WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Updated PSK from cyassl to wolfssl, updating headers

pull/5/head
Nickolas Lapp 2015-05-26 10:51:49 -06:00
parent de2b31f1cd
commit 727db58ddf
9 changed files with 308 additions and 300 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
psk/client-psk-nonblocking.c
View File

@ -1,23 +1,23 @@
/* client-psk-nonblocking.c /* client-psk-nonblocking.c
* *
* Copyright (C) 2006-2014 wolfSSL Inc. * Copyright (C) 2006-2015 wolfSSL Inc.
* *
* This file is part of CyaSSL. * This file is part of wolfSSL. (formerly known as CyaSSL)
* *
* CyaSSL is free software; you can redistribute it and/or modify * wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* CyaSSL is distributed in the hope that it will be useful, * wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
* USA */ **/
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
@ -28,7 +28,7 @@
#include <unistd.h> #include <unistd.h>
#include <fcntl.h> #include <fcntl.h>
#include <sys/ioctl.h> #include <sys/ioctl.h>
#include <cyassl/ssl.h> /* must include this to use CyaSSL security */ #include <wolfssl/ssl.h> /* must include this to use wolfSSL security */
#define MAXLINE 256 /* max text line length */ #define MAXLINE 256 /* max text line length */
#define SERV_PORT 11111 /* default port*/ #define SERV_PORT 11111 /* default port*/
@ -71,15 +71,15 @@ static inline int tcp_select(int socketfd, int to_sec)
} }
/* /*
* sets up and uses nonblocking protocols using cyassl * sets up and uses nonblocking protocols using wolfssl
*/ */
static int NonBlockingSSL_Connect(CYASSL* ssl) static int NonBlockingSSL_Connect(WOLFSSL* ssl)
{ {
int ret, error, sockfd, select_ret, currTimeout; int ret, error, sockfd, select_ret, currTimeout;
ret = CyaSSL_connect(ssl); ret = wolfSSL_connect(ssl);
error = CyaSSL_get_error(ssl, 0); error = wolfSSL_get_error(ssl, 0);
sockfd = (int)CyaSSL_get_fd(ssl); sockfd = (int)wolfSSL_get_fd(ssl);
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
error == SSL_ERROR_WANT_WRITE)) { error == SSL_ERROR_WANT_WRITE)) {
@ -94,8 +94,8 @@ static int NonBlockingSSL_Connect(CYASSL* ssl)
if ((select_ret == TEST_RECV_READY) || if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) { (select_ret == TEST_ERROR_READY)) {
ret = CyaSSL_connect(ssl); ret = wolfSSL_connect(ssl);
error = CyaSSL_get_error(ssl, 0); error = wolfSSL_get_error(ssl, 0);
} }
else if (select_ret == TEST_TIMEOUT) { else if (select_ret == TEST_TIMEOUT) {
error = SSL_ERROR_WANT_READ; error = SSL_ERROR_WANT_READ;
@ -115,7 +115,7 @@ static int NonBlockingSSL_Connect(CYASSL* ssl)
/* /*
*psk client set up. *psk client set up.
*/ */
static inline unsigned int My_Psk_Client_Cb(CYASSL* ssl, const char* hint, static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key, char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len) unsigned int key_max_len)
{ {
@ -140,19 +140,19 @@ static inline unsigned int My_Psk_Client_Cb(CYASSL* ssl, const char* hint,
* this function will send the inputted string to the server and then * this function will send the inputted string to the server and then
* recieve the string from the server outputing it to the termial * recieve the string from the server outputing it to the termial
*/ */
int SendReceive(CYASSL* ssl) int SendReceive(WOLFSSL* ssl)
{ {
char sendline[MAXLINE]="Hello Server"; /* string to send to the server */ char sendline[MAXLINE]="Hello Server"; /* string to send to the server */
char recvline[MAXLINE]; /* string received from the server */ char recvline[MAXLINE]; /* string received from the server */
/* write string to the server */ /* write string to the server */
if (CyaSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) { if (wolfSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) {
printf("Write Error to Server\n"); printf("Write Error to Server\n");
return 1; return 1;
} }
/* flags if the Server stopped before the client could end */ /* flags if the Server stopped before the client could end */
if (CyaSSL_read(ssl, recvline, MAXLINE) < 0 ) { if (wolfSSL_read(ssl, recvline, MAXLINE) < 0 ) {
printf("Client: Server Terminated Prematurely!\n"); printf("Client: Server Terminated Prematurely!\n");
return 1; return 1;
} }
@ -166,8 +166,8 @@ int SendReceive(CYASSL* ssl)
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
int sockfd, ret; int sockfd, ret;
CYASSL_CTX* ctx; WOLFSSL_CTX* ctx;
CYASSL* ssl; WOLFSSL* ssl;
struct sockaddr_in servaddr;; struct sockaddr_in servaddr;;
/* must include an ip address of this will flag */ /* must include an ip address of this will flag */
@ -176,11 +176,11 @@ int main(int argc, char **argv)
return 1; return 1;
} }
CyaSSL_Init(); /* initialize cyaSSL */ wolfSSL_Init(); /* initialize wolfSSL */
/* create and initialize CYASSL_CTX structure */ /* create and initialize WOLFSSL_CTX structure */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method())) == NULL) { if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "SSL_CTX_new error.\n"); fprintf(stderr, "SSL_CTX_new error.\n");
return 1; return 1;
} }
@ -204,7 +204,7 @@ int main(int argc, char **argv)
} }
/* set up pre shared keys */ /* set up pre shared keys */
CyaSSL_CTX_set_psk_client_callback(ctx,My_Psk_Client_Cb); wolfSSL_CTX_set_psk_client_callback(ctx,My_Psk_Client_Cb);
/* attempts to make a connection on a socket */ /* attempts to make a connection on a socket */
ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr));
@ -214,17 +214,17 @@ int main(int argc, char **argv)
return 1; return 1;
} }
/* create CyaSSL object after each tcp connect */ /* create wolfSSL object after each tcp connect */
if ((ssl = CyaSSL_new(ctx)) == NULL) { if ((ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "CyaSSL_new error.\n"); fprintf(stderr, "wolfSSL_new error.\n");
return 1; return 1;
} }
/* associate the file descriptor with the session */ /* associate the file descriptor with the session */
CyaSSL_set_fd(ssl, sockfd); wolfSSL_set_fd(ssl, sockfd);
/* tell CyaSSL that nonblocking is going to be used */ /* tell wolfSSL that nonblocking is going to be used */
CyaSSL_set_using_nonblock(ssl, 1); wolfSSL_set_using_nonblock(ssl, 1);
/* invokes the fcntl callable service to get the file status /* invokes the fcntl callable service to get the file status
* flags for a file. checks if it returns an error, if it does * flags for a file. checks if it returns an error, if it does
@ -258,12 +258,12 @@ int main(int argc, char **argv)
} }
/* cleanup */ /* cleanup */
CyaSSL_free(ssl); wolfSSL_free(ssl);
/* when completely done using SSL/TLS, free the /* when completely done using SSL/TLS, free the
* cyassl_ctx object */ * wolfssl_ctx object */
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
return ret; return ret;

78
psk/client-psk-resume.c
View File

@ -1,24 +1,24 @@
/* client-psk-resume.c /* client-psk-resume.c
* *
* Copyright (C) 2006-2014 wolfSSL Inc. * Copyright (C) 2006-2015 wolfSSL Inc.
* *
* This file is part of CyaSSL. * This file is part of wolfSSL. (formerly known as CyaSSL)
* *
* CyaSSL is free software; you can redistribute it and/or modify * wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* CyaSSL is distributed in the hope that it will be useful, * wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
* USA */ **/
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
@ -27,7 +27,7 @@
#include <arpa/inet.h> #include <arpa/inet.h>
#include <signal.h> #include <signal.h>
#include <unistd.h> #include <unistd.h>
#include <cyassl/ssl.h> /* must include this to use CyaSSL security */ #include <wolfssl/ssl.h> /* must include this to use wolfSSL security */
#define MAXLINE 256 /* max text line length */ #define MAXLINE 256 /* max text line length */
#define SERV_PORT 11111 /* default port*/ #define SERV_PORT 11111 /* default port*/
@ -35,7 +35,7 @@
/* /*
*psk client set up. *psk client set up.
*/ */
static inline unsigned int My_Psk_Client_Cb(CYASSL* ssl, const char* hint, static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key, char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len) unsigned int key_max_len)
{ {
@ -60,19 +60,19 @@ static inline unsigned int My_Psk_Client_Cb(CYASSL* ssl, const char* hint,
* this function will send the inputted string to the server and then * this function will send the inputted string to the server and then
* recieve the string from the server outputing it to the termial * recieve the string from the server outputing it to the termial
*/ */
int SendReceive(CYASSL* ssl) int SendReceive(WOLFSSL* ssl)
{ {
char sendline[MAXLINE]="Hello Server"; /* string to send to the server */ char sendline[MAXLINE]="Hello Server"; /* string to send to the server */
char recvline[MAXLINE]; /* string received from the server */ char recvline[MAXLINE]; /* string received from the server */
/* write string to the server */ /* write string to the server */
if (CyaSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) { if (wolfSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) {
printf("Write Error to Server\n"); printf("Write Error to Server\n");
return 1; return 1;
} }
/* flags if the Server stopped before the client could end */ /* flags if the Server stopped before the client could end */
if (CyaSSL_read(ssl, recvline, MAXLINE) < 0 ) { if (wolfSSL_read(ssl, recvline, MAXLINE) < 0 ) {
printf("Client: Server Terminated Prematurely!\n"); printf("Client: Server Terminated Prematurely!\n");
return 1; return 1;
} }
@ -86,10 +86,10 @@ int SendReceive(CYASSL* ssl)
int main(int argc, char **argv){ int main(int argc, char **argv){
int sockfd, sock, ret; int sockfd, sock, ret;
CYASSL* ssl; WOLFSSL* ssl;
CYASSL* sslResume = 0; WOLFSSL* sslResume = 0;
CYASSL_SESSION* session = 0; WOLFSSL_SESSION* session = 0;
CYASSL_CTX* ctx; WOLFSSL_CTX* ctx;
struct sockaddr_in servaddr;; struct sockaddr_in servaddr;;
/* must include an ip address of this will flag */ /* must include an ip address of this will flag */
@ -98,10 +98,10 @@ int main(int argc, char **argv){
return 1; return 1;
} }
CyaSSL_Init(); /* initialize cyaSSL */ wolfSSL_Init(); /* initialize wolfSSL */
/* create and initialize CYASSL_CTX structure */ /* create and initialize WOLFSSL_CTX structure */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method())) == NULL) { if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "SSL_CTX_new error.\n"); fprintf(stderr, "SSL_CTX_new error.\n");
return 1; return 1;
} }
@ -124,7 +124,7 @@ int main(int argc, char **argv){
} }
/* set up pre shared keys */ /* set up pre shared keys */
CyaSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb); wolfSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb);
/* attempts to make a connection on a socket */ /* attempts to make a connection on a socket */
ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr));
@ -132,32 +132,32 @@ int main(int argc, char **argv){
return 1; return 1;
} }
/* create CyaSSL object after each tcp connect */ /* create wolfSSL object after each tcp connect */
if ( (ssl = CyaSSL_new(ctx)) == NULL) { if ( (ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "CyaSSL_new error.\n"); fprintf(stderr, "wolfSSL_new error.\n");
return 1; return 1;
} }
/* associate the file descriptor with the session */ /* associate the file descriptor with the session */
CyaSSL_set_fd(ssl, sockfd); wolfSSL_set_fd(ssl, sockfd);
/* takes inputting string and outputs it to the server */ /* takes inputting string and outputs it to the server */
SendReceive(ssl); SendReceive(ssl);
/* Save the session ID to reuse */ /* Save the session ID to reuse */
session = CyaSSL_get_session(ssl); session = wolfSSL_get_session(ssl);
sslResume = CyaSSL_new(ctx); sslResume = wolfSSL_new(ctx);
/* shut down CyaSSL */ /* shut down wolfSSL */
CyaSSL_shutdown(ssl); wolfSSL_shutdown(ssl);
/* close connection */ /* close connection */
close(sockfd); close(sockfd);
/* cleanup */ /* cleanup */
CyaSSL_free(ssl); wolfSSL_free(ssl);
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
/* /*
* resume session, start new connection and socket * resume session, start new connection and socket
@ -174,11 +174,11 @@ int main(int argc, char **argv){
} }
/* set the session ID to connect to the server */ /* set the session ID to connect to the server */
CyaSSL_set_fd(sslResume, sock); wolfSSL_set_fd(sslResume, sock);
CyaSSL_set_session(sslResume, session); wolfSSL_set_session(sslResume, session);
/* check has connect successfully */ /* check has connect successfully */
if (CyaSSL_connect(sslResume) != SSL_SUCCESS) { if (wolfSSL_connect(sslResume) != SSL_SUCCESS) {
printf("SSL resume failed\n"); printf("SSL resume failed\n");
return 1; return 1;
} }
@ -190,21 +190,21 @@ int main(int argc, char **argv){
} }
/* check to see if the session id is being reused */ /* check to see if the session id is being reused */
if (CyaSSL_session_reused(sslResume)) if (wolfSSL_session_reused(sslResume))
printf("reused session id\n"); printf("reused session id\n");
else else
printf("didn't reuse session id!!!\n"); printf("didn't reuse session id!!!\n");
/* shut down CyaSSL */ /* shut down wolfSSL */
CyaSSL_shutdown(sslResume); wolfSSL_shutdown(sslResume);
/* shut down socket */ /* shut down socket */
close(sock); close(sock);
/* clean up */ /* clean up */
CyaSSL_free(sslResume); wolfSSL_free(sslResume);
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
return ret; return ret;
} }

50
psk/client-psk.c 100644 → 100755
View File

@ -1,24 +1,24 @@
/* client-psk.c /* client-psk.c
* *
* Copyright (C) 2006-2014 wolfSSL Inc. * Copyright (C) 2006-2015 wolfSSL Inc.
* *
* This file is part of CyaSSL. * This file is part of wolfSSL. (formerly known as CyaSSL)
* *
* CyaSSL is free software; you can redistribute it and/or modify * wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* CyaSSL is distributed in the hope that it will be useful, * wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
* USA */ **/
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
@ -27,7 +27,7 @@
#include <arpa/inet.h> #include <arpa/inet.h>
#include <signal.h> #include <signal.h>
#include <unistd.h> #include <unistd.h>
#include <cyassl/ssl.h> /* must include this to use CyaSSL security */ #include <wolfssl/ssl.h> /* must include this to use wolfSSL security */
#define MAXLINE 256 /* max text line length */ #define MAXLINE 256 /* max text line length */
#define SERV_PORT 11111 /* default port*/ #define SERV_PORT 11111 /* default port*/
@ -35,7 +35,7 @@
/* /*
*psk client set up. *psk client set up.
*/ */
static inline unsigned int My_Psk_Client_Cb(CYASSL* ssl, const char* hint, static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key, char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len) unsigned int key_max_len)
{ {
@ -60,19 +60,19 @@ static inline unsigned int My_Psk_Client_Cb(CYASSL* ssl, const char* hint,
* this function will send the inputted string to the server and then * this function will send the inputted string to the server and then
* recieve the string from the server outputing it to the termial * recieve the string from the server outputing it to the termial
*/ */
int SendReceive(CYASSL* ssl) int SendReceive(WOLFSSL* ssl)
{ {
char sendline[MAXLINE]="Hello Server"; /* string to send to the server */ char sendline[MAXLINE]="Hello Server"; /* string to send to the server */
char recvline[MAXLINE]; /* string received from the server */ char recvline[MAXLINE]; /* string received from the server */
/* write string to the server */ /* write string to the server */
if (CyaSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) { if (wolfSSL_write(ssl, sendline, MAXLINE) != sizeof(sendline)) {
printf("Write Error to Server\n"); printf("Write Error to Server\n");
return 1; return 1;
} }
/* flags if the Server stopped before the client could end */ /* flags if the Server stopped before the client could end */
if (CyaSSL_read(ssl, recvline, MAXLINE) < 0 ) { if (wolfSSL_read(ssl, recvline, MAXLINE) < 0 ) {
printf("Client: Server Terminated Prematurely!\n"); printf("Client: Server Terminated Prematurely!\n");
return 1; return 1;
} }
@ -86,8 +86,8 @@ int SendReceive(CYASSL* ssl)
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
int ret, sockfd; int ret, sockfd;
CYASSL* ssl; WOLFSSL* ssl;
CYASSL_CTX* ctx; WOLFSSL_CTX* ctx;
struct sockaddr_in servaddr;; struct sockaddr_in servaddr;;
/* must include an ip address of this will flag */ /* must include an ip address of this will flag */
@ -96,10 +96,10 @@ int main(int argc, char **argv)
return 1; return 1;
} }
CyaSSL_Init(); /* initialize cyaSSL */ wolfSSL_Init(); /* initialize wolfSSL */
/* create and initialize CYASSL_CTX structure */ /* create and initialize WOLFSSL_CTX structure */
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method())) == NULL) { if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
fprintf(stderr, "SSL_CTX_new error.\n"); fprintf(stderr, "SSL_CTX_new error.\n");
return 1; return 1;
} }
@ -123,7 +123,7 @@ int main(int argc, char **argv)
} }
/* set up pre shared keys */ /* set up pre shared keys */
CyaSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb); wolfSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_Cb);
/* attempts to make a connection on a socket */ /* attempts to make a connection on a socket */
ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); ret = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr));
@ -133,14 +133,14 @@ int main(int argc, char **argv)
return 1; return 1;
} }
/* creat cyassl object after each tcp connct */ /* creat wolfssl object after each tcp connct */
if ( (ssl = CyaSSL_new(ctx)) == NULL) { if ( (ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "CyaSSL_new error.\n"); fprintf(stderr, "wolfSSL_new error.\n");
return 1; return 1;
} }
/* associate the file descriptor with the session */ /* associate the file descriptor with the session */
ret = CyaSSL_set_fd(ssl, sockfd); ret = wolfSSL_set_fd(ssl, sockfd);
if (ret != SSL_SUCCESS){ if (ret != SSL_SUCCESS){
return 1; return 1;
@ -153,12 +153,12 @@ int main(int argc, char **argv)
} }
/* cleanup */ /* cleanup */
CyaSSL_free(ssl); wolfSSL_free(ssl);
/* when completely done using SSL/TLS, free the /* when completely done using SSL/TLS, free the
* cyassl_ctx object */ * wolfssl_ctx object */
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
/* exit client */ /* exit client */
return ret; return ret;

12
psk/client-tcp.c
View File

@ -1,24 +1,24 @@
/* client-tcp.c /* client-tcp.c
* *
* Copyright (C) 2006-2014 wolfSSL Inc. * Copyright (C) 2006-2015 wolfSSL Inc.
* *
* This file is part of CyaSSL. * This file is part of wolfSSL. (formerly known as CyaSSL)
* *
* CyaSSL is free software; you can redistribute it and/or modify * wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* CyaSSL is distributed in the hope that it will be useful, * wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
* USA */ **/
#include <sys/socket.h> /* basic socket definitions */ #include <sys/socket.h> /* basic socket definitions */
#include <netinet/in.h> /* sockaddr_in{} and other Internet defns */ #include <netinet/in.h> /* sockaddr_in{} and other Internet defns */

70
psk/server-psk-nonblocking.c
View File

@ -1,14 +1,16 @@
/* server-psk-nonblocking.c /* server-psk-nonblocking.c
* A server ecample using a TCP connection with PSK security and non blocking. * A server ecample using a TCP connection with PSK security and non blocking.
* *
* This file is part of CyaSSL. * Copyright (C) 2006-2015 wolfSSL Inc.
* *
* CyaSSL is free software; you can redistribute it and/or modify * This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* CyaSSL is distributed in the hope that it will be useful, * wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
@ -18,7 +20,7 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/ */
#include <cyassl/ssl.h> /* include cyassl security */ #include <wolfssl/ssl.h> /* include wolfssl security */
#include <sys/socket.h> #include <sys/socket.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <stdio.h> #include <stdio.h>
@ -45,7 +47,7 @@ enum{
/* /*
* Pulled in from cyassl/test.h * Pulled in from wolfssl/test.h
* Select the tcp, used when nonblocking. Checks the status of the connection. * Select the tcp, used when nonblocking. Checks the status of the connection.
*/ */
int tcp_select(int sockfd, int to_sec) int tcp_select(int sockfd, int to_sec)
@ -82,14 +84,14 @@ int tcp_select(int sockfd, int to_sec)
* Function to handle nonblocking. Loops until tcp_select notifies that it's * Function to handle nonblocking. Loops until tcp_select notifies that it's
* ready for action. * ready for action.
*/ */
int NonBlockingSSL(CYASSL* ssl) int NonBlockingSSL(WOLFSSL* ssl)
{ {
int ret; int ret;
int error; int error;
int select_ret; int select_ret;
int sockfd = CyaSSL_get_fd(ssl); int sockfd = wolfSSL_get_fd(ssl);
ret = CyaSSL_accept(ssl); ret = wolfSSL_accept(ssl);
error = CyaSSL_get_error(ssl, 0); error = wolfSSL_get_error(ssl, 0);
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
error == SSL_ERROR_WANT_WRITE)) { error == SSL_ERROR_WANT_WRITE)) {
int currTimeout = 1; int currTimeout = 1;
@ -105,8 +107,8 @@ int NonBlockingSSL(CYASSL* ssl)
/* if tcp_select signals ready try to accept otherwise continue loop*/ /* if tcp_select signals ready try to accept otherwise continue loop*/
if ((select_ret == TEST_RECV_READY) || if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) { (select_ret == TEST_ERROR_READY)) {
ret = CyaSSL_accept(ssl); ret = wolfSSL_accept(ssl);
error = CyaSSL_get_error(ssl, 0); error = wolfSSL_get_error(ssl, 0);
} }
else if (select_ret == TEST_TIMEOUT) { else if (select_ret == TEST_TIMEOUT) {
error = SSL_ERROR_WANT_READ; error = SSL_ERROR_WANT_READ;
@ -128,7 +130,7 @@ int NonBlockingSSL(CYASSL* ssl)
/* /*
* Handles response to client. * Handles response to client.
*/ */
int respond(CYASSL* ssl) int respond(WOLFSSL* ssl)
{ {
int n; /* length of string read */ int n; /* length of string read */
char buf[MAXLINE]; /* string read from client */ char buf[MAXLINE]; /* string read from client */
@ -138,7 +140,7 @@ int respond(CYASSL* ssl)
do { do {
if (NonBlockingSSL(ssl) != SSL_SUCCESS) if (NonBlockingSSL(ssl) != SSL_SUCCESS)
return 1; return 1;
n = CyaSSL_read(ssl, buf, MAXLINE); n = wolfSSL_read(ssl, buf, MAXLINE);
if (n > 0) { if (n > 0) {
printf("%s\n", buf); printf("%s\n", buf);
} }
@ -147,7 +149,7 @@ int respond(CYASSL* ssl)
if (NonBlockingSSL(ssl) != SSL_SUCCESS) if (NonBlockingSSL(ssl) != SSL_SUCCESS)
return 1; return 1;
if (CyaSSL_write(ssl, response, strlen(response)) != strlen(response)) { if (wolfSSL_write(ssl, response, strlen(response)) != strlen(response)) {
printf("Fatal error : respond: write error\n"); printf("Fatal error : respond: write error\n");
return 1; return 1;
} }
@ -158,7 +160,7 @@ int respond(CYASSL* ssl)
/* /*
* Used for finding psk value. * Used for finding psk value.
*/ */
static inline unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity, static inline unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
unsigned char* key, unsigned int key_max_len) unsigned char* key, unsigned int key_max_len)
{ {
(void)ssl; (void)ssl;
@ -183,19 +185,19 @@ int main()
struct sockaddr_in cliAddr, servAddr; struct sockaddr_in cliAddr, servAddr;
char buff[MAXLINE]; char buff[MAXLINE];
socklen_t cliLen; socklen_t cliLen;
CYASSL_CTX* ctx; WOLFSSL_CTX* ctx;
CyaSSL_Init(); wolfSSL_Init();
if ((ctx = CyaSSL_CTX_new(CyaSSLv23_server_method())) == NULL) { if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
printf("Fatal error : CyaSSL_CTX_new error\n"); printf("Fatal error : wolfSSL_CTX_new error\n");
return 1; return 1;
} }
/* use psk suite for security */ /* use psk suite for security */
CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); wolfSSL_CTX_use_psk_identity_hint(ctx, "wolfssl server");
if (CyaSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256") if (wolfSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256")
!= SSL_SUCCESS) != SSL_SUCCESS)
printf("Fatal error : server can't set cipher list\n"); printf("Fatal error : server can't set cipher list\n");
@ -226,7 +228,7 @@ int main()
/* main loop for accepting and responding to clients */ /* main loop for accepting and responding to clients */
for ( ; ; ) { for ( ; ; ) {
CYASSL* ssl; WOLFSSL* ssl;
/* listen to the socket */ /* listen to the socket */
if (listen(listenfd, LISTENQ) < 0) { if (listen(listenfd, LISTENQ) < 0) {
@ -247,15 +249,15 @@ int main()
inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)), inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)),
ntohs(cliAddr.sin_port)); ntohs(cliAddr.sin_port));
/* create CYASSL object */ /* create WOLFSSL object */
if ((ssl = CyaSSL_new(ctx)) == NULL) { if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("Fatal error : CyaSSL_new error\n"); printf("Fatal error : wolfSSL_new error\n");
return 1; return 1;
} }
CyaSSL_set_fd(ssl, connfd); wolfSSL_set_fd(ssl, connfd);
/* set CyaSSL and socket to non blocking and respond */ /* set wolfSSL and socket to non blocking and respond */
CyaSSL_set_using_nonblock(ssl, 1); wolfSSL_set_using_nonblock(ssl, 1);
if (fcntl(connfd, F_SETFL, O_NONBLOCK) < 0) { if (fcntl(connfd, F_SETFL, O_NONBLOCK) < 0) {
printf("Fatal error : fcntl set failed\n"); printf("Fatal error : fcntl set failed\n");
return 1; return 1;
@ -265,17 +267,17 @@ int main()
return 1; return 1;
/* closes the connections after responding */ /* closes the connections after responding */
CyaSSL_shutdown(ssl); wolfSSL_shutdown(ssl);
CyaSSL_free(ssl); wolfSSL_free(ssl);
if (close(connfd) == -1) { if (close(connfd) == -1) {
printf("Fatal error : close error\n"); printf("Fatal error : close error\n");
return 1; return 1;
} }
} }
} }
/* free up memory used by cyassl */ /* free up memory used by wolfssl */
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
return 0; return 0;
} }

58
psk/server-psk-threaded.c
View File

@ -1,14 +1,16 @@
/* server-psk-threaded.c /* server-psk-threaded.c
* A server ecample using a multi-threaded TCP connection with PSK security. * A server ecample using a multi-threaded TCP connection with PSK security.
* *
* This file is part of CyaSSL. * Copyright (C) 2006-2015 wolfSSL Inc.
* *
* CyaSSL is free software; you can redistribute it and/or modify * This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* CyaSSL is distributed in the hope that it will be useful, * wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
@ -18,8 +20,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/ */
#include <cyassl/ssl.h> /* include CyaSSL security */ #include <wolfssl/ssl.h> /* include wolfSSL security */
#include <cyassl/options.h> /* included for option sync */ #include <wolfssl/options.h> /* included for option sync */
#include <pthread.h> /* used for concurrent threading */ #include <pthread.h> /* used for concurrent threading */
#include <sys/socket.h> #include <sys/socket.h>
#include <netinet/in.h> #include <netinet/in.h>
@ -35,12 +37,12 @@
#define LISTENQ 1024 #define LISTENQ 1024
#define SERV_PORT 11111 #define SERV_PORT 11111
CYASSL_CTX* ctx; /* global so it's shared by threads */ WOLFSSL_CTX* ctx; /* global so it's shared by threads */
/* /*
* Identify which psk key to use. * Identify which psk key to use.
*/ */
static inline unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity, static inline unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity,
unsigned char* key, unsigned char* key,
unsigned int key_max_len) unsigned int key_max_len)
{ {
@ -61,9 +63,9 @@ static inline unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity,
/* /*
* Process handled by a thread. * Process handled by a thread.
*/ */
void* cyassl_thread(void* fd) void* wolfssl_thread(void* fd)
{ {
CYASSL* ssl; WOLFSSL* ssl;
int connfd = *((int*)fd); int connfd = *((int*)fd);
int n; int n;
char buf[MAXLINE]; char buf[MAXLINE];
@ -71,19 +73,19 @@ void* cyassl_thread(void* fd)
memset(buf, 0, MAXLINE); memset(buf, 0, MAXLINE);
/* create CYASSL object */ /* create WOLFSSL object */
if ((ssl = CyaSSL_new(ctx)) == NULL) { if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("Fatal error : CyaSSL_new error"); printf("Fatal error : wolfSSL_new error");
/* place signal for forced error exit here */ /* place signal for forced error exit here */
} }
CyaSSL_set_fd(ssl, connfd); wolfSSL_set_fd(ssl, connfd);
/* respond to client */ /* respond to client */
n = CyaSSL_read(ssl, buf, MAXLINE); n = wolfSSL_read(ssl, buf, MAXLINE);
if (n > 0) { if (n > 0) {
printf("%s\n", buf); printf("%s\n", buf);
if (CyaSSL_write(ssl, response, strlen(response)) != strlen(response)) { if (wolfSSL_write(ssl, response, strlen(response)) != strlen(response)) {
printf("Fatal error :respond: write error\n"); printf("Fatal error :respond: write error\n");
/* place signal for forced error exit here */ /* place signal for forced error exit here */
} }
@ -94,8 +96,8 @@ void* cyassl_thread(void* fd)
} }
/* closes the connections after responding */ /* closes the connections after responding */
CyaSSL_shutdown(ssl); wolfSSL_shutdown(ssl);
CyaSSL_free(ssl); wolfSSL_free(ssl);
if (close(connfd) == -1) { if (close(connfd) == -1) {
printf("Fatal error : close error\n"); printf("Fatal error : close error\n");
/* place signal for forced error exit here */ /* place signal for forced error exit here */
@ -112,17 +114,17 @@ int main()
char buff[MAXLINE]; char buff[MAXLINE];
socklen_t cliLen; socklen_t cliLen;
pthread_t thread; pthread_t thread;
void* cyassl_thread(void*); void* wolfssl_thread(void*);
CyaSSL_Init(); wolfSSL_Init();
if ((ctx = CyaSSL_CTX_new(CyaSSLv23_server_method())) == NULL) if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL)
printf("Fatal error : CyaSSL_CTX_new error\n"); printf("Fatal error : wolfSSL_CTX_new error\n");
/* use psk suite for security */ /* use psk suite for security */
CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); wolfSSL_CTX_use_psk_identity_hint(ctx, "wolfssl server");
if (CyaSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256") if (wolfSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256")
!= SSL_SUCCESS) != SSL_SUCCESS)
printf("Fatal error : server can't set cipher list"); printf("Fatal error : server can't set cipher list");
@ -169,7 +171,7 @@ int main()
inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)), inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)),
ntohs(cliAddr.sin_port)); ntohs(cliAddr.sin_port));
if (pthread_create(&thread, NULL, &cyassl_thread, (void*) &connfd) if (pthread_create(&thread, NULL, &wolfssl_thread, (void*) &connfd)
!= 0) { != 0) {
return 1; return 1;
} }
@ -179,9 +181,9 @@ int main()
} }
} }
/* free up memory used by cyassl */ /* free up memory used by wolfssl */
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
return 0; return 0;
} }

54
psk/server-psk.c
View File

@ -1,14 +1,16 @@
/* server-psk.c /* server-psk.c
* A server ecample using a TCP connection with PSK security. * A server ecample using a TCP connection with PSK security.
* *
* This file is part of CyaSSL. * Copyright (C) 2006-2015 wolfSSL Inc.
* *
* CyaSSL is free software; you can redistribute it and/or modify * This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* CyaSSL is distributed in the hope that it will be useful, * wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
@ -18,8 +20,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/ */
#include <cyassl/ssl.h> /* include CyaSSL security */ #include <wolfssl/ssl.h> /* include wolfSSL security */
#include <cyassl/options.h> /* included for options sync */ #include <wolfssl/options.h> /* included for options sync */
#include <sys/socket.h> #include <sys/socket.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <stdio.h> #include <stdio.h>
@ -36,16 +38,16 @@
/* /*
* Handles response to client. * Handles response to client.
*/ */
int respond(CYASSL* ssl) int respond(WOLFSSL* ssl)
{ {
int n; /* length of string read */ int n; /* length of string read */
char buf[MAXLINE]; /* string read from client */ char buf[MAXLINE]; /* string read from client */
char response[] = "I hear ya for shizzle"; char response[] = "I hear ya for shizzle";
memset(buf, 0, MAXLINE); memset(buf, 0, MAXLINE);
n = CyaSSL_read(ssl, buf, MAXLINE); n = wolfSSL_read(ssl, buf, MAXLINE);
if (n > 0) { if (n > 0) {
printf("%s\n", buf); printf("%s\n", buf);
if (CyaSSL_write(ssl, response, strlen(response)) > strlen(response)) { if (wolfSSL_write(ssl, response, strlen(response)) > strlen(response)) {
printf("Fatal error : respond: write error\n"); printf("Fatal error : respond: write error\n");
return 1; return 1;
} }
@ -61,7 +63,7 @@ int respond(CYASSL* ssl)
/* /*
* Identify which psk key to use. * Identify which psk key to use.
*/ */
static unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity, unsigned char* key, static unsigned int my_psk_server_cb(WOLFSSL* ssl, const char* identity, unsigned char* key,
unsigned int key_max_len) unsigned int key_max_len)
{ {
(void)ssl; (void)ssl;
@ -85,20 +87,20 @@ int main()
struct sockaddr_in cliAddr, servAddr; struct sockaddr_in cliAddr, servAddr;
char buff[MAXLINE]; char buff[MAXLINE];
socklen_t cliLen; socklen_t cliLen;
CYASSL_CTX* ctx; WOLFSSL_CTX* ctx;
CyaSSL_Init(); wolfSSL_Init();
/* create ctx and configure certificates */ /* create ctx and configure certificates */
if ((ctx = CyaSSL_CTX_new(CyaSSLv23_server_method())) == NULL) { if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
printf("Fatal error : CyaSSL_CTX_new error\n"); printf("Fatal error : wolfSSL_CTX_new error\n");
return 1; return 1;
} }
/* use psk suite for security */ /* use psk suite for security */
CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); wolfSSL_CTX_use_psk_identity_hint(ctx, "wolfssl server");
if (CyaSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256") if (wolfSSL_CTX_set_cipher_list(ctx, "PSK-AES128-CBC-SHA256")
!= SSL_SUCCESS) { != SSL_SUCCESS) {
printf("Fatal error : server can't set cipher list\n"); printf("Fatal error : server can't set cipher list\n");
return 1; return 1;
@ -138,7 +140,7 @@ int main()
/* main loop for accepting and responding to clients */ /* main loop for accepting and responding to clients */
for ( ; ; ) { for ( ; ; ) {
CYASSL* ssl; WOLFSSL* ssl;
cliLen = sizeof(cliAddr); cliLen = sizeof(cliAddr);
connfd = accept(listenfd, (struct sockaddr *) &cliAddr, &cliLen); connfd = accept(listenfd, (struct sockaddr *) &cliAddr, &cliLen);
@ -151,18 +153,18 @@ int main()
inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)), inet_ntop(AF_INET, &cliAddr.sin_addr, buff, sizeof(buff)),
ntohs(cliAddr.sin_port)); ntohs(cliAddr.sin_port));
/* create CYASSL object and respond */ /* create WOLFSSL object and respond */
if ((ssl = CyaSSL_new(ctx)) == NULL) { if ((ssl = wolfSSL_new(ctx)) == NULL) {
printf("Fatal error : CyaSSL_new error\n"); printf("Fatal error : wolfSSL_new error\n");
return 1; return 1;
} }
CyaSSL_set_fd(ssl, connfd); wolfSSL_set_fd(ssl, connfd);
if (respond(ssl) != 0) if (respond(ssl) != 0)
return 1; return 1;
/* closes the connections after responding */ /* closes the connections after responding */
CyaSSL_shutdown(ssl); wolfSSL_shutdown(ssl);
CyaSSL_free(ssl); wolfSSL_free(ssl);
if (close(connfd) == -1) { if (close(connfd) == -1) {
printf("Fatal error : close error\n"); printf("Fatal error : close error\n");
@ -170,9 +172,9 @@ int main()
} }
} }
} }
/* free up memory used by CyaSSL */ /* free up memory used by wolfSSL */
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
return 0; return 0;
} }

8
psk/server-tcp.c
View File

@ -1,14 +1,16 @@
/* server-tcp.c /* server-tcp.c
* A server ecample using a TCP connection. * A server ecample using a TCP connection.
* *
* This file is part of CyaSSL. * Copyright (C) 2006-2015 wolfSSL Inc.
* *
* CyaSSL is free software; you can redistribute it and/or modify * This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* CyaSSL is distributed in the hope that it will be useful, * wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.

210
psk/tutorial-tcp-psk.md
View File

@ -1,50 +1,50 @@
TCP/PSK Tutorial TCP/PSK Tutorial
================ ================
## **Tutorial for adding Cyassl Security to a Simple Client.** ## **Tutorial for adding wolfSSL Security to a Simple Client.**
1. Include the CyaSSL compatibility header: 1. Include the wolfSSL compatibility header:
``#include <cyassl/ssl.h>`` ``#include <wolfssl/ssl.h>``
* Change all calls from read() or recv() to CyaSSL_read(), in the simple client * Change all calls from read() or recv() to wolfSSL_read(), in the simple client
``read(sockfd, recvline, MAXLINE)`` becomes ``CyaSSL_read(ssl, recvline, MAXLINE)`` ``read(sockfd, recvline, MAXLINE)`` becomes ``wolfSSL_read(ssl, recvline, MAXLINE)``
3. Change all calls from write() or send() to CySSL_write(), in the simple client 3. Change all calls from write() or send() to CySSL_write(), in the simple client
``write(socked, send line,strlen(send line))`` becomes ``CyaSSL_write(ssl, send line, strlen(sendline))`` ``write(socked, send line,strlen(send line))`` becomes ``wolfSSL_write(ssl, send line, strlen(sendline))``
4. In the main method initialize CyaSSL and CYASSL_CTX. 4. In the main method initialize wolfSSL and WOLFSSL_CTX.
CyaSSL_Init(); wolfSSL_Init();
if ((ctx = CyaSSL_CTX_new(CyaTLSv1_2_client_method())) == NULL) if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL)
fprintf(stderr, "SSL_CTX_new error.\n"); fprintf(stderr, "SSL_CTX_new error.\n");
return 1; return 1;
} }
5. Create the CyaSSL object after each TCP connect and associate the file descriptor with the session: 5. Create the wolfSSL object after each TCP connect and associate the file descriptor with the session:
if ((ssl = CyaSSL_new(ctx)) == NULL) { if ((ssl = wolfSSL_new(ctx)) == NULL) {
fprintf(stderr, "CyaSSL_new error.\n"); fprintf(stderr, "wolfSSL_new error.\n");
return 1; return 1;
} }
ret = CyaSSL_set_fd(ssl, sockfd); ret = wolfSSL_set_fd(ssl, sockfd);
if (ret != SSL_SUCCESS){ if (ret != SSL_SUCCESS){
return 1; return 1;
} }
6. Cleanup. After each CyaSSL object is done being used you can free it up by calling ``CyaSSL_free(ssl);`` 6. Cleanup. After each wolfSSL object is done being used you can free it up by calling ``wolfSSL_free(ssl);``
7. When completely done using SSL/TLS, free the CYASSL_CTX object by 7. When completely done using SSL/TLS, free the WOLFSSL_CTX object by
``CyaSSL_CTX_free(CTX);`` ``wolfSSL_CTX_free(CTX);``
``CyaSSL_Cleanup();`` ``wolfSSL_Cleanup();``
## **Adding Pre-Shared Keys (PSK) to the CyaSSL Simple Client.** ## **Adding Pre-Shared Keys (PSK) to the wolfSSL Simple Client.**
1. When configuring CyaSSL 1. When configuring wolfSSL
``sudo ./configure --enable-psk`` ``sudo ./configure --enable-psk``
@ -54,11 +54,11 @@ TCP/PSK Tutorial
2. In the main method add 2. In the main method add
``CyaSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_cb);`` ``wolfSSL_CTX_set_psk_client_callback(ctx, My_Psk_Client_cb);``
3. Add the function 3. Add the function
static inline unsigned int My_Psk_Client_Cb(CYASSL* ssl, const char* hint, static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint,
char* identity, unsigned int id_max_len, unsigned char* key, char* identity, unsigned int id_max_len, unsigned char* key,
unsigned int key_max_len) unsigned int key_max_len)
{ {
@ -76,11 +76,11 @@ TCP/PSK Tutorial
return 4; return 4;
} }
## **Adding Non-Blocking to the CyaSSL Simple Client.** ## **Adding Non-Blocking to the wolfSSL Simple Client.**
1. Include the fcntl.h header file. This is needed for some of the constants that will be used when dealing with non-blocking on the socket. `` #include <fcntl.h>`` 1. Include the fcntl.h header file. This is needed for some of the constants that will be used when dealing with non-blocking on the socket. `` #include <fcntl.h>``
2. After the function ``CyaSSL_set_fd(ssl,sockfd)``, tell CyaSSL that you want non-blocking to be used. This is done by adding : `` CyaSSL_set_using_nonblock(ssl,1);`` 2. After the function ``wolfSSL_set_fd(ssl,sockfd)``, tell wolfSSL that you want non-blocking to be used. This is done by adding : `` wolfSSL_set_using_nonblock(ssl,1);``
3. Now we much invoke the fcnt callable serve to use non-blocking. 3. Now we much invoke the fcnt callable serve to use non-blocking.
@ -142,13 +142,13 @@ TCP/PSK Tutorial
**Add the non-blocking function** **Add the non-blocking function**
static int NonBlockingSSL_Connect(CYASSL* ssl) static int NonBlockingSSL_Connect(WOLFSSL* ssl)
{ {
int ret, error, sockfd, select_ret, currTimeout; int ret, error, sockfd, select_ret, currTimeout;
ret = CyaSSL_connect(ssl); ret = wolfSSL_connect(ssl);
error = CyaSSL_get_error(ssl, 0); error = wolfSSL_get_error(ssl, 0);
sockfd = (int)CyaSSL_get_fd(ssl); sockfd = (int)wolfSSL_get_fd(ssl);
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE)) { while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE)) {
currTimeout = 1; currTimeout = 1;
@ -162,8 +162,8 @@ TCP/PSK Tutorial
if ((select_ret == TEST_RECV_READY) || if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) { (select_ret == TEST_ERROR_READY)) {
ret = CyaSSL_connect(ssl); ret = wolfSSL_connect(ssl);
error = CyaSSL_get_error(ssl, 0); error = wolfSSL_get_error(ssl, 0);
} }
else if (select_ret == TEST_TIMEOUT) { else if (select_ret == TEST_TIMEOUT) {
error = SSL_ERROR_WANT_READ; error = SSL_ERROR_WANT_READ;
@ -187,21 +187,21 @@ Session resumption allows a client/server pair to re-use previously generated cr
1. After sending a string to the server we need to save the session ID so it can be used again for the next connection. 1. After sending a string to the server we need to save the session ID so it can be used again for the next connection.
/* Save the session ID to reuse */ /* Save the session ID to reuse */
CYASSL_SESSION* session = CyaSSL_get_session(ssl); WOLFSSL_SESSION* session = wolfSSL_get_session(ssl);
CYASSL* sslResume = CyaSSL_new(ctx); WOLFSSL* sslResume = wolfSSL_new(ctx);
2. Now we must close CyaSSL SSL and close connections. Alos free the socket and ctx. 2. Now we must close wolfSSL SSL and close connections. Alos free the socket and ctx.
/* shut down CyaSSL */ /* shut down wolfSSL */
CyaSSL_shutdown(ssl); wolfSSL_shutdown(ssl);
/* close connection */ /* close connection */
close(sockfd); close(sockfd);
/* cleanup */ /* cleanup */
CyaSSL_free(ssl); wolfSSL_free(ssl);
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
3. Now we are ready to reconnect and start a new socket but we are going to reuse the session id to make things go a little faster. 3. Now we are ready to reconnect and start a new socket but we are going to reuse the session id to make things go a little faster.
@ -216,13 +216,13 @@ Session resumption allows a client/server pair to re-use previously generated cr
} }
/* set the session ID to connect to the server */ /* set the session ID to connect to the server */
CyaSSL_set_fd(sslResume, sock); wolfSSL_set_fd(sslResume, sock);
CyaSSL_set_session(sslResume, session); wolfSSL_set_session(sslResume, session);
4. Check if the connect was successful. 4. Check if the connect was successful.
/* check has connect successfully */ /* check has connect successfully */
if (CyaSSL_connect(sslResume) != SSL_SUCCESS) { if (wolfSSL_connect(sslResume) != SSL_SUCCESS) {
printf("SSL resume failed\n"); printf("SSL resume failed\n");
return 1; return 1;
} }
@ -232,88 +232,88 @@ Session resumption allows a client/server pair to re-use previously generated cr
6. Check to see if the session id was actually reused or if it was just a new session. 6. Check to see if the session id was actually reused or if it was just a new session.
/* check to see if the session id is being reused */ /* check to see if the session id is being reused */
if (CyaSSL_session_reused(sslResume)) if (wolfSSL_session_reused(sslResume))
printf("reused session id\n"); printf("reused session id\n");
else else
printf("didn't reuse session id!!!\n"); printf("didn't reuse session id!!!\n");
7. Now close the ssl and socket. 7. Now close the ssl and socket.
/* shut down CyaSSL */ /* shut down wolfSSL */
CyaSSL_shutdown(sslResume); wolfSSL_shutdown(sslResume);
/* shut down socket */ /* shut down socket */
close(sock); close(sock);
/* clean up */ /* clean up */
CyaSSL_free(sslResume); wolfSSL_free(sslResume);
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
## **Tutorial for adding Cyassl Security and PSK (Pre shared Keys) to a Simple Server.** ## **Tutorial for adding wolfSSL Security and PSK (Pre shared Keys) to a Simple Server.**
1. Include the CyaSSL compatibility header: 1. Include the wolfSSL compatibility header:
``#include <cyassl/ssl.h>`` ``#include <wolfssl/ssl.h>``
2. Change all calls from read() or recv() to CyaSSL_read(), in the simple server 2. Change all calls from read() or recv() to wolfSSL_read(), in the simple server
``read(sockfd, recvline, MAXLINE)`` becomes ``CyaSSL_read(ssl, recvline, MAXLINE)`` ``read(sockfd, recvline, MAXLINE)`` becomes ``wolfSSL_read(ssl, recvline, MAXLINE)``
>(CyaSSL_read on first use also calls CyaSSL_accept if not explicitly called earlier in code.) >(wolfSSL_read on first use also calls wolfSSL_accept if not explicitly called earlier in code.)
3. Change all calls from write() or send() to CySSL_write(), in the simple server 3. Change all calls from write() or send() to CySSL_write(), in the simple server
``write(sockfd, sendline, strlen(sendline))`` becomes ``CyaSSL_write(ssl, sendline, strlen(sendline))`` ``write(sockfd, sendline, strlen(sendline))`` becomes ``wolfSSL_write(ssl, sendline, strlen(sendline))``
4. Run the CyaSSL method to initalize CyaSSL 4. Run the wolfSSL method to initalize wolfSSL
``CyaSSL_Init()`` ``wolfSSL_Init()``
5. Create a ctx pointer that contains using the following process. 5. Create a ctx pointer that contains using the following process.
``` ```
CYASSL_CTX* ctx; WOLFSSL_CTX* ctx;
if ((ctx = CyaSSL_CTX_new(CyaSSLv23_server_method())) == NULL) if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL)
err_sys(“CyaSSL_CTX_new error”); err_sys(“wolfSSL_CTX_new error”);
``` ```
6. In the servers main loop for accepting clients create a CYASSL pointer. Once a new client is accepted create a CyaSSL object and associate that object with the socket that the client is on. After using the CyaSSL object it should be freed and also before closing the program the ctx pointer should be freed and a CyaSSL cleanup method called. 6. In the servers main loop for accepting clients create a WOLFSSL pointer. Once a new client is accepted create a wolfSSL object and associate that object with the socket that the client is on. After using the wolfSSL object it should be freed and also before closing the program the ctx pointer should be freed and a wolfSSL cleanup method called.
``` ```
CYASSL* ssl; WOLFSSL* ssl;
CyaSSL_set_fd(ssl, “integer returned from accept”); wolfSSL_set_fd(ssl, “integer returned from accept”);
CyaSSL_free(ssl); wolfSSL_free(ssl);
CyaSSL_CTX_free(ctx); wolfSSL_CTX_free(ctx);
CyaSSL_Cleanup(); wolfSSL_Cleanup();
``` ```
## Now adding Pre-Shared Keys (PSK) to the CyaSSL Simple Server: ## Now adding Pre-Shared Keys (PSK) to the wolfSSL Simple Server:
The following steps are on how to use PSK in a CyaSSL server The following steps are on how to use PSK in a wolfSSL server
1. Build CyaSSL with pre shared keys enabled executing the following commands in CyaSSLs root directory. Depending on file locations sudo may be needed when running the commands. 1. Build wolfSSL with pre shared keys enabled executing the following commands in wolfSSLs root directory. Depending on file locations sudo may be needed when running the commands.
``` ```
./configure --enable-psk ./configure --enable-psk
make make
make install make install
``` ```
2. Set up the psk suit with using the CyaSSL callback, identity hint, and cipher list methods. These methods get called immediately after the process of setting up ctx. 2. Set up the psk suit with using the wolfSSL callback, identity hint, and cipher list methods. These methods get called immediately after the process of setting up ctx.
``` ```
CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
CyaSSL_CTX_use_psk_identity_hint(ctx, “cyassl server”); wolfSSL_CTX_use_psk_identity_hint(ctx, “wolfssl server”);
CyaSSL_CTX_set_cipher_list(ctx, “PSK-AES128-CBC-SHA256”); wolfSSL_CTX_set_cipher_list(ctx, “PSK-AES128-CBC-SHA256”);
``` ```
>PSK-AES128-CBC-SHA256 creates the cipher list of having pre shared keys with advanced encryption security using 128 bit key >PSK-AES128-CBC-SHA256 creates the cipher list of having pre shared keys with advanced encryption security using 128 bit key
>with cipher block chaining using secure hash algorithm. >with cipher block chaining using secure hash algorithm.
3. Add the my_psk_server_cb function as follows. This is a function needed that is passed in as an argument to the CyaSSL callback. 3. Add the my_psk_server_cb function as follows. This is a function needed that is passed in as an argument to the wolfSSL callback.
``` ```
static inline unsigned int my_psk_client_cb(CYASSL* ssl, char* identity, unsigned static inline unsigned int my_psk_client_cb(WOLFSSL* ssl, char* identity, unsigned
char* key, unsigned int key_max_len) { char* key, unsigned int key_max_len) {
(void)ssl; (void)ssl;
(void)key_max_len; (void)key_max_len;
@ -333,7 +333,7 @@ The following steps are on how to use PSK in a CyaSSL server
``` ```
Example Makefile for Simple Cyass PSK Client: Example Makefile for Simple wolfSSL PSK Client:
``` ```
CC=gcc CC=gcc
@ -344,7 +344,7 @@ Example Makefile for Simple Cyass PSK Client:
$(CC) -c -o $@ $< $(CFLAGS) $(CC) -c -o $@ $< $(CFLAGS)
client-psk: client-psk.c client-psk: client-psk.c
$(CC) -Wall -o client-psk client-psk.c -lcyassl $(CC) -Wall -o client-psk client-psk.c -lwolfssl
.PHONY: clean .PHONY: clean
@ -352,7 +352,7 @@ Example Makefile for Simple Cyass PSK Client:
rm -f *.o client-psk rm -f *.o client-psk
``` ```
The -lcyassl will link the Cyassl Libraries to your program The -lwolfssl will link the wolfSSL Libraries to your program
The makefile for the server is going to be similar to that of the client. If the user wants separate makefiles just make a use the same set up of the client makefile and replace every instance of client-psk with server-psk. To combine make files just add a server-psk with similar ending to each time client-psk is referenced and change the target. There will also need to be a target for when compiling all targets. The makefile for the server is going to be similar to that of the client. If the user wants separate makefiles just make a use the same set up of the client makefile and replace every instance of client-psk with server-psk. To combine make files just add a server-psk with similar ending to each time client-psk is referenced and change the target. There will also need to be a target for when compiling all targets.
@ -361,7 +361,7 @@ The makefile for the server is going to be similar to that of the client. If the
all: server-psk client-psk all: server-psk client-psk
server-psk: server-psk.c server-psk: server-psk.c
$(CC) -Wall -o server-psk server-psk.c -lcyassl $(CC) -Wall -o server-psk server-psk.c -lwolfssl
``` ```
## Nonblocking psk ## Nonblocking psk
@ -373,9 +373,9 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
``#include <fcntl.h>`` ``#include <fcntl.h>``
2. After the function CyaSSL_set_fd(ssl, sockfd), tell cyassl that you want nonblocking to be used. This is done by adding: 2. After the function wolfSSL_set_fd(ssl, sockfd), tell wolfssl that you want nonblocking to be used. This is done by adding:
``CyaSSL_set_using_nonblock(ssl,1);`` ``wolfSSL_set_using_nonblock(ssl,1);``
3. Now we much invoke the fcntl callable serve to use nonblocking. This is done by adding: 3. Now we much invoke the fcntl callable serve to use nonblocking. This is done by adding:
@ -457,12 +457,12 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
6. Now we can add the NonBlockingSSL_Connect function. This can be done by adding: 6. Now we can add the NonBlockingSSL_Connect function. This can be done by adding:
``` ```
static void NonBlockingSSL_Connect(CYASSL* ssl){ static void NonBlockingSSL_Connect(WOLFSSL* ssl){
int ret = CyaSSL_connect(ssl); int ret = wolfSSL_connect(ssl);
int error = CyaSSL_get_error(ssl, 0); int error = wolfSSL_get_error(ssl, 0);
int sockfd = (int)CyaSSL_get_fd(ssl); int sockfd = (int)wolfSSL_get_fd(ssl);
int select_ret; int select_ret;
while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
@ -478,10 +478,10 @@ When a socket is setup as non-blocking, reads and writes to the socket do not ca
if ((select_ret == TEST_RECV_READY) || if ((select_ret == TEST_RECV_READY) ||
(select_ret == TEST_ERROR_READY)) { (select_ret == TEST_ERROR_READY)) {
ret = CyaSSL_connect(ssl); ret = wolfSSL_connect(ssl);
error = CyaSSL_get_error(ssl, 0); error = wolfSSL_get_error(ssl, 0);
} }
else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) { else if (select_ret == TEST_TIMEOUT && !wolfSSL_dtls(ssl)) {
error = SSL_ERROR_WANT_READ; error = SSL_ERROR_WANT_READ;
} }
else { else {
@ -501,10 +501,10 @@ Nonblocking on the server side allows for switching between multiple client conn
1. Include the fcntl.h header file. This is needed for some of the constants that will be used when dealing with non blocking on the socket. 1. Include the fcntl.h header file. This is needed for some of the constants that will be used when dealing with non blocking on the socket.
``#include <fcntl.h>`` ``#include <fcntl.h>``
2. After accept has found a client and an ssl object has been made and associated with the clients socket then call the CyaSSL function to set CyaSSL in non blocking mode. This is done using the following function call. 2. After accept has found a client and an ssl object has been made and associated with the clients socket then call the wolfSSL function to set wolfSSL in non blocking mode. This is done using the following function call.
``CyaSSL_set_using_nonblock(ssl, 1);`` ``wolfSSL_set_using_nonblock(ssl, 1);``
3. Immediately after setting CyaSSL to use non blocking, the socket that the client is connected on needs to also be set up to be non blocking. This is done using the included fcntl.h and making the following function call. 3. Immediately after setting wolfSSL to use non blocking, the socket that the client is connected on needs to also be set up to be non blocking. This is done using the included fcntl.h and making the following function call.
``fcntl(*sockfd, F_SETFL, O_NONBLOCK);`` ``fcntl(*sockfd, F_SETFL, O_NONBLOCK);``
@ -515,18 +515,18 @@ Nonblocking on the server side allows for switching between multiple client conn
>For the example server we do not consider write when selecting the tcp so it is set to NULL. For ease the example code uses enumerated values for which state the function select returns. This then makes the next loop discussed easier. >For the example server we do not consider write when selecting the tcp so it is set to NULL. For ease the example code uses enumerated values for which state the function select returns. This then makes the next loop discussed easier.
5. Next is to add a loop for handling when to read and write. This loop uses the select tcp function to continually check on the status of the tcp connection and when it is ready or has an exception the CyaSSL_accept function is called. 5. Next is to add a loop for handling when to read and write. This loop uses the select tcp function to continually check on the status of the tcp connection and when it is ready or has an exception the wolfSSL_accept function is called.
6. The final thing added is a loop around CyaSSL_read. This is done so that when encountering the error SSL_ERROR_WANT_READ the server gives the client some time to send the message. 6. The final thing added is a loop around wolfSSL_read. This is done so that when encountering the error SSL_ERROR_WANT_READ the server gives the client some time to send the message.
``` ```
/* timed loop to continue checking for a client message */ /* timed loop to continue checking for a client message */
do { do {
     if (n < 0) {      if (n < 0) {
         err = CyaSSL_get_error(ssl, 0);          err = wolfSSL_get_error(ssl, 0);
         if (err != SSL_ERROR_WANT_READ)          if (err != SSL_ERROR_WANT_READ)
             err_sys("respond: read error");              err_sys("respond: read error");
         n = CyaSSL_read(ssl, buf, MAXLINE);          n = wolfSSL_read(ssl, buf, MAXLINE);
         time(&current_time);          time(&current_time);
     }      }
} while (err == SSL_ERROR_WANT_READ && n < 0 && } while (err == SSL_ERROR_WANT_READ && n < 0 &&
@ -546,7 +546,7 @@ The main thread accepts clients and for each client accepted a new thread is spa
``#include <pthread.h>`` ``#include <pthread.h>``
2. When creating multiple threads the state of variables can become an issue. Since in the example, CYASSL_CTX* is not changed after being initially set we can make it a global variable and allow all threads read access while they are processing without having to lock the memory. 2. When creating multiple threads the state of variables can become an issue. Since in the example, WOLFSSL_CTX* is not changed after being initially set we can make it a global variable and allow all threads read access while they are processing without having to lock the memory.
3. After the main thread accepts a client, call the pthread_create function. 3. After the main thread accepts a client, call the pthread_create function.
@ -557,24 +557,24 @@ The main thread accepts clients and for each client accepted a new thread is spa
/* /*
*Process handled by a thread. *Process handled by a thread.
*/ */
void* cyassl_thread(void* fd) void* wolfssl_thread(void* fd)
{ {
CYASSL* ssl; WOLFSSL* ssl;
int connfd = (int)fd; int connfd = (int)fd;
int n; /* length of string read */ int n; /* length of string read */
char buf[MAXLINE]; /* string read from client */ char buf[MAXLINE]; /* string read from client */
char response[22] = "I hear ya for shizzle"; char response[22] = "I hear ya for shizzle";
/* create CYASSL object and respond */ /* create WOLFSSL object and respond */
if ((ssl = CyaSSL_new(ctx)) == NULL) if ((ssl = wolfSSL_new(ctx)) == NULL)
err_sys("CyaSSL_new error"); err_sys("wolfSSL_new error");
CyaSSL_set_fd(ssl, connfd); wolfSSL_set_fd(ssl, connfd);
/* respond to client */ /* respond to client */
n = CyaSSL_read(ssl, buf, MAXLINE); n = wolfSSL_read(ssl, buf, MAXLINE);
if (n > 0) { if (n > 0) {
printf("%s\n", buf); printf("%s\n", buf);
if (CyaSSL_write(ssl, response, 22) > 22) { if (wolfSSL_write(ssl, response, 22) > 22) {
err_sys("respond: write error"); err_sys("respond: write error");
} }
} }
@ -583,12 +583,12 @@ The main thread accepts clients and for each client accepted a new thread is spa
} }
/* closes the connections after responding */ /* closes the connections after responding */
CyaSSL_shutdown(ssl); wolfSSL_shutdown(ssl);
CyaSSL_free(ssl); wolfSSL_free(ssl);
if (close(connfd) == -1) if (close(connfd) == -1)
err_sys("close error"); err_sys("close error");
pthread_exit( NULL); pthread_exit( NULL);
} }
``` ```
5. Void* arg is the argument that gets passed into cyassal_thread when pthread_create is called. In this example that argument is used to pass the socket value that the client for the current thread is on. 5. Void* arg is the argument that gets passed into wolfssal_thread when pthread_create is called. In this example that argument is used to pass the socket value that the client for the current thread is on.