1 files changed, 0 insertions, 395 deletions
diff --git a/src/lib/libssl/src/ssl/ssl_task.c b/src/lib/libssl/src/ssl/ssl_task.c
deleted file mode 100644
index be0319831a..0000000000
--- a/src/lib/libssl/src/ssl/ssl_task.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/* ssl/ssl_task.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* VMS */
-/*
- * DECnet object for servicing SSL.  We accept the inbound and speak a
- * simple protocol for multiplexing the 2 data streams (application and
- * ssl data) over this logical link.
- *
- * Logical names:
- *    SSL_CIPHER        Defines a list of cipher specifications the server
- *                      will support in order of preference.
- *    SSL_SERVER_CERTIFICATE
- *                      Points to PEM (privacy enhanced mail) file that
- *                      contains the server certificate and private password.
- *    SYS$NET           Logical created by netserver.exe as hook for completing
- *                      DECnet logical link.
- *
- * Each NSP message sent over the DECnet link has the following structure:
- *    struct rpc_msg { 
- *      char channel;
- *      char function;
- *      short length;
- *      char data[MAX_DATA];
- *    } msg;
- *
- * The channel field designates the virtual data stream this message applies
- * to and is one of:
- *   A - Application data (payload).
- *   R - Remote client connection that initiated the SSL connection.  Encrypted
- *       data is sent over this connection.
- *   G - General data, reserved for future use.
- *
- * The data streams are half-duplex read/write and have following functions:
- *   G - Get, requests that up to msg.length bytes of data be returned.  The
- *       data is returned in the next 'C' function response that matches the
- *       requesting channel.
- *   P - Put, requests that the first msg.length bytes of msg.data be appended
- *       to the designated stream.
- *   C - Confirms a get or put.  Every get and put will get a confirm response,
- *       you cannot initiate another function on a channel until the previous
- *       operation has been confirmed.
- *
- *  The 2 channels may interleave their operations, for example:
- *        Server msg           Client msg
- *         A, Get, 4092          ---->
- *                               <----  R, get, 4092
- *         R, Confirm, {hello}   ---->
- *                               <----  R, put, {srv hello}
- *         R, Confirm, 0         ---->
- *                               .              (SSL handshake completed)
- *                               .              (read first app data).
- *                               <----  A, confirm, {http data}
- *         A, Put, {http data}   ---->
- *                               <----  A, confirm, 0
- *
- *  The length field is not permitted to be larger that 4092 bytes.
- *
- * Author: Dave Jones
- * Date:   22-JUL-1996
- */
-#include <sys/types.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <iodef.h>              /* VMS IO$_ definitions */
-#include <descrip.h>            /* VMS string descriptors */
-extern int SYS$QIOW(), SYS$ASSIGN();
-int LIB$INIT_TIMER(), LIB$SHOW_TIMER();
-#include <string.h>             /* from ssltest.c */
-#include <errno.h>
-#include <unistd.h>
-#include <openssl/opensslconf.h>
-#include <openssl/e_os2.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-int
-verify_callback(int ok, X509 *xs, X509 *xi, int depth,
-int error);
-BIO *bio_err = NULL;
-BIO *bio_stdout = NULL;
-BIO_METHOD *BIO_s_rtcp();
-static char *cipher = NULL;
-int verbose = 1;
-#ifdef FIONBIO
-static int s_nbio = 0;
-#endif
-#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE"
-/*************************************************************************/
-        struct rpc_msg {                /* Should have member alignment inhibited */
-        char channel;
-        /* 'A'-app data. 'R'-remote client 'G'-global */
-        char function;
-        /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
-        unsigned short int length;      /* Amount of data returned or max to return */
-        char data[4092];
-        /* variable data */
-};
-#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
-static $DESCRIPTOR(sysnet, "SYS$NET");
-typedef unsigned short io_channel;
-struct io_status {
-        unsigned short status;
-        unsigned short count;
-        unsigned long stsval;
-};
-int doit(io_channel chan, SSL_CTX *s_ctx );
-/*****************************************************************************/
-/* Decnet I/O routines.
- */
-static int get ( io_channel chan, char *buffer, int maxlen, int *length )
-{
-        int status;
-        struct io_status iosb;
-        status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
-        buffer, maxlen, 0, 0, 0, 0 );
-        if ((status&1)
-                == 1 ) status = iosb.status;
-        if ((status&1)
-                == 1 ) *length = iosb.count;
-        return status;
-}
-static int put ( io_channel chan, char *buffer, int length )
-{
-        int status;
-        struct io_status iosb;
-        status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
-        buffer, length, 0, 0, 0, 0 );
-        if ((status&1)
-                == 1 ) status = iosb.status;
-        return status;
-}
-/***************************************************************************/
-/* Handle operations on the 'G' channel.
- */
-static int general_request ( io_channel chan, struct rpc_msg *msg, int length ) {
-        return 48;
-}
-/***************************************************************************/
-int main ( int argc, char **argv )
-{
-        int status, length;
-        io_channel chan;
-        struct rpc_msg msg;
-        char *CApath = NULL, *CAfile = NULL;
-        int badop = 0;
-        int ret = 1;
-        int client_auth = 0;
-        int server_auth = 0;
-        SSL_CTX *s_ctx = NULL;
-    /*
-     * Confirm logical link with initiating client.
-     */
-        LIB$INIT_TIMER();
-        status = SYS$ASSIGN ( &sysnet, &chan, 0, 0, 0 );
-        printf("status of assign to SYS$NET: %d\n", status );
-    /*
-     * Initialize standard out and error files.
-     */
-        if (bio_err == NULL)
-                if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-                        BIO_set_fp(bio_err, stderr, BIO_NOCLOSE);
-        if (bio_stdout == NULL)
-                if ((bio_stdout = BIO_new(BIO_s_file())) != NULL)
-                        BIO_set_fp(bio_stdout, stdout, BIO_NOCLOSE);
-    /*
-     * get the preferred cipher list and other initialization
-     */
-        if (cipher == NULL)
-                cipher = getenv("SSL_CIPHER");
-        printf("cipher list: %s\n", cipher ? cipher : "{undefined}" );
-        SSL_load_error_strings();
-        OpenSSL_add_all_algorithms();
-/* DRM, this was the original, but there is no such thing as SSLv2()
-        s_ctx=SSL_CTX_new(SSLv2());
-*/
-        s_ctx = SSL_CTX_new(SSLv2_server_method());
-        if (s_ctx == NULL)
-                goto end;
-        SSL_CTX_use_certificate_file(s_ctx, TEST_SERVER_CERT, SSL_FILETYPE_PEM);
-        SSL_CTX_use_RSAPrivateKey_file(s_ctx, TEST_SERVER_CERT, SSL_FILETYPE_PEM);
-        printf("Loaded server certificate: '%s'\n", TEST_SERVER_CERT );
-    /*
-     * Take commands from client until bad status.
-     */
-        LIB$SHOW_TIMER();
-        status = doit ( chan, s_ctx );
-        LIB$SHOW_TIMER();
-    /*
-     * do final cleanup and exit.
-     */
-end:
-        if (s_ctx != NULL)
-                SSL_CTX_free(s_ctx);
-        LIB$SHOW_TIMER();
-        return 1;
-}
-int
-doit(io_channel chan, SSL_CTX *s_ctx )
-{
-        int status, length, link_state;
-        struct rpc_msg msg;
-        SSL *s_ssl = NULL;
-        BIO *c_to_s = NULL;
-        BIO *s_to_c = NULL;
-        BIO *c_bio = NULL;
-        BIO *s_bio = NULL;
-        int i;
-        int done = 0;
-        s_ssl = SSL_new(s_ctx);
-        if (s_ssl == NULL)
-                goto err;
-        c_to_s = BIO_new(BIO_s_rtcp());
-        s_to_c = BIO_new(BIO_s_rtcp());
-        if ((s_to_c == NULL)
-                || (c_to_s == NULL)) goto err;
-/* original, DRM 24-SEP-1997
-        BIO_set_fd ( c_to_s, "", chan );
-        BIO_set_fd ( s_to_c, "", chan );
-*/
-        BIO_set_fd ( c_to_s, 0, chan );
-        BIO_set_fd ( s_to_c, 0, chan );
-        c_bio = BIO_new(BIO_f_ssl());
-        s_bio = BIO_new(BIO_f_ssl());
-        if ((c_bio == NULL)
-                || (s_bio == NULL)) goto err;
-        SSL_set_accept_state(s_ssl);
-        SSL_set_bio(s_ssl, c_to_s, s_to_c);
-        BIO_set_ssl(s_bio, s_ssl, BIO_CLOSE);
-        /* We can always do writes */
-        printf("Begin doit main loop\n");
-        /*
-         * Link states: 0-idle, 1-read pending, 2-write pending, 3-closed.
-         */
-        for (link_state = 0; link_state < 3; ) {
-            /*
-             * Wait for remote end to request data action on A channel.
-             */
-                while (link_state == 0 ) {
-                        status = get ( chan, (char *) &msg, sizeof(msg), &length );
-                        if ((status&1) == 0 ) {
-                                printf("Error in main loop get: %d\n", status );
-                                link_state = 3;
-                                break;
-                        }
-                        if (length < RPC_HDR_SIZE ) {
-                                printf("Error in main loop get size: %d\n", length );
-                                link_state = 3;
-                                break;
-                        }
-                        if (msg.channel != 'A' ) {
-                                printf("Error in main loop, unexpected channel: %c\n",
-                                msg.channel );
-                                link_state = 3;
-                                break;
-                        }
-                        if (msg.function == 'G' ) {
-                                link_state = 1;
-                        } else if (msg.function == 'P' ) {
-                                link_state = 2; /* write pending */
-                        } else if (msg.function == 'X' ) {
-                                link_state = 3;
-                        } else {
-                                link_state = 3;
-                        }
-                }
-                if (link_state == 1 ) {
-                        i = BIO_read ( s_bio, msg.data, msg.length );
-                        if (i < 0 )
-                                link_state = 3;
-                        else {
-                                msg.channel = 'A';
-                                msg.function = 'C';
-                                /* confirm */
-                                msg.length = i;
-                                status = put ( chan, (char *) &msg, i + RPC_HDR_SIZE );
-                                if ((status&1)
-                                        == 0 ) break;
-                                link_state = 0;
-                        }
-                } else if (link_state == 2 ) {
-                        i = BIO_write ( s_bio, msg.data, msg.length );
-                        if (i < 0 )
-                                link_state = 3;
-                        else {
-                                msg.channel = 'A';
-                                msg.function = 'C';
-                                /* confirm */
-                                msg.length = 0;
-                                status = put ( chan, (char *) &msg, RPC_HDR_SIZE );
-                                if ((status&1)
-                                        == 0 ) break;
-                                link_state = 0;
-                        }
-                }
-        }
-        fprintf(stdout, "DONE\n");
-err:
-        /* We have to set the BIO's to NULL otherwise they will be
-         * free()ed twice.  Once when th s_ssl is SSL_free()ed and
-         * again when c_ssl is SSL_free()ed.
-         * This is a hack required because s_ssl and c_ssl are sharing the same
-         * BIO structure and SSL_set_bio() and SSL_free() automatically
-         * BIO_free non NULL entries.
-         * You should not normally do this or be required to do this */
-        s_ssl->rbio = NULL;
-        s_ssl->wbio = NULL;
-        if (c_to_s != NULL)
-                BIO_free(c_to_s);
-        if (s_to_c != NULL)
-                BIO_free(s_to_c);
-        if (c_bio != NULL)
-                BIO_free(c_bio);
-        if (s_bio != NULL)
-                BIO_free(s_bio);
-        return (0);
-}

diff --git a/src/lib/libssl/src/ssl/ssl_task.c b/src/lib/libssl/src/ssl/ssl_task.c deleted file mode 100644 index be0319831a..0000000000 --- a/src/lib/libssl/src/ssl/ssl_task.c +++ /dev/null
@@ -1,395 +0,0 @@
1	/* ssl/ssl_task.c */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	/* VMS */
60	/*
61	* DECnet object for servicing SSL. We accept the inbound and speak a
62	* simple protocol for multiplexing the 2 data streams (application and
63	* ssl data) over this logical link.
64	*
65	* Logical names:
66	* SSL_CIPHER Defines a list of cipher specifications the server
67	* will support in order of preference.
68	* SSL_SERVER_CERTIFICATE
69	* Points to PEM (privacy enhanced mail) file that
70	* contains the server certificate and private password.
71	* SYS$NET Logical created by netserver.exe as hook for completing
72	* DECnet logical link.
73	*
74	* Each NSP message sent over the DECnet link has the following structure:
75	* struct rpc_msg {
76	* char channel;
77	* char function;
78	* short length;
79	* char data[MAX_DATA];
80	* } msg;
81	*
82	* The channel field designates the virtual data stream this message applies
83	* to and is one of:
84	* A - Application data (payload).
85	* R - Remote client connection that initiated the SSL connection. Encrypted
86	* data is sent over this connection.
87	* G - General data, reserved for future use.
88	*
89	* The data streams are half-duplex read/write and have following functions:
90	* G - Get, requests that up to msg.length bytes of data be returned. The
91	* data is returned in the next 'C' function response that matches the
92	* requesting channel.
93	* P - Put, requests that the first msg.length bytes of msg.data be appended
94	* to the designated stream.
95	* C - Confirms a get or put. Every get and put will get a confirm response,
96	* you cannot initiate another function on a channel until the previous
97	* operation has been confirmed.
98	*
99	* The 2 channels may interleave their operations, for example:
100	* Server msg Client msg
101	* A, Get, 4092 ---->
102	* <---- R, get, 4092
103	* R, Confirm, {hello} ---->
104	* <---- R, put, {srv hello}
105	* R, Confirm, 0 ---->
106	* . (SSL handshake completed)
107	* . (read first app data).
108	* <---- A, confirm, {http data}
109	* A, Put, {http data} ---->
110	* <---- A, confirm, 0
111	*
112	* The length field is not permitted to be larger that 4092 bytes.
113	*
114	* Author: Dave Jones
115	* Date: 22-JUL-1996
116	*/
117	#include <sys/types.h>
118
119	#include <stdlib.h>
120	#include <stdio.h>
121	#include <iodef.h> /* VMS IO$_ definitions */
122	#include <descrip.h> /* VMS string descriptors */
123	extern int SYS$QIOW(), SYS$ASSIGN();
124	int LIB$INIT_TIMER(), LIB$SHOW_TIMER();
125
126	#include <string.h> /* from ssltest.c */
127	#include <errno.h>
128	#include <unistd.h>
129
130	#include <openssl/opensslconf.h>
131	#include <openssl/e_os2.h>
132	#include <openssl/buffer.h>
133	#include <openssl/x509.h>
134	#include <openssl/ssl.h>
135	#include <openssl/err.h>
136
137	int
138	verify_callback(int ok, X509 xs, X509 xi, int depth,
139	int error);
140	BIO *bio_err = NULL;
141	BIO *bio_stdout = NULL;
142	BIO_METHOD *BIO_s_rtcp();
143
144	static char *cipher = NULL;
145	int verbose = 1;
146	#ifdef FIONBIO
147	static int s_nbio = 0;
148	#endif
149	#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE"
150	/*************************************************************************/
151	struct rpc_msg { /* Should have member alignment inhibited */
152	char channel;
153	/* 'A'-app data. 'R'-remote client 'G'-global */
154	char function;
155	/* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
156	unsigned short int length; /* Amount of data returned or max to return */
157	char data[4092];
158	/* variable data */
159	};
160	#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
161
162	static $DESCRIPTOR(sysnet, "SYS$NET");
163	typedef unsigned short io_channel;
164
165	struct io_status {
166	unsigned short status;
167	unsigned short count;
168	unsigned long stsval;
169	};
170	int doit(io_channel chan, SSL_CTX *s_ctx );
171	/*****************************************************************************/
172	/* Decnet I/O routines.
173	*/
174	static int get ( io_channel chan, char buffer, int maxlen, int length )
175	{
176	int status;
177	struct io_status iosb;
178	status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
179	buffer, maxlen, 0, 0, 0, 0 );
180	if ((status&1)
181	== 1 ) status = iosb.status;
182	if ((status&1)
183	== 1 ) *length = iosb.count;
184	return status;
185	}
186
187	static int put ( io_channel chan, char *buffer, int length )
188	{
189	int status;
190	struct io_status iosb;
191	status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
192	buffer, length, 0, 0, 0, 0 );
193	if ((status&1)
194	== 1 ) status = iosb.status;
195	return status;
196	}
197	/***************************************************************************/
198	/* Handle operations on the 'G' channel.
199	*/
200	static int general_request ( io_channel chan, struct rpc_msg *msg, int length ) {
201	return 48;
202	}
203	/***************************************************************************/
204	int main ( int argc, char **argv )
205	{
206	int status, length;
207	io_channel chan;
208	struct rpc_msg msg;
209
210	char CApath = NULL, CAfile = NULL;
211	int badop = 0;
212	int ret = 1;
213	int client_auth = 0;
214	int server_auth = 0;
215	SSL_CTX *s_ctx = NULL;
216	/*
217	* Confirm logical link with initiating client.
218	*/
219	LIB$INIT_TIMER();
220	status = SYS$ASSIGN ( &sysnet, &chan, 0, 0, 0 );
221	printf("status of assign to SYS$NET: %d\n", status );
222	/*
223	* Initialize standard out and error files.
224	*/
225	if (bio_err == NULL)
226	if ((bio_err = BIO_new(BIO_s_file())) != NULL)
227	BIO_set_fp(bio_err, stderr, BIO_NOCLOSE);
228	if (bio_stdout == NULL)
229	if ((bio_stdout = BIO_new(BIO_s_file())) != NULL)
230	BIO_set_fp(bio_stdout, stdout, BIO_NOCLOSE);
231	/*
232	* get the preferred cipher list and other initialization
233	*/
234	if (cipher == NULL)
235	cipher = getenv("SSL_CIPHER");
236	printf("cipher list: %s\n", cipher ? cipher : "{undefined}" );
237
238	SSL_load_error_strings();
239	OpenSSL_add_all_algorithms();
240
241	/* DRM, this was the original, but there is no such thing as SSLv2()
242	s_ctx=SSL_CTX_new(SSLv2());
243	*/
244	s_ctx = SSL_CTX_new(SSLv2_server_method());
245
246	if (s_ctx == NULL)
247	goto end;
248
249	SSL_CTX_use_certificate_file(s_ctx, TEST_SERVER_CERT, SSL_FILETYPE_PEM);
250	SSL_CTX_use_RSAPrivateKey_file(s_ctx, TEST_SERVER_CERT, SSL_FILETYPE_PEM);
251	printf("Loaded server certificate: '%s'\n", TEST_SERVER_CERT );
252
253	/*
254	* Take commands from client until bad status.
255	*/
256	LIB$SHOW_TIMER();
257	status = doit ( chan, s_ctx );
258	LIB$SHOW_TIMER();
259	/*
260	* do final cleanup and exit.
261	*/
262	end:
263	if (s_ctx != NULL)
264	SSL_CTX_free(s_ctx);
265	LIB$SHOW_TIMER();
266	return 1;
267	}
268
269	int
270	doit(io_channel chan, SSL_CTX *s_ctx )
271	{
272	int status, length, link_state;
273	struct rpc_msg msg;
274
275	SSL *s_ssl = NULL;
276	BIO *c_to_s = NULL;
277	BIO *s_to_c = NULL;
278	BIO *c_bio = NULL;
279	BIO *s_bio = NULL;
280	int i;
281	int done = 0;
282
283	s_ssl = SSL_new(s_ctx);
284	if (s_ssl == NULL)
285	goto err;
286
287	c_to_s = BIO_new(BIO_s_rtcp());
288	s_to_c = BIO_new(BIO_s_rtcp());
289	if ((s_to_c == NULL)
290	\|\| (c_to_s == NULL)) goto err;
291	/* original, DRM 24-SEP-1997
292	BIO_set_fd ( c_to_s, "", chan );
293	BIO_set_fd ( s_to_c, "", chan );
294	*/
295	BIO_set_fd ( c_to_s, 0, chan );
296	BIO_set_fd ( s_to_c, 0, chan );
297
298	c_bio = BIO_new(BIO_f_ssl());
299	s_bio = BIO_new(BIO_f_ssl());
300	if ((c_bio == NULL)
301	\|\| (s_bio == NULL)) goto err;
302
303	SSL_set_accept_state(s_ssl);
304	SSL_set_bio(s_ssl, c_to_s, s_to_c);
305	BIO_set_ssl(s_bio, s_ssl, BIO_CLOSE);
306
307	/* We can always do writes */
308	printf("Begin doit main loop\n");
309	/*
310	* Link states: 0-idle, 1-read pending, 2-write pending, 3-closed.
311	*/
312	for (link_state = 0; link_state < 3; ) {
313	/*
314	* Wait for remote end to request data action on A channel.
315	*/
316	while (link_state == 0 ) {
317	status = get ( chan, (char *) &msg, sizeof(msg), &length );
318	if ((status&1) == 0 ) {
319	printf("Error in main loop get: %d\n", status );
320	link_state = 3;
321	break;
322	}
323	if (length < RPC_HDR_SIZE ) {
324	printf("Error in main loop get size: %d\n", length );
325	link_state = 3;
326	break;
327	}
328	if (msg.channel != 'A' ) {
329	printf("Error in main loop, unexpected channel: %c\n",
330	msg.channel );
331	link_state = 3;
332	break;
333	}
334	if (msg.function == 'G' ) {
335	link_state = 1;
336	} else if (msg.function == 'P' ) {
337	link_state = 2; /* write pending */
338	} else if (msg.function == 'X' ) {
339	link_state = 3;
340	} else {
341	link_state = 3;
342	}
343	}
344	if (link_state == 1 ) {
345	i = BIO_read ( s_bio, msg.data, msg.length );
346	if (i < 0 )
347	link_state = 3;
348	else {
349	msg.channel = 'A';
350	msg.function = 'C';
351	/* confirm */
352	msg.length = i;
353	status = put ( chan, (char *) &msg, i + RPC_HDR_SIZE );
354	if ((status&1)
355	== 0 ) break;
356	link_state = 0;
357	}
358	} else if (link_state == 2 ) {
359	i = BIO_write ( s_bio, msg.data, msg.length );
360	if (i < 0 )
361	link_state = 3;
362	else {
363	msg.channel = 'A';
364	msg.function = 'C';
365	/* confirm */
366	msg.length = 0;
367	status = put ( chan, (char *) &msg, RPC_HDR_SIZE );
368	if ((status&1)
369	== 0 ) break;
370	link_state = 0;
371	}
372	}
373	}
374	fprintf(stdout, "DONE\n");
375	err:
376	/* We have to set the BIO's to NULL otherwise they will be
377	* free()ed twice. Once when th s_ssl is SSL_free()ed and
378	* again when c_ssl is SSL_free()ed.
379	* This is a hack required because s_ssl and c_ssl are sharing the same
380	* BIO structure and SSL_set_bio() and SSL_free() automatically
381	* BIO_free non NULL entries.
382	* You should not normally do this or be required to do this */
383	s_ssl->rbio = NULL;
384	s_ssl->wbio = NULL;
385
386	if (c_to_s != NULL)
387	BIO_free(c_to_s);
388	if (s_to_c != NULL)
389	BIO_free(s_to_c);
390	if (c_bio != NULL)
391	BIO_free(c_bio);
392	if (s_bio != NULL)
393	BIO_free(s_bio);
394	return (0);
395	}