longbuilder · June 19, 2019 05:39 · InvisibleMoon · Apr 15, 2016
diff --git a/libevent_openssl_client.cpp b/libevent_openssl_client.cpp
 #include <stdio.h>
 #include <iostream>
 #include <unistd.h>
 #include <stdlib.h>
 #include <errno.h>
 #include <arpa/inet.h>

 #include <openssl/ssl.h>
 #include <event2/event.h>
 #include <event2/util.h>
 #include <event2/bufferevent.h>
 #include <event2/bufferevent_ssl.h>

 SSL_CTX* init_ssl_ctx(const char *certfile, const char *keyfile, const char *cafile)
 {
    /* Load encryption & hashing algorithms for the SSL program */
    SSL_library_init();

    /* Load the error strings for SSL & CRYPTO APIs */
    SSL_load_error_strings();

    /* Create an SSL_METHOD structure (choose an SSL/TLS protocol version) */
    const SSL_METHOD *meth = SSLv23_client_method();

    /* Create an SSL_CTX structure */
    SSL_CTX *ctx = SSL_CTX_new (meth);
    if (NULL == ctx)
    {
        printf("Could not new SSL_CTX\n");
        return NULL;
    }

    /* Load the CA cert file*/
    if (SSL_CTX_load_verify_locations(ctx, cafile, NULL) <= 0)
    {
        printf("Could not load ca cert file\n");
    }

    /* Load the client certificate into the SSL_CTX structure */
    if (SSL_CTX_use_certificate_file(ctx, certfile, SSL_FILETYPE_PEM) <= 0)
    {
        printf("Could not use certificate file\n");
    }

    /* Load the private-key corresponding to the client certificate */
    if (SSL_CTX_use_PrivateKey_file(ctx, keyfile, SSL_FILETYPE_PEM) <= 0)
    {
        printf("Could not use private key file\n");
    }

    /* Check if the client certificate and private-key matches */
    if (!SSL_CTX_check_private_key(ctx))
    {
        printf("Private key does not match certfile\n");
    }

    return ctx;
 }

 static void ssl_read_cb(struct bufferevent *bev, void *arg)
 {
    char recvbuf[1024] = {'\0'};
    if (bufferevent_read(bev, recvbuf, 1024) > 0)
    {
        printf("Recv from client: %s\n", recvbuf);
    }
 }

 static void ssl_event_cb(struct bufferevent *bev, short events, void *arg)
 {
    if (events & BEV_EVENT_CONNECTED)
    {
        #define MSG "Hello world"
        printf("Client connected!\n");
        bufferevent_write(bev, MSG, sizeof(MSG));
    }
    else if (events & BEV_EVENT_EOF)
    {
        printf("Client disconnected!\n");
        bufferevent_free(bev);
    }
    else
    {
        int err = EVUTIL_SOCKET_ERROR();
        fprintf(stderr, "Got an error %d on ssl socket: %s\n", 
            err, evutil_socket_error_to_string(err));
        bufferevent_free(bev);
    }
 }

 int main ()
 {
    SSL_CTX *ctx = init_ssl_ctx("./PEMS/client/client.crt",
            "./PEMS/client/client.key",
            "./PEMS/ca/ca.cert");
    if (NULL == ctx)
    {
        exit(-1);
    }

    SSL* ssl = SSL_new (ctx);
    if (NULL == ssl)
    {
        printf("Could not create new SSL\n");
        exit(-1);
    }

    struct event_base *base = event_base_new();
    if (!base)
    {
        fprintf(stderr, "Could not open evnet base\n");
        exit(EXIT_FAILURE);
    }

    struct bufferevent *bev = bufferevent_openssl_socket_new(base, -1, ssl, 
            BUFFEREVENT_SSL_CONNECTING, BEV_OPT_CLOSE_ON_FREE);
    if (!bev)
    {
        fprintf(stderr, "Could not create new ssl bufferevent\n");
        exit(EXIT_FAILURE);
    }

    bufferevent_setcb(bev, ssl_read_cb, NULL, ssl_event_cb, NULL);
    bufferevent_enable(bev, EV_READ | EV_WRITE);

    struct sockaddr_in servaddr;
    struct sockaddr *sa = (struct sockaddr *)&servaddr;
    int socklen = sizeof(servaddr);
    if (evutil_parse_sockaddr_port("127.0.0.1:1234", sa, &socklen) == -1)
    {
        fprintf(stderr, "Could not parse address\n");
        exit(EXIT_FAILURE);
    }

    if (bufferevent_socket_connect(bev, sa, sizeof(servaddr)) == -1)
    {
        int err = EVUTIL_SOCKET_ERROR();
        fprintf(stderr, "Could not connect to server: %s\n", evutil_socket_error_to_string(err));
        exit(EXIT_FAILURE);
    }

    event_base_dispatch(base);
    
    return 0;
 }
diff --git a/libevent_openssl_server.cpp b/libevent_openssl_server.cpp
 #include <stdio.h>
 #include <iostream>
 #include <unistd.h>
 #include <stdlib.h>
 #include <errno.h>
 #include <arpa/inet.h>

 #include <openssl/ssl.h>
 #include <event2/event.h>
 #include <event2/util.h>
 #include <event2/listener.h>
 #include <event2/bufferevent.h>
 #include <event2/bufferevent_ssl.h>

 static void ssl_read_cb(struct bufferevent *, void *);
 static void ssl_event_cb(struct bufferevent *, short, void *);

 static void accept_conn_cb(struct evconnlistener *listener, evutil_socket_t fd,
        struct sockaddr *address, int socklen, void *ctx)
 {
    struct event_base *base = evconnlistener_get_base(listener);
    SSL *ssl = SSL_new((SSL_CTX *)ctx);
    if (NULL == ssl)
    {
        fprintf(stderr, "Could not create new SSL\n");
        exit(EXIT_FAILURE);
    }
    struct bufferevent *bev = bufferevent_openssl_socket_new(base, fd, ssl,
            BUFFEREVENT_SSL_ACCEPTING, BEV_OPT_CLOSE_ON_FREE);
    if (!bev)
    {
        fprintf(stderr, "Could not create new ssl bufferevent\n");
        exit(EXIT_FAILURE);
    }
    
    bufferevent_setcb(bev, ssl_read_cb, NULL, ssl_event_cb, NULL);

    bufferevent_enable(bev, EV_READ | EV_WRITE);
 }

 static void accept_error_cb(struct evconnlistener *listener, void *ctx)
 {
    int err = EVUTIL_SOCKET_ERROR();
    fprintf(stderr, "Got an error %d on listener: %s\n", 
            err, evutil_socket_error_to_string(err));
    exit(EXIT_FAILURE);
 }

 static void ssl_read_cb(struct bufferevent *bev, void *arg)
 {
    char recvbuf[1024] = {'\0'};
    if (bufferevent_read(bev, recvbuf, 1024) > 0)
    {
        printf("Recv from client: %s\n", recvbuf);
    }
 }

 static void ssl_event_cb(struct bufferevent *bev, short events, void *arg)
 {
    if (events & BEV_EVENT_CONNECTED)
    {
        #define MSG "Hello world"
        printf("Client connected!\n");
        bufferevent_write(bev, MSG, sizeof(MSG));
    }
    else if (events & BEV_EVENT_EOF)
    {
        printf("Client disconnected!\n");
        bufferevent_free(bev);
    }
    else
    {
        int err = EVUTIL_SOCKET_ERROR();
        fprintf(stderr, "Got an error %d on ssl socket: %s\n", 
            err, evutil_socket_error_to_string(err));
        bufferevent_free(bev);
    }
 }

 SSL_CTX* init_ssl_ctx(const char *certfile, const char *keyfile, const char *cafile)
 {
    /* Load encryption & hashing algorithms for the SSL program */
    SSL_library_init();

    /* Load the error strings for SSL & CRYPTO APIs */
    SSL_load_error_strings();

    /* Create an SSL_METHOD structure (choose an SSL/TLS protocol version) */
    const SSL_METHOD *meth = SSLv23_server_method();

    /* Create an SSL_CTX structure */
    SSL_CTX *ctx = SSL_CTX_new (meth);
    if (NULL == ctx)
    {
        printf("Could not new SSL_CTX\n");
        return NULL;
    }

    /* Load the CA cert file*/
    if (SSL_CTX_load_verify_locations(ctx, cafile, NULL) <= 0)
    {
        printf("Could not load ca cert file\n");
    }

    /* Load the server certificate into the SSL_CTX structure */
    if (SSL_CTX_use_certificate_file(ctx, certfile, SSL_FILETYPE_PEM) <= 0)
    {
        printf("Could not use certificate file\n");
    }

    /* Load the private-key corresponding to the client certificate */
    if (SSL_CTX_use_PrivateKey_file(ctx, keyfile, SSL_FILETYPE_PEM) <= 0)
    {
        printf("Could not use private key file\n");
    }

    /* Check if the client certificate and private-key matches */
    if (!SSL_CTX_check_private_key(ctx))
    {
        printf("Private key does not match certfile\n");
    }

    return ctx;
 }

 int main(int argc, char *argv[])
 {
    struct event_base *base = event_base_new();
    if (!base)
    {
        fprintf(stderr, "Could not open evnet base\n");
        exit(EXIT_FAILURE);
    }

    SSL_CTX *ctx = init_ssl_ctx("./PEMS/server/server.crt",
                                "./PEMS/server/server.key",
                                "./PEMS/ca/ca.cert");
    if (NULL == ctx)
    {
        exit(EXIT_FAILURE);
    }

    struct sockaddr_in servaddr;
    struct sockaddr *sa = (struct sockaddr *)&servaddr;
    int socklen = sizeof(servaddr);
    if (evutil_parse_sockaddr_port("127.0.0.1:1234", sa, &socklen) == -1)
    {
        fprintf(stderr, "Could not parse address\n");
        exit(EXIT_FAILURE);
    }

    struct evconnlistener *listener = evconnlistener_new_bind(base, accept_conn_cb, ctx,
            LEV_OPT_CLOSE_ON_FREE | LEV_OPT_REUSEABLE, -1, sa, sizeof(servaddr));
    if (NULL == listener)
    {
        fprintf(stderr, "Could not create listener\n");
        exit(EXIT_FAILURE);
    }
    evconnlistener_set_error_cb(listener, accept_error_cb);

    event_base_dispatch(base);

    return 0;
 }
	#include <stdio.h>
	#include <iostream>
	#include <unistd.h>
	#include <stdlib.h>
	#include <errno.h>
	#include <arpa/inet.h>

	#include <openssl/ssl.h>
	#include <event2/event.h>
	#include <event2/util.h>
	#include <event2/bufferevent.h>
	#include <event2/bufferevent_ssl.h>

	SSL_CTX* init_ssl_ctx(const char certfile, const char keyfile, const char *cafile)
	{
	/* Load encryption & hashing algorithms for the SSL program */
	SSL_library_init();

	/* Load the error strings for SSL & CRYPTO APIs */
	SSL_load_error_strings();

	/* Create an SSL_METHOD structure (choose an SSL/TLS protocol version) */
	const SSL_METHOD *meth = SSLv23_client_method();

	/* Create an SSL_CTX structure */
	SSL_CTX *ctx = SSL_CTX_new (meth);
	if (NULL == ctx)
	{
	printf("Could not new SSL_CTX\n");
	return NULL;
	}

	/* Load the CA cert file*/
	if (SSL_CTX_load_verify_locations(ctx, cafile, NULL) <= 0)
	{
	printf("Could not load ca cert file\n");
	}

	/* Load the client certificate into the SSL_CTX structure */
	if (SSL_CTX_use_certificate_file(ctx, certfile, SSL_FILETYPE_PEM) <= 0)
	{
	printf("Could not use certificate file\n");
	}

	/* Load the private-key corresponding to the client certificate */
	if (SSL_CTX_use_PrivateKey_file(ctx, keyfile, SSL_FILETYPE_PEM) <= 0)
	{
	printf("Could not use private key file\n");
	}

	/* Check if the client certificate and private-key matches */
	if (!SSL_CTX_check_private_key(ctx))
	{
	printf("Private key does not match certfile\n");
	}

	return ctx;
	}

	static void ssl_read_cb(struct bufferevent bev, void arg)
	{
	char recvbuf[1024] = {'\0'};
	if (bufferevent_read(bev, recvbuf, 1024) > 0)
	{
	printf("Recv from client: %s\n", recvbuf);
	}
	}

	static void ssl_event_cb(struct bufferevent bev, short events, void arg)
	{
	if (events & BEV_EVENT_CONNECTED)
	{
	#define MSG "Hello world"
	printf("Client connected!\n");
	bufferevent_write(bev, MSG, sizeof(MSG));
	}
	else if (events & BEV_EVENT_EOF)
	{
	printf("Client disconnected!\n");
	bufferevent_free(bev);
	}
	else
	{
	int err = EVUTIL_SOCKET_ERROR();
	fprintf(stderr, "Got an error %d on ssl socket: %s\n",
	err, evutil_socket_error_to_string(err));
	bufferevent_free(bev);
	}
	}

	int main ()
	{
	SSL_CTX *ctx = init_ssl_ctx("./PEMS/client/client.crt",
	"./PEMS/client/client.key",
	"./PEMS/ca/ca.cert");
	if (NULL == ctx)
	{
	exit(-1);
	}

	SSL* ssl = SSL_new (ctx);
	if (NULL == ssl)
	{
	printf("Could not create new SSL\n");
	exit(-1);
	}

	struct event_base *base = event_base_new();
	if (!base)
	{
	fprintf(stderr, "Could not open evnet base\n");
	exit(EXIT_FAILURE);
	}

	struct bufferevent *bev = bufferevent_openssl_socket_new(base, -1, ssl,
	BUFFEREVENT_SSL_CONNECTING, BEV_OPT_CLOSE_ON_FREE);
	if (!bev)
	{
	fprintf(stderr, "Could not create new ssl bufferevent\n");
	exit(EXIT_FAILURE);
	}

	bufferevent_setcb(bev, ssl_read_cb, NULL, ssl_event_cb, NULL);
	bufferevent_enable(bev, EV_READ \| EV_WRITE);

	struct sockaddr_in servaddr;
	struct sockaddr sa = (struct sockaddr )&servaddr;
	int socklen = sizeof(servaddr);
	if (evutil_parse_sockaddr_port("127.0.0.1:1234", sa, &socklen) == -1)
	{
	fprintf(stderr, "Could not parse address\n");
	exit(EXIT_FAILURE);
	}

	if (bufferevent_socket_connect(bev, sa, sizeof(servaddr)) == -1)
	{
	int err = EVUTIL_SOCKET_ERROR();
	fprintf(stderr, "Could not connect to server: %s\n", evutil_socket_error_to_string(err));
	exit(EXIT_FAILURE);
	}

	event_base_dispatch(base);

	return 0;
	}