AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Adapt programs to the new NET API

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-06-30 15:40:39 +02:00
parent 91895853ac
commit 5db64328ab
14 changed files with 141 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
programs/pkey/dh_client.c
View File

@ -71,7 +71,7 @@ int main( void )
int ret;
size_t n, buflen;
int server_fd = -1;
mbedtls_net_context server_fd;
unsigned char *p, *end;
unsigned char buf[2048];
@ -84,7 +84,8 @@ int main( void )
mbedtls_dhm_context dhm;
mbedtls_aes_context aes;
memset( &rsa, 0, sizeof( rsa ) );
mbedtls_net_init( &server_fd );
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 );
mbedtls_dhm_init( &dhm );
mbedtls_aes_init( &aes );
mbedtls_ctr_drbg_init( &ctr_drbg );
@ -280,8 +281,7 @@ int main( void )
exit:
if( server_fd != -1 )
mbedtls_net_close( server_fd );
mbedtls_net_close( &server_fd );
mbedtls_aes_free( &aes );
mbedtls_rsa_free( &rsa );

13
programs/pkey/dh_server.c
View File

@ -71,8 +71,7 @@ int main( void )
int ret;
size_t n, buflen;
int listen_fd = -1;
int client_fd = -1;
mbedtls_net_context listen_fd, client_fd;
unsigned char buf[2048];
unsigned char hash[20];
@ -85,7 +84,9 @@ int main( void )
mbedtls_dhm_context dhm;
mbedtls_aes_context aes;
memset( &rsa, 0, sizeof( rsa ) );
mbedtls_net_init( &listen_fd );
mbedtls_net_init( &client_fd );
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 );
mbedtls_dhm_init( &dhm );
mbedtls_aes_init( &aes );
mbedtls_ctr_drbg_init( &ctr_drbg );
@ -173,7 +174,7 @@ int main( void )
goto exit;
}
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@ -282,8 +283,8 @@ int main( void )
exit:
if( client_fd != -1 )
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
mbedtls_net_close( &listen_fd );
mbedtls_aes_free( &aes );
mbedtls_rsa_free( &rsa );

7
programs/ssl/dtls_client.c
View File

@ -83,7 +83,8 @@ static void my_debug( void *ctx, int level,
int main( int argc, char *argv[] )
{
int ret, len, server_fd = -1;
int ret, len;
mbedtls_net_context server_fd;
uint32_t flags;
unsigned char buf[1024];
const char *pers = "dtls_client";
@ -106,6 +107,7 @@ int main( int argc, char *argv[] )
/*
* 0. Initialize the RNG and the session data
*/
mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
@ -324,8 +326,7 @@ exit:
}
#endif
if( server_fd != -1 )
mbedtls_net_close( server_fd );
mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_ssl_free( &ssl );

16
programs/ssl/dtls_server.c
View File

@ -92,8 +92,7 @@ static void my_debug( void *ctx, int level,
int main( void )
{
int ret, len;
int listen_fd;
int client_fd = -1;
mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "dtls_server";
unsigned char client_ip[16] = { 0 };
@ -111,6 +110,8 @@ int main( void )
mbedtls_ssl_cache_context cache;
#endif
mbedtls_net_init( &listen_fd );
mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ssl_cookie_init( &cookie_ctx );
@ -255,20 +256,17 @@ reset:
}
#endif
if( client_fd != -1 )
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
client_fd = -1;
printf( " . Waiting for a remote connection ..." );
fflush( stdout );
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
{
printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@ -403,8 +401,8 @@ exit:
}
#endif
if( client_fd != -1 )
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );

14
programs/ssl/mini_client.c
View File

@ -32,6 +32,10 @@
* NET module, in order to avoid the overhead of getaddrinfo() which tends to
* dominate memory usage in small configurations. For the sake of simplicity,
* only a Unix version is implemented.
*
* Warning: we are breaking some of the abtractions from the NET layer here.
* This is not a good example for general use. This programs has the specific
* goal of minimizing use of the libc functions on full-blown OSes.
*/
#if defined(unix) || defined(__unix__) || defined(__unix)
#define UNIX
@ -160,7 +164,7 @@ enum exit_codes
int main( void )
{
int ret = exit_ok;
int server_fd = -1;
mbedtls_net_context server_fd;
struct sockaddr_in addr;
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt ca;
@ -175,6 +179,7 @@ int main( void )
/*
* 0. Initialize and setup stuff
*/
mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@ -241,13 +246,13 @@ int main( void )
addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE;
ret = 0;
if( ( server_fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
{
ret = socket_failed;
goto exit;
}
if( connect( server_fd,
if( connect( server_fd.fd,
(const struct sockaddr *) &addr, sizeof( addr ) ) < 0 )
{
ret = connect_failed;
@ -275,8 +280,7 @@ int main( void )
mbedtls_ssl_close_notify( &ssl );
exit:
if( server_fd != -1 )
mbedtls_net_close( server_fd );
mbedtls_net_close( &server_fd );
mbedtls_ssl_free( &ssl );
mbedtls_ssl_config_free( &conf );

7
programs/ssl/ssl_client1.c
View File

@ -78,7 +78,8 @@ static void my_debug( void *ctx, int level,
int main( void )
{
int ret, len, server_fd = -1;
int ret, len;
mbedtls_net_context server_fd;
uint32_t flags;
unsigned char buf[1024];
const char *pers = "ssl_client1";
@ -96,6 +97,7 @@ int main( void )
/*
* 0. Initialize the RNG and the session data
*/
mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_x509_crt_init( &cacert );
@ -288,8 +290,7 @@ exit:
}
#endif
if( server_fd != -1 )
mbedtls_net_close( server_fd );
mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_ssl_free( &ssl );

18
programs/ssl/ssl_client2.c
View File

@ -386,7 +386,8 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *fl
int main( int argc, char *argv[] )
{
int ret = 0, len, tail_len, server_fd, i, written, frags, retry_left;
int ret = 0, len, tail_len, i, written, frags, retry_left;
mbedtls_net_context server_fd;
unsigned char buf[MBEDTLS_SSL_MAX_CONTENT_LEN + 1];
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
unsigned char psk[MBEDTLS_PSK_MAX_LEN];
@ -417,7 +418,7 @@ int main( int argc, char *argv[] )
/*
* Make sure memory references are valid.
*/
server_fd = 0;
mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) );
@ -1038,9 +1039,9 @@ int main( int argc, char *argv[] )
}
if( opt.nbio > 0 )
ret = mbedtls_net_set_nonblock( server_fd );
ret = mbedtls_net_set_nonblock( &server_fd );
else
ret = mbedtls_net_set_block( server_fd );
ret = mbedtls_net_set_block( &server_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret );
@ -1502,7 +1503,7 @@ reconnect:
{
--opt.reconnect;
mbedtls_net_close( server_fd );
mbedtls_net_close( &server_fd );
#if defined(MBEDTLS_TIMING_C)
if( opt.reco_delay > 0 )
@ -1533,9 +1534,9 @@ reconnect:
}
if( opt.nbio > 0 )
ret = mbedtls_net_set_nonblock( server_fd );
ret = mbedtls_net_set_nonblock( &server_fd );
else
ret = mbedtls_net_set_block( server_fd );
ret = mbedtls_net_set_block( &server_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n",
@ -1571,8 +1572,7 @@ exit:
}
#endif
if( server_fd )
mbedtls_net_close( server_fd );
mbedtls_net_close( &server_fd );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_free( &clicert );

20
programs/ssl/ssl_fork_server.c
View File

@ -96,8 +96,7 @@ static void my_debug( void *ctx, int level,
int main( void )
{
int ret, len, cnt = 0, pid;
int listen_fd;
int client_fd = -1;
mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "ssl_fork_server";
@ -108,6 +107,8 @@ int main( void )
mbedtls_x509_crt srvcert;
mbedtls_pk_context pkey;
mbedtls_net_init( &listen_fd );
mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_entropy_init( &entropy );
@ -216,13 +217,13 @@ int main( void )
/*
* 3. Wait until a client connects
*/
client_fd = -1;
memset( &ssl, 0, sizeof( ssl ) );
mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@ -258,11 +259,11 @@ int main( void )
goto exit;
}
close( client_fd );
mbedtls_net_close( &client_fd );
continue;
}
close( listen_fd );
mbedtls_net_close( &listen_fd );
/*
* 4. Setup stuff
@ -384,9 +385,8 @@ int main( void )
}
exit:
if( client_fd != -1 )
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );

22
programs/ssl/ssl_mail_client.c
View File

@ -66,8 +66,6 @@ int main( void )
#include <unistd.h>
#else
#include <io.h>
#define read _read
#define write _write
#endif
#if defined(_WIN32) || defined(_WIN32_WCE)
@ -294,7 +292,7 @@ static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *
while( 1 );
}
static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len )
{
int ret;
unsigned char data[128];
@ -302,7 +300,7 @@ static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
size_t i, idx = 0;
mbedtls_printf("\n%s", buf);
if( len && ( ret = write( sock_fd, buf, len ) ) <= 0 )
if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret );
return -1;
@ -312,7 +310,7 @@ static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
{
len = sizeof( data ) - 1;
memset( data, 0, sizeof( data ) );
ret = read( sock_fd, data, len );
ret = mbedtls_net_recv( sock_fd, data, len );
if( ret <= 0 )
{
@ -346,7 +344,8 @@ static int write_and_get_response( int sock_fd, unsigned char *buf, size_t len )
int main( int argc, char *argv[] )
{
int ret = 0, len, server_fd;
int ret = 0, len;
mbedtls_net_context server_fd;
unsigned char buf[1024];
#if defined(MBEDTLS_BASE64_C)
unsigned char base[1024];
@ -369,7 +368,7 @@ int main( int argc, char *argv[] )
/*
* Make sure memory references are valid in case we exit early.
*/
server_fd = 0;
mbedtls_net_init( &server_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
memset( &buf, 0, sizeof( buf ) );
@ -658,7 +657,7 @@ int main( int argc, char *argv[] )
mbedtls_printf( " > Get header from server:" );
fflush( stdout );
ret = write_and_get_response( server_fd, buf, 0 );
ret = write_and_get_response( &server_fd, buf, 0 );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@ -672,7 +671,7 @@ int main( int argc, char *argv[] )
gethostname( hostname, 32 );
len = sprintf( (char *) buf, "EHLO %s\r\n", hostname );
ret = write_and_get_response( server_fd, buf, len );
ret = write_and_get_response( &server_fd, buf, len );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@ -686,7 +685,7 @@ int main( int argc, char *argv[] )
gethostname( hostname, 32 );
len = sprintf( (char *) buf, "STARTTLS\r\n" );
ret = write_and_get_response( server_fd, buf, len );
ret = write_and_get_response( &server_fd, buf, len );
if( ret < 200 || ret > 299 )
{
mbedtls_printf( " failed\n ! server responded with %d\n\n", ret );
@ -820,8 +819,7 @@ int main( int argc, char *argv[] )
exit:
if( server_fd )
mbedtls_net_close( server_fd );
mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &clicert );
mbedtls_x509_crt_free( &cacert );
mbedtls_pk_free( &pkey );

30
programs/ssl/ssl_pthread_server.c
View File

@ -106,7 +106,7 @@ static void my_mutexed_debug( void *ctx, int level,
}
typedef struct {
int client_fd;
mbedtls_net_context client_fd;
int thread_complete;
const mbedtls_ssl_config *config;
} thread_info_t;
@ -124,7 +124,7 @@ static void *handle_ssl_connection( void *data )
{
int ret, len;
thread_info_t *thread_info = (thread_info_t *) data;
int client_fd = thread_info->client_fd;
mbedtls_net_context *client_fd = &thread_info->client_fd;
long int thread_id = (long int) pthread_self();
unsigned char buf[1024];
mbedtls_ssl_context ssl;
@ -132,7 +132,7 @@ static void *handle_ssl_connection( void *data )
/* Make sure memory references are valid */
mbedtls_ssl_init( &ssl );
mbedtls_printf( " [ #%ld ] Client FD %d\n", thread_id, client_fd );
mbedtls_printf( " [ #%ld ] Setting up SSL/TLS data\n", thread_id );
/*
* 4. Get the SSL context ready
@ -144,7 +144,7 @@ static void *handle_ssl_connection( void *data )
goto thread_exit;
}
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
mbedtls_ssl_set_bio( &ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
/*
* 5. Handshake
@ -273,7 +273,7 @@ thread_exit:
return( NULL );
}
static int thread_create( int client_fd )
static int thread_create( mbedtls_net_context *client_fd )
{
int ret, i;
@ -302,9 +302,10 @@ static int thread_create( int client_fd )
*/
memcpy( &threads[i].data, &base_info, sizeof(base_info) );
threads[i].active = 1;
threads[i].data.client_fd = client_fd;
memcpy( &threads[i].data.client_fd, client_fd, sizeof( mbedtls_net_context ) );
if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection, &threads[i].data ) ) != 0 )
if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection,
&threads[i].data ) ) != 0 )
{
return( ret );
}
@ -315,8 +316,7 @@ static int thread_create( int client_fd )
int main( void )
{
int ret;
int listen_fd;
int client_fd = -1;
mbedtls_net_context listen_fd, client_fd;
const char pers[] = "ssl_pthread_server";
mbedtls_entropy_context entropy;
@ -346,6 +346,8 @@ int main( void )
mbedtls_ssl_config_init( &conf );
mbedtls_ctr_drbg_init( &ctr_drbg );
memset( threads, 0, sizeof(threads) );
mbedtls_net_init( &listen_fd );
mbedtls_net_init( &client_fd );
mbedtls_mutex_init( &debug_mutex );
@ -474,11 +476,9 @@ reset:
/*
* 3. Wait until a client connects
*/
client_fd = -1;
mbedtls_printf( " [ main ] Waiting for a remote connection\n" );
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret );
@ -488,10 +488,10 @@ reset:
mbedtls_printf( " [ main ] ok\n" );
mbedtls_printf( " [ main ] Creating a new thread\n" );
if( ( ret = thread_create( client_fd ) ) != 0 )
if( ( ret = thread_create( &client_fd ) ) != 0 )
{
mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret );
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
goto reset;
}
@ -508,6 +508,8 @@ exit:
mbedtls_entropy_free( &entropy );
mbedtls_ssl_config_free( &conf );
mbedtls_net_free( &listen_fd );
mbedtls_mutex_free( &debug_mutex );
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)

16
programs/ssl/ssl_server.c
View File

@ -91,8 +91,7 @@ static void my_debug( void *ctx, int level,
int main( void )
{
int ret, len;
int listen_fd;
int client_fd = -1;
mbedtls_net_context listen_fd, client_fd;
unsigned char buf[1024];
const char *pers = "ssl_server";
@ -106,6 +105,8 @@ int main( void )
mbedtls_ssl_cache_context cache;
#endif
mbedtls_net_init( &listen_fd );
mbedtls_net_init( &client_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_SSL_CACHE_C)
@ -236,20 +237,17 @@ reset:
}
#endif
if( client_fd != -1 )
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
client_fd = -1;
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@ -375,8 +373,8 @@ exit:
}
#endif
if( client_fd != -1 )
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
mbedtls_net_close( &listen_fd );
mbedtls_x509_crt_free( &srvcert );
mbedtls_pk_free( &pkey );

24
programs/ssl/ssl_server2.c
View File

@ -746,7 +746,7 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
static int listen_fd, client_fd = -1;
static mbedtls_net_context listen_fd, client_fd;
/* Interruption handler to ensure clean exit (for valgrind testing) */
#if !defined(_WIN32)
@ -755,8 +755,8 @@ void term_handler( int sig )
{
((void) sig);
received_sigterm = 1;
mbedtls_net_close( listen_fd ); /* causes mbedtls_net_accept() to abort */
mbedtls_net_close( client_fd ); /* causes net_read() to abort */
mbedtls_net_close( &listen_fd ); /* causes mbedtls_net_accept() to abort */
mbedtls_net_close( &client_fd ); /* causes net_read() to abort */
}
#endif
@ -826,7 +826,8 @@ int main( int argc, char *argv[] )
/*
* Make sure memory references are valid in case we exit early.
*/
listen_fd = 0;
mbedtls_net_init( &client_fd );
mbedtls_net_init( &listen_fd );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
mbedtls_ctr_drbg_init( &ctr_drbg );
@ -1842,20 +1843,17 @@ reset:
}
#endif
if( client_fd != -1 )
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
mbedtls_ssl_session_reset( &ssl );
/*
* 3. Wait until a client connects
*/
client_fd = -1;
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 )
{
#if !defined(_WIN32)
@ -1872,9 +1870,9 @@ reset:
}
if( opt.nbio > 0 )
ret = mbedtls_net_set_nonblock( client_fd );
ret = mbedtls_net_set_nonblock( &client_fd );
else
ret = mbedtls_net_set_block( client_fd );
ret = mbedtls_net_set_block( &client_fd );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret );
@ -2254,8 +2252,8 @@ exit:
mbedtls_printf( " . Cleaning up..." );
fflush( stdout );
if( client_fd != -1 )
mbedtls_net_close( client_fd );
mbedtls_net_close( &client_fd );
mbedtls_net_close( &listen_fd );
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
mbedtls_dhm_free( &dhm );

70
programs/test/udp_proxy.c
View File

@ -20,6 +20,12 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* Warning: this is an internal utility program we use for tests.
* It does break some abstractions from the NET layer, and is thus NOT an
* example of good general usage.
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
@ -284,7 +290,7 @@ static unsigned long ellapsed_time( void )
typedef struct
{
int dst;
mbedtls_net_context *dst;
const char *way;
const char *type;
unsigned len;
@ -306,7 +312,7 @@ void print_packet( const packet *p, const char *why )
int send_packet( const packet *p, const char *why )
{
int ret;
int dst = p->dst;
mbedtls_net_context *dst = p->dst;
/* insert corrupted ApplicationData record? */
if( opt.bad_ad &&
@ -317,7 +323,7 @@ int send_packet( const packet *p, const char *why )
++buf[p->len - 1];
print_packet( p, "corrupted" );
if( ( ret = mbedtls_net_send( &dst, buf, p->len ) ) <= 0 )
if( ( ret = mbedtls_net_send( dst, buf, p->len ) ) <= 0 )
{
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
return( ret );
@ -325,7 +331,7 @@ int send_packet( const packet *p, const char *why )
}
print_packet( p, why );
if( ( ret = mbedtls_net_send( &dst, p->buf, p->len ) ) <= 0 )
if( ( ret = mbedtls_net_send( dst, p->buf, p->len ) ) <= 0 )
{
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
return( ret );
@ -338,7 +344,7 @@ int send_packet( const packet *p, const char *why )
{
print_packet( p, "duplicated" );
if( ( ret = mbedtls_net_send( &dst, p->buf, p->len ) ) <= 0 )
if( ( ret = mbedtls_net_send( dst, p->buf, p->len ) ) <= 0 )
{
mbedtls_printf( " ! mbedtls_net_send returned %d\n", ret );
return( ret );
@ -392,14 +398,16 @@ void update_dropped( const packet *p )
}
}
int handle_message( const char *way, int dst, int src )
int handle_message( const char *way,
mbedtls_net_context *dst,
mbedtls_net_context *src )
{
int ret;
packet cur;
size_t id;
/* receive packet */
if( ( ret = mbedtls_net_recv( &src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
{
mbedtls_printf( " ! mbedtls_net_recv returned %d\n", ret );
return( ret );
@ -432,7 +440,7 @@ int handle_message( const char *way, int dst, int src )
strcmp( cur.type, "ApplicationData" ) != 0 &&
! ( opt.protect_hvr &&
strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
prev.dst == 0 &&
prev.dst == NULL &&
cur.len != (size_t) opt.protect_len &&
dropped[id] < DROP_MAX &&
rand() % opt.delay == 0 ) )
@ -446,7 +454,7 @@ int handle_message( const char *way, int dst, int src )
return( ret );
/* send previously delayed message if any */
if( prev.dst != 0 )
if( prev.dst != NULL )
{
ret = send_packet( &prev, "delayed" );
memset( &prev, 0, sizeof( packet ) );
@ -462,13 +470,15 @@ int main( int argc, char *argv[] )
{
int ret;
int listen_fd = -1;
int client_fd = -1;
int server_fd = -1;
mbedtls_net_context listen_fd, client_fd, server_fd;
int nb_fds;
fd_set read_fds;
mbedtls_net_init( &listen_fd );
mbedtls_net_init( &client_fd );
mbedtls_net_init( &server_fd );
get_options( argc, argv );
/*
@ -526,7 +536,7 @@ accept:
mbedtls_printf( " . Waiting for a remote connection ..." );
fflush( stdout );
if( ( ret = mbedtls_net_accept( listen_fd, &client_fd,
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
NULL, 0, NULL ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
@ -555,19 +565,19 @@ accept:
clear_pending();
memset( dropped, 0, sizeof( dropped ) );
nb_fds = client_fd;
if( nb_fds < server_fd )
nb_fds = server_fd;
if( nb_fds < listen_fd )
nb_fds = listen_fd;
nb_fds = client_fd.fd;
if( nb_fds < server_fd.fd )
nb_fds = server_fd.fd;
if( nb_fds < listen_fd.fd )
nb_fds = listen_fd.fd;
++nb_fds;
while( 1 )
{
FD_ZERO( &read_fds );
FD_SET( server_fd, &read_fds );
FD_SET( client_fd, &read_fds );
FD_SET( listen_fd, &read_fds );
FD_SET( server_fd.fd, &read_fds );
FD_SET( client_fd.fd, &read_fds );
FD_SET( listen_fd.fd, &read_fds );
if( ( ret = select( nb_fds, &read_fds, NULL, NULL, NULL ) ) <= 0 )
{
@ -575,20 +585,20 @@ accept:
goto exit;
}
if( FD_ISSET( listen_fd, &read_fds ) )
if( FD_ISSET( listen_fd.fd, &read_fds ) )
goto accept;
if( FD_ISSET( client_fd, &read_fds ) )
if( FD_ISSET( client_fd.fd, &read_fds ) )
{
if( ( ret = handle_message( "S <- C",
server_fd, client_fd ) ) != 0 )
&server_fd, &client_fd ) ) != 0 )
goto accept;
}
if( FD_ISSET( server_fd, &read_fds ) )
if( FD_ISSET( server_fd.fd, &read_fds ) )
{
if( ( ret = handle_message( "S -> C",
client_fd, server_fd ) ) != 0 )
&client_fd, &server_fd ) ) != 0 )
goto accept;
}
}
@ -605,11 +615,9 @@ exit:
}
#endif
if( client_fd != -1 )
mbedtls_net_close( client_fd );
if( listen_fd != -1 )
mbedtls_net_close( listen_fd );
mbedtls_net_close( &client_fd );
mbedtls_net_close( &server_fd );
mbedtls_net_close( &listen_fd );
#if defined(_WIN32)
mbedtls_printf( " Press Enter to exit this program.\n" );

8
programs/x509/cert_app.c
View File

@ -142,7 +142,8 @@ static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *fl
int main( int argc, char *argv[] )
{
int ret = 0, server_fd;
int ret = 0;
mbedtls_net_context server_fd;
unsigned char buf[1024];
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
@ -161,7 +162,7 @@ int main( int argc, char *argv[] )
/*
* Set to sane values
*/
server_fd = 0;
mbedtls_net_init( &server_fd );
mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
@ -474,8 +475,7 @@ ssl_exit:
exit:
if( server_fd )
mbedtls_net_close( server_fd );
mbedtls_net_close( &server_fd );
mbedtls_x509_crt_free( &cacert );
mbedtls_x509_crt_free( &clicert );
#if defined(MBEDTLS_X509_CRL_PARSE_C)