From 0d01a92b9cec1612f13fba92f86524fadce22c19 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 7 Mar 2022 13:01:38 -0800 Subject: [PATCH] Cleanups to PSK examples. --- psk/Makefile | 23 ++++++++++++++++++----- psk/client-psk-bio-custom.c | 8 ++++++-- psk/client-psk-nonblocking.c | 8 +++++++- psk/client-psk-resume.c | 6 ++++++ psk/client-psk-tls13-multi-id.c | 26 ++++++++++++++++++-------- psk/client-psk.c | 14 ++++++++++---- psk/client-tcp.c | 8 ++++---- psk/server-psk-nonblocking.c | 9 +++++++-- psk/server-psk-threaded.c | 10 ++++++++-- psk/server-psk-tls13-multi-id.c | 16 ++++++++++++---- psk/server-psk.c | 8 +++++++- psk/server-tcp.c | 4 ++-- 12 files changed, 105 insertions(+), 35 deletions(-) diff --git a/psk/Makefile b/psk/Makefile index 71a63395..aae65066 100644 --- a/psk/Makefile +++ b/psk/Makefile @@ -1,10 +1,23 @@ -CC=gcc -CFLAGS=-Wall -I../../wolfssl -g -DDEBUG -LIBS=-lwolfssl -lm -L../../wolfssl/src/.libs +# PSK Examples Makefile +CC = gcc +LIB_PATH = /usr/local +CFLAGS = -Wall -I$(LIB_PATH)/include +LIBS = -L$(LIB_PATH)/lib -lm +# option variables +DYN_LIB = -lwolfssl +STATIC_LIB = $(LIB_PATH)/lib/libwolfssl.a +DEBUG_FLAGS = -g -DDEBUG +DEBUG_INC_PATHS = -MD +OPTIMIZE = -Os + +# Options # For debug (./configure --enable-debug --disable-shared) -#LIBS=/usr/local/lib/libwolfssl.a -#CFLAGS+=-g -DDEBUG +# Uncomment DEBUG_FLAGS and STATIC_LIB (comment DYN_LIB) +#CFLAGS+=$(DEBUG_FLAGS) +CFLAGS+=$(OPTIMIZE) +#LIBS+=$(STATIC_LIB) +LIBS+=$(DYN_LIB) all: client-tcp client-psk client-psk-nonblocking client-psk-resume client-psk-tls13-multi-id server-tcp server-psk server-psk-nonblocking server-psk-threaded client-psk-bio-custom server-psk-tls13-multi-id diff --git a/psk/client-psk-bio-custom.c b/psk/client-psk-bio-custom.c index b1ecf277..773537e7 100644 --- a/psk/client-psk-bio-custom.c +++ b/psk/client-psk-bio-custom.c @@ -99,7 +99,7 @@ static long bioCTRLCb(WOLFSSL_BIO* bio, int cmd, long larg, void* data) return ret; } - +#ifndef NO_PSK /* *psk client set up. */ @@ -123,7 +123,7 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint, return PSK_KEY_LEN; } - +#endif static int createSocket(char* ip) { @@ -222,8 +222,12 @@ int main(int argc, char **argv) goto exit; } +#ifndef NO_PSK /* set up pre shared keys */ wolfSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb); +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif /* creat wolfssl object after each tcp connect */ if ( (ssl = wolfSSL_new(ctx)) == NULL) { diff --git a/psk/client-psk-nonblocking.c b/psk/client-psk-nonblocking.c index 924d8d4f..b0f0dc6d 100644 --- a/psk/client-psk-nonblocking.c +++ b/psk/client-psk-nonblocking.c @@ -46,6 +46,7 @@ enum { TEST_ERROR_READY }; +#ifndef NO_PSK /* *psk client set up. */ @@ -69,6 +70,7 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint, return PSK_KEY_LEN; } +#endif int main(int argc, char **argv) { @@ -132,7 +134,7 @@ int main(int argc, char **argv) flags = fcntl(sockfd, F_SETFL, flags | O_NONBLOCK); if (flags < 0) { printf("fcntl set failed\n"); - ret = -1; + ret = -1; goto exit; } @@ -145,8 +147,12 @@ int main(int argc, char **argv) goto exit; } +#ifndef NO_PSK /* set up pre shared keys */ wolfSSL_CTX_set_psk_client_callback(ctx,My_Psk_Client_Cb); +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif /* create wolfSSL object after each tcp connect */ if ((ssl = wolfSSL_new(ctx)) == NULL) { diff --git a/psk/client-psk-resume.c b/psk/client-psk-resume.c index 71e03502..8fb94d11 100644 --- a/psk/client-psk-resume.c +++ b/psk/client-psk-resume.c @@ -37,6 +37,7 @@ #define SERV_PORT 11111 /* default port*/ #define PSK_KEY_LEN 4 +#ifndef NO_PSK /* *psk client set up. */ @@ -60,6 +61,7 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint, return PSK_KEY_LEN; } +#endif int main(int argc, char **argv){ @@ -110,8 +112,12 @@ int main(int argc, char **argv){ ret = -1; goto exit; } +#ifndef NO_PSK /* set up pre shared keys */ wolfSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb); +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif /* create wolfSSL object after each tcp connect */ if ( (ssl = wolfSSL_new(ctx)) == NULL) { diff --git a/psk/client-psk-tls13-multi-id.c b/psk/client-psk-tls13-multi-id.c index 9221271c..970f4067 100644 --- a/psk/client-psk-tls13-multi-id.c +++ b/psk/client-psk-tls13-multi-id.c @@ -1,7 +1,7 @@ -/* client-psk.c +/* client-psk-tls13-multi-id.c * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2022 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -18,7 +18,11 @@ * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - **/ + */ + +/* A client example using a TCP connection with PSK security showing + * PSK with identity. + */ #include /* included for options sync */ #include /* must include this to use wolfSSL security */ @@ -35,8 +39,9 @@ #define SERV_PORT 11111 /* default port*/ #define PSK_KEY_LEN 4 +#ifndef NO_PSK /* - *psk client set up. + * psk client set up. */ static inline unsigned int My_Tls13_Psk_Client_Cs_Cb(WOLFSSL* ssl, const char* hint, char* identity, unsigned int id_max_len, @@ -76,6 +81,7 @@ static inline unsigned int My_Tls13_Psk_Client_Cs_Cb(WOLFSSL* ssl, return PSK_KEY_LEN; } +#endif int main(int argc, char **argv) { @@ -91,7 +97,7 @@ int main(int argc, char **argv) /* must include an ip address of this will flag */ if (argc != 2) { printf("Usage: tcpClient \n"); - return -1; + return -1; } /* create a stream socket using tcp,internet protocal IPv4, @@ -108,7 +114,7 @@ int main(int argc, char **argv) ret = inet_pton(AF_INET, argv[1], &servaddr.sin_addr); if (ret != 1) { printf("inet_pton error\n"); - ret = -1; + ret = -1; goto exit; } @@ -116,7 +122,7 @@ int main(int argc, char **argv) ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); if (ret != 0) { printf("Connection Error\n"); - ret = -1; + ret = -1; goto exit; } @@ -130,13 +136,17 @@ int main(int argc, char **argv) goto exit; } +#ifndef NO_PSK /* set up pre shared keys */ wolfSSL_CTX_set_psk_client_cs_callback(ctx, My_Tls13_Psk_Client_Cs_Cb); +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif /* creat wolfssl object after each tcp connect */ if ( (ssl = wolfSSL_new(ctx)) == NULL) { fprintf(stderr, "wolfSSL_new error.\n"); - ret = -1; + ret = -1; goto exit; } diff --git a/psk/client-psk.c b/psk/client-psk.c index a095cc19..bca6fa1a 100644 --- a/psk/client-psk.c +++ b/psk/client-psk.c @@ -35,6 +35,7 @@ #define SERV_PORT 11111 /* default port*/ #define PSK_KEY_LEN 4 +#ifndef NO_PSK /* *psk client set up. */ @@ -58,6 +59,7 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint, return PSK_KEY_LEN; } +#endif int main(int argc, char **argv) { @@ -73,7 +75,7 @@ int main(int argc, char **argv) /* must include an ip address of this will flag */ if (argc != 2) { printf("Usage: tcpClient \n"); - return -1; + return -1; } /* create a stream socket using tcp,internet protocal IPv4, @@ -90,7 +92,7 @@ int main(int argc, char **argv) ret = inet_pton(AF_INET, argv[1], &servaddr.sin_addr); if (ret != 1) { printf("inet_pton error\n"); - ret = -1; + ret = -1; goto exit; } @@ -98,7 +100,7 @@ int main(int argc, char **argv) ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); if (ret != 0) { printf("Connection Error\n"); - ret = -1; + ret = -1; goto exit; } @@ -112,13 +114,17 @@ int main(int argc, char **argv) goto exit; } +#ifndef NO_PSK /* set up pre shared keys */ wolfSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb); +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif /* creat wolfssl object after each tcp connect */ if ( (ssl = wolfSSL_new(ctx)) == NULL) { fprintf(stderr, "wolfSSL_new error.\n"); - ret = -1; + ret = -1; goto exit; } diff --git a/psk/client-tcp.c b/psk/client-tcp.c index 387c4408..481481b3 100644 --- a/psk/client-tcp.c +++ b/psk/client-tcp.c @@ -73,7 +73,7 @@ int main(int argc, char **argv) ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); if (ret != 0) { - ret = -1; + ret = -1; goto exit; } @@ -81,14 +81,14 @@ int main(int argc, char **argv) /* write string to the server */ if (write(sockfd, sendline, strlen(sendline)) != strlen(sendline)) { printf("Write Error to Server\n"); - ret = -1; + ret = -1; goto exit; } /* flags if the server stopped before the client could end */ if (read(sockfd, recvline, MAXLINE) == 0) { printf("Client: Server Terminated Prematurely!\n"); - ret = -1; + ret = -1; goto exit; } @@ -99,6 +99,6 @@ int main(int argc, char **argv) exit: /* close socket and connection */ close(sockfd); - + return ret; } diff --git a/psk/server-psk-nonblocking.c b/psk/server-psk-nonblocking.c index 9d35b022..d2a08337 100644 --- a/psk/server-psk-nonblocking.c +++ b/psk/server-psk-nonblocking.c @@ -1,5 +1,5 @@ /* server-psk-nonblocking.c - * A server ecample using a TCP connection with PSK security and non blocking. + * A server example using a TCP connection with PSK security and non blocking. * * Copyright (C) 2006-2020 wolfSSL Inc. * @@ -49,6 +49,7 @@ enum{ TEST_ERROR_READY }; +#ifndef NO_PSK /* * Used for finding psk value. */ @@ -69,7 +70,7 @@ static inline unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, return PSK_KEY_LEN; } - +#endif int main() { @@ -152,10 +153,14 @@ int main() return 1; } +#ifndef NO_PSK /* use psk suite for security */ wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); wolfSSL_CTX_use_psk_identity_hint(ctx, "wolfssl server"); +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif if (wolfSSL_CTX_set_cipher_list(ctx, suites) != WOLFSSL_SUCCESS) { printf("Fatal error : server can't set cipher list\n"); diff --git a/psk/server-psk-threaded.c b/psk/server-psk-threaded.c index 72156306..b477d960 100644 --- a/psk/server-psk-threaded.c +++ b/psk/server-psk-threaded.c @@ -1,5 +1,5 @@ /* server-psk-threaded.c - * A server ecample using a multi-threaded TCP connection with PSK security. + * A server example using a multi-threaded TCP connection with PSK security. * * Copyright (C) 2006-2020 wolfSSL Inc. * @@ -42,6 +42,7 @@ WOLFSSL_CTX* ctx; /* global so it's shared by threads */ +#ifndef NO_PSK /* * Identify which psk key to use. */ @@ -63,6 +64,7 @@ static inline unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, return PSK_KEY_LEN; } +#endif /* * Process handled by a thread. @@ -185,6 +187,7 @@ int main() printf("Fatal error : wolfSSL_CTX_new error\n"); } +#ifndef NO_PSK /* use psk suite for security */ wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); @@ -193,6 +196,9 @@ int main() printf("Fatal error : ctx use psk identity hint returned %d\n", ret); return ret; } +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif if ((ret = wolfSSL_CTX_set_cipher_list(ctx, suites)) != WOLFSSL_SUCCESS) { printf("Fatal error : server can't set cipher list"); @@ -225,7 +231,7 @@ int main() inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)), ntohs(cliAddr.sin_port)); - if (pthread_create(&thread, NULL, &wolfssl_thread, (void*) &connfd) + if (pthread_create(&thread, NULL, &wolfssl_thread, (void*) &connfd) != 0) { return 1; } diff --git a/psk/server-psk-tls13-multi-id.c b/psk/server-psk-tls13-multi-id.c index 4946b2e8..17553e79 100644 --- a/psk/server-psk-tls13-multi-id.c +++ b/psk/server-psk-tls13-multi-id.c @@ -1,7 +1,6 @@ -/* server-psk.c - * A server ecample using a TCP connection with PSK security. +/* server-psk-tls13-multi-id.c * - * Copyright (C) 2006-2020 wolfSSL Inc. + * Copyright (C) 2006-2022 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -20,6 +19,10 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ +/* A server example using a TCP connection with PSK security showing + * PSK with identity. + */ + #include /* included for options sync */ #include /* include wolfSSL security */ @@ -38,6 +41,7 @@ #define PSK_KEY_LEN 4 #define dhParamFile "../certs/dh2048.pem" +#ifndef NO_PSK /* * Identify which psk key to use. */ @@ -71,6 +75,7 @@ static unsigned int my_tls13_psk_server_cb(WOLFSSL* ssl, const char* identity, return PSK_KEY_LEN; } +#endif int main() { @@ -131,6 +136,7 @@ int main() return 1; } +#ifndef NO_PSK /* use psk suite for security */ wolfSSL_CTX_set_psk_server_tls13_callback(ctx, my_tls13_psk_server_cb); @@ -139,6 +145,9 @@ int main() printf("Fatal error : ctx use psk identity hint returned %d\n", ret); return ret; } +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif if ((ret = wolfSSL_CTX_set_cipher_list(ctx, suites)) != WOLFSSL_SUCCESS) { printf("Fatal error : server set cipher list returned %d\n", ret); @@ -212,4 +221,3 @@ int main() return 0; } - diff --git a/psk/server-psk.c b/psk/server-psk.c index 993b36c5..11bb696b 100644 --- a/psk/server-psk.c +++ b/psk/server-psk.c @@ -1,5 +1,5 @@ /* server-psk.c - * A server ecample using a TCP connection with PSK security. + * A server example using a TCP connection with PSK security. * * Copyright (C) 2006-2020 wolfSSL Inc. * @@ -38,6 +38,7 @@ #define PSK_KEY_LEN 4 #define dhParamFile "../certs/dh2048.pem" +#ifndef NO_PSK /* * Identify which psk key to use. */ @@ -58,6 +59,7 @@ static unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, return PSK_KEY_LEN; } +#endif int main() { @@ -138,6 +140,7 @@ int main() return 1; } +#ifndef NO_PSK /* use psk suite for security */ wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); @@ -146,6 +149,9 @@ int main() printf("Fatal error : ctx use psk identity hint returned %d\n", ret); return ret; } +#else + fprintf(stderr, "Warning: wolfSSL not built with PSK (--enable-psk)\n"); +#endif if ((ret = wolfSSL_CTX_set_cipher_list(ctx, suites)) != WOLFSSL_SUCCESS) { printf("Fatal error : server set cipher list returned %d\n", ret); diff --git a/psk/server-tcp.c b/psk/server-tcp.c index 3439bb19..48a93e19 100644 --- a/psk/server-tcp.c +++ b/psk/server-tcp.c @@ -1,5 +1,5 @@ /* server-tcp.c - * A server ecample using a TCP connection. + * A server example using a TCP connection. * * Copyright (C) 2006-2020 wolfSSL Inc. * @@ -92,7 +92,7 @@ int main() printf("Connection from %s, port %d\n", inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)), ntohs(cliAddr.sin_port)); - + /* empty response buffer to avoid unexpected output */ memset(buf, 0, MAXLINE); n = read(connfd, buf, MAXLINE);