forked from wolfSSL/wolfssl
Merge branch 'master' of https://github.com/wolfssl/wolfssl
This commit is contained in:
Ludovic FLAMENT
@@ -31,8 +31,8 @@ To enable Freescale MMCAU:
|
||||
|
||||
1. [Download the MMCAU library](http://www.freescale.com/products/arm-processors/kinetis-cortex-m/k-series/k7x-glcd-mcus/crypto-acceleration-unit-cau-and-mmcau-software-library:CAUAP).
|
||||
2. Copy the `lib_mmcau.a` and `cau_api.h` files into the project.
|
||||
3. Add `-L $(ProjectDir) -l lib_mmcau.a` to project "Additional Linker Options" OR goto "Build Configuration" and check "MMCAU".
|
||||
4. Enable the "FREESCALE_MMCAU" define in "user_settings.h" and make sure its value is 1.
|
||||
3. Enable the `FREESCALE_MMCAU` define in `user_settings.h` and make sure its value is `1`.
|
||||
4. Add the `lib_mmcau.a` file to `Source Files` in the application project.
|
||||
|
||||
# Project Files
|
||||
|
||||
|
||||
@@ -66,4 +66,19 @@ RSA 1024 decryption took 573.000 milliseconds, avg over 1 iterations
|
||||
DH 1024 key generation 253.000 milliseconds, avg over 1 iterations
|
||||
DH 1024 key agreement 311.000 milliseconds, avg over 1 iterations
|
||||
Benchmark Test 1: Return code 0
|
||||
|
||||
SAMPLE OUTPUT: Freescale K64 running at 96MHz with MMCAU enabled:
|
||||
Benchmark Test 1:
|
||||
AES 25 kB took 0.019 seconds, 1.285 MB/s
|
||||
ARC4 25 kB took 0.033 seconds, 0.740 MB/s
|
||||
RABBIT 25 kB took 0.028 seconds, 0.872 MB/s
|
||||
3DES 25 kB took 0.026 seconds, 0.939 MB/s
|
||||
MD5 25 kB took 0.005 seconds, 4.883 MB/s
|
||||
SHA 25 kB took 0.008 seconds, 3.052 MB/s
|
||||
SHA-256 25 kB took 0.013 seconds, 1.878 MB/s
|
||||
RSA 1024 encryption took 89.000 milliseconds, avg over 1 iterations
|
||||
RSA 1024 decryption took 573.000 milliseconds, avg over 1 iterations
|
||||
DH 1024 key generation 250.000 milliseconds, avg over 1 iterations
|
||||
DH 1024 key agreement 308.000 milliseconds, avg over 1 iterations
|
||||
Benchmark Test 1: Return code 0
|
||||
*/
|
||||
|
||||
@@ -306,10 +306,6 @@
|
||||
Name="ARM_Release"
|
||||
batch_build_configurations="V7EM THUMB * Release"
|
||||
inherited_configurations="ARM;V7EM;Release;Kineits;Flash;THUMB" />
|
||||
<configuration
|
||||
Name="MMCAU"
|
||||
hidden="Yes"
|
||||
linker_additional_options="-L $(ProjectDir) -l lib_mmcau.a" />
|
||||
<configuration
|
||||
Name="Common"
|
||||
build_intermediate_directory="$(ProjectName)_$(Configuration)"
|
||||
|
||||
@@ -72,10 +72,7 @@ include support/include.am
|
||||
include wolfcrypt/benchmark/include.am
|
||||
include wolfcrypt/src/include.am
|
||||
include wolfcrypt/test/include.am
|
||||
include examples/client/include.am
|
||||
include examples/server/include.am
|
||||
include examples/echoclient/include.am
|
||||
include examples/echoserver/include.am
|
||||
include examples/include.am
|
||||
include testsuite/include.am
|
||||
include tests/include.am
|
||||
include sslSniffer/sslSnifferTest/include.am
|
||||
|
||||
144
configure.ac
144
configure.ac
@@ -1830,6 +1830,81 @@ then
|
||||
fi
|
||||
|
||||
|
||||
# wolfSSL JNI
|
||||
AC_ARG_ENABLE([jni],
|
||||
[ --enable-jni Enable wolfSSL JNI (default: disabled)],
|
||||
[ ENABLED_JNI=$enableval ],
|
||||
[ ENABLED_JNI=no ]
|
||||
)
|
||||
if test "$ENABLED_JNI" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI"
|
||||
|
||||
# Enable prereqs if not already enabled
|
||||
if test "x$ENABLED_DTLS" = "xno"
|
||||
then
|
||||
ENABLED_DTLS="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS"
|
||||
fi
|
||||
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
|
||||
then
|
||||
ENABLED_OPENSSLEXTRA="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
|
||||
fi
|
||||
if test "x$ENABLED_CRL" = "xno"
|
||||
then
|
||||
ENABLED_CRL="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
|
||||
AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
|
||||
fi
|
||||
if test "x$ENABLED_OCSP" = "xno"
|
||||
then
|
||||
ENABLED_OCSP="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
|
||||
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
|
||||
fi
|
||||
if test "x$ENABLED_CRL_MONITOR" = "xno"
|
||||
then
|
||||
ENABLED_CRL_MONITOR="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR"
|
||||
fi
|
||||
if test "x$ENABLED_SAVESESSION" = "xno"
|
||||
then
|
||||
ENABLED_SAVESESSION="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
|
||||
fi
|
||||
if test "x$ENABLED_SAVECERT" = "xno"
|
||||
then
|
||||
ENABLED_SAVECERT="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
|
||||
fi
|
||||
if test "x$ENABLED_ATOMICUSER" = "xno"
|
||||
then
|
||||
ENABLED_ATOMICUSER="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
|
||||
fi
|
||||
if test "x$ENABLED_ECC" = "xno"
|
||||
then
|
||||
ENABLED_ECC="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC"
|
||||
fi
|
||||
if test "x$ENABLED_PKCALLBACKS" = "xno"
|
||||
then
|
||||
ENABLED_PKCALLBACKS="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
|
||||
fi
|
||||
if test "x$ENABLED_DH" = "xno"
|
||||
then
|
||||
ENABLED_DH="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_DH"
|
||||
fi
|
||||
if test "x$ENABLED_PSK" = "xno"
|
||||
then
|
||||
ENABLED_PSK="yes"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
# lighty Support
|
||||
AC_ARG_ENABLE([lighty],
|
||||
[ --enable-lighty Enable lighttpd/lighty (default: disabled)],
|
||||
@@ -2156,75 +2231,6 @@ fi
|
||||
AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"])
|
||||
|
||||
|
||||
# wolfSSL JNI
|
||||
AC_ARG_ENABLE([jni],
|
||||
[ --enable-jni Enable wolfSSL JNI (default: disabled)],
|
||||
[ ENABLED_JNI=$enableval ],
|
||||
[ ENABLED_JNI=no ]
|
||||
)
|
||||
if test "$ENABLED_JNI" = "yes"
|
||||
then
|
||||
# Enable prereqs if not already enabled
|
||||
if test "x$ENABLED_DTLS" = "xno"
|
||||
then
|
||||
ENABLED_DTLS="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS"
|
||||
fi
|
||||
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
|
||||
then
|
||||
ENABLED_OPENSSLEXTRA="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
|
||||
fi
|
||||
if test "x$ENABLED_CRL" = "xno"
|
||||
then
|
||||
ENABLED_CRL="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
|
||||
AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
|
||||
fi
|
||||
if test "x$ENABLED_OCSP" = "xno"
|
||||
then
|
||||
ENABLED_OCSP="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
|
||||
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
|
||||
fi
|
||||
if test "x$ENABLED_CRL_MONITOR" = "xno"
|
||||
then
|
||||
ENABLED_CRL_MONITOR="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR"
|
||||
fi
|
||||
if test "x$ENABLED_SAVESESSION" = "xno"
|
||||
then
|
||||
ENABLED_SAVESESSION="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
|
||||
fi
|
||||
if test "x$ENABLED_SAVECERT" = "xno"
|
||||
then
|
||||
ENABLED_SAVECERT="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
|
||||
fi
|
||||
if test "x$ENABLED_ATOMICUSER" = "xno"
|
||||
then
|
||||
ENABLED_ATOMICUSER="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
|
||||
fi
|
||||
if test "x$ENABLED_ECC" = "xno"
|
||||
then
|
||||
ENABLED_ECC="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC"
|
||||
fi
|
||||
if test "x$ENABLED_PKCALLBACKS" = "xno"
|
||||
then
|
||||
ENABLED_PKCALLBACKS="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
|
||||
fi
|
||||
if test "x$ENABLED_DH" = "xno"
|
||||
then
|
||||
ENABLED_DH="yes"
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_DH"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
# Check for build-type conflicts
|
||||
AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
|
||||
test "x$ENABLED_LEANPSK" = "xyes"],
|
||||
|
||||
@@ -31,8 +31,8 @@
|
||||
|
||||
#if defined(WOLFSSL_MDK5)
|
||||
#include "cmsis_os.h"
|
||||
#include "rl_fs.h"
|
||||
#include "rl_net.h"
|
||||
#include "rl_fs.h"
|
||||
#include "rl_net.h"
|
||||
#else
|
||||
#include "rtl.h"
|
||||
#endif
|
||||
@@ -127,6 +127,165 @@ static void ShowCiphers(void)
|
||||
printf("%s\n", ciphers);
|
||||
}
|
||||
|
||||
int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
|
||||
int doDTLS, int benchmark, int resumeSession)
|
||||
{
|
||||
/* time passed in number of connects give average */
|
||||
int times = benchmark;
|
||||
int loops = resumeSession ? 2 : 1;
|
||||
int i = 0;
|
||||
WOLFSSL_SESSION* benchSession = NULL;
|
||||
|
||||
while (loops--) {
|
||||
int benchResume = resumeSession && loops == 0;
|
||||
double start = current_time(), avg;
|
||||
|
||||
for (i = 0; i < times; i++) {
|
||||
SOCKET_T sockfd;
|
||||
WOLFSSL* ssl = wolfSSL_new(ctx);
|
||||
|
||||
tcp_connect(&sockfd, host, port, doDTLS, ssl);
|
||||
|
||||
if (benchResume)
|
||||
wolfSSL_set_session(ssl, benchSession);
|
||||
wolfSSL_set_fd(ssl, sockfd);
|
||||
if (wolfSSL_connect(ssl) != SSL_SUCCESS)
|
||||
err_sys("SSL_connect failed");
|
||||
|
||||
wolfSSL_shutdown(ssl);
|
||||
if (i == (times-1) && resumeSession) {
|
||||
benchSession = wolfSSL_get_session(ssl);
|
||||
}
|
||||
wolfSSL_free(ssl);
|
||||
CloseSocket(sockfd);
|
||||
}
|
||||
avg = current_time() - start;
|
||||
avg /= times;
|
||||
avg *= 1000; /* milliseconds */
|
||||
if (benchResume)
|
||||
printf("wolfSSL_resume avg took: %8.3f milliseconds\n", avg);
|
||||
else
|
||||
printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg);
|
||||
}
|
||||
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
|
||||
int doDTLS, int throughput)
|
||||
{
|
||||
double start, conn_time = 0, tx_time = 0, rx_time = 0;
|
||||
SOCKET_T sockfd;
|
||||
WOLFSSL* ssl;
|
||||
int ret;
|
||||
|
||||
start = current_time();
|
||||
ssl = wolfSSL_new(ctx);
|
||||
tcp_connect(&sockfd, host, port, doDTLS, ssl);
|
||||
wolfSSL_set_fd(ssl, sockfd);
|
||||
if (wolfSSL_connect(ssl) == SSL_SUCCESS) {
|
||||
/* Perform throughput test */
|
||||
char *tx_buffer, *rx_buffer;
|
||||
|
||||
/* Record connection time */
|
||||
conn_time = current_time() - start;
|
||||
|
||||
/* Allocate TX/RX buffers */
|
||||
tx_buffer = (char*)malloc(TEST_BUFFER_SIZE);
|
||||
rx_buffer = (char*)malloc(TEST_BUFFER_SIZE);
|
||||
if(tx_buffer && rx_buffer) {
|
||||
WC_RNG rng;
|
||||
|
||||
/* Startup the RNG */
|
||||
ret = wc_InitRng(&rng);
|
||||
if(ret == 0) {
|
||||
int xfer_bytes;
|
||||
|
||||
/* Generate random data to send */
|
||||
ret = wc_RNG_GenerateBlock(&rng, (byte*)tx_buffer, TEST_BUFFER_SIZE);
|
||||
wc_FreeRng(&rng);
|
||||
if(ret != 0) {
|
||||
err_sys("wc_RNG_GenerateBlock failed");
|
||||
}
|
||||
|
||||
/* Perform TX and RX of bytes */
|
||||
xfer_bytes = 0;
|
||||
while(throughput > xfer_bytes) {
|
||||
int len, rx_pos, select_ret;
|
||||
|
||||
/* Determine packet size */
|
||||
len = min(TEST_BUFFER_SIZE, throughput - xfer_bytes);
|
||||
|
||||
/* Perform TX */
|
||||
start = current_time();
|
||||
if (wolfSSL_write(ssl, tx_buffer, len) != len) {
|
||||
int writeErr = wolfSSL_get_error(ssl, 0);
|
||||
printf("wolfSSL_write error %d!\n", writeErr);
|
||||
err_sys("wolfSSL_write failed");
|
||||
}
|
||||
tx_time += current_time() - start;
|
||||
|
||||
/* Perform RX */
|
||||
select_ret = tcp_select(sockfd, 1); /* Timeout=1 second */
|
||||
if (select_ret == TEST_RECV_READY) {
|
||||
start = current_time();
|
||||
rx_pos = 0;
|
||||
while(rx_pos < len) {
|
||||
ret = wolfSSL_read(ssl, &rx_buffer[rx_pos], len - rx_pos);
|
||||
if(ret <= 0) {
|
||||
int readErr = wolfSSL_get_error(ssl, 0);
|
||||
if (readErr != SSL_ERROR_WANT_READ) {
|
||||
printf("wolfSSL_read error %d!\n", readErr);
|
||||
err_sys("wolfSSL_read failed");
|
||||
}
|
||||
}
|
||||
else {
|
||||
rx_pos += ret;
|
||||
}
|
||||
}
|
||||
rx_time += current_time() - start;
|
||||
}
|
||||
|
||||
/* Compare TX and RX buffers */
|
||||
if(XMEMCMP(tx_buffer, rx_buffer, len) != 0) {
|
||||
err_sys("Compare TX and RX buffers failed");
|
||||
}
|
||||
|
||||
/* Update overall position */
|
||||
xfer_bytes += len;
|
||||
}
|
||||
}
|
||||
else {
|
||||
err_sys("wc_InitRng failed");
|
||||
}
|
||||
}
|
||||
else {
|
||||
err_sys("Client buffer malloc failed");
|
||||
}
|
||||
if(tx_buffer) free(tx_buffer);
|
||||
if(rx_buffer) free(rx_buffer);
|
||||
}
|
||||
else {
|
||||
err_sys("wolfSSL_connect failed");
|
||||
}
|
||||
|
||||
wolfSSL_shutdown(ssl);
|
||||
wolfSSL_free(ssl);
|
||||
CloseSocket(sockfd);
|
||||
|
||||
printf("wolfSSL Client Benchmark %d bytes\n"
|
||||
"\tConnect %8.3f ms\n"
|
||||
"\tTX %8.3f ms (%8.3f MBps)\n"
|
||||
"\tRX %8.3f ms (%8.3f MBps)\n",
|
||||
throughput,
|
||||
conn_time * 1000,
|
||||
tx_time * 1000, throughput / tx_time / 1024 / 1024,
|
||||
rx_time * 1000, throughput / rx_time / 1024 / 1024
|
||||
);
|
||||
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
static void Usage(void)
|
||||
{
|
||||
@@ -137,7 +296,7 @@ static void Usage(void)
|
||||
printf("-p <num> Port to connect on, not 0, default %d\n", wolfSSLPort);
|
||||
printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
|
||||
CLIENT_DEFAULT_VERSION);
|
||||
printf("-l <str> Cipher list\n");
|
||||
printf("-l <str> Cipher suite list (: delimited)\n");
|
||||
printf("-c <file> Certificate file, default %s\n", cliCert);
|
||||
printf("-k <file> Key file, default %s\n", cliKey);
|
||||
printf("-A <file> Certificate Authority file, default %s\n", caCert);
|
||||
@@ -149,6 +308,7 @@ static void Usage(void)
|
||||
#ifdef HAVE_ALPN
|
||||
printf("-L <str> Application-Layer Protocole Name ({C,F}:<list>)\n");
|
||||
#endif
|
||||
printf("-B <num> Benchmark throughput using <num> bytes and print stats\n");
|
||||
printf("-s Use pre Shared keys\n");
|
||||
printf("-t Track wolfSSL memory use\n");
|
||||
printf("-d Disable peer checks\n");
|
||||
@@ -156,7 +316,7 @@ static void Usage(void)
|
||||
printf("-e List Every cipher suite available, \n");
|
||||
printf("-g Send server HTTP GET\n");
|
||||
printf("-u Use UDP DTLS,"
|
||||
" add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
|
||||
" add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n");
|
||||
printf("-m Match domain name in cert\n");
|
||||
printf("-N Use Non-blocking sockets\n");
|
||||
printf("-r Resume session\n");
|
||||
@@ -187,7 +347,7 @@ static void Usage(void)
|
||||
#ifdef ATOMIC_USER
|
||||
printf("-U Atomic User Record Layer Callbacks\n");
|
||||
#endif
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
printf("-P Public Key Callbacks\n");
|
||||
#endif
|
||||
#ifdef HAVE_ANON
|
||||
@@ -200,12 +360,12 @@ static void Usage(void)
|
||||
|
||||
THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
{
|
||||
SOCKET_T sockfd = 0;
|
||||
SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
|
||||
|
||||
WOLFSSL_METHOD* method = 0;
|
||||
WOLFSSL_CTX* ctx = 0;
|
||||
WOLFSSL* ssl = 0;
|
||||
|
||||
|
||||
WOLFSSL* sslResume = 0;
|
||||
WOLFSSL_SESSION* session = 0;
|
||||
char resumeMsg[] = "resuming wolfssl!";
|
||||
@@ -228,6 +388,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
int useAnon = 0;
|
||||
int sendGET = 0;
|
||||
int benchmark = 0;
|
||||
int throughput = 0;
|
||||
int doDTLS = 0;
|
||||
int matchName = 0;
|
||||
int doPeerCheck = 1;
|
||||
@@ -300,7 +461,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
StackTrap();
|
||||
|
||||
while ((ch = mygetopt(argc, argv,
|
||||
"?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:an:"))
|
||||
"?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:aB:"))
|
||||
!= -1) {
|
||||
switch (ch) {
|
||||
case '?' :
|
||||
@@ -366,7 +527,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
break;
|
||||
|
||||
case 'P' :
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
pkCallbacks = 1;
|
||||
#endif
|
||||
break;
|
||||
@@ -426,6 +587,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
}
|
||||
break;
|
||||
|
||||
case 'B' :
|
||||
throughput = atoi(myoptarg);
|
||||
if (throughput <= 0) {
|
||||
Usage();
|
||||
exit(MY_EX_USAGE);
|
||||
}
|
||||
break;
|
||||
|
||||
case 'N' :
|
||||
nonBlocking = 1;
|
||||
break;
|
||||
@@ -633,9 +802,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
if (ctx == NULL)
|
||||
err_sys("unable to get ctx");
|
||||
|
||||
if (cipherList)
|
||||
if (cipherList) {
|
||||
if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
|
||||
err_sys("client can't set cipher list 1");
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_LEANPSK
|
||||
usePsk = 1;
|
||||
@@ -770,52 +940,23 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
#endif
|
||||
|
||||
if (benchmark) {
|
||||
/* time passed in number of connects give average */
|
||||
int times = benchmark;
|
||||
int loops = resumeSession ? 2 : 1;
|
||||
int i = 0;
|
||||
WOLFSSL_SESSION* benchSession = NULL;
|
||||
|
||||
while (loops--) {
|
||||
int benchResume = resumeSession && loops == 0;
|
||||
double start = current_time(), avg;
|
||||
|
||||
for (i = 0; i < times; i++) {
|
||||
tcp_connect(&sockfd, host, port, doDTLS);
|
||||
|
||||
ssl = wolfSSL_new(ctx);
|
||||
if (benchResume)
|
||||
wolfSSL_set_session(ssl, benchSession);
|
||||
wolfSSL_set_fd(ssl, sockfd);
|
||||
if (wolfSSL_connect(ssl) != SSL_SUCCESS)
|
||||
err_sys("SSL_connect failed");
|
||||
|
||||
wolfSSL_shutdown(ssl);
|
||||
if (i == (times-1) && resumeSession) {
|
||||
benchSession = wolfSSL_get_session(ssl);
|
||||
}
|
||||
wolfSSL_free(ssl);
|
||||
CloseSocket(sockfd);
|
||||
}
|
||||
avg = current_time() - start;
|
||||
avg /= times;
|
||||
avg *= 1000; /* milliseconds */
|
||||
if (benchResume)
|
||||
printf("wolfSSL_resume avg took: %8.3f milliseconds\n", avg);
|
||||
else
|
||||
printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg);
|
||||
}
|
||||
|
||||
((func_args*)args)->return_code =
|
||||
ClientBenchmarkConnections(ctx, host, port, doDTLS, benchmark, resumeSession);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
((func_args*)args)->return_code = 0;
|
||||
|
||||
exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
if(throughput) {
|
||||
((func_args*)args)->return_code =
|
||||
ClientBenchmarkThroughput(ctx, host, port, doDTLS, throughput);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
exit(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_MDK_ARM)
|
||||
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
|
||||
#endif
|
||||
|
||||
|
||||
ssl = wolfSSL_new(ctx);
|
||||
if (ssl == NULL)
|
||||
err_sys("unable to get SSL object");
|
||||
@@ -830,15 +971,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
}
|
||||
#endif
|
||||
|
||||
if (doDTLS) {
|
||||
SOCKADDR_IN_T addr;
|
||||
build_addr(&addr, host, port, 1);
|
||||
wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
|
||||
tcp_socket(&sockfd, 1);
|
||||
}
|
||||
else {
|
||||
tcp_connect(&sockfd, host, port, 0);
|
||||
}
|
||||
tcp_connect(&sockfd, host, port, doDTLS, ssl);
|
||||
|
||||
#ifdef HAVE_POLY1305
|
||||
/* use old poly to connect with google and wolfssl.com server */
|
||||
@@ -986,21 +1119,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
#ifndef NO_SESSION_CACHE
|
||||
if (resumeSession) {
|
||||
if (doDTLS) {
|
||||
SOCKADDR_IN_T addr;
|
||||
#ifdef USE_WINDOWS_API
|
||||
Sleep(500);
|
||||
#elif defined(WOLFSSL_TIRTOS)
|
||||
Task_sleep(1);
|
||||
#else
|
||||
sleep(1);
|
||||
#endif
|
||||
build_addr(&addr, host, port, 1);
|
||||
wolfSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
|
||||
tcp_socket(&sockfd, 1);
|
||||
}
|
||||
else {
|
||||
tcp_connect(&sockfd, host, port, 0);
|
||||
#ifdef USE_WINDOWS_API
|
||||
Sleep(500);
|
||||
#elif defined(WOLFSSL_TIRTOS)
|
||||
Task_sleep(1);
|
||||
#else
|
||||
sleep(1);
|
||||
#endif
|
||||
}
|
||||
tcp_connect(&sockfd, host, port, doDTLS, sslResume);
|
||||
wolfSSL_set_fd(sslResume, sockfd);
|
||||
#ifdef HAVE_ALPN
|
||||
if (alpnList != NULL) {
|
||||
@@ -1020,7 +1147,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
wolfSSL_set_SessionTicket_cb(sslResume, sessionTicketCB,
|
||||
(void*)"resumed session");
|
||||
#endif
|
||||
|
||||
|
||||
showPeer(sslResume);
|
||||
#ifndef WOLFSSL_CALLBACKS
|
||||
if (nonBlocking) {
|
||||
@@ -1080,7 +1207,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
}
|
||||
|
||||
/* try to send session break */
|
||||
wolfSSL_write(sslResume, msg, msgSz);
|
||||
wolfSSL_write(sslResume, msg, msgSz);
|
||||
|
||||
ret = wolfSSL_shutdown(sslResume);
|
||||
if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
|
||||
@@ -1134,10 +1261,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
ChangeDirBack(2);
|
||||
else if (CurrentDir("Debug") || CurrentDir("Release"))
|
||||
ChangeDirBack(3);
|
||||
|
||||
|
||||
#ifdef HAVE_STACK_SIZE
|
||||
StackSizeCheck(&args, client_test);
|
||||
#else
|
||||
#else
|
||||
client_test(&args);
|
||||
#endif
|
||||
wolfSSL_Cleanup();
|
||||
|
||||
@@ -23,3 +23,11 @@
|
||||
|
||||
THREAD_RETURN WOLFSSL_THREAD client_test(void* args);
|
||||
|
||||
/* Measures average time to create, connect and disconnect a connection (TPS).
|
||||
Benchmark = number of connections. */
|
||||
int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
|
||||
int doDTLS, int benchmark, int resumeSession);
|
||||
|
||||
/* Measures throughput in kbps. Throughput = number of bytes */
|
||||
int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
|
||||
int doDTLS, int throughput);
|
||||
|
||||
@@ -164,16 +164,7 @@ void echoclient_test(void* args)
|
||||
#endif
|
||||
|
||||
ssl = SSL_new(ctx);
|
||||
|
||||
if (doDTLS) {
|
||||
SOCKADDR_IN_T addr;
|
||||
build_addr(&addr, yasslIP, port, 1);
|
||||
CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
|
||||
tcp_socket(&sockfd, 1);
|
||||
}
|
||||
else {
|
||||
tcp_connect(&sockfd, yasslIP, port, 0);
|
||||
}
|
||||
tcp_connect(&sockfd, yasslIP, port, doDTLS, ssl);
|
||||
|
||||
SSL_set_fd(ssl, sockfd);
|
||||
#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
|
||||
|
||||
@@ -248,7 +248,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
|
||||
err_sys("recvfrom failed");
|
||||
}
|
||||
#endif
|
||||
if (clientfd == -1) err_sys("tcp accept failed");
|
||||
if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) err_sys("tcp accept failed");
|
||||
|
||||
ssl = CyaSSL_new(ctx);
|
||||
if (ssl == NULL) err_sys("SSL_new failed");
|
||||
|
||||
7
examples/include.am
Normal file
7
examples/include.am
Normal file
@@ -0,0 +1,7 @@
|
||||
# vim:ft=automake
|
||||
# All paths should be given relative to the root
|
||||
|
||||
include examples/client/include.am
|
||||
include examples/echoclient/include.am
|
||||
include examples/echoserver/include.am
|
||||
include examples/server/include.am
|
||||
@@ -40,8 +40,8 @@
|
||||
|
||||
#if defined(WOLFSSL_MDK5)
|
||||
#include "cmsis_os.h"
|
||||
#include "rl_fs.h"
|
||||
#include "rl_net.h"
|
||||
#include "rl_fs.h"
|
||||
#include "rl_net.h"
|
||||
#else
|
||||
#include "rtl.h"
|
||||
#endif
|
||||
@@ -81,10 +81,11 @@ static void NonBlockingSSL_Accept(SSL* ssl)
|
||||
error == SSL_ERROR_WANT_WRITE)) {
|
||||
int currTimeout = 1;
|
||||
|
||||
if (error == SSL_ERROR_WANT_READ)
|
||||
printf("... server would read block\n");
|
||||
else
|
||||
printf("... server would write block\n");
|
||||
if (error == SSL_ERROR_WANT_READ) {
|
||||
/* printf("... server would read block\n"); */
|
||||
} else {
|
||||
/* printf("... server would write block\n"); */
|
||||
}
|
||||
|
||||
#ifdef CYASSL_DTLS
|
||||
currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
|
||||
@@ -118,6 +119,68 @@ static void NonBlockingSSL_Accept(SSL* ssl)
|
||||
err_sys("SSL_accept failed");
|
||||
}
|
||||
|
||||
/* Echo number of bytes specified by -e arg */
|
||||
int ServerEchoData(SSL* ssl, int clientfd, int echoData, int throughput)
|
||||
{
|
||||
int ret = 0;
|
||||
char* buffer = (char*)malloc(TEST_BUFFER_SIZE);
|
||||
if(buffer) {
|
||||
double start, rx_time = 0, tx_time = 0;
|
||||
int xfer_bytes = 0;
|
||||
while((echoData && throughput == 0) || (!echoData && xfer_bytes < throughput)) {
|
||||
int select_ret = tcp_select(clientfd, 1); /* Timeout=1 second */
|
||||
if (select_ret == TEST_RECV_READY) {
|
||||
int len = min(TEST_BUFFER_SIZE, throughput - xfer_bytes);
|
||||
int rx_pos = 0;
|
||||
if(throughput) {
|
||||
start = current_time();
|
||||
}
|
||||
while(rx_pos < len) {
|
||||
ret = SSL_read(ssl, &buffer[rx_pos], len - rx_pos);
|
||||
if (ret <= 0) {
|
||||
int readErr = SSL_get_error(ssl, 0);
|
||||
if (readErr != SSL_ERROR_WANT_READ) {
|
||||
printf("SSL_read error %d!\n", readErr);
|
||||
err_sys("SSL_read failed");
|
||||
}
|
||||
}
|
||||
else {
|
||||
rx_pos += ret;
|
||||
}
|
||||
}
|
||||
if(throughput) {
|
||||
rx_time += current_time() - start;
|
||||
start = current_time();
|
||||
}
|
||||
if (SSL_write(ssl, buffer, len) != len) {
|
||||
err_sys("SSL_write failed");
|
||||
}
|
||||
if(throughput) {
|
||||
tx_time += current_time() - start;
|
||||
}
|
||||
|
||||
xfer_bytes += len;
|
||||
}
|
||||
}
|
||||
free(buffer);
|
||||
|
||||
if(throughput) {
|
||||
printf("wolfSSL Server Benchmark %d bytes\n"
|
||||
"\tRX %8.3f ms (%8.3f MBps)\n"
|
||||
"\tTX %8.3f ms (%8.3f MBps)\n",
|
||||
throughput,
|
||||
tx_time * 1000, throughput / tx_time / 1024 / 1024,
|
||||
rx_time * 1000, throughput / rx_time / 1024 / 1024
|
||||
);
|
||||
}
|
||||
}
|
||||
else {
|
||||
err_sys("Server buffer malloc failed");
|
||||
}
|
||||
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
static void Usage(void)
|
||||
{
|
||||
@@ -127,7 +190,7 @@ static void Usage(void)
|
||||
printf("-p <num> Port to listen on, not 0, default %d\n", yasslPort);
|
||||
printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
|
||||
SERVER_DEFAULT_VERSION);
|
||||
printf("-l <str> Cipher list\n");
|
||||
printf("-l <str> Cipher suite list (: delimited)\n");
|
||||
printf("-c <file> Certificate file, default %s\n", svrCert);
|
||||
printf("-k <file> Key file, default %s\n", svrKey);
|
||||
printf("-A <file> Certificate Authority file, default %s\n", cliCert);
|
||||
@@ -144,7 +207,7 @@ static void Usage(void)
|
||||
printf("-s Use pre Shared keys\n");
|
||||
printf("-t Track wolfSSL memory use\n");
|
||||
printf("-u Use UDP DTLS,"
|
||||
" add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
|
||||
" add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n");
|
||||
printf("-f Fewer packets/group messages\n");
|
||||
printf("-R Create server ready file, for external monitor\n");
|
||||
printf("-r Allow one client Resumption\n");
|
||||
@@ -155,7 +218,7 @@ static void Usage(void)
|
||||
printf("-o Perform OCSP lookup on peer certificate\n");
|
||||
printf("-O <url> Perform OCSP lookup using <url> as responder\n");
|
||||
#endif
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
printf("-P Public Key Callbacks\n");
|
||||
#endif
|
||||
#ifdef HAVE_ANON
|
||||
@@ -164,20 +227,22 @@ static void Usage(void)
|
||||
#ifndef NO_PSK
|
||||
printf("-I Do not send PSK identity hint\n");
|
||||
#endif
|
||||
printf("-i Loop indefinitely (allow repeated connections)\n");
|
||||
printf("-e Echo data mode (return raw bytes received)\n");
|
||||
printf("-B <num> Benchmark throughput using <num> bytes and print stats\n");
|
||||
}
|
||||
|
||||
THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
{
|
||||
SOCKET_T sockfd = 0;
|
||||
SOCKET_T clientfd = 0;
|
||||
SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
|
||||
SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID;
|
||||
|
||||
SSL_METHOD* method = 0;
|
||||
SSL_CTX* ctx = 0;
|
||||
SSL* ssl = 0;
|
||||
|
||||
char msg[] = "I hear you fa shizzle!";
|
||||
const char msg[] = "I hear you fa shizzle!";
|
||||
char input[80];
|
||||
int idx;
|
||||
int ch;
|
||||
int version = SERVER_DEFAULT_VERSION;
|
||||
int doCliCertCheck = 1;
|
||||
@@ -194,8 +259,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
int pkCallbacks = 0;
|
||||
int serverReadyFile = 0;
|
||||
int wc_shutdown = 0;
|
||||
int resume = 0; /* do resume, and resume count */
|
||||
int resume = 0;
|
||||
int resumeCount = 0;
|
||||
int loopIndefinitely = 0;
|
||||
int echoData = 0;
|
||||
int throughput = 0;
|
||||
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
|
||||
int doListen = 1;
|
||||
int ret;
|
||||
char* alpnList = NULL;
|
||||
unsigned char alpn_opt = 0;
|
||||
@@ -244,7 +314,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
fdOpenSession(Task_self());
|
||||
#endif
|
||||
|
||||
while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:L:"))
|
||||
while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:L:ieB:"))
|
||||
!= -1) {
|
||||
switch (ch) {
|
||||
case '?' :
|
||||
@@ -292,7 +362,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
break;
|
||||
|
||||
case 'P' :
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
pkCallbacks = 1;
|
||||
#endif
|
||||
break;
|
||||
@@ -400,6 +470,23 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
|
||||
#endif
|
||||
break;
|
||||
|
||||
case 'i' :
|
||||
loopIndefinitely = 1;
|
||||
break;
|
||||
|
||||
case 'e' :
|
||||
echoData = 1;
|
||||
break;
|
||||
|
||||
case 'B':
|
||||
throughput = atoi(myoptarg);
|
||||
if (throughput <= 0) {
|
||||
Usage();
|
||||
exit(MY_EX_USAGE);
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
Usage();
|
||||
exit(MY_EX_USAGE);
|
||||
@@ -593,173 +680,182 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
err_sys("UseSNI failed");
|
||||
#endif
|
||||
|
||||
while (1) { /* allow resume option */
|
||||
if (resume > 1) { /* already did listen, just do accept */
|
||||
if (doDTLS == 0) {
|
||||
SOCKADDR_IN_T client;
|
||||
socklen_t client_len = sizeof(client);
|
||||
clientfd = accept(sockfd, (struct sockaddr*)&client,
|
||||
(ACCEPT_THIRD_T)&client_len);
|
||||
} else {
|
||||
tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
|
||||
clientfd = sockfd;
|
||||
while (1) {
|
||||
/* allow resume option */
|
||||
if(resumeCount > 1) {
|
||||
if (doDTLS == 0) {
|
||||
SOCKADDR_IN_T client;
|
||||
socklen_t client_len = sizeof(client);
|
||||
clientfd = accept(sockfd, (struct sockaddr*)&client,
|
||||
(ACCEPT_THIRD_T)&client_len);
|
||||
} else {
|
||||
tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
|
||||
clientfd = sockfd;
|
||||
}
|
||||
if(WOLFSSL_SOCKET_IS_INVALID(clientfd)) {
|
||||
err_sys("tcp accept failed");
|
||||
}
|
||||
}
|
||||
#ifdef USE_WINDOWS_API
|
||||
if (clientfd == INVALID_SOCKET) err_sys("tcp accept failed");
|
||||
#else
|
||||
if (clientfd == -1) err_sys("tcp accept failed");
|
||||
#endif
|
||||
}
|
||||
|
||||
ssl = SSL_new(ctx);
|
||||
if (ssl == NULL)
|
||||
err_sys("unable to get SSL");
|
||||
ssl = SSL_new(ctx);
|
||||
if (ssl == NULL)
|
||||
err_sys("unable to get SSL");
|
||||
|
||||
#ifndef NO_HANDSHAKE_DONE_CB
|
||||
wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
|
||||
wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
|
||||
#endif
|
||||
#ifdef HAVE_CRL
|
||||
CyaSSL_EnableCRL(ssl, 0);
|
||||
CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
|
||||
CYASSL_CRL_START_MON);
|
||||
CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
|
||||
CyaSSL_EnableCRL(ssl, 0);
|
||||
CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
|
||||
CYASSL_CRL_START_MON);
|
||||
CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
|
||||
#endif
|
||||
#ifdef HAVE_OCSP
|
||||
if (useOcsp) {
|
||||
if (ocspUrl != NULL) {
|
||||
CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
|
||||
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
|
||||
| CYASSL_OCSP_URL_OVERRIDE);
|
||||
if (useOcsp) {
|
||||
if (ocspUrl != NULL) {
|
||||
CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
|
||||
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
|
||||
| CYASSL_OCSP_URL_OVERRIDE);
|
||||
}
|
||||
else
|
||||
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
|
||||
}
|
||||
else
|
||||
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
if (pkCallbacks)
|
||||
SetupPkCallbacks(ctx, ssl);
|
||||
if (pkCallbacks)
|
||||
SetupPkCallbacks(ctx, ssl);
|
||||
#endif
|
||||
|
||||
if (resume < 2) { /* do listen and accept */
|
||||
/* do accept */
|
||||
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr,
|
||||
doDTLS, serverReadyFile);
|
||||
}
|
||||
doDTLS, serverReadyFile, doListen);
|
||||
doListen = 0; /* Don't listen next time */
|
||||
|
||||
SSL_set_fd(ssl, clientfd);
|
||||
SSL_set_fd(ssl, clientfd);
|
||||
|
||||
#ifdef HAVE_ALPN
|
||||
if (alpnList != NULL) {
|
||||
printf("ALPN accepted protocols list : %s\n", alpnList);
|
||||
wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt);
|
||||
}
|
||||
if (alpnList != NULL) {
|
||||
printf("ALPN accepted protocols list : %s\n", alpnList);
|
||||
wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
if (doDTLS) {
|
||||
SOCKADDR_IN_T cliaddr;
|
||||
byte b[1500];
|
||||
int n;
|
||||
socklen_t len = sizeof(cliaddr);
|
||||
if (doDTLS) {
|
||||
SOCKADDR_IN_T cliaddr;
|
||||
byte b[1500];
|
||||
int n;
|
||||
socklen_t len = sizeof(cliaddr);
|
||||
|
||||
/* For DTLS, peek at the next datagram so we can get the client's
|
||||
* address and set it into the ssl object later to generate the
|
||||
* cookie. */
|
||||
n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
|
||||
(struct sockaddr*)&cliaddr, &len);
|
||||
if (n <= 0)
|
||||
err_sys("recvfrom failed");
|
||||
/* For DTLS, peek at the next datagram so we can get the client's
|
||||
* address and set it into the ssl object later to generate the
|
||||
* cookie. */
|
||||
n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
|
||||
(struct sockaddr*)&cliaddr, &len);
|
||||
if (n <= 0)
|
||||
err_sys("recvfrom failed");
|
||||
|
||||
wolfSSL_dtls_set_peer(ssl, &cliaddr, len);
|
||||
}
|
||||
wolfSSL_dtls_set_peer(ssl, &cliaddr, len);
|
||||
}
|
||||
#endif
|
||||
if (usePsk == 0 || useAnon == 1 || cipherList != NULL || needDH == 1) {
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
|
||||
CyaSSL_SetTmpDH_file(ssl, ourDhParam, SSL_FILETYPE_PEM);
|
||||
#elif !defined(NO_DH)
|
||||
SetDH(ssl); /* repick suites with DHE, higher priority than PSK */
|
||||
#endif
|
||||
}
|
||||
if (usePsk == 0 || useAnon == 1 || cipherList != NULL || needDH == 1) {
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
|
||||
CyaSSL_SetTmpDH_file(ssl, ourDhParam, SSL_FILETYPE_PEM);
|
||||
#elif !defined(NO_DH)
|
||||
SetDH(ssl); /* repick suites with DHE, higher priority than PSK */
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifndef CYASSL_CALLBACKS
|
||||
if (nonBlocking) {
|
||||
CyaSSL_set_using_nonblock(ssl, 1);
|
||||
tcp_set_nonblocking(&clientfd);
|
||||
NonBlockingSSL_Accept(ssl);
|
||||
} else if (SSL_accept(ssl) != SSL_SUCCESS) {
|
||||
int err = SSL_get_error(ssl, 0);
|
||||
char buffer[CYASSL_MAX_ERROR_SZ];
|
||||
printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
|
||||
err_sys("SSL_accept failed");
|
||||
}
|
||||
if (nonBlocking) {
|
||||
CyaSSL_set_using_nonblock(ssl, 1);
|
||||
tcp_set_nonblocking(&clientfd);
|
||||
NonBlockingSSL_Accept(ssl);
|
||||
} else if (SSL_accept(ssl) != SSL_SUCCESS) {
|
||||
int err = SSL_get_error(ssl, 0);
|
||||
char buffer[CYASSL_MAX_ERROR_SZ];
|
||||
printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
|
||||
err_sys("SSL_accept failed");
|
||||
}
|
||||
#else
|
||||
NonBlockingSSL_Accept(ssl);
|
||||
NonBlockingSSL_Accept(ssl);
|
||||
#endif
|
||||
showPeer(ssl);
|
||||
showPeer(ssl);
|
||||
|
||||
#ifdef HAVE_ALPN
|
||||
if (alpnList != NULL) {
|
||||
int err;
|
||||
char *protocol_name = NULL, *list = NULL;
|
||||
word16 protocol_nameSz = 0, listSz = 0;
|
||||
if (alpnList != NULL) {
|
||||
int err;
|
||||
char *protocol_name = NULL, *list = NULL;
|
||||
word16 protocol_nameSz = 0, listSz = 0;
|
||||
|
||||
err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name, &protocol_nameSz);
|
||||
if (err == SSL_SUCCESS)
|
||||
printf("Sent ALPN protocol : %s (%d)\n",
|
||||
protocol_name, protocol_nameSz);
|
||||
else if (err == SSL_ALPN_NOT_FOUND)
|
||||
printf("No ALPN response sent (no match)\n");
|
||||
else
|
||||
printf("Getting ALPN protocol name failed\n");
|
||||
err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name, &protocol_nameSz);
|
||||
if (err == SSL_SUCCESS)
|
||||
printf("Sent ALPN protocol : %s (%d)\n",
|
||||
protocol_name, protocol_nameSz);
|
||||
else if (err == SSL_ALPN_NOT_FOUND)
|
||||
printf("No ALPN response sent (no match)\n");
|
||||
else
|
||||
printf("Getting ALPN protocol name failed\n");
|
||||
|
||||
err = wolfSSL_ALPN_GetPeerProtocol(ssl, &list, &listSz);
|
||||
if (err == SSL_SUCCESS)
|
||||
printf("List of protocol names sent by Client: %s (%d)\n",
|
||||
list, listSz);
|
||||
else
|
||||
printf("Get list of client's protocol name failed\n");
|
||||
err = wolfSSL_ALPN_GetPeerProtocol(ssl, &list, &listSz);
|
||||
if (err == SSL_SUCCESS)
|
||||
printf("List of protocol names sent by Client: %s (%d)\n",
|
||||
list, listSz);
|
||||
else
|
||||
printf("Get list of client's protocol name failed\n");
|
||||
|
||||
XFREE(list, NULL, DYNAMIC_TMP_OUT_BUFFER);
|
||||
}
|
||||
XFREE(list, NULL, DYNAMIC_TMP_OUT_BUFFER);
|
||||
}
|
||||
#endif
|
||||
if(echoData == 0 && throughput == 0) {
|
||||
ret = SSL_read(ssl, input, sizeof(input)-1);
|
||||
if (ret > 0) {
|
||||
input[ret] = 0;
|
||||
printf("Client message: %s\n", input);
|
||||
|
||||
}
|
||||
else if (ret < 0) {
|
||||
int readErr = SSL_get_error(ssl, 0);
|
||||
if (readErr != SSL_ERROR_WANT_READ)
|
||||
err_sys("SSL_read failed");
|
||||
}
|
||||
|
||||
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
|
||||
err_sys("SSL_write failed");
|
||||
}
|
||||
else {
|
||||
ServerEchoData(ssl, clientfd, echoData, throughput);
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
|
||||
os_dly_wait(500) ;
|
||||
#elif defined (CYASSL_TIRTOS)
|
||||
Task_yield();
|
||||
#endif
|
||||
|
||||
idx = SSL_read(ssl, input, sizeof(input)-1);
|
||||
if (idx > 0) {
|
||||
input[idx] = 0;
|
||||
printf("Client message: %s\n", input);
|
||||
if (doDTLS == 0) {
|
||||
ret = SSL_shutdown(ssl);
|
||||
if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
|
||||
SSL_shutdown(ssl); /* bidirectional shutdown */
|
||||
}
|
||||
SSL_free(ssl);
|
||||
|
||||
}
|
||||
else if (idx < 0) {
|
||||
int readErr = SSL_get_error(ssl, 0);
|
||||
if (readErr != SSL_ERROR_WANT_READ)
|
||||
err_sys("SSL_read failed");
|
||||
}
|
||||
|
||||
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
|
||||
err_sys("SSL_write failed");
|
||||
|
||||
#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
|
||||
os_dly_wait(500) ;
|
||||
#elif defined (CYASSL_TIRTOS)
|
||||
Task_yield();
|
||||
#endif
|
||||
|
||||
if (doDTLS == 0) {
|
||||
ret = SSL_shutdown(ssl);
|
||||
if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
|
||||
SSL_shutdown(ssl); /* bidirectional shutdown */
|
||||
}
|
||||
SSL_free(ssl);
|
||||
if (resume == 1) {
|
||||
CloseSocket(clientfd);
|
||||
resume++; /* only do one resume for testing */
|
||||
continue;
|
||||
}
|
||||
break; /* out of while loop, done with normal and resume option */
|
||||
}
|
||||
|
||||
if (resume == 1 && resumeCount == 0) {
|
||||
resumeCount++; /* only do one resume for testing */
|
||||
continue;
|
||||
}
|
||||
resumeCount = 0;
|
||||
|
||||
if(!loopIndefinitely) {
|
||||
break; /* out of while loop, done with normal and resume option */
|
||||
}
|
||||
} /* while(1) */
|
||||
|
||||
CloseSocket(sockfd);
|
||||
SSL_CTX_free(ctx);
|
||||
|
||||
CloseSocket(clientfd);
|
||||
CloseSocket(sockfd);
|
||||
((func_args*)args)->return_code = 0;
|
||||
|
||||
|
||||
@@ -816,10 +912,10 @@ while (1) { /* allow resume option */
|
||||
ChangeDirBack(2);
|
||||
else if (CurrentDir("Debug") || CurrentDir("Release"))
|
||||
ChangeDirBack(3);
|
||||
|
||||
|
||||
#ifdef HAVE_STACK_SIZE
|
||||
StackSizeCheck(&args, server_test);
|
||||
#else
|
||||
#else
|
||||
server_test(&args);
|
||||
#endif
|
||||
CyaSSL_Cleanup();
|
||||
|
||||
@@ -22,3 +22,7 @@
|
||||
#pragma once
|
||||
|
||||
THREAD_RETURN WOLFSSL_THREAD server_test(void* args);
|
||||
|
||||
/* Echo bytes using buffer of TEST_BUFFER_SIZE until [echoData] bytes are complete. */
|
||||
/* If [bechmarkThroughput] set the statistcs will be output at the end */
|
||||
int ServerEchoData(WOLFSSL* ssl, int clientfd, int echoData, int benchmarkThroughput);
|
||||
|
||||
115
scripts/benchmark.test
Executable file
115
scripts/benchmark.test
Executable file
@@ -0,0 +1,115 @@
|
||||
#!/bin/sh
|
||||
|
||||
#benchmark.test
|
||||
|
||||
if [ "$#" -lt 2 ]; then
|
||||
echo "Usage: $0 [mode] [num] [clientargs] [serverargs]" >&2
|
||||
echo " [mode]: 1=Connection Rate (TPS), 2=Throughput Bytes" >&2
|
||||
echo " [num]: Mode 1=Connection Count, Mode 2=Bytes to TX/RX" >&2
|
||||
echo " [clientargs]: Passed to client (see \"./example/client/client -?\" for help)" >&2
|
||||
echo " Example: Use different cipher suite: \"-l DHE-RSA-AES256-SHA\"" >&2
|
||||
echo " [serverargs]: Passed to server (see \"./example/server/server -?\" for help)" >&2
|
||||
echo " Example: Disable client certificate check: \"-d\"" >&2
|
||||
echo "Note: If additional client or server args contains spaces wrap with double quotes" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Use unique benchmark port so it won't conflict with any other tests
|
||||
bench_port=11113
|
||||
no_pid=-1
|
||||
server_pid=$no_pid
|
||||
counter=0
|
||||
client_result=-1
|
||||
|
||||
remove_ready_file() {
|
||||
if test -e /tmp/wolfssl_server_ready; then
|
||||
echo "removing exisitng server_ready file"
|
||||
rm /tmp/wolfssl_server_ready
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
do_cleanup() {
|
||||
echo "in cleanup"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
then
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
remove_ready_file
|
||||
}
|
||||
|
||||
do_trap() {
|
||||
echo "got trap"
|
||||
do_cleanup
|
||||
exit -1
|
||||
}
|
||||
|
||||
trap do_trap INT TERM
|
||||
|
||||
# Start server in loop continuous mode (-L) with echo data (-e) enabled and non-blocking (-N)
|
||||
echo "\nStarting example server for benchmark test"
|
||||
remove_ready_file
|
||||
# benchmark connections
|
||||
if [ $1 == 1 ]
|
||||
then
|
||||
# start server in loop mode with port
|
||||
./examples/server/server -i -p $bench_port $4 &
|
||||
server_pid=$!
|
||||
fi
|
||||
|
||||
# benchmark throughput
|
||||
if [ $1 == 2 ]
|
||||
then
|
||||
# start server in loop mode, non-blocking, benchmark throughput with port
|
||||
./examples/server/server -i -N -B $2 -p $bench_port $4 &
|
||||
server_pid=$!
|
||||
fi
|
||||
|
||||
|
||||
echo "Waiting for server_ready file..."
|
||||
while [ ! -s /tmp/wolfssl_server_ready -a "$counter" -lt 20 ]; do
|
||||
sleep 0.1
|
||||
counter=$((counter+ 1))
|
||||
done
|
||||
|
||||
# benchmark connections
|
||||
if [ $1 == 1 ]
|
||||
then
|
||||
echo "Starting example client to benchmark connection average time"
|
||||
# start client to benchmark average time for each connection using port
|
||||
./examples/client/client -b $2 -p $bench_port $3
|
||||
client_result=$?
|
||||
fi
|
||||
|
||||
# benchmark throughput
|
||||
if [ $1 == 2 ]
|
||||
then
|
||||
echo "Starting example client to benchmark throughput"
|
||||
# start client in non-blocking mode, benchmark throughput using port
|
||||
./examples/client/client -N -B $2 -p $bench_port $3
|
||||
client_result=$?
|
||||
fi
|
||||
|
||||
if [ $client_result != 0 ]
|
||||
then
|
||||
echo "Client failed!"
|
||||
do_cleanup
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# End server
|
||||
kill -6 $server_pid
|
||||
server_result=$?
|
||||
remove_ready_file
|
||||
|
||||
if [ $server_result != 0 ]
|
||||
then
|
||||
echo "Server failed!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "\nSuccess!\n"
|
||||
|
||||
exit 0
|
||||
@@ -10,6 +10,7 @@ endif
|
||||
|
||||
if BUILD_EXAMPLES
|
||||
dist_noinst_SCRIPTS+= scripts/resume.test
|
||||
EXTRA_DIST+= scripts/benchmark.test
|
||||
|
||||
if BUILD_CRL
|
||||
# make revoked test rely on completion of resume test
|
||||
|
||||
24
src/ssl.c
24
src/ssl.c
@@ -17066,5 +17066,29 @@ int wolfSSL_ED25519_verify(const unsigned char *msg, unsigned int msgSz,
|
||||
}
|
||||
|
||||
#endif /* OPENSSL_EXTRA && HAVE_ED25519 */
|
||||
|
||||
#ifdef WOLFSSL_JNI
|
||||
|
||||
int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_set_jobject");
|
||||
if (ssl != NULL)
|
||||
{
|
||||
ssl->jObjectRef = objPtr;
|
||||
return SSL_SUCCESS;
|
||||
}
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
|
||||
void* wolfSSL_get_jobject(WOLFSSL* ssl)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_get_jobject");
|
||||
if (ssl != NULL)
|
||||
return ssl->jObjectRef;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_JNI */
|
||||
|
||||
#endif /* WOLFCRYPT_ONLY */
|
||||
|
||||
|
||||
10
tests/api.c
10
tests/api.c
@@ -357,7 +357,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
|
||||
}
|
||||
|
||||
ssl = wolfSSL_new(ctx);
|
||||
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0);
|
||||
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 1);
|
||||
CloseSocket(sockfd);
|
||||
|
||||
wolfSSL_set_fd(ssl, clientfd);
|
||||
@@ -467,9 +467,8 @@ static void test_client_nofail(void* args)
|
||||
goto done2;
|
||||
}
|
||||
|
||||
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0);
|
||||
|
||||
ssl = wolfSSL_new(ctx);
|
||||
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl);
|
||||
wolfSSL_set_fd(ssl, sockfd);
|
||||
if (wolfSSL_connect(ssl) != SSL_SUCCESS)
|
||||
{
|
||||
@@ -557,7 +556,7 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
|
||||
|
||||
ssl = wolfSSL_new(ctx);
|
||||
|
||||
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0);
|
||||
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 1);
|
||||
CloseSocket(sfd);
|
||||
|
||||
wolfSSL_set_fd(ssl, cfd);
|
||||
@@ -650,9 +649,8 @@ static void run_wolfssl_client(void* args)
|
||||
if (callbacks->ctx_ready)
|
||||
callbacks->ctx_ready(ctx);
|
||||
|
||||
tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0);
|
||||
|
||||
ssl = wolfSSL_new(ctx);
|
||||
tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl);
|
||||
wolfSSL_set_fd(ssl, sfd);
|
||||
|
||||
if (callbacks->ssl_ready)
|
||||
|
||||
@@ -2484,6 +2484,9 @@ struct WOLFSSL {
|
||||
SessionSecretCb sessionSecretCb;
|
||||
void* sessionSecretCtx;
|
||||
#endif /* HAVE_SECRET_CALLBACK */
|
||||
#ifdef WOLFSSL_JNI
|
||||
void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */
|
||||
#endif /* WOLFSSL_JNI */
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -1682,6 +1682,11 @@ WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *,
|
||||
WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*);
|
||||
#endif /* HAVE_STUNNEL */
|
||||
|
||||
#ifdef WOLFSSL_JNI
|
||||
WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
|
||||
WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl);
|
||||
#endif /* WOLFSSL_JNI */
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
227
wolfssl/test.h
227
wolfssl/test.h
@@ -23,7 +23,7 @@
|
||||
#endif /* HAVE_ECC */
|
||||
#endif /*HAVE_PK_CALLBACKS */
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
#ifdef USE_WINDOWS_API
|
||||
#include <winsock2.h>
|
||||
#include <process.h>
|
||||
#ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */
|
||||
@@ -61,11 +61,11 @@
|
||||
#include <sys/socket.h>
|
||||
#include <ti/sysbios/knl/Task.h>
|
||||
struct hostent {
|
||||
char *h_name; /* official name of host */
|
||||
char **h_aliases; /* alias list */
|
||||
int h_addrtype; /* host address type */
|
||||
int h_length; /* length of address */
|
||||
char **h_addr_list; /* list of addresses from name server */
|
||||
char *h_name; /* official name of host */
|
||||
char **h_aliases; /* alias list */
|
||||
int h_addrtype; /* host address type */
|
||||
int h_length; /* length of address */
|
||||
char **h_addr_list; /* list of addresses from name server */
|
||||
};
|
||||
#define SOCKET_T int
|
||||
#elif defined(WOLFSSL_VXWORKS)
|
||||
@@ -79,7 +79,7 @@
|
||||
#include <fcntl.h>
|
||||
#include <sys/time.h>
|
||||
#include <netdb.h>
|
||||
#include <pthread.h>
|
||||
#include <pthread.h>
|
||||
#define SOCKET_T int
|
||||
#else
|
||||
#include <string.h>
|
||||
@@ -118,6 +118,39 @@
|
||||
#pragma warning(disable:4244 4996)
|
||||
#endif
|
||||
|
||||
/* Buffer for benchmark tests */
|
||||
#ifndef TEST_BUFFER_SIZE
|
||||
#define TEST_BUFFER_SIZE 16384
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_HAVE_MIN
|
||||
#define WOLFSSL_HAVE_MIN
|
||||
static INLINE word32 min(word32 a, word32 b)
|
||||
{
|
||||
return a > b ? b : a;
|
||||
}
|
||||
#endif /* WOLFSSL_HAVE_MIN */
|
||||
|
||||
/* Socket Handling */
|
||||
#ifndef WOLFSSL_SOCKET_INVALID
|
||||
#ifdef USE_WINDOWS_API
|
||||
#define WOLFSSL_SOCKET_INVALID INVALID_SOCKET
|
||||
#elif defined(WOLFSSL_TIRTOS)
|
||||
#define WOLFSSL_SOCKET_INVALID -1
|
||||
#else
|
||||
#define WOLFSSL_SOCKET_INVALID 0
|
||||
#endif
|
||||
#endif /* WOLFSSL_SOCKET_INVALID */
|
||||
|
||||
#ifndef WOLFSSL_SOCKET_IS_INVALID
|
||||
#ifdef USE_WINDOWS_API
|
||||
#define WOLFSSL_SOCKET_IS_INVALID(s) ((s) == WOLFSSL_SOCKET_INVALID)
|
||||
#elif defined(WOLFSSL_TIRTOS)
|
||||
#define WOLFSSL_SOCKET_IS_INVALID(s) ((s) == WOLFSSL_SOCKET_INVALID)
|
||||
#else
|
||||
#define WOLFSSL_SOCKET_IS_INVALID(s) ((s) < WOLFSSL_SOCKET_INVALID)
|
||||
#endif
|
||||
#endif /* WOLFSSL_SOCKET_IS_INVALID */
|
||||
|
||||
#if defined(__MACH__) || defined(USE_WINDOWS_API)
|
||||
#ifndef _SOCKLEN_T
|
||||
@@ -140,7 +173,7 @@
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
#ifdef USE_WINDOWS_API
|
||||
#define CloseSocket(s) closesocket(s)
|
||||
#define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
|
||||
#elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
|
||||
@@ -186,7 +219,7 @@
|
||||
typedef struct sockaddr_in SOCKADDR_IN_T;
|
||||
#define AF_INET_V AF_INET
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
#define SERVER_DEFAULT_VERSION 3
|
||||
#define SERVER_DTLS_DEFAULT_VERSION (-2)
|
||||
@@ -238,7 +271,7 @@ typedef struct tcp_ready {
|
||||
pthread_mutex_t mutex;
|
||||
pthread_cond_t cond;
|
||||
#endif
|
||||
} tcp_ready;
|
||||
} tcp_ready;
|
||||
|
||||
|
||||
void InitTcpReady(tcp_ready*);
|
||||
@@ -333,7 +366,7 @@ static INLINE int mygetopt(int argc, char** argv, const char* optstring)
|
||||
/* The C++ strchr can return a different value */
|
||||
cp = (char*)strchr(optstring, c);
|
||||
|
||||
if (cp == NULL || c == ':')
|
||||
if (cp == NULL || c == ':')
|
||||
return '?';
|
||||
|
||||
cp++;
|
||||
@@ -347,7 +380,7 @@ static INLINE int mygetopt(int argc, char** argv, const char* optstring)
|
||||
myoptarg = argv[myoptind];
|
||||
myoptind++;
|
||||
}
|
||||
else
|
||||
else
|
||||
return '?';
|
||||
}
|
||||
|
||||
@@ -380,7 +413,7 @@ static INLINE void ShowX509(WOLFSSL_X509* x509, const char* hdr)
|
||||
byte serial[32];
|
||||
int ret;
|
||||
int sz = sizeof(serial);
|
||||
|
||||
|
||||
printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject);
|
||||
|
||||
while ( (altName = wolfSSL_X509_get_next_altname(x509)) != NULL)
|
||||
@@ -542,18 +575,11 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
|
||||
else
|
||||
*sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
if (*sockfd == INVALID_SOCKET)
|
||||
if(WOLFSSL_SOCKET_IS_INVALID(*sockfd)) {
|
||||
err_sys("socket failed\n");
|
||||
#elif defined(WOLFSSL_TIRTOS)
|
||||
if (*sockfd == -1)
|
||||
err_sys("socket failed\n");
|
||||
#else
|
||||
if (*sockfd < 0)
|
||||
err_sys("socket failed\n");
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifndef USE_WINDOWS_API
|
||||
#ifndef USE_WINDOWS_API
|
||||
#ifdef SO_NOSIGPIPE
|
||||
{
|
||||
int on = 1;
|
||||
@@ -583,10 +609,13 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
|
||||
}
|
||||
|
||||
static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port,
|
||||
int udp)
|
||||
int udp, WOLFSSL* ssl)
|
||||
{
|
||||
SOCKADDR_IN_T addr;
|
||||
build_addr(&addr, ip, port, udp);
|
||||
if(udp) {
|
||||
wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
|
||||
}
|
||||
tcp_socket(sockfd, udp);
|
||||
|
||||
if (!udp) {
|
||||
@@ -769,7 +798,7 @@ static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
|
||||
|
||||
static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
|
||||
func_args* args, word16 port, int useAnyAddr,
|
||||
int udp, int ready_file)
|
||||
int udp, int ready_file, int do_listen)
|
||||
{
|
||||
SOCKADDR_IN_T client;
|
||||
socklen_t client_len = sizeof(client);
|
||||
@@ -779,49 +808,47 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
|
||||
return;
|
||||
}
|
||||
|
||||
tcp_listen(sockfd, &port, useAnyAddr, udp);
|
||||
if(do_listen) {
|
||||
tcp_listen(sockfd, &port, useAnyAddr, udp);
|
||||
|
||||
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
|
||||
/* signal ready to tcp_accept */
|
||||
{
|
||||
tcp_ready* ready = args->signal;
|
||||
pthread_mutex_lock(&ready->mutex);
|
||||
ready->ready = 1;
|
||||
ready->port = port;
|
||||
pthread_cond_signal(&ready->cond);
|
||||
pthread_mutex_unlock(&ready->mutex);
|
||||
}
|
||||
#elif defined (WOLFSSL_TIRTOS)
|
||||
/* Need mutex? */
|
||||
tcp_ready* ready = args->signal;
|
||||
ready->ready = 1;
|
||||
ready->port = port;
|
||||
#endif
|
||||
|
||||
if (ready_file) {
|
||||
#ifndef NO_FILESYSTEM
|
||||
#ifndef USE_WINDOWS_API
|
||||
FILE* srf = fopen("/tmp/wolfssl_server_ready", "w");
|
||||
#else
|
||||
FILE* srf = fopen("wolfssl_server_ready", "w");
|
||||
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
|
||||
/* signal ready to tcp_accept */
|
||||
{
|
||||
tcp_ready* ready = args->signal;
|
||||
pthread_mutex_lock(&ready->mutex);
|
||||
ready->ready = 1;
|
||||
ready->port = port;
|
||||
pthread_cond_signal(&ready->cond);
|
||||
pthread_mutex_unlock(&ready->mutex);
|
||||
}
|
||||
#elif defined (WOLFSSL_TIRTOS)
|
||||
/* Need mutex? */
|
||||
tcp_ready* ready = args->signal;
|
||||
ready->ready = 1;
|
||||
ready->port = port;
|
||||
#endif
|
||||
|
||||
if (srf) {
|
||||
fputs("ready", srf);
|
||||
fclose(srf);
|
||||
if (ready_file) {
|
||||
#ifndef NO_FILESYSTEM
|
||||
#ifndef USE_WINDOWS_API
|
||||
FILE* srf = fopen("/tmp/wolfssl_server_ready", "w");
|
||||
#else
|
||||
FILE* srf = fopen("wolfssl_server_ready", "w");
|
||||
#endif
|
||||
|
||||
if (srf) {
|
||||
fputs("ready", srf);
|
||||
fclose(srf);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
*clientfd = accept(*sockfd, (struct sockaddr*)&client,
|
||||
(ACCEPT_THIRD_T)&client_len);
|
||||
#ifdef USE_WINDOWS_API
|
||||
if (*clientfd == INVALID_SOCKET)
|
||||
if(WOLFSSL_SOCKET_IS_INVALID(*clientfd)) {
|
||||
err_sys("tcp accept failed");
|
||||
#else
|
||||
if (*clientfd == -1)
|
||||
err_sys("tcp accept failed");
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -894,7 +921,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
|
||||
#endif /* NO_PSK */
|
||||
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
#ifdef USE_WINDOWS_API
|
||||
|
||||
#define WIN32_LEAN_AND_MEAN
|
||||
#include <windows.h>
|
||||
@@ -903,7 +930,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
|
||||
{
|
||||
static int init = 0;
|
||||
static LARGE_INTEGER freq;
|
||||
|
||||
|
||||
LARGE_INTEGER count;
|
||||
|
||||
if (!init) {
|
||||
@@ -930,7 +957,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
|
||||
|
||||
return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
#endif /* USE_WINDOWS_API */
|
||||
|
||||
@@ -1133,18 +1160,18 @@ static INLINE int OpenNitroxDevice(int dma_mode,int dev_id)
|
||||
#endif /* HAVE_CAVIUM */
|
||||
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
#ifdef USE_WINDOWS_API
|
||||
|
||||
/* do back x number of directories */
|
||||
static INLINE void ChangeDirBack(int x)
|
||||
{
|
||||
char path[MAX_PATH];
|
||||
XMEMSET(path, 0, MAX_PATH);
|
||||
XSTRNCAT(path, ".\\", MAX_PATH);
|
||||
while (x-- > 0) {
|
||||
XSTRNCAT(path, "..\\", MAX_PATH);
|
||||
}
|
||||
SetCurrentDirectoryA(path);
|
||||
char path[MAX_PATH];
|
||||
XMEMSET(path, 0, MAX_PATH);
|
||||
XSTRNCAT(path, ".\\", MAX_PATH);
|
||||
while (x-- > 0) {
|
||||
XSTRNCAT(path, "..\\", MAX_PATH);
|
||||
}
|
||||
SetCurrentDirectoryA(path);
|
||||
}
|
||||
|
||||
/* does current dir contain str */
|
||||
@@ -1180,14 +1207,14 @@ static INLINE int CurrentDir(const char* str)
|
||||
static INLINE void ChangeDirBack(int x)
|
||||
{
|
||||
char path[MAX_PATH];
|
||||
XMEMSET(path, 0, MAX_PATH);
|
||||
XSTRNCAT(path, "./", MAX_PATH);
|
||||
while (x-- > 0) {
|
||||
XMEMSET(path, 0, MAX_PATH);
|
||||
XSTRNCAT(path, "./", MAX_PATH);
|
||||
while (x-- > 0) {
|
||||
XSTRNCAT(path, "../", MAX_PATH);
|
||||
}
|
||||
if (chdir(path) < 0) {
|
||||
printf("chdir to %s failed\n", path);
|
||||
}
|
||||
}
|
||||
if (chdir(path) < 0) {
|
||||
printf("chdir to %s failed\n", path);
|
||||
}
|
||||
}
|
||||
|
||||
/* does current dir contain str */
|
||||
@@ -1278,8 +1305,8 @@ static INLINE int CurrentDir(const char* str)
|
||||
mt = (memoryTrack*)ptr;
|
||||
--mt; /* same as minus sizeof(memoryTrack), removes header */
|
||||
|
||||
#ifdef DO_MEM_STATS
|
||||
ourMemStats.currentBytes -= mt->u.hint.thisSize;
|
||||
#ifdef DO_MEM_STATS
|
||||
ourMemStats.currentBytes -= mt->u.hint.thisSize;
|
||||
#endif
|
||||
|
||||
free(mt);
|
||||
@@ -1308,7 +1335,7 @@ static INLINE int CurrentDir(const char* str)
|
||||
return ret;
|
||||
}
|
||||
|
||||
static INLINE void InitMemoryTracker(void)
|
||||
static INLINE void InitMemoryTracker(void)
|
||||
{
|
||||
if (wolfSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc) != 0)
|
||||
err_sys("wolfSSL SetAllocators failed for track memory");
|
||||
@@ -1321,9 +1348,9 @@ static INLINE int CurrentDir(const char* str)
|
||||
#endif
|
||||
}
|
||||
|
||||
static INLINE void ShowMemoryTracker(void)
|
||||
static INLINE void ShowMemoryTracker(void)
|
||||
{
|
||||
#ifdef DO_MEM_STATS
|
||||
#ifdef DO_MEM_STATS
|
||||
printf("total Allocs = %9lu\n",
|
||||
(unsigned long)ourMemStats.totalAllocs);
|
||||
printf("total Bytes = %9lu\n",
|
||||
@@ -1357,8 +1384,8 @@ static INLINE void StackSizeCheck(func_args* args, thread_func tf)
|
||||
#endif
|
||||
|
||||
ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize);
|
||||
if (ret != 0)
|
||||
err_sys("posix_memalign failed\n");
|
||||
if (ret != 0)
|
||||
err_sys("posix_memalign failed\n");
|
||||
|
||||
memset(myStack, 0x01, stackSize);
|
||||
|
||||
@@ -1445,8 +1472,8 @@ typedef struct AtomicDecCtx {
|
||||
} AtomicDecCtx;
|
||||
|
||||
|
||||
static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
|
||||
const unsigned char* macIn, unsigned int macInSz, int macContent,
|
||||
static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
|
||||
const unsigned char* macIn, unsigned int macInSz, int macContent,
|
||||
int macVerify, unsigned char* encOut, const unsigned char* encIn,
|
||||
unsigned int encSz, void* ctx)
|
||||
{
|
||||
@@ -1513,7 +1540,7 @@ static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
|
||||
}
|
||||
|
||||
|
||||
static INLINE int myDecryptVerifyCb(WOLFSSL* ssl,
|
||||
static INLINE int myDecryptVerifyCb(WOLFSSL* ssl,
|
||||
unsigned char* decOut, const unsigned char* decIn,
|
||||
unsigned int decSz, int macContent, int macVerify,
|
||||
unsigned int* padSz, void* ctx)
|
||||
@@ -1668,8 +1695,8 @@ static INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
|
||||
return ret;
|
||||
|
||||
wc_ecc_init(&myKey);
|
||||
|
||||
ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz);
|
||||
|
||||
ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey);
|
||||
wc_ecc_free(&myKey);
|
||||
@@ -1690,7 +1717,7 @@ static INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
|
||||
(void)ctx;
|
||||
|
||||
wc_ecc_init(&myKey);
|
||||
|
||||
|
||||
ret = wc_ecc_import_x963(key, keySz, &myKey);
|
||||
if (ret == 0)
|
||||
ret = wc_ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey);
|
||||
@@ -1719,8 +1746,8 @@ static INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
|
||||
return ret;
|
||||
|
||||
wc_InitRsaKey(&myKey, NULL);
|
||||
|
||||
ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
|
||||
|
||||
ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng);
|
||||
if (ret > 0) { /* save and convert to 0 success */
|
||||
@@ -1774,7 +1801,7 @@ static INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz,
|
||||
return ret;
|
||||
|
||||
wc_InitRsaKey(&myKey, NULL);
|
||||
|
||||
|
||||
ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz);
|
||||
if (ret == 0) {
|
||||
ret = wc_RsaPublicEncrypt(in, inSz, out, *outSz, &myKey, &rng);
|
||||
@@ -1822,7 +1849,7 @@ static INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
|
||||
wolfSSL_CTX_SetEccSignCb(ctx, myEccSign);
|
||||
wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify);
|
||||
#endif /* HAVE_ECC */
|
||||
#ifndef NO_RSA
|
||||
#ifndef NO_RSA
|
||||
wolfSSL_CTX_SetRsaSignCb(ctx, myRsaSign);
|
||||
wolfSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify);
|
||||
wolfSSL_CTX_SetRsaEncCb(ctx, myRsaEnc);
|
||||
@@ -1911,17 +1938,17 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
|
||||
} key_ctx;
|
||||
|
||||
static key_ctx myKey_ctx;
|
||||
static WC_RNG rng;
|
||||
static WC_RNG myKey_rng;
|
||||
|
||||
static INLINE int TicketInit(void)
|
||||
{
|
||||
int ret = wc_InitRng(&rng);
|
||||
int ret = wc_InitRng(&myKey_rng);
|
||||
if (ret != 0) return ret;
|
||||
|
||||
ret = wc_RNG_GenerateBlock(&rng, myKey_ctx.key, sizeof(myKey_ctx.key));
|
||||
ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.key, sizeof(myKey_ctx.key));
|
||||
if (ret != 0) return ret;
|
||||
|
||||
ret = wc_RNG_GenerateBlock(&rng, myKey_ctx.name,sizeof(myKey_ctx.name));
|
||||
ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.name,sizeof(myKey_ctx.name));
|
||||
if (ret != 0) return ret;
|
||||
|
||||
return 0;
|
||||
@@ -1929,7 +1956,7 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
|
||||
|
||||
static INLINE void TicketCleanup(void)
|
||||
{
|
||||
wc_FreeRng(&rng);
|
||||
wc_FreeRng(&myKey_rng);
|
||||
}
|
||||
|
||||
static INLINE int myTicketEncCb(WOLFSSL* ssl,
|
||||
@@ -1951,7 +1978,7 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
|
||||
if (enc) {
|
||||
XMEMCPY(key_name, myKey_ctx.name, WOLFSSL_TICKET_NAME_SZ);
|
||||
|
||||
ret = wc_RNG_GenerateBlock(&rng, iv, WOLFSSL_TICKET_IV_SZ);
|
||||
ret = wc_RNG_GenerateBlock(&myKey_rng, iv, WOLFSSL_TICKET_IV_SZ);
|
||||
if (ret != 0) return WOLFSSL_TICKET_RET_REJECT;
|
||||
|
||||
/* build aad from key name, iv, and length */
|
||||
|
||||
Reference in New Issue
Block a user