Skip to content

Instantly share code, notes, and snippets.

@benaryorg

benaryorg/Makefile

Last active April 17, 2017 17:38
Show Gist options
  • Save benaryorg/5f980caef2db4341ae7a78887021b83b to your computer and use it in GitHub Desktop.
Save benaryorg/5f980caef2db4341ae7a78887021b83b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
main.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <tls.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <signal.h>
#include <errno.h>
#define forever for(;;)
volatile static int running = 1;
void sighandler(int _sig)
{
int errno_ = errno;
running = 0;
puts("exiting soon");
errno = errno_;
}
int main(void)
{
/*
* Signal Handler
* program can be set to terminate after next connection
*/
signal(SIGTERM,sighandler);
signal(SIGINT,sighandler);
/*
* TLS Init
*/
if(tls_init())
{
perror("tls_init");
return 1;
}
puts("tls_init: success");
/*
* TLS Configuration
* Cert, Key, OCSP
*/
struct tls_config *config;
config = tls_config_new();
if(!config)
{
perror("tls_config_new");
return 1;
}
puts("tls_config_new: success");
tls_config_set_cert_file(config,"/etc/ssl/private/openbsd.cloud.bsocat.net/certificate.pem");
tls_config_set_key_file(config,"/etc/ssl/private/openbsd.cloud.bsocat.net/key.pem");
tls_config_set_ocsp_staple_file(config,"/etc/ssl/private/openbsd.cloud.bsocat.net/ocsp.der");
/*
* Check Configuration
*/
const char *err;
if(err=tls_config_error(config))
{
fprintf(stderr,"tls_config_error: %s\n",err);
return 1;
}
puts("tls_config_error: success");
/*
* TLS Server Object
*/
struct tls *server;
server = tls_server();
if(!server)
{
perror("tls_server");
return 1;
}
puts("tls_server: success");
/*
* Apply Configuration
*/
if(tls_configure(server,config))
{
perror("tls_configure");
return 1;
}
puts("tls_configure: success");
/*
* Network Configuration
*/
struct addrinfo addrinfo;
struct addrinfo *addr;
memset(&addrinfo,0,sizeof(addrinfo));
addrinfo.ai_family = AF_INET;
addrinfo.ai_socktype = SOCK_STREAM;
addrinfo.ai_flags = AI_PASSIVE;
if(getaddrinfo("0.0.0.0","1337",&addrinfo,&addr))
{
perror("getaddrinfo");
return 1;
}
puts("getaddrinfo: success");
/*
* Create Socket
*/
int sock;
sock = socket(addr->ai_family,addr->ai_socktype,addr->ai_protocol);
if(sock == -1)
{
perror("socket");
return 1;
}
puts("socket: success");
/*
* Bind Socket to Address
*/
if(bind(sock,addr->ai_addr,addr->ai_addrlen))
{
perror("bind");
return 1;
}
puts("bind: success");
freeaddrinfo(addr);
puts("freeaddrinfo: success");
/*
* Make Socket Passive
*/
if(listen(sock,4))
{
perror("listen");
return 1;
}
puts("listen: success");
/*
* Accept-Loop
*/
int client;
while(running)
{
/*
* Accept Connection
*/
int client = accept(sock,0,0);
if(client == -1)
{
perror("accept");
break;
}
puts("accept: success");
/*
* Initialise TLS Connection
*/
struct tls *ctx;
if(!tls_accept_socket(server,&ctx,sock))
{
puts("tls_accept_socket: success");
/*
* Force Handshake
*/
tls_handshake(ctx);
if(tls_close(ctx))
{
perror("tls_close");
}
}
else
{
perror("tls_accept_socket");
}
if(close(client))
{
perror("close");
}
}
if(close(sock))
{
perror("close");
return 1;
}
puts("close: success");
tls_free(server);
puts("tls_free: success");
tls_config_free(config);
puts("tls_config_free: success");
}
Raw
Makefile
CFLAGS+=-ltls -Wall -Wextra -pedantic
.SUFFIXES: .c .o
.c.o:
${CC} ${LDFLAGS} -c $<
main: main.o
${CC} ${CFLAGS} -o $@ main.o
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment