feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge branch 'master' of https://github.com/wolfssl/wolfssl

Browse Source
This commit is contained in:
Ludovic FLAMENT
2015-10-16 07:46:51 +02:00
parent d4f3419758
commit 9ef43910ed
19 changed files with 840 additions and 420 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
IDE/ROWLEY-CROSSWORKS-ARM/README.md
View File

@@ -31,8 +31,8 @@ To enable Freescale MMCAU:
1. [Download the MMCAU library](http://www.freescale.com/products/arm-processors/kinetis-cortex-m/k-series/k7x-glcd-mcus/crypto-acceleration-unit-cau-and-mmcau-software-library:CAUAP). 1. [Download the MMCAU library](http://www.freescale.com/products/arm-processors/kinetis-cortex-m/k-series/k7x-glcd-mcus/crypto-acceleration-unit-cau-and-mmcau-software-library:CAUAP).
2. Copy the `lib_mmcau.a` and `cau_api.h` files into the project. 2. Copy the `lib_mmcau.a` and `cau_api.h` files into the project.
3. Add `-L $(ProjectDir) -l lib_mmcau.a` to project "Additional Linker Options" OR goto "Build Configuration" and check "MMCAU". 3. Enable the `FREESCALE_MMCAU` define in `user_settings.h` and make sure its value is `1`.
4. Enable the "FREESCALE_MMCAU" define in "user_settings.h" and make sure its value is 1. 4. Add the `lib_mmcau.a` file to `Source Files` in the application project.
# Project Files # Project Files

15
IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
View File

@@ -66,4 +66,19 @@ RSA 1024 decryption took 573.000 milliseconds, avg over 1 iterations
DH 1024 key generation 253.000 milliseconds, avg over 1 iterations DH 1024 key generation 253.000 milliseconds, avg over 1 iterations
DH 1024 key agreement 311.000 milliseconds, avg over 1 iterations DH 1024 key agreement 311.000 milliseconds, avg over 1 iterations
Benchmark Test 1: Return code 0 Benchmark Test 1: Return code 0
SAMPLE OUTPUT: Freescale K64 running at 96MHz with MMCAU enabled:
Benchmark Test 1:
AES 25 kB took 0.019 seconds, 1.285 MB/s
ARC4 25 kB took 0.033 seconds, 0.740 MB/s
RABBIT 25 kB took 0.028 seconds, 0.872 MB/s
3DES 25 kB took 0.026 seconds, 0.939 MB/s
MD5 25 kB took 0.005 seconds, 4.883 MB/s
SHA 25 kB took 0.008 seconds, 3.052 MB/s
SHA-256 25 kB took 0.013 seconds, 1.878 MB/s
RSA 1024 encryption took 89.000 milliseconds, avg over 1 iterations
RSA 1024 decryption took 573.000 milliseconds, avg over 1 iterations
DH 1024 key generation 250.000 milliseconds, avg over 1 iterations
DH 1024 key agreement 308.000 milliseconds, avg over 1 iterations
Benchmark Test 1: Return code 0
*/ */

4
IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
View File

@@ -306,10 +306,6 @@
Name="ARM_Release" Name="ARM_Release"
batch_build_configurations="V7EM THUMB * Release" batch_build_configurations="V7EM THUMB * Release"
inherited_configurations="ARM;V7EM;Release;Kineits;Flash;THUMB" /> inherited_configurations="ARM;V7EM;Release;Kineits;Flash;THUMB" />
<configuration
Name="MMCAU"
hidden="Yes"
linker_additional_options="-L $(ProjectDir) -l lib_mmcau.a" />
<configuration <configuration
Name="Common" Name="Common"
build_intermediate_directory="$(ProjectName)_$(Configuration)" build_intermediate_directory="$(ProjectName)_$(Configuration)"

5
Makefile.am
View File

@@ -72,10 +72,7 @@ include support/include.am
include wolfcrypt/benchmark/include.am include wolfcrypt/benchmark/include.am
include wolfcrypt/src/include.am include wolfcrypt/src/include.am
include wolfcrypt/test/include.am include wolfcrypt/test/include.am
include examples/client/include.am include examples/include.am
include examples/server/include.am
include examples/echoclient/include.am
include examples/echoserver/include.am
include testsuite/include.am include testsuite/include.am
include tests/include.am include tests/include.am
include sslSniffer/sslSnifferTest/include.am include sslSniffer/sslSnifferTest/include.am

144
configure.ac
View File

@@ -1830,6 +1830,81 @@ then
fi fi
# wolfSSL JNI
AC_ARG_ENABLE([jni],
[ --enable-jni Enable wolfSSL JNI (default: disabled)],
[ ENABLED_JNI=$enableval ],
[ ENABLED_JNI=no ]
)
if test "$ENABLED_JNI" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI"
# Enable prereqs if not already enabled
if test "x$ENABLED_DTLS" = "xno"
then
ENABLED_DTLS="yes"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS"
fi
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
then
ENABLED_OPENSSLEXTRA="yes"
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
fi
if test "x$ENABLED_CRL" = "xno"
then
ENABLED_CRL="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
fi
if test "x$ENABLED_OCSP" = "xno"
then
ENABLED_OCSP="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
fi
if test "x$ENABLED_CRL_MONITOR" = "xno"
then
ENABLED_CRL_MONITOR="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR"
fi
if test "x$ENABLED_SAVESESSION" = "xno"
then
ENABLED_SAVESESSION="yes"
AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
fi
if test "x$ENABLED_SAVECERT" = "xno"
then
ENABLED_SAVECERT="yes"
AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
fi
if test "x$ENABLED_ATOMICUSER" = "xno"
then
ENABLED_ATOMICUSER="yes"
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
fi
if test "x$ENABLED_ECC" = "xno"
then
ENABLED_ECC="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC"
fi
if test "x$ENABLED_PKCALLBACKS" = "xno"
then
ENABLED_PKCALLBACKS="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
fi
if test "x$ENABLED_DH" = "xno"
then
ENABLED_DH="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_DH"
fi
if test "x$ENABLED_PSK" = "xno"
then
ENABLED_PSK="yes"
fi
fi
# lighty Support # lighty Support
AC_ARG_ENABLE([lighty], AC_ARG_ENABLE([lighty],
[ --enable-lighty Enable lighttpd/lighty (default: disabled)], [ --enable-lighty Enable lighttpd/lighty (default: disabled)],
@@ -2156,75 +2231,6 @@ fi
AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"]) AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"])
# wolfSSL JNI
AC_ARG_ENABLE([jni],
[ --enable-jni Enable wolfSSL JNI (default: disabled)],
[ ENABLED_JNI=$enableval ],
[ ENABLED_JNI=no ]
)
if test "$ENABLED_JNI" = "yes"
then
# Enable prereqs if not already enabled
if test "x$ENABLED_DTLS" = "xno"
then
ENABLED_DTLS="yes"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS"
fi
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
then
ENABLED_OPENSSLEXTRA="yes"
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
fi
if test "x$ENABLED_CRL" = "xno"
then
ENABLED_CRL="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL"
AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"])
fi
if test "x$ENABLED_OCSP" = "xno"
then
ENABLED_OCSP="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
fi
if test "x$ENABLED_CRL_MONITOR" = "xno"
then
ENABLED_CRL_MONITOR="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR"
fi
if test "x$ENABLED_SAVESESSION" = "xno"
then
ENABLED_SAVESESSION="yes"
AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE"
fi
if test "x$ENABLED_SAVECERT" = "xno"
then
ENABLED_SAVECERT="yes"
AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE"
fi
if test "x$ENABLED_ATOMICUSER" = "xno"
then
ENABLED_ATOMICUSER="yes"
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
fi
if test "x$ENABLED_ECC" = "xno"
then
ENABLED_ECC="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC"
fi
if test "x$ENABLED_PKCALLBACKS" = "xno"
then
ENABLED_PKCALLBACKS="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS"
fi
if test "x$ENABLED_DH" = "xno"
then
ENABLED_DH="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_DH"
fi
fi
# Check for build-type conflicts # Check for build-type conflicts
AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \ AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
test "x$ENABLED_LEANPSK" = "xyes"], test "x$ENABLED_LEANPSK" = "xyes"],

251
examples/client/client.c
View File

@@ -127,6 +127,165 @@ static void ShowCiphers(void)
printf("%s\n", ciphers); printf("%s\n", ciphers);
} }
int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
int doDTLS, int benchmark, int resumeSession)
{
/* time passed in number of connects give average */
int times = benchmark;
int loops = resumeSession ? 2 : 1;
int i = 0;
WOLFSSL_SESSION* benchSession = NULL;
while (loops--) {
int benchResume = resumeSession && loops == 0;
double start = current_time(), avg;
for (i = 0; i < times; i++) {
SOCKET_T sockfd;
WOLFSSL* ssl = wolfSSL_new(ctx);
tcp_connect(&sockfd, host, port, doDTLS, ssl);
if (benchResume)
wolfSSL_set_session(ssl, benchSession);
wolfSSL_set_fd(ssl, sockfd);
if (wolfSSL_connect(ssl) != SSL_SUCCESS)
err_sys("SSL_connect failed");
wolfSSL_shutdown(ssl);
if (i == (times-1) && resumeSession) {
benchSession = wolfSSL_get_session(ssl);
}
wolfSSL_free(ssl);
CloseSocket(sockfd);
}
avg = current_time() - start;
avg /= times;
avg *= 1000; /* milliseconds */
if (benchResume)
printf("wolfSSL_resume avg took: %8.3f milliseconds\n", avg);
else
printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg);
}
return EXIT_SUCCESS;
}
int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
int doDTLS, int throughput)
{
double start, conn_time = 0, tx_time = 0, rx_time = 0;
SOCKET_T sockfd;
WOLFSSL* ssl;
int ret;
start = current_time();
ssl = wolfSSL_new(ctx);
tcp_connect(&sockfd, host, port, doDTLS, ssl);
wolfSSL_set_fd(ssl, sockfd);
if (wolfSSL_connect(ssl) == SSL_SUCCESS) {
/* Perform throughput test */
char *tx_buffer, *rx_buffer;
/* Record connection time */
conn_time = current_time() - start;
/* Allocate TX/RX buffers */
tx_buffer = (char*)malloc(TEST_BUFFER_SIZE);
rx_buffer = (char*)malloc(TEST_BUFFER_SIZE);
if(tx_buffer && rx_buffer) {
WC_RNG rng;
/* Startup the RNG */
ret = wc_InitRng(&rng);
if(ret == 0) {
int xfer_bytes;
/* Generate random data to send */
ret = wc_RNG_GenerateBlock(&rng, (byte*)tx_buffer, TEST_BUFFER_SIZE);
wc_FreeRng(&rng);
if(ret != 0) {
err_sys("wc_RNG_GenerateBlock failed");
}
/* Perform TX and RX of bytes */
xfer_bytes = 0;
while(throughput > xfer_bytes) {
int len, rx_pos, select_ret;
/* Determine packet size */
len = min(TEST_BUFFER_SIZE, throughput - xfer_bytes);
/* Perform TX */
start = current_time();
if (wolfSSL_write(ssl, tx_buffer, len) != len) {
int writeErr = wolfSSL_get_error(ssl, 0);
printf("wolfSSL_write error %d!\n", writeErr);
err_sys("wolfSSL_write failed");
}
tx_time += current_time() - start;
/* Perform RX */
select_ret = tcp_select(sockfd, 1); /* Timeout=1 second */
if (select_ret == TEST_RECV_READY) {
start = current_time();
rx_pos = 0;
while(rx_pos < len) {
ret = wolfSSL_read(ssl, &rx_buffer[rx_pos], len - rx_pos);
if(ret <= 0) {
int readErr = wolfSSL_get_error(ssl, 0);
if (readErr != SSL_ERROR_WANT_READ) {
printf("wolfSSL_read error %d!\n", readErr);
err_sys("wolfSSL_read failed");
}
}
else {
rx_pos += ret;
}
}
rx_time += current_time() - start;
}
/* Compare TX and RX buffers */
if(XMEMCMP(tx_buffer, rx_buffer, len) != 0) {
err_sys("Compare TX and RX buffers failed");
}
/* Update overall position */
xfer_bytes += len;
}
}
else {
err_sys("wc_InitRng failed");
}
}
else {
err_sys("Client buffer malloc failed");
}
if(tx_buffer) free(tx_buffer);
if(rx_buffer) free(rx_buffer);
}
else {
err_sys("wolfSSL_connect failed");
}
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
CloseSocket(sockfd);
printf("wolfSSL Client Benchmark %d bytes\n"
"\tConnect %8.3f ms\n"
"\tTX %8.3f ms (%8.3f MBps)\n"
"\tRX %8.3f ms (%8.3f MBps)\n",
throughput,
conn_time * 1000,
tx_time * 1000, throughput / tx_time / 1024 / 1024,
rx_time * 1000, throughput / rx_time / 1024 / 1024
);
return EXIT_SUCCESS;
}
static void Usage(void) static void Usage(void)
{ {
@@ -137,7 +296,7 @@ static void Usage(void)
printf("-p <num> Port to connect on, not 0, default %d\n", wolfSSLPort); printf("-p <num> Port to connect on, not 0, default %d\n", wolfSSLPort);
printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
CLIENT_DEFAULT_VERSION); CLIENT_DEFAULT_VERSION);
printf("-l <str> Cipher list\n"); printf("-l <str> Cipher suite list (: delimited)\n");
printf("-c <file> Certificate file, default %s\n", cliCert); printf("-c <file> Certificate file, default %s\n", cliCert);
printf("-k <file> Key file, default %s\n", cliKey); printf("-k <file> Key file, default %s\n", cliKey);
printf("-A <file> Certificate Authority file, default %s\n", caCert); printf("-A <file> Certificate Authority file, default %s\n", caCert);
@@ -149,6 +308,7 @@ static void Usage(void)
#ifdef HAVE_ALPN #ifdef HAVE_ALPN
printf("-L <str> Application-Layer Protocole Name ({C,F}:<list>)\n"); printf("-L <str> Application-Layer Protocole Name ({C,F}:<list>)\n");
#endif #endif
printf("-B <num> Benchmark throughput using <num> bytes and print stats\n");
printf("-s Use pre Shared keys\n"); printf("-s Use pre Shared keys\n");
printf("-t Track wolfSSL memory use\n"); printf("-t Track wolfSSL memory use\n");
printf("-d Disable peer checks\n"); printf("-d Disable peer checks\n");
@@ -156,7 +316,7 @@ static void Usage(void)
printf("-e List Every cipher suite available, \n"); printf("-e List Every cipher suite available, \n");
printf("-g Send server HTTP GET\n"); printf("-g Send server HTTP GET\n");
printf("-u Use UDP DTLS," printf("-u Use UDP DTLS,"
" add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); " add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n");
printf("-m Match domain name in cert\n"); printf("-m Match domain name in cert\n");
printf("-N Use Non-blocking sockets\n"); printf("-N Use Non-blocking sockets\n");
printf("-r Resume session\n"); printf("-r Resume session\n");
@@ -200,7 +360,7 @@ static void Usage(void)
THREAD_RETURN WOLFSSL_THREAD client_test(void* args) THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
{ {
SOCKET_T sockfd = 0; SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
WOLFSSL_METHOD* method = 0; WOLFSSL_METHOD* method = 0;
WOLFSSL_CTX* ctx = 0; WOLFSSL_CTX* ctx = 0;
@@ -228,6 +388,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
int useAnon = 0; int useAnon = 0;
int sendGET = 0; int sendGET = 0;
int benchmark = 0; int benchmark = 0;
int throughput = 0;
int doDTLS = 0; int doDTLS = 0;
int matchName = 0; int matchName = 0;
int doPeerCheck = 1; int doPeerCheck = 1;
@@ -300,7 +461,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
StackTrap(); StackTrap();
while ((ch = mygetopt(argc, argv, while ((ch = mygetopt(argc, argv,
"?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:an:")) "?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:aB:"))
!= -1) { != -1) {
switch (ch) { switch (ch) {
case '?' : case '?' :
@@ -426,6 +587,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
} }
break; break;
case 'B' :
throughput = atoi(myoptarg);
if (throughput <= 0) {
Usage();
exit(MY_EX_USAGE);
}
break;
case 'N' : case 'N' :
nonBlocking = 1; nonBlocking = 1;
break; break;
@@ -633,9 +802,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (ctx == NULL) if (ctx == NULL)
err_sys("unable to get ctx"); err_sys("unable to get ctx");
if (cipherList) if (cipherList) {
if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
err_sys("client can't set cipher list 1"); err_sys("client can't set cipher list 1");
}
#ifdef WOLFSSL_LEANPSK #ifdef WOLFSSL_LEANPSK
usePsk = 1; usePsk = 1;
@@ -770,45 +940,16 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif #endif
if (benchmark) { if (benchmark) {
/* time passed in number of connects give average */ ((func_args*)args)->return_code =
int times = benchmark; ClientBenchmarkConnections(ctx, host, port, doDTLS, benchmark, resumeSession);
int loops = resumeSession ? 2 : 1;
int i = 0;
WOLFSSL_SESSION* benchSession = NULL;
while (loops--) {
int benchResume = resumeSession && loops == 0;
double start = current_time(), avg;
for (i = 0; i < times; i++) {
tcp_connect(&sockfd, host, port, doDTLS);
ssl = wolfSSL_new(ctx);
if (benchResume)
wolfSSL_set_session(ssl, benchSession);
wolfSSL_set_fd(ssl, sockfd);
if (wolfSSL_connect(ssl) != SSL_SUCCESS)
err_sys("SSL_connect failed");
wolfSSL_shutdown(ssl);
if (i == (times-1) && resumeSession) {
benchSession = wolfSSL_get_session(ssl);
}
wolfSSL_free(ssl);
CloseSocket(sockfd);
}
avg = current_time() - start;
avg /= times;
avg *= 1000; /* milliseconds */
if (benchResume)
printf("wolfSSL_resume avg took: %8.3f milliseconds\n", avg);
else
printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg);
}
wolfSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
((func_args*)args)->return_code = 0; exit(EXIT_SUCCESS);
}
if(throughput) {
((func_args*)args)->return_code =
ClientBenchmarkThroughput(ctx, host, port, doDTLS, throughput);
wolfSSL_CTX_free(ctx);
exit(EXIT_SUCCESS); exit(EXIT_SUCCESS);
} }
@@ -830,15 +971,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
} }
#endif #endif
if (doDTLS) { tcp_connect(&sockfd, host, port, doDTLS, ssl);
SOCKADDR_IN_T addr;
build_addr(&addr, host, port, 1);
wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, host, port, 0);
}
#ifdef HAVE_POLY1305 #ifdef HAVE_POLY1305
/* use old poly to connect with google and wolfssl.com server */ /* use old poly to connect with google and wolfssl.com server */
@@ -986,21 +1119,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef NO_SESSION_CACHE #ifndef NO_SESSION_CACHE
if (resumeSession) { if (resumeSession) {
if (doDTLS) { if (doDTLS) {
SOCKADDR_IN_T addr; #ifdef USE_WINDOWS_API
#ifdef USE_WINDOWS_API
Sleep(500); Sleep(500);
#elif defined(WOLFSSL_TIRTOS) #elif defined(WOLFSSL_TIRTOS)
Task_sleep(1); Task_sleep(1);
#else #else
sleep(1); sleep(1);
#endif #endif
build_addr(&addr, host, port, 1);
wolfSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, host, port, 0);
} }
tcp_connect(&sockfd, host, port, doDTLS, sslResume);
wolfSSL_set_fd(sslResume, sockfd); wolfSSL_set_fd(sslResume, sockfd);
#ifdef HAVE_ALPN #ifdef HAVE_ALPN
if (alpnList != NULL) { if (alpnList != NULL) {

8
examples/client/client.h
View File

@@ -23,3 +23,11 @@
THREAD_RETURN WOLFSSL_THREAD client_test(void* args); THREAD_RETURN WOLFSSL_THREAD client_test(void* args);
/* Measures average time to create, connect and disconnect a connection (TPS).
Benchmark = number of connections. */
int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
int doDTLS, int benchmark, int resumeSession);
/* Measures throughput in kbps. Throughput = number of bytes */
int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
int doDTLS, int throughput);

11
examples/echoclient/echoclient.c
View File

@@ -164,16 +164,7 @@ void echoclient_test(void* args)
#endif #endif
ssl = SSL_new(ctx); ssl = SSL_new(ctx);
tcp_connect(&sockfd, yasslIP, port, doDTLS, ssl);
if (doDTLS) {
SOCKADDR_IN_T addr;
build_addr(&addr, yasslIP, port, 1);
CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, yasslIP, port, 0);
}
SSL_set_fd(ssl, sockfd); SSL_set_fd(ssl, sockfd);
#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER) #if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)

2
examples/echoserver/echoserver.c
View File

@@ -248,7 +248,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
err_sys("recvfrom failed"); err_sys("recvfrom failed");
} }
#endif #endif
if (clientfd == -1) err_sys("tcp accept failed"); if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) err_sys("tcp accept failed");
ssl = CyaSSL_new(ctx); ssl = CyaSSL_new(ctx);
if (ssl == NULL) err_sys("SSL_new failed"); if (ssl == NULL) err_sys("SSL_new failed");

7
examples/include.am Normal file
View File

@@ -0,0 +1,7 @@
# vim:ft=automake
# All paths should be given relative to the root
include examples/client/include.am
include examples/echoclient/include.am
include examples/echoserver/include.am
include examples/server/include.am

172
examples/server/server.c
View File

@@ -81,10 +81,11 @@ static void NonBlockingSSL_Accept(SSL* ssl)
error == SSL_ERROR_WANT_WRITE)) { error == SSL_ERROR_WANT_WRITE)) {
int currTimeout = 1; int currTimeout = 1;
if (error == SSL_ERROR_WANT_READ) if (error == SSL_ERROR_WANT_READ) {
printf("... server would read block\n"); /* printf("... server would read block\n"); */
else } else {
printf("... server would write block\n"); /* printf("... server would write block\n"); */
}
#ifdef CYASSL_DTLS #ifdef CYASSL_DTLS
currTimeout = CyaSSL_dtls_get_current_timeout(ssl); currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
@@ -118,6 +119,68 @@ static void NonBlockingSSL_Accept(SSL* ssl)
err_sys("SSL_accept failed"); err_sys("SSL_accept failed");
} }
/* Echo number of bytes specified by -e arg */
int ServerEchoData(SSL* ssl, int clientfd, int echoData, int throughput)
{
int ret = 0;
char* buffer = (char*)malloc(TEST_BUFFER_SIZE);
if(buffer) {
double start, rx_time = 0, tx_time = 0;
int xfer_bytes = 0;
while((echoData && throughput == 0) || (!echoData && xfer_bytes < throughput)) {
int select_ret = tcp_select(clientfd, 1); /* Timeout=1 second */
if (select_ret == TEST_RECV_READY) {
int len = min(TEST_BUFFER_SIZE, throughput - xfer_bytes);
int rx_pos = 0;
if(throughput) {
start = current_time();
}
while(rx_pos < len) {
ret = SSL_read(ssl, &buffer[rx_pos], len - rx_pos);
if (ret <= 0) {
int readErr = SSL_get_error(ssl, 0);
if (readErr != SSL_ERROR_WANT_READ) {
printf("SSL_read error %d!\n", readErr);
err_sys("SSL_read failed");
}
}
else {
rx_pos += ret;
}
}
if(throughput) {
rx_time += current_time() - start;
start = current_time();
}
if (SSL_write(ssl, buffer, len) != len) {
err_sys("SSL_write failed");
}
if(throughput) {
tx_time += current_time() - start;
}
xfer_bytes += len;
}
}
free(buffer);
if(throughput) {
printf("wolfSSL Server Benchmark %d bytes\n"
"\tRX %8.3f ms (%8.3f MBps)\n"
"\tTX %8.3f ms (%8.3f MBps)\n",
throughput,
tx_time * 1000, throughput / tx_time / 1024 / 1024,
rx_time * 1000, throughput / rx_time / 1024 / 1024
);
}
}
else {
err_sys("Server buffer malloc failed");
}
return EXIT_SUCCESS;
}
static void Usage(void) static void Usage(void)
{ {
@@ -127,7 +190,7 @@ static void Usage(void)
printf("-p <num> Port to listen on, not 0, default %d\n", yasslPort); printf("-p <num> Port to listen on, not 0, default %d\n", yasslPort);
printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
SERVER_DEFAULT_VERSION); SERVER_DEFAULT_VERSION);
printf("-l <str> Cipher list\n"); printf("-l <str> Cipher suite list (: delimited)\n");
printf("-c <file> Certificate file, default %s\n", svrCert); printf("-c <file> Certificate file, default %s\n", svrCert);
printf("-k <file> Key file, default %s\n", svrKey); printf("-k <file> Key file, default %s\n", svrKey);
printf("-A <file> Certificate Authority file, default %s\n", cliCert); printf("-A <file> Certificate Authority file, default %s\n", cliCert);
@@ -144,7 +207,7 @@ static void Usage(void)
printf("-s Use pre Shared keys\n"); printf("-s Use pre Shared keys\n");
printf("-t Track wolfSSL memory use\n"); printf("-t Track wolfSSL memory use\n");
printf("-u Use UDP DTLS," printf("-u Use UDP DTLS,"
" add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); " add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n");
printf("-f Fewer packets/group messages\n"); printf("-f Fewer packets/group messages\n");
printf("-R Create server ready file, for external monitor\n"); printf("-R Create server ready file, for external monitor\n");
printf("-r Allow one client Resumption\n"); printf("-r Allow one client Resumption\n");
@@ -164,20 +227,22 @@ static void Usage(void)
#ifndef NO_PSK #ifndef NO_PSK
printf("-I Do not send PSK identity hint\n"); printf("-I Do not send PSK identity hint\n");
#endif #endif
printf("-i Loop indefinitely (allow repeated connections)\n");
printf("-e Echo data mode (return raw bytes received)\n");
printf("-B <num> Benchmark throughput using <num> bytes and print stats\n");
} }
THREAD_RETURN CYASSL_THREAD server_test(void* args) THREAD_RETURN CYASSL_THREAD server_test(void* args)
{ {
SOCKET_T sockfd = 0; SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
SOCKET_T clientfd = 0; SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID;
SSL_METHOD* method = 0; SSL_METHOD* method = 0;
SSL_CTX* ctx = 0; SSL_CTX* ctx = 0;
SSL* ssl = 0; SSL* ssl = 0;
char msg[] = "I hear you fa shizzle!"; const char msg[] = "I hear you fa shizzle!";
char input[80]; char input[80];
int idx;
int ch; int ch;
int version = SERVER_DEFAULT_VERSION; int version = SERVER_DEFAULT_VERSION;
int doCliCertCheck = 1; int doCliCertCheck = 1;
@@ -194,8 +259,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
int pkCallbacks = 0; int pkCallbacks = 0;
int serverReadyFile = 0; int serverReadyFile = 0;
int wc_shutdown = 0; int wc_shutdown = 0;
int resume = 0; /* do resume, and resume count */ int resume = 0;
int resumeCount = 0;
int loopIndefinitely = 0;
int echoData = 0;
int throughput = 0;
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS; int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
int doListen = 1;
int ret; int ret;
char* alpnList = NULL; char* alpnList = NULL;
unsigned char alpn_opt = 0; unsigned char alpn_opt = 0;
@@ -244,7 +314,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
fdOpenSession(Task_self()); fdOpenSession(Task_self());
#endif #endif
while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:L:")) while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:L:ieB:"))
!= -1) { != -1) {
switch (ch) { switch (ch) {
case '?' : case '?' :
@@ -400,6 +470,23 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#endif #endif
break; break;
case 'i' :
loopIndefinitely = 1;
break;
case 'e' :
echoData = 1;
break;
case 'B':
throughput = atoi(myoptarg);
if (throughput <= 0) {
Usage();
exit(MY_EX_USAGE);
}
break;
default: default:
Usage(); Usage();
exit(MY_EX_USAGE); exit(MY_EX_USAGE);
@@ -593,8 +680,9 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
err_sys("UseSNI failed"); err_sys("UseSNI failed");
#endif #endif
while (1) { /* allow resume option */ while (1) {
if (resume > 1) { /* already did listen, just do accept */ /* allow resume option */
if(resumeCount > 1) {
if (doDTLS == 0) { if (doDTLS == 0) {
SOCKADDR_IN_T client; SOCKADDR_IN_T client;
socklen_t client_len = sizeof(client); socklen_t client_len = sizeof(client);
@@ -604,11 +692,9 @@ while (1) { /* allow resume option */
tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
clientfd = sockfd; clientfd = sockfd;
} }
#ifdef USE_WINDOWS_API if(WOLFSSL_SOCKET_IS_INVALID(clientfd)) {
if (clientfd == INVALID_SOCKET) err_sys("tcp accept failed"); err_sys("tcp accept failed");
#else }
if (clientfd == -1) err_sys("tcp accept failed");
#endif
} }
ssl = SSL_new(ctx); ssl = SSL_new(ctx);
@@ -640,10 +726,10 @@ while (1) { /* allow resume option */
SetupPkCallbacks(ctx, ssl); SetupPkCallbacks(ctx, ssl);
#endif #endif
if (resume < 2) { /* do listen and accept */ /* do accept */
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr,
doDTLS, serverReadyFile); doDTLS, serverReadyFile, doListen);
} doListen = 0; /* Don't listen next time */
SSL_set_fd(ssl, clientfd); SSL_set_fd(ssl, clientfd);
@@ -721,14 +807,14 @@ while (1) { /* allow resume option */
XFREE(list, NULL, DYNAMIC_TMP_OUT_BUFFER); XFREE(list, NULL, DYNAMIC_TMP_OUT_BUFFER);
} }
#endif #endif
if(echoData == 0 && throughput == 0) {
idx = SSL_read(ssl, input, sizeof(input)-1); ret = SSL_read(ssl, input, sizeof(input)-1);
if (idx > 0) { if (ret > 0) {
input[idx] = 0; input[ret] = 0;
printf("Client message: %s\n", input); printf("Client message: %s\n", input);
} }
else if (idx < 0) { else if (ret < 0) {
int readErr = SSL_get_error(ssl, 0); int readErr = SSL_get_error(ssl, 0);
if (readErr != SSL_ERROR_WANT_READ) if (readErr != SSL_ERROR_WANT_READ)
err_sys("SSL_read failed"); err_sys("SSL_read failed");
@@ -736,12 +822,16 @@ while (1) { /* allow resume option */
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
err_sys("SSL_write failed"); err_sys("SSL_write failed");
}
else {
ServerEchoData(ssl, clientfd, echoData, throughput);
}
#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX) #if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
os_dly_wait(500) ; os_dly_wait(500) ;
#elif defined (CYASSL_TIRTOS) #elif defined (CYASSL_TIRTOS)
Task_yield(); Task_yield();
#endif #endif
if (doDTLS == 0) { if (doDTLS == 0) {
ret = SSL_shutdown(ssl); ret = SSL_shutdown(ssl);
@@ -749,17 +839,23 @@ while (1) { /* allow resume option */
SSL_shutdown(ssl); /* bidirectional shutdown */ SSL_shutdown(ssl); /* bidirectional shutdown */
} }
SSL_free(ssl); SSL_free(ssl);
if (resume == 1) {
CloseSocket(clientfd);
resume++; /* only do one resume for testing */
continue;
}
break; /* out of while loop, done with normal and resume option */
}
SSL_CTX_free(ctx);
CloseSocket(clientfd); CloseSocket(clientfd);
if (resume == 1 && resumeCount == 0) {
resumeCount++; /* only do one resume for testing */
continue;
}
resumeCount = 0;
if(!loopIndefinitely) {
break; /* out of while loop, done with normal and resume option */
}
} /* while(1) */
CloseSocket(sockfd); CloseSocket(sockfd);
SSL_CTX_free(ctx);
((func_args*)args)->return_code = 0; ((func_args*)args)->return_code = 0;

4
examples/server/server.h
View File

@@ -22,3 +22,7 @@
#pragma once #pragma once
THREAD_RETURN WOLFSSL_THREAD server_test(void* args); THREAD_RETURN WOLFSSL_THREAD server_test(void* args);
/* Echo bytes using buffer of TEST_BUFFER_SIZE until [echoData] bytes are complete. */
/* If [bechmarkThroughput] set the statistcs will be output at the end */
int ServerEchoData(WOLFSSL* ssl, int clientfd, int echoData, int benchmarkThroughput);

115
scripts/benchmark.test Executable file
View File

@@ -0,0 +1,115 @@
#!/bin/sh
#benchmark.test
if [ "$#" -lt 2 ]; then
echo "Usage: $0 [mode] [num] [clientargs] [serverargs]" >&2
echo " [mode]: 1=Connection Rate (TPS), 2=Throughput Bytes" >&2
echo " [num]: Mode 1=Connection Count, Mode 2=Bytes to TX/RX" >&2
echo " [clientargs]: Passed to client (see \"./example/client/client -?\" for help)" >&2
echo " Example: Use different cipher suite: \"-l DHE-RSA-AES256-SHA\"" >&2
echo " [serverargs]: Passed to server (see \"./example/server/server -?\" for help)" >&2
echo " Example: Disable client certificate check: \"-d\"" >&2
echo "Note: If additional client or server args contains spaces wrap with double quotes" >&2
exit 1
fi
# Use unique benchmark port so it won't conflict with any other tests
bench_port=11113
no_pid=-1
server_pid=$no_pid
counter=0
client_result=-1
remove_ready_file() {
if test -e /tmp/wolfssl_server_ready; then
echo "removing exisitng server_ready file"
rm /tmp/wolfssl_server_ready
fi
}
do_cleanup() {
echo "in cleanup"
if [ $server_pid != $no_pid ]
then
echo "killing server"
kill -9 $server_pid
fi
remove_ready_file
}
do_trap() {
echo "got trap"
do_cleanup
exit -1
}
trap do_trap INT TERM
# Start server in loop continuous mode (-L) with echo data (-e) enabled and non-blocking (-N)
echo "\nStarting example server for benchmark test"
remove_ready_file
# benchmark connections
if [ $1 == 1 ]
then
# start server in loop mode with port
./examples/server/server -i -p $bench_port $4 &
server_pid=$!
fi
# benchmark throughput
if [ $1 == 2 ]
then
# start server in loop mode, non-blocking, benchmark throughput with port
./examples/server/server -i -N -B $2 -p $bench_port $4 &
server_pid=$!
fi
echo "Waiting for server_ready file..."
while [ ! -s /tmp/wolfssl_server_ready -a "$counter" -lt 20 ]; do
sleep 0.1
counter=$((counter+ 1))
done
# benchmark connections
if [ $1 == 1 ]
then
echo "Starting example client to benchmark connection average time"
# start client to benchmark average time for each connection using port
./examples/client/client -b $2 -p $bench_port $3
client_result=$?
fi
# benchmark throughput
if [ $1 == 2 ]
then
echo "Starting example client to benchmark throughput"
# start client in non-blocking mode, benchmark throughput using port
./examples/client/client -N -B $2 -p $bench_port $3
client_result=$?
fi
if [ $client_result != 0 ]
then
echo "Client failed!"
do_cleanup
exit 1
fi
# End server
kill -6 $server_pid
server_result=$?
remove_ready_file
if [ $server_result != 0 ]
then
echo "Server failed!"
exit 1
fi
echo "\nSuccess!\n"
exit 0

1
scripts/include.am
View File

@@ -10,6 +10,7 @@ endif
if BUILD_EXAMPLES if BUILD_EXAMPLES
dist_noinst_SCRIPTS+= scripts/resume.test dist_noinst_SCRIPTS+= scripts/resume.test
EXTRA_DIST+= scripts/benchmark.test
if BUILD_CRL if BUILD_CRL
# make revoked test rely on completion of resume test # make revoked test rely on completion of resume test

24
src/ssl.c
View File

@@ -17066,5 +17066,29 @@ int wolfSSL_ED25519_verify(const unsigned char *msg, unsigned int msgSz,
} }
#endif /* OPENSSL_EXTRA && HAVE_ED25519 */ #endif /* OPENSSL_EXTRA && HAVE_ED25519 */
#ifdef WOLFSSL_JNI
int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr)
{
WOLFSSL_ENTER("wolfSSL_set_jobject");
if (ssl != NULL)
{
ssl->jObjectRef = objPtr;
return SSL_SUCCESS;
}
return SSL_FAILURE;
}
void* wolfSSL_get_jobject(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_get_jobject");
if (ssl != NULL)
return ssl->jObjectRef;
return NULL;
}
#endif /* WOLFSSL_JNI */
#endif /* WOLFCRYPT_ONLY */ #endif /* WOLFCRYPT_ONLY */

10
tests/api.c
View File

@@ -357,7 +357,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
} }
ssl = wolfSSL_new(ctx); ssl = wolfSSL_new(ctx);
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0); tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 1);
CloseSocket(sockfd); CloseSocket(sockfd);
wolfSSL_set_fd(ssl, clientfd); wolfSSL_set_fd(ssl, clientfd);
@@ -467,9 +467,8 @@ static void test_client_nofail(void* args)
goto done2; goto done2;
} }
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0);
ssl = wolfSSL_new(ctx); ssl = wolfSSL_new(ctx);
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl);
wolfSSL_set_fd(ssl, sockfd); wolfSSL_set_fd(ssl, sockfd);
if (wolfSSL_connect(ssl) != SSL_SUCCESS) if (wolfSSL_connect(ssl) != SSL_SUCCESS)
{ {
@@ -557,7 +556,7 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
ssl = wolfSSL_new(ctx); ssl = wolfSSL_new(ctx);
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0); tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 1);
CloseSocket(sfd); CloseSocket(sfd);
wolfSSL_set_fd(ssl, cfd); wolfSSL_set_fd(ssl, cfd);
@@ -650,9 +649,8 @@ static void run_wolfssl_client(void* args)
if (callbacks->ctx_ready) if (callbacks->ctx_ready)
callbacks->ctx_ready(ctx); callbacks->ctx_ready(ctx);
tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0);
ssl = wolfSSL_new(ctx); ssl = wolfSSL_new(ctx);
tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl);
wolfSSL_set_fd(ssl, sfd); wolfSSL_set_fd(ssl, sfd);
if (callbacks->ssl_ready) if (callbacks->ssl_ready)

3
wolfssl/internal.h
View File

@@ -2484,6 +2484,9 @@ struct WOLFSSL {
SessionSecretCb sessionSecretCb; SessionSecretCb sessionSecretCb;
void* sessionSecretCtx; void* sessionSecretCtx;
#endif /* HAVE_SECRET_CALLBACK */ #endif /* HAVE_SECRET_CALLBACK */
#ifdef WOLFSSL_JNI
void* jObjectRef; /* reference to WolfSSLSession in JNI wrapper */
#endif /* WOLFSSL_JNI */
}; };

5
wolfssl/ssl.h
View File

@@ -1682,6 +1682,11 @@ WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX *,
WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*); WOLFSSL_API void wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX *, void*);
#endif /* HAVE_STUNNEL */ #endif /* HAVE_STUNNEL */
#ifdef WOLFSSL_JNI
WOLFSSL_API int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
WOLFSSL_API void* wolfSSL_get_jobject(WOLFSSL* ssl);
#endif /* WOLFSSL_JNI */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */
#endif #endif

83
wolfssl/test.h
View File

@@ -118,6 +118,39 @@
#pragma warning(disable:4244 4996) #pragma warning(disable:4244 4996)
#endif #endif
/* Buffer for benchmark tests */
#ifndef TEST_BUFFER_SIZE
#define TEST_BUFFER_SIZE 16384
#endif
#ifndef WOLFSSL_HAVE_MIN
#define WOLFSSL_HAVE_MIN
static INLINE word32 min(word32 a, word32 b)
{
return a > b ? b : a;
}
#endif /* WOLFSSL_HAVE_MIN */
/* Socket Handling */
#ifndef WOLFSSL_SOCKET_INVALID
#ifdef USE_WINDOWS_API
#define WOLFSSL_SOCKET_INVALID INVALID_SOCKET
#elif defined(WOLFSSL_TIRTOS)
#define WOLFSSL_SOCKET_INVALID -1
#else
#define WOLFSSL_SOCKET_INVALID 0
#endif
#endif /* WOLFSSL_SOCKET_INVALID */
#ifndef WOLFSSL_SOCKET_IS_INVALID
#ifdef USE_WINDOWS_API
#define WOLFSSL_SOCKET_IS_INVALID(s) ((s) == WOLFSSL_SOCKET_INVALID)
#elif defined(WOLFSSL_TIRTOS)
#define WOLFSSL_SOCKET_IS_INVALID(s) ((s) == WOLFSSL_SOCKET_INVALID)
#else
#define WOLFSSL_SOCKET_IS_INVALID(s) ((s) < WOLFSSL_SOCKET_INVALID)
#endif
#endif /* WOLFSSL_SOCKET_IS_INVALID */
#if defined(__MACH__) || defined(USE_WINDOWS_API) #if defined(__MACH__) || defined(USE_WINDOWS_API)
#ifndef _SOCKLEN_T #ifndef _SOCKLEN_T
@@ -542,16 +575,9 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
else else
*sockfd = socket(AF_INET_V, SOCK_STREAM, 0); *sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
#ifdef USE_WINDOWS_API if(WOLFSSL_SOCKET_IS_INVALID(*sockfd)) {
if (*sockfd == INVALID_SOCKET)
err_sys("socket failed\n"); err_sys("socket failed\n");
#elif defined(WOLFSSL_TIRTOS) }
if (*sockfd == -1)
err_sys("socket failed\n");
#else
if (*sockfd < 0)
err_sys("socket failed\n");
#endif
#ifndef USE_WINDOWS_API #ifndef USE_WINDOWS_API
#ifdef SO_NOSIGPIPE #ifdef SO_NOSIGPIPE
@@ -583,10 +609,13 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
} }
static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port, static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port,
int udp) int udp, WOLFSSL* ssl)
{ {
SOCKADDR_IN_T addr; SOCKADDR_IN_T addr;
build_addr(&addr, ip, port, udp); build_addr(&addr, ip, port, udp);
if(udp) {
wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
}
tcp_socket(sockfd, udp); tcp_socket(sockfd, udp);
if (!udp) { if (!udp) {
@@ -769,7 +798,7 @@ static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
func_args* args, word16 port, int useAnyAddr, func_args* args, word16 port, int useAnyAddr,
int udp, int ready_file) int udp, int ready_file, int do_listen)
{ {
SOCKADDR_IN_T client; SOCKADDR_IN_T client;
socklen_t client_len = sizeof(client); socklen_t client_len = sizeof(client);
@@ -779,9 +808,10 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
return; return;
} }
if(do_listen) {
tcp_listen(sockfd, &port, useAnyAddr, udp); tcp_listen(sockfd, &port, useAnyAddr, udp);
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
/* signal ready to tcp_accept */ /* signal ready to tcp_accept */
{ {
tcp_ready* ready = args->signal; tcp_ready* ready = args->signal;
@@ -791,15 +821,15 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
pthread_cond_signal(&ready->cond); pthread_cond_signal(&ready->cond);
pthread_mutex_unlock(&ready->mutex); pthread_mutex_unlock(&ready->mutex);
} }
#elif defined (WOLFSSL_TIRTOS) #elif defined (WOLFSSL_TIRTOS)
/* Need mutex? */ /* Need mutex? */
tcp_ready* ready = args->signal; tcp_ready* ready = args->signal;
ready->ready = 1; ready->ready = 1;
ready->port = port; ready->port = port;
#endif #endif
if (ready_file) { if (ready_file) {
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
#ifndef USE_WINDOWS_API #ifndef USE_WINDOWS_API
FILE* srf = fopen("/tmp/wolfssl_server_ready", "w"); FILE* srf = fopen("/tmp/wolfssl_server_ready", "w");
#else #else
@@ -810,18 +840,15 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
fputs("ready", srf); fputs("ready", srf);
fclose(srf); fclose(srf);
} }
#endif #endif
}
} }
*clientfd = accept(*sockfd, (struct sockaddr*)&client, *clientfd = accept(*sockfd, (struct sockaddr*)&client,
(ACCEPT_THIRD_T)&client_len); (ACCEPT_THIRD_T)&client_len);
#ifdef USE_WINDOWS_API if(WOLFSSL_SOCKET_IS_INVALID(*clientfd)) {
if (*clientfd == INVALID_SOCKET)
err_sys("tcp accept failed"); err_sys("tcp accept failed");
#else }
if (*clientfd == -1)
err_sys("tcp accept failed");
#endif
} }
@@ -1911,17 +1938,17 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
} key_ctx; } key_ctx;
static key_ctx myKey_ctx; static key_ctx myKey_ctx;
static WC_RNG rng; static WC_RNG myKey_rng;
static INLINE int TicketInit(void) static INLINE int TicketInit(void)
{ {
int ret = wc_InitRng(&rng); int ret = wc_InitRng(&myKey_rng);
if (ret != 0) return ret; if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&rng, myKey_ctx.key, sizeof(myKey_ctx.key)); ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.key, sizeof(myKey_ctx.key));
if (ret != 0) return ret; if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&rng, myKey_ctx.name,sizeof(myKey_ctx.name)); ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.name,sizeof(myKey_ctx.name));
if (ret != 0) return ret; if (ret != 0) return ret;
return 0; return 0;
@@ -1929,7 +1956,7 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
static INLINE void TicketCleanup(void) static INLINE void TicketCleanup(void)
{ {
wc_FreeRng(&rng); wc_FreeRng(&myKey_rng);
} }
static INLINE int myTicketEncCb(WOLFSSL* ssl, static INLINE int myTicketEncCb(WOLFSSL* ssl,
@@ -1951,7 +1978,7 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
if (enc) { if (enc) {
XMEMCPY(key_name, myKey_ctx.name, WOLFSSL_TICKET_NAME_SZ); XMEMCPY(key_name, myKey_ctx.name, WOLFSSL_TICKET_NAME_SZ);
ret = wc_RNG_GenerateBlock(&rng, iv, WOLFSSL_TICKET_IV_SZ); ret = wc_RNG_GenerateBlock(&myKey_rng, iv, WOLFSSL_TICKET_IV_SZ);
if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; if (ret != 0) return WOLFSSL_TICKET_RET_REJECT;
/* build aad from key name, iv, and length */ /* build aad from key name, iv, and length */