From fdab3943be210994e3f5a77f22e3a7c2fa7ec8c0 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 14 Oct 2015 19:13:45 -0700 Subject: [PATCH] Added throughput benchmarking for client/server examples and added helper script "scripts/benchmark.test". Added example client option: "-B " Benchmarking throughput. Added example server options: "-B " Benchmark throughput, "-e" Echo data, "-i" Loop / Accept multiple connections. Cleanup of the include.am for examples. Cleanup of tcp_connect with DTLS enabled. Cleanup of the valid socket checking. Cleanup trailing whitespace. --- Makefile.am | 5 +- examples/client/client.c | 281 ++++++++++++++++------- examples/client/client.h | 8 + examples/echoclient/echoclient.c | 11 +- examples/echoserver/echoserver.c | 2 +- examples/include.am | 7 + examples/server/server.c | 369 +++++++++++++++++++------------ examples/server/server.h | 4 + scripts/benchmark.test | 115 ++++++++++ scripts/include.am | 1 + tests/api.c | 10 +- wolfssl/test.h | 215 ++++++++++-------- 12 files changed, 700 insertions(+), 328 deletions(-) create mode 100644 examples/include.am create mode 100755 scripts/benchmark.test diff --git a/Makefile.am b/Makefile.am index f3ad8ecd5..6f0457615 100644 --- a/Makefile.am +++ b/Makefile.am @@ -72,10 +72,7 @@ include support/include.am include wolfcrypt/benchmark/include.am include wolfcrypt/src/include.am include wolfcrypt/test/include.am -include examples/client/include.am -include examples/server/include.am -include examples/echoclient/include.am -include examples/echoserver/include.am +include examples/include.am include testsuite/include.am include tests/include.am include sslSniffer/sslSnifferTest/include.am diff --git a/examples/client/client.c b/examples/client/client.c index fbb9cb979..b105d7822 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -31,8 +31,8 @@ #if defined(WOLFSSL_MDK5) #include "cmsis_os.h" - #include "rl_fs.h" - #include "rl_net.h" + #include "rl_fs.h" + #include "rl_net.h" #else #include "rtl.h" #endif @@ -127,6 +127,165 @@ static void ShowCiphers(void) printf("%s\n", ciphers); } +int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, + int doDTLS, int benchmark, int resumeSession) +{ + /* time passed in number of connects give average */ + int times = benchmark; + int loops = resumeSession ? 2 : 1; + int i = 0; + WOLFSSL_SESSION* benchSession = NULL; + + while (loops--) { + int benchResume = resumeSession && loops == 0; + double start = current_time(), avg; + + for (i = 0; i < times; i++) { + SOCKET_T sockfd; + WOLFSSL* ssl = wolfSSL_new(ctx); + + tcp_connect(&sockfd, host, port, doDTLS, ssl); + + if (benchResume) + wolfSSL_set_session(ssl, benchSession); + wolfSSL_set_fd(ssl, sockfd); + if (wolfSSL_connect(ssl) != SSL_SUCCESS) + err_sys("SSL_connect failed"); + + wolfSSL_shutdown(ssl); + if (i == (times-1) && resumeSession) { + benchSession = wolfSSL_get_session(ssl); + } + wolfSSL_free(ssl); + CloseSocket(sockfd); + } + avg = current_time() - start; + avg /= times; + avg *= 1000; /* milliseconds */ + if (benchResume) + printf("wolfSSL_resume avg took: %8.3f milliseconds\n", avg); + else + printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg); + } + + return EXIT_SUCCESS; +} + +int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, + int doDTLS, int throughput) +{ + double start, conn_time = 0, tx_time = 0, rx_time = 0; + SOCKET_T sockfd; + WOLFSSL* ssl; + int ret; + + start = current_time(); + ssl = wolfSSL_new(ctx); + tcp_connect(&sockfd, host, port, doDTLS, ssl); + wolfSSL_set_fd(ssl, sockfd); + if (wolfSSL_connect(ssl) == SSL_SUCCESS) { + /* Perform throughput test */ + char *tx_buffer, *rx_buffer; + + /* Record connection time */ + conn_time = current_time() - start; + + /* Allocate TX/RX buffers */ + tx_buffer = (char*)XMALLOC(TEST_BUFFER_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + rx_buffer = (char*)XMALLOC(TEST_BUFFER_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if(tx_buffer && rx_buffer) { + WC_RNG rng; + + /* Startup the RNG */ + ret = wc_InitRng(&rng); + if(ret == 0) { + int xfer_bytes; + + /* Generate random data to send */ + ret = wc_RNG_GenerateBlock(&rng, (byte*)tx_buffer, TEST_BUFFER_SIZE); + wc_FreeRng(&rng); + if(ret != 0) { + err_sys("wc_RNG_GenerateBlock failed"); + } + + /* Perform TX and RX of bytes */ + xfer_bytes = 0; + while(throughput > xfer_bytes) { + int len, rx_pos; + + /* Determine packet size */ + len = min(TEST_BUFFER_SIZE, throughput - xfer_bytes); + + /* Perform TX */ + start = current_time(); + if (wolfSSL_write(ssl, tx_buffer, len) != len) { + int writeErr = wolfSSL_get_error(ssl, 0); + printf("wolfSSL_write error %d!\n", writeErr); + err_sys("wolfSSL_write failed"); + } + tx_time += current_time() - start; + + /* Perform RX */ + int select_ret = tcp_select(sockfd, 1); /* Timeout=1 second */ + if (select_ret == TEST_RECV_READY) { + start = current_time(); + rx_pos = 0; + while(rx_pos < len) { + ret = wolfSSL_read(ssl, &rx_buffer[rx_pos], len - rx_pos); + if(ret <= 0) { + int readErr = wolfSSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) { + printf("wolfSSL_read error %d!\n", readErr); + err_sys("wolfSSL_read failed"); + } + } + else { + rx_pos += ret; + } + } + rx_time += current_time() - start; + } + + /* Compare TX and RX buffers */ + if(XMEMCMP(tx_buffer, rx_buffer, len) != 0) { + err_sys("Compare TX and RX buffers failed"); + } + + /* Update overall position */ + xfer_bytes += len; + } + } + else { + err_sys("wc_InitRng failed"); + } + } + else { + err_sys("Buffer alloc failed"); + } + if(tx_buffer) XFREE(tx_buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if(rx_buffer) XFREE(rx_buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); + } + else { + err_sys("wolfSSL_connect failed"); + } + + wolfSSL_shutdown(ssl); + wolfSSL_free(ssl); + CloseSocket(sockfd); + + printf("wolfSSL Client Benchmark %d bytes\n" + "\tConnect %8.3f ms\n" + "\tTX %8.3f ms (%8.3f MBps)\n" + "\tRX %8.3f ms (%8.3f MBps)\n", + throughput, + conn_time * 1000, + tx_time * 1000, throughput / tx_time / 1024 / 1024, + rx_time * 1000, throughput / rx_time / 1024 / 1024 + ); + + return EXIT_SUCCESS; +} + static void Usage(void) { @@ -137,7 +296,7 @@ static void Usage(void) printf("-p Port to connect on, not 0, default %d\n", wolfSSLPort); printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", CLIENT_DEFAULT_VERSION); - printf("-l Cipher list\n"); + printf("-l Cipher suite list (: delimited)\n"); printf("-c Certificate file, default %s\n", cliCert); printf("-k Key file, default %s\n", cliKey); printf("-A Certificate Authority file, default %s\n", caCert); @@ -149,6 +308,7 @@ static void Usage(void) #ifdef HAVE_ALPN printf("-L Application-Layer Protocole Name ({C,F}:)\n"); #endif + printf("-B Benchmark throughput using bytes and print stats\n"); printf("-s Use pre Shared keys\n"); printf("-t Track wolfSSL memory use\n"); printf("-d Disable peer checks\n"); @@ -156,7 +316,7 @@ static void Usage(void) printf("-e List Every cipher suite available, \n"); printf("-g Send server HTTP GET\n"); printf("-u Use UDP DTLS," - " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); + " add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n"); printf("-m Match domain name in cert\n"); printf("-N Use Non-blocking sockets\n"); printf("-r Resume session\n"); @@ -187,7 +347,7 @@ static void Usage(void) #ifdef ATOMIC_USER printf("-U Atomic User Record Layer Callbacks\n"); #endif -#ifdef HAVE_PK_CALLBACKS +#ifdef HAVE_PK_CALLBACKS printf("-P Public Key Callbacks\n"); #endif #ifdef HAVE_ANON @@ -200,12 +360,12 @@ static void Usage(void) THREAD_RETURN WOLFSSL_THREAD client_test(void* args) { - SOCKET_T sockfd = 0; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; WOLFSSL_METHOD* method = 0; WOLFSSL_CTX* ctx = 0; WOLFSSL* ssl = 0; - + WOLFSSL* sslResume = 0; WOLFSSL_SESSION* session = 0; char resumeMsg[] = "resuming wolfssl!"; @@ -228,6 +388,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) int useAnon = 0; int sendGET = 0; int benchmark = 0; + int throughput = 0; int doDTLS = 0; int matchName = 0; int doPeerCheck = 1; @@ -300,7 +461,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) StackTrap(); while ((ch = mygetopt(argc, argv, - "?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:an:")) + "?gdeDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:an:B:")) != -1) { switch (ch) { case '?' : @@ -366,7 +527,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) break; case 'P' : - #ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_PK_CALLBACKS pkCallbacks = 1; #endif break; @@ -426,6 +587,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } break; + case 'B' : + throughput = atoi(myoptarg); + if (throughput <= 0) { + Usage(); + exit(MY_EX_USAGE); + } + break; + case 'N' : nonBlocking = 1; break; @@ -633,9 +802,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (ctx == NULL) err_sys("unable to get ctx"); - if (cipherList) + if (cipherList) { if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) err_sys("client can't set cipher list 1"); + } #ifdef WOLFSSL_LEANPSK usePsk = 1; @@ -770,52 +940,23 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif if (benchmark) { - /* time passed in number of connects give average */ - int times = benchmark; - int loops = resumeSession ? 2 : 1; - int i = 0; - WOLFSSL_SESSION* benchSession = NULL; - - while (loops--) { - int benchResume = resumeSession && loops == 0; - double start = current_time(), avg; - - for (i = 0; i < times; i++) { - tcp_connect(&sockfd, host, port, doDTLS); - - ssl = wolfSSL_new(ctx); - if (benchResume) - wolfSSL_set_session(ssl, benchSession); - wolfSSL_set_fd(ssl, sockfd); - if (wolfSSL_connect(ssl) != SSL_SUCCESS) - err_sys("SSL_connect failed"); - - wolfSSL_shutdown(ssl); - if (i == (times-1) && resumeSession) { - benchSession = wolfSSL_get_session(ssl); - } - wolfSSL_free(ssl); - CloseSocket(sockfd); - } - avg = current_time() - start; - avg /= times; - avg *= 1000; /* milliseconds */ - if (benchResume) - printf("wolfSSL_resume avg took: %8.3f milliseconds\n", avg); - else - printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg); - } - + ((func_args*)args)->return_code = + ClientBenchmarkConnections(ctx, host, port, doDTLS, benchmark, resumeSession); wolfSSL_CTX_free(ctx); - ((func_args*)args)->return_code = 0; - exit(EXIT_SUCCESS); } - + + if(throughput) { + ((func_args*)args)->return_code = + ClientBenchmarkThroughput(ctx, host, port, doDTLS, throughput); + wolfSSL_CTX_free(ctx); + exit(EXIT_SUCCESS); + } + #if defined(WOLFSSL_MDK_ARM) wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); #endif - + ssl = wolfSSL_new(ctx); if (ssl == NULL) err_sys("unable to get SSL object"); @@ -830,15 +971,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } #endif - if (doDTLS) { - SOCKADDR_IN_T addr; - build_addr(&addr, host, port, 1); - wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); - tcp_socket(&sockfd, 1); - } - else { - tcp_connect(&sockfd, host, port, 0); - } + tcp_connect(&sockfd, host, port, doDTLS, ssl); #ifdef HAVE_POLY1305 /* use old poly to connect with google and wolfssl.com server */ @@ -986,21 +1119,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifndef NO_SESSION_CACHE if (resumeSession) { if (doDTLS) { - SOCKADDR_IN_T addr; - #ifdef USE_WINDOWS_API - Sleep(500); - #elif defined(WOLFSSL_TIRTOS) - Task_sleep(1); - #else - sleep(1); - #endif - build_addr(&addr, host, port, 1); - wolfSSL_dtls_set_peer(sslResume, &addr, sizeof(addr)); - tcp_socket(&sockfd, 1); - } - else { - tcp_connect(&sockfd, host, port, 0); +#ifdef USE_WINDOWS_API + Sleep(500); +#elif defined(WOLFSSL_TIRTOS) + Task_sleep(1); +#else + sleep(1); +#endif } + tcp_connect(&sockfd, host, port, doDTLS, sslResume); wolfSSL_set_fd(sslResume, sockfd); #ifdef HAVE_ALPN if (alpnList != NULL) { @@ -1020,7 +1147,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) wolfSSL_set_SessionTicket_cb(sslResume, sessionTicketCB, (void*)"resumed session"); #endif - + showPeer(sslResume); #ifndef WOLFSSL_CALLBACKS if (nonBlocking) { @@ -1080,7 +1207,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } /* try to send session break */ - wolfSSL_write(sslResume, msg, msgSz); + wolfSSL_write(sslResume, msg, msgSz); ret = wolfSSL_shutdown(sslResume); if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE) @@ -1134,10 +1261,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) ChangeDirBack(2); else if (CurrentDir("Debug") || CurrentDir("Release")) ChangeDirBack(3); - + #ifdef HAVE_STACK_SIZE StackSizeCheck(&args, client_test); -#else +#else client_test(&args); #endif wolfSSL_Cleanup(); diff --git a/examples/client/client.h b/examples/client/client.h index e4b13be48..25881aab8 100644 --- a/examples/client/client.h +++ b/examples/client/client.h @@ -23,3 +23,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args); +/* Measures average time to create, connect and disconnect a connection (TPS). +Benchmark = number of connections. */ +int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, + int doDTLS, int benchmark, int resumeSession); + +/* Measures throughput in kbps. Throughput = number of bytes */ +int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, + int doDTLS, int throughput); diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index e855999c1..8cf05c26c 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -164,16 +164,7 @@ void echoclient_test(void* args) #endif ssl = SSL_new(ctx); - - if (doDTLS) { - SOCKADDR_IN_T addr; - build_addr(&addr, yasslIP, port, 1); - CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); - tcp_socket(&sockfd, 1); - } - else { - tcp_connect(&sockfd, yasslIP, port, 0); - } + tcp_connect(&sockfd, yasslIP, port, doDTLS, ssl); SSL_set_fd(ssl, sockfd); #if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER) diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index 453e162bb..e510e1387 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -248,7 +248,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) err_sys("recvfrom failed"); } #endif - if (clientfd == -1) err_sys("tcp accept failed"); + if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) err_sys("tcp accept failed"); ssl = CyaSSL_new(ctx); if (ssl == NULL) err_sys("SSL_new failed"); diff --git a/examples/include.am b/examples/include.am new file mode 100644 index 000000000..e06bc86a1 --- /dev/null +++ b/examples/include.am @@ -0,0 +1,7 @@ +# vim:ft=automake +# All paths should be given relative to the root + +include examples/client/include.am +include examples/echoclient/include.am +include examples/echoserver/include.am +include examples/server/include.am diff --git a/examples/server/server.c b/examples/server/server.c index 014342af3..dfa751a6c 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -40,8 +40,8 @@ #if defined(WOLFSSL_MDK5) #include "cmsis_os.h" - #include "rl_fs.h" - #include "rl_net.h" + #include "rl_fs.h" + #include "rl_net.h" #else #include "rtl.h" #endif @@ -81,10 +81,11 @@ static void NonBlockingSSL_Accept(SSL* ssl) error == SSL_ERROR_WANT_WRITE)) { int currTimeout = 1; - if (error == SSL_ERROR_WANT_READ) - printf("... server would read block\n"); - else - printf("... server would write block\n"); + if (error == SSL_ERROR_WANT_READ) { + /* printf("... server would read block\n"); */ + } else { + /* printf("... server would write block\n"); */ + } #ifdef CYASSL_DTLS currTimeout = CyaSSL_dtls_get_current_timeout(ssl); @@ -118,6 +119,68 @@ static void NonBlockingSSL_Accept(SSL* ssl) err_sys("SSL_accept failed"); } +/* Echo number of bytes specified by -e arg */ +int ServerEchoData(SSL* ssl, int clientfd, int echoData, int throughput) +{ + int ret = 0; + char* buffer = (char*)XMALLOC(TEST_BUFFER_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if(buffer) { + double start, rx_time = 0, tx_time = 0; + int xfer_bytes = 0; + while((echoData && throughput == 0) || (!echoData && xfer_bytes < throughput)) { + int select_ret = tcp_select(clientfd, 1); /* Timeout=1 second */ + if (select_ret == TEST_RECV_READY) { + int len = min(TEST_BUFFER_SIZE, throughput - xfer_bytes); + int rx_pos = 0; + if(throughput) { + start = current_time(); + } + while(rx_pos < len) { + ret = SSL_read(ssl, &buffer[rx_pos], len - rx_pos); + if (ret <= 0) { + int readErr = SSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) { + printf("SSL_read error %d!\n", readErr); + err_sys("SSL_read failed"); + } + } + else { + rx_pos += ret; + } + } + if(throughput) { + rx_time += current_time() - start; + start = current_time(); + } + if (SSL_write(ssl, buffer, len) != len) { + err_sys("SSL_write failed"); + } + if(throughput) { + tx_time += current_time() - start; + } + + xfer_bytes += len; + } + } + XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if(throughput) { + printf("wolfSSL Server Benchmark %d bytes\n" + "\tRX %8.3f ms (%8.3f MBps)\n" + "\tTX %8.3f ms (%8.3f MBps)\n", + throughput, + tx_time * 1000, throughput / tx_time / 1024 / 1024, + rx_time * 1000, throughput / rx_time / 1024 / 1024 + ); + } + } + else { + err_sys("Server buffer XMALLOC failed"); + } + + return EXIT_SUCCESS; +} + static void Usage(void) { @@ -127,7 +190,7 @@ static void Usage(void) printf("-p Port to listen on, not 0, default %d\n", yasslPort); printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", SERVER_DEFAULT_VERSION); - printf("-l Cipher list\n"); + printf("-l Cipher suite list (: delimited)\n"); printf("-c Certificate file, default %s\n", svrCert); printf("-k Key file, default %s\n", svrKey); printf("-A Certificate Authority file, default %s\n", cliCert); @@ -144,7 +207,7 @@ static void Usage(void) printf("-s Use pre Shared keys\n"); printf("-t Track wolfSSL memory use\n"); printf("-u Use UDP DTLS," - " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); + " add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n"); printf("-f Fewer packets/group messages\n"); printf("-R Create server ready file, for external monitor\n"); printf("-r Allow one client Resumption\n"); @@ -155,7 +218,7 @@ static void Usage(void) printf("-o Perform OCSP lookup on peer certificate\n"); printf("-O Perform OCSP lookup using as responder\n"); #endif -#ifdef HAVE_PK_CALLBACKS +#ifdef HAVE_PK_CALLBACKS printf("-P Public Key Callbacks\n"); #endif #ifdef HAVE_ANON @@ -164,20 +227,22 @@ static void Usage(void) #ifndef NO_PSK printf("-I Do not send PSK identity hint\n"); #endif + printf("-i Loop indefinitely (allow repeated connections)\n"); + printf("-e Echo data mode (return raw bytes received)\n"); + printf("-B Benchmark throughput using bytes and print stats\n"); } THREAD_RETURN CYASSL_THREAD server_test(void* args) { - SOCKET_T sockfd = 0; - SOCKET_T clientfd = 0; + SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID; + SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID; SSL_METHOD* method = 0; SSL_CTX* ctx = 0; SSL* ssl = 0; - char msg[] = "I hear you fa shizzle!"; + const char msg[] = "I hear you fa shizzle!"; char input[80]; - int idx; int ch; int version = SERVER_DEFAULT_VERSION; int doCliCertCheck = 1; @@ -194,8 +259,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) int pkCallbacks = 0; int serverReadyFile = 0; int wc_shutdown = 0; - int resume = 0; /* do resume, and resume count */ + int resume = 0; + int resumeCount = 0; + int loopIndefinitely = 0; + int echoData = 0; + int throughput; int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS; + int doListen = 1; int ret; char* alpnList = NULL; unsigned char alpn_opt = 0; @@ -244,7 +314,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) fdOpenSession(Task_self()); #endif - while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:L:")) + while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:L:ieB:")) != -1) { switch (ch) { case '?' : @@ -292,7 +362,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) break; case 'P' : - #ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_PK_CALLBACKS pkCallbacks = 1; #endif break; @@ -400,6 +470,23 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #endif break; + + case 'i' : + loopIndefinitely = 1; + break; + + case 'e' : + echoData = 1; + break; + + case 'B': + throughput = atoi(myoptarg); + if (throughput <= 0) { + Usage(); + exit(MY_EX_USAGE); + } + break; + default: Usage(); exit(MY_EX_USAGE); @@ -593,164 +680,174 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) err_sys("UseSNI failed"); #endif -while (1) { /* allow resume option */ - if (resume > 1) { /* already did listen, just do accept */ - if (doDTLS == 0) { - SOCKADDR_IN_T client; - socklen_t client_len = sizeof(client); - clientfd = accept(sockfd, (struct sockaddr*)&client, - (ACCEPT_THIRD_T)&client_len); - } else { - tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); - clientfd = sockfd; + while (1) { + /* allow resume option */ + if(resumeCount > 1) { + if (doDTLS == 0) { + SOCKADDR_IN_T client; + socklen_t client_len = sizeof(client); + clientfd = accept(sockfd, (struct sockaddr*)&client, + (ACCEPT_THIRD_T)&client_len); + } else { + tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); + clientfd = sockfd; + } + if(WOLFSSL_SOCKET_IS_INVALID(clientfd)) { + err_sys("tcp accept failed"); + } + resumeCount = 0; } - #ifdef USE_WINDOWS_API - if (clientfd == INVALID_SOCKET) err_sys("tcp accept failed"); - #else - if (clientfd == -1) err_sys("tcp accept failed"); - #endif - } - ssl = SSL_new(ctx); - if (ssl == NULL) - err_sys("unable to get SSL"); + ssl = SSL_new(ctx); + if (ssl == NULL) + err_sys("unable to get SSL"); #ifndef NO_HANDSHAKE_DONE_CB - wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL); + wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL); #endif #ifdef HAVE_CRL - CyaSSL_EnableCRL(ssl, 0); - CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR | - CYASSL_CRL_START_MON); - CyaSSL_SetCRL_Cb(ssl, CRL_CallBack); + CyaSSL_EnableCRL(ssl, 0); + CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR | + CYASSL_CRL_START_MON); + CyaSSL_SetCRL_Cb(ssl, CRL_CallBack); #endif #ifdef HAVE_OCSP - if (useOcsp) { - if (ocspUrl != NULL) { - CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); - CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE - | CYASSL_OCSP_URL_OVERRIDE); + if (useOcsp) { + if (ocspUrl != NULL) { + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); + } + else + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); } - else - CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); - } #endif #ifdef HAVE_PK_CALLBACKS - if (pkCallbacks) - SetupPkCallbacks(ctx, ssl); + if (pkCallbacks) + SetupPkCallbacks(ctx, ssl); #endif - if (resume < 2) { /* do listen and accept */ + /* do accept */ tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, - doDTLS, serverReadyFile); - } + doDTLS, serverReadyFile, doListen); + doListen = 0; /* Don't listen next time */ - SSL_set_fd(ssl, clientfd); + SSL_set_fd(ssl, clientfd); #ifdef HAVE_ALPN - if (alpnList != NULL) { - printf("ALPN accepted protocols list : %s\n", alpnList); - wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt); - } + if (alpnList != NULL) { + printf("ALPN accepted protocols list : %s\n", alpnList); + wolfSSL_UseALPN(ssl, alpnList, (word32)XSTRLEN(alpnList), alpn_opt); + } #endif #ifdef WOLFSSL_DTLS - if (doDTLS) { - SOCKADDR_IN_T cliaddr; - byte b[1500]; - int n; - socklen_t len = sizeof(cliaddr); + if (doDTLS) { + SOCKADDR_IN_T cliaddr; + byte b[1500]; + int n; + socklen_t len = sizeof(cliaddr); - /* For DTLS, peek at the next datagram so we can get the client's - * address and set it into the ssl object later to generate the - * cookie. */ - n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK, - (struct sockaddr*)&cliaddr, &len); - if (n <= 0) - err_sys("recvfrom failed"); + /* For DTLS, peek at the next datagram so we can get the client's + * address and set it into the ssl object later to generate the + * cookie. */ + n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK, + (struct sockaddr*)&cliaddr, &len); + if (n <= 0) + err_sys("recvfrom failed"); - wolfSSL_dtls_set_peer(ssl, &cliaddr, len); - } + wolfSSL_dtls_set_peer(ssl, &cliaddr, len); + } #endif - if (usePsk == 0 || useAnon == 1 || cipherList != NULL || needDH == 1) { - #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN) - CyaSSL_SetTmpDH_file(ssl, ourDhParam, SSL_FILETYPE_PEM); - #elif !defined(NO_DH) - SetDH(ssl); /* repick suites with DHE, higher priority than PSK */ - #endif - } + if (usePsk == 0 || useAnon == 1 || cipherList != NULL || needDH == 1) { + #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN) + CyaSSL_SetTmpDH_file(ssl, ourDhParam, SSL_FILETYPE_PEM); + #elif !defined(NO_DH) + SetDH(ssl); /* repick suites with DHE, higher priority than PSK */ + #endif + } #ifndef CYASSL_CALLBACKS - if (nonBlocking) { - CyaSSL_set_using_nonblock(ssl, 1); - tcp_set_nonblocking(&clientfd); - NonBlockingSSL_Accept(ssl); - } else if (SSL_accept(ssl) != SSL_SUCCESS) { - int err = SSL_get_error(ssl, 0); - char buffer[CYASSL_MAX_ERROR_SZ]; - printf("error = %d, %s\n", err, ERR_error_string(err, buffer)); - err_sys("SSL_accept failed"); - } + if (nonBlocking) { + CyaSSL_set_using_nonblock(ssl, 1); + tcp_set_nonblocking(&clientfd); + NonBlockingSSL_Accept(ssl); + } else if (SSL_accept(ssl) != SSL_SUCCESS) { + int err = SSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("error = %d, %s\n", err, ERR_error_string(err, buffer)); + err_sys("SSL_accept failed"); + } #else - NonBlockingSSL_Accept(ssl); + NonBlockingSSL_Accept(ssl); #endif - showPeer(ssl); + showPeer(ssl); #ifdef HAVE_ALPN - if (alpnList != NULL) { - int err; - char *protocol_name = NULL; - word16 protocol_nameSz = 0; + if (alpnList != NULL) { + int err; + char *protocol_name = NULL; + word16 protocol_nameSz = 0; - err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name, &protocol_nameSz); - if (err == SSL_SUCCESS) - printf("Sent ALPN protocol : %s (%d)\n", - protocol_name, protocol_nameSz); - else if (err == SSL_ALPN_NOT_FOUND) - printf("No ALPN response sent (no match)\n"); - else - printf("Getting ALPN protocol name failed\n"); - } + err = wolfSSL_ALPN_GetProtocol(ssl, &protocol_name, &protocol_nameSz); + if (err == SSL_SUCCESS) + printf("Sent ALPN protocol : %s (%d)\n", + protocol_name, protocol_nameSz); + else if (err == SSL_ALPN_NOT_FOUND) + printf("No ALPN response sent (no match)\n"); + else + printf("Getting ALPN protocol name failed\n"); + } #endif - idx = SSL_read(ssl, input, sizeof(input)-1); - if (idx > 0) { - input[idx] = 0; - printf("Client message: %s\n", input); + if(echoData == 0 && throughput == 0) { + ret = SSL_read(ssl, input, sizeof(input)-1); + if (ret > 0) { + input[ret] = 0; + printf("Client message: %s\n", input); - } - else if (idx < 0) { - int readErr = SSL_get_error(ssl, 0); - if (readErr != SSL_ERROR_WANT_READ) - err_sys("SSL_read failed"); - } + } + else if (ret < 0) { + int readErr = SSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) + err_sys("SSL_read failed"); + } - if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) - err_sys("SSL_write failed"); - - #if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX) + if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) + err_sys("SSL_write failed"); + } + else { + ServerEchoData(ssl, clientfd, echoData, throughput); + } + +#if defined(WOLFSSL_MDK_SHELL) && defined(HAVE_MDK_RTX) os_dly_wait(500) ; - #elif defined (CYASSL_TIRTOS) +#elif defined (CYASSL_TIRTOS) Task_yield(); - #endif +#endif + + if (doDTLS == 0) { + ret = SSL_shutdown(ssl); + if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE) + SSL_shutdown(ssl); /* bidirectional shutdown */ + } + SSL_free(ssl); - if (doDTLS == 0) { - ret = SSL_shutdown(ssl); - if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE) - SSL_shutdown(ssl); /* bidirectional shutdown */ - } - SSL_free(ssl); - if (resume == 1) { CloseSocket(clientfd); - resume++; /* only do one resume for testing */ - continue; - } - break; /* out of while loop, done with normal and resume option */ -} + + if (resume == 1) { + resumeCount++; /* only do one resume for testing */ + continue; + } + + if(!loopIndefinitely) { + break; /* out of while loop, done with normal and resume option */ + } + } /* while(1) */ + + CloseSocket(sockfd); SSL_CTX_free(ctx); - CloseSocket(clientfd); - CloseSocket(sockfd); ((func_args*)args)->return_code = 0; @@ -807,10 +904,10 @@ while (1) { /* allow resume option */ ChangeDirBack(2); else if (CurrentDir("Debug") || CurrentDir("Release")) ChangeDirBack(3); - + #ifdef HAVE_STACK_SIZE StackSizeCheck(&args, server_test); -#else +#else server_test(&args); #endif CyaSSL_Cleanup(); diff --git a/examples/server/server.h b/examples/server/server.h index c42260fce..3cba4c004 100644 --- a/examples/server/server.h +++ b/examples/server/server.h @@ -22,3 +22,7 @@ #pragma once THREAD_RETURN WOLFSSL_THREAD server_test(void* args); + +/* Echo bytes using buffer of TEST_BUFFER_SIZE until [echoData] bytes are complete. */ +/* If [bechmarkThroughput] set the statistcs will be output at the end */ +int ServerEchoData(WOLFSSL* ssl, int clientfd, int echoData, int benchmarkThroughput); diff --git a/scripts/benchmark.test b/scripts/benchmark.test new file mode 100755 index 000000000..8e4cff9ab --- /dev/null +++ b/scripts/benchmark.test @@ -0,0 +1,115 @@ +#!/bin/sh + +#benchmark.test + +if [ "$#" -lt 2 ]; then + echo "Usage: $0 [mode] [num] [clientargs] [serverargs]" >&2 + echo " [mode]: 1=Connection Rate (TPS), 2=Throughput Bytes" >&2 + echo " [num]: Mode 1=Connection Count, Mode 2=Bytes to TX/RX" >&2 + echo " [clientargs]: Passed to client (see \"./example/client/client -?\" for help)" >&2 + echo " Example: Use different cipher suite: \"-l DHE-RSA-AES256-SHA\"" >&2 + echo " [serverargs]: Passed to server (see \"./example/server/server -?\" for help)" >&2 + echo " Example: Disable client certificate check: \"-d\"" >&2 + echo "Note: If additional client or server args contains spaces wrap with double quotes" >&2 + exit 1 +fi + +# Use unique benchmark port so it won't conflict with any other tests +bench_port=11113 +no_pid=-1 +server_pid=$no_pid +counter=0 +client_result=-1 + +remove_ready_file() { + if test -e /tmp/wolfssl_server_ready; then + echo "removing exisitng server_ready file" + rm /tmp/wolfssl_server_ready + fi +} + + +do_cleanup() { + echo "in cleanup" + + if [ $server_pid != $no_pid ] + then + echo "killing server" + kill -9 $server_pid + fi + remove_ready_file +} + +do_trap() { + echo "got trap" + do_cleanup + exit -1 +} + +trap do_trap INT TERM + +# Start server in loop continuous mode (-L) with echo data (-e) enabled and non-blocking (-N) +echo "\nStarting example server for benchmark test" +remove_ready_file +# benchmark connections +if [ $1 == 1 ] +then + # start server in loop mode with port + ./examples/server/server -i -p $bench_port $4 & + server_pid=$! +fi + +# benchmark throughput +if [ $1 == 2 ] +then + # start server in loop mode, non-blocking, benchmark throughput with port + ./examples/server/server -i -N -B $2 -p $bench_port $4 & + server_pid=$! +fi + + +echo "Waiting for server_ready file..." +while [ ! -s /tmp/wolfssl_server_ready -a "$counter" -lt 20 ]; do + sleep 0.1 + counter=$((counter+ 1)) +done + +# benchmark connections +if [ $1 == 1 ] +then + echo "Starting example client to benchmark connection average time" + # start client to benchmark average time for each connection using port + ./examples/client/client -b $2 -p $bench_port $3 + client_result=$? +fi + +# benchmark throughput +if [ $1 == 2 ] +then + echo "Starting example client to benchmark throughput" + # start client in non-blocking mode, benchmark throughput using port + ./examples/client/client -N -B $2 -p $bench_port $3 + client_result=$? +fi + +if [ $client_result != 0 ] +then + echo "Client failed!" + do_cleanup + exit 1 +fi + +# End server +kill -6 $server_pid +server_result=$? +remove_ready_file + +if [ $server_result != 0 ] +then + echo "Server failed!" + exit 1 +fi + +echo "\nSuccess!\n" + +exit 0 diff --git a/scripts/include.am b/scripts/include.am index 915baf63a..94232516b 100644 --- a/scripts/include.am +++ b/scripts/include.am @@ -10,6 +10,7 @@ endif if BUILD_EXAMPLES dist_noinst_SCRIPTS+= scripts/resume.test +EXTRA_DIST+= scripts/benchmark.test if BUILD_CRL # make revoked test rely on completion of resume test diff --git a/tests/api.c b/tests/api.c index 8feb84a39..4103bb25b 100644 --- a/tests/api.c +++ b/tests/api.c @@ -357,7 +357,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args) } ssl = wolfSSL_new(ctx); - tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0); + tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 1); CloseSocket(sockfd); wolfSSL_set_fd(ssl, clientfd); @@ -467,9 +467,8 @@ static void test_client_nofail(void* args) goto done2; } - tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0); - ssl = wolfSSL_new(ctx); + tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl); wolfSSL_set_fd(ssl, sockfd); if (wolfSSL_connect(ssl) != SSL_SUCCESS) { @@ -557,7 +556,7 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args) ssl = wolfSSL_new(ctx); - tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0); + tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 1); CloseSocket(sfd); wolfSSL_set_fd(ssl, cfd); @@ -650,9 +649,8 @@ static void run_wolfssl_client(void* args) if (callbacks->ctx_ready) callbacks->ctx_ready(ctx); - tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0); - ssl = wolfSSL_new(ctx); + tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, ssl); wolfSSL_set_fd(ssl, sfd); if (callbacks->ssl_ready) diff --git a/wolfssl/test.h b/wolfssl/test.h index 248f0ce18..83218fe1e 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -23,7 +23,7 @@ #endif /* HAVE_ECC */ #endif /*HAVE_PK_CALLBACKS */ -#ifdef USE_WINDOWS_API +#ifdef USE_WINDOWS_API #include #include #ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */ @@ -61,11 +61,11 @@ #include #include struct hostent { - char *h_name; /* official name of host */ - char **h_aliases; /* alias list */ - int h_addrtype; /* host address type */ - int h_length; /* length of address */ - char **h_addr_list; /* list of addresses from name server */ + char *h_name; /* official name of host */ + char **h_aliases; /* alias list */ + int h_addrtype; /* host address type */ + int h_length; /* length of address */ + char **h_addr_list; /* list of addresses from name server */ }; #define SOCKET_T int #elif defined(WOLFSSL_VXWORKS) @@ -79,7 +79,7 @@ #include #include #include - #include + #include #define SOCKET_T int #else #include @@ -118,6 +118,39 @@ #pragma warning(disable:4244 4996) #endif +/* Buffer for benchmark tests */ +#ifndef TEST_BUFFER_SIZE +#define TEST_BUFFER_SIZE 16384 +#endif + +#ifndef WOLFSSL_HAVE_MIN + #define WOLFSSL_HAVE_MIN + static INLINE word32 min(word32 a, word32 b) + { + return a > b ? b : a; + } +#endif /* WOLFSSL_HAVE_MIN */ + +/* Socket Handling */ +#ifndef WOLFSSL_SOCKET_INVALID +#ifdef USE_WINDOWS_API + #define WOLFSSL_SOCKET_INVALID INVALID_SOCKET +#elif defined(WOLFSSL_TIRTOS) + #define WOLFSSL_SOCKET_INVALID -1 +#else + #define WOLFSSL_SOCKET_INVALID 0 +#endif +#endif /* WOLFSSL_SOCKET_INVALID */ + +#ifndef WOLFSSL_SOCKET_IS_INVALID +#ifdef USE_WINDOWS_API + #define WOLFSSL_SOCKET_IS_INVALID(s) ((s) == WOLFSSL_SOCKET_INVALID) +#elif defined(WOLFSSL_TIRTOS) + #define WOLFSSL_SOCKET_IS_INVALID(s) ((s) == WOLFSSL_SOCKET_INVALID) +#else + #define WOLFSSL_SOCKET_IS_INVALID(s) ((s) < WOLFSSL_SOCKET_INVALID) +#endif +#endif /* WOLFSSL_SOCKET_IS_INVALID */ #if defined(__MACH__) || defined(USE_WINDOWS_API) #ifndef _SOCKLEN_T @@ -140,7 +173,7 @@ #endif -#ifdef USE_WINDOWS_API +#ifdef USE_WINDOWS_API #define CloseSocket(s) closesocket(s) #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); } #elif defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) @@ -186,7 +219,7 @@ typedef struct sockaddr_in SOCKADDR_IN_T; #define AF_INET_V AF_INET #endif - + #define SERVER_DEFAULT_VERSION 3 #define SERVER_DTLS_DEFAULT_VERSION (-2) @@ -238,7 +271,7 @@ typedef struct tcp_ready { pthread_mutex_t mutex; pthread_cond_t cond; #endif -} tcp_ready; +} tcp_ready; void InitTcpReady(tcp_ready*); @@ -333,7 +366,7 @@ static INLINE int mygetopt(int argc, char** argv, const char* optstring) /* The C++ strchr can return a different value */ cp = (char*)strchr(optstring, c); - if (cp == NULL || c == ':') + if (cp == NULL || c == ':') return '?'; cp++; @@ -347,7 +380,7 @@ static INLINE int mygetopt(int argc, char** argv, const char* optstring) myoptarg = argv[myoptind]; myoptind++; } - else + else return '?'; } @@ -380,7 +413,7 @@ static INLINE void ShowX509(WOLFSSL_X509* x509, const char* hdr) byte serial[32]; int ret; int sz = sizeof(serial); - + printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject); while ( (altName = wolfSSL_X509_get_next_altname(x509)) != NULL) @@ -542,18 +575,11 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp) else *sockfd = socket(AF_INET_V, SOCK_STREAM, 0); -#ifdef USE_WINDOWS_API - if (*sockfd == INVALID_SOCKET) + if(WOLFSSL_SOCKET_IS_INVALID(*sockfd)) { err_sys("socket failed\n"); -#elif defined(WOLFSSL_TIRTOS) - if (*sockfd == -1) - err_sys("socket failed\n"); -#else - if (*sockfd < 0) - err_sys("socket failed\n"); -#endif + } -#ifndef USE_WINDOWS_API +#ifndef USE_WINDOWS_API #ifdef SO_NOSIGPIPE { int on = 1; @@ -583,10 +609,13 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp) } static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port, - int udp) + int udp, WOLFSSL* ssl) { SOCKADDR_IN_T addr; build_addr(&addr, ip, port, udp); + if(udp) { + wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + } tcp_socket(sockfd, udp); if (!udp) { @@ -769,7 +798,7 @@ static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, func_args* args, word16 port, int useAnyAddr, - int udp, int ready_file) + int udp, int ready_file, int do_listen) { SOCKADDR_IN_T client; socklen_t client_len = sizeof(client); @@ -779,49 +808,47 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, return; } - tcp_listen(sockfd, &port, useAnyAddr, udp); + if(do_listen) { + tcp_listen(sockfd, &port, useAnyAddr, udp); -#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) - /* signal ready to tcp_accept */ - { - tcp_ready* ready = args->signal; - pthread_mutex_lock(&ready->mutex); - ready->ready = 1; - ready->port = port; - pthread_cond_signal(&ready->cond); - pthread_mutex_unlock(&ready->mutex); - } -#elif defined (WOLFSSL_TIRTOS) - /* Need mutex? */ - tcp_ready* ready = args->signal; - ready->ready = 1; - ready->port = port; -#endif - - if (ready_file) { -#ifndef NO_FILESYSTEM - #ifndef USE_WINDOWS_API - FILE* srf = fopen("/tmp/wolfssl_server_ready", "w"); - #else - FILE* srf = fopen("wolfssl_server_ready", "w"); + #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) + /* signal ready to tcp_accept */ + { + tcp_ready* ready = args->signal; + pthread_mutex_lock(&ready->mutex); + ready->ready = 1; + ready->port = port; + pthread_cond_signal(&ready->cond); + pthread_mutex_unlock(&ready->mutex); + } + #elif defined (WOLFSSL_TIRTOS) + /* Need mutex? */ + tcp_ready* ready = args->signal; + ready->ready = 1; + ready->port = port; #endif - if (srf) { - fputs("ready", srf); - fclose(srf); + if (ready_file) { + #ifndef NO_FILESYSTEM + #ifndef USE_WINDOWS_API + FILE* srf = fopen("/tmp/wolfssl_server_ready", "w"); + #else + FILE* srf = fopen("wolfssl_server_ready", "w"); + #endif + + if (srf) { + fputs("ready", srf); + fclose(srf); + } + #endif } -#endif } *clientfd = accept(*sockfd, (struct sockaddr*)&client, (ACCEPT_THIRD_T)&client_len); -#ifdef USE_WINDOWS_API - if (*clientfd == INVALID_SOCKET) + if(WOLFSSL_SOCKET_IS_INVALID(*clientfd)) { err_sys("tcp accept failed"); -#else - if (*clientfd == -1) - err_sys("tcp accept failed"); -#endif + } } @@ -894,7 +921,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, #endif /* NO_PSK */ -#ifdef USE_WINDOWS_API +#ifdef USE_WINDOWS_API #define WIN32_LEAN_AND_MEAN #include @@ -903,7 +930,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, { static int init = 0; static LARGE_INTEGER freq; - + LARGE_INTEGER count; if (!init) { @@ -930,7 +957,7 @@ static INLINE unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; } - + #endif #endif /* USE_WINDOWS_API */ @@ -1133,18 +1160,18 @@ static INLINE int OpenNitroxDevice(int dma_mode,int dev_id) #endif /* HAVE_CAVIUM */ -#ifdef USE_WINDOWS_API +#ifdef USE_WINDOWS_API /* do back x number of directories */ static INLINE void ChangeDirBack(int x) { - char path[MAX_PATH]; - XMEMSET(path, 0, MAX_PATH); - XSTRNCAT(path, ".\\", MAX_PATH); - while (x-- > 0) { - XSTRNCAT(path, "..\\", MAX_PATH); - } - SetCurrentDirectoryA(path); + char path[MAX_PATH]; + XMEMSET(path, 0, MAX_PATH); + XSTRNCAT(path, ".\\", MAX_PATH); + while (x-- > 0) { + XSTRNCAT(path, "..\\", MAX_PATH); + } + SetCurrentDirectoryA(path); } /* does current dir contain str */ @@ -1180,14 +1207,14 @@ static INLINE int CurrentDir(const char* str) static INLINE void ChangeDirBack(int x) { char path[MAX_PATH]; - XMEMSET(path, 0, MAX_PATH); - XSTRNCAT(path, "./", MAX_PATH); - while (x-- > 0) { + XMEMSET(path, 0, MAX_PATH); + XSTRNCAT(path, "./", MAX_PATH); + while (x-- > 0) { XSTRNCAT(path, "../", MAX_PATH); - } - if (chdir(path) < 0) { - printf("chdir to %s failed\n", path); - } + } + if (chdir(path) < 0) { + printf("chdir to %s failed\n", path); + } } /* does current dir contain str */ @@ -1278,8 +1305,8 @@ static INLINE int CurrentDir(const char* str) mt = (memoryTrack*)ptr; --mt; /* same as minus sizeof(memoryTrack), removes header */ -#ifdef DO_MEM_STATS - ourMemStats.currentBytes -= mt->u.hint.thisSize; +#ifdef DO_MEM_STATS + ourMemStats.currentBytes -= mt->u.hint.thisSize; #endif free(mt); @@ -1308,7 +1335,7 @@ static INLINE int CurrentDir(const char* str) return ret; } - static INLINE void InitMemoryTracker(void) + static INLINE void InitMemoryTracker(void) { if (wolfSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc) != 0) err_sys("wolfSSL SetAllocators failed for track memory"); @@ -1321,9 +1348,9 @@ static INLINE int CurrentDir(const char* str) #endif } - static INLINE void ShowMemoryTracker(void) + static INLINE void ShowMemoryTracker(void) { - #ifdef DO_MEM_STATS + #ifdef DO_MEM_STATS printf("total Allocs = %9lu\n", (unsigned long)ourMemStats.totalAllocs); printf("total Bytes = %9lu\n", @@ -1357,8 +1384,8 @@ static INLINE void StackSizeCheck(func_args* args, thread_func tf) #endif ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize); - if (ret != 0) - err_sys("posix_memalign failed\n"); + if (ret != 0) + err_sys("posix_memalign failed\n"); memset(myStack, 0x01, stackSize); @@ -1445,8 +1472,8 @@ typedef struct AtomicDecCtx { } AtomicDecCtx; -static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut, - const unsigned char* macIn, unsigned int macInSz, int macContent, +static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut, + const unsigned char* macIn, unsigned int macInSz, int macContent, int macVerify, unsigned char* encOut, const unsigned char* encIn, unsigned int encSz, void* ctx) { @@ -1513,7 +1540,7 @@ static INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut, } -static INLINE int myDecryptVerifyCb(WOLFSSL* ssl, +static INLINE int myDecryptVerifyCb(WOLFSSL* ssl, unsigned char* decOut, const unsigned char* decIn, unsigned int decSz, int macContent, int macVerify, unsigned int* padSz, void* ctx) @@ -1668,8 +1695,8 @@ static INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz, return ret; wc_ecc_init(&myKey); - - ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz); + + ret = wc_EccPrivateKeyDecode(key, &idx, &myKey, keySz); if (ret == 0) ret = wc_ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey); wc_ecc_free(&myKey); @@ -1690,7 +1717,7 @@ static INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz, (void)ctx; wc_ecc_init(&myKey); - + ret = wc_ecc_import_x963(key, keySz, &myKey); if (ret == 0) ret = wc_ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey); @@ -1719,8 +1746,8 @@ static INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, return ret; wc_InitRsaKey(&myKey, NULL); - - ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz); + + ret = wc_RsaPrivateKeyDecode(key, &idx, &myKey, keySz); if (ret == 0) ret = wc_RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng); if (ret > 0) { /* save and convert to 0 success */ @@ -1774,7 +1801,7 @@ static INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, return ret; wc_InitRsaKey(&myKey, NULL); - + ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz); if (ret == 0) { ret = wc_RsaPublicEncrypt(in, inSz, out, *outSz, &myKey, &rng); @@ -1822,7 +1849,7 @@ static INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx, WOLFSSL* ssl) wolfSSL_CTX_SetEccSignCb(ctx, myEccSign); wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify); #endif /* HAVE_ECC */ - #ifndef NO_RSA + #ifndef NO_RSA wolfSSL_CTX_SetRsaSignCb(ctx, myRsaSign); wolfSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify); wolfSSL_CTX_SetRsaEncCb(ctx, myRsaEnc);