2011-07-27 00:27:22 +04:00
|
|
|
/* client.c
|
|
|
|
*
|
2013-02-06 00:44:17 +04:00
|
|
|
* Copyright (C) 2006-2013 wolfSSL Inc.
|
2011-07-27 00:27:22 +04:00
|
|
|
*
|
|
|
|
* This file is part of CyaSSL.
|
|
|
|
*
|
|
|
|
* CyaSSL is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* CyaSSL is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
|
|
|
|
*/
|
|
|
|
|
2011-08-25 03:37:16 +04:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
#include <config.h>
|
|
|
|
#endif
|
2011-08-05 02:42:55 +04:00
|
|
|
|
2013-03-16 00:17:05 +04:00
|
|
|
#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER)
|
|
|
|
/* in case memory tracker wants stats */
|
|
|
|
#define CYASSL_TRACK_MEMORY
|
|
|
|
#endif
|
|
|
|
|
2011-11-03 21:56:15 +04:00
|
|
|
#include <cyassl/ssl.h>
|
2011-08-26 01:28:57 +04:00
|
|
|
#include <cyassl/test.h>
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-09-20 10:38:41 +04:00
|
|
|
#include "examples/client/client.h"
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
#ifdef CYASSL_CALLBACKS
|
|
|
|
int handShakeCB(HandShakeInfo*);
|
|
|
|
int timeoutCB(TimeoutInfo*);
|
|
|
|
Timeval timeout;
|
|
|
|
#endif
|
|
|
|
|
2013-03-16 00:17:05 +04:00
|
|
|
|
2012-10-18 00:13:58 +04:00
|
|
|
static void NonBlockingSSL_Connect(CYASSL* ssl)
|
|
|
|
{
|
2011-02-05 22:14:47 +03:00
|
|
|
#ifndef CYASSL_CALLBACKS
|
2012-10-18 00:13:58 +04:00
|
|
|
int ret = CyaSSL_connect(ssl);
|
2011-02-05 22:14:47 +03:00
|
|
|
#else
|
2012-10-18 00:13:58 +04:00
|
|
|
int ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout);
|
2011-02-05 22:14:47 +03:00
|
|
|
#endif
|
2012-10-18 00:13:58 +04:00
|
|
|
int error = CyaSSL_get_error(ssl, 0);
|
|
|
|
SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl);
|
|
|
|
int select_ret;
|
|
|
|
|
|
|
|
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
|
|
|
|
error == SSL_ERROR_WANT_WRITE)) {
|
|
|
|
if (error == SSL_ERROR_WANT_READ)
|
|
|
|
printf("... client would read block\n");
|
|
|
|
else
|
|
|
|
printf("... client would write block\n");
|
|
|
|
|
|
|
|
if (CyaSSL_dtls(ssl))
|
|
|
|
select_ret = tcp_select(sockfd,
|
|
|
|
CyaSSL_dtls_get_current_timeout(ssl));
|
|
|
|
else
|
|
|
|
select_ret = tcp_select(sockfd, 1);
|
|
|
|
|
|
|
|
if ((select_ret == TEST_RECV_READY) ||
|
|
|
|
(select_ret == TEST_ERROR_READY)) {
|
|
|
|
#ifndef CYASSL_CALLBACKS
|
|
|
|
ret = CyaSSL_connect(ssl);
|
|
|
|
#else
|
|
|
|
ret = CyaSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout);
|
|
|
|
#endif
|
|
|
|
error = CyaSSL_get_error(ssl, 0);
|
|
|
|
}
|
|
|
|
else if (select_ret == TEST_TIMEOUT &&
|
|
|
|
(!CyaSSL_dtls(ssl) ||
|
|
|
|
(CyaSSL_dtls_got_timeout(ssl) >= 0))) {
|
|
|
|
error = SSL_ERROR_WANT_READ;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
error = SSL_FATAL_ERROR;
|
2011-02-05 22:14:47 +03:00
|
|
|
}
|
|
|
|
}
|
2012-10-18 00:13:58 +04:00
|
|
|
if (ret != SSL_SUCCESS)
|
|
|
|
err_sys("SSL_connect failed");
|
|
|
|
}
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
static void Usage(void)
|
|
|
|
{
|
2012-08-02 04:33:49 +04:00
|
|
|
printf("client " LIBCYASSL_VERSION_STRING
|
|
|
|
" NOTE: All files relative to CyaSSL home dir\n");
|
2012-08-01 23:55:13 +04:00
|
|
|
printf("-? Help, print this usage\n");
|
|
|
|
printf("-h <host> Host to connect to, default %s\n", yasslIP);
|
2013-03-27 09:00:39 +04:00
|
|
|
printf("-p <num> Port to connect on, not 0, default %d\n", yasslPort);
|
2012-08-01 23:55:13 +04:00
|
|
|
printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
|
|
|
|
CLIENT_DEFAULT_VERSION);
|
|
|
|
printf("-l <str> Cipher list\n");
|
|
|
|
printf("-c <file> Certificate file, default %s\n", cliCert);
|
|
|
|
printf("-k <file> Key file, default %s\n", cliKey);
|
|
|
|
printf("-A <file> Certificate Authority file, default %s\n", caCert);
|
|
|
|
printf("-b <num> Benchmark <num> connections and print stats\n");
|
|
|
|
printf("-s Use pre Shared keys\n");
|
2013-03-16 00:17:05 +04:00
|
|
|
printf("-t Track CyaSSL memory use\n");
|
2012-08-01 23:55:13 +04:00
|
|
|
printf("-d Disable peer checks\n");
|
|
|
|
printf("-g Send server HTTP GET\n");
|
2013-03-08 10:52:51 +04:00
|
|
|
printf("-u Use UDP DTLS,"
|
|
|
|
" add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
|
2012-08-10 21:15:37 +04:00
|
|
|
printf("-m Match domain name in cert\n");
|
2012-10-18 01:06:50 +04:00
|
|
|
printf("-N Use Non-blocking sockets\n");
|
2012-10-18 00:13:58 +04:00
|
|
|
printf("-r Resume session\n");
|
2012-08-01 23:55:13 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-03-28 22:28:38 +04:00
|
|
|
THREAD_RETURN CYASSL_THREAD client_test(void* args)
|
2011-02-05 22:14:47 +03:00
|
|
|
{
|
|
|
|
SOCKET_T sockfd = 0;
|
|
|
|
|
2011-11-03 21:56:15 +04:00
|
|
|
CYASSL_METHOD* method = 0;
|
|
|
|
CYASSL_CTX* ctx = 0;
|
|
|
|
CYASSL* ssl = 0;
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2011-11-03 21:56:15 +04:00
|
|
|
CYASSL* sslResume = 0;
|
|
|
|
CYASSL_SESSION* session = 0;
|
2011-02-05 22:14:47 +03:00
|
|
|
char resumeMsg[] = "resuming cyassl!";
|
|
|
|
int resumeSz = sizeof(resumeMsg);
|
|
|
|
|
2011-03-22 18:18:27 +03:00
|
|
|
char msg[64] = "hello cyassl!";
|
2011-02-05 22:14:47 +03:00
|
|
|
char reply[1024];
|
|
|
|
int input;
|
2012-10-19 23:44:23 +04:00
|
|
|
int msgSz = (int)strlen(msg);
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
int port = yasslPort;
|
|
|
|
char* host = (char*)yasslIP;
|
2012-09-21 02:39:15 +04:00
|
|
|
char* domain = (char*)"www.yassl.com";
|
2012-08-01 23:55:13 +04:00
|
|
|
|
|
|
|
int ch;
|
2013-03-08 10:52:51 +04:00
|
|
|
int version = CLIENT_INVALID_VERSION;
|
2012-08-01 23:55:13 +04:00
|
|
|
int usePsk = 0;
|
|
|
|
int sendGET = 0;
|
|
|
|
int benchmark = 0;
|
2012-08-02 22:54:49 +04:00
|
|
|
int doDTLS = 0;
|
2012-08-10 21:15:37 +04:00
|
|
|
int matchName = 0;
|
2012-08-01 23:55:13 +04:00
|
|
|
int doPeerCheck = 1;
|
2012-10-18 00:13:58 +04:00
|
|
|
int nonBlocking = 0;
|
|
|
|
int resumeSession = 0;
|
2013-03-16 00:17:05 +04:00
|
|
|
int trackMemory = 0;
|
2012-08-01 23:55:13 +04:00
|
|
|
char* cipherList = NULL;
|
|
|
|
char* verifyCert = (char*)caCert;
|
|
|
|
char* ourCert = (char*)cliCert;
|
|
|
|
char* ourKey = (char*)cliKey;
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
int argc = ((func_args*)args)->argc;
|
|
|
|
char** argv = ((func_args*)args)->argv;
|
|
|
|
|
|
|
|
((func_args*)args)->return_code = -1; /* error state */
|
|
|
|
|
2013-03-08 06:20:29 +04:00
|
|
|
#ifdef NO_RSA
|
|
|
|
verifyCert = (char*)eccCert;
|
|
|
|
ourCert = (char*)cliEccCert;
|
|
|
|
ourKey = (char*)cliEccKey;
|
|
|
|
#endif
|
2013-03-12 03:07:46 +04:00
|
|
|
(void)resumeSz;
|
|
|
|
(void)session;
|
|
|
|
(void)sslResume;
|
2013-03-16 00:22:35 +04:00
|
|
|
(void)trackMemory;
|
2013-03-08 06:20:29 +04:00
|
|
|
|
2013-03-16 00:17:05 +04:00
|
|
|
while ((ch = mygetopt(argc, argv, "?gdusmNrth:p:v:l:A:c:k:b:")) != -1) {
|
2012-08-01 23:55:13 +04:00
|
|
|
switch (ch) {
|
|
|
|
case '?' :
|
|
|
|
Usage();
|
|
|
|
exit(EXIT_SUCCESS);
|
|
|
|
|
|
|
|
case 'g' :
|
|
|
|
sendGET = 1;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 'd' :
|
|
|
|
doPeerCheck = 0;
|
|
|
|
break;
|
|
|
|
|
2012-08-02 22:54:49 +04:00
|
|
|
case 'u' :
|
|
|
|
doDTLS = 1;
|
|
|
|
break;
|
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
case 's' :
|
|
|
|
usePsk = 1;
|
|
|
|
break;
|
|
|
|
|
2013-03-16 00:17:05 +04:00
|
|
|
case 't' :
|
|
|
|
#ifdef USE_CYASSL_MEMORY
|
|
|
|
trackMemory = 1;
|
|
|
|
#endif
|
|
|
|
break;
|
|
|
|
|
2012-08-10 21:15:37 +04:00
|
|
|
case 'm' :
|
|
|
|
matchName = 1;
|
|
|
|
break;
|
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
case 'h' :
|
2012-08-02 04:33:49 +04:00
|
|
|
host = myoptarg;
|
|
|
|
domain = myoptarg;
|
2012-08-01 23:55:13 +04:00
|
|
|
break;
|
|
|
|
|
|
|
|
case 'p' :
|
2012-08-02 04:33:49 +04:00
|
|
|
port = atoi(myoptarg);
|
2013-03-27 09:00:39 +04:00
|
|
|
#if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
|
|
|
|
if (port == 0)
|
|
|
|
err_sys("port number cannot be 0");
|
|
|
|
#endif
|
2012-08-01 23:55:13 +04:00
|
|
|
break;
|
|
|
|
|
|
|
|
case 'v' :
|
2012-08-02 04:33:49 +04:00
|
|
|
version = atoi(myoptarg);
|
2012-08-01 23:55:13 +04:00
|
|
|
if (version < 0 || version > 3) {
|
|
|
|
Usage();
|
2012-08-02 04:33:49 +04:00
|
|
|
exit(MY_EX_USAGE);
|
2012-08-01 23:55:13 +04:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 'l' :
|
2012-08-02 04:33:49 +04:00
|
|
|
cipherList = myoptarg;
|
2012-08-01 23:55:13 +04:00
|
|
|
break;
|
|
|
|
|
|
|
|
case 'A' :
|
2012-08-02 04:33:49 +04:00
|
|
|
verifyCert = myoptarg;
|
2012-08-01 23:55:13 +04:00
|
|
|
break;
|
|
|
|
|
|
|
|
case 'c' :
|
2012-08-02 04:33:49 +04:00
|
|
|
ourCert = myoptarg;
|
2012-08-01 23:55:13 +04:00
|
|
|
break;
|
|
|
|
|
|
|
|
case 'k' :
|
2012-08-02 04:33:49 +04:00
|
|
|
ourKey = myoptarg;
|
2012-08-01 23:55:13 +04:00
|
|
|
break;
|
|
|
|
|
|
|
|
case 'b' :
|
2012-08-02 04:33:49 +04:00
|
|
|
benchmark = atoi(myoptarg);
|
2012-08-01 23:55:13 +04:00
|
|
|
if (benchmark < 0 || benchmark > 1000000) {
|
|
|
|
Usage();
|
2012-08-02 04:33:49 +04:00
|
|
|
exit(MY_EX_USAGE);
|
2012-08-01 23:55:13 +04:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
2012-10-18 00:13:58 +04:00
|
|
|
case 'N' :
|
|
|
|
nonBlocking = 1;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 'r' :
|
|
|
|
resumeSession = 1;
|
|
|
|
break;
|
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
default:
|
|
|
|
Usage();
|
2012-08-02 04:33:49 +04:00
|
|
|
exit(MY_EX_USAGE);
|
2012-08-01 23:55:13 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-08-02 04:33:49 +04:00
|
|
|
myoptind = 0; /* reset for test cases */
|
2012-08-01 23:55:13 +04:00
|
|
|
|
2013-03-08 10:52:51 +04:00
|
|
|
/* sort out DTLS versus TLS versions */
|
|
|
|
if (version == CLIENT_INVALID_VERSION) {
|
|
|
|
if (doDTLS)
|
|
|
|
version = CLIENT_DTLS_DEFAULT_VERSION;
|
|
|
|
else
|
|
|
|
version = CLIENT_DEFAULT_VERSION;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
if (doDTLS) {
|
|
|
|
if (version == 3)
|
|
|
|
version = -2;
|
|
|
|
else
|
|
|
|
version = -1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-03-16 00:17:05 +04:00
|
|
|
#ifdef USE_CYASSL_MEMORY
|
|
|
|
if (trackMemory)
|
|
|
|
InitMemoryTracker();
|
|
|
|
#endif
|
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
switch (version) {
|
2012-11-27 06:40:43 +04:00
|
|
|
#ifndef NO_OLD_TLS
|
2012-08-01 23:55:13 +04:00
|
|
|
case 0:
|
|
|
|
method = CyaSSLv3_client_method();
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 1:
|
|
|
|
method = CyaTLSv1_client_method();
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 2:
|
|
|
|
method = CyaTLSv1_1_client_method();
|
|
|
|
break;
|
2012-11-27 06:40:43 +04:00
|
|
|
#endif
|
2012-08-01 23:55:13 +04:00
|
|
|
|
|
|
|
case 3:
|
|
|
|
method = CyaTLSv1_2_client_method();
|
|
|
|
break;
|
|
|
|
|
2012-08-02 22:54:49 +04:00
|
|
|
#ifdef CYASSL_DTLS
|
|
|
|
case -1:
|
|
|
|
method = CyaDTLSv1_client_method();
|
|
|
|
break;
|
2013-03-08 10:52:51 +04:00
|
|
|
|
|
|
|
case -2:
|
|
|
|
method = CyaDTLSv1_2_client_method();
|
|
|
|
break;
|
2012-08-02 22:54:49 +04:00
|
|
|
#endif
|
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
default:
|
|
|
|
err_sys("Bad SSL version");
|
|
|
|
}
|
|
|
|
|
|
|
|
if (method == NULL)
|
|
|
|
err_sys("unable to get method");
|
|
|
|
|
|
|
|
ctx = CyaSSL_CTX_new(method);
|
|
|
|
if (ctx == NULL)
|
|
|
|
err_sys("unable to get ctx");
|
|
|
|
|
|
|
|
if (cipherList)
|
|
|
|
if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
|
2013-01-21 22:53:42 +04:00
|
|
|
err_sys("client can't set cipher list 1");
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-10-30 23:51:14 +04:00
|
|
|
#ifdef CYASSL_LEANPSK
|
|
|
|
usePsk = 1;
|
|
|
|
#endif
|
|
|
|
|
2013-03-12 00:19:43 +04:00
|
|
|
#if defined(NO_RSA) && !defined(HAVE_ECC)
|
|
|
|
usePsk = 1;
|
|
|
|
#endif
|
|
|
|
|
2012-10-30 23:51:14 +04:00
|
|
|
if (usePsk) {
|
2011-02-05 22:14:47 +03:00
|
|
|
#ifndef NO_PSK
|
2012-08-01 23:55:13 +04:00
|
|
|
CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
|
2012-10-30 23:51:14 +04:00
|
|
|
if (cipherList == NULL) {
|
|
|
|
const char *defaultCipherList;
|
|
|
|
#ifdef HAVE_NULL_CIPHER
|
2013-03-08 05:44:40 +04:00
|
|
|
defaultCipherList = "PSK-NULL-SHA256";
|
2012-10-30 23:51:14 +04:00
|
|
|
#else
|
2013-03-12 00:19:43 +04:00
|
|
|
defaultCipherList = "PSK-AES128-CBC-SHA256";
|
2012-10-30 23:51:14 +04:00
|
|
|
#endif
|
|
|
|
if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS)
|
2013-01-21 22:53:42 +04:00
|
|
|
err_sys("client can't set cipher list 2");
|
2012-10-30 23:51:14 +04:00
|
|
|
}
|
2011-02-05 22:14:47 +03:00
|
|
|
#endif
|
2012-10-30 23:51:14 +04:00
|
|
|
}
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
#ifdef OPENSSL_EXTRA
|
2011-11-03 21:56:15 +04:00
|
|
|
CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
|
2011-02-05 22:14:47 +03:00
|
|
|
#endif
|
|
|
|
|
2011-06-06 22:19:52 +04:00
|
|
|
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
|
2012-09-01 00:28:07 +04:00
|
|
|
if (cipherList == NULL) {
|
2012-10-30 23:51:14 +04:00
|
|
|
/* don't use EDH, can't sniff tmp keys */
|
2013-03-08 05:44:40 +04:00
|
|
|
if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) {
|
2013-01-21 22:53:42 +04:00
|
|
|
err_sys("client can't set cipher list 3");
|
2012-10-30 23:51:14 +04:00
|
|
|
}
|
2012-09-01 00:28:07 +04:00
|
|
|
}
|
2011-04-29 21:41:21 +04:00
|
|
|
#endif
|
|
|
|
|
2012-01-27 00:52:54 +04:00
|
|
|
#ifdef USER_CA_CB
|
|
|
|
CyaSSL_CTX_SetCACb(ctx, CaCb);
|
|
|
|
#endif
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
#ifdef VERIFY_CALLBACK
|
2011-11-03 21:56:15 +04:00
|
|
|
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
|
2011-02-05 22:14:47 +03:00
|
|
|
#endif
|
2013-03-12 03:07:46 +04:00
|
|
|
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
2012-10-30 02:39:42 +04:00
|
|
|
if (!usePsk){
|
|
|
|
if (CyaSSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
|
2012-08-01 23:55:13 +04:00
|
|
|
!= SSL_SUCCESS)
|
2012-10-30 02:39:42 +04:00
|
|
|
err_sys("can't load client cert file, check file and run from"
|
|
|
|
" CyaSSL home dir");
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-10-30 02:39:42 +04:00
|
|
|
if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
|
|
|
|
!= SSL_SUCCESS)
|
2013-03-12 03:07:46 +04:00
|
|
|
err_sys("can't load client private key file, check file and run "
|
|
|
|
"from CyaSSL home dir");
|
2012-08-01 23:55:13 +04:00
|
|
|
|
2012-10-30 02:39:42 +04:00
|
|
|
if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
|
|
|
|
err_sys("can't load ca file, Please run from CyaSSL home dir");
|
|
|
|
}
|
|
|
|
#endif
|
2013-03-15 04:13:11 +04:00
|
|
|
#if !defined(NO_CERTS)
|
2012-10-30 02:39:42 +04:00
|
|
|
if (!usePsk && doPeerCheck == 0)
|
2012-08-01 23:55:13 +04:00
|
|
|
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
|
2013-03-15 04:13:11 +04:00
|
|
|
#endif
|
2012-08-01 23:55:13 +04:00
|
|
|
|
2013-02-02 00:21:38 +04:00
|
|
|
#ifdef HAVE_CAVIUM
|
|
|
|
CyaSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID);
|
|
|
|
#endif
|
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
if (benchmark) {
|
2011-02-05 22:14:47 +03:00
|
|
|
/* time passed in number of connects give average */
|
2012-08-01 23:55:13 +04:00
|
|
|
int times = benchmark;
|
2011-02-05 22:14:47 +03:00
|
|
|
int i = 0;
|
|
|
|
|
|
|
|
double start = current_time(), avg;
|
|
|
|
|
|
|
|
for (i = 0; i < times; i++) {
|
2012-08-02 22:54:49 +04:00
|
|
|
tcp_connect(&sockfd, host, port, doDTLS);
|
2011-11-03 21:56:15 +04:00
|
|
|
ssl = CyaSSL_new(ctx);
|
|
|
|
CyaSSL_set_fd(ssl, sockfd);
|
|
|
|
if (CyaSSL_connect(ssl) != SSL_SUCCESS)
|
2011-02-05 22:14:47 +03:00
|
|
|
err_sys("SSL_connect failed");
|
|
|
|
|
2011-11-03 21:56:15 +04:00
|
|
|
CyaSSL_shutdown(ssl);
|
|
|
|
CyaSSL_free(ssl);
|
2011-02-05 22:14:47 +03:00
|
|
|
CloseSocket(sockfd);
|
|
|
|
}
|
|
|
|
avg = current_time() - start;
|
|
|
|
avg /= times;
|
2012-08-01 23:55:13 +04:00
|
|
|
avg *= 1000; /* milliseconds */
|
|
|
|
printf("CyaSSL_connect avg took: %8.3f milliseconds\n", avg);
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2011-11-03 21:56:15 +04:00
|
|
|
CyaSSL_CTX_free(ctx);
|
2011-02-05 22:14:47 +03:00
|
|
|
((func_args*)args)->return_code = 0;
|
2012-08-01 23:55:13 +04:00
|
|
|
|
|
|
|
exit(EXIT_SUCCESS);
|
2011-02-05 22:14:47 +03:00
|
|
|
}
|
|
|
|
|
2011-11-03 21:56:15 +04:00
|
|
|
ssl = CyaSSL_new(ctx);
|
2012-08-01 23:55:13 +04:00
|
|
|
if (ssl == NULL)
|
|
|
|
err_sys("unable to get SSL object");
|
2012-10-02 20:15:50 +04:00
|
|
|
if (doDTLS) {
|
|
|
|
SOCKADDR_IN_T addr;
|
|
|
|
build_addr(&addr, host, port);
|
|
|
|
CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
|
|
|
|
tcp_socket(&sockfd, 1);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
tcp_connect(&sockfd, host, port, 0);
|
|
|
|
}
|
2011-11-03 21:56:15 +04:00
|
|
|
CyaSSL_set_fd(ssl, sockfd);
|
2012-05-17 04:04:56 +04:00
|
|
|
#ifdef HAVE_CRL
|
2012-08-10 22:02:46 +04:00
|
|
|
if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS)
|
|
|
|
err_sys("can't enable crl check");
|
|
|
|
if (CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS)
|
|
|
|
err_sys("can't load crl, check crlfile and date validity");
|
|
|
|
if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS)
|
|
|
|
err_sys("can't set crl callback");
|
2012-05-17 04:04:56 +04:00
|
|
|
#endif
|
2012-08-10 21:15:37 +04:00
|
|
|
if (matchName && doPeerCheck)
|
2012-08-01 23:55:13 +04:00
|
|
|
CyaSSL_check_domain_name(ssl, domain);
|
2012-10-18 00:13:58 +04:00
|
|
|
#ifndef CYASSL_CALLBACKS
|
|
|
|
if (nonBlocking) {
|
|
|
|
CyaSSL_set_using_nonblock(ssl, 1);
|
|
|
|
tcp_set_nonblocking(&sockfd);
|
|
|
|
NonBlockingSSL_Connect(ssl);
|
|
|
|
}
|
|
|
|
else if (CyaSSL_connect(ssl) != SSL_SUCCESS) {
|
|
|
|
/* see note at top of README */
|
|
|
|
int err = CyaSSL_get_error(ssl, 0);
|
|
|
|
char buffer[80];
|
|
|
|
printf("err = %d, %s\n", err,
|
|
|
|
CyaSSL_ERR_error_string(err, buffer));
|
|
|
|
err_sys("SSL_connect failed");
|
|
|
|
/* if you're getting an error here */
|
|
|
|
}
|
2011-02-05 22:14:47 +03:00
|
|
|
#else
|
2012-10-18 00:13:58 +04:00
|
|
|
timeout.tv_sec = 2;
|
|
|
|
timeout.tv_usec = 0;
|
|
|
|
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
|
2011-02-05 22:14:47 +03:00
|
|
|
#endif
|
|
|
|
showPeer(ssl);
|
2012-08-21 04:02:25 +04:00
|
|
|
|
2012-08-01 23:55:13 +04:00
|
|
|
if (sendGET) {
|
2011-02-05 22:14:47 +03:00
|
|
|
printf("SSL connect ok, sending GET...\n");
|
2011-03-22 18:18:27 +03:00
|
|
|
msgSz = 28;
|
|
|
|
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
|
2013-02-15 02:09:41 +04:00
|
|
|
msg[msgSz] = '\0';
|
2011-02-05 22:14:47 +03:00
|
|
|
}
|
2011-11-03 21:56:15 +04:00
|
|
|
if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
|
2011-02-05 22:14:47 +03:00
|
|
|
err_sys("SSL_write failed");
|
|
|
|
|
2013-02-08 23:21:48 +04:00
|
|
|
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
|
2011-02-05 22:14:47 +03:00
|
|
|
if (input > 0) {
|
|
|
|
reply[input] = 0;
|
|
|
|
printf("Server response: %s\n", reply);
|
2011-03-22 18:18:27 +03:00
|
|
|
|
2012-08-02 23:15:42 +04:00
|
|
|
if (sendGET) { /* get html */
|
2011-03-22 18:18:27 +03:00
|
|
|
while (1) {
|
2013-02-08 23:21:48 +04:00
|
|
|
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
|
2011-03-22 18:18:27 +03:00
|
|
|
if (input > 0) {
|
|
|
|
reply[input] = 0;
|
|
|
|
printf("%s\n", reply);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2011-02-05 22:14:47 +03:00
|
|
|
}
|
2012-12-29 05:54:19 +04:00
|
|
|
else if (input < 0) {
|
|
|
|
int readErr = CyaSSL_get_error(ssl, 0);
|
|
|
|
if (readErr != SSL_ERROR_WANT_READ)
|
|
|
|
err_sys("CyaSSL_read failed");
|
|
|
|
}
|
2012-10-18 00:13:58 +04:00
|
|
|
|
2013-03-12 03:07:46 +04:00
|
|
|
#ifndef NO_SESSION_CACHE
|
2012-10-18 00:13:58 +04:00
|
|
|
if (resumeSession) {
|
|
|
|
if (doDTLS) {
|
|
|
|
strncpy(msg, "break", 6);
|
|
|
|
msgSz = (int)strlen(msg);
|
|
|
|
/* try to send session close */
|
|
|
|
CyaSSL_write(ssl, msg, msgSz);
|
|
|
|
}
|
|
|
|
session = CyaSSL_get_session(ssl);
|
|
|
|
sslResume = CyaSSL_new(ctx);
|
2012-08-02 22:54:49 +04:00
|
|
|
}
|
2013-03-12 03:07:46 +04:00
|
|
|
#endif
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-08-17 23:43:36 +04:00
|
|
|
if (doDTLS == 0) /* don't send alert after "break" command */
|
|
|
|
CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */
|
2011-11-03 21:56:15 +04:00
|
|
|
CyaSSL_free(ssl);
|
2011-02-05 22:14:47 +03:00
|
|
|
CloseSocket(sockfd);
|
|
|
|
|
2013-03-12 03:07:46 +04:00
|
|
|
#ifndef NO_SESSION_CACHE
|
2012-10-18 00:13:58 +04:00
|
|
|
if (resumeSession) {
|
|
|
|
if (doDTLS) {
|
|
|
|
SOCKADDR_IN_T addr;
|
|
|
|
#ifdef USE_WINDOWS_API
|
|
|
|
Sleep(500);
|
|
|
|
#else
|
|
|
|
sleep(1);
|
|
|
|
#endif
|
|
|
|
build_addr(&addr, host, port);
|
|
|
|
CyaSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
|
|
|
|
tcp_socket(&sockfd, 1);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
tcp_connect(&sockfd, host, port, 0);
|
|
|
|
}
|
|
|
|
CyaSSL_set_fd(sslResume, sockfd);
|
|
|
|
CyaSSL_set_session(sslResume, session);
|
|
|
|
|
|
|
|
showPeer(sslResume);
|
|
|
|
#ifndef CYASSL_CALLBACKS
|
|
|
|
if (nonBlocking) {
|
|
|
|
CyaSSL_set_using_nonblock(sslResume, 1);
|
|
|
|
tcp_set_nonblocking(&sockfd);
|
|
|
|
NonBlockingSSL_Connect(sslResume);
|
|
|
|
}
|
|
|
|
else if (CyaSSL_connect(sslResume) != SSL_SUCCESS)
|
2012-08-21 04:02:25 +04:00
|
|
|
err_sys("SSL resume failed");
|
2012-10-18 00:13:58 +04:00
|
|
|
#else
|
2012-08-21 04:02:25 +04:00
|
|
|
timeout.tv_sec = 2;
|
|
|
|
timeout.tv_usec = 0;
|
|
|
|
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
|
|
|
|
#endif
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-10-18 00:13:58 +04:00
|
|
|
if (CyaSSL_session_reused(sslResume))
|
|
|
|
printf("reused session id\n");
|
|
|
|
else
|
|
|
|
printf("didn't reuse session id!!!\n");
|
2013-03-08 05:44:40 +04:00
|
|
|
|
2012-10-18 00:13:58 +04:00
|
|
|
if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz)
|
|
|
|
err_sys("SSL_write failed");
|
|
|
|
|
|
|
|
if (nonBlocking) {
|
2012-10-24 03:32:47 +04:00
|
|
|
/* give server a chance to bounce a message back to client */
|
2012-10-18 00:13:58 +04:00
|
|
|
#ifdef USE_WINDOWS_API
|
|
|
|
Sleep(500);
|
|
|
|
#else
|
|
|
|
sleep(1);
|
|
|
|
#endif
|
|
|
|
}
|
2012-08-21 04:02:25 +04:00
|
|
|
|
2013-02-08 23:21:48 +04:00
|
|
|
input = CyaSSL_read(sslResume, reply, sizeof(reply)-1);
|
2012-10-18 00:13:58 +04:00
|
|
|
if (input > 0) {
|
|
|
|
reply[input] = 0;
|
|
|
|
printf("Server resume response: %s\n", reply);
|
|
|
|
}
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-10-18 00:13:58 +04:00
|
|
|
/* try to send session break */
|
|
|
|
CyaSSL_write(sslResume, msg, msgSz);
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2012-10-18 00:13:58 +04:00
|
|
|
CyaSSL_shutdown(sslResume);
|
|
|
|
CyaSSL_free(sslResume);
|
2013-02-15 02:09:41 +04:00
|
|
|
CloseSocket(sockfd);
|
2012-10-18 00:13:58 +04:00
|
|
|
}
|
2013-03-12 03:07:46 +04:00
|
|
|
#endif /* NO_SESSION_CACHE */
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2011-11-03 21:56:15 +04:00
|
|
|
CyaSSL_CTX_free(ctx);
|
2011-02-05 22:14:47 +03:00
|
|
|
|
|
|
|
((func_args*)args)->return_code = 0;
|
2013-03-16 00:17:05 +04:00
|
|
|
|
|
|
|
#ifdef USE_CYASSL_MEMORY
|
|
|
|
if (trackMemory)
|
|
|
|
ShowMemoryTracker();
|
|
|
|
#endif /* USE_CYASSL_MEMORY */
|
2013-03-28 22:28:38 +04:00
|
|
|
|
|
|
|
return 0;
|
2011-02-05 22:14:47 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* so overall tests can pull in test function */
|
|
|
|
#ifndef NO_MAIN_DRIVER
|
|
|
|
|
|
|
|
int main(int argc, char** argv)
|
|
|
|
{
|
|
|
|
func_args args;
|
|
|
|
|
2013-02-02 00:21:38 +04:00
|
|
|
#ifdef HAVE_CAVIUM
|
|
|
|
int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
|
|
|
|
if (ret != 0)
|
|
|
|
err_sys("Cavium OpenNitroxDevice failed");
|
|
|
|
#endif /* HAVE_CAVIUM */
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
StartTCP();
|
|
|
|
|
|
|
|
args.argc = argc;
|
|
|
|
args.argv = argv;
|
|
|
|
|
2011-06-09 00:19:39 +04:00
|
|
|
CyaSSL_Init();
|
2011-02-05 22:14:47 +03:00
|
|
|
#ifdef DEBUG_CYASSL
|
|
|
|
CyaSSL_Debugging_ON();
|
|
|
|
#endif
|
2011-09-26 03:35:54 +04:00
|
|
|
if (CurrentDir("client") || CurrentDir("build"))
|
2011-09-24 03:13:02 +04:00
|
|
|
ChangeDirBack(2);
|
2013-03-28 22:28:38 +04:00
|
|
|
|
|
|
|
#ifdef HAVE_STACK_SIZE
|
|
|
|
StackSizeCheck(&args, client_test);
|
|
|
|
#else
|
2011-02-05 22:14:47 +03:00
|
|
|
client_test(&args);
|
2013-03-28 22:28:38 +04:00
|
|
|
#endif
|
2011-06-09 00:19:39 +04:00
|
|
|
CyaSSL_Cleanup();
|
2011-02-05 22:14:47 +03:00
|
|
|
|
2013-02-02 00:21:38 +04:00
|
|
|
#ifdef HAVE_CAVIUM
|
|
|
|
CspShutdown(CAVIUM_DEV_ID);
|
|
|
|
#endif
|
2011-02-05 22:14:47 +03:00
|
|
|
return args.return_code;
|
|
|
|
}
|
|
|
|
|
2012-08-02 04:33:49 +04:00
|
|
|
int myoptind = 0;
|
|
|
|
char* myoptarg = NULL;
|
|
|
|
|
2011-02-05 22:14:47 +03:00
|
|
|
#endif /* NO_MAIN_DRIVER */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef CYASSL_CALLBACKS
|
|
|
|
|
|
|
|
int handShakeCB(HandShakeInfo* info)
|
|
|
|
{
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int timeoutCB(TimeoutInfo* info)
|
|
|
|
{
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|