]> git.lizzy.rs Git - plan9front.git/blob - sys/src/cmd/tlsclient.c
projects / plan9front.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
python: update python build configuration to new ape capabilities like getaddrinfo...
[plan9front.git] / sys / src / cmd / tlsclient.c
1 #include <u.h>
2 #include <libc.h>
3 #include <mp.h>
4 #include <libsec.h>
5
6 void
7 usage(void)
8 {
9         fprint(2, "usage: tlsclient [-c lib/tls/clientcert] [-t /sys/lib/tls/xxx] [-x /sys/lib/tls/xxx.exclude] dialstring\n");
10         exits("usage");
11 }
12
13 void
14 xfer(int from, int to)
15 {
16         char buf[12*1024];
17         int n;
18
19         while((n = read(from, buf, sizeof buf)) > 0)
20                 if(write(to, buf, n) < 0)
21                         break;
22 }
23
24 static int
25 reporter(char *fmt, ...)
26 {
27         va_list ap;
28         
29         va_start(ap, fmt);
30         fprint(2, "%s:  tls reports ", argv0);
31         vfprint(2, fmt, ap);
32         fprint(2, "\n");
33
34         va_end(ap);
35         return 0;
36 }
37
38 void
39 main(int argc, char **argv)
40 {
41         int fd, netfd, debug;
42         uchar digest[20];
43         TLSconn *conn;
44         char *addr, *file, *filex, *ccert;
45         Thumbprint *thumb;
46
47         file = nil;
48         filex = nil;
49         thumb = nil;
50         ccert=nil;
51         debug=0;
52         ARGBEGIN{
53         case 't':
54                 file = EARGF(usage());
55                 break;
56         case 'x':
57                 filex = EARGF(usage());
58                 break;
59         case 'D':
60                 debug++;
61                 break;
62         case 'c':
63                 ccert = EARGF(usage());
64                 break;
65         default:
66                 usage();
67         }ARGEND
68
69         if(argc != 1)
70                 usage();
71
72         if(filex && !file)      
73                 sysfatal("specifying -x without -t is useless");
74         if(file){
75                 thumb = initThumbprints(file, filex);
76                 if(thumb == nil)
77                         sysfatal("initThumbprints: %r");
78         }
79
80         addr = argv[0];
81         if((netfd = dial(addr, 0, 0, 0)) < 0)
82                 sysfatal("dial %s: %r", addr);
83
84         conn = (TLSconn*)mallocz(sizeof *conn, 1);
85         if(ccert)
86                 conn->cert = readcert(ccert, &conn->certlen);
87         if(debug)
88                 conn->trace = reporter;
89         fd = tlsClient(netfd, conn);
90         if(fd < 0)
91                 sysfatal("tlsclient: %r");
92         if(thumb){
93                 if(conn->cert==nil || conn->certlen<=0)
94                         sysfatal("server did not provide TLS certificate");
95                 sha1(conn->cert, conn->certlen, digest, nil);
96                 if(!okThumbprint(digest, thumb)){
97                         fmtinstall('H', encodefmt);
98                         sysfatal("server certificate %.*H not recognized", SHA1dlen, digest);
99                 }
100         }
101         free(conn->cert);
102         close(netfd);
103
104         rfork(RFNOTEG);
105         switch(fork()){
106         case -1:
107                 fprint(2, "%s: fork: %r\n", argv0);
108                 exits("dial");
109         case 0:
110                 xfer(0, fd);
111                 break;
112         default:
113                 xfer(fd, 1);
114                 break;
115         }
116         postnote(PNGROUP, getpid(), "die yankee pig dog");
117         exits(0);
118 }
some kind of operating system. [Forked from http://git.9front.org/plan9front/plan9front/HEAD/info.html]