135 lines
3.9 KiB
C++
135 lines
3.9 KiB
C++
#include <arpa/inet.h>
|
|
#include <iostream>
|
|
#include <netinet/in.h>
|
|
#include <openssl/crypto.h>
|
|
#include <openssl/err.h>
|
|
#include <openssl/opensslv.h>
|
|
#include <openssl/ssl.h>
|
|
#include <ostream>
|
|
#include <sys/socket.h>
|
|
#include <unistd.h>
|
|
|
|
using std::cout, std::endl, std::string;
|
|
|
|
/*
|
|
* Remember to build with the flags "-L/usr/lib -lssl -lcrypto"
|
|
*/
|
|
|
|
/**
|
|
* Gets the latest error from OpenSSL and returns it as an string.
|
|
* This makes it easier to log any errors that OpenSSL throws.
|
|
*/
|
|
string getCtxError() {
|
|
|
|
// Get the latest error code
|
|
unsigned long errCode = ERR_get_error();
|
|
|
|
// Define a buffer of 128 bytes to hold the error message
|
|
char errBuffer[128];
|
|
|
|
// Get a human readable description of the error from OpenSSL and write it
|
|
// to the buffer
|
|
ERR_error_string_n(errCode, errBuffer, sizeof(errBuffer));
|
|
return errBuffer;
|
|
}
|
|
|
|
int main() {
|
|
|
|
// Inistialize the SSL library
|
|
if (OpenSSL_version_num() < 0x10100000L) {
|
|
// Old version, deprecated as of version 1.1.0
|
|
SSL_library_init();
|
|
|
|
// Loads human readable error strings
|
|
// Automatically inistialized in newer versions
|
|
SSL_load_error_strings();
|
|
} else {
|
|
// New version
|
|
// Initalizes both SSl and crypto and is generally better
|
|
OPENSSL_init_ssl(0, nullptr);
|
|
}
|
|
|
|
// Create new SSL context with server side connections and save it to a
|
|
// pointer
|
|
SSL_CTX *ctx = SSL_CTX_new(TLS_server_method());
|
|
|
|
// Check of the context is null
|
|
// If it's null, then an error occurred
|
|
if (!ctx) {
|
|
cout << "Creation of SSL context failed: " << getCtxError() << endl;
|
|
}
|
|
|
|
// Load certificate into the context
|
|
// Returns 1 on success, otherwise check error stack
|
|
if (SSL_CTX_use_certificate_file(ctx, "./ssl/server.crt",
|
|
SSL_FILETYPE_PEM) <= 0) {
|
|
cout << "Certificate load failed: " << getCtxError() << endl;
|
|
}
|
|
|
|
// Load certificate private key into the context
|
|
// Returns 1 on success, otherwise check error stack
|
|
if (SSL_CTX_use_PrivateKey_file(ctx, "./ssl/server.key",
|
|
SSL_FILETYPE_PEM) <= 0) {
|
|
cout << "Private key load failed: " << getCtxError() << endl;
|
|
}
|
|
|
|
cout << "Initializing server" << endl;
|
|
int serverSocket = socket(AF_INET, SOCK_STREAM, 0);
|
|
if (serverSocket == -1) {
|
|
cout << "Server socket failed" << endl;
|
|
}
|
|
|
|
sockaddr_in serverAddress;
|
|
serverAddress.sin_family = AF_INET;
|
|
serverAddress.sin_port = htons(8080);
|
|
serverAddress.sin_addr.s_addr = inet_addr("127.0.0.50");
|
|
|
|
int bindStatus = bind(serverSocket, (struct sockaddr *)&serverAddress,
|
|
sizeof(serverAddress));
|
|
if (bindStatus == -1) {
|
|
cout << "Bind failed" << endl;
|
|
}
|
|
|
|
int listenStatus = listen(serverSocket, 5);
|
|
if (listenStatus == -1) {
|
|
cout << "Listen failed" << endl;
|
|
}
|
|
|
|
int clientSocket = accept(serverSocket, nullptr, nullptr);
|
|
if (clientSocket == -1) {
|
|
cout << "Client socket failed" << endl;
|
|
}
|
|
|
|
SSL *ssl = SSL_new(ctx);
|
|
SSL_set_fd(ssl, clientSocket);
|
|
|
|
// Perform the SSL negotiation
|
|
int sslAcceptCode = SSL_accept(ssl);
|
|
if (sslAcceptCode <= 0) {
|
|
int sslError = SSL_get_error(ssl, sslAcceptCode);
|
|
char *errStr = ERR_error_string(ERR_get_error(), nullptr);
|
|
cout << "SSL_accept failed with SSL error: " << sslError << endl;
|
|
cout << "OpenSSL error: " << errStr << endl;
|
|
} else {
|
|
cout << "negotiated SSL" << endl;
|
|
}
|
|
|
|
while (true) {
|
|
char buffer[1024] = {0};
|
|
SSL_read(ssl, buffer, sizeof(buffer) - 1);
|
|
|
|
if (strlen(buffer) <= 0) {
|
|
cout << "Client seems to have just straight up left :(" << endl;
|
|
break;
|
|
}
|
|
|
|
cout << buffer << endl;
|
|
}
|
|
|
|
SSL_free(ssl);
|
|
SSL_CTX_free(ctx);
|
|
ERR_free_strings();
|
|
close(serverSocket);
|
|
|
|
return 0;
|
|
}
|