2017-07-06 14:46:18 -07:00
|
|
|
#include <iostream>
|
2017-07-09 13:26:48 -07:00
|
|
|
#include "dns.h"
|
2017-07-06 14:46:18 -07:00
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
|
2017-07-06 14:46:18 -07:00
|
|
|
// NSPR include files
|
|
|
|
|
#include <prerror.h>
|
|
|
|
|
#include <prinit.h>
|
2017-07-07 15:53:39 -07:00
|
|
|
#include <prnetdb.h>
|
2017-07-09 15:17:24 -07:00
|
|
|
#include <prthread.h>
|
2017-07-07 15:53:39 -07:00
|
|
|
#include <nspr.h>
|
2017-07-06 14:46:18 -07:00
|
|
|
|
|
|
|
|
// NSS include files
|
|
|
|
|
#include <nss.h>
|
|
|
|
|
#include <pk11pub.h>
|
|
|
|
|
#include <secmod.h>
|
|
|
|
|
#include <ssl.h>
|
|
|
|
|
#include <sslproto.h>
|
2017-07-07 15:53:39 -07:00
|
|
|
#include <prio.h>
|
2017-07-06 14:46:18 -07:00
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
// Qt-dependent Include Files, should come after NSPR / NSS
|
|
|
|
|
#include "ui.h"
|
2017-07-09 13:26:48 -07:00
|
|
|
|
|
|
|
|
NSSInitContext *nssContext;
|
|
|
|
|
SECMODModule *builtInRootsMod;
|
|
|
|
|
|
2017-07-06 14:46:18 -07:00
|
|
|
// PK11 Password Function typedef
|
|
|
|
|
typedef char *(*PK11PasswordFunc)(
|
2017-07-09 15:17:24 -07:00
|
|
|
PK11SlotInfo *slot,
|
|
|
|
|
PRBool retry,
|
|
|
|
|
void *arg);
|
2017-07-06 14:46:18 -07:00
|
|
|
|
2017-07-09 13:26:48 -07:00
|
|
|
void init() {
|
2017-07-09 15:17:24 -07:00
|
|
|
// NSPR Init
|
|
|
|
|
PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
|
|
|
|
|
|
|
|
|
|
// NSS Init
|
|
|
|
|
nssContext =
|
|
|
|
|
NSS_InitContext("sql:/etc/pki/nssdb", "", "", "", NULL, NSS_INIT_READONLY | NSS_INIT_PK11RELOAD);
|
|
|
|
|
|
|
|
|
|
if (nssContext == NULL) {
|
|
|
|
|
const PRErrorCode err = PR_GetError();
|
|
|
|
|
fprintf(stderr, "NSSInitContext failed: Error code %d: %s\n", err, PR_ErrorToName(err));
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Ciphers to enable
|
|
|
|
|
static const PRUint16 goodCiphers[] = {
|
|
|
|
|
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
|
|
|
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
|
|
|
SSL_NULL_WITH_NULL_NULL // Sentinel value
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
PRBool foundGoodCipher = PR_FALSE;
|
|
|
|
|
for (const PRUint16 *p = goodCiphers; *p != SSL_NULL_WITH_NULL_NULL; ++p) {
|
|
|
|
|
PRInt32 policy;
|
|
|
|
|
if (SSL_CipherPolicyGet(*p, &policy) != SECSuccess) {
|
|
|
|
|
const PRErrorCode err = PR_GetError();
|
|
|
|
|
fprintf(stderr, "Error: Policy for cipher %u: error %d: %s\n",
|
|
|
|
|
(unsigned) *p, err, PR_ErrorToName(err));
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
if (policy == SSL_ALLOWED) {
|
|
|
|
|
// Policy allowed this cipher choice
|
|
|
|
|
fprintf(stderr, "Info: found cipher %x\n", (unsigned) *p);
|
|
|
|
|
foundGoodCipher = PR_TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!foundGoodCipher) {
|
|
|
|
|
if (NSS_SetDomesticPolicy() != SECSuccess) {
|
|
|
|
|
const PRErrorCode err = PR_GetError();
|
|
|
|
|
fprintf(stderr, "Error: NSS_SetDomesticPolicy: error %d: %s\n",
|
|
|
|
|
err, PR_ErrorToName(err));
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Initialize trusted certificate store
|
|
|
|
|
char module_name[] = "library=libnssckbi.so name=\"Root Certs\"";
|
|
|
|
|
builtInRootsMod = SECMOD_LoadUserModule(module_name, NULL, PR_FALSE);
|
|
|
|
|
if (builtInRootsMod == NULL || !builtInRootsMod->loaded) {
|
|
|
|
|
const PRErrorCode err = PR_GetError();
|
|
|
|
|
fprintf(stderr, "Error: Loading built in roots module failed, code %d: %s\n",
|
|
|
|
|
err, PR_ErrorToName(err));
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
2017-07-09 13:26:48 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
int main(int argc, char *argv[]) {
|
|
|
|
|
init();
|
2017-07-06 14:46:18 -07:00
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
PRNetAddr theAddr;
|
|
|
|
|
LookupName((char *) "buyvm.theoks.net", &theAddr);
|
2017-07-07 15:53:39 -07:00
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
char ipString[80];
|
|
|
|
|
PRStatus status = PR_NetAddrToString(&theAddr, ipString, 75);
|
|
|
|
|
if (status == PR_FAILURE) {
|
|
|
|
|
const PRErrorCode err = PR_GetError();
|
|
|
|
|
fprintf(stderr, "Error: Converting PRNetAddr to string %d: %s\n",
|
|
|
|
|
err, PR_ErrorToName(err));
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
2017-07-07 15:53:39 -07:00
|
|
|
|
2017-07-09 13:26:48 -07:00
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
PRFileDesc *tcpSocket = PR_NewTCPSocket();
|
|
|
|
|
theAddr.inet.port = 443;
|
|
|
|
|
PRFileDesc *nssSocket;
|
|
|
|
|
SSL_ImportFD(NULL, tcpSocket);
|
2017-07-09 13:26:48 -07:00
|
|
|
|
2017-07-07 15:53:39 -07:00
|
|
|
|
2017-07-06 14:46:18 -07:00
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
ui *uiInstance = new ui(argc, argv);
|
|
|
|
|
int qAppRetCode = uiInstance->exec();
|
2017-07-06 14:46:18 -07:00
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
char messageBuf[1024];
|
|
|
|
|
sprintf(messageBuf, "Found IP Address: %s", ipString);
|
|
|
|
|
uiInstance->mainLog->appendPlainText(messageBuf);
|
|
|
|
|
SECMOD_DestroyModule(builtInRootsMod);
|
|
|
|
|
NSS_ShutdownContext(nssContext);
|
2017-07-06 14:46:18 -07:00
|
|
|
|
2017-07-09 15:17:24 -07:00
|
|
|
return qAppRetCode;
|
2017-07-06 14:46:18 -07:00
|
|
|
}
|
