From 6b3baa887bd21dcdfbd724d56f94ab61fb6f36b9 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Fri, 1 Jul 2022 17:53:19 +0200
Subject: [PATCH] Address code review

---
 dtls/dtls-common.h         |  6 +++-
 dtls/server-dtls13-event.c |  8 +++---
 dtls/server-dtls13.c       | 58 +++++++++++++++++++++++---------------
 3 files changed, 44 insertions(+), 28 deletions(-)

diff --git a/dtls/dtls-common.h b/dtls/dtls-common.h
index dcfa8898..8acdcc60 100644
--- a/dtls/dtls-common.h
+++ b/dtls/dtls-common.h
@@ -19,6 +19,10 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  *
+ * -----------------------------------------------------------------------------
+ *
+ * Define USE_DTLS12 to use DTLS 1.2 instead of DTLS 1.3
+ *
  */
 
 #ifndef DTLS_COMMON_H_
@@ -35,7 +39,7 @@ const char caCertLoc[] = "../certs/ca-cert.pem";
 const char servCertLoc[] = "../certs/server-cert.pem";
 const char servKeyLoc[] = "../certs/server-key.pem";
 
-void showConnInfo(WOLFSSL* ssl) {
+static inline void showConnInfo(WOLFSSL* ssl) {
     printf("New connection established using %s %s\n",
             wolfSSL_get_version(ssl), wolfSSL_get_cipher(ssl));
 }
diff --git a/dtls/server-dtls13-event.c b/dtls/server-dtls13-event.c
index 78d77efc..81d197ff 100644
--- a/dtls/server-dtls13-event.c
+++ b/dtls/server-dtls13-event.c
@@ -391,9 +391,9 @@ static void dataReady(evutil_socket_t fd, short events, void* arg)
     int ret;
     int err;
     struct timeval tv;
-    char msg[100];
+    char msg[MAXLINE];
     int msgSz;
-    char* ack = "I hear you fashizzle!\n";
+    const char* ack = "I hear you fashizzle!\n";
 
     memset(&tv, 0, sizeof(tv));
     if (events & EV_TIMEOUT) {
@@ -513,7 +513,7 @@ static void conn_ctx_free(conn_ctx* connCtx)
     }
 }
 
-void sig_handler(const int sig)
+static void sig_handler(const int sig)
 {
     printf("Received signal %d. Cleaning up.\n", sig);
     free_resources();
@@ -521,7 +521,7 @@ void sig_handler(const int sig)
     exit(0);
 }
 
-void free_resources(void)
+static void free_resources(void)
 {
     conn_ctx* connCtx = active;
     while (connCtx != NULL) {
diff --git a/dtls/server-dtls13.c b/dtls/server-dtls13.c
index ef29ff46..c46466bd 100644
--- a/dtls/server-dtls13.c
+++ b/dtls/server-dtls13.c
@@ -22,6 +22,8 @@
  *
  * Bare-bones example of a DTLS 1.3 server for instructional/learning purposes.
  * This example can only accept one connection at a time.
+ *
+ * Define USE_DTLS12 to use DTLS 1.2 instead of DTLS 1.3
  */
 
 #include <wolfssl/options.h>
@@ -43,8 +45,8 @@ WOLFSSL_CTX*  ctx = NULL;
 WOLFSSL*      ssl = NULL;
 int           listenfd = INVALID_SOCKET;   /* Initialize our socket */
 
-void sig_handler(const int sig);
-void free_resources(void);
+static void sig_handler(const int sig);
+static void free_resources(void);
 
 int main(int argc, char** argv)
 {
@@ -69,7 +71,13 @@ int main(int argc, char** argv)
     wolfSSL_Debugging_ON();
 
     /* Set ctx to DTLS 1.3 */
-    if ((ctx = wolfSSL_CTX_new(wolfDTLSv1_3_server_method())) == NULL) {
+    if ((ctx = wolfSSL_CTX_new(
+#ifndef USE_DTLS12
+            wolfDTLSv1_3_server_method()
+#else
+            wolfDTLSv1_2_server_method()
+#endif
+            )) == NULL) {
         fprintf(stderr, "wolfSSL_CTX_new error.\n");
         goto cleanup;
     }
@@ -152,24 +160,28 @@ int main(int argc, char** argv)
             goto cleanup;
         }
         showConnInfo(ssl);
-        if ((recvLen = wolfSSL_read(ssl, buff, sizeof(buff)-1)) > 0) {
-            printf("heard %d bytes\n", recvLen);
+        while (1) {
+            if ((recvLen = wolfSSL_read(ssl, buff, sizeof(buff)-1)) > 0) {
+                printf("heard %d bytes\n", recvLen);
 
-            buff[recvLen] = '\0';
-            printf("I heard this: \"%s\"\n", buff);
-        }
-        else if (recvLen <= 0) {
-            err = wolfSSL_get_error(ssl, 0);
-            fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
-            fprintf(stderr, "SSL_read failed.\n");
-            goto cleanup;
-        }
-        printf("Sending reply.\n");
-        if (wolfSSL_write(ssl, ack, sizeof(ack)) < 0) {
-            err = wolfSSL_get_error(ssl, 0);
-            fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
-            fprintf(stderr, "wolfSSL_write failed.\n");
-            goto cleanup;
+                buff[recvLen] = '\0';
+                printf("I heard this: \"%s\"\n", buff);
+            }
+            else if (recvLen <= 0) {
+                err = wolfSSL_get_error(ssl, 0);
+                if (err == WOLFSSL_ERROR_ZERO_RETURN) /* Received shutdown */
+                    break;
+                fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
+                fprintf(stderr, "SSL_read failed.\n");
+                goto cleanup;
+            }
+            printf("Sending reply.\n");
+            if (wolfSSL_write(ssl, ack, sizeof(ack)) < 0) {
+                err = wolfSSL_get_error(ssl, 0);
+                fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_reason_error_string(err));
+                fprintf(stderr, "wolfSSL_write failed.\n");
+                goto cleanup;
+            }
         }
 
         printf("reply sent \"%s\"\n", ack);
@@ -186,7 +198,7 @@ int main(int argc, char** argv)
         wolfSSL_free(ssl);
         ssl = NULL;
 
-        printf("Client left cont to idle state\n");
+        printf("Awaiting new connection\n");
     }
     
     exitVal = 0;
@@ -198,14 +210,14 @@ cleanup:
 }
 
 
-void sig_handler(const int sig)
+static void sig_handler(const int sig)
 {
     (void)sig;
     free_resources();
     wolfSSL_Cleanup();
 }
 
-void free_resources(void)
+static void free_resources(void)
 {
     if (ssl != NULL) {
         wolfSSL_shutdown(ssl);