dockerfile/examples/openssl/openssl-3.2.1-src/demos/bio/saccept.c

/*
 * Copyright 1998-2017 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/*-
 * A minimal program to serve an SSL connection.
 * It uses blocking.
 * saccept host:port
 * host is the interface IP to use.  If any interface, use *:port
 * The default it *:4433
 *
 * cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl
 */

#include <stdio.h>
#include <signal.h>
#include <stdlib.h>
#include <openssl/err.h>
#include <openssl/ssl.h>

#define CERT_FILE       "server.pem"

static volatile int done = 0;

void interrupt(int sig)
{
    done = 1;
}

void sigsetup(void)
{
    struct sigaction sa;

    /*
     * Catch at most once, and don't restart the accept system call.
     */
    sa.sa_flags = SA_RESETHAND;
    sa.sa_handler = interrupt;
    sigemptyset(&sa.sa_mask);
    sigaction(SIGINT, &sa, NULL);
}

int main(int argc, char *argv[])
{
    char *port = NULL;
    BIO *in = NULL;
    BIO *ssl_bio, *tmp;
    SSL_CTX *ctx;
    char buf[512];
    int ret = EXIT_FAILURE, i;

    if (argc <= 1)
        port = "*:4433";
    else
        port = argv[1];

    ctx = SSL_CTX_new(TLS_server_method());
    if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE))
        goto err;
    if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
        goto err;
    if (!SSL_CTX_check_private_key(ctx))
        goto err;

    /* Setup server side SSL bio */
    ssl_bio = BIO_new_ssl(ctx, 0);

    if ((in = BIO_new_accept(port)) == NULL)
        goto err;

    /*
     * This means that when a new connection is accepted on 'in', The ssl_bio
     * will be 'duplicated' and have the new socket BIO push into it.
     * Basically it means the SSL BIO will be automatically setup
     */
    BIO_set_accept_bios(in, ssl_bio);

    /* Arrange to leave server loop on interrupt */
    sigsetup();

 again:
    /*
     * The first call will setup the accept socket, and the second will get a
     * socket.  In this loop, the first actual accept will occur in the
     * BIO_read() function.
     */

    if (BIO_do_accept(in) <= 0)
        goto err;

    while (!done) {
        i = BIO_read(in, buf, 512);
        if (i == 0) {
            /*
             * If we have finished, remove the underlying BIO stack so the
             * next time we call any function for this BIO, it will attempt
             * to do an accept
             */
            printf("Done\n");
            tmp = BIO_pop(in);
            BIO_free_all(tmp);
            goto again;
        }
        if (i < 0)
            goto err;
        fwrite(buf, 1, i, stdout);
        fflush(stdout);
    }

    ret = EXIT_SUCCESS;
 err:
    if (ret != EXIT_SUCCESS)
        ERR_print_errors_fp(stderr);
    BIO_free(in);
    return ret;
}
更新构建openssl镜像相关文件 2024-03-22 14:58:37 +08:00			`/*`
			`* Copyright 1998-2017 The OpenSSL Project Authors. All Rights Reserved.`
			`*`
			`* Licensed under the Apache License 2.0 (the "License"). You may not use`
			`* this file except in compliance with the License. You can obtain a copy`
			`* in the file LICENSE in the source distribution or at`
			`* https://www.openssl.org/source/license.html`
			`*/`

			`/*-`
			`* A minimal program to serve an SSL connection.`
			`* It uses blocking.`
			`* saccept host:port`
			`* host is the interface IP to use. If any interface, use *:port`
			`* The default it *:4433`
			`*`
			`* cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl`
			`*/`

			`#include <stdio.h>`
			`#include <signal.h>`
			`#include <stdlib.h>`
			`#include <openssl/err.h>`
			`#include <openssl/ssl.h>`

			`#define CERT_FILE "server.pem"`

			`static volatile int done = 0;`

			`void interrupt(int sig)`
			`{`
			`done = 1;`
			`}`

			`void sigsetup(void)`
			`{`
			`struct sigaction sa;`

			`/*`
			`* Catch at most once, and don't restart the accept system call.`
			`*/`
			`sa.sa_flags = SA_RESETHAND;`
			`sa.sa_handler = interrupt;`
			`sigemptyset(&sa.sa_mask);`
			`sigaction(SIGINT, &sa, NULL);`
			`}`

			`int main(int argc, char *argv[])`
			`{`
			`char *port = NULL;`
			`BIO *in = NULL;`
			`BIO ssl_bio, tmp;`
			`SSL_CTX *ctx;`
			`char buf[512];`
			`int ret = EXIT_FAILURE, i;`

			`if (argc <= 1)`
			`port = "*:4433";`
			`else`
			`port = argv[1];`

			`ctx = SSL_CTX_new(TLS_server_method());`
			`if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE))`
			`goto err;`
			`if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))`
			`goto err;`
			`if (!SSL_CTX_check_private_key(ctx))`
			`goto err;`

			`/* Setup server side SSL bio */`
			`ssl_bio = BIO_new_ssl(ctx, 0);`

			`if ((in = BIO_new_accept(port)) == NULL)`
			`goto err;`

			`/*`
			`* This means that when a new connection is accepted on 'in', The ssl_bio`
			`* will be 'duplicated' and have the new socket BIO push into it.`
			`* Basically it means the SSL BIO will be automatically setup`
			`*/`
			`BIO_set_accept_bios(in, ssl_bio);`

			`/* Arrange to leave server loop on interrupt */`
			`sigsetup();`

			`again:`
			`/*`
			`* The first call will setup the accept socket, and the second will get a`
			`* socket. In this loop, the first actual accept will occur in the`
			`* BIO_read() function.`
			`*/`

			`if (BIO_do_accept(in) <= 0)`
			`goto err;`

			`while (!done) {`
			`i = BIO_read(in, buf, 512);`
			`if (i == 0) {`
			`/*`
			`* If we have finished, remove the underlying BIO stack so the`
			`* next time we call any function for this BIO, it will attempt`
			`* to do an accept`
			`*/`
			`printf("Done\n");`
			`tmp = BIO_pop(in);`
			`BIO_free_all(tmp);`
			`goto again;`
			`}`
			`if (i < 0)`
			`goto err;`
			`fwrite(buf, 1, i, stdout);`
			`fflush(stdout);`
			`}`

			`ret = EXIT_SUCCESS;`
			`err:`
			`if (ret != EXIT_SUCCESS)`
			`ERR_print_errors_fp(stderr);`
			`BIO_free(in);`
			`return ret;`
			`}`