THREAD_RETURN CYASSL_API echoserver_test(void* args) { SOCKET_T sockfd = 0; SSL_METHOD* method = 0; SSL_CTX* ctx = 0; int shutdown = 0; int argc = 0; char** argv = 0; #ifdef ECHO_OUT FILE* fout = stdout; if (argc >= 2) fout = fopen(argv[1], "w"); if (!fout) err_sys("can't open output file"); #endif ((func_args*)args)->return_code = -1; /* error state */ argc = ((func_args*)args)->argc; argv = ((func_args*)args)->argv; tcp_listen(&sockfd); #if defined(CYASSL_DTLS) method = DTLSv1_server_method(); #elif !defined(NO_TLS) method = TLSv1_server_method(); #else method = SSLv3_server_method(); #endif ctx = SSL_CTX_new(method); /* SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */ if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) err_sys("can't load ca file"); if (SSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) err_sys("can't load server cert file"); if (SSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) err_sys("can't load server key file"); SignalReady(args); while (!shutdown) { SSL* ssl = 0; char command[1024]; int echoSz = 0; int clientfd; #ifndef CYASSL_DTLS SOCKADDR_IN_T client; socklen_t client_len = sizeof(client); clientfd = accept(sockfd, (struct sockaddr*)&client, (ACCEPT_THIRD_T)&client_len); #else clientfd = udp_read_connect(sockfd); #endif if (clientfd == -1) err_sys("tcp accept failed"); ssl = SSL_new(ctx); SSL_set_fd(ssl, clientfd); if (SSL_accept(ssl) != SSL_SUCCESS) { printf("SSL_accept failed"); SSL_free(ssl); CloseSocket(clientfd); continue; } while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) { if ( strncmp(command, "quit", 4) == 0) { printf("client sent quit command: shutting down!\n"); shutdown = 1; break; } if ( strncmp(command, "break", 5) == 0) { printf("client sent break command: closing session!\n"); break; } else if ( strncmp(command, "GET", 3) == 0) { char type[] = "HTTP/1.0 200 ok\r\nContent-type:" " text/html\r\n\r\n"; char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n"; char body[] = "greetings from CyaSSL\n"; char footer[] = "</body></html>\r\n\r\n"; strncpy(command, type, sizeof(type)); echoSz = sizeof(type) - 1; strncpy(&command[echoSz], header, sizeof(header)); echoSz += sizeof(header) - 1; strncpy(&command[echoSz], body, sizeof(body)); echoSz += sizeof(body) - 1; strncpy(&command[echoSz], footer, sizeof(footer)); echoSz += sizeof(footer); if (SSL_write(ssl, command, echoSz) != echoSz) err_sys("SSL_write failed"); break; } command[echoSz] = 0; #ifdef ECHO_OUT fputs(command, fout); #endif if (SSL_write(ssl, command, echoSz) != echoSz) err_sys("SSL_write failed"); } SSL_shutdown(ssl); SSL_free(ssl); CloseSocket(clientfd); #ifdef CYASSL_DTLS tcp_listen(&sockfd); SignalReady(args); #endif } CloseSocket(sockfd); SSL_CTX_free(ctx); ((func_args*)args)->return_code = 0; return 0; }
THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) { SOCKET_T sockfd = 0; CYASSL_METHOD* method = 0; CYASSL_CTX* ctx = 0; int doDTLS = 0; int doPSK = 0; int outCreated = 0; int shutDown = 0; int useAnyAddr = 0; int port = yasslPort; int argc = ((func_args*)args)->argc; char** argv = ((func_args*)args)->argv; #ifdef ECHO_OUT FILE* fout = stdout; if (argc >= 2) { fout = fopen(argv[1], "w"); outCreated = 1; } if (!fout) err_sys("can't open output file"); #endif (void)outCreated; (void)argc; (void)argv; ((func_args*)args)->return_code = -1; /* error state */ #ifdef CYASSL_DTLS doDTLS = 1; #endif #ifdef CYASSL_LEANPSK doPSK = 1; #endif #if defined(NO_RSA) && !defined(HAVE_ECC) doPSK = 1; #endif #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) port = 0; #endif tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); #if defined(CYASSL_DTLS) method = CyaDTLSv1_server_method(); #elif !defined(NO_TLS) method = CyaSSLv23_server_method(); #else method = CyaSSLv3_server_method(); #endif ctx = CyaSSL_CTX_new(method); /* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */ #ifdef OPENSSL_EXTRA CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif #ifndef NO_FILESYSTEM if (doPSK == 0) { #ifdef HAVE_NTRU /* ntru */ if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) err_sys("can't load ntru cert file, " "Please run from CyaSSL home dir"); if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKey) != SSL_SUCCESS) err_sys("can't load ntru key file, " "Please run from CyaSSL home dir"); #elif defined(HAVE_ECC) /* ecc */ if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) err_sys("can't load server cert file, " "Please run from CyaSSL home dir"); if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) err_sys("can't load server key file, " "Please run from CyaSSL home dir"); #elif defined(NO_CERTS) /* do nothing, just don't load cert files */ #else /* normal */ if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) err_sys("can't load server cert file, " "Please run from CyaSSL home dir"); if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) err_sys("can't load server key file, " "Please run from CyaSSL home dir"); #endif } /* doPSK */ #elif !defined(NO_CERTS) if (!doPSK) { load_buffer(ctx, svrCert, CYASSL_CERT); load_buffer(ctx, svrKey, CYASSL_KEY); } #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) /* don't use EDH, can't sniff tmp keys */ CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA"); #endif if (doPSK) { #ifndef NO_PSK const char *defaultCipherList; CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); #ifdef HAVE_NULL_CIPHER defaultCipherList = "PSK-NULL-SHA256"; #else defaultCipherList = "PSK-AES128-CBC-SHA256"; #endif if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) err_sys("server can't set cipher list 2"); #endif } SignalReady(args, port); while (!shutDown) { CYASSL* ssl = 0; char command[1024+1]; int echoSz = 0; int clientfd; int firstRead = 1; int gotFirstG = 0; #ifndef CYASSL_DTLS SOCKADDR_IN_T client; socklen_t client_len = sizeof(client); clientfd = accept(sockfd, (struct sockaddr*)&client, (ACCEPT_THIRD_T)&client_len); #else clientfd = udp_read_connect(sockfd); #endif if (clientfd == -1) err_sys("tcp accept failed"); ssl = CyaSSL_new(ctx); if (ssl == NULL) err_sys("SSL_new failed"); CyaSSL_set_fd(ssl, clientfd); #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); #elif !defined(NO_CERTS) SetDH(ssl); /* will repick suites with DHE, higher than PSK */ #endif if (CyaSSL_accept(ssl) != SSL_SUCCESS) { printf("SSL_accept failed\n"); CyaSSL_free(ssl); CloseSocket(clientfd); continue; } #if defined(PEER_INFO) showPeer(ssl); #endif while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) { if (firstRead == 1) { firstRead = 0; /* browser may send 1 byte 'G' to start */ if (echoSz == 1 && command[0] == 'G') { gotFirstG = 1; continue; } } else if (gotFirstG == 1 && strncmp(command, "ET /", 4) == 0) { strncpy(command, "GET", 4); /* fall through to normal GET */ } if ( strncmp(command, "quit", 4) == 0) { printf("client sent quit command: shutting down!\n"); shutDown = 1; break; } if ( strncmp(command, "break", 5) == 0) { printf("client sent break command: closing session!\n"); break; } #ifdef SESSION_STATS if ( strncmp(command, "printstats", 10) == 0) { PrintSessionStats(); break; } #endif if ( strncmp(command, "GET", 3) == 0) { char type[] = "HTTP/1.0 200 ok\r\nContent-type:" " text/html\r\n\r\n"; char header[] = "<html><body BGCOLOR=\"#ffffff\">\n<pre>\n"; char body[] = "greetings from CyaSSL\n"; char footer[] = "</body></html>\r\n\r\n"; strncpy(command, type, sizeof(type)); echoSz = sizeof(type) - 1; strncpy(&command[echoSz], header, sizeof(header)); echoSz += (int)sizeof(header) - 1; strncpy(&command[echoSz], body, sizeof(body)); echoSz += (int)sizeof(body) - 1; strncpy(&command[echoSz], footer, sizeof(footer)); echoSz += (int)sizeof(footer); if (CyaSSL_write(ssl, command, echoSz) != echoSz) err_sys("SSL_write failed"); break; } command[echoSz] = 0; #ifdef ECHO_OUT fputs(command, fout); #endif if (CyaSSL_write(ssl, command, echoSz) != echoSz) err_sys("SSL_write failed"); } #ifndef CYASSL_DTLS CyaSSL_shutdown(ssl); #endif CyaSSL_free(ssl); CloseSocket(clientfd); #ifdef CYASSL_DTLS tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); SignalReady(args, port); #endif } CloseSocket(sockfd); CyaSSL_CTX_free(ctx); #ifdef ECHO_OUT if (outCreated) fclose(fout); #endif ((func_args*)args)->return_code = 0; return 0; }