1 /* This example code is placed in the public domain. */
10 #include <sys/types.h>
11 #include <sys/socket.h>
12 #include <arpa/inet.h>
14 #include <gnutls/gnutls.h>
16 /* A very basic TLS client, with X.509 authentication.
20 #define CAFILE "ca.pem"
21 #define MSG "GET / HTTP/1.0\r\n\r\n"
23 extern int tcp_connect (void);
24 extern void tcp_close (int sd);
30 gnutls_session_t session;
31 char buffer[MAX_BUF + 1];
33 gnutls_certificate_credentials_t xcred;
35 gnutls_global_init ();
38 gnutls_certificate_allocate_credentials (&xcred);
40 /* sets the trusted cas file
42 gnutls_certificate_set_x509_trust_file (xcred, CAFILE, GNUTLS_X509_FMT_PEM);
44 /* Initialize TLS session
46 gnutls_init (&session, GNUTLS_CLIENT);
48 /* Use default priorities */
49 ret = gnutls_priority_set_direct (session, "PERFORMANCE", &err);
52 if (ret == GNUTLS_E_INVALID_REQUEST)
54 fprintf (stderr, "Syntax error at: %s\n", err);
59 /* put the x509 credentials to the current session
61 gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
63 /* connect to the peer
67 gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
69 /* Perform the TLS handshake
71 ret = gnutls_handshake (session);
75 fprintf (stderr, "*** Handshake failed\n");
81 printf ("- Handshake was completed\n");
84 gnutls_record_send (session, MSG, strlen (MSG));
86 ret = gnutls_record_recv (session, buffer, MAX_BUF);
89 printf ("- Peer has closed the TLS connection\n");
94 fprintf (stderr, "*** Error: %s\n", gnutls_strerror (ret));
98 printf ("- Received %d bytes: ", ret);
99 for (ii = 0; ii < ret; ii++)
101 fputc (buffer[ii], stdout);
103 fputs ("\n", stdout);
105 gnutls_bye (session, GNUTLS_SHUT_RDWR);
111 gnutls_deinit (session);
113 gnutls_certificate_free_credentials (xcred);
115 gnutls_global_deinit ();