nisccSimpleClient.cpp [plain text]
#include <Security/SecureTransport.h>
#include <Security/Security.h>
#include <Security/SecBasePriv.h>
#include <clAppUtils/sslAppUtils.h>
#include <clAppUtils/ioSock.h>
#include <clAppUtils/sslThreading.h>
#include <security_cdsa_utils/cuFileIo.h>
#include <security_cdsa_utils/cuCdsaUtils.h>
#include <security_cdsa_utils/cuPrintCert.h>
#include <security_utilities/threading.h>
#include <security_utilities/devrandom.h>
#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <time.h>
#include <ctype.h>
#include <sys/param.h>
#define MAX_CERT_SIZE 16000
static void usage(char **argv)
{
printf("Usage: %s hostname port keychain [q(uiet)]\n", argv[0]);
exit(1);
}
#define IGNORE_SIGPIPE 1
#if IGNORE_SIGPIPE
#include <signal.h>
void sigpipe(int sig)
{
}
#endif
SslAppTestParams clientDefaults =
{
NULL, true, 0, NULL, NULL, false, kTLSProtocol1,
NULL, NULL, NULL, false, true, NULL, false, kAlwaysAuthenticate,
false, NULL, false, NULL, 0, errSSLPeerCertUnknown, kTLSProtocol1, kSSLClientCertRejected,
SSL_CIPHER_IGNORE,
false, false, false, NULL, 0, false,
kSSLProtocolUnknown,
SSL_NULL_WITH_NULL_NULL,
kSSLClientCertNone,
noHardwareErr
};
static void testStartBanner(
char *testName,
int argc,
char **argv)
{
printf("Starting %s; args: ", testName);
for(int i=1; i<argc; i++) {
printf("%s ", argv[i]);
}
printf("\n");
}
extern "C" {
char *cssmErrToStr(CSSM_RETURN err);
}
char *cssmErrToStr(CSSM_RETURN err)
{
string errStr = cssmErrorString(err);
return const_cast<char *>(errStr.c_str());
}
int main(int argc, char **argv)
{
int ourRtn = 0;
char *argp;
int errCount = 0;
if(argc < 4) {
usage(argv);
}
clientDefaults.hostName = argv[1];
clientDefaults.password = argv[1];
clientDefaults.port = atoi(argv[2]);
clientDefaults.myCertKcName = argv[3];
for(int arg=4; arg<argc; arg++) {
argp = argv[arg];
switch(argp[0]) {
case 'q':
clientDefaults.quiet = true;
break;
default:
usage(argv);
}
}
#if IGNORE_SIGPIPE
signal(SIGPIPE, sigpipe);
#endif
if(!clientDefaults.quiet) {
testStartBanner("nisccSimpleClient", argc, argv);
}
ourRtn = sslAppClient(&clientDefaults);
if((ourRtn != errSSLPeerCertUnknown) &&
(ourRtn != errSSLPeerUnknownCA) &&
(ourRtn != errSSLPeerRecordOverflow) &&
(ourRtn != noErr)) {
printf("***Unexpected error return (%s)\n",
sslGetSSLErrString(ourRtn));
errCount++;
}
if(ourRtn == noErr) {
errCount += sslVerifyClientCertState("client",
kSSLClientCertSent,
clientDefaults.certState);
}
else {
errCount += sslVerifyClientCertState("client",
clientDefaults.expectCertState,
clientDefaults.certState);
}
if(!clientDefaults.quiet) {
if(errCount == 0) {
printf("===== %s test PASSED =====\n", argv[0]);
ourRtn = noErr;
}
else {
printf("****FAIL: sslAppClient detected %d errors\n", errCount);
}
}
return errCount;
}