SSLかんたんな例
ssl_server.c
// OpenSSL the most SIMPLE example #include <stdio.h> #include <string.h> #include <stdlib.h> #include <unistd.h> #include <openssl/ssl.h> #include <sys/socket.h> #include <netdb.h> #define PORT 12335 int main( void ) { // Set up for socket int sb = socket( AF_INET, SOCK_STREAM, 0 ); struct sockaddr_in addr; bzero((char*) &addr, sizeof(addr)); addr.sin_family = PF_INET; addr.sin_port = htons(PORT); addr.sin_family = htonl(INADDR_ANY); if( bind( sb, (struct sockaddr*)&addr, sizeof(addr) ) < 0 ){ perror("bind"); exit(1); } listen( sb, 1 ); int s = accept( sb, NULL, NULL ); // SSL initialize SSL_library_init(); SSL_CTX* ctx = SSL_CTX_new( SSLv2_server_method() ); SSL* ssl = SSL_new( ctx ); SSL_set_fd( ssl, s ); // SSL set up for a certificate SSL_use_certificate_file( ssl, "public.key", SSL_FILETYPE_PEM ); SSL_use_PrivateKey_file( ssl, "private.key", SSL_FILETYPE_PEM ); // SSL accept SSL_accept(ssl); char msg[64]; int len; len = SSL_read( ssl, msg, sizeof(msg) ); msg[len] = '\0'; printf("Server received : %s\n", msg ); // SSL shutdown SSL_shutdown(ssl); SSL_free(ssl); SSL_CTX_free(ctx); // socket close close(s); close(sb); return 0; }
ssl_client.c
// OpenSSL the most SIMPLE client example #include <stdio.h> #include <string.h> #include <stdlib.h> #include <unistd.h> #include <openssl/ssl.h> #include <sys/socket.h> #include <netdb.h> #define PORT 12335 #define HOST "127.0.0.1" int main( void ) { // Initialize a socket int s = socket( AF_INET, SOCK_STREAM, 0 ); struct sockaddr_in addr; bzero((char*) &addr, sizeof(addr)); addr.sin_family = AF_INET; addr.sin_port = htons(PORT); addr.sin_addr.s_addr = inet_addr(HOST); if( connect( s, (struct sockaddr*)&addr, sizeof(addr) ) < 0 ){ perror("connect"); exit(1); } // SSL initialize SSL_library_init(); SSL_CTX* ctx = SSL_CTX_new( SSLv2_client_method() ); SSL* ssl = SSL_new( ctx ); // SSL connect SSL_set_fd( ssl, s ); SSL_connect( ssl ); char msg[64] = "This is client."; SSL_write( ssl, msg, strlen(msg) ); // SSL shutdown SSL_shutdown(ssl); SSL_free(ssl); SSL_CTX_free(ctx); // close socket close(s); return 0; }
でもって
# openssl req -new -x509 -nodes -out public.key -keyout private.key
# gcc -o server -lssl -lcrypt ssl_server.c
# gcc -o client -lssl -lcrypt ssl_client.c
# ./server &
# ./client
http://www-cms.phys.s.u-tokyo.ac.jp/~naoki/CIPINTRO/NETWORK/openssl.html
を参考にしてfedoraでコンパイル通るように修正しました。