int
tcp_connect (char *addr, int port, int opt, char *ebuf, int ebuf_sz)
{
int socket_fd;
struct sockaddr_in sa;
assert (addr != NULL);
assert (port > 0);
/* create a socket */
if ((socket_fd = tcp_socket (ebuf, ebuf_sz)) == -1)
{
set_error (ebuf, ebuf_sz, "Failed to create a socket");
return -1;
}
sa.sin_family = AF_INET;
sa.sin_port = htons (port);
/* try to convert IP host address from dot notation */
if (inet_aton (addr, &sa.sin_addr) == 0)
{
struct hostent *he;
/* try to convert host address from name notation */
he = gethostbyname (addr);
if (he == NULL)
{
set_error (ebuf, ebuf_sz, "Failed to resolve address: %s", addr);
close (socket_fd);
return -1;
}
memcpy (&sa.sin_addr, he->h_addr, sizeof (struct in_addr));
}
/* connect */
if (connect (socket_fd, (struct sockaddr *) &sa, sizeof (sa)) == -1)
{
set_error (ebuf, ebuf_sz, "Failed to connect: %s", strerror (errno));
close (socket_fd);
return -1;
}
/* set options */
if (opt && tcp_set_option_internal (socket_fd, opt) == -1)
{
set_error (ebuf, ebuf_sz, "Failed to set connection option: %s",
strerror (errno));
close (socket_fd);
return -1;
}
return socket_fd;
}
int tcp_listen(int *sockfd, const char *server, uint16_t port)
{
struct sockaddr_in addr;
int ret;
/* don't use INADDR_ANY by default, firewall may block, make user switch
on */
#ifdef USE_ANY_ADDR
ret = tcp_socket(sockfd, &addr, INADDR_ANY, port);
#else
ret = tcp_socket(sockfd, &addr, server, port);
#endif
if (ret != 0) {
tls_e("Socket could be created: %d", ret);
return ret;
}
int on = 1;
socklen_t len = sizeof(on);
ret = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
if (ret) {
tls_e("setsockopt failed: %d", ret);
CloseSocket(*sockfd);
return ret;
}
ret = bind(*sockfd, (const struct sockaddr *)&addr, sizeof(addr));
if (ret) {
tls_e("tcp bind failed");
CloseSocket(*sockfd);
return ret;
}
#ifndef CYASSL_DTLS
ret = listen(*sockfd, 5);
if (ret) {
tls_e("tcp listen failed: %d", ret);
return ret;
}
#endif
return WM_SUCCESS;
}
s32 tcp_connect (char *host, const u16 port) {
struct hostent *hp;
struct sockaddr_in sa;
s32 s, res;
s64 t;
hp = net_gethostbyname (host);
if (!hp || !(hp->h_addrtype == PF_INET)) {
return errno;
}
s = tcp_socket ();
if (s < 0)
return s;
memset (&sa, 0, sizeof (struct sockaddr_in));
sa.sin_family= PF_INET;
sa.sin_len = sizeof (struct sockaddr_in);
sa.sin_port= htons (port);
memcpy ((char *) &sa.sin_addr, hp->h_addr_list[0], hp->h_length);
t = gettime ();
while (true) {
if (ticks_to_millisecs (diff_ticks (t, gettime ())) >
TCP_CONNECT_TIMEOUT) {
net_close (s);
return -ETIMEDOUT;
}
res = net_connect (s, (struct sockaddr *) &sa,
sizeof (struct sockaddr_in));
if (res < 0) {
if (res == -EISCONN)
break;
if (res == -EINPROGRESS || res == -EALREADY) {
usleep (20 * 1000);
continue;
}
net_close (s);
return res;
}
break;
}
return s;
}
int link_request(link_t * ld, char * host, int service)
{ int rc;
rc = tcp_init(0);
if (rc < 0) return (-1);
rc = tcp_socket(0);
if (rc < 0) return (-1);
ld->fd = rc;
rc = tcp_client(ld->fd, host, service);
if (rc == (-1)) return (-1);
return 0;
}
int tcp_client_start(char* ip, u_short port, char* send_buf = NULL)
{
SOCKET sock;
if(send_buf == NULL)
{
send_buf = (char*)malloc(64);
memset(send_buf, 'T', 64);
}
socket_init();
tcp_socket(&sock);
tcp_connect(&sock, ip, port);
tcp_send(&sock, send_buf, 64);
return 0;
}
static s32 tcp_connect(char *host, const u16 port)
{
struct hostent *hp;
struct sockaddr_in sa;
struct in_addr val;
s32 s, res;
u64 t1;
s = tcp_socket();
if (s < 0)
return s;
memset(&sa, 0, sizeof(struct sockaddr_in));
sa.sin_family= PF_INET;
sa.sin_len = sizeof(struct sockaddr_in);
sa.sin_port= htons(port);
if(strlen(host) < 16 && inet_aton(host, &val))
{
sa.sin_addr.s_addr = val.s_addr;
}
else
{
hp = net_gethostbyname (host);
if (!hp || !(hp->h_addrtype == PF_INET))
return errno;
memcpy((char *) &sa.sin_addr, hp->h_addr_list[0], hp->h_length);
}
t1=ticks_to_secs(gettime());
do
{
res = net_connect(s,(struct sockaddr*) &sa, sizeof (sa));
if(ticks_to_secs(gettime())-t1 > TCP_CONNECT_TIMEOUT*1000) break;
usleep(500);
}while(res != -EISCONN);
if(res != -EISCONN)
{
net_close(s);
return -1;
}
return s;
}
int
tcp_server (char *addr, int port, char *ebuf, int ebuf_sz)
{
int server_fd;
struct sockaddr_in sa;
/* create server socket */
server_fd = tcp_socket (ebuf, ebuf_sz);
if (server_fd == -1)
{
set_error (ebuf, ebuf_sz, "Failed to create serversocket %s %d",
addr ? addr : "<Null>", port);
return -1;
}
memset (&sa, 0, sizeof (sa));
sa.sin_family = AF_INET;
sa.sin_port = htons (port);
sa.sin_addr.s_addr = htonl (INADDR_ANY);
if (addr != NULL && inet_aton (addr, &sa.sin_addr) == 0)
{
set_error (ebuf, ebuf_sz, "Invalid bind address %s", addr);
close (server_fd);
return -1;
}
/* bind */
if (bind (server_fd, &sa, sizeof (sa)) == -1)
{
set_error (ebuf, ebuf_sz, "Bind error: %s", strerror (errno));
close (server_fd);
return -1;
}
/* listen */
if (listen (server_fd, 1024) == -1)
{
set_error (ebuf, ebuf_sz, "Listen error: %s", strerror (errno));
close (server_fd);
return -1;
}
return server_fd;
}
/***************************************************************************
* Function Name: cfe_web_listen
* Description : This function checks to see if TCP listen can be issued
* on the HTTP port and issues the listen if it can.
* Returns : None.
***************************************************************************/
static void cfe_web_listen( int *listen_idx_ptr )
{
static int port = SERVER_PORT;
int listen_idx = *listen_idx_ptr;
PSOCKET_INFO si = &g_socket_info[listen_idx];
/* If a TCP socket has been opened, check its connection status. */
if( si->s >= 0 )
{
int connflag;
tcp_status( si->s, &connflag, NULL, NULL );
/* If the socket is connection, set the next socket index to listen for
* a TCP connection.
*/
if( connflag == TCPSTATUS_CONNECTED )
{
listen_idx = (listen_idx + 1) % NUM_SOCKETS;
si = &g_socket_info[listen_idx];
}
}
/* If the TCP socket has not been opened, open it and listen for a TCP
* connection.
*/
if( si->s == SOCKET_CLOSED )
{
/* Open the socket in non-blocking mode. */
POLL();
if( (si->s = tcp_socket()) >= 0 )
{
console_log("web info: Waiting for connection on socket %d.", si->s);
if( tcp_listen(si->s, port) != 0 )
console_log("web error: listen error on %d.", si->s);
}
else
{
console_log("web error %d: Could not create TCP socket.", si->s);
si->s = SOCKET_CLOSED;
}
}
*listen_idx_ptr = listen_idx;
} /* cfe_web_listen */
int ssl_tcp_connect(int *sockfd, const char *ip, uint16_t port)
{
struct sockaddr_in addr;
int status = tcp_socket(sockfd, &addr, ip, port);
if (status != 0) {
tls_e("Socket creation for %s:%d failed",
ip, port);
return status;
}
tls_d("Connecting .. %s : %d", ip, port);
if (connect(*sockfd, (const struct sockaddr *)&addr,
sizeof(addr)) != 0) {
tls_e("tcp connect failed");
return -WM_FAIL;
}
return WM_SUCCESS;
}
static s32 tcp_connect(char *host, const u16 port)
{
struct hostent *hp;
struct sockaddr_in sa;
fd_set myset;
struct timeval tv;
s32 s, res;
s = tcp_socket();
if (s < 0)
return s;
memset(&sa, 0, sizeof(struct sockaddr_in));
sa.sin_family= PF_INET;
sa.sin_len = sizeof(struct sockaddr_in);
sa.sin_port= htons(port);
#ifdef HW_RVL
hp = net_gethostbyname (host);
if (!hp || !(hp->h_addrtype == PF_INET)) {
return errno;
}
memcpy((char *) &sa.sin_addr, hp->h_addr_list[0], hp->h_length);
#endif
#ifdef HW_DOL
u32 addr = inet_addr("205.205.224.54");
memcpy(&sa.sin_addr, (struct in_addr*)&addr, sizeof(struct in_addr));
#endif
res = net_connect (s, (struct sockaddr *) &sa, sizeof (sa));
if (res == EINPROGRESS)
{
tv.tv_sec = TCP_CONNECT_TIMEOUT;
tv.tv_usec = 0;
FD_ZERO(&myset);
FD_SET(s, &myset);
if (net_select(s+1, NULL, &myset, NULL, &tv) <= 0)
return -1;
}
return s;
}
//}}}
//{{{int get_data_socket_port(char host[], int init_port){
int get_data_socket_port(char host[], int init_port){
int init_socket;
int port;
char buffer[MAX_LENG], temp[MAX_LENG];
init_socket = tcp_socket(host,init_port);
fprintf(stderr,"start write!!\n");
write(init_socket, "HELO FJB\r\n", 10);
sync();
fprintf(stderr,"start read!!\n");
read(init_socket, buffer, MAX_LENG);
sscanf(buffer, "%s",temp);
// fprintf(stderr,"%s : %s",buffer,temp);
if(strcmp(temp,"PINKY") == 0){
sscanf(buffer, "%s %d",&temp,&port);
}
else{
fprintf(stderr,"get data socket port error");
}
fprintf(stderr,"%d",port);
return port;
}
int nsapi_tests(const char *name, NetworkInterface *iface, const char *test_address, uint16_t test_port)
{
TCPSocket tcp_socket(iface);
UDPSocket udp_socket(iface);
int ret = 0;
printf("--- Running NetworkInterface Tests ---\r\n\r\n");
ret |= nsapi_ni_run_test("nsapi_ni_isConnected_test", iface, &nsapi_ni_isConnected_test);
ret |= nsapi_ni_run_test("nsapi_ni_getIPAddress_test", iface, &nsapi_ni_getIPAddress_test);
ret |= nsapi_ni_run_test("nsapi_ni_getMACAddress_test", iface, &nsapi_ni_getMACAddress_test);
ret |= nsapi_ni_run_test("nsapi_ni_getHostByName_test", iface, &nsapi_ni_getHostByName_test);
printf("\r\n\r\n--- Running TCPSocket Tests ---\r\n\r\n");
ret |= nsapi_socket_run_test("nsapi_socket_open_test", &tcp_socket, test_address, test_port, &nsapi_socket_open_test);
ret |= nsapi_socket_run_test("nsapi_socket_getIpAddress_test", &tcp_socket, test_address, test_port, &nsapi_socket_getIpAddress_test);
ret |= nsapi_socket_run_test("nsapi_socket_getPort_test", &tcp_socket, test_address, test_port, &nsapi_socket_getPort_test);
ret |= nsapi_socket_run_test("nsapi_socket_blocking_test", &tcp_socket, test_address, test_port, &nsapi_socket_blocking_test);
ret |= nsapi_socket_run_test("nsapi_socket_non_blocking_test", &tcp_socket, test_address, test_port, &nsapi_socket_non_blocking_test);
ret |= nsapi_socket_run_test("nsapi_socket_close_test", &tcp_socket, test_address, test_port, &nsapi_socket_close_test);
printf("\r\n\r\n--- Running UDPSocket Tests ---\r\n\r\n");
ret |= nsapi_socket_run_test("nsapi_socket_open_test", &udp_socket, test_address, test_port, &nsapi_socket_open_test);
ret |= nsapi_socket_run_test("nsapi_socket_getIpAddress_test", &udp_socket, test_address, test_port, &nsapi_socket_getIpAddress_test);
ret |= nsapi_socket_run_test("nsapi_socket_getPort_test", &udp_socket, test_address, test_port, &nsapi_socket_getPort_test);
ret |= nsapi_socket_run_test("nsapi_socket_blocking_test", &udp_socket, test_address, test_port, &nsapi_socket_blocking_test);
ret |= nsapi_socket_run_test("nsapi_socket_non_blocking_test", &udp_socket, test_address, test_port, &nsapi_socket_non_blocking_test);
ret |= nsapi_socket_run_test("nsapi_socket_close_test", &udp_socket, test_address, test_port, &nsapi_socket_close_test);
if (ret == 0) {
printf("\r\n\r\n--- ALL TESTS PASSING ---\r\n");
} else {
printf("\r\n\r\n--- TEST FAILURES OCCURRED ---\r\n");
}
return ret != 0;
}
int main(void) {
int maxlen = MAX_LEN;
char data[MAX_LEN+1];
int len;
int i = 0;
ipaddr_t their_ip = inet_aton(THEIR_IP);
int error;
data[maxlen] = '\0';
error = tcp_socket();
if (!error) {
printf("Listening on port %d...\n", OUR_PORT);
error = tcp_listen(OUR_PORT, &their_ip);
} else {
printf("Socket error.\n");
}
if (!error){
do {
printf("\n\n-> Reading %d bytes...\n", maxlen);
len = tcp_read(data, maxlen);
printf("\n\n-> Received %d bytes of data:\n\n", len);
printf("%s\n", data);
} while (i++<100);
} else {
printf("Connect error.\n");
}
return error;
}
int tcp_server_start(u_short server_port)
{
int i = 0;
char* recv_buf;
recv_buf = (char*)malloc(64);
memset(recv_buf, 0, 64);
SOCKET sock, accept_sock;
struct sockaddr_in ip;
socket_init();
tcp_socket(&sock);
tcp_bind(&sock, server_port);
tcp_listen(&sock);
while(1)
{
tcp_accept(&sock, &ip, &accept_sock);
tcp_recv(&accept_sock, recv_buf, 64);
printf("tcp client connect times = %d\n", i);
printf("tcp receive buffer: %s\n", (char*)recv_buf);
memset(recv_buf, 0, 64);
i++;
}
}
static int
tcp_socket(
const int port
)
{
const int sock = socket(AF_INET, SOCK_STREAM, 0);
struct sockaddr_in addr = {
.sin_family = AF_INET,
.sin_port = htons(port),
.sin_addr.s_addr = INADDR_ANY,
};
if (sock < 0)
return -1;
if (bind(sock, (const struct sockaddr*) &addr, sizeof(addr)) < 0)
return -1;
if (listen(sock, 5) == -1)
return -1;
return sock;
}
int
main(
int argc,
char ** argv
)
{
int port = 7890;
int led_count = 256;
extern char *optarg;
int opt;
while ((opt = getopt(argc, argv, "p:c:d:")) != -1)
{
switch (opt)
{
case 'p':
port = atoi(optarg);
break;
case 'c':
led_count = atoi(optarg);
break;
case 'd': {
int width=0, height=0;
if (sscanf(optarg,"%dx%d", &width, &height) == 2) {
led_count = width * height;
} else {
printf("Invalid argument for -d; expected NxN; actual: %s", optarg);
exit(EXIT_FAILURE);
}
}
break;
default:
fprintf(stderr, "Usage: %s [-p <port>] [-c <led_count> | -d <width>x<height>]\n", argv[0]);
exit(EXIT_FAILURE);
}
}
const int sock = tcp_socket(port);
if (sock < 0)
die("socket port %d failed: %s\n", port, strerror(errno));
const size_t image_size = led_count * 3;
// largest possible UDP packet
uint8_t buf[65536];
if (sizeof(buf) < image_size + 1)
die("%u too large for UDP\n", image_size);
fprintf(stderr, "OpenPixelControl LEDScape Receiver started on TCP port %d for %d pixels.\n", port, led_count);
fprintf(stderr, "NOTE: This is a preliminary implementation of OPC for LEDscape and does not support multiple clients or updating multiple channels.\n");
fprintf(stderr, "Use udp-rx in cases where those features are needed.\n");
ledscape_t * const leds = ledscape_init(led_count);
const unsigned report_interval = 10;
unsigned last_report = 0;
unsigned long delta_sum = 0;
unsigned frames = 0;
uint32_t * const fb = calloc(image_size,4);
int fd;
while ((fd = accept(sock, NULL, NULL)) >= 0)
{
while(1)
{
opc_cmd_t cmd;
ssize_t rlen = read(fd, &cmd, sizeof(cmd));
if (rlen < 0)
die("recv failed: %s\n", strerror(errno));
if (rlen == 0)
{
close(fd);
break;
}
const size_t cmd_len = cmd.len_hi << 8 | cmd.len_lo;
warn("received %zu bytes: %d %zu\n", rlen, cmd.command, cmd_len);
size_t offset = 0;
while (offset < cmd_len)
{
rlen = read(fd, buf + offset, cmd_len - offset);
if (rlen < 0)
die("recv failed: %s\n", strerror(errno));
if (rlen == 0)
break;
offset += rlen;
}
if (cmd.command != 0)
continue;
struct timeval start_tv, stop_tv, delta_tv;
gettimeofday(&start_tv, NULL);
const unsigned frame_num = 0;
for (unsigned int i=0; i<image_size; i++) {
uint8_t * const out = (void*) &fb[i];
const uint8_t * const in = &buf[3 * i];
out[0] = in[0];
out[1] = in[1];
out[2] = in[2];
}
ledscape_draw(leds, fb);
gettimeofday(&stop_tv, NULL);
timersub(&stop_tv, &start_tv, &delta_tv);
frames++;
delta_sum += delta_tv.tv_usec;
if (stop_tv.tv_sec - last_report < report_interval)
continue;
last_report = stop_tv.tv_sec;
const unsigned delta_avg = delta_sum / frames;
printf("%6u usec avg, max %.2f fps, actual %.2f fps (over %u frames)\n",
delta_avg,
report_interval * 1.0e6 / delta_avg,
frames * 1.0 / report_interval,
frames
);
frames = delta_sum = 0;
}
}
return 0;
}
//}}}
//void read_raw(char host[], int port){{{
void read_raw(char host[], int port){
int terminate = 1, nRead;
int dwTotalReadSize, dwImageSize, count;
int fd_cmos;
unsigned char pImageBuffer[2][WIDTH * HEIGHT];
unsigned char *buffer[2][WIDTH];
int i, j;
int recode;
int data_socket;
int page = 0;
int different_times=-3;
unsigned char **buf;
int numbytes;
FILE *fout;
int fd;
char filename[20];
int threshold = 0;
unsigned int temp;
cmos_info_t CMOSInfo;
// do CMOSInfo
fd_cmos = open("/dev/cmos", O_RDWR);
CMOSInfo.ImageSizeMode = CMOS_SIZE_MODE_320_240;
CMOSInfo.HighRef = 200;
if(ioctl(fd_cmos, CMOS_ON, &CMOSInfo) <0)
fprintf(stderr, "error");
dwImageSize = WIDTH * HEIGHT;
for(i = 0; i < HEIGHT; i++){
buffer[0][i] = pImageBuffer[0] + i * WIDTH;
buffer[1][i] = pImageBuffer[1] + i * WIDTH;
}
data_socket = tcp_socket(host, port);
while(terminate){
if (ioctl(fd_cmos, CMOS_GET_STATUS, &CMOSInfo) >= 0){
if (CMOSInfo.Status == CMOS_IMG_READY){
dwTotalReadSize = 0; count = dwImageSize;
// fetch the image from cmos
if(different_times==0){
page=0;
printf("change the base!\n");
}
else
page=1;
do {
if (count + dwTotalReadSize > dwImageSize)
count = dwImageSize - dwTotalReadSize ;
nRead = read(fd_cmos, pImageBuffer[page] + dwTotalReadSize, count);
if (nRead > 0 ){
dwTotalReadSize += nRead;
}
else if (nRead == 0){
break;
}
else{
//break;
}
} while (dwTotalReadSize < dwImageSize);
if(ctrl[0]){
threshold = (ctrl[2]*256+ctrl[3])*1000;
// deterimeted record or not
recode = (ctrl[1])?1:imagecompare(pImageBuffer[page], pImageBuffer[(page+1)%2],threshold, mask);
printf("%d %d %d %d\n",page,buffer[0][0][0],buffer[1][0][0],recode);
if(recode){
buf = buffer[page];
for(i = 0; i < 240;i++ )
for(j = 0; j< 320;j++){
temp = ((255 - buf[i][j])>60)?60:(255-buf[i][j]);
buf[i][j] = buf[i][j]+ temp*(1-mask[i*WIDTH+j]);
}
if (write(data_socket, buffer[page], HEIGHT * WIDTH) <0){
perror("sendto error");
exit(1);
}
write(data_socket, "\r\n", 2);
write(data_socket, "--myboundary\r\n", 14);
}
if(recode==1)
different_times++;
else
different_times=1;
if(different_times==5)
different_times=0;
}
// page = (page +1)%2;
}
}
if(CMOSInfo.Status == CMOS_IMG_EMPTY){
Delay(333);
}
}
}
void client_test(void* args)
{
SOCKET_T sockfd = 0;
CYASSL_METHOD* method = 0;
CYASSL_CTX* ctx = 0;
CYASSL* ssl = 0;
CYASSL* sslResume = 0;
CYASSL_SESSION* session = 0;
char resumeMsg[] = "resuming cyassl!";
int resumeSz = sizeof(resumeMsg);
char msg[64] = "hello cyassl!";
char reply[1024];
int input;
int msgSz = (int)strlen(msg);
int port = yasslPort;
char* host = (char*)yasslIP;
char* domain = (char*)"www.yassl.com";
int ch;
int version = CLIENT_DEFAULT_VERSION;
int usePsk = 0;
int sendGET = 0;
int benchmark = 0;
int doDTLS = 0;
int matchName = 0;
int doPeerCheck = 1;
int nonBlocking = 0;
int resumeSession = 0;
char* cipherList = NULL;
char* verifyCert = (char*)caCert;
char* ourCert = (char*)cliCert;
char* ourKey = (char*)cliKey;
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
((func_args*)args)->return_code = -1; /* error state */
while ((ch = mygetopt(argc, argv, "?gdusmNrh:p:v:l:A:c:k:b:")) != -1) {
switch (ch) {
case '?' :
Usage();
exit(EXIT_SUCCESS);
case 'g' :
sendGET = 1;
break;
case 'd' :
doPeerCheck = 0;
break;
case 'u' :
doDTLS = 1;
version = -1; /* DTLS flag */
break;
case 's' :
usePsk = 1;
break;
case 'm' :
matchName = 1;
break;
case 'h' :
host = myoptarg;
domain = myoptarg;
break;
case 'p' :
port = atoi(myoptarg);
break;
case 'v' :
version = atoi(myoptarg);
if (version < 0 || version > 3) {
Usage();
exit(MY_EX_USAGE);
}
if (doDTLS)
version = -1; /* DTLS flag */
break;
case 'l' :
cipherList = myoptarg;
break;
case 'A' :
verifyCert = myoptarg;
break;
case 'c' :
ourCert = myoptarg;
break;
case 'k' :
ourKey = myoptarg;
break;
case 'b' :
benchmark = atoi(myoptarg);
if (benchmark < 0 || benchmark > 1000000) {
Usage();
exit(MY_EX_USAGE);
}
break;
case 'N' :
nonBlocking = 1;
break;
case 'r' :
resumeSession = 1;
break;
default:
Usage();
exit(MY_EX_USAGE);
}
}
myoptind = 0; /* reset for test cases */
switch (version) {
#ifndef NO_OLD_TLS
case 0:
method = CyaSSLv3_client_method();
break;
case 1:
method = CyaTLSv1_client_method();
break;
case 2:
method = CyaTLSv1_1_client_method();
break;
#endif
case 3:
method = CyaTLSv1_2_client_method();
break;
#ifdef CYASSL_DTLS
case -1:
method = CyaDTLSv1_client_method();
break;
#endif
default:
err_sys("Bad SSL version");
}
if (method == NULL)
err_sys("unable to get method");
ctx = CyaSSL_CTX_new(method);
if (ctx == NULL)
err_sys("unable to get ctx");
if (cipherList)
if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
err_sys("can't set cipher list");
#ifdef CYASSL_LEANPSK
usePsk = 1;
#endif
if (usePsk) {
#ifndef NO_PSK
CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
if (cipherList == NULL) {
const char *defaultCipherList;
#ifdef HAVE_NULL_CIPHER
defaultCipherList = "PSK-NULL-SHA";
#else
defaultCipherList = "PSK-AES256-CBC-SHA";
#endif
if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS)
err_sys("can't set cipher list");
}
#endif
}
#ifdef OPENSSL_EXTRA
CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
if (cipherList == NULL) {
/* don't use EDH, can't sniff tmp keys */
if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) {
err_sys("can't set cipher list");
}
}
#endif
#ifdef USER_CA_CB
CyaSSL_CTX_SetCACb(ctx, CaCb);
#endif
#ifdef VERIFY_CALLBACK
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
#endif
#ifndef NO_FILESYSTEM
if (!usePsk){
if (CyaSSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load client cert file, check file and run from"
" CyaSSL home dir");
if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load client cert file, check file and run from"
" CyaSSL home dir");
if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from CyaSSL home dir");
}
#endif
if (!usePsk && doPeerCheck == 0)
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
if (benchmark) {
/* time passed in number of connects give average */
int times = benchmark;
int i = 0;
double start = current_time(), avg;
for (i = 0; i < times; i++) {
tcp_connect(&sockfd, host, port, doDTLS);
ssl = CyaSSL_new(ctx);
CyaSSL_set_fd(ssl, sockfd);
if (CyaSSL_connect(ssl) != SSL_SUCCESS)
err_sys("SSL_connect failed");
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
CloseSocket(sockfd);
}
avg = current_time() - start;
avg /= times;
avg *= 1000; /* milliseconds */
printf("CyaSSL_connect avg took: %8.3f milliseconds\n", avg);
CyaSSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
exit(EXIT_SUCCESS);
}
ssl = CyaSSL_new(ctx);
if (ssl == NULL)
err_sys("unable to get SSL object");
if (doDTLS) {
SOCKADDR_IN_T addr;
build_addr(&addr, host, port);
CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, host, port, 0);
}
CyaSSL_set_fd(ssl, sockfd);
#ifdef HAVE_CRL
if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS)
err_sys("can't enable crl check");
if (CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS)
err_sys("can't load crl, check crlfile and date validity");
if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS)
err_sys("can't set crl callback");
#endif
if (matchName && doPeerCheck)
CyaSSL_check_domain_name(ssl, domain);
#ifndef CYASSL_CALLBACKS
if (nonBlocking) {
CyaSSL_set_using_nonblock(ssl, 1);
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(ssl);
}
else if (CyaSSL_connect(ssl) != SSL_SUCCESS) {
/* see note at top of README */
int err = CyaSSL_get_error(ssl, 0);
char buffer[80];
printf("err = %d, %s\n", err,
CyaSSL_ERR_error_string(err, buffer));
err_sys("SSL_connect failed");
/* if you're getting an error here */
}
#else
timeout.tv_sec = 2;
timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
#endif
showPeer(ssl);
if (sendGET) {
printf("SSL connect ok, sending GET...\n");
msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
}
if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
err_sys("SSL_write failed");
input = CyaSSL_read(ssl, reply, sizeof(reply));
if (input > 0) {
reply[input] = 0;
printf("Server response: %s\n", reply);
if (sendGET) { /* get html */
while (1) {
input = CyaSSL_read(ssl, reply, sizeof(reply));
if (input > 0) {
reply[input] = 0;
printf("%s\n", reply);
}
else
break;
}
}
}
if (resumeSession) {
if (doDTLS) {
strncpy(msg, "break", 6);
msgSz = (int)strlen(msg);
/* try to send session close */
CyaSSL_write(ssl, msg, msgSz);
}
session = CyaSSL_get_session(ssl);
sslResume = CyaSSL_new(ctx);
}
if (doDTLS == 0) /* don't send alert after "break" command */
CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */
CyaSSL_free(ssl);
CloseSocket(sockfd);
if (resumeSession) {
if (doDTLS) {
SOCKADDR_IN_T addr;
#ifdef USE_WINDOWS_API
Sleep(500);
#else
sleep(1);
#endif
build_addr(&addr, host, port);
CyaSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, host, port, 0);
}
CyaSSL_set_fd(sslResume, sockfd);
CyaSSL_set_session(sslResume, session);
showPeer(sslResume);
#ifndef CYASSL_CALLBACKS
if (nonBlocking) {
CyaSSL_set_using_nonblock(sslResume, 1);
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(sslResume);
}
else if (CyaSSL_connect(sslResume) != SSL_SUCCESS)
err_sys("SSL resume failed");
#else
timeout.tv_sec = 2;
timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
#endif
#ifdef OPENSSL_EXTRA
if (CyaSSL_session_reused(sslResume))
printf("reused session id\n");
else
printf("didn't reuse session id!!!\n");
#endif
if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz)
err_sys("SSL_write failed");
if (nonBlocking) {
/* give server a chance to bounce a message back to client */
#ifdef USE_WINDOWS_API
Sleep(500);
#else
sleep(1);
#endif
}
input = CyaSSL_read(sslResume, reply, sizeof(reply));
if (input > 0) {
reply[input] = 0;
printf("Server resume response: %s\n", reply);
}
/* try to send session break */
CyaSSL_write(sslResume, msg, msgSz);
CyaSSL_shutdown(sslResume);
CyaSSL_free(sslResume);
}
CyaSSL_CTX_free(ctx);
CloseSocket(sockfd);
((func_args*)args)->return_code = 0;
}
/*
* Funzione prova a connetersi ai superpeer indicati nella lista passata come parametro.
* Ritorna 0 in caso di successo e -1 se si è verificato un errore o se non è riuscita
* a connettersi a nessun superpeer della lista.
*/
int join_overlay(const struct sockaddr_in *sp_addr_list, int list_len) {
int i, ok = 1;
int sock_tmp;
int addr_check = 0;
int j, nread;
struct sockaddr_in *addr_list;
struct packet recv_pck;
if (list_len > max_tcp_sock / 2) {
near_str = (char *)realloc(near_str, list_len * 2 * ADDR_STR_LEN);
memset(near_str + max_tcp_sock * ADDR_STR_LEN, 0, (list_len * 2 - max_tcp_sock) * ADDR_STR_LEN);
max_tcp_sock = list_len * 2;
}
for (i = 0; i < list_len; i ++) {
if (get_near_by_addr(&sp_addr_list[i]) != NULL) {
continue;
}
if (ok) {
if ((sock_tmp = tcp_socket()) < 0) {
perror("join_overlay error - can't initialize tcp socket");
return -1;
}
//printf("SOCKET: %d\n", sock_tmp);
// printf("LISTLEN: %d\n", list_len);
}
printf("join_overlay - addr: %s:%d\n", inet_ntoa(sp_addr_list[i].sin_addr), ntohs(sp_addr_list[i].sin_port));
if (tcp_connect(sock_tmp, &sp_addr_list[i]) < 0) {
perror("join_overlay error - can't connect to superpeer");
ok = 0;
continue; //provo il prossimo indirizzo
} else {
printf("Connected with superpeer %s:%d\n", inet_ntoa(sp_addr_list[i].sin_addr), ntohs(sp_addr_list[i].sin_port));
if (addr_check == 0) {
get_local_addr(sock_tmp, &myaddr);
addr_check = 1;
}
ok = 1;
if ((nread = recv_packet_tcp(sock_tmp, &recv_pck)) < 0) {
perror("join_overlay error - recv_packet_tcp failed\n");
return -1;
} else if (nread == 0) {
printf("join_overlay - connection closed by superpeer\n");
if (close(sock_tmp) < 0) {
perror("join_overlay error - close failed");
return -1;
}
continue;
}
if (!strncmp(recv_pck.cmd, CMD_ACK, CMD_STR_LEN)) {
if (write(sock_tmp, (char *)&conf.udp_port, sizeof(conf.udp_port)) < 0) {
perror("join_overlay error - write failed\n");
return -1;
}
fd_add(sock_tmp);
if (insert_near(sock_tmp, &sp_addr_list[i]) < 0) {
fprintf(stderr, "join_overlay error - insert_near failed\n");
return -1;
}
addr2str(near_str + nsock * 6, sp_addr_list[i].sin_addr.s_addr, sp_addr_list[i].sin_port);
addr_list = str_to_addr(near_str, max_tcp_sock);
for(j = 0; j < max_tcp_sock; j ++){
printf("join_overlay - near %s:%d\n", inet_ntoa(addr_list[j].sin_addr), ntohs(addr_list[j].sin_port));
}
nsock ++;
} else if (!strncmp(recv_pck.cmd, CMD_ERR, CMD_STR_LEN)) {
printf("RICEVUTO ERR\n");
printf("join_overlay - connection closed by superpeer\n");
if (close(sock_tmp) < 0) {
perror("join_overlay error - close failed");
return -1;
}
continue;
} else {
fprintf(stderr, "join_overlay error - packet not expected\n");
if (close(sock_tmp) < 0) {
perror("join_overlay error - close failed");
return -1;
}
continue;
}
}
}
if (!ok) {
close(sock_tmp);
}
if (nsock != list_len) {
printf("join_overlay error - can't connect to all superpeer in the list\n");
return 1;
}
return 0;
}
int main(void) {
char client_buf[1], server_buf[1];
char *eth, *ip1, *ip2;
int pid, status;
unsigned char j, v;
ipaddr_t saddr;
eth = getenv("ETH");
if (!eth) {
fprintf(stderr, "The ETH environment variable must be set!\n");
return 1;
}
ip1 = getenv("IP1");
ip2 = getenv("IP2");
if ((!ip1)||(!ip2)) {
fprintf(stderr, "The IP1 and IP2 environment variables must be set!\n");
return 1;
}
pid = fork();
if (pid == -1) {
fprintf(stderr, "Unable to fork client process\n");
return 1;
}
if (pid == 0) {
/* Client process running in $IP1 */
eth[0] = '1';
/*ip_init();*/
if (tcp_socket() != 0) {
fprintf(stderr, "Client: Opening socket failed\n");
return 1;
}
if (tcp_connect(inet_aton(ip2), 80) != 0) {
fprintf(stderr, "Client: Connecting to server failed\n");
return 1;
}
for (v=0; v<255; v++) {
client_buf[0] = v;
if (tcp_write(client_buf, 1) != 1) {
fprintf(stderr, "Client: Writing ASCII character %u failed (", v);
return 1;
}
printf("Client: Sent ASCII character %u (", v);
}
/* send last byte (255)*/
client_buf[0] = v;
if (tcp_write(client_buf, 1) != 1) {
fprintf(stderr, "Client: Writing ASCII character %u failed (", v);
return 1;
}
printf("Client: Sent ASCII character %u (", v);
if (tcp_close() != 0) {
fprintf(stderr, "Client: Closing connection failed\n");
return 1;
}
signal(SIGALRM, alarm_handler);
alarm(5);
while (tcp_read(server_buf, 4) > 0) {}
alarm(0);
return 0;
} else {
/* Server process running in $IP2 */
eth[0]='2';
if (tcp_socket() != 0) {
fprintf(stderr, "Server: Opening socket failed\n");
return 1;
}
signal(SIGALRM, alarm_handler);
alarm(5);
if (tcp_listen(80, &saddr) < 0) {
fprintf(stderr, "Server: Listening for client failed\n");
return 1;
}
alarm(0);
for (j=0; j<255; j++) {
signal(SIGALRM, alarm_handler);
alarm(5);
if (tcp_read(server_buf, 1) < 0) {
fprintf(stderr, "Server: Reading 1 byte failed\n");
return 1;
}
alarm(0);
printf("Server: Found byte %u\n", (tcp_u8t) server_buf[0]);
if (((tcp_u8t)server_buf[0]) != j) {
fprintf(stderr, "Server: Reading ASCII character %u failed\n", j);
fprintf(stderr, "Server: Found ASCII character %u\n", server_buf[0]);
return 1;
}
}
signal(SIGALRM, alarm_handler);
alarm(5);
if (tcp_read(server_buf, 1) < 0) {
fprintf(stderr, "Server: Reading 1 byte failed\n");
return 1;
}
alarm(0);
fprintf(stderr, "Server: Found byte %u\n", (tcp_u8t) server_buf[0]);
if (((tcp_u8t)server_buf[0]) != j) {
fprintf(stderr, "Server: Reading ASCII character %u failed\n", j);
fprintf(stderr, "Server: Found ASCII character %u\n", server_buf[0]);
return 1;
}
if (tcp_close() != 0) {
fprintf(stderr, "Server: Closing connection failed\n");
return 1;
}
signal(SIGALRM, alarm_handler);
alarm(5);
while (tcp_read(server_buf, 4) > 0) {}
alarm(0);
/* Wait for client process to finish */
while (wait(&status) != pid);
return 0;
}
}
int main(void) {
char server_buf[BUF_SIZE], client_buf[BUF_SIZE];
char *eth, *ip1, *ip2;
int pid, status, total, read;
int j, v;
ipaddr_t saddr;
eth = getenv("ETH");
if (!eth) {
fprintf(stderr, "The ETH environment variable must be set!\n");
return 1;
}
ip1 = getenv("IP1");
ip2 = getenv("IP2");
if ((!ip1)||(!ip2)) {
fprintf(stderr, "The IP1 and IP2 environment variables must be set!\n");
return 1;
}
/* fill buffer with ASCII pattern 012345670123... */
for (v=0;v<BUF_SIZE;v++) {
client_buf[v] = (v % 8) + 48;
}
/* Client process running in $IP1 */
eth[0] = '1';
if (tcp_socket() != 0) {
fprintf(stderr, "Client: Opening socket failed\n");
return 1;
}
signal(SIGALRM, alarm_handler);
alarm(10);
if (tcp_connect(inet_aton(ip2), 80) != 0) {
fprintf(stderr, "Client: Connecting to server failed\n");
return 1;
}
j = tcp_write(client_buf, BUF_SIZE);
if (j < 1) {
fprintf(stderr, "Client: Writing failed\n");
return 1;
}
fprintf(stderr,"Client: Sent %d Kbytes\n",j);
if (tcp_close() != 0) {
fprintf(stderr, "Client: Closing connection failed\n");
return 1;
}
signal(SIGALRM, alarm_handler);
alarm(3);
while (tcp_read(client_buf, 4) > 0) {}
alarm(0);
return 0;
}
int main(int argc, char** argv) {
char *eth, *ip1, *ip2;
char ip[IP_LENGTH];
char filename[FILENAME_LENGTH];
char buffer[CLOSE_READ_BUFFER_SIZE];
if (argc < 2) {
printf("No url found\nUsage: %s url\n", argv[0]);
return 1;
}
eth = getenv("ETH");
if (!eth) {
fprintf(stdout, "The ETH environment variable must be set!\n");
return 1;
}
ip1 = getenv("IP1");
ip2 = getenv("IP2");
if (!ip1 || !ip2) {
fprintf(stdout, "The IP1 and IP2 environment variables must be set!\n");
return 1;
}
if (tcp_socket() != 0) {
fprintf(stdout, "HTTPC: Opening socket failed\n");
return 1;
}
/* parse url into ip and filename */
if (!parse_url(argv[1], ip, IP_LENGTH, filename, FILENAME_LENGTH)) {
printf("Invalid url\n");
return 1;
}
/* connect to http server */
if (tcp_connect(inet_aton(ip), SERVER_PORT)) {
printf("Request failed: could not connect to server\n");
return 0;
}
/* do request */
if (!do_request(ip, filename)) {
tcp_close();
return 1;
}
/* handle response */
if (!handle_response(ip, filename)) {
tcp_close();
return 1;
}
/* close connection */
if (tcp_close() != 0) {
printf("Closing connection failed\n");
return 1;
}
signal(SIGALRM, alarm_handler);
alarm(TIME_OUT);
while (tcp_read(buffer, RESPONSE_BUFFER_SIZE) > 0) {}
alarm(0);
return 0;
}
static int
bin_ztcp(char *nam, char **args, Options ops, UNUSED(int func))
{
int herrno, err=1, destport, force=0, verbose=0, test=0, targetfd=0;
ZSOCKLEN_T len;
char **addrp, *desthost;
const char *localname, *remotename;
struct hostent *zthost = NULL, *ztpeer = NULL;
struct servent *srv;
Tcp_session sess = NULL;
if (OPT_ISSET(ops,'f'))
force = 1;
if (OPT_ISSET(ops,'v'))
verbose = 1;
if (OPT_ISSET(ops,'t'))
test = 1;
if (OPT_ISSET(ops,'d')) {
targetfd = atoi(OPT_ARG(ops,'d'));
if (!targetfd) {
zwarnnam(nam, "%s is an invalid argument to -d", OPT_ARG(ops,'d'));
return 1;
}
}
if (OPT_ISSET(ops,'c')) {
if (!args[0]) {
tcp_cleanup();
}
else {
targetfd = atoi(args[0]);
sess = zts_byfd(targetfd);
if(!targetfd) {
zwarnnam(nam, "%s is an invalid argument to -c", args[0]);
return 1;
}
if (sess)
{
if ((sess->flags & ZTCP_ZFTP) && !force)
{
zwarnnam(nam, "use -f to force closure of a zftp control connection");
return 1;
}
tcp_close(sess);
return 0;
}
else
{
zwarnnam(nam, "fd %s not found in tcp table", args[0]);
return 1;
}
}
}
else if (OPT_ISSET(ops,'l')) {
int lport = 0;
if (!args[0]) {
zwarnnam(nam, "-l requires an argument");
return 1;
}
srv = getservbyname(args[0], "tcp");
if (srv)
lport = srv->s_port;
else
lport = htons(atoi(args[0]));
if (!lport) { zwarnnam(nam, "bad service name or port number");
return 1;
}
sess = tcp_socket(PF_INET, SOCK_STREAM, 0, ZTCP_LISTEN);
if (!sess) {
zwarnnam(nam, "unable to allocate a TCP session slot");
return 1;
}
#ifdef SO_OOBINLINE
len = 1;
setsockopt(sess->fd, SOL_SOCKET, SO_OOBINLINE, (char *)&len, sizeof(len));
#endif
if (!zsh_inet_aton("0.0.0.0", &(sess->sock.in.sin_addr)))
{
zwarnnam(nam, "bad address: %s", "0.0.0.0");
return 1;
}
sess->sock.in.sin_family = AF_INET;
sess->sock.in.sin_port = lport;
if (bind(sess->fd, (struct sockaddr *)&sess->sock.in, sizeof(struct sockaddr_in)))
{
char buf[DIGBUFSIZE];
convbase(buf, (zlong)ntohs(lport), 10);
zwarnnam(nam, "could not bind to port %s: %e", buf, errno);
tcp_close(sess);
return 1;
}
if (listen(sess->fd, 1))
{
zwarnnam(nam, "could not listen on socket: %e", errno);
tcp_close(sess);
return 1;
}
if (targetfd) {
sess->fd = redup(sess->fd, targetfd);
}
else {
/* move the fd since no one will want to read from it */
sess->fd = movefd(sess->fd);
}
if (sess->fd == -1) {
zwarnnam(nam, "cannot duplicate fd %d: %e", sess->fd, errno);
tcp_close(sess);
return 1;
}
setiparam_no_convert("REPLY", (zlong)sess->fd);
if (verbose)
printf("%d listener is on fd %d\n", ntohs(sess->sock.in.sin_port), sess->fd);
return 0;
}
else if (OPT_ISSET(ops,'a'))
{
int lfd, rfd;
if (!args[0]) {
zwarnnam(nam, "-a requires an argument");
return 1;
}
lfd = atoi(args[0]);
if (!lfd) {
zwarnnam(nam, "invalid numerical argument");
return 1;
}
sess = zts_byfd(lfd);
if (!sess) {
zwarnnam(nam, "fd %s is not registered as a tcp connection", args[0]);
return 1;
}
if (!(sess->flags & ZTCP_LISTEN))
{
zwarnnam(nam, "tcp connection not a listener");
return 1;
}
if (test) {
#if defined(HAVE_POLL) || defined(HAVE_SELECT)
# ifdef HAVE_POLL
struct pollfd pfd;
int ret;
pfd.fd = lfd;
pfd.events = POLLIN;
if ((ret = poll(&pfd, 1, 0)) == 0) return 1;
else if (ret == -1)
{
zwarnnam(nam, "poll error: %e", errno);
return 1;
}
# else
fd_set rfds;
struct timeval tv;
int ret;
FD_ZERO(&rfds);
FD_SET(lfd, &rfds);
tv.tv_sec = 0;
tv.tv_usec = 0;
if ((ret = select(lfd+1, &rfds, NULL, NULL, &tv)) == 0) return 1;
else if (ret == -1)
{
zwarnnam(nam, "select error: %e", errno);
return 1;
}
# endif
#else
zwarnnam(nam, "not currently supported");
return 1;
#endif
}
sess = zts_alloc(ZTCP_INBOUND);
len = sizeof(sess->peer.in);
do {
rfd = accept(lfd, (struct sockaddr *)&sess->peer.in, &len);
} while (rfd < 0 && errno == EINTR && !errflag);
if (rfd == -1) {
zwarnnam(nam, "could not accept connection: %e", errno);
tcp_close(sess);
return 1;
}
/* redup expects fd is already registered */
addmodulefd(rfd, FDT_MODULE);
if (targetfd) {
sess->fd = redup(rfd, targetfd);
if (sess->fd < 0) {
zerrnam(nam, "could not duplicate socket fd to %d: %e", targetfd, errno);
return 1;
}
}
else {
sess->fd = rfd;
}
setiparam_no_convert("REPLY", (zlong)sess->fd);
if (verbose)
printf("%d is on fd %d\n", ntohs(sess->peer.in.sin_port), sess->fd);
}
else
{
if (!args[0]) {
LinkNode node;
for(node = firstnode(ztcp_sessions); node; incnode(node))
{
sess = (Tcp_session)getdata(node);
if (sess->fd != -1)
{
zthost = gethostbyaddr((const void *)&(sess->sock.in.sin_addr), sizeof(sess->sock.in.sin_addr), AF_INET);
if (zthost)
localname = zthost->h_name;
else
localname = inet_ntoa(sess->sock.in.sin_addr);
ztpeer = gethostbyaddr((const void *)&(sess->peer.in.sin_addr), sizeof(sess->peer.in.sin_addr), AF_INET);
if (ztpeer)
remotename = ztpeer->h_name;
else
remotename = inet_ntoa(sess->peer.in.sin_addr);
if (OPT_ISSET(ops,'L')) {
int schar;
if (sess->flags & ZTCP_ZFTP)
schar = 'Z';
else if (sess->flags & ZTCP_LISTEN)
schar = 'L';
else if (sess->flags & ZTCP_INBOUND)
schar = 'I';
else
schar = 'O';
printf("%d %c %s %d %s %d\n",
sess->fd, schar,
localname, ntohs(sess->sock.in.sin_port),
remotename, ntohs(sess->peer.in.sin_port));
} else {
printf("%s:%d %s %s:%d is on fd %d%s\n",
localname, ntohs(sess->sock.in.sin_port),
((sess->flags & ZTCP_LISTEN) ? "-<" :
((sess->flags & ZTCP_INBOUND) ? "<-" : "->")),
remotename, ntohs(sess->peer.in.sin_port),
sess->fd,
(sess->flags & ZTCP_ZFTP) ? " ZFTP" : "");
}
}
}
return 0;
}
else if (!args[1]) {
destport = htons(23);
}
else {
srv = getservbyname(args[1],"tcp");
if (srv)
destport = srv->s_port;
else
destport = htons(atoi(args[1]));
}
desthost = ztrdup(args[0]);
zthost = zsh_getipnodebyname(desthost, AF_INET, 0, &herrno);
if (!zthost || errflag) {
zwarnnam(nam, "host resolution failure: %s", desthost);
zsfree(desthost);
return 1;
}
sess = tcp_socket(PF_INET, SOCK_STREAM, 0, 0);
if (!sess) {
zwarnnam(nam, "unable to allocate a TCP session slot");
zsfree(desthost);
return 1;
}
#ifdef SO_OOBINLINE
len = 1;
setsockopt(sess->fd, SOL_SOCKET, SO_OOBINLINE, (char *)&len, sizeof(len));
#endif
if (sess->fd < 0) {
zwarnnam(nam, "socket creation failed: %e", errno);
zsfree(desthost);
zts_delete(sess);
return 1;
}
for (addrp = zthost->h_addr_list; err && *addrp; addrp++) {
if (zthost->h_length != 4)
zwarnnam(nam, "address length mismatch");
do {
err = tcp_connect(sess, *addrp, zthost, destport);
} while (err && errno == EINTR && !errflag);
}
if (err) {
zwarnnam(nam, "connection failed: %e", errno);
tcp_close(sess);
zsfree(desthost);
return 1;
}
else
{
if (targetfd) {
sess->fd = redup(sess->fd, targetfd);
if (sess->fd < 0) {
zerrnam(nam, "could not duplicate socket fd to %d: %e", targetfd, errno);
zsfree(desthost);
tcp_close(sess);
return 1;
}
}
setiparam_no_convert("REPLY", (zlong)sess->fd);
if (verbose)
printf("%s:%d is now on fd %d\n",
desthost, destport, sess->fd);
}
zsfree(desthost);
}
return 0;
}
int main(void) {
char client_buf[1], server_buf[1];
char *eth, *ip1, *ip2;
unsigned char j, v;
ipaddr_t saddr;
eth = getenv("ETH");
if (!eth) {
fprintf(stderr, "The ETH environment variable must be set!\n");
return 1;
}
ip1 = getenv("IP1");
ip2 = getenv("IP2");
if ((!ip1)||(!ip2)) {
fprintf(stderr, "The IP1 and IP2 environment variables must be set!\n");
return 1;
}
/* Server process running in $IP2 */
eth[0]='2';
if (tcp_socket() != 0) {
fprintf(stderr, "Server: Opening socket failed\n");
return 1;
}
signal(SIGALRM, alarm_handler);
alarm(5);
if (tcp_listen(80, &saddr) < 0) {
fprintf(stderr, "Server: Listening for client failed (this is what we want)\n");
return 0;
}
alarm(0);
signal(SIGALRM, alarm_handler);
alarm(5);
if (tcp_read(server_buf, 1) < 0) {
fprintf(stderr, "Server: Reading byte 1 failed\n");
return 1;
}
fprintf(stderr,"server read one byte\n");
fflush(stderr);
alarm(0);
signal(SIGALRM, alarm_handler);
alarm(2);
if (tcp_read(server_buf, 1) < 0) {
fprintf(stderr, "Server: Reading byte 2 failed\n");
return 1;
}
fprintf(stderr,"server passed blocking read\n");
fflush(stderr);
alarm(0);
if (tcp_close() != 0) {
fprintf(stderr, "Server: Closing connection failed (this is what we want)\n");
return 1;
}
signal(SIGALRM, alarm_handler);
alarm(5);
while (tcp_read(server_buf, 4) > 0) {}
alarm(0);
}
THREAD_RETURN CYASSL_THREAD client_test(void* args)
{
SOCKET_T sockfd = 0;
CYASSL_METHOD* method = 0;
CYASSL_CTX* ctx = 0;
CYASSL* ssl = 0;
CYASSL* sslResume = 0;
CYASSL_SESSION* session = 0;
char resumeMsg[] = "resuming cyassl!";
int resumeSz = sizeof(resumeMsg);
char msg[32] = "hello cyassl!"; /* GET may make bigger */
char reply[80];
int input;
int msgSz = (int)strlen(msg);
int port = yasslPort;
char* host = (char*)yasslIP;
char* domain = (char*)"www.yassl.com";
int ch;
int version = CLIENT_INVALID_VERSION;
int usePsk = 0;
int sendGET = 0;
int benchmark = 0;
int doDTLS = 0;
int matchName = 0;
int doPeerCheck = 1;
int nonBlocking = 0;
int resumeSession = 0;
int trackMemory = 0;
int useClientCert = 1;
int fewerPackets = 0;
int atomicUser = 0;
int pkCallbacks = 0;
char* cipherList = NULL;
char* verifyCert = (char*)caCert;
char* ourCert = (char*)cliCert;
char* ourKey = (char*)cliKey;
#ifdef HAVE_SNI
char* sniHostName = NULL;
#endif
#ifdef HAVE_MAX_FRAGMENT
byte maxFragment = 0;
#endif
#ifdef HAVE_TRUNCATED_HMAC
byte truncatedHMAC = 0;
#endif
#ifdef HAVE_OCSP
int useOcsp = 0;
char* ocspUrl = NULL;
#endif
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
((func_args*)args)->return_code = -1; /* error state */
#ifdef NO_RSA
verifyCert = (char*)eccCert;
ourCert = (char*)cliEccCert;
ourKey = (char*)cliEccKey;
#endif
(void)resumeSz;
(void)session;
(void)sslResume;
(void)trackMemory;
(void)atomicUser;
(void)pkCallbacks;
StackTrap();
while ((ch = mygetopt(argc, argv,
"?gdusmNrtfxUPh:p:v:l:A:c:k:b:zS:L:ToO:")) != -1) {
switch (ch) {
case '?' :
Usage();
exit(EXIT_SUCCESS);
case 'g' :
sendGET = 1;
break;
case 'd' :
doPeerCheck = 0;
break;
case 'u' :
doDTLS = 1;
break;
case 's' :
usePsk = 1;
break;
case 't' :
#ifdef USE_CYASSL_MEMORY
trackMemory = 1;
#endif
break;
case 'm' :
matchName = 1;
break;
case 'x' :
useClientCert = 0;
break;
case 'f' :
fewerPackets = 1;
break;
case 'U' :
#ifdef ATOMIC_USER
atomicUser = 1;
#endif
break;
case 'P' :
#ifdef HAVE_PK_CALLBACKS
pkCallbacks = 1;
#endif
break;
case 'h' :
host = myoptarg;
domain = myoptarg;
break;
case 'p' :
port = atoi(myoptarg);
#if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
if (port == 0)
err_sys("port number cannot be 0");
#endif
break;
case 'v' :
version = atoi(myoptarg);
if (version < 0 || version > 3) {
Usage();
exit(MY_EX_USAGE);
}
break;
case 'l' :
cipherList = myoptarg;
break;
case 'A' :
verifyCert = myoptarg;
break;
case 'c' :
ourCert = myoptarg;
break;
case 'k' :
ourKey = myoptarg;
break;
case 'b' :
benchmark = atoi(myoptarg);
if (benchmark < 0 || benchmark > 1000000) {
Usage();
exit(MY_EX_USAGE);
}
break;
case 'N' :
nonBlocking = 1;
break;
case 'r' :
resumeSession = 1;
break;
case 'z' :
#ifndef CYASSL_LEANPSK
CyaSSL_GetObjectSize();
#endif
break;
case 'S' :
#ifdef HAVE_SNI
sniHostName = myoptarg;
#endif
break;
case 'L' :
#ifdef HAVE_MAX_FRAGMENT
maxFragment = atoi(myoptarg);
if (maxFragment < CYASSL_MFL_2_9 ||
maxFragment > CYASSL_MFL_2_13) {
Usage();
exit(MY_EX_USAGE);
}
#endif
break;
case 'T' :
#ifdef HAVE_TRUNCATED_HMAC
truncatedHMAC = 1;
#endif
break;
case 'o' :
#ifdef HAVE_OCSP
useOcsp = 1;
#endif
break;
case 'O' :
#ifdef HAVE_OCSP
useOcsp = 1;
ocspUrl = myoptarg;
#endif
break;
default:
Usage();
exit(MY_EX_USAGE);
}
}
myoptind = 0; /* reset for test cases */
/* sort out DTLS versus TLS versions */
if (version == CLIENT_INVALID_VERSION) {
if (doDTLS)
version = CLIENT_DTLS_DEFAULT_VERSION;
else
version = CLIENT_DEFAULT_VERSION;
}
else {
if (doDTLS) {
if (version == 3)
version = -2;
else
version = -1;
}
}
#ifdef USE_CYASSL_MEMORY
if (trackMemory)
InitMemoryTracker();
#endif
switch (version) {
#ifndef NO_OLD_TLS
case 0:
method = CyaSSLv3_client_method();
break;
#ifndef NO_TLS
case 1:
method = CyaTLSv1_client_method();
break;
case 2:
method = CyaTLSv1_1_client_method();
break;
#endif /* NO_TLS */
#endif /* NO_OLD_TLS */
#ifndef NO_TLS
case 3:
method = CyaTLSv1_2_client_method();
break;
#endif
#ifdef CYASSL_DTLS
case -1:
method = CyaDTLSv1_client_method();
break;
case -2:
method = CyaDTLSv1_2_client_method();
break;
#endif
default:
err_sys("Bad SSL version");
break;
}
if (method == NULL)
err_sys("unable to get method");
ctx = CyaSSL_CTX_new(method);
if (ctx == NULL)
err_sys("unable to get ctx");
if (cipherList)
if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
err_sys("client can't set cipher list 1");
#ifdef CYASSL_LEANPSK
usePsk = 1;
#endif
#if defined(NO_RSA) && !defined(HAVE_ECC)
usePsk = 1;
#endif
if (fewerPackets)
CyaSSL_CTX_set_group_messages(ctx);
if (usePsk) {
#ifndef NO_PSK
CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
if (cipherList == NULL) {
const char *defaultCipherList;
#ifdef HAVE_NULL_CIPHER
defaultCipherList = "PSK-NULL-SHA256";
#else
defaultCipherList = "PSK-AES128-CBC-SHA256";
#endif
if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS)
err_sys("client can't set cipher list 2");
}
#endif
useClientCert = 0;
}
#ifdef OPENSSL_EXTRA
CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
if (cipherList == NULL) {
/* don't use EDH, can't sniff tmp keys */
if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) {
err_sys("client can't set cipher list 3");
}
}
#endif
#ifdef HAVE_OCSP
if (useOcsp) {
if (ocspUrl != NULL) {
CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
| CYASSL_OCSP_URL_OVERRIDE);
}
else
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
}
#endif
#ifdef USER_CA_CB
CyaSSL_CTX_SetCACb(ctx, CaCb);
#endif
#ifdef VERIFY_CALLBACK
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
if (useClientCert){
if (CyaSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS)
err_sys("can't load client cert file, check file and run from"
" CyaSSL home dir");
if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load client private key file, check file and run "
"from CyaSSL home dir");
}
if (!usePsk) {
if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from CyaSSL home dir");
}
#endif
#if !defined(NO_CERTS)
if (!usePsk && doPeerCheck == 0)
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
#endif
#ifdef HAVE_CAVIUM
CyaSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID);
#endif
#ifdef HAVE_SNI
if (sniHostName)
if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
!= SSL_SUCCESS)
err_sys("UseSNI failed");
#endif
#ifdef HAVE_MAX_FRAGMENT
if (maxFragment)
if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS)
err_sys("UseMaxFragment failed");
#endif
#ifdef HAVE_TRUNCATED_HMAC
if (truncatedHMAC)
if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS)
err_sys("UseTruncatedHMAC failed");
#endif
if (benchmark) {
/* time passed in number of connects give average */
int times = benchmark;
int i = 0;
double start = current_time(), avg;
for (i = 0; i < times; i++) {
tcp_connect(&sockfd, host, port, doDTLS);
ssl = CyaSSL_new(ctx);
CyaSSL_set_fd(ssl, sockfd);
if (CyaSSL_connect(ssl) != SSL_SUCCESS)
err_sys("SSL_connect failed");
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
CloseSocket(sockfd);
}
avg = current_time() - start;
avg /= times;
avg *= 1000; /* milliseconds */
printf("CyaSSL_connect avg took: %8.3f milliseconds\n", avg);
CyaSSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
exit(EXIT_SUCCESS);
}
#if defined(CYASSL_MDK_ARM)
CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
#endif
ssl = CyaSSL_new(ctx);
if (ssl == NULL)
err_sys("unable to get SSL object");
if (doDTLS) {
SOCKADDR_IN_T addr;
build_addr(&addr, host, port, 1);
CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, host, port, 0);
}
CyaSSL_set_fd(ssl, sockfd);
#ifdef HAVE_CRL
if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS)
err_sys("can't enable crl check");
if (CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS)
err_sys("can't load crl, check crlfile and date validity");
if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS)
err_sys("can't set crl callback");
#endif
#ifdef ATOMIC_USER
if (atomicUser)
SetupAtomicUser(ctx, ssl);
#endif
#ifdef HAVE_PK_CALLBACKS
if (pkCallbacks)
SetupPkCallbacks(ctx, ssl);
#endif
if (matchName && doPeerCheck)
CyaSSL_check_domain_name(ssl, domain);
#ifndef CYASSL_CALLBACKS
if (nonBlocking) {
CyaSSL_set_using_nonblock(ssl, 1);
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(ssl);
}
else if (CyaSSL_connect(ssl) != SSL_SUCCESS) {
/* see note at top of README */
int err = CyaSSL_get_error(ssl, 0);
char buffer[CYASSL_MAX_ERROR_SZ];
printf("err = %d, %s\n", err,
CyaSSL_ERR_error_string(err, buffer));
err_sys("SSL_connect failed");
/* if you're getting an error here */
}
#else
timeout.tv_sec = 2;
timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
#endif
showPeer(ssl);
if (sendGET) {
printf("SSL connect ok, sending GET...\n");
msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
msg[msgSz] = '\0';
}
if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
err_sys("SSL_write failed");
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("Server response: %s\n", reply);
if (sendGET) { /* get html */
while (1) {
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("%s\n", reply);
}
else
break;
}
}
}
else if (input < 0) {
int readErr = CyaSSL_get_error(ssl, 0);
if (readErr != SSL_ERROR_WANT_READ)
err_sys("CyaSSL_read failed");
}
#ifndef NO_SESSION_CACHE
if (resumeSession) {
if (doDTLS) {
strncpy(msg, "break", 6);
msgSz = (int)strlen(msg);
/* try to send session close */
CyaSSL_write(ssl, msg, msgSz);
}
session = CyaSSL_get_session(ssl);
sslResume = CyaSSL_new(ctx);
}
#endif
if (doDTLS == 0) /* don't send alert after "break" command */
CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */
#ifdef ATOMIC_USER
if (atomicUser)
FreeAtomicUser(ssl);
#endif
CyaSSL_free(ssl);
CloseSocket(sockfd);
#ifndef NO_SESSION_CACHE
if (resumeSession) {
if (doDTLS) {
SOCKADDR_IN_T addr;
#ifdef USE_WINDOWS_API
Sleep(500);
#else
sleep(1);
#endif
build_addr(&addr, host, port, 1);
CyaSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, host, port, 0);
}
CyaSSL_set_fd(sslResume, sockfd);
CyaSSL_set_session(sslResume, session);
showPeer(sslResume);
#ifndef CYASSL_CALLBACKS
if (nonBlocking) {
CyaSSL_set_using_nonblock(sslResume, 1);
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(sslResume);
}
else if (CyaSSL_connect(sslResume) != SSL_SUCCESS)
err_sys("SSL resume failed");
#else
timeout.tv_sec = 2;
timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
#endif
if (CyaSSL_session_reused(sslResume))
printf("reused session id\n");
else
printf("didn't reuse session id!!!\n");
if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz)
err_sys("SSL_write failed");
if (nonBlocking) {
/* give server a chance to bounce a message back to client */
#ifdef USE_WINDOWS_API
Sleep(500);
#else
sleep(1);
#endif
}
input = CyaSSL_read(sslResume, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("Server resume response: %s\n", reply);
}
/* try to send session break */
CyaSSL_write(sslResume, msg, msgSz);
CyaSSL_shutdown(sslResume);
CyaSSL_free(sslResume);
CloseSocket(sockfd);
}
#endif /* NO_SESSION_CACHE */
CyaSSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
#ifdef USE_CYASSL_MEMORY
if (trackMemory)
ShowMemoryTracker();
#endif /* USE_CYASSL_MEMORY */
return 0;
}
int main(void) {
char client_buf[10000];
char server_buf[10000], *eth, *ip1, *ip2;
ipaddr_t saddr;
int result;
eth = getenv("ETH");
if (!eth) {
printf("The ETH environment variable must be set!\n");
return 1;
}
ip1 = getenv("IP1");
ip2 = getenv("IP2");
if ((!ip1)||(!ip2)) {
printf("The IP1 and IP2 environment variables must be set!\n");
return 1;
}
alarm(15);
if (fork()) {
/* Client process running in $IP1 */
eth[0]='1';
ip_init();
if (tcp_socket()<0) return 1;
fprintf(stdout,"Client socket() done\n");
fflush(stdout);
if (tcp_connect(inet_aton(ip2),80)<0) return 1;
fprintf(stdout,"Client connect() done\n");
fflush(stdout);
if (tcp_write("foo",4)<0) return 1;
fprintf(stdout,"Client write() done\n");
fflush(stdout);
if (tcp_read(client_buf,10000)<0) return 1;
fprintf(stdout,"Client read() done\n");
fflush(stdout);
if (strcmp(client_buf,"foo")) return 1;
fprintf(stdout,"Client response is correct\n");
fflush(stdout);
if (tcp_close()<0) return 1;
fprintf(stdout,"Client close() done\n");
fflush(stdout);
return 0;
}
else {
/* Server process running in $IP2 */
eth[0]='2';
ip_init();
if (tcp_socket()<0) return 1;
fprintf(stdout,"Server socket() done\n");
fflush(stdout);
if (tcp_listen(80,&saddr)<0) return 1;
fprintf(stdout,"Server listen() done\n");
fflush(stdout);
result = tcp_read(server_buf,16);
fprintf(stdout,"Server read() done: %d\n",result);
fflush(stdout);
if (tcp_write(server_buf,strlen(server_buf)+1)<0) return 1;
fprintf(stdout,"Server write() done\n");
fflush(stdout);
if (tcp_close()<0) return 1;
fprintf(stdout,"Server close() done\n");
fflush(stdout);
do {
result = tcp_read(server_buf,10);
fprintf(stdout,"Server read() done: %d\n",result);
fflush(stdout);
} while (result > 0);
return 0;
}
}
static int http_fileop_open(void **ref,void *fsctx_arg,char *filename,int mode)
{
http_fsctx_t *fsctx;
http_file_t *file;
char temp[200];
char *hostname, *filen;
int hlen;
int termidx;
int res;
int err = 0;
char *hptr;
char *tok;
uint8_t hostaddr[IP_ADDR_LEN];
uint8_t termstr[4];
uint8_t b;
if (mode != FILE_MODE_READ) return CFE_ERR_UNSUPPORTED;
fsctx = (http_fsctx_t *) fsctx_arg;
file = KMALLOC(sizeof(http_file_t),0);
if (!file) {
return CFE_ERR_NOMEM;
}
file->http_filename = lib_strdup(filename);
if (!file->http_filename) {
KFREE(file);
return CFE_ERR_NOMEM;
}
lib_chop_filename(file->http_filename,&hostname,&filen);
/*
* Look up remote host
*/
res = dns_lookup(hostname,hostaddr);
if (res < 0) {
KFREE(file);
return res;
}
file->http_socket = tcp_socket();
if (file->http_socket < 0) {
KFREE(file->http_filename);
KFREE(file);
return -1;
}
/*
* Connect to remote host.
*/
tcp_setflags(file->http_socket,0); /* set socket to blocking */
res = tcp_connect(file->http_socket,hostaddr,80);
if (res < 0) {
tcp_close(file->http_socket);
KFREE(file->http_filename);
KFREE(file);
return res;
}
/*
* Send GET command. Supply the hostname (for HTTP 1.1 requirements)
* and set the connection to close as soon as all the data is received.
*/
hlen = sprintf(temp,"GET /%s HTTP/1.1\r\nHost: %s\r\nConnection: close\r\n\r\n",filen,hostname);
res = tcp_send(file->http_socket,temp,hlen);
if (res < 0) {
tcp_close(file->http_socket);
KFREE(file->http_filename);
KFREE(file);
return res;
}
/*
* Read bytes until we either reach EOF or we see "\r\n\r\n"
* This is the server's status string.
*/
termstr[0] = '\r'; termstr[1] = '\n';
termstr[2] = '\r'; termstr[3] = '\n';
termidx = 0;
file->http_offset = 0;
file->http_blen = 0;
file->http_bptr = file->http_buffer;
res = 0;
for (;;) {
res = tcp_recv(file->http_socket,&b,1);
if (res < 0) break;
if (b == termstr[termidx]) {
termidx++;
if (termidx == 4) break;
}
else {
termidx = 0;
}
/*
* Save the bytes from the header up to our buffer
* size. It's okay if we don't save it all,
* since all we want is the result code which comes
* first.
*/
if (file->http_blen < (HTTP_BUFSIZE-1)) {
*(file->http_bptr) = b;
file->http_bptr++;
file->http_blen++;
}
}
/*
* Premature EOFs are not good, bail now.
*/
if (res < 0) {
err = CFE_ERR_EOF;
goto protocolerr;
}
/*
* Skip past the HTTP response header and grab the result code.
* Sanity check it a little.
*/
*(file->http_bptr) = 0;
hptr = file->http_buffer;
tok = lib_gettoken(&hptr);
if (!tok || (memcmp(tok,"HTTP",4) != 0)) {
err = CFE_ERR_PROTOCOLERR;
goto protocolerr;
}
tok = lib_gettoken(&hptr);
if (!tok) {
err = CFE_ERR_PROTOCOLERR;
goto protocolerr;
}
switch (lib_atoi(tok)) {
case 200:
err = 0;
break;
case 404:
err = CFE_ERR_FILENOTFOUND;
break;
}
/*
* If we get to here, the file is okay and we're about to receive data.
*/
if (err == 0) {
*ref = file;
return 0;
}
protocolerr:
tcp_close(file->http_socket);
KFREE(file->http_filename);
KFREE(file);
*ref = NULL;
return err;
}
THREAD_RETURN WOLFSSH_THREAD client_test(void* args)
{
WOLFSSH_CTX* ctx = NULL;
WOLFSSH* ssh = NULL;
SOCKET_T sockFd = WOLFSSH_SOCKET_INVALID;
SOCKADDR_IN_T clientAddr;
socklen_t clientAddrSz = sizeof(clientAddr);
char rxBuf[80];
int ret;
int ch;
word16 port = wolfSshPort;
char* host = (char*)wolfSshIp;
const char* username = NULL;
const char* password = NULL;
const char* cmd = NULL;
byte imExit = 0;
byte nonBlock = 0;
byte keepOpen = 0;
#ifdef USE_WINDOWS_API
byte rawMode = 0;
#endif
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
((func_args*)args)->return_code = 0;
while ((ch = mygetopt(argc, argv, "?NP:h:p:u:xc:Rtz")) != -1) {
switch (ch) {
case 'h':
host = myoptarg;
break;
case 'z':
#ifdef WOLFSSH_SHOW_SIZES
wolfSSH_ShowSizes();
exit(EXIT_SUCCESS);
#endif
break;
case 'p':
port = (word16)atoi(myoptarg);
#if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
if (port == 0)
err_sys("port number cannot be 0");
#endif
break;
case 'u':
username = myoptarg;
break;
case 'P':
password = myoptarg;
break;
case 'x':
/* exit after successful connection without read/write */
imExit = 1;
break;
case 'N':
nonBlock = 1;
break;
#if !defined(SINGLE_THREADED) && !defined(WOLFSSL_NUCLEUS)
case 'c':
cmd = myoptarg;
break;
#ifdef USE_WINDOWS_API
case 'R':
rawMode = 1;
break;
#endif /* USE_WINDOWS_API */
#endif
#ifdef WOLFSSH_TERM
case 't':
keepOpen = 1;
break;
#endif
case '?':
ShowUsage();
exit(EXIT_SUCCESS);
default:
ShowUsage();
exit(MY_EX_USAGE);
}
}
myoptind = 0; /* reset for test cases */
if (username == NULL)
err_sys("client requires a username parameter.");
#ifdef SINGLE_THREADED
if (keepOpen)
err_sys("Threading needed for terminal session\n");
#endif
ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, NULL);
if (ctx == NULL)
err_sys("Couldn't create wolfSSH client context.");
if (((func_args*)args)->user_auth == NULL)
wolfSSH_SetUserAuth(ctx, wsUserAuth);
else
wolfSSH_SetUserAuth(ctx, ((func_args*)args)->user_auth);
ssh = wolfSSH_new(ctx);
if (ssh == NULL)
err_sys("Couldn't create wolfSSH session.");
if (password != NULL)
wolfSSH_SetUserAuthCtx(ssh, (void*)password);
wolfSSH_CTX_SetPublicKeyCheck(ctx, wsPublicKeyCheck);
wolfSSH_SetPublicKeyCheckCtx(ssh, (void*)"You've been sampled!");
ret = wolfSSH_SetUsername(ssh, username);
if (ret != WS_SUCCESS)
err_sys("Couldn't set the username.");
build_addr(&clientAddr, host, port);
tcp_socket(&sockFd);
ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
if (ret != 0)
err_sys("Couldn't connect to server.");
if (nonBlock)
tcp_set_nonblocking(&sockFd);
ret = wolfSSH_set_fd(ssh, (int)sockFd);
if (ret != WS_SUCCESS)
err_sys("Couldn't set the session's socket.");
if (cmd != NULL) {
ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
(byte*)cmd, (word32)WSTRLEN((char*)cmd));
if (ret != WS_SUCCESS)
err_sys("Couldn't set the channel type.");
}
#ifdef WOLFSSH_TERM
if (keepOpen) {
ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_TERMINAL, NULL, 0);
if (ret != WS_SUCCESS)
err_sys("Couldn't set the terminal channel type.");
}
#endif
if (!nonBlock)
ret = wolfSSH_connect(ssh);
else
ret = NonBlockSSH_connect(ssh);
if (ret != WS_SUCCESS) {
printf("err = %s\n", wolfSSH_get_error_name(ssh));
err_sys("Couldn't connect SSH stream.");
}
#if !defined(SINGLE_THREADED) && !defined(WOLFSSL_NUCLEUS)
if (keepOpen) /* set up for psuedo-terminal */
SetEcho(2);
if (cmd != NULL || keepOpen == 1) {
#if defined(_POSIX_THREADS)
thread_args arg;
pthread_t thread[2];
arg.ssh = ssh;
wc_InitMutex(&arg.lock);
pthread_create(&thread[0], NULL, readInput, (void*)&arg);
pthread_create(&thread[1], NULL, readPeer, (void*)&arg);
pthread_join(thread[1], NULL);
pthread_cancel(thread[0]);
#elif defined(_MSC_VER)
thread_args arg;
HANDLE thread[2];
arg.ssh = ssh;
arg.rawMode = rawMode;
wc_InitMutex(&arg.lock);
thread[0] = CreateThread(NULL, 0, readInput, (void*)&arg, 0, 0);
thread[1] = CreateThread(NULL, 0, readPeer, (void*)&arg, 0, 0);
WaitForSingleObject(thread[1], INFINITE);
CloseHandle(thread[0]);
CloseHandle(thread[1]);
#else
err_sys("No threading to use");
#endif
if (keepOpen)
SetEcho(1);
}
else
#endif
if (!imExit) {
ret = wolfSSH_stream_send(ssh, (byte*)testString,
(word32)strlen(testString));
if (ret <= 0)
err_sys("Couldn't send test string.");
do {
ret = wolfSSH_stream_read(ssh, (byte*)rxBuf, sizeof(rxBuf) - 1);
if (ret <= 0) {
ret = wolfSSH_get_error(ssh);
if (ret != WS_WANT_READ && ret != WS_WANT_WRITE)
err_sys("Stream read failed.");
}
} while (ret == WS_WANT_READ || ret == WS_WANT_WRITE);
rxBuf[ret] = '\0';
printf("Server said: %s\n", rxBuf);
}
ret = wolfSSH_shutdown(ssh);
WCLOSESOCKET(sockFd);
wolfSSH_free(ssh);
wolfSSH_CTX_free(ctx);
if (ret != WS_SUCCESS)
err_sys("Closing stream failed. Connection could have been closed by peer");
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
return 0;
}
int serve(char *path) {
char absolute_path[MAX_PATH_LENGTH];
ipaddr_t saddr;
char request_buffer[REQUEST_BUFFER_SIZE];
int request_buffer_size = 0;
http_method method;
char url[URL_LENGTH];
char protocol[PROTOCOL_LENGTH];
response_buffer_size = 0;
alarm_went_off = 0;
/* open new socket, because previous connection might not be closed */
if (tcp_socket() != 0) {
return 0;
}
/*
If we are superuser, we can chroot for safety.
This has to be done after tcp_socket, because
it needs access to the ethernet device.
Note that this will be done again for each
connection, but that doesn't do any harm.
*/
if (geteuid() == 0) {
/* chroot doesn't accept relative paths */
if (!make_absolute_path(path, absolute_path, MAX_PATH_LENGTH)
|| (chroot(absolute_path) < 0)
|| (chdir("/") < 0)) {
return 0;
}
}
if (tcp_listen(LISTEN_PORT, &saddr) < 0) {
return 0;
}
request_buffer_size = get_request(request_buffer, REQUEST_BUFFER_SIZE);
if (request_buffer_size < 0) {
tcp_close();
return 1;
}
if (parse_request(request_buffer, request_buffer_size,
&method,
url, URL_LENGTH,
protocol, PROTOCOL_LENGTH)) {
if (!(write_response(method, url, protocol)
&& send_buffer())) {
/*
Don't call tcp_close in case of error,
because the client may think all data
was sent correctly because of that.
*/
return 1;
}
} else {
if (!(write_error(STATUS_BAD_REQUEST)
&& send_buffer())) {
/*
Don't call tcp_close in case of error,
because the client may think all data
was sent correctly because of that.
*/
return 1;
}
}
/* properly close connection */
if (tcp_close() != 0) {
return 0;
}
signal(SIGALRM, alarm_handler);
alarm(TIME_OUT);
while (tcp_read(request_buffer, REQUEST_BUFFER_SIZE) > 0) {}
alarm(0);
return 1;
}
void echoclient_test(void* args)
{
SOCKET_T sockfd = 0;
FILE* fin = stdin;
FILE* fout = stdout;
int inCreated = 0;
int outCreated = 0;
char msg[1024];
char reply[1024];
SSL_METHOD* method = 0;
SSL_CTX* ctx = 0;
SSL* ssl = 0;
int doDTLS = 0;
int doLeanPSK = 0;
int sendSz;
int argc = 0;
char** argv = 0;
((func_args*)args)->return_code = -1; /* error state */
argc = ((func_args*)args)->argc;
argv = ((func_args*)args)->argv;
if (argc >= 2) {
fin = fopen(argv[1], "r");
inCreated = 1;
}
if (argc >= 3) {
fout = fopen(argv[2], "w");
outCreated = 1;
}
if (!fin) err_sys("can't open input file");
if (!fout) err_sys("can't open output file");
#ifdef CYASSL_DTLS
doDTLS = 1;
#endif
#ifdef CYASSL_LEANPSK
doLeanPSK = 1;
#endif
#if defined(CYASSL_DTLS)
method = DTLSv1_client_method();
#elif !defined(NO_TLS)
method = CyaSSLv23_client_method();
#else
method = SSLv3_client_method();
#endif
ctx = SSL_CTX_new(method);
#ifndef NO_FILESYSTEM
if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from CyaSSL home dir");
#ifdef HAVE_ECC
if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from CyaSSL home dir");
#endif
#elif !defined(NO_CERTS)
if (!doLeanPSK)
load_buffer(ctx, caCert, CYASSL_CA);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
/* don't use EDH, can't sniff tmp keys */
SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
#endif
if (doLeanPSK) {
#ifdef CYASSL_LEANPSK
CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
SSL_CTX_set_cipher_list(ctx, "PSK-NULL-SHA");
#endif
}
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
ssl = SSL_new(ctx);
if (doDTLS) {
SOCKADDR_IN_T addr;
build_addr(&addr, yasslIP, yasslPort);
CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, yasslIP, yasslPort, 0);
}
SSL_set_fd(ssl, sockfd);
#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
/* let echoserver bind first, TODO: add Windows signal like pthreads does */
Sleep(100);
#endif
if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
while (fgets(msg, sizeof(msg), fin)) {
sendSz = (int)strlen(msg);
if (SSL_write(ssl, msg, sendSz) != sendSz)
err_sys("SSL_write failed");
if (strncmp(msg, "quit", 4) == 0) {
fputs("sending server shutdown command: quit!\n", fout);
break;
}
if (strncmp(msg, "break", 5) == 0) {
fputs("sending server session close: break!\n", fout);
break;
}
while (sendSz) {
int got;
if ( (got = SSL_read(ssl, reply, sizeof(reply))) > 0) {
reply[got] = 0;
fputs(reply, fout);
sendSz -= got;
}
else
break;
}
}
#ifdef CYASSL_DTLS
strncpy(msg, "break", 6);
sendSz = (int)strlen(msg);
/* try to tell server done */
SSL_write(ssl, msg, sendSz);
#else
SSL_shutdown(ssl);
#endif
SSL_free(ssl);
SSL_CTX_free(ctx);
fflush(fout);
if (inCreated) fclose(fin);
if (outCreated) fclose(fout);
CloseSocket(sockfd);
((func_args*)args)->return_code = 0;
}
THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
{
SOCKET_T sockfd = 0;
WOLFSSL_METHOD* method = 0;
WOLFSSL_CTX* ctx = 0;
WOLFSSL* ssl = 0;
WOLFSSL* sslResume = 0;
WOLFSSL_SESSION* session = 0;
char resumeMsg[] = "resuming wolfssl!";
int resumeSz = sizeof(resumeMsg);
char msg[32] = "hello wolfssl!"; /* GET may make bigger */
char reply[80];
int input;
int msgSz = (int)strlen(msg);
word16 port = wolfSSLPort;
char* host = (char*)wolfSSLIP;
const char* domain = "www.wolfssl.com";
int ch;
int version = CLIENT_INVALID_VERSION;
int usePsk = 0;
int useAnon = 0;
int sendGET = 0;
int benchmark = 0;
int doDTLS = 0;
int matchName = 0;
int doPeerCheck = 1;
int nonBlocking = 0;
int resumeSession = 0;
int wc_shutdown = 0;
int disableCRL = 0;
int externalTest = 0;
int ret;
int scr = 0; /* allow secure renegotiation */
int forceScr = 0; /* force client initiaed scr */
int trackMemory = 0;
int useClientCert = 1;
int fewerPackets = 0;
int atomicUser = 0;
int pkCallbacks = 0;
int overrideDateErrors = 0;
int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
char* cipherList = NULL;
const char* verifyCert = caCert;
const char* ourCert = cliCert;
const char* ourKey = cliKey;
#ifdef HAVE_SNI
char* sniHostName = NULL;
#endif
#ifdef HAVE_MAX_FRAGMENT
byte maxFragment = 0;
#endif
#ifdef HAVE_TRUNCATED_HMAC
byte truncatedHMAC = 0;
#endif
#ifdef HAVE_OCSP
int useOcsp = 0;
char* ocspUrl = NULL;
#endif
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
((func_args*)args)->return_code = -1; /* error state */
#ifdef NO_RSA
verifyCert = (char*)eccCert;
ourCert = (char*)cliEccCert;
ourKey = (char*)cliEccKey;
#endif
(void)resumeSz;
(void)session;
(void)sslResume;
(void)trackMemory;
(void)atomicUser;
(void)pkCallbacks;
(void)scr;
(void)forceScr;
(void)ourKey;
(void)ourCert;
(void)verifyCert;
(void)useClientCert;
(void)overrideDateErrors;
(void)disableCRL;
(void)minDhKeyBits;
StackTrap();
while ((ch = mygetopt(argc, argv,
"?gdDusmNrwRitfxXUPCh:p:v:l:A:c:k:Z:b:zS:L:ToO:a"))
!= -1) {
switch (ch) {
case '?' :
Usage();
exit(EXIT_SUCCESS);
case 'g' :
sendGET = 1;
break;
case 'd' :
doPeerCheck = 0;
break;
case 'D' :
overrideDateErrors = 1;
break;
case 'C' :
#ifdef HAVE_CRL
disableCRL = 1;
#endif
break;
case 'u' :
doDTLS = 1;
break;
case 's' :
usePsk = 1;
break;
case 't' :
#ifdef USE_WOLFSSL_MEMORY
trackMemory = 1;
#endif
break;
case 'm' :
matchName = 1;
break;
case 'x' :
useClientCert = 0;
break;
case 'X' :
externalTest = 1;
break;
case 'f' :
fewerPackets = 1;
break;
case 'U' :
#ifdef ATOMIC_USER
atomicUser = 1;
#endif
break;
case 'P' :
#ifdef HAVE_PK_CALLBACKS
pkCallbacks = 1;
#endif
break;
case 'h' :
host = myoptarg;
domain = myoptarg;
break;
case 'p' :
port = (word16)atoi(myoptarg);
#if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
if (port == 0)
err_sys("port number cannot be 0");
#endif
break;
case 'v' :
version = atoi(myoptarg);
if (version < 0 || version > 3) {
Usage();
exit(MY_EX_USAGE);
}
break;
case 'l' :
cipherList = myoptarg;
break;
case 'A' :
verifyCert = myoptarg;
break;
case 'c' :
ourCert = myoptarg;
break;
case 'k' :
ourKey = myoptarg;
break;
case 'Z' :
#ifndef NO_DH
minDhKeyBits = atoi(myoptarg);
if (minDhKeyBits <= 0 || minDhKeyBits > 16000) {
Usage();
exit(MY_EX_USAGE);
}
#endif
break;
case 'b' :
benchmark = atoi(myoptarg);
if (benchmark < 0 || benchmark > 1000000) {
Usage();
exit(MY_EX_USAGE);
}
break;
case 'N' :
nonBlocking = 1;
break;
case 'r' :
resumeSession = 1;
break;
case 'w' :
wc_shutdown = 1;
break;
case 'R' :
#ifdef HAVE_SECURE_RENEGOTIATION
scr = 1;
#endif
break;
case 'i' :
#ifdef HAVE_SECURE_RENEGOTIATION
scr = 1;
forceScr = 1;
#endif
break;
case 'z' :
#ifndef WOLFSSL_LEANPSK
wolfSSL_GetObjectSize();
#endif
break;
case 'S' :
#ifdef HAVE_SNI
sniHostName = myoptarg;
#endif
break;
case 'L' :
#ifdef HAVE_MAX_FRAGMENT
maxFragment = atoi(myoptarg);
if (maxFragment < WOLFSSL_MFL_2_9 ||
maxFragment > WOLFSSL_MFL_2_13) {
Usage();
exit(MY_EX_USAGE);
}
#endif
break;
case 'T' :
#ifdef HAVE_TRUNCATED_HMAC
truncatedHMAC = 1;
#endif
break;
case 'o' :
#ifdef HAVE_OCSP
useOcsp = 1;
#endif
break;
case 'O' :
#ifdef HAVE_OCSP
useOcsp = 1;
ocspUrl = myoptarg;
#endif
break;
case 'a' :
#ifdef HAVE_ANON
useAnon = 1;
#endif
break;
default:
Usage();
exit(MY_EX_USAGE);
}
}
myoptind = 0; /* reset for test cases */
if (externalTest) {
/* detect build cases that wouldn't allow test against wolfssl.com */
int done = 0;
(void)done;
#ifdef NO_RSA
done = 1;
#endif
#ifndef NO_PSK
done = 1;
#endif
#ifdef NO_SHA
done = 1; /* external cert chain most likely has SHA */
#endif
if (done) {
printf("external test can't be run in this mode");
((func_args*)args)->return_code = 0;
exit(EXIT_SUCCESS);
}
}
/* sort out DTLS versus TLS versions */
if (version == CLIENT_INVALID_VERSION) {
if (doDTLS)
version = CLIENT_DTLS_DEFAULT_VERSION;
else
version = CLIENT_DEFAULT_VERSION;
}
else {
if (doDTLS) {
if (version == 3)
version = -2;
else
version = -1;
}
}
#ifdef USE_WOLFSSL_MEMORY
if (trackMemory)
InitMemoryTracker();
#endif
switch (version) {
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_SSLV3
case 0:
method = wolfSSLv3_client_method();
break;
#endif
#ifndef NO_TLS
case 1:
method = wolfTLSv1_client_method();
break;
case 2:
method = wolfTLSv1_1_client_method();
break;
#endif /* NO_TLS */
#endif /* NO_OLD_TLS */
#ifndef NO_TLS
case 3:
method = wolfTLSv1_2_client_method();
break;
#endif
#ifdef WOLFSSL_DTLS
#ifndef NO_OLD_TLS
case -1:
method = wolfDTLSv1_client_method();
break;
#endif
case -2:
method = wolfDTLSv1_2_client_method();
break;
#endif
default:
err_sys("Bad SSL version");
break;
}
if (method == NULL)
err_sys("unable to get method");
ctx = wolfSSL_CTX_new(method);
if (ctx == NULL)
err_sys("unable to get ctx");
if (cipherList)
if (wolfSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
err_sys("client can't set cipher list 1");
#ifdef WOLFSSL_LEANPSK
usePsk = 1;
#endif
#if defined(NO_RSA) && !defined(HAVE_ECC)
usePsk = 1;
#endif
if (fewerPackets)
wolfSSL_CTX_set_group_messages(ctx);
#ifndef NO_DH
wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits);
#endif
if (usePsk) {
#ifndef NO_PSK
wolfSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
if (cipherList == NULL) {
const char *defaultCipherList;
#if defined(HAVE_AESGCM) && !defined(NO_DH)
defaultCipherList = "DHE-PSK-AES128-GCM-SHA256";
#elif defined(HAVE_NULL_CIPHER)
defaultCipherList = "PSK-NULL-SHA256";
#else
defaultCipherList = "PSK-AES128-CBC-SHA256";
#endif
if (wolfSSL_CTX_set_cipher_list(ctx,defaultCipherList)
!=SSL_SUCCESS)
err_sys("client can't set cipher list 2");
}
#endif
useClientCert = 0;
}
if (useAnon) {
#ifdef HAVE_ANON
if (cipherList == NULL) {
wolfSSL_CTX_allow_anon_cipher(ctx);
if (wolfSSL_CTX_set_cipher_list(ctx,"ADH-AES128-SHA") != SSL_SUCCESS)
err_sys("client can't set cipher list 4");
}
#endif
useClientCert = 0;
}
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(WOLFSSL_SNIFFER)
if (cipherList == NULL) {
/* don't use EDH, can't sniff tmp keys */
if (wolfSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) {
err_sys("client can't set cipher list 3");
}
}
#endif
#ifdef HAVE_OCSP
if (useOcsp) {
if (ocspUrl != NULL) {
wolfSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE
| WOLFSSL_OCSP_URL_OVERRIDE);
}
else
wolfSSL_CTX_EnableOCSP(ctx, WOLFSSL_OCSP_NO_NONCE);
}
#endif
#ifdef USER_CA_CB
wolfSSL_CTX_SetCACb(ctx, CaCb);
#endif
#ifdef VERIFY_CALLBACK
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
if (useClientCert){
if (wolfSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS)
err_sys("can't load client cert file, check file and run from"
" wolfSSL home dir");
if (wolfSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
err_sys("can't load client private key file, check file and run "
"from wolfSSL home dir");
}
if (!usePsk && !useAnon) {
if (wolfSSL_CTX_load_verify_locations(ctx, verifyCert,0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
#ifdef HAVE_ECC
/* load ecc verify too, echoserver uses it by default w/ ecc */
if (wolfSSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS)
err_sys("can't load ecc ca file, Please run from wolfSSL home dir");
#endif /* HAVE_ECC */
}
#endif /* !NO_FILESYSTEM && !NO_CERTS */
#if !defined(NO_CERTS)
if (!usePsk && !useAnon && doPeerCheck == 0)
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
if (!usePsk && !useAnon && overrideDateErrors == 1)
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myDateCb);
#endif
#ifdef HAVE_CAVIUM
wolfSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID);
#endif
#ifdef HAVE_SNI
if (sniHostName)
if (wolfSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
!= SSL_SUCCESS)
err_sys("UseSNI failed");
#endif
#ifdef HAVE_MAX_FRAGMENT
if (maxFragment)
if (wolfSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS)
err_sys("UseMaxFragment failed");
#endif
#ifdef HAVE_TRUNCATED_HMAC
if (truncatedHMAC)
if (wolfSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS)
err_sys("UseTruncatedHMAC failed");
#endif
#ifdef HAVE_SESSION_TICKET
if (wolfSSL_CTX_UseSessionTicket(ctx) != SSL_SUCCESS)
err_sys("UseSessionTicket failed");
#endif
if (benchmark) {
/* time passed in number of connects give average */
int times = benchmark;
int loops = resumeSession ? 2 : 1;
int i = 0;
WOLFSSL_SESSION* benchSession = NULL;
while (loops--) {
int benchResume = resumeSession && loops == 0;
double start = current_time(), avg;
for (i = 0; i < times; i++) {
tcp_connect(&sockfd, host, port, doDTLS);
ssl = wolfSSL_new(ctx);
if (benchResume)
wolfSSL_set_session(ssl, benchSession);
wolfSSL_set_fd(ssl, sockfd);
if (wolfSSL_connect(ssl) != SSL_SUCCESS)
err_sys("SSL_connect failed");
wolfSSL_shutdown(ssl);
if (i == (times-1) && resumeSession) {
benchSession = wolfSSL_get_session(ssl);
}
wolfSSL_free(ssl);
CloseSocket(sockfd);
}
avg = current_time() - start;
avg /= times;
avg *= 1000; /* milliseconds */
if (benchResume)
printf("wolfSSL_resume avg took: %8.3f milliseconds\n", avg);
else
printf("wolfSSL_connect avg took: %8.3f milliseconds\n", avg);
}
wolfSSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
exit(EXIT_SUCCESS);
}
#if defined(WOLFSSL_MDK_ARM)
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
#endif
ssl = wolfSSL_new(ctx);
if (ssl == NULL)
err_sys("unable to get SSL object");
#ifdef HAVE_SESSION_TICKET
wolfSSL_set_SessionTicket_cb(ssl, sessionTicketCB, (void*)"initial session");
#endif
if (doDTLS) {
SOCKADDR_IN_T addr;
build_addr(&addr, host, port, 1);
wolfSSL_dtls_set_peer(ssl, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, host, port, 0);
}
#ifdef HAVE_POLY1305
/* use old poly to connect with google server */
if (!XSTRNCMP(domain, "www.google.com", 14)) {
if (wolfSSL_use_old_poly(ssl, 1) != 0)
err_sys("unable to set to old poly");
}
#endif
wolfSSL_set_fd(ssl, sockfd);
#ifdef HAVE_CRL
if (disableCRL == 0) {
if (wolfSSL_EnableCRL(ssl, WOLFSSL_CRL_CHECKALL) != SSL_SUCCESS)
err_sys("can't enable crl check");
if (wolfSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS)
err_sys("can't load crl, check crlfile and date validity");
if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS)
err_sys("can't set crl callback");
}
#endif
#ifdef HAVE_SECURE_RENEGOTIATION
if (scr) {
if (wolfSSL_UseSecureRenegotiation(ssl) != SSL_SUCCESS)
err_sys("can't enable secure renegotiation");
}
#endif
#ifdef ATOMIC_USER
if (atomicUser)
SetupAtomicUser(ctx, ssl);
#endif
#ifdef HAVE_PK_CALLBACKS
if (pkCallbacks)
SetupPkCallbacks(ctx, ssl);
#endif
if (matchName && doPeerCheck)
wolfSSL_check_domain_name(ssl, domain);
#ifndef WOLFSSL_CALLBACKS
if (nonBlocking) {
wolfSSL_set_using_nonblock(ssl, 1);
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(ssl);
}
else if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
/* see note at top of README */
int err = wolfSSL_get_error(ssl, 0);
char buffer[WOLFSSL_MAX_ERROR_SZ];
printf("err = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
err_sys("SSL_connect failed");
/* if you're getting an error here */
}
#else
timeout.tv_sec = 2;
timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
#endif
showPeer(ssl);
#ifdef HAVE_SECURE_RENEGOTIATION
if (scr && forceScr) {
if (nonBlocking) {
printf("not doing secure renegotiation on example with"
" nonblocking yet");
} else {
if (wolfSSL_Rehandshake(ssl) != SSL_SUCCESS) {
int err = wolfSSL_get_error(ssl, 0);
char buffer[WOLFSSL_MAX_ERROR_SZ];
printf("err = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
err_sys("wolfSSL_Rehandshake failed");
}
}
}
#endif /* HAVE_SECURE_RENEGOTIATION */
if (sendGET) {
printf("SSL connect ok, sending GET...\n");
msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
msg[msgSz] = '\0';
}
if (wolfSSL_write(ssl, msg, msgSz) != msgSz)
err_sys("SSL_write failed");
input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("Server response: %s\n", reply);
if (sendGET) { /* get html */
while (1) {
input = wolfSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("%s\n", reply);
}
else
break;
}
}
}
else if (input < 0) {
int readErr = wolfSSL_get_error(ssl, 0);
if (readErr != SSL_ERROR_WANT_READ)
err_sys("wolfSSL_read failed");
}
#ifndef NO_SESSION_CACHE
if (resumeSession) {
session = wolfSSL_get_session(ssl);
sslResume = wolfSSL_new(ctx);
}
#endif
if (doDTLS == 0) { /* don't send alert after "break" command */
ret = wolfSSL_shutdown(ssl);
if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
wolfSSL_shutdown(ssl); /* bidirectional shutdown */
}
#ifdef ATOMIC_USER
if (atomicUser)
FreeAtomicUser(ssl);
#endif
wolfSSL_free(ssl);
CloseSocket(sockfd);
#ifndef NO_SESSION_CACHE
if (resumeSession) {
if (doDTLS) {
SOCKADDR_IN_T addr;
#ifdef USE_WINDOWS_API
Sleep(500);
#elif defined(WOLFSSL_TIRTOS)
Task_sleep(1);
#else
sleep(1);
#endif
build_addr(&addr, host, port, 1);
wolfSSL_dtls_set_peer(sslResume, &addr, sizeof(addr));
tcp_socket(&sockfd, 1);
}
else {
tcp_connect(&sockfd, host, port, 0);
}
wolfSSL_set_fd(sslResume, sockfd);
#ifdef HAVE_SECURE_RENEGOTIATION
if (scr) {
if (wolfSSL_UseSecureRenegotiation(sslResume) != SSL_SUCCESS)
err_sys("can't enable secure renegotiation");
}
#endif
wolfSSL_set_session(sslResume, session);
#ifdef HAVE_SESSION_TICKET
wolfSSL_set_SessionTicket_cb(sslResume, sessionTicketCB,
(void*)"resumed session");
#endif
showPeer(sslResume);
#ifndef WOLFSSL_CALLBACKS
if (nonBlocking) {
wolfSSL_set_using_nonblock(sslResume, 1);
tcp_set_nonblocking(&sockfd);
NonBlockingSSL_Connect(sslResume);
}
else if (wolfSSL_connect(sslResume) != SSL_SUCCESS)
err_sys("SSL resume failed");
#else
timeout.tv_sec = 2;
timeout.tv_usec = 0;
NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
#endif
if (wolfSSL_session_reused(sslResume))
printf("reused session id\n");
else
printf("didn't reuse session id!!!\n");
if (wolfSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz)
err_sys("SSL_write failed");
if (nonBlocking) {
/* give server a chance to bounce a message back to client */
#ifdef USE_WINDOWS_API
Sleep(500);
#elif defined(WOLFSSL_TIRTOS)
Task_sleep(1);
#else
sleep(1);
#endif
}
input = wolfSSL_read(sslResume, reply, sizeof(reply)-1);
if (input > 0) {
reply[input] = 0;
printf("Server resume response: %s\n", reply);
}
/* try to send session break */
wolfSSL_write(sslResume, msg, msgSz);
ret = wolfSSL_shutdown(sslResume);
if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
wolfSSL_shutdown(sslResume); /* bidirectional shutdown */
wolfSSL_free(sslResume);
CloseSocket(sockfd);
}
#endif /* NO_SESSION_CACHE */
wolfSSL_CTX_free(ctx);
((func_args*)args)->return_code = 0;
#ifdef USE_WOLFSSL_MEMORY
if (trackMemory)
ShowMemoryTracker();
#endif /* USE_WOLFSSL_MEMORY */
#if !defined(WOLFSSL_TIRTOS)
return 0;
#endif
}
