AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add max_frag_len option in ssl_server2

Browse Source 
Also reformat code and output more information in ssl_client2
This commit is contained in:
Manuel Pégourié-Gonnard 2013-07-18 14:07:36 +02:00
parent ed4af8b57c
commit 0c017a55e0
2 changed files with 42 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
programs/ssl/ssl_client2.c
View File

@ -59,8 +59,15 @@
#define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL #define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE #define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
/* Uncomment to test sending long paquets */ /* Uncomment to test sending longer paquets (for fragmentation purposes) */
#define LONG_HEADER // "User-agent: blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-END\r\n" #define LONG_HEADER // "User-agent: blah-blah-blah-blah-blah-blah-blah-" \
"-01--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \
"-02--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \
"-03--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \
"-04--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \
"-05--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \
"-06--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-" \
"-07--blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-END\r\n"
#define GET_REQUEST "GET %s HTTP/1.0\r\n" LONG_HEADER "\r\n" #define GET_REQUEST "GET %s HTTP/1.0\r\n" LONG_HEADER "\r\n"
@ -204,7 +211,7 @@ int main( int argc, char *argv[] )
#else #else
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
{ {
int ret = 0, len, server_fd, i, written; int ret = 0, len, server_fd, i, written, frags;
unsigned char buf[1024]; unsigned char buf[1024];
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
unsigned char psk[256]; unsigned char psk[256];
@ -705,7 +712,7 @@ int main( int argc, char *argv[] )
len = sprintf( (char *) buf, GET_REQUEST, opt.request_page ); len = sprintf( (char *) buf, GET_REQUEST, opt.request_page );
for( written = 0; written < len; written += ret ) for( written = 0, frags = 0; written < len; written += ret, frags++ )
{ {
while( ( ret = ssl_write( &ssl, buf + written, len - written ) ) <= 0 ) while( ( ret = ssl_write( &ssl, buf + written, len - written ) ) <= 0 )
{ {
@ -718,7 +725,7 @@ int main( int argc, char *argv[] )
} }
buf[written] = '\0'; buf[written] = '\0';
printf( " %d bytes written\n\n%s\n", written, (char *) buf ); printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf );
/* /*
* 7. Read the HTTP response * 7. Read the HTTP response

37
programs/ssl/ssl_server2.c
View File

@ -68,11 +68,15 @@
#define DFL_MIN_VERSION -1 #define DFL_MIN_VERSION -1
#define DFL_MAX_VERSION -1 #define DFL_MAX_VERSION -1
#define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL #define DFL_AUTH_MODE SSL_VERIFY_OPTIONAL
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
#define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ #define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
"02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
"03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
"04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah</p>\r\n" "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
"05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
"06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
"07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah</p>\r\n"
/* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer /* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer
* packets (for fragmentation purposes) */ * packets (for fragmentation purposes) */
@ -100,6 +104,7 @@ struct options
int min_version; /* minimum protocol version accepted */ int min_version; /* minimum protocol version accepted */
int max_version; /* maximum protocol version accepted */ int max_version; /* maximum protocol version accepted */
int auth_mode; /* verify mode for connection */ int auth_mode; /* verify mode for connection */
unsigned char mfl_code; /* code for maximum fragment length */
} opt; } opt;
static void my_debug( void *ctx, int level, const char *str ) static void my_debug( void *ctx, int level, const char *str )
@ -154,6 +159,8 @@ static void my_debug( void *ctx, int level, const char *str )
" options: ssl3, tls1, tls1_1, tls1_2\n" \ " options: ssl3, tls1, tls1_1, tls1_2\n" \
" auth_mode=%%s default: \"optional\"\n" \ " auth_mode=%%s default: \"optional\"\n" \
" options: none, optional, required\n" \ " options: none, optional, required\n" \
" max_frag_len=%%d default: 16384 (tls default)" \
" options: 512, 1024, 2048, 4096" \
USAGE_PSK \ USAGE_PSK \
"\n" \ "\n" \
" force_ciphersuite=<name> default: all enabled\n"\ " force_ciphersuite=<name> default: all enabled\n"\
@ -175,7 +182,7 @@ int main( int argc, char *argv[] )
#else #else
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
{ {
int ret = 0, len, written; int ret = 0, len, written, frags;
int listen_fd; int listen_fd;
int client_fd = -1; int client_fd = -1;
unsigned char buf[1024]; unsigned char buf[1024];
@ -257,6 +264,7 @@ int main( int argc, char *argv[] )
opt.min_version = DFL_MIN_VERSION; opt.min_version = DFL_MIN_VERSION;
opt.max_version = DFL_MAX_VERSION; opt.max_version = DFL_MAX_VERSION;
opt.auth_mode = DFL_AUTH_MODE; opt.auth_mode = DFL_AUTH_MODE;
opt.mfl_code = DFL_MFL_CODE;
for( i = 1; i < argc; i++ ) for( i = 1; i < argc; i++ )
{ {
@ -375,6 +383,19 @@ int main( int argc, char *argv[] )
else else
goto usage; goto usage;
} }
else if( strcmp( p, "max_frag_len" ) == 0 )
{
if( strcmp( q, "512" ) == 0 )
opt.mfl_code = SSL_MAX_FRAG_LEN_512;
else if( strcmp( q, "1024" ) == 0 )
opt.mfl_code = SSL_MAX_FRAG_LEN_1024;
else if( strcmp( q, "2048" ) == 0 )
opt.mfl_code = SSL_MAX_FRAG_LEN_2048;
else if( strcmp( q, "4096" ) == 0 )
opt.mfl_code = SSL_MAX_FRAG_LEN_4096;
else
goto usage;
}
else else
goto usage; goto usage;
} }
@ -569,6 +590,8 @@ int main( int argc, char *argv[] )
ssl_set_endpoint( &ssl, SSL_IS_SERVER ); ssl_set_endpoint( &ssl, SSL_IS_SERVER );
ssl_set_authmode( &ssl, opt.auth_mode ); ssl_set_authmode( &ssl, opt.auth_mode );
ssl_set_max_frag_len( &ssl, opt.mfl_code );
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_dbg( &ssl, my_debug, stdout );
@ -774,7 +797,7 @@ reset:
len = sprintf( (char *) buf, HTTP_RESPONSE, len = sprintf( (char *) buf, HTTP_RESPONSE,
ssl_get_ciphersuite( &ssl ) ); ssl_get_ciphersuite( &ssl ) );
for( written = 0; written < len; written += ret ) for( written = 0, frags = 0; written < len; written += ret, frags++ )
{ {
while( ( ret = ssl_write( &ssl, buf + written, len - written ) ) <= 0 ) while( ( ret = ssl_write( &ssl, buf + written, len - written ) ) <= 0 )
{ {
@ -793,7 +816,7 @@ reset:
} }
buf[written] = '\0'; buf[written] = '\0';
printf( " %d bytes written\n\n%s\n", written, (char *) buf ); printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf );
ret = 0; ret = 0;
goto reset; goto reset;