2 * UDP proxy: emulate an unreliable UDP connexion for DTLS testing
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * This file is part of mbed TLS (https://tls.mbed.org)
23 * Warning: this is an internal utility program we use for tests.
24 * It does break some abstractions from the NET layer, and is thus NOT an
25 * example of good general usage.
28 #if !defined(MBEDTLS_CONFIG_FILE)
29 #include "mbedtls/config.h"
31 #include MBEDTLS_CONFIG_FILE
34 #if defined(MBEDTLS_PLATFORM_C)
35 #include "mbedtls/platform.h"
40 #define mbedtls_time time
41 #define mbedtls_time_t time_t
42 #define mbedtls_printf printf
43 #define mbedtls_calloc calloc
44 #define mbedtls_free free
45 #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
46 #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
47 #endif /* MBEDTLS_PLATFORM_C */
49 #if !defined(MBEDTLS_NET_C)
52 mbedtls_printf( "MBEDTLS_NET_C not defined.\n" );
57 #include "mbedtls/net_sockets.h"
58 #include "mbedtls/error.h"
59 #include "mbedtls/ssl.h"
60 #include "mbedtls/timing.h"
65 #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
70 #if defined(_WIN32_WCE)
71 #pragma comment( lib, "ws2.lib" )
73 #pragma comment( lib, "ws2_32.lib" )
76 #else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
78 #include <sys/types.h>
80 #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
82 #define MAX_MSG_SIZE 16384 + 2048 /* max record/datagram size */
84 #define DFL_SERVER_ADDR "localhost"
85 #define DFL_SERVER_PORT "4433"
86 #define DFL_LISTEN_ADDR "localhost"
87 #define DFL_LISTEN_PORT "5556"
90 #if defined(MBEDTLS_TIMING_C)
92 " pack=%%d default: 0 (don't pack)\n" \
93 " options: t > 0 (pack for t milliseconds)\n"
99 "\n usage: udp_proxy param=<>...\n" \
100 "\n acceptable parameters:\n" \
101 " server_addr=%%s default: localhost\n" \
102 " server_port=%%d default: 4433\n" \
103 " listen_addr=%%s default: localhost\n" \
104 " listen_port=%%d default: 4433\n" \
106 " duplicate=%%d default: 0 (no duplication)\n" \
107 " duplicate about 1:N packets randomly\n" \
108 " delay=%%d default: 0 (no delayed packets)\n" \
109 " delay about 1:N packets randomly\n" \
110 " delay_ccs=0/1 default: 0 (don't delay ChangeCipherSpec)\n" \
111 " delay_cli=%%s Handshake message from client that should be\n"\
112 " delayed. Possible values are 'ClientHello',\n" \
113 " 'Certificate', 'CertificateVerify', and\n" \
114 " 'ClientKeyExchange'.\n" \
115 " May be used multiple times, even for the same\n"\
116 " message, in which case the respective message\n"\
117 " gets delayed multiple times.\n" \
118 " delay_srv=%%s Handshake message from server that should be\n"\
119 " delayed. Possible values are 'HelloRequest',\n"\
120 " 'ServerHello', 'ServerHelloDone', 'Certificate'\n"\
121 " 'ServerKeyExchange', 'NewSessionTicket',\n"\
122 " 'HelloVerifyRequest' and ''CertificateRequest'.\n"\
123 " May be used multiple times, even for the same\n"\
124 " message, in which case the respective message\n"\
125 " gets delayed multiple times.\n" \
126 " drop=%%d default: 0 (no dropped packets)\n" \
127 " drop about 1:N packets randomly\n" \
128 " mtu=%%d default: 0 (unlimited)\n" \
129 " drop packets larger than N bytes\n" \
130 " bad_ad=0/1 default: 0 (don't add bad ApplicationData)\n" \
131 " bad_cid=%%d default: 0 (don't corrupt Connection IDs)\n" \
132 " duplicate 1:N packets containing a CID,\n" \
133 " modifying CID in first instance of the packet.\n" \
134 " protect_hvr=0/1 default: 0 (don't protect HelloVerifyRequest)\n" \
135 " protect_len=%%d default: (don't protect packets of this size)\n" \
137 " seed=%%d default: (use current time)\n" \
145 #define MAX_DELAYED_HS 10
147 static struct options
149 const char *server_addr; /* address to forward packets to */
150 const char *server_port; /* port to forward packets to */
151 const char *listen_addr; /* address for accepting client connections */
152 const char *listen_port; /* port for accepting client connections */
154 int duplicate; /* duplicate 1 in N packets (none if 0) */
155 int delay; /* delay 1 packet in N (none if 0) */
156 int delay_ccs; /* delay ChangeCipherSpec */
157 char* delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from
158 * client that should be delayed. */
159 uint8_t delay_cli_cnt; /* Number of entries in delay_cli. */
160 char* delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from
161 * server that should be delayed. */
162 uint8_t delay_srv_cnt; /* Number of entries in delay_srv. */
163 int drop; /* drop 1 packet in N (none if 0) */
164 int mtu; /* drop packets larger than this */
165 int bad_ad; /* inject corrupted ApplicationData record */
166 unsigned bad_cid; /* inject corrupted CID record */
167 int protect_hvr; /* never drop or delay HelloVerifyRequest */
168 int protect_len; /* never drop/delay packet of the given size*/
169 unsigned pack; /* merge packets into single datagram for
170 * at most \c merge milliseconds if > 0 */
171 unsigned int seed; /* seed for "random" events */
174 static void exit_usage( const char *name, const char *value )
177 mbedtls_printf( " unknown option or missing value: %s\n", name );
179 mbedtls_printf( " option %s: illegal value: %s\n", name, value );
181 mbedtls_printf( USAGE );
185 static void get_options( int argc, char *argv[] )
190 opt.server_addr = DFL_SERVER_ADDR;
191 opt.server_port = DFL_SERVER_PORT;
192 opt.listen_addr = DFL_LISTEN_ADDR;
193 opt.listen_port = DFL_LISTEN_PORT;
195 /* Other members default to 0 */
197 opt.delay_cli_cnt = 0;
198 opt.delay_srv_cnt = 0;
199 memset( opt.delay_cli, 0, sizeof( opt.delay_cli ) );
200 memset( opt.delay_srv, 0, sizeof( opt.delay_srv ) );
202 for( i = 1; i < argc; i++ )
205 if( ( q = strchr( p, '=' ) ) == NULL )
206 exit_usage( p, NULL );
209 if( strcmp( p, "server_addr" ) == 0 )
211 else if( strcmp( p, "server_port" ) == 0 )
213 else if( strcmp( p, "listen_addr" ) == 0 )
215 else if( strcmp( p, "listen_port" ) == 0 )
217 else if( strcmp( p, "duplicate" ) == 0 )
219 opt.duplicate = atoi( q );
220 if( opt.duplicate < 0 || opt.duplicate > 20 )
223 else if( strcmp( p, "delay" ) == 0 )
225 opt.delay = atoi( q );
226 if( opt.delay < 0 || opt.delay > 20 || opt.delay == 1 )
229 else if( strcmp( p, "delay_ccs" ) == 0 )
231 opt.delay_ccs = atoi( q );
232 if( opt.delay_ccs < 0 || opt.delay_ccs > 1 )
235 else if( strcmp( p, "delay_cli" ) == 0 ||
236 strcmp( p, "delay_srv" ) == 0 )
243 if( strcmp( p, "delay_cli" ) == 0 )
245 delay_cnt = &opt.delay_cli_cnt;
246 delay_list = opt.delay_cli;
250 delay_cnt = &opt.delay_srv_cnt;
251 delay_list = opt.delay_srv;
254 if( *delay_cnt == MAX_DELAYED_HS )
256 mbedtls_printf( " too many uses of %s: only %d allowed\n",
258 exit_usage( p, NULL );
262 buf = mbedtls_calloc( 1, len + 1 );
265 mbedtls_printf( " Allocation failure\n" );
268 memcpy( buf, q, len + 1 );
270 delay_list[ (*delay_cnt)++ ] = buf;
272 else if( strcmp( p, "drop" ) == 0 )
274 opt.drop = atoi( q );
275 if( opt.drop < 0 || opt.drop > 20 || opt.drop == 1 )
278 else if( strcmp( p, "pack" ) == 0 )
280 #if defined(MBEDTLS_TIMING_C)
281 opt.pack = (unsigned) atoi( q );
283 mbedtls_printf( " option pack only defined if MBEDTLS_TIMING_C is enabled\n" );
287 else if( strcmp( p, "mtu" ) == 0 )
290 if( opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE )
293 else if( strcmp( p, "bad_ad" ) == 0 )
295 opt.bad_ad = atoi( q );
296 if( opt.bad_ad < 0 || opt.bad_ad > 1 )
299 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
300 else if( strcmp( p, "bad_cid" ) == 0 )
302 opt.bad_cid = (unsigned) atoi( q );
304 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
305 else if( strcmp( p, "protect_hvr" ) == 0 )
307 opt.protect_hvr = atoi( q );
308 if( opt.protect_hvr < 0 || opt.protect_hvr > 1 )
311 else if( strcmp( p, "protect_len" ) == 0 )
313 opt.protect_len = atoi( q );
314 if( opt.protect_len < 0 )
317 else if( strcmp( p, "seed" ) == 0 )
319 opt.seed = atoi( q );
324 exit_usage( p, NULL );
328 static const char *msg_type( unsigned char *msg, size_t len )
330 if( len < 1 ) return( "Invalid" );
333 case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: return( "ChangeCipherSpec" );
334 case MBEDTLS_SSL_MSG_ALERT: return( "Alert" );
335 case MBEDTLS_SSL_MSG_APPLICATION_DATA: return( "ApplicationData" );
336 case MBEDTLS_SSL_MSG_CID: return( "CID" );
337 case MBEDTLS_SSL_MSG_HANDSHAKE: break; /* See below */
338 default: return( "Unknown" );
341 if( len < 13 + 12 ) return( "Invalid handshake" );
344 * Our handshake message are less than 2^16 bytes long, so they should
345 * have 0 as the first byte of length, frag_offset and frag_length.
346 * Otherwise, assume they are encrypted.
348 if( msg[14] || msg[19] || msg[22] ) return( "Encrypted handshake" );
352 case MBEDTLS_SSL_HS_HELLO_REQUEST: return( "HelloRequest" );
353 case MBEDTLS_SSL_HS_CLIENT_HELLO: return( "ClientHello" );
354 case MBEDTLS_SSL_HS_SERVER_HELLO: return( "ServerHello" );
355 case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST: return( "HelloVerifyRequest" );
356 case MBEDTLS_SSL_HS_NEW_SESSION_TICKET: return( "NewSessionTicket" );
357 case MBEDTLS_SSL_HS_CERTIFICATE: return( "Certificate" );
358 case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: return( "ServerKeyExchange" );
359 case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return( "CertificateRequest" );
360 case MBEDTLS_SSL_HS_SERVER_HELLO_DONE: return( "ServerHelloDone" );
361 case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: return( "CertificateVerify" );
362 case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: return( "ClientKeyExchange" );
363 case MBEDTLS_SSL_HS_FINISHED: return( "Finished" );
364 default: return( "Unknown handshake" );
368 #if defined(MBEDTLS_TIMING_C)
369 /* Return elapsed time in milliseconds since the first call */
370 static unsigned ellapsed_time( void )
372 static int initialized = 0;
373 static struct mbedtls_timing_hr_time hires;
375 if( initialized == 0 )
377 (void) mbedtls_timing_get_timer( &hires, 1 );
382 return( mbedtls_timing_get_timer( &hires, 0 ) );
387 mbedtls_net_context *ctx;
389 const char *description;
391 unsigned packet_lifetime;
392 unsigned num_datagrams;
394 unsigned char data[MAX_MSG_SIZE];
399 static ctx_buffer outbuf[2];
401 static int ctx_buffer_flush( ctx_buffer *buf )
405 mbedtls_printf( " %05u flush %s: %u bytes, %u datagrams, last %u ms\n",
406 ellapsed_time(), buf->description,
407 (unsigned) buf->len, buf->num_datagrams,
408 ellapsed_time() - buf->packet_lifetime );
410 ret = mbedtls_net_send( buf->ctx, buf->data, buf->len );
413 buf->num_datagrams = 0;
418 static unsigned ctx_buffer_time_remaining( ctx_buffer *buf )
420 unsigned const cur_time = ellapsed_time();
422 if( buf->num_datagrams == 0 )
423 return( (unsigned) -1 );
425 if( cur_time - buf->packet_lifetime >= opt.pack )
428 return( opt.pack - ( cur_time - buf->packet_lifetime ) );
431 static int ctx_buffer_append( ctx_buffer *buf,
432 const unsigned char * data,
437 if( len > (size_t) INT_MAX )
440 if( len > sizeof( buf->data ) )
442 mbedtls_printf( " ! buffer size %u too large (max %u)\n",
443 (unsigned) len, (unsigned) sizeof( buf->data ) );
447 if( sizeof( buf->data ) - buf->len < len )
449 if( ( ret = ctx_buffer_flush( buf ) ) <= 0 )
451 mbedtls_printf( "ctx_buffer_flush failed with -%#04x", -ret );
456 memcpy( buf->data + buf->len, data, len );
459 if( ++buf->num_datagrams == 1 )
460 buf->packet_lifetime = ellapsed_time();
464 #endif /* MBEDTLS_TIMING_C */
466 static int dispatch_data( mbedtls_net_context *ctx,
467 const unsigned char * data,
471 #if defined(MBEDTLS_TIMING_C)
472 ctx_buffer *buf = NULL;
475 if( outbuf[0].ctx == ctx )
477 else if( outbuf[1].ctx == ctx )
483 return( ctx_buffer_append( buf, data, len ) );
485 #endif /* MBEDTLS_TIMING_C */
487 ret = mbedtls_net_send( ctx, data, len );
490 mbedtls_printf( "net_send returned -%#04x\n", -ret );
497 mbedtls_net_context *dst;
501 unsigned char buf[MAX_MSG_SIZE];
504 /* Print packet. Outgoing packets come with a reason (forward, dupl, etc.) */
505 void print_packet( const packet *p, const char *why )
507 #if defined(MBEDTLS_TIMING_C)
509 mbedtls_printf( " %05u dispatch %s %s (%u bytes)\n",
510 ellapsed_time(), p->way, p->type, p->len );
512 mbedtls_printf( " %05u dispatch %s %s (%u bytes): %s\n",
513 ellapsed_time(), p->way, p->type, p->len, why );
516 mbedtls_printf( " dispatch %s %s (%u bytes)\n",
517 p->way, p->type, p->len );
519 mbedtls_printf( " dispatch %s %s (%u bytes): %s\n",
520 p->way, p->type, p->len, why );
526 int send_packet( const packet *p, const char *why )
529 mbedtls_net_context *dst = p->dst;
531 /* insert corrupted CID record? */
532 if( opt.bad_cid != 0 &&
533 strcmp( p->type, "CID" ) == 0 &&
534 ( rand() % opt.bad_cid ) == 0 )
536 unsigned char buf[MAX_MSG_SIZE];
537 memcpy( buf, p->buf, p->len );
539 /* The CID resides at offset 11 in the DTLS record header. */
541 print_packet( p, "modified CID" );
543 if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 )
545 mbedtls_printf( " ! dispatch returned %d\n", ret );
550 /* insert corrupted ApplicationData record? */
552 strcmp( p->type, "ApplicationData" ) == 0 )
554 unsigned char buf[MAX_MSG_SIZE];
555 memcpy( buf, p->buf, p->len );
559 mbedtls_printf( " ! can't corrupt empty AD record" );
564 print_packet( p, "corrupted" );
567 if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 )
569 mbedtls_printf( " ! dispatch returned %d\n", ret );
574 print_packet( p, why );
575 if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 )
577 mbedtls_printf( " ! dispatch returned %d\n", ret );
581 /* Don't duplicate Application Data, only handshake covered */
582 if( opt.duplicate != 0 &&
583 strcmp( p->type, "ApplicationData" ) != 0 &&
584 rand() % opt.duplicate == 0 )
586 print_packet( p, "duplicated" );
588 if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 )
590 mbedtls_printf( " ! dispatch returned %d\n", ret );
598 #define MAX_DELAYED_MSG 5
599 static size_t prev_len;
600 static packet prev[MAX_DELAYED_MSG];
602 void clear_pending( void )
604 memset( &prev, 0, sizeof( prev ) );
608 void delay_packet( packet *delay )
610 if( prev_len == MAX_DELAYED_MSG )
613 memcpy( &prev[prev_len++], delay, sizeof( packet ) );
620 for( offset = 0; offset < prev_len; offset++ )
622 ret = send_packet( &prev[offset], "delayed" );
632 * Avoid dropping or delaying a packet that was already dropped twice: this
633 * only results in uninteresting timeouts. We can't rely on type to identify
634 * packets, since during renegotiation they're all encrypted. So, rely on
635 * size mod 2048 (which is usually just size).
637 static unsigned char dropped[2048] = { 0 };
641 * OpenSSL groups packets in a datagram the first time it sends them, but not
642 * when it resends them. Count every record as seen the first time.
644 void update_dropped( const packet *p )
646 size_t id = p->len % sizeof( dropped );
647 const unsigned char *end = p->buf + p->len;
648 const unsigned char *cur = p->buf;
649 size_t len = ( ( cur[11] << 8 ) | cur[12] ) + 13;
653 /* Avoid counting single record twice */
659 len = ( ( cur[11] << 8 ) | cur[12] ) + 13;
661 id = len % sizeof( dropped );
668 int handle_message( const char *way,
669 mbedtls_net_context *dst,
670 mbedtls_net_context *src )
678 uint8_t delay_list_len;
681 if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 )
683 mbedtls_printf( " ! mbedtls_net_recv returned %d\n", ret );
688 cur.type = msg_type( cur.buf, cur.len );
691 print_packet( &cur, NULL );
693 id = cur.len % sizeof( dropped );
695 if( strcmp( way, "S <- C" ) == 0 )
697 delay_list = opt.delay_cli;
698 delay_list_len = opt.delay_cli_cnt;
702 delay_list = opt.delay_srv;
703 delay_list_len = opt.delay_srv_cnt;
706 /* Check if message type is in the list of messages
707 * that should be delayed */
708 for( delay_idx = 0; delay_idx < delay_list_len; delay_idx++ )
710 if( delay_list[ delay_idx ] == NULL )
713 if( strcmp( delay_list[ delay_idx ], cur.type ) == 0 )
716 delay_packet( &cur );
718 /* Remove entry from list */
719 mbedtls_free( delay_list[delay_idx] );
720 delay_list[delay_idx] = NULL;
726 /* do we want to drop, delay, or forward it? */
727 if( ( opt.mtu != 0 &&
728 cur.len > (unsigned) opt.mtu ) ||
730 strcmp( cur.type, "CID" ) != 0 &&
731 strcmp( cur.type, "ApplicationData" ) != 0 &&
732 ! ( opt.protect_hvr &&
733 strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
734 cur.len != (size_t) opt.protect_len &&
735 dropped[id] < DROP_MAX &&
736 rand() % opt.drop == 0 ) )
738 update_dropped( &cur );
740 else if( ( opt.delay_ccs == 1 &&
741 strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) ||
743 strcmp( cur.type, "CID" ) != 0 &&
744 strcmp( cur.type, "ApplicationData" ) != 0 &&
745 ! ( opt.protect_hvr &&
746 strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) &&
747 cur.len != (size_t) opt.protect_len &&
748 dropped[id] < DROP_MAX &&
749 rand() % opt.delay == 0 ) )
751 delay_packet( &cur );
755 /* forward and possibly duplicate */
756 if( ( ret = send_packet( &cur, "forwarded" ) ) != 0 )
759 /* send previously delayed messages if any */
760 ret = send_delayed();
768 int main( int argc, char *argv[] )
771 int exit_code = MBEDTLS_EXIT_FAILURE;
774 mbedtls_net_context listen_fd, client_fd, server_fd;
776 #if defined( MBEDTLS_TIMING_C )
780 struct timeval *tm_ptr = NULL;
785 mbedtls_net_init( &listen_fd );
786 mbedtls_net_init( &client_fd );
787 mbedtls_net_init( &server_fd );
789 get_options( argc, argv );
792 * Decisions to drop/delay/duplicate packets are pseudo-random: dropping
793 * exactly 1 in N packets would lead to problems when a flight has exactly
794 * N packets: the same packet would be dropped on every resend.
796 * In order to be able to reproduce problems reliably, the seed may be
797 * specified explicitly.
801 opt.seed = (unsigned int) time( NULL );
802 mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed );
808 * 0. "Connect" to the server
810 mbedtls_printf( " . Connect to server on UDP/%s/%s ...",
811 opt.server_addr, opt.server_port );
814 if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port,
815 MBEDTLS_NET_PROTO_UDP ) ) != 0 )
817 mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret );
821 mbedtls_printf( " ok\n" );
824 * 1. Setup the "listening" UDP socket
826 mbedtls_printf( " . Bind on UDP/%s/%s ...",
827 opt.listen_addr, opt.listen_port );
830 if( ( ret = mbedtls_net_bind( &listen_fd, opt.listen_addr, opt.listen_port,
831 MBEDTLS_NET_PROTO_UDP ) ) != 0 )
833 mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret );
837 mbedtls_printf( " ok\n" );
840 * 2. Wait until a client connects
843 mbedtls_net_free( &client_fd );
845 mbedtls_printf( " . Waiting for a remote connection ..." );
848 if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
849 NULL, 0, NULL ) ) != 0 )
851 mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret );
855 mbedtls_printf( " ok\n" );
858 * 3. Forward packets forever (kill the process to terminate it)
861 memset( dropped, 0, sizeof( dropped ) );
863 nb_fds = client_fd.fd;
864 if( nb_fds < server_fd.fd )
865 nb_fds = server_fd.fd;
866 if( nb_fds < listen_fd.fd )
867 nb_fds = listen_fd.fd;
870 #if defined(MBEDTLS_TIMING_C)
873 outbuf[0].ctx = &server_fd;
874 outbuf[0].description = "S <- C";
875 outbuf[0].num_datagrams = 0;
878 outbuf[1].ctx = &client_fd;
879 outbuf[1].description = "S -> C";
880 outbuf[1].num_datagrams = 0;
883 #endif /* MBEDTLS_TIMING_C */
887 #if defined(MBEDTLS_TIMING_C)
890 unsigned max_wait_server, max_wait_client, max_wait;
891 max_wait_server = ctx_buffer_time_remaining( &outbuf[0] );
892 max_wait_client = ctx_buffer_time_remaining( &outbuf[1] );
894 max_wait = (unsigned) -1;
896 if( max_wait_server == 0 )
897 ctx_buffer_flush( &outbuf[0] );
899 max_wait = max_wait_server;
901 if( max_wait_client == 0 )
902 ctx_buffer_flush( &outbuf[1] );
905 if( max_wait_client < max_wait )
906 max_wait = max_wait_client;
909 if( max_wait != (unsigned) -1 )
911 tm.tv_sec = max_wait / 1000;
912 tm.tv_usec = ( max_wait % 1000 ) * 1000;
921 #endif /* MBEDTLS_TIMING_C */
923 FD_ZERO( &read_fds );
924 FD_SET( server_fd.fd, &read_fds );
925 FD_SET( client_fd.fd, &read_fds );
926 FD_SET( listen_fd.fd, &read_fds );
928 if( ( ret = select( nb_fds, &read_fds, NULL, NULL, tm_ptr ) ) < 0 )
934 if( FD_ISSET( listen_fd.fd, &read_fds ) )
937 if( FD_ISSET( client_fd.fd, &read_fds ) )
939 if( ( ret = handle_message( "S <- C",
940 &server_fd, &client_fd ) ) != 0 )
944 if( FD_ISSET( server_fd.fd, &read_fds ) )
946 if( ( ret = handle_message( "S -> C",
947 &client_fd, &server_fd ) ) != 0 )
953 exit_code = MBEDTLS_EXIT_SUCCESS;
957 #ifdef MBEDTLS_ERROR_C
958 if( exit_code != MBEDTLS_EXIT_SUCCESS )
961 mbedtls_strerror( ret, error_buf, 100 );
962 mbedtls_printf( "Last error was: -0x%04X - %s\n\n", - ret, error_buf );
967 for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ )
969 mbedtls_free( opt.delay_cli + delay_idx );
970 mbedtls_free( opt.delay_srv + delay_idx );
973 mbedtls_net_free( &client_fd );
974 mbedtls_net_free( &server_fd );
975 mbedtls_net_free( &listen_fd );
978 mbedtls_printf( " Press Enter to exit this program.\n" );
979 fflush( stdout ); getchar();
985 #endif /* MBEDTLS_NET_C */