Created
September 8, 2010 18:39
-
-
Save tenderlove/570593 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <errno.h> | |
#include <sys/types.h> | |
#include <sys/socket.h> | |
#include <netinet/in.h> | |
#include <netinet/tcp.h> | |
#include <openssl/ssl.h> | |
#include <openssl/err.h> | |
#include <unistd.h> | |
#include <netdb.h> | |
#include <fcntl.h> | |
#define HOST "bugzilla.redhat.com" | |
#define PORT 443 | |
extern int errno; | |
int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) { | |
printf("preverify ok: %d\n", preverify_ok); | |
return preverify_ok; | |
} | |
int main(int argc, char *argv[]) { | |
SSL_CTX *ctx; | |
SSL *sslsock; | |
BIO *sbio; | |
struct hostent * hp; | |
struct sockaddr_in addr; | |
int tcpsock; | |
int err, err2; | |
SSL_library_init(); | |
SSL_load_error_strings(); | |
ctx = SSL_CTX_new(SSLv23_method()); | |
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); | |
SSL_CTX_set_options(ctx, SSL_OP_ALL); | |
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_cb); | |
hp = gethostbyname(HOST); | |
memset(&addr, 0, sizeof(addr)); | |
addr.sin_addr = *(struct in_addr *)hp->h_addr_list[0]; | |
addr.sin_family = AF_INET; | |
addr.sin_port = htons(PORT); | |
tcpsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); | |
if(connect(tcpsock, (struct sockaddr *)&addr, sizeof(addr)) < 0) { | |
printf("couldn't connect %s\n", strerror(errno)); | |
exit(1); | |
} | |
sslsock = SSL_new(ctx); | |
sbio = BIO_new_socket(tcpsock, BIO_NOCLOSE); | |
SSL_set_bio(sslsock, sbio, sbio); | |
/* This should return <= 0, but does not */ | |
if((err = SSL_connect(sslsock)) <= 0) { | |
err2 = SSL_get_error(sslsock, err); | |
switch(err2) { | |
case SSL_ERROR_WANT_WRITE: | |
printf("wanted write\n"); | |
break; | |
case SSL_ERROR_WANT_READ: | |
printf("wanted read\n"); | |
break; | |
case SSL_ERROR_SYSCALL: | |
printf("syscall error: %s\n", SSL_state_string_long(sslsock)); | |
break; | |
default: | |
printf("oh no! %s\n", SSL_state_string_long(sslsock)); | |
} | |
exit(1); | |
} | |
return 0; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment