working on tls

Makefile

@@ -5,13 +5,13 @@ OUTPATH=./build/
 SOURCE_MODULES_PATH=./library/
 
 #FOR DEBUG PURPOSE 
-CFLAGSTEMP=-c -Wall -I. -g -O0
-#CFLAGSTEMP=-c -Wall -I.
+#CFLAGSTEMP=-c -Wall -I. -g -O0
+CFLAGSTEMP=-c -Wall -I.
 OPTIMIZATION=-O3
 HEADERS=-I
 LIBPATH=./build/modules/
 BUILDFILES=start uFTP end
-#LIBS=-lpthread -lssl -lcrypto
+LIBS=-lpthread
 
 
 #ENABLE_LARGE_FILE_SUPPORT=

ftpCommandElaborate.c

@@ -572,9 +572,9 @@ int parseCommandList(ftpDataType * data, int socketId)
     theNameToList = getFtpCommandArg("LIST", data->clients[socketId].theCommandReceived, 1);
     getFtpCommandArgWithOptions("LIST", data->clients[socketId].theCommandReceived, &data->clients[socketId].workerData.ftpCommand);
  
-    ///printf("\nLIST COMMAND ARG: %s", data->clients[socketId].workerData.ftpCommand.commandArgs.text);
-    //printf("\nLIST COMMAND OPS: %s", data->clients[socketId].workerData.ftpCommand.commandOps.text);
-    //printf("\ntheNameToList: %s", theNameToList);
+    printf("\nLIST COMMAND ARG: %s", data->clients[socketId].workerData.ftpCommand.commandArgs.text);
+    printf("\nLIST COMMAND OPS: %s", data->clients[socketId].workerData.ftpCommand.commandOps.text);
+    printf("\ntheNameToList: %s", theNameToList);
     
     cleanDynamicStringDataType(&data->clients[socketId].workerData.ftpCommand.commandArgs, 0);
     cleanDynamicStringDataType(&data->clients[socketId].workerData.ftpCommand.commandOps, 0);    

ftpServer.c

@@ -146,13 +146,15 @@ void *connectionWorkerHandle(void * socketId)
         		}
 
                 returnCode = SSL_accept(ftpData.clients[theSocketId].workerData.serverSsl);
-				if (returnCode <= 0) {
+
+				if (returnCode <= 0)
+				{
 					printf("\nSSL ERRORS ON WORKER");
 					ERR_print_errors_fp(stderr);
 					ftpData.clients[theSocketId].closeTheClient = 1;
-
 				}
-				else {
+				else
+				{
 					printf("\nSSL ACCEPTED ON WORKER");
 				}
             }
@@ -180,13 +182,12 @@ void *connectionWorkerHandle(void * socketId)
 			printf("\nSSL ERRORS ON WORKER SSL_set_fd");
 			ftpData.clients[theSocketId].closeTheClient = 1;
 		}
-
+		//SSL_set_connect_state(ftpData.clients[theSocketId].workerData.clientSsl);
 		returnCode = SSL_connect(ftpData.clients[theSocketId].workerData.clientSsl);
 		if (returnCode <= 0)
 		{
-			printf("\nSSL ERRORS ON WORKER %d", returnCode);
+			printf("\nSSL ERRORS ON WORKER %d error code: %d", returnCode, SSL_get_error(ftpData.clients[theSocketId].workerData.clientSsl, returnCode));
 			ERR_print_errors_fp(stderr);
-			//ftpData.clients[theSocketId].closeTheClient = 1;
 		}
 		else
 		{
@@ -558,7 +559,7 @@ void runFtpServer(void)
                       if (ftpData.clients[processingSock].buffer[i] == '\n') 
                           {
                               ftpData.clients[processingSock].socketCommandReceived = 1;
-                              //printf("\n Processing the command: %s", ftpData.clients[processingSock].theCommandReceived);
+                              printf("\n Processing the command: %s", ftpData.clients[processingSock].theCommandReceived);
                               commandProcessStatus = processCommand(processingSock);
                               //Echo unrecognized commands
                               if (commandProcessStatus == FTP_COMMAND_NOT_RECONIZED) 

library/configRead.c

@@ -128,7 +128,7 @@ void initFtpData(ftpDataType *ftpData)
 	ftpData->serverCtx = createServerContext();
 	ftpData->clientCtx = createClientContext();
 	configureContext(ftpData->serverCtx, ftpData->ftpParameters.certificatePath, ftpData->ftpParameters.privateCertificatePath);
-	configureContext(ftpData->clientCtx, ftpData->ftpParameters.certificatePath, ftpData->ftpParameters.privateCertificatePath);
+	configureClientContext(ftpData->clientCtx, ftpData->ftpParameters.certificatePath, ftpData->ftpParameters.privateCertificatePath);
 	#endif
 
     ftpData->connectedClients = 0;

library/connection.c

@@ -50,7 +50,7 @@ int socketPrintf(ftpDataType * ftpData, int clientId, const char *__restrict __f
 	char theBuffer[SOCKET_PRINTF_BUFFER];
 	int theStringSize = 0;
 	memset(&theBuffer, 0, SOCKET_PRINTF_BUFFER);
-	//printf("\nWriting to socket id %d, TLS %d: ", clientId, ftpData->clients[clientId].tlsIsEnabled);
+	printf("\nWriting to socket id %d, TLS %d: ", clientId, ftpData->clients[clientId].tlsIsEnabled);
 
 	va_list args;
 	va_start(args, __fmt);
@@ -132,7 +132,7 @@ int socketPrintf(ftpDataType * ftpData, int clientId, const char *__restrict __f
 				#endif
 			}
 
-			//printf("%s", theBuffer);
+			printf("%s", theBuffer);
 
 			if (theReturnCode > 0)
 			{
@@ -165,7 +165,7 @@ int socketWorkerPrintf(ftpDataType * ftpData, int clientId, const char *__restri
 	char theBuffer[SOCKET_PRINTF_BUFFER];
 	int theStringSize = 0;
 	memset(&theBuffer, 0, SOCKET_PRINTF_BUFFER);
-	//printf("\nWriting to worker socket id %dd, TLS %d: ", clientId, ftpData->clients[clientId].dataChannelIsTls);
+	printf("\nWriting to worker socket id %dd, TLS %d: ", clientId, ftpData->clients[clientId].dataChannelIsTls);
 	va_list args;
 	va_start(args, __fmt);
 	while (*__fmt != '\0')
@@ -248,7 +248,7 @@ int socketWorkerPrintf(ftpDataType * ftpData, int clientId, const char *__restri
 				#endif
 			}
 
-			//printf("%s", theBuffer);
+			printf("%s", theBuffer);
 
 			if (theReturnCode > 0)
 			{
@@ -366,7 +366,9 @@ int createActiveSocket(int port, char *ipAddress)
 {
   int sockfd;
   struct sockaddr_in serv_addr;
-  
+
+  printf("\n Connection socket is going to start ip: %s:%d \n", ipAddress, port);
+  //sleep(100);
   memset(&serv_addr, 0, sizeof(struct sockaddr_in)); 
   serv_addr.sin_family = AF_INET;
   serv_addr.sin_port = htons(port); 

library/openSsl.c

@@ -33,21 +33,12 @@
 #include "openSsl.h"
 #include "fileManagement.h"
 
-BIO *outbio;
-
 void initOpenssl()
 {
-
-	outbio = NULL;
     OpenSSL_add_all_algorithms();		/* Load cryptos, et.al. */
     SSL_load_error_strings();			/* Bring in and register error messages */
-    SSL_load_error_strings();
-    //OpenSSL_add_ssl_algorithms();
     ERR_load_BIO_strings();
     ERR_load_crypto_strings();
-    SSL_load_error_strings();
-    outbio    = BIO_new(BIO_s_file());
-    outbio    = BIO_new_fp(stdout, BIO_NOCLOSE);
     SSL_library_init();
 }
 
@@ -78,10 +69,13 @@ SSL_CTX *createClientContext(void)
 {
 	const SSL_METHOD *method;
     SSL_CTX *ctx;
-
     method = TLS_client_method();		/* Create new client-method instance */
     ctx = SSL_CTX_new(method);			/* Create new context */
-    if ( ctx == NULL )
+    //SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1);
+    //SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | SSL_OP_CIPHER_SERVER_PREFERENCE| SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1);
+    //SSL_CTX_set_ecdh_auto(ctx, 1);
+
+    if (ctx == NULL)
     {
     	perror("Unable to create server SSL context");
         ERR_print_errors_fp(stderr);
@@ -92,6 +86,32 @@ SSL_CTX *createClientContext(void)
 }
 
 
+void configureClientContext(SSL_CTX *ctx, char *certificatePath, char* privateCertificatePath)
+{
+	if (FILE_IsFile(certificatePath) != 1)
+	{
+		printf("\ncertificate file: %s not found!", certificatePath);
+		exit(0);
+	}
+
+	if (FILE_IsFile(privateCertificatePath) != 1)
+	{
+		printf("\ncertificate file: %s not found!", privateCertificatePath);
+		exit(0);
+	}
+
+    /* Set the key and cert */
+    if (SSL_CTX_use_certificate_file(ctx, certificatePath, SSL_FILETYPE_PEM) <= 0) {
+        ERR_print_errors_fp(stderr);
+        exit(EXIT_FAILURE);
+    }
+
+    if (SSL_CTX_use_PrivateKey_file(ctx, privateCertificatePath, SSL_FILETYPE_PEM) <= 0 ) {
+        ERR_print_errors_fp(stderr);
+        exit(EXIT_FAILURE);
+    }
+}
+
 void configureContext(SSL_CTX *ctx, char *certificatePath, char* privateCertificatePath)
 {
 	if (FILE_IsFile(certificatePath) != 1)

library/openSsl.h

@@ -39,6 +39,7 @@ void cleanupOpenssl();
 SSL_CTX *createServerContext();
 SSL_CTX *createClientContext();
 void configureContext(SSL_CTX *ctx, char *certificatePath, char* privateCertificatePath);
+void configureClientContext(SSL_CTX *ctx, char *certificatePath, char* privateCertificatePath);
 void ShowCerts(SSL* ssl);
 #ifdef __cplusplus
 }