A fork of the TLS_cyassl embedded SSL library with certificate validation disabled.
Fork of TLS_cyassl by
TLSConnection.cpp@7:5c1e73469291, 2015-01-24 (annotated)
- Committer:
- glbast
- Date:
- Sat Jan 24 00:30:50 2015 +0000
- Revision:
- 7:5c1e73469291
- Parent:
- 3:0e5471a26490
Disabled SSL certificate checking.
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
feb11 | 0:815067fd66c9 | 1 | #include "TLSConnection.h" |
feb11 | 0:815067fd66c9 | 2 | #include <stdlib.h> |
feb11 | 0:815067fd66c9 | 3 | #include <stdio.h> |
feb11 | 0:815067fd66c9 | 4 | #include "cert.h" |
feb11 | 2:63ad554f6ca4 | 5 | #include <string.h> |
feb11 | 0:815067fd66c9 | 6 | |
feb11 | 2:63ad554f6ca4 | 7 | static int receiveFunc(CYASSL* ssl, char *buf, int sz, void *ctx) |
feb11 | 2:63ad554f6ca4 | 8 | { |
feb11 | 2:63ad554f6ca4 | 9 | int fd = *(int*)ctx; |
feb11 | 2:63ad554f6ca4 | 10 | fd_set rfds; |
feb11 | 2:63ad554f6ca4 | 11 | FD_ZERO(&rfds); |
feb11 | 2:63ad554f6ca4 | 12 | FD_SET(fd, &rfds); |
feb11 | 2:63ad554f6ca4 | 13 | |
feb11 | 2:63ad554f6ca4 | 14 | if (lwip_select(FD_SETSIZE, &rfds, NULL, NULL, NULL) < 0) |
feb11 | 2:63ad554f6ca4 | 15 | return -1; |
feb11 | 2:63ad554f6ca4 | 16 | |
feb11 | 2:63ad554f6ca4 | 17 | return lwip_recv(fd, buf, sz, 0); |
feb11 | 2:63ad554f6ca4 | 18 | } |
feb11 | 2:63ad554f6ca4 | 19 | |
feb11 | 2:63ad554f6ca4 | 20 | static int sendFunc(CYASSL* ssl, char *buf, int sz, void *ctx) |
feb11 | 2:63ad554f6ca4 | 21 | { |
feb11 | 2:63ad554f6ca4 | 22 | int fd = *(int*)ctx; |
feb11 | 2:63ad554f6ca4 | 23 | fd_set wfds; |
feb11 | 2:63ad554f6ca4 | 24 | FD_ZERO(&wfds); |
feb11 | 2:63ad554f6ca4 | 25 | FD_SET(fd, &wfds); |
feb11 | 2:63ad554f6ca4 | 26 | |
feb11 | 2:63ad554f6ca4 | 27 | if (lwip_select(FD_SETSIZE, NULL, &wfds, NULL, NULL) < 0) |
feb11 | 2:63ad554f6ca4 | 28 | return -1; |
feb11 | 2:63ad554f6ca4 | 29 | |
feb11 | 2:63ad554f6ca4 | 30 | return lwip_send(fd, buf, sz, 0); |
feb11 | 2:63ad554f6ca4 | 31 | } |
feb11 | 1:9494492e9bf7 | 32 | |
feb11 | 0:815067fd66c9 | 33 | const static int HTTPS_PORT = 443; |
feb11 | 0:815067fd66c9 | 34 | |
feb11 | 0:815067fd66c9 | 35 | TLSConnection::TLSConnection(): |
feb11 | 0:815067fd66c9 | 36 | Socket(), |
feb11 | 0:815067fd66c9 | 37 | Endpoint(), |
feb11 | 0:815067fd66c9 | 38 | _is_connected(false), |
feb11 | 0:815067fd66c9 | 39 | _ssl_ctx(), |
feb11 | 0:815067fd66c9 | 40 | _ssl() |
feb11 | 0:815067fd66c9 | 41 | { |
feb11 | 0:815067fd66c9 | 42 | } |
feb11 | 0:815067fd66c9 | 43 | |
feb11 | 0:815067fd66c9 | 44 | |
feb11 | 0:815067fd66c9 | 45 | bool TLSConnection::connect(const char *host) |
feb11 | 0:815067fd66c9 | 46 | { |
feb11 | 0:815067fd66c9 | 47 | if (init_socket(SOCK_STREAM) < 0) |
feb11 | 0:815067fd66c9 | 48 | return false; |
feb11 | 0:815067fd66c9 | 49 | |
feb11 | 0:815067fd66c9 | 50 | if (set_address(host, HTTPS_PORT) != 0) |
feb11 | 0:815067fd66c9 | 51 | return false; |
feb11 | 0:815067fd66c9 | 52 | |
feb11 | 0:815067fd66c9 | 53 | if (lwip_connect(_sock_fd, (const struct sockaddr *) &_remoteHost, sizeof(_remoteHost)) < 0) { |
feb11 | 0:815067fd66c9 | 54 | close(); |
feb11 | 0:815067fd66c9 | 55 | return false; |
feb11 | 0:815067fd66c9 | 56 | } |
feb11 | 1:9494492e9bf7 | 57 | |
feb11 | 0:815067fd66c9 | 58 | CyaSSL_Init(); |
feb11 | 2:63ad554f6ca4 | 59 | |
feb11 | 0:815067fd66c9 | 60 | CYASSL_METHOD* method = CyaTLSv1_2_client_method(); |
feb11 | 1:9494492e9bf7 | 61 | if(method == NULL) |
feb11 | 0:815067fd66c9 | 62 | { |
feb11 | 0:815067fd66c9 | 63 | return false; |
feb11 | 0:815067fd66c9 | 64 | } |
feb11 | 1:9494492e9bf7 | 65 | |
feb11 | 0:815067fd66c9 | 66 | _ssl_ctx = CyaSSL_CTX_new(method); |
feb11 | 0:815067fd66c9 | 67 | if(_ssl_ctx == NULL) |
feb11 | 0:815067fd66c9 | 68 | { |
feb11 | 0:815067fd66c9 | 69 | return false; |
glbast | 7:5c1e73469291 | 70 | } |
glbast | 7:5c1e73469291 | 71 | CyaSSL_CTX_set_verify(_ssl_ctx, SSL_VERIFY_NONE, 0); |
feb11 | 2:63ad554f6ca4 | 72 | CyaSSL_SetIOSend(_ssl_ctx, &sendFunc); |
feb11 | 2:63ad554f6ca4 | 73 | CyaSSL_SetIORecv(_ssl_ctx, &receiveFunc); |
feb11 | 0:815067fd66c9 | 74 | CyaSSL_CTX_load_verify_buffer(_ssl_ctx,(unsigned char*)root_cert, root_cert_len,SSL_FILETYPE_ASN1); |
feb11 | 1:9494492e9bf7 | 75 | |
feb11 | 0:815067fd66c9 | 76 | _ssl = CyaSSL_new(_ssl_ctx); |
feb11 | 0:815067fd66c9 | 77 | if(_ssl == NULL) |
feb11 | 0:815067fd66c9 | 78 | { |
feb11 | 0:815067fd66c9 | 79 | return false; |
feb11 | 0:815067fd66c9 | 80 | } |
feb11 | 0:815067fd66c9 | 81 | CyaSSL_set_fd(_ssl, _sock_fd); |
feb11 | 0:815067fd66c9 | 82 | |
feb11 | 0:815067fd66c9 | 83 | int result = CyaSSL_connect(_ssl); |
feb11 | 0:815067fd66c9 | 84 | if(result!=SSL_SUCCESS) |
feb11 | 0:815067fd66c9 | 85 | { |
feb11 | 2:63ad554f6ca4 | 86 | printf("error=%d\n", result); |
feb11 | 0:815067fd66c9 | 87 | return false; |
feb11 | 0:815067fd66c9 | 88 | } |
feb11 | 0:815067fd66c9 | 89 | |
feb11 | 0:815067fd66c9 | 90 | _is_connected = true; |
feb11 | 0:815067fd66c9 | 91 | |
feb11 | 0:815067fd66c9 | 92 | return true; |
feb11 | 0:815067fd66c9 | 93 | } |
feb11 | 0:815067fd66c9 | 94 | |
feb11 | 0:815067fd66c9 | 95 | bool TLSConnection::is_connected(void) |
feb11 | 0:815067fd66c9 | 96 | { |
feb11 | 0:815067fd66c9 | 97 | return _is_connected; |
feb11 | 0:815067fd66c9 | 98 | } |
feb11 | 0:815067fd66c9 | 99 | |
feb11 | 0:815067fd66c9 | 100 | int TLSConnection::send_all(char *data, int length) |
feb11 | 0:815067fd66c9 | 101 | { |
feb11 | 1:9494492e9bf7 | 102 | if(!_is_connected) |
feb11 | 1:9494492e9bf7 | 103 | return 0; |
feb11 | 1:9494492e9bf7 | 104 | |
feb11 | 1:9494492e9bf7 | 105 | return CyaSSL_write(_ssl, data, length); |
feb11 | 0:815067fd66c9 | 106 | } |
feb11 | 0:815067fd66c9 | 107 | |
feb11 | 0:815067fd66c9 | 108 | int TLSConnection::receive(char *data, int length) |
feb11 | 0:815067fd66c9 | 109 | { |
feb11 | 1:9494492e9bf7 | 110 | if(!_is_connected) |
feb11 | 1:9494492e9bf7 | 111 | return 0; |
feb11 | 1:9494492e9bf7 | 112 | |
feb11 | 1:9494492e9bf7 | 113 | return CyaSSL_read(_ssl, data, length); |
feb11 | 0:815067fd66c9 | 114 | } |
feb11 | 0:815067fd66c9 | 115 | |
feb11 | 0:815067fd66c9 | 116 | bool TLSConnection::close(bool shutdown) |
feb11 | 0:815067fd66c9 | 117 | { |
feb11 | 0:815067fd66c9 | 118 | if(!_is_connected) |
feb11 | 0:815067fd66c9 | 119 | return true; |
feb11 | 0:815067fd66c9 | 120 | |
feb11 | 0:815067fd66c9 | 121 | _is_connected = false; |
feb11 | 0:815067fd66c9 | 122 | |
glbast | 7:5c1e73469291 | 123 | CyaSSL_free(_ssl); |
feb11 | 0:815067fd66c9 | 124 | CyaSSL_CTX_free(_ssl_ctx); |
glbast | 7:5c1e73469291 | 125 | CyaSSL_Cleanup(); |
feb11 | 0:815067fd66c9 | 126 | |
feb11 | 0:815067fd66c9 | 127 | return Socket::close(shutdown) == 0; |
feb11 | 0:815067fd66c9 | 128 | } |
feb11 | 0:815067fd66c9 | 129 |