/* return success value is the same as wolfCrypt_Init */ int wolfCrypt_Cleanup(void) { int ret = 0; if (initRefCount == 1) { WOLFSSL_ENTER("wolfCrypt_Cleanup"); #ifdef HAVE_ECC #ifdef FP_ECC wc_ecc_fp_free(); #endif #ifdef ECC_CACHE_CURVE wc_ecc_curve_cache_free(); #endif #endif /* HAVE_ECC */ #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) ret = wc_LoggingCleanup(); #endif #if defined(WOLFSSL_TRACK_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY) ShowMemoryTracker(); #endif #ifdef WOLFSSL_ASYNC_CRYPT wolfAsync_HardwareStop(); #endif initRefCount = 0; /* allow re-init */ } return ret; }
static THREAD_RET readInput(void* in) { byte buf[256]; int bufSz = sizeof(buf); thread_args* args = (thread_args*)in; int ret = 0; word32 sz = 0; #ifdef USE_WINDOWS_API HANDLE stdinHandle = GetStdHandle(STD_INPUT_HANDLE); #endif while (ret >= 0) { WMEMSET(buf, 0, bufSz); #ifdef USE_WINDOWS_API /* Using A version to avoid potential 2 byte chars */ ret = ReadConsoleA(stdinHandle, (void*)buf, bufSz - 1, (DWORD*)&sz, NULL); #else ret = (int)read(STDIN_FILENO, buf, bufSz -1); sz = (word32)ret; #endif if (ret <= 0) { err_sys("Error reading stdin"); } /* lock SSH structure access */ wc_LockMutex(&args->lock); ret = wolfSSH_stream_send(args->ssh, buf, sz); wc_UnLockMutex(&args->lock); if (ret <= 0) err_sys("Couldn't send data"); } #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif return THREAD_RET_SUCCESS; }
THREAD_RETURN WOLFSSH_THREAD client_test(void* args) { WOLFSSH_CTX* ctx = NULL; WOLFSSH* ssh = NULL; SOCKET_T sockFd = WOLFSSH_SOCKET_INVALID; SOCKADDR_IN_T clientAddr; socklen_t clientAddrSz = sizeof(clientAddr); char rxBuf[80]; int ret; int ch; word16 port = wolfSshPort; char* host = (char*)wolfSshIp; const char* username = NULL; const char* password = NULL; const char* cmd = NULL; byte imExit = 0; byte nonBlock = 0; byte keepOpen = 0; #ifdef USE_WINDOWS_API byte rawMode = 0; #endif int argc = ((func_args*)args)->argc; char** argv = ((func_args*)args)->argv; ((func_args*)args)->return_code = 0; while ((ch = mygetopt(argc, argv, "?NP:h:p:u:xc:Rtz")) != -1) { switch (ch) { case 'h': host = myoptarg; break; case 'z': #ifdef WOLFSSH_SHOW_SIZES wolfSSH_ShowSizes(); exit(EXIT_SUCCESS); #endif break; case 'p': port = (word16)atoi(myoptarg); #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API) if (port == 0) err_sys("port number cannot be 0"); #endif break; case 'u': username = myoptarg; break; case 'P': password = myoptarg; break; case 'x': /* exit after successful connection without read/write */ imExit = 1; break; case 'N': nonBlock = 1; break; #if !defined(SINGLE_THREADED) && !defined(WOLFSSL_NUCLEUS) case 'c': cmd = myoptarg; break; #ifdef USE_WINDOWS_API case 'R': rawMode = 1; break; #endif /* USE_WINDOWS_API */ #endif #ifdef WOLFSSH_TERM case 't': keepOpen = 1; break; #endif case '?': ShowUsage(); exit(EXIT_SUCCESS); default: ShowUsage(); exit(MY_EX_USAGE); } } myoptind = 0; /* reset for test cases */ if (username == NULL) err_sys("client requires a username parameter."); #ifdef SINGLE_THREADED if (keepOpen) err_sys("Threading needed for terminal session\n"); #endif ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, NULL); if (ctx == NULL) err_sys("Couldn't create wolfSSH client context."); if (((func_args*)args)->user_auth == NULL) wolfSSH_SetUserAuth(ctx, wsUserAuth); else wolfSSH_SetUserAuth(ctx, ((func_args*)args)->user_auth); ssh = wolfSSH_new(ctx); if (ssh == NULL) err_sys("Couldn't create wolfSSH session."); if (password != NULL) wolfSSH_SetUserAuthCtx(ssh, (void*)password); wolfSSH_CTX_SetPublicKeyCheck(ctx, wsPublicKeyCheck); wolfSSH_SetPublicKeyCheckCtx(ssh, (void*)"You've been sampled!"); ret = wolfSSH_SetUsername(ssh, username); if (ret != WS_SUCCESS) err_sys("Couldn't set the username."); build_addr(&clientAddr, host, port); tcp_socket(&sockFd); ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz); if (ret != 0) err_sys("Couldn't connect to server."); if (nonBlock) tcp_set_nonblocking(&sockFd); ret = wolfSSH_set_fd(ssh, (int)sockFd); if (ret != WS_SUCCESS) err_sys("Couldn't set the session's socket."); if (cmd != NULL) { ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC, (byte*)cmd, (word32)WSTRLEN((char*)cmd)); if (ret != WS_SUCCESS) err_sys("Couldn't set the channel type."); } #ifdef WOLFSSH_TERM if (keepOpen) { ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_TERMINAL, NULL, 0); if (ret != WS_SUCCESS) err_sys("Couldn't set the terminal channel type."); } #endif if (!nonBlock) ret = wolfSSH_connect(ssh); else ret = NonBlockSSH_connect(ssh); if (ret != WS_SUCCESS) { printf("err = %s\n", wolfSSH_get_error_name(ssh)); err_sys("Couldn't connect SSH stream."); } #if !defined(SINGLE_THREADED) && !defined(WOLFSSL_NUCLEUS) if (keepOpen) /* set up for psuedo-terminal */ SetEcho(2); if (cmd != NULL || keepOpen == 1) { #if defined(_POSIX_THREADS) thread_args arg; pthread_t thread[2]; arg.ssh = ssh; wc_InitMutex(&arg.lock); pthread_create(&thread[0], NULL, readInput, (void*)&arg); pthread_create(&thread[1], NULL, readPeer, (void*)&arg); pthread_join(thread[1], NULL); pthread_cancel(thread[0]); #elif defined(_MSC_VER) thread_args arg; HANDLE thread[2]; arg.ssh = ssh; arg.rawMode = rawMode; wc_InitMutex(&arg.lock); thread[0] = CreateThread(NULL, 0, readInput, (void*)&arg, 0, 0); thread[1] = CreateThread(NULL, 0, readPeer, (void*)&arg, 0, 0); WaitForSingleObject(thread[1], INFINITE); CloseHandle(thread[0]); CloseHandle(thread[1]); #else err_sys("No threading to use"); #endif if (keepOpen) SetEcho(1); } else #endif if (!imExit) { ret = wolfSSH_stream_send(ssh, (byte*)testString, (word32)strlen(testString)); if (ret <= 0) err_sys("Couldn't send test string."); do { ret = wolfSSH_stream_read(ssh, (byte*)rxBuf, sizeof(rxBuf) - 1); if (ret <= 0) { ret = wolfSSH_get_error(ssh); if (ret != WS_WANT_READ && ret != WS_WANT_WRITE) err_sys("Stream read failed."); } } while (ret == WS_WANT_READ || ret == WS_WANT_WRITE); rxBuf[ret] = '\0'; printf("Server said: %s\n", rxBuf); } ret = wolfSSH_shutdown(ssh); WCLOSESOCKET(sockFd); wolfSSH_free(ssh); wolfSSH_CTX_free(ctx); if (ret != WS_SUCCESS) err_sys("Closing stream failed. Connection could have been closed by peer"); #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif return 0; }
static THREAD_RET readPeer(void* in) { byte buf[80]; int bufSz = sizeof(buf); thread_args* args = (thread_args*)in; int ret = 0; int fd = wolfSSH_get_fd(args->ssh); word32 bytes; #ifdef USE_WINDOWS_API HANDLE stdoutHandle = GetStdHandle(STD_OUTPUT_HANDLE); #endif fd_set readSet; fd_set errSet; FD_ZERO(&readSet); FD_ZERO(&errSet); FD_SET(fd, &readSet); FD_SET(fd, &errSet); while (ret >= 0) { bytes = select(fd + 1, &readSet, NULL, &errSet, NULL); wc_LockMutex(&args->lock); while (bytes > 0 && (FD_ISSET(fd, &readSet) || FD_ISSET(fd, &errSet))) { /* there is something to read off the wire */ WMEMSET(buf, 0, bufSz); ret = wolfSSH_stream_read(args->ssh, buf, bufSz - 1); if (ret == WS_EXTDATA) { /* handle extended data */ do { WMEMSET(buf, 0, bufSz); ret = wolfSSH_extended_data_read(args->ssh, buf, bufSz - 1); if (ret < 0) err_sys("Extended data read failed."); buf[bufSz - 1] = '\0'; fprintf(stderr, "%s", buf); } while (ret > 0); } else if (ret <= 0) { if (ret != WS_EOF) { err_sys("Stream read failed."); } } else { buf[bufSz - 1] = '\0'; #ifdef USE_WINDOWS_API if (args->rawMode == 0) { ret = wolfSSH_ConvertConsole(args->ssh, stdoutHandle, buf, ret); if (ret != WS_SUCCESS && ret != WS_WANT_READ) { err_sys("issue with print out"); } if (ret == WS_WANT_READ) { ret = 0; } } else { printf("%s", buf); fflush(stdout); } #else printf("%s", buf); fflush(stdout); #endif } if (wolfSSH_stream_peek(args->ssh, buf, bufSz) <= 0) { bytes = 0; /* read it all */ } } wc_UnLockMutex(&args->lock); } #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif return THREAD_RET_SUCCESS; }
static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args) { callback_functions* callbacks = ((func_args*)args)->callbacks; WOLFSSL_CTX* ctx = wolfSSL_CTX_new(callbacks->method()); WOLFSSL* ssl = NULL; SOCKET_T sfd = 0; SOCKET_T cfd = 0; word16 port = wolfSSLPort; char msg[] = "I hear you fa shizzle!"; int len = (int) XSTRLEN(msg); char input[1024]; int idx; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif ((func_args*)args)->return_code = TEST_FAIL; #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \ !defined(WOLFSSL_SNIFFER) && !defined(WOLFSSL_MDK_SHELL) && \ !defined(WOLFSSL_TIRTOS) port = 0; #endif wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); #ifdef OPENSSL_EXTRA wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx, cliCert, 0)); AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)); AssertIntEQ(SSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)); if (callbacks->ctx_ready) callbacks->ctx_ready(ctx); ssl = wolfSSL_new(ctx); tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0); CloseSocket(sfd); wolfSSL_set_fd(ssl, cfd); #ifdef NO_PSK #if !defined(NO_FILESYSTEM) && !defined(NO_DH) wolfSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); #elif !defined(NO_DH) SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */ #endif #endif if (callbacks->ssl_ready) callbacks->ssl_ready(ssl); /* AssertIntEQ(SSL_SUCCESS, wolfSSL_accept(ssl)); */ if (wolfSSL_accept(ssl) != SSL_SUCCESS) { int err = wolfSSL_get_error(ssl, 0); char buffer[WOLFSSL_MAX_ERROR_SZ]; printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer)); } else { if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) { input[idx] = 0; printf("Client message: %s\n", input); } AssertIntEQ(len, wolfSSL_write(ssl, msg, len)); #ifdef WOLFSSL_TIRTOS Task_yield(); #endif wolfSSL_shutdown(ssl); } if (callbacks->on_result) callbacks->on_result(ssl); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(cfd); ((func_args*)args)->return_code = TEST_SUCCESS; #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif #ifndef WOLFSSL_TIRTOS return 0; #endif }
static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args) { SOCKET_T sockfd = 0; SOCKET_T clientfd = 0; word16 port = wolfSSLPort; WOLFSSL_METHOD* method = 0; WOLFSSL_CTX* ctx = 0; WOLFSSL* ssl = 0; char msg[] = "I hear you fa shizzle!"; char input[1024]; int idx; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); #endif ((func_args*)args)->return_code = TEST_FAIL; method = wolfSSLv23_server_method(); ctx = wolfSSL_CTX_new(method); #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \ !defined(WOLFSSL_SNIFFER) && !defined(WOLFSSL_MDK_SHELL) && \ !defined(WOLFSSL_TIRTOS) port = 0; #endif wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); #ifdef OPENSSL_EXTRA wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif if (wolfSSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS) { /*err_sys("can't load ca file, Please run from wolfSSL home dir");*/ goto done; } if (wolfSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) { /*err_sys("can't load server cert chain file, " "Please run from wolfSSL home dir");*/ goto done; } if (wolfSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) { /*err_sys("can't load server key file, " "Please run from wolfSSL home dir");*/ goto done; } ssl = wolfSSL_new(ctx); tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0); CloseSocket(sockfd); wolfSSL_set_fd(ssl, clientfd); #ifdef NO_PSK #if !defined(NO_FILESYSTEM) && !defined(NO_DH) wolfSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); #elif !defined(NO_DH) SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */ #endif #endif if (wolfSSL_accept(ssl) != SSL_SUCCESS) { int err = wolfSSL_get_error(ssl, 0); char buffer[WOLFSSL_MAX_ERROR_SZ]; printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer)); /*err_sys("SSL_accept failed");*/ goto done; } idx = wolfSSL_read(ssl, input, sizeof(input)-1); if (idx > 0) { input[idx] = 0; printf("Client message: %s\n", input); } if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) { /*err_sys("SSL_write failed");*/ #ifdef WOLFSSL_TIRTOS return; #else return 0; #endif } #ifdef WOLFSSL_TIRTOS Task_yield(); #endif done: wolfSSL_shutdown(ssl); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(clientfd); ((func_args*)args)->return_code = TEST_SUCCESS; #ifdef WOLFSSL_TIRTOS fdCloseSession(Task_self()); #endif #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif #ifndef WOLFSSL_TIRTOS return 0; #endif }