loop-libressl.cc revision 23a62999
142b85340SShuo Chen#include <assert.h> 242b85340SShuo Chen#include <stdio.h> 342b85340SShuo Chen#include <sys/types.h> 442b85340SShuo Chen#include <sys/socket.h> 542b85340SShuo Chen 642b85340SShuo Chen#include <tls.h> 742b85340SShuo Chen 823a62999SShuo Chenstruct tls* client(int sockfd) 942b85340SShuo Chen{ 1042b85340SShuo Chen struct tls_config* cfg = tls_config_new(); 1142b85340SShuo Chen assert(cfg != NULL); 1242b85340SShuo Chen 1342b85340SShuo Chen tls_config_set_ca_file(cfg, "ca.pem"); 1442b85340SShuo Chen // tls_config_insecure_noverifycert(cfg); 1542b85340SShuo Chen // tls_config_insecure_noverifyname(cfg); 1642b85340SShuo Chen 1742b85340SShuo Chen struct tls* ctx = tls_client(); 1842b85340SShuo Chen assert(ctx != NULL); 1942b85340SShuo Chen 2042b85340SShuo Chen int ret = tls_configure(ctx, cfg); 2142b85340SShuo Chen assert(ret == 0); 2242b85340SShuo Chen 2323a62999SShuo Chen ret = tls_connect_socket(ctx, sockfd, "Test Server Cert"); 2423a62999SShuo Chen assert(ret == 0); 2523a62999SShuo Chen 2642b85340SShuo Chen return ctx; 2742b85340SShuo Chen} 2842b85340SShuo Chen 2923a62999SShuo Chenstruct tls* server(int sockfd) 3042b85340SShuo Chen{ 3142b85340SShuo Chen struct tls_config* cfg = tls_config_new(); 3242b85340SShuo Chen assert(cfg != NULL); 3342b85340SShuo Chen 3423a62999SShuo Chen int ret = tls_config_set_cert_file(cfg, "server.pem"); 3542b85340SShuo Chen assert(ret == 0); 3642b85340SShuo Chen 3723a62999SShuo Chen ret = tls_config_set_key_file(cfg, "server.pem"); 3842b85340SShuo Chen assert(ret == 0); 3942b85340SShuo Chen 4042b85340SShuo Chen tls_config_verify_client_optional(cfg); 4142b85340SShuo Chen struct tls* ctx = tls_server(); 4242b85340SShuo Chen assert(ctx != NULL); 4342b85340SShuo Chen 4442b85340SShuo Chen ret = tls_configure(ctx, cfg); 4542b85340SShuo Chen assert(ret == 0); 4642b85340SShuo Chen 4742b85340SShuo Chen struct tls* sctx = NULL; 4823a62999SShuo Chen ret = tls_accept_socket(ctx, &sctx, sockfd); 4923a62999SShuo Chen assert(ret == 0 && sctx != NULL); 5042b85340SShuo Chen 5123a62999SShuo Chen return sctx; 5223a62999SShuo Chen} 5323a62999SShuo Chen 5423a62999SShuo Chenbool handshake(struct tls* cctx, struct tls* sctx) 5523a62999SShuo Chen{ 5623a62999SShuo Chen int client_done = false, server_done = false; 5723a62999SShuo Chen 5823a62999SShuo Chen while (!(client_done && server_done)) 5923a62999SShuo Chen { 6023a62999SShuo Chen if (!client_done) 6123a62999SShuo Chen { 6223a62999SShuo Chen int ret = tls_handshake(cctx); 6323a62999SShuo Chen printf("c %d\n", ret); 6423a62999SShuo Chen if (ret == 0) 6523a62999SShuo Chen client_done = true; 6623a62999SShuo Chen else if (ret == -1) 6723a62999SShuo Chen { 6823a62999SShuo Chen printf("client handshake failed: %s\n", tls_error(cctx)); 6923a62999SShuo Chen break; 7023a62999SShuo Chen } 7123a62999SShuo Chen } 7223a62999SShuo Chen 7323a62999SShuo Chen if (!server_done) 7423a62999SShuo Chen { 7523a62999SShuo Chen int ret = tls_handshake(sctx); 7623a62999SShuo Chen printf("s %d\n", ret); 7723a62999SShuo Chen if (ret == 0) 7823a62999SShuo Chen server_done = true; 7923a62999SShuo Chen else if (ret == -1) 8023a62999SShuo Chen { 8123a62999SShuo Chen printf("server handshake failed: %s\n", tls_error(cctx)); 8223a62999SShuo Chen break; 8323a62999SShuo Chen } 8423a62999SShuo Chen } 8523a62999SShuo Chen } 8623a62999SShuo Chen 8723a62999SShuo Chen return client_done && server_done; 8823a62999SShuo Chen} 8923a62999SShuo Chen 9023a62999SShuo Chenint main(int argc, char* argv[]) 9123a62999SShuo Chen{ 9223a62999SShuo Chen int ret = tls_init(); 9342b85340SShuo Chen assert(ret == 0); 9442b85340SShuo Chen 9523a62999SShuo Chen int fds[2]; 9623a62999SShuo Chen socketpair(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, fds); 9723a62999SShuo Chen 9823a62999SShuo Chen struct tls* cctx = client(fds[0]); 9923a62999SShuo Chen struct tls* sctx = server(fds[1]); 10042b85340SShuo Chen 10123a62999SShuo Chen if (handshake(cctx, sctx)) 10223a62999SShuo Chen printf("cipher %s\n", tls_conn_cipher(cctx)); 10342b85340SShuo Chen} 104