2 # sslecho.pl - Echo server using SSL
4 # Copyright (c) 1996,1998 Sampo Kellomaki <sampo@iki.fi>, All Rights Reserved.
5 # Date: 27.6.1996, 8.6.1998
6 # 7.12.2001, added more support for client side certificate testing --Sampo
7 # $Id: sslecho.pl,v 1.2 2001/12/08 17:43:14 sampo Exp $
9 # Usage: ./sslecho.pl *port* *cert.pem* *key.pem*
11 # This server always binds to localhost as this is all that is needed
14 die "Usage: ./sslecho.pl *port* *cert.pem* *key.pem*\n" unless $#ARGV == 2;
15 ($port, $cert_pem, $key_pem) = @ARGV;
16 $our_ip = "\x7F\0\0\x01";
20 use Net::SSLeay qw(sslcat die_now die_if_ssl_error);
21 $Net::SSLeay::trace = 3; # Super verbose debugging
24 # Create the socket and open a connection
27 $our_serv_params = pack ('S n a4 x8', &AF_INET, $port, $our_ip);
28 socket (S, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!";
29 bind (S, $our_serv_params) or die "bind: $! (port=$port)";
30 listen (S, 5) or die "listen: $!";
36 Net::SSLeay::load_error_strings();
37 Net::SSLeay::ERR_load_crypto_strings();
38 Net::SSLeay::SSLeay_add_ssl_algorithms();
39 Net::SSLeay::randomize();
41 print "sslecho: Creating SSL context...\n" if $trace>1;
42 $ctx = Net::SSLeay::CTX_new () or die_now("CTX_new ($ctx): $!\n");
43 print "sslecho: Setting cert and RSA key...\n" if $trace>1;
44 Net::SSLeay::CTX_set_cipher_list($ctx,'ALL');
45 Net::SSLeay::set_cert_and_key($ctx, $cert_pem, $key_pem) or die "key";
49 print "sslecho $$: Accepting connections...\n" if $trace>1;
50 ($addr = accept (NS, S)) or die "accept: $!";
51 $old_out = select (NS); $| = 1; select ($old_out); # Piping hot!
54 ($af,$client_port,$client_ip) = unpack('S n a4 x8',$addr);
55 @inetaddr = unpack('C4',$client_ip);
56 print "$af connection from " . join ('.', @inetaddr)
57 . ":$client_port\n" if $trace;;
61 # Do SSL negotiation stuff
64 print "sslecho: Creating SSL session (cxt=`$ctx')...\n" if $trace>1;
65 $ssl = Net::SSLeay::new($ctx) or die_now("ssl new ($ssl): $!");
67 print "sslecho: Setting fd (ctx $ctx, con $ssl)...\n" if $trace>1;
68 Net::SSLeay::set_fd($ssl, fileno(NS));
70 print "sslecho: Entering SSL negotiation phase...\n" if $trace>1;
72 Net::SSLeay::accept($ssl);
73 die_if_ssl_error("ssl_echo: ssl accept: ($!)");
75 print "sslecho: Cipher `" . Net::SSLeay::get_cipher($ssl)
79 # Connected. Exchange some data.
82 $got = Net::SSLeay::ssl_read_all($ssl) or die "$$: ssl read failed";
83 print "sslecho $$: got " . length($got) . " bytes\n" if $trace==2;
84 print "sslecho: Got `$got' (" . length ($got) . " chars)\n" if $trace>2;
86 if ($got eq 'CLIENT-CERT-TEST') {
87 $got .= Net::SSLeay::dump_peer_certificate($ssl) . "END CERT\n";
89 Net::SSLeay::ssl_write_all($ssl, $got) or die "$$: ssl write failed";
90 $got = ''; # in case it was huge
92 print "sslecho: Tearing down the connection.\n\n" if $trace>1;
94 Net::SSLeay::free ($ssl);
97 Net::SSLeay::CTX_free ($ctx);