WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #5128 from rizlik/dtls_bidrectional_shutdown 

Support DTLS bidirectional shutdown in the examples
pull/5133/head
John Safranek 2022-05-11 17:00:44 -07:00 committed by GitHub
parent 36575ff480 761ab6b17a
commit 798d81723b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 85 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
examples/client/client.c
View File

@ -4034,18 +4034,23 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
#endif
if (dtlsUDP == 0) { /* don't send alert after "break" command */
ret = wolfSSL_shutdown(ssl);
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
if (tcp_select(sockfd, DEFAULT_TIMEOUT_SEC) == TEST_RECV_READY) {
while (tcp_select(wolfSSL_get_fd(ssl), DEFAULT_TIMEOUT_SEC) ==
TEST_RECV_READY) {
ret = wolfSSL_shutdown(ssl); /* bidirectional shutdown */
if (ret == WOLFSSL_SUCCESS)
if (ret == WOLFSSL_SUCCESS) {
printf("Bidirectional shutdown complete\n");
break;
}
else if (ret != WOLFSSL_SHUTDOWN_NOT_DONE) {
printf("Bidirectional shutdown failed\n");
break;
}
}
if (ret != WOLFSSL_SUCCESS)
printf("Bidirectional shutdown failed\n");
}
}
#if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
if (atomicUser)
FreeAtomicUser(ssl);

49
examples/server/server.c
View File

@ -2908,17 +2908,45 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
if (doDTLS && dtlsUDP) {
byte b[1500];
int n;
int isClientHello = 0;
while (!isClientHello) {
client_len = sizeof client_addr;
/* For DTLS, peek at the next datagram so we can get the client's
* address and set it into the ssl object later to generate the
* cookie. */
/* For DTLS, peek at the next datagram so we can get the
* client's address and set it into the ssl object later to
* generate the cookie. */
n = (int)recvfrom(clientfd, (char*)b, sizeof(b), MSG_PEEK,
(struct sockaddr*)&client_addr, &client_len);
if (n <= 0)
err_sys_ex(runWithErrors, "recvfrom failed");
/* when doing resumption, it may happen that we receive the
alert used to shutdown the first connection as the first
packet of the second accept:
Client | Server
| WolfSSL_Shutdown()
| <- Alert
| recvfrom(peek)
WolfSSL_Shutdown() |
Alert-> |
| wolfSSL_set_dtls_peer()
but this will set the wrong src port, making the test fail.
Discard not-handshake message to avoid this.
*/
if (b[0] != 0x16) {
/* discard the packet */
n = (int)recvfrom(clientfd, (char *)b, sizeof(b), 0,
(struct sockaddr *)&client_addr, &client_len);
}
else {
isClientHello = 1;
}
}
if (doBlockSeq) {
XMEMCPY(&dtlsCtx.peer.sa, &client_addr, client_len);
dtlsCtx.peer.sz = client_len;
@ -3303,9 +3331,20 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
ret = SSL_shutdown(ssl);
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
ret = SSL_shutdown(ssl); /* bidirectional shutdown */
if (ret == WOLFSSL_SUCCESS)
while (tcp_select(wolfSSL_get_fd(ssl), DEFAULT_TIMEOUT_SEC) ==
TEST_RECV_READY) {
ret = wolfSSL_shutdown(ssl); /* bidirectional shutdown */
if (ret == WOLFSSL_SUCCESS) {
printf("Bidirectional shutdown complete\n");
break;
}
else if (ret != WOLFSSL_SHUTDOWN_NOT_DONE) {
printf("Bidirectional shutdown failed\n");
break;
}
}
if (ret != WOLFSSL_SUCCESS)
printf("Bidirectional shutdown failed\n");
}
/* display collected statistics */

14
tests/test-dtls-resume.conf
View File

@ -1061,3 +1061,17 @@
-a
-v 2
-l ADH-AES128-SHA
# server DTLSv1.2 DHE-RSA-CHACHA20-POLY1305 bidirectional shutdown
-u
-r
-v 3
-l DHE-RSA-CHACHA20-POLY1305
-w
# client DTLSv1.2 DHE-RSA-CHACHA20-POLY1305 bidirectional shutdown
-u
-r
-v 3
-l DHE-RSA-CHACHA20-POLY1305
-w

8
tests/test-dtls.conf
View File

@ -907,3 +907,11 @@
-a
-v 2
-l ADH-AES128-SHA
# server with bidirectional shutdown
-l ECDHE-RSA-AES128-SHA256
-w
# client with bidirectional shutdown
-l ECDHE-RSA-AES128-SHA256
-w