feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

move client example and echoserver example to CyaSSL API only, echoclient and server are still OpenSSL compatibility

Browse Source
This commit is contained in:
toddouska
2011-11-03 10:56:15 -07:00
parent 11d15f32b9
commit 771912bf4f
3 changed files with 102 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
cyassl/test.h
View File

@ -157,15 +157,17 @@ static int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
#endif
static INLINE void showPeer(SSL* ssl)
static INLINE void showPeer(CYASSL* ssl)
{
#ifdef OPENSSL_EXTRA
SSL_CIPHER* cipher;
X509* peer = SSL_get_peer_certificate(ssl);
CYASSL_CIPHER* cipher;
CYASSL_X509* peer = CyaSSL_get_peer_certificate(ssl);
if (peer) {
char* issuer = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0);
char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0);
char* issuer = CyaSSL_X509_NAME_oneline(
CyaSSL_X509_get_issuer_name(peer), 0, 0);
char* subject = CyaSSL_X509_NAME_oneline(
CyaSSL_X509_get_subject_name(peer), 0, 0);
byte serial[32];
int ret;
int sz = sizeof(serial);
@ -191,10 +193,10 @@ static INLINE void showPeer(SSL* ssl)
}
else
printf("peer has no cert!\n");
printf("SSL version is %s\n", SSL_get_version(ssl));
printf("SSL version is %s\n", CyaSSL_get_version(ssl));
cipher = SSL_get_current_cipher(ssl);
printf("SSL cipher suite is %s\n", SSL_CIPHER_get_name(cipher));
cipher = CyaSSL_get_current_cipher(ssl);
printf("SSL cipher suite is %s\n", CyaSSL_CIPHER_get_name(cipher));
#endif
#if defined(SESSION_CERTS) && defined(SHOW_CERTS)
@ -420,7 +422,7 @@ static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)
#ifndef NO_PSK
static INLINE unsigned int my_psk_client_cb(SSL* ssl, const char* hint,
static INLINE unsigned int my_psk_client_cb(CYASSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len)
{
@ -439,7 +441,7 @@ static INLINE unsigned int my_psk_client_cb(SSL* ssl, const char* hint,
}
static INLINE unsigned int my_psk_server_cb(SSL* ssl, const char* identity,
static INLINE unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity,
unsigned char* key, unsigned int key_max_len)
{
/* identity is OpenSSL testing default for openssl s_client, keep same */
@ -545,13 +547,14 @@ static int myVerify(int preverify, X509_STORE_CTX* store)
char buffer[80];
printf("In verification callback, error = %d, %s\n", store->error,
ERR_error_string(store->error, buffer));
CyaSSL_ERR_error_string(store->error, buffer));
#ifdef OPENSSL_EXTRA
X509* peer = store->current_cert;
CYASSL_X509* peer = store->current_cert;
if (peer) {
char* issuer = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0);
char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0);
char* issuer = CYASS_X509_NAME_oneline(
CYASSL_X509_get_issuer_name(peer), 0, 0);
char* subject = CYASSL_X509_NAME_oneline(
CYASSL_X509_get_subject_name(peer), 0, 0);
printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer,
subject);
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
@ -568,7 +571,7 @@ static int myVerify(int preverify, X509_STORE_CTX* store)
#endif /* VERIFY_CALLBACK */
static INLINE void SetDH(SSL* ssl)
static INLINE void SetDH(CYASSL* ssl)
{
/* dh1024 p */
static unsigned char p[] =
@ -595,7 +598,7 @@ static INLINE void SetDH(SSL* ssl)
CyaSSL_SetTmpDH(ssl, p, sizeof(p), g, sizeof(g));
}
static INLINE void SetDHCtx(SSL_CTX* ctx)
static INLINE void SetDHCtx(CYASSL_CTX* ctx)
{
/* dh1024 p */
static unsigned char p[] =

106
examples/client/client.c
View File

@ -23,7 +23,7 @@
#include <config.h>
#endif
#include <cyassl/openssl/ssl.h>
#include <cyassl/ssl.h>
#include <cyassl/test.h>
/*
@ -38,14 +38,14 @@
#endif
#if defined(NON_BLOCKING) || defined(CYASSL_CALLBACKS)
void NonBlockingSSL_Connect(SSL* ssl)
void NonBlockingSSL_Connect(CyaSSL* ssl)
{
#ifndef CYASSL_CALLBACKS
int ret = SSL_connect(ssl);
int ret = CyaSSL_connect(ssl);
#else
int ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout);
#endif
int error = SSL_get_error(ssl, 0);
int error = CyaSSL_get_error(ssl, 0);
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
error == SSL_ERROR_WANT_WRITE)) {
if (error == SSL_ERROR_WANT_READ)
@ -58,11 +58,11 @@
sleep(1);
#endif
#ifndef CYASSL_CALLBACKS
ret = SSL_connect(ssl);
ret = CyaSSL_connect(ssl);
#else
ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout);
#endif
error = SSL_get_error(ssl, 0);
error = CyaSSL_get_error(ssl, 0);
}
if (ret != SSL_SUCCESS)
err_sys("SSL_connect failed");
@ -74,13 +74,13 @@ void client_test(void* args)
{
SOCKET_T sockfd = 0;
SSL_METHOD* method = 0;
SSL_CTX* ctx = 0;
SSL* ssl = 0;
CYASSL_METHOD* method = 0;
CYASSL_CTX* ctx = 0;
CYASSL* ssl = 0;
#ifdef TEST_RESUME
SSL* sslResume = 0;
SSL_SESSION* session = 0;
CYASSL* sslResume = 0;
CYASSL_SESSION* session = 0;
char resumeMsg[] = "resuming cyassl!";
int resumeSz = sizeof(resumeMsg);
#endif
@ -96,32 +96,32 @@ void client_test(void* args)
((func_args*)args)->return_code = -1; /* error state */
#if defined(CYASSL_DTLS)
method = DTLSv1_client_method();
method = CyaDTLSv1_client_method();
#elif !defined(NO_TLS)
method = SSLv23_client_method();
method = CyaSSLv23_client_method();
#else
method = SSLv3_client_method();
method = CyaSSLv3_client_method();
#endif
ctx = SSL_CTX_new(method);
ctx = CyaSSL_CTX_new(method);
#ifndef NO_PSK
SSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
#endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
/* don't use EDH, can't sniff tmp keys */
SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
#endif
#ifndef NO_FILESYSTEM
if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
if (CyaSSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from CyaSSL home dir");
#ifdef HAVE_ECC
if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS)
if (CyaSSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from CyaSSL home dir");
#endif
#else
@ -129,12 +129,12 @@ void client_test(void* args)
#endif
#ifdef VERIFY_CALLBACK
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
#endif
if (argc == 3) {
/* ./client server securePort */
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); /* TODO: add ca cert */
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); /* TODO: add ca cert */
/* this is just to allow easy testing of other servers */
tcp_connect(&sockfd, argv[1], (short)atoi(argv[2]));
}
@ -142,12 +142,12 @@ void client_test(void* args)
/* ./client // plain mode */
/* for client cert authentication if server requests */
#ifndef NO_FILESYSTEM
if (SSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM)
if (CyaSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load client cert file, "
"Please run from CyaSSL home dir");
if (SSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM)
if (CyaSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load client key file, "
"Please run from CyaSSL home dir");
@ -167,13 +167,13 @@ void client_test(void* args)
for (i = 0; i < times; i++) {
tcp_connect(&sockfd, yasslIP, yasslPort);
ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
if (SSL_connect(ssl) != SSL_SUCCESS)
ssl = CyaSSL_new(ctx);
CyaSSL_set_fd(ssl, sockfd);
if (CyaSSL_connect(ssl) != SSL_SUCCESS)
err_sys("SSL_connect failed");
SSL_shutdown(ssl);
SSL_free(ssl);
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
CloseSocket(sockfd);
}
avg = current_time() - start;
@ -181,15 +181,15 @@ void client_test(void* args)
avg *= 1000; /* milliseconds */
printf("SSL_connect avg took:%6.3f milliseconds\n", avg);
SSL_CTX_free(ctx);
CyaSSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
return;
}
else
err_sys("usage: ./client server securePort");
ssl = SSL_new(ctx);
SSL_set_fd(ssl, sockfd);
ssl = CyaSSL_new(ctx);
CyaSSL_set_fd(ssl, sockfd);
if (argc != 3)
CyaSSL_check_domain_name(ssl, "www.yassl.com");
#ifdef NON_BLOCKING
@ -197,10 +197,10 @@ void client_test(void* args)
NonBlockingSSL_Connect(ssl);
#else
#ifndef CYASSL_CALLBACKS
if (SSL_connect(ssl) != SSL_SUCCESS) { /* see note at top of README */
int err = SSL_get_error(ssl, 0);
if (CyaSSL_connect(ssl) != SSL_SUCCESS) {/* see note at top of README */
int err = CyaSSL_get_error(ssl, 0);
char buffer[80];
printf("err = %d, %s\n", err, ERR_error_string(err, buffer));
printf("err = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
err_sys("SSL_connect failed");/* if you're getting an error here */
}
#else
@ -216,17 +216,17 @@ void client_test(void* args)
msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
}
if (SSL_write(ssl, msg, msgSz) != msgSz)
if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
err_sys("SSL_write failed");
input = SSL_read(ssl, reply, sizeof(reply));
input = CyaSSL_read(ssl, reply, sizeof(reply));
if (input > 0) {
reply[input] = 0;
printf("Server response: %s\n", reply);
if (argc == 3) { /* get html */
while (1) {
input = SSL_read(ssl, reply, sizeof(reply));
input = CyaSSL_read(ssl, reply, sizeof(reply));
if (input > 0) {
reply[input] = 0;
printf("%s\n", reply);
@ -242,14 +242,14 @@ void client_test(void* args)
strncpy(msg, "break", 6);
msgSz = (int)strlen(msg);
/* try to send session close */
SSL_write(ssl, msg, msgSz);
CyaSSL_write(ssl, msg, msgSz);
#endif
session = SSL_get_session(ssl);
sslResume = SSL_new(ctx);
session = CyaSSL_get_session(ssl);
sslResume = CyaSSL_new(ctx);
#endif
SSL_shutdown(ssl);
SSL_free(ssl);
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
CloseSocket(sockfd);
#ifdef TEST_RESUME
@ -264,36 +264,36 @@ void client_test(void* args)
tcp_connect(&sockfd, argv[1], (short)atoi(argv[2]));
else
tcp_connect(&sockfd, yasslIP, yasslPort);
SSL_set_fd(sslResume, sockfd);
SSL_set_session(sslResume, session);
CyaSSL_set_fd(sslResume, sockfd);
CyaSSL_set_session(sslResume, session);
showPeer(sslResume);
if (SSL_connect(sslResume) != SSL_SUCCESS) err_sys("SSL resume failed");
if (CyaSSL_connect(sslResume) != SSL_SUCCESS) err_sys("SSL resume failed");
#ifdef OPENSSL_EXTRA
if (SSL_session_reused(sslResume))
if (CyaSSL_session_reused(sslResume))
printf("reused session id\n");
else
printf("didn't reuse session id!!!\n");
#endif
if (SSL_write(sslResume, resumeMsg, resumeSz) != resumeSz)
if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz)
err_sys("SSL_write failed");
input = SSL_read(sslResume, reply, sizeof(reply));
input = CyaSSL_read(sslResume, reply, sizeof(reply));
if (input > 0) {
reply[input] = 0;
printf("Server resume response: %s\n", reply);
}
/* try to send session break */
SSL_write(sslResume, msg, msgSz);
CyaSSL_write(sslResume, msg, msgSz);
SSL_shutdown(sslResume);
SSL_free(sslResume);
CyaSSL_shutdown(sslResume);
CyaSSL_free(sslResume);
#endif /* TEST_RESUME */
SSL_CTX_free(ctx);
CyaSSL_CTX_free(ctx);
CloseSocket(sockfd);
((func_args*)args)->return_code = 0;

58
examples/echoserver/echoserver.c
View File

@ -23,7 +23,7 @@
#include <config.h>
#endif
#include <cyassl/openssl/ssl.h>
#include <cyassl/ssl.h>
#include <cyassl/test.h>
#ifndef NO_MAIN_DRIVER
@ -52,9 +52,9 @@ static void SignalReady(void* args)
THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
{
SOCKET_T sockfd = 0;
SSL_METHOD* method = 0;
SSL_CTX* ctx = 0;
SOCKET_T sockfd = 0;
CYASSL_METHOD* method = 0;
CYASSL_CTX* ctx = 0;
int outCreated = 0;
int shutdown = 0;
@ -75,23 +75,23 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
tcp_listen(&sockfd);
#if defined(CYASSL_DTLS)
method = DTLSv1_server_method();
method = CyaDTLSv1_server_method();
#elif !defined(NO_TLS)
method = SSLv23_server_method();
method = CyaSSLv23_server_method();
#else
method = SSLv3_server_method();
method = CyaSSLv3_server_method();
#endif
ctx = SSL_CTX_new(method);
/* SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */
ctx = CyaSSL_CTX_new(method);
/* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#ifndef NO_FILESYSTEM
#ifdef HAVE_NTRU
/* ntru */
if (SSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM)
if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load ntru cert file, "
"Please run from CyaSSL home dir");
@ -102,23 +102,23 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
"Please run from CyaSSL home dir");
#elif HAVE_ECC
/* ecc */
if (SSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM)
if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load server cert file, "
"Please run from CyaSSL home dir");
if (SSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM)
if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from CyaSSL home dir");
#else
/* normal */
if (SSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load server cert file, "
"Please run from CyaSSL home dir");
if (SSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from CyaSSL home dir");
@ -131,10 +131,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
SignalReady(args);
while (!shutdown) {
SSL* ssl = 0;
char command[1024];
int echoSz = 0;
int clientfd;
CYASSL* ssl = 0;
char command[1024];
int echoSz = 0;
int clientfd;
#ifndef CYASSL_DTLS
SOCKADDR_IN_T client;
@ -146,17 +146,17 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#endif
if (clientfd == -1) err_sys("tcp accept failed");
ssl = SSL_new(ctx);
ssl = CyaSSL_new(ctx);
if (ssl == NULL) err_sys("SSL_new failed");
SSL_set_fd(ssl, clientfd);
CyaSSL_set_fd(ssl, clientfd);
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
#else
SetDH(ssl); /* will repick suites with DHE, higher than PSK */
#endif
if (SSL_accept(ssl) != SSL_SUCCESS) {
if (CyaSSL_accept(ssl) != SSL_SUCCESS) {
printf("SSL_accept failed\n");
SSL_free(ssl);
CyaSSL_free(ssl);
CloseSocket(clientfd);
continue;
}
@ -164,7 +164,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
showPeer(ssl);
#endif
while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) {
while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command))) > 0) {
if ( strncmp(command, "quit", 4) == 0) {
printf("client sent quit command: shutting down!\n");
@ -198,7 +198,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
strncpy(&command[echoSz], footer, sizeof(footer));
echoSz += sizeof(footer);
if (SSL_write(ssl, command, echoSz) != echoSz)
if (CyaSSL_write(ssl, command, echoSz) != echoSz)
err_sys("SSL_write failed");
break;
}
@ -208,13 +208,13 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
fputs(command, fout);
#endif
if (SSL_write(ssl, command, echoSz) != echoSz)
if (CyaSSL_write(ssl, command, echoSz) != echoSz)
err_sys("SSL_write failed");
}
#ifndef CYASSL_DTLS
SSL_shutdown(ssl);
CyaSSL_shutdown(ssl);
#endif
SSL_free(ssl);
CyaSSL_free(ssl);
CloseSocket(clientfd);
#ifdef CYASSL_DTLS
tcp_listen(&sockfd);
@ -223,7 +223,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
}
CloseSocket(sockfd);
SSL_CTX_free(ctx);
CyaSSL_CTX_free(ctx);
#ifdef ECHO_OUT
if (outCreated)