talezero/integration
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sslcon now builds on mingw (now broken on linux)

Browse Source
This commit is contained in:
Josh Yelon
2022-01-03 15:03:58 -05:00
parent 30f4089f49
commit 18bccc0c25
3 changed files with 102 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
luprex/core/Makefile
View File

@@ -2,13 +2,15 @@
ifeq ($(OS),mingw) ifeq ($(OS),mingw)
EXE=main.exe EXE=main.exe
LIBS=-lws2_32 LIBS=-L ../mingwlib -lssl -lcrypto -lws2_32 -lcrypt32 -lcryptui
INCS=-I ../mingwlib
LUAFLAGS=-DLUA_COMPAT_ALL LUAFLAGS=-DLUA_COMPAT_ALL
OPT=-g -O1 OPT=-g -O1
DRIVER=driver-mingw DRIVER=driver-mingw
else ifeq ($(OS),linux) else ifeq ($(OS),linux)
EXE=main EXE=main
LIBS= LIBS=-lssl -lcrypto
INCS=
LUAFLAGS=-DLUA_USE_POSIX LUAFLAGS=-DLUA_USE_POSIX
OPT=-g -O1 OPT=-g -O1
DRIVER=driver-linux DRIVER=driver-linux
@@ -18,6 +20,7 @@ else
ERROR=$(error You must specify OS=linux or OS=mingw) ERROR=$(error You must specify OS=linux or OS=mingw)
EXE=main EXE=main
LIBS=$(ERROR) LIBS=$(ERROR)
INCS=$(ERROR)
LUAFLAGS=$(ERROR) LUAFLAGS=$(ERROR)
OPT=$(ERROR) OPT=$(ERROR)
DRIVER=driver-xxx DRIVER=driver-xxx
@@ -99,8 +102,7 @@ lobj/%.o: ../eris-master/src/%.c
gcc -Wall $(OPT) -DLUA_USE_APICHECK $(LUAFLAGS) -c -MMD $< -o $@ gcc -Wall $(OPT) -DLUA_USE_APICHECK $(LUAFLAGS) -c -MMD $< -o $@
obj/%.o: cpp/%.cpp obj/%.o: cpp/%.cpp
g++ -std=c++17 -Wall $(OPT) -I../eris-master/src -Icpp -c -MMD $< -o $@ g++ -std=c++17 -Wall $(OPT) -I../eris-master/src -Icpp $(INCS) -c -MMD $< -o $@
$(EXE): $(CORE_OBJ_FILES) $(LUA_OBJ_FILES) $(EXE): $(CORE_OBJ_FILES) $(LUA_OBJ_FILES)
g++ -std=c++17 -Wall $(OPT) -o $@ $(CORE_OBJ_FILES) $(LUA_OBJ_FILES) $(LIBS) g++ -std=c++17 -Wall $(OPT) -o $@ $(CORE_OBJ_FILES) $(LUA_OBJ_FILES) $(LIBS)

1
luprex/experiments/build-sslcon.bat Normal file
View File

@@ -0,0 +1 @@
gcc -o sslcon.exe sslcon.c -I ../mingwlib -L ../mingwlib -lssl -lcrypto -lws2_32 -lcrypt32 -lcryptui

138
luprex/experiments/sslcon.c
View File

@@ -5,6 +5,15 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <string.h> #include <string.h>
#ifdef WIN64
#include <ws2tcpip.h>
#include <winsock2.h>
#include <synchapi.h>
#include <sysinfoapi.h>
#include <wincrypt.h>
#include <cryptuiapi.h>
#else
#include <sys/time.h> #include <sys/time.h>
#include <fcntl.h> #include <fcntl.h>
#include <unistd.h> #include <unistd.h>
@@ -13,8 +22,44 @@
#include <arpa/inet.h> #include <arpa/inet.h>
#include <sys/types.h> #include <sys/types.h>
#include <netdb.h> #include <netdb.h>
typedef int SOCKET;
#endif
void set_nonblocking(SOCKET sock) {
u_long mode = 1; // 1 to enable non-blocking socket
int status = ioctlsocket(sock, FIONBIO, &mode);
assert(status == 0);
}
void load_root_certs(SSL_CTX *ctx) {
// SSL_CTX_set_default_verify_paths(ssl_ctx);
HCERTSTORE hStore = CertOpenSystemStoreW(0, L"ROOT");
PCCERT_CONTEXT pContext = NULL;
X509 *x509;
X509_STORE *store = SSL_CTX_get_cert_store(ctx);
if (!hStore) {
fprintf(stderr, "Cannot open system certificate store.\n");
exit(1);
}
while (pContext = CertEnumCertificatesInStore(hStore, pContext)) {
const unsigned char *encoded_cert = pContext->pbCertEncoded;
x509 = d2i_X509(NULL, &encoded_cert, pContext->cbCertEncoded);
if (x509) {
int i = X509_STORE_add_cert(store, x509);
if (i == 1) {
fprintf(stderr, "Certificate added.\n");
}
X509_free(x509);
}
}
CertCloseStore(hStore, 0);
}
void main(int argc, char **argv) { void main(int argc, char **argv) {
/* OPENSSL_init_ssl(0, NULL); */ /* OPENSSL_init_ssl(0, NULL); */
@@ -23,9 +68,11 @@ void main(int argc, char **argv) {
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL); SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_default_verify_paths(ssl_ctx); load_root_certs(ssl_ctx);
int sock_fd = socket(AF_INET, SOCK_STREAM, 0); WSADATA whocares;
assert(WSAStartup(MAKEWORD(2,2), &whocares) == 0);
SOCKET sock_fd = socket(AF_INET, SOCK_STREAM, 0);
/* this is mit.edu */ /* this is mit.edu */
unsigned int ip0 = 104; unsigned int ip0 = 104;
@@ -40,35 +87,39 @@ void main(int argc, char **argv) {
addr.sin_addr.s_addr = htonl(ip); addr.sin_addr.s_addr = htonl(ip);
int status = connect(sock_fd, (struct sockaddr *) &addr, sizeof(struct sockaddr_in)); int status = connect(sock_fd, (struct sockaddr *) &addr, sizeof(struct sockaddr_in));
if (status != 0) {
int err = WSAGetLastError();
fprintf(stderr, "err #%d\n", err);
exit(1);
}
assert(status == 0); assert(status == 0);
fprintf(stderr, "Connect successful.\n"); fprintf(stderr, "Connect successful.\n");
int flags = fcntl(sock_fd, F_GETFL, 0); set_nonblocking(sock_fd);
assert(0 == fcntl(sock_fd, F_SETFL, flags | O_NONBLOCK));
SSL *ssl = SSL_new(ssl_ctx); SSL *ssl = SSL_new(ssl_ctx);
SSL_set_fd(ssl, sock_fd); SSL_set_fd(ssl, sock_fd);
SSL_set1_host(ssl, "web.mit.edu"); SSL_set1_host(ssl, "web.mit.edu");
while (1) { while (1) {
int ret = SSL_connect(ssl); int ret = SSL_connect(ssl);
if (ret == 1) break; if (ret == 1) break;
int err = SSL_get_error(ssl, ret); int err = SSL_get_error(ssl, ret);
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) { if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
/* sleep(1); */ /* sleep(1); */
} else { } else {
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
exit(1); exit(1);
} }
} }
fprintf(stderr, "SSL connect done.\n"); fprintf(stderr, "SSL connect done.\n");
STACK_OF(X509)* certCollection = SSL_get_peer_cert_chain(ssl); STACK_OF(X509)* certCollection = SSL_get_peer_cert_chain(ssl);
for (size_t i = 0; i < sk_X509_num(certCollection); i++) { for (size_t i = 0; i < sk_X509_num(certCollection); i++) {
X509* cert = sk_X509_value(certCollection, i); X509* cert = sk_X509_value(certCollection, i);
X509_print_fp(stderr, cert); X509_print_fp(stderr, cert);
fprintf(stderr, "\n----\n"); fprintf(stderr, "\n----\n");
} }
const char *req = const char *req =
@@ -76,38 +127,39 @@ void main(int argc, char **argv) {
int reqlen = strlen(req); int reqlen = strlen(req);
while (reqlen > 0) { while (reqlen > 0) {
size_t nwrote; size_t nwrote;
int ret = SSL_write_ex(ssl, req, reqlen, &nwrote); int ret = SSL_write_ex(ssl, req, reqlen, &nwrote);
if (ret == 1) { if (ret == 1) {
req += nwrote; req += nwrote;
reqlen -= nwrote; reqlen -= nwrote;
} else { } else {
int err = SSL_get_error(ssl, ret); int err = SSL_get_error(ssl, ret);
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) { if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
/* sleep(1); */ /* sleep(1); */
} else { } else {
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
exit(1); exit(1);
} }
} }
} }
fprintf(stderr, "Header transmitted.\n"); fprintf(stderr, "Header transmitted.\n");
while (1) { while (1) {
char buf[256]; char buf[256];
size_t nread; size_t nread;
int ret = SSL_read_ex(ssl, buf, 256, &nread); int ret = SSL_read_ex(ssl, buf, 256, &nread);
if (ret == 1) { if (ret == 1) {
write(1, buf, nread); fwrite(buf, 1, nread, stdout);
} else { fflush(stdout);
int err = SSL_get_error(ssl, ret); } else {
if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) { int err = SSL_get_error(ssl, ret);
/* sleep(1); */ if (SSL_ERROR_WANT_READ == err || SSL_ERROR_WANT_WRITE == err) {
} else { /* sleep(1); */
ERR_print_errors_fp(stderr); } else {
exit(1); ERR_print_errors_fp(stderr);
} exit(1);
} }
}
} }
} }