Fixes trivial coding style issues.
Change-Id: I597e99c043081b15d04ab17ea40558686d0084fc
Signed-off-by: Junyeon LEE <junyeon2.lee@samsung.com>
#define SERVER_PORT "4433"
#define SERVER_NAME "localhost"
-#define SERVER_ADDR "127.0.0.1" /* forces IPv4 */
+#define SERVER_ADDR "127.0.0.1" /* forces IPv4 */
#define MESSAGE "TinyARA test echo packet"
#define READ_TIMEOUT_MS 1000
static void my_debug(void *ctx, int level, const char *file, int line, const char *str)
{
- ((void) level);
+ ((void)level);
mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
fflush((FILE *) ctx);
}
-
/****************************************************************************
* dtls_client_main
****************************************************************************/
mbedtls_debug_set_threshold(DEBUG_LEVEL);
#endif
-
/*
* 0. Initialize the RNG and the session data
*/
fflush(stdout);
mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *)pers, strlen(pers))) != 0) {
+ if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *)pers, strlen(pers))) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
goto exit;
}
mbedtls_printf(" . Loading the CA root certificate ...");
fflush(stdout);
- ret = mbedtls_x509_crt_parse(&cacert,
- (const unsigned char *) mbedtls_test_ca_crt_rsa,
- mbedtls_test_ca_crt_rsa_len);
+ ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *)mbedtls_test_ca_crt_rsa, mbedtls_test_ca_crt_rsa_len);
if (ret < 0) {
- mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret);
goto exit;
}
mbedtls_printf(" ok (%d skipped)\n", ret);
- /*
- ret = mbedtls_x509_crt_parse(&cacert,
- (const unsigned char *) mbedtls_test_ca_crt,
- mbedtls_test_ca_crt_len);
- if (ret < 0) {
- mbedtls_printf("failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret);
- goto exit;
- }
- mbedtls_printf( " ok (%d skipped)\n", ret );
- */
/*
* 1. Start the connection
*/
mbedtls_printf(" . Setting up the DTLS structure...");
fflush(stdout);
- if ((ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_DATAGRAM,
- MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+ if ((ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
goto exit;
}
- /* OPTIONAL is usually a bad choice for security, but makes interop easier
+ /*
+ * OPTIONAL is usually a bad choice for security, but makes interop easier
* in this simplified example, in which the ca chain is hardcoded.
- * Production code should set a proper ca chain and use REQUIRED. */
+ * Production code should set a proper ca chain and use REQUIRED.
+ */
mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
goto exit;
}
- mbedtls_ssl_set_bio(&ssl, &server_fd,
- mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout);
-
+ mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout);
mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay);
mbedtls_printf(" ok\n");
}
/* 3. create pthread with entry function */
- if ((r = pthread_create(&tid, &attr,
- (pthread_startroutine_t)dtls_client_cb, (void *)&args)) != 0) {
+ if ((r = pthread_create(&tid, &attr, (pthread_startroutine_t) dtls_client_cb, (void *)&args)) != 0) {
printf("%s: pthread_create failed, status=%d\n", __func__, r);
}
return 0;
}
-
* Included Files
****************************************************************************/
-
#include "tls/config.h"
#include <stdio.h>
#include "tls/ssl_cache.h"
#endif
-#define READ_TIMEOUT_MS 10000 /* 5 seconds */
+#define READ_TIMEOUT_MS 10000 /* 5 seconds */
#define DEBUG_LEVEL 0
/*
static void my_debug(void *ctx, int level, const char *file, int line, const char *str)
{
- ((void) level);
+ ((void)level);
mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str);
fflush((FILE *) ctx);
* Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
* server and CA certificates, as well as mbedtls_pk_parse_keyfile().
*/
- ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *)mbedtls_test_srv_crt_rsa,
- mbedtls_test_srv_crt_rsa_len);
+ ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *)mbedtls_test_srv_crt_rsa, mbedtls_test_srv_crt_rsa_len);
if (ret != 0) {
mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret);
goto exit;
}
- ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *)mbedtls_test_ca_crt_rsa,
- mbedtls_test_ca_crt_rsa_len);
+ ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *)mbedtls_test_ca_crt_rsa, mbedtls_test_ca_crt_rsa_len);
if (ret != 0) {
mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret);
goto exit;
}
- ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *)mbedtls_test_srv_key_rsa,
- mbedtls_test_srv_key_rsa_len, NULL, 0);
+ ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *)mbedtls_test_srv_key_rsa, mbedtls_test_srv_key_rsa_len, NULL, 0);
if (ret != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret);
goto exit;
mbedtls_printf(" . Seeding the random number generator...");
fflush(stdout);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *)pers, strlen(pers))) != 0) {
+ if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *)pers, strlen(pers))) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret);
goto exit;
}
mbedtls_printf(" . Setting up the DTLS data...");
fflush(stdout);
- if ((ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_DATAGRAM,
- MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+ if ((ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret);
goto exit;
}
/* For HelloVerifyRequest cookies */
if ((ret = mbedtls_ssl_set_client_transport_id(&ssl, client_ip, cliip_len)) != 0) {
- mbedtls_printf(" failed\n ! "
- "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", -ret);
+ mbedtls_printf(" failed\n ! " "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", -ret);
goto exit;
}
do {
ret = mbedtls_ssl_handshake(&ssl);
- } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ } while (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE);
if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
mbedtls_printf(" hello verification requested\n");
}
/* 3. create pthread with entry function */
- if ((r = pthread_create(&tid, &attr,
- (pthread_startroutine_t)dtls_server_cb, (void *)&args)) != 0) {
+ if ((r = pthread_create(&tid, &attr, (pthread_startroutine_t) dtls_server_cb, (void *)&args)) != 0) {
mbedtls_printf("%s: pthread_create failed, status=%d\n", __func__, r);
}
return 0;
}
-
* Included Files
****************************************************************************/
-
#define mbedtls_printf printf
#define mbedtls_fprintf fprintf
#define mbedtls_snprintf snprintf
#else
#define USAGE_IO \
" No file operations available (MBEDTLS_FS_IO not defined)\n"
-#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_FS_IO */
#else
#define USAGE_IO ""
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
#define USAGE_PSK \
" psk_identity=%%s default: \"Client_identity\"\n"
#else
#define USAGE_PSK ""
-#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
#define USAGE_TICKETS \
" tickets=%%d default: 1 (enabled)\n"
#else
#define USAGE_TICKETS ""
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
#define USAGE_TRUNC_HMAC \
" trunc_hmac=%%d default: library default\n"
#else
#define USAGE_TRUNC_HMAC ""
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
#define USAGE_MAX_FRAG_LEN \
" options: 512, 1024, 2048, 4096\n"
#else
#define USAGE_MAX_FRAG_LEN ""
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
#define USAGE_RECSPLIT \
" example: spdy/1,http/1.1\n"
#else
#define USAGE_ALPN ""
-#endif /* MBEDTLS_SSL_ALPN */
+#endif /* MBEDTLS_SSL_ALPN */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
#define USAGE_DTLS \
" force_ciphersuite=<name> default: all enabled\n"\
" acceptable ciphersuite names:\n"
-
struct options {
- const char *server_name; /* hostname of the server (client only) */
- const char *server_addr; /* address of the server (client only) */
- const char *server_port; /* port on which the ssl service runs */
- int debug_level; /* level of debugging */
- int nbio; /* should I/O be blocking? */
- uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */
- int max_resend; /* DTLS times to resend on read timeout */
- const char *request_page; /* page on server to request */
- int request_size; /* pad request with header to requested size */
- const char *ca_file; /* the file with the CA certificate(s) */
- const char *ca_path; /* the path with the CA certificate(s) reside */
- const char *crt_file; /* the file with the client certificate */
- const char *key_file; /* the file with the client key */
- const char *psk; /* the pre-shared key */
- const char *psk_identity; /* the pre-shared key identity */
- const char *ecjpake_pw; /* the EC J-PAKE password */
- int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
- int renegotiation; /* enable / disable renegotiation */
- int allow_legacy; /* allow legacy renegotiation */
- int renegotiate; /* attempt renegotiation? */
- int renego_delay; /* delay before enforcing renegotiation */
- int exchanges; /* number of data exchanges */
- int min_version; /* minimum protocol version accepted */
- int max_version; /* maximum protocol version accepted */
- int arc4; /* flag for arc4 suites support */
- int auth_mode; /* verify mode for connection */
- unsigned char mfl_code; /* code for maximum fragment length */
- int trunc_hmac; /* negotiate truncated hmac or not */
- int recsplit; /* enable record splitting? */
- int dhmlen; /* minimum DHM params len in bits */
- int reconnect; /* attempt to resume session */
- int reco_delay; /* delay in seconds before resuming session */
- int reconnect_hard; /* unexpectedly reconnect from the same port */
- int tickets; /* enable / disable session tickets */
- const char *alpn_string; /* ALPN supported protocols */
- int transport; /* TLS or DTLS? */
- uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
- uint32_t hs_to_max; /* Max value of DTLS handshake timer */
- int fallback; /* is this a fallback connection? */
- int extended_ms; /* negotiate extended master secret? */
- int etm; /* negotiate encrypt then mac? */
+ const char *server_name; /* hostname of the server (client only) */
+ const char *server_addr; /* address of the server (client only) */
+ const char *server_port; /* port on which the ssl service runs */
+ int debug_level; /* level of debugging */
+ int nbio; /* should I/O be blocking? */
+ uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */
+ int max_resend; /* DTLS times to resend on read timeout */
+ const char *request_page; /* page on server to request */
+ int request_size; /* pad request with header to requested size */
+ const char *ca_file; /* the file with the CA certificate(s) */
+ const char *ca_path; /* the path with the CA certificate(s) reside */
+ const char *crt_file; /* the file with the client certificate */
+ const char *key_file; /* the file with the client key */
+ const char *psk; /* the pre-shared key */
+ const char *psk_identity; /* the pre-shared key identity */
+ const char *ecjpake_pw; /* the EC J-PAKE password */
+ int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
+ int renegotiation; /* enable / disable renegotiation */
+ int allow_legacy; /* allow legacy renegotiation */
+ int renegotiate; /* attempt renegotiation? */
+ int renego_delay; /* delay before enforcing renegotiation */
+ int exchanges; /* number of data exchanges */
+ int min_version; /* minimum protocol version accepted */
+ int max_version; /* maximum protocol version accepted */
+ int arc4; /* flag for arc4 suites support */
+ int auth_mode; /* verify mode for connection */
+ unsigned char mfl_code; /* code for maximum fragment length */
+ int trunc_hmac; /* negotiate truncated hmac or not */
+ int recsplit; /* enable record splitting? */
+ int dhmlen; /* minimum DHM params len in bits */
+ int reconnect; /* attempt to resume session */
+ int reco_delay; /* delay in seconds before resuming session */
+ int reconnect_hard; /* unexpectedly reconnect from the same port */
+ int tickets; /* enable / disable session tickets */
+ const char *alpn_string; /* ALPN supported protocols */
+ int transport; /* TLS or DTLS? */
+ uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
+ uint32_t hs_to_max; /* Max value of DTLS handshake timer */
+ int fallback; /* is this a fallback connection? */
+ int extended_ms; /* negotiate extended master secret? */
+ int etm; /* negotiate encrypt then mac? */
} opt;
-static void my_debug(void *ctx, int level,
- const char *file, int line,
- const char *str)
+static void my_debug(void *ctx, int level, const char *file, int line, const char *str)
{
const char *p;
const char *basename;
ret = mbedtls_net_recv(ctx, buf, len);
if (ret != MBEDTLS_ERR_SSL_WANT_READ) {
- first_try = 1; /* Next call will be a new operation */
+ first_try = 1; /* Next call will be a new operation */
}
return (ret);
}
ret = mbedtls_net_send(ctx, buf, len);
if (ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
- first_try = 1; /* Next call will be a new operation */
+ first_try = 1; /* Next call will be a new operation */
}
return (ret);
}
/*
* Enabled if debug_level > 1 in code below
*/
-static int my_verify(void *data, mbedtls_x509_crt *crt, int depth,
- uint32_t *flags)
+static int my_verify(void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags)
{
char buf[1024];
- ((void) data);
+ ((void)data);
mbedtls_printf("\nVerify requested for (Depth %d):\n", depth);
mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
return (0);
}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
-
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
/****************************************************************************
* tls_client_main
mbedtls_pk_init(&pkey);
#endif
#if defined(MBEDTLS_SSL_ALPN)
- memset((void *) alpn_list, 0, sizeof(alpn_list));
+ memset((void *)alpn_list, 0, sizeof(alpn_list));
#endif
if (argc == 0) {
goto exit;
}
- opt.server_name = DFL_SERVER_NAME;
- opt.server_addr = DFL_SERVER_ADDR;
- opt.server_port = DFL_SERVER_PORT;
- opt.debug_level = DFL_DEBUG_LEVEL;
- opt.nbio = DFL_NBIO;
- opt.read_timeout = DFL_READ_TIMEOUT;
- opt.max_resend = DFL_MAX_RESEND;
- opt.request_page = DFL_REQUEST_PAGE;
- opt.request_size = DFL_REQUEST_SIZE;
- opt.ca_file = DFL_CA_FILE;
- opt.ca_path = DFL_CA_PATH;
- opt.crt_file = DFL_CRT_FILE;
- opt.key_file = DFL_KEY_FILE;
- opt.psk = DFL_PSK;
- opt.psk_identity = DFL_PSK_IDENTITY;
- opt.ecjpake_pw = DFL_ECJPAKE_PW;
+ opt.server_name = DFL_SERVER_NAME;
+ opt.server_addr = DFL_SERVER_ADDR;
+ opt.server_port = DFL_SERVER_PORT;
+ opt.debug_level = DFL_DEBUG_LEVEL;
+ opt.nbio = DFL_NBIO;
+ opt.read_timeout = DFL_READ_TIMEOUT;
+ opt.max_resend = DFL_MAX_RESEND;
+ opt.request_page = DFL_REQUEST_PAGE;
+ opt.request_size = DFL_REQUEST_SIZE;
+ opt.ca_file = DFL_CA_FILE;
+ opt.ca_path = DFL_CA_PATH;
+ opt.crt_file = DFL_CRT_FILE;
+ opt.key_file = DFL_KEY_FILE;
+ opt.psk = DFL_PSK;
+ opt.psk_identity = DFL_PSK_IDENTITY;
+ opt.ecjpake_pw = DFL_ECJPAKE_PW;
opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
- opt.renegotiation = DFL_RENEGOTIATION;
- opt.allow_legacy = DFL_ALLOW_LEGACY;
- opt.renegotiate = DFL_RENEGOTIATE;
- opt.exchanges = DFL_EXCHANGES;
- opt.min_version = DFL_MIN_VERSION;
- opt.max_version = DFL_MAX_VERSION;
- opt.arc4 = DFL_ARC4;
- opt.auth_mode = DFL_AUTH_MODE;
- opt.mfl_code = DFL_MFL_CODE;
- opt.trunc_hmac = DFL_TRUNC_HMAC;
- opt.recsplit = DFL_RECSPLIT;
- opt.dhmlen = DFL_DHMLEN;
- opt.reconnect = DFL_RECONNECT;
- opt.reco_delay = DFL_RECO_DELAY;
- opt.reconnect_hard = DFL_RECONNECT_HARD;
- opt.tickets = DFL_TICKETS;
- opt.alpn_string = DFL_ALPN_STRING;
- opt.transport = DFL_TRANSPORT;
- opt.hs_to_min = DFL_HS_TO_MIN;
- opt.hs_to_max = DFL_HS_TO_MAX;
- opt.fallback = DFL_FALLBACK;
- opt.extended_ms = DFL_EXTENDED_MS;
- opt.etm = DFL_ETM;
+ opt.renegotiation = DFL_RENEGOTIATION;
+ opt.allow_legacy = DFL_ALLOW_LEGACY;
+ opt.renegotiate = DFL_RENEGOTIATE;
+ opt.exchanges = DFL_EXCHANGES;
+ opt.min_version = DFL_MIN_VERSION;
+ opt.max_version = DFL_MAX_VERSION;
+ opt.arc4 = DFL_ARC4;
+ opt.auth_mode = DFL_AUTH_MODE;
+ opt.mfl_code = DFL_MFL_CODE;
+ opt.trunc_hmac = DFL_TRUNC_HMAC;
+ opt.recsplit = DFL_RECSPLIT;
+ opt.dhmlen = DFL_DHMLEN;
+ opt.reconnect = DFL_RECONNECT;
+ opt.reco_delay = DFL_RECO_DELAY;
+ opt.reconnect_hard = DFL_RECONNECT_HARD;
+ opt.tickets = DFL_TICKETS;
+ opt.alpn_string = DFL_ALPN_STRING;
+ opt.transport = DFL_TRANSPORT;
+ opt.hs_to_min = DFL_HS_TO_MIN;
+ opt.hs_to_max = DFL_HS_TO_MAX;
+ opt.fallback = DFL_FALLBACK;
+ opt.extended_ms = DFL_EXTENDED_MS;
+ opt.etm = DFL_ETM;
for (i = 1; i < argc; i++) {
p = argv[i];
}
opt.force_ciphersuite[1] = 0;
} else if (strcmp(p, "renegotiation") == 0) {
- opt.renegotiation = (atoi(q)) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED :
- MBEDTLS_SSL_RENEGOTIATION_DISABLED;
+ opt.renegotiation = (atoi(q)) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED;
} else if (strcmp(p, "allow_legacy") == 0) {
switch (atoi(q)) {
case -1:
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
} else if (strcmp(q, "tls1") == 0) {
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
- } else if (strcmp(q, "tls1_1") == 0 ||
- strcmp(q, "dtls1") == 0) {
+ } else if (strcmp(q, "tls1_1") == 0 || strcmp(q, "dtls1") == 0) {
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
- } else if (strcmp(q, "tls1_2") == 0 ||
- strcmp(q, "dtls1_2") == 0) {
+ } else if (strcmp(q, "tls1_2") == 0 || strcmp(q, "dtls1_2") == 0) {
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
} else {
goto usage;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
} else if (strcmp(q, "tls1") == 0) {
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
- } else if (strcmp(q, "tls1_1") == 0 ||
- strcmp(q, "dtls1") == 0) {
+ } else if (strcmp(q, "tls1_1") == 0 || strcmp(q, "dtls1") == 0) {
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
- } else if (strcmp(q, "tls1_2") == 0 ||
- strcmp(q, "dtls1_2") == 0) {
+ } else if (strcmp(q, "tls1_2") == 0 || strcmp(q, "dtls1_2") == 0) {
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
} else {
goto usage;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(opt.force_ciphersuite[0]);
- if (opt.max_version != -1 &&
- ciphersuite_info->min_minor_ver > opt.max_version) {
+ if (opt.max_version != -1 && ciphersuite_info->min_minor_ver > opt.max_version) {
mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
ret = 2;
goto usage;
}
- if (opt.min_version != -1 &&
- ciphersuite_info->max_minor_ver < opt.min_version) {
+ if (opt.min_version != -1 && ciphersuite_info->max_minor_ver < opt.min_version) {
mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
ret = 2;
goto usage;
/* If the server selects a version that's not supported by
* this suite, then there will be no common ciphersuite... */
- if (opt.max_version == -1 ||
- opt.max_version > ciphersuite_info->max_minor_ver) {
+ if (opt.max_version == -1 || opt.max_version > ciphersuite_info->max_minor_ver) {
opt.max_version = ciphersuite_info->max_minor_ver;
}
if (opt.min_version < ciphersuite_info->min_minor_ver) {
opt.min_version = ciphersuite_info->min_minor_ver;
/* DTLS starts with TLS 1.1 */
- if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
- opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) {
+ if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) {
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
}
}
}
}
-
#if defined(MBEDTLS_SSL_ALPN)
if (opt.alpn_string != NULL) {
p = (char *)opt.alpn_string;
}
}
}
-#endif /* MBEDTLS_SSL_ALPN */
+#endif /* MBEDTLS_SSL_ALPN */
/*
* 0. Initialize the RNG and the session data
fflush(stdout);
mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *)pers,
- strlen(pers))) != 0) {
+ if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *)pers, strlen(pers))) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", -ret);
goto exit;
}
*/
mbedtls_printf(" . Loading the CA root certificate ...");
fflush(stdout);
- if ((ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *)mbedtls_test_ca_crt_rsa, mbedtls_test_ca_crt_rsa_len)) < 0)
- {
+ if ((ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *)mbedtls_test_ca_crt_rsa, mbedtls_test_ca_crt_rsa_len)) < 0) {
mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret);
goto exit;
}
mbedtls_printf(" . Loading the own cert...");
fflush(stdout);
- if ((ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *)mbedtls_test_cli_crt_rsa, mbedtls_test_cli_crt_rsa_len)) != 0)
- {
+ if ((ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *)mbedtls_test_cli_crt_rsa, mbedtls_test_cli_crt_rsa_len)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret);
goto exit;
}
mbedtls_printf(" . Loading the Private Key...");
fflush(stdout);
- if ((ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_cli_key_rsa, mbedtls_test_cli_key_rsa_len, NULL, 0)) != 0)
- {
+ if ((ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *)mbedtls_test_cli_key_rsa, mbedtls_test_cli_key_rsa_len, NULL, 0)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret);
goto exit;
}
opt.server_addr = opt.server_name;
}
- mbedtls_printf(" . Connecting to %s/%s/%s...",
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
- opt.server_addr, opt.server_port);
+ mbedtls_printf(" . Connecting to %s/%s/%s...", opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", opt.server_addr, opt.server_port);
fflush(stdout);
- if ((ret = mbedtls_net_connect(&server_fd, opt.server_addr, opt.server_port,
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
- MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
+ if ((ret = mbedtls_net_connect(&server_fd, opt.server_addr, opt.server_port, opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_net_connect returned -0x%x\n\n", -ret);
goto exit;
}
mbedtls_printf(" . Setting up the SSL/TLS structure...");
fflush(stdout);
- if ((ret = mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_CLIENT,
- opt.transport,
- MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n",
- -ret);
+ if ((ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, opt.transport, MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+ mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret);
goto exit;
}
-
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if (opt.debug_level > 0) {
mbedtls_ssl_conf_verify(&conf, my_verify, NULL);
if (opt.auth_mode != DFL_AUTH_MODE) {
mbedtls_ssl_conf_authmode(&conf, opt.auth_mode);
}
-
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) {
mbedtls_ssl_conf_handshake_timeout(&conf, opt.hs_to_min, opt.hs_to_max);
}
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n",
- ret);
+ mbedtls_printf(" failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret);
goto exit;
}
#endif
#endif
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
- if (opt.recsplit != DFL_RECSPLIT)
- mbedtls_ssl_conf_cbc_record_splitting(&conf, opt.recsplit
- ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED
- : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED);
+ if (opt.recsplit != DFL_RECSPLIT) {
+ mbedtls_ssl_conf_cbc_record_splitting(&conf, opt.recsplit ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED);
+ }
#endif
#if defined(MBEDTLS_DHM_C)
#if defined(MBEDTLS_SSL_ALPN)
if (opt.alpn_string != NULL)
if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n",
- ret);
+ mbedtls_printf(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret);
goto exit;
}
#endif
if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
}
-
#if defined(MBEDTLS_ARC4_C)
if (opt.arc4 != DFL_ARC4) {
mbedtls_ssl_conf_arc4_support(&conf, opt.arc4);
}
#endif
- if (opt.min_version != DFL_MIN_VERSION)
- mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3,
- opt.min_version);
+ if (opt.min_version != DFL_MIN_VERSION) {
+ mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version);
+ }
- if (opt.max_version != DFL_MAX_VERSION)
- mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3,
- opt.max_version);
+ if (opt.max_version != DFL_MAX_VERSION) {
+ mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version);
+ }
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
if (opt.fallback != DFL_FALLBACK) {
mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret);
goto exit;
}
-
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret);
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
if (opt.ecjpake_pw != DFL_ECJPAKE_PW) {
- if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl,
- (const unsigned char *)opt.ecjpake_pw,
- strlen(opt.ecjpake_pw))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n",
- ret);
+ if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, (const unsigned char *)opt.ecjpake_pw, strlen(opt.ecjpake_pw))) != 0) {
+ mbedtls_printf(" failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret);
goto exit;
}
}
if (opt.nbio == 2) {
mbedtls_ssl_set_bio(&ssl, &server_fd, my_send, my_recv, NULL);
- } else
- mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv,
- opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL);
+ } else {
+ mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL);
+ }
#if defined(MBEDTLS_TIMING_C)
- mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay,
- mbedtls_timing_get_delay);
+ mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay);
#endif
mbedtls_printf(" ok\n");
/*
- * 4. Handshake
- */
+ * 4. Handshake
+ */
mbedtls_printf(" . Performing the SSL/TLS handshake...");
fflush(stdout);
while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n", -ret);
- if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED)
- mbedtls_printf(
- " Unable to verify the server's certificate. "
- "Either it is invalid,\n"
- " or you didn't set ca_file or ca_path "
- "to an appropriate value.\n"
- " Alternatively, you may want to use "
- "auth_mode=optional for testing purposes.\n");
+ if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) {
+ mbedtls_printf(" Unable to verify the server's certificate. " "Either it is invalid,\n" " or you didn't set ca_file or ca_path " "to an appropriate value.\n" " Alternatively, you may want to use " "auth_mode=optional for testing purposes.\n");
+ }
mbedtls_printf("\n");
goto exit;
}
}
- mbedtls_printf(" ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n",
- mbedtls_ssl_get_version(&ssl), mbedtls_ssl_get_ciphersuite(&ssl));
+ mbedtls_printf(" ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", mbedtls_ssl_get_version(&ssl), mbedtls_ssl_get_ciphersuite(&ssl));
if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) {
mbedtls_printf(" [ Record expansion is %d ]\n", ret);
}
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- mbedtls_printf(" [ Maximum fragment length is %u ]\n",
- (unsigned int)mbedtls_ssl_get_max_frag_len(&ssl));
+ mbedtls_printf(" [ Maximum fragment length is %u ]\n", (unsigned int)mbedtls_ssl_get_max_frag_len(&ssl));
#endif
#if defined(MBEDTLS_SSL_ALPN)
if (opt.alpn_string != NULL) {
const char *alp = mbedtls_ssl_get_alpn_protocol(&ssl);
- mbedtls_printf(" [ Application Layer Protocol is %s ]\n",
- alp ? alp : "(none)");
+ mbedtls_printf(" [ Application Layer Protocol is %s ]\n", alp ? alp : "(none)");
}
#endif
fflush(stdout);
if ((ret = mbedtls_ssl_get_session(&ssl, &saved_session)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n", -ret);
goto exit;
}
if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) {
char vrfy_buf[512];
-
mbedtls_printf(" failed\n");
mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags);
if (mbedtls_ssl_get_peer_cert(&ssl) != NULL) {
mbedtls_printf(" . Peer certificate information ...\n");
- mbedtls_x509_crt_info((char *)buf, sizeof(buf) - 1, " ",
- mbedtls_ssl_get_peer_cert(&ssl));
+ mbedtls_x509_crt_info((char *)buf, sizeof(buf) - 1, " ", mbedtls_ssl_get_peer_cert(&ssl));
mbedtls_printf("%s\n", buf);
}
-
#if defined(MBEDTLS_SSL_RENEGOTIATION)
if (opt.renegotiate) {
/*
mbedtls_printf(" . Performing renegotiation...");
fflush(stdout);
while ((ret = mbedtls_ssl_renegotiate(&ssl)) != 0) {
- if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
mbedtls_printf(" failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret);
goto exit;
}
}
mbedtls_printf(" ok\n");
}
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
/*
* 6. Write the GET request
mbedtls_printf(" > Write to server:");
fflush(stdout);
- len = mbedtls_snprintf((char *)buf, sizeof(buf) - 1, GET_REQUEST,
- opt.request_page);
- tail_len = (int) strlen(GET_REQUEST_END);
+ len = mbedtls_snprintf((char *)buf, sizeof(buf) - 1, GET_REQUEST, opt.request_page);
+ tail_len = (int)strlen(GET_REQUEST_END);
/* Add padding to GET request to reach opt.request_size in length */
- if (opt.request_size != DFL_REQUEST_SIZE &&
- len + tail_len < opt.request_size) {
+ if (opt.request_size != DFL_REQUEST_SIZE && len + tail_len < opt.request_size) {
if (sizeof(buf) - len < opt.request_size - len - tail_len) {
goto exit;
}
len += tail_len;
/* Truncate if request size is smaller than the "natural" size */
- if (opt.request_size != DFL_REQUEST_SIZE &&
- len > opt.request_size) {
+ if (opt.request_size != DFL_REQUEST_SIZE && len > opt.request_size) {
len = opt.request_size;
if (len > sizeof(buf) - 1) {
for (written = 0, frags = 0; written < len; written += ret, frags++) {
while ((ret = mbedtls_ssl_write(&ssl, buf + written, len - written))
<= 0) {
- if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
mbedtls_printf(" failed\n ! mbedtls_ssl_write returned -0x%x\n\n", -ret);
goto exit;
}
}
}
- } else { /* Not stream, so datagram */
+ } else { /* Not stream, so datagram */
do {
ret = mbedtls_ssl_write(&ssl, buf, len);
- } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ } while (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE);
if (ret < 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
memset(buf, 0, sizeof(buf));
ret = mbedtls_ssl_read(&ssl, buf, len);
- if (ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+ if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
continue;
}
break;
}
} while (1);
- } else { /* Not stream, so datagram */
+ } else { /* Not stream, so datagram */
len = sizeof(buf) - 1;
memset(buf, 0, sizeof(buf));
do {
ret = mbedtls_ssl_read(&ssl, buf, len);
- } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ } while (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE);
if (ret <= 0) {
switch (ret) {
fflush(stdout);
if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", -ret);
goto exit;
}
while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
- if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret);
goto exit;
}
mbedtls_printf(" . Reconnecting with saved session...");
if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", -ret);
goto exit;
}
goto exit;
}
- if ((ret = mbedtls_net_connect(&server_fd, opt.server_addr, opt.server_port,
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
- MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
+ if ((ret = mbedtls_net_connect(&server_fd, opt.server_addr, opt.server_port, opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_net_connect returned -0x%x\n\n", -ret);
goto exit;
}
ret = mbedtls_net_set_block(&server_fd);
}
if (ret != 0) {
- mbedtls_printf(" failed\n ! net_set_(non)block() returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! net_set_(non)block() returned -0x%x\n\n", -ret);
goto exit;
}
while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) {
- if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", -ret);
goto exit;
}
}
/* 3. create pthread with entry function */
- if ((r = pthread_create(&tid, &attr,
- (pthread_startroutine_t)tls_client_cb, (void *)&args)) != 0) {
+ if ((r = pthread_create(&tid, &attr, (pthread_startroutine_t) tls_client_cb, (void *)&args)) != 0) {
printf("%s: pthread_create failed, status=%d\n", __func__, r);
}
* Included Files
****************************************************************************/
-
#include "tls/config.h"
#include <stdio.h>
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
"<h2>mbed TLS Test Server</h2>\r\n" \
- "<p>Successful connection using: %s</p>\r\n" // LONG_RESPONSE
+ "<p>Successful connection using: %s</p>\r\n" // LONG_RESPONSE
/*
* Size of the basic I/O buffer. Able to hold our default response.
"\n" \
" No file operations available (MBEDTLS_FS_IO not defined)\n" \
"\n"
-#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_FS_IO */
#else
#define USAGE_IO ""
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
#define USAGE_PSK \
" psk_identity=%%s default: \"Client_identity\"\n"
#else
#define USAGE_PSK ""
-#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
#define USAGE_TICKETS \
" ticket_timeout=%%d default: 86400 (one day)\n"
#else
#define USAGE_TICKETS ""
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_CACHE_C)
#define USAGE_CACHE \
" cache_timeout=%%d default: cache default (1d)\n"
#else
#define USAGE_CACHE ""
-#endif /* MBEDTLS_SSL_CACHE_C */
+#endif /* MBEDTLS_SSL_CACHE_C */
#if defined(SNI_OPTION)
#define USAGE_SNI \
" default: disabled\n"
#else
#define USAGE_SNI ""
-#endif /* SNI_OPTION */
+#endif /* SNI_OPTION */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
#define USAGE_MAX_FRAG_LEN \
" options: 512, 1024, 2048, 4096\n"
#else
#define USAGE_MAX_FRAG_LEN ""
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
#define USAGE_TRUNC_HMAC \
" example: spdy/1,http/1.1\n"
#else
#define USAGE_ALPN ""
-#endif /* MBEDTLS_SSL_ALPN */
+#endif /* MBEDTLS_SSL_ALPN */
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
#define USAGE_COOKIES \
* global options
*/
struct options {
- const char *server_addr; /* address on which the ssl service runs */
- const char *server_port; /* port on which the ssl service runs */
- int debug_level; /* level of debugging */
- int nbio; /* should I/O be blocking? */
- uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */
- const char *ca_file; /* the file with the CA certificate(s) */
- const char *ca_path; /* the path with the CA certificate(s) reside */
- const char *crt_file; /* the file with the server certificate */
- const char *key_file; /* the file with the server key */
- const char *crt_file2; /* the file with the 2nd server certificate */
- const char *key_file2; /* the file with the 2nd server key */
- const char *psk; /* the pre-shared key */
- const char *psk_identity; /* the pre-shared key identity */
- char *psk_list; /* list of PSK id/key pairs for callback */
- const char *ecjpake_pw; /* the EC J-PAKE password */
- int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
- const char *version_suites; /* per-version ciphersuites */
- int renegotiation; /* enable / disable renegotiation */
- int allow_legacy; /* allow legacy renegotiation */
- int renegotiate; /* attempt renegotiation? */
- int renego_delay; /* delay before enforcing renegotiation */
- int renego_period; /* period for automatic renegotiation */
- int exchanges; /* number of data exchanges */
- int min_version; /* minimum protocol version accepted */
- int max_version; /* maximum protocol version accepted */
- int arc4; /* flag for arc4 suites support */
- int auth_mode; /* verify mode for connection */
- unsigned char mfl_code; /* code for maximum fragment length */
- int trunc_hmac; /* accept truncated hmac? */
- int tickets; /* enable / disable session tickets */
- int ticket_timeout; /* session ticket lifetime */
- int cache_max; /* max number of session cache entries */
- int cache_timeout; /* expiration delay of session cache entries */
- char *sni; /* string describing sni information */
- const char *alpn_string; /* ALPN supported protocols */
- const char *dhm_file; /* the file with the DH parameters */
- int extended_ms; /* allow negotiation of extended MS? */
- int etm; /* allow negotiation of encrypt-then-MAC? */
- int transport; /* TLS or DTLS? */
- int cookies; /* Use cookies for DTLS? -1 to break them */
- int anti_replay; /* Use anti-replay for DTLS? -1 for default */
- uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
- uint32_t hs_to_max; /* Max value of DTLS handshake timer */
- int badmac_limit; /* Limit of records with bad MAC */
- int retry; /* Server retry count */
+ const char *server_addr; /* address on which the ssl service runs */
+ const char *server_port; /* port on which the ssl service runs */
+ int debug_level; /* level of debugging */
+ int nbio; /* should I/O be blocking? */
+ uint32_t read_timeout; /* timeout on mbedtls_ssl_read() in milliseconds */
+ const char *ca_file; /* the file with the CA certificate(s) */
+ const char *ca_path; /* the path with the CA certificate(s) reside */
+ const char *crt_file; /* the file with the server certificate */
+ const char *key_file; /* the file with the server key */
+ const char *crt_file2; /* the file with the 2nd server certificate */
+ const char *key_file2; /* the file with the 2nd server key */
+ const char *psk; /* the pre-shared key */
+ const char *psk_identity; /* the pre-shared key identity */
+ char *psk_list; /* list of PSK id/key pairs for callback */
+ const char *ecjpake_pw; /* the EC J-PAKE password */
+ int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */
+ const char *version_suites; /* per-version ciphersuites */
+ int renegotiation; /* enable / disable renegotiation */
+ int allow_legacy; /* allow legacy renegotiation */
+ int renegotiate; /* attempt renegotiation? */
+ int renego_delay; /* delay before enforcing renegotiation */
+ int renego_period; /* period for automatic renegotiation */
+ int exchanges; /* number of data exchanges */
+ int min_version; /* minimum protocol version accepted */
+ int max_version; /* maximum protocol version accepted */
+ int arc4; /* flag for arc4 suites support */
+ int auth_mode; /* verify mode for connection */
+ unsigned char mfl_code; /* code for maximum fragment length */
+ int trunc_hmac; /* accept truncated hmac? */
+ int tickets; /* enable / disable session tickets */
+ int ticket_timeout; /* session ticket lifetime */
+ int cache_max; /* max number of session cache entries */
+ int cache_timeout; /* expiration delay of session cache entries */
+ char *sni; /* string describing sni information */
+ const char *alpn_string; /* ALPN supported protocols */
+ const char *dhm_file; /* the file with the DH parameters */
+ int extended_ms; /* allow negotiation of extended MS? */
+ int etm; /* allow negotiation of encrypt-then-MAC? */
+ int transport; /* TLS or DTLS? */
+ int cookies; /* Use cookies for DTLS? -1 to break them */
+ int anti_replay; /* Use anti-replay for DTLS? -1 for default */
+ uint32_t hs_to_min; /* Initial value of DTLS handshake timer */
+ uint32_t hs_to_max; /* Max value of DTLS handshake timer */
+ int badmac_limit; /* Limit of records with bad MAC */
+ int retry; /* Server retry count */
} opt;
-static void my_debug(void *ctx, int level,
- const char *file, int line,
- const char *str)
+static void my_debug(void *ctx, int level, const char *file, int line, const char *str)
{
const char *p;
const char *basename;
ret = mbedtls_net_recv(ctx, buf, len);
if (ret != MBEDTLS_ERR_SSL_WANT_READ) {
- first_try = 1; /* Next call will be a new operation */
+ first_try = 1; /* Next call will be a new operation */
}
return (ret);
}
ret = mbedtls_net_send(ctx, buf, len);
if (ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
- first_try = 1; /* Next call will be a new operation */
+ first_try = 1; /* Next call will be a new operation */
}
return (ret);
}
GET_ITEM(crl_file);
GET_ITEM(auth_str);
- if ((new->cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL ||
- (new->key = mbedtls_calloc(1, sizeof(mbedtls_pk_context))) == NULL) {
+ if ((new->cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL || (new->key = mbedtls_calloc(1, sizeof(mbedtls_pk_context))) == NULL) {
goto error;
}
mbedtls_x509_crt_init(new->cert);
mbedtls_pk_init(new->key);
- if (mbedtls_x509_crt_parse_file(new->cert, crt_file) != 0 ||
- mbedtls_pk_parse_keyfile(new->key, key_file, "") != 0) {
+ if (mbedtls_x509_crt_parse_file(new->cert, crt_file) != 0 || mbedtls_pk_parse_keyfile(new->key, key_file, "") != 0) {
goto error;
}
/*
* SNI callback.
*/
-int sni_callback(void *p_info, mbedtls_ssl_context *ssl,
- const unsigned char *name, size_t name_len)
+int sni_callback(void *p_info, mbedtls_ssl_context *ssl, const unsigned char *name, size_t name_len)
{
const sni_entry *cur = (const sni_entry *)p_info;
while (cur != NULL) {
- if (name_len == strlen(cur->name) &&
- memcmp(name, cur->name, name_len) == 0) {
+ if (name_len == strlen(cur->name) && memcmp(name, cur->name, name_len) == 0) {
if (cur->ca != NULL) {
mbedtls_ssl_set_hs_ca_chain(ssl, cur->ca, cur->crl);
}
return (-1);
}
-#endif /* SNI_OPTION */
+#endif /* SNI_OPTION */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
/*
* PSK callback
*/
-int psk_callback(void *p_info, mbedtls_ssl_context *ssl,
- const unsigned char *name, size_t name_len)
+int psk_callback(void *p_info, mbedtls_ssl_context *ssl, const unsigned char *name, size_t name_len)
{
- psk_entry *cur = (psk_entry *)p_info;
+ psk_entry *cur = (psk_entry *) p_info;
while (cur != NULL) {
- if (name_len == strlen(cur->name) &&
- memcmp(name, cur->name, name_len) == 0) {
+ if (name_len == strlen(cur->name) && memcmp(name, cur->name, name_len) == 0) {
return (mbedtls_ssl_set_hs_psk(ssl, cur->key, cur->key_len));
}
return (-1);
}
-#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
static mbedtls_net_context listen_fd, client_fd;
static int received_sigterm = 0;
void term_handler(int sig)
{
- ((void) sig);
+ ((void)sig);
received_sigterm = 1;
- mbedtls_net_free(&listen_fd); /* causes mbedtls_net_accept() to abort */
- mbedtls_net_free(&client_fd); /* causes net_read() to abort */
+ mbedtls_net_free(&listen_fd); /* causes mbedtls_net_accept() to abort */
+ mbedtls_net_free(&client_fd); /* causes net_read() to abort */
}
#endif
mbedtls_ssl_ticket_init(&ticket_ctx);
#endif
#if defined(MBEDTLS_SSL_ALPN)
- memset((void *) alpn_list, 0, sizeof(alpn_list));
+ memset((void *)alpn_list, 0, sizeof(alpn_list));
#endif
#if defined(MBEDTLS_SSL_COOKIE_C)
mbedtls_ssl_cookie_init(&cookie_ctx);
goto exit;
}
- opt.server_addr = DFL_SERVER_ADDR;
- opt.server_port = DFL_SERVER_PORT;
- opt.debug_level = DFL_DEBUG_LEVEL;
- opt.nbio = DFL_NBIO;
- opt.read_timeout = DFL_READ_TIMEOUT;
- opt.ca_file = DFL_CA_FILE;
- opt.ca_path = DFL_CA_PATH;
- opt.crt_file = DFL_CRT_FILE;
- opt.key_file = DFL_KEY_FILE;
- opt.crt_file2 = DFL_CRT_FILE2;
- opt.key_file2 = DFL_KEY_FILE2;
- opt.psk = DFL_PSK;
- opt.psk_identity = DFL_PSK_IDENTITY;
- opt.psk_list = DFL_PSK_LIST;
- opt.ecjpake_pw = DFL_ECJPAKE_PW;
+ opt.server_addr = DFL_SERVER_ADDR;
+ opt.server_port = DFL_SERVER_PORT;
+ opt.debug_level = DFL_DEBUG_LEVEL;
+ opt.nbio = DFL_NBIO;
+ opt.read_timeout = DFL_READ_TIMEOUT;
+ opt.ca_file = DFL_CA_FILE;
+ opt.ca_path = DFL_CA_PATH;
+ opt.crt_file = DFL_CRT_FILE;
+ opt.key_file = DFL_KEY_FILE;
+ opt.crt_file2 = DFL_CRT_FILE2;
+ opt.key_file2 = DFL_KEY_FILE2;
+ opt.psk = DFL_PSK;
+ opt.psk_identity = DFL_PSK_IDENTITY;
+ opt.psk_list = DFL_PSK_LIST;
+ opt.ecjpake_pw = DFL_ECJPAKE_PW;
opt.force_ciphersuite[0] = DFL_FORCE_CIPHER;
- opt.version_suites = DFL_VERSION_SUITES;
- opt.renegotiation = DFL_RENEGOTIATION;
- opt.allow_legacy = DFL_ALLOW_LEGACY;
- opt.renegotiate = DFL_RENEGOTIATE;
- opt.renego_delay = DFL_RENEGO_DELAY;
- opt.renego_period = DFL_RENEGO_PERIOD;
- opt.exchanges = DFL_EXCHANGES;
- opt.min_version = DFL_MIN_VERSION;
- opt.max_version = DFL_MAX_VERSION;
- opt.arc4 = DFL_ARC4;
- opt.auth_mode = DFL_AUTH_MODE;
- opt.mfl_code = DFL_MFL_CODE;
- opt.trunc_hmac = DFL_TRUNC_HMAC;
- opt.tickets = DFL_TICKETS;
- opt.ticket_timeout = DFL_TICKET_TIMEOUT;
- opt.cache_max = DFL_CACHE_MAX;
- opt.cache_timeout = DFL_CACHE_TIMEOUT;
- opt.sni = DFL_SNI;
- opt.alpn_string = DFL_ALPN_STRING;
- opt.dhm_file = DFL_DHM_FILE;
- opt.transport = DFL_TRANSPORT;
- opt.cookies = DFL_COOKIES;
- opt.anti_replay = DFL_ANTI_REPLAY;
- opt.hs_to_min = DFL_HS_TO_MIN;
- opt.hs_to_max = DFL_HS_TO_MAX;
- opt.badmac_limit = DFL_BADMAC_LIMIT;
- opt.extended_ms = DFL_EXTENDED_MS;
- opt.etm = DFL_ETM;
- opt.retry = DFL_RETRY;
+ opt.version_suites = DFL_VERSION_SUITES;
+ opt.renegotiation = DFL_RENEGOTIATION;
+ opt.allow_legacy = DFL_ALLOW_LEGACY;
+ opt.renegotiate = DFL_RENEGOTIATE;
+ opt.renego_delay = DFL_RENEGO_DELAY;
+ opt.renego_period = DFL_RENEGO_PERIOD;
+ opt.exchanges = DFL_EXCHANGES;
+ opt.min_version = DFL_MIN_VERSION;
+ opt.max_version = DFL_MAX_VERSION;
+ opt.arc4 = DFL_ARC4;
+ opt.auth_mode = DFL_AUTH_MODE;
+ opt.mfl_code = DFL_MFL_CODE;
+ opt.trunc_hmac = DFL_TRUNC_HMAC;
+ opt.tickets = DFL_TICKETS;
+ opt.ticket_timeout = DFL_TICKET_TIMEOUT;
+ opt.cache_max = DFL_CACHE_MAX;
+ opt.cache_timeout = DFL_CACHE_TIMEOUT;
+ opt.sni = DFL_SNI;
+ opt.alpn_string = DFL_ALPN_STRING;
+ opt.dhm_file = DFL_DHM_FILE;
+ opt.transport = DFL_TRANSPORT;
+ opt.cookies = DFL_COOKIES;
+ opt.anti_replay = DFL_ANTI_REPLAY;
+ opt.hs_to_min = DFL_HS_TO_MIN;
+ opt.hs_to_max = DFL_HS_TO_MAX;
+ opt.badmac_limit = DFL_BADMAC_LIMIT;
+ opt.extended_ms = DFL_EXTENDED_MS;
+ opt.etm = DFL_ETM;
+ opt.retry = DFL_RETRY;
for (i = 1; i < argc; i++) {
p = argv[i];
} else if (strcmp(p, "version_suites") == 0) {
opt.version_suites = q;
} else if (strcmp(p, "renegotiation") == 0) {
- opt.renegotiation = (atoi(q)) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED :
- MBEDTLS_SSL_RENEGOTIATION_DISABLED;
+ opt.renegotiation = (atoi(q)) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED;
} else if (strcmp(p, "allow_legacy") == 0) {
switch (atoi(q)) {
case -1:
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0;
} else if (strcmp(q, "tls1") == 0) {
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1;
- } else if (strcmp(q, "tls1_1") == 0 ||
- strcmp(q, "dtls1") == 0) {
+ } else if (strcmp(q, "tls1_1") == 0 || strcmp(q, "dtls1") == 0) {
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
- } else if (strcmp(q, "tls1_2") == 0 ||
- strcmp(q, "dtls1_2") == 0) {
+ } else if (strcmp(q, "tls1_2") == 0 || strcmp(q, "dtls1_2") == 0) {
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
} else {
goto usage;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0;
} else if (strcmp(q, "tls1") == 0) {
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1;
- } else if (strcmp(q, "tls1_1") == 0 ||
- strcmp(q, "dtls1") == 0) {
+ } else if (strcmp(q, "tls1_1") == 0 || strcmp(q, "dtls1") == 0) {
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2;
- } else if (strcmp(q, "tls1_2") == 0 ||
- strcmp(q, "dtls1_2") == 0) {
+ } else if (strcmp(q, "tls1_2") == 0 || strcmp(q, "dtls1_2") == 0) {
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
} else {
goto usage;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(opt.force_ciphersuite[0]);
- if (opt.max_version != -1 &&
- ciphersuite_info->min_minor_ver > opt.max_version) {
+ if (opt.max_version != -1 && ciphersuite_info->min_minor_ver > opt.max_version) {
mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
ret = 2;
goto usage;
}
- if (opt.min_version != -1 &&
- ciphersuite_info->max_minor_ver < opt.min_version) {
+ if (opt.min_version != -1 && ciphersuite_info->max_minor_ver < opt.min_version) {
mbedtls_printf("forced ciphersuite not allowed with this protocol version\n");
ret = 2;
goto usage;
/* If we select a version that's not supported by
* this suite, then there will be no common ciphersuite... */
- if (opt.max_version == -1 ||
- opt.max_version > ciphersuite_info->max_minor_ver) {
+ if (opt.max_version == -1 || opt.max_version > ciphersuite_info->max_minor_ver) {
opt.max_version = ciphersuite_info->max_minor_ver;
}
if (opt.min_version < ciphersuite_info->min_minor_ver) {
opt.min_version = ciphersuite_info->min_minor_ver;
/* DTLS starts with TLS 1.1 */
- if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
- opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) {
+ if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) {
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
}
}
}
if (opt.version_suites != NULL) {
- const char *name[4] = {0};
+ const char *name[4] = { 0 };
/* Parse 4-element coma-separated list */
- for (i = 0, p = (char *)opt.version_suites;
- i < 4 && *p != '\0';
- i++) {
+ for (i = 0, p = (char *)opt.version_suites; i < 4 && *p != '\0'; i++) {
name[i] = p;
/* Terminate the current string and move on to next one */
}
}
}
-
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
/*
* Unhexify the pre-shared key and parse the list if any given
goto exit;
}
}
-#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(MBEDTLS_SSL_ALPN)
if (opt.alpn_string != NULL) {
}
}
}
-#endif /* MBEDTLS_SSL_ALPN */
+#endif /* MBEDTLS_SSL_ALPN */
/*
* 0. Initialize the RNG and the session data
fflush(stdout);
mbedtls_entropy_init(&entropy);
- if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *)pers,
- strlen(pers))) != 0) {
+ if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *)pers, strlen(pers))) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", -ret);
goto exit;
}
else
#endif
#if defined(MBEDTLS_CERTS_C)
- ret = mbedtls_x509_crt_parse(&cacert,
- (const unsigned char *)mbedtls_test_ca_crt_rsa,
- mbedtls_test_ca_crt_rsa_len);
+ ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *)mbedtls_test_ca_crt_rsa, mbedtls_test_ca_crt_rsa_len);
#else
{
ret = 1;
}
#endif
if (ret < 0) {
- mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret);
goto exit;
}
if (strlen(opt.crt_file) && strcmp(opt.crt_file, "none") != 0) {
key_cert_init++;
if ((ret = mbedtls_x509_crt_parse_file(&srvcert, opt.crt_file)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", -ret);
goto exit;
}
}
if (strlen(opt.key_file) && strcmp(opt.key_file, "none") != 0) {
key_cert_init++;
if ((ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, "")) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", -ret);
goto exit;
}
}
if (strlen(opt.crt_file2) && strcmp(opt.crt_file2, "none") != 0) {
key_cert_init2++;
if ((ret = mbedtls_x509_crt_parse_file(&srvcert2, opt.crt_file2)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n", -ret);
goto exit;
}
}
if (strlen(opt.key_file2) && strcmp(opt.key_file2, "none") != 0) {
key_cert_init2++;
if ((ret = mbedtls_pk_parse_keyfile(&pkey2, opt.key_file2, "")) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", -ret);
goto exit;
}
}
goto exit;
}
#endif
- if (key_cert_init == 0 &&
- strcmp(opt.crt_file, "none") != 0 &&
- strcmp(opt.key_file, "none") != 0 &&
- key_cert_init2 == 0 &&
- strcmp(opt.crt_file2, "none") != 0 &&
- strcmp(opt.key_file2, "none") != 0) {
+ if (key_cert_init == 0 && strcmp(opt.crt_file, "none") != 0 && strcmp(opt.key_file, "none") != 0 && key_cert_init2 == 0 && strcmp(opt.crt_file2, "none") != 0 && strcmp(opt.key_file2, "none") != 0) {
#if !defined(MBEDTLS_CERTS_C)
- mbedtls_printf("Not certificated or key provided, and \n"
- "MBEDTLS_CERTS_C not defined!\n");
+ mbedtls_printf("Not certificated or key provided, and \n" "MBEDTLS_CERTS_C not defined!\n");
goto exit;
#else
#if defined(MBEDTLS_RSA_C)
- if ((ret = mbedtls_x509_crt_parse(&srvcert,
- (const unsigned char *)mbedtls_test_srv_crt_rsa,
- mbedtls_test_srv_crt_rsa_len)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n",
- -ret);
+ if ((ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *)mbedtls_test_srv_crt_rsa, mbedtls_test_srv_crt_rsa_len)) != 0) {
+ mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", -ret);
goto exit;
}
- if ((ret = mbedtls_pk_parse_key(&pkey,
- (const unsigned char *)mbedtls_test_srv_key_rsa,
- mbedtls_test_srv_key_rsa_len, NULL, 0)) != 0) {
+ if ((ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *)mbedtls_test_srv_key_rsa, mbedtls_test_srv_key_rsa_len, NULL, 0)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", -ret);
goto exit;
}
key_cert_init = 2;
-#endif /* MBEDTLS_RSA_C */
-#endif /* MBEDTLS_CERTS_C */
+#endif /* MBEDTLS_RSA_C */
+#endif /* MBEDTLS_CERTS_C */
}
mbedtls_printf(" ok\n");
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
if (opt.dhm_file != NULL) {
fflush(stdout);
if ((ret = mbedtls_dhm_parse_dhmfile(&dhm, opt.dhm_file)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n",
- -ret);
+ mbedtls_printf(" failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n", -ret);
goto exit;
}
mbedtls_printf(" ok\n");
}
-#endif /* SNI_OPTION */
+#endif /* SNI_OPTION */
/*
* 2. Setup the listening TCP socket
*/
- mbedtls_printf(" . Bind on %s://%s:%s/ ...",
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp",
- opt.server_addr ? opt.server_addr : "*",
- opt.server_port);
+ mbedtls_printf(" . Bind on %s://%s:%s/ ...", opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", opt.server_addr ? opt.server_addr : "*", opt.server_port);
fflush(stdout);
- if ((ret = mbedtls_net_bind(&listen_fd, opt.server_addr, opt.server_port,
- opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
- MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
+ if ((ret = mbedtls_net_bind(&listen_fd, opt.server_addr, opt.server_port, opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_net_bind returned -0x%x\n\n", -ret);
goto exit;
}
mbedtls_printf(" . Setting up the SSL/TLS structure...");
fflush(stdout);
- if ((ret = mbedtls_ssl_config_defaults(&conf,
- MBEDTLS_SSL_IS_SERVER,
- opt.transport,
- MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n",
- -ret);
+ if ((ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, opt.transport, MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+ mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret);
goto exit;
}
if (opt.auth_mode != DFL_AUTH_MODE) {
mbedtls_ssl_conf_authmode(&conf, opt.auth_mode);
}
-
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) {
mbedtls_ssl_conf_handshake_timeout(&conf, opt.hs_to_min, opt.hs_to_max);
}
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n",
- ret);
+ mbedtls_printf(" failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret);
goto exit;
};
#endif
#if defined(MBEDTLS_SSL_ALPN)
if (opt.alpn_string != NULL)
if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n",
- ret);
+ mbedtls_printf(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret);
goto exit;
}
#endif
mbedtls_ssl_cache_set_timeout(&cache, opt.cache_timeout);
}
- mbedtls_ssl_conf_session_cache(&conf, &cache,
- mbedtls_ssl_cache_get,
- mbedtls_ssl_cache_set);
+ mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, mbedtls_ssl_cache_set);
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
if (opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED) {
- if ((ret = mbedtls_ssl_ticket_setup(&ticket_ctx,
- mbedtls_ctr_drbg_random, &ctr_drbg,
- MBEDTLS_CIPHER_AES_256_GCM,
- opt.ticket_timeout)) != 0) {
+ if ((ret = mbedtls_ssl_ticket_setup(&ticket_ctx, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_CIPHER_AES_256_GCM, opt.ticket_timeout)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_ticket_setup returned %d\n\n", ret);
goto exit;
}
- mbedtls_ssl_conf_session_tickets_cb(&conf,
- mbedtls_ssl_ticket_write,
- mbedtls_ssl_ticket_parse,
- &ticket_ctx);
+ mbedtls_ssl_conf_session_tickets_cb(&conf, mbedtls_ssl_ticket_write, mbedtls_ssl_ticket_parse, &ticket_ctx);
}
#endif
if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
#if defined(MBEDTLS_SSL_COOKIE_C)
if (opt.cookies > 0) {
- if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx,
- mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
+ if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret);
goto exit;
}
- mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write,
- mbedtls_ssl_cookie_check,
- &cookie_ctx);
+ mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx);
} else
-#endif /* MBEDTLS_SSL_COOKIE_C */
+#endif /* MBEDTLS_SSL_COOKIE_C */
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
if (opt.cookies == 0) {
mbedtls_ssl_conf_dtls_cookies(&conf, NULL, NULL, NULL);
} else
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
{
- ; /* Nothing to do */
+ ; /* Nothing to do */
}
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
}
#endif
}
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) {
mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite);
}
-
#if defined(MBEDTLS_ARC4_C)
if (opt.arc4 != DFL_ARC4) {
mbedtls_ssl_conf_arc4_support(&conf, opt.arc4);
#endif
if (opt.version_suites != NULL) {
- mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[0],
- MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_0);
- mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[1],
- MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_1);
- mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[2],
- MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_2);
- mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[3],
- MBEDTLS_SSL_MAJOR_VERSION_3,
- MBEDTLS_SSL_MINOR_VERSION_3);
+ mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[0], MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0);
+ mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[1], MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1);
+ mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[2], MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_2);
+ mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[3], MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
}
if (opt.allow_legacy != DFL_ALLOW_LEGACY) {
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
- if (strcmp(opt.ca_path, "none") != 0 &&
- strcmp(opt.ca_file, "none") != 0) {
+ if (strcmp(opt.ca_path, "none") != 0 && strcmp(opt.ca_file, "none") != 0) {
mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL);
}
if (key_cert_init)
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
if (strlen(opt.psk) != 0 && strlen(opt.psk_identity) != 0) {
- ret = mbedtls_ssl_conf_psk(&conf, psk, psk_len,
- (const unsigned char *)opt.psk_identity,
- strlen(opt.psk_identity));
+ ret = mbedtls_ssl_conf_psk(&conf, psk, psk_len, (const unsigned char *)opt.psk_identity, strlen(opt.psk_identity));
if (ret != 0) {
- mbedtls_printf(" failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n",
- -ret);
+ mbedtls_printf(" failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", -ret);
goto exit;
}
}
}
#endif
if (ret != 0) {
- mbedtls_printf(" failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n",
- -ret);
+ mbedtls_printf(" failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", -ret);
goto exit;
}
#endif
- if (opt.min_version != DFL_MIN_VERSION)
- mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3,
- opt.min_version);
+ if (opt.min_version != DFL_MIN_VERSION) {
+ mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version);
+ }
- if (opt.max_version != DFL_MIN_VERSION)
- mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3,
- opt.max_version);
+ if (opt.max_version != DFL_MIN_VERSION) {
+ mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version);
+ }
if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret);
if (opt.nbio == 2) {
mbedtls_ssl_set_bio(&ssl, &client_fd, my_send, my_recv, NULL);
- } else
- mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv,
- opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL);
+ } else {
+ mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL);
+ }
#if defined(MBEDTLS_TIMING_C)
- mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay,
- mbedtls_timing_get_delay);
+ mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay);
#endif
mbedtls_printf(" ok\n");
reset:
- if(!(opt.retry--)) {
+ if (!(opt.retry--)) {
goto exit;
}
-
#if !defined(_WIN32)
if (received_sigterm) {
mbedtls_printf(" interrupted by SIGTERM\n");
mbedtls_printf(" ! Client initiated reconnection from same port\n");
goto handshake;
}
-
#ifdef MBEDTLS_ERROR_C
if (ret != 0) {
char error_buf[100];
if (listen_fd.fd < 0) {
goto exit;
}
- if ((ret = mbedtls_net_accept(&listen_fd, &client_fd,
- client_ip, sizeof(client_ip), &cliip_len)) != 0) {
+ if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, client_ip, sizeof(client_ip), &cliip_len)) != 0) {
#if !defined(_WIN32)
if (received_sigterm) {
mbedtls_printf(" interrupted by signal\n");
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
- if ((ret = mbedtls_ssl_set_client_transport_id(&ssl,
- client_ip, cliip_len)) != 0) {
- mbedtls_printf(" failed\n ! "
- "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", -ret);
+ if ((ret = mbedtls_ssl_set_client_transport_id(&ssl, client_ip, cliip_len)) != 0) {
+ mbedtls_printf(" failed\n ! " "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", -ret);
goto exit;
}
}
-#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
if (opt.ecjpake_pw != DFL_ECJPAKE_PW) {
- if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl,
- (const unsigned char *)opt.ecjpake_pw,
- strlen(opt.ecjpake_pw))) != 0) {
- mbedtls_printf(" failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n",
- ret);
+ if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, (const unsigned char *)opt.ecjpake_pw, strlen(opt.ecjpake_pw))) != 0) {
+ mbedtls_printf(" failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret);
goto exit;
}
}
do {
ret = mbedtls_ssl_handshake(&ssl);
- } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ } while (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE);
if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
mbedtls_printf(" hello verification requested\n");
}
#endif
goto reset;
- } else { /* ret == 0 */
- mbedtls_printf(" ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n",
- mbedtls_ssl_get_version(&ssl), mbedtls_ssl_get_ciphersuite(&ssl));
+ } else { /* ret == 0 */
+ mbedtls_printf(" ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", mbedtls_ssl_get_version(&ssl), mbedtls_ssl_get_ciphersuite(&ssl));
}
if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) {
}
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- mbedtls_printf(" [ Maximum fragment length is %u ]\n",
- (unsigned int)mbedtls_ssl_get_max_frag_len(&ssl));
+ mbedtls_printf(" [ Maximum fragment length is %u ]\n", (unsigned int)mbedtls_ssl_get_max_frag_len(&ssl));
#endif
#if defined(MBEDTLS_SSL_ALPN)
if (opt.alpn_string != NULL) {
const char *alp = mbedtls_ssl_get_alpn_protocol(&ssl);
- mbedtls_printf(" [ Application Layer Protocol is %s ]\n",
- alp ? alp : "(none)");
+ mbedtls_printf(" [ Application Layer Protocol is %s ]\n", alp ? alp : "(none)");
}
#endif
char crt_buf[512];
mbedtls_printf(" . Peer certificate information ...\n");
- mbedtls_x509_crt_info(crt_buf, sizeof(crt_buf), " ",
- mbedtls_ssl_get_peer_cert(&ssl));
+ mbedtls_x509_crt_info(crt_buf, sizeof(crt_buf), " ", mbedtls_ssl_get_peer_cert(&ssl));
mbedtls_printf("%s\n", crt_buf);
}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
if (opt.exchanges == 0) {
goto close_notify;
memset(buf, 0, sizeof(buf));
ret = mbedtls_ssl_read(&ssl, buf, len);
- if (ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+ if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
continue;
}
unsigned char *larger_buf;
ori_len = ret;
- extra_len = (int) mbedtls_ssl_get_bytes_avail(&ssl);
+ extra_len = (int)mbedtls_ssl_get_bytes_avail(&ssl);
larger_buf = mbedtls_calloc(1, ori_len + extra_len + 1);
if (larger_buf == NULL) {
/* This read should never fail and get the whole cached data */
ret = mbedtls_ssl_read(&ssl, larger_buf + ori_len, extra_len);
- if (ret != extra_len ||
- mbedtls_ssl_get_bytes_avail(&ssl) != 0) {
+ if (ret != extra_len || mbedtls_ssl_get_bytes_avail(&ssl) != 0) {
mbedtls_printf(" ! mbedtls_ssl_read failed on cached data\n");
ret = 1;
goto reset;
}
larger_buf[ori_len + extra_len] = '\0';
- mbedtls_printf(" %u bytes read (%u + %u)\n\n%s\n",
- ori_len + extra_len, ori_len, extra_len,
- (char *)larger_buf);
+ mbedtls_printf(" %u bytes read (%u + %u)\n\n%s\n", ori_len + extra_len, ori_len, extra_len, (char *)larger_buf);
/* End of message should be detected according to the syntax of the
* application protocol (eg HTTP), just use a dummy test here. */
break;
}
} while (1);
- } else { /* Not stream, so datagram */
+ } else { /* Not stream, so datagram */
len = sizeof(buf) - 1;
memset(buf, 0, sizeof(buf));
do {
ret = mbedtls_ssl_read(&ssl, buf, len);
- } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ } while (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE);
if (ret <= 0) {
switch (ret) {
fflush(stdout);
while ((ret = mbedtls_ssl_renegotiate(&ssl)) != 0) {
- if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
mbedtls_printf(" failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret);
goto reset;
}
mbedtls_printf(" ok\n");
}
-#endif /* MBEDTLS_SSL_RENEGOTIATION */
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
/*
* 7. Write the 200 Response
mbedtls_printf(" > Write to client:");
fflush(stdout);
- len = sprintf((char *)buf, HTTP_RESPONSE,
- mbedtls_ssl_get_ciphersuite(&ssl));
+ len = sprintf((char *)buf, HTTP_RESPONSE, mbedtls_ssl_get_ciphersuite(&ssl));
if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) {
for (written = 0, frags = 0; written < len; written += ret, frags++) {
goto reset;
}
- if (ret != MBEDTLS_ERR_SSL_WANT_READ &&
- ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
goto reset;
}
}
}
- } else { /* Not stream, so datagram */
+ } else { /* Not stream, so datagram */
do {
ret = mbedtls_ssl_write(&ssl, buf, len);
- } while (ret == MBEDTLS_ERR_SSL_WANT_READ ||
- ret == MBEDTLS_ERR_SSL_WANT_WRITE);
+ } while (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE);
if (ret < 0) {
mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret);
}
buf[written] = '\0';
- mbedtls_printf(" %d bytes written in %d fragments\n\n%s\n", written, frags,
- (char *)buf);
+ mbedtls_printf(" %d bytes written in %d fragments\n\n%s\n", written, frags, (char *)buf);
ret = 0;
/*
}
/* 3. create pthread with entry function */
- if ((r = pthread_create(&tid, &attr,
- (pthread_startroutine_t)tls_server_cb, (void *)&args)) != 0) {
+ if ((r = pthread_create(&tid, &attr, (pthread_startroutine_t) tls_server_cb, (void *)&args)) != 0) {
printf("%s: pthread_create failed, status=%d\n", __func__, r);
}
return 0;
}
-
"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n"
"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n"
"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n"
- "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n"
- "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n"
- "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n"
- "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n"
- "gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n"
- "/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n"
- "BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n"
- "dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n"
- "SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n"
- "DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n"
- "pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n"
- "m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n"
- "7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n"
- "-----END CERTIFICATE-----\r\n";
+ "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" "gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n" "/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n" "BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n" "dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n" "SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n" "DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n" "pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n" "m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" "7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" "-----END CERTIFICATE-----\r\n";
const char c_cli_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
"MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n"
- "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n"
- "M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n"
- "1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n"
- "MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n"
- "4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n"
- "/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n"
- "o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n"
- "BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC\r\n"
- "AQEAAn86isAM8X+mVwJqeItt6E9slhEQbAofyk+diH1Lh8Y9iLlWQSKbw/UXYjx5\r\n"
- "LLPZcniovxIcARC/BjyZR9g3UwTHNGNm+rwrqa15viuNOFBchykX/Orsk02EH7NR\r\n"
- "Alw5WLPorYjED6cdVQgBl9ot93HdJogRiXCxErM7NC8/eP511mjq+uLDjLKH8ZPQ\r\n"
- "8I4ekHJnroLsDkIwXKGIsvIBHQy2ac/NwHLCQOK6mfum1pRx52V4Utu5dLLjD5bM\r\n"
- "xOBC7KU4xZKuMXXZM6/93Yb51K/J4ahf1TxJlTWXtnzDr9saEYdNy2SKY/6ZiDNH\r\n"
- "D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n"
- "-----END CERTIFICATE-----\r\n";
+ "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" "M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" "1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" "MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" "4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" "/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" "o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" "BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC\r\n" "AQEAAn86isAM8X+mVwJqeItt6E9slhEQbAofyk+diH1Lh8Y9iLlWQSKbw/UXYjx5\r\n" "LLPZcniovxIcARC/BjyZR9g3UwTHNGNm+rwrqa15viuNOFBchykX/Orsk02EH7NR\r\n" "Alw5WLPorYjED6cdVQgBl9ot93HdJogRiXCxErM7NC8/eP511mjq+uLDjLKH8ZPQ\r\n" "8I4ekHJnroLsDkIwXKGIsvIBHQy2ac/NwHLCQOK6mfum1pRx52V4Utu5dLLjD5bM\r\n" "xOBC7KU4xZKuMXXZM6/93Yb51K/J4ahf1TxJlTWXtnzDr9saEYdNy2SKY/6ZiDNH\r\n" "D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n" "-----END CERTIFICATE-----\r\n";
const char c_cli_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n"
"zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n"
"l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n"
"DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n"
- "VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n"
- "Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n"
- "wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n"
- "c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n"
- "33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n"
- "ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n"
- "BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n"
- "KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n"
- "UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n"
- "7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n"
- "gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n"
- "bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n"
- "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
- "-----END RSA PRIVATE KEY-----\r\n";
+ "VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" "Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" "wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" "c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" "33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" "ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" "BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" "KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" "UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" "7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" "gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" "bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" "-----END RSA PRIVATE KEY-----\r\n";
static const char headerfield_connect[] = "Connect";
static const char headerfield_close[] = "close";
/* send HTTPS request */
if (!strncmp(request.url, "https", 5)) {
ssl_config.root_ca = (char *)c_ca_crt_rsa;
- ssl_config.root_ca_len = sizeof(c_ca_crt_rsa);
+ ssl_config.root_ca_len = sizeof(c_ca_crt_rsa);
ssl_config.dev_cert = (char *)c_cli_crt_rsa;
- ssl_config.dev_cert_len = sizeof(c_cli_crt_rsa);
+ ssl_config.dev_cert_len = sizeof(c_cli_crt_rsa);
ssl_config.private_key = (char *)c_cli_key_rsa;
ssl_config.private_key_len = sizeof(c_cli_key_rsa);
/* before sending request by sync function,
http_client_response_release(&response);
}
- if (http_client_send_request_async(&request, &ssl_config, (wget_callback_t)callback)) {
+ if (http_client_send_request_async(&request, &ssl_config, (wget_callback_t) callback)) {
printf("fail to send request\n");
goto release_out;
}
http_client_response_release(&response);
}
- if (http_client_send_request_async(&request, NULL, (wget_callback_t)callback)) {
+ if (http_client_send_request_async(&request, NULL, (wget_callback_t) callback)) {
printf("fail to send request\n");
goto release_out;
}
return 0;
}
-
"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n"
"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n"
"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n"
- "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n"
- "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n"
- "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n"
- "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n"
- "gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n"
- "/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n"
- "BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n"
- "dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n"
- "SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n"
- "DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n"
- "pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n"
- "m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n"
- "7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n"
- "-----END CERTIFICATE-----\r\n";
+ "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" "gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n" "/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n" "BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n" "dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n" "SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n" "DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n" "pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n" "m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" "7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" "-----END CERTIFICATE-----\r\n";
const char srv_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n"
- "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n"
- "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n"
- "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n"
- "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n"
- "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n"
- "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n"
- "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n"
- "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY\r\n"
- "oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw\r\n"
- "UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y\r\n"
- "iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M\r\n"
- "wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS\r\n"
- "RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8\r\n"
- "zhuYwjVuX6JHG0c=\r\n"
- "-----END CERTIFICATE-----\r\n";
+ "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY\r\n" "oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw\r\n" "UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y\r\n" "iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M\r\n" "wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS\r\n" "RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8\r\n" "zhuYwjVuX6JHG0c=\r\n" "-----END CERTIFICATE-----\r\n";
const char srv_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n"
"WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n"
"GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n"
"TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n"
- "CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n"
- "nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n"
- "AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n"
- "sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n"
- "mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n"
- "BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n"
- "whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n"
- "vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n"
- "3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n"
- "3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n"
- "ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n"
- "4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n"
- "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"
- "-----END RSA PRIVATE KEY-----\r\n";
-
-static const char g_httpcontype[] = "Content-type";
-static const char g_httpconhtml[] = "text/html";
+ "CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n" "nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n" "AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n" "sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n" "mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n" "BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n" "whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n" "vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n" "3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n" "3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n" "ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n" "4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n" "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n" "-----END RSA PRIVATE KEY-----\r\n";
+
+static const char g_httpcontype[] = "Content-type";
+static const char g_httpconhtml[] = "text/html";
static const char g_httpcontsize[] = "Content-Length";
-static const char g_httpconnect[] = "Connection";
-static const char g_httpcnlost[] = "close";
+static const char g_httpconnect[] = "Connection";
+static const char g_httpcnlost[] = "close";
struct http_server_t *http_server = NULL;
struct http_server_t *https_server = NULL;
{
struct http_keyvalue_list_t response_headers;
const char *msg = "This is a root page";
- char contlen[6] = {0,};
+ char contlen[6] = { 0, };
http_keyvalue_list_init(&response_headers);
void get_device_id(struct http_client_t *client, struct http_req_message *req)
{
- char buf[128] = {0, };
+ char buf[128] = { 0, };
printf("%s\n", req->url);
printf("%s\n", req->query_string);
#endif
struct webserver_input *input;
-
input = arg;
if (input->argc != 2) {
print_webserver_usage();
return NULL;
}
ssl_config.root_ca = (char *)ca_crt_rsa;
- ssl_config.root_ca_len = sizeof(ca_crt_rsa);
+ ssl_config.root_ca_len = sizeof(ca_crt_rsa);
ssl_config.dev_cert = (char *)srv_crt_rsa;
- ssl_config.dev_cert_len = sizeof(srv_crt_rsa);
+ ssl_config.dev_cert_len = sizeof(srv_crt_rsa);
ssl_config.private_key = (char *)srv_key_rsa;
ssl_config.private_key_len = sizeof(srv_key_rsa);
ssl_config.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED;
printf("Error: Cannot allocate server structure!!\n");
return NULL;
}
-
#ifdef CONFIG_NET_SECURITY_TLS
http_server_register_cb(https_server, HTTP_METHOD_GET, NULL, get_callback);
http_server_register_cb(https_server, HTTP_METHOD_GET, root_url, get_root);
http_server_register_cb(https_server, HTTP_METHOD_POST, NULL, post_callback);
- http_server_register_cb(https_server, HTTP_METHOD_GET, devid_url,
- get_device_id);
+ http_server_register_cb(https_server, HTTP_METHOD_GET, devid_url, get_device_id);
#ifdef CONFIG_NETUTILS_WEBSOCKET
https_server->ws_cb.recv_callback = ws_recv_cb;
https_server->ws_cb.send_callback = ws_send_cb;
http_server_register_cb(http_server, HTTP_METHOD_GET, NULL, get_callback);
http_server_register_cb(http_server, HTTP_METHOD_GET, root_url, get_root);
http_server_register_cb(http_server, HTTP_METHOD_POST, NULL, post_callback);
- http_server_register_cb(http_server, HTTP_METHOD_GET, devid_url,
- get_device_id);
+ http_server_register_cb(http_server, HTTP_METHOD_GET, devid_url, get_device_id);
#ifdef CONFIG_NETUTILS_WEBSOCKET
http_server->ws_cb.recv_callback = ws_recv_cb;
http_server->ws_cb.send_callback = ws_send_cb;
RECV_RETRY:
if (info->data->tls_enabled) {
r = mbedtls_ssl_read(info->data->tls_ssl, buf, len);
- }
- else {
+ } else {
r = recv(fd, buf, len, 0);
}
if (r == 0) {
websocket_set_error(info->data, WEBSOCKET_ERR_CALLBACK_FAILURE);
- }
- else if (r < 0) {
+ } else if (r < 0) {
printf("recv err : %d\n", errno);
if (retry_cnt == 0) {
websocket_set_error(info->data, WEBSOCKET_ERR_CALLBACK_FAILURE);
SEND_RETRY:
if (info->data->tls_enabled) {
r = mbedtls_ssl_write(info->data->tls_ssl, buf, len);
- }
- else {
+ } else {
r = send(fd, buf, len, flags);
}
/* Echo back non-closing message */
if (WEBSOCKET_CHECK_NOT_CTRL_FRAME(arg->opcode)) {
- received_cnt++; //to check communication is done.
+ received_cnt++; //to check communication is done.
printf("on_msg length : %d print : %s, [#%d]\n", msgarg.msg_length, msgarg.msg, received_cnt);
} else if (WEBSOCKET_CHECK_CTRL_CLOSE(arg->opcode)) {
- printf("print_on_msg recevied close message\n");
+ printf("print_on_msg received close message\n");
} else if (WEBSOCKET_CHECK_CTRL_PING(arg->opcode)) {
printf("cli got ping\n");
} else if (WEBSOCKET_CHECK_CTRL_PONG(arg->opcode)) {
websocket_queue_msg(info->data, &msgarg);
//echo back the message
} else if (WEBSOCKET_CHECK_CTRL_CLOSE(arg->opcode)) {
- printf("echoback_on_msg recevied close message\n");
+ printf("echoback_on_msg received close message\n");
} else if (WEBSOCKET_CHECK_CTRL_PING(arg->opcode)) {
printf("srv got ping\n");
} else if (WEBSOCKET_CHECK_CTRL_PONG(arg->opcode)) {
NULL, /* recv frame start callback */
NULL, /* recv frame chunk callback */
NULL, /* recv frame end callback */
- print_on_msg_cb /* recv message callback */
+ print_on_msg_cb /* recv message callback */
};
mbedtls_ssl_config conf;
goto WEB_CLI_EXIT;
}
- test_message = malloc(size + 1);
+ test_message = malloc(size);
if (test_message == NULL) {
goto WEB_CLI_EXIT;
}
memset(test_message, '.', size);
sprintf(test_message, "[%d] hello websocket", size);
- test_message[size] = '\0';
+ test_message[size - 1] = '\0';
tx_frame = malloc(sizeof(websocket_frame_t));
if (tx_frame == NULL) {
tx_frame->opcode = WEBSOCKET_TEXT_FRAME;
tx_frame->msg = (const uint8_t *)test_message;
- tx_frame->msg_length = size + 1;
+ tx_frame->msg_length = size;
/* send and receive small message */
for (i = 1; i <= send_cnt; i++) {
/* wait until every message is tested. */
while (websocket_cli->state == WEBSOCKET_RUNNING) {
/* all echo back message received */
- if(received_cnt == send_cnt) {
+ if (received_cnt == send_cnt) {
printf("all message was received well\n");
break;
}
char **argv = arg;
int tls = atoi(argv[0]);
static websocket_cb_t cb = {
- recv_cb, /* recv callback */
- send_cb, /* send callback */
- NULL, /* gen mask callback */
- NULL, /* recv frame start callback */
- NULL, /* recv frame chunk callback */
- NULL, /* recv frame end callback */
+ recv_cb, /* recv callback */
+ send_cb, /* send callback */
+ NULL, /* gen mask callback */
+ NULL, /* recv frame start callback */
+ NULL, /* recv frame chunk callback */
+ NULL, /* recv frame end callback */
echoback_on_msg_cb /* recv message callback */
};
#define WEBSOCKET_USAGE \
"-----------------------------\n" \
"Server usage:\n" \
-"$websocket server [addr] [port] [path] [tls_enable] [size] [num]\n" \
+"$websocket server [tls option]\n" \
"Client usage:\n" \
-"$websocket client [tls option]\n" \
+"$websocket client [addr] [port] [path] [tls_enable] [size] [num]\n" \
"-----------------------------\n"
#ifdef CONFIG_BUILD_KERNEL
}
pthread_attr_setstacksize(&attr, WEBSOCKET_EXAMPLE_STACKSIZE);
pthread_attr_setschedpolicy(&attr, WEBSOCKET_SCHED_POLICY);
- status = pthread_create(&tid, &attr, (pthread_startroutine_t)websocket_client, (void *)(argv + 2));
+ status = pthread_create(&tid, &attr, (pthread_startroutine_t) websocket_client, (void *)(argv + 2));
if (status != 0) {
printf("fail to create thread\n");
return -1;
}
pthread_setname_np(tid, "websocket client");
pthread_detach(tid);
- }
- else if (memcmp(argv[1], "server", strlen("server")) == 0) {
+ } else if (memcmp(argv[1], "server", strlen("server")) == 0) {
if ((atoi(argv[2]) != 0) && (atoi(argv[2]) != 1)) {
printf("Please choose 0 or 1 for TLS option\n");
printf("TLS option value 1 is tls enabled, 0 is tls disabled\n");
}
pthread_attr_setstacksize(&attr, WEBSOCKET_EXAMPLE_STACKSIZE);
pthread_attr_setschedpolicy(&attr, WEBSOCKET_SCHED_POLICY);
- status = pthread_create(&tid, &attr, (pthread_startroutine_t)websocket_server, (void *)(argv + 2));
+ status = pthread_create(&tid, &attr, (pthread_startroutine_t) websocket_server, (void *)(argv + 2));
if (status != 0) {
printf("fail to create thread\n");
return -1;
}
pthread_setname_np(tid, "websocket server");
pthread_detach(tid);
- }
- else {
+ } else {
printf("choose client or server\n");
return -1;
}