;
SSL *cSSL;
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
sslctx = SSL_CTX_new( SSLv23_server_method());
SSL_CTX_set_options(sslctx, SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_verify(sslctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_verify_depth(sslctx, 4);
SSL_CTX_load_verify_locations(sslctx, "/root/mycert.pem","/root/mycert.pem" );
SSL_CTX_use_certificate_file(sslctx, "/root/mycert.pem" , SSL_FILETYPE_PEM);
SSL_CTX_use_PrivateKey_file(sslctx, "/root/mycert.pem", SSL_FILETYPE_PEM);
//SSL_CTX_load_verify_locations(sslctx, "/root/mycert.pem", NULL );
sockett=socket(AF_INET,SOCK_STREAM ,0);
setsockopt(sockett,SOL_SOCKET,SO_REUSEADDR,&opt,sizeof(opt));
server.sin_family=AF_INET;
server.sin_port=htons(80);
server.sin_addr.s_addr=inet_addr("127.0.0.1");
if ((bind(sockett,(struct sockaddr *) &server,sizeof(server))) != 0)
{
printf("Bind failed\n");
}
else
printf("Bind success\n");
if ((listen(sockett,5)) != 0)
{
printf("Listen failed\n");
}
else
printf("Listen success\n");
len=sizeof(connstorage);
while(1)
{
conn=accept(sockett,(struct sockaddr *)&connstorage,&len);
if(conn>0)
break;
}
if(conn <0)
{
printf("Not Acepted");
}
else
printf("Accepted\n");
cSSL = SSL_new(sslctx);
if(SSL_set_fd(cSSL, conn ) <=0)
{
printf("SSLSETFDERR\n");
}
else
printf("SSLSETFDD\n");
if(SSL_accept(cSSL) <=0)
{
printf("SSLACCEPTERR\n");
}
else
printf("SSLACCEPTED\n");
SSL_write(cSSL, buferr,1024);
SSL_read(cSSL, bufferr,1024);
printf("%s",bufferr);
}