#!/bin/sh

# SSL addresses are usual MICO addresses prefixed by 'ssl:', e.g.
#  ssl:inet:0.0:0
#  ssl:unix:/tmp/socket

ADDR=ssl:inet:`uname -n`:12124
#ADDR=ssl:unix:/tmp/ssl.$$

# SSL options:
#  -ORBSSLcert <certificate file>
#    .pem file that holds your certificate, defaults to default.pem.
#  -ORBSSLkey <key file>
#    .pem file that holds your key pair, defaults to same file as the
#    certificate file.
#  -ORBSSLcipher <colon separated list of preferred ciphers>
#    cipher(s) that can be used, eg:
#    NULL-MD5     RC4-MD5      EXP-RC4-MD5
#    IDEA-CBC-MD5 RC2-CBC-MD5  EXP-RC2-CBC-MD5
#    DES-CBC-MD5  DES-CBC-SHA  DES-CBC3-MD5
#    DES-CBC3-SHA DES-CFB-M1
#  -ORBSSLverify <verify depth>
#    if specified the peer must supply a valid certificate, otherwise the
#    connection setup will fail. <verify depth> specifies how many
#    hops of the chain of certification authorities should be checked.
#    by default the validity of the peer's certificate is not checked.
#  -ORBSSLCAfile <CA filename>
#    .pem file that holds certificates of CA's
#  -ORBSSLCApath <CA pathname>
#    directory that contains .pem files holding certificates of CA's,
#    defaults to /usr/local/ssl/certs.
#
# the standard SSLeay environment variables work as well, but the -ORBSSL*
# options override them
#
# a key file is created by
#   genrsa -out key.pem
# a self signed certificate is created by
#   req -days 1000 -new -x509 -key key.pem -out cert.pem
# see the SSLeay documentation for details.


./server -ORBIIOPAddr $ADDR -ORBSSLcert cert.pem -ORBSSLkey key.pem \
  -ORBSSLverify 0 &
server_pid=$!
sleep 1

trap "kill $server_pid" 0

./client $ADDR -ORBSSLcert cert.pem -ORBSSLkey key.pem -ORBSSLverify 0

