talezero/integration
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sslcon now builds on mingw (now broken on linux)

Browse Source
This commit is contained in:
Josh Yelon
2022-01-03 15:03:58 -05:00
parent 30f4089f49
commit 18bccc0c25
3 changed files with 102 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
luprex/core/Makefile
View File

@@ -2,13 +2,15 @@
ifeq ($(OS),mingw)
EXE=main.exe
LIBS=-lws2_32
LIBS=-L ../mingwlib -lssl -lcrypto -lws2_32 -lcrypt32 -lcryptui
INCS=-I ../mingwlib
LUAFLAGS=-DLUA_COMPAT_ALL
OPT=-g -O1
DRIVER=driver-mingw
else ifeq ($(OS),linux)
EXE=main
LIBS=
LIBS=-lssl -lcrypto
INCS=
LUAFLAGS=-DLUA_USE_POSIX
OPT=-g -O1
DRIVER=driver-linux
@@ -18,6 +20,7 @@ else
ERROR=$(error You must specify OS=linux or OS=mingw)
EXE=main
LIBS=$(ERROR)
INCS=$(ERROR)
LUAFLAGS=$(ERROR)
OPT=$(ERROR)
DRIVER=driver-xxx
@@ -99,8 +102,7 @@ lobj/%.o: ../eris-master/src/%.c
gcc -Wall $(OPT) -DLUA_USE_APICHECK $(LUAFLAGS) -c -MMD $< -o $@
obj/%.o: cpp/%.cpp
g++ -std=c++17 -Wall $(OPT) -I../eris-master/src -Icpp -c -MMD $< -o $@
g++ -std=c++17 -Wall $(OPT) -I../eris-master/src -Icpp $(INCS) -c -MMD $< -o $@
$(EXE): $(CORE_OBJ_FILES) $(LUA_OBJ_FILES)
g++ -std=c++17 -Wall $(OPT) -o $@ $(CORE_OBJ_FILES) $(LUA_OBJ_FILES) $(LIBS)

1
luprex/experiments/build-sslcon.bat Normal file
View File

@@ -0,0 +1 @@
gcc -o sslcon.exe sslcon.c -I ../mingwlib -L ../mingwlib -lssl -lcrypto -lws2_32 -lcrypt32 -lcryptui

138
luprex/experiments/sslcon.c
View File

@@ -5,6 +5,15 @@
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>
#ifdef WIN64
#include <ws2tcpip.h>
#include <winsock2.h>
#include <synchapi.h>
#include <sysinfoapi.h>
#include <wincrypt.h>
#include <cryptuiapi.h>
#else
#include <sys/time.h>
#include <fcntl.h>
#include <unistd.h>
@@ -13,8 +22,44 @@
#include <arpa/inet.h>
#include <sys/types.h>
#include <netdb.h>
typedef int SOCKET;
#endif
void set_nonblocking(SOCKET sock) {
u_long mode = 1; // 1 to enable non-blocking socket
int status = ioctlsocket(sock, FIONBIO, &mode);
assert(status == 0);
}
void load_root_certs(SSL_CTX *ctx) {
// SSL_CTX_set_default_verify_paths(ssl_ctx);
HCERTSTORE hStore = CertOpenSystemStoreW(0, L"ROOT");
PCCERT_CONTEXT pContext = NULL;
X509 *x509;
X509_STORE *store = SSL_CTX_get_cert_store(ctx);
if (!hStore) {
fprintf(stderr, "Cannot open system certificate store.\n");
exit(1);
}
while (pContext = CertEnumCertificatesInStore(hStore, pContext)) {
const unsigned char *encoded_cert = pContext->pbCertEncoded;
x509 = d2i_X509(NULL, &encoded_cert, pContext->cbCertEncoded);
if (x509) {
int i = X509_STORE_add_cert(store, x509);
if (i == 1) {
fprintf(stderr, "Certificate added.\n");
}
X509_free(x509);
}
}
CertCloseStore(hStore, 0);
}
void main(int argc, char **argv) {
/* OPENSSL_init_ssl(0, NULL); */
@@ -23,9 +68,11 @@ void main(int argc, char **argv) {
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_default_verify_paths(ssl_ctx);
load_root_certs(ssl_ctx);
int sock_fd = socket(AF_INET, SOCK_STREAM, 0);
WSADATA whocares;
assert(WSAStartup(MAKEWORD(2,2), &whocares) == 0);
SOCKET sock_fd = socket(AF_INET, SOCK_STREAM, 0);
/* this is mit.edu */
unsigned int ip0 = 104;
@@ -40,35 +87,39 @@ void main(int argc, char **argv) {
addr.sin_addr.s_addr = htonl(ip);
int status = connect(sock_fd, (struct sockaddr *) &addr, sizeof(struct sockaddr_in));
if (status != 0) {
int err = WSAGetLastError();
fprintf(stderr, "err #%d\n", err);
exit(1);
}
assert(status == 0);
fprintf(stderr, "Connect successful.\n");
int flags = fcntl(sock_fd, F_GETFL, 0);
assert(0 == fcntl(sock_fd, F_SETFL, flags | O_NONBLOCK));
set_nonblocking(sock_fd);
SSL *ssl = SSL_new(ssl_ctx);
SSL_set_fd(ssl, sock_fd);
SSL_set1_host(ssl, "web.mit.edu");
while (1) {
int ret = SSL_connect(ssl);
if (ret == 1) break;
int err = SSL_get_error(ssl, ret);
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
/* sleep(1); */
int ret = SSL_connect(ssl);
if (ret == 1) break;
int err = SSL_get_error(ssl, ret);
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
/* sleep(1); */
} else {
ERR_print_errors_fp(stderr);
exit(1);
}
ERR_print_errors_fp(stderr);
exit(1);
}
}
fprintf(stderr, "SSL connect done.\n");
STACK_OF(X509)* certCollection = SSL_get_peer_cert_chain(ssl);
for (size_t i = 0; i < sk_X509_num(certCollection); i++) {
X509* cert = sk_X509_value(certCollection, i);
X509_print_fp(stderr, cert);
fprintf(stderr, "\n----\n");
X509* cert = sk_X509_value(certCollection, i);
X509_print_fp(stderr, cert);
fprintf(stderr, "\n----\n");
}
const char *req =
@@ -76,38 +127,39 @@ void main(int argc, char **argv) {
int reqlen = strlen(req);
while (reqlen > 0) {
size_t nwrote;
int ret = SSL_write_ex(ssl, req, reqlen, &nwrote);
if (ret == 1) {
req += nwrote;
reqlen -= nwrote;
} else {
int err = SSL_get_error(ssl, ret);
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
/* sleep(1); */
} else {
ERR_print_errors_fp(stderr);
exit(1);
}
}
size_t nwrote;
int ret = SSL_write_ex(ssl, req, reqlen, &nwrote);
if (ret == 1) {
req += nwrote;
reqlen -= nwrote;
} else {
int err = SSL_get_error(ssl, ret);
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
/* sleep(1); */
} else {
ERR_print_errors_fp(stderr);
exit(1);
}
}
}
fprintf(stderr, "Header transmitted.\n");
while (1) {
char buf[256];
size_t nread;
int ret = SSL_read_ex(ssl, buf, 256, &nread);
if (ret == 1) {
write(1, buf, nread);
} else {
int err = SSL_get_error(ssl, ret);
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
/* sleep(1); */
} else {
ERR_print_errors_fp(stderr);
exit(1);
}
}
char buf[256];
size_t nread;
int ret = SSL_read_ex(ssl, buf, 256, &nread);
if (ret == 1) {
fwrite(buf, 1, nread, stdout);
fflush(stdout);
} else {
int err = SSL_get_error(ssl, ret);
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
/* sleep(1); */
} else {
ERR_print_errors_fp(stderr);
exit(1);
}
}
}
}