Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Octocat-spinner-32-eaf2f5

Cannot retrieve contributors at this time

file 143 lines (122 sloc) 3.142 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142
#define byte _byte
#define int64 _int64
#define uint _uint
#define set _set
#include <openssl/ssl.h>
#if defined(__WIN32__)
#include <openssl/applink.c>
#endif
#undef byte
#undef int64
#undef uint
#undef set

import "ecere"

/*
static char * pass = "password";

static int password_cb(char *buf) //,int num, int rwflag,void *userdata)
{
// if(num<strlen(pass)+1) return(0);
strcpy(buf,pass);
return(strlen(pass));
}
*/

class SSLSocket : Socket
{
   SSL_CTX *ctx;
   SSL *ssl;
   BIO *sbio;
   SSL_METHOD *meth;
   int s;
   bool autoEstablish;
   autoEstablish = true;

   SSLSocket()
   {
      static bool initialized = false;
      if(!initialized)
      {
         SSL_library_init();
         initialized = true;
      }
   }

   void OnDisconnect(int code)
   {
      if(sbio)
      {
         //BIO_free(sbio);
         sbio = null;
      }
      if(ssl)
      {
         //SSL_free(ssl);
         ssl = null;
      }
      if(ctx)
      {
         SSL_CTX_free(ctx);
         ctx = null;
      }
   }

   int ReceiveData(unsigned char * buffer, int count, unsigned int flags)
   {
      int n = ssl ? SSL_read(ssl, buffer, count) : Socket::ReceiveData(buffer, count, flags);
      return n;
   }

   int SendData(unsigned char * buffer, int count, unsigned int flags)
   {
      int n = ssl ? SSL_write(ssl, buffer, count) : Socket::SendData(buffer, count, flags);
      return n;
   }

   bool EstablishConnection()
   {
      bool result;
      X509 *peer;
      char peer_CN[256];
      int cipherResult;

      meth = SSLv23_method();
      //meth = TLSv1_method();
      ctx = SSL_CTX_new(meth);
      // cipherResult = SSL_CTX_set_cipher_list(ctx, "ALL:!DH:!EXP:!RC4:@STRENGTH"); // TLS_RSA_WITH_3DES_EDE_CBC_SHA ?
      SSL_CTX_set_session_id_context(ctx, (void *)this, sizeof(SSLSocket));
      ssl = SSL_new(ctx);
      sbio = BIO_new_socket(s, BIO_NOCLOSE);
      SSL_set_bio(ssl,sbio,sbio);
      
      result = SSL_connect(ssl) > 0;

      /*
if(result)
{
if(!(SSL_CTX_use_certificate_chain_file(ctx, "client.pem")))
printf("Can't read certificate file");
SSL_CTX_set_default_passwd_cb(ctx, password_cb);
if(!(SSL_CTX_use_PrivateKey_file(ctx, "client.pem", SSL_FILETYPE_PEM)))
printf("Can't read key file");

if(!(SSL_CTX_load_verify_locations(ctx, "root.pem", 0)))
printf("Can't read CA list");

if(SSL_get_verify_result(ssl)!=X509_V_OK)
printf("Certificate doesn't verify");

peer=SSL_get_peer_certificate(ssl);
X509_NAME_get_text_by_NID(X509_get_subject_name(peer),
NID_commonName, peer_CN, 256);

if(strcasecmp(peer_CN, host))
printf("Common name doesn't match host name");
}
*/
      return result;
   }

   bool OnEstablishConnection(int s)
   {
      this.s = s;
      if(autoEstablish)
         return EstablishConnection();
      else
         return true;
   }

   ~SSLSocket()
   {
      /*if(sbio)
BIO_free(sbio);
if(ssl)
SSL_free(ssl);*/
      if(ctx)
         SSL_CTX_free(ctx);
   }
}
Something went wrong with that request. Please try again.