forked from wolfSSL/wolfssl
Merge pull request #5230 from dgarske/tls_bench
Fix for TLS v1.1 length sanity check for large messages
This commit is contained in:
Sean Parkinson
GitHub
@@ -414,8 +414,9 @@ static int ServerMemSend(info_t* info, char* buf, int sz)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
if (info->to_client.write_idx + sz > MEM_BUFFER_SZ)
|
if (info->to_client.write_idx + sz > MEM_BUFFER_SZ) {
|
||||||
sz = MEM_BUFFER_SZ - info->to_client.write_idx;
|
sz = MEM_BUFFER_SZ - info->to_client.write_idx;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
XMEMCPY(&info->to_client.buf[info->to_client.write_idx], buf, sz);
|
XMEMCPY(&info->to_client.buf[info->to_client.write_idx], buf, sz);
|
||||||
@@ -426,8 +427,9 @@ static int ServerMemSend(info_t* info, char* buf, int sz)
|
|||||||
pthread_mutex_unlock(&info->to_client.mutex);
|
pthread_mutex_unlock(&info->to_client.mutex);
|
||||||
|
|
||||||
#ifdef BENCH_USE_NONBLOCK
|
#ifdef BENCH_USE_NONBLOCK
|
||||||
if (sz == 0)
|
if (sz == 0) {
|
||||||
return WOLFSSL_CBIO_ERR_WANT_WRITE;
|
return WOLFSSL_CBIO_ERR_WANT_WRITE;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
return sz;
|
return sz;
|
||||||
}
|
}
|
||||||
@@ -438,11 +440,14 @@ static int ServerMemRecv(info_t* info, char* buf, int sz)
|
|||||||
pthread_mutex_lock(&info->to_server.mutex);
|
pthread_mutex_lock(&info->to_server.mutex);
|
||||||
|
|
||||||
#ifndef BENCH_USE_NONBLOCK
|
#ifndef BENCH_USE_NONBLOCK
|
||||||
while (info->to_server.write_idx - info->to_server.read_idx < sz && !info->to_client.done)
|
while (info->to_server.write_idx - info->to_server.read_idx < sz &&
|
||||||
|
!info->to_client.done) {
|
||||||
pthread_cond_wait(&info->to_server.cond, &info->to_server.mutex);
|
pthread_cond_wait(&info->to_server.cond, &info->to_server.mutex);
|
||||||
|
}
|
||||||
#else
|
#else
|
||||||
if (info->to_server.write_idx - info->to_server.read_idx < sz)
|
if (info->to_server.write_idx - info->to_server.read_idx < sz) {
|
||||||
sz = info->to_server.write_idx - info->to_server.read_idx;
|
sz = info->to_server.write_idx - info->to_server.read_idx;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
XMEMCPY(buf, &info->to_server.buf[info->to_server.read_idx], sz);
|
XMEMCPY(buf, &info->to_server.buf[info->to_server.read_idx], sz);
|
||||||
@@ -457,12 +462,14 @@ static int ServerMemRecv(info_t* info, char* buf, int sz)
|
|||||||
|
|
||||||
pthread_mutex_unlock(&info->to_server.mutex);
|
pthread_mutex_unlock(&info->to_server.mutex);
|
||||||
|
|
||||||
if (info->to_client.done != 0)
|
if (info->to_client.done != 0) {
|
||||||
return -1;
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef BENCH_USE_NONBLOCK
|
#ifdef BENCH_USE_NONBLOCK
|
||||||
if (sz == 0)
|
if (sz == 0) {
|
||||||
return WOLFSSL_CBIO_ERR_WANT_READ;
|
return WOLFSSL_CBIO_ERR_WANT_READ;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
return sz;
|
return sz;
|
||||||
}
|
}
|
||||||
@@ -475,13 +482,15 @@ static int ClientMemSend(info_t* info, char* buf, int sz)
|
|||||||
#ifndef BENCH_USE_NONBLOCK
|
#ifndef BENCH_USE_NONBLOCK
|
||||||
/* check for overflow */
|
/* check for overflow */
|
||||||
if (info->to_server.write_idx + sz > MEM_BUFFER_SZ) {
|
if (info->to_server.write_idx + sz > MEM_BUFFER_SZ) {
|
||||||
fprintf(stderr, "ClientMemSend overflow %d %d %d\n", info->to_server.write_idx, sz, MEM_BUFFER_SZ);
|
fprintf(stderr, "ClientMemSend overflow %d %d %d\n",
|
||||||
|
info->to_server.write_idx, sz, MEM_BUFFER_SZ);
|
||||||
pthread_mutex_unlock(&info->to_server.mutex);
|
pthread_mutex_unlock(&info->to_server.mutex);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
if (info->to_server.write_idx + sz > MEM_BUFFER_SZ)
|
if (info->to_server.write_idx + sz > MEM_BUFFER_SZ) {
|
||||||
sz = MEM_BUFFER_SZ - info->to_server.write_idx;
|
sz = MEM_BUFFER_SZ - info->to_server.write_idx;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
XMEMCPY(&info->to_server.buf[info->to_server.write_idx], buf, sz);
|
XMEMCPY(&info->to_server.buf[info->to_server.write_idx], buf, sz);
|
||||||
@@ -492,8 +501,9 @@ static int ClientMemSend(info_t* info, char* buf, int sz)
|
|||||||
pthread_mutex_unlock(&info->to_server.mutex);
|
pthread_mutex_unlock(&info->to_server.mutex);
|
||||||
|
|
||||||
#ifdef BENCH_USE_NONBLOCK
|
#ifdef BENCH_USE_NONBLOCK
|
||||||
if (sz == 0)
|
if (sz == 0) {
|
||||||
return WOLFSSL_CBIO_ERR_WANT_WRITE;
|
return WOLFSSL_CBIO_ERR_WANT_WRITE;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
return sz;
|
return sz;
|
||||||
}
|
}
|
||||||
@@ -504,11 +514,14 @@ static int ClientMemRecv(info_t* info, char* buf, int sz)
|
|||||||
pthread_mutex_lock(&info->to_client.mutex);
|
pthread_mutex_lock(&info->to_client.mutex);
|
||||||
|
|
||||||
#ifndef BENCH_USE_NONBLOCK
|
#ifndef BENCH_USE_NONBLOCK
|
||||||
while (info->to_client.write_idx - info->to_client.read_idx < sz)
|
while (info->to_client.write_idx - info->to_client.read_idx < sz &&
|
||||||
|
!info->to_server.done) {
|
||||||
pthread_cond_wait(&info->to_client.cond, &info->to_client.mutex);
|
pthread_cond_wait(&info->to_client.cond, &info->to_client.mutex);
|
||||||
|
}
|
||||||
#else
|
#else
|
||||||
if (info->to_client.write_idx - info->to_client.read_idx < sz)
|
if (info->to_client.write_idx - info->to_client.read_idx < sz) {
|
||||||
sz = info->to_client.write_idx - info->to_client.read_idx;
|
sz = info->to_client.write_idx - info->to_client.read_idx;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
XMEMCPY(buf, &info->to_client.buf[info->to_client.read_idx], sz);
|
XMEMCPY(buf, &info->to_client.buf[info->to_client.read_idx], sz);
|
||||||
@@ -523,9 +536,14 @@ static int ClientMemRecv(info_t* info, char* buf, int sz)
|
|||||||
|
|
||||||
pthread_mutex_unlock(&info->to_client.mutex);
|
pthread_mutex_unlock(&info->to_client.mutex);
|
||||||
|
|
||||||
|
if (info->to_server.done != 0) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef BENCH_USE_NONBLOCK
|
#ifdef BENCH_USE_NONBLOCK
|
||||||
if (sz == 0)
|
if (sz == 0) {
|
||||||
return WOLFSSL_CBIO_ERR_WANT_READ;
|
return WOLFSSL_CBIO_ERR_WANT_READ;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
return sz;
|
return sz;
|
||||||
}
|
}
|
||||||
@@ -592,7 +610,9 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
|
|||||||
struct sockaddr peer;
|
struct sockaddr peer;
|
||||||
socklen_t peerSz = 0;
|
socklen_t peerSz = 0;
|
||||||
|
|
||||||
if (DoneHandShake) dtls_timeout = 0;
|
if (DoneHandShake) {
|
||||||
|
dtls_timeout = 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (!wolfSSL_get_using_nonblock(ssl)) {
|
if (!wolfSSL_get_using_nonblock(ssl)) {
|
||||||
struct timeval timeout;
|
struct timeval timeout;
|
||||||
@@ -608,7 +628,6 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
|
|||||||
recvd = (int)recvfrom(sd, buf, sz, 0, (SOCKADDR*)&peer, &peerSz);
|
recvd = (int)recvfrom(sd, buf, sz, 0, (SOCKADDR*)&peer, &peerSz);
|
||||||
|
|
||||||
if (recvd < 0) {
|
if (recvd < 0) {
|
||||||
|
|
||||||
if (errno == SOCKET_EWOULDBLOCK || errno == SOCKET_EAGAIN) {
|
if (errno == SOCKET_EWOULDBLOCK || errno == SOCKET_EAGAIN) {
|
||||||
if (wolfSSL_dtls_get_using_nonblock(ssl)) {
|
if (wolfSSL_dtls_get_using_nonblock(ssl)) {
|
||||||
return WOLFSSL_CBIO_ERR_WANT_READ;
|
return WOLFSSL_CBIO_ERR_WANT_READ;
|
||||||
@@ -685,32 +704,40 @@ static int ServerSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
|||||||
info_t* info = (info_t*)ctx;
|
info_t* info = (info_t*)ctx;
|
||||||
(void)ssl;
|
(void)ssl;
|
||||||
#ifdef HAVE_PTHREAD
|
#ifdef HAVE_PTHREAD
|
||||||
if (info->useLocalMem)
|
if (info->useLocalMem) {
|
||||||
return ServerMemSend(info, buf, sz);
|
return ServerMemSend(info, buf, sz);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_CLIENT)
|
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_CLIENT)
|
||||||
if (info->doDTLS) {
|
if (info->doDTLS) {
|
||||||
return SendTo(info->server.sockFd, buf, sz,
|
return SendTo(info->server.sockFd, buf, sz,
|
||||||
(const struct sockaddr*)&info->clientAddr, sizeof(info->clientAddr));
|
(const struct sockaddr*)&info->clientAddr, sizeof(info->clientAddr));
|
||||||
} else
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
return SocketSend(info->server.sockFd, buf, sz);
|
return SocketSend(info->server.sockFd, buf, sz);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
static int ServerRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
static int ServerRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||||
{
|
{
|
||||||
info_t* info = (info_t*)ctx;
|
info_t* info = (info_t*)ctx;
|
||||||
(void)ssl;
|
(void)ssl;
|
||||||
#ifdef HAVE_PTHREAD
|
#ifdef HAVE_PTHREAD
|
||||||
if (info->useLocalMem)
|
if (info->useLocalMem) {
|
||||||
return ServerMemRecv(info, buf, sz);
|
return ServerMemRecv(info, buf, sz);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_DTLS
|
#ifdef WOLFSSL_DTLS
|
||||||
if (info->doDTLS) {
|
if (info->doDTLS) {
|
||||||
return ReceiveFrom(ssl, info->server.sockFd, buf, sz);
|
return ReceiveFrom(ssl, info->server.sockFd, buf, sz);
|
||||||
} else
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
return SocketRecv(info->server.sockFd, buf, sz);
|
return SocketRecv(info->server.sockFd, buf, sz);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
#endif /* !NO_WOLFSSL_SERVER */
|
#endif /* !NO_WOLFSSL_SERVER */
|
||||||
|
|
||||||
#ifndef NO_WOLFSSL_CLIENT
|
#ifndef NO_WOLFSSL_CLIENT
|
||||||
@@ -719,32 +746,40 @@ static int ClientSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
|||||||
info_t* info = (info_t*)ctx;
|
info_t* info = (info_t*)ctx;
|
||||||
(void)ssl;
|
(void)ssl;
|
||||||
#ifdef HAVE_PTHREAD
|
#ifdef HAVE_PTHREAD
|
||||||
if (info->useLocalMem)
|
if (info->useLocalMem) {
|
||||||
return ClientMemSend(info, buf, sz);
|
return ClientMemSend(info, buf, sz);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_DTLS
|
#ifdef WOLFSSL_DTLS
|
||||||
if (info->doDTLS) {
|
if (info->doDTLS) {
|
||||||
return SendTo(info->client.sockFd, buf, sz,
|
return SendTo(info->client.sockFd, buf, sz,
|
||||||
(const struct sockaddr*)&info->serverAddr, sizeof(info->serverAddr));
|
(const struct sockaddr*)&info->serverAddr, sizeof(info->serverAddr));
|
||||||
} else
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
return SocketSend(info->client.sockFd, buf, sz);
|
return SocketSend(info->client.sockFd, buf, sz);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
static int ClientRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
static int ClientRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||||
{
|
{
|
||||||
info_t* info = (info_t*)ctx;
|
info_t* info = (info_t*)ctx;
|
||||||
(void)ssl;
|
(void)ssl;
|
||||||
#ifdef HAVE_PTHREAD
|
#ifdef HAVE_PTHREAD
|
||||||
if (info->useLocalMem)
|
if (info->useLocalMem) {
|
||||||
return ClientMemRecv(info, buf, sz);
|
return ClientMemRecv(info, buf, sz);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
|
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
|
||||||
if (info->doDTLS) {
|
if (info->doDTLS) {
|
||||||
return ReceiveFrom(ssl, info->client.sockFd, buf, sz);
|
return ReceiveFrom(ssl, info->client.sockFd, buf, sz);
|
||||||
} else
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
return SocketRecv(info->client.sockFd, buf, sz);
|
return SocketRecv(info->client.sockFd, buf, sz);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
#endif /* !NO_WOLFSSL_CLIENT */
|
#endif /* !NO_WOLFSSL_CLIENT */
|
||||||
|
|
||||||
static void CloseAndCleanupSocket(int* sockFd)
|
static void CloseAndCleanupSocket(int* sockFd)
|
||||||
@@ -806,8 +841,10 @@ static int SetupSocketAndConnect(info_t* info, const char* host,
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
XMEMCPY(&info->serverAddr, &servAddr, sizeof(servAddr));
|
XMEMCPY(&info->serverAddr, &servAddr, sizeof(servAddr));
|
||||||
} else {
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
/* Create a socket that uses an Internet IPv4 address,
|
/* Create a socket that uses an Internet IPv4 address,
|
||||||
* Sets the socket to be stream based (TCP),
|
* Sets the socket to be stream based (TCP),
|
||||||
* 0 means choose the default protocol. */
|
* 0 means choose the default protocol. */
|
||||||
@@ -836,9 +873,7 @@ static int SetupSocketAndConnect(info_t* info, const char* host,
|
|||||||
fprintf(stderr, "ERROR: failed to connect\n");
|
fprintf(stderr, "ERROR: failed to connect\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#ifdef WOLFSSL_DTLS
|
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef BENCH_USE_NONBLOCK
|
#ifdef BENCH_USE_NONBLOCK
|
||||||
if (SetSocketNonBlocking(info->client.sockFd) != 0) {
|
if (SetSocketNonBlocking(info->client.sockFd) != 0) {
|
||||||
@@ -869,23 +904,28 @@ static int bench_tls_client(info_t* info)
|
|||||||
/* set up client */
|
/* set up client */
|
||||||
#ifdef WOLFSSL_DTLS
|
#ifdef WOLFSSL_DTLS
|
||||||
if (info->doDTLS) {
|
if (info->doDTLS) {
|
||||||
if (tls13) return WOLFSSL_SUCCESS;
|
if (tls13) {
|
||||||
|
return WOLFSSL_SUCCESS;
|
||||||
|
}
|
||||||
cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
|
cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
|
||||||
} else
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
#ifdef WOLFSSL_TLS13
|
#ifdef WOLFSSL_TLS13
|
||||||
if (tls13)
|
if (tls13) {
|
||||||
cli_ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
|
cli_ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
|
||||||
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
if (!tls13)
|
{
|
||||||
#ifdef WOLFSSL_DTLS
|
|
||||||
if(!info->doDTLS)
|
|
||||||
#endif
|
|
||||||
#if !defined(WOLFSSL_TLS13)
|
#if !defined(WOLFSSL_TLS13)
|
||||||
cli_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
|
cli_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
|
||||||
#elif !defined(WOLFSSL_NO_TLS12)
|
#elif !defined(WOLFSSL_NO_TLS12)
|
||||||
cli_ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
cli_ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
||||||
#endif
|
#endif
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (cli_ctx == NULL) {
|
if (cli_ctx == NULL) {
|
||||||
fprintf(stderr, "error creating ctx\n");
|
fprintf(stderr, "error creating ctx\n");
|
||||||
@@ -1122,14 +1162,18 @@ exit:
|
|||||||
|
|
||||||
/* clean up */
|
/* clean up */
|
||||||
CloseAndCleanupSocket(&info->client.sockFd);
|
CloseAndCleanupSocket(&info->client.sockFd);
|
||||||
if (cli_ssl != NULL)
|
if (cli_ssl != NULL) {
|
||||||
wolfSSL_free(cli_ssl);
|
wolfSSL_free(cli_ssl);
|
||||||
if (cli_ctx != NULL)
|
}
|
||||||
|
if (cli_ctx != NULL) {
|
||||||
wolfSSL_CTX_free(cli_ctx);
|
wolfSSL_CTX_free(cli_ctx);
|
||||||
|
}
|
||||||
XFREE(readBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(readBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
XFREE(writeBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(writeBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
info->client.ret = ret;
|
info->client.ret = ret;
|
||||||
|
|
||||||
|
(void)tls13;
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1177,8 +1221,10 @@ static int SetupSocketAndListen(int* listenFd, word32 port, int doDTLS)
|
|||||||
fprintf(stderr, "ERROR: failed to create the socket\n");
|
fprintf(stderr, "ERROR: failed to create the socket\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
} else
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
/* Create a socket that uses an Internet IPv4 address,
|
/* Create a socket that uses an Internet IPv4 address,
|
||||||
* Sets the socket to be stream based (TCP),
|
* Sets the socket to be stream based (TCP),
|
||||||
* 0 means choose the default protocol. */
|
* 0 means choose the default protocol. */
|
||||||
@@ -1200,9 +1246,8 @@ static int SetupSocketAndListen(int* listenFd, word32 port, int doDTLS)
|
|||||||
fprintf(stderr, "ERROR: failed to bind\n");
|
fprintf(stderr, "ERROR: failed to bind\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#ifdef WOLFSSL_DTLS
|
}
|
||||||
if (!doDTLS)
|
|
||||||
#endif
|
|
||||||
if (listen(*listenFd, 5) != 0) {
|
if (listen(*listenFd, 5) != 0) {
|
||||||
fprintf(stderr, "ERROR: failed to listen\n");
|
fprintf(stderr, "ERROR: failed to listen\n");
|
||||||
return -1;
|
return -1;
|
||||||
@@ -1224,7 +1269,9 @@ static int SocketWaitClient(info_t* info)
|
|||||||
socklen_t size = sizeof(clientAddr);
|
socklen_t size = sizeof(clientAddr);
|
||||||
#ifdef WOLFSSL_DTLS
|
#ifdef WOLFSSL_DTLS
|
||||||
char msg[64];
|
char msg[64];
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_DTLS
|
||||||
if (info->doDTLS) {
|
if (info->doDTLS) {
|
||||||
#ifdef HAVE_PTHREAD
|
#ifdef HAVE_PTHREAD
|
||||||
if (!info->clientOrserverOnly) {
|
if (!info->clientOrserverOnly) {
|
||||||
@@ -1242,21 +1289,23 @@ static int SocketWaitClient(info_t* info)
|
|||||||
}
|
}
|
||||||
XMEMCPY(&info->clientAddr, &clientAddr, sizeof(clientAddr));
|
XMEMCPY(&info->clientAddr, &clientAddr, sizeof(clientAddr));
|
||||||
info->server.sockFd = info->listenFd;
|
info->server.sockFd = info->listenFd;
|
||||||
} else {
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
#ifdef HAVE_PTHREAD
|
#ifdef HAVE_PTHREAD
|
||||||
info->serverListening = 1;
|
info->serverListening = 1;
|
||||||
#endif
|
#endif
|
||||||
if ((connd = accept(info->listenFd, (struct sockaddr*)&clientAddr, &size)) == -1) {
|
if ((connd = accept(info->listenFd, (struct sockaddr*)&clientAddr,
|
||||||
if (errno == SOCKET_EWOULDBLOCK)
|
&size)) == -1) {
|
||||||
|
if (errno == SOCKET_EWOULDBLOCK) {
|
||||||
return -2;
|
return -2;
|
||||||
|
}
|
||||||
fprintf(stderr, "ERROR: failed to accept the connection\n");
|
fprintf(stderr, "ERROR: failed to accept the connection\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
info->server.sockFd = connd;
|
info->server.sockFd = connd;
|
||||||
#ifdef WOLFSSL_DTLS
|
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
if (info->showVerbose) {
|
if (info->showVerbose) {
|
||||||
fprintf(stderr, "Got client %d\n", connd);
|
fprintf(stderr, "Got client %d\n", connd);
|
||||||
@@ -1285,19 +1334,28 @@ static int bench_tls_server(info_t* info)
|
|||||||
/* set up server */
|
/* set up server */
|
||||||
#ifdef WOLFSSL_DTLS
|
#ifdef WOLFSSL_DTLS
|
||||||
if (info->doDTLS) {
|
if (info->doDTLS) {
|
||||||
if(tls13) return WOLFSSL_SUCCESS;
|
if (tls13) {
|
||||||
srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
|
return WOLFSSL_SUCCESS;
|
||||||
} else {
|
|
||||||
#endif
|
|
||||||
#ifdef WOLFSSL_TLS13
|
|
||||||
if (tls13)
|
|
||||||
srv_ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method());
|
|
||||||
#endif
|
|
||||||
if (!tls13)
|
|
||||||
srv_ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
|
|
||||||
#ifdef WOLFSSL_DTLS
|
|
||||||
}
|
}
|
||||||
|
srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
|
||||||
|
}
|
||||||
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
|
#ifdef WOLFSSL_TLS13
|
||||||
|
if (tls13) {
|
||||||
|
srv_ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method());
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
|
#if !defined(WOLFSSL_TLS13)
|
||||||
|
srv_ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
|
||||||
|
#elif !defined(WOLFSSL_NO_TLS12)
|
||||||
|
srv_ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
}
|
||||||
if (srv_ctx == NULL) {
|
if (srv_ctx == NULL) {
|
||||||
fprintf(stderr, "error creating server ctx\n");
|
fprintf(stderr, "error creating server ctx\n");
|
||||||
ret = MEMORY_E; goto exit;
|
ret = MEMORY_E; goto exit;
|
||||||
@@ -1432,8 +1490,16 @@ static int bench_tls_server(info_t* info)
|
|||||||
#endif
|
#endif
|
||||||
start = gettime_secs(0) - start;
|
start = gettime_secs(0) - start;
|
||||||
if (ret != WOLFSSL_SUCCESS) {
|
if (ret != WOLFSSL_SUCCESS) {
|
||||||
|
#ifdef HAVE_PTHREAD
|
||||||
|
if (info->to_client.done) {
|
||||||
|
ret = 0; /* done - success */
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
fprintf(stderr, "error on server accept\n");
|
fprintf(stderr, "error on server accept\n");
|
||||||
ret = wolfSSL_get_error(srv_ssl, ret);
|
ret = wolfSSL_get_error(srv_ssl, ret);
|
||||||
|
}
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1472,8 +1538,16 @@ static int bench_tls_server(info_t* info)
|
|||||||
|
|
||||||
info->server_stats.rxTime += rxTime;
|
info->server_stats.rxTime += rxTime;
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
|
#ifdef HAVE_PTHREAD
|
||||||
|
if (info->to_client.done) {
|
||||||
|
ret = 0; /* done - success */
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif
|
||||||
|
{
|
||||||
fprintf(stderr, "error on server read\n");
|
fprintf(stderr, "error on server read\n");
|
||||||
ret = wolfSSL_get_error(srv_ssl, ret);
|
ret = wolfSSL_get_error(srv_ssl, ret);
|
||||||
|
}
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
info->server_stats.rxTotal += ret;
|
info->server_stats.rxTotal += ret;
|
||||||
@@ -1510,7 +1584,6 @@ static int bench_tls_server(info_t* info)
|
|||||||
SetupSocketAndListen(&info->listenFd, info->port, info->doDTLS);
|
SetupSocketAndListen(&info->listenFd, info->port, info->doDTLS);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
@@ -1522,13 +1595,17 @@ exit:
|
|||||||
|
|
||||||
/* clean up */
|
/* clean up */
|
||||||
CloseAndCleanupSocket(&info->server.sockFd);
|
CloseAndCleanupSocket(&info->server.sockFd);
|
||||||
if (srv_ssl != NULL)
|
if (srv_ssl != NULL) {
|
||||||
wolfSSL_free(srv_ssl);
|
wolfSSL_free(srv_ssl);
|
||||||
if (srv_ctx != NULL)
|
}
|
||||||
|
if (srv_ctx != NULL) {
|
||||||
wolfSSL_CTX_free(srv_ctx);
|
wolfSSL_CTX_free(srv_ctx);
|
||||||
|
}
|
||||||
XFREE(readBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(readBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
info->server.ret = ret;
|
info->server.ret = ret;
|
||||||
|
|
||||||
|
(void)tls13;
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1546,6 +1623,7 @@ static void* server_thread(void* args)
|
|||||||
ret = SetupSocketAndListen(&info->listenFd, info->port, 0);
|
ret = SetupSocketAndListen(&info->listenFd, info->port, 0);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ret = bench_tls_server(info);
|
ret = bench_tls_server(info);
|
||||||
|
|
||||||
@@ -1644,12 +1722,11 @@ static void Usage(void)
|
|||||||
static void ShowCiphers(void)
|
static void ShowCiphers(void)
|
||||||
{
|
{
|
||||||
char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
|
char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
|
||||||
|
|
||||||
int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
|
int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
|
||||||
|
if (ret == WOLFSSL_SUCCESS) {
|
||||||
if (ret == WOLFSSL_SUCCESS)
|
|
||||||
fprintf(stderr, "%s\n", ciphers);
|
fprintf(stderr, "%s\n", ciphers);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
|
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
|
||||||
static int SetupSupportedGroups(int verbose)
|
static int SetupSupportedGroups(int verbose)
|
||||||
@@ -1698,10 +1775,12 @@ static int SetupSupportedGroups(int verbose)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ssl != NULL)
|
if (ssl != NULL) {
|
||||||
wolfSSL_free(ssl);
|
wolfSSL_free(ssl);
|
||||||
if (ctx != NULL)
|
}
|
||||||
|
if (ctx != NULL) {
|
||||||
wolfSSL_CTX_free(ctx);
|
wolfSSL_CTX_free(ctx);
|
||||||
|
}
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@@ -1913,7 +1992,9 @@ int bench_tls(void* args)
|
|||||||
#else
|
#else
|
||||||
ret = SetupSocketAndListen(&listenFd, argPort, 0);
|
ret = SetupSocketAndListen(&listenFd, argPort, 0);
|
||||||
#endif
|
#endif
|
||||||
if (ret != 0) goto exit;
|
if (ret != 0) {
|
||||||
|
goto exit;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -1966,11 +2047,14 @@ int bench_tls(void* args)
|
|||||||
info->cipher = cipher;
|
info->cipher = cipher;
|
||||||
|
|
||||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
|
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
|
||||||
if (argDoGroups && XSTRNCMP(theadInfo[0].cipher, "TLS13", 5) == 0)
|
if (argDoGroups && XSTRNCMP(theadInfo[0].cipher, "TLS13", 5) == 0) {
|
||||||
info->group = groups[group_index].group;
|
info->group = groups[group_index].group;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
|
{
|
||||||
info->group = 0;
|
info->group = 0;
|
||||||
|
}
|
||||||
|
|
||||||
info->packetSize = argTestPacketSize;
|
info->packetSize = argTestPacketSize;
|
||||||
|
|
||||||
@@ -2060,12 +2144,16 @@ int bench_tls(void* args)
|
|||||||
|
|
||||||
fprintf(stderr, "\nThread %d\n", i);
|
fprintf(stderr, "\nThread %d\n", i);
|
||||||
#ifndef NO_WOLFSSL_SERVER
|
#ifndef NO_WOLFSSL_SERVER
|
||||||
if (!argClientOnly)
|
if (!argClientOnly) {
|
||||||
print_stats(&info->server_stats, "Server", info->cipher, gname, 1);
|
print_stats(&info->server_stats, "Server", info->cipher,
|
||||||
|
gname, 1);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifndef NO_WOLFSSL_CLIENT
|
#ifndef NO_WOLFSSL_CLIENT
|
||||||
if (!argServerOnly)
|
if (!argServerOnly) {
|
||||||
print_stats(&info->client_stats, "Client", info->cipher, gname, 1);
|
print_stats(&info->client_stats, "Client", info->cipher,
|
||||||
|
gname, 1);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -2104,12 +2192,16 @@ int bench_tls(void* args)
|
|||||||
"Side", "Cipher", "Group", "Total Bytes", "Num Conns", "Rx ms", "Tx ms",
|
"Side", "Cipher", "Group", "Total Bytes", "Num Conns", "Rx ms", "Tx ms",
|
||||||
"Rx MB/s", "Tx MB/s", "Connect Total ms", "Connect Avg ms");
|
"Rx MB/s", "Tx MB/s", "Connect Total ms", "Connect Avg ms");
|
||||||
#ifndef NO_WOLFSSL_SERVER
|
#ifndef NO_WOLFSSL_SERVER
|
||||||
if (!argClientOnly)
|
if (!argClientOnly) {
|
||||||
print_stats(&srv_comb, "Server", theadInfo[0].cipher, gname, 0);
|
print_stats(&srv_comb, "Server", theadInfo[0].cipher, gname,
|
||||||
|
0);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifndef NO_WOLFSSL_CLIENT
|
#ifndef NO_WOLFSSL_CLIENT
|
||||||
if (!argServerOnly)
|
if (!argServerOnly) {
|
||||||
print_stats(&cli_comb, "Client", theadInfo[0].cipher, gname, 0);
|
print_stats(&cli_comb, "Client", theadInfo[0].cipher, gname,
|
||||||
|
0);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2144,8 +2236,9 @@ exit:
|
|||||||
XFREE(ciphers, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(ciphers, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
|
||||||
/* Return reporting a success */
|
/* Return reporting a success */
|
||||||
if (args)
|
if (args) {
|
||||||
((func_args*)args)->return_code = ret;
|
((func_args*)args)->return_code = ret;
|
||||||
|
}
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -17793,13 +17793,15 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
|
|||||||
case runProcessingOneMessage:
|
case runProcessingOneMessage:
|
||||||
/* can't process a message if we have no data. */
|
/* can't process a message if we have no data. */
|
||||||
if (ssl->buffers.inputBuffer.idx
|
if (ssl->buffers.inputBuffer.idx
|
||||||
>= ssl->buffers.inputBuffer.length)
|
>= ssl->buffers.inputBuffer.length) {
|
||||||
return BUFFER_ERROR;
|
return BUFFER_ERROR;
|
||||||
|
}
|
||||||
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
|
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
|
||||||
if (IsEncryptionOn(ssl, 0) && ssl->options.startedETMRead) {
|
if (IsEncryptionOn(ssl, 0) && ssl->options.startedETMRead) {
|
||||||
if ((ssl->curSize -
|
/* For TLS v1.1 the block size and explcit IV are added to idx,
|
||||||
ssl->keys.padSz -
|
* so it needs to be included in this limit check */
|
||||||
|
if ((ssl->curSize - ssl->keys.padSz -
|
||||||
|
(ssl->buffers.inputBuffer.idx - startIdx) -
|
||||||
MacSize(ssl) > MAX_PLAINTEXT_SZ)
|
MacSize(ssl) > MAX_PLAINTEXT_SZ)
|
||||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||||
&& ssl->buffers.inputBuffer.length !=
|
&& ssl->buffers.inputBuffer.length !=
|
||||||
@@ -17816,8 +17818,12 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
|
|||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
/* TLS13 plaintext limit is checked earlier before decryption */
|
/* TLS13 plaintext limit is checked earlier before decryption */
|
||||||
|
/* For TLS v1.1 the block size and explcit IV are added to idx,
|
||||||
|
* so it needs to be included in this limit check */
|
||||||
if (!IsAtLeastTLSv1_3(ssl->version)
|
if (!IsAtLeastTLSv1_3(ssl->version)
|
||||||
&& ssl->curSize - ssl->keys.padSz > MAX_PLAINTEXT_SZ
|
&& ssl->curSize - ssl->keys.padSz -
|
||||||
|
(ssl->buffers.inputBuffer.idx - startIdx)
|
||||||
|
> MAX_PLAINTEXT_SZ
|
||||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||||
&& ssl->buffers.inputBuffer.length !=
|
&& ssl->buffers.inputBuffer.length !=
|
||||||
ssl->buffers.inputBuffer.idx
|
ssl->buffers.inputBuffer.idx
|
||||||
|
|||||||
Reference in New Issue
Block a user