/* * client-dtls-callback.c * * Copyright (C) 2006-2015 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * wolfSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA * *============================================================================= * * Bare-bones example of a DTLS client for instructional/learning purposes. */ #include #include #include #include #include #include #include #include #include #include #include #define MAXLINE 4096 #define SERV_PORT 11111 typedef struct SharedDtls { WOLFSSL* ssl; /* WOLFSSL object being shared */ int sd; /* socket fd */ struct sockaddr_in servAddr; /* server sockaddr */ socklen_t servSz; /* length of servAddr */ char* recvBuf; /* I/O recv cb buffer */ int recvSz; /* bytes in recvBuf */ int handShakeDone; /* is the handshake done? */ } SharedDtls; int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx) { SharedDtls* shared = (SharedDtls*)ctx; int recvd; printf("my_IORecv sz %d\n", sz); /* Receive message from socket */ recvd = recvfrom(shared->sd, buff, sz, 0, NULL, NULL); if (recvd == -1) { /* error encountered. Be responsible and report it in wolfSSL terms */ fprintf(stderr, "IO RECEIVE ERROR: "); switch (errno) { #if EAGAIN != EWOULDBLOCK case EAGAIN: /* EAGAIN == EWOULDBLOCK on some systems, but not others */ #endif case EWOULDBLOCK: if (!wolfSSL_dtls(ssl) || wolfSSL_get_using_nonblock(ssl)) { fprintf(stderr, "would block\n"); return WOLFSSL_CBIO_ERR_WANT_READ; } else { fprintf(stderr, "socket timeout\n"); return WOLFSSL_CBIO_ERR_TIMEOUT; } case ECONNRESET: fprintf(stderr, "connection reset\n"); return WOLFSSL_CBIO_ERR_CONN_RST; case EINTR: fprintf(stderr, "socket interrupted\n"); return WOLFSSL_CBIO_ERR_ISR; case ECONNREFUSED: fprintf(stderr, "connection refused\n"); return WOLFSSL_CBIO_ERR_WANT_READ; case ECONNABORTED: fprintf(stderr, "connection aborted\n"); return WOLFSSL_CBIO_ERR_CONN_CLOSE; default: fprintf(stderr, "general error\n"); return WOLFSSL_CBIO_ERR_GENERAL; } } else if (recvd == 0) { printf("Connection closed\n"); return WOLFSSL_CBIO_ERR_CONN_CLOSE; } printf("my_IORecv recvd %d \n", recvd); /* successful receive */ printf("my_IORecv: received %d bytes from %d\n", sz, shared->sd); return recvd; } int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx) { SharedDtls* shared = (SharedDtls*)ctx; int sent; printf("my_IOSend sz %d\n", sz); sent = sendto(shared->sd, buff, sz, 0, (const struct sockaddr*)&shared->servAddr, shared->servSz); /* Send message to socket */ if (sent == -1) { /* error encountered. Be responsible and report it in wolfSSL terms */ fprintf(stderr, "IO SEND ERROR: "); switch (errno) { #if EAGAIN != EWOULDBLOCK case EAGAIN: /* EAGAIN == EWOULDBLOCK on some systems, but not others */ #endif case EWOULDBLOCK: fprintf(stderr, "would block\n"); return WOLFSSL_CBIO_ERR_WANT_READ; case ECONNRESET: fprintf(stderr, "connection reset\n"); return WOLFSSL_CBIO_ERR_CONN_RST; case EINTR: fprintf(stderr, "socket interrupted\n"); return WOLFSSL_CBIO_ERR_ISR; case EPIPE: fprintf(stderr, "socket EPIPE\n"); return WOLFSSL_CBIO_ERR_CONN_CLOSE; default: fprintf(stderr, "general error\n"); return WOLFSSL_CBIO_ERR_GENERAL; } } else if (sent == 0) { printf("Connection closed\n"); return 0; } printf("my_IOSend sent %d\n", sent); /* successful send */ printf("my_IOSend: sent %d bytes to %d\n", sz, shared->sd); return sent; } int main (int argc, char** argv) { /* standard variables used in a dtls client*/ int n = 0; int sockfd = 0; int err1; int readErr; //struct sockaddr_in servAddr; WOLFSSL* ssl = 0; WOLFSSL_CTX* ctx = 0; char cert_array[] = "../certs/ca-cert.pem"; char* certs = cert_array; char sendLine[MAXLINE]; char recvLine[MAXLINE - 1]; SharedDtls shared; /* Program argument checking */ if (argc != 2) { printf("usage: udpcli \n"); return 1; } wolfSSL_Debugging_ON(); /* Initialize wolfSSL before assigning ctx */ wolfSSL_Init(); if ( (ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method())) == NULL) { fprintf(stderr, "wolfSSL_CTX_new error.\n"); return 1; } /* Register callbacks */ wolfSSL_CTX_SetIORecv(ctx, my_IORecv); wolfSSL_CTX_SetIOSend(ctx, my_IOSend); /* Load certificates into ctx variable */ if (wolfSSL_CTX_load_verify_locations(ctx, certs, 0) != SSL_SUCCESS) { fprintf(stderr, "Error loading %s, please check the file.\n", certs); return 1; } /* Assign ssl variable */ ssl = wolfSSL_new(ctx); if (ssl == NULL) { printf("unable to get ssl object"); return 1; } /* servAddr setup */ memset(&shared.servAddr, 0, sizeof(shared.servAddr)); shared.servAddr.sin_family = AF_INET; shared.servAddr.sin_port = htons(SERV_PORT); if (inet_pton(AF_INET, argv[1], &shared.servAddr.sin_addr) < 1) { printf("Error and/or invalid IP address"); return 1; } if ( (sockfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { printf("cannot create a socket."); return 1; } shared.sd = sockfd; shared.servSz = sizeof(shared.servAddr); shared.ssl = ssl; shared.handShakeDone = 0; wolfSSL_SetIOWriteCtx(ssl, &shared); wolfSSL_SetIOReadCtx(ssl, &shared); //wolfSSL_dtls_set_peer(ssl, &servAddr, sizeof(servAddr)); /* Set the file descriptor for ssl and connect with ssl variable */ //wolfSSL_set_fd(ssl, sockfd); if (wolfSSL_connect(ssl) != SSL_SUCCESS) { err1 = wolfSSL_get_error(ssl, 0); printf("err = %d, %s\n", err1, wolfSSL_ERR_reason_error_string(err1)); printf("SSL_connect failed"); return 1; } /*****************************************************************************/ /* Code for sending datagram to server */ /* Loop until the user is finished */ while (fgets(sendLine, MAXLINE, stdin) != NULL) { /* Send sendLine to the server */ if ( ( wolfSSL_write(ssl, sendLine, strlen(sendLine))) != strlen(sendLine)) { printf("SSL_write failed"); } /* n is the # of bytes received */ n = wolfSSL_read(ssl, recvLine, sizeof(recvLine)-1); if (n < 0) { readErr = wolfSSL_get_error(ssl, 0); if (readErr != SSL_ERROR_WANT_READ) { printf("wolfSSL_read failed"); } } /* Add a terminating character to the generic server message */ recvLine[n] = '\0'; fputs(recvLine, stdout); } /* End code for sending datagram to server */ /*****************************************************************************/ /* Housekeeping */ wolfSSL_shutdown(ssl); wolfSSL_free(ssl); close(sockfd); wolfSSL_CTX_free(ctx); wolfSSL_Cleanup(); return 0; }