diff --git a/.gitignore b/.gitignore index bfcba22..b8d4d9b 100644 --- a/.gitignore +++ b/.gitignore @@ -9,6 +9,7 @@ test-tcpserver test-udp .depend .Makefile.rules +Makefile.rules # ---> Eclipse .metadata diff --git a/Makefile b/Makefile index 8df5783..bde9216 100644 --- a/Makefile +++ b/Makefile @@ -23,6 +23,7 @@ help: echo "set up configuration" echo " make configwindows to generate the windows build" echo " make configlinux to generate the linix build" + echo " make keygen create self signed certificate" configlinux: clean cp -f Makefile.rules.linux Makefile.rules diff --git a/ssl.cc b/ssl.cc index 7a4cc41..cdf77bc 100644 --- a/ssl.cc +++ b/ssl.cc @@ -100,6 +100,9 @@ int SSLSocket::NewClientCTX() { int SSLSocket::SetCertificat(string certf, string keyf) { certfile = certf; keyfile = keyf; + + if (access (certf.c_str(), R_OK) != 0) return 0; + if (access (keyf.c_str(), R_OK) != 0) return 0; return 1; }; diff --git a/test-ssl.cc b/test-ssl.cc index 729aa15..d0a6b85 100644 --- a/test-ssl.cc +++ b/test-ssl.cc @@ -21,20 +21,23 @@ void server () { // // start the server + printf ("server: starting server\n"); if (tcpserver.Listen(DEFAULT_PORT) != 1) { - printf ("cloud not start the tcp server\n"); + printf ("server: cloud not start the tcp server\n"); exit (1); } // // init SSL - if (ssl.SetCertificat("cert.pem", "privkey.pem") != 1) { - printf ("SetCertificat error:%s\n", strerror(errno)); + printf ("server: setting up certificates\n"); + if (ssl.SetCertificat("cert.pem", "privkey.pem") != 0) { + printf ("server: SetCertificat error:%s\n", strerror(errno)); exit (1); } // // check for connections + printf ("server: wait for connection\n"); for (;time_now - time_start < 10; time_now = time(NULL)) { connection = tcpserver.Accept(); if (connection != NULL) { @@ -42,45 +45,32 @@ void server () { // someone connected - create new process // take care of parallel processing (parent is always the server) // - printf (" server: got a connection forking new process\n"); - pid = fork(); - if (pid == 0) { - // - // child process - always close server since it will handeled - // by the parent process. Make sure the client exits and never - // returns. - - tcpserver.Close(); - if (ssl.Accept(connection->GetSocket(), 0) != 1) { - printf ("could not establish SSL connection:%s\n", strerror(errno)); - exit (1); - } - i = ssl.Read(buffer, NET_BUFFERSIZE); - if (i > 0) { - int c; - - printf (" server: got: '%s'\n", buffer); - for (c = 0; c < i; c++) buffer[c] = toupper(buffer[c]); - ssl.Write(buffer, i); - } - // - // just delete the class object, it will close the client connection - ssl.Close(); - delete (connection); - - // - // exit child process + printf ("server: someone connected.\n"); + printf ("server: accept ssl connection\n"); + if (ssl.Accept(connection->GetSocket(), 0) != 1) { + printf ("server: could not establish SSL connection:%s\n", strerror(errno)); exit (1); } + i = ssl.Read(buffer, NET_BUFFERSIZE); + if (i > 0) { + int c; + + printf ("server: got: '%s'\n", buffer); + for (c = 0; c < i; c++) buffer[c] = toupper(buffer[c]); + ssl.Write(buffer, i); + } else { - // - // parent process - just close the client connection - // it will be handeled by the child process. - delete (connection); + printf ("server: nothing to read. close connection.\n"); } + // + // just delete the class object, it will close the client connection + ssl.Close(); + delete (connection); + connection = NULL; } - usleep (25000); + usleep (250000); } + printf ("server: terminating server process.\n"); }; @@ -94,34 +84,45 @@ void client () { // // connect to the server + printf ("client: connect to localhost\n"); if (tcpclient.Connect ("localhost", DEFAULT_PORT) != 1) { - printf ("cloud not connect to server\n"); + printf ("client: cloud not connect to server\n"); exit (1); } + printf ("client: connected\n"); - res = ssl.Connect(tcpclient.GetSocket(), 100); - if (res == -1) { - printf ("could not establish SSL connection:errno:%s sslerror:%s\n", strerror(errno), ssl.GetSSLErrorText(ssl.sslerror).c_str()); + printf ("client: start SSL connection\n"); + if (ssl.Connect(tcpclient.GetSocket(), 100) != 1) { + printf ("client: could not establish SSL connection:errno:%s sslerror:%s\n", strerror(errno), ssl.GetSSLErrorText(ssl.sslerror).c_str()); exit (1); } + printf ("client: ssl connected.\n"); // // send some data snprintf (buffer, NET_BUFFERSIZE, "nur ein kleiner Test."); - printf ("client:send '%s' to the server.\n", buffer); + printf ("client: send '%s' to the server.\n", buffer); if (ssl.Write(buffer, strlen (buffer)) != strlen (buffer)) { - printf ("could not send all data. errno:%s sslerror:%s\n", strerror(errno), ssl.GetSSLErrorText(ssl.sslerror).c_str()); + printf ("client: could not send all data. errno:%s sslerror:%s\n", strerror(errno), ssl.GetSSLErrorText(ssl.sslerror).c_str()); exit (1); } // // read some data (wait maximum 10x1000ms) - for (i = 10; i > 0; i--) - if (ssl.Read(buffer, NET_BUFFERSIZE) > 0) { - printf ("client:got '%s' from server.\n", buffer); + for (i = 10; i > 0; i--) { + printf ("client: try to read\n"); + if ((res = ssl.Read(buffer, NET_BUFFERSIZE)) > 0) { + printf ("client: got '%s' from server.\n", buffer); break; } + else if (res < 0) { + printf ("client: error on read: Error: %s\n", strerror(errno)); + } + else { + printf ("client: no data\n"); + } + } // // close connection