wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Passing scr-app-data in to -i to client sends a message during SCR

Browse Source 
Modify mygetopt so that if an argument expects a value and that value is the next argument then myoptarg is set to a NULL pointer.
This commit is contained in:
Juliusz Sosinowicz
2020-09-30 13:46:23 +02:00
parent 84f0fc56ef
commit a7fdfbaf40
4 changed files with 140 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
examples/client/client.c
View File

@ -999,7 +999,11 @@ static const char* client_usage_msg[][59] = {
"-M <prot> Use STARTTLS, using <prot> protocol (smtp)\n", /* 27 */
#ifdef HAVE_SECURE_RENEGOTIATION
"-R Allow Secure Renegotiation\n", /* 28 */
"-i Force client Initiated Secure Renegotiation\n", /* 29 */
"-i <str> Force client Initiated Secure Renegotiation. If the\n"
" string 'scr-app-data' is passed in as the value and\n"
" Non-blocking sockets are enabled ('-N') then wolfSSL\n"
" sends a test message during the secure renegotiation.\n"
" The string parameter is optional.\n", /* 29 */
#endif
"-f Fewer packets/group messages\n", /* 30 */
"-x Disable client cert/key loading\n", /* 31 */
@ -1160,7 +1164,7 @@ static const char* client_usage_msg[][59] = {
"使用する\n", /* 27 */
#ifdef HAVE_SECURE_RENEGOTIATION
"-R セキュアな再ネゴシエーションを許可する\n", /* 28 */
"-i クライアント主導のネゴシエーションを強制する\n", /* 29 */
"-i <str> クライアント主導のネゴシエーションを強制する\n", /* 29 */
#endif
"-f より少ないパケット/グループメッセージを使用する\n",/* 30 */
"-x クライアントの証明書/鍵のロードを無効する\n", /* 31 */
@ -1461,6 +1465,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
int err = 0;
int scr = 0; /* allow secure renegotiation */
int forceScr = 0; /* force client initiated scr */
int scrAppData = 0;
int resumeScr = 0; /* use resumption for renegotiation */
#ifndef WOLFSSL_NO_CLIENT_AUTH
int useClientCert = 1;
@ -1597,6 +1602,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
(void)atomicUser;
(void)scr;
(void)forceScr;
(void)scrAppData;
(void)resumeScr;
(void)ourKey;
(void)ourCert;
@ -1623,7 +1629,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef WOLFSSL_VXWORKS
/* Not used: All used */
while ((ch = mygetopt(argc, argv, "?:"
"ab:c:defgh:ijk:l:mnop:q:rstuv:wxyz"
"ab:c:defgh:i;jk:l:mnop:q:rstuv:wxyz"
"A:B:CDE:F:GH:IJKL:M:NO:PQRS:TUVW:XYZ:"
"01:23:458")) != -1) {
switch (ch) {
@ -1862,6 +1868,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef HAVE_SECURE_RENEGOTIATION
scr = 1;
forceScr = 1;
if (XSTRNCMP(myoptarg, "scr-app-data", 12) == 0) {
scrAppData = 1;
}
#endif
break;
@ -3095,10 +3104,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
err = wolfSSL_get_error(ssl, 0);
if (err == WOLFSSL_ERROR_WANT_READ ||
err == WOLFSSL_ERROR_WANT_WRITE) {
ret = ClientWrite(ssl,
"msg sent during renegotiation",
sizeof("msg sent during renegotiation") - 1,
"", 1);
if (scrAppData) {
ret = ClientWrite(ssl,
"msg sent during renegotiation",
sizeof("msg sent during renegotiation") - 1,
"", 1);
}
else {
ret = 0;
}
if (ret != 0) {
ret = WOLFSSL_FAILURE;
}
@ -3110,7 +3124,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
err_sys("APP DATA should be present "
"but error returned");
}
printf("Received message: %s\n", reply);
printf("Received message during "
"renegotiation: %s\n", reply);
}
err = 0;
if ((ret = wolfSSL_connect(ssl))

21
examples/server/server.c
View File

@ -470,16 +470,23 @@ static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
err = 0; /* reset error */
ret = SSL_read(ssl, input, inputLen);
if (ret < 0) {
err = SSL_get_error(ssl, 0);
err = SSL_get_error(ssl, ret);
#ifdef HAVE_SECURE_RENEGOTIATION
if (err == APP_DATA_READY) {
/* If we receive a message during renegotiation
* then just print it. We return the message sent
* after the renegotiation. */
ret = SSL_read(ssl, input, inputLen);
if (ret >= 0) {
/* null terminate message */
input[ret] = '\0';
printf("Client message: %s\n", input);
return;
printf("Client message received during "
"secure renegotiation: %s\n", input);
err = WOLFSSL_ERROR_WANT_READ;
}
else {
err = SSL_get_error(ssl, ret);
}
}
#endif
@ -2442,14 +2449,6 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
if (echoData == 0 && throughput == 0) {
ServerRead(ssl, input, sizeof(input)-1);
err = SSL_get_error(ssl, 0);
#ifdef HAVE_SECURE_RENEGOTIATION
if (err == APP_DATA_READY) {
/* Data was sent during SCR so let's get the message
* after the SCR as well */
ServerRead(ssl, input, sizeof(input)-1);
err = SSL_get_error(ssl, 0);
}
#endif
}
#if defined(HAVE_SECURE_RENEGOTIATION) && \

81
tests/test-dtls-reneg-client.conf
View File

@ -4,6 +4,87 @@
-v 3
-l DHE-RSA-CHACHA20-POLY1305
# client DTLSv1.2 DHE-RSA-CHACHA20-POLY1305
-i scr-app-data
-u
-v 3
-l DHE-RSA-CHACHA20-POLY1305
# server DTLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
-M
-u
-v 3
-l ECDHE-RSA-CHACHA20-POLY1305
# client DTLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
-i scr-app-data
-u
-v 3
-l ECDHE-RSA-CHACHA20-POLY1305
# server DTLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305
-M
-u
-v 3
-l ECDHE-ECDSA-CHACHA20-POLY1305
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
-i scr-app-data
-u
-v 3
-l ECDHE-ECDSA-CHACHA20-POLY1305
-A ./certs/ca-ecc-cert.pem
# server TLSv1.2 DHE-PSK-CHACHA20-POLY1305
-M
-u
-v 3
-s
-l DHE-PSK-CHACHA20-POLY1305
# client TLSv1.2 DHE-PSK-CHACHA20-POLY1305
-i scr-app-data
-u
-v 3
-s
-l DHE-PSK-CHACHA20-POLY1305
# server TLSv1.2 ECDHE-PSK-CHACHA20-POLY1305
-M
-u
-v 3
-s
-l ECDHE-PSK-CHACHA20-POLY1305
# client TLSv1.2 ECDHE-PSK-CHACHA20-POLY1305
-i scr-app-data
-u
-v 3
-s
-l ECDHE-PSK-CHACHA20-POLY1305
# server TLSv1.2 PSK-CHACHA20-POLY1305
-M
-u
-v 3
-s
-l PSK-CHACHA20-POLY1305
# client TLSv1.2 PSK-CHACHA20-POLY1305
-i scr-app-data
-u
-v 3
-s
-l PSK-CHACHA20-POLY1305
# server DTLSv1.2 DHE-RSA-CHACHA20-POLY1305
-M
-u
-v 3
-l DHE-RSA-CHACHA20-POLY1305
# client DTLSv1.2 DHE-RSA-CHACHA20-POLY1305
-i
-u

27
wolfssl/test.h
View File

@ -505,6 +505,17 @@ err_sys(const char* msg)
extern int myoptind;
extern char* myoptarg;
/**
*
* @param argc Number of argv strings
* @param argv Array of string arguments
* @param optstring String containing the supported alphanumeric arguments.
* A ':' following a character means that it requires a
* value in myoptarg to be set. A ';' means that the
* myoptarg is optional. myoptarg is set to "" if not
* present.
* @return Option letter in argument
*/
static WC_INLINE int mygetopt(int argc, char** argv, const char* optstring)
{
static char* next = NULL;
@ -554,7 +565,7 @@ static WC_INLINE int mygetopt(int argc, char** argv, const char* optstring)
/* The C++ strchr can return a different value */
cp = (char*)strchr(optstring, c);
if (cp == NULL || c == ':')
if (cp == NULL || c == ':' || 'c' == ';')
return '?';
cp++;
@ -571,6 +582,20 @@ static WC_INLINE int mygetopt(int argc, char** argv, const char* optstring)
else
return '?';
}
else if (*cp == ';') {
myoptarg = (char*)"";
if (*next != '\0') {
myoptarg = next;
next = NULL;
}
else if (myoptind < argc) {
/* Check if next argument is not a parameter argument */
if (argv[myoptind] && argv[myoptind][0] != '-') {
myoptarg = argv[myoptind];
myoptind++;
}
}
}
return c;
}