1 |
|
#include <stdio.h> |
2 |
#include <string.h> |
#include <string.h> |
|
#include <errno.h> |
|
3 |
#include <unistd.h> |
#include <unistd.h> |
4 |
#include <sys/time.h> |
#include <errno.h> |
5 |
#include <sys/types.h> |
#include <sys/types.h> |
6 |
#include <sys/socket.h> |
#include <sys/socket.h> |
7 |
#include <netinet/in.h> |
#include <netinet/in.h> |
17 |
#include <openssl/x509.h> |
#include <openssl/x509.h> |
18 |
#endif |
#endif |
19 |
|
|
20 |
|
|
21 |
extern unsigned int options; |
extern unsigned int options; |
22 |
extern conn_t connpri, connaux; |
extern conn_t connpri, connaux; |
23 |
|
|
70 |
|
|
71 |
#ifdef SSL_TLS |
#ifdef SSL_TLS |
72 |
if (protocol != SSL_DISABLED) |
if (protocol != SSL_DISABLED) |
73 |
if (!imf_ssl_init(conn, protocol)) |
if (!init_secure_connection(conn, protocol)) |
74 |
return 0; |
return 0; |
75 |
else |
else |
76 |
return ERROR_SSL; |
return ERROR_SSL; |
87 |
* Initialize Secure Socket Layer connection. |
* Initialize Secure Socket Layer connection. |
88 |
*/ |
*/ |
89 |
int |
int |
90 |
imf_ssl_init(conn_t * conn, unsigned int protocol) |
init_secure_connection(conn_t * conn, unsigned int protocol) |
91 |
{ |
{ |
92 |
int e; |
int e; |
93 |
SSL_CTX *ctx; |
SSL_CTX *ctx; |
94 |
SSL_METHOD *method; |
SSL_METHOD *method; |
|
SSL_CIPHER *cipher; |
|
|
char *ver; |
|
|
const char *name; |
|
|
int usebits, algbits; |
|
95 |
|
|
96 |
method = NULL; |
method = NULL; |
97 |
|
|
122 |
ERR_error_string(ERR_get_error(), NULL)); |
ERR_error_string(ERR_get_error(), NULL)); |
123 |
goto fail; |
goto fail; |
124 |
} |
} |
125 |
cipher = SSL_get_current_cipher(conn->ssl); |
if (options & OPTION_DETAILS_VERBOSE) { |
126 |
ver = SSL_CIPHER_get_version(cipher); |
SSL_CIPHER *cipher; |
127 |
name = SSL_CIPHER_get_name(cipher); |
char *ver; |
128 |
usebits = SSL_CIPHER_get_bits(cipher, &algbits); |
const char *name; |
129 |
verbose("SSL/TLS handshake completed: %s with cipher %s (%d/%d bits).\n", |
int usebits, algbits; |
130 |
ver, name, usebits, algbits); |
|
131 |
|
cipher = SSL_get_current_cipher(conn->ssl); |
132 |
if (imf_ssl_cert(conn)) |
ver = SSL_CIPHER_get_version(cipher); |
133 |
|
name = SSL_CIPHER_get_name(cipher); |
134 |
|
usebits = SSL_CIPHER_get_bits(cipher, &algbits); |
135 |
|
printf("SSL/TLS handshake completed: %s with cipher %s " |
136 |
|
"(%d/%d bits).\n", ver, name, usebits, algbits); |
137 |
|
} |
138 |
|
if (get_cert(conn)) |
139 |
goto fail; |
goto fail; |
140 |
|
|
141 |
SSL_CTX_free(ctx); |
SSL_CTX_free(ctx); |
148 |
|
|
149 |
return ERROR_SSL; |
return ERROR_SSL; |
150 |
} |
} |
|
|
|
151 |
#endif /* SSL_TLS */ |
#endif /* SSL_TLS */ |
152 |
|
|
153 |
|
|