diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/README.md b/IDE/ROWLEY-CROSSWORKS-ARM/README.md
index 14bf47c3b..9fa89a27b 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/README.md
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/README.md
@@ -31,8 +31,8 @@ To enable Freescale MMCAU:
1. [Download the MMCAU library](http://www.freescale.com/products/arm-processors/kinetis-cortex-m/k-series/k7x-glcd-mcus/crypto-acceleration-unit-cau-and-mmcau-software-library:CAUAP).
2. Copy the `lib_mmcau.a` and `cau_api.h` files into the project.
-3. Add `-L $(ProjectDir) -l lib_mmcau.a` to project "Additional Linker Options" OR goto "Build Configuration" and check "MMCAU".
-4. Enable the "FREESCALE_MMCAU" define in "user_settings.h" and make sure its value is 1.
+3. Enable the `FREESCALE_MMCAU` define in `user_settings.h` and make sure its value is `1`.
+4. Add the `lib_mmcau.a` file to `Source Files` in the application project.
# Project Files
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c b/IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
index 584acf933..99cf1fbc9 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
@@ -66,4 +66,19 @@ RSA 1024 decryption took 573.000 milliseconds, avg over 1 iterations
DH 1024 key generation 253.000 milliseconds, avg over 1 iterations
DH 1024 key agreement 311.000 milliseconds, avg over 1 iterations
Benchmark Test 1: Return code 0
+
+SAMPLE OUTPUT: Freescale K64 running at 96MHz with MMCAU enabled:
+Benchmark Test 1:
+AES 25 kB took 0.019 seconds, 1.285 MB/s
+ARC4 25 kB took 0.033 seconds, 0.740 MB/s
+RABBIT 25 kB took 0.028 seconds, 0.872 MB/s
+3DES 25 kB took 0.026 seconds, 0.939 MB/s
+MD5 25 kB took 0.005 seconds, 4.883 MB/s
+SHA 25 kB took 0.008 seconds, 3.052 MB/s
+SHA-256 25 kB took 0.013 seconds, 1.878 MB/s
+RSA 1024 encryption took 89.000 milliseconds, avg over 1 iterations
+RSA 1024 decryption took 573.000 milliseconds, avg over 1 iterations
+DH 1024 key generation 250.000 milliseconds, avg over 1 iterations
+DH 1024 key agreement 308.000 milliseconds, avg over 1 iterations
+Benchmark Test 1: Return code 0
*/
diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp b/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
index 4ec9e06d3..9d20a1ba5 100644
--- a/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
+++ b/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
@@ -306,10 +306,6 @@
Name="ARM_Release"
batch_build_configurations="V7EM THUMB * Release"
inherited_configurations="ARM;V7EM;Release;Kineits;Flash;THUMB" />
-
xfer_bytes) {
+ int len, rx_pos, select_ret;
+
+ /* Determine packet size */
+ len = min(TEST_BUFFER_SIZE, throughput - xfer_bytes);
+
+ /* Perform TX */
+ start = current_time();
+ if (wolfSSL_write(ssl, tx_buffer, len) != len) {
+ int writeErr = wolfSSL_get_error(ssl, 0);
+ printf("wolfSSL_write error %d!\n", writeErr);
+ err_sys("wolfSSL_write failed");
+ }
+ tx_time += current_time() - start;
+
+ /* Perform RX */
+ select_ret = tcp_select(sockfd, 1); /* Timeout=1 second */
+ if (select_ret == TEST_RECV_READY) {
+ start = current_time();
+ rx_pos = 0;
+ while(rx_pos < len) {
+ ret = wolfSSL_read(ssl, &rx_buffer[rx_pos], len - rx_pos);
+ if(ret <= 0) {
+ int readErr = wolfSSL_get_error(ssl, 0);
+ if (readErr != SSL_ERROR_WANT_READ) {
+ printf("wolfSSL_read error %d!\n", readErr);
+ err_sys("wolfSSL_read failed");
+ }
+ }
+ else {
+ rx_pos += ret;
+ }
+ }
+ rx_time += current_time() - start;
+ }
+
+ /* Compare TX and RX buffers */
+ if(XMEMCMP(tx_buffer, rx_buffer, len) != 0) {
+ err_sys("Compare TX and RX buffers failed");
+ }
+
+ /* Update overall position */
+ xfer_bytes += len;
+ }
+ }
+ else {
+ err_sys("wc_InitRng failed");
+ }
+ }
+ else {
+ err_sys("Client buffer malloc failed");
+ }
+ if(tx_buffer) free(tx_buffer);
+ if(rx_buffer) free(rx_buffer);
+ }
+ else {
+ err_sys("wolfSSL_connect failed");
+ }
+
+ wolfSSL_shutdown(ssl);
+ wolfSSL_free(ssl);
+ CloseSocket(sockfd);
+
+ printf("wolfSSL Client Benchmark %d bytes\n"
+ "\tConnect %8.3f ms\n"
+ "\tTX %8.3f ms (%8.3f MBps)\n"
+ "\tRX %8.3f ms (%8.3f MBps)\n",
+ throughput,
+ conn_time * 1000,
+ tx_time * 1000, throughput / tx_time / 1024 / 1024,
+ rx_time * 1000, throughput / rx_time / 1024 / 1024
+ );
+
+ return EXIT_SUCCESS;
+}
+
static void Usage(void)
{
@@ -137,7 +296,7 @@ static void Usage(void)
printf("-p Port to connect on, not 0, default %d\n", wolfSSLPort);
printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
CLIENT_DEFAULT_VERSION);
- printf("-l Cipher list\n");
+ printf("-l Cipher suite list (: delimited)\n");
printf("-c Certificate file, default %s\n", cliCert);
printf("-k Key file, default %s\n", cliKey);
printf("-A Certificate Authority file, default %s\n", caCert);
@@ -149,6 +308,7 @@ static void Usage(void)
#ifdef HAVE_ALPN
printf("-L Application-Layer Protocole Name ({C,F}:)\n");
#endif
+ printf("-B Benchmark throughput using bytes and print stats\n");
printf("-s Use pre Shared keys\n");
printf("-t Track wolfSSL memory use\n");
printf("-d Disable peer checks\n");
@@ -156,7 +316,7 @@ static void Usage(void)
printf("-e List Every cipher suite available, \n");
printf("-g Send server HTTP GET\n");
printf("-u Use UDP DTLS,"
- " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
+ " add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n");
printf("-m Match domain name in cert\n");
printf("-N Use Non-blocking sockets\n");
printf("-r Resume session\n");
@@ -187,7 +347,7 @@ static void Usage(void)
#ifdef ATOMIC_USER
printf("-U Atomic User Record Layer Callbacks\n");
#endif
-#ifdef HAVE_PK_CALLBACKS
+#ifdef HAVE_PK_CALLBACKS
printf("-P Public Key Callbacks\n");
#endif
#ifdef HAVE_ANON
@@ -200,12 +360,12 @@ static void Usage(void)
THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
{
- SOCKET_T sockfd = 0;
+ SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
WOLFSSL_METHOD* method = 0;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
-
+
WOLFSSL* sslResume = 0;
WOLFSSL_SESSION* session = 0;
char resumeMsg[] = "resuming wolfssl!";
@@ -228,6 +388,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
int useAnon = 0;
int sendGET = 0;
int benchmark = 0;
+ int throughput = 0;
int doDTLS = 0;
int matchName = 0;
int doPeerCheck = 1;
@@ -300,7 +461,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
StackTrap();
while ((ch = mygetopt(argc, argv,
- "?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:an:"))
+ "?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:aB:"))
!= -1) {
switch (ch) {
case '?' :
@@ -366,7 +527,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
break;
case 'P' :
- #ifdef HAVE_PK_CALLBACKS
+ #ifdef HAVE_PK_CALLBACKS
pkCallbacks = 1;
#endif
break;
@@ -426,6 +587,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
break;
+ case 'B' :
+ throughput = atoi(myoptarg);
+ if (throughput <= 0) {
+ Usage();
+ exit(MY_EX_USAGE);
+ }
+ break;
+
case 'N' :
nonBlocking = 1;
break;
@@ -633,9 +802,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (ctx == NULL)
err_sys("unable to get ctx");
- if (cipherList)
+ if (cipherList) {
if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
err_sys("client can't set cipher list 1");
+ }
#ifdef WOLFSSL_LEANPSK
usePsk = 1;
@@ -770,52 +940,23 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
if (benchmark) {
- /* time passed in number of connects give average */
- int times = benchmark;
- int loops = resumeSession ? 2 : 1;
- int i = 0;
- WOLFSSL_SESSION* benchSession = NULL;
-
- while (loops--) {
- int benchResume = resumeSession && loops == 0;
- double start = current_time(), avg;
-
- for (i = 0; i < times; i++) {
- tcp_connect(&sockfd, host, port, doDTLS);
-
- ssl = wolfSSL_new(ctx);
- if (benchResume)
- wolfSSL_set_session(ssl, benchSession);
- wolfSSL_set_fd(ssl, sockfd);
- if (wolfSSL_connect(ssl) != SSL_SUCCESS)
- err_sys("SSL_connect failed");
-
- wolfSSL_shutdown(ssl);
- if (i == (times-1) && resumeSession) {
- benchSession = wolfSSL_get_session(ssl);
- }
- wolfSSL_free(ssl);
- CloseSocket(sockfd);
- }
- avg = current_time() - start;
- avg /= times;
- avg *= 1000; /* milliseconds */
- if (benchResume)
- printf("wolfSSL_resume avg took: %8.3f milliseconds\n", avg);
- else
- printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg);
- }
-
+ ((func_args*)args)->return_code =
+ ClientBenchmarkConnections(ctx, host, port, doDTLS, benchmark, resumeSession);
wolfSSL_CTX_free(ctx);
- ((func_args*)args)->return_code = 0;
-
exit(EXIT_SUCCESS);
}
-
+
+ if(throughput) {
+ ((func_args*)args)->return_code =
+ ClientBenchmarkThroughput(ctx, host, port, doDTLS, throughput);
+ wolfSSL_CTX_free(ctx);
+ exit(EXIT_SUCCESS);
+ }
+
#if defined(WOLFSSL_MDK_ARM)
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
#endif
-
+
ssl = wolfSSL_new(ctx);
if (ssl == NULL)
err_sys("unable to get SSL object");
@@ -830,15 +971,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
#endif
- if (doDTLS) {
- SOCKADDR_IN_T addr;
- build_addr(&addr, host, port, 1);
- wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
- tcp_socket(&sockfd, 1);
- }
- else {
- tcp_connect(&sockfd, host, port, 0);
- }
+ tcp_connect(&sockfd, host, port, doDTLS, ssl);
#ifdef HAVE_POLY1305
/* use old poly to connect with google and wolfssl.com server */
@@ -986,21 +1119,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef NO_SESSION_CACHE
if (resumeSession) {
if (doDTLS) {
- SOCKADDR_IN_T addr;
- #ifdef USE_WINDOWS_API
- Sleep(500);
- #elif defined(WOLFSSL_TIRTOS)
- Task_sleep(1);
- #else
- sleep(1);
- #endif
- build_addr(&addr, host, port, 1);
- wolfSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
- tcp_socket(&sockfd, 1);
- }
- else {
- tcp_connect(&sockfd, host, port, 0);
+#ifdef USE_WINDOWS_API
+ Sleep(500);
+#elif defined(WOLFSSL_TIRTOS)
+ Task_sleep(1);
+#else
+ sleep(1);
+#endif
}
+ tcp_connect(&sockfd, host, port, doDTLS, sslResume);
wolfSSL_set_fd(sslResume, sockfd);
#ifdef HAVE_ALPN
if (alpnList != NULL) {
@@ -1020,7 +1147,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_set_SessionTicket_cb(sslResume, sessionTicketCB,
(void*)"resumed session");
#endif
-
+
showPeer(sslResume);
#ifndef WOLFSSL_CALLBACKS
if (nonBlocking) {
@@ -1080,7 +1207,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
/* try to send session break */
- wolfSSL_write(sslResume, msg, msgSz);
+ wolfSSL_write(sslResume, msg, msgSz);
ret = wolfSSL_shutdown(sslResume);
if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
@@ -1134,10 +1261,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
-
+
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, client_test);
-#else
+#else
client_test(&args);
#endif
wolfSSL_Cleanup();
diff --git a/examples/client/client.h b/examples/client/client.h
index e4b13be48..25881aab8 100644
--- a/examples/client/client.h
+++ b/examples/client/client.h
@@ -23,3 +23,11 @@
THREAD_RETURN WOLFSSL_THREAD client_test(void* args);
+/* Measures average time to create, connect and disconnect a connection (TPS).
+Benchmark = number of connections. */
+int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
+ int doDTLS, int benchmark, int resumeSession);
+
+/* Measures throughput in kbps. Throughput = number of bytes */
+int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
+ int doDTLS, int throughput);
diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c
index e855999c1..8cf05c26c 100644
--- a/examples/echoclient/echoclient.c
+++ b/examples/echoclient/echoclient.c
@@ -164,16 +164,7 @@ void echoclient_test(void* args)
#endif
ssl = SSL_new(ctx);
-
- if (doDTLS) {
- SOCKADDR_IN_T addr;
- build_addr(&addr, yasslIP, port, 1);
- CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
- tcp_socket(&sockfd, 1);
- }
- else {
- tcp_connect(&sockfd, yasslIP, port, 0);
- }
+ tcp_connect(&sockfd, yasslIP, port, doDTLS, ssl);
SSL_set_fd(ssl, sockfd);
#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c
index 453e162bb..e510e1387 100644
--- a/examples/echoserver/echoserver.c
+++ b/examples/echoserver/echoserver.c
@@ -248,7 +248,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
err_sys("recvfrom failed");
}
#endif
- if (clientfd == -1) err_sys("tcp accept failed");
+ if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) err_sys("tcp accept failed");
ssl = CyaSSL_new(ctx);
if (ssl == NULL) err_sys("SSL_new failed");
diff --git a/examples/include.am b/examples/include.am
new file mode 100644
index 000000000..e06bc86a1
--- /dev/null
+++ b/examples/include.am
@@ -0,0 +1,7 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+include examples/client/include.am
+include examples/echoclient/include.am
+include examples/echoserver/include.am
+include examples/server/include.am
diff --git a/examples/server/server.c b/examples/server/server.c
index a6c844b0d..98dc61fed 100644
--- a/examples/server/server.c
+++ b/examples/server/server.c
@@ -40,8 +40,8 @@
#if defined(WOLFSSL_MDK5)
#include "cmsis_os.h"
- #include "rl_fs.h"
- #include "rl_net.h"
+ #include "rl_fs.h"
+ #include "rl_net.h"
#else
#include "rtl.h"
#endif
@@ -81,10 +81,11 @@ static void NonBlockingSSL_Accept(SSL* ssl)
error == SSL_ERROR_WANT_WRITE)) {
int currTimeout = 1;
- if (error == SSL_ERROR_WANT_READ)
- printf("... server would read block\n");
- else
- printf("... server would write block\n");
+ if (error == SSL_ERROR_WANT_READ) {
+ /* printf("... server would read block\n"); */
+ } else {
+ /* printf("... server would write block\n"); */
+ }
#ifdef CYASSL_DTLS
currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
@@ -118,6 +119,68 @@ static void NonBlockingSSL_Accept(SSL* ssl)
err_sys("SSL_accept failed");
}
+/* Echo number of bytes specified by -e arg */
+int ServerEchoData(SSL* ssl, int clientfd, int echoData, int throughput)
+{
+ int ret = 0;
+ char* buffer = (char*)malloc(TEST_BUFFER_SIZE);
+ if(buffer) {
+ double start, rx_time = 0, tx_time = 0;
+ int xfer_bytes = 0;
+ while((echoData && throughput == 0) || (!echoData && xfer_bytes < throughput)) {
+ int select_ret = tcp_select(clientfd, 1); /* Timeout=1 second */
+ if (select_ret == TEST_RECV_READY) {
+ int len = min(TEST_BUFFER_SIZE, throughput - xfer_bytes);
+ int rx_pos = 0;
+ if(throughput) {
+ start = current_time();
+ }
+ while(rx_pos < len) {
+ ret = SSL_read(ssl, &buffer[rx_pos], len - rx_pos);
+ if (ret <= 0) {
+ int readErr = SSL_get_error(ssl, 0);
+ if (readErr != SSL_ERROR_WANT_READ) {
+ printf("SSL_read error %d!\n", readErr);
+ err_sys("SSL_read failed");
+ }
+ }
+ else {
+ rx_pos += ret;
+ }
+ }
+ if(throughput) {
+ rx_time += current_time() - start;
+ start = current_time();
+ }
+ if (SSL_write(ssl, buffer, len) != len) {
+ err_sys("SSL_write failed");
+ }
+ if(throughput) {
+ tx_time += current_time() - start;
+ }
+
+ xfer_bytes += len;
+ }
+ }
+ free(buffer);
+
+ if(throughput) {
+ printf("wolfSSL Server Benchmark %d bytes\n"
+ "\tRX %8.3f ms (%8.3f MBps)\n"
+ "\tTX %8.3f ms (%8.3f MBps)\n",
+ throughput,
+ tx_time * 1000, throughput / tx_time / 1024 / 1024,
+ rx_time * 1000, throughput / rx_time / 1024 / 1024
+ );
+ }
+ }
+ else {
+ err_sys("Server buffer malloc failed");
+ }
+
+ return EXIT_SUCCESS;
+}
+
static void Usage(void)
{
@@ -127,7 +190,7 @@ static void Usage(void)
printf("-p Port to listen on, not 0, default %d\n", yasslPort);
printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
SERVER_DEFAULT_VERSION);
- printf("-l Cipher list\n");
+ printf("-l Cipher suite list (: delimited)\n");
printf("-c Certificate file, default %s\n", svrCert);
printf("-k Key file, default %s\n", svrKey);
printf("-A Certificate Authority file, default %s\n", cliCert);
@@ -144,7 +207,7 @@ static void Usage(void)
printf("-s Use pre Shared keys\n");
printf("-t Track wolfSSL memory use\n");
printf("-u Use UDP DTLS,"
- " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
+ " add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n");
printf("-f Fewer packets/group messages\n");
printf("-R Create server ready file, for external monitor\n");
printf("-r Allow one client Resumption\n");
@@ -155,7 +218,7 @@ static void Usage(void)
printf("-o Perform OCSP lookup on peer certificate\n");
printf("-O Perform OCSP lookup using as responder\n");
#endif
-#ifdef HAVE_PK_CALLBACKS
+#ifdef HAVE_PK_CALLBACKS
printf("-P Public Key Callbacks\n");
#endif
#ifdef HAVE_ANON
@@ -164,20 +227,22 @@ static void Usage(void)
#ifndef NO_PSK
printf("-I Do not send PSK identity hint\n");
#endif
+ printf("-i Loop indefinitely (allow repeated connections)\n");
+ printf("-e Echo data mode (return raw bytes received)\n");
+ printf("-B Benchmark throughput using bytes and print stats\n");
}
THREAD_RETURN CYASSL_THREAD server_test(void* args)
{
- SOCKET_T sockfd = 0;
- SOCKET_T clientfd = 0;
+ SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
+ SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID;
SSL_METHOD* method = 0;
SSL_CTX* ctx = 0;
SSL* ssl = 0;
- char msg[] = "I hear you fa shizzle!";
+ const char msg[] = "I hear you fa shizzle!";
char input[80];
- int idx;
int ch;
int version = SERVER_DEFAULT_VERSION;
int doCliCertCheck = 1;
@@ -194,8 +259,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
int pkCallbacks = 0;
int serverReadyFile = 0;
int wc_shutdown = 0;
- int resume = 0; /* do resume, and resume count */
+ int resume = 0;
+ int resumeCount = 0;
+ int loopIndefinitely = 0;
+ int echoData = 0;
+ int throughput = 0;
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
+ int doListen = 1;
int ret;
char* alpnList = NULL;
unsigned char alpn_opt = 0;
@@ -244,7 +314,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
fdOpenSession(Task_self());
#endif
- while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:L:"))
+ while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:L:ieB:"))
!= -1) {
switch (ch) {
case '?' :
@@ -292,7 +362,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
break;
case 'P' :
- #ifdef HAVE_PK_CALLBACKS
+ #ifdef HAVE_PK_CALLBACKS
pkCallbacks = 1;
#endif
break;
@@ -400,6 +470,23 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#endif
break;
+
+ case 'i' :
+ loopIndefinitely = 1;
+ break;
+
+ case 'e' :
+ echoData = 1;
+ break;
+
+ case 'B':
+ throughput = atoi(myoptarg);
+ if (throughput <= 0) {
+ Usage();
+ exit(MY_EX_USAGE);
+ }
+ break;
+
default:
Usage();
exit(MY_EX_USAGE);
@@ -593,173 +680,182 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
err_sys("UseSNI failed");
#endif
-while (1) { /* allow resume option */
- if (resume > 1) { /* already did listen, just do accept */
- if (doDTLS == 0) {
- SOCKADDR_IN_T client;
- socklen_t client_len = sizeof(client);
- clientfd = accept(sockfd, (struct sockaddr*)&client,
- (ACCEPT_THIRD_T)&client_len);
- } else {
- tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
- clientfd = sockfd;
+ while (1) {
+ /* allow resume option */
+ if(resumeCount > 1) {
+ if (doDTLS == 0) {
+ SOCKADDR_IN_T client;
+ socklen_t client_len = sizeof(client);
+ clientfd = accept(sockfd, (struct sockaddr*)&client,
+ (ACCEPT_THIRD_T)&client_len);
+ } else {
+ tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
+ clientfd = sockfd;
+ }
+ if(WOLFSSL_SOCKET_IS_INVALID(clientfd)) {
+ err_sys("tcp accept failed");
+ }
}
- #ifdef USE_WINDOWS_API
- if (clientfd == INVALID_SOCKET) err_sys("tcp accept failed");
- #else
- if (clientfd == -1) err_sys("tcp accept failed");
- #endif
- }
- ssl = SSL_new(ctx);
- if (ssl == NULL)
- err_sys("unable to get SSL");
+ ssl = SSL_new(ctx);
+ if (ssl == NULL)
+ err_sys("unable to get SSL");
#ifndef NO_HANDSHAKE_DONE_CB
- wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
+ wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
#endif
#ifdef HAVE_CRL
- CyaSSL_EnableCRL(ssl, 0);
- CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
- CYASSL_CRL_START_MON);
- CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
+ CyaSSL_EnableCRL(ssl, 0);
+ CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
+ CYASSL_CRL_START_MON);
+ CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
#endif
#ifdef HAVE_OCSP
- if (useOcsp) {
- if (ocspUrl != NULL) {
- CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
- CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
- | CYASSL_OCSP_URL_OVERRIDE);
+ if (useOcsp) {
+ if (ocspUrl != NULL) {
+ CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
+ CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
+ | CYASSL_OCSP_URL_OVERRIDE);
+ }
+ else
+ CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
}
- else
- CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
- }
#endif
#ifdef HAVE_PK_CALLBACKS
- if (pkCallbacks)
- SetupPkCallbacks(ctx, ssl);
+ if (pkCallbacks)
+ SetupPkCallbacks(ctx, ssl);
#endif
- if (resume < 2) { /* do listen and accept */
+ /* do accept */
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr,
- doDTLS, serverReadyFile);
- }
+ doDTLS, serverReadyFile, doListen);
+ doListen = 0; /* Don't listen next time */
- SSL_set_fd(ssl, clientfd);
+ SSL_set_fd(ssl, clientfd);
#ifdef HAVE_ALPN
- if (alpnList != NULL) {
- printf("ALPN accepted protocols list : %s\n", alpnList);
- wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt);
- }
+ if (alpnList != NULL) {
+ printf("ALPN accepted protocols list : %s\n", alpnList);
+ wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt);
+ }
#endif
#ifdef WOLFSSL_DTLS
- if (doDTLS) {
- SOCKADDR_IN_T cliaddr;
- byte b[1500];
- int n;
- socklen_t len = sizeof(cliaddr);
+ if (doDTLS) {
+ SOCKADDR_IN_T cliaddr;
+ byte b[1500];
+ int n;
+ socklen_t len = sizeof(cliaddr);
- /* For DTLS, peek at the next datagram so we can get the client's
- * address and set it into the ssl object later to generate the
- * cookie. */
- n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
- (struct sockaddr*)&cliaddr, &len);
- if (n <= 0)
- err_sys("recvfrom failed");
+ /* For DTLS, peek at the next datagram so we can get the client's
+ * address and set it into the ssl object later to generate the
+ * cookie. */
+ n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
+ (struct sockaddr*)&cliaddr, &len);
+ if (n <= 0)
+ err_sys("recvfrom failed");
- wolfSSL_dtls_set_peer(ssl, &cliaddr, len);
- }
+ wolfSSL_dtls_set_peer(ssl, &cliaddr, len);
+ }
#endif
- if (usePsk == 0 || useAnon == 1 || cipherList != NULL || needDH == 1) {
- #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
- CyaSSL_SetTmpDH_file(ssl, ourDhParam, SSL_FILETYPE_PEM);
- #elif !defined(NO_DH)
- SetDH(ssl); /* repick suites with DHE, higher priority than PSK */
- #endif
- }
+ if (usePsk == 0 || useAnon == 1 || cipherList != NULL || needDH == 1) {
+ #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
+ CyaSSL_SetTmpDH_file(ssl, ourDhParam, SSL_FILETYPE_PEM);
+ #elif !defined(NO_DH)
+ SetDH(ssl); /* repick suites with DHE, higher priority than PSK */
+ #endif
+ }
#ifndef CYASSL_CALLBACKS
- if (nonBlocking) {
- CyaSSL_set_using_nonblock(ssl, 1);
- tcp_set_nonblocking(&clientfd);
- NonBlockingSSL_Accept(ssl);
- } else if (SSL_accept(ssl) != SSL_SUCCESS) {
- int err = SSL_get_error(ssl, 0);
- char buffer[CYASSL_MAX_ERROR_SZ];
- printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
- err_sys("SSL_accept failed");
- }
+ if (nonBlocking) {
+ CyaSSL_set_using_nonblock(ssl, 1);
+ tcp_set_nonblocking(&clientfd);
+ NonBlockingSSL_Accept(ssl);
+ } else if (SSL_accept(ssl) != SSL_SUCCESS) {
+ int err = SSL_get_error(ssl, 0);
+ char buffer[CYASSL_MAX_ERROR_SZ];
+ printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
+ err_sys("SSL_accept failed");
+ }
#else
- NonBlockingSSL_Accept(ssl);
+ NonBlockingSSL_Accept(ssl);
#endif
- showPeer(ssl);
+ showPeer(ssl);
#ifdef HAVE_ALPN
- if (alpnList != NULL) {
- int err;
- char *protocol_name = NULL, *list = NULL;
- word16 protocol_nameSz = 0, listSz = 0;
+ if (alpnList != NULL) {
+ int err;
+ char *protocol_name = NULL, *list = NULL;
+ word16 protocol_nameSz = 0, listSz = 0;
- err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name, &protocol_nameSz);
- if (err == SSL_SUCCESS)
- printf("Sent ALPN protocol : %s (%d)\n",
- protocol_name, protocol_nameSz);
- else if (err == SSL_ALPN_NOT_FOUND)
- printf("No ALPN response sent (no match)\n");
- else
- printf("Getting ALPN protocol name failed\n");
+ err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name, &protocol_nameSz);
+ if (err == SSL_SUCCESS)
+ printf("Sent ALPN protocol : %s (%d)\n",
+ protocol_name, protocol_nameSz);
+ else if (err == SSL_ALPN_NOT_FOUND)
+ printf("No ALPN response sent (no match)\n");
+ else
+ printf("Getting ALPN protocol name failed\n");
- err = wolfSSL_ALPN_GetPeerProtocol(ssl, &list, &listSz);
- if (err == SSL_SUCCESS)
- printf("List of protocol names sent by Client: %s (%d)\n",
- list, listSz);
- else
- printf("Get list of client's protocol name failed\n");
+ err = wolfSSL_ALPN_GetPeerProtocol(ssl, &list, &listSz);
+ if (err == SSL_SUCCESS)
+ printf("List of protocol names sent by Client: %s (%d)\n",
+ list, listSz);
+ else
+ printf("Get list of client's protocol name failed\n");
- XFREE(list, NULL, DYNAMIC_TMP_OUT_BUFFER);
- }
+ XFREE(list, NULL, DYNAMIC_TMP_OUT_BUFFER);
+ }
+#endif
+ if(echoData == 0 && throughput == 0) {
+ ret = SSL_read(ssl, input, sizeof(input)-1);
+ if (ret > 0) {
+ input[ret] = 0;
+ printf("Client message: %s\n", input);
+
+ }
+ else if (ret < 0) {
+ int readErr = SSL_get_error(ssl, 0);
+ if (readErr != SSL_ERROR_WANT_READ)
+ err_sys("SSL_read failed");
+ }
+
+ if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
+ err_sys("SSL_write failed");
+ }
+ else {
+ ServerEchoData(ssl, clientfd, echoData, throughput);
+ }
+
+#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
+ os_dly_wait(500) ;
+#elif defined (CYASSL_TIRTOS)
+ Task_yield();
#endif
- idx = SSL_read(ssl, input, sizeof(input)-1);
- if (idx > 0) {
- input[idx] = 0;
- printf("Client message: %s\n", input);
+ if (doDTLS == 0) {
+ ret = SSL_shutdown(ssl);
+ if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
+ SSL_shutdown(ssl); /* bidirectional shutdown */
+ }
+ SSL_free(ssl);
- }
- else if (idx < 0) {
- int readErr = SSL_get_error(ssl, 0);
- if (readErr != SSL_ERROR_WANT_READ)
- err_sys("SSL_read failed");
- }
-
- if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
- err_sys("SSL_write failed");
-
- #if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
- os_dly_wait(500) ;
- #elif defined (CYASSL_TIRTOS)
- Task_yield();
- #endif
-
- if (doDTLS == 0) {
- ret = SSL_shutdown(ssl);
- if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
- SSL_shutdown(ssl); /* bidirectional shutdown */
- }
- SSL_free(ssl);
- if (resume == 1) {
CloseSocket(clientfd);
- resume++; /* only do one resume for testing */
- continue;
- }
- break; /* out of while loop, done with normal and resume option */
-}
+
+ if (resume == 1 && resumeCount == 0) {
+ resumeCount++; /* only do one resume for testing */
+ continue;
+ }
+ resumeCount = 0;
+
+ if(!loopIndefinitely) {
+ break; /* out of while loop, done with normal and resume option */
+ }
+ } /* while(1) */
+
+ CloseSocket(sockfd);
SSL_CTX_free(ctx);
- CloseSocket(clientfd);
- CloseSocket(sockfd);
((func_args*)args)->return_code = 0;
@@ -816,10 +912,10 @@ while (1) { /* allow resume option */
ChangeDirBack(2);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
-
+
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test);
-#else
+#else
server_test(&args);
#endif
CyaSSL_Cleanup();
diff --git a/examples/server/server.h b/examples/server/server.h
index c42260fce..3cba4c004 100644
--- a/examples/server/server.h
+++ b/examples/server/server.h
@@ -22,3 +22,7 @@
#pragma once
THREAD_RETURN WOLFSSL_THREAD server_test(void* args);
+
+/* Echo bytes using buffer of TEST_BUFFER_SIZE until [echoData] bytes are complete. */
+/* If [bechmarkThroughput] set the statistcs will be output at the end */
+int ServerEchoData(WOLFSSL* ssl, int clientfd, int echoData, int benchmarkThroughput);
diff --git a/scripts/benchmark.test b/scripts/benchmark.test
new file mode 100755
index 000000000..8e4cff9ab
--- /dev/null
+++ b/scripts/benchmark.test
@@ -0,0 +1,115 @@
+#!/bin/sh
+
+#benchmark.test
+
+if [ "$#" -lt 2 ]; then
+ echo "Usage: $0 [mode] [num] [clientargs] [serverargs]" >&2
+ echo " [mode]: 1=Connection Rate (TPS), 2=Throughput Bytes" >&2
+ echo " [num]: Mode 1=Connection Count, Mode 2=Bytes to TX/RX" >&2
+ echo " [clientargs]: Passed to client (see \"./example/client/client -?\" for help)" >&2
+ echo " Example: Use different cipher suite: \"-l DHE-RSA-AES256-SHA\"" >&2
+ echo " [serverargs]: Passed to server (see \"./example/server/server -?\" for help)" >&2
+ echo " Example: Disable client certificate check: \"-d\"" >&2
+ echo "Note: If additional client or server args contains spaces wrap with double quotes" >&2
+ exit 1
+fi
+
+# Use unique benchmark port so it won't conflict with any other tests
+bench_port=11113
+no_pid=-1
+server_pid=$no_pid
+counter=0
+client_result=-1
+
+remove_ready_file() {
+ if test -e /tmp/wolfssl_server_ready; then
+ echo "removing exisitng server_ready file"
+ rm /tmp/wolfssl_server_ready
+ fi
+}
+
+
+do_cleanup() {
+ echo "in cleanup"
+
+ if [ $server_pid != $no_pid ]
+ then
+ echo "killing server"
+ kill -9 $server_pid
+ fi
+ remove_ready_file
+}
+
+do_trap() {
+ echo "got trap"
+ do_cleanup
+ exit -1
+}
+
+trap do_trap INT TERM
+
+# Start server in loop continuous mode (-L) with echo data (-e) enabled and non-blocking (-N)
+echo "\nStarting example server for benchmark test"
+remove_ready_file
+# benchmark connections
+if [ $1 == 1 ]
+then
+ # start server in loop mode with port
+ ./examples/server/server -i -p $bench_port $4 &
+ server_pid=$!
+fi
+
+# benchmark throughput
+if [ $1 == 2 ]
+then
+ # start server in loop mode, non-blocking, benchmark throughput with port
+ ./examples/server/server -i -N -B $2 -p $bench_port $4 &
+ server_pid=$!
+fi
+
+
+echo "Waiting for server_ready file..."
+while [ ! -s /tmp/wolfssl_server_ready -a "$counter" -lt 20 ]; do
+ sleep 0.1
+ counter=$((counter+ 1))
+done
+
+# benchmark connections
+if [ $1 == 1 ]
+then
+ echo "Starting example client to benchmark connection average time"
+ # start client to benchmark average time for each connection using port
+ ./examples/client/client -b $2 -p $bench_port $3
+ client_result=$?
+fi
+
+# benchmark throughput
+if [ $1 == 2 ]
+then
+ echo "Starting example client to benchmark throughput"
+ # start client in non-blocking mode, benchmark throughput using port
+ ./examples/client/client -N -B $2 -p $bench_port $3
+ client_result=$?
+fi
+
+if [ $client_result != 0 ]
+then
+ echo "Client failed!"
+ do_cleanup
+ exit 1
+fi
+
+# End server
+kill -6 $server_pid
+server_result=$?
+remove_ready_file
+
+if [ $server_result != 0 ]
+then
+ echo "Server failed!"
+ exit 1
+fi
+
+echo "\nSuccess!\n"
+
+exit 0
diff --git a/scripts/include.am b/scripts/include.am
index 915baf63a..94232516b 100644
--- a/scripts/include.am
+++ b/scripts/include.am
@@ -10,6 +10,7 @@ endif
if BUILD_EXAMPLES
dist_noinst_SCRIPTS+= scripts/resume.test
+EXTRA_DIST+= scripts/benchmark.test
if BUILD_CRL
# make revoked test rely on completion of resume test
diff --git a/src/ssl.c b/src/ssl.c
index 9d172d232..292352dc2 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -17066,5 +17066,29 @@ int wolfSSL_ED25519_verify(const unsigned char *msg, unsigned int msgSz,
}
#endif /* OPENSSL_EXTRA && HAVE_ED25519 */
+
+#ifdef WOLFSSL_JNI
+
+int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr)
+{
+ WOLFSSL_ENTER("wolfSSL_set_jobject");
+ if (ssl != NULL)
+ {
+ ssl->jObjectRef = objPtr;
+ return SSL_SUCCESS;
+ }
+ return SSL_FAILURE;
+}
+
+void* wolfSSL_get_jobject(WOLFSSL* ssl)
+{
+ WOLFSSL_ENTER("wolfSSL_get_jobject");
+ if (ssl != NULL)
+ return ssl->jObjectRef;
+ return NULL;
+}
+
+#endif /* WOLFSSL_JNI */
+
#endif /* WOLFCRYPT_ONLY */
diff --git a/tests/api.c b/tests/api.c
index 26222ffdf..ccd03748c 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -357,7 +357,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
}
ssl = wolfSSL_new(ctx);
- tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0);
+ tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 1);
CloseSocket(sockfd);
wolfSSL_set_fd(ssl, clientfd);
@@ -467,9 +467,8 @@ static void test_client_nofail(void* args)
goto done2;
}
- tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0);
-
ssl = wolfSSL_new(ctx);
+ tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl);
wolfSSL_set_fd(ssl, sockfd);
if (wolfSSL_connect(ssl) != SSL_SUCCESS)
{
@@ -557,7 +556,7 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
ssl = wolfSSL_new(ctx);
- tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0);
+ tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 1);
CloseSocket(sfd);
wolfSSL_set_fd(ssl, cfd);
@@ -650,9 +649,8 @@ static void run_wolfssl_client(void* args)
if (callbacks->ctx_ready)
callbacks->ctx_ready(ctx);
- tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0);
-
ssl = wolfSSL_new(ctx);
+ tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl);
wolfSSL_set_fd(ssl, sfd);
if (callbacks->ssl_ready)
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index b84bd1d29..add081d78 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -2484,6 +2484,9 @@ struct WOLFSSL {
SessionSecretCb sessionSecretCb;
void* sessionSecretCtx;
#endif /* HAVE_SECRET_CALLBACK */
+#ifdef WOLFSSL_JNI
+ void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */
+#endif /* WOLFSSL_JNI */
};
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 986e98ed5..d852d2be1 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -1682,6 +1682,11 @@ WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *,
WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*);
#endif /* HAVE_STUNNEL */
+#ifdef WOLFSSL_JNI
+WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
+WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl);
+#endif /* WOLFSSL_JNI */
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/wolfssl/test.h b/wolfssl/test.h
index 248f0ce18..8549f0f7a 100644
--- a/wolfssl/test.h
+++ b/wolfssl/test.h
@@ -23,7 +23,7 @@
#endif /* HAVE_ECC */
#endif /*HAVE_PK_CALLBACKS */
-#ifdef USE_WINDOWS_API
+#ifdef USE_WINDOWS_API
#include
#include
#ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */
@@ -61,11 +61,11 @@
#include
#include
struct hostent {
- char *h_name; /* official name of host */
- char **h_aliases; /* alias list */
- int h_addrtype; /* host address type */
- int h_length; /* length of address */
- char **h_addr_list; /* list of addresses from name server */
+ char *h_name; /* official name of host */
+ char **h_aliases; /* alias list */
+ int h_addrtype; /* host address type */
+ int h_length; /* length of address */
+ char **h_addr_list; /* list of addresses from name server */
};
#define SOCKET_T int
#elif defined(WOLFSSL_VXWORKS)
@@ -79,7 +79,7 @@
#include
#include
#include
- #include
+ #include
#define SOCKET_T int
#else
#include
@@ -118,6 +118,39 @@
#pragma warning(disable:4244 4996)
#endif
+/* Buffer for benchmark tests */
+#ifndef TEST_BUFFER_SIZE
+#define TEST_BUFFER_SIZE 16384
+#endif
+
+#ifndef WOLFSSL_HAVE_MIN
+ #define WOLFSSL_HAVE_MIN
+ static INLINE word32 min(word32 a, word32 b)
+ {
+ return a > b ? b : a;
+ }
+#endif /* WOLFSSL_HAVE_MIN */
+
+/* Socket Handling */
+#ifndef WOLFSSL_SOCKET_INVALID
+#ifdef USE_WINDOWS_API
+ #define WOLFSSL_SOCKET_INVALID INVALID_SOCKET
+#elif defined(WOLFSSL_TIRTOS)
+ #define WOLFSSL_SOCKET_INVALID -1
+#else
+ #define WOLFSSL_SOCKET_INVALID 0
+#endif
+#endif /* WOLFSSL_SOCKET_INVALID */
+
+#ifndef WOLFSSL_SOCKET_IS_INVALID
+#ifdef USE_WINDOWS_API
+ #define WOLFSSL_SOCKET_IS_INVALID(s) ((s) == WOLFSSL_SOCKET_INVALID)
+#elif defined(WOLFSSL_TIRTOS)
+ #define WOLFSSL_SOCKET_IS_INVALID(s) ((s) == WOLFSSL_SOCKET_INVALID)
+#else
+ #define WOLFSSL_SOCKET_IS_INVALID(s) ((s) < WOLFSSL_SOCKET_INVALID)
+#endif
+#endif /* WOLFSSL_SOCKET_IS_INVALID */
#if defined(__MACH__) || defined(USE_WINDOWS_API)
#ifndef _SOCKLEN_T
@@ -140,7 +173,7 @@
#endif
-#ifdef USE_WINDOWS_API
+#ifdef USE_WINDOWS_API
#define CloseSocket(s) closesocket(s)
#define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
#elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
@@ -186,7 +219,7 @@
typedef struct sockaddr_in SOCKADDR_IN_T;
#define AF_INET_V AF_INET
#endif
-
+
#define SERVER_DEFAULT_VERSION 3
#define SERVER_DTLS_DEFAULT_VERSION (-2)
@@ -238,7 +271,7 @@ typedef struct tcp_ready {
pthread_mutex_t mutex;
pthread_cond_t cond;
#endif
-} tcp_ready;
+} tcp_ready;
void InitTcpReady(tcp_ready*);
@@ -333,7 +366,7 @@ static INLINE int mygetopt(int argc, char** argv, const char* optstring)
/* The C++ strchr can return a different value */
cp = (char*)strchr(optstring, c);
- if (cp == NULL || c == ':')
+ if (cp == NULL || c == ':')
return '?';
cp++;
@@ -347,7 +380,7 @@ static INLINE int mygetopt(int argc, char** argv, const char* optstring)
myoptarg = argv[myoptind];
myoptind++;
}
- else
+ else
return '?';
}
@@ -380,7 +413,7 @@ static INLINE void ShowX509(WOLFSSL_X509* x509, const char* hdr)
byte serial[32];
int ret;
int sz = sizeof(serial);
-
+
printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject);
while ( (altName = wolfSSL_X509_get_next_altname(x509)) != NULL)
@@ -542,18 +575,11 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
else
*sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
-#ifdef USE_WINDOWS_API
- if (*sockfd == INVALID_SOCKET)
+ if(WOLFSSL_SOCKET_IS_INVALID(*sockfd)) {
err_sys("socket failed\n");
-#elif defined(WOLFSSL_TIRTOS)
- if (*sockfd == -1)
- err_sys("socket failed\n");
-#else
- if (*sockfd < 0)
- err_sys("socket failed\n");
-#endif
+ }
-#ifndef USE_WINDOWS_API
+#ifndef USE_WINDOWS_API
#ifdef SO_NOSIGPIPE
{
int on = 1;
@@ -583,10 +609,13 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
}
static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port,
- int udp)
+ int udp, WOLFSSL* ssl)
{
SOCKADDR_IN_T addr;
build_addr(&addr, ip, port, udp);
+ if(udp) {
+ wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
+ }
tcp_socket(sockfd, udp);
if (!udp) {
@@ -769,7 +798,7 @@ static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
func_args* args, word16 port, int useAnyAddr,
- int udp, int ready_file)
+ int udp, int ready_file, int do_listen)
{
SOCKADDR_IN_T client;
socklen_t client_len = sizeof(client);
@@ -779,49 +808,47 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
return;
}
- tcp_listen(sockfd, &port, useAnyAddr, udp);
+ if(do_listen) {
+ tcp_listen(sockfd, &port, useAnyAddr, udp);
-#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
- /* signal ready to tcp_accept */
- {
- tcp_ready* ready = args->signal;
- pthread_mutex_lock(&ready->mutex);
- ready->ready = 1;
- ready->port = port;
- pthread_cond_signal(&ready->cond);
- pthread_mutex_unlock(&ready->mutex);
- }
-#elif defined (WOLFSSL_TIRTOS)
- /* Need mutex? */
- tcp_ready* ready = args->signal;
- ready->ready = 1;
- ready->port = port;
-#endif
-
- if (ready_file) {
-#ifndef NO_FILESYSTEM
- #ifndef USE_WINDOWS_API
- FILE* srf = fopen("/tmp/wolfssl_server_ready", "w");
- #else
- FILE* srf = fopen("wolfssl_server_ready", "w");
+ #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+ /* signal ready to tcp_accept */
+ {
+ tcp_ready* ready = args->signal;
+ pthread_mutex_lock(&ready->mutex);
+ ready->ready = 1;
+ ready->port = port;
+ pthread_cond_signal(&ready->cond);
+ pthread_mutex_unlock(&ready->mutex);
+ }
+ #elif defined (WOLFSSL_TIRTOS)
+ /* Need mutex? */
+ tcp_ready* ready = args->signal;
+ ready->ready = 1;
+ ready->port = port;
#endif
- if (srf) {
- fputs("ready", srf);
- fclose(srf);
+ if (ready_file) {
+ #ifndef NO_FILESYSTEM
+ #ifndef USE_WINDOWS_API
+ FILE* srf = fopen("/tmp/wolfssl_server_ready", "w");
+ #else
+ FILE* srf = fopen("wolfssl_server_ready", "w");
+ #endif
+
+ if (srf) {
+ fputs("ready", srf);
+ fclose(srf);
+ }
+ #endif
}
-#endif
}
*clientfd = accept(*sockfd, (struct sockaddr*)&client,
(ACCEPT_THIRD_T)&client_len);
-#ifdef USE_WINDOWS_API
- if (*clientfd == INVALID_SOCKET)
+ if(WOLFSSL_SOCKET_IS_INVALID(*clientfd)) {
err_sys("tcp accept failed");
-#else
- if (*clientfd == -1)
- err_sys("tcp accept failed");
-#endif
+ }
}
@@ -894,7 +921,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
#endif /* NO_PSK */
-#ifdef USE_WINDOWS_API
+#ifdef USE_WINDOWS_API
#define WIN32_LEAN_AND_MEAN
#include
@@ -903,7 +930,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
{
static int init = 0;
static LARGE_INTEGER freq;
-
+
LARGE_INTEGER count;
if (!init) {
@@ -930,7 +957,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
}
-
+
#endif
#endif /* USE_WINDOWS_API */
@@ -1133,18 +1160,18 @@ static INLINE int OpenNitroxDevice(int dma_mode,int dev_id)
#endif /* HAVE_CAVIUM */
-#ifdef USE_WINDOWS_API
+#ifdef USE_WINDOWS_API
/* do back x number of directories */
static INLINE void ChangeDirBack(int x)
{
- char path[MAX_PATH];
- XMEMSET(path, 0, MAX_PATH);
- XSTRNCAT(path, ".\\", MAX_PATH);
- while (x-- > 0) {
- XSTRNCAT(path, "..\\", MAX_PATH);
- }
- SetCurrentDirectoryA(path);
+ char path[MAX_PATH];
+ XMEMSET(path, 0, MAX_PATH);
+ XSTRNCAT(path, ".\\", MAX_PATH);
+ while (x-- > 0) {
+ XSTRNCAT(path, "..\\", MAX_PATH);
+ }
+ SetCurrentDirectoryA(path);
}
/* does current dir contain str */
@@ -1180,14 +1207,14 @@ static INLINE int CurrentDir(const char* str)
static INLINE void ChangeDirBack(int x)
{
char path[MAX_PATH];
- XMEMSET(path, 0, MAX_PATH);
- XSTRNCAT(path, "./", MAX_PATH);
- while (x-- > 0) {
+ XMEMSET(path, 0, MAX_PATH);
+ XSTRNCAT(path, "./", MAX_PATH);
+ while (x-- > 0) {
XSTRNCAT(path, "../", MAX_PATH);
- }
- if (chdir(path) < 0) {
- printf("chdir to %s failed\n", path);
- }
+ }
+ if (chdir(path) < 0) {
+ printf("chdir to %s failed\n", path);
+ }
}
/* does current dir contain str */
@@ -1278,8 +1305,8 @@ static INLINE int CurrentDir(const char* str)
mt = (memoryTrack*)ptr;
--mt; /* same as minus sizeof(memoryTrack), removes header */
-#ifdef DO_MEM_STATS
- ourMemStats.currentBytes -= mt->u.hint.thisSize;
+#ifdef DO_MEM_STATS
+ ourMemStats.currentBytes -= mt->u.hint.thisSize;
#endif
free(mt);
@@ -1308,7 +1335,7 @@ static INLINE int CurrentDir(const char* str)
return ret;
}
- static INLINE void InitMemoryTracker(void)
+ static INLINE void InitMemoryTracker(void)
{
if (wolfSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc) != 0)
err_sys("wolfSSL SetAllocators failed for track memory");
@@ -1321,9 +1348,9 @@ static INLINE int CurrentDir(const char* str)
#endif
}
- static INLINE void ShowMemoryTracker(void)
+ static INLINE void ShowMemoryTracker(void)
{
- #ifdef DO_MEM_STATS
+ #ifdef DO_MEM_STATS
printf("total Allocs = %9lu\n",
(unsigned long)ourMemStats.totalAllocs);
printf("total Bytes = %9lu\n",
@@ -1357,8 +1384,8 @@ static INLINE void StackSizeCheck(func_args* args, thread_func tf)
#endif
ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize);
- if (ret != 0)
- err_sys("posix_memalign failed\n");
+ if (ret != 0)
+ err_sys("posix_memalign failed\n");
memset(myStack, 0x01, stackSize);
@@ -1445,8 +1472,8 @@ typedef struct AtomicDecCtx {
} AtomicDecCtx;
-static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
- const unsigned char* macIn, unsigned int macInSz, int macContent,
+static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
+ const unsigned char* macIn, unsigned int macInSz, int macContent,
int macVerify, unsigned char* encOut, const unsigned char* encIn,
unsigned int encSz, void* ctx)
{
@@ -1513,7 +1540,7 @@ static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
}
-static INLINE int myDecryptVerifyCb(WOLFSSL* ssl,
+static INLINE int myDecryptVerifyCb(WOLFSSL* ssl,
unsigned char* decOut, const unsigned char* decIn,
unsigned int decSz, int macContent, int macVerify,
unsigned int* padSz, void* ctx)
@@ -1668,8 +1695,8 @@ static INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
return ret;
wc_ecc_init(&myKey);
-
- ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz);
+
+ ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz);
if (ret == 0)
ret = wc_ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey);
wc_ecc_free(&myKey);
@@ -1690,7 +1717,7 @@ static INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
(void)ctx;
wc_ecc_init(&myKey);
-
+
ret = wc_ecc_import_x963(key, keySz, &myKey);
if (ret == 0)
ret = wc_ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey);
@@ -1719,8 +1746,8 @@ static INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
return ret;
wc_InitRsaKey(&myKey, NULL);
-
- ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
+
+ ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
if (ret == 0)
ret = wc_RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng);
if (ret > 0) { /* save and convert to 0 success */
@@ -1774,7 +1801,7 @@ static INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz,
return ret;
wc_InitRsaKey(&myKey, NULL);
-
+
ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz);
if (ret == 0) {
ret = wc_RsaPublicEncrypt(in, inSz, out, *outSz, &myKey, &rng);
@@ -1822,7 +1849,7 @@ static INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
wolfSSL_CTX_SetEccSignCb(ctx, myEccSign);
wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify);
#endif /* HAVE_ECC */
- #ifndef NO_RSA
+ #ifndef NO_RSA
wolfSSL_CTX_SetRsaSignCb(ctx, myRsaSign);
wolfSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify);
wolfSSL_CTX_SetRsaEncCb(ctx, myRsaEnc);
@@ -1911,17 +1938,17 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
} key_ctx;
static key_ctx myKey_ctx;
- static WC_RNG rng;
+ static WC_RNG myKey_rng;
static INLINE int TicketInit(void)
{
- int ret = wc_InitRng(&rng);
+ int ret = wc_InitRng(&myKey_rng);
if (ret != 0) return ret;
- ret = wc_RNG_GenerateBlock(&rng, myKey_ctx.key, sizeof(myKey_ctx.key));
+ ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.key, sizeof(myKey_ctx.key));
if (ret != 0) return ret;
- ret = wc_RNG_GenerateBlock(&rng, myKey_ctx.name,sizeof(myKey_ctx.name));
+ ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.name,sizeof(myKey_ctx.name));
if (ret != 0) return ret;
return 0;
@@ -1929,7 +1956,7 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
static INLINE void TicketCleanup(void)
{
- wc_FreeRng(&rng);
+ wc_FreeRng(&myKey_rng);
}
static INLINE int myTicketEncCb(WOLFSSL* ssl,
@@ -1951,7 +1978,7 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
if (enc) {
XMEMCPY(key_name, myKey_ctx.name, WOLFSSL_TICKET_NAME_SZ);
- ret = wc_RNG_GenerateBlock(&rng, iv, WOLFSSL_TICKET_IV_SZ);
+ ret = wc_RNG_GenerateBlock(&myKey_rng, iv, WOLFSSL_TICKET_IV_SZ);
if (ret != 0) return WOLFSSL_TICKET_RET_REJECT;
/* build aad from key name, iv, and length */