diff options
author | Adam Langley <agl@google.com> | 2015-01-22 14:27:53 -0800 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-01-30 16:52:14 -0800 |
commit | d9e397b599b13d642138480a28c14db7a136bf05 (patch) | |
tree | 34bab61dc4ce323b123ad4614dbc07e86ea2f9ef /src/tool/server.cc | |
download | external_boringssl-d9e397b599b13d642138480a28c14db7a136bf05.zip external_boringssl-d9e397b599b13d642138480a28c14db7a136bf05.tar.gz external_boringssl-d9e397b599b13d642138480a28c14db7a136bf05.tar.bz2 |
Initial commit of BoringSSL for Android.
Diffstat (limited to 'src/tool/server.cc')
-rw-r--r-- | src/tool/server.cc | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/src/tool/server.cc b/src/tool/server.cc new file mode 100644 index 0000000..120e450 --- /dev/null +++ b/src/tool/server.cc @@ -0,0 +1,109 @@ +/* Copyright (c) 2014, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#include <openssl/base.h> + +#include <string> +#include <vector> + +#include <errno.h> +#include <stdlib.h> +#include <sys/types.h> + +#include <openssl/err.h> +#include <openssl/ssl.h> + +#include "internal.h" +#include "transport_common.h" + + +static const struct argument kArguments[] = { + { + "-accept", true, + "The port of the server to bind on; eg 45102", + }, + { + "-cipher", false, + "An OpenSSL-style cipher suite string that configures the offered ciphers", + }, + { + "-key", false, + "Private-key file to use (default is server.pem)", + }, + { + "", false, "", + }, +}; + +bool Server(const std::vector<std::string> &args) { + if (!InitSocketLibrary()) { + return false; + } + + std::map<std::string, std::string> args_map; + + if (!ParseKeyValueArguments(&args_map, args, kArguments)) { + PrintUsage(kArguments); + return false; + } + + SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method()); + SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3); + + // Server authentication is required. + std::string key_file = "server.pem"; + if (args_map.count("-key") != 0) { + key_file = args_map["-key"]; + } + if (SSL_CTX_use_PrivateKey_file(ctx, key_file.c_str(), SSL_FILETYPE_PEM) <= 0) { + fprintf(stderr, "Failed to load private key: %s\n", key_file.c_str()); + return false; + } + if (SSL_CTX_use_certificate_chain_file(ctx, key_file.c_str()) != 1) { + fprintf(stderr, "Failed to load cert chain: %s\n", key_file.c_str()); + return false; + } + + if (args_map.count("-cipher") != 0 && + !SSL_CTX_set_cipher_list(ctx, args_map["-cipher"].c_str())) { + fprintf(stderr, "Failed setting cipher list\n"); + return false; + } + + int sock = -1; + if (!Accept(&sock, args_map["-accept"])) { + return false; + } + + BIO *bio = BIO_new_socket(sock, BIO_CLOSE); + SSL *ssl = SSL_new(ctx); + SSL_set_bio(ssl, bio, bio); + + int ret = SSL_accept(ssl); + if (ret != 1) { + int ssl_err = SSL_get_error(ssl, ret); + fprintf(stderr, "Error while connecting: %d\n", ssl_err); + ERR_print_errors_cb(PrintErrorCallback, stderr); + return false; + } + + fprintf(stderr, "Connected.\n"); + PrintConnectionInfo(ssl); + + bool ok = TransferData(ssl, sock); + + SSL_free(ssl); + SSL_CTX_free(ctx); + return ok; +} |