1f55287d3SSimon J. Gerraty /*
2f55287d3SSimon J. Gerraty * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3f55287d3SSimon J. Gerraty *
4f55287d3SSimon J. Gerraty * Permission is hereby granted, free of charge, to any person obtaining
5f55287d3SSimon J. Gerraty * a copy of this software and associated documentation files (the
6f55287d3SSimon J. Gerraty * "Software"), to deal in the Software without restriction, including
7f55287d3SSimon J. Gerraty * without limitation the rights to use, copy, modify, merge, publish,
8f55287d3SSimon J. Gerraty * distribute, sublicense, and/or sell copies of the Software, and to
9f55287d3SSimon J. Gerraty * permit persons to whom the Software is furnished to do so, subject to
10f55287d3SSimon J. Gerraty * the following conditions:
11f55287d3SSimon J. Gerraty *
12f55287d3SSimon J. Gerraty * The above copyright notice and this permission notice shall be
13f55287d3SSimon J. Gerraty * included in all copies or substantial portions of the Software.
14f55287d3SSimon J. Gerraty *
15f55287d3SSimon J. Gerraty * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16f55287d3SSimon J. Gerraty * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17f55287d3SSimon J. Gerraty * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18f55287d3SSimon J. Gerraty * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19f55287d3SSimon J. Gerraty * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20f55287d3SSimon J. Gerraty * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21f55287d3SSimon J. Gerraty * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22f55287d3SSimon J. Gerraty * SOFTWARE.
23f55287d3SSimon J. Gerraty */
24f55287d3SSimon J. Gerraty
25f55287d3SSimon J. Gerraty #include <stdio.h>
26f55287d3SSimon J. Gerraty #include <stdlib.h>
27f55287d3SSimon J. Gerraty #include <string.h>
28f55287d3SSimon J. Gerraty #include <stdint.h>
29f55287d3SSimon J. Gerraty #include <errno.h>
30f55287d3SSimon J. Gerraty #include <signal.h>
31f55287d3SSimon J. Gerraty
32f55287d3SSimon J. Gerraty #include <sys/types.h>
33f55287d3SSimon J. Gerraty #include <sys/socket.h>
34f55287d3SSimon J. Gerraty #include <netdb.h>
35f55287d3SSimon J. Gerraty #include <netinet/in.h>
36f55287d3SSimon J. Gerraty #include <arpa/inet.h>
37f55287d3SSimon J. Gerraty #include <unistd.h>
38f55287d3SSimon J. Gerraty
39f55287d3SSimon J. Gerraty #include "bearssl.h"
40f55287d3SSimon J. Gerraty
41f55287d3SSimon J. Gerraty /*
42f55287d3SSimon J. Gerraty * This sample code can use three possible certificate chains:
43f55287d3SSimon J. Gerraty * -- A full-RSA chain (server key is RSA, certificates are signed with RSA)
44f55287d3SSimon J. Gerraty * -- A full-EC chain (server key is EC, certificates are signed with ECDSA)
45f55287d3SSimon J. Gerraty * -- A mixed chain (server key is EC, certificates are signed with RSA)
46f55287d3SSimon J. Gerraty *
47f55287d3SSimon J. Gerraty * The macros below define which chain is selected. This impacts the list
48f55287d3SSimon J. Gerraty * of supported cipher suites.
49f55287d3SSimon J. Gerraty *
50f55287d3SSimon J. Gerraty * Other macros, which can be defined (with a non-zero value):
51f55287d3SSimon J. Gerraty *
52f55287d3SSimon J. Gerraty * SERVER_PROFILE_MIN_FS
53f55287d3SSimon J. Gerraty * Select a "minimal" profile with forward security (ECDHE cipher
54f55287d3SSimon J. Gerraty * suite).
55f55287d3SSimon J. Gerraty *
56f55287d3SSimon J. Gerraty * SERVER_PROFILE_MIN_NOFS
57f55287d3SSimon J. Gerraty * Select a "minimal" profile without forward security (RSA or ECDH
58f55287d3SSimon J. Gerraty * cipher suite, but not ECDHE).
59f55287d3SSimon J. Gerraty *
60f55287d3SSimon J. Gerraty * SERVER_CHACHA20
61f55287d3SSimon J. Gerraty * If SERVER_PROFILE_MIN_FS is selected, then this macro selects
62f55287d3SSimon J. Gerraty * a cipher suite with ChaCha20+Poly1305; otherwise, AES/GCM is
63f55287d3SSimon J. Gerraty * used. This macro has no effect otherwise, since there is no
64f55287d3SSimon J. Gerraty * non-forward secure cipher suite that uses ChaCha20+Poly1305.
65f55287d3SSimon J. Gerraty */
66f55287d3SSimon J. Gerraty
67f55287d3SSimon J. Gerraty #if !(SERVER_RSA || SERVER_EC || SERVER_MIXED)
68f55287d3SSimon J. Gerraty #define SERVER_RSA 1
69f55287d3SSimon J. Gerraty #define SERVER_EC 0
70f55287d3SSimon J. Gerraty #define SERVER_MIXED 0
71f55287d3SSimon J. Gerraty #endif
72f55287d3SSimon J. Gerraty
73f55287d3SSimon J. Gerraty #if SERVER_RSA
74f55287d3SSimon J. Gerraty #include "chain-rsa.h"
75f55287d3SSimon J. Gerraty #include "key-rsa.h"
76f55287d3SSimon J. Gerraty #define SKEY RSA
77f55287d3SSimon J. Gerraty #elif SERVER_EC
78f55287d3SSimon J. Gerraty #include "chain-ec.h"
79f55287d3SSimon J. Gerraty #include "key-ec.h"
80f55287d3SSimon J. Gerraty #define SKEY EC
81f55287d3SSimon J. Gerraty #elif SERVER_MIXED
82f55287d3SSimon J. Gerraty #include "chain-ec+rsa.h"
83f55287d3SSimon J. Gerraty #include "key-ec.h"
84f55287d3SSimon J. Gerraty #define SKEY EC
85f55287d3SSimon J. Gerraty #else
86f55287d3SSimon J. Gerraty #error Must use one of RSA, EC or MIXED chains.
87f55287d3SSimon J. Gerraty #endif
88f55287d3SSimon J. Gerraty
89f55287d3SSimon J. Gerraty /*
90f55287d3SSimon J. Gerraty * Create a server socket bound to the specified host and port. If 'host'
91f55287d3SSimon J. Gerraty * is NULL, this will bind "generically" (all addresses).
92f55287d3SSimon J. Gerraty *
93f55287d3SSimon J. Gerraty * Returned value is the server socket descriptor, or -1 on error.
94f55287d3SSimon J. Gerraty */
95f55287d3SSimon J. Gerraty static int
host_bind(const char * host,const char * port)96f55287d3SSimon J. Gerraty host_bind(const char *host, const char *port)
97f55287d3SSimon J. Gerraty {
98f55287d3SSimon J. Gerraty struct addrinfo hints, *si, *p;
99f55287d3SSimon J. Gerraty int fd;
100f55287d3SSimon J. Gerraty int err;
101f55287d3SSimon J. Gerraty
102f55287d3SSimon J. Gerraty memset(&hints, 0, sizeof hints);
103f55287d3SSimon J. Gerraty hints.ai_family = PF_UNSPEC;
104f55287d3SSimon J. Gerraty hints.ai_socktype = SOCK_STREAM;
105f55287d3SSimon J. Gerraty err = getaddrinfo(host, port, &hints, &si);
106f55287d3SSimon J. Gerraty if (err != 0) {
107f55287d3SSimon J. Gerraty fprintf(stderr, "ERROR: getaddrinfo(): %s\n",
108f55287d3SSimon J. Gerraty gai_strerror(err));
109f55287d3SSimon J. Gerraty return -1;
110f55287d3SSimon J. Gerraty }
111f55287d3SSimon J. Gerraty fd = -1;
112f55287d3SSimon J. Gerraty for (p = si; p != NULL; p = p->ai_next) {
113f55287d3SSimon J. Gerraty struct sockaddr *sa;
114f55287d3SSimon J. Gerraty struct sockaddr_in sa4;
115f55287d3SSimon J. Gerraty struct sockaddr_in6 sa6;
116f55287d3SSimon J. Gerraty size_t sa_len;
117f55287d3SSimon J. Gerraty void *addr;
118f55287d3SSimon J. Gerraty char tmp[INET6_ADDRSTRLEN + 50];
119f55287d3SSimon J. Gerraty int opt;
120f55287d3SSimon J. Gerraty
121f55287d3SSimon J. Gerraty sa = (struct sockaddr *)p->ai_addr;
122f55287d3SSimon J. Gerraty if (sa->sa_family == AF_INET) {
123f55287d3SSimon J. Gerraty sa4 = *(struct sockaddr_in *)sa;
124f55287d3SSimon J. Gerraty sa = (struct sockaddr *)&sa4;
125f55287d3SSimon J. Gerraty sa_len = sizeof sa4;
126f55287d3SSimon J. Gerraty addr = &sa4.sin_addr;
127f55287d3SSimon J. Gerraty if (host == NULL) {
128f55287d3SSimon J. Gerraty sa4.sin_addr.s_addr = INADDR_ANY;
129f55287d3SSimon J. Gerraty }
130f55287d3SSimon J. Gerraty } else if (sa->sa_family == AF_INET6) {
131f55287d3SSimon J. Gerraty sa6 = *(struct sockaddr_in6 *)sa;
132f55287d3SSimon J. Gerraty sa = (struct sockaddr *)&sa6;
133f55287d3SSimon J. Gerraty sa_len = sizeof sa6;
134f55287d3SSimon J. Gerraty addr = &sa6.sin6_addr;
135f55287d3SSimon J. Gerraty if (host == NULL) {
136f55287d3SSimon J. Gerraty sa6.sin6_addr = in6addr_any;
137f55287d3SSimon J. Gerraty }
138f55287d3SSimon J. Gerraty } else {
139f55287d3SSimon J. Gerraty addr = NULL;
140f55287d3SSimon J. Gerraty sa_len = p->ai_addrlen;
141f55287d3SSimon J. Gerraty }
142f55287d3SSimon J. Gerraty if (addr != NULL) {
143f55287d3SSimon J. Gerraty inet_ntop(p->ai_family, addr, tmp, sizeof tmp);
144f55287d3SSimon J. Gerraty } else {
145f55287d3SSimon J. Gerraty sprintf(tmp, "<unknown family: %d>",
146f55287d3SSimon J. Gerraty (int)sa->sa_family);
147f55287d3SSimon J. Gerraty }
148f55287d3SSimon J. Gerraty fprintf(stderr, "binding to: %s\n", tmp);
149f55287d3SSimon J. Gerraty fd = socket(p->ai_family, p->ai_socktype, p->ai_protocol);
150f55287d3SSimon J. Gerraty if (fd < 0) {
151f55287d3SSimon J. Gerraty perror("socket()");
152f55287d3SSimon J. Gerraty continue;
153f55287d3SSimon J. Gerraty }
154f55287d3SSimon J. Gerraty opt = 1;
155f55287d3SSimon J. Gerraty setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof opt);
156f55287d3SSimon J. Gerraty opt = 0;
157f55287d3SSimon J. Gerraty setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &opt, sizeof opt);
158f55287d3SSimon J. Gerraty if (bind(fd, sa, sa_len) < 0) {
159f55287d3SSimon J. Gerraty perror("bind()");
160f55287d3SSimon J. Gerraty close(fd);
161f55287d3SSimon J. Gerraty continue;
162f55287d3SSimon J. Gerraty }
163f55287d3SSimon J. Gerraty break;
164f55287d3SSimon J. Gerraty }
165f55287d3SSimon J. Gerraty if (p == NULL) {
166f55287d3SSimon J. Gerraty freeaddrinfo(si);
167f55287d3SSimon J. Gerraty fprintf(stderr, "ERROR: failed to bind\n");
168f55287d3SSimon J. Gerraty return -1;
169f55287d3SSimon J. Gerraty }
170f55287d3SSimon J. Gerraty freeaddrinfo(si);
171f55287d3SSimon J. Gerraty if (listen(fd, 5) < 0) {
172f55287d3SSimon J. Gerraty perror("listen()");
173f55287d3SSimon J. Gerraty close(fd);
174f55287d3SSimon J. Gerraty return -1;
175f55287d3SSimon J. Gerraty }
176f55287d3SSimon J. Gerraty fprintf(stderr, "bound.\n");
177f55287d3SSimon J. Gerraty return fd;
178f55287d3SSimon J. Gerraty }
179f55287d3SSimon J. Gerraty
180f55287d3SSimon J. Gerraty /*
181f55287d3SSimon J. Gerraty * Accept a single client on the provided server socket. This is blocking.
182f55287d3SSimon J. Gerraty * On error, this returns -1.
183f55287d3SSimon J. Gerraty */
184f55287d3SSimon J. Gerraty static int
accept_client(int server_fd)185f55287d3SSimon J. Gerraty accept_client(int server_fd)
186f55287d3SSimon J. Gerraty {
187f55287d3SSimon J. Gerraty int fd;
188f55287d3SSimon J. Gerraty struct sockaddr sa;
189f55287d3SSimon J. Gerraty socklen_t sa_len;
190f55287d3SSimon J. Gerraty char tmp[INET6_ADDRSTRLEN + 50];
191f55287d3SSimon J. Gerraty const char *name;
192f55287d3SSimon J. Gerraty
193f55287d3SSimon J. Gerraty sa_len = sizeof sa;
194f55287d3SSimon J. Gerraty fd = accept(server_fd, &sa, &sa_len);
195f55287d3SSimon J. Gerraty if (fd < 0) {
196f55287d3SSimon J. Gerraty perror("accept()");
197f55287d3SSimon J. Gerraty return -1;
198f55287d3SSimon J. Gerraty }
199f55287d3SSimon J. Gerraty name = NULL;
200f55287d3SSimon J. Gerraty switch (sa.sa_family) {
201f55287d3SSimon J. Gerraty case AF_INET:
202f55287d3SSimon J. Gerraty name = inet_ntop(AF_INET,
203f55287d3SSimon J. Gerraty &((struct sockaddr_in *)&sa)->sin_addr,
204f55287d3SSimon J. Gerraty tmp, sizeof tmp);
205f55287d3SSimon J. Gerraty break;
206f55287d3SSimon J. Gerraty case AF_INET6:
207f55287d3SSimon J. Gerraty name = inet_ntop(AF_INET6,
208f55287d3SSimon J. Gerraty &((struct sockaddr_in6 *)&sa)->sin6_addr,
209f55287d3SSimon J. Gerraty tmp, sizeof tmp);
210f55287d3SSimon J. Gerraty break;
211f55287d3SSimon J. Gerraty }
212f55287d3SSimon J. Gerraty if (name == NULL) {
213f55287d3SSimon J. Gerraty sprintf(tmp, "<unknown: %lu>", (unsigned long)sa.sa_family);
214f55287d3SSimon J. Gerraty name = tmp;
215f55287d3SSimon J. Gerraty }
216f55287d3SSimon J. Gerraty fprintf(stderr, "accepting connection from: %s\n", name);
217f55287d3SSimon J. Gerraty return fd;
218f55287d3SSimon J. Gerraty }
219f55287d3SSimon J. Gerraty
220f55287d3SSimon J. Gerraty /*
221f55287d3SSimon J. Gerraty * Low-level data read callback for the simplified SSL I/O API.
222f55287d3SSimon J. Gerraty */
223f55287d3SSimon J. Gerraty static int
sock_read(void * ctx,unsigned char * buf,size_t len)224f55287d3SSimon J. Gerraty sock_read(void *ctx, unsigned char *buf, size_t len)
225f55287d3SSimon J. Gerraty {
226f55287d3SSimon J. Gerraty for (;;) {
227f55287d3SSimon J. Gerraty ssize_t rlen;
228f55287d3SSimon J. Gerraty
229f55287d3SSimon J. Gerraty rlen = read(*(int *)ctx, buf, len);
230f55287d3SSimon J. Gerraty if (rlen <= 0) {
231f55287d3SSimon J. Gerraty if (rlen < 0 && errno == EINTR) {
232f55287d3SSimon J. Gerraty continue;
233f55287d3SSimon J. Gerraty }
234f55287d3SSimon J. Gerraty return -1;
235f55287d3SSimon J. Gerraty }
236f55287d3SSimon J. Gerraty return (int)rlen;
237f55287d3SSimon J. Gerraty }
238f55287d3SSimon J. Gerraty }
239f55287d3SSimon J. Gerraty
240f55287d3SSimon J. Gerraty /*
241f55287d3SSimon J. Gerraty * Low-level data write callback for the simplified SSL I/O API.
242f55287d3SSimon J. Gerraty */
243f55287d3SSimon J. Gerraty static int
sock_write(void * ctx,const unsigned char * buf,size_t len)244f55287d3SSimon J. Gerraty sock_write(void *ctx, const unsigned char *buf, size_t len)
245f55287d3SSimon J. Gerraty {
246f55287d3SSimon J. Gerraty for (;;) {
247f55287d3SSimon J. Gerraty ssize_t wlen;
248f55287d3SSimon J. Gerraty
249f55287d3SSimon J. Gerraty wlen = write(*(int *)ctx, buf, len);
250f55287d3SSimon J. Gerraty if (wlen <= 0) {
251f55287d3SSimon J. Gerraty if (wlen < 0 && errno == EINTR) {
252f55287d3SSimon J. Gerraty continue;
253f55287d3SSimon J. Gerraty }
254f55287d3SSimon J. Gerraty return -1;
255f55287d3SSimon J. Gerraty }
256f55287d3SSimon J. Gerraty return (int)wlen;
257f55287d3SSimon J. Gerraty }
258f55287d3SSimon J. Gerraty }
259f55287d3SSimon J. Gerraty
260f55287d3SSimon J. Gerraty /*
261f55287d3SSimon J. Gerraty * Sample HTTP response to send.
262f55287d3SSimon J. Gerraty */
263f55287d3SSimon J. Gerraty static const char *HTTP_RES =
264f55287d3SSimon J. Gerraty "HTTP/1.0 200 OK\r\n"
265f55287d3SSimon J. Gerraty "Content-Length: 46\r\n"
266f55287d3SSimon J. Gerraty "Connection: close\r\n"
267f55287d3SSimon J. Gerraty "Content-Type: text/html; charset=iso-8859-1\r\n"
268f55287d3SSimon J. Gerraty "\r\n"
269f55287d3SSimon J. Gerraty "<html>\r\n"
270f55287d3SSimon J. Gerraty "<body>\r\n"
271f55287d3SSimon J. Gerraty "<p>Test!</p>\r\n"
272f55287d3SSimon J. Gerraty "</body>\r\n"
273f55287d3SSimon J. Gerraty "</html>\r\n";
274f55287d3SSimon J. Gerraty
275f55287d3SSimon J. Gerraty /*
276f55287d3SSimon J. Gerraty * Main program: this is a simple program that expects 1 argument: a
277f55287d3SSimon J. Gerraty * port number. This will start a simple network server on that port,
278f55287d3SSimon J. Gerraty * that expects incoming SSL clients. It handles only one client at a
279f55287d3SSimon J. Gerraty * time (handling several would require threads, sub-processes, or
280f55287d3SSimon J. Gerraty * multiplexing with select()/poll(), all of which being possible).
281f55287d3SSimon J. Gerraty *
282f55287d3SSimon J. Gerraty * For each client, the server will wait for two successive newline
283f55287d3SSimon J. Gerraty * characters (ignoring CR characters, so CR+LF is accepted), then
284f55287d3SSimon J. Gerraty * produce a sample static HTTP response. This is very crude, but
285f55287d3SSimon J. Gerraty * sufficient for explanatory purposes.
286f55287d3SSimon J. Gerraty */
287f55287d3SSimon J. Gerraty int
main(int argc,char * argv[])288f55287d3SSimon J. Gerraty main(int argc, char *argv[])
289f55287d3SSimon J. Gerraty {
290f55287d3SSimon J. Gerraty const char *port;
291f55287d3SSimon J. Gerraty int fd;
292f55287d3SSimon J. Gerraty
293f55287d3SSimon J. Gerraty if (argc != 2) {
294f55287d3SSimon J. Gerraty return EXIT_FAILURE;
295f55287d3SSimon J. Gerraty }
296f55287d3SSimon J. Gerraty port = argv[1];
297f55287d3SSimon J. Gerraty
298f55287d3SSimon J. Gerraty /*
299f55287d3SSimon J. Gerraty * Ignore SIGPIPE to avoid crashing in case of abrupt socket close.
300f55287d3SSimon J. Gerraty */
301f55287d3SSimon J. Gerraty signal(SIGPIPE, SIG_IGN);
302f55287d3SSimon J. Gerraty
303f55287d3SSimon J. Gerraty /*
304f55287d3SSimon J. Gerraty * Open the server socket.
305f55287d3SSimon J. Gerraty */
306f55287d3SSimon J. Gerraty fd = host_bind(NULL, port);
307f55287d3SSimon J. Gerraty if (fd < 0) {
308f55287d3SSimon J. Gerraty return EXIT_FAILURE;
309f55287d3SSimon J. Gerraty }
310f55287d3SSimon J. Gerraty
311f55287d3SSimon J. Gerraty /*
312f55287d3SSimon J. Gerraty * Process each client, one at a time.
313f55287d3SSimon J. Gerraty */
314f55287d3SSimon J. Gerraty for (;;) {
315f55287d3SSimon J. Gerraty int cfd;
316f55287d3SSimon J. Gerraty br_ssl_server_context sc;
317f55287d3SSimon J. Gerraty unsigned char iobuf[BR_SSL_BUFSIZE_BIDI];
318f55287d3SSimon J. Gerraty br_sslio_context ioc;
319f55287d3SSimon J. Gerraty int lcwn, err;
320f55287d3SSimon J. Gerraty
321f55287d3SSimon J. Gerraty cfd = accept_client(fd);
322f55287d3SSimon J. Gerraty if (cfd < 0) {
323f55287d3SSimon J. Gerraty return EXIT_FAILURE;
324f55287d3SSimon J. Gerraty }
325f55287d3SSimon J. Gerraty
326f55287d3SSimon J. Gerraty /*
327f55287d3SSimon J. Gerraty * Initialise the context with the cipher suites and
328f55287d3SSimon J. Gerraty * algorithms. This depends on the server key type
329f55287d3SSimon J. Gerraty * (and, for EC keys, the signature algorithm used by
330f55287d3SSimon J. Gerraty * the CA to sign the server's certificate).
331f55287d3SSimon J. Gerraty *
332f55287d3SSimon J. Gerraty * Depending on the defined macros, we may select one of
333f55287d3SSimon J. Gerraty * the "minimal" profiles. Key exchange algorithm depends
334f55287d3SSimon J. Gerraty * on the key type:
335f55287d3SSimon J. Gerraty * RSA key: RSA or ECDHE_RSA
336f55287d3SSimon J. Gerraty * EC key, cert signed with ECDSA: ECDH_ECDSA or ECDHE_ECDSA
337f55287d3SSimon J. Gerraty * EC key, cert signed with RSA: ECDH_RSA or ECDHE_ECDSA
338f55287d3SSimon J. Gerraty */
339f55287d3SSimon J. Gerraty #if SERVER_RSA
340f55287d3SSimon J. Gerraty #if SERVER_PROFILE_MIN_FS
341f55287d3SSimon J. Gerraty #if SERVER_CHACHA20
342f55287d3SSimon J. Gerraty br_ssl_server_init_mine2c(&sc, CHAIN, CHAIN_LEN, &SKEY);
343f55287d3SSimon J. Gerraty #else
344f55287d3SSimon J. Gerraty br_ssl_server_init_mine2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
345f55287d3SSimon J. Gerraty #endif
346f55287d3SSimon J. Gerraty #elif SERVER_PROFILE_MIN_NOFS
347f55287d3SSimon J. Gerraty br_ssl_server_init_minr2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
348f55287d3SSimon J. Gerraty #else
349f55287d3SSimon J. Gerraty br_ssl_server_init_full_rsa(&sc, CHAIN, CHAIN_LEN, &SKEY);
350f55287d3SSimon J. Gerraty #endif
351f55287d3SSimon J. Gerraty #elif SERVER_EC
352f55287d3SSimon J. Gerraty #if SERVER_PROFILE_MIN_FS
353f55287d3SSimon J. Gerraty #if SERVER_CHACHA20
354f55287d3SSimon J. Gerraty br_ssl_server_init_minf2c(&sc, CHAIN, CHAIN_LEN, &SKEY);
355f55287d3SSimon J. Gerraty #else
356f55287d3SSimon J. Gerraty br_ssl_server_init_minf2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
357f55287d3SSimon J. Gerraty #endif
358f55287d3SSimon J. Gerraty #elif SERVER_PROFILE_MIN_NOFS
359f55287d3SSimon J. Gerraty br_ssl_server_init_minv2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
360f55287d3SSimon J. Gerraty #else
361f55287d3SSimon J. Gerraty br_ssl_server_init_full_ec(&sc, CHAIN, CHAIN_LEN,
362f55287d3SSimon J. Gerraty BR_KEYTYPE_EC, &SKEY);
363f55287d3SSimon J. Gerraty #endif
364f55287d3SSimon J. Gerraty #else /* SERVER_MIXED */
365f55287d3SSimon J. Gerraty #if SERVER_PROFILE_MIN_FS
366f55287d3SSimon J. Gerraty #if SERVER_CHACHA20
367f55287d3SSimon J. Gerraty br_ssl_server_init_minf2c(&sc, CHAIN, CHAIN_LEN, &SKEY);
368f55287d3SSimon J. Gerraty #else
369f55287d3SSimon J. Gerraty br_ssl_server_init_minf2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
370f55287d3SSimon J. Gerraty #endif
371f55287d3SSimon J. Gerraty #elif SERVER_PROFILE_MIN_NOFS
372f55287d3SSimon J. Gerraty br_ssl_server_init_minu2g(&sc, CHAIN, CHAIN_LEN, &SKEY);
373f55287d3SSimon J. Gerraty #else
374f55287d3SSimon J. Gerraty br_ssl_server_init_full_ec(&sc, CHAIN, CHAIN_LEN,
375f55287d3SSimon J. Gerraty BR_KEYTYPE_RSA, &SKEY);
376f55287d3SSimon J. Gerraty #endif
377f55287d3SSimon J. Gerraty #endif
378f55287d3SSimon J. Gerraty /*
379f55287d3SSimon J. Gerraty * Set the I/O buffer to the provided array. We
380f55287d3SSimon J. Gerraty * allocated a buffer large enough for full-duplex
381f55287d3SSimon J. Gerraty * behaviour with all allowed sizes of SSL records,
382f55287d3SSimon J. Gerraty * hence we set the last argument to 1 (which means
383f55287d3SSimon J. Gerraty * "split the buffer into separate input and output
384f55287d3SSimon J. Gerraty * areas").
385f55287d3SSimon J. Gerraty */
386f55287d3SSimon J. Gerraty br_ssl_engine_set_buffer(&sc.eng, iobuf, sizeof iobuf, 1);
387f55287d3SSimon J. Gerraty
388f55287d3SSimon J. Gerraty /*
389f55287d3SSimon J. Gerraty * Reset the server context, for a new handshake.
390f55287d3SSimon J. Gerraty */
391f55287d3SSimon J. Gerraty br_ssl_server_reset(&sc);
392f55287d3SSimon J. Gerraty
393f55287d3SSimon J. Gerraty /*
394f55287d3SSimon J. Gerraty * Initialise the simplified I/O wrapper context.
395f55287d3SSimon J. Gerraty */
396f55287d3SSimon J. Gerraty br_sslio_init(&ioc, &sc.eng, sock_read, &cfd, sock_write, &cfd);
397f55287d3SSimon J. Gerraty
398f55287d3SSimon J. Gerraty /*
399f55287d3SSimon J. Gerraty * Read bytes until two successive LF (or CR+LF) are received.
400f55287d3SSimon J. Gerraty */
401f55287d3SSimon J. Gerraty lcwn = 0;
402f55287d3SSimon J. Gerraty for (;;) {
403f55287d3SSimon J. Gerraty unsigned char x;
404f55287d3SSimon J. Gerraty
405f55287d3SSimon J. Gerraty if (br_sslio_read(&ioc, &x, 1) < 0) {
406f55287d3SSimon J. Gerraty goto client_drop;
407f55287d3SSimon J. Gerraty }
408f55287d3SSimon J. Gerraty if (x == 0x0D) {
409f55287d3SSimon J. Gerraty continue;
410f55287d3SSimon J. Gerraty }
411f55287d3SSimon J. Gerraty if (x == 0x0A) {
412f55287d3SSimon J. Gerraty if (lcwn) {
413f55287d3SSimon J. Gerraty break;
414f55287d3SSimon J. Gerraty }
415f55287d3SSimon J. Gerraty lcwn = 1;
416f55287d3SSimon J. Gerraty } else {
417f55287d3SSimon J. Gerraty lcwn = 0;
418f55287d3SSimon J. Gerraty }
419f55287d3SSimon J. Gerraty }
420f55287d3SSimon J. Gerraty
421f55287d3SSimon J. Gerraty /*
422f55287d3SSimon J. Gerraty * Write a response and close the connection.
423f55287d3SSimon J. Gerraty */
424f55287d3SSimon J. Gerraty br_sslio_write_all(&ioc, HTTP_RES, strlen(HTTP_RES));
425f55287d3SSimon J. Gerraty br_sslio_close(&ioc);
426f55287d3SSimon J. Gerraty
427f55287d3SSimon J. Gerraty client_drop:
428f55287d3SSimon J. Gerraty err = br_ssl_engine_last_error(&sc.eng);
429f55287d3SSimon J. Gerraty if (err == 0) {
430f55287d3SSimon J. Gerraty fprintf(stderr, "SSL closed (correctly).\n");
431f55287d3SSimon J. Gerraty } else {
432f55287d3SSimon J. Gerraty fprintf(stderr, "SSL error: %d\n", err);
433f55287d3SSimon J. Gerraty }
434f55287d3SSimon J. Gerraty close(cfd);
435f55287d3SSimon J. Gerraty }
436f55287d3SSimon J. Gerraty }
437