diff --git a/examples/client/client.c b/examples/client/client.c index b97c25e75..649d1cb3b 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -65,6 +65,27 @@ #define OCSP_STAPLINGV2_MULTI 3 #define OCSP_STAPLING_OPT_MAX OCSP_STAPLINGV2_MULTI +#ifdef WOLFSSL_ALT_TEST_STRINGS + #define TEST_STR_TERM "\n" +#else + #define TEST_STR_TERM +#endif + +static const char kHelloMsg[] = "hello wolfssl!" TEST_STR_TERM; +#ifndef NO_SESSION_CACHE +static const char kResumeMsg[] = "resuming wolfssl!" TEST_STR_TERM; +#endif + +#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_EARLY_DATA) + static const char kEarlyMsg[] = "A drop of info" TEST_STR_TERM; +#endif +static const char kHttpGetMsg[] = "GET /index.html HTTP/1.0\r\n\r\n"; + +/* Write needs to be largest of the above strings (29) */ +#define CLI_MSG_SZ 32 +/* Read needs to be at least sizeof server.c `webServerMsg` (226) */ +#define CLI_REPLY_SZ 256 + #if defined(XSLEEP_US) && defined(NO_MAIN_DRIVER) /* This is to force the server's thread to get a chance to * execute before continuing the resume in non-blocking @@ -375,11 +396,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, WOLFSSL_SESSION* benchSession = NULL; #endif #ifdef WOLFSSL_TLS13 - byte* reply[80]; - static const char msg[] = "GET /index.html HTTP/1.0\r\n\r\n"; -#ifdef WOLFSSL_EARLY_DATA - static const char earlyMsg[] = "A drop of info"; -#endif + byte reply[CLI_REPLY_SZ]; #endif const char** words = client_bench_conmsg[lng_index]; @@ -431,7 +448,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, defined(WOLFSSL_EARLY_DATA) if (version >= 4 && benchResume && earlyData) { char buffer[WOLFSSL_MAX_ERROR_SZ]; - EarlyData(ctx, ssl, earlyMsg, sizeof(earlyMsg)-1, buffer); + EarlyData(ctx, ssl, kEarlyMsg, sizeof(kEarlyMsg)-1, buffer); } #endif do { @@ -458,7 +475,8 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, if (version >= 4 && resumeSession) #endif { - if (wolfSSL_write(ssl, msg, sizeof(msg)-1) <= 0) + /* no null term */ + if (wolfSSL_write(ssl, kHttpGetMsg, sizeof(kHttpGetMsg)-1) <= 0) err_sys("SSL_write failed"); if (wolfSSL_read(ssl, reply, sizeof(reply)-1) <= 0) @@ -788,7 +806,7 @@ static int SMTP_Shutdown(WOLFSSL* ssl, int wc_shutdown) /* S: 221 2.0.0 Service closing transmission channel */ do { - ret = wolfSSL_read(ssl, tmpBuf, sizeof(tmpBuf)); + ret = wolfSSL_read(ssl, tmpBuf, sizeof(tmpBuf)-1); if (ret < 0) { err = wolfSSL_get_error(ssl, 0); #ifdef WOLFSSL_ASYNC_CRYPT @@ -802,7 +820,7 @@ static int SMTP_Shutdown(WOLFSSL* ssl, int wc_shutdown) if (ret < 0) { err_sys("failed to read SMTP closing down response\n"); } - + tmpBuf[ret] = 0; /* null terminate message */ printf("%s\n", tmpBuf); ret = wolfSSL_shutdown(ssl); @@ -820,7 +838,7 @@ static int SMTP_Shutdown(WOLFSSL* ssl, int wc_shutdown) return WOLFSSL_SUCCESS; } -static int ClientWrite(WOLFSSL* ssl, char* msg, int msgSz, const char* str, +static int ClientWrite(WOLFSSL* ssl, const char* msg, int msgSz, const char* str, int exitWithRet) { int ret, err; @@ -899,7 +917,7 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead, #endif ); if (ret > 0) { - reply[ret] = 0; + reply[ret] = 0; /* null terminate */ printf("%s%s\n", str, reply); } @@ -1394,9 +1412,6 @@ static void Usage(void) #endif } -#define MSG32 32 -#define GETMSGSZ 29 - THREAD_RETURN WOLFSSL_THREAD client_test(void* args) { SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; @@ -1410,17 +1425,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) byte* flatSession = NULL; int flatSessionSz = 0; -#ifndef WOLFSSL_ALT_TEST_STRINGS - char msg[MSG32] = "hello wolfssl!"; /* GET may make bigger */ - char resumeMsg[MSG32] = "resuming wolfssl!"; -#else - char msg[MSG32] = "hello wolfssl!\n"; - char resumeMsg[MSG32] = "resuming wolfssl!\n"; -#endif - - char reply[128]; - int msgSz = (int)XSTRLEN(msg); - int resumeSz = (int)XSTRLEN(resumeMsg); + char msg[CLI_MSG_SZ]; + int msgSz = 0; + char reply[CLI_REPLY_SZ]; word16 port = wolfSSLPort; char* host = (char*)wolfSSLIP; @@ -1452,7 +1459,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) int ret; int err = 0; int scr = 0; /* allow secure renegotiation */ - int forceScr = 0; /* force client initiaed scr */ + int forceScr = 0; /* force client initiated scr */ int resumeScr = 0; /* use resumption for renegotiation */ #ifndef WOLFSSL_NO_CLIENT_AUTH int useClientCert = 1; @@ -1582,7 +1589,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif #endif - (void)resumeSz; (void)session; (void)flatSession; (void)flatSessionSz; @@ -1778,7 +1784,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif } else if (XSTRNCMP(myoptarg, "disallowETM", 7) == 0) { - printf("Disallow Enrypt-Then-MAC\n"); + printf("Disallow Encrypt-Then-MAC\n"); #ifdef HAVE_ENCRYPT_THEN_MAC disallowETM = 1; #endif @@ -2778,10 +2784,13 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (doMcast) { #ifdef WOLFSSL_MULTICAST - byte pms[512]; /* pre master secret */ - byte cr[MSG32]; /* client random */ - byte sr[MSG32]; /* server random */ - const byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */ + /* DTLS multicast secret for testing only */ + #define CLI_SRV_RANDOM_SZ 32 /* RAN_LEN (see internal.h) */ + #define PMS_SZ 512 /* ENCRYPT_LEN (see internal.h) */ + byte pms[PMS_SZ]; /* pre master secret */ + byte cr[CLI_SRV_RANDOM_SZ]; /* client random */ + byte sr[CLI_SRV_RANDOM_SZ]; /* server random */ + const byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */ XMEMSET(pms, 0x23, sizeof(pms)); XMEMSET(cr, 0xA5, sizeof(cr)); @@ -2949,7 +2958,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) else { #ifdef WOLFSSL_EARLY_DATA if (usePsk && earlyData) - EarlyData(ctx, ssl, msg, msgSz, buffer); + EarlyData(ctx, ssl, kEarlyMsg, sizeof(kEarlyMsg)-1, buffer); #endif do { err = 0; /* reset error */ @@ -3084,7 +3093,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) " nonblocking yet\n"); } else { if (!resumeScr) { - printf("Beginning secure rengotiation.\n"); + printf("Beginning secure renegotiation.\n"); if ((ret = wolfSSL_Rehandshake(ssl)) != WOLFSSL_SUCCESS) { err = wolfSSL_get_error(ssl, 0); #ifdef WOLFSSL_ASYNC_CRYPT @@ -3145,15 +3154,16 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } #endif /* HAVE_SECURE_RENEGOTIATION */ + XMEMSET(msg, 0, sizeof(msg)); if (sendGET) { - char msgGet[GETMSGSZ] = "GET /index.html HTTP/1.0\r\n\r\n"; printf("SSL connect ok, sending GET...\n"); - XMEMSET(msg, 0, MSG32); - XMEMSET(resumeMsg, 0, MSG32); - msgSz = resumeSz = (int) XSTRLEN(msgGet); - XMEMCPY(msg, msgGet, msgSz); - XMEMCPY(resumeMsg, msgGet, resumeSz); + msgSz = (int)XSTRLEN(kHttpGetMsg); + XMEMCPY(msg, kHttpGetMsg, msgSz); + } + else { + msgSz = (int)XSTRLEN(kHelloMsg); + XMEMCPY(msg, kHelloMsg, msgSz); } /* allow some time for exporting the session */ @@ -3186,13 +3196,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (updateKeysIVs || postHandAuth) (void)ClientWrite(ssl, msg, msgSz, "", 0); #endif - if (sendGET) { /* get html */ - (void)ClientRead(ssl, reply, sizeof(reply)-1, 0, "", 0); - } #ifndef NO_SESSION_CACHE if (resumeSession) { - session = wolfSSL_get_session(ssl); + session = wolfSSL_get_session(ssl); } #endif @@ -3325,7 +3332,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) else #endif if (earlyData) { - EarlyData(ctx, sslResume, msg, msgSz, buffer); + EarlyData(ctx, sslResume, kEarlyMsg, sizeof(kEarlyMsg)-1, buffer); } #endif do { @@ -3393,7 +3400,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) " nonblocking yet\n"); } else { if (!resumeScr) { - printf("Beginning secure rengotiation.\n"); + printf("Beginning secure renegotiation.\n"); if (wolfSSL_Rehandshake(sslResume) != WOLFSSL_SUCCESS) { err = wolfSSL_get_error(sslResume, 0); printf("err = %d, %s\n", err, @@ -3424,7 +3431,16 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } #endif /* HAVE_SECURE_RENEGOTIATION */ - (void)ClientWrite(sslResume, resumeMsg, resumeSz, " resume", 0); + XMEMSET(msg, 0, sizeof(msg)); + if (sendGET) { + msgSz = (int)XSTRLEN(kHttpGetMsg); + XMEMCPY(msg, kHttpGetMsg, msgSz); + } + else { + msgSz = (int)XSTRLEN(kResumeMsg); + XMEMCPY(msg, kResumeMsg, msgSz); + } + (void)ClientWrite(sslResume, msg, msgSz, " resume", 0); (void)ClientRead(sslResume, reply, sizeof(reply)-1, sendGET, "Server resume: ", 0); @@ -3451,7 +3467,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) wolfSSL_free(sslResume); sslResume = NULL; CloseSocket(sockfd); } -#endif /* NO_SESSION_CACHE */ +#endif /* !NO_SESSION_CACHE */ wolfSSL_CTX_free(ctx); ctx = NULL; diff --git a/examples/server/server.c b/examples/server/server.c index 0a249fc87..dba33feca 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -58,7 +58,13 @@ * test.h will write the actual port number into the ready file for use * by the client. */ -static const char webServerMsg[] = +#ifndef WOLFSSL_ALT_TEST_STRINGS +static const char kReplyMsg[] = "I hear you fa shizzle!"; +#else +static const char kReplyMsg[] = "I hear you fa shizzle!\n"; +#endif + +static const char kHttpServerMsg[] = "HTTP/1.1 200 OK\r\n" "Content-Type: text/html\r\n" "Connection: close\r\n" @@ -73,6 +79,10 @@ static const char webServerMsg[] = "\r\n" "\r\n"; +/* Read needs to be largest of the client.c message strings (29) */ +#define SRV_READ_SZ 32 + + int runWithErrors = 0; /* Used with -x flag to run err_sys vs. print errors */ int catastrophic = 0; /* Use with -x flag to still exit when an error is * considered catastrophic EG the servers own cert failing @@ -425,11 +435,12 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block, free(buffer); if (throughput) { - #if !defined(__MINGW32__) - printf("wolfSSL Server Benchmark %zu bytes\n" - #else - printf("wolfSSL Server Benchmark %d bytes\n" - #endif + printf( + #if !defined(__MINGW32__) + "wolfSSL Server Benchmark %zu bytes\n" + #else + "wolfSSL Server Benchmark %d bytes\n" + #endif "\tRX %8.3f ms (%8.3f MBps)\n" "\tTX %8.3f ms (%8.3f MBps)\n", #if !defined(__MINGW32__) @@ -901,13 +912,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) SSL_CTX* ctx = 0; SSL* ssl = 0; -#ifndef WOLFSSL_ALT_TEST_STRINGS - const char msg[] = "I hear you fa shizzle!"; -#else - const char msg[] = "I hear you fa shizzle!\n"; -#endif int useWebServerMsg = 0; - char input[80]; + char input[SRV_READ_SZ]; #ifndef WOLFSSL_VXWORKS int ch; #endif @@ -2000,18 +2006,22 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) if (doMcast) { #ifdef WOLFSSL_MULTICAST - byte pms[512]; - byte cr[32]; - byte sr[32]; - const byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */ + /* DTLS multicast secret for testing only */ + #define CLI_SRV_RANDOM_SZ 32 /* RAN_LEN (see internal.h) */ + #define PMS_SZ 512 /* ENCRYPT_LEN (see internal.h) */ + byte pms[PMS_SZ]; /* pre master secret */ + byte cr[CLI_SRV_RANDOM_SZ]; /* client random */ + byte sr[CLI_SRV_RANDOM_SZ]; /* server random */ + const byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */ XMEMSET(pms, 0x23, sizeof(pms)); XMEMSET(cr, 0xA5, sizeof(cr)); XMEMSET(sr, 0x5A, sizeof(sr)); if (wolfSSL_set_secret(ssl, 1, pms, sizeof(pms), cr, sr, suite) - != WOLFSSL_SUCCESS) + != WOLFSSL_SUCCESS) { err_sys("unable to set mcast secret"); + } #endif } @@ -2461,12 +2471,12 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) /* Write data */ if (!useWebServerMsg) { - write_msg = msg; - write_msg_sz = (int) XSTRLEN(msg); + write_msg = kReplyMsg; + write_msg_sz = (int)XSTRLEN(kReplyMsg); } else { - write_msg = webServerMsg; - write_msg_sz = (int) XSTRLEN(webServerMsg); + write_msg = kHttpServerMsg; + write_msg_sz = (int)XSTRLEN(kHttpServerMsg); } ServerWrite(ssl, write_msg, write_msg_sz); @@ -2599,7 +2609,6 @@ exit: func_args args; tcp_ready ready; - StartTCP(); args.argc = argc;