From 9871b13480bece4ef29df52a3ef162f059fa6f1e Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 30 Oct 2012 12:51:14 -0700 Subject: [PATCH] build test covers leanpsk --- examples/client/client.c | 29 ++++++++++++++++++++++------- examples/echoclient/echoclient.c | 14 +++++++++++++- examples/echoserver/echoserver.c | 18 ++++++++++++++++-- examples/server/server.c | 19 +++++++++++++++---- 4 files changed, 66 insertions(+), 14 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 9fc2f70bd..27152a689 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -274,22 +274,37 @@ void client_test(void* args) if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) err_sys("can't set cipher list"); -#ifndef NO_PSK - if (usePsk) - CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); -#else - (void)usePsk; +#ifdef CYASSL_LEANPSK + usePsk = 1; #endif + if (usePsk) { +#ifndef NO_PSK + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl_client"); + if (cipherList == NULL) { + const char *defaultCipherList; + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA"; + #else + defaultCipherList = "PSK-AES256-CBC-SHA"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("can't set cipher list"); + } +#endif + } + #ifdef OPENSSL_EXTRA CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) - /* don't use EDH, can't sniff tmp keys */ if (cipherList == NULL) { - if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) + /* don't use EDH, can't sniff tmp keys */ + if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) { err_sys("can't set cipher list"); + } } #endif diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index 59a75c9eb..fac5a7140 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -46,6 +46,7 @@ void echoclient_test(void* args) SSL* ssl = 0; int doDTLS = 0; + int doLeanPSK = 0; int sendSz; int argc = 0; char** argv = 0; @@ -70,6 +71,10 @@ void echoclient_test(void* args) doDTLS = 1; #endif +#ifdef CYASSL_LEANPSK + doLeanPSK = 1; +#endif + #if defined(CYASSL_DTLS) method = DTLSv1_client_method(); #elif !defined(NO_TLS) @@ -87,13 +92,20 @@ void echoclient_test(void* args) err_sys("can't load ca file, Please run from CyaSSL home dir"); #endif #else - load_buffer(ctx, caCert, CYASSL_CA); + if (!doLeanPSK) + load_buffer(ctx, caCert, CYASSL_CA); #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) /* don't use EDH, can't sniff tmp keys */ SSL_CTX_set_cipher_list(ctx, "AES256-SHA"); #endif + if (doLeanPSK) { +#ifdef CYASSL_LEANPSK + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + SSL_CTX_set_cipher_list(ctx, "PSK-NULL-SHA"); +#endif + } #ifdef OPENSSL_EXTRA SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index c33987a3a..959116e88 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -60,6 +60,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) CYASSL_CTX* ctx = 0; int doDTLS = 0; + int doLeanPSK = 0; int outCreated = 0; int shutDown = 0; int useAnyAddr = 0; @@ -84,6 +85,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) doDTLS = 1; #endif +#ifdef CYASSL_LEANPSK + doLeanPSK = 1; +#endif + tcp_listen(&sockfd, yasslPort, useAnyAddr, doDTLS); #if defined(CYASSL_DTLS) @@ -136,8 +141,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) "Please run from CyaSSL home dir"); #endif #else - load_buffer(ctx, svrCert, CYASSL_CERT); - load_buffer(ctx, svrKey, CYASSL_KEY); + if (!doLeanPSK) { + load_buffer(ctx, svrCert, CYASSL_CERT); + load_buffer(ctx, svrKey, CYASSL_KEY); + } #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) @@ -145,6 +152,13 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA"); #endif + if (doLeanPSK) { +#ifdef CYASSL_LEANPSK + CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); + CyaSSL_CTX_set_cipher_list(ctx, "PSK-NULL-SHA"); +#endif + } + SignalReady(args); while (!shutDown) { diff --git a/examples/server/server.c b/examples/server/server.c index c1f6f16b5..6746db61f 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -242,6 +242,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) err_sys("can't set cipher list"); +#ifdef CYASSL_LEANPSK + usePsk = 1; +#endif + #ifndef NO_FILESYSTEM if (!usePsk) { if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) @@ -269,15 +273,22 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) } #endif -#ifndef NO_PSK if (usePsk) { +#ifndef NO_PSK SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); SSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); - if (cipherList == NULL) - if (SSL_CTX_set_cipher_list(ctx,"PSK-AES256-CBC-SHA") !=SSL_SUCCESS) + if (cipherList == NULL) { + const char *defaultCipherList; + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA"; + #else + defaultCipherList = "PSK-AES256-CBC-SHA"; + #endif + if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) err_sys("can't set cipher list"); - } + } #endif + } #ifndef NO_FILESYSTEM /* if not using PSK, verify peer with certs */