sslweird.c

#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <unistd.h>
#include <netdb.h>
#include <fcntl.h>

#define HOST "bugzilla.redhat.com"
#define PORT 443

extern int errno;

int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) {
  printf("preverify ok: %d\n", preverify_ok);
  return preverify_ok;
}

int main(int argc, char *argv[]) {
  SSL_CTX *ctx;
  SSL *sslsock;
  BIO *sbio;
  struct hostent * hp;
  struct sockaddr_in addr;
  int tcpsock;
  int err, err2;

  SSL_library_init();
  SSL_load_error_strings();

  ctx = SSL_CTX_new(SSLv23_method());

  SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
  SSL_CTX_set_options(ctx, SSL_OP_ALL);
  SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_cb);

  hp = gethostbyname(HOST);

  memset(&addr, 0, sizeof(addr));
  addr.sin_addr = *(struct in_addr *)hp->h_addr_list[0];
  addr.sin_family = AF_INET;
  addr.sin_port = htons(PORT);

  tcpsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);

  if(connect(tcpsock, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
    printf("couldn't connect %s\n", strerror(errno));
    exit(1);
  }

  sslsock = SSL_new(ctx);
  sbio = BIO_new_socket(tcpsock, BIO_NOCLOSE);
  SSL_set_bio(sslsock, sbio, sbio);

  /* This should return <= 0, but does not */
  if((err = SSL_connect(sslsock)) <= 0) {
    err2 = SSL_get_error(sslsock, err);
    switch(err2) {
      case SSL_ERROR_WANT_WRITE:
        printf("wanted write\n");
        break;
      case SSL_ERROR_WANT_READ:
        printf("wanted read\n");
        break;
      case SSL_ERROR_SYSCALL:
        printf("syscall error: %s\n", SSL_state_string_long(sslsock));
        break;
      default:
        printf("oh no! %s\n", SSL_state_string_long(sslsock));
    }
    exit(1);
  }

  return 0;
}