WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Combined applicable functions into 'main' of each file

pull/56/head
Kincade 2017-06-01 13:31:11 -06:00
parent 200a9d461c
commit 1a46ec1d16
5 changed files with 424 additions and 497 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
dtls/client-dtls-shared.c
View File

@ -46,7 +46,6 @@
#define THREADS 3
#define SERV_PORT 11111
typedef struct SharedDtls {
wolfSSL_Mutex shared_mutex; /* mutex for using */
WOLFSSL* ssl; /* WOLFSSL object being shared */
@ -58,7 +57,6 @@ typedef struct SharedDtls {
int handShakeDone; /* is the handshake done? */
} SharedDtls;
int dtls_sendto_cb(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
SharedDtls* shared = (SharedDtls*)ctx;
@ -67,13 +65,6 @@ int dtls_sendto_cb(WOLFSSL* ssl, char* buf, int sz, void* ctx)
(const struct sockaddr*)&shared->servAddr, shared->servSz);
}
static int min(int a, int b)
{
return a > b ? b : a;
}
int dtls_recvfrom_cb(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
SharedDtls* shared = (SharedDtls*)ctx;
@ -84,8 +75,7 @@ int dtls_recvfrom_cb(WOLFSSL* ssl, char* buf, int sz, void* ctx)
}
else {
/* get the "pushed" datagram from our cb buffer instead */
int copied = min(sz, shared->recvSz);
int copied = sz > shared->recvSz ? shared->recvSz : sz;
memcpy(buf, shared->recvBuf, copied);
shared->recvSz -= copied;
@ -93,24 +83,6 @@ int dtls_recvfrom_cb(WOLFSSL* ssl, char* buf, int sz, void* ctx)
}
}
/* each thread should have a simple id at startup */
char get_id(SharedDtls* shared)
{
char ids[] = "abcdefgh";
char ret;
static int index = 0;
wc_LockMutex(&shared->shared_mutex);
ret = ids[index++];
wc_UnLockMutex(&shared->shared_mutex);
return ret;
}
/* DTLS Send function in its own thread */
void* DatagramSend(void* arg)
{
@ -118,9 +90,14 @@ void* DatagramSend(void* arg)
int sendSz;
char sendBuf[MAXBUF];
SharedDtls* shared = (SharedDtls*)arg;
char id = get_id(shared);
WOLFSSL* ssl = shared->ssl;
WOLFSSL* ssl = shared->ssl;
char id; /* each thread should have a simple ID at startup */
char ids[] = "abcdefgh";
static int index = 0;
wc_LockMutex(&shared->shared_mutex);
id = ids[index++];
wc_UnLockMutex(&shared->shared_mutex);
for (i= 0; i < MAXMSGS; i++) {
@ -140,46 +117,18 @@ void* DatagramSend(void* arg)
return NULL;
}
/* DTLS Recv function */
void DatagramRecv(WOLFSSL* ssl, SharedDtls* shared)
{
int i;
int sz = 0;
char recvBuf[MAXBUF];
char plainBuf[MAXBUF];
for (i = 0; i < THREADS*MAXMSGS; i++) {
/* first get datagram, works in blocking mode too */
sz = recvfrom(shared->sd, recvBuf, MAXBUF, 0, NULL, NULL);
wc_LockMutex(&shared->shared_mutex);
/* push datagram to our cb, no copy needed! */
shared->recvBuf = recvBuf;
shared->recvSz = sz;
/* get plaintext */
if ( (sz = (wolfSSL_read(ssl, plainBuf, MAXBUF-1))) < 0) {
printf("wolfSSL_write failed");
}
wc_UnLockMutex(&shared->shared_mutex);
plainBuf[MAXBUF-1] = '\0';
printf("got msg %s\n", plainBuf);
}
}
int main (int argc, char** argv)
{
int sockfd = 0, i;
WOLFSSL* ssl = 0;
int sockfd = 0, i;
WOLFSSL* ssl = 0;
WOLFSSL_CTX* ctx = 0;
char* ca = "../certs/ca-cert.pem";
char* ecc_ca = "../certs/server-ecc.pem";
SharedDtls shared;
char* ca = "../certs/ca-cert.pem";
char* ecc_ca = "../certs/server-ecc.pem";
SharedDtls shared;
SharedDtls* recvShared = &shared; /* DTLS Recv var */
int sz = 0; /* DTLS Recv var */
char recvBuf[MAXBUF]; /* DTLS Recv var */
char plainBuf[MAXBUF]; /* DTLS Recv var */
if (argc != 2) {
printf("usage: udpcli <IP address>\n");
@ -251,7 +200,27 @@ int main (int argc, char** argv)
pthread_create(&tid[i], NULL, DatagramSend, &shared);
}
DatagramRecv(ssl, &shared);
/* DTLS Recv */
for (i = 0; i < THREADS*MAXMSGS; i++) {
/* first get datagram, works in blocking mode too */
sz = recvfrom(recvShared->sd, recvBuf, MAXBUF, 0, NULL, NULL);
wc_LockMutex(&recvShared->shared_mutex);
/* push datagram to our cb, no copy needed! */
recvShared->recvBuf = recvBuf;
recvShared->recvSz = sz;
/* get plaintext */
if ( (sz = (wolfSSL_read(ssl, plainBuf, MAXBUF-1))) < 0) {
printf("wolfSSL_write failed");
}
wc_UnLockMutex(&recvShared->shared_mutex);
plainBuf[MAXBUF-1] = '\0';
printf("got msg %s\n", plainBuf);
}
for (i = 0; i < THREADS; i++) {
pthread_join(tid[i], NULL);

341
dtls/server-dtls-nonblocking.c
View File

@ -20,7 +20,7 @@
*
*=============================================================================
*
* Bare-bones example of a nonblocking DTLS erver for instructional/learning
* Bare-bones example of a nonblocking DTLS server for instructional/learning
* purposes. Utilizes DTLS 1.2.
*/
@ -43,12 +43,6 @@
static int cleanup; /* To handle shutdown */
void dtls_set_nonblocking(int*); /* set the socket non-blocking */
int NonBlockingSSL_Accept(WOLFSSL*); /* non-blocking accept */
int AwaitDGram(WOLFSSL_CTX* ctx); /* Separate out Handling Datagrams */
int udp_read_connect(int); /* broken out to improve readability */
int dtls_select();
/* costumes for select_ret to wear */
enum {
TEST_SELECT_FAIL,
@ -57,8 +51,15 @@ enum {
TEST_ERROR_READY
};
int AwaitDGram(WOLFSSL_CTX* ctx)
int main(int argc, char** argv)
{
/* cont short for "continue?", Loc short for "location" */
int cont = 0;
char caCertLoc[] = "../certs/ca-cert.pem";
char servCertLoc[] = "../certs/server-cert.pem";
char servKeyLoc[] = "../certs/server-key.pem";
WOLFSSL_CTX* ctx;
/* Await Datagram variables */
int on = 1;
int res = 1;
int recvLen; /* length of string read */
@ -66,23 +67,79 @@ int AwaitDGram(WOLFSSL_CTX* ctx)
int listenfd = 0; /* Initialize our socket */
int clientfd = 0; /* client connection */
int len = sizeof(on);
int cont;
char buff[MSGLEN]; /* string read from client */
WOLFSSL* ssl = NULL; /* Initialize ssl object */
struct sockaddr_in servAddr; /* our server's address */
char ack[] = "I hear you fashizzle\n";
/* DTLS set nonblocking flag */
int flags = fcntl(*(&listenfd), F_GETFL, 0);
/* "./config --enable-debug" and uncomment next line for debugging */
/* wolfSSL_Debugging_ON(); */
/* Initialize wolfSSL */
wolfSSL_Init();
/* Set ctx to DTLS 1.2 */
if ((ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method())) == NULL) {
printf("wolfSSL_CTX_new error.\n");
return 1;
}
/* Load CA certificates */
if (wolfSSL_CTX_load_verify_locations(ctx,caCertLoc,0) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", caCertLoc);
return 1;
}
/* Load server certificates */
if (wolfSSL_CTX_use_certificate_file(ctx, servCertLoc, SSL_FILETYPE_PEM) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servCertLoc);
return 1;
}
/* Load server Keys */
if (wolfSSL_CTX_use_PrivateKey_file(ctx, servKeyLoc,
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servKeyLoc);
return 1;
}
/* Await Datagram */
cont = 0;
while (cleanup != 1) {
/* NonBlockingSSL_Accept variables */
int ret;
int select_ret;
int currTimeout;
int error;
int result;
int nfds;
fd_set recvfds, errfds;
struct timeval timeout = { (currTimeout > 0) ? currTimeout : 0, 0};
/* udp-read-connect variables */
int bytesRecvd;
unsigned char b[MSGLEN];
struct sockaddr_in cliAddr;
socklen_t clilen = sizeof(cliAddr);
/* Create a UDP/IP socket */
if ((listenfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0 ) {
printf("Cannot create socket.\n");
return 1;
cont = 1;
}
printf("Socket allocated\n");
dtls_set_nonblocking(&listenfd);
/* DTLS set nonblocking */
if (flags < 0) {
printf("fcntl get failed");
cleanup = 1;
}
flags = fcntl(*(&listenfd), F_SETFL, flags | O_NONBLOCK);
if (flags < 0) {
printf("fcntl set failed.\n");
cleanup = 1;
}
memset((char *)&servAddr, 0, sizeof(servAddr));
@ -96,28 +153,43 @@ int AwaitDGram(WOLFSSL_CTX* ctx)
res = setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
if (res < 0) {
printf("Setsockopt SO_REUSEADDR failed.\n");
return 1;
cont = 1;
}
/*Bind Socket*/
if (bind(listenfd,
(struct sockaddr *)&servAddr, sizeof(servAddr)) < 0) {
printf("Bind failed.\n");
return 1;
cont = 1;
}
printf("Awaiting client connection on port %d\n", SERV_PORT);
/* UDP-read-connect */
do {
bytesRecvd = (int)recvfrom(listenfd, (char*)b, sizeof(b), MSG_PEEK,
(struct sockaddr*)&cliAddr, &clilen);
} while (bytesRecvd <= 0);
clientfd = udp_read_connect(listenfd);
if (bytesRecvd > 0) {
if (connect(listenfd, (const struct sockaddr*)&cliAddr,
sizeof(cliAddr)) != 0) {
printf("udp connect failed.\n");
}
}
else {
printf("recvfrom failed.\n");
}
/* dtls_set_nonblocking(&clientfd); */
printf("Connected!\n");
/* ensure b is empty upon each call */
memset(&b, 0, sizeof(b));
clientfd = listenfd;
/* Create the WOLFSSL Object */
if (( ssl = wolfSSL_new(ctx)) == NULL) {
printf("wolfSSL_new error.\n");
return 1;
cont = 1;
}
/* set clilen to |cliAddr| */
@ -127,11 +199,78 @@ int AwaitDGram(WOLFSSL_CTX* ctx)
wolfSSL_set_fd(ssl, clientfd);
wolfSSL_set_using_nonblock(ssl, 1);
cont = NonBlockingSSL_Accept(ssl);
/* NonBlockingSSL_Accept */
ret = wolfSSL_accept(ssl);
currTimeout = 1;
error = wolfSSL_get_error(ssl, 0);
listenfd = (int)wolfSSL_get_fd(ssl);
nfds = listenfd + 1;
while (cleanup != 1 && (ret != SSL_SUCCESS &&
(error == SSL_ERROR_WANT_READ ||
error == SSL_ERROR_WANT_WRITE))) {
if (cleanup == 1) {
wolfSSL_free(ssl);
wolfSSL_shutdown(ssl);
break;
}
if (error == SSL_ERROR_WANT_READ)
printf("... server would read block\n");
else
printf("... server would write block\n");
currTimeout = wolfSSL_dtls_get_current_timeout(ssl);
FD_ZERO(&recvfds);
FD_SET(listenfd, &recvfds);
FD_ZERO(&errfds);
FD_SET(listenfd, &errfds);
result = select(nfds, &recvfds, NULL, &errfds, &timeout);
if (result == 0) {
select_ret = TEST_TIMEOUT;
}
else if (result > 0) {
if (FD_ISSET(listenfd, &recvfds)) {
select_ret = TEST_RECV_READY;
}
else if(FD_ISSET(listenfd, &errfds)) {
select_ret = TEST_ERROR_READY;
}
}
else {
select_ret = TEST_SELECT_FAIL;
}
if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) {
ret = wolfSSL_accept(ssl);
error = wolfSSL_get_error(ssl, 0);
}
else if (select_ret == TEST_TIMEOUT && !wolfSSL_dtls(ssl)) {
error = SSL_ERROR_WANT_READ;
}
else if (select_ret == TEST_TIMEOUT && wolfSSL_dtls(ssl) &&
wolfSSL_dtls_got_timeout(ssl) >= 0) {
error = SSL_ERROR_WANT_READ;
}
else {
error = SSL_FATAL_ERROR;
}
}
if (ret != SSL_SUCCESS) {
printf("SSL_accept failed.\n");
cont = 1;
}
else {
cont = 0;
}
if (cont != 0) {
printf("NonBlockingSSL_Accept failed.\n");
return 1;
cont = 1;
}
/* Begin: Reply to the client */
@ -187,169 +326,6 @@ int AwaitDGram(WOLFSSL_CTX* ctx)
/* End: Reply to the Client */
}
return 0;
}
int udp_read_connect(int listenfd)
{
int bytesRecvd;
unsigned char b[MSGLEN];
struct sockaddr_in cliAddr;
socklen_t clilen = sizeof(cliAddr);
do {
bytesRecvd = (int)recvfrom(listenfd, (char*)b, sizeof(b), MSG_PEEK,
(struct sockaddr*)&cliAddr, &clilen);
} while (bytesRecvd <= 0);
if (bytesRecvd > 0) {
if (connect(listenfd, (const struct sockaddr*)&cliAddr,
sizeof(cliAddr)) != 0) {
printf("udp connect failed.\n");
}
}
else {
printf("recvfrom failed.\n");
}
printf("Connected!\n");
/* ensure b is empty upon each call */
memset(&b, 0, sizeof(b));
return listenfd;
}
int NonBlockingSSL_Accept(WOLFSSL* ssl)
{
int select_ret;
int currTimeout = 1;
int ret = wolfSSL_accept(ssl);
int error = wolfSSL_get_error(ssl, 0);
int listenfd = (int)wolfSSL_get_fd(ssl);
while (cleanup != 1 && (ret != SSL_SUCCESS &&
(error == SSL_ERROR_WANT_READ ||
error == SSL_ERROR_WANT_WRITE))) {
if (cleanup == 1) {
wolfSSL_free(ssl);
wolfSSL_shutdown(ssl);
break;
}
if (error == SSL_ERROR_WANT_READ)
printf("... server would read block\n");
else
printf("... server would write block\n");
currTimeout = wolfSSL_dtls_get_current_timeout(ssl);
select_ret = dtls_select(listenfd, currTimeout);
if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) {
ret = wolfSSL_accept(ssl);
error = wolfSSL_get_error(ssl, 0);
}
else if (select_ret == TEST_TIMEOUT && !wolfSSL_dtls(ssl)) {
error = SSL_ERROR_WANT_READ;
}
else if (select_ret == TEST_TIMEOUT && wolfSSL_dtls(ssl) &&
wolfSSL_dtls_got_timeout(ssl) >= 0) {
error = SSL_ERROR_WANT_READ;
}
else {
error = SSL_FATAL_ERROR;
}
}
if (ret != SSL_SUCCESS) {
printf("SSL_accept failed.\n");
return 1;
}
return 0;
}
void dtls_set_nonblocking(int* sockfd)
{
int flags = fcntl(*sockfd, F_GETFL, 0);
if (flags < 0) {
printf("fcntl get failed");
cleanup = 1;
}
flags = fcntl(*sockfd, F_SETFL, flags | O_NONBLOCK);
if (flags < 0) {
printf("fcntl set failed.\n");
cleanup = 1;
}
}
int dtls_select(int socketfd, int toSec)
{
int result;
int nfds = socketfd + 1;
fd_set recvfds, errfds;
struct timeval timeout = { (toSec > 0) ? toSec : 0, 0};
FD_ZERO(&recvfds);
FD_SET(socketfd, &recvfds);
FD_ZERO(&errfds);
FD_SET(socketfd, &errfds);
result = select(nfds, &recvfds, NULL, &errfds, &timeout);
if (result == 0) {
return TEST_TIMEOUT;
}
else if (result > 0) {
if (FD_ISSET(socketfd, &recvfds)) {
return TEST_RECV_READY;
}
else if(FD_ISSET(socketfd, &errfds)) {
return TEST_ERROR_READY;
}
}
return TEST_SELECT_FAIL;
}
int main(int argc, char** argv)
{
/* cont short for "continue?", Loc short for "location" */
int cont = 0;
char caCertLoc[] = "../certs/ca-cert.pem";
char servCertLoc[] = "../certs/server-cert.pem";
char servKeyLoc[] = "../certs/server-key.pem";
WOLFSSL_CTX* ctx;
/* "./config --enable-debug" and uncomment next line for debugging */
/* wolfSSL_Debugging_ON(); */
/* Initialize wolfSSL */
wolfSSL_Init();
/* Set ctx to DTLS 1.2 */
if ((ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method())) == NULL) {
printf("wolfSSL_CTX_new error.\n");
return 1;
}
/* Load CA certificates */
if (wolfSSL_CTX_load_verify_locations(ctx,caCertLoc,0) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", caCertLoc);
return 1;
}
/* Load server certificates */
if (wolfSSL_CTX_use_certificate_file(ctx, servCertLoc, SSL_FILETYPE_PEM) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servCertLoc);
return 1;
}
/* Load server Keys */
if (wolfSSL_CTX_use_PrivateKey_file(ctx, servKeyLoc,
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servKeyLoc);
return 1;
}
cont = AwaitDGram(ctx);
if (cont == 1) {
wolfSSL_CTX_free(ctx);
@ -358,4 +334,3 @@ int main(int argc, char** argv)
return 0;
}

222
dtls/server-dtls-threaded.c
View File

@ -21,10 +21,11 @@
*=============================================================================
*
* Bare-bones example of a threaded DTLS server for instructional/learning
* purposes. Utilizes DTLS 1.2. and multi-threading
* purposes. Utilizes DTLS 1.2 and multi-threading
*/
#include <wolfssl/options.h>
#include <wolfssl/ssl.h>
#include <stdio.h> /* standard in/out procedures */
#include <stdlib.h> /* defines system calls */
#include <string.h> /* necessary for memset */
@ -32,7 +33,6 @@
#include <sys/socket.h> /* used for all socket calls */
#include <netinet/in.h> /* used for sockaddr_in */
#include <arpa/inet.h>
#include <wolfssl/ssl.h>
#include <errno.h>
#include <signal.h>
#include <unistd.h>
@ -46,17 +46,87 @@ static int cleanup; /* To handle shutdown */
struct sockaddr_in cliAddr; /* the client's address */
struct sockaddr_in servAddr; /* our server's address */
int AwaitDGram(WOLFSSL_CTX* ctx);
void* ThreadControl(void*);
typedef struct {
int activefd;
int size;
unsigned char b[MSGLEN];
} threadArgs;
int AwaitDGram(WOLFSSL_CTX* ctx)
void* ThreadControl(void* openSock)
{
pthread_detach(pthread_self());
threadArgs* args = (threadArgs*)openSock;
int recvLen = 0; /* length of message */
int activefd = args->activefd; /* the active descriptor */
int msgLen = args->size; /* the size of message */
unsigned char buff[msgLen]; /* the incoming message */
char ack[] = "I hear you fashizzle!\n";
WOLFSSL* ssl;
memcpy(buff, args->b, msgLen);
/* Create the WOLFSSL Object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("wolfSSL_new error.\n");
cleanup = 1;
return NULL;
}
/* set the session ssl to client connection port */
wolfSSL_set_fd(ssl, activefd);
if (wolfSSL_accept(ssl) != SSL_SUCCESS) {
int e = wolfSSL_get_error(ssl, 0);
printf("error = %d, %s\n", e, wolfSSL_ERR_reason_error_string(e));
printf("SSL_accept failed.\n");
return NULL;
}
if ((recvLen = wolfSSL_read(ssl, buff, msgLen-1)) > 0) {
printf("heard %d bytes\n", recvLen);
buff[recvLen] = 0;
printf("I heard this: \"%s\"\n", buff);
}
else if (recvLen < 0) {
int readErr = wolfSSL_get_error(ssl, 0);
if(readErr != SSL_ERROR_WANT_READ) {
printf("SSL_read failed.\n");
cleanup = 1;
return NULL;
}
}
if (wolfSSL_write(ssl, ack, sizeof(ack)) < 0) {
printf("wolfSSL_write fail.\n");
cleanup = 1;
return NULL;
}
else {
printf("Sending reply.\n");
}
printf("reply sent \"%s\"\n", ack);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
close(activefd);
free(openSock); /* valgrind friendly free */
printf("Client left return to idle state\n");
printf("Exiting thread.\n\n");
pthread_exit(openSock);
}
int main(int argc, char** argv)
{
/* cont short for "continue?", Loc short for "location" */
int cont = 0;
char caCertLoc[] = "../certs/ca-cert.pem";
char servCertLoc[] = "../certs/server-cert.pem";
char servKeyLoc[] = "../certs/server-key.pem";
int on = 1;
int res = 1;
int bytesRcvd = 0;
@ -65,6 +135,36 @@ int AwaitDGram(WOLFSSL_CTX* ctx)
socklen_t len = sizeof(on);
unsigned char buf[MSGLEN]; /* watch for incoming messages */
/* "./config --enable-debug" and uncomment next line for debugging */
/* wolfSSL_Debugging_ON(); */
/* Initialize wolfSSL */
wolfSSL_Init();
/* Set ctx to DTLS 1.2 */
if ((ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method())) == NULL) {
printf("wolfSSL_CTX_new error.\n");
return 1;
}
/* Load CA certificates */
if (wolfSSL_CTX_load_verify_locations(ctx,caCertLoc,0) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", caCertLoc);
return 1;
}
/* Load server certificates */
if (wolfSSL_CTX_use_certificate_file(ctx, servCertLoc, SSL_FILETYPE_PEM) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servCertLoc);
return 1;
}
/* Load server Keys */
if (wolfSSL_CTX_use_PrivateKey_file(ctx, servKeyLoc,
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servKeyLoc);
return 1;
}
/* Create a UDP/IP socket */
if ((listenfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0 ) {
printf("Cannot create socket.\n");
@ -166,116 +266,6 @@ int AwaitDGram(WOLFSSL_CTX* ctx)
printf("control passed to thread control.\n");
}
return 0;
}
void* ThreadControl(void* openSock)
{
pthread_detach(pthread_self());
threadArgs* args = (threadArgs*)openSock;
int recvLen = 0; /* length of message */
int activefd = args->activefd; /* the active descriptor */
int msgLen = args->size; /* the size of message */
unsigned char buff[msgLen]; /* the incoming message */
char ack[] = "I hear you fashizzle!\n";
WOLFSSL* ssl;
memcpy(buff, args->b, msgLen);
/* Create the WOLFSSL Object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("wolfSSL_new error.\n");
cleanup = 1;
return NULL;
}
/* set the session ssl to client connection port */
wolfSSL_set_fd(ssl, activefd);
if (wolfSSL_accept(ssl) != SSL_SUCCESS) {
int e = wolfSSL_get_error(ssl, 0);
printf("error = %d, %s\n", e, wolfSSL_ERR_reason_error_string(e));
printf("SSL_accept failed.\n");
return NULL;
}
if ((recvLen = wolfSSL_read(ssl, buff, msgLen-1)) > 0) {
printf("heard %d bytes\n", recvLen);
buff[recvLen] = 0;
printf("I heard this: \"%s\"\n", buff);
}
else if (recvLen < 0) {
int readErr = wolfSSL_get_error(ssl, 0);
if(readErr != SSL_ERROR_WANT_READ) {
printf("SSL_read failed.\n");
cleanup = 1;
return NULL;
}
}
if (wolfSSL_write(ssl, ack, sizeof(ack)) < 0) {
printf("wolfSSL_write fail.\n");
cleanup = 1;
return NULL;
}
else {
printf("Sending reply.\n");
}
printf("reply sent \"%s\"\n", ack);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
close(activefd);
free(openSock); /* valgrind friendly free */
printf("Client left return to idle state\n");
printf("Exiting thread.\n\n");
pthread_exit(openSock);
}
int main(int argc, char** argv)
{
/* cont short for "continue?", Loc short for "location" */
int cont = 0;
char caCertLoc[] = "../certs/ca-cert.pem";
char servCertLoc[] = "../certs/server-cert.pem";
char servKeyLoc[] = "../certs/server-key.pem";
/* "./config --enable-debug" and uncomment next line for debugging */
/* wolfSSL_Debugging_ON(); */
/* Initialize wolfSSL */
wolfSSL_Init();
/* Set ctx to DTLS 1.2 */
if ((ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method())) == NULL) {
printf("wolfSSL_CTX_new error.\n");
return 1;
}
/* Load CA certificates */
if (wolfSSL_CTX_load_verify_locations(ctx,caCertLoc,0) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", caCertLoc);
return 1;
}
/* Load server certificates */
if (wolfSSL_CTX_use_certificate_file(ctx, servCertLoc, SSL_FILETYPE_PEM) !=
SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servCertLoc);
return 1;
}
/* Load server Keys */
if (wolfSSL_CTX_use_PrivateKey_file(ctx, servKeyLoc,
SSL_FILETYPE_PEM) != SSL_SUCCESS) {
printf("Error loading %s, please check the file.\n", servKeyLoc);
return 1;
}
cont = AwaitDGram(ctx);
if (cont == 1) {
wolfSSL_CTX_free(ctx);

249
dtls/server-dtls.c
View File

@ -44,133 +44,6 @@ static int cleanup; /* To handle shutdown */
struct sockaddr_in servAddr; /* our server's address */
struct sockaddr_in cliaddr; /* the client's address */
int AwaitDGram(WOLFSSL_CTX* ctx); /* Separate out Handling Datagrams */
void CleanUp();
int AwaitDGram(WOLFSSL_CTX* ctx)
{
int on = 1;
int res = 1;
int connfd = 0;
int recvLen = 0; /* length of message */
int listenfd = 0; /* Initialize our socket */
WOLFSSL* ssl = NULL;
socklen_t cliLen;
socklen_t len = sizeof(on);
unsigned char b[MSGLEN]; /* watch for incoming messages */
char buff[MSGLEN]; /* the incoming message */
char ack[] = "I hear you fashizzle!\n";
while (cleanup != 1) {
/* Create a UDP/IP socket */
if ((listenfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0 ) {
printf("Cannot create socket.\n");
cleanup = 1;
}
printf("Socket all/ocated\n");
/* clear servAddr each loop */
memset((char *)&servAddr, 0, sizeof(servAddr));
/* host-to-network-long conversion (htonl) */
/* host-to-network-short conversion (htons) */
servAddr.sin_family = AF_INET;
servAddr.sin_addr.s_addr = htonl(INADDR_ANY);
servAddr.sin_port = htons(SERV_PORT);
/* Eliminate socket already in use error */
res = setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
if (res < 0) {
printf("Setsockopt SO_REUSEADDR failed.\n");
cleanup = 1;
return 1;
}
/*Bind Socket*/
if (bind(listenfd,
(struct sockaddr *)&servAddr, sizeof(servAddr)) < 0) {
printf("Bind failed.\n");
cleanup = 1;
return 1;
}
printf("Awaiting client connection on port %d\n", SERV_PORT);
cliLen = sizeof(cliaddr);
connfd = (int)recvfrom(listenfd, (char *)&b, sizeof(b), MSG_PEEK,
(struct sockaddr*)&cliaddr, &cliLen);
if (connfd < 0) {
printf("No clients in que, enter idle state\n");
continue;
}
else if (connfd > 0) {
if (connect(listenfd, (const struct sockaddr *)&cliaddr,
sizeof(cliaddr)) != 0) {
printf("Udp connect failed.\n");
cleanup = 1;
return 1;
}
}
else {
printf("Recvfrom failed.\n");
cleanup = 1;
return 1;
}
printf("Connected!\n");
/* Create the WOLFSSL Object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("wolfSSL_new error.\n");
cleanup = 1;
return 1;
}
/* set the session ssl to client connection port */
wolfSSL_set_fd(ssl, listenfd);
if (wolfSSL_accept(ssl) != SSL_SUCCESS) {
int e = wolfSSL_get_error(ssl, 0);
printf("error = %d, %s\n", e, wolfSSL_ERR_reason_error_string(e));
printf("SSL_accept failed.\n");
continue;
}
if ((recvLen = wolfSSL_read(ssl, buff, sizeof(buff)-1)) > 0) {
printf("heard %d bytes\n", recvLen);
buff[recvLen] = 0;
printf("I heard this: \"%s\"\n", buff);
}
else if (recvLen < 0) {
int readErr = wolfSSL_get_error(ssl, 0);
if(readErr != SSL_ERROR_WANT_READ) {
printf("SSL_read failed.\n");
cleanup = 1;
return 1;
}
}
if (wolfSSL_write(ssl, ack, sizeof(ack)) < 0) {
printf("wolfSSL_write fail.\n");
cleanup = 1;
return 1;
}
else {
printf("Sending reply.\n");
}
printf("reply sent \"%s\"\n", ack);
wolfSSL_set_fd(ssl, 0);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
printf("Client left return to idle state\n");
}
return 0;
}
int main(int argc, char** argv)
{
/* cont short for "continue?", Loc short for "location" */
@ -179,6 +52,18 @@ int main(int argc, char** argv)
char servCertLoc[] = "../certs/server-cert.pem";
char servKeyLoc[] = "../certs/server-key.pem";
WOLFSSL_CTX* ctx;
/* Variables for awaiting datagram */
int on = 1;
int res = 1;
int connfd = 0;
int recvLen = 0; /* length of message */
int listenfd = 0; /* Initialize our socket */
WOLFSSL* ssl = NULL;
socklen_t cliLen;
socklen_t len = sizeof(on);
unsigned char b[MSGLEN]; /* watch for incoming messages */
char buff[MSGLEN]; /* the incoming message */
char ack[] = "I hear you fashizzle!\n";
/* "./config --enable-debug" and uncomment next line for debugging */
/* wolfSSL_Debugging_ON(); */
@ -210,7 +95,115 @@ int main(int argc, char** argv)
return 1;
}
cont = AwaitDGram(ctx);
/* Await Datagram */
while (cleanup != 1) {
/* Create a UDP/IP socket */
if ((listenfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0 ) {
printf("Cannot create socket.\n");
cleanup = 1;
}
printf("Socket allocated\n");
/* clear servAddr each loop */
memset((char *)&servAddr, 0, sizeof(servAddr));
/* host-to-network-long conversion (htonl) */
/* host-to-network-short conversion (htons) */
servAddr.sin_family = AF_INET;
servAddr.sin_addr.s_addr = htonl(INADDR_ANY);
servAddr.sin_port = htons(SERV_PORT);
/* Eliminate socket already in use error */
res = setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
if (res < 0) {
printf("Setsockopt SO_REUSEADDR failed.\n");
cleanup = 1;
cont = 1;
}
/*Bind Socket*/
if (bind(listenfd,
(struct sockaddr *)&servAddr, sizeof(servAddr)) < 0) {
printf("Bind failed.\n");
cleanup = 1;
cont = 1;
}
printf("Awaiting client connection on port %d\n", SERV_PORT);
cliLen = sizeof(cliaddr);
connfd = (int)recvfrom(listenfd, (char *)&b, sizeof(b), MSG_PEEK,
(struct sockaddr*)&cliaddr, &cliLen);
if (connfd < 0) {
printf("No clients in que, enter idle state\n");
continue;
}
else if (connfd > 0) {
if (connect(listenfd, (const struct sockaddr *)&cliaddr,
sizeof(cliaddr)) != 0) {
printf("Udp connect failed.\n");
cleanup = 1;
cont = 1;
}
}
else {
printf("Recvfrom failed.\n");
cleanup = 1;
cont = 1;
}
printf("Connected!\n");
/* Create the WOLFSSL Object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("wolfSSL_new error.\n");
cleanup = 1;
cont = 1;
}
/* set the session ssl to client connection port */
wolfSSL_set_fd(ssl, listenfd);
if (wolfSSL_accept(ssl) != SSL_SUCCESS) {
int e = wolfSSL_get_error(ssl, 0);
printf("error = %d, %s\n", e, wolfSSL_ERR_reason_error_string(e));
printf("SSL_accept failed.\n");
continue;
}
if ((recvLen = wolfSSL_read(ssl, buff, sizeof(buff)-1)) > 0) {
printf("heard %d bytes\n", recvLen);
buff[recvLen] = 0;
printf("I heard this: \"%s\"\n", buff);
}
else if (recvLen < 0) {
int readErr = wolfSSL_get_error(ssl, 0);
if(readErr != SSL_ERROR_WANT_READ) {
printf("SSL_read failed.\n");
cleanup = 1;
cont = 1;
}
}
if (wolfSSL_write(ssl, ack, sizeof(ack)) < 0) {
printf("wolfSSL_write fail.\n");
cleanup = 1;
cont = 1;
}
else {
printf("Sending reply.\n");
}
printf("reply sent \"%s\"\n", ack);
wolfSSL_set_fd(ssl, 0);
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
printf("Client left cont to idle state\n");
cont = 0;
}
if (cont == 1) {
wolfSSL_CTX_free(ctx);

2
dtls/server-udp.c
View File

@ -1,7 +1,7 @@
/*
* server-udp.c
*
* Copyright (C) 2006-2015 wolfSSL Inc.
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*