"Fossies" - the Fresh Open Source Software Archive

Member "openssl-1.0.2q/demos/easy_tls/README" (20 Nov 2018, 2292 Bytes) of package /linux/misc/openssl-1.0.2q.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 easy_tls - generic SSL/TLS proxy
    2 ========
    3 
    4 (... and example for non-blocking SSL/TLS I/O multiplexing.)
    5 
    6 
    7   easy_tls.c, easy_tls.h:
    8 
    9      Small generic SSL/TLS proxy library: With a few function calls,
   10      an application socket will be replaced by a pipe handled by a
   11      separate SSL/TLS proxy process.  This allows easily adding
   12      SSL/TLS support to many programs not originally designed for it.
   13 
   14      [Actually easy_tls.c is not a proper library: Customization
   15      requires defining preprocessor macros while compiling it.
   16      This is quite confusing, so I'll probably change it.]
   17 
   18      These files may be used under the OpenSSL license.
   19 
   20 
   21 
   22   test.c, test.h, Makefile, cert.pem, cacerts.pem:
   23 
   24      Rudimentary example program using the easy_tls library, and
   25      example key and certificates for it.  Usage examples:
   26 
   27        $ ./test 8443     # create server listening at port 8443
   28        $ ./test 127.0.0.1 8443  # create client, connect to port 8443
   29                                 # at IP address 127.0.0.1
   30 
   31      'test' will not automatically do SSL/TLS, or even read or write
   32      data -- it must be told to do so on input lines starting
   33      with a command letter.  'W' means write a line, 'R' means
   34      read a line, 'C' means close the connection, 'T' means
   35      start an SSL/TLS proxy.  E.g. (user input tagged with '*'):
   36 
   37      * R
   38        <<< 220 mail.example.net
   39      * WSTARTTLS
   40        >>> STARTTLS
   41      * R
   42        <<< 220 Ready to start TLS
   43      * T
   44        test_process_init(fd = 3, client_p = 1, apparg = (nil))
   45        +++ `E:self signed certificate in certificate chain'
   46        +++ `<... certificate info ...>'
   47      * WHELO localhost
   48        >>> HELO localhost
   49        R
   50        <<< 250 mail.example.net
   51 
   52      You can even do SSL/TLS over SSL/TLS over SSL/TLS ... by using
   53      'T' multiple times.  I have no idea why you would want to though.
   54 
   55 
   56 This code is rather old.  When I find time I will update anything that
   57 should be changed, and improve code comments.  To compile the sample
   58 program 'test' on platforms other then Linux or Solaris, you will have
   59 to edit the Makefile.
   60 
   61 As noted above, easy_tls.c will be changed to become a library one
   62 day, which means that future revisions will not be fully compatible to
   63 the current version.
   64 
   65 Bodo Möller <bodo@openssl.org>