feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

fix merge conflict

Browse Source
This commit is contained in:
toddouska
2015-11-02 13:26:46 -08:00
parent 54a0a3370a
commit fbd4f8a6ed
2 changed files with 115 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
examples/client/client.c
View File

@ -127,6 +127,15 @@ static void ShowCiphers(void)
printf("%s\n", ciphers); printf("%s\n", ciphers);
} }
/* Shows which versions are valid */
static void ShowVersions(void)
{
#ifdef WOLFSSL_ALLOW_SSLV3
printf("0:");
#endif
printf("1:2:3\n");
}
int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
int doDTLS, int benchmark, int resumeSession) int doDTLS, int benchmark, int resumeSession)
{ {
@ -300,6 +309,7 @@ static void Usage(void)
printf("-p <num> Port to connect on, not 0, default %d\n", wolfSSLPort); printf("-p <num> Port to connect on, not 0, default %d\n", wolfSSLPort);
printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", printf("-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
CLIENT_DEFAULT_VERSION); CLIENT_DEFAULT_VERSION);
printf("-V Prints valid ssl version numbers, SSLv3(0) - TLS1.2(3)\n");
printf("-l <str> Cipher suite list (: delimited)\n"); printf("-l <str> Cipher suite list (: delimited)\n");
printf("-c <file> Certificate file, default %s\n", cliCert); printf("-c <file> Certificate file, default %s\n", cliCert);
printf("-k <file> Key file, default %s\n", cliKey); printf("-k <file> Key file, default %s\n", cliKey);
@ -375,8 +385,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
WOLFSSL* sslResume = 0; WOLFSSL* sslResume = 0;
WOLFSSL_SESSION* session = 0; WOLFSSL_SESSION* session = 0;
char resumeMsg[] = "resuming wolfssl!"; char resumeMsg[32] = "resuming wolfssl!";
int resumeSz = sizeof(resumeMsg); int resumeSz = (int)strlen(resumeMsg);
char msg[32] = "hello wolfssl!"; /* GET may make bigger */ char msg[32] = "hello wolfssl!"; /* GET may make bigger */
char reply[80]; char reply[80];
@ -472,7 +482,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef WOLFSSL_VXWORKS #ifndef WOLFSSL_VXWORKS
while ((ch = mygetopt(argc, argv, while ((ch = mygetopt(argc, argv,
"?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:aB:W")) != -1) { "?gdeDusmNrwRitfxXUPCVh:p:v:l:A:c:k:Z:b:zS:L:ToO:aB:W")) != -1) {
switch (ch) { switch (ch) {
case '?' : case '?' :
Usage(); Usage();
@ -563,6 +573,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
} }
break; break;
case 'V' :
ShowVersions();
exit(EXIT_SUCCESS);
case 'l' : case 'l' :
cipherList = myoptarg; cipherList = myoptarg;
break; break;
@ -1096,6 +1110,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
msgSz = 28; msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz); strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
msg[msgSz] = '\0'; msg[msgSz] = '\0';
resumeSz = msgSz;
strncpy(resumeMsg, "GET /index.html HTTP/1.0\r\n\r\n", resumeSz);
resumeMsg[resumeSz] = '\0';
} }
if (wolfSSL_write(ssl, msg, msgSz) != msgSz) if (wolfSSL_write(ssl, msg, msgSz) != msgSz)
err_sys("SSL_write failed"); err_sys("SSL_write failed");
@ -1176,7 +1194,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
(void*)"resumed session"); (void*)"resumed session");
#endif #endif
showPeer(sslResume);
#ifndef WOLFSSL_CALLBACKS #ifndef WOLFSSL_CALLBACKS
if (nonBlocking) { if (nonBlocking) {
wolfSSL_set_using_nonblock(sslResume, 1); wolfSSL_set_using_nonblock(sslResume, 1);
@ -1190,6 +1207,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
timeout.tv_usec = 0; timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
#endif #endif
showPeer(sslResume);
if (wolfSSL_session_reused(sslResume)) if (wolfSSL_session_reused(sslResume))
printf("reused session id\n"); printf("reused session id\n");
@ -1228,11 +1246,28 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif #endif
} }
input = wolfSSL_read(sslResume, reply, sizeof(reply)-1); input = wolfSSL_read(sslResume, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0; if (input > 0) {
printf("Server resume response: %s\n", reply); reply[input] = 0;
printf("Server resume response: %s\n", reply);
if (sendGET) { /* get html */
while (1) {
input = wolfSSL_read(sslResume, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("%s\n", reply);
}
else
break;
}
} }
} else if (input < 0) {
int readErr = wolfSSL_get_error(ssl, 0);
if (readErr != SSL_ERROR_WANT_READ)
err_sys("wolfSSL_read failed");
}
/* try to send session break */ /* try to send session break */
wolfSSL_write(sslResume, msg, msgSz); wolfSSL_write(sslResume, msg, msgSz);

107
scripts/openssl.test
View File

@ -1,4 +1,4 @@
#!/bin/bash #!/bin/sh
#openssl.test #openssl.test
@ -41,7 +41,7 @@ command -v openssl >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but
echo -e "\nTesting for _build directory as part of distcheck, different paths" echo -e "\nTesting for _build directory as part of distcheck, different paths"
currentDir=`pwd` currentDir=`pwd`
if [[ $currentDir == *"_build" ]] if [ $currentDir = *"_build" ]
then then
echo -e "_build directory detected, moving a directory back" echo -e "_build directory detected, moving a directory back"
cd .. cd ..
@ -49,17 +49,13 @@ fi
echo -e "\nStarting openssl server...\n" echo -e "\nStarting openssl server...\n"
openssl s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem & openssl s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -CAfile ./certs/client-cert.pem -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem -Verify 10 -verify_return_error &
server_pid=$! server_pid=$!
# get openssl ciphers
open_ciphers=`openssl ciphers`
IFS=':' read -ra opensslArray <<< "$open_ciphers"
# get wolfssl ciphers # get wolfssl ciphers
wolf_ciphers=`./examples/client/client -e` wolf_ciphers=`./examples/client/client -e`
IFS=':' read -ra wolfsslArray <<< "$wolf_ciphers"
# server should be ready, let's make sure # server should be ready, let's make sure
server_ready=0 server_ready=0
@ -67,7 +63,7 @@ while [ "$counter" -lt 20 ]; do
echo -e "waiting for openssl s_server ready..." echo -e "waiting for openssl s_server ready..."
nc -z localhost $openssl_port nc -z localhost $openssl_port
nc_result=$? nc_result=$?
if [ $nc_result == 0 ] if [ $nc_result = 0 ]
then then
echo -e "openssl s_server ready!" echo -e "openssl s_server ready!"
server_ready=1 server_ready=1
@ -78,45 +74,86 @@ while [ "$counter" -lt 20 ]; do
done done
if [ $server_ready == 0 ] if [ $server_ready = 0 ]
then then
echo -e "Couldn't verify openssl server is running, timeout error" echo -e "Couldn't verify openssl server is running, timeout error"
do_cleanup do_cleanup
exit -1 exit -1
fi fi
for wolfSuite in "${wolfsslArray[@]}"; do OIFS=$IFS # store old seperator to reset
IFS=$'\:' # set delimiter
set -f # no globbing
echo -e "trying wolfSSL cipher suite $wolfSuite" wolf_versions=`./examples/client/client -V`
matchSuite=0 wolf_versions="$wolf_versions:4" #:4 will test without -v flag
wolf_suites_total=$((wolf_suites_total + 1))
for openSuite in "${opensslArray[@]}"; do wolf_temp_suites_total=0
if [ $openSuite == $wolfSuite ] wolf_temp_suites_tested=0
then
for version in $wolf_versions;
do
echo -e "version = $version"
# get openssl ciphers depending on version
case $version in "0")
openssl_ciphers=`openssl ciphers "SSLv3"`
;;
"1")
openssl_ciphers=`openssl ciphers "TLSv1"`
;;
"2")
openssl_ciphers=`openssl ciphers "TLSv1.1"`
;;
"3")
openssl_ciphers=`openssl ciphers "TLSv1.2"`
;;
"4") #test all suites
openssl_ciphers=`openssl ciphers "ALL"`
;;
esac
for wolfSuite in $wolf_ciphers; do
echo -e "trying wolfSSL cipher suite $wolfSuite"
wolf_temp_suites_total=$((wolf_temp_suites_total + 1))
matchSuite=0;
case ":$openssl_ciphers:" in *":$wolfSuite:"*) # add extra : for edge cases
echo -e "Matched to OpenSSL suite support" echo -e "Matched to OpenSSL suite support"
matchSuite=1 matchSuite=1;;
esac
if [ $matchSuite = 0 ]
then
echo -e "Couldn't match suite, continuing..."
continue
fi fi
if [ $version -lt 4 ]
then
./examples/client/client -p $openssl_port -g -r -l $wolfSuite -v $version
else
# do all versions
./examples/client/client -p $openssl_port -g -r -l $wolfSuite
fi
client_result=$?
if [ $client_result != 0 ]
then
echo -e "client failed! Suite = $wolfSuite version = $version"
do_cleanup
exit 1
fi
wolf_temp_suites_tested=$((wolf_temp_suites_tested+1))
done done
wolf_suites_tested=$((wolf_temp_suites_tested+wolf_suites_tested))
if [ $matchSuite == 0 ] wolf_suites_total=$((wolf_temp_suites_total+wolf_suites_total))
then echo -e "wolfSSL suites tested with version:$version $wolf_temp_suites_tested"
echo -e "Couldn't match suite, continuing..." wolf_temp_suites_total=0
continue wolf_temp_suites_tested=0
fi
./examples/client/client -p $openssl_port -g -l $wolfSuite
client_result=$?
if [ $client_result != 0 ]
then
echo -e "client failed!"
do_cleanup
exit 1
fi
wolf_suites_tested=$((wolf_suites_tested+1))
done done
IFS=$OIFS #restore separator
kill -9 $server_pid kill -9 $server_pid