Commit 83fc7a49 authored by Jannik Hoelling's avatar Jannik Hoelling
Browse files

openssl improve output

parent 1a339488
......@@ -120,9 +120,11 @@ int main(int argc, char *argv[]) {
//bio.release();
int ret = SSL_connect(ssl);
if (ret != 1) {
int ssl_err = SSL_get_error(ssl, ret);
PrintSSLError(stderr, "Error while connecting", ssl_err, ret);
exit(6);
//int ssl_err = SSL_get_error(ssl, ret);
//PrintSSLError(stderr, "Error while connecting", ssl_err, ret);
int return_value = SSL_ERROR_SSL;
ERR_print_errors_cb(&error_callback, &return_value);
exit(return_value);
}
printf("Connected! \n");
......@@ -151,7 +153,7 @@ int main(int argc, char *argv[]) {
printf("ALPN: %.*s \n", alpn_received_len, alpn_received);
} else {
fprintf(stderr, "INVALID ALPN: %.*s \n", alpn_received_len, alpn_received);
exit(9);
return TLS1_AD_NO_APPLICATION_PROTOCOL;
}
} else {
printf("No ALPN negotiated ! %.*s\n", alpn_received_len, alpn_received);
......@@ -189,6 +191,26 @@ static void InfoCallback(const SSL *ssl, int type, __attribute__((unused)) int v
}
}
static int error_callback(const char *str, size_t len, void *err) {
if (strstr(str, "SSL alert number 120") != NULL || strstr(str, "INVALID_ALPN_PROTOCOL") != NULL) {
printf("TLSV1_ALERT_NO_APPLICATION_PROTOCOL \n");
//err = 1;
(*(int *)err) = TLS1_AD_NO_APPLICATION_PROTOCOL;
} else if (strstr(str, "CERTIFICATE_VERIFY_FAILED") != NULL || strstr(str, "certificate verify failed") != NULL) {
printf("CERTIFICATE_VERIFY_FAILED \n");
//err = 1;
(*(int *)err) = SSL_R_CERTIFICATE_VERIFY_FAILED;
} else if (strstr(str, "TLSV1_ALERT_UNRECOGNIZED_NAME") != NULL || strstr(str, "tlsv1 unrecognized name") != NULL) {
printf("TLSV1_ALERT_UNRECOGNIZED_NAME \n");
//err = 1;
(*(int *)err) = TLS1_AD_UNRECOGNIZED_NAME;
} else {
printf("%s", str);
(*(int *)err) = SSL_ERROR_SSL;
}
return 0;
}
void PrintSSLError(FILE *file, const char *msg, int ssl_err, int ret) {
switch (ssl_err) {
case SSL_ERROR_SSL:
......@@ -213,5 +235,7 @@ void PrintSSLError(FILE *file, const char *msg, int ssl_err, int ret) {
fprintf(file, "%s: unexpected error: %s\n", msg, ERR_reason_error_string(ssl_err));
#endif
}
ERR_print_errors_fp(file);
//ERR_print_errors_fp(file);
int err = 5;
ERR_print_errors_cb(&error_callback, &err);
}
\ No newline at end of file
......@@ -8,4 +8,6 @@
void PrintSSLError(FILE *file, const char *msg, int ssl_err, int ret);
static void InfoCallback(const SSL *ssl, int type, int value);
\ No newline at end of file
static void InfoCallback(const SSL *ssl, int type, int value);
static int error_callback(const char *str, size_t len, void *err);
\ No newline at end of file
......@@ -9,6 +9,8 @@ const uint16_t port = 4433;
int malicious_alpn = 0;
int err, ret;
int main(int argc, char **argv) {
// Disable buffering on stdout so docker output is shown
setbuf(stdout, NULL);
......@@ -89,18 +91,37 @@ int main(int argc, char **argv) {
ssl = SSL_new(ctx);
SSL_set_fd(ssl, client);
if (SSL_accept(ssl) <= 0) {
ERR_print_errors_fp(stderr);
} else {
// get message from client
char buff[1536] = {};
len = SSL_read(ssl, buff, sizeof(buff));
printf("%s \n", buff);
// send message to client
char *message = "Hello from Server!\n";
SSL_write(ssl, message, strlen(message));
}
SSL_accept(ssl);
// err = SSL_get_error(ssl, 0);
// printf("ERROR: %d \n", err);
// if (err == SSL_ERROR_SYSCALL || err == SSL_ERROR_SSL) {
// SSL_free(ssl);
// close(client);
// continue;
// }
// get message from client
char buff[1536] = {};
len = SSL_read(ssl, buff, sizeof(buff));
printf("%s \n", buff);
// err = SSL_get_error(ssl, 0);
// printf("ERROR: %d \n", err);
// if (err == SSL_ERROR_SYSCALL || err == SSL_ERROR_SSL) {
// SSL_free(ssl);
// close(client);
// continue;
// }
// send message to client
char *message = "Hello from Server!\n";
SSL_write(ssl, message, strlen(message));
// err = SSL_get_error(ssl, 0);
// printf("ERROR: %d \n", err);
// if (err == SSL_ERROR_SYSCALL || err == SSL_ERROR_SSL) {
// SSL_free(ssl);
// close(client);
// continue;
// }
SSL_shutdown(ssl);
SSL_free(ssl);
......@@ -109,7 +130,6 @@ int main(int argc, char **argv) {
close(sock);
SSL_CTX_free(ctx);
return 0;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment