2 * Copyright (c) 2018 Thomas Pornin <pornin@bolet.org>
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26 using System.Collections.Generic;
27 using System.Diagnostics;
29 using System.Net.Sockets;
31 using System.Threading;
40 * A simple command-line application that runs a client that connects
41 * to a provided server. This is meant for debug purposes.
46 public static void Main(string[] args)
49 new Client().Run(args);
50 } catch (Exception e) {
51 Console.WriteLine(e.ToString());
56 void Run(string[] args)
62 List<string> csNames = null;
63 List<string> hsNames = null;
66 for (int i = 0; i < args.Length; i ++) {
68 if (!a.StartsWith("-")) {
71 "duplicate host name");
76 a = a.Substring(1).ToLowerInvariant();
92 if (++ i >= args.Length) {
106 if (++ i >= args.Length) {
108 "no cipher names provided");
110 if (csNames == null) {
111 csNames = new List<string>();
113 AddNames(csNames, args[i]);
116 if (++ i >= args.Length) {
118 "no hash-and-sign provided");
120 if (hsNames == null) {
121 hsNames = new List<string>();
123 AddNames(hsNames, args[i]);
128 "duplicate minimum version");
130 if (++ i >= args.Length) {
132 "no minimum version provided");
134 vmin = SSL.GetVersionByName(args[i]);
139 "duplicate maximum version");
141 if (++ i >= args.Length) {
143 "no maximum version provided");
145 vmax = SSL.GetVersionByName(args[i]);
148 throw new Exception(string.Format(
149 "Unknown option: '-{0}'", a));
154 throw new Exception("no host name provided");
156 int j = host.LastIndexOf(':');
161 if (!Int32.TryParse(host.Substring(j + 1), out port)
162 || port <= 0 || port > 65535)
164 throw new Exception("invalid port number");
166 host = host.Substring(0, j);
172 if (csNames != null) {
173 css = new int[csNames.Count];
174 for (int i = 0; i < css.Length; i ++) {
175 css[i] = SSL.GetSuiteByName(csNames[i]);
179 if (hsNames != null) {
180 hss = new int[hsNames.Count];
181 for (int i = 0; i < hss.Length; i ++) {
182 hss[i] = SSL.GetHashAndSignByName(hsNames[i]);
185 if (vmin != 0 && vmax != 0 && vmin > vmax) {
186 throw new Exception("invalid version range");
190 * Connect to the designated server.
192 TcpClient tc = new TcpClient(host, port);
193 Socket sock = tc.Client;
194 Stream ns = tc.GetStream();
196 MergeStream ms = new MergeStream(ns, ns);
197 ms.Debug = Console.Out;
200 SSLClient ssl = new SSLClient(ns);
202 ssl.ServerName = sni;
205 ssl.SupportedCipherSuites = css;
208 ssl.SupportedHashAndSign = hss;
211 ssl.VersionMin = vmin;
214 ssl.VersionMax = vmax;
218 * This is a debug tool; we accept the server certificate
219 * without validation.
221 ssl.ServerCertValidator = SSLClient.InsecureCertValidator;
224 * Force a Flush. There is no application data to flush
225 * at this point, but as a side-effect it forces the
226 * handshake to complete.
231 Console.WriteLine("Handshake completed:");
232 Console.WriteLine(" Version = {0}",
233 SSL.VersionName(ssl.Version));
234 Console.WriteLine(" Cipher suite = {0}",
235 SSL.CipherSuiteName(ssl.CipherSuite));
239 * Now relay data back and forth between the connection
240 * and the console. Since the underlying SSL stream does
241 * not support simultaneous reads and writes, we use
242 * the following approximation:
244 * - We poll on the socket for incoming data. When there
245 * is some activity, we assume that some application
246 * data (or closure) follows, and we read it. It is
247 * then immediately written out (synchronously) on
250 * - When waiting for read activity on the socket, we
251 * regularly (every 200 ms) check for data to read on
252 * standard input. If there is, we read it, and send
253 * it synchronously on the SSL stream.
255 * - The data reading from console is performed by
258 * Since SSL records are read one by one, we know that,
259 * by using a buffer larger than 16 kB, a single Read()
260 * call cannot leave any buffered application data.
262 ssl.CloseSub = false;
263 Thread t = new Thread(new ThreadStart(CRThread));
264 t.IsBackground = true;
266 byte[] buf = new byte[16384];
267 Stream stdout = Console.OpenStandardOutput();
269 if (sock.Poll(200000, SelectMode.SelectRead)) {
270 int rlen = ssl.Read(buf, 0, buf.Length);
273 "Connection closed.\n");
276 stdout.Write(buf, 0, rlen);
278 while (CRHasData()) {
279 int rlen = CRRead(buf, 0, buf.Length);
285 ssl.Write(buf, 0, rlen);
293 static void AddNames(List<string> d, string str)
295 foreach (string name in str.Split(
296 new char[] { ',', ':', ';' },
297 StringSplitOptions.RemoveEmptyEntries))
303 object consoleReadLock = new object();
304 byte[] crBuf = new byte[16384];
306 bool crClosed = false;
310 lock (consoleReadLock) {
311 return crPtr != 0 || crClosed;
315 int CRRead(byte[] buf, int off, int len)
317 lock (consoleReadLock) {
318 if (crPtr == 0 && crClosed) {
321 int rlen = Math.Min(len, crPtr);
322 Array.Copy(crBuf, 0, buf, off, rlen);
323 if (rlen > 0 && rlen < crPtr) {
324 Array.Copy(crBuf, rlen, crBuf, 0, crPtr - rlen);
327 Monitor.PulseAll(consoleReadLock);
334 byte[] buf = new byte[crBuf.Length];
335 Stream stdin = Console.OpenStandardInput();
338 lock (consoleReadLock) {
339 while (crPtr == crBuf.Length) {
340 Monitor.Wait(consoleReadLock);
343 int rlen = stdin.Read(buf, 0, buf.Length);
344 lock (consoleReadLock) {
345 Monitor.PulseAll(consoleReadLock);
350 Array.Copy(buf, 0, crBuf, crPtr, rlen);