2011-07-26 13:27:22 -07:00
|
|
|
|
/* server.c
|
|
|
|
|
|
*
|
2019-03-15 10:37:36 -07:00
|
|
|
|
* Copyright (C) 2006-2019 wolfSSL Inc.
|
2011-07-26 13:27:22 -07:00
|
|
|
|
*
|
2016-03-17 16:02:13 -06:00
|
|
|
|
* This file is part of wolfSSL.
|
2011-07-26 13:27:22 -07:00
|
|
|
|
*
|
2015-01-06 12:14:15 -07:00
|
|
|
|
* wolfSSL is free software; you can redistribute it and/or modify
|
2011-07-26 13:27:22 -07:00
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
|
*
|
2015-01-06 12:14:15 -07:00
|
|
|
|
* wolfSSL is distributed in the hope that it will be useful,
|
2011-07-26 13:27:22 -07:00
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
|
*
|
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
2016-03-17 16:02:13 -06:00
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
2011-07-26 13:27:22 -07:00
|
|
|
|
*/
|
|
|
|
|
|
|
2016-03-17 16:02:13 -06:00
|
|
|
|
|
2011-08-24 16:37:16 -07:00
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#include <wolfssl/ssl.h> /* name change portability layer */
|
2011-08-04 16:42:55 -06:00
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#include <wolfssl/wolfcrypt/settings.h>
|
2014-09-09 10:14:32 -07:00
|
|
|
|
#ifdef HAVE_ECC
|
2018-03-06 16:45:44 -08:00
|
|
|
|
#include <wolfssl/wolfcrypt/ecc.h> /* wc_ecc_fp_free */
|
2014-09-09 10:14:32 -07:00
|
|
|
|
#endif
|
2013-04-10 12:17:23 -07:00
|
|
|
|
|
2015-11-27 11:31:12 +09:00
|
|
|
|
#if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
|
2014-04-11 16:20:12 +09:00
|
|
|
|
#include <stdio.h>
|
|
|
|
|
|
#include <string.h>
|
2018-01-01 11:57:31 +09:00
|
|
|
|
#include "rl_fs.h"
|
|
|
|
|
|
#include "rl_net.h"
|
2014-04-11 16:20:12 +09:00
|
|
|
|
#endif
|
2018-01-01 11:57:31 +09:00
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#include <wolfssl/openssl/ssl.h>
|
|
|
|
|
|
#include <wolfssl/test.h>
|
|
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
|
#include <wolfssl/error-ssl.h>
|
2017-07-31 11:24:42 -07:00
|
|
|
|
#endif
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2012-09-19 23:38:41 -07:00
|
|
|
|
#include "examples/server/server.h"
|
|
|
|
|
|
|
2017-06-26 23:05:32 -07:00
|
|
|
|
#ifndef NO_WOLFSSL_SERVER
|
|
|
|
|
|
|
2016-08-15 13:59:41 -06:00
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
static int devId = INVALID_DEVID;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2015-12-24 15:42:52 -08:00
|
|
|
|
/* Note on using port 0: if the server uses port 0 to bind an ephemeral port
|
|
|
|
|
|
* number and is using the ready file for scripted testing, the code in
|
|
|
|
|
|
* test.h will write the actual port number into the ready file for use
|
|
|
|
|
|
* by the client. */
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2016-12-22 12:53:29 +10:00
|
|
|
|
static const char webServerMsg[] =
|
2019-03-01 13:52:45 -07:00
|
|
|
|
"HTTP/1.1 200 OK\r\n"
|
|
|
|
|
|
"Content-Type: text/html\r\n"
|
|
|
|
|
|
"Connection: close\r\n"
|
2019-03-20 11:01:24 -07:00
|
|
|
|
"Content-Length: 141\r\n"
|
2019-02-15 15:45:30 -07:00
|
|
|
|
"\r\n"
|
2019-03-01 13:52:45 -07:00
|
|
|
|
"<html>\r\n"
|
|
|
|
|
|
"<head>\r\n"
|
|
|
|
|
|
"<title>Welcome to wolfSSL!</title>\r\n"
|
|
|
|
|
|
"</head>\r\n"
|
|
|
|
|
|
"<body>\r\n"
|
|
|
|
|
|
"<p>wolfSSL has successfully performed handshake!</p>\r\n"
|
|
|
|
|
|
"</body>\r\n"
|
|
|
|
|
|
"</html>\r\n";
|
2015-04-28 12:21:54 -07:00
|
|
|
|
|
2017-06-22 22:19:59 -06:00
|
|
|
|
int runWithErrors = 0; /* Used with -x flag to run err_sys vs. print errors */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
static int lng_index = 0;
|
2017-06-26 23:05:32 -07:00
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifdef WOLFSSL_CALLBACKS
|
2017-06-26 23:05:32 -07:00
|
|
|
|
Timeval srvTo;
|
|
|
|
|
|
static int srvHandShakeCB(HandShakeInfo* info)
|
|
|
|
|
|
{
|
|
|
|
|
|
(void)info;
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int srvTimeoutCB(TimeoutInfo* info)
|
|
|
|
|
|
{
|
|
|
|
|
|
(void)info;
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
|
#ifndef NO_HANDSHAKE_DONE_CB
|
|
|
|
|
|
static int myHsDoneCb(WOLFSSL* ssl, void* user_ctx)
|
|
|
|
|
|
{
|
|
|
|
|
|
(void)user_ctx;
|
|
|
|
|
|
(void)ssl;
|
|
|
|
|
|
|
|
|
|
|
|
/* printf("Notified HandShake done\n"); */
|
|
|
|
|
|
|
|
|
|
|
|
/* return negative number to end TLS connection now */
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
|
|
2017-06-22 22:19:59 -06:00
|
|
|
|
static void err_sys_ex(int out, const char* msg)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (out == 1) { /* if server is running w/ -x flag, print error w/o exit */
|
|
|
|
|
|
printf("wolfSSL error: %s\n", msg);
|
|
|
|
|
|
printf("Continuing server execution...\n\n");
|
|
|
|
|
|
} else {
|
|
|
|
|
|
err_sys(msg);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-12-18 11:40:04 -08:00
|
|
|
|
|
|
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
|
|
|
|
|
|
|
/* Translates return codes returned from
|
|
|
|
|
|
* send() and recv() if need be.
|
|
|
|
|
|
*/
|
|
|
|
|
|
static WC_INLINE int TranslateReturnCode(int old, int sd)
|
|
|
|
|
|
{
|
|
|
|
|
|
(void)sd;
|
|
|
|
|
|
|
|
|
|
|
|
#if defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
|
|
|
|
|
|
if (old == 0) {
|
|
|
|
|
|
errno = SOCKET_EWOULDBLOCK;
|
|
|
|
|
|
return -1; /* convert to BSD style wouldblock as error */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (old < 0) {
|
|
|
|
|
|
errno = RTCS_geterror(sd);
|
|
|
|
|
|
if (errno == RTCSERR_TCP_CONN_CLOSING)
|
|
|
|
|
|
return 0; /* convert to BSD style closing */
|
|
|
|
|
|
if (errno == RTCSERR_TCP_CONN_RLSD)
|
|
|
|
|
|
errno = SOCKET_ECONNRESET;
|
|
|
|
|
|
if (errno == RTCSERR_TCP_TIMED_OUT)
|
|
|
|
|
|
errno = SOCKET_EAGAIN;
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
|
return old;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static WC_INLINE int wolfSSL_LastError(void)
|
|
|
|
|
|
{
|
|
|
|
|
|
#ifdef USE_WINDOWS_API
|
|
|
|
|
|
return WSAGetLastError();
|
|
|
|
|
|
#elif defined(EBSNET)
|
|
|
|
|
|
return xn_getlasterror();
|
|
|
|
|
|
#else
|
|
|
|
|
|
return errno;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* wolfSSL Sock Addr */
|
|
|
|
|
|
struct WOLFSSL_TEST_SOCKADDR {
|
|
|
|
|
|
unsigned int sz; /* sockaddr size */
|
|
|
|
|
|
SOCKADDR_IN_T sa; /* pointer to the sockaddr_in or sockaddr_in6 */
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
typedef struct WOLFSSL_TEST_DTLS_CTX {
|
|
|
|
|
|
struct WOLFSSL_TEST_SOCKADDR peer;
|
|
|
|
|
|
int rfd;
|
|
|
|
|
|
int wfd;
|
|
|
|
|
|
int failOnce;
|
|
|
|
|
|
word32 blockSeq;
|
|
|
|
|
|
} WOLFSSL_TEST_DTLS_CTX;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static WC_INLINE int PeekSeq(const char* buf, word32* seq)
|
|
|
|
|
|
{
|
|
|
|
|
|
const char* c = buf + 3;
|
|
|
|
|
|
|
|
|
|
|
|
if ((c[0] | c[1] | c[2] | c[3]) == 0) {
|
|
|
|
|
|
*seq = (c[4] << 24) | (c[5] << 16) | (c[6] << 8) | c[7];
|
|
|
|
|
|
return 1;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* The send embedded callback
|
|
|
|
|
|
* return : nb bytes sent, or error
|
|
|
|
|
|
*/
|
|
|
|
|
|
static int TestEmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
|
|
|
|
|
{
|
|
|
|
|
|
WOLFSSL_TEST_DTLS_CTX* dtlsCtx = (WOLFSSL_TEST_DTLS_CTX*)ctx;
|
|
|
|
|
|
int sd = dtlsCtx->wfd;
|
|
|
|
|
|
int sent;
|
|
|
|
|
|
int len = sz;
|
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
|
|
(void)ssl;
|
|
|
|
|
|
|
|
|
|
|
|
WOLFSSL_ENTER("TestEmbedSendTo()");
|
|
|
|
|
|
|
|
|
|
|
|
if (dtlsCtx->failOnce) {
|
|
|
|
|
|
word32 seq = 0;
|
2019-07-24 10:35:33 -07:00
|
|
|
|
|
2018-12-18 11:40:04 -08:00
|
|
|
|
if (PeekSeq(buf, &seq) && seq == dtlsCtx->blockSeq) {
|
|
|
|
|
|
dtlsCtx->failOnce = 0;
|
|
|
|
|
|
WOLFSSL_MSG("Forcing WANT_WRITE");
|
|
|
|
|
|
return WOLFSSL_CBIO_ERR_WANT_WRITE;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
sent = (int)sendto(sd, &buf[sz - len], len, 0,
|
|
|
|
|
|
(const SOCKADDR*)&dtlsCtx->peer.sa,
|
|
|
|
|
|
dtlsCtx->peer.sz);
|
|
|
|
|
|
|
|
|
|
|
|
sent = TranslateReturnCode(sent, sd);
|
|
|
|
|
|
|
|
|
|
|
|
if (sent < 0) {
|
|
|
|
|
|
err = wolfSSL_LastError();
|
|
|
|
|
|
WOLFSSL_MSG("Embed Send To error");
|
|
|
|
|
|
|
|
|
|
|
|
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
|
|
|
|
|
|
WOLFSSL_MSG("\tWould Block");
|
|
|
|
|
|
return WOLFSSL_CBIO_ERR_WANT_WRITE;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (err == SOCKET_ECONNRESET) {
|
|
|
|
|
|
WOLFSSL_MSG("\tConnection reset");
|
|
|
|
|
|
return WOLFSSL_CBIO_ERR_CONN_RST;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (err == SOCKET_EINTR) {
|
|
|
|
|
|
WOLFSSL_MSG("\tSocket interrupted");
|
|
|
|
|
|
return WOLFSSL_CBIO_ERR_ISR;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (err == SOCKET_EPIPE) {
|
|
|
|
|
|
WOLFSSL_MSG("\tSocket EPIPE");
|
|
|
|
|
|
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
|
|
|
|
|
|
}
|
|
|
|
|
|
else {
|
|
|
|
|
|
WOLFSSL_MSG("\tGeneral error");
|
|
|
|
|
|
return WOLFSSL_CBIO_ERR_GENERAL;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return sent;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#endif /* WOLFSSL_DTLS */
|
|
|
|
|
|
|
|
|
|
|
|
|
2016-03-04 10:05:22 -08:00
|
|
|
|
static int NonBlockingSSL_Accept(SSL* ssl)
|
2012-10-17 13:13:58 -07:00
|
|
|
|
{
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifndef WOLFSSL_CALLBACKS
|
2012-10-17 13:13:58 -07:00
|
|
|
|
int ret = SSL_accept(ssl);
|
|
|
|
|
|
#else
|
2018-08-24 11:21:10 -07:00
|
|
|
|
int ret = wolfSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo);
|
2011-02-05 11:14:47 -08:00
|
|
|
|
#endif
|
2012-10-17 13:13:58 -07:00
|
|
|
|
int error = SSL_get_error(ssl, 0);
|
2018-02-01 11:02:35 -08:00
|
|
|
|
SOCKET_T sockfd = (SOCKET_T)SSL_get_fd(ssl);
|
2017-04-07 15:46:32 -07:00
|
|
|
|
int select_ret = 0;
|
2012-10-17 13:13:58 -07:00
|
|
|
|
|
2018-03-16 12:02:36 -07:00
|
|
|
|
while (ret != WOLFSSL_SUCCESS &&
|
|
|
|
|
|
(error == WOLFSSL_ERROR_WANT_READ || error == WOLFSSL_ERROR_WANT_WRITE
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
|| error == WC_PENDING_E
|
|
|
|
|
|
#endif
|
|
|
|
|
|
)) {
|
2013-05-08 12:49:55 -07:00
|
|
|
|
int currTimeout = 1;
|
|
|
|
|
|
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (error == WOLFSSL_ERROR_WANT_READ) {
|
2015-10-16 07:46:51 +02:00
|
|
|
|
/* printf("... server would read block\n"); */
|
2017-04-07 15:46:32 -07:00
|
|
|
|
}
|
2017-10-11 09:09:52 -07:00
|
|
|
|
else if (error == WOLFSSL_ERROR_WANT_WRITE) {
|
2015-10-16 07:46:51 +02:00
|
|
|
|
/* printf("... server would write block\n"); */
|
|
|
|
|
|
}
|
2018-03-16 12:02:36 -07:00
|
|
|
|
|
2017-04-07 15:46:32 -07:00
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
2018-03-16 12:02:36 -07:00
|
|
|
|
if (error == WC_PENDING_E) {
|
2017-04-07 15:46:32 -07:00
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
|
}
|
2018-03-16 12:02:36 -07:00
|
|
|
|
else
|
2017-04-07 15:46:32 -07:00
|
|
|
|
#endif
|
2018-03-16 12:02:36 -07:00
|
|
|
|
{
|
2018-12-14 11:30:03 -08:00
|
|
|
|
if (error != WOLFSSL_ERROR_WANT_WRITE) {
|
|
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
|
currTimeout = wolfSSL_dtls_get_current_timeout(ssl);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
select_ret = tcp_select(sockfd, currTimeout);
|
|
|
|
|
|
}
|
2017-04-07 15:46:32 -07:00
|
|
|
|
}
|
2012-10-17 13:13:58 -07:00
|
|
|
|
|
2018-12-14 11:30:03 -08:00
|
|
|
|
if ((select_ret == TEST_RECV_READY) || (select_ret == TEST_SEND_READY)
|
|
|
|
|
|
|| (select_ret == TEST_ERROR_READY)
|
2018-03-16 12:02:36 -07:00
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
|| error == WC_PENDING_E
|
|
|
|
|
|
#endif
|
|
|
|
|
|
) {
|
2018-06-06 13:14:06 -07:00
|
|
|
|
#ifndef WOLFSSL_CALLBACKS
|
2012-10-17 13:13:58 -07:00
|
|
|
|
ret = SSL_accept(ssl);
|
|
|
|
|
|
#else
|
2018-08-24 11:21:10 -07:00
|
|
|
|
ret = wolfSSL_accept_ex(ssl,
|
2012-10-17 13:13:58 -07:00
|
|
|
|
srvHandShakeCB, srvTimeoutCB, srvTo);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
error = SSL_get_error(ssl, 0);
|
2018-12-14 11:30:03 -08:00
|
|
|
|
if (error == WOLFSSL_ERROR_WANT_WRITE) {
|
|
|
|
|
|
/* Do a select here. */
|
|
|
|
|
|
select_ret = tcp_select_tx(sockfd, 1);
|
|
|
|
|
|
if (select_ret == TEST_TIMEOUT)
|
|
|
|
|
|
error = WOLFSSL_FATAL_ERROR;
|
|
|
|
|
|
}
|
2012-10-17 13:13:58 -07:00
|
|
|
|
}
|
2018-02-01 11:02:35 -08:00
|
|
|
|
else if (select_ret == TEST_TIMEOUT && !wolfSSL_dtls(ssl)) {
|
2017-10-11 09:09:52 -07:00
|
|
|
|
error = WOLFSSL_ERROR_WANT_READ;
|
2012-10-17 13:13:58 -07:00
|
|
|
|
}
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
|
else if (select_ret == TEST_TIMEOUT && wolfSSL_dtls(ssl) &&
|
|
|
|
|
|
wolfSSL_dtls_got_timeout(ssl) >= 0) {
|
2017-10-11 09:09:52 -07:00
|
|
|
|
error = WOLFSSL_ERROR_WANT_READ;
|
2013-05-08 12:49:55 -07:00
|
|
|
|
}
|
2017-04-07 15:46:32 -07:00
|
|
|
|
#endif
|
2012-10-17 13:13:58 -07:00
|
|
|
|
else {
|
2017-10-11 09:09:52 -07:00
|
|
|
|
error = WOLFSSL_FATAL_ERROR;
|
2012-10-17 13:13:58 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2016-03-04 10:05:22 -08:00
|
|
|
|
|
|
|
|
|
|
return ret;
|
2012-10-17 13:13:58 -07:00
|
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
|
/* Echo number of bytes specified by -e arg */
|
2018-04-09 13:53:05 +10:00
|
|
|
|
int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
|
|
|
|
|
|
int throughput)
|
2015-10-16 07:46:51 +02:00
|
|
|
|
{
|
2017-04-07 15:46:32 -07:00
|
|
|
|
int ret = 0, err;
|
|
|
|
|
|
double start = 0, rx_time = 0, tx_time = 0;
|
|
|
|
|
|
int xfer_bytes = 0, select_ret, len, rx_pos;
|
|
|
|
|
|
char* buffer;
|
2015-10-16 07:46:51 +02:00
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
buffer = (char*)malloc(block);
|
2017-04-07 15:46:32 -07:00
|
|
|
|
if (!buffer) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "Server buffer malloc failed");
|
2017-04-07 15:46:32 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
while ((echoData && throughput == 0) ||
|
|
|
|
|
|
(!echoData && xfer_bytes < throughput))
|
|
|
|
|
|
{
|
|
|
|
|
|
select_ret = tcp_select(clientfd, 1); /* Timeout=1 second */
|
|
|
|
|
|
if (select_ret == TEST_RECV_READY) {
|
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
len = min(block, throughput - xfer_bytes);
|
2017-04-07 15:46:32 -07:00
|
|
|
|
rx_pos = 0;
|
|
|
|
|
|
|
|
|
|
|
|
if (throughput) {
|
|
|
|
|
|
start = current_time(1);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-07 15:46:32 -07:00
|
|
|
|
/* Read data */
|
|
|
|
|
|
while (rx_pos < len) {
|
|
|
|
|
|
ret = SSL_read(ssl, &buffer[rx_pos], len - rx_pos);
|
2017-04-11 14:13:08 -07:00
|
|
|
|
if (ret < 0) {
|
2017-04-07 15:46:32 -07:00
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
#endif
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (err != WOLFSSL_ERROR_WANT_READ &&
|
2018-03-16 12:02:36 -07:00
|
|
|
|
err != WOLFSSL_ERROR_ZERO_RETURN) {
|
2017-04-07 15:46:32 -07:00
|
|
|
|
printf("SSL_read echo error %d\n", err);
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "SSL_read failed");
|
2019-04-11 11:30:41 -07:00
|
|
|
|
break;
|
2017-04-07 15:46:32 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
else {
|
|
|
|
|
|
rx_pos += ret;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if (throughput) {
|
|
|
|
|
|
rx_time += current_time(0) - start;
|
|
|
|
|
|
start = current_time(1);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* Write data */
|
|
|
|
|
|
do {
|
|
|
|
|
|
err = 0; /* reset error */
|
|
|
|
|
|
ret = SSL_write(ssl, buffer, len);
|
|
|
|
|
|
if (ret <= 0) {
|
|
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
} while (err == WC_PENDING_E);
|
|
|
|
|
|
if (ret != len) {
|
|
|
|
|
|
printf("SSL_write echo error %d\n", err);
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "SSL_write failed");
|
2017-04-07 15:46:32 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (throughput) {
|
|
|
|
|
|
tx_time += current_time(0) - start;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
xfer_bytes += len;
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-04-07 15:46:32 -07:00
|
|
|
|
|
|
|
|
|
|
free(buffer);
|
|
|
|
|
|
|
|
|
|
|
|
if (throughput) {
|
|
|
|
|
|
printf("wolfSSL Server Benchmark %d bytes\n"
|
|
|
|
|
|
"\tRX %8.3f ms (%8.3f MBps)\n"
|
|
|
|
|
|
"\tTX %8.3f ms (%8.3f MBps)\n",
|
|
|
|
|
|
throughput,
|
|
|
|
|
|
tx_time * 1000, throughput / tx_time / 1024 / 1024,
|
|
|
|
|
|
rx_time * 1000, throughput / rx_time / 1024 / 1024
|
|
|
|
|
|
);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return EXIT_SUCCESS;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-06-08 10:32:51 +10:00
|
|
|
|
static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
|
|
|
|
|
|
{
|
|
|
|
|
|
int ret, err;
|
2018-02-01 11:02:35 -08:00
|
|
|
|
char buffer[WOLFSSL_MAX_ERROR_SZ];
|
2017-06-08 10:32:51 +10:00
|
|
|
|
|
|
|
|
|
|
/* Read data */
|
|
|
|
|
|
do {
|
|
|
|
|
|
err = 0; /* reset error */
|
|
|
|
|
|
ret = SSL_read(ssl, input, inputLen);
|
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
2017-07-31 11:24:42 -07:00
|
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifdef WOLFSSL_DTLS
|
2017-07-31 11:24:42 -07:00
|
|
|
|
if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
|
|
|
|
|
|
printf("Dropped client's message due to a bad MAC\n");
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
2017-06-08 10:32:51 +10:00
|
|
|
|
#endif
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (err != WOLFSSL_ERROR_WANT_READ) {
|
2017-06-08 10:32:51 +10:00
|
|
|
|
printf("SSL_read input error %d, %s\n", err,
|
|
|
|
|
|
ERR_error_string(err, buffer));
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "SSL_read failed");
|
2017-06-08 10:32:51 +10:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2019-07-01 13:35:33 +10:00
|
|
|
|
else if (SSL_get_error(ssl, 0) == 0 &&
|
|
|
|
|
|
tcp_select(SSL_get_fd(ssl), 0) == TEST_RECV_READY) {
|
|
|
|
|
|
err = WOLFSSL_ERROR_WANT_READ;
|
|
|
|
|
|
}
|
2018-06-08 17:34:03 +10:00
|
|
|
|
} while (err == WC_PENDING_E || err == WOLFSSL_ERROR_WANT_READ);
|
2017-06-08 10:32:51 +10:00
|
|
|
|
if (ret > 0) {
|
|
|
|
|
|
input[ret] = 0; /* null terminate message */
|
|
|
|
|
|
printf("Client message: %s\n", input);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen)
|
|
|
|
|
|
{
|
|
|
|
|
|
int ret, err;
|
2018-02-01 11:02:35 -08:00
|
|
|
|
char buffer[WOLFSSL_MAX_ERROR_SZ];
|
2019-07-01 13:35:33 +10:00
|
|
|
|
int len;
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef OPENSSL_ALL
|
|
|
|
|
|
/* Fuzz testing expects reply split over two msgs when TLSv1.0 or below */
|
|
|
|
|
|
if (wolfSSL_GetVersion(ssl) <= WOLFSSL_TLSV1)
|
|
|
|
|
|
len = outputLen / 2;
|
|
|
|
|
|
else
|
|
|
|
|
|
#endif
|
|
|
|
|
|
len = outputLen;
|
2017-06-08 10:32:51 +10:00
|
|
|
|
|
|
|
|
|
|
do {
|
|
|
|
|
|
err = 0; /* reset error */
|
2019-07-01 13:35:33 +10:00
|
|
|
|
ret = SSL_write(ssl, output, len);
|
2017-06-08 10:32:51 +10:00
|
|
|
|
if (ret <= 0) {
|
|
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
2019-07-01 13:35:33 +10:00
|
|
|
|
else if (ret != outputLen) {
|
|
|
|
|
|
output += ret;
|
|
|
|
|
|
len = (outputLen -= ret);
|
|
|
|
|
|
err = WOLFSSL_ERROR_WANT_WRITE;
|
|
|
|
|
|
}
|
2017-10-11 09:09:52 -07:00
|
|
|
|
} while (err == WC_PENDING_E || err == WOLFSSL_ERROR_WANT_WRITE);
|
2017-06-08 10:32:51 +10:00
|
|
|
|
if (ret != outputLen) {
|
|
|
|
|
|
printf("SSL_write msg error %d, %s\n", err,
|
|
|
|
|
|
ERR_error_string(err, buffer));
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "SSL_write failed");
|
2017-06-08 10:32:51 +10:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2018-10-20 13:40:01 +09:00
|
|
|
|
/* when adding new option, please follow the steps below: */
|
|
|
|
|
|
/* 1. add new option message in English section */
|
|
|
|
|
|
/* 2. increase the number of the second dimention */
|
|
|
|
|
|
/* 3. add the same message into Japanese section */
|
|
|
|
|
|
/* (will be translated later) */
|
|
|
|
|
|
/* 4. add printf() into suitable position of Usage() */
|
|
|
|
|
|
static const char* server_usage_msg[][49] = {
|
|
|
|
|
|
/* English */
|
|
|
|
|
|
{
|
2018-10-20 17:15:17 +09:00
|
|
|
|
" NOTE: All files relative to wolfSSL home dir\n", /* 0 */
|
|
|
|
|
|
"-? <num> Help, print this usage\n"
|
|
|
|
|
|
" 0: English, 1: Japanese\n", /* 1 */
|
|
|
|
|
|
"-p <num> Port to listen on, not 0, default", /* 2 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifndef WOLFSSL_TLS13
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-v <num> SSL version [0-3], SSLv3(0) - TLS1.2(3)), default", /* 3 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#else
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-v <num> SSL version [0-4], SSLv3(0) - TLS1.3(4)), default", /* 3 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-l <str> Cipher suite list (: delimited)\n", /* 4 */
|
|
|
|
|
|
"-c <file> Certificate file, default", /* 5 */
|
|
|
|
|
|
"-k <file> Key file, default", /* 6 */
|
|
|
|
|
|
"-A <file> Certificate Authority file, default", /* 7 */
|
|
|
|
|
|
"-R <file> Create Ready file for external monitor"
|
|
|
|
|
|
" default none\n", /* 8 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifndef NO_DH
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-D <file> Diffie-Hellman Params file, default", /* 9 */
|
|
|
|
|
|
"-Z <num> Minimum DH key bits, default", /* 10 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_ALPN
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-L <str> Application-Layer Protocol Negotiation"
|
|
|
|
|
|
" ({C,F}:<list>)\n", /* 11 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-d Disable client cert check\n", /* 12 */
|
|
|
|
|
|
"-b Bind to any interface instead of localhost only\n",/* 13 */
|
|
|
|
|
|
"-s Use pre Shared keys\n", /* 14 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
"-u Use UDP DTLS,"
|
2018-10-20 17:15:17 +09:00
|
|
|
|
" add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n", /* 15 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef WOLFSSL_SCTP
|
|
|
|
|
|
"-G Use SCTP DTLS,"
|
2018-10-20 17:15:17 +09:00
|
|
|
|
" add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n", /* 16 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-f Fewer packets/group messages\n", /* 17 */
|
|
|
|
|
|
"-r Allow one client Resumption\n", /* 18 */
|
|
|
|
|
|
"-N Use Non-blocking sockets\n", /* 19 */
|
|
|
|
|
|
"-S <str> Use Host Name Indication\n", /* 20 */
|
|
|
|
|
|
"-w Wait for bidirectional shutdown\n", /* 21 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef HAVE_OCSP
|
|
|
|
|
|
"-o Perform OCSP lookup on peer certificate\n", /* 22 */
|
|
|
|
|
|
"-O <url> Perform OCSP lookup using <url> as responder\n", /* 23 */
|
|
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-P Public Key Callbacks\n", /* 24 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_ANON
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-a Anonymous server\n", /* 25 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifndef NO_PSK
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-I Do not send PSK identity hint\n", /* 26 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-x Print server errors but do not close connection\n",/* 27 */
|
|
|
|
|
|
"-i Loop indefinitely (allow repeated connections)\n", /* 28 */
|
|
|
|
|
|
"-e Echo data mode (return raw bytes received)\n", /* 29 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef HAVE_NTRU
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-n Use NTRU key (needed for NTRU suites)\n", /* 30 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-B <num> Benchmark throughput"
|
|
|
|
|
|
" using <num> bytes and print stats\n", /* 31 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef HAVE_CRL
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-V Disable CRL\n", /* 32 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-E <file> Path to load trusted peer cert\n", /* 33 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_WNR
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-q <file> Whitewood config file, default", /* 34 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-g Return basic HTML web page\n", /* 35 */
|
|
|
|
|
|
"-C <num> The number of connections to accept, default: 1\n",/* 36 */
|
|
|
|
|
|
"-H <arg> Internal tests"
|
2019-08-22 09:33:38 +10:00
|
|
|
|
" [defCipherList, exitWithRet, verifyFail, useSupCurve,\n", /* 37 */
|
|
|
|
|
|
" loadSSL, disallowETM]\n", /* 38 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-U Update keys and IVs before sending\n", /* 39 */
|
|
|
|
|
|
"-K Key Exchange for PSK not using (EC)DHE\n", /* 40 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifndef NO_DH
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-y Pre-generate Key Share using FFDHE_2048 only\n", /* 41 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_ECC
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-Y Pre-generate Key Share using P-256 only \n", /* 42 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_CURVE25519
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-t Pre-generate Key share using Curve25519 only\n", /* 43 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_SESSION_TICKET
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-T Do not generate session ticket\n", /* 44 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-Q Request certificate from client post-handshake\n", /* 45 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-J Server sends Cookie Extension containing state\n", /* 46 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2019-07-24 10:35:33 -07:00
|
|
|
|
#endif /* WOLFSSL_TLS13 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-0 Early data read from client (0-RTT handshake)\n", /* 47 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-3 <grpid> Multicast, grpid < 256\n", /* 48 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-1 <num> Display a result by specified language."
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"\n 0: English, 1: Japanese\n", /* 49 */
|
2019-02-21 10:28:23 -08:00
|
|
|
|
#ifdef HAVE_TRUSTED_CA
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-5 Use Trusted CA Key Indication\n", /* 52 */
|
2019-02-21 10:28:23 -08:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
NULL,
|
|
|
|
|
|
},
|
2018-11-29 07:04:01 +09:00
|
|
|
|
#ifndef NO_MULTIBYTE_PRINT
|
2018-10-20 13:40:01 +09:00
|
|
|
|
/* Japanese */
|
|
|
|
|
|
{
|
2018-10-20 17:15:17 +09:00
|
|
|
|
" 注意 : 全てのファイルは"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
" wolfSSL ホーム・ディレクトリからの相対です。\n", /* 0 */
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-? <num> ヘルプ, 使い方を表示\n"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
" 0: 英語、 1: 日本語\n", /* 1 */
|
|
|
|
|
|
"-p <num> 接続先ポート, 0は無効, 既定値", /* 2 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifndef WOLFSSL_TLS13
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-v <num> SSL バージョン [0-3], SSLv3(0) - TLS1.2(3)),"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
" 既定値", /* 3 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#else
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-v <num> SSL バージョン [0-4], SSLv3(0) - TLS1.3(4)),"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
" 既定値", /* 3 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-l <str> 暗号スイートリスト (区切り文字 :)\n", /* 4 */
|
|
|
|
|
|
"-c <file> 証明書ファイル, 既定値", /* 5 */
|
|
|
|
|
|
"-k <file> 鍵ファイル, 既定値", /* 6 */
|
|
|
|
|
|
"-A <file> 認証局ファイル, 既定値", /* 7 */
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-R <file> 外部モニタ用の準備完了ファイルを作成する。"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"既定値 なし\n", /* 8 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifndef NO_DH
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-D <file> ディフィー・ヘルマンのパラメータファイル,"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
" 既定値", /* 9 */
|
|
|
|
|
|
"-Z <num> 最小 DH 鍵 ビット, 既定値", /* 10 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_ALPN
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-L <str> アプリケーション層プロトコルネゴシエーションを行う"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
" ({C,F}:<list>)\n", /* 11 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-d クライアント認証を無効とする\n", /* 12 */
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-b ローカルホスト以外のインターフェースへも"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"バインドする\n", /* 13 */
|
|
|
|
|
|
"-s 事前共有鍵を使用する\n", /* 14 */
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-u UDP DTLSを使用する。-v 2 を追加指定すると"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
" DTLSv1, -v 3 を追加指定すると DTLSv1.2 (既定値)\n", /* 15 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef WOLFSSL_SCTP
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-G SCTP DTLSを使用する。-v 2 を追加指定すると"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
" DTLSv1, -v 3 を追加指定すると DTLSv1.2 (既定値)\n", /* 16 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-f より少ないパケット/グループメッセージを使用する\n",/* 17 */
|
|
|
|
|
|
"-r クライアントの再開を許可する\n", /* 18 */
|
|
|
|
|
|
"-N ノンブロッキング・ソケットを使用する\n", /* 19 */
|
|
|
|
|
|
"-S <str> ホスト名表示を使用する\n", /* 20 */
|
|
|
|
|
|
"-w 双方向シャットダウンを待つ\n", /* 21 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef HAVE_OCSP
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-o OCSPルックアップをピア証明書で実施する\n", /* 22 */
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-O <url> OCSPルックアップを、"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"<url>を使用し応答者として実施する\n", /* 23 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-P 公開鍵コールバック\n", /* 24 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_ANON
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-a 匿名サーバー\n", /* 25 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifndef NO_PSK
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-I PSKアイデンティティのヒントを送信しない\n", /* 26 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-x サーバーエラーを出力するが接続を切断しない\n", /* 27 */
|
|
|
|
|
|
"-i 無期限にループする(繰り返し接続を許可)\n", /* 28 */
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-e エコー・データモード"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"(受け取ったバイトデータを返す)\n", /* 29 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef HAVE_NTRU
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-n NTRU鍵を使用する(NTRUスイートに必要)\n", /* 30 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-B <num> <num> バイトを用いてのベンチマーク・スループット"
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"測定と結果を出力する\n", /* 31 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef HAVE_CRL
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-V CRLを無効とする\n", /* 32 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-E <file> 信頼出来るピアの証明書ロードの為のパス\n\n", /* 33 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_WNR
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-q <file> Whitewood コンフィグファイル, 既定値", /* 34 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-11-29 06:52:43 +09:00
|
|
|
|
"-g 基本的な Web ページを返す\n", /* 35 */
|
|
|
|
|
|
"-C <num> アクセプト可能な接続数を指定する。既定値: 1\n", /* 36 */
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-H <arg> 内部テスト"
|
2019-08-22 09:33:38 +10:00
|
|
|
|
" [defCipherList, exitWithRet, verifyFail, useSupCurve,\n", /* 37 */
|
|
|
|
|
|
" loadSSL, disallowETM]\n", /* 38 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-U データ送信前に、鍵とIVを更新する\n", /* 39 */
|
|
|
|
|
|
"-K 鍵交換にPSKを使用、(EC)DHEは使用しない\n", /* 40 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifndef NO_DH
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-y FFDHE_2048のみを使用して鍵共有を事前生成する\n", /* 41 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_ECC
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-Y P-256のみを使用したキー共有の事前生成\n", /* 42 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_CURVE25519
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-t Curve25519のみを使用して鍵共有を事前生成する\n", /* 43 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_SESSION_TICKET
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-T セッションチケットを生成しない\n", /* 44 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-Q クライアントのポストハンドシェイクから"
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"証明書を要求する\n", /* 45 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-J サーバーの状態を含むTLS Cookie 拡張を送信する\n", /* 46 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2019-07-24 10:35:33 -07:00
|
|
|
|
#endif /* WOLFSSL_TLS13 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-0 クライアントからの Early Data 読み取り"
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"(0-RTTハンドシェイク)\n", /* 47 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-3 <grpid> マルチキャスト, grpid < 256\n", /* 48 */
|
2018-10-20 13:40:01 +09:00
|
|
|
|
#endif
|
2018-10-20 17:15:17 +09:00
|
|
|
|
"-1 <num> 指定された言語で結果を表示します。"
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"\n 0: 英語、 1: 日本語\n", /* 49 */
|
2019-02-21 10:28:23 -08:00
|
|
|
|
#ifdef HAVE_TRUSTED_CA
|
2019-08-22 09:33:38 +10:00
|
|
|
|
"-5 信頼できる認証局の鍵表示を使用する\n", /* 52 */
|
2019-02-21 10:28:23 -08:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
NULL,
|
|
|
|
|
|
},
|
2018-11-26 08:11:31 +09:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
};
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
static void Usage(void)
|
|
|
|
|
|
{
|
2018-10-20 13:40:01 +09:00
|
|
|
|
int msgId = 0;
|
|
|
|
|
|
const char** msg = server_usage_msg[lng_index];
|
|
|
|
|
|
|
2019-07-24 10:35:33 -07:00
|
|
|
|
printf("%s%s%s", "server ", LIBWOLFSSL_VERSION_STRING,
|
2018-10-20 13:40:01 +09:00
|
|
|
|
msg[msgId]);
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* ? */
|
|
|
|
|
|
printf("%s %d\n", msg[++msgId], wolfSSLPort); /* -p */
|
2017-07-03 18:29:15 +10:00
|
|
|
|
#ifndef WOLFSSL_TLS13
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s %d\n", msg[++msgId], SERVER_DEFAULT_VERSION); /* -v */
|
2017-07-03 18:29:15 +10:00
|
|
|
|
#else
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s %d\n", msg[++msgId], SERVER_DEFAULT_VERSION); /* -v */
|
2017-07-03 18:29:15 +10:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -l */
|
|
|
|
|
|
printf("%s %s\n", msg[++msgId], svrCertFile); /* -c */
|
|
|
|
|
|
printf("%s %s\n", msg[++msgId], svrKeyFile); /* -k */
|
|
|
|
|
|
printf("%s %s\n", msg[++msgId], cliCertFile); /* -A */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -R */
|
2015-05-21 10:11:21 -07:00
|
|
|
|
#ifndef NO_DH
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s %s\n", msg[++msgId], dhParamFile); /* -D */
|
|
|
|
|
|
printf("%s %d\n", msg[++msgId], DEFAULT_MIN_DHKEY_BITS);/* -Z */
|
2015-10-14 20:53:30 +02:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_ALPN
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -L */
|
2015-05-21 10:11:21 -07:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -d */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -b */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -s */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -u */
|
2016-08-25 22:20:35 -07:00
|
|
|
|
#ifdef WOLFSSL_SCTP
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -G */
|
2016-08-25 22:20:35 -07:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -f */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -r */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -N */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -S */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -w */
|
2018-10-02 15:38:45 -07:00
|
|
|
|
#ifdef HAVE_SECURE_RENEGOTIATION
|
|
|
|
|
|
printf("-M Allow Secure Renegotiation\n");
|
|
|
|
|
|
printf("-m Force Server Initiated Secure Renegotiation\n");
|
|
|
|
|
|
#endif /* HAVE_SECURE_RENEGOTIATION */
|
2013-06-20 11:07:54 -07:00
|
|
|
|
#ifdef HAVE_OCSP
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -o */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -O */
|
2013-06-20 11:07:54 -07:00
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -P */
|
2013-08-26 16:27:29 -07:00
|
|
|
|
#endif
|
2014-12-01 11:44:32 -08:00
|
|
|
|
#ifdef HAVE_ANON
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -a */
|
2014-12-01 11:44:32 -08:00
|
|
|
|
#endif
|
2015-07-31 21:51:04 -06:00
|
|
|
|
#ifndef NO_PSK
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -I */
|
2015-07-31 21:51:04 -06:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -x */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -i */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -e */
|
2015-12-22 11:51:26 -07:00
|
|
|
|
#ifdef HAVE_NTRU
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -n */
|
2015-12-22 11:51:26 -07:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -B */
|
2018-04-27 14:43:04 +10:00
|
|
|
|
#ifdef HAVE_CRL
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -V */
|
2018-04-27 14:43:04 +10:00
|
|
|
|
#endif
|
2016-03-01 16:35:32 -07:00
|
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -E */
|
2016-03-01 16:35:32 -07:00
|
|
|
|
#endif
|
2016-05-05 15:31:25 -06:00
|
|
|
|
#ifdef HAVE_WNR
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s %s\n", msg[++msgId], wnrConfig); /* -q */
|
2016-05-05 15:31:25 -06:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -g */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -C */
|
2019-08-22 09:33:38 +10:00
|
|
|
|
printf("%s", msg[++msgId]); /* -H */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* more -H options */
|
2016-11-24 01:31:07 +10:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -U */
|
|
|
|
|
|
printf("%s", msg[++msgId]); /* -K */
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#ifndef NO_DH
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -y */
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_ECC
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -Y */
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_CURVE25519
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -t */
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_SESSION_TICKET
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -T */
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#endif
|
2017-06-08 10:32:51 +10:00
|
|
|
|
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -Q */
|
2017-06-08 10:32:51 +10:00
|
|
|
|
#endif
|
2017-06-27 08:52:53 +10:00
|
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -J */
|
2017-06-27 08:52:53 +10:00
|
|
|
|
#endif
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#endif /* WOLFSSL_TLS13 */
|
2017-06-19 11:37:10 +10:00
|
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -0 */
|
2017-06-19 11:37:10 +10:00
|
|
|
|
#endif
|
2018-12-03 13:53:44 -08:00
|
|
|
|
#if !defined(NO_DH) && !defined(HAVE_FIPS) && \
|
|
|
|
|
|
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_OLD_PRIME_CHECK)
|
|
|
|
|
|
printf("-2 Disable DH Prime check\n");
|
|
|
|
|
|
#endif
|
2018-12-18 11:40:04 -08:00
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
|
printf("-4 <seq> DTLS fake would-block for message seq\n");
|
|
|
|
|
|
#endif
|
2016-12-15 11:43:15 -08:00
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -3 */
|
2016-12-15 11:43:15 -08:00
|
|
|
|
#endif
|
2018-10-20 13:40:01 +09:00
|
|
|
|
printf("%s", msg[++msgId]); /* -1 */
|
2018-09-28 09:05:59 -07:00
|
|
|
|
#ifdef HAVE_TRUSTED_CA
|
2019-02-21 10:28:23 -08:00
|
|
|
|
printf("%s", msg[++msgId]); /* -5 */
|
2018-09-28 09:05:59 -07:00
|
|
|
|
#endif /* HAVE_TRUSTED_CA */
|
2012-07-30 11:58:57 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
2011-02-05 11:14:47 -08:00
|
|
|
|
{
|
2015-10-16 07:46:51 +02:00
|
|
|
|
SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
|
|
|
|
|
|
SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID;
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2016-06-09 11:36:31 -06:00
|
|
|
|
wolfSSL_method_func method = NULL;
|
2011-02-05 11:14:47 -08:00
|
|
|
|
SSL_CTX* ctx = 0;
|
|
|
|
|
|
SSL* ssl = 0;
|
|
|
|
|
|
|
2016-06-13 14:39:41 -07:00
|
|
|
|
#ifndef WOLFSSL_ALT_TEST_STRINGS
|
2015-10-16 07:46:51 +02:00
|
|
|
|
const char msg[] = "I hear you fa shizzle!";
|
2016-06-13 14:39:41 -07:00
|
|
|
|
#else
|
|
|
|
|
|
const char msg[] = "I hear you fa shizzle!\n";
|
|
|
|
|
|
#endif
|
2016-12-22 12:53:29 +10:00
|
|
|
|
int useWebServerMsg = 0;
|
2013-03-29 14:06:36 -07:00
|
|
|
|
char input[80];
|
2012-07-30 11:58:57 -07:00
|
|
|
|
int ch;
|
|
|
|
|
|
int version = SERVER_DEFAULT_VERSION;
|
2018-04-27 14:43:04 +10:00
|
|
|
|
#ifndef WOLFSSL_NO_CLIENT_AUTH
|
2012-07-30 11:58:57 -07:00
|
|
|
|
int doCliCertCheck = 1;
|
2018-04-27 14:43:04 +10:00
|
|
|
|
#else
|
|
|
|
|
|
int doCliCertCheck = 0;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
#ifdef HAVE_CRL
|
|
|
|
|
|
int disableCRL = 0;
|
|
|
|
|
|
#endif
|
2012-07-30 11:58:57 -07:00
|
|
|
|
int useAnyAddr = 0;
|
2015-08-12 16:45:40 +09:00
|
|
|
|
word16 port = wolfSSLPort;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
int usePsk = 0;
|
2016-02-08 14:52:56 -07:00
|
|
|
|
int usePskPlus = 0;
|
2014-12-01 11:44:32 -08:00
|
|
|
|
int useAnon = 0;
|
2012-08-02 11:54:49 -07:00
|
|
|
|
int doDTLS = 0;
|
2016-08-25 22:20:35 -07:00
|
|
|
|
int dtlsUDP = 0;
|
|
|
|
|
|
int dtlsSCTP = 0;
|
2016-12-15 11:43:15 -08:00
|
|
|
|
int doMcast = 0;
|
2018-12-18 11:40:04 -08:00
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
|
int doBlockSeq = 0;
|
|
|
|
|
|
WOLFSSL_TEST_DTLS_CTX dtlsCtx;
|
|
|
|
|
|
#endif
|
2015-03-27 14:28:05 -07:00
|
|
|
|
int needDH = 0;
|
2015-07-11 12:52:22 -06:00
|
|
|
|
int useNtruKey = 0;
|
2013-04-19 13:10:19 -07:00
|
|
|
|
int nonBlocking = 0;
|
|
|
|
|
|
int fewerPackets = 0;
|
2018-03-21 11:27:08 -07:00
|
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2013-08-26 16:27:29 -07:00
|
|
|
|
int pkCallbacks = 0;
|
2018-03-21 11:27:08 -07:00
|
|
|
|
PkCbInfo pkCbInfo;
|
|
|
|
|
|
#endif
|
2015-04-28 12:21:54 -07:00
|
|
|
|
int wc_shutdown = 0;
|
2015-10-16 07:46:51 +02:00
|
|
|
|
int resume = 0;
|
|
|
|
|
|
int resumeCount = 0;
|
2016-12-22 12:53:29 +10:00
|
|
|
|
int loops = 1;
|
2018-04-09 13:53:05 +10:00
|
|
|
|
int cnt = 0;
|
2015-10-16 07:46:51 +02:00
|
|
|
|
int echoData = 0;
|
2018-04-09 13:53:05 +10:00
|
|
|
|
int block = TEST_BUFFER_SIZE;
|
2015-10-16 07:46:51 +02:00
|
|
|
|
int throughput = 0;
|
2016-04-14 13:35:49 -06:00
|
|
|
|
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
|
2016-04-22 12:56:51 -06:00
|
|
|
|
short minRsaKeyBits = DEFAULT_MIN_RSAKEY_BITS;
|
2016-04-20 15:44:45 -06:00
|
|
|
|
short minEccKeyBits = DEFAULT_MIN_ECCKEY_BITS;
|
2015-10-16 07:46:51 +02:00
|
|
|
|
int doListen = 1;
|
2015-11-23 14:15:12 -08:00
|
|
|
|
int crlFlags = 0;
|
2015-02-16 14:23:33 -08:00
|
|
|
|
int ret;
|
2016-03-04 10:05:22 -08:00
|
|
|
|
int err = 0;
|
2015-12-22 14:35:34 -08:00
|
|
|
|
char* serverReadyFile = NULL;
|
2015-10-09 15:18:41 +02:00
|
|
|
|
char* alpnList = NULL;
|
2015-10-13 09:38:40 +02:00
|
|
|
|
unsigned char alpn_opt = 0;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
char* cipherList = NULL;
|
2017-04-04 14:31:47 -07:00
|
|
|
|
int useDefCipherList = 0;
|
2019-09-13 09:23:07 -07:00
|
|
|
|
int overrideDateErrors = 0;
|
2017-04-06 15:54:59 -07:00
|
|
|
|
const char* verifyCert = cliCertFile;
|
|
|
|
|
|
const char* ourCert = svrCertFile;
|
|
|
|
|
|
const char* ourKey = svrKeyFile;
|
|
|
|
|
|
const char* ourDhParam = dhParamFile;
|
2015-12-22 14:35:34 -08:00
|
|
|
|
tcp_ready* readySignal = NULL;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
int argc = ((func_args*)args)->argc;
|
|
|
|
|
|
char** argv = ((func_args*)args)->argv;
|
|
|
|
|
|
|
2016-03-01 16:35:32 -07:00
|
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
|
|
|
|
|
const char* trustCert = NULL;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2015-07-31 21:51:04 -06:00
|
|
|
|
#ifndef NO_PSK
|
2015-08-03 09:32:51 -07:00
|
|
|
|
int sendPskIdentityHint = 1;
|
2015-07-31 21:51:04 -06:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2013-05-21 14:37:50 -07:00
|
|
|
|
#ifdef HAVE_SNI
|
|
|
|
|
|
char* sniHostName = NULL;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2018-09-28 09:05:59 -07:00
|
|
|
|
#ifdef HAVE_TRUSTED_CA
|
|
|
|
|
|
int trustedCaKeyId = 0;
|
|
|
|
|
|
#endif /* HAVE_TRUSTED_CA */
|
|
|
|
|
|
|
2013-06-20 11:07:54 -07:00
|
|
|
|
#ifdef HAVE_OCSP
|
|
|
|
|
|
int useOcsp = 0;
|
|
|
|
|
|
char* ocspUrl = NULL;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-05-05 15:31:25 -06:00
|
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
|
const char* wnrConfigFile = wnrConfig;
|
|
|
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
|
char buffer[WOLFSSL_MAX_ERROR_SZ];
|
2016-11-24 01:31:07 +10:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
|
int noPskDheKe = 0;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
int updateKeysIVs = 0;
|
2017-06-08 10:32:51 +10:00
|
|
|
|
int postHandAuth = 0;
|
2017-06-19 11:37:10 +10:00
|
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
|
|
|
|
|
int earlyData = 0;
|
|
|
|
|
|
#endif
|
2018-10-02 15:38:45 -07:00
|
|
|
|
#ifdef HAVE_SECURE_RENEGOTIATION
|
|
|
|
|
|
int scr = 0;
|
|
|
|
|
|
int forceScr = 0;
|
|
|
|
|
|
#endif /* HAVE_SECURE_RENEGOTIATION */
|
2017-06-27 08:37:55 +10:00
|
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2017-06-23 16:26:54 +10:00
|
|
|
|
int hrrCookie = 0;
|
|
|
|
|
|
#endif
|
2016-12-15 11:43:15 -08:00
|
|
|
|
byte mcastID = 0;
|
2018-11-30 09:19:11 -08:00
|
|
|
|
#if !defined(NO_DH) && !defined(HAVE_FIPS) && \
|
|
|
|
|
|
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_OLD_PRIME_CHECK)
|
|
|
|
|
|
int doDhKeyCheck = 1;
|
|
|
|
|
|
#endif
|
2016-05-05 15:31:25 -06:00
|
|
|
|
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#ifdef WOLFSSL_STATIC_MEMORY
|
2016-06-07 15:39:16 -06:00
|
|
|
|
#if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) \
|
|
|
|
|
|
|| defined(SESSION_CERTS)
|
|
|
|
|
|
/* big enough to handle most cases including session certs */
|
|
|
|
|
|
byte memory[204000];
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#else
|
|
|
|
|
|
byte memory[80000];
|
|
|
|
|
|
#endif
|
2017-10-23 10:50:19 -07:00
|
|
|
|
byte memoryIO[34500]; /* max for IO buffer (TLS packet can be 16k) */
|
2016-06-04 19:03:48 -06:00
|
|
|
|
WOLFSSL_MEM_CONN_STATS ssl_stats;
|
2017-10-23 10:50:19 -07:00
|
|
|
|
#ifdef DEBUG_WOLFSSL
|
|
|
|
|
|
WOLFSSL_MEM_STATS mem_stats;
|
|
|
|
|
|
#endif
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#endif
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
|
int onlyKeyShare = 0;
|
|
|
|
|
|
int noTicket = 0;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
int useX25519 = 0;
|
2018-05-03 10:02:59 -07:00
|
|
|
|
int exitWithRet = 0;
|
2018-10-09 12:54:41 -07:00
|
|
|
|
int loadCertKeyIntoSSLObj = 0;
|
2016-06-04 19:03:48 -06:00
|
|
|
|
|
2019-08-22 09:33:38 +10:00
|
|
|
|
#ifdef HAVE_ENCRYPT_THEN_MAC
|
|
|
|
|
|
int disallowETM = 0;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
|
((func_args*)args)->return_code = -1; /* error state */
|
2012-07-30 11:58:57 -07:00
|
|
|
|
|
2013-03-07 18:20:29 -08:00
|
|
|
|
#ifdef NO_RSA
|
2018-07-23 10:20:18 +10:00
|
|
|
|
#ifdef HAVE_ECC
|
|
|
|
|
|
verifyCert = (char*)cliEccCertFile;
|
|
|
|
|
|
ourCert = (char*)eccCertFile;
|
|
|
|
|
|
ourKey = (char*)eccKeyFile;
|
|
|
|
|
|
#elif defined(HAVE_ED25519)
|
|
|
|
|
|
verifyCert = (char*)cliEdCertFile;
|
|
|
|
|
|
ourCert = (char*)edCertFile;
|
|
|
|
|
|
ourKey = (char*)edKeyFile;
|
|
|
|
|
|
#endif
|
2013-03-07 18:20:29 -08:00
|
|
|
|
#endif
|
2018-03-21 11:27:08 -07:00
|
|
|
|
|
2015-03-27 14:28:05 -07:00
|
|
|
|
(void)needDH;
|
2015-03-27 19:20:31 -07:00
|
|
|
|
(void)ourKey;
|
|
|
|
|
|
(void)ourCert;
|
2015-05-21 10:11:21 -07:00
|
|
|
|
(void)ourDhParam;
|
2015-03-27 19:20:31 -07:00
|
|
|
|
(void)verifyCert;
|
2015-07-11 12:52:22 -06:00
|
|
|
|
(void)useNtruKey;
|
2015-03-27 19:20:31 -07:00
|
|
|
|
(void)doCliCertCheck;
|
2015-05-21 10:11:21 -07:00
|
|
|
|
(void)minDhKeyBits;
|
2016-04-14 13:35:49 -06:00
|
|
|
|
(void)minRsaKeyBits;
|
2016-04-19 15:50:25 -06:00
|
|
|
|
(void)minEccKeyBits;
|
2015-10-09 15:18:41 +02:00
|
|
|
|
(void)alpnList;
|
2015-10-13 09:38:40 +02:00
|
|
|
|
(void)alpn_opt;
|
2015-11-23 14:15:12 -08:00
|
|
|
|
(void)crlFlags;
|
2015-12-22 14:35:34 -08:00
|
|
|
|
(void)readySignal;
|
2016-11-24 01:31:07 +10:00
|
|
|
|
(void)updateKeysIVs;
|
2018-05-17 09:08:03 +10:00
|
|
|
|
(void)postHandAuth;
|
2016-12-15 11:43:15 -08:00
|
|
|
|
(void)mcastID;
|
2018-10-09 12:54:41 -07:00
|
|
|
|
(void)loadCertKeyIntoSSLObj;
|
2019-09-13 09:23:07 -07:00
|
|
|
|
(void)overrideDateErrors;
|
2013-03-07 18:20:29 -08:00
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifdef WOLFSSL_TIRTOS
|
2014-09-08 19:40:03 -07:00
|
|
|
|
fdOpenSession(Task_self());
|
2014-05-08 15:52:20 -07:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2015-11-12 13:33:47 -07:00
|
|
|
|
#ifdef WOLFSSL_VXWORKS
|
|
|
|
|
|
useAnyAddr = 1;
|
|
|
|
|
|
#else
|
2018-10-02 15:38:45 -07:00
|
|
|
|
/* Not Used: h, z, F, T, V, W, X */
|
2019-02-21 13:44:08 +09:00
|
|
|
|
while ((ch = mygetopt(argc, argv, "?:"
|
2018-10-02 15:38:45 -07:00
|
|
|
|
"abc:defgijk:l:mnop:q:rstuv:wxy"
|
|
|
|
|
|
"A:B:C:D:E:GH:IJKL:MNO:PQR:S:TUVYZ:"
|
2018-09-28 09:05:59 -07:00
|
|
|
|
"01:23:4:5")) != -1) {
|
2012-07-30 11:58:57 -07:00
|
|
|
|
switch (ch) {
|
|
|
|
|
|
case '?' :
|
2018-10-20 13:40:01 +09:00
|
|
|
|
if(myoptarg!=NULL) {
|
|
|
|
|
|
lng_index = atoi(myoptarg);
|
|
|
|
|
|
if(lng_index<0||lng_index>1){
|
|
|
|
|
|
lng_index = 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2012-07-30 11:58:57 -07:00
|
|
|
|
Usage();
|
2018-07-27 10:16:14 -07:00
|
|
|
|
XEXIT_T(EXIT_SUCCESS);
|
2012-07-30 11:58:57 -07:00
|
|
|
|
|
2017-06-22 22:19:59 -06:00
|
|
|
|
case 'x' :
|
|
|
|
|
|
runWithErrors = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 'd' :
|
|
|
|
|
|
doCliCertCheck = 0;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2018-04-27 14:43:04 +10:00
|
|
|
|
case 'V' :
|
|
|
|
|
|
#ifdef HAVE_CRL
|
|
|
|
|
|
disableCRL = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 'b' :
|
|
|
|
|
|
useAnyAddr = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 's' :
|
|
|
|
|
|
usePsk = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2016-02-08 14:52:56 -07:00
|
|
|
|
case 'j' :
|
|
|
|
|
|
usePskPlus = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2015-07-11 12:52:22 -06:00
|
|
|
|
case 'n' :
|
|
|
|
|
|
useNtruKey = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2012-08-02 11:54:49 -07:00
|
|
|
|
case 'u' :
|
|
|
|
|
|
doDTLS = 1;
|
2016-08-25 22:20:35 -07:00
|
|
|
|
dtlsUDP = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'G' :
|
|
|
|
|
|
#ifdef WOLFSSL_SCTP
|
|
|
|
|
|
doDTLS = 1;
|
|
|
|
|
|
dtlsSCTP = 1;
|
|
|
|
|
|
#endif
|
2012-08-02 11:54:49 -07:00
|
|
|
|
break;
|
|
|
|
|
|
|
2013-04-19 13:10:19 -07:00
|
|
|
|
case 'f' :
|
|
|
|
|
|
fewerPackets = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2015-04-28 12:21:54 -07:00
|
|
|
|
case 'R' :
|
2015-12-22 14:35:34 -08:00
|
|
|
|
serverReadyFile = myoptarg;
|
2014-11-26 12:13:47 -08:00
|
|
|
|
break;
|
|
|
|
|
|
|
2015-04-28 12:21:54 -07:00
|
|
|
|
case 'r' :
|
|
|
|
|
|
#ifndef NO_SESSION_CACHE
|
|
|
|
|
|
resume = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2013-08-26 16:27:29 -07:00
|
|
|
|
case 'P' :
|
2015-10-16 07:46:51 +02:00
|
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2013-08-26 16:27:29 -07:00
|
|
|
|
pkCallbacks = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 'p' :
|
2014-03-03 16:46:48 -08:00
|
|
|
|
port = (word16)atoi(myoptarg);
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
|
|
|
|
|
|
2015-01-30 08:41:34 -07:00
|
|
|
|
case 'w' :
|
2015-02-18 08:00:25 -07:00
|
|
|
|
wc_shutdown = 1;
|
2015-01-30 08:41:34 -07:00
|
|
|
|
break;
|
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 'v' :
|
2018-02-22 11:05:58 +10:00
|
|
|
|
if (myoptarg[0] == 'd') {
|
|
|
|
|
|
version = SERVER_DOWNGRADE_VERSION;
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2018-10-04 14:48:53 -07:00
|
|
|
|
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
|
|
|
|
|
|
else if (myoptarg[0] == 'e') {
|
|
|
|
|
|
version = EITHER_DOWNGRADE_VERSION;
|
2018-12-27 11:08:30 -08:00
|
|
|
|
#ifndef NO_CERTS
|
2018-10-09 12:54:41 -07:00
|
|
|
|
loadCertKeyIntoSSLObj = 1;
|
2018-12-27 11:08:30 -08:00
|
|
|
|
#endif
|
2018-10-04 14:48:53 -07:00
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
2012-08-01 17:33:49 -07:00
|
|
|
|
version = atoi(myoptarg);
|
2016-11-24 01:31:07 +10:00
|
|
|
|
if (version < 0 || version > 4) {
|
2012-07-30 11:58:57 -07:00
|
|
|
|
Usage();
|
2018-07-27 10:16:14 -07:00
|
|
|
|
XEXIT_T(MY_EX_USAGE);
|
2012-07-30 11:58:57 -07:00
|
|
|
|
}
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'l' :
|
2012-08-01 17:33:49 -07:00
|
|
|
|
cipherList = myoptarg;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
|
|
|
|
|
|
2017-04-05 11:21:11 -07:00
|
|
|
|
case 'H' :
|
2017-10-19 16:17:51 -07:00
|
|
|
|
if (XSTRNCMP(myoptarg, "defCipherList", 13) == 0) {
|
|
|
|
|
|
printf("Using default cipher list for testing\n");
|
|
|
|
|
|
useDefCipherList = 1;
|
|
|
|
|
|
}
|
2018-08-29 10:55:12 -07:00
|
|
|
|
else if (XSTRNCMP(myoptarg, "exitWithRet", 11) == 0) {
|
2018-05-03 09:40:51 -07:00
|
|
|
|
printf("Skip exit() for testing\n");
|
2018-05-03 10:02:59 -07:00
|
|
|
|
exitWithRet = 1;
|
2017-10-19 16:17:51 -07:00
|
|
|
|
}
|
2018-08-29 10:55:12 -07:00
|
|
|
|
else if (XSTRNCMP(myoptarg, "verifyFail", 10) == 0) {
|
|
|
|
|
|
printf("Verify should fail\n");
|
|
|
|
|
|
myVerifyFail = 1;
|
|
|
|
|
|
}
|
2018-10-09 12:54:41 -07:00
|
|
|
|
else if (XSTRNCMP(myoptarg, "loadSSL", 7) == 0) {
|
2019-01-14 09:49:50 -07:00
|
|
|
|
printf("Also load cert/key into wolfSSL object\n");
|
|
|
|
|
|
#ifndef NO_CERTS
|
|
|
|
|
|
loadCertKeyIntoSSLObj = 2;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (XSTRNCMP(myoptarg, "loadSSLOnly", 11) == 0) {
|
|
|
|
|
|
printf("Only load cert/key into wolfSSL object\n");
|
2018-12-27 11:08:30 -08:00
|
|
|
|
#ifndef NO_CERTS
|
2018-10-09 12:54:41 -07:00
|
|
|
|
loadCertKeyIntoSSLObj = 1;
|
2018-12-27 11:08:30 -08:00
|
|
|
|
#endif
|
2018-10-09 12:54:41 -07:00
|
|
|
|
}
|
2019-08-22 09:33:38 +10:00
|
|
|
|
else if (XSTRNCMP(myoptarg, "disallowETM", 11) == 0) {
|
|
|
|
|
|
printf("Disallow Encrypt-Then-MAC\n");
|
|
|
|
|
|
#ifdef HAVE_ENCRYPT_THEN_MAC
|
|
|
|
|
|
disallowETM = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
2019-09-13 09:23:07 -07:00
|
|
|
|
else if (XSTRNCMP(myoptarg, "overrideDateErr", 15) == 0) {
|
2019-09-25 07:17:57 -07:00
|
|
|
|
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
2019-09-13 09:23:07 -07:00
|
|
|
|
overrideDateErrors = 1;
|
2019-09-25 07:17:57 -07:00
|
|
|
|
#endif
|
2019-09-13 09:23:07 -07:00
|
|
|
|
}
|
2017-10-19 16:17:51 -07:00
|
|
|
|
else {
|
|
|
|
|
|
Usage();
|
2018-07-27 10:16:14 -07:00
|
|
|
|
XEXIT_T(MY_EX_USAGE);
|
2017-10-19 16:17:51 -07:00
|
|
|
|
}
|
2017-04-04 14:31:47 -07:00
|
|
|
|
break;
|
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 'A' :
|
2012-08-01 17:33:49 -07:00
|
|
|
|
verifyCert = myoptarg;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'c' :
|
2012-08-01 17:33:49 -07:00
|
|
|
|
ourCert = myoptarg;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'k' :
|
2012-08-01 17:33:49 -07:00
|
|
|
|
ourKey = myoptarg;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
|
|
|
|
|
|
2015-05-21 10:11:21 -07:00
|
|
|
|
case 'D' :
|
|
|
|
|
|
#ifndef NO_DH
|
|
|
|
|
|
ourDhParam = myoptarg;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'Z' :
|
|
|
|
|
|
#ifndef NO_DH
|
|
|
|
|
|
minDhKeyBits = atoi(myoptarg);
|
|
|
|
|
|
if (minDhKeyBits <= 0 || minDhKeyBits > 16000) {
|
|
|
|
|
|
Usage();
|
2018-07-27 10:16:14 -07:00
|
|
|
|
XEXIT_T(MY_EX_USAGE);
|
2015-05-21 10:11:21 -07:00
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2012-10-17 13:13:58 -07:00
|
|
|
|
case 'N':
|
|
|
|
|
|
nonBlocking = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2013-05-21 14:37:50 -07:00
|
|
|
|
case 'S' :
|
|
|
|
|
|
#ifdef HAVE_SNI
|
|
|
|
|
|
sniHostName = myoptarg;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2013-06-20 11:07:54 -07:00
|
|
|
|
case 'o' :
|
|
|
|
|
|
#ifdef HAVE_OCSP
|
|
|
|
|
|
useOcsp = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'O' :
|
|
|
|
|
|
#ifdef HAVE_OCSP
|
|
|
|
|
|
useOcsp = 1;
|
|
|
|
|
|
ocspUrl = myoptarg;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2014-12-01 11:44:32 -08:00
|
|
|
|
case 'a' :
|
|
|
|
|
|
#ifdef HAVE_ANON
|
|
|
|
|
|
useAnon = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
2015-07-31 21:51:04 -06:00
|
|
|
|
case 'I':
|
|
|
|
|
|
#ifndef NO_PSK
|
2015-08-03 09:32:51 -07:00
|
|
|
|
sendPskIdentityHint = 0;
|
2015-07-31 21:51:04 -06:00
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
2014-12-01 11:44:32 -08:00
|
|
|
|
|
2015-10-09 15:18:41 +02:00
|
|
|
|
case 'L' :
|
|
|
|
|
|
#ifdef HAVE_ALPN
|
|
|
|
|
|
alpnList = myoptarg;
|
2015-10-13 09:38:40 +02:00
|
|
|
|
|
|
|
|
|
|
if (alpnList[0] == 'C' && alpnList[1] == ':')
|
|
|
|
|
|
alpn_opt = WOLFSSL_ALPN_CONTINUE_ON_MISMATCH;
|
|
|
|
|
|
else if (alpnList[0] == 'F' && alpnList[1] == ':')
|
|
|
|
|
|
alpn_opt = WOLFSSL_ALPN_FAILED_ON_MISMATCH;
|
|
|
|
|
|
else {
|
|
|
|
|
|
Usage();
|
2018-07-27 10:16:14 -07:00
|
|
|
|
XEXIT_T(MY_EX_USAGE);
|
2015-10-13 09:38:40 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
alpnList += 2;
|
|
|
|
|
|
|
2015-10-09 15:18:41 +02:00
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
2015-10-16 07:46:51 +02:00
|
|
|
|
|
|
|
|
|
|
case 'i' :
|
2016-12-22 12:53:29 +10:00
|
|
|
|
loops = -1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'C' :
|
|
|
|
|
|
loops = atoi(myoptarg);
|
|
|
|
|
|
if (loops <= 0) {
|
|
|
|
|
|
Usage();
|
2018-07-27 10:16:14 -07:00
|
|
|
|
XEXIT_T(MY_EX_USAGE);
|
2016-12-22 12:53:29 +10:00
|
|
|
|
}
|
2015-10-16 07:46:51 +02:00
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'e' :
|
|
|
|
|
|
echoData = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'B':
|
|
|
|
|
|
throughput = atoi(myoptarg);
|
2018-04-09 13:53:05 +10:00
|
|
|
|
for (; *myoptarg != '\0'; myoptarg++) {
|
|
|
|
|
|
if (*myoptarg == ',') {
|
|
|
|
|
|
block = atoi(myoptarg + 1);
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if (throughput <= 0 || block <= 0) {
|
2015-10-16 07:46:51 +02:00
|
|
|
|
Usage();
|
2018-07-27 10:16:14 -07:00
|
|
|
|
XEXIT_T(MY_EX_USAGE);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2016-03-01 16:35:32 -07:00
|
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
|
|
|
|
|
case 'E' :
|
|
|
|
|
|
trustCert = myoptarg;
|
|
|
|
|
|
break;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-05-05 15:31:25 -06:00
|
|
|
|
case 'q' :
|
|
|
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
|
wnrConfigFile = myoptarg;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2016-12-22 12:53:29 +10:00
|
|
|
|
case 'g' :
|
|
|
|
|
|
useWebServerMsg = 1;
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
case 'y' :
|
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && !defined(NO_DH)
|
|
|
|
|
|
onlyKeyShare = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'Y' :
|
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECC)
|
|
|
|
|
|
onlyKeyShare = 2;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 't' :
|
|
|
|
|
|
#ifdef HAVE_CURVE25519
|
|
|
|
|
|
useX25519 = 1;
|
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECC)
|
|
|
|
|
|
onlyKeyShare = 2;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2016-11-24 01:31:07 +10:00
|
|
|
|
case 'K' :
|
|
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
|
noPskDheKe = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
case 'T' :
|
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
|
|
|
|
|
|
noTicket = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2016-11-24 01:31:07 +10:00
|
|
|
|
case 'U' :
|
|
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
|
updateKeysIVs = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2017-06-08 10:32:51 +10:00
|
|
|
|
case 'Q' :
|
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
|
|
|
|
|
postHandAuth = 1;
|
|
|
|
|
|
doCliCertCheck = 0;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2017-06-23 16:26:54 +10:00
|
|
|
|
case 'J' :
|
2017-06-27 08:37:55 +10:00
|
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2017-06-23 16:26:54 +10:00
|
|
|
|
hrrCookie = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2018-10-02 15:38:45 -07:00
|
|
|
|
case 'M' :
|
|
|
|
|
|
#ifdef HAVE_SECURE_RENEGOTIATION
|
|
|
|
|
|
scr = 1;
|
|
|
|
|
|
#endif /* HAVE_SECURE_RENEGOTIATION */
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
case 'm' :
|
|
|
|
|
|
#ifdef HAVE_SECURE_RENEGOTIATION
|
|
|
|
|
|
scr = 1;
|
|
|
|
|
|
forceScr = 1;
|
|
|
|
|
|
#endif /* HAVE_SECURE_RENEGOTIATION */
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2017-06-19 11:37:10 +10:00
|
|
|
|
case '0' :
|
|
|
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
|
|
|
|
|
earlyData = 1;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
2018-12-03 13:53:44 -08:00
|
|
|
|
|
2018-10-20 13:40:01 +09:00
|
|
|
|
case '1' :
|
|
|
|
|
|
lng_index = atoi(myoptarg);
|
|
|
|
|
|
if(lng_index<0||lng_index>1){
|
|
|
|
|
|
lng_index = 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
break;
|
2018-12-03 13:53:44 -08:00
|
|
|
|
|
|
|
|
|
|
case '2' :
|
|
|
|
|
|
#if !defined(NO_DH) && !defined(HAVE_FIPS) && \
|
|
|
|
|
|
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_OLD_PRIME_CHECK)
|
|
|
|
|
|
doDhKeyCheck = 0;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2016-12-15 11:43:15 -08:00
|
|
|
|
case '3' :
|
|
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
|
|
|
|
|
doMcast = 1;
|
|
|
|
|
|
mcastID = (byte)(atoi(myoptarg) & 0xFF);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
2018-12-18 11:40:04 -08:00
|
|
|
|
case '4' :
|
|
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
|
XMEMSET(&dtlsCtx, 0, sizeof(dtlsCtx));
|
|
|
|
|
|
doBlockSeq = 1;
|
|
|
|
|
|
dtlsCtx.blockSeq = atoi(myoptarg);
|
|
|
|
|
|
#endif
|
2019-02-19 10:31:37 -08:00
|
|
|
|
break;
|
2018-09-28 09:05:59 -07:00
|
|
|
|
|
|
|
|
|
|
case '5' :
|
|
|
|
|
|
#ifdef HAVE_TRUSTED_CA
|
|
|
|
|
|
trustedCaKeyId = 1;
|
|
|
|
|
|
#endif /* HAVE_TRUSTED_CA */
|
2018-12-18 11:40:04 -08:00
|
|
|
|
break;
|
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
default:
|
|
|
|
|
|
Usage();
|
2018-07-27 10:16:14 -07:00
|
|
|
|
XEXIT_T(MY_EX_USAGE);
|
2012-07-30 11:58:57 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2012-08-01 17:33:49 -07:00
|
|
|
|
myoptind = 0; /* reset for test cases */
|
2015-10-29 13:39:02 -06:00
|
|
|
|
#endif /* !WOLFSSL_VXWORKS */
|
2012-07-30 11:58:57 -07:00
|
|
|
|
|
2016-08-25 22:20:35 -07:00
|
|
|
|
/* Can only use DTLS over UDP or SCTP, can't do both. */
|
|
|
|
|
|
if (dtlsUDP && dtlsSCTP) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "Cannot use DTLS with both UDP and SCTP.");
|
2016-08-25 22:20:35 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
2013-03-07 22:52:51 -08:00
|
|
|
|
/* sort out DTLS versus TLS versions */
|
|
|
|
|
|
if (version == CLIENT_INVALID_VERSION) {
|
|
|
|
|
|
if (doDTLS)
|
|
|
|
|
|
version = CLIENT_DTLS_DEFAULT_VERSION;
|
|
|
|
|
|
else
|
|
|
|
|
|
version = CLIENT_DEFAULT_VERSION;
|
|
|
|
|
|
}
|
|
|
|
|
|
else {
|
|
|
|
|
|
if (doDTLS) {
|
|
|
|
|
|
if (version == 3)
|
|
|
|
|
|
version = -2;
|
2018-10-09 12:54:41 -07:00
|
|
|
|
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
|
|
|
|
|
|
else if (version == EITHER_DOWNGRADE_VERSION)
|
|
|
|
|
|
version = -3;
|
|
|
|
|
|
#endif
|
2013-03-07 22:52:51 -08:00
|
|
|
|
else
|
|
|
|
|
|
version = -1;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2016-05-05 15:31:25 -06:00
|
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
|
if (wc_InitNetRandom(wnrConfigFile, NULL, 5000) != 0)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "can't load whitewood net random config file");
|
2016-05-05 15:31:25 -06:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
switch (version) {
|
2012-11-26 18:40:43 -08:00
|
|
|
|
#ifndef NO_OLD_TLS
|
2015-08-12 16:39:13 -07:00
|
|
|
|
#ifdef WOLFSSL_ALLOW_SSLV3
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 0:
|
2016-06-09 23:41:51 -06:00
|
|
|
|
method = wolfSSLv3_server_method_ex;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
2015-08-12 16:39:13 -07:00
|
|
|
|
#endif
|
2012-07-30 11:58:57 -07:00
|
|
|
|
|
2013-05-16 09:47:27 -07:00
|
|
|
|
#ifndef NO_TLS
|
2017-11-14 13:55:48 -08:00
|
|
|
|
#ifdef WOLFSSL_ALLOW_TLSV10
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 1:
|
2016-06-09 23:41:51 -06:00
|
|
|
|
method = wolfTLSv1_server_method_ex;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
2017-11-14 13:55:48 -08:00
|
|
|
|
#endif
|
2013-05-16 09:47:27 -07:00
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 2:
|
2016-06-09 23:41:51 -06:00
|
|
|
|
method = wolfTLSv1_1_server_method_ex;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
2017-11-14 13:55:48 -08:00
|
|
|
|
#endif /* !NO_TLS */
|
|
|
|
|
|
#endif /* !NO_OLD_TLS */
|
2012-07-30 11:58:57 -07:00
|
|
|
|
|
2013-05-16 09:47:27 -07:00
|
|
|
|
#ifndef NO_TLS
|
2018-05-17 09:08:03 +10:00
|
|
|
|
#ifndef WOLFSSL_NO_TLS12
|
2012-07-30 11:58:57 -07:00
|
|
|
|
case 3:
|
2016-06-09 23:41:51 -06:00
|
|
|
|
method = wolfTLSv1_2_server_method_ex;
|
2012-07-30 11:58:57 -07:00
|
|
|
|
break;
|
2018-05-17 09:08:03 +10:00
|
|
|
|
#endif
|
2015-07-07 09:55:58 -06:00
|
|
|
|
|
2017-11-14 13:55:48 -08:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
2016-11-24 01:31:07 +10:00
|
|
|
|
case 4:
|
|
|
|
|
|
method = wolfTLSv1_3_server_method_ex;
|
|
|
|
|
|
break;
|
2017-11-14 13:55:48 -08:00
|
|
|
|
#endif
|
2018-02-22 11:05:58 +10:00
|
|
|
|
|
|
|
|
|
|
case SERVER_DOWNGRADE_VERSION:
|
|
|
|
|
|
method = wolfSSLv23_server_method_ex;
|
|
|
|
|
|
break;
|
2018-10-04 14:48:53 -07:00
|
|
|
|
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
|
|
|
|
|
|
case EITHER_DOWNGRADE_VERSION:
|
|
|
|
|
|
method = wolfSSLv23_method_ex;
|
|
|
|
|
|
break;
|
|
|
|
|
|
#endif
|
2017-11-14 13:55:48 -08:00
|
|
|
|
#endif /* NO_TLS */
|
2016-11-24 01:31:07 +10:00
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifdef WOLFSSL_DTLS
|
2015-04-08 13:29:25 -07:00
|
|
|
|
#ifndef NO_OLD_TLS
|
2012-08-02 11:54:49 -07:00
|
|
|
|
case -1:
|
2016-06-09 23:41:51 -06:00
|
|
|
|
method = wolfDTLSv1_server_method_ex;
|
2012-08-02 11:54:49 -07:00
|
|
|
|
break;
|
2015-04-08 13:29:25 -07:00
|
|
|
|
#endif
|
2013-03-07 22:52:51 -08:00
|
|
|
|
|
2018-05-17 09:08:03 +10:00
|
|
|
|
#ifndef WOLFSSL_NO_TLS12
|
2013-03-07 22:52:51 -08:00
|
|
|
|
case -2:
|
2016-06-09 23:41:51 -06:00
|
|
|
|
method = wolfDTLSv1_2_server_method_ex;
|
2013-03-07 22:52:51 -08:00
|
|
|
|
break;
|
2018-05-17 09:08:03 +10:00
|
|
|
|
#endif
|
2018-10-09 12:54:41 -07:00
|
|
|
|
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
|
|
|
|
|
|
case -3:
|
|
|
|
|
|
method = wolfDTLSv1_2_method_ex;
|
|
|
|
|
|
break;
|
|
|
|
|
|
#endif
|
2012-08-02 11:54:49 -07:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2012-07-30 11:58:57 -07:00
|
|
|
|
default:
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "Bad SSL version");
|
2012-07-30 11:58:57 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
2012-07-30 18:15:08 -07:00
|
|
|
|
if (method == NULL)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to get method");
|
2012-07-30 18:15:08 -07:00
|
|
|
|
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#ifdef WOLFSSL_STATIC_MEMORY
|
2016-07-21 12:11:15 -06:00
|
|
|
|
#ifdef DEBUG_WOLFSSL
|
|
|
|
|
|
/* print off helper buffer sizes for use with static memory
|
|
|
|
|
|
* printing to stderr incase of debug mode turned on */
|
|
|
|
|
|
fprintf(stderr, "static memory management size = %d\n",
|
|
|
|
|
|
wolfSSL_MemoryPaddingSz());
|
|
|
|
|
|
fprintf(stderr, "calculated optimum general buffer size = %d\n",
|
|
|
|
|
|
wolfSSL_StaticBufferSz(memory, sizeof(memory), 0));
|
|
|
|
|
|
fprintf(stderr, "calculated optimum IO buffer size = %d\n",
|
|
|
|
|
|
wolfSSL_StaticBufferSz(memoryIO, sizeof(memoryIO),
|
|
|
|
|
|
WOLFMEM_IO_POOL_FIXED));
|
|
|
|
|
|
#endif /* DEBUG_WOLFSSL */
|
|
|
|
|
|
|
2016-06-04 19:03:48 -06:00
|
|
|
|
if (wolfSSL_CTX_load_static_memory(&ctx, method, memory, sizeof(memory),0,1)
|
2017-10-11 09:09:52 -07:00
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to load static memory and create ctx");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
|
|
|
|
|
|
/* load in a buffer for IO */
|
|
|
|
|
|
if (wolfSSL_CTX_load_static_memory(&ctx, NULL, memoryIO, sizeof(memoryIO),
|
|
|
|
|
|
WOLFMEM_IO_POOL_FIXED | WOLFMEM_TRACK_STATS, 1)
|
2017-10-11 09:09:52 -07:00
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to load static memory and create ctx");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#else
|
2016-06-09 23:41:51 -06:00
|
|
|
|
ctx = SSL_CTX_new(method(NULL));
|
2016-08-29 10:38:06 -07:00
|
|
|
|
#endif /* WOLFSSL_STATIC_MEMORY */
|
2012-07-30 18:15:08 -07:00
|
|
|
|
if (ctx == NULL)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to get ctx");
|
2012-07-30 11:58:57 -07:00
|
|
|
|
|
2015-05-15 12:51:44 -07:00
|
|
|
|
#if defined(HAVE_SESSION_TICKET) && defined(HAVE_CHACHA) && \
|
|
|
|
|
|
defined(HAVE_POLY1305)
|
|
|
|
|
|
if (TicketInit() != 0)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to setup Session Ticket Key context");
|
2015-05-15 12:51:44 -07:00
|
|
|
|
wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2017-04-04 14:31:47 -07:00
|
|
|
|
if (cipherList && !useDefCipherList) {
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (SSL_CTX_set_cipher_list(ctx, cipherList) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "server can't set cipher list 1");
|
2017-04-04 14:31:47 -07:00
|
|
|
|
}
|
2012-07-30 11:58:57 -07:00
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifdef WOLFSSL_LEANPSK
|
2016-04-11 11:13:26 -06:00
|
|
|
|
if (!usePsk) {
|
|
|
|
|
|
usePsk = 1;
|
|
|
|
|
|
}
|
2012-10-30 12:51:14 -07:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2018-07-23 10:20:18 +10:00
|
|
|
|
#if defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519)
|
2016-04-11 11:13:26 -06:00
|
|
|
|
if (!usePsk) {
|
|
|
|
|
|
usePsk = 1;
|
|
|
|
|
|
}
|
2013-03-11 13:19:43 -07:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2013-04-19 13:10:19 -07:00
|
|
|
|
if (fewerPackets)
|
2018-02-01 11:02:35 -08:00
|
|
|
|
wolfSSL_CTX_set_group_messages(ctx);
|
2013-04-19 13:10:19 -07:00
|
|
|
|
|
2016-08-25 22:20:35 -07:00
|
|
|
|
#ifdef WOLFSSL_SCTP
|
|
|
|
|
|
if (dtlsSCTP)
|
|
|
|
|
|
wolfSSL_CTX_dtls_set_sctp(ctx);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2018-03-30 15:48:15 -07:00
|
|
|
|
#ifdef WOLFSSL_ENCRYPTED_KEYS
|
2013-12-23 11:19:21 -08:00
|
|
|
|
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-11-23 11:25:01 -08:00
|
|
|
|
#if !defined(NO_CERTS)
|
2019-01-14 09:49:50 -07:00
|
|
|
|
if ((!usePsk || usePskPlus) && !useAnon && !(loadCertKeyIntoSSLObj == 1)) {
|
2018-10-09 12:54:41 -07:00
|
|
|
|
#ifndef TEST_LOAD_BUFFER
|
2015-12-28 19:38:04 -03:00
|
|
|
|
if (SSL_CTX_use_certificate_chain_file(ctx, ourCert)
|
2017-10-11 09:09:52 -07:00
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "can't load server cert file, check file and run from"
|
2015-01-20 12:36:20 -07:00
|
|
|
|
" wolfSSL home dir");
|
2016-11-23 11:25:01 -08:00
|
|
|
|
#else
|
|
|
|
|
|
/* loads cert chain file using buffer API */
|
|
|
|
|
|
load_buffer(ctx, ourCert, WOLFSSL_CERT_CHAIN);
|
|
|
|
|
|
#endif
|
2012-10-29 15:39:42 -07:00
|
|
|
|
}
|
|
|
|
|
|
#endif
|
2012-08-07 17:18:56 -07:00
|
|
|
|
|
2015-05-21 10:11:21 -07:00
|
|
|
|
#ifndef NO_DH
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits) != WOLFSSL_SUCCESS) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "Error setting minimum DH key size");
|
2016-04-14 13:35:49 -06:00
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
#ifndef NO_RSA
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (wolfSSL_CTX_SetMinRsaKey_Sz(ctx, minRsaKeyBits) != WOLFSSL_SUCCESS){
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "Error setting minimum RSA key size");
|
2016-04-14 13:35:49 -06:00
|
|
|
|
}
|
2015-05-21 10:11:21 -07:00
|
|
|
|
#endif
|
2016-04-19 15:50:25 -06:00
|
|
|
|
#ifdef HAVE_ECC
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (wolfSSL_CTX_SetMinEccKey_Sz(ctx, minEccKeyBits) != WOLFSSL_SUCCESS){
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "Error setting minimum ECC key size");
|
2016-04-19 15:50:25 -06:00
|
|
|
|
}
|
|
|
|
|
|
#endif
|
2015-05-21 10:11:21 -07:00
|
|
|
|
|
2015-07-11 12:52:22 -06:00
|
|
|
|
#ifdef HAVE_NTRU
|
|
|
|
|
|
if (useNtruKey) {
|
2018-09-19 14:03:10 -06:00
|
|
|
|
if (wolfSSL_CTX_use_NTRUPrivateKey_file(ctx, ourKey)
|
2017-10-11 09:09:52 -07:00
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "can't load ntru key file, "
|
2015-07-11 12:52:22 -06:00
|
|
|
|
"Please run from wolfSSL home dir");
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
2016-11-23 11:25:01 -08:00
|
|
|
|
#if !defined(NO_CERTS)
|
2018-10-09 12:54:41 -07:00
|
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
|
|
|
|
|
pkCbInfo.ourKey = ourKey;
|
2018-03-21 11:27:08 -07:00
|
|
|
|
#endif
|
2019-01-14 09:49:50 -07:00
|
|
|
|
if (!useNtruKey && (!usePsk || usePskPlus) && !useAnon
|
|
|
|
|
|
&& !(loadCertKeyIntoSSLObj == 1)
|
2018-10-09 12:54:41 -07:00
|
|
|
|
#if defined(HAVE_PK_CALLBACKS) && defined(TEST_PK_PRIVKEY)
|
|
|
|
|
|
&& !pkCallbacks
|
|
|
|
|
|
#endif /* HAVE_PK_CALLBACKS && TEST_PK_PRIVKEY */
|
|
|
|
|
|
) {
|
|
|
|
|
|
#ifndef TEST_LOAD_BUFFER
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, WOLFSSL_FILETYPE_PEM)
|
|
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "can't load server private key file, check file and run "
|
2015-01-20 12:36:20 -07:00
|
|
|
|
"from wolfSSL home dir");
|
2016-11-23 11:25:01 -08:00
|
|
|
|
#else
|
|
|
|
|
|
/* loads private key file using buffer API */
|
|
|
|
|
|
load_buffer(ctx, ourKey, WOLFSSL_KEY);
|
|
|
|
|
|
#endif
|
2012-08-07 17:18:56 -07:00
|
|
|
|
}
|
2012-10-29 15:39:42 -07:00
|
|
|
|
#endif
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2016-02-08 14:52:56 -07:00
|
|
|
|
if (usePsk || usePskPlus) {
|
2012-10-30 12:51:14 -07:00
|
|
|
|
#ifndef NO_PSK
|
2012-07-30 11:58:57 -07:00
|
|
|
|
SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
|
2018-08-14 08:55:57 +10:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
|
wolfSSL_CTX_set_psk_server_tls13_callback(ctx, my_psk_server_tls13_cb);
|
|
|
|
|
|
#endif
|
2015-07-31 21:51:04 -06:00
|
|
|
|
|
2015-08-03 09:32:51 -07:00
|
|
|
|
if (sendPskIdentityHint == 1)
|
2015-07-31 21:51:04 -06:00
|
|
|
|
SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
|
|
|
|
|
|
|
2016-02-08 14:52:56 -07:00
|
|
|
|
if (cipherList == NULL && !usePskPlus) {
|
2012-10-30 12:51:14 -07:00
|
|
|
|
const char *defaultCipherList;
|
2017-06-07 08:29:08 +10:00
|
|
|
|
#if defined(HAVE_AESGCM) && !defined(NO_DH)
|
|
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
|
defaultCipherList = "DHE-PSK-AES128-GCM-SHA256:"
|
|
|
|
|
|
"TLS13-AES128-GCM-SHA256";
|
2012-10-30 12:51:14 -07:00
|
|
|
|
#else
|
2017-06-07 08:29:08 +10:00
|
|
|
|
defaultCipherList = "DHE-PSK-AES128-GCM-SHA256";
|
2012-10-30 12:51:14 -07:00
|
|
|
|
#endif
|
2017-06-07 08:29:08 +10:00
|
|
|
|
needDH = 1;
|
|
|
|
|
|
#elif defined(HAVE_NULL_CIPHER)
|
|
|
|
|
|
defaultCipherList = "PSK-NULL-SHA256";
|
|
|
|
|
|
#else
|
|
|
|
|
|
defaultCipherList = "PSK-AES128-CBC-SHA256";
|
|
|
|
|
|
#endif
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "server can't set cipher list 2");
|
2012-10-30 12:51:14 -07:00
|
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
#endif
|
2012-10-30 12:51:14 -07:00
|
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2018-10-25 09:15:23 -07:00
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_ECC
|
|
|
|
|
|
/* Use ECDHE key size that matches long term key.
|
|
|
|
|
|
* Zero means use ctx->privateKeySz.
|
|
|
|
|
|
* Default ECDHE_SIZE is 32 bytes
|
|
|
|
|
|
*/
|
|
|
|
|
|
if (wolfSSL_CTX_SetTmpEC_DHE_Sz(ctx, 0) != WOLFSSL_SUCCESS){
|
|
|
|
|
|
err_sys_ex(runWithErrors, "Error setting ECDHE size");
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2014-12-01 11:44:32 -08:00
|
|
|
|
if (useAnon) {
|
|
|
|
|
|
#ifdef HAVE_ANON
|
2018-03-06 16:45:44 -08:00
|
|
|
|
wolfSSL_CTX_allow_anon_cipher(ctx);
|
2017-04-05 14:35:33 -07:00
|
|
|
|
if (cipherList == NULL || (cipherList && useDefCipherList)) {
|
2018-04-20 10:35:37 -07:00
|
|
|
|
const char* defaultCipherList;
|
|
|
|
|
|
defaultCipherList = "ADH-AES256-GCM-SHA384:"
|
|
|
|
|
|
"ADH-AES128-SHA";
|
|
|
|
|
|
if (SSL_CTX_set_cipher_list(ctx, defaultCipherList)
|
|
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "server can't set cipher list 4");
|
2014-12-01 11:44:32 -08:00
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2013-03-11 16:07:46 -07:00
|
|
|
|
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
2016-02-08 14:52:56 -07:00
|
|
|
|
/* if not using PSK, verify peer with certs
|
|
|
|
|
|
if using PSK Plus then verify peer certs except PSK suites */
|
|
|
|
|
|
if (doCliCertCheck && (usePsk == 0 || usePskPlus) && useAnon == 0) {
|
2019-09-13 09:23:07 -07:00
|
|
|
|
unsigned int verify_flags = 0;
|
2017-10-11 09:09:52 -07:00
|
|
|
|
SSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER |
|
2017-10-19 16:17:51 -07:00
|
|
|
|
(usePskPlus ? WOLFSSL_VERIFY_FAIL_EXCEPT_PSK :
|
2019-09-13 09:23:07 -07:00
|
|
|
|
WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT),
|
|
|
|
|
|
overrideDateErrors == 1 ? myDateCb : NULL);
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef TEST_BEFORE_DATE
|
|
|
|
|
|
verify_flags |= WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
|
if (wolfSSL_CTX_load_verify_locations_ex(ctx, verifyCert, 0, verify_flags) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from wolfSSL home dir");
|
2016-02-24 15:51:29 -07:00
|
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
2016-03-01 16:35:32 -07:00
|
|
|
|
if (trustCert) {
|
|
|
|
|
|
if ((ret = wolfSSL_CTX_trust_peer_cert(ctx, trustCert,
|
2017-10-11 09:09:52 -07:00
|
|
|
|
WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "can't load trusted peer cert file");
|
2016-03-01 16:35:32 -07:00
|
|
|
|
}
|
2016-02-24 15:51:29 -07:00
|
|
|
|
}
|
|
|
|
|
|
#endif /* WOLFSSL_TRUST_PEER_CERT */
|
2016-02-08 14:52:56 -07:00
|
|
|
|
}
|
2012-10-29 15:39:42 -07:00
|
|
|
|
#endif
|
2012-07-30 11:58:57 -07:00
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#if defined(WOLFSSL_SNIFFER)
|
2012-06-29 10:59:48 -07:00
|
|
|
|
/* don't use EDH, can't sniff tmp keys */
|
2012-08-31 13:28:07 -07:00
|
|
|
|
if (cipherList == NULL) {
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (SSL_CTX_set_cipher_list(ctx, "AES128-SHA") != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "server can't set cipher list 3");
|
2012-08-31 13:28:07 -07:00
|
|
|
|
}
|
2012-06-29 10:59:48 -07:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2013-05-21 14:37:50 -07:00
|
|
|
|
#ifdef HAVE_SNI
|
2013-06-03 10:04:49 -03:00
|
|
|
|
if (sniHostName)
|
2018-03-06 16:45:44 -08:00
|
|
|
|
if (wolfSSL_CTX_UseSNI(ctx, WOLFSSL_SNI_HOST_NAME, sniHostName,
|
2017-11-14 15:05:32 -07:00
|
|
|
|
(word16) XSTRLEN(sniHostName)) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "UseSNI failed");
|
2013-05-21 14:37:50 -07:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-04-01 15:45:53 -07:00
|
|
|
|
#ifdef USE_WINDOWS_API
|
|
|
|
|
|
if (port == 0) {
|
|
|
|
|
|
/* Generate random port for testing */
|
|
|
|
|
|
port = GetRandomPort();
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif /* USE_WINDOWS_API */
|
|
|
|
|
|
|
2016-08-15 13:59:41 -06:00
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
ret = wolfAsync_DevOpen(&devId);
|
2017-04-07 15:46:32 -07:00
|
|
|
|
if (ret < 0) {
|
|
|
|
|
|
printf("Async device open failed\nRunning without async\n");
|
2016-08-15 13:59:41 -06:00
|
|
|
|
}
|
|
|
|
|
|
wolfSSL_CTX_UseAsync(ctx, devId);
|
|
|
|
|
|
#endif /* WOLFSSL_ASYNC_CRYPT */
|
|
|
|
|
|
|
2016-11-24 01:31:07 +10:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
2018-04-13 11:53:42 +10:00
|
|
|
|
if (noPskDheKe)
|
|
|
|
|
|
wolfSSL_CTX_no_dhe_psk(ctx);
|
|
|
|
|
|
if (noTicket)
|
|
|
|
|
|
wolfSSL_CTX_no_ticket_TLSv13(ctx);
|
2016-11-24 01:31:07 +10:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
|
while (1) {
|
|
|
|
|
|
/* allow resume option */
|
2017-04-07 15:46:32 -07:00
|
|
|
|
if (resumeCount > 1) {
|
2016-08-25 22:20:35 -07:00
|
|
|
|
if (dtlsUDP == 0) {
|
2015-10-16 07:46:51 +02:00
|
|
|
|
SOCKADDR_IN_T client;
|
|
|
|
|
|
socklen_t client_len = sizeof(client);
|
|
|
|
|
|
clientfd = accept(sockfd, (struct sockaddr*)&client,
|
|
|
|
|
|
(ACCEPT_THIRD_T)&client_len);
|
2017-04-07 15:46:32 -07:00
|
|
|
|
}
|
|
|
|
|
|
else {
|
2016-08-25 22:20:35 -07:00
|
|
|
|
tcp_listen(&sockfd, &port, useAnyAddr, dtlsUDP, dtlsSCTP);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
clientfd = sockfd;
|
|
|
|
|
|
}
|
2017-04-07 15:46:32 -07:00
|
|
|
|
if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "tcp accept failed");
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
2015-04-28 12:21:54 -07:00
|
|
|
|
}
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
|
|
|
|
|
|
fprintf(stderr, "Before creating SSL\n");
|
|
|
|
|
|
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "ctx not using static memory");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "error printing out memory stats");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#endif
|
2015-04-28 12:21:54 -07:00
|
|
|
|
|
2016-12-15 11:43:15 -08:00
|
|
|
|
if (doMcast) {
|
|
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
|
|
|
|
|
wolfSSL_CTX_mcast_set_member_id(ctx, mcastID);
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (wolfSSL_CTX_set_cipher_list(ctx, "WDM-NULL-SHA256") != WOLFSSL_SUCCESS)
|
2016-12-15 11:43:15 -08:00
|
|
|
|
err_sys("Couldn't set multicast cipher list.");
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-12-18 11:40:04 -08:00
|
|
|
|
if (doDTLS && dtlsUDP) {
|
|
|
|
|
|
#ifdef WOLFSSL_DTLS
|
|
|
|
|
|
if (doBlockSeq) {
|
|
|
|
|
|
wolfSSL_CTX_SetIOSend(ctx, TestEmbedSendTo);
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-03-21 11:27:08 -07:00
|
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
|
|
|
|
|
if (pkCallbacks)
|
|
|
|
|
|
SetupPkCallbacks(ctx);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
|
ssl = SSL_new(ctx);
|
|
|
|
|
|
if (ssl == NULL)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to get SSL");
|
2016-11-11 13:39:36 -07:00
|
|
|
|
#ifdef OPENSSL_EXTRA
|
|
|
|
|
|
wolfSSL_KeepArrays(ssl);
|
|
|
|
|
|
#endif
|
2012-07-30 18:15:08 -07:00
|
|
|
|
|
2018-10-09 12:54:41 -07:00
|
|
|
|
/* Support for loading private key and cert using WOLFSSL object */
|
|
|
|
|
|
#if !defined(NO_CERTS)
|
|
|
|
|
|
if ((!usePsk || usePskPlus) && !useAnon && loadCertKeyIntoSSLObj) {
|
|
|
|
|
|
#ifndef TEST_LOAD_BUFFER
|
|
|
|
|
|
if (SSL_use_certificate_chain_file(ssl, ourCert)
|
|
|
|
|
|
!= WOLFSSL_SUCCESS)
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load server cert file, check file and run from"
|
|
|
|
|
|
" wolfSSL home dir");
|
|
|
|
|
|
#else
|
|
|
|
|
|
/* loads cert chain file using buffer API */
|
|
|
|
|
|
load_ssl_buffer(ssl, ourCert, WOLFSSL_CERT_CHAIN);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!useNtruKey && (!usePsk || usePskPlus) && !useAnon && loadCertKeyIntoSSLObj
|
|
|
|
|
|
#if defined(HAVE_PK_CALLBACKS) && defined(TEST_PK_PRIVKEY)
|
|
|
|
|
|
&& !pkCallbacks
|
|
|
|
|
|
#endif /* HAVE_PK_CALLBACKS && TEST_PK_PRIVKEY */
|
|
|
|
|
|
) {
|
|
|
|
|
|
#ifndef TEST_LOAD_BUFFER
|
|
|
|
|
|
if (SSL_use_PrivateKey_file(ssl, ourKey, WOLFSSL_FILETYPE_PEM)
|
|
|
|
|
|
!= WOLFSSL_SUCCESS)
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load server private key file, check file and run "
|
|
|
|
|
|
"from wolfSSL home dir");
|
|
|
|
|
|
#else
|
|
|
|
|
|
/* loads private key file using buffer API */
|
|
|
|
|
|
load_ssl_buffer(ssl, ourKey, WOLFSSL_KEY);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif /* !NO_CERTS */
|
|
|
|
|
|
|
2017-06-27 08:37:55 +10:00
|
|
|
|
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (hrrCookie && wolfSSL_send_hrr_cookie(ssl, NULL, 0) != WOLFSSL_SUCCESS) {
|
2017-06-23 16:26:54 +10:00
|
|
|
|
err_sys("unable to set use of cookie with HRR msg");
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
|
|
|
|
|
|
fprintf(stderr, "After creating SSL\n");
|
|
|
|
|
|
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "ctx not using static memory");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "error printing out memory stats");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-12-15 11:43:15 -08:00
|
|
|
|
if (doMcast) {
|
|
|
|
|
|
#ifdef WOLFSSL_MULTICAST
|
|
|
|
|
|
byte pms[512];
|
|
|
|
|
|
byte cr[32];
|
|
|
|
|
|
byte sr[32];
|
|
|
|
|
|
const byte suite[2] = {0, 0xfe}; /* WDM_WITH_NULL_SHA256 */
|
|
|
|
|
|
|
|
|
|
|
|
XMEMSET(pms, 0x23, sizeof(pms));
|
|
|
|
|
|
XMEMSET(cr, 0xA5, sizeof(cr));
|
|
|
|
|
|
XMEMSET(sr, 0x5A, sizeof(sr));
|
|
|
|
|
|
|
|
|
|
|
|
if (wolfSSL_set_secret(ssl, 1, pms, sizeof(pms), cr, sr, suite)
|
2017-10-11 09:09:52 -07:00
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2016-12-15 11:43:15 -08:00
|
|
|
|
err_sys("unable to set mcast secret");
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
2018-11-27 17:33:49 -08:00
|
|
|
|
|
2018-10-02 15:38:45 -07:00
|
|
|
|
#ifdef HAVE_SECURE_RENEGOTIATION
|
|
|
|
|
|
if (scr) {
|
|
|
|
|
|
if (wolfSSL_UseSecureRenegotiation(ssl) != WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't enable secure renegotiation");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif /* HAVE_SECURE_RENEGOTIATION */
|
2018-11-27 17:33:49 -08:00
|
|
|
|
|
2015-05-09 11:04:47 -07:00
|
|
|
|
#ifndef NO_HANDSHAKE_DONE_CB
|
2015-10-16 07:46:51 +02:00
|
|
|
|
wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
|
2015-05-09 11:04:47 -07:00
|
|
|
|
#endif
|
2012-05-22 17:25:15 -07:00
|
|
|
|
#ifdef HAVE_CRL
|
2018-04-27 14:43:04 +10:00
|
|
|
|
if (!disableCRL) {
|
2015-11-23 14:15:12 -08:00
|
|
|
|
#ifdef HAVE_CRL_MONITOR
|
2018-02-01 11:02:35 -08:00
|
|
|
|
crlFlags = WOLFSSL_CRL_MONITOR | WOLFSSL_CRL_START_MON;
|
2015-11-23 14:15:12 -08:00
|
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
|
if (wolfSSL_EnableCRL(ssl, 0) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to enable CRL");
|
2018-02-01 11:02:35 -08:00
|
|
|
|
if (wolfSSL_LoadCRL(ssl, crlPemDir, WOLFSSL_FILETYPE_PEM, crlFlags)
|
2017-10-11 09:09:52 -07:00
|
|
|
|
!= WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to load CRL");
|
2018-02-01 11:02:35 -08:00
|
|
|
|
if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != WOLFSSL_SUCCESS)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "unable to set CRL callback url");
|
2018-04-27 14:43:04 +10:00
|
|
|
|
}
|
2012-05-22 17:25:15 -07:00
|
|
|
|
#endif
|
2013-06-20 11:07:54 -07:00
|
|
|
|
#ifdef HAVE_OCSP
|
2015-10-16 07:46:51 +02:00
|
|
|
|
if (useOcsp) {
|
|
|
|
|
|
if (ocspUrl != NULL) {
|
2018-02-01 11:02:35 -08:00
|
|
|
|
wolfSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
|
|
|
|
|
|
wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE
|
|
|
|
|
|
| WOLFSSL_OCSP_URL_OVERRIDE);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
|
|
|
|
|
else
|
2018-02-01 11:02:35 -08:00
|
|
|
|
wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE);
|
2013-12-18 12:34:40 -08:00
|
|
|
|
}
|
2019-03-13 17:54:33 -07:00
|
|
|
|
#ifndef NO_RSA
|
2019-03-20 11:01:24 -07:00
|
|
|
|
/* All the OSCP Stapling test certs are RSA. */
|
2015-12-28 19:38:04 -03:00
|
|
|
|
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
2019-03-20 11:01:24 -07:00
|
|
|
|
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
|
|
|
|
|
if (wolfSSL_CTX_EnableOCSPStapling(ctx) != WOLFSSL_SUCCESS)
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't enable OCSP Stapling Certificate Manager");
|
|
|
|
|
|
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate1-ca-cert.pem", 0) != WOLFSSL_SUCCESS)
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from wolfSSL home dir");
|
|
|
|
|
|
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate2-ca-cert.pem", 0) != WOLFSSL_SUCCESS)
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from wolfSSL home dir");
|
|
|
|
|
|
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate3-ca-cert.pem", 0) != WOLFSSL_SUCCESS)
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from wolfSSL home dir");
|
|
|
|
|
|
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
|
|
|
|
|
|
#endif /* NO_RSA */
|
|
|
|
|
|
#endif /* HAVE_OCSP */
|
2018-03-21 11:27:08 -07:00
|
|
|
|
|
2013-08-26 16:27:29 -07:00
|
|
|
|
#ifdef HAVE_PK_CALLBACKS
|
2015-10-16 07:46:51 +02:00
|
|
|
|
if (pkCallbacks)
|
2018-03-21 11:27:08 -07:00
|
|
|
|
SetupPkCallbackContexts(ssl, &pkCbInfo);
|
2013-08-26 16:27:29 -07:00
|
|
|
|
#endif
|
2013-06-20 11:07:54 -07:00
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
|
if (version >= 4) {
|
|
|
|
|
|
WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_DO);
|
|
|
|
|
|
if (onlyKeyShare == 2) {
|
|
|
|
|
|
if (useX25519 == 1) {
|
|
|
|
|
|
#ifdef HAVE_CURVE25519
|
2018-04-13 11:53:42 +10:00
|
|
|
|
int groups[1] = { WOLFSSL_ECC_X25519 };
|
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519)
|
|
|
|
|
|
!= WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys("unable to use curve x25519");
|
|
|
|
|
|
}
|
2018-04-13 11:53:42 +10:00
|
|
|
|
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys("unable to set groups: x25519");
|
|
|
|
|
|
}
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
#ifdef HAVE_ECC
|
2019-07-24 10:35:33 -07:00
|
|
|
|
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
|
2018-04-13 11:53:42 +10:00
|
|
|
|
int groups[1] = { WOLFSSL_ECC_SECP256R1 };
|
|
|
|
|
|
|
|
|
|
|
|
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP256R1)
|
2018-04-09 13:53:05 +10:00
|
|
|
|
!= WOLFSSL_SUCCESS) {
|
2018-04-13 11:53:42 +10:00
|
|
|
|
err_sys("unable to use curve secp256r1");
|
|
|
|
|
|
}
|
|
|
|
|
|
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys("unable to set groups: secp256r1");
|
|
|
|
|
|
}
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#endif
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (onlyKeyShare == 1) {
|
|
|
|
|
|
#ifdef HAVE_FFDHE_2048
|
2018-04-13 11:53:42 +10:00
|
|
|
|
int groups[1] = { WOLFSSL_FFDHE_2048 };
|
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_FFDHE_2048)
|
|
|
|
|
|
!= WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys("unable to use DH 2048-bit parameters");
|
|
|
|
|
|
}
|
2018-04-13 11:53:42 +10:00
|
|
|
|
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys("unable to set groups: DH 2048-bit");
|
|
|
|
|
|
}
|
2018-04-09 13:53:05 +10:00
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_DO);
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2019-08-22 09:33:38 +10:00
|
|
|
|
#ifdef HAVE_ENCRYPT_THEN_MAC
|
|
|
|
|
|
if (disallowETM)
|
|
|
|
|
|
wolfSSL_AllowEncryptThenMac(ssl, 0);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
|
/* do accept */
|
2015-12-22 14:35:34 -08:00
|
|
|
|
readySignal = ((func_args*)args)->signal;
|
|
|
|
|
|
if (readySignal) {
|
|
|
|
|
|
readySignal->srfName = serverReadyFile;
|
|
|
|
|
|
}
|
2015-04-28 12:21:54 -07:00
|
|
|
|
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr,
|
2016-08-25 22:20:35 -07:00
|
|
|
|
dtlsUDP, dtlsSCTP, serverReadyFile ? 1 : 0, doListen);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
doListen = 0; /* Don't listen next time */
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (SSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "error in setting fd");
|
2016-03-25 13:59:04 -06:00
|
|
|
|
}
|
2015-10-09 15:18:41 +02:00
|
|
|
|
|
2018-09-28 09:05:59 -07:00
|
|
|
|
#ifdef HAVE_TRUSTED_CA
|
|
|
|
|
|
if (trustedCaKeyId) {
|
|
|
|
|
|
if (wolfSSL_UseTrustedCA(ssl, WOLFSSL_TRUSTED_CA_PRE_AGREED,
|
|
|
|
|
|
NULL, 0) != WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys_ex(runWithErrors, "UseTrustedCA failed");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif /* HAVE_TRUSTED_CA */
|
|
|
|
|
|
|
2015-10-09 15:18:41 +02:00
|
|
|
|
#ifdef HAVE_ALPN
|
2015-10-16 07:46:51 +02:00
|
|
|
|
if (alpnList != NULL) {
|
|
|
|
|
|
printf("ALPN accepted protocols list : %s\n", alpnList);
|
|
|
|
|
|
wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt);
|
|
|
|
|
|
}
|
2015-10-09 15:18:41 +02:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2015-09-15 17:23:52 -07:00
|
|
|
|
#ifdef WOLFSSL_DTLS
|
2016-08-25 22:20:35 -07:00
|
|
|
|
if (doDTLS && dtlsUDP) {
|
2015-10-16 07:46:51 +02:00
|
|
|
|
SOCKADDR_IN_T cliaddr;
|
|
|
|
|
|
byte b[1500];
|
|
|
|
|
|
int n;
|
|
|
|
|
|
socklen_t len = sizeof(cliaddr);
|
2015-09-15 17:23:52 -07:00
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
|
/* For DTLS, peek at the next datagram so we can get the client's
|
|
|
|
|
|
* address and set it into the ssl object later to generate the
|
|
|
|
|
|
* cookie. */
|
2018-12-18 11:40:04 -08:00
|
|
|
|
n = (int)recvfrom(clientfd, (char*)b, sizeof(b), MSG_PEEK,
|
2015-10-16 07:46:51 +02:00
|
|
|
|
(struct sockaddr*)&cliaddr, &len);
|
|
|
|
|
|
if (n <= 0)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "recvfrom failed");
|
2015-09-15 17:23:52 -07:00
|
|
|
|
|
2018-12-18 11:40:04 -08:00
|
|
|
|
if (doBlockSeq) {
|
|
|
|
|
|
XMEMCPY(&dtlsCtx.peer.sa, &cliaddr, len);
|
|
|
|
|
|
dtlsCtx.peer.sz = len;
|
|
|
|
|
|
dtlsCtx.wfd = clientfd;
|
|
|
|
|
|
dtlsCtx.failOnce = 1;
|
|
|
|
|
|
|
|
|
|
|
|
wolfSSL_SetIOWriteCtx(ssl, &dtlsCtx);
|
|
|
|
|
|
}
|
|
|
|
|
|
else {
|
|
|
|
|
|
wolfSSL_dtls_set_peer(ssl, &cliaddr, len);
|
|
|
|
|
|
}
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
2015-09-15 17:23:52 -07:00
|
|
|
|
#endif
|
2016-02-08 14:52:56 -07:00
|
|
|
|
if ((usePsk == 0 || usePskPlus) || useAnon == 1 || cipherList != NULL
|
|
|
|
|
|
|| needDH == 1) {
|
2015-10-16 07:46:51 +02:00
|
|
|
|
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
|
2018-02-01 11:02:35 -08:00
|
|
|
|
wolfSSL_SetTmpDH_file(ssl, ourDhParam, WOLFSSL_FILETYPE_PEM);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
#elif !defined(NO_DH)
|
|
|
|
|
|
SetDH(ssl); /* repick suites with DHE, higher priority than PSK */
|
|
|
|
|
|
#endif
|
2018-11-30 09:19:11 -08:00
|
|
|
|
#if !defined(NO_DH) && !defined(WOLFSSL_OLD_PRIME_CHECK) && \
|
|
|
|
|
|
!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
|
2018-11-29 17:01:37 -08:00
|
|
|
|
if (!doDhKeyCheck)
|
|
|
|
|
|
wolfSSL_SetEnableDhKeyTest(ssl, 0);
|
|
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifndef WOLFSSL_CALLBACKS
|
2015-10-16 07:46:51 +02:00
|
|
|
|
if (nonBlocking) {
|
2018-06-06 12:43:15 -07:00
|
|
|
|
#ifdef WOLFSSL_DTLS
|
2018-05-23 16:07:45 -07:00
|
|
|
|
if (doDTLS) {
|
|
|
|
|
|
wolfSSL_dtls_set_using_nonblock(ssl, 1);
|
|
|
|
|
|
}
|
2018-06-06 12:43:15 -07:00
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
|
tcp_set_nonblocking(&clientfd);
|
2016-03-04 10:05:22 -08:00
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifndef WOLFSSL_CALLBACKS
|
2017-04-07 15:46:32 -07:00
|
|
|
|
if (nonBlocking) {
|
2016-03-04 10:05:22 -08:00
|
|
|
|
ret = NonBlockingSSL_Accept(ssl);
|
2017-04-07 15:46:32 -07:00
|
|
|
|
}
|
|
|
|
|
|
else {
|
2017-06-19 11:37:10 +10:00
|
|
|
|
#ifdef WOLFSSL_EARLY_DATA
|
|
|
|
|
|
if (earlyData) {
|
|
|
|
|
|
do {
|
|
|
|
|
|
int len;
|
|
|
|
|
|
err = 0; /* reset error */
|
|
|
|
|
|
ret = wolfSSL_read_early_data(ssl, input, sizeof(input)-1,
|
|
|
|
|
|
&len);
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (ret != WOLFSSL_SUCCESS) {
|
2017-06-19 11:37:10 +10:00
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
if (ret > 0) {
|
|
|
|
|
|
input[ret] = 0; /* null terminate message */
|
|
|
|
|
|
printf("Early Data Client message: %s\n", input);
|
|
|
|
|
|
}
|
|
|
|
|
|
} while (err == WC_PENDING_E || ret > 0);
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
2017-04-07 15:46:32 -07:00
|
|
|
|
do {
|
|
|
|
|
|
err = 0; /* reset error */
|
|
|
|
|
|
ret = SSL_accept(ssl);
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (ret != WOLFSSL_SUCCESS) {
|
2017-04-07 15:46:32 -07:00
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
if (err == WC_PENDING_E) {
|
|
|
|
|
|
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
|
|
|
|
|
|
if (ret < 0) break;
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
}
|
|
|
|
|
|
} while (err == WC_PENDING_E);
|
|
|
|
|
|
}
|
|
|
|
|
|
#else
|
|
|
|
|
|
ret = NonBlockingSSL_Accept(ssl);
|
2016-03-04 10:05:22 -08:00
|
|
|
|
#endif
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (ret != WOLFSSL_SUCCESS) {
|
2016-04-06 11:16:40 -06:00
|
|
|
|
err = SSL_get_error(ssl, 0);
|
2017-04-07 15:46:32 -07:00
|
|
|
|
printf("SSL_accept error %d, %s\n", err,
|
|
|
|
|
|
ERR_error_string(err, buffer));
|
2018-11-06 14:09:46 -07:00
|
|
|
|
if (!exitWithRet) {
|
2018-05-03 10:02:59 -07:00
|
|
|
|
err_sys_ex(runWithErrors, "SSL_accept failed");
|
2018-11-06 14:09:46 -07:00
|
|
|
|
} else {
|
|
|
|
|
|
/* cleanup */
|
|
|
|
|
|
SSL_free(ssl); ssl = NULL;
|
|
|
|
|
|
SSL_CTX_free(ctx); ctx = NULL;
|
|
|
|
|
|
CloseSocket(clientfd);
|
|
|
|
|
|
CloseSocket(sockfd);
|
|
|
|
|
|
((func_args*)args)->return_code = err;
|
|
|
|
|
|
goto exit;
|
|
|
|
|
|
}
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
2016-03-04 10:05:22 -08:00
|
|
|
|
|
2018-10-20 13:40:01 +09:00
|
|
|
|
showPeerEx(ssl, lng_index);
|
2016-11-10 19:34:27 -07:00
|
|
|
|
if (SSL_state(ssl) != 0) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "SSL in error state");
|
2016-11-10 19:34:27 -07:00
|
|
|
|
}
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2016-11-11 13:39:36 -07:00
|
|
|
|
#ifdef OPENSSL_EXTRA
|
|
|
|
|
|
{
|
|
|
|
|
|
byte* rnd;
|
|
|
|
|
|
byte* pt;
|
|
|
|
|
|
size_t size;
|
|
|
|
|
|
|
|
|
|
|
|
/* get size of buffer then print */
|
|
|
|
|
|
size = wolfSSL_get_server_random(NULL, NULL, 0);
|
|
|
|
|
|
if (size == 0) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "error getting server random buffer size");
|
2016-11-11 13:39:36 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
|
|
|
|
|
if (rnd == NULL) {
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "error creating server random buffer");
|
2016-11-11 13:39:36 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
2016-11-18 14:58:51 -07:00
|
|
|
|
size = wolfSSL_get_server_random(ssl, rnd, size);
|
2016-11-11 13:39:36 -07:00
|
|
|
|
if (size == 0) {
|
|
|
|
|
|
XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "error getting server random buffer");
|
2016-11-11 13:39:36 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
printf("Server Random : ");
|
2017-06-22 22:19:59 -06:00
|
|
|
|
pt = rnd;
|
|
|
|
|
|
if (pt != NULL) {
|
|
|
|
|
|
for (pt = rnd; pt < rnd + size; pt++) printf("%02X", *pt);
|
|
|
|
|
|
printf("\n");
|
|
|
|
|
|
} else {
|
|
|
|
|
|
err_sys_ex(runWithErrors, "error: attempted to dereference null "
|
|
|
|
|
|
"pointer");
|
|
|
|
|
|
}
|
2016-11-11 13:39:36 -07:00
|
|
|
|
XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2015-10-09 15:18:41 +02:00
|
|
|
|
#ifdef HAVE_ALPN
|
2015-10-16 07:46:51 +02:00
|
|
|
|
if (alpnList != NULL) {
|
|
|
|
|
|
char *protocol_name = NULL, *list = NULL;
|
|
|
|
|
|
word16 protocol_nameSz = 0, listSz = 0;
|
2015-10-09 15:18:41 +02:00
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
|
err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name, &protocol_nameSz);
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (err == WOLFSSL_SUCCESS)
|
2015-10-16 07:46:51 +02:00
|
|
|
|
printf("Sent ALPN protocol : %s (%d)\n",
|
|
|
|
|
|
protocol_name, protocol_nameSz);
|
2017-10-18 10:38:27 -07:00
|
|
|
|
else if (err == WOLFSSL_ALPN_NOT_FOUND)
|
2015-10-16 07:46:51 +02:00
|
|
|
|
printf("No ALPN response sent (no match)\n");
|
|
|
|
|
|
else
|
|
|
|
|
|
printf("Getting ALPN protocol name failed\n");
|
2015-10-15 14:59:35 +02:00
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
|
err = wolfSSL_ALPN_GetPeerProtocol(ssl, &list, &listSz);
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (err == WOLFSSL_SUCCESS)
|
2015-10-16 07:46:51 +02:00
|
|
|
|
printf("List of protocol names sent by Client: %s (%d)\n",
|
|
|
|
|
|
list, listSz);
|
|
|
|
|
|
else
|
|
|
|
|
|
printf("Get list of client's protocol name failed\n");
|
2015-10-15 14:59:35 +02:00
|
|
|
|
|
2015-10-16 14:05:37 -07:00
|
|
|
|
free(list);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
|
|
|
|
|
#endif
|
2017-06-08 10:32:51 +10:00
|
|
|
|
|
|
|
|
|
|
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
|
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
|
|
|
|
|
if (postHandAuth) {
|
2019-09-13 09:23:07 -07:00
|
|
|
|
unsigned int verify_flags = 0;
|
|
|
|
|
|
|
2018-06-08 17:34:03 +10:00
|
|
|
|
SSL_set_verify(ssl, WOLFSSL_VERIFY_PEER |
|
2018-04-27 14:43:04 +10:00
|
|
|
|
((usePskPlus) ? WOLFSSL_VERIFY_FAIL_EXCEPT_PSK :
|
|
|
|
|
|
WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT), 0);
|
2019-09-13 09:23:07 -07:00
|
|
|
|
|
|
|
|
|
|
#ifdef TEST_BEFORE_DATE
|
|
|
|
|
|
verify_flags |= WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY;
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
|
if (wolfSSL_CTX_load_verify_locations_ex(ctx, verifyCert, 0, verify_flags)
|
2018-04-27 14:43:04 +10:00
|
|
|
|
!= WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load ca file, Please run from "
|
|
|
|
|
|
"wolfSSL home dir");
|
2017-06-08 10:32:51 +10:00
|
|
|
|
}
|
|
|
|
|
|
#ifdef WOLFSSL_TRUST_PEER_CERT
|
|
|
|
|
|
if (trustCert) {
|
2018-06-08 17:34:03 +10:00
|
|
|
|
if ((ret = wolfSSL_trust_peer_cert(ssl, trustCert,
|
2018-04-27 14:43:04 +10:00
|
|
|
|
WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
|
|
|
|
|
|
err_sys_ex(runWithErrors, "can't load trusted peer cert "
|
|
|
|
|
|
"file");
|
2017-06-08 10:32:51 +10:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif /* WOLFSSL_TRUST_PEER_CERT */
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2017-04-07 15:46:32 -07:00
|
|
|
|
if (echoData == 0 && throughput == 0) {
|
2018-04-09 13:53:05 +10:00
|
|
|
|
ServerRead(ssl, input, sizeof(input)-1);
|
|
|
|
|
|
err = SSL_get_error(ssl, 0);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-10-02 15:38:45 -07:00
|
|
|
|
#if defined(HAVE_SECURE_RENEGOTIATION) && \
|
|
|
|
|
|
defined(HAVE_SERVER_RENEGOTIATION_INFO)
|
|
|
|
|
|
if (scr && forceScr) {
|
|
|
|
|
|
if (nonBlocking) {
|
|
|
|
|
|
printf("not doing secure renegotiation on example with"
|
2018-11-27 17:33:49 -08:00
|
|
|
|
" nonblocking yet\n");
|
2018-10-02 15:38:45 -07:00
|
|
|
|
} else {
|
|
|
|
|
|
if (wolfSSL_Rehandshake(ssl) != WOLFSSL_SUCCESS) {
|
2018-11-27 17:33:49 -08:00
|
|
|
|
printf("not doing secure renegotiation\n");
|
2018-11-30 14:14:27 -08:00
|
|
|
|
}
|
|
|
|
|
|
else {
|
|
|
|
|
|
printf("RENEGOTIATION SUCCESSFUL\n");
|
2018-10-02 15:38:45 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
#endif /* HAVE_SECURE_RENEGOTIATION */
|
|
|
|
|
|
|
2019-04-11 11:30:41 -07:00
|
|
|
|
if (err == 0 && echoData == 0 && throughput == 0) {
|
2017-04-07 15:46:32 -07:00
|
|
|
|
const char* write_msg;
|
|
|
|
|
|
int write_msg_sz;
|
|
|
|
|
|
|
2016-11-24 01:31:07 +10:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
|
|
|
|
|
if (updateKeysIVs)
|
|
|
|
|
|
wolfSSL_update_keys(ssl);
|
|
|
|
|
|
#endif
|
2017-06-08 10:32:51 +10:00
|
|
|
|
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
|
|
|
|
|
if (postHandAuth)
|
|
|
|
|
|
wolfSSL_request_certificate(ssl);
|
|
|
|
|
|
#endif
|
2016-11-24 01:31:07 +10:00
|
|
|
|
|
2017-04-07 15:46:32 -07:00
|
|
|
|
/* Write data */
|
2016-12-22 12:53:29 +10:00
|
|
|
|
if (!useWebServerMsg) {
|
2017-04-07 15:46:32 -07:00
|
|
|
|
write_msg = msg;
|
|
|
|
|
|
write_msg_sz = sizeof(msg);
|
2016-12-22 12:53:29 +10:00
|
|
|
|
}
|
|
|
|
|
|
else {
|
2017-04-07 15:46:32 -07:00
|
|
|
|
write_msg = webServerMsg;
|
|
|
|
|
|
write_msg_sz = sizeof(webServerMsg);
|
|
|
|
|
|
}
|
2017-06-08 10:32:51 +10:00
|
|
|
|
ServerWrite(ssl, write_msg, write_msg_sz);
|
2017-04-07 15:46:32 -07:00
|
|
|
|
|
2018-05-17 09:08:03 +10:00
|
|
|
|
#ifdef WOLFSSL_TLS13
|
2018-06-08 17:34:03 +10:00
|
|
|
|
if (updateKeysIVs || postHandAuth)
|
|
|
|
|
|
ServerRead(ssl, input, sizeof(input)-1);
|
2017-06-08 10:32:51 +10:00
|
|
|
|
#endif
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
2019-04-11 11:30:41 -07:00
|
|
|
|
else if (err == 0 || err == WOLFSSL_ERROR_ZERO_RETURN) {
|
2018-04-09 13:53:05 +10:00
|
|
|
|
ServerEchoData(ssl, clientfd, echoData, block, throughput);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
|
|
|
|
|
|
os_dly_wait(500) ;
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#elif defined (WOLFSSL_TIRTOS)
|
2015-10-16 07:46:51 +02:00
|
|
|
|
Task_yield();
|
2015-10-09 15:18:41 +02:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-08-25 22:20:35 -07:00
|
|
|
|
if (dtlsUDP == 0) {
|
2015-10-16 07:46:51 +02:00
|
|
|
|
ret = SSL_shutdown(ssl);
|
2017-10-11 09:09:52 -07:00
|
|
|
|
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE)
|
2015-10-16 07:46:51 +02:00
|
|
|
|
SSL_shutdown(ssl); /* bidirectional shutdown */
|
|
|
|
|
|
}
|
2016-06-04 19:03:48 -06:00
|
|
|
|
/* display collected statistics */
|
|
|
|
|
|
#ifdef WOLFSSL_STATIC_MEMORY
|
|
|
|
|
|
if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "static memory was not used with ssl");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
|
|
|
|
|
|
fprintf(stderr, "\nprint off SSL memory stats\n");
|
2016-06-10 14:13:27 -06:00
|
|
|
|
fprintf(stderr, "*** This is memory state before wolfSSL_free is called\n");
|
2016-06-04 19:03:48 -06:00
|
|
|
|
fprintf(stderr, "peak connection memory = %d\n", ssl_stats.peakMem);
|
|
|
|
|
|
fprintf(stderr, "current memory in use = %d\n", ssl_stats.curMem);
|
|
|
|
|
|
fprintf(stderr, "peak connection allocs = %d\n", ssl_stats.peakAlloc);
|
|
|
|
|
|
fprintf(stderr, "current connection allocs = %d\n",ssl_stats.curAlloc);
|
|
|
|
|
|
fprintf(stderr, "total connection allocs = %d\n",ssl_stats.totalAlloc);
|
|
|
|
|
|
fprintf(stderr, "total connection frees = %d\n\n", ssl_stats.totalFr);
|
|
|
|
|
|
|
|
|
|
|
|
#endif
|
2018-07-27 10:19:04 -07:00
|
|
|
|
SSL_free(ssl); ssl = NULL;
|
2012-12-28 17:54:19 -08:00
|
|
|
|
|
2015-04-28 12:21:54 -07:00
|
|
|
|
CloseSocket(clientfd);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
|
|
|
|
|
|
if (resume == 1 && resumeCount == 0) {
|
|
|
|
|
|
resumeCount++; /* only do one resume for testing */
|
|
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
resumeCount = 0;
|
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
cnt++;
|
2016-12-22 12:53:29 +10:00
|
|
|
|
if (loops > 0 && --loops == 0) {
|
2015-10-16 07:46:51 +02:00
|
|
|
|
break; /* out of while loop, done with normal and resume option */
|
|
|
|
|
|
}
|
|
|
|
|
|
} /* while(1) */
|
|
|
|
|
|
|
2018-04-09 13:53:05 +10:00
|
|
|
|
WOLFSSL_TIME(cnt);
|
2018-04-13 12:13:31 +10:00
|
|
|
|
(void)cnt;
|
2018-04-09 13:53:05 +10:00
|
|
|
|
|
2017-10-17 13:52:05 -07:00
|
|
|
|
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
|
|
|
|
|
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
|
|
|
|
|
wolfSSL_CTX_DisableOCSPStapling(ctx);
|
|
|
|
|
|
#endif
|
2016-06-04 19:03:48 -06:00
|
|
|
|
|
2015-10-16 07:46:51 +02:00
|
|
|
|
CloseSocket(sockfd);
|
2018-07-27 10:19:04 -07:00
|
|
|
|
SSL_CTX_free(ctx); ctx = NULL;
|
2015-04-28 12:21:54 -07:00
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
|
((func_args*)args)->return_code = 0;
|
2013-03-15 13:17:05 -07:00
|
|
|
|
|
2018-05-03 13:39:37 -07:00
|
|
|
|
exit:
|
2014-09-09 10:14:32 -07:00
|
|
|
|
|
2019-02-22 17:14:19 +10:00
|
|
|
|
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \
|
|
|
|
|
|
&& (defined(NO_MAIN_DRIVER) || defined(HAVE_STACK_SIZE))
|
2018-03-06 16:45:44 -08:00
|
|
|
|
wc_ecc_fp_free(); /* free per thread cache */
|
2014-09-09 10:14:32 -07:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifdef WOLFSSL_TIRTOS
|
2014-09-08 19:40:03 -07:00
|
|
|
|
fdCloseSession(Task_self());
|
2014-05-08 15:52:20 -07:00
|
|
|
|
#endif
|
|
|
|
|
|
|
2015-05-15 15:30:29 -07:00
|
|
|
|
#if defined(HAVE_SESSION_TICKET) && defined(HAVE_CHACHA) && \
|
|
|
|
|
|
defined(HAVE_POLY1305)
|
|
|
|
|
|
TicketCleanup();
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-08-15 13:59:41 -06:00
|
|
|
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
|
|
|
|
wolfAsync_DevClose(&devId);
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2016-04-11 13:39:44 -06:00
|
|
|
|
/* There are use cases when these assignments are not read. To avoid
|
|
|
|
|
|
* potential confusion those warnings have been handled here.
|
|
|
|
|
|
*/
|
|
|
|
|
|
(void) ourKey;
|
|
|
|
|
|
(void) verifyCert;
|
|
|
|
|
|
(void) doCliCertCheck;
|
|
|
|
|
|
(void) useNtruKey;
|
|
|
|
|
|
(void) ourDhParam;
|
|
|
|
|
|
(void) ourCert;
|
2018-11-07 14:50:07 -07:00
|
|
|
|
(void) useX25519;
|
2018-12-19 15:47:43 -07:00
|
|
|
|
#ifdef HAVE_SECURE_RENEGOTIATION
|
|
|
|
|
|
(void) forceScr;
|
|
|
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
|
#ifndef WOLFSSL_TIRTOS
|
2011-02-05 11:14:47 -08:00
|
|
|
|
return 0;
|
2014-05-08 15:52:20 -07:00
|
|
|
|
#endif
|
2011-02-05 11:14:47 -08:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-06-26 23:05:32 -07:00
|
|
|
|
#endif /* !NO_WOLFSSL_SERVER */
|
|
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
|
|
|
|
|
/* so overall tests can pull in test function */
|
|
|
|
|
|
#ifndef NO_MAIN_DRIVER
|
|
|
|
|
|
|
|
|
|
|
|
int main(int argc, char** argv)
|
|
|
|
|
|
{
|
|
|
|
|
|
func_args args;
|
2015-12-22 14:35:34 -08:00
|
|
|
|
tcp_ready ready;
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2013-02-01 12:21:38 -08:00
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
|
StartTCP();
|
|
|
|
|
|
|
|
|
|
|
|
args.argc = argc;
|
|
|
|
|
|
args.argv = argv;
|
2015-12-22 14:35:34 -08:00
|
|
|
|
args.signal = &ready;
|
2018-06-13 11:42:16 +10:00
|
|
|
|
args.return_code = 0;
|
2015-12-22 14:35:34 -08:00
|
|
|
|
InitTcpReady(&ready);
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2018-06-06 13:14:06 -07:00
|
|
|
|
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL)
|
2018-02-01 11:02:35 -08:00
|
|
|
|
wolfSSL_Debugging_ON();
|
2011-02-05 11:14:47 -08:00
|
|
|
|
#endif
|
2018-02-01 11:02:35 -08:00
|
|
|
|
wolfSSL_Init();
|
2015-10-28 23:54:08 -07:00
|
|
|
|
ChangeToWolfRoot();
|
2015-10-16 07:46:51 +02:00
|
|
|
|
|
2017-06-26 23:05:32 -07:00
|
|
|
|
#ifndef NO_WOLFSSL_SERVER
|
2013-03-28 11:28:38 -07:00
|
|
|
|
#ifdef HAVE_STACK_SIZE
|
|
|
|
|
|
StackSizeCheck(&args, server_test);
|
2015-10-16 07:46:51 +02:00
|
|
|
|
#else
|
2011-02-05 11:14:47 -08:00
|
|
|
|
server_test(&args);
|
2013-03-28 11:28:38 -07:00
|
|
|
|
#endif
|
2017-06-26 23:05:32 -07:00
|
|
|
|
#else
|
|
|
|
|
|
printf("Server not compiled in!\n");
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
2018-02-01 11:02:35 -08:00
|
|
|
|
wolfSSL_Cleanup();
|
2015-12-22 14:35:34 -08:00
|
|
|
|
FreeTcpReady(&ready);
|
2011-02-05 11:14:47 -08:00
|
|
|
|
|
2016-05-05 15:31:25 -06:00
|
|
|
|
#ifdef HAVE_WNR
|
|
|
|
|
|
if (wc_FreeNetRandom() < 0)
|
2017-06-22 22:19:59 -06:00
|
|
|
|
err_sys_ex(runWithErrors, "Failed to free netRandom context");
|
2016-05-05 15:31:25 -06:00
|
|
|
|
#endif /* HAVE_WNR */
|
|
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
|
return args.return_code;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2012-08-01 17:33:49 -07:00
|
|
|
|
int myoptind = 0;
|
|
|
|
|
|
char* myoptarg = NULL;
|
|
|
|
|
|
|
2011-02-05 11:14:47 -08:00
|
|
|
|
#endif /* NO_MAIN_DRIVER */
|
