1 files changed, 193 insertions, 51 deletions

diff --git a/doc/examples/tls_client.cpp b/doc/examples/tls_client.cpp
index cedfe1ca8..d0a354e66 100644
--- a/doc/examples/tls_client.cpp
+++ b/doc/examples/tls_client.cpp
@@ -1,91 +1,233 @@
 #include <botan/botan.h>
 #include <botan/tls_client.h>
-#include "socket.h"
-
-using namespace Botan;
-
+#include <botan/pkcs8.h>
+#include <botan/hex.h>
 #include <stdio.h>
 #include <string>
 #include <iostream>
 #include <memory>
 
-class Client_TLS_Policy : public TLS_Policy
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <netdb.h>
+#include <unistd.h>
+#include <errno.h>
+#include <fcntl.h>
+
+#if defined(BOTAN_HAS_TLS_SQLITE_SESSION_MANAGER)
+  #include <botan/tls_sqlite_sess_mgr.h>
+#endif
+
+#include "credentials.h"
+
+using namespace Botan;
+
+using namespace std::tr1::placeholders;
+
+int connect_to_host(const std::string& host, u16bit port)
    {
-   public:
-      bool check_cert(const std::vector<X509_Certificate>& certs) const
-         {
-         for(size_t i = 0; i != certs.size(); ++i)
-            {
-            std::cout << certs[i].to_string();
-            }
+   hostent* host_addr = ::gethostbyname(host.c_str());
+
+   if(host_addr == 0)
+      throw std::runtime_error("gethostbyname failed for " + host);
+
+   if(host_addr->h_addrtype != AF_INET) // FIXME
+      throw std::runtime_error(host + " has IPv6 address");
+
+   int fd = ::socket(PF_INET, SOCK_STREAM, 0);
+   if(fd == -1)
+      throw std::runtime_error("Unable to acquire socket");
+
+   sockaddr_in socket_info;
+   ::memset(&socket_info, 0, sizeof(socket_info));
+   socket_info.sin_family = AF_INET;
+   socket_info.sin_port = htons(port);
+
+   ::memcpy(&socket_info.sin_addr,
+            host_addr->h_addr,
+            host_addr->h_length);
+
+   socket_info.sin_addr = *(struct in_addr*)host_addr->h_addr; // FIXME
+
+   if(::connect(fd, (sockaddr*)&socket_info, sizeof(struct sockaddr)) != 0)
+      {
+      ::close(fd);
+      throw std::runtime_error("connect failed");
+      }
+
+   return fd;
+   }
+
+bool handshake_complete(const TLS::Session& session)
+   {
+   std::cout << "Handshake complete!\n";
+   std::cout << "Protocol version " << session.version().to_string() << "\n";
+   std::cout << "Ciphersuite " << std::hex << session.ciphersuite().to_string() << "\n";
+   std::cout << "Session ID " << hex_encode(session.session_id()) << "\n";
+   std::cout << "Session ticket " << hex_encode(session.session_ticket()) << "\n";
 
-         std::cout << "Warning: not checking cert signatures\n";
+   return true;
+   }
+
+void socket_write(int sockfd, const byte buf[], size_t length)
+   {
+   size_t offset = 0;
 
-         return true;
+   while(length)
+      {
+      ssize_t sent = ::send(sockfd, (const char*)buf + offset,
+                            length, MSG_NOSIGNAL);
+
+      if(sent == -1)
+         {
+         if(errno == EINTR)
+            sent = 0;
+         else
+            throw std::runtime_error("Socket::write: Socket write failed");
          }
-   };
 
-int main(int argc, char* argv[])
+      offset += sent;
+      length -= sent;
+      }
+   }
+
+bool got_alert = false;
+
+void process_data(const byte buf[], size_t buf_size, TLS::Alert alert)
    {
-   if(argc != 2 && argc != 3)
+   if(alert.is_valid())
       {
-      printf("Usage: %s host [port]\n", argv[0]);
-      return 1;
+      std::cout << "Alert: " << alert.type_string() << "\n";
+      got_alert = true;
       }
 
-   try
+   for(size_t i = 0; i != buf_size; ++i)
       {
-      LibraryInitializer botan_init;
+      std::cout << buf[i];
+      }
+   }
 
-      std::string host = argv[1];
-      u32bit port = argc == 3 ? Botan::to_u32bit(argv[2]) : 443;
+std::string protocol_chooser(const std::vector<std::string>& protocols)
+   {
+   for(size_t i = 0; i != protocols.size(); ++i)
+      std::cout << "Protocol " << i << " = " << protocols[i] << "\n";
+   return "http/1.1";
+   }
 
-      printf("Connecting to %s:%d...\n", host.c_str(), port);
+void doit(RandomNumberGenerator& rng,
+          TLS::Policy& policy,
+          TLS::Session_Manager& session_manager,
+          Credentials_Manager& creds,
+          const std::string& host,
+          u16bit port)
+   {
+   int sockfd = connect_to_host(host, port);
 
-      SocketInitializer socket_init;
+   TLS::Client client(std::tr1::bind(socket_write, sockfd, _1, _2),
+                     process_data,
+                     handshake_complete,
+                     session_manager,
+                     creds,
+                     policy,
+                     rng,
+                     host);
 
-      Socket sock(argv[1], port);
+   fd_set readfds;
 
-      AutoSeeded_RNG rng;
+   while(true)
+      {
+      FD_ZERO(&readfds);
+      FD_SET(sockfd, &readfds);
+      FD_SET(STDIN_FILENO, &readfds);
 
-      Client_TLS_Policy policy;
+      ::select(sockfd + 1, &readfds, NULL, NULL, NULL);
 
-      TLS_Client tls(std::tr1::bind(&Socket::read, std::tr1::ref(sock), _1, _2),
-                     std::tr1::bind(&Socket::write, std::tr1::ref(sock), _1, _2),
-                     policy, rng);
+      if(client.is_closed())
+         break;
 
-      printf("Handshake extablished...\n");
+      if(FD_ISSET(sockfd, &readfds))
+         {
+         byte buf[64] = { 0 };
 
-#if 0
-      std::string http_command = "GET / HTTP/1.1\r\n"
-                                 "Server: " + host + ':' + to_string(port) + "\r\n\r\n";
-#else
-      std::string http_command = "GET / HTTP/1.0\r\n\r\n";
-#endif
+         size_t to_read = rand() % sizeof(buf);
+         if(to_read == 0)
+            to_read = 1;
 
-      tls.write((const Botan::byte*)http_command.c_str(),
-                http_command.length());
+         ssize_t got = read(sockfd, buf, to_read);
 
-      size_t total_got = 0;
+         if(got == 0)
+            {
+            std::cout << "EOF on socket\n";
+            break;
+            }
+         else if(got == -1)
+            {
+            std::cout << "Socket error: " << errno << " " << strerror(errno) << "\n";
+            continue;
+            }
 
-      while(true)
+         const size_t needed = client.received_data(buf, got);
+         //std::cout << "Socket - got " << got << " bytes, need " << needed << "\n";
+         }
+      else if(FD_ISSET(STDIN_FILENO, &readfds))
          {
-         if(tls.is_closed())
-            break;
+         byte buf[1024] = { 0 };
+         ssize_t got = read(STDIN_FILENO, buf, sizeof(buf));
 
-         Botan::byte buf[128+1] = { 0 };
-         size_t got = tls.read(buf, sizeof(buf)-1);
-         printf("%s", buf);
-         fflush(0);
+         if(got == 0)
+            {
+            std::cout << "EOF on stdin\n";
+            client.close();
+            break;
+            }
+         else if(got == -1)
+            {
+            std::cout << "Stdin error: " << errno << " " << strerror(errno) << "\n";
+            continue;
+            }
 
-         total_got += got;
+         client.send(buf, got);
          }
+      }
+
+   ::close(sockfd);
+   }
+
+int main(int argc, char* argv[])
+   {
+   if(argc != 2 && argc != 3)
+      {
+      std::cout << "Usage " << argv[0] << " host [port]\n";
+      return 1;
+      }
+
+   try
+      {
+      LibraryInitializer botan_init;
+      AutoSeeded_RNG rng;
+      TLS::Policy policy;
+
+#if defined(BOTAN_HAS_TLS_SQLITE_SESSION_MANAGER)
+      TLS::Session_Manager_SQLite session_manager("my secret passphrase", rng,
+                                                  "sessions.db");
+#else
+      TLS::Session_Manager_In_Memory session_manager;
+#endif
+
+      Credentials_Manager_Simple creds(rng);
+
+      std::string host = argv[1];
+      u32bit port = argc == 3 ? Botan::to_u32bit(argv[2]) : 443;
+
+      //while(true)
+         doit(rng, policy, session_manager, creds, host, port);
 
-      printf("\nRetrieved %d bytes total\n", total_got);
    }
    catch(std::exception& e)
       {
-      printf("%s\n", e.what());
+      std::cout << "Exception: " << e.what() << "\n";
       return 1;
       }
    return 0;