xref: /freebsd/crypto/openssl/demos/bio/saccept.c (revision 88b8b7f0c4e9948667a2279e78e975a784049cba) 
1 /*
2  * Copyright 1998-2025 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 /*-
11  * A minimal program to serve an SSL connection.
12  * It uses blocking.
13  * saccept host:port
14  * host is the interface IP to use.  If any interface, use *:port
15  * The default it *:4433
16  *
17  * cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl
18  */
19 
20 #include <stdio.h>
21 #include <signal.h>
22 #include <stdlib.h>
23 #include <openssl/err.h>
24 #include <openssl/ssl.h>
25 
26 #define CERT_FILE       "server.pem"
27 
28 static volatile int done = 0;
29 
interrupt(int sig)30 static void interrupt(int sig)
31 {
32     done = 1;
33 }
34 
sigsetup(void)35 static void sigsetup(void)
36 {
37 #if defined(OPENSSL_SYS_WINDOWS)
38     signal(SIGINT, interrupt);
39 #else
40     struct sigaction sa;
41 
42     /*
43      * Catch at most once, and don't restart the accept system call.
44      */
45     sa.sa_flags = SA_RESETHAND;
46     sa.sa_handler = interrupt;
47     sigemptyset(&sa.sa_mask);
48     sigaction(SIGINT, &sa, NULL);
49 #endif
50 }
51 
main(int argc,char * argv[])52 int main(int argc, char *argv[])
53 {
54     char *port = NULL;
55     BIO *in = NULL;
56     BIO *ssl_bio = NULL;
57     BIO *tmp;
58     SSL_CTX *ctx;
59     char buf[512];
60     int ret = EXIT_FAILURE, i;
61 
62     if (argc <= 1)
63         port = "*:4433";
64     else
65         port = argv[1];
66 
67     ctx = SSL_CTX_new(TLS_server_method());
68     if (!SSL_CTX_use_certificate_chain_file(ctx, CERT_FILE))
69         goto err;
70     if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
71         goto err;
72     if (!SSL_CTX_check_private_key(ctx))
73         goto err;
74 
75     /* Setup server side SSL bio */
76     ssl_bio = BIO_new_ssl(ctx, 0);
77 
78     if ((in = BIO_new_accept(port)) == NULL)
79         goto err;
80 
81     /*
82      * This means that when a new connection is accepted on 'in', The ssl_bio
83      * will be 'duplicated' and have the new socket BIO push into it.
84      * Basically it means the SSL BIO will be automatically setup
85      */
86     BIO_set_accept_bios(in, ssl_bio);
87     ssl_bio = NULL;
88 
89     /* Arrange to leave server loop on interrupt */
90     sigsetup();
91 
92  again:
93     /*
94      * The first call will setup the accept socket, and the second will get a
95      * socket.  In this loop, the first actual accept will occur in the
96      * BIO_read() function.
97      */
98 
99     if (BIO_do_accept(in) <= 0)
100         goto err;
101 
102     while (!done) {
103         i = BIO_read(in, buf, 512);
104         if (i == 0) {
105             /*
106              * If we have finished, remove the underlying BIO stack so the
107              * next time we call any function for this BIO, it will attempt
108              * to do an accept
109              */
110             printf("Done\n");
111             tmp = BIO_pop(in);
112             BIO_free_all(tmp);
113             goto again;
114         }
115         if (i < 0)
116             goto err;
117         fwrite(buf, 1, i, stdout);
118         fflush(stdout);
119     }
120 
121     ret = EXIT_SUCCESS;
122  err:
123     if (ret != EXIT_SUCCESS)
124         ERR_print_errors_fp(stderr);
125     BIO_free(in);
126     BIO_free_all(ssl_bio);
127     return ret;
128 }
129