Files
wolfssl/examples/echoclient/echoclient.c
T
Daniel Pouzzner 6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes).
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
2022-01-21 01:25:48 -06:00

407 lines
11 KiB
C

/* echoclient.c
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
/* let's use cyassl layer AND cyassl openssl layer */
#include <cyassl/ssl.h>
#include <cyassl/openssl/ssl.h>
#ifdef CYASSL_DTLS
#include <cyassl/error-ssl.h>
#endif
#if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
#include <stdio.h>
#include <string.h>
#include "cmsis_os.h"
#include "rl_fs.h"
#include "rl_net.h"
#include "wolfssl_MDK_ARM.h"
#endif
#include <cyassl/test.h>
#include <examples/echoclient/echoclient.h>
#ifndef NO_WOLFSSL_CLIENT
#ifdef NO_FILESYSTEM
#ifdef NO_RSA
#error currently the example only tries to load in a RSA buffer
#endif
#undef USE_CERT_BUFFERS_2048
#define USE_CERT_BUFFERS_2048
#include <wolfssl/certs_test.h>
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
static int devId = INVALID_DEVID;
#endif
void echoclient_test(void* args)
{
SOCKET_T sockfd = 0;
FILE* fin = stdin ;
FILE* fout = stdout;
#ifndef WOLFSSL_MDK_SHELL
int inCreated = 0;
int outCreated = 0;
#endif
char msg[1024];
char reply[1024+1];
SSL_METHOD* method = 0;
SSL_CTX* ctx = 0;
SSL* ssl = 0;
int ret = 0, err = 0;
int doDTLS = 0;
int doPSK = 0;
int sendSz;
#ifndef WOLFSSL_MDK_SHELL
int argc = 0;
char** argv = 0;
#endif
word16 port;
char buffer[CYASSL_MAX_ERROR_SZ];
((func_args*)args)->return_code = -1; /* error state */
#ifndef WOLFSSL_MDK_SHELL
argc = ((func_args*)args)->argc;
argv = ((func_args*)args)->argv;
if (argc >= 2) {
fprintf(stderr,"fopen(%s,r)\n",argv[1]);
fin = fopen(argv[1], "r");
inCreated = 1;
}
if (argc >= 3) {
fout = fopen(argv[2], "w");
outCreated = 1;
}
#endif
if (!fin) err_sys("can't open input file");
if (!fout) err_sys("can't open output file");
#ifdef CYASSL_DTLS
doDTLS = 1;
#endif
#ifdef CYASSL_LEANPSK
doPSK = 1;
#endif
#if defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
!defined(HAVE_ED448)
doPSK = 1;
#endif
(void)doPSK;
#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_SHELL)
port = ((func_args*)args)->signal->port;
#else
port = yasslPort;
#endif
#if defined(CYASSL_DTLS)
method = DTLSv1_2_client_method();
#elif !defined(NO_TLS)
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
method = CyaTLSv1_2_client_method();
#else
method = CyaSSLv23_client_method();
#endif
#elif defined(WOLFSSL_ALLOW_SSLV3)
method = SSLv3_client_method();
#else
#error "no valid client method type"
#endif
ctx = SSL_CTX_new(method);
#ifndef NO_FILESYSTEM
#ifndef NO_RSA
if (SSL_CTX_load_verify_locations(ctx, caCertFile, 0) != WOLFSSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
#endif
#ifdef HAVE_ECC
if (SSL_CTX_load_verify_locations(ctx, caEccCertFile, 0) != WOLFSSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
#elif defined(HAVE_ED25519)
if (SSL_CTX_load_verify_locations(ctx, caEdCertFile, 0) != WOLFSSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
#elif defined(HAVE_ED448)
if (SSL_CTX_load_verify_locations(ctx, caEd448CertFile, 0) != WOLFSSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
#endif
#elif !defined(NO_CERTS)
if (!doPSK)
if (wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS)
err_sys("can't load ca buffer");
#endif
#if defined(CYASSL_SNIFFER)
/* Only set if not running testsuite */
if (XSTRSTR(argv[0], "testsuite") != 0) {
/* don't use EDH, can't sniff tmp keys */
SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
}
#endif
#ifndef NO_PSK
if (doPSK) {
const char *defaultCipherList;
CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
#ifdef HAVE_NULL_CIPHER
defaultCipherList = "PSK-NULL-SHA256";
#elif defined(HAVE_AESGCM) && !defined(NO_DH)
#ifdef WOLFSSL_TLS13
defaultCipherList = "TLS13-AES128-GCM-SHA256"
#ifndef WOLFSSL_NO_TLS12
":DHE-PSK-AES128-GCM-SHA256"
#endif
;
#else
defaultCipherList = "DHE-PSK-AES128-GCM-SHA256";
#endif
#elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13)
defaultCipherList = "TLS13-AES128-GCM-SHA256"
#ifndef WOLFSSL_NO_TLS12
":DHE-PSK-AES128-GCM-SHA256"
#endif
;
#else
defaultCipherList = "PSK-AES128-CBC-SHA256";
#endif
if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=WOLFSSL_SUCCESS)
err_sys("client can't set cipher list 2");
wolfSSL_CTX_set_psk_callback_ctx(ctx, (void*)defaultCipherList);
}
#endif
#ifdef WOLFSSL_ENCRYPTED_KEYS
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(WOLFSSL_MDK_ARM)
CyaSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevOpen(&devId);
if (ret < 0) {
printf("Async device open failed\nRunning without async\n");
}
wolfSSL_CTX_SetDevId(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */
ssl = SSL_new(ctx);
tcp_connect(&sockfd, yasslIP, port, doDTLS, 0, ssl);
SSL_set_fd(ssl, sockfd);
#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
/* let echoserver bind first, TODO: add Windows signal like pthreads does */
Sleep(100);
#endif
do {
err = 0; /* Reset error */
ret = SSL_connect(ssl);
if (ret != WOLFSSL_SUCCESS) {
err = SSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) break;
}
#endif
}
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
printf("SSL_connect error %d, %s\n", err,
ERR_error_string(err, buffer));
err_sys("SSL_connect failed");
}
while (fgets(msg, sizeof(msg), fin) != 0) {
sendSz = (int)XSTRLEN(msg);
do {
err = 0; /* reset error */
ret = SSL_write(ssl, msg, sendSz);
if (ret <= 0) {
err = SSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) break;
}
#endif
}
} while (err == WC_PENDING_E);
if (ret != sendSz) {
printf("SSL_write msg error %d, %s\n", err,
ERR_error_string(err, buffer));
err_sys("SSL_write failed");
}
if (strncmp(msg, "quit", 4) == 0) {
fputs("sending server shutdown command: quit!\n", fout);
break;
}
if (strncmp(msg, "break", 5) == 0) {
fputs("sending server session close: break!\n", fout);
break;
}
#ifndef WOLFSSL_MDK_SHELL
while (sendSz)
#endif
{
do {
err = 0; /* reset error */
ret = SSL_read(ssl, reply, sizeof(reply)-1);
if (ret <= 0) {
err = SSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) break;
}
#endif
}
} while (err == WC_PENDING_E);
if (ret > 0) {
reply[ret] = 0;
fputs(reply, fout);
fflush(fout) ;
sendSz -= ret;
}
#ifdef CYASSL_DTLS
else if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
/* This condition is OK. The packet should be dropped
* silently when there is a decrypt or MAC error on
* a DTLS record. */
sendSz = 0;
}
#endif
else {
printf("SSL_read msg error %d, %s\n", err,
ERR_error_string(err, buffer));
err_sys("SSL_read failed");
}
}
}
#ifdef CYASSL_DTLS
strncpy(msg, "break", 6);
sendSz = (int)strlen(msg);
/* try to tell server done */
do {
err = 0; /* reset error */
ret = SSL_write(ssl, msg, sendSz);
if (ret <= 0) {
err = SSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) break;
}
#endif
}
} while (err == WC_PENDING_E);
#else
SSL_shutdown(ssl);
#endif
SSL_free(ssl);
SSL_CTX_free(ctx);
#ifdef WOLFSSL_ASYNC_CRYPT
wolfAsync_DevClose(&devId);
#endif
fflush(fout);
#ifndef WOLFSSL_MDK_SHELL
if (inCreated) fclose(fin);
if (outCreated) fclose(fout);
#endif
CloseSocket(sockfd);
((func_args*)args)->return_code = 0;
}
#endif /* !NO_WOLFSSL_CLIENT */
/* so overall tests can pull in test function */
#ifndef NO_MAIN_DRIVER
int main(int argc, char** argv)
{
func_args args;
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
#endif
StartTCP();
args.argc = argc;
args.argv = argv;
args.return_code = 0;
CyaSSL_Init();
#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
CyaSSL_Debugging_ON();
#endif
#ifndef CYASSL_TIRTOS
ChangeToWolfRoot();
#endif
#ifndef NO_WOLFSSL_CLIENT
echoclient_test(&args);
#endif
CyaSSL_Cleanup();
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
return args.return_code;
}
#endif /* NO_MAIN_DRIVER */