1	#include "common.h"
2	 
3	#define CAFILE "rootcert.pem"
4	#define CADIR NULL
5	#define CERTFILE "client.pem"
6	SSL_CTX *setup_client_ctx(void)
7	{
8	    SSL_CTX *ctx;
9	 
10	    ctx = SSL_CTX_new(SSLv23_method());
11	    if (SSL_CTX_load_verify_locations(ctx, CAFILE, CADIR) != 1)
12	        int_error("Error loading CA file and/or directory");
13	    if (SSL_CTX_set_default_verify_paths(ctx) != 1)
14	        int_error("Error loading default CA file and/or directory");
15	    if (SSL_CTX_use_certificate_chain_file(ctx, CERTFILE) != 1)
16	        int_error("Error loading certificate from file");
17	    if (SSL_CTX_use_PrivateKey_file(ctx, CERTFILE, SSL_FILETYPE_PEM) != 1)
18	        int_error("Error loading private key from file");
19	    SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);
20	    SSL_CTX_set_verify_depth(ctx, 4);
21	    return ctx;
22	}
23	 
24	int do_client_loop(SSL *ssl)
25	{
26	    int  err, nwritten;
27	    char buf[80];
28	 
29	    for (;;)
30	    {
31	        if (!fgets(buf, sizeof(buf), stdin))
32	            break;
33	        for (nwritten = 0;  nwritten < sizeof(buf);  nwritten += err)
34	        {
35	            err = SSL_write(ssl, buf + nwritten, strlen(buf) - nwritten);
36	            if (err <= 0)
37	                return 0;
38	        }
39	    }
40	    return 1;
41	}
42	 
43	int main(int argc, char *argv[])
44	{
45	    BIO     *conn;
46	    SSL     *ssl;
47	    SSL_CTX *ctx;
48	    long    err;
49
50	    init_OpenSSL();
51	    seed_prng();
52	 
53	    ctx = setup_client_ctx();
54	 
55	    conn = BIO_new_connect(SERVER ":" PORT);
56	    if (!conn)
57	        int_error("Error creating connection BIO");
58	 
59	    if (BIO_do_connect(conn) <= 0)
60	        int_error("Error connecting to remote machine");
61	 
62	    ssl = SSL_new(ctx);
63	    SSL_set_bio(ssl, conn, conn);
64	    if (SSL_connect(ssl) <= 0)
65	        int_error("Error connecting SSL object");
66	    if ((err = post_connection_check(ssl, SERVER)) != X509_V_OK)
67	    {
68	        fprintf(stderr, "-Error: peer certificate: %s\n",
69	                X509_verify_cert_error_string(err));
70	        int_error("Error checking SSL object after connection");
71	    }
72	    fprintf(stderr, "SSL Connection opened\n");
73	    if (do_client_loop(ssl))
74	        SSL_shutdown(ssl);
75	    else
76	        SSL_clear(ssl);
77	    fprintf(stderr, "SSL Connection closed\n");
78	 
79	    SSL_free(ssl);
80	    SSL_CTX_free(ctx);
81	    return 0;
82	}
