1/* 2 * Copyright (C) 2017 Denys Vlasenko 3 * 4 * Licensed under GPLv2, see file LICENSE in this source tree. 5 */ 6//config:config SSL_CLIENT 7//config: bool "ssl_client (25 kb)" 8//config: default y 9//config: select TLS 10//config: help 11//config: This tool pipes data to/from a socket, TLS-encrypting it. 12 13//applet:IF_SSL_CLIENT(APPLET(ssl_client, BB_DIR_USR_BIN, BB_SUID_DROP)) 14 15//kbuild:lib-$(CONFIG_SSL_CLIENT) += ssl_client.o 16 17//usage:#define ssl_client_trivial_usage 18//usage: "[-e] -s FD [-r FD] [-n SNI]" 19//usage:#define ssl_client_full_usage "" 20 21#include "libbb.h" 22 23int ssl_client_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; 24int ssl_client_main(int argc UNUSED_PARAM, char **argv) 25{ 26 tls_state_t *tls; 27 const char *sni = NULL; 28 int opt; 29 30 // INIT_G(); 31 32 tls = new_tls_state(); 33 opt = getopt32(argv, "es:+r:+n:", &tls->ofd, &tls->ifd, &sni); 34 if (!(opt & (1<<2))) { 35 /* -r N defaults to -s N */ 36 tls->ifd = tls->ofd; 37 } 38 39 if (!(opt & (3<<1))) { 40 if (!argv[1]) 41 bb_show_usage(); 42 /* Undocumented debug feature: without -s and -r, takes HOST arg and connects to it */ 43 // 44 // Talk to kernel.org: 45 // printf "GET / HTTP/1.1\r\nHost: kernel.org\r\n\r\n" | busybox ssl_client kernel.org 46 if (!sni) 47 sni = argv[1]; 48 tls->ifd = tls->ofd = create_and_connect_stream_or_die(argv[1], 443); 49 } 50 51 tls_handshake(tls, sni); 52 53 BUILD_BUG_ON(TLSLOOP_EXIT_ON_LOCAL_EOF != 1); 54 tls_run_copy_loop(tls, /*flags*/ opt & 1); 55 56 return EXIT_SUCCESS; 57} 58