diff --git a/src/ssl.c b/src/ssl.c index 2ca056176..ec2a75f77 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -6631,10 +6631,12 @@ int DupSession(WOLFSSL* ssl, WOLFSSL* ossl) sizeof(ossl->session.masterSecret)); #ifdef SESSION_CERTS - XMEMCPY(ssl->session.chain, ossl->session.chain, - sizeof(WOLFSSL_X509_CHAIN)); - XMEMCPY(ssl->session.version, ossl->session.version, - sizeof(ProtocolVersion)); + ssl->session.chain.count = ossl->session.chain.count; + XMEMCPY(ssl->session.chain.certs, ossl->session.chain.certs, + sizeof(x509_buffer)); + + ssl->session.version.major = ossl->session.version.major; + ssl->session.version.minor = ossl->session.version.minor; ssl->session.cipherSuite0 = ossl->session.cipherSuite0; ssl->session.cipherSuite = ossl->session.cipherSuite; @@ -6651,13 +6653,16 @@ int DupSession(WOLFSSL* ssl, WOLFSSL* ossl) sizeof(ossl->session.ticket)); #endif #ifdef HAVE_STUNNEL - void *data; + { + void *data; + int idx; - for (idx = 0; ; idx++) { - data = wolfSSL_SESSION_get_ex_data(ossl->session, idx); - if (data == NULL) - break; - wolfSSL_SESSION_set_ex_data(ssl->session, idx, data); + for (idx = 0; ; idx++) { + data = wolfSSL_SESSION_get_ex_data(&ossl->session, idx); + if (data == NULL) + break; + wolfSSL_SESSION_set_ex_data(&ssl->session, idx, data); + } } #endif diff --git a/tests/api.c b/tests/api.c index 74a1775a0..3b2088142 100644 --- a/tests/api.c +++ b/tests/api.c @@ -673,7 +673,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_bio(void* args) } input[idx] = 0; - printf("Client message: %s\n", input); + printf("BioSrv, Client message: %s\n", input); if (wc_BioWrite(bio, msg, sizeof(msg)) != sizeof(msg)) { printf("wc_BioWrite failed\n"); @@ -708,9 +708,13 @@ done: static void test_client_bio(void* args) { WOLFCRYPT_BIO* bio = 0; - char msg[64] = "Client BIO, hello wolfssl!"; - char reply[1024], ip[] = {127, 0, 0, 1}; + char reply[1024]; +#ifdef TEST_IPV6 + SOCKET_T sockfd = 0; +#else + char ip[] = {127, 0, 0, 1}; +#endif int input, port; int msgSz = (int)strlen(msg); @@ -720,7 +724,11 @@ static void test_client_bio(void* args) ((func_args*)args)->return_code = TEST_FAIL; +#ifdef TEST_IPV6 + bio = wc_BioNew(wc_Bio_s_socket()); +#else bio = wc_BioNew(wc_Bio_s_connect()); +#endif if (bio == NULL) { printf("wc_BioNew failed\n"); goto done2; @@ -728,15 +736,20 @@ static void test_client_bio(void* args) port = ((func_args*)args)->signal->port; +#ifdef TEST_IPV6 + tcp_connect(&sockfd, wolfSSLIP, port, 0, NULL); + wc_BioSetFd(bio, sockfd, BIO_NOCLOSE); +#else wc_BioSetConnIp(bio, ip); wc_BioSetConnIntPort(bio, &port); /* start connection */ input = (int)wc_BioDoConnect(bio); if (input <= 0) { - printf("wc_BioDoConnect failed %d\n", input); + printf("wc_BioDoConnect failed : %d\n", input); goto done2; } +#endif if (wc_BioWrite(bio, msg, msgSz) != msgSz) { printf("wc_BioWrite failed"); @@ -750,7 +763,7 @@ static void test_client_bio(void* args) } reply[input] = 0; - printf("Server response: %s\n", reply); + printf("BioCli, Server response: %s\n", reply); done2: if (bio != 0) @@ -857,7 +870,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_bio_ssl(void* args) } input[idx] = 0; - printf("Client message: %s\n", input); + printf("BioSrvSSL, Client message: %s\n", input); if (wc_BioWrite(ssl_bio, msg, sizeof(msg)) != sizeof(msg)) { printf("wc_BioWrite failed\n"); @@ -971,7 +984,7 @@ static void test_client_bio_ssl(void* args) } reply[input] = 0; - printf("Server response: %s\n", reply); + printf("BioCliSSL, Server response: %s\n", reply); done2: if (ssl_bio != 0) diff --git a/wolfcrypt/src/bio.c b/wolfcrypt/src/bio.c index f168674a8..b12069999 100644 --- a/wolfcrypt/src/bio.c +++ b/wolfcrypt/src/bio.c @@ -28,7 +28,9 @@ #ifdef OPENSSL_EXTRA #include +#ifndef NO_STDIO_FILESYSTEM #include +#endif #include #include @@ -761,6 +763,8 @@ unsigned long wc_BioNumberWritten(WOLFCRYPT_BIO *bio) } +#ifndef NO_STDIO_FILESYSTEM + #ifndef USE_WINDOWS_API __attribute__((format(printf, 2, 3))) #endif @@ -805,6 +809,7 @@ int wc_BioPrintf(WOLFCRYPT_BIO *bio, const char *format, ...) XFREE(buffer, 0, DYNAMIC_TYPE_OPENSSL); return ret; } +#endif /* NO_STDIO_FILESYSTEM */ void wc_BioCopyNextRetry(WOLFCRYPT_BIO *bio) { @@ -1468,7 +1473,7 @@ static int wc_BioB64_puts(WOLFCRYPT_BIO *bio, const char *str) return 0; } - return wc_BioB64_write(bio, str, (int)strlen(str)); + return wc_BioB64_write(bio, str, (int)XSTRLEN(str)); } /* end BIO Filter base64 */ @@ -2007,7 +2012,7 @@ static int wc_BioBuffer_puts(WOLFCRYPT_BIO *bio, const char *str) return 0; } - return wc_BioBuffer_write(bio, str, (int)strlen(str)); + return wc_BioBuffer_write(bio, str, (int)XSTRLEN(str)); } /* end BIO Filter buffer */ @@ -2750,7 +2755,7 @@ int wc_BioGetHostIp(const char *str, unsigned char *ip) int wc_BioGetPort(const char *str, unsigned short *port_ptr) { int i; - struct servent *s; + struct servent *s = NULL; if (str == NULL) { WOLFSSL_ERROR(BIO_NO_PORT_E); @@ -2823,7 +2828,7 @@ int wc_BioSockInit(void) int err; wsa_init_done = 1; - memset(&wsa_state, 0, sizeof(wsa_state)); + XMEMSET(&wsa_state, 0, sizeof(wsa_state)); /* * Not making wsa_state available to the rest of the code is formally * wrong. But the structures we use are [beleived to be] invariable @@ -2857,9 +2862,7 @@ int wc_BioGetAcceptSocket(char *host, int bind_mode) union { struct sockaddr sa; struct sockaddr_in sa_in; -#ifdef TEST_IPV6 struct sockaddr_in6 sa_in6; -#endif } server, client; int s = WOLFSSL_SOCKET_INVALID, cs, addrlen; unsigned char ip[4]; @@ -2895,7 +2898,7 @@ int wc_BioGetAcceptSocket(char *host, int bind_mode) if (!wc_BioGetPort(p, &port)) goto err; - memset((char *)&server, 0, sizeof(server)); + XMEMSET((char *)&server, 0, sizeof(server)); server.sa_in.sin_family = AF_INET; server.sa_in.sin_port = htons(port); addrlen = sizeof(server.sa_in); @@ -2941,20 +2944,16 @@ again: #endif /* USE_WINDOWS_API */ { client = server; - if (h == NULL || strcmp(h, "*") == 0) { -#ifdef TEST_IPV6 + if (h == NULL || !strcmp(h, "*")) { if (client.sa.sa_family == AF_INET6) { XMEMSET(&client.sa_in6.sin6_addr, 0, sizeof(client.sa_in6.sin6_addr)); client.sa_in6.sin6_addr.s6_addr[15] = 1; } + else if (client.sa.sa_family == AF_INET) + client.sa_in.sin_addr.s_addr = htonl(0x7F000001); else -#endif - if (client.sa.sa_family == AF_INET) { - client.sa_in.sin_addr.s_addr = htonl(0x7F000001); - } - else - goto err; + goto err; } cs = socket(client.sa.sa_family, SOCK_STREAM, IPPROTO_TCP); @@ -3020,15 +3019,13 @@ int wc_BioAccept(int sock, char **addr) union { struct sockaddr sa; struct sockaddr_in sa_in; -#ifdef TEST_IPV6 struct sockaddr_in sa_in6; -#endif } from; } sa; sa.len.s = 0; sa.len.i = sizeof(sa.from); - memset(&sa.from, 0, sizeof(sa.from)); + XMEMSET(&sa.from, 0, sizeof(sa.from)); dsock = accept(sock, &sa.from.sa, (void *)&sa.len); if (sizeof(sa.len.i) != sizeof(sa.len.s) && !sa.len.i) { @@ -3593,7 +3590,7 @@ static int wc_BioAccept_puts(WOLFCRYPT_BIO *bio, const char *str) return 0; } - return wc_BioAccept_write(bio, str, (int)strlen(str)); + return wc_BioAccept_write(bio, str, (int)XSTRLEN(str)); } WOLFCRYPT_BIO *wc_BioNewAccept(const char *str) @@ -3704,14 +3701,14 @@ static int wc_BioConn_state(WOLFCRYPT_BIO *bio, WOLFCRYPT_BIO_CONNECT *conn) if (conn->pPort != NULL) XFREE(conn->pPort, 0, DYNAMIC_TYPE_OPENSSL); - conn->pPort = XMALLOC(strlen(p)+1, + conn->pPort = XMALLOC(XSTRLEN(p)+1, 0, DYNAMIC_TYPE_OPENSSL); if (conn->pPort == NULL) { WOLFSSL_ERROR(MEMORY_E); goto exit_loop; break; } - XSTRNCPY(conn->pPort, p, strlen(p)+1); + XSTRNCPY(conn->pPort, p, XSTRLEN(p)+1); } } @@ -4056,27 +4053,27 @@ static long wc_BioConn_ctrl(WOLFCRYPT_BIO *bio, int cmd, long num, void *ptr) if (num == 0) { if (conn->pHostname != NULL) XFREE(conn->pHostname, 0, DYNAMIC_TYPE_OPENSSL); - conn->pHostname = XMALLOC(strlen((char *)ptr)+1, + conn->pHostname = XMALLOC(XSTRLEN((char *)ptr)+1, 0, DYNAMIC_TYPE_OPENSSL); if (conn->pHostname == NULL) { WOLFSSL_ERROR(MEMORY_E); ret = -1; break; } - XSTRNCPY(conn->pHostname, (char *)ptr, strlen((char *)ptr)+1); + XSTRNCPY(conn->pHostname, (char *)ptr, XSTRLEN((char *)ptr)+1); } else if (num == 1) { if (conn->pPort != NULL) XFREE(conn->pPort, 0, DYNAMIC_TYPE_OPENSSL); - conn->pPort = XMALLOC(strlen((char *)ptr)+1, + conn->pPort = XMALLOC(XSTRLEN((char *)ptr)+1, 0, DYNAMIC_TYPE_OPENSSL); if (conn->pPort == NULL) { WOLFSSL_ERROR(MEMORY_E); ret = -1; break; } - XSTRNCPY(conn->pPort, (char *)ptr, strlen((char *)ptr)+1); + XSTRNCPY(conn->pPort, (char *)ptr, XSTRLEN((char *)ptr)+1); } else if (num == 2) { char buf[16]; @@ -4088,14 +4085,14 @@ static long wc_BioConn_ctrl(WOLFCRYPT_BIO *bio, int cmd, long num, void *ptr) if (conn->pHostname != NULL) XFREE(conn->pHostname, 0, DYNAMIC_TYPE_OPENSSL); - conn->pHostname = XMALLOC(strlen(buf)+1, + conn->pHostname = XMALLOC(XSTRLEN(buf)+1, 0, DYNAMIC_TYPE_OPENSSL); if (conn->pHostname == NULL) { WOLFSSL_ERROR(MEMORY_E); ret = -1; break; } - XSTRNCPY(conn->pHostname, buf, strlen(buf)+1); + XSTRNCPY(conn->pHostname, buf, XSTRLEN(buf)+1); XMEMCPY(conn->ip, ptr, 4); } else if (num == 3) { @@ -4105,14 +4102,14 @@ static long wc_BioConn_ctrl(WOLFCRYPT_BIO *bio, int cmd, long num, void *ptr) if (conn->pPort != NULL) XFREE(conn->pPort, 0, DYNAMIC_TYPE_OPENSSL); - conn->pPort = XMALLOC(strlen(buf)+1, + conn->pPort = XMALLOC(XSTRLEN(buf)+1, 0, DYNAMIC_TYPE_OPENSSL); if (conn->pPort == NULL) { WOLFSSL_ERROR(MEMORY_E); ret = -1; break; } - XSTRNCPY(conn->pPort, buf, strlen(buf)+1); + XSTRNCPY(conn->pPort, buf, XSTRLEN(buf)+1); conn->port = *(int *)ptr; } break; @@ -4223,7 +4220,7 @@ static int wc_BioConn_puts(WOLFCRYPT_BIO *bio, const char *str) return -1; } - return wc_BioConn_write(bio, str, (int)strlen(str)); + return wc_BioConn_write(bio, str, (int)XSTRLEN(str)); } WOLFCRYPT_BIO *wc_BioNewConnect(const char *str) @@ -4257,7 +4254,7 @@ WOLFCRYPT_BIO *wc_BioNewConnect(const char *str) #define IP_MTU 14 #endif -#if defined(TEST_IPV6) && !defined(IPPROTO_IPV6) +#if !defined(IPPROTO_IPV6) #define IPPROTO_IPV6 41 #endif @@ -4290,9 +4287,7 @@ typedef struct { union { struct sockaddr sa; struct sockaddr_in sa_in; -#ifdef TEST_IPV6 struct sockaddr_in6 sa_in6; -# endif } peer; unsigned int connected; unsigned int _errno; @@ -4532,9 +4527,7 @@ static int wc_BioDgram_read(WOLFCRYPT_BIO *bio, char *data, int size) union { struct sockaddr sa; struct sockaddr_in sa_in; -#ifdef TEST_IPV6 struct sockaddr_in6 sa_in6; -#endif } peer; } sa; @@ -4609,18 +4602,18 @@ static int wc_BioDgram_write(WOLFCRYPT_BIO *bio, #ifdef USE_WINDOWS_API ret = (int)send(bio->num, data, size, 0); #else - ret = (int)write(bio->num, data, size); + ret = (int)write(bio->num, data, size); #endif else { int peerlen = sizeof(dgram->peer); if (dgram->peer.sa.sa_family == AF_INET) peerlen = sizeof(dgram->peer.sa_in); -#ifdef TEST_IPV6 else if (dgram->peer.sa.sa_family == AF_INET6) peerlen = sizeof(dgram->peer.sa_in6); -#endif - ret = (int)sendto(bio->num, data, size, 0, &dgram->peer.sa, peerlen); + + ret = (int)sendto(bio->num, data, size, + 0, &dgram->peer.sa, peerlen); } wc_BioClearRetryFlags(bio); @@ -4650,11 +4643,9 @@ static long wc_BioDgram_get_mtu_overhead(WOLFCRYPT_BIO_DATAGRAM *dgram) case AF_INET: ret = 28; break; -#ifdef TEST_IPV6 case AF_INET6: ret = 48; break; -#endif default: ret = 28; break; @@ -4724,11 +4715,11 @@ static long wc_BioDgram_ctrl(WOLFCRYPT_BIO *bio, int cmd, long num, void *ptr) case AF_INET: XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa_in)); break; -#ifdef TEST_IPV6 + case AF_INET6: XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa_in6)); break; -#endif + default: XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa)); break; @@ -4749,11 +4740,11 @@ static long wc_BioDgram_ctrl(WOLFCRYPT_BIO *bio, int cmd, long num, void *ptr) case AF_INET: ret += 576; break; -#ifdef TEST_IPV6 + case AF_INET6: ret += 1280; break; -#endif + default: ret += 576; break; @@ -4775,13 +4766,15 @@ static long wc_BioDgram_ctrl(WOLFCRYPT_BIO *bio, int cmd, long num, void *ptr) dgram->connected = 1; switch (to->sa_family) { case AF_INET: - XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa_in)); + XMEMCPY(&dgram->peer, to, + sizeof(dgram->peer.sa_in)); break; -#ifdef TEST_IPV6 + case AF_INET6: - XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa_in6)); + XMEMCPY(&dgram->peer, to, + sizeof(dgram->peer.sa_in6)); break; -#endif + default: XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa)); break; @@ -4798,11 +4791,11 @@ static long wc_BioDgram_ctrl(WOLFCRYPT_BIO *bio, int cmd, long num, void *ptr) case AF_INET: ret = sizeof(dgram->peer.sa_in); break; -#ifdef TEST_IPV6 + case AF_INET6: ret = sizeof(dgram->peer.sa_in6); break; -#endif + default: ret = sizeof(dgram->peer.sa); break; @@ -4819,11 +4812,11 @@ static long wc_BioDgram_ctrl(WOLFCRYPT_BIO *bio, int cmd, long num, void *ptr) case AF_INET: XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa_in)); break; -#ifdef TEST_IPV6 + case AF_INET6: XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa_in6)); break; -#endif + default: XMEMCPY(&dgram->peer, to, sizeof(dgram->peer.sa)); break; @@ -4980,7 +4973,7 @@ static int wc_BioDgram_puts(WOLFCRYPT_BIO *bio, const char *str) return -1; } - return wc_BioDgram_write(bio, str, (int)strlen(str)); + return wc_BioDgram_write(bio, str, (int)XSTRLEN(str)); } /* end BIO Method datagramm */ @@ -5387,7 +5380,7 @@ static int wc_BioFile_gets(WOLFCRYPT_BIO *bio, char *buf, int size) return -1; } - return (int)strlen(buf); + return (int)XSTRLEN(buf); } static int wc_BioFile_puts(WOLFCRYPT_BIO *bio, const char *str) @@ -5397,7 +5390,7 @@ static int wc_BioFile_puts(WOLFCRYPT_BIO *bio, const char *str) return -1; } - return wc_BioFile_write(bio, str, (int)strlen(str)); + return wc_BioFile_write(bio, str, (int)XSTRLEN(str)); } #endif /* NO_FILESYSTEM */ @@ -5531,7 +5524,7 @@ WOLFCRYPT_BIO *wc_BioNewMemBuf(void *data, int len) return NULL; } - size = (len < 0) ? strlen((char *)data) : (size_t)len; + size = (len < 0) ? XSTRLEN((char *)data) : (size_t)len; bio = wc_BioNew(wc_Bio_s_mem()); if (bio == NULL) @@ -5781,7 +5774,7 @@ static int wc_BioMem_puts(WOLFCRYPT_BIO *bio, const char *str) return -1; } - return wc_BioMem_write(bio, str, (int)strlen(str)); + return wc_BioMem_write(bio, str, (int)XSTRLEN(str)); } /* end BIO Method memory */ @@ -5894,7 +5887,7 @@ static int wc_BioNull_puts(WOLFCRYPT_BIO *bio, const char *str) if (str == NULL) return 0; - return (int)strlen(str); + return (int)XSTRLEN(str); } /* end BIO Method null */ @@ -6087,7 +6080,7 @@ static int wc_BioSock_puts(WOLFCRYPT_BIO *bio, const char *str) return -1; } - return wc_BioSock_write(bio, str, (int)strlen(str)); + return wc_BioSock_write(bio, str, (int)XSTRLEN(str)); } int wc_BioSockNonFatalError(int err) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 8bcada06a..f19a756d6 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -95,7 +95,6 @@ #include #include #include - #include #endif @@ -223,12 +222,6 @@ int bio_b64_test(void); int bio_md_test(void); int bio_test(void); int bio_connect_test(void); -int bio_connect_ssl_test(void); -/* Required human interactions, must be move to API */ -#if 0 - int bio_accept_ssl_test(void); - int bio_accept_test(void); -#endif #endif /* OPENSSL_EXTRA */ /* General big buffer size for many tests. */ @@ -617,24 +610,6 @@ int wolfcrypt_test(void* args) else printf( "BIO Connect test passed!\n"); - if ( (ret = bio_connect_ssl_test()) != 0) - return err_sys("BIO Connect SSL test failed !\n", ret); - else - printf( "BIO Connect SSL test passed!\n"); - - /* Required human interactions, must be move to API */ -#if 0 - if ( (ret = bio_accept_test()) != 0) - return err_sys("BIO Accept test failed !\n", ret); - else - printf( "BIO Accept test passed!\n"); - - if ( (ret = bio_accept_ssl_test()) != 0) - return err_sys("BIO Accept SSL test failed !\n", ret); - else - printf( "BIO Accept SSL test passed!\n"); -#endif - if ( (ret = evp_test()) != 0) return err_sys("EVP test failed !\n", ret); else @@ -6606,371 +6581,6 @@ int bio_connect_test(void) return 0; } -/* Required human interactions, must be move to API */ -#if 0 -int bio_accept_test(void) -{ - - WOLFCRYPT_BIO *abio, *cbio, *cbio2; - char buf[256]; - int r; - - abio = wc_BioNewAccept("4444"); - - /* force SO_REUSEADDR */ - wc_BioSetBindMode(abio, 2); - - /* force NO_SIGPIPE and TCP_NODELAY */ - wc_BioSetSocketOptions(abio, 3); - - /* First call to wc_BioAccept() sets up accept BIO */ - if (wc_BioDoAccept(abio) <= 0) { - fprintf(stderr, "Error setting up accept\n"); - return -4000; - } - printf("wc_BioDoAccept 1\n"); - - /* Wait for incoming connection */ - if (wc_BioDoAccept(abio) <= 0) { - fprintf(stderr, "Error accepting connection\n"); - return -4001; - } - fprintf(stderr, "Connection 1 established\n"); - - /* Retrieve BIO for connection */ - cbio = wc_BioPop(abio); - wc_BioPuts(cbio, "Wait for second client\n"); - - /* Wait for another connection */ - if (wc_BioDoAccept(abio) <= 0) { - fprintf(stderr, "Error accepting connection\n"); - return -4002; - } - fprintf(stderr, "Connection 2 established\n"); - - /* Close accept BIO to refuse further connections */ - cbio2 = wc_BioPop(abio); - wc_BioFree(abio); - - wc_BioPuts(cbio, "Second client arrived, you can send msg\n"); - wc_BioPuts(cbio2, "Wait for message of First client\n"); - - /* Read msg CBIO -> CBIO2, CBIO2 and CBIO2 -> CBIO */ - do { - XMEMSET(buf, 0, sizeof(buf)); - r = wc_BioRead(cbio, buf, sizeof(buf)); - if (r < 0) - break; - if (r >= 3 && !XSTRNCMP("end", buf, 3)) { - wc_BioPuts(cbio, "Peer close discussion\n"); - break; - } - wc_BioPuts(cbio2, buf); - - XMEMSET(buf, 0, sizeof(buf)); - r = wc_BioRead(cbio2, buf, sizeof(buf)); - if (r < 0) - break; - - if (r >= 3 && !XSTRNCMP("end", buf, 3)) { - wc_BioPuts(cbio, "Peer close discussion\n"); - break; - } - wc_BioPuts(cbio, buf); - - } while (1); - - /* Close the two established connections */ - wc_BioFree(cbio); - wc_BioFree(cbio2); - - return 0; -} -#endif /* 0 */ - -int bio_connect_ssl_test(void) -{ - WOLFCRYPT_BIO *out = NULL, *ssl_bio = NULL; - WOLFSSL_CTX *ssl_ctx = NULL; - - char request[] = "GET / HTTP/1.0\r\n\r\n"; - char buf[1024 * 10]; - int i, len = (int)strlen(request), idx, ret; - - /* Setup all the global SSL stuff */ - ssl_ctx = wolfSSL_CTX_new(wolfTLSv1_client_method()); - if (ssl_ctx == NULL) - return -3000; - - wolfSSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, 0); - - /* Lets make a SSL structure */ - ssl_bio = wolfSSL_BioNewSSL(ssl_ctx, BIO_CLOSE); - if (ssl_bio == NULL) { - ret = -3001; - goto end; - } - - /* Use a connect BIO under the SSL BIO */ - out = wc_BioNewConnect("www.verisign.com:443"); - if (out == NULL) { - ret = -3002; - goto end; - } - - /* start connection */ - if (wc_BioDoConnect(out) <= 0) { - fprintf(stderr, "Error connecting to server\n"); - ret = -3003; - goto end; - } - - /* non blocking mode */ - wc_BioSetNbio(out, 1); - - /* Associate connect and ssl BIO */ - out = wc_BioPush(ssl_bio, out); - if (out == NULL) { - ret = -3004; - goto end; - } - - for (idx = 0;;) { - i = wc_BioWrite(out, request+idx, len); - if (i <= 0) { - if (wc_BioShouldRetry(out)) { -#ifdef USE_WINDOWS_API - Sleep(1000); -#else - sleep(1); -#endif - continue; - } else { - ret = -3005; - goto end; - } - } - idx += i; - len -= i; - if (len <= 0) - break; - } - - for (;;) { - i = wc_BioRead(out, buf, sizeof(buf)); - if (i == 0) - break; - if (i < 0) { - if (wc_BioShouldRetry(out)) { -#ifdef USE_WINDOWS_API - Sleep(1000); -#else - sleep(1); -#endif - continue; - } - ret = -3006; - goto end; - } - fwrite(buf, 1, i, stdout); - } - - ret = 0; - -end: - wc_BioFreeAll(out); - - if (ssl_ctx != NULL) - wolfSSL_CTX_free(ssl_ctx); - - return ret; -} - -/* Required human interactions, must be move to API */ -#if 0 -int bio_accept_ssl_test(void) -{ - WOLFCRYPT_BIO *ssl_bio = NULL, *in = NULL, *buf_bio = NULL, *b_rw = NULL; - WOLFSSL_CTX *ssl_ctx = NULL; - char buf[512]; - int ret = 1, len, i = 0; - -#ifndef NO_DH - /* dh1024 p */ - static unsigned char p[] = { - 0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3, - 0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E, - 0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59, - 0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2, - 0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD, - 0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF, - 0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02, - 0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C, - 0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7, - 0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50, - 0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B, - }; - - /* dh1024 g */ - static unsigned char g[] = { 0x02 }; -#endif - -#if 1 - #define CERT_F "./certs/server-cert.pem" - #define KEY_F "./certs/server-key.pem" -#endif -#if 0 - #define CERT_F "./certs/server-ecc.pem" - #define KEY_F "./certs/ecc-key.pem" -#endif -#if 0 - #define CERT_F "./certs/server-ecc-rsa.pem" - #define KEY_F "./certs/ecc-key.pem" -#endif - - ssl_ctx = wolfSSL_CTX_new(wolfTLSv1_server_method()); - if (ssl_ctx == NULL) - return -3000; - - if (!wolfSSL_CTX_use_certificate_file(ssl_ctx, CERT_F, SSL_FILETYPE_PEM)) { - ret = -3001; - goto end; - } - - if (!wolfSSL_CTX_use_PrivateKey_file(ssl_ctx, KEY_F, SSL_FILETYPE_PEM)) { - ret = -3002; - goto end; - } - - if (!wolfSSL_CTX_check_private_key(ssl_ctx)) { - ret = -3003; - goto end; - } - -#ifndef NO_DH - if (!wolfSSL_CTX_SetTmpDH(ssl_ctx, p, sizeof(p), g, sizeof(g))) { - ret = -3004; - goto end; - } -#endif /* NO_DH */ - - /* Setup server side SSL bio */ - ssl_bio = wolfSSL_BioNewSSL(ssl_ctx, BIO_NOCLOSE); - if (ssl_bio == NULL) { - ret = -3005; - goto end; - } - - /* Create the buffering BIO */ - buf_bio = wc_BioNew(wc_Bio_f_buffer()); - if (buf_bio == NULL) { - ret = -3006; - goto end; - } - - /* Add to chain */ - ssl_bio = wc_BioPush(buf_bio, ssl_bio); - if (ssl_bio == NULL) { - ret = -3007; - goto end; - } - - in = wc_BioNewAccept("4433"); - if (in == NULL) { - ret = -3008; - goto end; - } - - /* force SO_REUSEADDR */ - wc_BioSetBindMode(in, 2); - - /* force NO_SIGPIPE and TCP_NODELAY */ - wc_BioSetSocketOptions(in, 3); - - /* By doing this when a new connection is established - * we automatically have ssl_bio inserted into it. The - * BIO chain is now 'swallowed' by the accept BIO and - * will be freed when the accept BIO is freed. - */ - if (wc_BioSetAcceptBios(in, ssl_bio) <= 0) { - ret = -3009; - goto end; - } - - while (i++ < 5) { - /* Setup accept BIO */ - if (wc_BioDoAccept(in) <= 0) { - fprintf(stderr, "Error setting up accept BIO\n"); - ret = -3010; - goto end; - } - - /* Now wait for incoming connection */ - if (wc_BioDoHandshake(in) <= 0) { - fprintf(stderr, "Error in connection\n"); - ret = -3011; - goto end; - } - - b_rw = wc_BioPop(in); - if (b_rw == NULL) { - printf("BIO error -> close\n"); - ret = -3012; - goto end; - } - - for(;;) { - len = wc_BioGets(b_rw, buf, sizeof(buf)); - if (len == 0) { - /* - * If we have finished, remove the underlying BIO stack so the - * next time we call any function for this BIO, it will attempt - * to do an accept - */ - printf("Done -> close\n"); - break; - } - else if (len < 0) { - if (wc_BioShouldRetry(b_rw)) - continue; - printf("Read error -> close\n"); - ret = -3014; - goto end; - break; - } - - if (buf[0] == '\r' || buf[0] == '\n') { - wc_BioPuts(b_rw, "CLOSE\n"); - if (wc_BioFlush(b_rw) < 0) - return -3015; - printf("Done -> close\n"); - break; - } - fprintf(stdout, "Received : '%s'\n", buf); - /* Send response */ - wc_BioPuts(b_rw, "ACK: "); - wc_BioPuts(b_rw, buf); - if (wc_BioFlush(b_rw) < 0) - return -3016; - } - - /* close connection */ - wc_BioFreeAll(b_rw); - } - - ret = 0; - -end: - if (in != NULL) - wc_BioFreeAll(in); - - if (ssl_ctx != NULL) - wolfSSL_CTX_free(ssl_ctx); - - return ret; -} -#endif /* 0 */ - int bio_test(void) { WOLFCRYPT_BIO *bio; diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index 77928acad..4805a2245 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -71,7 +71,6 @@ typedef WOLFCRYPT_EVP_MD EVP_MD; typedef WOLFCRYPT_EVP_CIPHER EVP_CIPHER; typedef WOLFCRYPT_EVP_MD_CTX EVP_MD_CTX; typedef WOLFCRYPT_EVP_CIPHER_CTX EVP_CIPHER_CTX; -typedef WOLFCRYPT_Cipher Cipher; #define EVP_md5 wc_EVP_md5 #define EVP_sha1 wc_EVP_sha1 diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 36edaf598..c79c74da1 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -383,8 +383,6 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define X509_NAME_free wolfSSL_X509_NAME_free #define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate #define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey -#define BIO_read_filename wolfSSL_BIO_read_filename -#define BIO_s_file wolfSSL_BIO_s_file #define OBJ_nid2sn wolf_OBJ_nid2sn #define OBJ_obj2nid wolf_OBJ_obj2nid #define OBJ_sn2nid wolf_OBJ_sn2nid @@ -409,7 +407,6 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams #define PEM_write_bio_X509 PEM_write_bio_WOLFSSL_X509 #define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh -#define BIO_new_file wolfSSL_BIO_new_file #endif /* HAVE_STUNNEL || HAVE_LIGHTY */ diff --git a/wolfssl/wolfcrypt/bio.h b/wolfssl/wolfcrypt/bio.h index 62178152a..7465a2012 100644 --- a/wolfssl/wolfcrypt/bio.h +++ b/wolfssl/wolfcrypt/bio.h @@ -1,7 +1,6 @@ #ifndef WOLF_CRYPT_BIO_H #define WOLF_CRYPT_BIO_H -#include #include #include #include @@ -375,7 +374,9 @@ WOLFSSL_API unsigned long wc_BioNumberWritten(WOLFCRYPT_BIO *bio); WOLFSSL_API void wc_BioCopyNextRetry(WOLFCRYPT_BIO *b); +#ifndef NO_STDIO_FILESYSTEM WOLFSSL_API int wc_BioPrintf(WOLFCRYPT_BIO *bio, const char *format, ...); +#endif /* BIO file */ WOLFSSL_API WOLFCRYPT_BIO_METHOD *wc_Bio_s_file(void); diff --git a/wolfssl/wolfcrypt/compat-wolfssl.h b/wolfssl/wolfcrypt/compat-wolfssl.h index 83f24b157..a1c196dae 100644 --- a/wolfssl/wolfcrypt/compat-wolfssl.h +++ b/wolfssl/wolfcrypt/compat-wolfssl.h @@ -78,7 +78,7 @@ WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_idea_cbc(void); WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_rc4(void); WOLFSSL_API const WOLFCRYPT_EVP_CIPHER* wc_EVP_enc_null(void); -enum Digest { +enum WC_Digest { MD5_DIGEST_LENGTH = 16, SHA_DIGEST_LENGTH = 20, SHA256_DIGEST_LENGTH = 32, @@ -90,7 +90,7 @@ enum Digest { #define EVP_MAX_MD_SIZE 64 /* sha512 */ #endif -enum Cipher { +enum WC_Cipher { RC4_KEY_SIZE = 16, /* always 128bit */ DES_KEY_SIZE = 8, /* des */ DES3_KEY_SIZE = 24, /* 3 des ede */ diff --git a/wolfssl/wolfcrypt/include.am b/wolfssl/wolfcrypt/include.am index d72d24583..66441e70b 100644 --- a/wolfssl/wolfcrypt/include.am +++ b/wolfssl/wolfcrypt/include.am @@ -14,6 +14,8 @@ nobase_include_HEADERS+= \ wolfssl/wolfcrypt/dh.h \ wolfssl/wolfcrypt/dsa.h \ wolfssl/wolfcrypt/ecc.h \ + wolfssl/wolfcrypt/bio.h \ + wolfssl/wolfcrypt/compat-wolfssl.h \ wolfssl/wolfcrypt/curve25519.h \ wolfssl/wolfcrypt/ed25519.h \ wolfssl/wolfcrypt/fe_operations.h \