diff options
Diffstat (limited to 'doc/examples/ex-serv-pgp.c')
-rw-r--r-- | doc/examples/ex-serv-pgp.c | 265 |
1 files changed, 131 insertions, 134 deletions
diff --git a/doc/examples/ex-serv-pgp.c b/doc/examples/ex-serv-pgp.c index 78e4c59e1f..b68a6bfec2 100644 --- a/doc/examples/ex-serv-pgp.c +++ b/doc/examples/ex-serv-pgp.c @@ -31,147 +31,144 @@ /* These are global */ gnutls_dh_params_t dh_params; -static int -generate_dh_params (void) +static int generate_dh_params(void) { - unsigned int bits = - gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY); - - /* Generate Diffie-Hellman parameters - for use with DHE - * kx algorithms. These should be discarded and regenerated - * once a day, once a week or once a month. Depending on the - * security requirements. - */ - gnutls_dh_params_init (&dh_params); - gnutls_dh_params_generate2 (dh_params, bits); - - return 0; + unsigned int bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, + GNUTLS_SEC_PARAM_LEGACY); + + /* Generate Diffie-Hellman parameters - for use with DHE + * kx algorithms. These should be discarded and regenerated + * once a day, once a week or once a month. Depending on the + * security requirements. + */ + gnutls_dh_params_init(&dh_params); + gnutls_dh_params_generate2(dh_params, bits); + + return 0; } -int -main (void) +int main(void) { - int err, listen_sd; - int sd, ret; - struct sockaddr_in sa_serv; - struct sockaddr_in sa_cli; - socklen_t client_len; - char topbuf[512]; - gnutls_session_t session; - gnutls_certificate_credentials_t cred; - char buffer[MAX_BUF + 1]; - int optval = 1; - char name[256]; - - strcpy (name, "Echo Server"); - - /* this must be called once in the program - */ - gnutls_global_init (); - - gnutls_certificate_allocate_credentials (&cred); - gnutls_certificate_set_openpgp_keyring_file (cred, RINGFILE, - GNUTLS_OPENPGP_FMT_BASE64); - - gnutls_certificate_set_openpgp_key_file (cred, CERTFILE, KEYFILE, - GNUTLS_OPENPGP_FMT_BASE64); - - generate_dh_params (); - - gnutls_certificate_set_dh_params (cred, dh_params); - - /* Socket operations - */ - listen_sd = socket (AF_INET, SOCK_STREAM, 0); - SOCKET_ERR (listen_sd, "socket"); - - memset (&sa_serv, '\0', sizeof (sa_serv)); - sa_serv.sin_family = AF_INET; - sa_serv.sin_addr.s_addr = INADDR_ANY; - sa_serv.sin_port = htons (PORT); /* Server Port number */ - - setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, - sizeof (int)); - - err = bind (listen_sd, (struct sockaddr *) & sa_serv, sizeof (sa_serv)); - SOCKET_ERR (err, "bind"); - err = listen (listen_sd, 1024); - SOCKET_ERR (err, "listen"); - - printf ("%s ready. Listening to port '%d'.\n\n", name, PORT); - - client_len = sizeof (sa_cli); - for (;;) - { - gnutls_init (&session, GNUTLS_SERVER); - gnutls_priority_set_direct (session, "NORMAL:+CTYPE-OPENPGP", NULL); - - /* request client certificate if any. - */ - gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); - - sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len); - - printf ("- connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); - - gnutls_transport_set_int (session, sd); - ret = gnutls_handshake (session); - if (ret < 0) - { - close (sd); - gnutls_deinit (session); - fprintf (stderr, "*** Handshake has failed (%s)\n\n", - gnutls_strerror (ret)); - continue; - } - printf ("- Handshake was completed\n"); - - /* see the Getting peer's information example */ - /* print_info(session); */ - - for (;;) - { - ret = gnutls_record_recv (session, buffer, MAX_BUF); - - if (ret == 0) - { - printf ("\n- Peer has closed the GnuTLS connection\n"); - break; - } - else if (ret < 0 && gnutls_error_is_fatal (ret) == 0) - { - fprintf (stderr, "*** Warning: %s\n", gnutls_strerror (ret)); - } - else if (ret < 0) - { - fprintf (stderr, "\n*** Received corrupted " - "data(%d). Closing the connection.\n\n", ret); - break; - } - else if (ret > 0) - { - /* echo data back to the client - */ - gnutls_record_send (session, buffer, ret); - } - } - printf ("\n"); - /* do not wait for the peer to close the connection. - */ - gnutls_bye (session, GNUTLS_SHUT_WR); + int err, listen_sd; + int sd, ret; + struct sockaddr_in sa_serv; + struct sockaddr_in sa_cli; + socklen_t client_len; + char topbuf[512]; + gnutls_session_t session; + gnutls_certificate_credentials_t cred; + char buffer[MAX_BUF + 1]; + int optval = 1; + char name[256]; + + strcpy(name, "Echo Server"); + + /* this must be called once in the program + */ + gnutls_global_init(); + + gnutls_certificate_allocate_credentials(&cred); + gnutls_certificate_set_openpgp_keyring_file(cred, RINGFILE, + GNUTLS_OPENPGP_FMT_BASE64); + + gnutls_certificate_set_openpgp_key_file(cred, CERTFILE, KEYFILE, + GNUTLS_OPENPGP_FMT_BASE64); + + generate_dh_params(); + + gnutls_certificate_set_dh_params(cred, dh_params); + + /* Socket operations + */ + listen_sd = socket(AF_INET, SOCK_STREAM, 0); + SOCKET_ERR(listen_sd, "socket"); + + memset(&sa_serv, '\0', sizeof(sa_serv)); + sa_serv.sin_family = AF_INET; + sa_serv.sin_addr.s_addr = INADDR_ANY; + sa_serv.sin_port = htons(PORT); /* Server Port number */ + + setsockopt(listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, + sizeof(int)); + + err = + bind(listen_sd, (struct sockaddr *) &sa_serv, sizeof(sa_serv)); + SOCKET_ERR(err, "bind"); + err = listen(listen_sd, 1024); + SOCKET_ERR(err, "listen"); + + printf("%s ready. Listening to port '%d'.\n\n", name, PORT); + + client_len = sizeof(sa_cli); + for (;;) { + gnutls_init(&session, GNUTLS_SERVER); + gnutls_priority_set_direct(session, + "NORMAL:+CTYPE-OPENPGP", NULL); + + /* request client certificate if any. + */ + gnutls_certificate_server_set_request(session, + GNUTLS_CERT_REQUEST); + + sd = accept(listen_sd, (struct sockaddr *) &sa_cli, + &client_len); + + printf("- connection from %s, port %d\n", + inet_ntop(AF_INET, &sa_cli.sin_addr, topbuf, + sizeof(topbuf)), ntohs(sa_cli.sin_port)); + + gnutls_transport_set_int(session, sd); + ret = gnutls_handshake(session); + if (ret < 0) { + close(sd); + gnutls_deinit(session); + fprintf(stderr, + "*** Handshake has failed (%s)\n\n", + gnutls_strerror(ret)); + continue; + } + printf("- Handshake was completed\n"); + + /* see the Getting peer's information example */ + /* print_info(session); */ + + for (;;) { + ret = gnutls_record_recv(session, buffer, MAX_BUF); + + if (ret == 0) { + printf + ("\n- Peer has closed the GnuTLS connection\n"); + break; + } else if (ret < 0 + && gnutls_error_is_fatal(ret) == 0) { + fprintf(stderr, "*** Warning: %s\n", + gnutls_strerror(ret)); + } else if (ret < 0) { + fprintf(stderr, "\n*** Received corrupted " + "data(%d). Closing the connection.\n\n", + ret); + break; + } else if (ret > 0) { + /* echo data back to the client + */ + gnutls_record_send(session, buffer, ret); + } + } + printf("\n"); + /* do not wait for the peer to close the connection. + */ + gnutls_bye(session, GNUTLS_SHUT_WR); + + close(sd); + gnutls_deinit(session); - close (sd); - gnutls_deinit (session); - - } - close (listen_sd); + } + close(listen_sd); - gnutls_certificate_free_credentials (cred); + gnutls_certificate_free_credentials(cred); - gnutls_global_deinit (); + gnutls_global_deinit(); - return 0; + return 0; } |