Denys Vlasenko | 9a647c3 | 2017-01-23 01:08:16 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2017 Denys Vlasenko |
| 3 | * |
| 4 | * Licensed under GPLv2, see file LICENSE in this source tree. |
| 5 | */ |
| 6 | //config:config SSL_CLIENT |
Denys Vlasenko | b097a84 | 2018-12-28 03:20:17 +0100 | [diff] [blame] | 7 | //config: bool "ssl_client (25 kb)" |
Denys Vlasenko | 9a647c3 | 2017-01-23 01:08:16 +0100 | [diff] [blame] | 8 | //config: default y |
| 9 | //config: select TLS |
| 10 | //config: help |
Denys Vlasenko | 72089cf | 2017-07-21 09:50:55 +0200 | [diff] [blame] | 11 | //config: This tool pipes data to/from a socket, TLS-encrypting it. |
Denys Vlasenko | 9a647c3 | 2017-01-23 01:08:16 +0100 | [diff] [blame] | 12 | |
| 13 | //applet:IF_SSL_CLIENT(APPLET(ssl_client, BB_DIR_USR_BIN, BB_SUID_DROP)) |
| 14 | |
| 15 | //kbuild:lib-$(CONFIG_SSL_CLIENT) += ssl_client.o |
| 16 | |
| 17 | //usage:#define ssl_client_trivial_usage |
Denys Vlasenko | 403f299 | 2018-02-06 15:15:08 +0100 | [diff] [blame] | 18 | //usage: "[-e] -s FD [-r FD] [-n SNI]" |
Denys Vlasenko | 9a647c3 | 2017-01-23 01:08:16 +0100 | [diff] [blame] | 19 | //usage:#define ssl_client_full_usage "" |
| 20 | |
| 21 | #include "libbb.h" |
| 22 | |
| 23 | int ssl_client_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; |
| 24 | int ssl_client_main(int argc UNUSED_PARAM, char **argv) |
| 25 | { |
| 26 | tls_state_t *tls; |
| 27 | const char *sni = NULL; |
| 28 | int opt; |
| 29 | |
| 30 | // INIT_G(); |
| 31 | |
| 32 | tls = new_tls_state(); |
Ron Yorston | b5820d9 | 2018-03-20 11:41:28 +0100 | [diff] [blame] | 33 | opt = getopt32(argv, "es:+r:+n:", &tls->ofd, &tls->ifd, &sni); |
Denys Vlasenko | 403f299 | 2018-02-06 15:15:08 +0100 | [diff] [blame] | 34 | if (!(opt & (1<<2))) { |
Denys Vlasenko | 9a647c3 | 2017-01-23 01:08:16 +0100 | [diff] [blame] | 35 | /* -r N defaults to -s N */ |
| 36 | tls->ifd = tls->ofd; |
| 37 | } |
| 38 | |
Denys Vlasenko | 403f299 | 2018-02-06 15:15:08 +0100 | [diff] [blame] | 39 | if (!(opt & (3<<1))) { |
Denys Vlasenko | 9a647c3 | 2017-01-23 01:08:16 +0100 | [diff] [blame] | 40 | if (!argv[1]) |
| 41 | bb_show_usage(); |
| 42 | /* Undocumented debug feature: without -s and -r, takes HOST arg and connects to it */ |
| 43 | // |
| 44 | // Talk to kernel.org: |
Denys Vlasenko | 403f299 | 2018-02-06 15:15:08 +0100 | [diff] [blame] | 45 | // printf "GET / HTTP/1.1\r\nHost: kernel.org\r\n\r\n" | busybox ssl_client kernel.org |
Denys Vlasenko | 9a647c3 | 2017-01-23 01:08:16 +0100 | [diff] [blame] | 46 | if (!sni) |
| 47 | sni = argv[1]; |
| 48 | tls->ifd = tls->ofd = create_and_connect_stream_or_die(argv[1], 443); |
| 49 | } |
| 50 | |
| 51 | tls_handshake(tls, sni); |
Denys Vlasenko | 403f299 | 2018-02-06 15:15:08 +0100 | [diff] [blame] | 52 | |
| 53 | BUILD_BUG_ON(TLSLOOP_EXIT_ON_LOCAL_EOF != 1); |
| 54 | tls_run_copy_loop(tls, /*flags*/ opt & 1); |
Denys Vlasenko | 9a647c3 | 2017-01-23 01:08:16 +0100 | [diff] [blame] | 55 | |
| 56 | return EXIT_SUCCESS; |
| 57 | } |