From b7a35eabd203adbe0b5c8142df97a67960a91c4e Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 18 Aug 2016 17:02:54 -0700 Subject: [PATCH] Add simple SCTP example tools --- .gitignore | 4 ++ configure.ac | 2 + examples/include.am | 1 + examples/sctp/include.am | 38 ++++++++++ examples/sctp/sctp-client-dtls.c | 105 ++++++++++++++++++++++++++++ examples/sctp/sctp-client.c | 64 +++++++++++++++++ examples/sctp/sctp-server-dtls.c | 115 +++++++++++++++++++++++++++++++ examples/sctp/sctp-server.c | 70 +++++++++++++++++++ 8 files changed, 399 insertions(+) create mode 100644 examples/sctp/include.am create mode 100644 examples/sctp/sctp-client-dtls.c create mode 100644 examples/sctp/sctp-client.c create mode 100644 examples/sctp/sctp-server-dtls.c create mode 100644 examples/sctp/sctp-server.c diff --git a/.gitignore b/.gitignore index ab22d786e..dd4247fcc 100644 --- a/.gitignore +++ b/.gitignore @@ -51,6 +51,10 @@ examples/client/client examples/echoclient/echoclient examples/echoserver/echoserver examples/server/server +examples/sctp/sctp-server +examples/sctp/sctp-server-dtls +examples/sctp/sctp-client +examples/sctp/sctp-client-dtls server_ready snifftest output diff --git a/configure.ac b/configure.ac index 0d1e70405..eeccde13b 100644 --- a/configure.ac +++ b/configure.ac @@ -227,6 +227,8 @@ AC_ARG_ENABLE([sctp], [ENABLED_SCTP=$enableval], [ENABLED_SCTP=no]) +AM_CONDITIONAL([BUILD_SCTP], [test "x$ENABLED_SCTP" = "xyes"]) + # OpenSSH compatibility Build AC_ARG_ENABLE([openssh], diff --git a/examples/include.am b/examples/include.am index e06bc86a1..66b82b1cd 100644 --- a/examples/include.am +++ b/examples/include.am @@ -5,3 +5,4 @@ include examples/client/include.am include examples/echoclient/include.am include examples/echoserver/include.am include examples/server/include.am +include examples/sctp/include.am diff --git a/examples/sctp/include.am b/examples/sctp/include.am new file mode 100644 index 000000000..ae970b40b --- /dev/null +++ b/examples/sctp/include.am @@ -0,0 +1,38 @@ +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + + +if BUILD_SCTP +if BUILD_EXAMPLE_SERVERS +noinst_PROGRAMS += \ + examples/sctp/sctp-server \ + examples/sctp/sctp-server-dtls +examples_sctp_sctp_server_SOURCES = examples/sctp/sctp-server.c +examples_sctp_sctp_server_LDADD = $(LIB_STATIC_ADD) +examples_sctp_sctp_server_dtls_SOURCES = examples/sctp/sctp-server-dtls.c +examples_sctp_sctp_server_dtls_LDADD = src/libwolfssl.la $(LIB_STATIC_ADD) +examples_sctp_sctp_server_dtls_DEPENDENCIES = src/libwolfssl.la +endif +if BUILD_EXAMPLE_CLIENTS +noinst_PROGRAMS += \ + examples/sctp/sctp-client \ + examples/sctp/sctp-client-dtls +examples_sctp_sctp_client_SOURCES = examples/sctp/sctp-client.c +examples_sctp_sctp_client_LDADD = $(LIB_STATIC_ADD) +examples_sctp_sctp_client_dtls_SOURCES = examples/sctp/sctp-client-dtls.c +examples_sctp_sctp_client_dtls_LDADD = src/libwolfssl.la $(LIB_STATIC_ADD) +examples_sctp_sctp_client_dtls_DEPENDENCIES = src/libwolfssl.la +endif +endif + +dist_example_DATA += \ + examples/sctp/sctp-server.c \ + examples/sctp/sctp-server-dtls.c \ + examples/sctp/sctp-client.c \ + examples/sctp/sctp-client-dtls.c +DISTCLEANFILES += \ + examples/sctp/.libs/sctp-server \ + examples/sctp/.libs/sctp-server-dtls \ + examples/sctp/.libs/sctp-client \ + examples/sctp/.libs/sctp-client-dtls diff --git a/examples/sctp/sctp-client-dtls.c b/examples/sctp/sctp-client-dtls.c new file mode 100644 index 000000000..c1708d451 --- /dev/null +++ b/examples/sctp/sctp-client-dtls.c @@ -0,0 +1,105 @@ +/* sctp-client-dtls.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* sctp */ +#include +#include +#include +#include + +/* std */ +#include +#include +#include +#include + +/* wolfssl */ +#include +#include + + + +#define cacert "./certs/ca-cert.pem" + +static int err_sys(const char* msg) +{ + perror(msg); + exit(EXIT_FAILURE); +} + +int main() +{ + int sd = socket(PF_INET, SOCK_STREAM, IPPROTO_SCTP); + + if (sd < 0) + err_sys("sctp socket error"); + + struct sockaddr_in sa; + memset(&sa, 0, sizeof(sa)); + sa.sin_family = AF_INET; + sa.sin_addr.s_addr = inet_addr("127.0.0.1"); + sa.sin_port = htons(12345); + + int ret = connect(sd, (struct sockaddr*)&sa, sizeof(sa)); + if (ret < 0) + err_sys("sctp connect error"); + + const char* response = "hello there"; + char buffer[80]; + + WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method()); + if (ctx == NULL) + err_sys("ctx new dtls client failed"); + + ret = wolfSSL_CTX_load_verify_locations(ctx, cacert, NULL); + if (ret != SSL_SUCCESS) + err_sys("ca cert error"); + + WOLFSSL* ssl = wolfSSL_new(ctx); + if (ssl == NULL) + err_sys("ssl new dtls client failed"); + + wolfSSL_set_fd(ssl, sd); + + ret = wolfSSL_connect(ssl); + if (ret != SSL_SUCCESS) + err_sys("ssl connect failed"); + + printf("TLS version is %s\n", wolfSSL_get_version(ssl)); + printf("Cipher Suite is %s\n", + wolfSSL_CIPHER_get_name(wolfSSL_get_current_cipher(ssl))); + + wolfSSL_write(ssl, response, strlen(response)); + int got = wolfSSL_read(ssl, buffer, sizeof(buffer)); + if (got > 0) { + buffer[got] = 0; + printf("server said: %s\n", buffer); + } + + wolfSSL_shutdown(ssl); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + + close(sd); + + return 0; +} diff --git a/examples/sctp/sctp-client.c b/examples/sctp/sctp-client.c new file mode 100644 index 000000000..dece6cc88 --- /dev/null +++ b/examples/sctp/sctp-client.c @@ -0,0 +1,64 @@ +/* sctp-client.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* sctp */ +#include +#include +#include +#include + +/* std */ +#include +#include +#include + +int main() +{ + int sd = socket(PF_INET, SOCK_STREAM, IPPROTO_SCTP); + + if (sd < 0) + perror("sctp socket error"); + + struct sockaddr_in sa; + memset(&sa, 0, sizeof(sa)); + sa.sin_family = AF_INET; + sa.sin_addr.s_addr = inet_addr("127.0.0.1"); + sa.sin_port = htons(12345); + + int ret = connect(sd, (struct sockaddr*)&sa, sizeof(sa)); + if (ret < 0) + perror("sctp connect error"); + + const char* msg = "hello sctp"; + char buffer[80]; + + send(sd, msg, strlen(msg), 0); + int got = recv(sd, buffer, sizeof(buffer), 0); + if (got > 0) { + buffer[got] = 0; + printf("server said: %s\n", buffer); + } + + close(sd); + + return 0; +} diff --git a/examples/sctp/sctp-server-dtls.c b/examples/sctp/sctp-server-dtls.c new file mode 100644 index 000000000..d255c733c --- /dev/null +++ b/examples/sctp/sctp-server-dtls.c @@ -0,0 +1,115 @@ +/* sctp-server-dtls.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* sctp */ +#include +#include +#include + +/* std */ +#include +#include +#include +#include + +/* wolfssl */ +#include +#include + + + +#define key "./certs/server-key.pem" +#define cert "./certs/server-cert.pem" + +static int err_sys(const char* msg) +{ + perror(msg); + exit(EXIT_FAILURE); +} + +int main() +{ + int sd = socket(PF_INET, SOCK_STREAM, IPPROTO_SCTP); + + if (sd < 0) + err_sys("sctp socket error"); + + struct sockaddr_in sa; + memset(&sa, 0, sizeof(sa)); + sa.sin_family = AF_INET; + sa.sin_addr.s_addr = htonl(INADDR_ANY); + sa.sin_port = htons(12345); + + int ret = bind(sd, (struct sockaddr*)&sa, sizeof(sa)); + if (ret < 0) + err_sys("sctp bind error"); + + listen(sd, 3); + + int client_sd = accept(sd, NULL, NULL); + if (client_sd < 0) + err_sys("sctp accept error"); + + const char* response = "well hello to you"; + char buffer[80]; + + WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()); + if (ctx == NULL) + err_sys("ctx new dtls server failed"); + + ret = wolfSSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM); + if (ret != SSL_SUCCESS) + err_sys("use private key error"); + + ret = wolfSSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM); + if (ret != SSL_SUCCESS) + err_sys("use cert error"); + + WOLFSSL* ssl = wolfSSL_new(ctx); + if (ssl == NULL) + err_sys("ssl new dtls server failed"); + + wolfSSL_set_fd(ssl, client_sd); + + ret = wolfSSL_accept(ssl); + if (ret != SSL_SUCCESS) + err_sys("ssl accept failed"); + + printf("TLS version is %s\n", wolfSSL_get_version(ssl)); + printf("Cipher Suite is %s\n", + wolfSSL_CIPHER_get_name(wolfSSL_get_current_cipher(ssl))); + + int got = wolfSSL_read(ssl, buffer, sizeof(buffer)); + if (got > 0) { + buffer[got] = 0; + printf("client said: %s\n", buffer); + } + wolfSSL_write(ssl, response, strlen(response)); + + wolfSSL_shutdown(ssl); + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); + + close(sd); + + return 0; +} diff --git a/examples/sctp/sctp-server.c b/examples/sctp/sctp-server.c new file mode 100644 index 000000000..4228efbaa --- /dev/null +++ b/examples/sctp/sctp-server.c @@ -0,0 +1,70 @@ +/* sctp-server.c + * + * Copyright (C) 2006-2016 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +/* sctp */ +#include +#include +#include + +/* std */ +#include +#include +#include + +int main() +{ + int sd = socket(PF_INET, SOCK_STREAM, IPPROTO_SCTP); + + if (sd < 0) + perror("sctp socket error"); + + struct sockaddr_in sa; + memset(&sa, 0, sizeof(sa)); + sa.sin_family = AF_INET; + sa.sin_addr.s_addr = htonl(INADDR_ANY); + sa.sin_port = htons(12345); + + int ret = bind(sd, (struct sockaddr*)&sa, sizeof(sa)); + if (ret < 0) + perror("sctp bind error"); + + listen(sd, 3); + + int client_sd = accept(sd, NULL, NULL); + if (client_sd < 0) + perror("sctp accept error"); + + const char* response = "hi there"; + char buffer[80]; + + int got = recv(client_sd, buffer, sizeof(buffer), 0); + if (got > 0) { + buffer[got] = 0; + printf("client said: %s\n", buffer); + } + send(client_sd, response, strlen(response), 0); + + + close(sd); + + return 0; +}