Skip to content

Commit b3d6cdc

Browse files
embeddedmzembeddedmz
committed
Testing OpenSSL under Linux.
1 parent 2a0376f commit b3d6cdc

File tree

7 files changed

+62
-26
lines changed

7 files changed

+62
-26
lines changed

CMakeLists.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ set(LIBRARY_OUTPUT_PATH lib/${CMAKE_BUILD_TYPE})
66
set(CMAKE_CXX_STANDARD 14)
77

88
add_definitions(-DLINUX)
9+
add_definitions(-DOPENSSL)
910

1011
include_directories(Socket)
1112

Socket/SecureSocket.cpp

Lines changed: 14 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,10 @@
88

99
#include "SecureSocket.h"
1010

11+
#ifndef LINUX
1112
// to avoid link problems in prod/test program
1213
#include <openssl/applink.c>
14+
#endif
1315

1416
// Static members initialization
1517
volatile int ASecureSocket::s_iSecureSocketCount = 0;
@@ -57,19 +59,21 @@ void ASecureSocket::SetUpCtxClient(SSLSocket& Socket)
5759
{
5860
default:
5961
case OpenSSLProtocol::SSL_V23:
60-
Socket.m_pMTHDSSL = SSLv23_client_method();
62+
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv23_client_method());
6163
break;
6264

65+
#ifndef LINUX
6366
case OpenSSLProtocol::SSL_V2:
64-
Socket.m_pMTHDSSL = SSLv2_client_method();
67+
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv2_client_method());
6568
break;
69+
#endif
6670

6771
case OpenSSLProtocol::SSL_V3:
68-
Socket.m_pMTHDSSL = SSLv3_client_method();
72+
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv3_client_method());
6973
break;
7074

7175
case OpenSSLProtocol::TLS_V1:
72-
Socket.m_pMTHDSSL = TLSv1_client_method();
76+
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(TLSv1_client_method());
7377
break;
7478
}
7579
Socket.m_pCTXSSL = SSL_CTX_new(Socket.m_pMTHDSSL);
@@ -81,19 +85,21 @@ void ASecureSocket::SetUpCtxServer(SSLSocket& Socket)
8185
{
8286
default:
8387
case OpenSSLProtocol::SSL_V23:
84-
Socket.m_pMTHDSSL = SSLv23_server_method();
88+
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv23_server_method());
8589
break;
8690

91+
#ifndef LINUX
8792
case OpenSSLProtocol::SSL_V2:
88-
Socket.m_pMTHDSSL = SSLv2_server_method();
93+
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv2_server_method());
8994
break;
95+
#endif
9096

9197
case OpenSSLProtocol::SSL_V3:
92-
Socket.m_pMTHDSSL = SSLv3_server_method();
98+
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(SSLv3_server_method());
9399
break;
94100

95101
case OpenSSLProtocol::TLS_V1:
96-
Socket.m_pMTHDSSL = TLSv1_server_method();
102+
Socket.m_pMTHDSSL = const_cast<SSL_METHOD*>(TLSv1_server_method());
97103
break;
98104
}
99105
Socket.m_pCTXSSL = SSL_CTX_new(Socket.m_pMTHDSSL);

Socket/SecureSocket.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,9 @@ class ASecureSocket : public ASocket
2323
public:
2424
enum class OpenSSLProtocol
2525
{
26+
#ifndef LINUX
2627
SSL_V2,
28+
#endif
2729
SSL_V3,
2830
TLS_V1,
2931
SSL_V23 /* There is no SSL protocol version named SSLv23. The SSLv23_method() API

Socket/TCPSSLClient.cpp

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -58,14 +58,13 @@ bool CTCPSSLClient::Connect(const std::string& strServer, const std::string& str
5858
* only using the private key. */
5959
if (!m_strSSLKeyFile.empty())
6060
{
61-
// commented as it uses stdin to request the passphrase...
62-
/*if (SSL_CTX_use_PrivateKey_file(m_SSLConnectSocket.m_pCTXSSL,
61+
if (SSL_CTX_use_PrivateKey_file(m_SSLConnectSocket.m_pCTXSSL,
6362
m_strSSLKeyFile.c_str(), SSL_FILETYPE_PEM) <= 0)
6463
{
6564
m_oLog("[TCPSSLClient][Error] Loading key file failed.");
6665
//ERR_print_errors_fp(stdout);
6766
return false;
68-
}*/
67+
}
6968

7069
/* verify private key */
7170
/*if (!SSL_CTX_check_private_key(m_SSLConnectSocket.m_pCTXSSL))
@@ -102,6 +101,7 @@ bool CTCPSSLClient::Connect(const std::string& strServer, const std::string& str
102101

103102
return true;
104103
}
104+
ERR_print_errors_fp(stdout);
105105

106106
m_oLog(StringFormat("[TCPSSLClient][Error] SSL_connect failed (Error=%d | %s)",
107107
iResult, GetSSLErrorString(SSL_get_error(m_SSLConnectSocket.m_pSSL, iResult))));

Socket/TCPSSLServer.cpp

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -58,8 +58,7 @@ bool CTCPSSLServer::Listen(SSLSocket& ClientSocket)
5858
SSL_CTX_set_verify_depth(ClientSocket.m_pCTXSSL, 1);
5959
}
6060
/* Load the server private-key into the SSL context. */
61-
// uses stdin to request passphrase....
62-
/*if (!m_strSSLKeyFile.empty())
61+
if (!m_strSSLKeyFile.empty())
6362
{
6463
if (SSL_CTX_use_PrivateKey_file(ClientSocket.m_pCTXSSL,
6564
m_strSSLKeyFile.c_str(), SSL_FILETYPE_PEM) <= 0)
@@ -70,12 +69,12 @@ bool CTCPSSLServer::Listen(SSLSocket& ClientSocket)
7069
}
7170

7271
// verify private key
73-
if (!SSL_CTX_check_private_key(ClientSocket.m_pCTXSSL))
72+
/*if (!SSL_CTX_check_private_key(ClientSocket.m_pCTXSSL))
7473
{
7574
m_oLog("[TCPSSLServer][Error] Private key does not match the public certificate.");
7675
return false;
77-
}
78-
}*/
76+
}*/
77+
}
7978

8079
ClientSocket.m_pSSL = SSL_new(ClientSocket.m_pCTXSSL);
8180
// set the socket directly into the SSL structure or we can use a BIO structure
@@ -90,7 +89,7 @@ bool CTCPSSLServer::Listen(SSLSocket& ClientSocket)
9089
iSSLErr, GetSSLErrorString(SSL_get_error(ClientSocket.m_pSSL, iSSLErr))));
9190

9291
//if (iSSLErr < 0)
93-
//ERR_print_errors_fp(stdout);
92+
ERR_print_errors_fp(stdout);
9493

9594
ShutdownSSL(ClientSocket);
9695

SocketTest/CMakeLists.txt

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ project(TestSocket)
44
set(EXECUTABLE_OUTPUT_PATH bin/${CMAKE_BUILD_TYPE})
55
set(CMAKE_CXX_STANDARD 14) # c++14
66
add_definitions(-DLINUX)
7+
add_definitions(-DOPENSSL)
78

89
# Code coverage setup
910
IF(CMAKE_BUILD_TYPE MATCHES Coverage)
@@ -47,6 +48,6 @@ link_directories(../lib/${CMAKE_BUILD_TYPE})
4748
add_executable(test_socket Tests.cpp test_utils.cpp)
4849

4950
#Link setup
50-
target_link_libraries(test_socket socket ${GTEST_LIBRARIES} pthread curl)
51+
target_link_libraries(test_socket socket ${GTEST_LIBRARIES} pthread curl ssl crypto)
5152

5253
ENDIF(CMAKE_BUILD_TYPE MATCHES Coverage)

SocketTest/Tests.cpp

Lines changed: 35 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ class SSLTCPTest : public ::testing::Test
6868

6969
virtual void SetUp()
7070
{
71-
m_pSSLTCPClient.reset(new CTCPSSLClient(PRINT_LOG, ASecureSocket::OpenSSLProtocol::SSL_V3));
71+
m_pSSLTCPClient.reset(new CTCPSSLClient(PRINT_LOG));
7272
}
7373

7474
virtual void TearDown()
@@ -229,30 +229,57 @@ TEST_F(SSLTCPTest, TestLoopback)
229229
char szRcvBuffer[14] = {};
230230
ASecureSocket::SSLSocket ConnectedClient;
231231

232-
ASSERT_NO_THROW(m_pSSLTCPServer.reset(new CTCPSSLServer(PRINT_LOG, "4242",
233-
ASecureSocket::OpenSSLProtocol::SSL_V3)));
232+
ASSERT_NO_THROW(m_pSSLTCPServer.reset(new CTCPSSLServer(PRINT_LOG, "4242")));
234233

235-
m_pSSLTCPServer->SetSSLCertFile("C:\\TestOpenSSL\\site.cert");
236-
//m_pSSLTCPServer->SetSSLCerthAuth("C:\\TestOpenSSL\\CAfile.pem");
234+
m_pSSLTCPServer->SetSSLCertFile("site.cert");
235+
m_pSSLTCPServer->SetSSLCerthAuth("CAfile.pem");
236+
m_pSSLTCPServer->SetSSLKeyFile("privkey.pem");
237237

238+
#ifdef WINDOWS
238239
std::future<bool> futListen = std::async([&]() -> bool
239240
{
240241
// give time to let the server object reach the accept instruction.
241242
#ifdef LINUX
242-
for (int iSec = 0; iSec < 5; ++iSec)
243-
usleep(1000000);
243+
//for (int iSec = 0; iSec < 5000; ++iSec)
244+
//usleep(1000);
244245
#else
245246
for (int iSec = 0; iSec < 5; ++iSec)
246247
Sleep(1000);
247248
#endif
248249

249-
m_pSSLTCPClient->SetSSLCerthAuth("C:\\TestOpenSSL\\CAfile.pem");
250+
//m_pSSLTCPClient->SetSSLCerthAuth("C:\\TestOpenSSL\\CAfile.pem");
250251
return m_pSSLTCPClient->Connect("localhost", "4242");
251252
});
253+
#else
254+
auto ConnectTask = [&]() -> bool
255+
{
256+
// give time to let the server object reach the accept instruction.
257+
#ifdef LINUX
258+
std::cout << "** Connect task : delay\n";
259+
for (int iSec = 0; iSec < 5000; ++iSec)
260+
usleep(1000);
261+
#else
262+
for (int iSec = 0; iSec < 5; ++iSec)
263+
Sleep(1000);
264+
#endif
265+
std::cout << "** Connect task : begin connect\n";
266+
m_pSSLTCPClient->SetSSLCerthAuth("CAfile.pem");
267+
m_pSSLTCPClient->SetSSLKeyFile("privkey.pem");
268+
bool bRet = m_pSSLTCPClient->Connect("localhost", "4242");
269+
std::cout << "** Connect task : end connect\n";
270+
return bRet;
271+
};
272+
std::thread ConnectThread(ConnectTask);
273+
#endif
252274

253275
m_pSSLTCPServer->Listen(ConnectedClient);
254276

277+
#ifdef WINDOWS
255278
ASSERT_TRUE(futListen.get());
279+
#else
280+
ConnectThread.join();
281+
#endif
282+
256283
ASSERT_FALSE(ConnectedClient.m_pSSL == nullptr);
257284
ASSERT_FALSE(ConnectedClient.m_pCTXSSL == nullptr);
258285
ASSERT_FALSE(ConnectedClient.m_SockFd == INVALID_SOCKET);

0 commit comments

Comments
 (0)